d6b5123601241e2688295dc37320be94f2532af392a792480cd809fa8699dc1a

Analysis

max time kernel
91s
max time network
51s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
16-06-2024 05:35

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b1f11c44154a67f692c1d365ce3e840c_JaffaCakes118.exe
Size

18.5MB
MD5

b1f11c44154a67f692c1d365ce3e840c
SHA1

b170adb2ee92c22c0c813e886a5b85955d507efc
SHA256

d6b5123601241e2688295dc37320be94f2532af392a792480cd809fa8699dc1a
SHA512

53539e68d47a4816a82d5a056584581e5c2818f5061a700faa2148baccd5adc38cf8b8920154b1c655b437e8560dc9dd2a5e0555ad02cfc5ba6f8c27ae2e4414
SSDEEP

393216:Lqrb3+y8f4sOF3Dv3VFkJp2GMJtrIkd6hTLPzpnfuivlvz+fo4/:LgT+ypsOJDvlFFtrIMQTbzpnfuqqfL

Score

5^/10

Malware Config

Signatures

Checks computer location settings 2 TTPs 2 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	b1f11c44154a67f692c1d365ce3e840c_JaffaCakes118.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	Msetup4.exe

Drops autorun.inf file 1 TTPs 1 IoCs

Malware can abuse Windows Autorun to spread further via attached volumes.

Replication Through Removable Media

T1091

description	ioc	Process
File created	C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\AUTORUN.INF	b1f11c44154a67f692c1d365ce3e840c_JaffaCakes118.exe

Executes dropped EXE 2 IoCs

pid	Process
1400	Msetup4.exe
4612	MSetup64.exe

Loads dropped DLL 3 IoCs

pid	Process
4612	MSetup64.exe
4612	MSetup64.exe
4612	MSetup64.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious use of SetWindowsHookEx 4 IoCs

pid	Process
1400	Msetup4.exe
4612	MSetup64.exe
4612	MSetup64.exe
4612	MSetup64.exe

Suspicious use of WriteProcessMemory 5 IoCs

description	pid	Process	procid_target
PID 5052 wrote to memory of 1400	5052	b1f11c44154a67f692c1d365ce3e840c_JaffaCakes118.exe	86
PID 5052 wrote to memory of 1400	5052	b1f11c44154a67f692c1d365ce3e840c_JaffaCakes118.exe	86
PID 5052 wrote to memory of 1400	5052	b1f11c44154a67f692c1d365ce3e840c_JaffaCakes118.exe	86
PID 1400 wrote to memory of 4612	1400	Msetup4.exe	87
PID 1400 wrote to memory of 4612	1400	Msetup4.exe	87

C:\Users\Admin\AppData\Local\Temp\b1f11c44154a67f692c1d365ce3e840c_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\b1f11c44154a67f692c1d365ce3e840c_JaffaCakes118.exe"
1⤵
- Checks computer location settings
- Drops autorun.inf file
- Suspicious use of WriteProcessMemory
PID:5052
- C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\Msetup4.exe
  "C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\Msetup4.exe"
  2⤵
  - Checks computer location settings
  - Executes dropped EXE
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:1400
- - C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\MSetup64.exe
    "C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\MSetup64.exe"
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Suspicious use of SetWindowsHookEx
    PID:4612

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Replication Through Removable Media

T1091

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Replication Through Removable Media

T1091

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\MS46486.LOG

Filesize
2KB

MD5
f92a0980f02a86f390d8edaa8bdccfe2

SHA1
f1711aedec01169814e58a7e62b4ca57b8e89189

SHA256
5fee90b957e5779efd9fcbfa28f21e3039cdb4686493b7be22dab5df78dc9dea

SHA512
0f3e851ee0dbb8091e05e82a35698a8f6ca955d057697671a59b274e53339ac9b70f983cd0cfebe84d87972fe293496475edc6d24c56cf82ccbbd852b0700faf

Download Submit
C:\Users\Admin\AppData\Local\Temp\MS46486.LOG

Filesize
2KB

MD5
acdf17ac7685e6fb332d4a888c098b02

SHA1
b89f5a206f2141ad7d05e05609e2d7c9c00c731b

SHA256
a478f0695f4f40e3ce4d53c25671a564130c0ce61a9012651e53530797e7a9ff

SHA512
24f6b2940350d2a7b7abebadefef761b669e852a6ba86a816aee8908ee0061687d854f623333980042a2357c0671872377c198d98af68b86c372e226dd1ba138

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\Msetup4.exe

Filesize
604KB

MD5
81dc5784a381db37ee819f984bb0a934

SHA1
fbb716427aa905409a9540521294bcf4f6e61a61

SHA256
fcb76560703982901f91d9dbb343c12d9c72361f48d6945d52bd95df0c5acd84

SHA512
a53ad899f974754edebe63119e711d855382f10d8f302ac69883ce368ec42641291bd4f8a78d40196b527e59c4c073c44dddc7e13e3b22bdee3da6e7d2b7e3ca

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\AppSettingData.ini

Filesize
14KB

MD5
fb9790982310770de2f87bbbaa6a2a2e

SHA1
f45656c70412586f74335be9af72c462627c363e

SHA256
885a9b3f4990b06563bc208dddee33562e2db1a006e015009de764c07c2f52bd

SHA512
c8f0ba8fbf28b9c57feecb16ace9736847b94d079f968e1451b8617d93f0a687d35fb0e5879f50200eaf1c24d3da24fe42fd5621496821070d9b78e92ade153a

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\Application.ini

Filesize
5KB

MD5
9ee6392987ca4b476816fe2a720d5d08

SHA1
b37ec3e2e56f5d344f36dd6713a9fdef3c288a6a

SHA256
9c1a9b9f8d1f1f59053eb27af787333c3d674e5227676b5386458ad2f28fa4bf

SHA512
ed1fd640c9e15a756c606b7a4832903f1ad999ee0016d006b52555a0cae6ae5005799759e28481f24e3ba60dbff06bad96b7843cac8e3bb7b706a553b02ffba1

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\CDC\CD-1703-000148_win_cd.xml

Filesize
97KB

MD5
372b8a6f670c8112cf62fb2eba9c8f36

SHA1
84a09b8ceb5344724c4a16bd45e65d3c9cbdd02e

SHA256
ab1afb5b66eb96f986c95f9f1734fffeca05e9e70a910848fe0e542402ba0b6b

SHA512
256efce0fcd32ac8c819546a9dbcfa3c62d6717cb92314f10403db5b21ba42d52c1664be2408a169f9b797ba933ae42da394d4e8a887232d79d82ebc9d358199

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\InstallParameter.ini

Filesize
20KB

MD5
bf2ca8363fbd0b5e60d06287c206a82c

SHA1
50eb6a5074c5310e09711be91d9d0fdd657a901c

SHA256
8a98e89dcbae83a3641d28c76f4a2973e57ed07ba13b31dbe7ea567b6cf93415

SHA512
7b4b3a5f927230120a77bb7976fa0775fb4d65bea5a9b27a9f99cc4df3cf88b4085cc245acd7dec4ce67f5ffbd81c4757bf7f7eb6abd14c2ae18f200bdecc8f6

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\LIB\cnwidif6.dll

Filesize
307KB

MD5
9672d9ed2b412b0d2ae771410f8d39b9

SHA1
d699d5f94b86db95c2efe173ed0c3020ed96f3dc

SHA256
03faea318779e09201d893bc1162ef10b32827dfbfdcb359fed4718f25ac2ed6

SHA512
1f0b088f5266a40f810c7dd47644f11fd0ca68093cc27ae75cad339c0111a29a4fd8c2299fa331292411dda0de3c92390965ab75556e67be0337c927b92180d8

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\LIB\cnwidsd6.dll

Filesize
273KB

MD5
906838dccd60518a7708763d3ea773ef

SHA1
2cae5af440e8d9607da0917dc71eea149e3d638c

SHA256
b655a0d1414b32b82718107db65c0a57850a2c4f7c12f5ece49b177107fe5bf0

SHA512
4ea2da4495014b1982f0650abfc7f51f0d2a3a7b4b61f704b023d1393d8abdcade1e1c030869f4ae58b9175374f1732a71a6e85578a38e26a0279b7acdc97d0a

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\LIB\cnwidss6.dll

Filesize
567KB

MD5
fa8b1f7d288f9aee400452094d847280

SHA1
ce276c124ec01aa24aed265eaf54aab325e635c4

SHA256
9f1f909dedfc59188d1b6ceaf423e0d5e32c32a191d311677ba5e73497421caa

SHA512
a1c1220f60a935fdf9c40051983ddcb7b9d6e891b9f4dc23a8f988f26a398d0f5a5eed93d664cc412a294e0a9a3cfc3099beb57268bf0700418635050b173909

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\Language.ini

Filesize
4KB

MD5
f90a88630155681feadb1978b75d83b1

SHA1
dc577fb2579cf9d3ac0cafb404fc2e66da8f3ded

SHA256
928dae13d976c2949fab62fd6c6082a55dc977e430fe081682f475da59a3eccd

SHA512
b9b24b54fc9489400dbd54ce13c81d721860779899ef21996fdbe1acbe7645dbf3710f51be49f9d9d90de8d36e11f23120bbafb0882254e3052da3d53d939886

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\MSetup64.exe

Filesize
6.3MB

MD5
3259a722a0fecbe8c654a8461ccef415

SHA1
37d5e7678e7fbc7a63458c7e5ec1fe42d4c5a67d

SHA256
d724f2d06ce8e51f98b58c85ad3577358de1765e99091eaed923438478b7ca64

SHA512
42a8ddf0047d9fcc55964a39f28f07f623447ac3837a44048b5b23cacc81715c958f14c3bddac84129eeaa554871d35f5488d172630feb86ecfe12e37a7e24bc

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\Msetup4.ini

Filesize
3KB

MD5
41ac50ce40dcdda4f4ccdee406b58a2e

SHA1
8f66021e4d9ea84a7bfee72406dacb2e746f067c

SHA256
59243bd77f7905eeab9d2f668f59def808225c4a545094dfaa26b3dcb869910f

SHA512
531140cacd787753b1466a8e3648d286d3870d8c4ceb34a4089c110d3c94fddfbd0623ca22eb1449f058138d093ec02f735932ac2671f9d179e22cc0252d6c73

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RESM\PROGRESS_ANIME\Install01.bmp

Filesize
379KB

MD5
b75c13ed4bd2ac164377da9d0c288140

SHA1
07a853b34bfb98b20897f5101d7791c97cf8815e

SHA256
0994c60f9e4cef4fc998ce6a90593adfb6321604fec1d41fdb9a4c916f6fa2c8

SHA512
8f8019567ae1d4471e63d7719c889f891eb05ea5a4d2464b0ceb69ca27029698fe584752f8476e7ee0f0c8a10b685f7b6e6bff5a33bfdbb7842ad7961011e859

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RESM\PROGRESS_ANIME\Install02.bmp

Filesize
379KB

MD5
3e5fe27e7d2744ab3fc648347aaff2ea

SHA1
4b38100c58d589b7ba1405d067d12e978aef418f

SHA256
70eb7658bfb2733def296c9d12ffdcf62db38e992133ad0a7375ac82b6e7fd89

SHA512
a8b5bdcaf5271d836183161c382d86e1f9a9ea74ea4921688faacb63d27653ad3afe8ac821212e0c24e95a8e4485e43339e2965510645af2edc00198bf8de432

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RESM\PROGRESS_ANIME\Install03.bmp

Filesize
379KB

MD5
ffff9e77b405aba6e2ba9bf45bb8fb16

SHA1
eea3fd3af4335d12440155aa88aebbd8d5589f1f

SHA256
9293891b99e27eaeb9a4fe620d2ea5b43458b379da1a46c9d13b83b8d5fef439

SHA512
02f321227c304341b951afacd33cc8bfb8c6326ad7772d29d98764304633f11dc8e0226e0b0ec99401d5e15f63e47fdc280b49f552644347e267992842118d14

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RESM\PROGRESS_ANIME\Install04.bmp

Filesize
379KB

MD5
93219097bdc4d248c573a79aaf483f59

SHA1
9b8c7c1466679290b9023d677780d025ad7ca364

SHA256
e7b5f2cd279f62239d546c4cbbfa25cf9607a6f313be931466ce082c8da5b892

SHA512
cb2a27997402ed77d37980e2260cc0874da8cf2b6bbe1f2ee2706e0491322be81b2e45c7734d74c0b3bca354252dafb4170146cefd74974ce6fe2bb43120cc07

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RESM\PROGRESS_ANIME\Install06.bmp

Filesize
379KB

MD5
232528f4dddad9e6a9dbe8a61c27758a

SHA1
7c4ef86dab86a208ec0333b71be51e44398e6576

SHA256
845ffef572f9da45686b60f6a2702438d268805f0ad2f2af7ae319f52e4e456e

SHA512
4decdb8a3f114ae5973ff6339284dd520d9319bc6ca25721a9f094e8fc3539886d78e4f42ec439bcb2c54ef4fc45632ce2a431869a763a8aad1a3e9a815d74c4

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RESM\PROGRESS_ANIME\InstallAnime.xml

Filesize
803B

MD5
994770a2bafa8e786f66ed2c846e809b

SHA1
9b06f278d9aad490474403bc28252ea599a477dd

SHA256
d8727087f8a5125ec2f1c7e9180a31250cc4aa120fa6dfe3d37e377a13311390

SHA512
34cd376851fc8be6f18a368c2675ffb3cde655567196e4cf643ebfc7b53a113d5f2c56d64d3a392a4cd362dda43392d0d5a31e4844887cc1df2ac3be3778998e

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\ANIME\ProgressAnime.xml

Filesize
872B

MD5
e8c5169c6f34246a15a700500780d879

SHA1
fab6e282622210f475c1ad204d0fdfc4542a2903

SHA256
e8a1b2809faea51957b0aeb749b6b8b16916306a0e88f0074259e2a45b7129ca

SHA512
83b914c0ce9e43398625356d52a1acaba2ec0fe0e40d9dda917df4786f9913672a3c7df6f67be91be8a5d1422e6f53f563f2b0d45cd92de99c9a22ff24f58ba4

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\ANIME\progress_1.bmp

Filesize
230KB

MD5
62278769eb2c9ba5c303a74dc01c580d

SHA1
c60f52d8215bca0cb11d49760577a7c6c4006999

SHA256
8bcf51d66e568fd70462673df814f610234465d041938e4c26db938e52864d00

SHA512
fdd2ec76a85a5f9c1f8be93be6d55c81e64112592691782a3652b0dbf479720c1aaa1e30c20ad91000679d7675a2d3250b7e45fa0adfb1c93448ffe915c3bfed

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\ANIME\progress_2.bmp

Filesize
230KB

MD5
75e5e61482d18330bd34a3c336230c70

SHA1
6541a8db041943714ac56f165ffad1c655c61e00

SHA256
8bf0e9d2d1eccef829d3f869e10f4701ebc1961df2e4d277dd1859923d41de38

SHA512
904266e4315f8378804b4c06966b52ed2574c667f7f6941acac47372d0d831f2c63b3009e8c9e31fd075466b96d887e6d5813ca9dd5300a6dad2ef5f3295d609

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\ANIME\progress_3.bmp

Filesize
230KB

MD5
d2e24153817c403a709f18da8e7a5b3e

SHA1
e1bdbcde3f0e7deec4f79388de6e2eb067dc80dc

SHA256
ffb081d7fef55c1443685fa08291462141eb58a72bf7422ae6faf3aea99419f6

SHA512
cb3c4e5445b1c79b01690a2ea85a2f43145f356ec6878c4466b26f4ee53eba5016d410a5823f34fd7e4c80ffd168b7bd8aba51df84a69f4b8d39baaf7235d158

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\ANIME\progress_4.bmp

Filesize
230KB

MD5
d506d4608d2c71e6ceaed8b38e6d7d12

SHA1
da716ee3845b09612b4258b8dd6ee14a5d420519

SHA256
5e85ad135862aff5bc6ea2180b26f058336253c10d7ce2df24aed1aeaa01a544

SHA512
d0952d2579ba4d628f2e84845375648eb297ea1d8e37b8559dd4aeedd4e8d4d510f404b7019d1eb994e1651f09219eec5345a0df6d86343b3807943544082eaf

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\ANIME\progress_5.bmp

Filesize
230KB

MD5
0874ae1e099c0bc54a2a050186ddbfc6

SHA1
d138d228901000e91efbcccc1da649dbf6ebc7ea

SHA256
3ada1f3d292aecbdfa0686ef3fcbc7084a95c50badc4b3d7ebf28b5536230a5b

SHA512
ae37da5e558b45e1ad9b2d7b143cff67d1ffb0da0f84588cf0666004d9454064b2ecec4111187ebbe88577a16116f33594ce452a52096d6aeaa97ec71919cd33

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\ANIME\progress_6.bmp

Filesize
230KB

MD5
0447f57a431b00f307c1f8fc243e1224

SHA1
661b5207d8542a3924848352d40798d49df6d06a

SHA256
7bf6e1ec42895897976b05547fd825c8b5046ebe31df468aa1bfe31ad579e35c

SHA512
7e63434b53e4fd1b1375b4fd72094918052895d567339cc5fdfebf8cc1cb8d6759fc685721522e3c80f37bedfca5bf7cacbfdd90e1115288b9a9d70eb9b046d7

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\ANIME\progress_7.bmp

Filesize
230KB

MD5
d493afdea8e66a43023130b5a28787e1

SHA1
c99458a76b644540e77b03d90ddcad7caa779994

SHA256
a55e2f15d1c14d1bcf43ca5103dd158d04f4460eed069830f8e9a1c56d9c8ab6

SHA512
9c1c1194c1829f91f141cf0c8603a4f0f1ed912d13e323ff016fc47a282e939cc8e81631029181c447d1dd587799b4d32b25eba07b853c20954e153a8af6efbd

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\ANIME\progress_8.bmp

Filesize
230KB

MD5
b00c99c847ca17e1f43b51dc187a36b8

SHA1
fbffa85dcf8815d3c822e66273da712a0b1b5e50

SHA256
2d174b702af50a02b6269d55ecd96ec2dedd3ff7f81c14a0c4a58b6584850bb7

SHA512
6b5cb2904222f2995cba81d261a376c016eafbd5e270f060c3d3902df8227eee6dc5254276c5c24bfe9b5c450b64678092e8de2252db1e5c972a9c6e9388927e

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\Bitmap\01.BMP

Filesize
366KB

MD5
d22f401ca2b8cf94cb0a59a53837709e

SHA1
93c8ff77b36d99aa4f4fda78d7177d076d8ae54c

SHA256
2af8653d0cce327e61dc7b267f108680e3620cfeaea92310412172791f4662db

SHA512
44c290af8c5b8f54f8974f43da3709773270cdc19f7d63872999c51b0d2069b51100a45fd066ea6551372422131a801bd6e494350cfbc02e4d7187796eb1b63d

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\Bitmap\Button\BLUE_MIDDLE_DISABLE_M.bmp

Filesize
11KB

MD5
e96ee353e3b9a4a24ab0c4d25a699ac1

SHA1
441332854100d77170bffffc2aa489e7cd68b768

SHA256
08c3c27ebc1c2959d8986967b77ef92fecb4348a535dfc21dba3ae2eb42c24d7

SHA512
ed1f8b838b5d5d97ab66c43db71b98c5b55da094d3a0751a1ebfc7bb8c1d48c46ff2f9dde066699d1d55525f80833ba3c9cac0537f795645a718620056224bbb

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\Bitmap\Button\BLUE_MIDDLE_DISABLE_R.bmp

Filesize
2KB

MD5
0f26ffa2ad51635587013869eeeacaf0

SHA1
ca6dd39c97e46291b634c7e177e669004db505e0

SHA256
ba4c25b30c316d6fe97fb513dc192686b7b11b29e86934c7ad30e02e4f7aa78b

SHA512
d06b3d7c7c685e4f097e6d0ac50608ce0b63b71727ff53b4035ff9751e8a59b5e39d7545573e3bfdfac8a2091ad74f0436941adc59893b80f338e31f2fa9f164

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\Bitmap\Button\BLUE_MIDDLE_OFF_L.bmp

Filesize
2KB

MD5
31c69378fabb2e5d6907619c11d8d7be

SHA1
e2de0d944839960ac007a3c50af28e11a5f73bd0

SHA256
d64acb2f1443941b67fc27beab2558879a45af82158d045e65fea9a1e38f5719

SHA512
476bbf61bd3172318e7880034010fbe84f6640937124d94fd32a7ee4ec623932c506e8c18cc22ff0da101000f9a96dc46438e57efcb96632b09af258a857cd76

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\Bitmap\Button\BLUE_MIDDLE_OFF_M.bmp

Filesize
11KB

MD5
4823f1e14b094013f809da1897c91f14

SHA1
898b24349ee3e3e8461451ae2581841d0a7aab5e

SHA256
0de53693b3b4c455db6e0596f9bb3b1023073f421eeae1118c191856f636962e

SHA512
878c02d5512fb02cd17d1f81a985cca17825125c843e9661866a59bc884fb974231404b52faa0d638d4c80bd1d25042c362899928221e5e0eb7be4ed750f20eb

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\Bitmap\Button\BLUE_MIDDLE_OFF_R.bmp

Filesize
2KB

MD5
e7a338093d9261805d34e7a7276b909f

SHA1
d62366e1a525c00f24249326aa9539e416ce025b

SHA256
ad81fc537aadbbe2fd2ea2c1f10c7e2e5a3dda6f24781197a3e1f3a6acd32220

SHA512
d2eba993a4749b9a233b9ab428302c54111874c8c65bd43b60b48d09b3dfef74481c7b73fe8694cef2d27c86b1d46434474cad27091b89bb5a188f9e61fce06b

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\Bitmap\Button\BLUE_MIDDLE_ONMOUSE_L.bmp

Filesize
2KB

MD5
b1c8821c744edbd2651377fcf46bda72

SHA1
c9c95f6d216f6f9fd2449479f388475ce085742c

SHA256
1c0c47b14756d3dbe6116c999a57f703c788ee608e66ffbb8aa9e5af58add14e

SHA512
b88a11e5d998d2e54d3412e52ea9cd657b17ec7439d9f3796fa51ad592474738677b88a9905ad1f7dbe2dbdfd406c7fbeba99e465583c0bccefa1a6d4a831867

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\Bitmap\Button\BLUE_MIDDLE_ONMOUSE_M.bmp

Filesize
11KB

MD5
f651420cc3e5cdaaf0fa582a7bec6c39

SHA1
e9e2d84150dc38bb19e9a3370192acd86fba68c3

SHA256
d1d4283f0d233ab3880334cca18af40307d1a2ded95b03f4a473b29b80df2acb

SHA512
ef2c7c17fbe94d561801ef6754100bd6c62fc6bd59e1a5df38b322f50e231a4a907c48995a327e44451d083285963122344b5af90b3172df5782fb89556a4a8c

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\Bitmap\Button\BLUE_MIDDLE_ONMOUSE_R.bmp

Filesize
2KB

MD5
e1c2203f9b3659333c8e8c58eadd6fc8

SHA1
6a1e41ffd6dda840b52a7a61b9a4de77f85d77b2

SHA256
4dbd8f29935ab32f60d171ab4fecebcb548e3c02d18ce497f5d0f669c6f4720c

SHA512
b531b96b6cb213cf4b167e02b5d8b99fdbc8c0a1b92f2d991c876d10a246b315f99e1adaa3dcc7bd4fb95857a9addb21f9aaca5e9a0e4ac07d76337a450caeca

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\Bitmap\Button\BLUE_MIDDLE_ON_L.bmp

Filesize
2KB

MD5
4ebd60d51a29a2af16c61d2c5d8a7527

SHA1
185fab540a0a97a2b838f85623ce5e7136977805

SHA256
d3a285a1c332fb100a0b00c5e7a0925197193b1c3f6b7234dc6ba32393d07566

SHA512
20652159403dec814f1c399bb63c08359eadc3102ffc18b7d692c9ed5f762f31ad68fe96dba9919908dfb03f3d83716e29bc58450c77b3f373a70a8682139c07

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\Bitmap\Button\BLUE_MIDDLE_ON_M.bmp

Filesize
11KB

MD5
2f73b85a0e898a1848fc193ce3a63f91

SHA1
0d73f1d68c960f5def5937c3c77613764706adbe

SHA256
e5e8c4a18d02475ea631191f1827b13e1bd36b793e0d3db7d88126fa1d4ddd35

SHA512
b1bb5ffa469be2bfa2288264743ce80697c8b9f585e48a12541ab8601f2baaefcaaf10886ec9f8b8060a119ba911488531cfec629517ea24b6b2ec7cb299d070

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\Bitmap\Button\BLUE_MIDDLE_ON_R.bmp

Filesize
2KB

MD5
f55810dff74a975f05f29fa39897ab98

SHA1
646aa0b392b43fdade0748095a407746c0c56375

SHA256
79e4519a692b10a4e2314b615249d588bf667d89cdaf9242a9598e4cd0eeef54

SHA512
f7414c78e8cbc00d8efa2342e97bc30481e9623822d6fa87c7f106603a71e1e3901c6eed2463bfc0c2f66b340e675b652276e587b02b42716b24f5a8538af5e5

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\Bitmap\Button\GRAY_MIDDLE_DISABLE_L.bmp

Filesize
2KB

MD5
70922e2ee6c33fab6f74ce86a110448b

SHA1
743377fba68f7a6a23c47374a7107f54233d9833

SHA256
c7b0eb41714131777c67d733dd5aa13ab6695ee51fda2b51032af549d22fd949

SHA512
3fc5e4fffc063127d2c288d460a49c16a690d0cf67bb242680a9a0f5b80cb40ee5a1a6a78906dcddd4979ddfd96240a710729d9af73c5a26205385b3b4ab4b32

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\Bitmap\Button\GRAY_MIDDLE_OFF_L.bmp

Filesize
2KB

MD5
403bdf02fb7014b90fc5095f5ebf6cb2

SHA1
9db5c681150affe43d7851e849aca00725eed8bd

SHA256
cc532be1423507605843548e1b46935a31d6a50fce33ffdb12bd07c9a56d1e5e

SHA512
599d65ec045493d38ebbaa6d884658d07754825cd358d09d2c7a1fef8858a30ba81d24a6d423cf218744b743f8d53d4718fc38eaca9abcaa1617ec52a7e8609a

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\Bitmap\Button\GRAY_MIDDLE_OFF_M.bmp

Filesize
11KB

MD5
2e9ba03628df6653e0d129ae0739019e

SHA1
92233e30f1ab93fce15ce1832673d17fd558c3ae

SHA256
bed6157a3ba994957784cc465e4098ca8d5f55fc13088f6b087beee14e7a1bcf

SHA512
ca30b27b7f8b9c779e6de93d22e8ea2857cb8d05403a5e42302e9dd62311b7cdf2d77285683690198f6dcfb1bf13a73e9a79c441a69a6926171107847c4e30e0

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\Bitmap\Button\GRAY_MIDDLE_ONMOUSE_L.bmp

Filesize
2KB

MD5
09fa568626c1c7ef7b5d2d817aa45cea

SHA1
4c82baf54a22140de253ecc1e3ea72ddc459f532

SHA256
5bdba5a14eb1f2396d28cc76490e21cfbac9aa38e01126610b5891400af092a7

SHA512
75b75d054ae021ffa135ee658b598d2e46de6fc2e9fbd15d2c260d8681917d04ac5757657fecdfc2dcaf27e5f77421e3cbeb9a204458a9e16b17efe2c5927895

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\Bitmap\Button\GRAY_MIDDLE_ONMOUSE_M.bmp

Filesize
11KB

MD5
fe6912f623723bbf07813085991f6cfc

SHA1
13cd34b52da11b375768808dc226cf1fa9b30f3d

SHA256
77c47feb8e9fbe2062cacb72b1d82e56d1ea4f3922611fcccac8151741c10dbc

SHA512
1772c40c6c89a7214a4a63d8676b017daa26ca12e59c8183aaf82ae19bb44d4186d76516d58aeb19a0c6b5ef5ef33ccc491fec032e04e5b7607ae03896ba7b5c

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\Bitmap\Button\GRAY_MIDDLE_ON_L.bmp

Filesize
2KB

MD5
4ac82a91fc01f463c3030f937b8525c0

SHA1
b6602f71f529822cf5afa4a316725037ea8ab4ad

SHA256
09ca62299614ffec171dea2adf0400266252ab160abe486a266432a609e26fde

SHA512
c2a5d6b27986c9398d742459d95ae3e3f11a07752ba872375cda3fa5013ea20945c8abb6e2f892bfc71098a4915ba2bb10ee1e5eb9deffa530686e956c86b368

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\Bitmap\Button\GRAY_MIDDLE_ON_M.bmp

Filesize
11KB

MD5
d944cc7b4055adcac3ba467bf3ad8ecc

SHA1
65f319ae9c2a1fafb30b94b4a2bba99895f6cfb4

SHA256
b8b8160534c4138d4984adba07d3da2cdd241a5803b6d0c8a832ffcaa36f26d2

SHA512
ccac6ad57075cc49bf3d5f4a5528e1f62703025df61fde7c4ab73a1e9522e30862cbe3cbfc697ca608a7e894ef4b487a19e331daed6d84df40ed0aba058607fc

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\Bitmap\Button\GREEN_LARGE_DISABLE_L.bmp

Filesize
5KB

MD5
2485b934a27d23d9b76e6a9049b9a9b8

SHA1
a2206460f7f463a8cf4f6443c50cfd0dde846fb0

SHA256
844a7d76c16656c5845272e5f6fda6e3e93f74afa6b56f9859746e97c78f0922

SHA512
bf1c196036e26ab885194148b923fcf1fcf68dd9ef6c2bb1c7382f34f1743506a39d57b3dfdc7fe5d588f17c12be9045aa31fda2c030c19dd3fb1144371eb093

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\Bitmap\Button\GREEN_LARGE_DISABLE_M.bmp

Filesize
35KB

MD5
4c054047b5bc29066128c31e0caca703

SHA1
66a7210622a6bdb60cbd62a1d0e77686b1b4f55e

SHA256
7e4b93509a9a7cf9ca57a15b5607cfe3ebf60c84a6e67ec29af2557e41f44bdd

SHA512
dad03333ff51a9378e2e36be49ff54c37fa97a1a53c6ebef9f409dd49f864cf0e1dec1954e921e63f04ed5bcbef939f39952bbd64e6fe656cba826f5d79e0340

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\Bitmap\Button\GREEN_LARGE_DISABLE_R.bmp

Filesize
5KB

MD5
81fb6da048e22da1ff1cb0f1b44934c4

SHA1
9149bb20b7a1b11996d6b38128f3636f6f94b1e3

SHA256
233347d7873adceed35e4b26a4936ce9706017554ef238660428f6f14fc22836

SHA512
520ad621a2ac8e35db84d60c6913f288a8059602962a0bebcb40703b88da57f5dda24f1caa137906948b2b48cf37297e0e06f61bed7ed3afdd7ed800a2abb480

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\Bitmap\Button\GREEN_LARGE_OFF_L.bmp

Filesize
5KB

MD5
0036779d2b2af12d623f2259ec13fdf7

SHA1
c821de022906ae4968794be1b17bd48e6e0ba763

SHA256
526ab098bfcab76e929137ea840f859f4403d8708d9b21c380b193ba1b465223

SHA512
9d06e1d4b29fc17feda3876d95b671445d64c656f898bfa2046ab1854997c1ba408ab0d9b12a40c6956b648778931e9c0e817f84703e9bc87f45912348b3d8a1

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\Bitmap\Button\GREEN_LARGE_OFF_M.bmp

Filesize
35KB

MD5
2541feb36ed24998294eba5eb060638f

SHA1
4e7448d8927257c447cc7cdac7ede107450495e3

SHA256
c5a1662fd83d1614beac0134736db34f06bfec9c5cc7e48f462f51bea890d774

SHA512
1d73cb1dcd50cba90bff4dfd84d97cca8b830a1ad7e813c52e853f7fea7f6e60c253ac16ba135d4eb038ddbbf34cef7519cc4583b1e300e68fbf9ea4c9df8a7a

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\Bitmap\Button\GREEN_LARGE_OFF_R.bmp

Filesize
5KB

MD5
ce925626141fb73a6c4c0fb54d00521c

SHA1
b84837400ef97d1a1e140d83feb7971e55991231

SHA256
7dcdbab65e27ac12c40011dd01e1e9fe53bda02b24f3d0ca42379b493915ecc1

SHA512
8180a814b6efb0028983ca9db08a475c1022bff4ba7783f44da473b4ec000e2e81f788abc4b4e3271ac7325ca004c930d5a448fa1eea00e0ce48700ac6356b00

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\Bitmap\Button\GREEN_LARGE_ONMOUSE_L.bmp

Filesize
5KB

MD5
45a8fe43699ae80a560250686be98926

SHA1
ab4093c7279863036a6002ef4c9878f2a516994d

SHA256
5b2d8eaa063eefde7b13ec6ea9158421627ef09e9e844464e721521bc9b2a268

SHA512
ec9e15f94f86bc8496d6ea05627204c00e220234ab483b443f8c95315ce257db356913ad9a730ad29b3fe2d624e2737365a2b921d8ac47a3cc974a02467d35a7

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\Bitmap\Button\GREEN_LARGE_ONMOUSE_M.bmp

Filesize
35KB

MD5
c39dc14a6926a6372d4c1d1e9c777337

SHA1
32efc64fa690167530706188e0b11f741d366da1

SHA256
e07e08def3b5b33afb96c11e91128b1e82748f7403f184d6f05ed6a90b48f629

SHA512
81818fe75cdf07731cafdc8f05124de4eb1a1bcc28804d1413a1f55ece4f4dbda714b5f5a46ae1185881db99e5019f7bca2dd9f6e2b708c763cab96bacfb5d0f

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\Bitmap\Button\GREEN_LARGE_ONMOUSE_R.bmp

Filesize
5KB

MD5
136e44506c31bd56ec4cfd016dd637fd

SHA1
d9e36f90676154be32b6f898d9b4f2c8d12eabfd

SHA256
f7db177659e675400d54622af2a4a03c78a2bf7b1ff7a78f3d4edaf15d037b6b

SHA512
ad071ad6d1c14f5759462758c1f14bc087cc9126d9fa3c9f6f70d441e6accc8d629b89ca64ed91ff5640f8950afb5b43184e402c9b202987045a755618b83de9

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\Bitmap\Button\GREEN_LARGE_ON_L.bmp

Filesize
5KB

MD5
f81ac2c4e3b918cd339fbf8e4ac61e96

SHA1
a875e27c9ac062383122156d3719774e0af5d58c

SHA256
88678590c3bd6156db104cfbf1a78cc966946f157459df9e5700bac522a33cbf

SHA512
95ec5692399065de4773799eb76f68cbc6fa58f5e741ec028513add5109fa29087f1495a72860ffa69797bd4e461474313a421b1be890349344f42ffd75b1848

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\Bitmap\Button\GREEN_LARGE_ON_M.bmp

Filesize
35KB

MD5
24c6d64d45c874befe4bce899cc956fb

SHA1
ca0c14a56de1ec494bbcc7fd66d217fd3ebe8c96

SHA256
9f7d3e628c6937cd104a04aeb2bfb9ae89555268ff88049fe9a52b5b68eb346f

SHA512
7696be75638b197c8f3acd19eea06f2abb3898ed1522e52f93a16816f3341473a1da2834896f550194a9d744eff1bb1985c120790da15882fde5f1b5bd81c471

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\Bitmap\Button\GREEN_LARGE_ON_R.bmp

Filesize
5KB

MD5
57d6cf405ea7190551dc75e7e36d6985

SHA1
175be1257da948c9e0edf775044d38c56a7e91dc

SHA256
5efddad79c1d606ca0534e1ffc5442f372c2cd05537a77ec471c8f2cd1fd83b7

SHA512
9d4bb24b658345e97dcac929820a747ceaa7dd0936a44ca58324a780ef8226ac7d598fe26094e11a184c38239e7959921c11db89a62735b8fd7a09fc40a5a78c

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\Bitmap\IF_LAN_Success.bmp

Filesize
199KB

MD5
4556f61d1b48a4f912926586864b8278

SHA1
12fa4a55f6d8e222af5c69458fc81f70fca6df19

SHA256
7e31205db66672e2b44650101e277723c1760a22b66a9b1a53d0f6a0d3ab156b

SHA512
4311dddab7bddb79a37b7583582dcd9928d4019819ef0cedc8170848e2f781cadfe593c5ca5d79d7e7a92d96ab804c3f3999bd7b1042ad5b73df0610137a0daa

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\MESSAGE\Danish\AdobeICC\license.txt

Filesize
8KB

MD5
f52faba99c80aaeb4e3a641298be7f65

SHA1
c710ad73b8c0f9e966f216d074680fd52131d30d

SHA256
b7fde6bd2cf92d369f228684b181260312af15ee04e909835db7fb4755801ff2

SHA512
60081da43032f963fd27c7b892a998af157546f538f9522f96ef60e67b655fe80410c1ed4b07a2bdd2a2928f20586d3093934a99c158f2c6a5a64dd29a6f9d8d

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\RES\MESSAGE\Danish\YOMIKAKU\License.txt

Filesize
3KB

MD5
717a7a84f859b57bbde32030ca4a94b3

SHA1
209d9d3ca09b5e81bcb49b5670d21081e7dcb865

SHA256
616e6f0592f7388c9f1a51e9ca7dd763292157dc1c284c4690bc00b21662d9c2

SHA512
cbd75bb05714db01f95b3f67aa5fc23eadf5b3e13634aef0cd6411a8020a4aff7fdaac94a754cc8e7a58064119b78d63c679819a0b3e01d93d023b0d97364f7c

Download Submit
C:\Users\Admin\AppData\Local\Temp\win-ts6130-1_1-n_jucd\win\res\message\English\message.ini

Filesize
117KB

MD5
6b724ef493d5099b71e32591cba9ce22

SHA1
9d26d73138680cb810eed4322c3cebf766f08d97

SHA256
5e8ae8f2b8b99c19b4b0afef6ed4277847a64e175ebc01cf8b55ad9eac5965a1

SHA512
3248271e65ac613cb262da7362206f3384025259b677547bbca65176b88cf12209a48cf317092a71f7dcd6150ddf05e94c7963a2990455617d071cd416803dda

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads