Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

tabby-1.0....64.exe

windows11-21h2-x64

5

$PLUGINSDI...ls.dll

windows11-21h2-x64

3

$PLUGINSDI...em.dll

windows11-21h2-x64

3

$PLUGINSDIR/UAC.dll

windows11-21h2-x64

3

$PLUGINSDI...ll.dll

windows11-21h2-x64

3

resources/...rop.js

windows11-21h2-x64

3

resources/...dem.js

windows11-21h2-x64

3

resources/...end.js

windows11-21h2-x64

3

resources/...ing.js

windows11-21h2-x64

3

resources/...ing.js

windows11-21h2-x64

3

resources/...ice.js

windows11-21h2-x64

3

resources/...enu.js

windows11-21h2-x64

3

resources/elevate.exe

windows11-21h2-x64

3

resources/...AC.exe

windows11-21h2-x64

1

resources/...nk.bat

windows11-21h2-x64

8

resources/...64.dll

windows11-21h2-x64

1

resources/...86.dll

windows11-21h2-x64

3

resources/...se.vbs

windows11-21h2-x64

1

resources/...64.exe

windows11-21h2-x64

1

resources/...86.exe

windows11-21h2-x64

3

vk_swiftshader.dll

windows11-21h2-x64

1

vulkan-1.dll

windows11-21h2-x64

1

$PLUGINSDI...gs.dll

windows11-21h2-x64

3

$PLUGINSDI...ec.dll

windows11-21h2-x64

3

$PLUGINSDI...7z.dll

windows11-21h2-x64

3

$R0/Uninst...by.exe

windows11-21h2-x64

4

$PLUGINSDI...ls.dll

windows11-21h2-x64

3

$PLUGINSDI...em.dll

windows11-21h2-x64

3

$PLUGINSDIR/UAC.dll

windows11-21h2-x64

3

$PLUGINSDI...ll.dll

windows11-21h2-x64

3

$PLUGINSDI...gs.dll

windows11-21h2-x64

3

$PLUGINSDI...ec.dll

windows11-21h2-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    tabby-1.0.211-setup-x64.exe

  • Size

    96.1MB

  • Sample

    240905-xabvfaxglb

  • MD5

    bee17105a146ccc9cb442e2855611339

  • SHA1

    8f8bf9729ba737a13ba5470bf2e21df1a8f866e8

  • SHA256

    0c2d5689e1d910d27af2ec66fd6f7c618cd12533c39b7c9d978ac7296f4b233d

  • SHA512

    dc06faf28cbabd23eea1683f9e66940a8ff054a44bdc1c3f818e38a8551de3e8c39b6ba6d041d807970761f60bb0c046a3d0c029803ecc5ab7af9f74409276f9

  • SSDEEP

    3145728:7Ge40+EFABU7A8gnZGUasy2f9lEBE0OZRTcb:j40+ESy7A/x4E0OnM

Score
8/10
discoveryexecution

Malware Config

Targets

    • Target

      tabby-1.0.211-setup-x64.exe

    • Size

      96.1MB

    • MD5

      bee17105a146ccc9cb442e2855611339

    • SHA1

      8f8bf9729ba737a13ba5470bf2e21df1a8f866e8

    • SHA256

      0c2d5689e1d910d27af2ec66fd6f7c618cd12533c39b7c9d978ac7296f4b233d

    • SHA512

      dc06faf28cbabd23eea1683f9e66940a8ff054a44bdc1c3f818e38a8551de3e8c39b6ba6d041d807970761f60bb0c046a3d0c029803ecc5ab7af9f74409276f9

    • SSDEEP

      3145728:7Ge40+EFABU7A8gnZGUasy2f9lEBE0OZRTcb:j40+ESy7A/x4E0OnM

    Score
    5/10
    discovery

    • Enumerates processes with tasklist

      discovery
    behavioral1

    • Target

      $PLUGINSDIR/StdUtils.dll

    • Size

      100KB

    • MD5

      c6a6e03f77c313b267498515488c5740

    • SHA1

      3d49fc2784b9450962ed6b82b46e9c3c957d7c15

    • SHA256

      b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e

    • SHA512

      9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803

    • SSDEEP

      3072:WNuZmJ9TDP3ahD2TF7Rq9cJNPhF9vyHf:WNuZ81zaAFHhF9v

    Score
    3/10
    discovery
    behavioral2

    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      0d7ad4f45dc6f5aa87f606d0331c6901

    • SHA1

      48df0911f0484cbe2a8cdd5362140b63c41ee457

    • SHA256

      3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca

    • SHA512

      c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9

    • SSDEEP

      192:1enY0LWelt70elWjvfstJcVtwtYbjnIOg5AaDnbC7ypXhtIj:18PJlt70esj0Mt9vn6ay6

    Score
    3/10
    discovery
    behavioral3

    • Target

      $PLUGINSDIR/UAC.dll

    • Size

      14KB

    • MD5

      adb29e6b186daa765dc750128649b63d

    • SHA1

      160cbdc4cb0ac2c142d361df138c537aa7e708c9

    • SHA256

      2f7f8fc05dc4fd0d5cda501b47e4433357e887bbfed7292c028d99c73b52dc08

    • SHA512

      b28adcccf0c33660fecd6f95f28f11f793dc9988582187617b4c113fb4e6fdad4cf7694cd8c0300a477e63536456894d119741a940dda09b7df3ff0087a7eada

    • SSDEEP

      192:DiF6v2imI36Op/tGZGfWxdyWHD0I53vLl7WVl8e04IpDlPjs:DGVY6ClGoWxXH75T1WVl83lLs

    Score
    3/10
    discovery
    behavioral4

    • Target

      $PLUGINSDIR/WinShell.dll

    • Size

      3KB

    • MD5

      1cc7c37b7e0c8cd8bf04b6cc283e1e56

    • SHA1

      0b9519763be6625bd5abce175dcc59c96d100d4c

    • SHA256

      9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6

    • SHA512

      7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f

    Score
    3/10
    discovery
    behavioral5

    • Target

      resources/builtin-plugins/tabby-terminal/src/features/pathDrop.ts

    • Size

      1KB

    • MD5

      5751ec7f5c65f783128cb4fd04adb29f

    • SHA1

      07171818906476b018ce41e2edf0db6532a939e4

    • SHA256

      ce55d39254be35cbe4cdff4163a2a2ef1464c65bf9c3e01bbfea105ea17a4dd3

    • SHA512

      ab0a720da68560380d095d2d58421fb38e54ac632be0f49efe5249e5aa3adb0c00c4a3be4faf8dd585100ea6ea1dfc92d2badb43c77115f2ff183f5aff76c316

    Score
    3/10
    execution
    behavioral6

    • Target

      resources/builtin-plugins/tabby-terminal/src/features/zmodem.ts

    • Size

      8KB

    • MD5

      d15237b8edc599792d313a0cc1a3aa8b

    • SHA1

      42d72f852b0925c387ce81f2a0f8b6812eb57389

    • SHA256

      c9e493e39b0ed45bb726083efb3675200686dc87b3302f7b57faa389cd67413c

    • SHA512

      7f8b2f8e7aed7fafec1376ae8f49732de965a363dfab3e627c4f4f3d6cbaf1af7cc8b4f3713bced7d82c752250f2ab474d0dfebca9e4b63fc66dcdf1221a0b3f

    • SSDEEP

      192:6luVYvbNv4L/ZgDXG8gkLYhIK5zngbQxWGlD6TGY:6lu0+L/+dkMi+TGY

    Score
    3/10
    execution
    behavioral7

    • Target

      resources/builtin-plugins/tabby-terminal/src/frontends/xtermFrontend.ts

    • Size

      18KB

    • MD5

      dd1cf53448635c299a2c683931c6da50

    • SHA1

      99bacadd36709224b6d22c5120379a0ef0bb7cea

    • SHA256

      64f93a3d17694dcc767725c3803d3a36a1025a089eeb95eade9feb526720094a

    • SHA512

      9c303487b5fbe0719bc842a2ea4016126e48ac74dfaf30864ca350bad402d0c8743ba74d68977310196b52f217979876c562116946d88aff4c36f7bf678e490a

    • SSDEEP

      384:hZ7rv7CXLWXGsUrxEtRkq2ej5/KXuCO+ZJ5432BX9lOme:L3DCNK2gd

    Score
    3/10
    execution
    behavioral8

    • Target

      resources/builtin-plugins/tabby-terminal/src/middleware/loginScriptProcessing.ts

    • Size

      2KB

    • MD5

      208ec31e4164570ddd263c90550aca3b

    • SHA1

      88dc615576776363ab6f842032f0418828f046ad

    • SHA256

      c1448f4b2b2090c74d275d81b8e73c564c5ea5718f54afc8dc32957f2f382b5c

    • SHA512

      73f31b85e80377210708ee3fa54475a81ac9d84944c3ac00051c5f8c1d4497cd60eaede19a18babdfda86d905e546439b49ebe8237d1a8802dda939f855d7f99

    Score
    3/10
    execution
    behavioral9

    • Target

      resources/builtin-plugins/tabby-terminal/src/middleware/oscProcessing.ts

    • Size

      2KB

    • MD5

      bd40fc5f05569ec9dc57f68235c20fb9

    • SHA1

      c520ac5134ee02adfd56796c4466d06b52b29494

    • SHA256

      accf04d2f68201a01c89be6280f1245fbb603226f7ef2299b6f57613cf80772d

    • SHA512

      f102ac67b1f7426c149d003c5c0d444b20764af82ba62bae90a61112eb115668fb1cc82ca1e5d714f5b6e29d66ec515d34cc346c57bae6d5ae64af8c2f148d65

    Score
    3/10
    execution
    behavioral10

    • Target

      resources/builtin-plugins/tabby-terminal/src/services/multifocus.service.ts

    • Size

      3KB

    • MD5

      765ea26233407d5b2c8b7cd20e202879

    • SHA1

      57e9dd93d5976040e071634823a8d263e2f71aa2

    • SHA256

      04c7718d39c19acd3eaf9effcf34af46f0558968448404a91b383925c131782a

    • SHA512

      a9063ab279d9a8e4521ca3e74fbe5aceff93ec5a8dbedd03c08c5a1607ebcef0a6205c4bba32bff9bcd1e56484f2c5db740219c459728deaa6cd535532b431c4

    Score
    3/10
    execution
    behavioral11

    • Target

      resources/builtin-plugins/tabby-terminal/src/tabContextMenu.ts

    • Size

      7KB

    • MD5

      8aa9c0f47a13e2476ef61ad6cbe20dd5

    • SHA1

      8bd357a39abed5b874b87c79f09c12ad4e99e7b7

    • SHA256

      237246178594839d794b7c80743e26a10aed3ef51aaa58d3c484e71fd103a6a4

    • SHA512

      113d2d66a434a071890d70ee551ac28de52ba06c6aa111f03aeb8a3f11acda0b7df67f6c2148d33ace921aba67695fb46d6f7e321114c2144c9a7296f5c48b03

    • SSDEEP

      192:0zGeg2mzuTDornxLhDnQBkMYHGOMMpvxj6EbE:pPz+EnNhDQUMMXrE

    Score
    3/10
    execution
    behavioral12

    • Target

      resources/elevate.exe

    • Size

      124KB

    • MD5

      4ad165cad86f4a4fa5a633dd7367f01f

    • SHA1

      473b3f19e9fc2d8ebb6d75cbcc46112ebf5b2817

    • SHA256

      1e9b9e17c13297e32f27fb5244b48e85f7c2932ed88cc1fd45da2a065cbe31c1

    • SHA512

      d2416e54bd28218e828b9ad24ef316ae08d4f70776c6e20245298346ba7126c3b461cf6fa31cf43cd5d141a0a41a5499499967f90ad1fd00958659bd9fdb96f7

    • SSDEEP

      3072:WZbLnrwQoRDtdMMgSXiFJWcIgUVCfRjV/GrWlO6NemwF:mPrwRhte1XsE1lu

    Score
    3/10
    discovery
    behavioral13

    • Target

      resources/extras/UAC.exe

    • Size

      49KB

    • MD5

      f0bcd47e9b7d6d95cfc433ebfd4da5ed

    • SHA1

      c2856b8c5ba1c5535ba589dee0d6ade747ea6e11

    • SHA256

      b762bc397966a3c2cd431db8716d6c161f22e2228a90508fd659c9f10ac46b0e

    • SHA512

      b8c4533046b2480baf2049cc354a4a12e293bc386c9bad9151329cc177c7a50bb5482c587123a4ae66c373f297ab036c8dbffdf3f3b457a1a00accb861368a71

    • SSDEEP

      768:Vi7+7A/h70Lp3sXaiXU9WBb1sYUGZEpYinAMxOYBGbYigYBG5KEFiRbiq:PpgKabVUGi7HxVGb7DGceiVP

    Score
    1/10
    behavioral14

    • Target

      resources/extras/clink/clink.bat

    • Size

      1KB

    • MD5

      92f56a4f5897f221b6eee82cd60c5eff

    • SHA1

      c9c89a5904b621befd4b16e9741af5010e52c322

    • SHA256

      acc35e35933c5388616a37750a77308dc9ea04118b9f3b9dbeeb88e795183d8f

    • SHA512

      7c3586332602ad3834b3727aab033c622546ce2a3392160d9b430182a8e467bc7185e13e695fea3a1c385ee5d06394426cdc2bad63b5319b18f1479009f55444

    Score
    8/10
    discoveryexecution

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

      execution

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral15

    • Target

      resources/extras/clink/clink_dll_x64.dll

    • Size

      1.8MB

    • MD5

      4ffaa31f19440b338e62ac46e5810bc3

    • SHA1

      c4491fff894f40c65ed04cd7c9c43635ef0f44a3

    • SHA256

      fdef73d692e2e181075bf43a05cd7ebe551f6b1be31f4d471ff709f83a549612

    • SHA512

      f917d8a90e86f9542e56e8c80cda7362bb3fefdbbb7a094f5a518b35a74bb1394f5e7dfbc8a928a8de7a0bc7b40d4d5e9ce7192d1207dc287c18305e8b2c7aae

    • SSDEEP

      49152:yHsyyrXGHoq8HO2AKxBwpOkyb6PrIhcffMraYa:rxrXqoqWS1ffM

    Score
    1/10
    behavioral16

    • Target

      resources/extras/clink/clink_dll_x86.dll

    • Size

      1.4MB

    • MD5

      61333c309bd818a19f686c6871700bb2

    • SHA1

      c3ebb1ed3a178ecd866059afa5bf7c069765877a

    • SHA256

      2beb5aee0f570e28886ab99ebe7b0e8676300859c828d14af78debd8ad5b3235

    • SHA512

      1747971db0d885ece9994ca262eaeb54fbed9fadbfea95224119c568c7b6adc786f832aa293b908e9c5f383415a0beb209052c0fd99f4fdaa2e8fe0b3d287508

    • SSDEEP

      24576:IY9jGPXSC7NbyQDX5CXRUHlcf9oGvc0zB1J/Y00PErwq95CMqEfV3Vke9zjAP:K97g6SbS0cuw/AFn9zkP

    Score
    3/10
    discovery
    behavioral17

    • Target

      resources/extras/clink/clink_inputrc_base

    • Size

      2KB

    • MD5

      e1f0f9220288bd4615b51c812fecf6bf

    • SHA1

      c3fbe7e26cffa1d947d2484c7df9a98565661cbe

    • SHA256

      1f8ed9e3aebf192bc194b334a88d3e04f12b1aefb7c26e64ebb8178d0306fbdf

    • SHA512

      1d0f97d9e6d380b43ff06e4e1a020d2be4606a30ccee74f9b5e23dbd03176f6cd955aa6e668fe8c17e5bb4a3c9eb48a1220622bfe939774e479839b91915b12c

    Score
    1/10
    behavioral18

    • Target

      resources/extras/clink/clink_x64.exe

    • Size

      23KB

    • MD5

      a1aff42bd3261c9947647e9566883e9c

    • SHA1

      0bdc65304ca61318a1d90c078882cfa38afd229b

    • SHA256

      e9a1c35b9a7f8ee5c31a3abd90c800a1adf6e8538c40e5da5856019c00f266ba

    • SHA512

      f51aaeb216bd60ad1b18075a490374a6bb74ffba622f70ede63b51129f7719f08c3eb286b50be3bf99a086459143b53ed1cf4196ca434b711e942dc87a7030ab

    • SSDEEP

      384:QTmI6Nyb8E9VF6IYinAM+oOZyByVWo1HrqZIYigZyByVW4GoGCJEF8ZpH9yEq:xEpYinAMxOYBGfHrzYigYBGPEFiRtq

    Score
    1/10
    behavioral19

    • Target

      resources/extras/clink/clink_x86.exe

    • Size

      23KB

    • MD5

      dd8e363710eb8615ac34c09b8b95c144

    • SHA1

      e8c5fe954346c7bd8f883be87314838c9e5168a6

    • SHA256

      2f88935242784e170bf608947e75f1b5faed2700904e322f7ac02cb4afb6e84f

    • SHA512

      22456ee1c0876006ffd53af59adbf207c1fa0b75403ea57b1ad4d0fb63ae6311bd629d68bccf2dab630171e60f727791143b1a3d88517f5d588f67f4e04d77b4

    • SSDEEP

      384:WHsM4JNyb8E9VF6IYinAM+oOZyByVexMkWOEYIYigZyByVbWiRGoGCJEF8ZpHZlR:vEpYinAMxOYBGyFUBYigYBGqgEFiRzlb

    Score
    3/10
    discovery
    behavioral20

    • Target

      vk_swiftshader.dll

    • Size

      4.9MB

    • MD5

      3c78e71193c43c099df7bf5bded041ec

    • SHA1

      f34f1e838b84e411b0804972fb10257a6b9835c1

    • SHA256

      168e9a9d33b084a9a92071b36c2cf22717618003e2f544880af0088d830e2a56

    • SHA512

      2e1fae9d9f1b632e2a099ad08418e5d6f9bb34f3d2c5cf10130c8b6421039b4e27a691d8d07dbfb8fb6e66afd6b8364f82812e23dbc1532c766a166835bd9277

    • SSDEEP

      49152:u6h3a0f1ABi1jP9LoS8lne0Zv8EgHI7JXYN3bgFNmEgMYmz2qA0Mr7wsVUsNCOze:/h3aMXoSHfPwksHldLiuNr

    Score
    1/10
    behavioral21

    • Target

      vulkan-1.dll

    • Size

      931KB

    • MD5

      b37a780ca3127da1f4c5963213e13550

    • SHA1

      fd60b2822445daeb3848ba57a8044b6259c106f8

    • SHA256

      f9a8d5f4a00d4b09e56a3aec27e5d3efaae25646a05096b7af2bf5b85fd93412

    • SHA512

      d81b04b8bc09dfd03a866c11e36624fb69f253fc9fe7b69bc4bb8b6d4353fb919ce56949dd887dd834aba43925c45ed147bc10801897663fc5fc1dffb276ea94

    • SSDEEP

      24576:KYWOq/4Kt/Ku8n387ecbFb6Z5WoDYsHY6g3P0zAk7sr:KY65/M387R56Z5WoDYsHY6g3P0zAk7s

    Score
    1/10
    behavioral22

    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      9KB

    • MD5

      466179e1c8ee8a1ff5e4427dbb6c4a01

    • SHA1

      eb607467009074278e4bd50c7eab400e95ae48f7

    • SHA256

      1e40211af65923c2f4fd02ce021458a7745d28e2f383835e3015e96575632172

    • SHA512

      7508a29c722d45297bfb090c8eb49bd1560ef7d4b35413f16a8aed62d3b1030a93d001a09de98c2b9fea9acf062dc99a7278786f4ece222e7436b261d14ca817

    • SSDEEP

      192:olsHeylO012En8pqHtcE0PuAgkOyvIFc:oATI0d8pUP0WAgkBvIFc

    Score
    3/10
    discovery
    behavioral23

    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      6KB

    • MD5

      ec0504e6b8a11d5aad43b296beeb84b2

    • SHA1

      91b5ce085130c8c7194d66b2439ec9e1c206497c

    • SHA256

      5d9ceb1ce5f35aea5f9e5a0c0edeeec04dfefe0c77890c80c70e98209b58b962

    • SHA512

      3f918f1b47e8a919cbe51eb17dc30acc8cfc18e743a1bae5b787d0db7d26038dc1210be98bf5ba3be8d6ed896dbbd7ac3d13e66454a98b2a38c7e69dad30bb57

    • SSDEEP

      96:YjHFiKaoggCtJzTlKXb0tbo68qD853Ns7GgmkNq3m+s:JbogRtJzTlNR8qD85uGgmkNr

    Score
    3/10
    discovery
    behavioral24

    • Target

      $PLUGINSDIR/nsis7z.dll

    • Size

      424KB

    • MD5

      80e44ce4895304c6a3a831310fbf8cd0

    • SHA1

      36bd49ae21c460be5753a904b4501f1abca53508

    • SHA256

      b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592

    • SHA512

      c8ba7b1f9113ead23e993e74a48c4427ae3562c1f6d9910b2bbe6806c9107cf7d94bc7d204613e4743d0cd869e00dafd4fb54aad1e8adb69c553f3b9e5bc64df

    • SSDEEP

      6144:aUWQQ5O3fz0NG3ucDaEUTWfk+ZA0NrCL/k+uyoyBOX1okfW7w+Pfzqibckl:an5QEG39fPAkrE4yrBOXDfaNbck

    Score
    3/10
    discovery
    behavioral25

    • Target

      $R0/Uninstall Tabby.exe

    • Size

      533KB

    • MD5

      3308d4dcd71297e960cbd2a402bcff74

    • SHA1

      727a71fd553d15060050b74cd93467e7ab02da62

    • SHA256

      c1b4322581ef991f78ada0e6fe1e0940169110efdba2a02311bfe9ee4bfe5937

    • SHA512

      71c5985c9746f343366bc54b00a8144c7186ae0cddade1b70b7652a2d0775994a69b8870da5cad36f5eb014759cf0dc15ddaad348b28506a77330f6f45e47479

    • SSDEEP

      3072:kn77v00hEoDEtautf+NBCW/iFJAQVUp93kLpz4/tv27X1EMdlCOElQ/HlbVQS5Yu:k740I3jBqRoIobLMr2Ua8T2t0EyL+yaD

    Score
    4/10
    discovery
    behavioral26

    • Target

      $PLUGINSDIR/StdUtils.dll

    • Size

      100KB

    • MD5

      c6a6e03f77c313b267498515488c5740

    • SHA1

      3d49fc2784b9450962ed6b82b46e9c3c957d7c15

    • SHA256

      b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e

    • SHA512

      9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803

    • SSDEEP

      3072:WNuZmJ9TDP3ahD2TF7Rq9cJNPhF9vyHf:WNuZ81zaAFHhF9v

    Score
    3/10
    discovery
    behavioral27

    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      0d7ad4f45dc6f5aa87f606d0331c6901

    • SHA1

      48df0911f0484cbe2a8cdd5362140b63c41ee457

    • SHA256

      3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca

    • SHA512

      c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9

    • SSDEEP

      192:1enY0LWelt70elWjvfstJcVtwtYbjnIOg5AaDnbC7ypXhtIj:18PJlt70esj0Mt9vn6ay6

    Score
    3/10
    discovery
    behavioral28

    • Target

      $PLUGINSDIR/UAC.dll

    • Size

      14KB

    • MD5

      adb29e6b186daa765dc750128649b63d

    • SHA1

      160cbdc4cb0ac2c142d361df138c537aa7e708c9

    • SHA256

      2f7f8fc05dc4fd0d5cda501b47e4433357e887bbfed7292c028d99c73b52dc08

    • SHA512

      b28adcccf0c33660fecd6f95f28f11f793dc9988582187617b4c113fb4e6fdad4cf7694cd8c0300a477e63536456894d119741a940dda09b7df3ff0087a7eada

    • SSDEEP

      192:DiF6v2imI36Op/tGZGfWxdyWHD0I53vLl7WVl8e04IpDlPjs:DGVY6ClGoWxXH75T1WVl83lLs

    Score
    3/10
    discovery
    behavioral29

    • Target

      $PLUGINSDIR/WinShell.dll

    • Size

      3KB

    • MD5

      1cc7c37b7e0c8cd8bf04b6cc283e1e56

    • SHA1

      0b9519763be6625bd5abce175dcc59c96d100d4c

    • SHA256

      9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6

    • SHA512

      7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f

    Score
    3/10
    discovery
    behavioral30

    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      9KB

    • MD5

      466179e1c8ee8a1ff5e4427dbb6c4a01

    • SHA1

      eb607467009074278e4bd50c7eab400e95ae48f7

    • SHA256

      1e40211af65923c2f4fd02ce021458a7745d28e2f383835e3015e96575632172

    • SHA512

      7508a29c722d45297bfb090c8eb49bd1560ef7d4b35413f16a8aed62d3b1030a93d001a09de98c2b9fea9acf062dc99a7278786f4ece222e7436b261d14ca817

    • SSDEEP

      192:olsHeylO012En8pqHtcE0PuAgkOyvIFc:oATI0d8pUP0WAgkBvIFc

    Score
    3/10
    discovery
    behavioral31

    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      6KB

    • MD5

      ec0504e6b8a11d5aad43b296beeb84b2

    • SHA1

      91b5ce085130c8c7194d66b2439ec9e1c206497c

    • SHA256

      5d9ceb1ce5f35aea5f9e5a0c0edeeec04dfefe0c77890c80c70e98209b58b962

    • SHA512

      3f918f1b47e8a919cbe51eb17dc30acc8cfc18e743a1bae5b787d0db7d26038dc1210be98bf5ba3be8d6ed896dbbd7ac3d13e66454a98b2a38c7e69dad30bb57

    • SSDEEP

      96:YjHFiKaoggCtJzTlKXb0tbo68qD853Ns7GgmkNq3m+s:JbogRtJzTlNR8qD85uGgmkNr

    Score
    3/10
    discovery
    behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

discovery
Score
5/10

behavioral2

discovery
Score
3/10

behavioral3

discovery
Score
3/10

behavioral4

discovery
Score
3/10

behavioral5

discovery
Score
3/10

behavioral6

execution
Score
3/10

behavioral7

execution
Score
3/10

behavioral8

execution
Score
3/10

behavioral9

execution
Score
3/10

behavioral10

execution
Score
3/10

behavioral11

execution
Score
3/10

behavioral12

execution
Score
3/10

behavioral13

discovery
Score
3/10

behavioral14

Score
1/10

behavioral15

discoveryexecution
Score
8/10

behavioral16

Score
1/10

behavioral17

discovery
Score
3/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

discovery
Score
3/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

discovery
Score
3/10

behavioral24

discovery
Score
3/10

behavioral25

discovery
Score
3/10

behavioral26

discovery
Score
4/10

behavioral27

discovery
Score
3/10

behavioral28

discovery
Score
3/10

behavioral29

discovery
Score
3/10

behavioral30

discovery
Score
3/10

behavioral31

discovery
Score
3/10

behavioral32

discovery
Score
3/10