Resubmissions

20-09-2024 04:14

240920-etxbdaydlk 10

20-09-2024 04:08

240920-eqd1maxgld 10

Errors

Reason
expected element type <jnlp> but have <jnlp-file>
Reason
expected element type <jnlp> but have <jnlp-file>
Reason
expected element type <jnlp> but have <jnlp-file>
Reason
expected element type <jnlp> but have <jnlp-file>
Reason
expected element type <jnlp> but have <jnlp-file>
Reason
expected element type <jnlp> but have <jnlp-file>
Reason
expected element type <jnlp> but have <jnlp-fil>
Reason
expected element type <jnlp> but have <jnlp-file>
Reason
expected element type <jnlp> but have <jnlp-file>
Reason
expected element type <jnlp> but have <jnlp-file>

General

  • Target

    stealer.zip

  • Size

    79.2MB

  • MD5

    ddfe5476065a6da0f3d3821d208db197

  • SHA1

    17712c07a1b3ba88e1ac0d08d44178831a14cc4a

  • SHA256

    f86ce218315cc11d333b8e13a9c63a04a99dc398c87e776cb0f365c96521d263

  • SHA512

    386a92344c68e049d2d7e5f43e56751a33d43448331240ff6553aef6d74d528fd54cffea5002d6bc1b516b3b4a76eb0a6e1f23805968341b9bd7fc2be1bde44c

  • SSDEEP

    1572864:nnu0SOpz132CjTrqHIOy/e5pxh1hXMg6Yfn2D2ixfQBLhxSNNAKbZvTJw58:u0Tpzh2PoN/eL1dM6ve8oF1vTJw58

Score
10/10

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1255446681881935924/gRYfgvy5PUJSvSEKVIBTwClcrDYNNTYWbdq4ABW28G1MgE8sEIvS9WFO0VdZkLKmw4gc

Signatures

  • Detect Umbral payload 2 IoCs
  • Umbral family
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • stealer.zip
    .zip

    Password: sxfasweafqwfqwfqwfqwf

  • stealer/ElectrickLauncher.exe
    .exe windows:4 windows x86 arch:x86

    Password: sxfasweafqwfqwfqwfqwf

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • stealer/Uninstall.dat
  • stealer/Uninstall_lang.ifl
  • stealer/Unistall.exe
    .exe windows:4 windows x86 arch:x86

    Password: sxfasweafqwfqwfqwfqwf

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • stealer/icon.ico
  • stealer/jre/bin/JAWTAccessBridge-64.dll
    .dll windows:6 windows x64 arch:x64

    Password: sxfasweafqwfqwfqwfqwf

    1aa7720022b1e8d1b04fe4fef801de50


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/JavaAccessBridge-64.dll
    .dll windows:6 windows x64 arch:x64

    Password: sxfasweafqwfqwfqwfqwf

    fc32fdd7e3b34f3ab5a44cfe84cbbd99


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/WindowsAccessBridge-64.dll
    .dll windows:6 windows x64 arch:x64

    Password: sxfasweafqwfqwfqwfqwf

    b83baad15bb1fb78175b8a66002e6d7c


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-core-console-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64

    Password: sxfasweafqwfqwfqwfqwf


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-core-console-l1-2-0.dll
    .dll windows:10 windows x64 arch:x64

    Password: sxfasweafqwfqwfqwfqwf


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-core-datetime-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64

    Password: sxfasweafqwfqwfqwfqwf


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-core-debug-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-core-errorhandling-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-core-file-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-core-file-l1-2-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-core-file-l2-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-core-handle-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-core-heap-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-core-interlocked-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-core-libraryloader-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-core-localization-l1-2-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-core-memory-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-core-namedpipe-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-core-processenvironment-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-core-processthreads-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-core-processthreads-l1-1-1.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-core-profile-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-core-rtlsupport-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-core-string-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-core-synch-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-core-synch-l1-2-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-core-sysinfo-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-core-timezone-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-core-util-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-crt-conio-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-crt-convert-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-crt-environment-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-crt-filesystem-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-crt-heap-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-crt-locale-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-crt-math-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-crt-multibyte-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-crt-private-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-crt-process-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-crt-runtime-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-crt-stdio-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-crt-string-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-crt-time-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/api-ms-win-crt-utility-l1-1-0.dll
    .dll windows:10 windows x64 arch:x64


    Code Sign

    Headers

    Exports

    Sections

  • stealer/jre/bin/awt.dll
    .dll windows:6 windows x64 arch:x64

    82333405c5f724aeed744d9fb9309e81


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/bci.dll
    .dll windows:6 windows x64 arch:x64

    a15442fd9b08a917d9985ea7a4d95fd3


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/dcpr.dll
    .dll windows:6 windows x64 arch:x64

    85f7fdc60d48531a7f0aeebf096b5176


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/decora_sse.dll
    .dll windows:6 windows x64 arch:x64

    05fd06a3c65dd8bdcac124ae4f8b967a


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/deploy.dll
    .dll windows:6 windows x64 arch:x64

    244cd6230f76bd795e34ed75649b7888


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/dt_shmem.dll
    .dll windows:6 windows x64 arch:x64

    a6030c7e1f1d030e1b27153c1c018ed6


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/dt_socket.dll
    .dll windows:6 windows x64 arch:x64

    d2f4cf1fa279f19d544d0d11c8d8522c


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/dtplugin/deployJava1.dll
    .dll regsvr32 windows:6 windows x64 arch:x64

    21ecd6aa653ee91e079fc5ee854f2ff6


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/dtplugin/npdeployJava1.dll
    .dll windows:6 windows x64 arch:x64

    9fabea99f942ed0b0bd286a45888f70f


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/eula.dll
    .dll windows:6 windows x64 arch:x64

    4b66c3ffc1ca1155671482408889825d


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/fontmanager.dll
    .dll windows:6 windows x64 arch:x64

    48e217a4065423379d47561a83c1a372


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/fxplugins.dll
    .dll windows:6 windows x64 arch:x64

    d12b402ed39e0c9c0c5a5b0361a1a0a2


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/glass.dll
    .dll windows:6 windows x64 arch:x64

    ae4606c81380c3706cd8c85bdb15ba09


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/glib-lite.dll
    .dll windows:6 windows x64 arch:x64

    8cbc8ae9994f5c53b35718b26f7ed1e2


    Code Sign

    Headers

    Imports

    Sections

  • stealer/jre/bin/gstreamer-lite.dll
    .dll windows:6 windows x64 arch:x64

    8e9621e6e5eaef19ba1380fccbef0286


    Code Sign

    Headers

    Imports

    Sections

  • stealer/jre/bin/hprof.dll
    .dll windows:6 windows x64 arch:x64

    c87a7e6db7bdc9cf16a6aa770406819b


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/instrument.dll
    .dll windows:6 windows x64 arch:x64

    74f8db1f11dc074555ed5d3758ab5b6a


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/j2gss.dll
    .dll windows:6 windows x64 arch:x64

    421a912a40bf5832cee362810950424d


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/j2pcsc.dll
    .dll windows:6 windows x64 arch:x64

    22a85fd91a72806f7178eb144fdabd30


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/j2pkcs11.dll
    .dll windows:6 windows x64 arch:x64

    7eeccf1ed1c7423bb7d9437d91a970d6


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/jaas_nt.dll
    .dll windows:6 windows x64 arch:x64

    77bd3a99ee4735625cea8d4781b977ee


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/jabswitch.exe
    .exe windows:6 windows x64 arch:x64

    70a6871a2d4adec7c9027cfb0ef587f8


    Code Sign

    Headers

    Imports

    Sections

  • stealer/jre/bin/java-rmi.exe
    .exe windows:6 windows x64 arch:x64

    f53274be29838ade881227180f507b96


    Code Sign

    Headers

    Imports

    Sections

  • stealer/jre/bin/java.dll
    .dll windows:6 windows x64 arch:x64

    873f8083f7acb755b77e85f6825e7fe8


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/java.exe
    .exe windows:6 windows x64 arch:x64

    0dd8c969225240b401bce3fa273e6ea9


    Code Sign

    Headers

    Imports

    Sections

  • stealer/jre/bin/java_crw_demo.dll
    .dll windows:6 windows x64 arch:x64

    ef19dd152f914d7efca9f5dd8f772274


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/javacpl.cpl
    .dll windows:6 windows x64 arch:x64

    d849b84b13132431bf151e8f7aeaa92a


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/javacpl.exe
    .exe windows:6 windows x64 arch:x64

    7188048f0f430888b100e5693b013d6f


    Code Sign

    Headers

    Imports

    Sections

  • stealer/jre/bin/javafx_font.dll
    .dll windows:6 windows x64 arch:x64

    b790bd30141ee6ebe32282b5db246e9e


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/javafx_iio.dll
    .dll windows:6 windows x64 arch:x64

    34e2a2fe70249b958d136b7e685c4682


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/javaw.exe
    .exe windows:6 windows x64 arch:x64

    9934b30ed7d67bc852ef81822bcae123


    Code Sign

    Headers

    Imports

    Sections

  • stealer/jre/bin/javaws.exe
    .exe windows:6 windows x64 arch:x64

    21dd6543e57de3117875fbe5eecdd067


    Code Sign

    Headers

    Imports

    Sections

  • stealer/jre/bin/jawt.dll
    .dll windows:6 windows x64 arch:x64

    3cf1078eff796e6bfa9edc8b80ccdee6


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/jdwp.dll
    .dll windows:6 windows x64 arch:x64

    d3a27ac0d6833621cb585c1ee0d7f950


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/jfr.dll
    .dll windows:6 windows x64 arch:x64

    d275b52d7f26663ba2fa32d48fcbc7d3


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/jfxmedia.dll
    .dll windows:6 windows x64 arch:x64

    39068f3eb74377d7c1811441a647a29c


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/jfxwebkit.dll
    .dll windows:6 windows x64 arch:x64

    cac1a9701e665d88df6e2a08881d3074


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/jjs.exe
    .exe windows:6 windows x64 arch:x64

    f53274be29838ade881227180f507b96


    Code Sign

    Headers

    Imports

    Sections

  • stealer/jre/bin/jli.dll
    .dll windows:6 windows x64 arch:x64

    e038cc284ad535ff71b34c12393164a4


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/jp2iexp.dll
    .dll regsvr32 windows:6 windows x64 arch:x64

    49dc38eb59f530721d058b14637be4ab


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/jp2launcher.exe
    .exe windows:6 windows x64 arch:x64

    3c7c13da4d0dcb373312da5e47e7e835


    Code Sign

    Headers

    Imports

    Sections

  • stealer/jre/bin/jp2native.dll
    .dll windows:6 windows x64 arch:x64

    847041bb9a6822e45236e513e5dd38b8


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/jp2ssv.dll
    .dll regsvr32 windows:6 windows x64 arch:x64

    ee4f6e4373f0951c2130939ce63d57e6


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/jpeg.dll
    .dll windows:6 windows x64 arch:x64

    4508c0b595d80ebd242a1534b099fe8c


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/jsdt.dll
    .dll windows:6 windows x64 arch:x64

    9f61f392aaf049d61ac378c489c0f473


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/jsound.dll
    .dll windows:6 windows x64 arch:x64

    62a04b477fccac0d3307692729e4cb91


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/jsoundds.dll
    .dll windows:6 windows x64 arch:x64

    bb5578bd38a767ba5f0a84fe57309be2


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/keytool.exe
    .exe windows:6 windows x64 arch:x64

    f53274be29838ade881227180f507b96


    Code Sign

    Headers

    Imports

    Sections

  • stealer/jre/bin/kinit.exe
    .exe windows:6 windows x64 arch:x64

    f53274be29838ade881227180f507b96


    Code Sign

    Headers

    Imports

    Sections

  • stealer/jre/bin/klist.exe
    .exe windows:6 windows x64 arch:x64

    f53274be29838ade881227180f507b96


    Code Sign

    Headers

    Imports

    Sections

  • stealer/jre/bin/ktab.exe
    .exe windows:6 windows x64 arch:x64

    f53274be29838ade881227180f507b96


    Code Sign

    Headers

    Imports

    Sections

  • stealer/jre/bin/lcms.dll
    .dll windows:6 windows x64 arch:x64

    e8ea49d8048eddcde5884f55bf156d39


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/management.dll
    .dll windows:6 windows x64 arch:x64

    42a4ce52b8bd8f887f888fa752de9309


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/mlib_image.dll
    .dll windows:6 windows x64 arch:x64

    ed30577820b1534158591b1338772c3c


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/msvcp140.dll
    .dll windows:6 windows x64 arch:x64

    047aec27169fe21274a3b2f2f30606c0


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/msvcp140_1.dll
    .dll windows:6 windows x64 arch:x64

    20717227ccb65afbaea7feeb74196ea2


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/msvcp140_2.dll
    .dll windows:6 windows x64 arch:x64

    33a6d472f4cb98c50aafe47794f870fc


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/net.dll
    .dll windows:6 windows x64 arch:x64

    6ec32395f3786d11aab09b8fe34ae6b2


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/nio.dll
    .dll windows:6 windows x64 arch:x64

    1cb765c4d945dfc48e1dec9c4cb2c136


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/npt.dll
    .dll windows:6 windows x64 arch:x64

    95249e07686367d5c8f6280ca167d39d


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/orbd.exe
    .exe windows:6 windows x64 arch:x64

    f53274be29838ade881227180f507b96


    Code Sign

    Headers

    Imports

    Sections

  • stealer/jre/bin/pack200.exe
    .exe windows:6 windows x64 arch:x64

    f53274be29838ade881227180f507b96


    Code Sign

    Headers

    Imports

    Sections

  • stealer/jre/bin/plugin2/msvcp140.dll
    .dll windows:6 windows x64 arch:x64

    047aec27169fe21274a3b2f2f30606c0


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/plugin2/npjp2.dll
    .dll windows:6 windows x64 arch:x64

    290a95b6d4398bd4f8e5e1617742159c


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/plugin2/vcruntime140.dll
    .dll windows:6 windows x64 arch:x64

    7f07fd94e5bb907093556781cc464017


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/plugin2/vcruntime140_1.dll
    .dll windows:6 windows x64 arch:x64

    bf380ca954cbf10d1a4cef9ec18e46fd


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/policytool.exe
    .exe windows:6 windows x64 arch:x64

    f53274be29838ade881227180f507b96


    Code Sign

    Headers

    Imports

    Sections

  • stealer/jre/bin/prism_common.dll
    .dll windows:6 windows x64 arch:x64

    09d49104ca88cc807432c92158652879


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/prism_d3d.dll
    .dll windows:6 windows x64 arch:x64

    a5ec31ee477499f10294bd429015753f


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/prism_sw.dll
    .dll windows:6 windows x64 arch:x64

    072f7140db8daa63b9054de1b461a74b


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/resource.dll
    .dll windows:6 windows x64 arch:x64

    73815b3bf79b9125a513efbcf1a72412


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/rmid.exe
    .exe windows:6 windows x64 arch:x64

    f53274be29838ade881227180f507b96


    Code Sign

    Headers

    Imports

    Sections

  • stealer/jre/bin/rmiregistry.exe
    .exe windows:6 windows x64 arch:x64

    f53274be29838ade881227180f507b96


    Code Sign

    Headers

    Imports

    Sections

  • stealer/jre/bin/server/Xusage.txt
  • stealer/jre/bin/server/classes.jsa
  • stealer/jre/bin/server/jvm.dll
    .dll windows:6 windows x64 arch:x64

    4d07daf86f43b3eef435466cf3f8c156


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/servertool.exe
    .exe windows:6 windows x64 arch:x64

    f53274be29838ade881227180f507b96


    Code Sign

    Headers

    Imports

    Sections

  • stealer/jre/bin/splashscreen.dll
    .dll windows:6 windows x64 arch:x64

    6dc3530bfcb6cf341cd0aaf867bfd357


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/sspi_bridge.dll
    .dll windows:6 windows x64 arch:x64

    517da5bab6a35a6e078b8925cc258c9d


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/ssv.dll
    .dll regsvr32 windows:6 windows x64 arch:x64

    096190077ff9ca9e7517b55dfadcf17f


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/ssvagent.exe
    .exe windows:6 windows x64 arch:x64

    0ad991051a9a31c2b739b30ee2866f71


    Code Sign

    Headers

    Imports

    Sections

  • stealer/jre/bin/sunec.dll
    .dll windows:6 windows x64 arch:x64

    40d56b983847c38deceb2f55924a693b


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/sunmscapi.dll
    .dll windows:6 windows x64 arch:x64

    74a0ba9ef9d9c042460891a16f7bb8ef


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/t2k.dll
    .dll windows:6 windows x64 arch:x64

    1e1211f6994eef0da26970a306f9bf85


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/tnameserv.exe
    .exe windows:6 windows x64 arch:x64

    f53274be29838ade881227180f507b96


    Code Sign

    Headers

    Imports

    Sections

  • stealer/jre/bin/ucrtbase.dll
    .dll windows:10 windows x64 arch:x64

    405cde0fc80c30dcc3d783173dbd4143


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/unpack.dll
    .dll windows:6 windows x64 arch:x64

    0711bf3aa236da3995790291c4327aa3


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/unpack200.exe
    .exe windows:6 windows x64 arch:x64

    5d3c40826f92697b1778fdcd270e855c


    Code Sign

    Headers

    Imports

    Sections

  • stealer/jre/bin/vcruntime140.dll
    .dll windows:6 windows x64 arch:x64

    7f07fd94e5bb907093556781cc464017


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/vcruntime140_1.dll
    .dll windows:6 windows x64 arch:x64

    bf380ca954cbf10d1a4cef9ec18e46fd


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/verify.dll
    .dll windows:6 windows x64 arch:x64

    61ac4634df4e27c08c827fef82ccba81


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/w2k_lsa_auth.dll
    .dll windows:6 windows x64 arch:x64

    13c1b65d72cc6a389023142624a21ebd


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/wsdetect.dll
    .dll regsvr32 windows:6 windows x64 arch:x64

    09ae3250739b08ae4c9a58a974449d96


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/bin/zip.dll
    .dll windows:6 windows x64 arch:x64

    99063ff97d2012e5ad2a42c23b1af08a


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • stealer/jre/legal/javafx/directshow.md
  • stealer/jre/legal/javafx/glib.md
  • stealer/jre/legal/javafx/gstreamer.md
  • stealer/jre/legal/javafx/icu_web.md
  • stealer/jre/legal/javafx/jpeg_fx.md
  • stealer/jre/legal/javafx/libffi.md
  • stealer/jre/legal/javafx/libxml2.md
  • stealer/jre/legal/javafx/libxslt.md
  • stealer/jre/legal/javafx/mesa3d.md
  • stealer/jre/legal/javafx/public_suffix.md
  • stealer/jre/legal/javafx/webkit.md
  • stealer/jre/legal/jdk/asm.md
  • stealer/jre/legal/jdk/bcel.md
  • stealer/jre/legal/jdk/cldr.md
  • stealer/jre/legal/jdk/colorimaging.md
  • stealer/jre/legal/jdk/cryptix.md
  • stealer/jre/legal/jdk/dom.md
  • stealer/jre/legal/jdk/dynalink.md
  • stealer/jre/legal/jdk/ecc.md
  • stealer/jre/legal/jdk/freebxml.md
  • stealer/jre/legal/jdk/giflib.md
  • stealer/jre/legal/jdk/icu.md
  • stealer/jre/legal/jdk/jcup.md
  • stealer/jre/legal/jdk/joni.md
  • stealer/jre/legal/jdk/jopt-simple.md
  • stealer/jre/legal/jdk/jpeg.md
  • stealer/jre/legal/jdk/lcms.md
  • stealer/jre/legal/jdk/libpng.md
  • stealer/jre/legal/jdk/mesa3d.md
  • stealer/jre/legal/jdk/pkcs11cryptotoken.md
  • stealer/jre/legal/jdk/pkcs11wrapper.md
  • stealer/jre/legal/jdk/relaxngcc.md
  • stealer/jre/legal/jdk/relaxngdatatype.md
  • stealer/jre/legal/jdk/relaxngom.md
  • stealer/jre/legal/jdk/santuario.md
  • stealer/jre/legal/jdk/thaidict.md
  • stealer/jre/legal/jdk/unicode.md
  • stealer/jre/legal/jdk/xalan.md
  • stealer/jre/legal/jdk/xerces.md
  • stealer/jre/legal/jdk/xmlresolver.md
  • stealer/jre/legal/jdk/zlib.md
  • stealer/jre/lib/accessibility.properties
  • stealer/jre/lib/amd64/jvm.cfg
  • stealer/jre/lib/calendars.properties
  • stealer/jre/lib/charsets.jar
    .jar
  • stealer/jre/lib/classlist
  • stealer/jre/lib/cmm/CIEXYZ.pf
  • stealer/jre/lib/cmm/GRAY.pf
  • stealer/jre/lib/cmm/LINEAR_RGB.pf
  • stealer/jre/lib/cmm/PYCC.pf
  • stealer/jre/lib/cmm/sRGB.pf
  • stealer/jre/lib/content-types.properties
  • stealer/jre/lib/currency.data
  • stealer/jre/lib/deploy.jar
    .jar
  • stealer/jre/lib/deploy/ffjcext.zip
    .zip .js polyglot
  • stealer/jre/lib/deploy/messages.properties
    .jnlp
  • stealer/jre/lib/deploy/messages_de.properties
    .jnlp
  • stealer/jre/lib/deploy/messages_es.properties
  • stealer/jre/lib/deploy/messages_fr.properties
    .jnlp
  • stealer/jre/lib/deploy/messages_it.properties
  • stealer/jre/lib/deploy/messages_ja.properties
    .jnlp
  • stealer/jre/lib/deploy/messages_ko.properties
    .jnlp
  • stealer/jre/lib/deploy/messages_pt_BR.properties
    .jnlp
  • stealer/jre/lib/deploy/messages_sv.properties
    .jnlp
  • stealer/jre/lib/deploy/messages_zh_CN.properties
    .jnlp
  • stealer/jre/lib/deploy/messages_zh_HK.properties
    .jnlp
  • stealer/jre/lib/deploy/messages_zh_TW.properties
    .jnlp
  • stealer/jre/lib/deploy/splash.gif
    .gif
  • stealer/jre/lib/deploy/[email protected]
    .gif
  • stealer/jre/lib/deploy/splash_11-lic.gif
    .gif
  • stealer/jre/lib/deploy/[email protected]
    .gif
  • stealer/jre/lib/ext/access-bridge-64.jar
    .jar
  • stealer/jre/lib/ext/cldrdata.jar
    .jar
  • stealer/jre/lib/ext/dnsns.jar
    .jar
  • stealer/jre/lib/ext/jaccess.jar
    .jar
  • stealer/jre/lib/ext/jfxrt.jar
    .jar
  • stealer/jre/lib/ext/localedata.jar
    .jar
  • stealer/jre/lib/ext/meta-index
  • stealer/jre/lib/ext/nashorn.jar
    .jar
  • stealer/jre/lib/ext/sunec.jar
    .jar
  • stealer/jre/lib/ext/sunjce_provider.jar
    .jar
  • stealer/jre/lib/ext/sunmscapi.jar
    .jar
  • stealer/jre/lib/ext/sunpkcs11.jar
    .jar
  • stealer/jre/lib/ext/zipfs.jar
    .jar
  • stealer/jre/lib/flavormap.properties
  • stealer/jre/lib/fontconfig.bfc
  • stealer/jre/lib/fontconfig.properties.src
  • stealer/jre/lib/fonts/LucidaBrightDemiBold.ttf
  • stealer/jre/lib/fonts/LucidaBrightDemiItalic.ttf
  • stealer/jre/lib/fonts/LucidaBrightItalic.ttf
  • stealer/jre/lib/fonts/LucidaBrightRegular.ttf
  • stealer/jre/lib/fonts/LucidaSansDemiBold.ttf
  • stealer/jre/lib/fonts/LucidaSansRegular.ttf
  • stealer/jre/lib/fonts/LucidaTypewriterBold.ttf
  • stealer/jre/lib/fonts/LucidaTypewriterRegular.ttf
  • stealer/jre/lib/hijrah-config-umalqura.properties
  • stealer/jre/lib/images/cursors/cursors.properties
  • stealer/jre/lib/images/cursors/invalid32x32.gif
    .gif
  • stealer/jre/lib/images/cursors/win32_CopyDrop32x32.gif
    .gif
  • stealer/jre/lib/images/cursors/win32_CopyNoDrop32x32.gif
    .gif
  • stealer/jre/lib/images/cursors/win32_LinkDrop32x32.gif
    .gif
  • stealer/jre/lib/images/cursors/win32_LinkNoDrop32x32.gif
    .gif
  • stealer/jre/lib/images/cursors/win32_MoveDrop32x32.gif
    .gif
  • stealer/jre/lib/images/cursors/win32_MoveNoDrop32x32.gif
    .gif
  • stealer/jre/lib/javafx.properties
  • stealer/jre/lib/javaws.jar
    .jar
  • stealer/jre/lib/jce.jar
    .jar
  • stealer/jre/lib/jfr.jar
    .jar
  • stealer/jre/lib/jfr/default.jfc
    .xml
  • stealer/jre/lib/jfr/profile.jfc
    .xml
  • stealer/jre/lib/jfxswt.jar
    .jar
  • stealer/jre/lib/jsse.jar
    .jar
  • stealer/jre/lib/jvm.hprof.txt
  • stealer/jre/lib/logging.properties
  • stealer/jre/lib/management-agent.jar
    .jar
  • stealer/jre/lib/management/jmxremote.access
  • stealer/jre/lib/management/jmxremote.password.template
  • stealer/jre/lib/management/management.properties
  • stealer/jre/lib/management/snmp.acl.template
  • stealer/jre/lib/meta-index
  • stealer/jre/lib/net.properties
  • stealer/jre/lib/plugin.jar
    .jar
  • stealer/jre/lib/psfont.properties.ja
  • stealer/jre/lib/psfontj2d.properties
  • stealer/jre/lib/resources.jar
    .jar
  • stealer/jre/lib/rt.jar
    .jar
  • stealer/jre/lib/security/blacklist
  • stealer/jre/lib/security/blacklisted.certs
  • stealer/jre/lib/security/cacerts
  • stealer/jre/lib/security/java.policy
  • stealer/jre/lib/security/java.security
  • stealer/jre/lib/security/javaws.policy
  • stealer/jre/lib/security/policy/limited/US_export_policy.jar
    .jar
  • stealer/jre/lib/security/policy/limited/local_policy.jar
    .jar
  • stealer/jre/lib/security/policy/unlimited/US_export_policy.jar
    .jar
  • stealer/jre/lib/security/policy/unlimited/local_policy.jar
    .jar
  • stealer/jre/lib/security/public_suffix_list.dat
    .zip
  • stealer/jre/lib/sound.properties
  • stealer/jre/lib/tzdb.dat
  • stealer/jre/lib/tzmappings