2afb5303e191dde688c5626c3ee545e32e52f09da3b35b20f5e0d29a418432f5

Sharing

Copy URL

Twitter E-mail

General

Target

processhacker-2.39-bin (1).zip
Size

3.2MB
Sample

240620-bcwrqsvamn
MD5

b444cf14642ce9b8d75e079166a5df0b
SHA1

8e8f8423d163d922242b8b7d85427664f77edc97
SHA256

2afb5303e191dde688c5626c3ee545e32e52f09da3b35b20f5e0d29a418432f5
SHA512

915b9f7c0b1374ce52fa9653ba1084741d15ff79dbb7c04d2a0f41eea8262b2f556d451bf9eefbd2d32831289908b6a1b39ce2cbcafbbfc4ae6e71d701b1aa81
SSDEEP

98304:jDqt5TrOmlLB/7rTOqcXfOzJR1qioDLK2EbhQ:3sTrHlB73OqX4ioDfshQ

Score

9^/10

Malware Config

Targets

- Target
  
  x64/ProcessHacker.exe
- Size
  
  1.6MB
- MD5
  
  b365af317ae730a67c936f21432b9c71
- SHA1
  
  a0bdfac3ce1880b32ff9b696458327ce352e3b1d
- SHA256
  
  bd2c2cf0631d881ed382817afcce2b093f4e412ffb170a719e2762f250abfea4
- SHA512
  
  cc3359e16c6fe905a9e176a87acf4c4ed5e22c29bfca11949799caf8442e00ec0d1679b3d8754dbc3e313528d3e8e82c0ec1941e2c3530b48229c1cb337f6b8b
- SSDEEP
  
  24576:V7eokafnkAwgcU+29fR4PQviXq1pj3EDT5m+m8I:V6efnkdlUF92PGBOT3m8
Score

9^/10

discovery evasion execution persistence
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
- Downloads MZ/PE file
- Drops file in Drivers directory
- Manipulates Digital Signatures
  Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.
- Sets service image path in registry
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Blocklisted process makes network request
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1
- Target
  
  x64/kprocesshacker.sys
- Size
  
  44KB
- MD5
  
  1b5c3c458e31bede55145d0644e88d75
- SHA1
  
  a21c84c6bf2e21d69fa06daaf19b4cc34b589347
- SHA256
  
  70211a3f90376bbc61f49c22a63075d1d4ddd53f0aefa976216c46e6ba39a9f4
- SHA512
  
  0d7abcc792127c37d6af58ec5b900c1754d02913794fcf37d92c400d3a9eb8981f6aa5515e48fa8fc11ac0eb51c1da260d7defc0e60b21de70a4e58413c296fb
- SSDEEP
  
  768:ZkCOeX2Yg5KY6VgQqdzfVJdf/aEB2zBdZp0IfKg589z1hEn:nzn68BaIfRn
Score

1^/10
behavioral2
- Target
  
  x64/peview.exe
- Size
  
  229KB
- MD5
  
  dde1f44789cd50c1f034042d337deae3
- SHA1
  
  e7e494bfadb3d6cd221f19498c030c3898d0ef73
- SHA256
  
  4259e53d48a3fed947f561ff04c7f94446bedd64c87f52400b2cb47a77666aaa
- SHA512
  
  33060b907c4bc2335328498aac832790f7bc43281788fa51f9226a254f2e4dbd0a73b230d54c2cde499b2f2e252b785a27c9159fc5067018425a9b9dbcdbedbc
- SSDEEP
  
  3072:/U30KmLQQMpQZxRjsMUni4nuWKz+OHPKVgW9G0tpLmSlbJY/i:/UbmEQMp4TVtW0+Ovh
Score

3^/10
behavioral3
- Target
  
  x64/plugins/DotNetTools.dll
- Size
  
  132KB
- MD5
  
  b16ce8ba8e7f0ee83ec1d49f2d0af0a7
- SHA1
  
  cdf17a7beb537853fae6214d028754ce98e2e860
- SHA256
  
  b4cc0280e2caa0335361172cb7d673f745defc78299ded808426ffbc2458e4d9
- SHA512
  
  32de59c95d1690f4221b236376e282c8be1bb7f5d567592b935dcd798b36b80e86da81741c5845fa280386f75f6eafc9bbd41035362984150b134d24aede61eb
- SSDEEP
  
  3072:OkF+ncOyiGt9KQ130WlLJydacG3EkLLFjSeB:Oi+WH130U/
Score

1^/10
behavioral4
- Target
  
  x64/plugins/ExtendedNotifications.dll
- Size
  
  140KB
- MD5
  
  be4dc4d2d1d05001ab0bb2bb8659bfad
- SHA1
  
  c0ed9e375b447b61c07c0b00c93bb81c87bcfc2e
- SHA256
  
  61e8cd8de80a5c0d7ced280fe04ad8387a846a7bf2ee51bcbba96b971c7c1795
- SHA512
  
  31389e268fe3bf1175fa3c251ca026f77dc59361b8425c9826f31d18c5174e6de68c6092aef187f2bd2c92d89b3093a660b2fe6189af369293c1117c856b5cdf
- SSDEEP
  
  3072:ucUs2pkSTVRC6//SZDTWeEd1D6gyqAnr6rw8N9TZof:ua2zRC6ncXWl4
Score

1^/10
behavioral5
- Target
  
  x64/plugins/ExtendedServices.dll
- Size
  
  136KB
- MD5
  
  4858bdb7731bf0b46b247a1f01f4a282
- SHA1
  
  de2f9cbcec1e1fa891d9693fb3cadfdd4cfe1f60
- SHA256
  
  5ae7c0972fd4e4c4ae14c0103602ca854377fefcbccd86fa68cfc5a6d1f99f60
- SHA512
  
  41b39560e15d620733ca29dc37f55a939a653f99686ac86643ccc67fbb807ad95d1996b867319d98506f3b8a30772fff3c3317bbcc205987f48031923f674d9a
- SSDEEP
  
  1536:cjYKbIeoRGwasSxZVqHa0fdZ5OiRJjHlcUhzD55DBdisWpZ9dl3K+OL/VfRc2:diLhZCdZ5bHHlcUz5PaNKxjVpc2
Score

1^/10
behavioral6
- Target
  
  x64/plugins/ExtendedTools.dll
- Size
  
  196KB
- MD5
  
  bc61e6fb02fbbfe16fb43cc9f4e949f1
- SHA1
  
  307543fcef62c6f8c037e197703446fcb543424a
- SHA256
  
  f2805e0f81513641a440f1a21057a664961c22192cb33fca3870362c8f872d87
- SHA512
  
  0bbfe53e1dd933a3080d9775ad890fcbd73f9820885efa6b69e9664261249f34eaae3870f74de8511734fc9a0114f36e1bfc529a032d303a8e3e583e37a506c6
- SSDEEP
  
  3072:kahH9o/M+4BoraGA7sYt/zVcfg8Snh/3RFjxabZ67DG3p+DbR17LhY:P0MGraz/zRNh/3RU+72
Score

1^/10
behavioral7
- Target
  
  x64/plugins/HardwareDevices.dll
- Size
  
  180KB
- MD5
  
  a46c8bb886e0b9290e5dbc6ca524d61f
- SHA1
  
  cfc1b93dc894b27477fc760dfcfb944cb849cb48
- SHA256
  
  acd49f2aa36d4efb9c4949e2d3cc2bd7aee384c2ced7aa9e66063da4150fcb00
- SHA512
  
  5a4d2e0fa7a1a14bc4c94a0c144bfbfcef1ecabe4dc15f668605d27f37f531934778f53e7377bab0ff83531732dc15e9fc40b16f2d1f7e925429681bd5bdca73
- SSDEEP
  
  3072:MTvTGn6NTm+vpcUVBrM9mG56i5O6wKPudbCWT08hQPpoM:M/G69bvucA56iA6EM
Score

1^/10
behavioral8
- Target
  
  x64/plugins/NetworkTools.dll
- Size
  
  134KB
- MD5
  
  d6bed1d6fdbed480e32fdd2dd4c13352
- SHA1
  
  544567d030a19e779629eed65d2334827dcda141
- SHA256
  
  476aa6af14dd0b268786e32543b9a6917a298d4d90e1015dac6fb2b522cf5d2e
- SHA512
  
  89362a7b675651f44649f0ea231f039e0b91aba9f84c91545f15e187c6cbd07bbf3648a4e232dfe5122cf5636e67c458f4f7dab49ed4de3f3a303aa396c41d1c
- SSDEEP
  
  1536:mhhDibqaA8T+B++QWWEVGyEYfGup5oGjxNj8DsDdvsWch9dl/6RHyA8E0SHBZmA:ghGbA82+t6GLYfnoGjxp8e+ZB6RSALfr
Score

1^/10
behavioral9
- Target
  
  x64/plugins/OnlineChecks.dll
- Size
  
  222KB
- MD5
  
  12c25fb356e51c3fd81d2d422a66be89
- SHA1
  
  7cc763f8dc889a4ec463aaba38f6e6f65dbdbb8c
- SHA256
  
  7336d66588bbcfea63351a2eb7c8d83bbd49b5d959ba56a94b1fe2e905a5b5de
- SHA512
  
  927d785d03c1ee44b5e784b35a09168978b652f37fb73a1a2eeecd3583c28595fb030e8c1f87ab9a20beac4622775777820d1a2ad7219ba8b9ae8b6fbc4568a0
- SSDEEP
  
  3072:VDy7cjwTlCAlW0InMxf08ZyIjSNVnKJ3HzuoX7o+ThTPD0r7NF4jM9Td2xOdj+C9:Vu71TtInMxf08gI2HnKJDuG73JtxE
Score

1^/10
behavioral10
- Target
  
  x64/plugins/SbieSupport.dll
- Size
  
  95KB
- MD5
  
  37cbfa73883e7e361d3fa67c16d0f003
- SHA1
  
  ffa24756cdc37dfd24dc97ba7a42d0399e59960a
- SHA256
  
  57c56f7b312dc1f759e6ad039aac3f36ce5130d259eb9faad77239083398308b
- SHA512
  
  6e0bfab9ff44f580f302cabd06fc537a9e24432effd94b50ab696b35f57a61772072b7f9045a9e99fa4bf3bc316f43ea25ab6c87517242e7957eb86575203bed
- SSDEEP
  
  1536:Im0GxwvasFsbgkc+kvtRSmgDzxdXsWZr9dlnVrUv0ukc:Im0hasFs8H+kvtRovrTxVrUv0vc
Score

1^/10
behavioral11
- Target
  
  x64/plugins/ToolStatus.dll
- Size
  
  243KB
- MD5
  
  3788efff135f8b17a179d02334d505e6
- SHA1
  
  d6c965ba09b626d7d157372756ea1ec52a43f6b7
- SHA256
  
  5713d40dec146dbc819230daefe1b886fa6d6f6dbd619301bb8899562195cbab
- SHA512
  
  215d6c3665323901d41ae5151908c4e084a04a1558617016f0788194304e066410b92943bd6c119339727037ee02cfda893b9baf5603b2870d9fc5ae0c77ca7e
- SSDEEP
  
  3072:tOHhxKcNnCYBFNFAKIkpgVIgHAuopbQfhVV2aOQE6o0bp94wZOeb299zBw8:UHhrtaV3AuopMMeb21w8
Score

1^/10
behavioral12
- Target
  
  x64/plugins/Updater.dll
- Size
  
  110KB
- MD5
  
  6976b57c6391f54dbd2828a45ca81100
- SHA1
  
  a8c312a56ede6f4852c34c316c01080762aa5498
- SHA256
  
  0c11cdc3765ffb53ba9707b6f99ec17ae4f7334578a935ba7bcbbc9c7bdeed2e
- SHA512
  
  54d8b39457f516d921bb907615ff60a46b6031e1444a443c9657e06d78c9fb0f637ae4756bb7b884e4dca2f55902372ad4ddba1d020abe02e0a381702ae270cc
- SSDEEP
  
  3072:yy8QoSuThifQ0gUmL1lV51hdJFxZ9l1JtB9plRN51hdJFtVpRR5hJt0rsBLsGbOd:ZiYQ5UmBNerF
Score

1^/10
behavioral13
- Target
  
  x64/plugins/UserNotes.dll
- Size
  
  114KB
- MD5
  
  e48c789c425f966f5e5ee3187934174f
- SHA1
  
  96f85a86a56cbf55ebd547039eb1f8b0db9d9d8d
- SHA256
  
  fc9d0d0482c63ab7f238bc157c3c0fed97951ccf2d2e45be45c06c426c72cb52
- SHA512
  
  efdb42e4a1993ee6aa5c0c525bd58316d6c92fbc5cebbc3a66a26e2cf0c69fe68d19bc9313656ad1d38c4aef33131924684e226f88ef920e0e2cd607054a857c
- SSDEEP
  
  1536:0fiz3P6ZDIigvpiwyXtHaGFKNQCf5FlvULnQDCdxNsW99dlhSkkOZ8DCuB8ViFw:3P6Z0iGNyd6Gi7f5/eQExdL1kY8DCurw
Score

1^/10
behavioral14
- Target
  
  x64/plugins/WindowExplorer.dll
- Size
  
  133KB
- MD5
  
  0e8d04159c075f0048b89270d22d2dbb
- SHA1
  
  d0fa2367d329909b6c9efcb3cc2c2902d8cf9b22
- SHA256
  
  282696487ea5dc781788d5d8477b977f72b7c70f201c2af0cfe7e1a9fd8d749a
- SHA512
  
  56440f3feddc124574debfe3789e14d908982d4d8e9516f42fab7db7bcecdd3badd2f75e005016a7b9d87a00d5646b8df722bae8fba3932198babbe5335cf197
- SSDEEP
  
  3072:FrcYzsiPpE70C5FwyJBId/GkWXaVJ32kZ8:Frc0s502FFnS8
Score

1^/10
behavioral15
- Target
  
  x86/ProcessHacker.exe
- Size
  
  1.4MB
- MD5
  
  68f9b52895f4d34e74112f3129b3b00d
- SHA1
  
  c5e2018bf7c0f314fed4fd7fe7e69fa2e648359e
- SHA256
  
  d4a0fe56316a2c45b9ba9ac1005363309a3edc7acf9e4df64d326a0ff273e80f
- SHA512
  
  1cd875f9d0301b14645ea608fe61560a229ee395fa061f32675c3d84e41916998f887278d8497a5e875be22ba8fcbcfcbd878a5e2ed1746dc75430b7aed5fede
- SSDEEP
  
  24576:fsmjNvgp+pxECAucO9iWFT0z7rLuUhFP3MGX:PFgpAiIiWdzUz35X
Score

1^/10
behavioral16
- Target
  
  x86/kprocesshacker.sys
- Size
  
  40KB
- MD5
  
  6365fe1d37545c71cbe2719ac7831bdd
- SHA1
  
  9356d660cebd2604ec4e72967f44678741331d5a
- SHA256
  
  0f97f6d53fff47914174bc3a05fb016e2c02ed0b43c827e5e5aadba2d244aecc
- SHA512
  
  97032d1e86505c8eed85465718e24bfdd4cf75cceecac4eab6d0679027b4f57e1f4be65b3095045daec85b00a665cc319a00b0f928dd08c04ef636552c07ab7d
- SSDEEP
  
  384:pJalhhQJoHFgsTogO19bgAiDLsC36Q8nyCbPtgfAODUAn0FYPggZouZZv/K6jGX3:QeodO1ZKXs8dfHxdDKgskC1hz
Score

1^/10
behavioral17
- Target
  
  x86/peview.exe
- Size
  
  204KB
- MD5
  
  711be6337cb78a948f04759a0bd210ce
- SHA1
  
  20c48d7dc881d2066d7702e98796eb2024c77ca9
- SHA256
  
  41967c3ee8b8e2416ddb3e82d8df1219365a7b180138ca8c3256192794e5f8ff
- SHA512
  
  b29c3907ceabab08d75cecc926764d54c857a4aca5728c514753c5c60ee8db061c6811c8ff0f83bf52b498325f3ddc180edf5ca91e691476ee79dd4423e99910
- SSDEEP
  
  3072:2u/fuFdRj5OJJMCTut5mK4o03KmDxfcpjs7LrV40iAAjViZ0W1mBiX/DF+jQC:2u/fOjuJMCCMKP+x4jsveNgvm
Score

3^/10
behavioral18
- Target
  
  x86/plugins/DotNetTools.dll
- Size
  
  111KB
- MD5
  
  15ab3740703138ed5c091ea7736620f4
- SHA1
  
  545a9e061fd25d5c42a7a105ae17008543e20406
- SHA256
  
  0d7240d074ba544c90df72d5e339978aa2edc19f4a02c0a302718d851b11c384
- SHA512
  
  6107c70fe223e43ec3f14f8a4430f6947fd972d3878b3a270c03eff2b51f18fdd9d22307b1b3a71a52e696545339ba5c1695a34f58295fdb23a9eb2aed0b8f1f
- SSDEEP
  
  3072:6Rdqs04SELY/n6In9ss8TdTU4Sa0eLE9Q2MG2Cin:6RAs04XLU6CdYLG3in
Score

1^/10
behavioral19
- Target
  
  x86/plugins/ExtendedNotifications.dll
- Size
  
  120KB
- MD5
  
  56cc0204d69be9fe0987f6570783a138
- SHA1
  
  f6024adbc00c3caef570331a82ce9535ddafd51d
- SHA256
  
  c1a74caa7da222a78715d4307f6247cb8aba4cb01434286e17d9cb18860aa612
- SHA512
  
  86ee5535ee14cd55940d4562edf0f744410ad46fdcb7256552755412242e3ece02564ad577d3d3a4de75c497a8ece67cc690f4b7b76abfd37b8129d750c2069d
- SSDEEP
  
  3072:lQSnPFFFd7h7ZpcotN5grnrzAjixjIZo/dgo:lxnPTFZ17AFxqo
Score

1^/10
behavioral20
- Target
  
  x86/plugins/ExtendedServices.dll
- Size
  
  116KB
- MD5
  
  0c1a9c2a6190f1baab115316da215f89
- SHA1
  
  71326114c50ec7fd3afdf9ab43cc631fb32a40d0
- SHA256
  
  647611756cac85d8fcc8cd78efdc5712c68e4fe7bbcc8a64081900c68bcc0feb
- SHA512
  
  b7abf69665970cbfd7d07607a1b92048c499c15c1d17c10135c4c7e596063eabd17809e7073cc2fb4861b4275a3e88e767c43ab53785a20cdd18d79883b6d042
- SSDEEP
  
  3072:uSRJylyd/ga0uHdtBTIzBHdcAOcn3+0ec7bOH/:BRJfJMmaORH/
Score

1^/10
behavioral21
- Target
  
  x86/plugins/ExtendedTools.dll
- Size
  
  171KB
- MD5
  
  013dbb7c2ad8ba8b253a79c38caa5fe2
- SHA1
  
  5843281bcf9ee9bbc07179ef5032b5b7c8dcc555
- SHA256
  
  b029eb3a7444fa333daf8410dad0f770e2e9ff57a3ba6bbdd8b5d2696f43646d
- SHA512
  
  34d79a48a7d1af61f79c5f5dfa3fb5ce4f80c96ca078b343f03b57dfa8ab180a1ace9ff7501253c4a30cd2f1122f9154e2bfad8ea8b0aa31707e3ba31859e126
- SSDEEP
  
  3072:TACydNlIeMYoFoafAYDhjstr3cU/exUyND5VpCb2:TATeiNc3KU5Cb2
Score

1^/10
behavioral22
- Target
  
  x86/plugins/HardwareDevices.dll
- Size
  
  157KB
- MD5
  
  7c35a25859271e4550580a5b6ec769fa
- SHA1
  
  b99b6c10bc2b95cbd5270ca7549f54b5d69f8eb2
- SHA256
  
  e0c91ad1ead26ba93257059b5a7600c6fc3baf3278499d850e9e884fea409761
- SHA512
  
  c5d93b421a0a63c6c7fbf5684716c967d5176115627291ae680225b091c570ae53eec17ec306451a810432fc96b3c833294a62de67b2b5bb5df0e0c5fb525f4d
- SSDEEP
  
  3072:2ELgmODhaGSOL6YBpBZilmm9/tfm9V5OrIkPxXSm4TRs8pPp/Batj:2ELgmODhaGSOL6YBpBolmm9wUrRxI37Q
Score

1^/10
behavioral23
- Target
  
  x86/plugins/NetworkTools.dll
- Size
  
  116KB
- MD5
  
  a5de58251832d3aef63fee13c96b10d2
- SHA1
  
  9e598c1fd1539c1bfb5b55ebdacbe41c1ac26600
- SHA256
  
  62472b33ba6fe0f4c5f4997236b3e0d9053c9e2de9730e3db78d2749a2bea6c4
- SHA512
  
  dacfded99026f0a24dbf06c9b2c12e819dbeb1509441df2d9fa0e2d3048f2de64ebe259d5909fe88a24fabadf262595b4b96064bc17cf9347296b386e273a0c2
- SSDEEP
  
  1536:4zPf2Sz6wBaABOKcRmRkaPTTd4BXcVPZdjshsWk1cdeB7PIQl4jhNj:4zPf2SzuK9RkOTTd4BMdrEeB7AQl4j7
Score

1^/10
behavioral24
- Target
  
  x86/plugins/OnlineChecks.dll
- Size
  
  194KB
- MD5
  
  d811b73d47b603e0d212fe311409b5d8
- SHA1
  
  4d5fcccb3f3b4134b7c39f9ed81e5f3a707c6581
- SHA256
  
  118192e0816876cb1af3453a36ff2afdd48c09591399779c7b12dd083b1efcea
- SHA512
  
  b07a35731d24490410d312cfc9155bcb9cc10c43b56ab20eb84b748f56ff647732af9988ccc90e71b4af901229859057c6f7362b5af1c70f3d9fc8e91ef80aa7
- SSDEEP
  
  6144:51qMB/hGOvlvwdcc/VcVU07XqEFa2pIqFy:51qMB/hGOvlvwdcc/VmUelbpIqFy
Score

1^/10
behavioral25
- Target
  
  x86/plugins/SbieSupport.dll
- Size
  
  81KB
- MD5
  
  4daa3b45699017dce248b0e6f634885f
- SHA1
  
  c155ec9e2b1ab9b6178074ac3f7900bedff89cae
- SHA256
  
  d28a6bd0cbbe33c05586edbfa7266c85355e5762afd89a3633a23136723b625e
- SHA512
  
  a0e05a0aac333a7f62961e77f6ea1587bb16a986cf7cbd24f0f39942bf4403b9438f98e553c72643ead742590d0f300b605027cc9bc92a47a523167e2f2765e2
- SSDEEP
  
  1536:c1CLBSfuO2cTwGQXmj51Dds5Ecj3ksWhcdgZCnQnmxukfK1:c1CVg51Dpcjlg8nQnmxuky1
Score

1^/10
behavioral26
- Target
  
  x86/plugins/ToolStatus.dll
- Size
  
  223KB
- MD5
  
  837ef2b8f202ab9f53545fa2bc7fe71e
- SHA1
  
  4fb675056cdcf97a6fde847bcdb7d8d591771387
- SHA256
  
  a4ef4fa8a094983ca9a532dad9866e27d0211db98a5def3a3c4eb73f6d92d233
- SHA512
  
  d39b000d6d31bef3cf053443f3576318198e2b6ed180a0e4344dfb44c0d5549f09192455a4a2c55860c34723f50ac1dda23264259083a7b182fdc1a6d366a481
- SSDEEP
  
  3072:C8faMRFQENjlUcykpTRem9Z4wZOeb299zBwJY3G5:C8fFQEzUE9Ceb21wJY3G5
Score

1^/10
behavioral27
- Target
  
  x86/plugins/Updater.dll
- Size
  
  94KB
- MD5
  
  0d69dbdafe0a75066405c10413c7eb7b
- SHA1
  
  df685b3cc0bff48424c52b18aca90e128ab531b9
- SHA256
  
  badaddeeef941610eb0912330848349a08fcac0983d7fb749c45f70b86c59c7c
- SHA512
  
  57523899f4666324c6df7c2ac04d30d8e33cd8a5e5353552219ce6879c5a410b562f0dfaf696161f31d4d446d4cb3acf695d508d578d9a97f5b90e2466493eb9
- SSDEEP
  
  1536:ZXRrbgI85UI2SgY5qvE5R4zAijcPLsW+ycdgTsGb+nBMWz6TKMI9kj+tN5Ka:RR/Y5q6G1QPqgTsGb+nBMc6TKMI9i+tx
Score

1^/10
behavioral28
- Target
  
  x86/plugins/UserNotes.dll
- Size
  
  96KB
- MD5
  
  7de6aa4f0d79e4b243a66b4db6f17fe9
- SHA1
  
  0137fd9f2e0115e88003b80942b137ad83b52f5b
- SHA256
  
  a94d02d9645a4f4fe0388bb40775862aa3f90d22a93fdb14870389ab891b486d
- SHA512
  
  1fa4216fcf84663c185a2b244055d93b25a3242d79699a7973dc0ea50b80c4cd21df52cc6601868c9d68591d667130f4b2408093ea93641a14a352e8788d1bee
- SSDEEP
  
  3072:mEuN4hL6EK8WvWCR3RPPp9KjqzUJEAElDBUh3:9L88Wz3zYKKh3
Score

1^/10
behavioral29
- Target
  
  x86/plugins/WindowExplorer.dll
- Size
  
  114KB
- MD5
  
  677ba76c0fd853531c2fbed4450b972a
- SHA1
  
  3a7446f62ab8079a26d94f44e7a2ac46c8ac4ca5
- SHA256
  
  da34c37dfab96cf0c0af655602e41ee8dab8e6d692ce3a374943bb1dc010ad77
- SHA512
  
  26827fab2e022fc88b49d3ed90fb0470497c37262603b636336c3dcd01f5829f4fc253e7d4f5ec64d79e985bc5e0abb8f797ff63cafa35660af23cde1e461e52
- SSDEEP
  
  3072:GKP8p10sWUJswbuL7XR9yAvv3UQ0gR1f3o:GKP8pqsjuLw0p3o
Score

1^/10
behavioral30