Overview
overview
9Static
static
3Wireshark-...64.exe
windows10-2004-x64
9$PLUGINSDI...gs.dll
windows10-2004-x64
3dumpcap.exe
windows10-2004-x64
1dumpcap.html
windows10-2004-x64
1extcap.html
windows10-2004-x64
1generic/qt...in.dll
windows10-2004-x64
1glib-2.0-0.dll
windows10-2004-x64
1gmodule-2.0-0.dll
windows10-2004-x64
1gthread-2.0-0.dll
windows10-2004-x64
1iconengine...on.dll
windows10-2004-x64
1iconv-2.dll
windows10-2004-x64
1imageformats/qgif.dll
windows10-2004-x64
1imageformats/qico.dll
windows10-2004-x64
1imageforma...eg.dll
windows10-2004-x64
1imageformats/qsvg.dll
windows10-2004-x64
1intl-8.dll
windows10-2004-x64
1ipmap.html
windows10-2004-x64
1k5sprt64.dll
windows10-2004-x64
1krb5_64.dll
windows10-2004-x64
1libbcg729.dll
windows10-2004-x64
1libffi-8.dll
windows10-2004-x64
1libgcrypt-20.dll
windows10-2004-x64
1libgmp-10.dll
windows10-2004-x64
1libgnutls-30.dll
windows10-2004-x64
1libgnutls-...27.dll
windows10-2004-x64
1snmp/mibs/...IB.vbs
windows10-2004-x64
1snmp/mibs/...IB.vbs
windows10-2004-x64
1snmp/mibs/...IB.vbs
windows10-2004-x64
1styles/qwi...le.dll
windows10-2004-x64
1tls/qcerto...nd.dll
windows10-2004-x64
1tls/qopens...nd.dll
windows10-2004-x64
1tls/qschan...nd.dll
windows10-2004-x64
1Resubmissions
21-05-2024 15:45
240521-s6292sah6y 9General
-
Target
Wireshark-4.2.5-x64.exe
-
Size
82.5MB
-
Sample
240521-s6292sah6y
-
MD5
2e23b0e7ef14dac31eb825a284fcbad8
-
SHA1
0e3c7b4dcd5c247c8f9726195a4d5a70b99f8b1b
-
SHA256
3d921ee584d0984f694f60a771a6581a6f32a9de995a5cd4bca1931185a4e618
-
SHA512
6242031538a46b6576885228d74b88705f5c3c3afa7ffae4ee218010f0db6d4e4ac0261a2005c3ca27dcf929de963d4693623d402d7239881b4bbdf792e944d6
-
SSDEEP
1572864:uvPlDWPYmmW5ttwcR3fp5LR5wsS9ZZdP6kA1YifYd2rJwzR088LYBDJkV:uvsAmmWjtDR3fTXwd9ZDPxA1bf07K88p
Static task
static1
Behavioral task
behavioral1
Sample
Wireshark-4.2.5-x64.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral2
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral3
Sample
dumpcap.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral4
Sample
dumpcap.html
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
extcap.html
Resource
win10v2004-20240508-en
Behavioral task
behavioral6
Sample
generic/qtuiotouchplugin.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
glib-2.0-0.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral8
Sample
gmodule-2.0-0.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral9
Sample
gthread-2.0-0.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral10
Sample
iconengines/qsvgicon.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral11
Sample
iconv-2.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral12
Sample
imageformats/qgif.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral13
Sample
imageformats/qico.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral14
Sample
imageformats/qjpeg.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral15
Sample
imageformats/qsvg.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral16
Sample
intl-8.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral17
Sample
ipmap.html
Resource
win10v2004-20240508-en
Behavioral task
behavioral18
Sample
k5sprt64.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral19
Sample
krb5_64.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral20
Sample
libbcg729.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral21
Sample
libffi-8.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral22
Sample
libgcrypt-20.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral23
Sample
libgmp-10.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral24
Sample
libgnutls-30.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral25
Sample
libgnutls-openssl-27.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral26
Sample
snmp/mibs/DISMAN-EVENT-MIB.vbs
Resource
win10v2004-20240426-en
Behavioral task
behavioral27
Sample
snmp/mibs/DISMAN-EXPRESSION-MIB.vbs
Resource
win10v2004-20240508-en
Behavioral task
behavioral28
Sample
snmp/mibs/FRAME-RELAY-DTE-MIB.vbs
Resource
win10v2004-20240426-en
Behavioral task
behavioral29
Sample
styles/qwindowsvistastyle.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral30
Sample
tls/qcertonlybackend.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral31
Sample
tls/qopensslbackend.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral32
Sample
tls/qschannelbackend.dll
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
Wireshark-4.2.5-x64.exe
-
Size
82.5MB
-
MD5
2e23b0e7ef14dac31eb825a284fcbad8
-
SHA1
0e3c7b4dcd5c247c8f9726195a4d5a70b99f8b1b
-
SHA256
3d921ee584d0984f694f60a771a6581a6f32a9de995a5cd4bca1931185a4e618
-
SHA512
6242031538a46b6576885228d74b88705f5c3c3afa7ffae4ee218010f0db6d4e4ac0261a2005c3ca27dcf929de963d4693623d402d7239881b4bbdf792e944d6
-
SSDEEP
1572864:uvPlDWPYmmW5ttwcR3fp5LR5wsS9ZZdP6kA1YifYd2rJwzR088LYBDJkV:uvsAmmWjtDR3fTXwd9ZDPxA1bf07K88p
Score9/10-
Checks for common network interception software
Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
-
Drops file in Drivers directory
-
Manipulates Digital Signatures
Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-
-
-
Target
$PLUGINSDIR/nsDialogs.dll
-
Size
9KB
-
MD5
1d8f01a83ddd259bc339902c1d33c8f1
-
SHA1
9f7806af462c94c39e2ec6cc9c7ad05c44eba04e
-
SHA256
4b7d17da290f41ebe244827cc295ce7e580da2f7e9f7cc3efc1abc6898e3c9ed
-
SHA512
28bf647374b4b500a0f3dbced70c2b256f93940e2b39160512e6e486ac31d1d90945acecef578f61b0a501f27c7106b6ffc3deab2ec3bfb3d9af24c9449a1567
-
SSDEEP
96:o4Ev02zUu56FcS817eTaXx85qHFcUcxSgB5PKtAtoniJninnt3DVEB3YsNqkzfFc:o4EvCu5e81785qHFcU0PuAw0uyGIFc
Score3/10 -
-
-
Target
dumpcap.exe
-
Size
513KB
-
MD5
025814d22e9f5c211d5a3f152a6116f1
-
SHA1
e7e18ddc368d3cf4dea5ff0136b71664df6c8feb
-
SHA256
423601a52a1ec782168b9d114fad1969eef2ed8bc67b2777549d001c9e2911f4
-
SHA512
dc5884c3bf2179fa9370c3d85e212ffb192921952f57774ec312bbdbf53d76ec55ccb064a7899ad847ca0bbfa79c9d5a91e089ad4a3a69bd96ee05f680b06b5f
-
SSDEEP
6144:JyKv/o2mmSw+6R7n5C+ibky8PPEMceJAIqHn3AuSFP9P9gh:tv/o2mm2i75BiYy2PExemIqXAjFP9Puh
Score1/10 -
-
-
Target
dumpcap.html
-
Size
28KB
-
MD5
44160f5741a7246c342cb45ca714d43b
-
SHA1
cee079c623e13ea36c31ce2cf6f7124cc1d41960
-
SHA256
6a6e8715a205e372a8fa7deca8e586d87184ab40af8bdcc79424b05e5df87798
-
SHA512
d7e5edbb65dfedd9e985c72318880edc87186060ee257237a763850001a1a7a9bc14a4a512192105e66ecf0734bf0f041b0c4d6e04ac6309e786c7aede044474
-
SSDEEP
384:zcLyTOwDtmYQjDQB0pHgjjeiGrheI2ZMyQIjM+/tIejjSqUT+IN8NbnTB8nU:cySwlQjUQHgjjei4heIemvoesfGnU
Score1/10 -
-
-
Target
extcap.html
-
Size
8KB
-
MD5
f738cde79e96769d2b88f294550235e6
-
SHA1
bf45e4f7efdb779d874ce93c7f22044109186f0a
-
SHA256
6b01f9040e156292ccc5f1466618b24678f076473e0b7be65450711a266d637b
-
SHA512
b27fbe3f6659590ba05a43fadbdcf3a5022d1f47de36d5b628b219682487b0c03c43a681df00319f442a28e9ab861405886b4d662433005142ac7c5b9e04c7ef
-
SSDEEP
192:ZK1pwWZzPlmkFsOndHLk3AHDA2OkghZAp:Zqp5Zjlmmr5kc3p
Score1/10 -
-
-
Target
generic/qtuiotouchplugin.dll
-
Size
92KB
-
MD5
a4793051f363446d022be521372a70e9
-
SHA1
c773f1185d31525dd96b293e65943260487ed1db
-
SHA256
e9eab8d0e6b2ffdbf3d6d5a28877ee441be1c8b55719492977952fdaaaad84a5
-
SHA512
95be490815954811183b45be7024e2b9b72f3d1ba75d61bcf1a6b93f45cfdbe1082149ca9f3b73d981cec090a991ac839f3cd3ac294f978bdfd247a1a2b42bdc
-
SSDEEP
1536:OuIdQo4xs14ruc74oi0KhxwmSIvRkpVHxbAxDUgbk8grxi:loQpru4Ohx3SIvRiHxKD9bk8g8
Score1/10 -
-
-
Target
glib-2.0-0.dll
-
Size
1.2MB
-
MD5
7fcf74105aa50ebc1f924fb078a543dd
-
SHA1
c12690c939eddbbccc530c455882923c94cb4f8a
-
SHA256
d6445fddc3625d9501ab386cf885fb2b38985e5ef81d239738db5ab72d492378
-
SHA512
2131680f0e8235a55408963bf49205cc14b3e9ef4f11fec402051d430c41524de023309aa35dfa439f5d2e5657a7e0182c654ae68b1f015e9d7b712dbdbf79bd
-
SSDEEP
24576:6kBrw3/19gl2oWb0LmdJrASjICaxqLi8krsBViBdJIvA2+fp56MWtvCMHt7q:6krw3/19aXWbNdJrjICaxqLi8krsBViJ
Score1/10 -
-
-
Target
gmodule-2.0-0.dll
-
Size
30KB
-
MD5
f36ffd302cab6f9b13d33810159b3c10
-
SHA1
831fffc249964f32b57f9cda72a8f786e0ee86a5
-
SHA256
938732c2cbf8591df1b073a697a2ad8fae66a64f7ae96b6d8689ce49c576005e
-
SHA512
ae89fd782061c9afc0809d07a7023d0986d9c3549ba796f90f5d9c8936e0c42a3b33dd348ba96519ed051abcc203c7b96e69e3db9d47a157fafbd9471005e113
-
SSDEEP
384:wyejOSqHahJOnbwZi4BYV1U4BZ7bpwKNsgxGwPAM+o/8E9VF0NygT:wtjFqHa7OR4iNL7IgxLAMxkEQ
Score1/10 -
-
-
Target
gthread-2.0-0.dll
-
Size
21KB
-
MD5
dbaa44e5ca2c6547aaf9453fe5c2caa8
-
SHA1
ea50319f2272db29ec8b0ee4c4352c1ba4fe0c93
-
SHA256
e193be90a77f369bb99fc050c40cf91bf29f0c24bedf01ab3cde2f899e7432a5
-
SHA512
9ebca3817c3627f8d81cc6d1e754b27784fd2972d0a54c3328016c516b71fcef5edd9012ab5a09f8de72b62436a95522c26999e2d9fde18550a8aa54fc75d6c0
-
SSDEEP
384:OuJb5G1ojrurpwKNsgxbiV5M3AM+o/8E9VF0NyiED:OupQKq4gxM8AMxkEzD
Score1/10 -
-
-
Target
iconengines/qsvgicon.dll
-
Size
61KB
-
MD5
31e06050cb915d4e89f373b9cfcd86a3
-
SHA1
710d26ef78667fe161d964256d1e97c159a17f62
-
SHA256
61a006b4952b6d45d9b3b64e7114f46d31200a2b44f3b8fac344bf750b023add
-
SHA512
77f2c72ace4e3bc5eaf67cc3f0ba387a982b3e35fe595ae2da0687f79d40149be891d52d4b7278acaae2fd953e344ac31d50c5e6832b9b983f8726dd5480d1c3
-
SSDEEP
1536:+cjQ9xCOoer+KpD3ajbyj6S+IqriFBWKMjP1tjoIbCXMhR5P9guxP:2q4ajbe+Iq245jP1tjoRMhR5P9gE
Score1/10 -
-
-
Target
iconv-2.dll
-
Size
1.0MB
-
MD5
b593c7fe341ff1945599537417b97b5f
-
SHA1
560aaed02dd685835e14f53adac277927477838c
-
SHA256
cc441303536536672fdf1c7cfec2a0f359dc1e8f4360ab646de217a246332607
-
SHA512
0018bfdb13a2f95dea9569d8dc5f6b3d434e625094d65833275bb60149935f2e4e9989f6348f78655568d4ae308b02ec730d60599f966709485505f15f0a176f
-
SSDEEP
24576:3gHftbBAUZLYTfYlaQuwGavkg3NyXHbbTgscK6wV5:ctBAUZLYT2aQuwGaXwEsJn3
Score1/10 -
-
-
Target
imageformats/qgif.dll
-
Size
46KB
-
MD5
b72697752159a6011ca674ce5aa2df21
-
SHA1
4d693b2e59202f1fab060e17b780e7f898e15a78
-
SHA256
2ff94f5fd04accd13b2591cf084c98eda4d9011a995346404f77bc05898df68a
-
SHA512
5c476f34ebc8bcda186a44f374c6897f772ad40c94c6e8c03bb1d495a8ce49be5b584390b87fecd3372b0a06dd07950ec1996a3e49c9bc5d78db4afacd0f9041
-
SSDEEP
768:8b1BgMAbGKdSySwa0r3EDVQPi4bNqZiQzad2pWxCozDc9gxjAMxkEQzw:41tAbSXInPh4zadkWx7vugtxUzw
Score1/10 -
-
-
Target
imageformats/qico.dll
-
Size
45KB
-
MD5
5c18471e3e53cccac8727377db59f078
-
SHA1
c11041d01ed0889592c366916bf79f2105074fef
-
SHA256
b8193c061d9000e5bb837fc7d7dc7bb5a7130b267d43d4cfd8368b0f540dcf21
-
SHA512
fac081d884b837609bd4cea34e5e5a0cf4408223bde448ba68cce4ad19ff1058b3c5adc44b0b91bd74275e7b70c095e46e1e12ba3002eecac3e3b0812c712305
-
SSDEEP
768:ZNh/rHNzM5yECWkF0EuXc19QAo3E3xv2gxOzAMxkEb:zpS5fCVFBuXc19QAoU3xv2g0zxP
Score1/10 -
-
-
Target
imageformats/qjpeg.dll
-
Size
604KB
-
MD5
3b2a60da75276e094de2675a8fb65dc3
-
SHA1
1fb85b68228b98f66239f0323f2b1f24a7d33341
-
SHA256
d4d75b47df8977e9fb496a6985370bdec28315cb863e6ff6aa17541cfe575285
-
SHA512
16400cf304c9372069262d759325cfb5fa61c7b0d3540ec2a037125558c9780c3e4c1b7e9222167579440da5f33cdc24ca40cc55e67371144c1997b0b0aaf3b0
-
SSDEEP
6144:QkY20xwNvMjZM09UGzjdr9N2F6iXSh6eKUm5QSNu3a99XHBHR+29zHn8cCl4RVDI:QINvMtgXMKUvSC2eM8HvTF
Score1/10 -
-
-
Target
imageformats/qsvg.dll
-
Size
38KB
-
MD5
bec25670e65e9a26fc9ca219421a6b58
-
SHA1
49f9ca89b1314c6df43ba3c19f3080681d3d495d
-
SHA256
b5a5552b73517b0c929e1749eb5fcbbe3949cad2ebfbb2428ce4237a45c2573f
-
SHA512
5edca28f656e44db45ae0fda1ac2672ba337bef0f5f4721da939c9d5f2c76e7544d25c603484aeba548da792607dc518081d69019f86520ccc2c85a0c5dd46ed
-
SSDEEP
768:aEz05YLHnGW21B3zSgTkyYwE7Rqgx9J1AMxkEe:wYLHnGW2tSgtYwEdqgtNxa
Score1/10 -
-
-
Target
intl-8.dll
-
Size
95KB
-
MD5
eb843a190275a4bb9b6a54af62cacc0d
-
SHA1
14babbfb806c963a3a90603944b7f3c9b3674c5a
-
SHA256
3ca3e67168e088bd6ee6a43bea26ec8b07a23759ced66542005ac909e3403e52
-
SHA512
02227139e0af9d5eaf568068547432e34890449251ec743e21880bf952033a2853e513f66150eaf4bf8a9fed327d012f3bbc7442e24b881b7554c21154599064
-
SSDEEP
1536:vPMqq7gvpDhtteBo1we7kCcLYVM1KIwSqNUMhEMb4004k+f/QZcFQiPESvhxNy/w:XMeDsh8VMcIwSUEMb4004NfYZ6ESvhxX
Score1/10 -
-
-
Target
ipmap.html
-
Size
13KB
-
MD5
0b42ca55f66492db4643cb115e7621d6
-
SHA1
5c05d5d3917316f8fb8b2f469675b7c53725dc87
-
SHA256
dc731f8df1b2f9df4a49fade0ec096e575c709aca79a87df3ce10572dc5db784
-
SHA512
8b6604a407957cedbd9b83d780b3495433d16d2a0c51e17bd1b3d1c91f73d2e4d4c3749889d245a6b507ba51c97ecc4bc6650413fa1da0e1197a2cb03c695b12
-
SSDEEP
384:Dv3AEPgci3CPKZhkKgF6HSdqqwc01Uw2EpxvDgw:DmPZhjgF6nF0w
Score1/10 -
-
-
Target
k5sprt64.dll
-
Size
73KB
-
MD5
0831183e45988e8d21c33bb9830c0540
-
SHA1
c3862573f7b38c7c81d2ba40caf659fcc831cebd
-
SHA256
83b1267c99b5b87949ade0eb1a5834791bfac6bded43936f61f0ec8fd84c0a90
-
SHA512
6bada32edbbc551687b2a9a919e361d78235d25f66ffaac9dc01684bdd9639984dba7b6864aa8f3216a6ea5ac8cc85a8f540b22f8a57ce6ac604d87d21cad41b
-
SSDEEP
1536:0ZpvaQbYrTYDsKiKFn/CNBHBFb4B+J6zVgHGxdqE:2pGrTYQBBbjJ6zVgH2N
Score1/10 -
-
-
Target
krb5_64.dll
-
Size
1.2MB
-
MD5
aa6e212e1391d1abbeffa1e9faefb4d5
-
SHA1
e3ff656387c5194c593f7c682bbeb88200298867
-
SHA256
a9ae1ed66c645ea514c19490fe5e9cfd11d7b79eb1ab6d12abb7307e3d16e153
-
SHA512
7c49de7b16aba82a737910d211ca28465ca246ff15f6a533bdbf8058e68d5b96d4fb7db6c2c288c79d2a628183e3241576282ed6a2a5d4440cb2621465ec680c
-
SSDEEP
12288:SqUC2f+2Z99Dc5MBj4nCJaQhlRxW1rhNESUqSoak3TtoPArLE34:xUtf+2D9vBcnCJaQhlorhN9UBo0YLy4
Score1/10 -
-
-
Target
libbcg729.dll
-
Size
100KB
-
MD5
d6466cdbf543031a6dd2dee4dd0cf796
-
SHA1
281f6f58c06ebdc0b266fa1ac35f1366494012db
-
SHA256
2ed3dfbb95695c354850417089fdb30f957dc17169fee47afe75b8d71db72931
-
SHA512
ffeafd93c122d399721792ef8adf24d5c65eb1892ed0eb312d07b8cb5894379d54305bb096078361d3d8b55084bd6cf42454719e0936758305f09b40c2ecbc6b
-
SSDEEP
3072:prhCjTYJWlSNE+WHNYfnnkpETJXkGbWVe5Ehnvvvvvvvvvvvvvvvvvvvvvvvvvv1:pdC/YsKEAXkGbcL0gL
Score1/10 -
-
-
Target
libffi-8.dll
-
Size
51KB
-
MD5
f339e567c4e1be13a00fc100c7bab5fe
-
SHA1
81513496af82ca10436e67bda6c74d260c25d8af
-
SHA256
8408550a5669cb7d101325f86a85fc601166a484047d7b38c146d165be81ebe3
-
SHA512
0308195d8ae96329d3e54ed6efca8409c4bf862c3cff51044c30f1f6314cc4ebd2f6e151729d247abab71a61b82a6fe42c710b8b3e79ff0db2476bdff95b3b8c
-
SSDEEP
768:saZFoOZVoc+zg7A1ro1CIoxQG1wH9AFHtqBUoITjhz2KpgxJQ+AMxkE8:xZFokicKgE101aQpZCoITjN2KpgbpxQ
Score1/10 -
-
-
Target
libgcrypt-20.dll
-
Size
1.3MB
-
MD5
d7e5e8e50f35efcb5f4e2d99eb6aa903
-
SHA1
847b3da72e27ebe6717071e03dd9f15ab1e712b1
-
SHA256
67a0f4ffa826763e4e80a345ae40543ec24ab043b1edac31d177f5ad633ef020
-
SHA512
871de93bb81e51019abafb508c97bf821d9fe3bfe89305b039abdc7841830b6d1f2f2efa02042ae524a0309f31de6524a88d7dce4e2441d5d718c983d807eb3f
-
SSDEEP
24576:wSr7GiADcjimMy1N0LgQS41PkXoD2ZKtPSdN85/QnjG:wm7GAumMeN0LgkPkXoDpP5/QnS
Score1/10 -
-
-
Target
libgmp-10.dll
-
Size
718KB
-
MD5
94feae5d9ea9605391340d122bb2e4a2
-
SHA1
9c2112699197a251747b5ed4b1e391a06f3beac6
-
SHA256
0902bd1b61e93b9f45c257c56ccf2169d5d4421c2c2b7c832275e68d28ab5187
-
SHA512
0433dbcbefd6a5b0f1f866366869d303ed772df1deeb47fd6d7cd418f2fa33491dfa02c4820b645af9a836ba2f0e6d8c609d02a043a20584914966357b3de695
-
SSDEEP
12288:1YgTb0BRt+WDLEQzKEoTRH22VvC83tE7Oj5wJ++8hrZHG7Op9:SAwBfEQNoc2Bl3tE7OtwJ++8hrZHG7OX
Score1/10 -
-
-
Target
libgnutls-30.dll
-
Size
3.4MB
-
MD5
e4161050b505dcdeec71fd73b70638d9
-
SHA1
32e3b513e6d8a6ff05aa1d1ee83f03294394a0f7
-
SHA256
ad8b1489d4fe1fef0db4b6d348252d71b08a8b1c652c2a8ae82ab1856c44f6e9
-
SHA512
53176d781d77d4fcc55d48a8961f75925922c94062afeb81eac8716f8086801217197cb9606fed9d94dd19c12e08b8c1ad4b252c70b770847976431e274ca0ff
-
SSDEEP
49152:aAMW5L1N+3YXy1etkKTmb4f7Ifj9oNtmX47GtlqSYXeK0pAc2XAxONXtVKPRajwU:tmZiXeLOnV1jwJCCKm+
Score1/10 -
-
-
Target
libgnutls-openssl-27.dll
-
Size
323KB
-
MD5
133280fe6cccaf182332686cbe8da167
-
SHA1
a41131dd38ae4060478bfee5d025485bd87ba077
-
SHA256
ef8a0c607e3e892050cb720d4e6b0de9bf0a3524757aecc3dfb2125d40fe3750
-
SHA512
b5f6ea7edd26a86871811e2afeb15afde9b1cbfccd4ce5a6a6de7382c50db42af18ba4fdcf0929ce994630497720589715a60d5605501c6ff383aaeeff355b74
-
SSDEEP
6144:uPNCai7cC0SsxaBDDHV17rsgu/Ptcd1DmMzWfg3B:uPJiDdAGH19Nu/WdRmMzVx
Score1/10 -
-
-
Target
snmp/mibs/DISMAN-EVENT-MIB
-
Size
66KB
-
MD5
6c7bf2eb8aef70b616ed89424e908e6f
-
SHA1
a50ed173ee70103641a804b160a3f8da2d50e0e4
-
SHA256
095bf95ad1000b3e97f2eb605f980c58ef1c9881e8be01047ade616b09073365
-
SHA512
efc75599aca2a12473c2a948627cc51b48eb8e55c5595528b1fd4b19e02042f6c6a82ae5c3b8adfc881d268291b9991890d8cf1007e15ed935a019612573e6d4
-
SSDEEP
768:U+nF3As7M/xAoiZovDouCwcmTtojoBUuo4TUy:UEVA/nD3o4TUy
Score1/10 -
-
-
Target
snmp/mibs/DISMAN-EXPRESSION-MIB
-
Size
41KB
-
MD5
362689166c52ae7fcea208ab537dc442
-
SHA1
84f0489a6ce458e87c7477ce1ed56b74405a0d76
-
SHA256
4c379e2b6acec5f523aa70c1c7b5a8d6cc5688daff06d7385f34357bcc96d751
-
SHA512
1ff08451b45e0cd5943bae4fae5b6601fbc0cb346c0c6f11411096a5d511b5af317605cdd0baee9816af23f1ed7b5c4fbdc06c98c096ade4ba4b8405ab2297e2
-
SSDEEP
768:IUji4lYvGXAprQOgBZD9hH4GuPqeKReUZFWHpRK+FMba12j6Pr:IL4wGXAiOgBZDz5heKhZopRK+eba12j4
Score1/10 -
-
-
Target
snmp/mibs/FRAME-RELAY-DTE-MIB
-
Size
32KB
-
MD5
7aa196b72b4161c6ff37dfa752e089aa
-
SHA1
b0a1125d499c5070a4980e527adfce76da6dc169
-
SHA256
7df9f822131b2bce72072e62b47d99a69fd7f844be295e49882e7247012fb9e4
-
SHA512
c91799625e42eec9cf86814ce5901ce33b6ffc7e5c2f6671c81b4446484d4170f076706901fe9bef23d0dcd70c4261312f19a52d2c1f314b94ff7cb4d815b902
-
SSDEEP
384:T8zrqLq3HFK+JCgvZw1xttp/ZwfF9fiU9qjlluf:TEkIKOCAw1xbKvlcjKf
Score1/10 -
-
-
Target
styles/qwindowsvistastyle.dll
-
Size
138KB
-
MD5
c963a92958bae755dfff9e5626b7a2b4
-
SHA1
2a1ce9c4380050a76b37fe4137754e6c7df5a700
-
SHA256
24d193a1770faf3ec5616c517c2fb00dfffb344792fb25c8e4b371c1a1385c83
-
SHA512
3de2584b971ce4a3d542df881c1c2d6306fdfd441740355df189e6559d06376e6d98670032a035c08346cd7c4166d803f3264ca97e2ebc1633e8b9670fd9670b
-
SSDEEP
3072:EcKd1HYMSZAcTrvt4www2OmPBxshbge20NMyKsbyrUmVst7sVXg0SU:EcKdGCcTJpXhf20NVKsOrUmVstkgG
Score1/10 -
-
-
Target
tls/qcertonlybackend.dll
-
Size
95KB
-
MD5
d734ce348860377c97fff304ff4e138b
-
SHA1
5984adbba6a33d28cd80965bd3fedc61e8558b26
-
SHA256
fdceb1feb4e7b1f84649b051afe9a4d2d6c1f56b1968cf540e70aa3fe582ec9b
-
SHA512
69a2951ea565bb3ac685e7de943ea07574e7db0024027983a148b2cd94f606e50fcda27629b1c9c388f16952c0ce295b6682dc6bb255ca238447e1c279fa1708
-
SSDEEP
1536:YlXjWRvE58Cy2DoYLaCu1V266s+MwWXFnvXx08rT9hI/TUjgMQLx6c:YtC25v6bKM5FnvSIhI/TUjgzYc
Score1/10 -
-
-
Target
tls/qopensslbackend.dll
-
Size
297KB
-
MD5
80cfb22935ae0cd53caf84aaede6a84e
-
SHA1
ea7fd138fafa57f9948d3058126158e07f3fd1ad
-
SHA256
ab82ccde75c88fa52744dabf9f96f23571eabb7bb6bb64fe7b073ea9393e47a7
-
SHA512
94681c47ca2f106a619df385a9bd317e476aeabc8b55e76cf42f70a4271de72120ab176a43c260f53dc5a523340e70e8364e2fa8f61c831d12c4afa0504e90be
-
SSDEEP
3072:6uhWIJop9PbsCpoBfdWvtYt/DbxqMRMLqDZMVT8PX5bu5hJrze6N8UU28Ik+cDEA:NObsdcvk/fxqSgqOo5KZr66xT8Iu4Gg+
Score1/10 -
-
-
Target
tls/qschannelbackend.dll
-
Size
212KB
-
MD5
ae4c9bd2429e8b40632361aafe63ba64
-
SHA1
c665b1d2e4bbf1b8f862819565f9640055775a8f
-
SHA256
4648571fa6174e3d6ec7f2003b69055b728cbd0288597e37abbae8c81e10c549
-
SHA512
5eb0d34e456ad108f3f79087e0ef1b1d723d1bd7617db3025ecca8e370b26daf3359db1878cb58e415790a5f21cb2cb1a26091e63f33fb0ce555a09389de55fd
-
SSDEEP
3072:MzULkZWS3lsIY4TuAYS8npM3TnHSdSmtebGPc39rpri0hZ1NL8sZDJxfKTga:MYapIZM3TnHAmHrdNZDJxmga
Score1/10 -
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Modify Registry
1Subvert Trust Controls
1SIP and Trust Provider Hijacking
1