Overview

overview

3

Static

static

3

TRISIS-TRI...bdb.py

windows7-x64

3

TRISIS-TRI...bdb.py

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    CCPLSecSuite_2024-06-12_09_58_23.987.zip

  • Size

    2.3MB

  • MD5

    28885d69229472d203dc95cfb4c42a34

  • SHA1

    1aab84e1fee6c757a9953c7774c0eb7c0b7bfca3

  • SHA256

    e86236f778227f92908607fc762f984f3c40fdad3114f21c8ae26de9777f3255

  • SHA512

    5247d96ae48a723904e76cecae356d5193aa5110f24533da358edcdbff82531e0c4e2bfef707c8b209036b723138151cc1e92e90aa1cbf7a90757064817db6f9

  • SSDEEP

    49152:3IJKh29tz/Ga8Mq39It60wCmLqvcjI/M0BB9mL2DE+gkBQsrxzHeSY:SG2PGaZq32t6OmGvcM/PxmL2r7BBxjeL

Score
3/10

Malware Config

Signatures

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • CCPLSecSuite_2024-06-12_09_58_23.987.zip
    .zip

    Password: Infected85

  • manifest.json
  • var/www/MISP/app/files/1646/201740
    .gz

    Password: Infected85

  • 201740
    .tar

    Password: Infected85

  • TRISIS-TRITON-HATMAN/.git/HEAD
  • TRISIS-TRITON-HATMAN/.git/config
  • TRISIS-TRITON-HATMAN/.git/description
  • TRISIS-TRITON-HATMAN/.git/hooks/applypatch-msg.sample
    .sh linux
  • TRISIS-TRITON-HATMAN/.git/hooks/commit-msg.sample
    .sh linux
  • TRISIS-TRITON-HATMAN/.git/hooks/post-update.sample
    .sh linux
  • TRISIS-TRITON-HATMAN/.git/hooks/pre-applypatch.sample
    .sh linux
  • TRISIS-TRITON-HATMAN/.git/hooks/pre-commit.sample
    .sh linux
  • TRISIS-TRITON-HATMAN/.git/hooks/pre-push.sample
    .sh linux
  • TRISIS-TRITON-HATMAN/.git/hooks/pre-rebase.sample
    .sh linux
  • TRISIS-TRITON-HATMAN/.git/hooks/pre-receive.sample
    .sh linux
  • TRISIS-TRITON-HATMAN/.git/hooks/prepare-commit-msg.sample
    .sh linux
  • TRISIS-TRITON-HATMAN/.git/hooks/update.sample
    .sh linux
  • TRISIS-TRITON-HATMAN/.git/index
  • TRISIS-TRITON-HATMAN/.git/info/exclude
  • TRISIS-TRITON-HATMAN/.git/logs/HEAD
  • TRISIS-TRITON-HATMAN/.git/logs/refs/heads/master
  • TRISIS-TRITON-HATMAN/.git/logs/refs/remotes/origin/HEAD
  • TRISIS-TRITON-HATMAN/.git/objects/pack/pack-d8fa9d2ba00d87f4d6a235cfc5496ada552e5776.idx
  • TRISIS-TRITON-HATMAN/.git/objects/pack/pack-d8fa9d2ba00d87f4d6a235cfc5496ada552e5776.pack
  • TRISIS-TRITON-HATMAN/.git/packed-refs
  • TRISIS-TRITON-HATMAN/.git/refs/heads/master
  • TRISIS-TRITON-HATMAN/.git/refs/remotes/origin/HEAD
  • TRISIS-TRITON-HATMAN/README.md
  • TRISIS-TRITON-HATMAN/decompiled_code/library/StringIO.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/TS_cnames.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/TsBase.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/TsHi.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/TsLow.py
    .py .js
  • TRISIS-TRITON-HATMAN/decompiled_code/library/UserDict.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/__future__.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/_abcoll.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/_hashlib.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/_socket.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/_ssl.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/_strptime.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/_threading_local.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/_weakrefset.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/abc.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/atexit.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/base64.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/bdb.py
    .py .js
  • TRISIS-TRITON-HATMAN/decompiled_code/library/bz2.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/calendar.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/cmd.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/codecs.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/collections.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/contextlib.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/copy.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/copy_reg.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/crc.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/difflib.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/dis.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/doctest.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/dummy_thread.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/__init__.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/aliases.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/ascii.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/base64_codec.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/big5.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/big5hkscs.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/bz2_codec.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/charmap.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/cp037.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/cp1006.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/cp1026.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/cp1140.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/cp1250.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/cp1251.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/cp1252.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/cp1253.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/cp1254.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/cp1255.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/cp1256.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/cp1257.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/cp1258.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/cp424.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/cp437.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/cp500.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/cp720.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/cp737.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/cp775.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/cp850.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/cp852.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/cp855.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/cp856.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/cp857.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/cp858.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/cp860.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/cp861.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/cp862.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/cp863.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/cp864.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/cp865.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/cp866.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/cp869.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/cp874.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/cp875.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/cp932.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/cp949.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/cp950.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/euc_jis_2004.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/euc_jisx0213.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/euc_jp.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/euc_kr.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/gb18030.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/gb2312.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/gbk.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/hex_codec.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/hp_roman8.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/hz.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/idna.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/iso2022_jp.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/iso2022_jp_1.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/iso2022_jp_2.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/iso2022_jp_2004.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/iso2022_jp_3.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/iso2022_jp_ext.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/iso2022_kr.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/iso8859_1.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/iso8859_10.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/iso8859_11.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/iso8859_13.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/iso8859_14.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/iso8859_15.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/iso8859_16.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/iso8859_2.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/iso8859_3.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/iso8859_4.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/iso8859_5.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/iso8859_6.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/iso8859_7.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/iso8859_8.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/iso8859_9.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/johab.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/koi8_r.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/koi8_u.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/latin_1.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/mac_arabic.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/mac_centeuro.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/mac_croatian.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/mac_cyrillic.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/mac_farsi.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/mac_greek.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/mac_iceland.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/mac_latin2.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/mac_roman.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/mac_romanian.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/mac_turkish.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/mbcs.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/palmos.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/ptcp154.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/punycode.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/quopri_codec.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/raw_unicode_escape.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/rot_13.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/shift_jis.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/shift_jis_2004.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/shift_jisx0213.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/string_escape.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/tis_620.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/undefined.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/unicode_escape.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/unicode_internal.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/utf_16.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/utf_16_be.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/utf_16_le.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/utf_32.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/utf_32_be.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/utf_32_le.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/utf_7.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/utf_8.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/utf_8_sig.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/uu_codec.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/encodings/zlib_codec.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/fnmatch.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/functools.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/genericpath.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/getopt.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/gettext.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/hashlib.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/heapq.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/inspect.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/io.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/keyword.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/linecache.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/locale.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/logging/__init__.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/ntpath.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/opcode.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/optparse.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/os.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/os2emxpath.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/pdb.py
    .py .js
  • TRISIS-TRITON-HATMAN/decompiled_code/library/pickle.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/posixpath.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/pprint.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/quopri.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/random.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/re.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/repr.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/select.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/sh.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/shlex.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/socket.py
    .py .js
  • TRISIS-TRITON-HATMAN/decompiled_code/library/sre.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/sre_compile.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/sre_constants.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/sre_parse.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/ssl.py
    .py .js
  • TRISIS-TRITON-HATMAN/decompiled_code/library/stat.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/string.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/stringprep.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/struct.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/subprocess.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/tempfile.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/textwrap.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/threading.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/token.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/tokenize.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/traceback.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/types.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/unicodedata.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/unittest/__init__.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/unittest/case.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/unittest/loader.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/unittest/main.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/unittest/result.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/unittest/runner.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/unittest/signals.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/unittest/suite.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/unittest/util.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/warnings.py
  • TRISIS-TRITON-HATMAN/decompiled_code/library/weakref.py
  • TRISIS-TRITON-HATMAN/decompiled_code/script_test.py
  • TRISIS-TRITON-HATMAN/original_samples/README.md
  • TRISIS-TRITON-HATMAN/original_samples/all.7z
    .7z

    Password: infected

  • imain.bin
  • library.zip
    .zip

    Password: Infected85

  • StringIO.pyc
  • TS_cnames.pyc
  • TsBase.pyc
  • TsHi.pyc
  • TsLow.pyc
  • UserDict.pyc
  • __future__.pyc
  • _abcoll.pyc
  • _hashlib.pyc
  • _socket.pyc
  • _ssl.pyc
  • _strptime.pyc
  • _threading_local.pyc
  • _weakrefset.pyc
  • abc.pyc
  • atexit.pyc
  • base64.pyc
  • bdb.pyc
  • bz2.pyc
  • calendar.pyc
  • cmd.pyc
  • codecs.pyc
  • collections.pyc
  • contextlib.pyc
  • copy.pyc
  • copy_reg.pyc
  • crc.pyc
  • difflib.pyc
  • dis.pyc
  • doctest.pyc
  • dummy_thread.pyc
  • encodings/__init__.pyc
  • encodings/aliases.pyc
  • encodings/ascii.pyc
  • encodings/base64_codec.pyc
  • encodings/big5.pyc
  • encodings/big5hkscs.pyc
  • encodings/bz2_codec.pyc
  • encodings/charmap.pyc
  • encodings/cp037.pyc
  • encodings/cp1006.pyc
  • encodings/cp1026.pyc
  • encodings/cp1140.pyc
  • encodings/cp1250.pyc
  • encodings/cp1251.pyc
  • encodings/cp1252.pyc
  • encodings/cp1253.pyc
  • encodings/cp1254.pyc
  • encodings/cp1255.pyc
  • encodings/cp1256.pyc
  • encodings/cp1257.pyc
  • encodings/cp1258.pyc
  • encodings/cp424.pyc
  • encodings/cp437.pyc
  • encodings/cp500.pyc
  • encodings/cp720.pyc
  • encodings/cp737.pyc
  • encodings/cp775.pyc
  • encodings/cp850.pyc
  • encodings/cp852.pyc
  • encodings/cp855.pyc
  • encodings/cp856.pyc
  • encodings/cp857.pyc
  • encodings/cp858.pyc
  • encodings/cp860.pyc
  • encodings/cp861.pyc
  • encodings/cp862.pyc
  • encodings/cp863.pyc
  • encodings/cp864.pyc
  • encodings/cp865.pyc
  • encodings/cp866.pyc
  • encodings/cp869.pyc
  • encodings/cp874.pyc
  • encodings/cp875.pyc
  • encodings/cp932.pyc
  • encodings/cp949.pyc
  • encodings/cp950.pyc
  • encodings/euc_jis_2004.pyc
  • encodings/euc_jisx0213.pyc
  • encodings/euc_jp.pyc
  • encodings/euc_kr.pyc
  • encodings/gb18030.pyc
  • encodings/gb2312.pyc
  • encodings/gbk.pyc
  • encodings/hex_codec.pyc
  • encodings/hp_roman8.pyc
  • encodings/hz.pyc
  • encodings/idna.pyc
  • encodings/iso2022_jp.pyc
  • encodings/iso2022_jp_1.pyc
  • encodings/iso2022_jp_2.pyc
  • encodings/iso2022_jp_2004.pyc
  • encodings/iso2022_jp_3.pyc
  • encodings/iso2022_jp_ext.pyc
  • encodings/iso2022_kr.pyc
  • encodings/iso8859_1.pyc
  • encodings/iso8859_10.pyc
  • encodings/iso8859_11.pyc
  • encodings/iso8859_13.pyc
  • encodings/iso8859_14.pyc
  • encodings/iso8859_15.pyc
  • encodings/iso8859_16.pyc
  • encodings/iso8859_2.pyc
  • encodings/iso8859_3.pyc
  • encodings/iso8859_4.pyc
  • encodings/iso8859_5.pyc
  • encodings/iso8859_6.pyc
  • encodings/iso8859_7.pyc
  • encodings/iso8859_8.pyc
  • encodings/iso8859_9.pyc
  • encodings/johab.pyc
  • encodings/koi8_r.pyc
  • encodings/koi8_u.pyc
  • encodings/latin_1.pyc
  • encodings/mac_arabic.pyc
  • encodings/mac_centeuro.pyc
  • encodings/mac_croatian.pyc
  • encodings/mac_cyrillic.pyc
  • encodings/mac_farsi.pyc
  • encodings/mac_greek.pyc
  • encodings/mac_iceland.pyc
  • encodings/mac_latin2.pyc
  • encodings/mac_roman.pyc
  • encodings/mac_romanian.pyc
  • encodings/mac_turkish.pyc
  • encodings/mbcs.pyc
  • encodings/palmos.pyc
  • encodings/ptcp154.pyc
  • encodings/punycode.pyc
  • encodings/quopri_codec.pyc
  • encodings/raw_unicode_escape.pyc
  • encodings/rot_13.pyc
  • encodings/shift_jis.pyc
  • encodings/shift_jis_2004.pyc
  • encodings/shift_jisx0213.pyc
  • encodings/string_escape.pyc
  • encodings/tis_620.pyc
  • encodings/undefined.pyc
  • encodings/unicode_escape.pyc
  • encodings/unicode_internal.pyc
  • encodings/utf_16.pyc
  • encodings/utf_16_be.pyc
  • encodings/utf_16_le.pyc
  • encodings/utf_32.pyc
  • encodings/utf_32_be.pyc
  • encodings/utf_32_le.pyc
  • encodings/utf_7.pyc
  • encodings/utf_8.pyc
  • encodings/utf_8_sig.pyc
  • encodings/uu_codec.pyc
  • encodings/zlib_codec.pyc
  • fnmatch.pyc
  • functools.pyc
  • genericpath.pyc
  • getopt.pyc
  • gettext.pyc
  • hashlib.pyc
  • heapq.pyc
  • inspect.pyc
  • io.pyc
  • keyword.pyc
  • linecache.pyc
  • locale.pyc
  • logging/__init__.pyc
  • ntpath.pyc
  • opcode.pyc
  • optparse.pyc
  • os.pyc
  • os2emxpath.pyc
  • pdb.pyc
  • pickle.pyc
  • posixpath.pyc
  • pprint.pyc
  • quopri.pyc
  • random.pyc
  • re.pyc
  • repr.pyc
  • select.pyc
  • sh.pyc
  • shlex.pyc
  • socket.pyc
  • sre.pyc
  • sre_compile.pyc
  • sre_constants.pyc
  • sre_parse.pyc
  • ssl.pyc
  • stat.pyc
  • string.pyc
  • stringprep.pyc
  • struct.pyc
  • subprocess.pyc
  • tempfile.pyc
  • textwrap.pyc
  • threading.pyc
  • token.pyc
  • tokenize.pyc
  • traceback.pyc
  • types.pyc
  • unicodedata.pyc
  • unittest/__init__.pyc
  • unittest/case.pyc
  • unittest/loader.pyc
  • unittest/main.pyc
  • unittest/result.pyc
  • unittest/runner.pyc
  • unittest/signals.pyc
  • unittest/suite.pyc
  • unittest/util.pyc
  • warnings.pyc
  • weakref.pyc
  • trilog.exe
    .exe windows:5 windows x86 arch:x86

    Password: Infected85

    b28c641d753fb51b62a00fe6115070ae


    Headers

    Imports

    Sections

  • TRISIS-TRITON-HATMAN/original_samples/imain.7z
    .7z

    Password: infected

  • imain.bin
  • TRISIS-TRITON-HATMAN/original_samples/library.7z
    .7z

    Password: infected

  • library.zip
    .zip

    Password: Infected85

  • StringIO.pyc
  • TS_cnames.pyc
  • TsBase.pyc
  • TsHi.pyc
  • TsLow.pyc
  • UserDict.pyc
  • __future__.pyc
  • _abcoll.pyc
  • _hashlib.pyc
  • _socket.pyc
  • _ssl.pyc
  • _strptime.pyc
  • _threading_local.pyc
  • _weakrefset.pyc
  • abc.pyc
  • atexit.pyc
  • base64.pyc
  • bdb.pyc
  • bz2.pyc
  • calendar.pyc
  • cmd.pyc
  • codecs.pyc
  • collections.pyc
  • contextlib.pyc
  • copy.pyc
  • copy_reg.pyc
  • crc.pyc
  • difflib.pyc
  • dis.pyc
  • doctest.pyc
  • dummy_thread.pyc
  • encodings/__init__.pyc
  • encodings/aliases.pyc
  • encodings/ascii.pyc
  • encodings/base64_codec.pyc
  • encodings/big5.pyc
  • encodings/big5hkscs.pyc
  • encodings/bz2_codec.pyc
  • encodings/charmap.pyc
  • encodings/cp037.pyc
  • encodings/cp1006.pyc
  • encodings/cp1026.pyc
  • encodings/cp1140.pyc
  • encodings/cp1250.pyc
  • encodings/cp1251.pyc
  • encodings/cp1252.pyc
  • encodings/cp1253.pyc
  • encodings/cp1254.pyc
  • encodings/cp1255.pyc
  • encodings/cp1256.pyc
  • encodings/cp1257.pyc
  • encodings/cp1258.pyc
  • encodings/cp424.pyc
  • encodings/cp437.pyc
  • encodings/cp500.pyc
  • encodings/cp720.pyc
  • encodings/cp737.pyc
  • encodings/cp775.pyc
  • encodings/cp850.pyc
  • encodings/cp852.pyc
  • encodings/cp855.pyc
  • encodings/cp856.pyc
  • encodings/cp857.pyc
  • encodings/cp858.pyc
  • encodings/cp860.pyc
  • encodings/cp861.pyc
  • encodings/cp862.pyc
  • encodings/cp863.pyc
  • encodings/cp864.pyc
  • encodings/cp865.pyc
  • encodings/cp866.pyc
  • encodings/cp869.pyc
  • encodings/cp874.pyc
  • encodings/cp875.pyc
  • encodings/cp932.pyc
  • encodings/cp949.pyc
  • encodings/cp950.pyc
  • encodings/euc_jis_2004.pyc
  • encodings/euc_jisx0213.pyc
  • encodings/euc_jp.pyc
  • encodings/euc_kr.pyc
  • encodings/gb18030.pyc
  • encodings/gb2312.pyc
  • encodings/gbk.pyc
  • encodings/hex_codec.pyc
  • encodings/hp_roman8.pyc
  • encodings/hz.pyc
  • encodings/idna.pyc
  • encodings/iso2022_jp.pyc
  • encodings/iso2022_jp_1.pyc
  • encodings/iso2022_jp_2.pyc
  • encodings/iso2022_jp_2004.pyc
  • encodings/iso2022_jp_3.pyc
  • encodings/iso2022_jp_ext.pyc
  • encodings/iso2022_kr.pyc
  • encodings/iso8859_1.pyc
  • encodings/iso8859_10.pyc
  • encodings/iso8859_11.pyc
  • encodings/iso8859_13.pyc
  • encodings/iso8859_14.pyc
  • encodings/iso8859_15.pyc
  • encodings/iso8859_16.pyc
  • encodings/iso8859_2.pyc
  • encodings/iso8859_3.pyc
  • encodings/iso8859_4.pyc
  • encodings/iso8859_5.pyc
  • encodings/iso8859_6.pyc
  • encodings/iso8859_7.pyc
  • encodings/iso8859_8.pyc
  • encodings/iso8859_9.pyc
  • encodings/johab.pyc
  • encodings/koi8_r.pyc
  • encodings/koi8_u.pyc
  • encodings/latin_1.pyc
  • encodings/mac_arabic.pyc
  • encodings/mac_centeuro.pyc
  • encodings/mac_croatian.pyc
  • encodings/mac_cyrillic.pyc
  • encodings/mac_farsi.pyc
  • encodings/mac_greek.pyc
  • encodings/mac_iceland.pyc
  • encodings/mac_latin2.pyc
  • encodings/mac_roman.pyc
  • encodings/mac_romanian.pyc
  • encodings/mac_turkish.pyc
  • encodings/mbcs.pyc
  • encodings/palmos.pyc
  • encodings/ptcp154.pyc
  • encodings/punycode.pyc
  • encodings/quopri_codec.pyc
  • encodings/raw_unicode_escape.pyc
  • encodings/rot_13.pyc
  • encodings/shift_jis.pyc
  • encodings/shift_jis_2004.pyc
  • encodings/shift_jisx0213.pyc
  • encodings/string_escape.pyc
  • encodings/tis_620.pyc
  • encodings/undefined.pyc
  • encodings/unicode_escape.pyc
  • encodings/unicode_internal.pyc
  • encodings/utf_16.pyc
  • encodings/utf_16_be.pyc
  • encodings/utf_16_le.pyc
  • encodings/utf_32.pyc
  • encodings/utf_32_be.pyc
  • encodings/utf_32_le.pyc
  • encodings/utf_7.pyc
  • encodings/utf_8.pyc
  • encodings/utf_8_sig.pyc
  • encodings/uu_codec.pyc
  • encodings/zlib_codec.pyc
  • fnmatch.pyc
  • functools.pyc
  • genericpath.pyc
  • getopt.pyc
  • gettext.pyc
  • hashlib.pyc
  • heapq.pyc
  • inspect.pyc
  • io.pyc
  • keyword.pyc
  • linecache.pyc
  • locale.pyc
  • logging/__init__.pyc
  • ntpath.pyc
  • opcode.pyc
  • optparse.pyc
  • os.pyc
  • os2emxpath.pyc
  • pdb.pyc
  • pickle.pyc
  • posixpath.pyc
  • pprint.pyc
  • quopri.pyc
  • random.pyc
  • re.pyc
  • repr.pyc
  • select.pyc
  • sh.pyc
  • shlex.pyc
  • socket.pyc
  • sre.pyc
  • sre_compile.pyc
  • sre_constants.pyc
  • sre_parse.pyc
  • ssl.pyc
  • stat.pyc
  • string.pyc
  • stringprep.pyc
  • struct.pyc
  • subprocess.pyc
  • tempfile.pyc
  • textwrap.pyc
  • threading.pyc
  • token.pyc
  • tokenize.pyc
  • traceback.pyc
  • types.pyc
  • unicodedata.pyc
  • unittest/__init__.pyc
  • unittest/case.pyc
  • unittest/loader.pyc
  • unittest/main.pyc
  • unittest/result.pyc
  • unittest/runner.pyc
  • unittest/signals.pyc
  • unittest/suite.pyc
  • unittest/util.pyc
  • warnings.pyc
  • weakref.pyc
  • TRISIS-TRITON-HATMAN/original_samples/trilog.7z
    .7z
  • TRISIS-TRITON-HATMAN/yara_rules/ics-cert.yara
  • TRISIS-TRITON-HATMAN/yara_rules/mandiant.yara