Resubmissions

26-09-2024 06:42

240926-hgnp9ashkk 10

25-09-2024 16:40

240925-t6kwfayfph 10

General

  • Target

    7559e6ca8b77400f88bf4e67208a1c32570a670068eccae9e3d226cc5471bd47

  • Size

    6.3MB

  • MD5

    a2fc1e0d85da197a26203e22bdd1b5a2

  • SHA1

    4c2f2158f440347a0f722cd81eb806e28481b868

  • SHA256

    7559e6ca8b77400f88bf4e67208a1c32570a670068eccae9e3d226cc5471bd47

  • SHA512

    6781742683061f15e74d6a62b16102dde83cafe1aa6f349e1ecec305dd3a72ea043709a19ec435a749e506efb4d93e82ea5ee620bfe60024a5782550eb7f8745

  • SSDEEP

    196608:d98omomtNNy/aJF3Jf7KQrNIdaBtlCJNfx2944bl465o:d98omvMKZmQagtU0N465o

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

Low3n

C2

192.168.100.58:443

192.168.42.7:443

Mutex

e4c7f2e5b82fac0d624ab661f39b28fa

Attributes
  • reg_key

    e4c7f2e5b82fac0d624ab661f39b28fa

  • splitter

    |'|'|

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

127.0.0.1:1177

104.238.137.213:5552

192.168.89.1:1177

192.168.1.5:666

myhotkkk444.duckdns.org:4444

JohnRicardomilos-33746.portmap.io:1605

127.0.0.1:5552

192.168.56.1:5552

shytanoff.ddns.net:1177

127.0.0.1:2020

192.168.0.27:4444

shytangz12.ddns.net:1177

dalpzy.ddns.net:1085

updatesystemtool.ddns.net:1337

jhonjhon4842.ddns.net:1177

192.168.1.16:5552

fidapeste.duckdns.org:5552

harris974.ddns.net:4444

127.0.0.1:4789

bo6y1.hopto.org:1609

Mutex

aeeb7a2903c8c537463f288bcc5eed2e

Attributes
  • reg_key

    aeeb7a2903c8c537463f288bcc5eed2e

  • splitter

    |'|'|

Extracted

Family

asyncrat

Version

0.5.6A

Botnet

null

C2

127.0.0.1:9040

bomi.duckdns.org:8080

192.168.1.7:8080

jhonjhon4842.ddns.net:6606

jhonjhon4842.ddns.net:3389

denemeiso1.duckdns.org:5060

sam144169-56334.portmap.io:56334

sam144169-56334.portmap.io:5552

sam144169-56334.portmap.io:5050

webforma.chickenkiller.com:56334

webforma.chickenkiller.com:5552

webforma.chickenkiller.com:5050

webdata.ddns.net:56334

webdata.ddns.net:5552

webdata.ddns.net:5050

62.108.37.42:8808

noregisterdomain.zapto.org:9040

82.84.85.59:1608

number2.duckdns.org:6606

number2.duckdns.org:7707

Mutex

ertretythhrrthttrhth

Attributes
  • delay

    5

  • install

    false

  • install_folder

    %AppData%

aes.plain
aes.plain
aes.plain
aes.plain
aes.plain
aes.plain
aes.plain
aes.plain
aes.plain
aes.plain
aes.plain
aes.plain
aes.plain
aes.plain
aes.plain
aes.plain
aes.plain
aes.plain
aes.plain
aes.plain

Extracted

Family

darkcomet

Botnet

hacked

C2

sexystar.myq-see.com:5552

Mutex

DC_MUTEX-6BSXQXU

Attributes
  • InstallPath

    MSDCSC\msdcsc.exe

  • gencode

    1JlJEAuNqqm6

  • install

    true

  • offline_keylogger

    true

  • persistence

    false

  • reg_key

    MicroUpdate

Extracted

Family

darkcomet

Botnet

Mikel_04

C2

ventoclima.hopto.org:8678

Mutex

DC_MUTEX-J9C4X34

Attributes
  • InstallPath

    Temp\Taskmgrk.exe

  • gencode

    mn82vWE9luVq

  • install

    true

  • offline_keylogger

    true

  • password

    Mikel2019

  • persistence

    true

  • reg_key

    taskmgrk

Extracted

Family

darkcomet

Botnet

Mikel50

C2

ventoclima.hopto.org:58589

Mutex

DC_MUTEX-1M2MJNL

Attributes
  • InstallPath

    temp\taskmgrk.exe

  • gencode

    n7v7WtYPsejG

  • install

    true

  • offline_keylogger

    true

  • password

    Mikel2019

  • persistence

    false

  • reg_key

    taskmgrk

Extracted

Family

njrat

Version

Hallaj PRO Rat [Fixed]

Botnet

HacKed

C2

127.0.0.1:5552

Mutex

984559f52d4087243e95e5ad9bb48e8d

Attributes
  • reg_key

    984559f52d4087243e95e5ad9bb48e8d

  • splitter

    boolLove

Extracted

Family

asyncrat

Version

0.5.5A

Botnet

null

C2

192.168.1.9:8080

Mutex

jsdmhpiwkzhk

Attributes
  • delay

    5

  • install

    false

  • install_folder

    %AppData%

aes.plain

Extracted

Family

quasar

Version

1.4.0.0

Botnet

Infected

C2

noinmy.ddns.net:9999

Mutex

BW7JOTpOU1me7DhAhz

Attributes
  • encryption_key

    cuGnTFdzZchzOboCjJyu

  • install_name

    dashost.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    WinServe

  • subdirectory

    DAF

Extracted

Family

revengerat

Botnet

Guest

C2

127.0.0.1:2302

127.0.0.1:1604

rdp2.dgsn.fr:213

jasonbrody2019.hopto.org:5555

tzii.myq-see.com:888

127.0.0.1:90

127.0.0.1:5555

memo445.ddns.net:1337

192.168.234.157:4444

192.168.197.128:1337

192.168.1.2:333

174.127.99.217:1016

193.161.193.99:8888

193.161.193.99:57904

Mutex

RV_MUTEX

Extracted

Family

revengerat

Botnet

LimeRevenge

Mutex

3f4-8b13-1cf6666e4149

Extracted

Family

njrat

Version

0.7d

Botnet

B HAT

Mutex

cd1f49ff557041b28396a032e2b161ee

Attributes
  • reg_key

    cd1f49ff557041b28396a032e2b161ee

  • splitter

    |'|'|

Extracted

Family

njrat

Version

0.7d

Botnet

NYAN CAT

C2

127.0.0.1:5552

Mutex

64dfa84fd6a14d54bb5da02b3d38a087

Attributes
  • reg_key

    64dfa84fd6a14d54bb5da02b3d38a087

  • splitter

    |'|'|

Extracted

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

127.0.0.1:9045

127.0.0.1:8080

192.168.1.7:8080

159.65.15.187:5552

127.0.0.1:5552

unregisteredhost.dynu.net:9045

omnibeees.ddns.com.br:5552

winddns.publicvm.com:5552

whoisdomain.zapto.org:9045

Mutex

13f63b20924948f

Attributes
  • reg_key

    13f63b20924948f

  • splitter

    @!#&^%$

Extracted

Family

njrat

Version

0.7d

Botnet

Test Bypass cho down load

C2

127.0.0.1:1234

Mutex

165d6ed988ac

Attributes
  • reg_key

    165d6ed988ac

  • splitter

    |'|'|

Extracted

Family

quasar

Version

1.3.0.0

Botnet

VN333

C2

billythesailor.ddns.net:4782

billythesailor.ddns.net:4707

billythesailor.ddns.net:4708

Mutex

QSR_MUTEX_EZD0hpIqeXmWmfSZR5

Attributes
  • encryption_key

    6dtdGsEtLLsDNKEXgV4zSrTRpfxT2qGQ

  • install_name

    Windows Startup Service.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    Windows Startup Service

  • subdirectory

    SubDir

Extracted

Family

limerat

Wallets

bc1quugyyqeyjw9z2qdetazwpp6jfpdqnscxj3jxgq

Attributes
  • aes_key

    123

  • antivm

    false

  • c2_url

    https://pastebin.com/raw/zVbipP9N

  • delay

    3

  • download_payload

    false

  • install

    false

  • install_name

    Wservices.exe

  • main_folder

    Temp

  • pin_spread

    false

  • sub_folder

    \

  • usb_spread

    false

Extracted

Family

remcos

Botnet

Host

C2

127.0.0.1:2404

Attributes
  • audio_folder

    audio

  • audio_path

    %AppData%

  • audio_record_time

    5

  • connect_delay

    0

  • connect_interval

    5

  • copy_file

    remcos.exe

  • copy_folder

    remcos

  • delete_file

    false

  • hide_file

    false

  • hide_keylog_file

    false

  • install_flag

    false

  • install_path

    %AppData%

  • keylog_crypt

    false

  • keylog_file

    logs.dat

  • keylog_flag

    false

  • keylog_folder

    remcos

  • keylog_path

    %AppData%

  • mouse_option

    false

  • mutex

    remcos_vruzvedwdwvizfq

  • screenshot_crypt

    false

  • screenshot_flag

    false

  • screenshot_folder

    Screens

  • screenshot_path

    %AppData%

  • screenshot_time

    1

  • startup_value

    remcos

  • take_screenshot_option

    false

  • take_screenshot_time

    5

Extracted

Family

njrat

Botnet

Visual Studio

Mutex

d72f69dfb2e45fb7b2acbc62f8219a16

Attributes
  • reg_key

    d72f69dfb2e45fb7b2acbc62f8219a16

Extracted

Family

njrat

Version

0.6.4

Botnet

HacKed

C2

192.168.1.2:1177

ghassan2019.ddns.net:1177

127.0.0.1:1177

192.168.1.11:1337

43.229.151.171:1177

43.229.151.191:1177

103.82.249.74:5552

memo445.ddns.net:5552

saleh200.hopto.org:1177

Mutex

5cd8f17f4086744065eb0992a09e05a2

Attributes
  • reg_key

    5cd8f17f4086744065eb0992a09e05a2

  • splitter

    |'|'|

Extracted

Family

njrat

Version

0.7d

Botnet

MyBot

C2

127.0.0.1:8080

1.243.157.185:6522

Mutex

9e549438c56317b24cd87c987b694da8

Attributes
  • reg_key

    9e549438c56317b24cd87c987b694da8

  • splitter

    Y262SUCZ4UJJ

Extracted

Family

njrat

Version

0.6.4

Botnet

YourPhone

C2

157.245.220.192:1177

Mutex

bec01544ef6b0bb361f68d796213ad70

Attributes
  • reg_key

    bec01544ef6b0bb361f68d796213ad70

  • splitter

    |'|'|

Extracted

Family

njrat

Version

Njrat 0.7 Golden By Hassan Amiri

Botnet

HacKeD

C2

85:85

Mutex

Windows Update

Attributes
  • reg_key

    Windows Update

  • splitter

    |Hassan|

Extracted

Family

njrat

Botnet

YourPhone

Mutex

be7a6446994c64053a860ca10a12ce1e

Attributes
  • reg_key

    be7a6446994c64053a860ca10a12ce1e

Extracted

Family

njrat

Version

0.7d

Botnet

required installation

C2

uxnr.ddns.net:7144

Mutex

a2d1b1b05cb0b58cf6e21aefb30df1db

Attributes
  • reg_key

    a2d1b1b05cb0b58cf6e21aefb30df1db

  • splitter

    |'|'|

Extracted

Family

njrat

Botnet

Person_Anonymous

Mutex

b48bd383056441b474989fb5582a172b

Attributes
  • reg_key

    b48bd383056441b474989fb5582a172b

Extracted

Family

njrat

Botnet

Hacked By HiDDen PerSOn

Mutex

687a11c6212507fa992aa1644b336ef5

Attributes
  • reg_key

    687a11c6212507fa992aa1644b336ef5

Extracted

Family

njrat

Version

im523

Botnet

HacKed By KiLLeR

C2

killerfo2.ddns.net:1177

killerfo22.ddns.net:1177

Mutex

61e53fca4b50eaee89f696351aed3589

Attributes
  • reg_key

    61e53fca4b50eaee89f696351aed3589

  • splitter

    |'|'|

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

127.0.0.1:5552

yano.ddns.net:1605

84.217.125.142:80

127.0.0.1:35855

hostnj.ddns.net:1177

Mutex

7d6d30a897de0ce8a1f25f71e40d0c4d

Attributes
  • reg_key

    7d6d30a897de0ce8a1f25f71e40d0c4d

  • splitter

    |'|'|

Extracted

Family

njrat

Version

0.7d

Botnet

client

C2

akamaru.ddns.net:1605

netcatclink.ddns.net:4444

Mutex

aa15bd929c7132fe8f63fd4d0ae48d6c

Attributes
  • reg_key

    aa15bd929c7132fe8f63fd4d0ae48d6c

  • splitter

    |'|'|

Extracted

Family

njrat

Version

Njrat 0.7 Golden By Hassan Amiri

Botnet

HacKed

C2

192.168.234.154:5555

Mutex

Windows Update

Attributes
  • reg_key

    Windows Update

  • splitter

    |Hassan|

Extracted

Family

njrat

Version

0.7d

Botnet

Test

C2

10.10.10.25:2525

Mutex

2cf8612501da0a1a00fe5c300206e7a5

Attributes
  • reg_key

    2cf8612501da0a1a00fe5c300206e7a5

  • splitter

    |'|'|

Extracted

Family

njrat

Version

im523

Botnet

bustabit

C2

wogusnn.ddns.net:5553

Mutex

d963ad78fcad26750b040b7fff9e4835

Attributes
  • reg_key

    d963ad78fcad26750b040b7fff9e4835

  • splitter

    |'|'|

Extracted

Family

njrat

Version

im523

Botnet

HacKed PUBG

C2

cantburn.hopto.org:1177

Mutex

7b5444a8f8ca9a359aadb891c7e9f01b

Attributes
  • reg_key

    7b5444a8f8ca9a359aadb891c7e9f01b

  • splitter

    |'|'|

Extracted

Family

njrat

Version

0.7d

Botnet

HHHXXX

C2

black101.ddns.net:1177

Mutex

c7c947d665980e197b736d98adf01cc0

Attributes
  • reg_key

    c7c947d665980e197b736d98adf01cc0

  • splitter

    |'|'|

Extracted

Family

njrat

Version

Kjh

Botnet

마인크래프트

C2

14.46.160.76:5552

Mutex

06d63ada0dc02c6a44ed3c3fc5c89d83

Attributes
  • reg_key

    06d63ada0dc02c6a44ed3c3fc5c89d83

  • splitter

    |'|'|

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

x014.hopto.org:4444

192.168.1.16:4444

Mutex

Windows Update

Attributes
  • reg_key

    Windows Update

  • splitter

    |'|'|

Extracted

Family

njrat

Version

Njrat 0.7 Golden By Hassan Amiri

Botnet

Kulum

C2

34.89.221.19:4444

Mutex

Windows Update

Attributes
  • reg_key

    Windows Update

  • splitter

    |Hassan|

Extracted

Family

njrat

Version

0.7d

C2

45.76.29.16:5552

Mutex

738e6a0cd25e647b7eb7d6cdad689401

Attributes
  • reg_key

    738e6a0cd25e647b7eb7d6cdad689401

  • splitter

    |'|'|

Extracted

Family

njrat

Version

0.7d

Botnet

Pubg Mobile

C2

Owais5050-61656.portmap.io:56607

Mutex

6cd2713f4eecf0bba2b136a5ea65aac1

Attributes
  • reg_key

    6cd2713f4eecf0bba2b136a5ea65aac1

  • splitter

    |'|'|

Extracted

Family

njrat

Version

0.7d

Botnet

pinatanai

C2

159.65.15.187:5555

Mutex

ca60c420c99495343bf4e523a6b382cc

Attributes
  • reg_key

    ca60c420c99495343bf4e523a6b382cc

  • splitter

    |'|'|

Extracted

Family

njrat

Version

0.7d

Botnet

deme

C2

192.168.1.34:4444

Mutex

4a511581dfdc310e4c48feb89e0695f4

Attributes
  • reg_key

    4a511581dfdc310e4c48feb89e0695f4

  • splitter

    Y262SUCZ4UJJ

Extracted

Family

njrat

Version

Kjh

Botnet

HacKed

C2

180.230.116.72:5552

Mutex

8e3709de950aab92ac1a166058ff0595

Attributes
  • reg_key

    8e3709de950aab92ac1a166058ff0595

  • splitter

    |'|'|

Extracted

Family

njrat

Version

0.6.4

Botnet

Person

C2

127.0.0.1:456

Mutex

dae31c02cb06222e776b9ccb9207edb1

Attributes
  • reg_key

    dae31c02cb06222e776b9ccb9207edb1

  • splitter

    |'|'|

Extracted

Family

njrat

Version

Njrat 0.7 Golden By Hassan Amiri

Botnet

gariban

C2

rothilione-41041.portmap.io:41041

Mutex

Windows Update

Attributes
  • reg_key

    Windows Update

  • splitter

    |Hassan|

Extracted

Family

njrat

Botnet

2020/

Mutex

cad6ec042b06ac31e129fbc8d13eabe6

Attributes
  • reg_key

    cad6ec042b06ac31e129fbc8d13eabe6

Extracted

Family

njrat

Version

Njrat 0.7 Golden By Hassan Amiri

Botnet

34234234

C2

146.158.107.225:8408

Mutex

Windows Update

Attributes
  • reg_key

    Windows Update

  • splitter

    |Hassan|

Extracted

Family

njrat

Botnet

SAD NIGGA HOURS

Mutex

06ba6a3d895af3b2b6823852ec271c67

Attributes
  • reg_key

    06ba6a3d895af3b2b6823852ec271c67

Extracted

Family

njrat

Version

0.7.3

Botnet

Lime

C2

195.222.172.238:5228

Mutex

svchost.exe

Attributes
  • reg_key

    svchost.exe

  • splitter

    njrat

Extracted

Family

njrat

Version

Njrat 0.7 Golden By Hassan Amiri

Botnet

topher

C2

tolga182-49359.portmap.host:1604

Mutex

Windows Update

Attributes
  • reg_key

    Windows Update

  • splitter

    |Hassan|

Extracted

Family

njrat

Botnet

Hacked

Mutex

19398dcbfdab92aeb0734478a2451d20

Attributes
  • reg_key

    19398dcbfdab92aeb0734478a2451d20

Extracted

Family

njrat

Botnet

roby

Mutex

4bda69d82f2ad26800386604df9bc3de

Attributes
  • reg_key

    4bda69d82f2ad26800386604df9bc3de

Extracted

Family

njrat

Version

0.7d

Botnet

victime

C2

tutoratderz.ddns.net:5552

tutoratderz.ddns.net:1605

Mutex

61f6d5680d79146f1177cacbfc3022ce

Attributes
  • reg_key

    61f6d5680d79146f1177cacbfc3022ce

  • splitter

    |'|'|

Extracted

Family

revengerat

Botnet

NyanCatRevenge

C2

127.0.0.1:333

NOREGISTERDOMAIN.ZAPTO.ORG:9045

helpdeskcamfrog.ddns.net:2222

3030pp.hopto.org:1000

r3dc0d3r.duckdns.org:12301

toloro.duckdns.org:5555

fullcdt.hopto.org:333

sensual2020.ddns.net:3000

192.168.1.2:2222

alien007.my-firewall.org:8080

cuenta.hopto.org:5214

Mutex

2cc2152a0871

Extracted

Family

revengerat

Botnet

R A D

C2

KevinDavis-58161.portmap.host:58161

192.168.1.112:4444

kevindavis-58161.portmap.host:58161

Mutex

RV_MUTEX

Extracted

Family

revengerat

Botnet

system

C2

yj233.e1.luyouxia.net:20645

Mutex

RV_MUTEX-GeVqDyMpzZJHO

Extracted

Family

revengerat

Botnet

YT

C2

yukselofficial.duckdns.org:5552

Mutex

RV_MUTEX-WlgZblRvZwfRtNH

Extracted

Family

quasar

Version

1.3.0.0

Botnet

Office04

C2

al3nzii.myq-see.com:4782

hoba7be.ddns.net:4782

127.0.0.1:2323

149.28.201.253:4782

192.168.2.9:1783

86.93.121.149:1783

192.168.234.157:1234

127.0.0.1:4782

192.168.1.100:4800

Mutex

QSR_MUTEX_QSMxTkfFj770mwaMaj

Attributes
  • encryption_key

    zunmXxOhff9hBVcOIy8a

  • install_name

    Client.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    windows

  • subdirectory

    SubDir

Extracted

Family

quasar

Version

1.3.0.0

Botnet

Kurban

C2

gameranil88-34655.portmap.io:34655

Mutex

QSR_MUTEX_Mq8fSFRilMUG89GjSc

Attributes
  • encryption_key

    wE4B3JaW3vEUIIrvszcF

  • install_name

    Client.exe

  • log_directory

    Logs

  • reconnect_delay

    1

  • startup_key

    WindowsUptade

  • subdirectory

    SubDir

Extracted

Family

quasar

Version

1.3.0.0

Botnet

Force One

C2

umcarasozinho.giize.com:5552

Mutex

QSR_MUTEX_rXuzhrms6m5Gx0d0lk

Attributes
  • encryption_key

    2yzv2TDIqCeGLodEWuqz

  • install_name

    systemhelper.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    systemhelper

  • subdirectory

    SubDir

Extracted

Family

quasar

Version

1.3.0.0

Botnet

New

C2

ipaf3.sytes.net:5353

ipaf4.sytes.net:5353

Mutex

QSR_MUTEX_IRT4UgcGhk975OVXdn

Attributes
  • encryption_key

    AWkTsOYsl9wIkH8LUfG4

  • install_name

    Driver.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    Drivers

  • subdirectory

    Drivers

Extracted

Family

quasar

Version

1.3.0.0

Botnet

CoDer

C2

skypeprocesshost.ddns.com.br:4782

workwinrarhost.ddns.com.br:4782

office.minhaempresa.tv:4782

authy.winconnection.net:4782

Mutex

QSR_MUTEX_waaDBjBTwvE4jQF1CY

Attributes
  • encryption_key

    syxdBvDrFCjAln3AxGRZ

  • install_name

    0ffice.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    msg

  • subdirectory

    Office

Extracted

Family

quasar

Version

1.3.0.0

Botnet

Ps

C2

45.74.53.124:4782

Mutex

s5v8y/B?E(H+MbQeThWmZq3t6w9z$C&F)J@NcRfUjXn2r5u7x!A%D*G-KaPdSgV

Attributes
  • encryption_key

    sEybIz3EK3xXIpG2z1h2

  • install_name

    Client.exe

  • log_directory

    Logs

  • reconnect_delay

    0

  • startup_key

    Quasar Client Startup

  • subdirectory

    SubDir

Extracted

Family

quasar

Version

1.3.0.0

Botnet

Force One PC MASTER

C2

apenasumcarasozinho.hopto.org:5552

Mutex

QSR_MUTEX_HqC3bVY0FTFbgxQirr

Attributes
  • encryption_key

    5RhS5uBxvlwTtS4KFhfw

  • install_name

    systemHelper.exe

  • log_directory

    Logs

  • reconnect_delay

    3000

  • startup_key

    systemhelper

  • subdirectory

    SubDir

Extracted

Family

nanocore

Version

1.2.2.0

C2

uniformmm.ddns.net:1543

127.0.0.1:1543

spowpow12.hopto.org:5678

127.0.0.1:5678

127.0.0.1:54984

192.168.1.16:54984

ahmedt.duckdns.org:113

ghfsquad.duckdns.org:8192

ludwigh.duckdns.org:8192

jhonjhon4842.ddns.net:53896

jemoederspow.ddns.net:5678

192.168.0.129:54984

Mutex

8c89a093-5ac7-424e-8c76-2e80c157bade

Attributes
  • activate_away_mode

    true

  • backup_connection_host

    127.0.0.1

  • backup_dns_server

    8.8.4.4

  • buffer_size

    65535

  • build_time

    2019-10-14T14:42:04.641145036Z

  • bypass_user_account_control

    false

  • bypass_user_account_control_data

    PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTE2Ij8+DQo8VGFzayB2ZXJzaW9uPSIxLjIiIHhtbG5zPSJodHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL3dpbmRvd3MvMjAwNC8wMi9taXQvdGFzayI+DQogIDxSZWdpc3RyYXRpb25JbmZvIC8+DQogIDxUcmlnZ2VycyAvPg0KICA8UHJpbmNpcGFscz4NCiAgICA8UHJpbmNpcGFsIGlkPSJBdXRob3IiPg0KICAgICAgPExvZ29uVHlwZT5JbnRlcmFjdGl2ZVRva2VuPC9Mb2dvblR5cGU+DQogICAgICA8UnVuTGV2ZWw+SGlnaGVzdEF2YWlsYWJsZTwvUnVuTGV2ZWw+DQogICAgPC9QcmluY2lwYWw+DQogIDwvUHJpbmNpcGFscz4NCiAgPFNldHRpbmdzPg0KICAgIDxNdWx0aXBsZUluc3RhbmNlc1BvbGljeT5QYXJhbGxlbDwvTXVsdGlwbGVJbnN0YW5jZXNQb2xpY3k+DQogICAgPERpc2FsbG93U3RhcnRJZk9uQmF0dGVyaWVzPmZhbHNlPC9EaXNhbGxvd1N0YXJ0SWZPbkJhdHRlcmllcz4NCiAgICA8U3RvcElmR29pbmdPbkJhdHRlcmllcz5mYWxzZTwvU3RvcElmR29pbmdPbkJhdHRlcmllcz4NCiAgICA8QWxsb3dIYXJkVGVybWluYXRlPnRydWU8L0FsbG93SGFyZFRlcm1pbmF0ZT4NCiAgICA8U3RhcnRXaGVuQXZhaWxhYmxlPmZhbHNlPC9TdGFydFdoZW5BdmFpbGFibGU+DQogICAgPFJ1bk9ubHlJZk5ldHdvcmtBdmFpbGFibGU+ZmFsc2U8L1J1bk9ubHlJZk5ldHdvcmtBdmFpbGFibGU+DQogICAgPElkbGVTZXR0aW5ncz4NCiAgICAgIDxTdG9wT25JZGxlRW5kPmZhbHNlPC9TdG9wT25JZGxlRW5kPg0KICAgICAgPFJlc3RhcnRPbklkbGU+ZmFsc2U8L1Jlc3RhcnRPbklkbGU+DQogICAgPC9JZGxlU2V0dGluZ3M+DQogICAgPEFsbG93U3RhcnRPbkRlbWFuZD50cnVlPC9BbGxvd1N0YXJ0T25EZW1hbmQ+DQogICAgPEVuYWJsZWQ+dHJ1ZTwvRW5hYmxlZD4NCiAgICA8SGlkZGVuPmZhbHNlPC9IaWRkZW4+DQogICAgPFJ1bk9ubHlJZklkbGU+ZmFsc2U8L1J1bk9ubHlJZklkbGU+DQogICAgPFdha2VUb1J1bj5mYWxzZTwvV2FrZVRvUnVuPg0KICAgIDxFeGVjdXRpb25UaW1lTGltaXQ+UFQwUzwvRXhlY3V0aW9uVGltZUxpbWl0Pg0KICAgIDxQcmlvcml0eT40PC9Qcmlvcml0eT4NCiAgPC9TZXR0aW5ncz4NCiAgPEFjdGlvbnMgQ29udGV4dD0iQXV0aG9yIj4NCiAgICA8RXhlYz4NCiAgICAgIDxDb21tYW5kPiIjRVhFQ1VUQUJMRVBBVEgiPC9Db21tYW5kPg0KICAgICAgPEFyZ3VtZW50cz4kKEFyZzApPC9Bcmd1bWVudHM+DQogICAgPC9FeGVjPg0KICA8L0FjdGlvbnM+DQo8L1Rhc2s+

  • clear_access_control

    true

  • clear_zone_identifier

    false

  • connect_delay

    4000

  • connection_port

    1543

  • default_group

    Default

  • enable_debug_mode

    true

  • gc_threshold

    1.048576e+07

  • keep_alive_timeout

    30000

  • keyboard_logging

    false

  • lan_timeout

    2500

  • max_packet_size

    1.048576e+07

  • mutex

    8c89a093-5ac7-424e-8c76-2e80c157bade

  • mutex_timeout

    5000

  • prevent_system_sleep

    false

  • primary_connection_host

    uniformmm.ddns.net

  • primary_dns_server

    8.8.8.8

  • request_elevation

    true

  • restart_delay

    5000

  • run_delay

    0

  • run_on_startup

    false

  • set_critical_process

    true

  • timeout_interval

    5000

  • use_custom_dns_server

    false

  • version

    1.2.2.0

  • wan_timeout

    8000

Extracted

Family

njrat

Version

0.7d

Botnet

Downloading

C2

console-wifi.ddns.net:5552

Mutex

3dfad3bbc7bad1562c683adfee1a8e48

Attributes
  • reg_key

    3dfad3bbc7bad1562c683adfee1a8e48

  • splitter

    |'|'|

Extracted

Family

njrat

Version

0.7d

Botnet

RECUP NOIP

C2

9292.ddns.net:10140

Mutex

1f0c56d11a4a44433acf4728c597fd66

Attributes
  • reg_key

    1f0c56d11a4a44433acf4728c597fd66

  • splitter

    |'|'|

Extracted

Family

njrat

Version

0.7d

Botnet

내따꽈리

C2

asdgdcvxzcv.kro.kr:2222

Mutex

651deda00b27ab86d974483926aa2300

Attributes
  • reg_key

    651deda00b27ab86d974483926aa2300

  • splitter

    |'|'|

Extracted

Family

njrat

Version

0.7d

Botnet

NEW

C2

sharrych.ddns.net:5556

Mutex

723520b640cb39476dbbd3d566c664da

Attributes
  • reg_key

    723520b640cb39476dbbd3d566c664da

  • splitter

    |'|'|

Extracted

Family

njrat

Version

0.6.4

Botnet

clienta

C2

achraf4.ddns.net:4500

Mutex

59d56b3983b444c86e2da951d0302f3b

Attributes
  • reg_key

    59d56b3983b444c86e2da951d0302f3b

  • splitter

    |'|'|

Extracted

Family

warzonerat

C2

tresor2020.ddns.net:2020

178.238.8.111:2626

Extracted

Family

cybergate

Version

v1.07.5

Botnet

remote

C2

127.0.0.1:999

127.0.0.1:81

Mutex

0Y7117LDCV0730

Attributes
  • enable_keylogger

    true

  • enable_message_box

    true

  • ftp_directory

    ./logs/

  • ftp_interval

    30

  • injected_process

    explorer.exe

  • install_dir

    install

  • install_file

    server.exe

  • install_flag

    true

  • keylogger_enable_ftp

    false

  • message_box_caption

    Remote Administration anywhere in the world.

  • message_box_title

    CyberGate

  • password

    cybergate

Signatures

  • Async RAT payload 21 IoCs
  • Asyncrat family
  • Cybergate family
  • Darkcomet family
  • Limerat family
  • Nanocore family
  • Njrat family
  • Quasar family
  • Quasar payload 16 IoCs
  • Remcos family
  • RevengeRat Executable 21 IoCs
  • Revengerat family
  • Sodinokibi family
  • Warzone RAT payload 2 IoCs
  • Warzonerat family
  • UPX packed file 5 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 313 IoCs

    Checks for missing Authenticode signature.

Files

  • 7559e6ca8b77400f88bf4e67208a1c32570a670068eccae9e3d226cc5471bd47
    .7z

    Password: infected

  • bazaar.2020.02/Backdoor.MSIL.Agent.jdt-72fd107044ae159a7a80813fe902a132f12eedd01c63fd9e506cf05e088e7491
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Backdoor.MSIL.Agent.jdt-aa918b196328f1fe341b5b48cb5d28f31a94b92b279fcf36baaea55a0a8886f1
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Backdoor.MSIL.Crysan.acs-d8e091f7e30656be6ba24890a96982b3a9def6123597c0b5ea740f8560ce45c1
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Backdoor.Win32.DarkKomet.aagt-4c1b6befb06152412567869f27c006cba39f4ac3b1c5dbcf8694a65367444df5
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • bazaar.2020.02/Backdoor.Win32.Delf.aecw-a2f4d3da25e52d88eafb7a7da242e9bb507fe4626af58ca3b8c1a13e391c2000
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • bazaar.2020.02/Backdoor.Win32.Delf.aecw-fa3981228b5b124a8b51fa64f8b6d5d05899165647dc50322b717d7ab63d4997
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • bazaar.2020.02/Backdoor.Win32.Parazit.aw-4f54c2e0def0a2a5b478220b3ddbccc3ee2a7302cddbfe0e8e1d394587589d88
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.Agent.gen-0eb3ab9e4c6bc5903674d8f9b36a1a59825fa4e1c2d7209be4d7a0c16dc6168f
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.Crysan.gen-0a276fdaf3367ca3fd4cf90eb338dd3d0575ba3979f1bd609ce58e13e2aa0a8e
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.Crysan.gen-0e7c56b00281e18e385042a28f0e6202fbe39f3cdb219d17489799fca09b6550
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.Crysan.gen-0eeb561ea16bf80e301847add0363445976f5ab518d23e499cbf1f7ce9e6fc59
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.Crysan.gen-0f268e9be95d203c8d5cfa33d50ad7f623f13746bd97ec24703959dc08d97a9b
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.Crysan.gen-2b70dd97d36efbbadd5f63afc22e28dc53d26302bae846b4f4e49e27cf95a70f
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.Crysan.gen-4ece7a3cd6313c022ce3d30028a8af4f4f4da6a35efcddb8136b4bb5520fdb21
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.Crysan.gen-5515739bd8752264b7ee2a2c9b957d36af9fb16b19d7dd1aef4139f2fe74af47
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.Crysan.gen-5be5dbcf6753c5607b5c95bf93e71f1d71fcb2c6ff691f949e237bc6df77a34a
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.Crysan.gen-661a64ee7db2b0ddbcfc619258bdd2c06ab206b7efb4280d1efb5206eaa4701c
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.Crysan.gen-6afb6a18a4fce6423e0518c40eee187214cf81428c350347c52eb3b9f0c82b17
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.Crysan.gen-6bc82b5b3a1161abc9ef0b67d69e09ef009fed1ab438fb9e5f3e1ac40290ed78
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.Crysan.gen-758c2192e60534c48145e7704dc3d810b8de899bb36a756fdfa1d34c5971ff45
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.Crysan.gen-7a5f26049488c885e95778f9a2352179be3a2f0721bba044039263214765d781
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.Crysan.gen-9b471c2935fdd01c7e9d57e78f91d213e6d1b5a44ac1719048d92d02d1976422
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.Crysan.gen-a52ed7cc857c5a48246c336bd22ac226100a005a8fa1306debe166af6018090d
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.Crysan.gen-a6604aebaa716ddce1cc646eb63b3ddcdc7aaa59efe4e10bcd1650dee815ea03
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.Crysan.gen-a86751d7ee905499b6e324dc5175e287a20d34cde78cbe35a290523dea9d1cd0
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.Crysan.gen-abf3559102f105717f176c7929b5994a35686be15d37fb91d19d885f79cc1310
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.Crysan.gen-cd421127d97cf049c17e0d3049dc42686468f26adfdc0281e0cb64e307c54a67
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.Crysan.gen-e20e1fd207ef943af95774fc0fc0e38da70c808b78a3dfb141e4852036a8dc12
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.Crysan.gen-f019485de1ca48a37011e7df076b8e7105e928d4b2695caa1a6780a2a30f45cb
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.Quasar.gen-a4fcf02ada330a1e50982618833ae730d5238adbf9407e303cc6c05fa8270ba5
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.Revenge.gen-03e6043a9dc35b10400bd0e81a62977b05e7ecf941524673bdcdcae9e012cb07
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.Revenge.gen-60197bde238231c68c111119345b65d414bd24c7910eb5b1f3af62a0e227fad7
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.Revenge.gen-61772167a95f7d7eb84337c06144cbba21b88b0ace8ef24d59426c7a50e6acc6
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.Revenge.gen-81c2d363ab4104654fc8a9d4672b947d1c83e521ea47d9c8f0aaf992cb39230d
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.Revenge.gen-a16bd1b906b66c84b3b8e097e10e5fc70fedf3240a182878758ae9f108dac023
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.Revenge.gen-acec05fb087440c24b6ac8a15051b8fc7fdfd92bdf458b165e1e19265395b595
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.Revenge.gen-c35e3bdf0d1a7275e73f3c8c9fb57cf874ffa19ffafae649025b1e90cd07c096
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.SpyGate.gen-1f2ae650fdefb75fd7775dd7ad86aa81ca7d19595f58b4a07b32a6502079d815
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.SpyGate.gen-2f55841f6ccc75acaf8390d8e8c909528a6c62bfd016e788068145c168aec07c
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.SpyGate.gen-38c256f94279c37c339b3214008a8a013bba1fdf9baff77ce82ed900d333fd75
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.SpyGate.gen-4d4fe010edd8e5cb0a3dbe463a9bea549aaee512737ac1a8e1b81c2b1100d1fa
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.SpyGate.gen-530d2f0345b4e64d7a15fce3c91ddd6f8b6122dc66fbf479bf20368d933c40c6
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.SpyGate.gen-9ab608b32b25b2412a3ceb6de646beb37242434ee1c7cc8cc779db02e17f497f
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.SpyGate.gen-aac437030e9124f5a39f58ede1eedf0a786091efbce4fe697b468d7c2d907ac6
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.SpyGate.gen-d7aadffd168139ae09e073e9154a8fa6a6b6be547d3beae1e157adeb1bad2c07
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.SpyGate.gen-def7ecf8aa63604355204120f9c28e669b33268e3440e689b7e9beaaf7e7e7ef
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.MSIL.SpyGate.gen-e2a886dff11b3c7d342a1374bcb9f43697ff7ffda9470b0abc6cb795171f3e4c
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.Win32.Generic-1c659cbf8f73b2dd0ed8238595c225dbc1e87d5ea538c24a5d52faf0f4a49e7d
    .exe windows:4 windows x86 arch:x86

    8428bbc7d7a645de0023d5a121be2195


    Headers

    Imports

    Exports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.Win32.Generic-ecb05f56049ff565d1a77351ac21374b9ba05e3cb5ecabbd113d44a254d4e642
    .exe windows:4 windows x86 arch:x86

    8428bbc7d7a645de0023d5a121be2195


    Headers

    Imports

    Exports

    Sections

  • bazaar.2020.02/HEUR-Backdoor.Win32.NetWiredRC.gen-ddf42fa0c0c9f5e7c33dfe7cc6743f812b796b53c759e6e19ec18daa6b98364e
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • bazaar.2020.02/HEUR-Trojan-Downloader.Script.SLoad.gen-1460604fef8913322d310b038f6be1c5dbd5b725296a02a4ba13ea4bb3b8329a
    .js
  • bazaar.2020.02/HEUR-Trojan-PSW.MSIL.Agent.gen-3690d1d02801a5cb5fbfe075853eb580648c681cf8fe11f9d3e77239ae1c617a
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-0e468c960706b3f4181f54a35650b8edbd0960785dda89a72cdd1e5d600f188b
    .dll windows:5 windows x86 arch:x86

    c4c29c7e6a6897be412c7fedfcca8fe4


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-0eb2873b91bedb21963ce3150732914fefcbdec884cd7b3d0e63b5f5424d3b37
    .dll windows:5 windows x86 arch:x86

    3405adb708f38a8c5b5ee1fd45dead95


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-0ee7783213426a5e46bc11a91acf5f2d73890bb09bbf4f3b932a4b79eeb6b820
    .dll windows:5 windows x86 arch:x86

    3405adb708f38a8c5b5ee1fd45dead95


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-1b9dfd1fe17d3783b2ab4a6d583be6fca9ba164d2a1cd6814c710774ec9bd031
    .dll windows:5 windows x86 arch:x86

    3405adb708f38a8c5b5ee1fd45dead95


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-218ad6e33041a0bdb60c8de03e7dcdf42e5392e106a4b5b0436cdaa02a8dd2c9
    .dll windows:5 windows x86 arch:x86

    3405adb708f38a8c5b5ee1fd45dead95


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-22e6baf4d3e4dba5f6f3ab349700d0169eeeb4a989b20b64a6aefba8be9fa64a
    .dll windows:5 windows x86 arch:x86

    c4c29c7e6a6897be412c7fedfcca8fe4


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-23096a2bc9feeabd37a9704d0653f4628ef740cdfe24af364ee09d379ec39d95
    .dll windows:5 windows x86 arch:x86

    c4c29c7e6a6897be412c7fedfcca8fe4


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-23b7ef18b61fe3ca542372a862d19fac734c24b5cecfe9682b211129fa88f998
    .dll windows:5 windows x86 arch:x86

    3405adb708f38a8c5b5ee1fd45dead95


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-23d7cd4b0535b40662dc211b4ae28c4b5383c66b4b686064bd391a259da80d48
    .dll windows:5 windows x86 arch:x86

    c4c29c7e6a6897be412c7fedfcca8fe4


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-2a28f11ca820bd0bde24d41cb5307c8f2fa70174536ac13a99923ba70015b36f
    .dll windows:5 windows x86 arch:x86

    3405adb708f38a8c5b5ee1fd45dead95


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-353ddd0a20aa154923d91052d8ef6c94a32fe9cb1293cde6b8d05b032a79237d
    .dll windows:5 windows x86 arch:x86

    3405adb708f38a8c5b5ee1fd45dead95


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-38beb0ea97e3c5758b4839b8874d552a6ddce7bcde77986c62bf49041e229bc6
    .dll windows:5 windows x86 arch:x86

    c4c29c7e6a6897be412c7fedfcca8fe4


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-42996516b6604ba136ff909d9b59d2a676a72eaafa30c729cdfaddd96b20fc83
    .dll windows:5 windows x86 arch:x86

    c4c29c7e6a6897be412c7fedfcca8fe4


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-44bcefd86b7d36300eb2d77ba88f248cab5ecb9cfb0ec3e859e35ed519fa7795
    .dll windows:5 windows x86 arch:x86

    c4c29c7e6a6897be412c7fedfcca8fe4


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-578e1b00157447f99716b646af6b0c33d0f6c32257a19376d6cc9d003ff0fba1
    .dll windows:5 windows x86 arch:x86

    c4c29c7e6a6897be412c7fedfcca8fe4


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-5bfb1237443e270d7297a9bb2d4cc44cbc4f3ad0f71db00012a4cc0ae461e6d2
    .dll windows:5 windows x86 arch:x86

    c4c29c7e6a6897be412c7fedfcca8fe4


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-5f74523c92b0fde9a89cd5121fe4829a7499a7074a4e0c55adcae5ba2f374a20
    .dll windows:5 windows x86 arch:x86

    3405adb708f38a8c5b5ee1fd45dead95


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-60eb2878e6ae481bcc0945d0cfaa8d2b8cca6e576da62804d9081662a0ed372b
    .dll windows:5 windows x86 arch:x86

    c4c29c7e6a6897be412c7fedfcca8fe4


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-6f6d4f3090669a12b7870d959302181d721436520374a4115e6c7bcfbc21cfef
    .dll windows:5 windows x86 arch:x86

    3405adb708f38a8c5b5ee1fd45dead95


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-747215655246587e4db7d04356ca00afa7fbe25b7fd1f3ba4f182670a9b86519
    .dll windows:5 windows x86 arch:x86

    c4c29c7e6a6897be412c7fedfcca8fe4


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-79919ef76585d0c1ae83b081c852e570598705583142fd1e5ae71ba7b32e8318
    .dll windows:5 windows x86 arch:x86

    c4c29c7e6a6897be412c7fedfcca8fe4


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-7b8a4cc371405cd7ac06a63adee7e9500a814d78faef3bdba16b6b2d7b49b198
    .dll windows:5 windows x86 arch:x86

    3405adb708f38a8c5b5ee1fd45dead95


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-7e7edb63b2dd35481b73828564d123d6b8873a3a3cef8767ce3b0a9df89cc336
    .dll windows:5 windows x86 arch:x86

    c4c29c7e6a6897be412c7fedfcca8fe4


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-830a8208fe916dabfc1ee63c3e889d8277fbae954a9b00d64b2c920e1d9a2536
    .dll windows:5 windows x86 arch:x86

    c4c29c7e6a6897be412c7fedfcca8fe4


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-87551a242ba5861045a09e740e68d37b2a22c0a15c77723782f9568450cb5bd9
    .dll windows:5 windows x86 arch:x86

    3405adb708f38a8c5b5ee1fd45dead95


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-89f9499b3426a05ce92301481d038fe4779549c30f38c45556cbdb2558a18944
    .dll windows:5 windows x86 arch:x86

    3405adb708f38a8c5b5ee1fd45dead95


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-8c55958dc4f421350c0b0c5ac16004238f4d0957a7fba86832f7da76788a4804
    .dll windows:5 windows x86 arch:x86

    3405adb708f38a8c5b5ee1fd45dead95


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-910489e9cbb9be62a2ee6100e09d0d6006fe21cbd73d5b7085f1b69f292cf006
    .dll windows:5 windows x86 arch:x86

    3405adb708f38a8c5b5ee1fd45dead95


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-946d769a0c039fa8f76bf3b0f0cb508c76027d45e89faaeb3902ce5645bfd185
    .dll windows:5 windows x86 arch:x86

    3405adb708f38a8c5b5ee1fd45dead95


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-94ea4614b480418f94bceb76713f109687a6b775244a58d259d34c031e2becf9
    .dll windows:5 windows x86 arch:x86

    c4c29c7e6a6897be412c7fedfcca8fe4


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-9f9ec018f395592b0cd8726972e6bf1400eeb13b8535cf314de5f135bb65fdec
    .dll windows:5 windows x86 arch:x86

    c4c29c7e6a6897be412c7fedfcca8fe4


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-ac659ed79aac7c38c6e249ad9c92feaafb77dbcd35ab1ccbb47691fe96030516
    .dll windows:5 windows x86 arch:x86

    3405adb708f38a8c5b5ee1fd45dead95


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-af7a14a249990479f187b3d2d0897118eeca857482ccb0215dc3c77bc908213f
    .dll windows:5 windows x86 arch:x86

    c4c29c7e6a6897be412c7fedfcca8fe4


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-b7ae1fa5ac7ee65dffd93e9defd51b2e39a1030620560fe9eff51315e75c8885
    .dll windows:5 windows x86 arch:x86

    c4c29c7e6a6897be412c7fedfcca8fe4


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-b927203812bd5776ed375a59e3131046750b5050b3847bf79f61a491026f1b25
    .dll windows:5 windows x86 arch:x86

    c4c29c7e6a6897be412c7fedfcca8fe4


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-bd7505e3d55571e96b4d5763dbfbabdc445e44de8c8e09a660bf25b28fb709ad
    .dll windows:5 windows x86 arch:x86

    c4c29c7e6a6897be412c7fedfcca8fe4


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-c2a4efd5f9ba6f03612eb6e8a324a6721ee84166e50a539f789b3fb6ba9e8399
    .dll windows:5 windows x86 arch:x86

    3405adb708f38a8c5b5ee1fd45dead95


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-c35f35a9e54f35375bc2f72842d038c4121a5cc6314ac7cbabca6a8dc463cfcd
    .dll windows:5 windows x86 arch:x86

    c4c29c7e6a6897be412c7fedfcca8fe4


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-c3ed8705aecf16a07e86717d4dd6a33847cf0b87bb2d58e56a502bbf952d5f03
    .dll windows:5 windows x86 arch:x86

    c4c29c7e6a6897be412c7fedfcca8fe4


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-c40dfd58e6da0aade75d09b6a659cf165f072ba89aef2d60c10c153793535ee7
    .dll windows:5 windows x86 arch:x86

    3405adb708f38a8c5b5ee1fd45dead95


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-c867959e7f75f00eb11dae861bb9c198421215bb10f88e0c26e3c36aa93bd17a
    .dll windows:5 windows x86 arch:x86

    3405adb708f38a8c5b5ee1fd45dead95


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-ccdb5316112f277ca0b8475884223713ca5afc4f9b729250fa5be07c486822a4
    .dll windows:5 windows x86 arch:x86

    c4c29c7e6a6897be412c7fedfcca8fe4


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-daa26a415b2fce72a81bb0d76b5e7552cc4e41707bb2e8fd9cfb77da5e14a066
    .dll windows:5 windows x86 arch:x86

    3405adb708f38a8c5b5ee1fd45dead95


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-e98671b2d66ed8e660d8653d19773ca46706a43c3d489b947df1fd4b0cefce41
    .dll windows:5 windows x86 arch:x86

    c4c29c7e6a6897be412c7fedfcca8fe4


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-f4781fb9f53f6bfd09b7e7f5df67e00d06ec739bc75b8e6a38d1c74cf91d7fc7
    .dll windows:5 windows x86 arch:x86

    3405adb708f38a8c5b5ee1fd45dead95


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-f568ba27a1779678459b3f2920a25973e34ed44c294c6bda0170f19a5b7f5ab6
    .dll windows:5 windows x86 arch:x86

    c4c29c7e6a6897be412c7fedfcca8fe4


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-f99723f1961f7ba1ea05a528a60558df653fac5a4046cfa70865419548e51fc8
    .dll windows:5 windows x86 arch:x86

    c4c29c7e6a6897be412c7fedfcca8fe4


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-f9d9a87e00ec85047f0a85828cf5fb137c3e129ea172c3b5fa9058c2748014da
    .dll windows:5 windows x86 arch:x86

    3405adb708f38a8c5b5ee1fd45dead95


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Ransom.Win32.Sodin.vho-fce4810786155e188851f14000159c67656b152b5e1bf6f1aafa27dce4837a49
    .dll windows:5 windows x86 arch:x86

    c4c29c7e6a6897be412c7fedfcca8fe4


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Spy.MSIL.KeyLogger.gen-20a0206d431c7d26df2994c1c9d21ec2632e0e4eb358b28a28826af7e51c548f
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Spy.MSIL.KeyLogger.gen-3c426a3c33438d9be6cf941a98906dd3992348e8c0288172cb161d495a774bba
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Spy.MSIL.KeyLogger.gen-42a01f37ad7b9284671312c98a78a2f96b8aec1d25af8be7780bf1e8a9d64dd1
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Spy.MSIL.KeyLogger.gen-6e78135df469622bd2c705f8d37bb07c76fe53d7af3d3617a2f1d73e72774b36
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Spy.MSIL.KeyLogger.gen-8057370f5a52466f468edc174017de11e382e8d727d7ea494becb7fe24ac3bb5
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Spy.MSIL.KeyLogger.gen-86bbaa6bc1ede93f7654d889933a336fcd781039797a176dba25a1505cc9b033
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Spy.MSIL.KeyLogger.gen-87b0a6a233ea403868b58ac1960ad6799785a06b684c38e5517a9254a544145a
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Spy.MSIL.KeyLogger.gen-a0d362e2231e016ca7a5c976dd1ff93c24477215bb89c0278ad2e375195dd448
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Spy.MSIL.KeyLogger.gen-ad4c7342f0394336560063d9ea2d53c4e39dd280e776b69a9f0fb1364126dab0
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Spy.MSIL.KeyLogger.gen-be2600ebccd8ec339463b7927783c0465f3cdb2979663478619073b9e1773db0
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Spy.MSIL.KeyLogger.gen-bf3aa88502b6f15711ae0ac0702c8bdc8219f27cd48b946b20d2f0c225d4cce5
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Spy.MSIL.KeyLogger.gen-e00d93aa468014f173c109744b794332846f7dd7ac5151009612ede7eaa1baea
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Spy.MSIL.KeyLogger.gen-e78c4aabbfa59e6199deb608bd39eba890bf04dfd59a77b9c99589f668d04268
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Spy.MSIL.KeyLogger.gen-ea51449ecfbdea8639b28d8d1e4f0403f5e1f3b3e455d3d8c4beba7532a340d3
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Spy.MSIL.KeyLogger.gen-ed5910defef802d55719379010b1cb99b007928f2947bcf0c778c8f479892084
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Spy.MSIL.KeyLogger.gen-f38e6fdee72634232d6bc1c9e4a843716a2200c2092e71f7cfa8865ab9679e13
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Spy.MSIL.KeyLogger.gen-fc5850691ea4a7b14caf53c5cd989fe6c04f7eb3d0e64ad39e184421234dcf77
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Spy.MSIL.Quasar.gen-dff69a4857e56c6c013e1959908154884ed9653414ba1f6d1720f8b1f1af1f8a
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan-Spy.Win32.Xegumumune.gen-9a31db5bc233b3fedeeb7f8fda079d92cb4c42377d763f3cf37c98d452962ebe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • bazaar.2020.02/HEUR-Trojan.MSIL.Generic-7af6be720f63c86de10443745e332a5717aa9b14fa3e8ecca584ef370f2080da
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.MSIL.Generic-e0287568096f94034a8746adef8f4c08db4ef5f51134f90740b1c72eb1b1eb0b
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.MSIL.Tasker.gen-8a31c332dfb8714bc0c66300102fa84ee54a4027ed40e2c7082957abb431c34e
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.MSIL.Tasker.gen-e513eb020887dd56e85e55803b1afccb24ae116380947993da2e88a71e97be14
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Agent.gen-329b0bbd1b23398088454dbfaaaa99ab94338ead9fac8fff6018e33f63fe7690
    .exe windows:4 windows x86 arch:x86

    d3a62971944197f0701c7049a9c739d1


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-00d4903c9864c5b55f6cba9848f3bc2f2976ad18e9c5763408323c8d9505ff68
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-063bbcff3066fd40c909e97833f35e6f4f5a4e0d2a1ec590fd64aea2211196af
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-10071b7fc8c1800063e60780b8c00b3c0045feecdb92e08ac45cc057127193dc
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-14ce399fdd253df979fa369daeaeec88b785f661f2b288000345746a3ddb78a1
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-1ab5a32c95f4645f124b455ccbd65a46e56897a9f0f62e3edd8a8c3ea06189ab
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-1db41e3285f0819f9f614052a76500038e9ec2433550c240aeceb2787b235808
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-20834d83e3c56d3cedb42c869587d9e9b9c71624b32469a06a042881c5fa1438
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-22d836128a4dbbec539196ddfac90474a71230f43b9527f9f37d5f3a56bbb535
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-253d2bc02e9a0b835ce9c7bf6f05bc9fa33bc60ddfb71f1da3de26befa103894
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-2567ad2059f892ce4cb2eaaebe52badfad622e6b1c6044c542ff2910ece4a6bb
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-26f7e1788c2656cd64e69ac68873acfdd0160ff6ed07880720c4a52f5d52bc10
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-2aad7f7edf402c984b9470586e8676190a72c59ccd8a232d5010eece7e85d451
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-2b54d8ac1e78e75cc3737fe24ed0ad4ad558033f76feb1cee362b90fc215fbed
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-31736a54c77e7f44f952f55536eb4ac6d5863c9ed970a087c0d1cc801a558728
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-31f24a687e78048dd69114d16e9fb8d4dac18f64bf355c07f02c5613a0276efe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-324c53b81b626af489bb2a1d0a42cc88b4e7f18e291060503455ac1a7a4fce90
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-35e54a27e5315bc5b1f0069b44e1f94a4624107ec2015c1d820bb4f2c4ae8225
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-37347923c50a562b1f3a24212e85b9490fbbed9ae9c395d3d3f9db51cbc987f2
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-38451f9cee47daf6fa98fee356ebf5a18194c5c5fa4d2ffc69af515a60de5e8c
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-39ec963bdfd683141a24c10435e4a6104375f5c1f61af2053b017ee55b84d1c1
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-3e1e4faf11d4ea1f0be8e16658685f524fad1d5b464857422b88bbbacc878ab6
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-40be51737bb8b9c99a97cf8024014e3f0dfc7bb56471856206365714476add9d
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-47c5387e8459af563993969200416cae6f9ad30748060c8d952c0ad4d2bae3e7
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-491eec6f62e89b017a00c2dccf51864afd6debf003a5e83d4081499a293d7221
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-4a3f69c2613f4a514b1c904f7e019990d68718fbfdbb6ffe2896c50489ea5814
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-4a4dcb3d44b25875a661b16ee7d351a057b43921277b1f44a6b17354bb6936a3
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-4c42f6a7027df50fff5e175148e29c9fdcde33a77cde36eee1dd8aa121f1fec3
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-4e351fed9605d912eb226a3925148012201c99875f38a12c6d95c7fdbf5f5e3e
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-521a9733212dcb2f2e9345cc722bfb06ba823f34fc35b2264b7fc4f48397ecb5
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-548c48b438d61c6b9cdc1c0c6ef46622c4469405dc7bb677f366dbd1bdb15fc9
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-579664b49a5ef76626175ada92546a40f63ae977ece60b2f8649b6eac24ca290
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-5cb1c07a56ce3bd1a4b3828f508c5aaba1aebd1dab0bd9566f41603481827876
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-5d8446a23b80e9b6cb7406c2ba81d606685cf11b24e9eb8309153a47b04f3aad
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-6142acc1a46f79c83a1f331b2b0abf1bc675837e8a26c1004b19b4131d980556
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-634a5e24eda00b716c30b8c463f811a3d0d413a8e0e1e02b1bb2518be225ddcd
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-639d28b15f1b7eacb0643ec4d0d01f616c67331e4922ff70fb0c11d159a71722
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-65878cef4e2fdd03c3c08a4070105ebe37c0c0f311679a0c21208ac9f8f7c069
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-65da4ede295a31428f8a1ae2ea76f27c92dc5d9c8cb5cc440a69c82bc0cbd6e5
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-6cf989387bc4334c2b9c9a3d1904c072832486a4e1d27fb7a8400bea73b8fc01
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-6e323bddb6f10b049428e50b9cf4da9f047829e83aa32e00bb2a7f4dc2a5e588
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-6e3f2ebb560fede5fca72650a4f495d1038930a3a7c0bebbd032be0a79e1f2b2
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-6ef0658079cebc519cd469248cd6ff40dfec559c07249603a826d8cfaba263e2
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-6effb7ad8b4b42bc97ace9c3f1caf5089323493f535304bbcfca5819fdc30106
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-6f6a97800bd9fb1ba19cbc7538f8c67a95260d7b4dceb2edf18e2c5795b9cf5f
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-6fcfa488c67737f9dd617995bb0d67087feb4f84d6ee1fdd26a8fc1e01931b2a
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-72932b9f1884e066fe30966a1a3089b26208297cd6ecbfd76249d9b82b5cb616
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-78364eb0cc0cf381b000b9ae8f942bb4c94f342ba10827d7e7e4dd8ae3d140ff
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-7c7f23a33db8b6dc22b0b8897bef020ce74670bcb8723f9bc8e6b15f280408cc
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-7e55fd01c96f84a79956e90c1ab551cc636043c989902b32dcc0c60c97720ab0
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-7e6dce4194b7f42515cfe70a26a19cf018b66fd4522a0f10c46fac5bf884aad2
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-7f90d1d2465e6b3c69236275c96662690ccc5eef0d4b4ed2dd90bdf298cc7539
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-845f3f7d59365c2cc41ef827fa7c9e146f7746dc0720937c7bd29049e42d81f2
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-88889c90ef9432e7eae81bf3aa181b173deb8e8f8e6295d7737c516ee7f2f77f
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-8a0a78df298dc039aca3ead63d2f293d980c69ba9db23d5c2f2a9b37ce33b539
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-8c41cc5d45e91f116aa8319fbadfd91657375e95145559e39f76e1f5380ca53b
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-8e02ebc246d1c26c5c5df05e93c8eede2b735846e464a8c2929bef2c6e4dd517
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-90a3ee4bb184d38630de9018450ed6be6fdeb2e6b562ccd04fc88f0ad0c865f4
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-920872696e5911393610e0f5967c530a197c2ec43fa1f0ad30792712e8f3f019
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-94e8fa6dac6e1a9e76dabf84a2478626eb9cba660c3a9dbe525caa7271fcdef6
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-952ac15d63c149fe69bf8244baa71fea739ccb58a22e2cba83b01d6dbf688bab
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-96bf799fbafcbc9e851fe8d3b10b292c4eabe9bfc9d208e99974b1b55d335c63
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-99d42cefa02973d7a59be7b81a4349bbed6b369c947656dac8b5a70568803716
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-9a357f09b76c7c511920154450c9b4a889095f65000e65f6bb6f99748a67a805
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-9c15ad04809d348f9e4d68da4f530929d103402b2cb83d1732c524e8cbaea45b
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-9c4a7e8094a3602e3b8bc976a88759f9e805b904b8f394dfa39a9121167abff4
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-9e1059927c865b045b6226c306aa6b5eae5e24532affb7a0a4588bc435ce5ff7
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-9fe0df51775c3935b1f385a5b924bd53218f0711378cbed62da01e96cae89fc6
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-a2f3108c3c2c32f1b9ae75f694d1ee15a2647b2ce3d65f6df9bccaf426fb7af1
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-a585796634217ff4ab444ea95d43a01a1aa4b3a280b41eaea0e42223e491efae
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-a653e4c1521fd408b227bc19b177c072dc2a094416818638df26a0237054fe7c
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-a67236c36e7eb778bc71123e02384f740d80c4aa869834bdc22f4c62be6a3078
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-a724b9208eec5030d377368203ee2ffb7673f3c7178f9db0f74fd15d18bf3f64
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-ad01160476ded3d8dec827042e6627e5b2a50a4bcf47b37fe892b957de4e149c
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-aece2185bb51693d72cdfd7bc57474dcc659b72bf6a343320783c4c039598b43
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-b1124ee47ce6a5bb4750b45d1d93f0c740ebda59fca7f1ee5b3d17ea2613d786
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-b48799d2eee65351dde0cf00b8beb57ab15da799384c1b546c358f18d412a6db
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-b4d67a1a00e261d1f0850dda2d512003d548e5adac903bc28bebc0ab2c9ad84b
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-b697861cc38f600c83f679c0b8fa3347bf5f869d89465c07101c92a5eb5f8163
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-b8a92e0ec11d91aaa6c5c44f37024d9f09071623dcf2aa67462189e84f683b65
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-b932c16df904620eff8e4f2b5de4bbcd5af8791827a11e9567f406daa16565eb
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-c52ab8a1946d9658e5c274c1e51932fc643f96521e6d399ba77a2222af822476
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-c8b2eec7a0e0086728ac0d69f6f2e3749f5ef31d970d910e0f77639475006dcd
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-c8d8f79ad37249faa03dae92947af35d310fffc28b7597507246d1f8c8eb9fea
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-c935473ffba371fdc0afc552e5d4d71c3e1400d7d07316262bcbbb93b6668b77
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-c9feba4cc57bd4d8a9a04af3ccc6c239857791e5a496e5ac75137f29cc9bf7ae
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-caaa5263db4330c246e82a67c5f0773c32478390644121a4555c90476bb526b8
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-ce883dcbb367f40332251ac2054edff9d12f6dcbe483b04fef88ebd4cae28be7
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-d0fa5f41eaf22b17c2a2c2a65eb6ae69c36e2533d184cc07a1295c218e672978
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-d163a0c4e233656f8162b5c5ed558ad18f18a969a28e7ee34de704b69069d30e
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-d80a899843845ba8ed8077d40e6d7c6935e407ece04463d9092f75ee34e6ecc0
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-dbdc1398559f3db44d18f68de43bb811de9c4fab16ce1e0fac95cd738dcaf2f8
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-ddc9c053dffe73d360c81672504cbc37bb85693fc587867a83f99cfb9184b68d
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-e0717a6c90b4fc941a29d4c5272cd6139b1b86c1e0103d7d58955bf05c4bbb9b
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-e4d1ed3eca417e52557775993d92b2b024142a5ddb45ea7a3a6dda5e13c0996e
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-e632779afa8a535c1c33326cd2ed3c21a2dd3d5978e83670b209bd42778fee4d
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-eb39aa174e5a1bead3c5c6d6003022cdbc309d09820024b7cde7afc1347e7b9e
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-ec3c8bb69881ff50e0b35fe6b54c42f34d3f2d116cecd82ab7336984bdf4ef41
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-ec4f2c04c1b71661872758781a7cee0973021e265fba57fbc8dbb8a4bf3614e5
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-eeb8f190b604e6a50611345ec77050d40c18e291849be1ee5d47f46d5e9ed957
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-ef5c8a793083695a015f7c29543bdd61275d9139f4071064cd18524e0f55ea02
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-efbe05cbdbc16fea15a71a18c891dc9cb2e88d13de35b515a616a4a94bada0b3
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-f01befb0270c212d3f5c8d4501e19c544aa57010bd30bbf1d9817789ef7d83d0
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-f3d79fdaaf41d0bafb0950845f7a50a16995a376a767ebe09cde3d93a72f400b
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-f67ad736a0b228abca843c8dabb426263903b4c95548a64d8ff5a078ba9cf8d9
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-f96a3c58fc9dc49cb3064cba97c9629e2f04eb0c48dc0507bb1264f2d991b411
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-fa84bcc1375121f4ea3c3d091399ca5367fb99cb6a66ef0c49a38b2e38ab224e
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-fbb4863016dfcfc7f11e3d41896c2f42efd1c376d5c85f7b9bcd0d244e260b99
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-fc8001d8cd8308ef3fe660bb5cd20920a038b091b6aff202281060199453cdf5
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-fd119a762866a0b3a798fc0421b49769f06153881d762bda8f5015df9495cdb4
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-fdf7af1118dbd4fa30dcf72d07b2a114c8242207c13aa672eeada3dc5de8582f
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.Generic-fe0eede4b7205c77ce055b7e99be118d19c402101892d67f76bcbe4ec8049038
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.RRAT.gen-0760806d2cb04dfa58902d85e3503e313805e8056565097cf18d4d24249679d3
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.RRAT.gen-0b3ca8fc417a9e5ac4101babf092999399fe7aadc4d8b68b4707e8297db0a08e
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.RRAT.gen-0f0ad0df89b895ae4e7ad72b7d6bbea015fe566fe98b577553cb95cd3fb96766
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.RRAT.gen-0f9f2ed3669af8502dfad754d0dc2e7682fe7bc4d0044f7cc3ca61a0e1170d15
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.RRAT.gen-23fc02f1e3783ac574850e9f210b8fb54e2a3dd589ed4b0399157e1708457ed1
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.RRAT.gen-275e4633982c0b779c6dcc0a3dab4b2742ec05bc1a3364c64745cbfe74302c06
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.RRAT.gen-291bf31470c9bcacec467c980adb7a3d111ebb6b72cf07147884a7eae5cabde9
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.RRAT.gen-30ef3d46a266114674f601d9d03f85029ec54821f104b9e86903113d47914b6f
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.RRAT.gen-31b10f1a4a6bb1e74af48d786c3c5957d1fdde4307adb24d5cbf06f278fc18ae
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.RRAT.gen-3ac39ece6e1953f03e88fdfb942bf9f0dcb8d1da643cbd9677032f2ac7861d03
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.RRAT.gen-42e23b5a0fde78a0677c91043c9484aa6a9942fadf7e535a07104ff0dd501cb4
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.RRAT.gen-58f1865d2fb00775add6c9d34aa504118bc962e08fba8fb79b288515320ef933
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.RRAT.gen-5a810a0b7402b9023f8c5016d0341a5070ef1ce52f0b124b6ced8a3846e54c83
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.RRAT.gen-6ebe2626d66a590a572cca546c2b1c472f5e1b7db26f89cc8f6f073125fe82c5
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.RRAT.gen-6f03b44e93301e51660e62609d5a4c0982ecc139317e274c8450834a774a05b4
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.RRAT.gen-7e1f0c4593e27a0841305ca73d83f6ccdd900ecf8ed8863feb9a301367c5dac1
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.RRAT.gen-8efd6f95c39e86627b1f9cc553fa7bed152dbf4788662bee15d3b5bdf0c1b79e
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.RRAT.gen-98c053d0a020c3146a1cfee09150fb2fc342f501ce00b0a898935c042ebe7016
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.RRAT.gen-9be010b45a81a22f2d50c1d35f31384152c5b91dd7e3a1fe81b2c4fa95bb468c
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.RRAT.gen-a26b3e551732d7ef9c649bd713bb22210d3123ba081df325bc534c9c740def1e
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.RRAT.gen-b45741c0c50256480cdffc15bd14a3770d895232c1e482e91f5e298daea023fc
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.RRAT.gen-d45ab6328d392df91c86b67708bf1994f8b3dd263edd88b91ff0b02e738fb250
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.RRAT.gen-d9a9a7ab99db0946ecb0f5f398eddd0d820ffbde0105164064e168f1ea73ba26
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.RRAT.gen-e46cd935e22dcbb21e8a802f714a28f91ffd53351655f28c1df0b418d6d535b5
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/HEUR-Trojan.Win32.RRAT.gen-e54384fe872d30bf574d7b80311ce1c6d9f86a8db7b6e47cbd03069eea1bdd61
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan-Banker.Win32.Gozi.igc-59fc347dac3dd1c78d62393589818b5417ca041d697d155040988b14562bc797
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections

  • bazaar.2020.02/Trojan-Spy.MSIL.KeyLogger.jld-57a9e199176b14c33f65ff74e8a9c858beef84d247c29d925d87c6e8313b9e92
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan-Spy.MSIL.KeyLogger.jld-5f660bdf5435c4fb1ad9f4aafbb7b38def8ca93dfed281e9b029d4d036e6946d
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Agent.foww-127e69ed4de5d98d060b70789551d2967c1ebbb895037a0fe20ff7229440ef49
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Agent.foww-32d915040990164c6dff0ddcc5e7cf4258d90f9e425e6058e5a771e084b73bdb
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Agent.foww-35826857f7763122fb380c1392f2d0fb820ec28c1f16e858b3846b9f681525af
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Agent.foww-588eb55b57e118fbee66a6d0586de453ea4e0ae1a781c73e1bbe10e8e24641fc
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Agent.foww-5b441845c2a6dd856d00a56b6dc812a13da0fee80a10e55ed7afd103914e6513
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Agent.foww-5eb26eb056480f6083f7565a572b2dd6ebc992a99d8220dbf0d736c7b4a12077
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Agent.foww-7431f9ba6aec04eac9673c804378df129f167a06927649ec7aca9872fb15f14b
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Agent.foww-78ddd7ee459b76b72c74a996678b97f3c215f5627dde3d49afed389867d853f7
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Agent.foww-7d016ad09b5362b12283b52164529321914d6e2d26dfdb011e5bf39d67855b3e
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Agent.foww-a53732f6b49c8d9b99b7bdad38c3255f7ea944e14b86c8f674dd3187c74e808e
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Agent.foww-a5a95cd39484fabee1551b0daeb1a3c3fc94c610fe2020e2f714f366ef1430aa
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Agent.foww-ac9e09f103268fe05d4f463f8d192e7ff220ee1428258063b4f2f26c531ec57d
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Agent.foww-c0cd9c51c4fc4f7805d5d2e5e08e3701c2214ab9ee25a239b2ab3c7af0c8e797
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Agent.foww-c4682163181637eb17e174cc795eba8b094f6d6c76a60b14cdfa38ae7471c768
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Agent.fpar-0737463d0ed8addd2c9adf17c3289e48ea012750b5f826da5b33da8408341e3c
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Agent.fpar-86c8896067480a260f931692b6f2223d603415a0708e8d16cc5ead90f9b22ba3
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Agent.fpar-aea3597f24009ec7a5212edf353080643e43839f2a5e6933c456c8d3aa147da5
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Agent.fpar-b603ac369d000ccf2c33d13a62af4e02a41ee021ff787427505b83a86460c047
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Agent.fpar-c4e48bc0716a6eafda6fc596fc5a38a201071d76551ebb14921c6b38adf8deba
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Agent.fpar-cc559587825877b40a955baeea22039cbc35813ee00e139fa6a3c90b7355283a
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Agent.fpar-d44670b7dede4487ecc7d4a61f28a0462591fac8d303aa36b8b376001c79111d
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Agent.fpar-d8c2b06570a0c86994d2ddf5b0e98d69365d9541ff262a03f4c1271d2def4cff
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Agent.fpar-e039762eca5db26ade1a4e3483916193ebbd335b5760c54a2b2243877f41ed73
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Disfa.bop-18c601f2c857a8fc639396cc131bde47b16c0bca95ea7f2ca78f7020adc77b8b
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Disfa.bop-2d373452dedac769b8f2ef99985f0c1fd21f4a5d45f45b9e301196da80223ec4
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Disfa.bop-7eac3dab8df1f347802cbb863cb525b4c00e2b6d5488b409969967bb2baac695
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Disfa.bop-afc68f8b78045786888471eb198cccacfff9fb5b6e39f7ca585222d60d52ff9d
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Disfa.bop-c3e9e467dc54d54f8794d49cb9f5daf9aa7371121c7e5411eabc4061d7555094
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Disfa.bop-f489cba00e6d7bc606ea137f639ac40baca8871474066bec0a839fae75de4eaf
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Disfa.bop-fe30c3e3acd5449124af4d0f78bd33a4e6a35d4240d9c7ad8dea1a1332e1312d
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Disfa.bqd-a88edeb377205df24d69e4215b7d48f251231fdca07763cb498b9b0107629eca
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Disfa.bqd-bb42676345c8aed263ed1e32c7ce22c5e6a9838a92c21d376e39356db0dbd940
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Disfa.bqd-f710f839c4211f980cb6f2c2ba51e28eda20891810e5a57ac395bf467ff6fedf
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Disfa.bqd-fbfea1db4497202597c91cfda1d44136e85ca74fbf780baab2f1b1520c724cd8
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Disfa.bqg-931238083c5373a7b48f5d06916e4832af77af36a0b6569f9750511d509dc490
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Disfa.bqg-ae9ba2145b99bca3d87d444a47246a5bcd426993c74733faf4892d20e195d6b0
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Disfa.bqg-b3a4d7c4c5b4a03a8a11dc9f6bb313a4c6da0040f2e45a48dc76ebc3f12d7842
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Disfa.bqh-0dfca39c7ebcca00525b6d29fb720a32396a12716322609498528bdcf91d8715
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Disfa.bqh-6ec3febd674513a33ed7c68a64fd8b02b0436a96f79b69821faad1334025937d
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Disfa.bqh-7b864591a77a15197d9f25ed3e625b50576ffc061f2849ac6fcc245d296b7357
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Disfa.bqo-8b635dcdeacc541a398e5862d13ea54004302b8c06b63a2db0ddc7c6528e804f
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.MSIL.Disfa.bqo-971e4b2879189d8d1f19a1d5874dd6f571651aa02ed7cf7d97f2c0b43fa6b6c2
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.Win32.Agentb.jiad-1e0cc4051f5ea6cb75b0df551bc5be60abc54ca51cd1611dc760aa245a0055dd
    .exe windows:5 windows x86 arch:x86

    b76aafdc988ade2ab3db3b02fa4c6d00


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.Win32.Agentb.jiad-8aa2c9406939c8c158483b7607b68846a87b1ee8fba9301d11aa812429516db5
    .exe windows:5 windows x86 arch:x86

    68c4b266e54af6d380eaae4a078f6aa5


    Headers

    Imports

    Sections

  • bazaar.2020.02/Trojan.Win32.Bublik.elhu-3ba8a562f78af7776675f128f12777144fc3c73a471d8efb1950728179bb72d9
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections