C:\Users\Belim\Desktop\ThisIsWin11\src\TIW11\obj\Debug\ThisIsWin11.pdb
General
-
Target
TIW11.zip
-
Size
103KB
-
MD5
e4f848d40fe13a09a9853ae3c65dbf7a
-
SHA1
18eb930142db4e829834b16b6ca2565b239d1207
-
SHA256
e05bddb512d944bee1c7006389e5c8302101bce559d1f869ee78912dc333bebe
-
SHA512
2a97852f87ec8e7824d176239d90bfc0693367941e178b2424a4dc5ede54daf9132d78dffff319d5546d6fd827eefa3c6987b0f27913c647df1e004ce7d88b40
-
SSDEEP
1536:CA793NLPVia9npEYVSGqIsu6GR9IX+DYIT0N48SVkcbdjwaLMHXg5S+zgEWka4:CA/LP8oTN6OKuT0N48Ck2UwE4
Score
10/10
Malware Config
Extracted
Language
ps1
Deobfuscated
URLs
exe.dropper
https://github.com/rcmaehl/MSEdgeRedirect/releases/download/0.6.1.0/MSEdgeRedirect.exe
Signatures
-
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
Files
-
TIW11.zip
-
ThisIsWin11.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections
-
data/apps11.txt
-
data/opentweaks_gamingProfile.tiw1
-
data/opentweaks_oobeProfile.tiw1
-
data/packages11.xml
-
data/plugins/Albacore.ViVe.dll
dae02f32a21e03ce65412f6e56942daa
Headers
Imports
Sections
-
data/plugins/Disable TPM 2.0 Check.ini
-
data/plugins/Enable AutoAdminLogon.ini
-
data/plugins/Enable Classic Context menus.ini
-
data/plugins/Join Domain.ini
-
data/plugins/Win10X Boot Animation.ini
-
data/plugins/aal_off.bat
-
data/plugins/aal_on.bat
-
data/plugins/tpm_off.bat
-
data/plugins/tpm_on.bat
-
data/scripts/Apps/Enable apps dark mode.ps1
-
data/scripts/Apps/Install apps.ps1
-
data/scripts/Apps/Reinstall all built-in apps.ps1
-
data/scripts/Apps/Remove OneDrive.ps1
-
data/scripts/Apps/Remove default apps (Provisioned).ps1
-
data/scripts/Apps/Remove default apps (Recommended).ps1
-
data/scripts/Apps/Update Store apps.ps1
-
data/scripts/Edge/Bypass Edge as default handler for web searches.ps1
-
data/scripts/Edge/Run MSEdgeRedirect.ps1
-
data/scripts/Energy/Ultimate Performance mode.ps1
-
data/scripts/Privacy/Disable Services.ps1
-
data/scripts/Privacy/Remove telemetry of third-party apps.ps1
-
data/scripts/Storage/Clean up Windows.ps1
-
data/scripts/logs/Update Store apps.txt