Overview

overview

7

Static

static

3

windhawk_setup.exe

windows11-21h2-x64

7

Compiler/i...ing.js

windows11-21h2-x64

3

Compiler/i...iew.js

windows11-21h2-x64

3

Compiler/i...ion.js

windows11-21h2-x64

3

Compiler/i...ons.js

windows11-21h2-x64

3

Compiler/i...ice.js

windows11-21h2-x64

3

Compiler/i...der.js

windows11-21h2-x64

3

Compiler/i...der.js

windows11-21h2-x64

3

Compiler/i...und.js

windows11-21h2-x64

3

Compiler/i...der.js

windows11-21h2-x64

3

Compiler/i...ing.js

windows11-21h2-x64

3

Compiler/i...der.js

windows11-21h2-x64

3

Compiler/i...der.js

windows11-21h2-x64

3

Compiler/i...ent.js

windows11-21h2-x64

3

Compiler/i...ore.js

windows11-21h2-x64

3

Compiler/i...ore.js

windows11-21h2-x64

3

Compiler/i...get.js

windows11-21h2-x64

3

Compiler/i...und.js

windows11-21h2-x64

3

Compiler/i...ion.js

windows11-21h2-x64

3

Compiler/i...hic.js

windows11-21h2-x64

3

Compiler/i...een.js

windows11-21h2-x64

3

Compiler/i...der.js

windows11-21h2-x64

3

Compiler/i...nts.js

windows11-21h2-x64

3

Compiler/i...hic.js

windows11-21h2-x64

3

Compiler/i...ace.js

windows11-21h2-x64

3

Compiler/i...tes.js

windows11-21h2-x64

3

Compiler/i...ore.js

windows11-21h2-x64

3

Compiler/i...ent.js

windows11-21h2-x64

3

Compiler/i...ces.js

windows11-21h2-x64

3

Compiler/i...ore.js

windows11-21h2-x64

3

Compiler/i...ure.js

windows11-21h2-x64

3

Compiler/i...D11.js

windows11-21h2-x64

3

Resubmissions

05/10/2024, 17:22

241005-vx29ssseke 7

05/10/2024, 17:21

241005-vw7g5axfkn 4

Sharing

Copy URL
Twitter E-mail

General

  • Target

    windhawk_setup.exe

  • Size

    10.0MB

  • Sample

    241005-vx29ssseke

  • MD5

    d634fcd62241a93efd88315091cced44

  • SHA1

    f1baad89da31bf3f63d07e9cb1517e371101dde1

  • SHA256

    e60928dee71b11866a826bc474a72b928327d1378ea80319819217cebcd53b2a

  • SHA512

    93d37c89215f5123168d2d16dc74da5a36375d914201562b2701783f82bb50c4488f2a1330d7567fdc734db1089f87369b61e86188401c55e8c4fbc4bdaaff70

  • SSDEEP

    196608:A3rzSJQkbeHufi8QhiNArredu5VODUqad9jDxrawNZFOu3U3V2:AbzkQGeHeQhqureM5MDBG9fIOdE30

Score
7/10
discoveryexecution

Malware Config

Targets

    • Target

      windhawk_setup.exe

    • Size

      10.0MB

    • MD5

      d634fcd62241a93efd88315091cced44

    • SHA1

      f1baad89da31bf3f63d07e9cb1517e371101dde1

    • SHA256

      e60928dee71b11866a826bc474a72b928327d1378ea80319819217cebcd53b2a

    • SHA512

      93d37c89215f5123168d2d16dc74da5a36375d914201562b2701783f82bb50c4488f2a1330d7567fdc734db1089f87369b61e86188401c55e8c4fbc4bdaaff70

    • SSDEEP

      196608:A3rzSJQkbeHufi8QhiNArredu5VODUqad9jDxrawNZFOu3U3V2:AbzkQGeHeQhqureM5MDBG9fIOdE30

    Score
    7/10
    discoveryexecution

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

      execution

    • Legitimate hosting services abused for malware hosting/C2

    • Network Share Discovery

      Attempt to gather information on host network.

      discovery
    behavioral1

    • Target

      Compiler/include/wil/windowing.h

    • Size

      5KB

    • MD5

      50500cc6f9a3f6fc5477ca9d4095b895

    • SHA1

      17a809db26521fb8c2820c99783724f7ba01cf03

    • SHA256

      b258160a85d05c9a55d9cb47e02885da936acf119eb01d4cdef7408613acb0af

    • SHA512

      4c797cc76e78ead03ed676f757801e86c5c00f2308083245ef8ac64605bcc3591bcb53285a43830ddaa975bb6792358f890902e99c49172e4f9e73703e75d2ed

    • SSDEEP

      48:0C8QHFs0LtBCis4oBnkwE6HObkRTzMfLYoJnUwQ/5PBFjxZ4Ux5+PBad49mB2eRB:0C8QH3BF9oBbxBzdoJLQhz/Uce6noBG

    Score
    3/10
    execution
    behavioral2

    • Target

      Compiler/include/winrt/Windows.AI.MachineLearning.Preview.h

    • Size

      42KB

    • MD5

      fdc1f32f7ea84222951051749d399cbd

    • SHA1

      d17293f1f81c41da1b30d195c19b728e86bab526

    • SHA256

      6bf4f87207ef75bc63f724dcd95aa10c4a9cbac6be75f11d7f1bcd74e5ff99a1

    • SHA512

      5f0a3e85eeaef3c65015e44c9d8aefb20866eb5302d9d0c76c12695264b82aea337df028f6ee3f893215a6db2513ed92948a3764ac889ccfc57302f4caf39ac1

    • SSDEEP

      384:W34O46EezFt4Tut2UUtUftiXtwtDtstdns5rrd:W34O46Eez34Tu2UYUFCMxwdns5rrd

    Score
    3/10
    execution
    behavioral3

    • Target

      Compiler/include/winrt/Windows.ApplicationModel.Activation.h

    • Size

      102KB

    • MD5

      83e79ede42a738b318d8d66ee8ffe46d

    • SHA1

      f07d1ce4c24cb59c7c353b4ffa38827971501fe5

    • SHA256

      4800a3bfcd8e94d79cb96e0b5dfb4b11fef095cb1c11759351f80fe70167d970

    • SHA512

      bb71c397caf18993baba9eb9208e96696edf2beb9d6bf5505e6ba43de2bc4593391d98beb8fd6966487ba669d7d67358271e587ff5ad9ad5ef5ddc8d3d219844

    • SSDEEP

      384:fliGk0XUMm4cqHrnf2o1tlp1m+votezyBWLOW0TW+Og8WLnnFBsdxLEpsLbrbhTf:fMNGbv1LfPOsdisXYGKQ

    Score
    3/10
    execution
    behavioral4

    • Target

      Compiler/include/winrt/Windows.ApplicationModel.AppExtensions.h

    • Size

      34KB

    • MD5

      b0b456327647a56244d3479b76ce87d7

    • SHA1

      85e6037bd942b9310c1d9436170e504b8f70a1ae

    • SHA256

      4e79fd0849dab98839cb29efa8c5ca6e665a97316edd63dce54db08d13b564e2

    • SHA512

      e91aabd699c82b7e00c3abecca300f73d70123fdc8f79aca606e9f365e6570f70bafc590e0f8c56b45d98bf670e7a720de2374b4853291a1074da22790fbaac9

    • SSDEEP

      384:uEutgtStD51OSLFa/6yN1mNngbeLbK65R2tGKD5PlhMChSVNcVDNcRWtrWteWt/0:ScaDrvpc7/ug6HbTezdPYwzKVA97

    Score
    3/10
    execution
    behavioral5

    • Target

      Compiler/include/winrt/Windows.ApplicationModel.AppService.h

    • Size

      34KB

    • MD5

      4632b32789a4d249cbd9cd207199b340

    • SHA1

      b6fc75ffa085d62f9b06e8d879fe366541fd6591

    • SHA256

      4c573586a0a59d7b76a2b2a53c7d894bc53f63f456f18d7683fec209438902c7

    • SHA512

      3274562b2cb6db4c02bf5cffb41ba7da262b3c91dae62f7c0621d26473726ca949e7c0ff7d1d20552f99d9f9fb443cc411d3efd024183e8e345f8e793b8a06e4

    • SSDEEP

      768:ghnAPYLPcrq+KZWdDOTtLMjqAaRPqEVrWsOTWp:w

    Score
    3/10
    execution
    behavioral6

    • Target

      Compiler/include/winrt/Windows.ApplicationModel.Appointments.AppointmentsProvider.h

    • Size

      23KB

    • MD5

      b7e4d8355860f9c2168b62aea45930db

    • SHA1

      74b0e27810948b19924cfb3d0cd8970b3201bcc9

    • SHA256

      013f72c74320546659f59bb03f65a59ae272353abbf6f11f3e3cc9b0e1f2afd3

    • SHA512

      1e23298d21129d1452756e03ee2786a9f6a42f6fb2db3c2f5c971d6a57a5641d8c0e72d1e0b60261ca996adb077ce93efba7d37b843306275294d69c233ce6e2

    • SSDEEP

      384:B7S9FJDAkmKoKvHOY3zIJYzrJezIJOz4zXzpz8/Om:QBZhHgz4zXzpz8/l

    Score
    3/10
    execution
    behavioral7

    • Target

      Compiler/include/winrt/Windows.ApplicationModel.Appointments.DataProvider.h

    • Size

      72KB

    • MD5

      615ee5a02d7b9d6abdc4b882b92f42dd

    • SHA1

      58a5752b443d4e64e18a48b4a98f1182d10fb678

    • SHA256

      792ce3d93f05907510f9da32142eb01533e54e21e7dceed3401a2b627d993660

    • SHA512

      d5ea42ae39c00e550320be775178a934b88c7f9c7de2de1bacb799c321afac190e12da449371ce1beabee517a5169733a3c8e4e802a37e43e107dcef8422451c

    • SSDEEP

      768:PlHsBWvwek8LJYvQlh51o+ZqoQUz1AuPhmQ3n55nCEifQ3m8PgmD2KHSs22JHdd6:7JJnc7D

    Score
    3/10
    execution
    behavioral8

    • Target

      Compiler/include/winrt/Windows.ApplicationModel.Calls.Background.h

    • Size

      19KB

    • MD5

      349df77e9f53f36872698ec27d287efc

    • SHA1

      26d79ae234bfb6e7f608fa21e6972d2262eb6b29

    • SHA256

      7557d70fef604255b0a2ef16fcfc6dd40fd98635f6b11d33f7889827353bc31f

    • SHA512

      ad9a7b1641c6dec017cf1d64b4e6dc7c583028c7128be83ea2d82169b82ca07578329c2ec688df4413aa26e306d5b6b0d9fca5574cc8d199c5687170ce0e15ab

    • SSDEEP

      192:p6Jntin1A8EcE0EGaqD6k6fda9Zara/K/0aTazZaZataBavaEatZazapZa3aAa5W:mkyaQDZW

    Score
    3/10
    execution
    behavioral9

    • Target

      Compiler/include/winrt/Windows.ApplicationModel.Calls.Provider.h

    • Size

      15KB

    • MD5

      18bdd6cf9b80b1158451429781de84bd

    • SHA1

      e25842d46afc6c573b61567a00336cd7aa4fc51d

    • SHA256

      e0db747d5d3164b4e12b8f1eeaf14ba38043139207057ff3630c0b833b89bfef

    • SHA512

      ca1c83451598a991d87be0d05bef386dd9eca6dca9a3ad59454dd38b647dc30fa64fa613ac352533996d897b9f2b86cc90413b12728be1410329732c44217964

    • SSDEEP

      192:hCLxgEvkDgnSvHDg+vADgtSv9DgBvLDgWSvuDg5vNDgOSvyDgRvrDgpSv+DgvvTM:+EJAb6KYpRqcmhmCYeCI1QJu

    Score
    3/10
    execution
    behavioral10

    • Target

      Compiler/include/winrt/Windows.ApplicationModel.CommunicationBlocking.h

    • Size

      12KB

    • MD5

      7c6f390d5b1c8d97a0df8bd5b7630984

    • SHA1

      4818df82719d72941c3125e34470a03dcc1c9420

    • SHA256

      4ad3be531007415956f261cd97fcbe6403d81286f7a8c0ae1708a97a3af1971e

    • SHA512

      3948fafee999355fa0cea22f64c3f9482c2772df9e0ffe3575d8d2a826bf33df33ca7610bbe8e7f17b8f6f9e99592af35bb0451fe974d7f5073858d94316a5c6

    • SSDEEP

      192:ZcNrl5RzoRgo6xlTh3cavkFa7a3aIaca1asaFJaXfUHN0f7k3j53mofVnfqWw5pJ:eLRURpwf3f+043t3xfNfvwLwQaZ2

    Score
    3/10
    execution
    behavioral11

    • Target

      Compiler/include/winrt/Windows.ApplicationModel.Contacts.DataProvider.h

    • Size

      39KB

    • MD5

      d9daa0d3f76c61de2627d88489449157

    • SHA1

      8061dfe11f6705f0d33b617b30c51d879fdb9e35

    • SHA256

      f3a8506aff4a9dfab04a00f34109de8f7a8e8433db14d4b4ce4d87901c51b9f3

    • SHA512

      96de6ca58033ebb6b96c5ae4c131bd686478f1fc7d62f47e732dffa3e0171837cccbabd45c99d981c758fcc457c09a9615c9e4a6074f89857cf272d7cf1636b2

    • SSDEEP

      192:tgi9UCkxZpv4vULkxZUOvUhevLvUGkxFpv0vU/kxFKavUdevBvULvtvUXkxmpv5y:gyUhXCKJu5bFw+WpntBt

    Score
    3/10
    execution
    behavioral12

    • Target

      Compiler/include/winrt/Windows.ApplicationModel.Contacts.Provider.h

    • Size

      10KB

    • MD5

      8442865c2db52e3e45992a1464213e49

    • SHA1

      8fef37e62a0e7c9a6c156bbd6ee52fcc79c5819b

    • SHA256

      ec22a156a62331ac4598e04e908c5349dbc4f07fc0a5eb3b431d5e129950c693

    • SHA512

      b041b32d0f5bfb83a1b0989b46757e062a5953492b037563b8d93b41bf8ca2c9bc9f2a4619e922b1dc49708cd23ba124cfcedfe7b83297b222d24e6da39c1333

    • SSDEEP

      192:94ithOMVONnsQJn1MgonmZns/n9/Vp4nS/VHnyuXnKMVOknWanhQYPrXaXaLazaG:dOwQ85S3r

    Score
    3/10
    execution
    behavioral13

    • Target

      Compiler/include/winrt/Windows.ApplicationModel.ConversationalAgent.h

    • Size

      124KB

    • MD5

      86ca0b245e08afca82e80bd071b0005d

    • SHA1

      7b6e11678544e93ef79c3a28cf9d281d45d69a55

    • SHA256

      4cdf0426064c8a0f75394c60d12236d7983b393090e79fb295ad02226b6b18ac

    • SHA512

      65fe7eaaed6c705571a2b0450f2c69d7912babab6f446e32463e4ad0901dacea5b2b06229e30a59e8c017abebc970ae1f2b32ca42ee29b1539bd42e4b241b4fa

    • SSDEEP

      768:z/oYsKsSW1V11ksfsUXzbUNl+5l+dAlFloulTl2HC1l+dll+TlLSlIXmEAl4Vw7S:RjFlLm

    Score
    3/10
    execution
    behavioral14

    • Target

      Compiler/include/winrt/Windows.ApplicationModel.Core.h

    • Size

      72KB

    • MD5

      4faf06b59cbac544008934a53eb87aaa

    • SHA1

      596c69882ba6be9d4bc7be5c0f332d75da6c9014

    • SHA256

      a589bcc496b952154fc2618f9b6e9eb1412e4e9ae38028a3a6bfe92413748ff6

    • SHA512

      5abc54113bbb4fdc5bc4dfd5181931fea70c89131667f4f7468d30b3e88c3146b7fcdc52203f3032effa55918fe8492966fd5e239904ffccc3c227c60fb6a385

    • SSDEEP

      768:ipOJxwtm3uxKsCtDFSGP6XyxSrTgZ+ZhZD/pjpkKTXfcqcrWFq/Rym3fgW731cFJ:ETXfSuq5ymPtp1jiRF7/mm

    Score
    3/10
    execution
    behavioral15

    • Target

      Compiler/include/winrt/Windows.ApplicationModel.DataTransfer.DragDrop.Core.h

    • Size

      35KB

    • MD5

      77642bbf8f1a194b66bac7c3eca49c8d

    • SHA1

      e9ebe99949f1228c81397cb3430e9b0021efa962

    • SHA256

      dfabfdfe0efbe4d75794fcf8833f79a5b2c5c2ef3ed1cd8d261f0681995123e4

    • SHA512

      805f89b84a7ede25960009ebe4a2a62853030348701601b5578d64e1e034ab39d9448c4d8101820d36db556e48dd527b421d170fe105eb9c18cbcc89236c4f1a

    • SSDEEP

      768:UTf5IG8Qn6xnqQA/ONIOPPlssOnWhqu8iQ:UVp

    Score
    3/10
    execution
    behavioral16

    • Target

      Compiler/include/winrt/Windows.ApplicationModel.DataTransfer.ShareTarget.h

    • Size

      15KB

    • MD5

      ad777fa970f774a549b1d5a5184b5a52

    • SHA1

      e0bab7a1f00b8f4e90c003b4251e0fb9c69f8be3

    • SHA256

      7ed353e383e8168557935302f1da5c6512e4fd9f8a7e94af10114467e7760fe0

    • SHA512

      4b5ea59fc11202c08c49704128f89c4f69ff2214b389b5ec6a618655079e00b5e64f31aaad5106662b17498176359f2e0d137a8bdaa6f9a2848ed9b72b0b6f71

    • SSDEEP

      192:n6SImPqMZzrT5qSmkUyXm5hU3aVaY4aTfaDa3aoasaSPa/aoa0aqaGala8avaIaF:n5v1tsYRc

    Score
    3/10
    execution
    behavioral17

    • Target

      Compiler/include/winrt/Windows.ApplicationModel.ExtendedExecution.Foreground.h

    • Size

      9KB

    • MD5

      7a5b0a74ab4d2779026e19c024153e5e

    • SHA1

      ce1d679d64e4af29d014d1cb59a42c0bcf1e738e

    • SHA256

      df4644c2a0fd493482fae6923705fe227c61492b8a6e5de0b337ea0c7902e43e

    • SHA512

      f526625fa376ceb5013d1ab6d4dc6ec4d185020c749f119469c3992bb3e1ba6d365b8393809691df77b65e668754ce883625e57d6bc9b2e8a4e77b924d9c3ae2

    • SSDEEP

      192:xzNi2o+7CRWX7FRKuL74UTetcuYbbj6BaZaZa3RoHaceQL2Wtcasava2QcXzf:xzNq+CRWrFRKuf4Uitybj6+Ro5eLWtlb

    Score
    3/10
    execution
    behavioral18

    • Target

      Compiler/include/winrt/Windows.ApplicationModel.ExtendedExecution.h

    • Size

      9KB

    • MD5

      e35a173eeb3685c52d5fe0a86dcf56db

    • SHA1

      c819c9c5c328d186b6e0c6c73489d1936c7959b3

    • SHA256

      bcac4d97997d4c338c0ebcf83e95ff89f77ee93b2cab5b0b338314ebe74ba03b

    • SHA512

      435a576ce792de54ca489d9dce76844ba8eb772677314783e8eb00096c4cc6a34366fcff5b612617f7db603db54a6a2ccbe87a30adf70ddd6a0f9b67027b3c89

    • SSDEEP

      192:5+ldiPTPB9+PvPPWPZ/9PZ7lPIwRyXPI3RKuLPI4sTPZtL7IBasaNanaZaXLjnaE:5+ldADX0HP8vDIwRy/I3RKuLI4sDZtLe

    Score
    3/10
    execution
    behavioral19

    • Target

      Compiler/include/winrt/Windows.ApplicationModel.Holographic.h

    • Size

      6KB

    • MD5

      4b91b44215278cf33306201e1e8c6a5f

    • SHA1

      d469f8a4c8f8769ac237ff1e5643063a7dbd7c02

    • SHA256

      f2b8391f0ae95f695588d7dfeceef085508e88ae334d1c8fabeb8c5e3e3bfe4d

    • SHA512

      10a36e810e2bfebe743f455cbe968014b6888b70a69640fa04b4e945995553e5c34dca123df8b095a1f5e0d024b219eb8dc5e4cb501d8480d0bc52c43b414233

    • SSDEEP

      96:rmDtm+shKRwnUwshKRwVDEmaTmOcCRwuaMRJ7+oasauazQ/5O:IaKanUwaKa6jTFJGuaM/XasauazQw

    Score
    3/10
    execution
    behavioral20

    • Target

      Compiler/include/winrt/Windows.ApplicationModel.LockScreen.h

    • Size

      23KB

    • MD5

      f057ba2f13f8af98dd3c6ac90a2d1a73

    • SHA1

      37e6e91e44d73061c38a1d073c2d8e2b90a02d15

    • SHA256

      7c60b7c8378341d577db1a0ecdca9d6d773d721b3981a4c33c0176204d4de12a

    • SHA512

      f3dc1571c41cdc489a798c907ba34e18ef90d48aaaf9be43cf43eba007f0a38a1d2caebb344af7e57e2242013f7ef9dc3522afbccecc305d17111bd25cef1a34

    • SSDEEP

      192:FkwRVTmRfbvKQGJKYt7XUlCQ1xPc9AezdFiZyQlf/8Fd8WYaxa45a/aZaWa/auaT:6qtmwL96JD+PBcXLUb

    Score
    3/10
    execution
    behavioral21

    • Target

      Compiler/include/winrt/Windows.ApplicationModel.Payments.Provider.h

    • Size

      18KB

    • MD5

      515d0e938e3d65271fd2d7b8831f1ba7

    • SHA1

      0d4f201b26f7911b6e423abb0d63d8f4bbf7c300

    • SHA256

      8ad4525351feaaba9df0da127dd5b3e9087775e22e2c5b7baf1a53277aa62749

    • SHA512

      565030622820f5a02925239227d6e5bf36d0b72d0897f9916e24c33d5da5d918859eeafa17462009052db75e855acbe8e232586068e28471dabe5f936218778f

    • SSDEEP

      384:cTjHR3xBXEWqQ5JgB3r7t/qjt/DYtd6An6t0t6tTtStebO6F:cTjHR3xBXEWqQ5JgB3rJ/qR/DUd6AniJ

    Score
    3/10
    execution
    behavioral22

    • Target

      Compiler/include/winrt/Windows.ApplicationModel.Payments.h

    • Size

      124KB

    • MD5

      e1f54d244b47923e43106e06903a782c

    • SHA1

      c54714a52a08d0c1b0a7eac87494b48312e4407b

    • SHA256

      56249e701cfe869017b2d1aeb85365c4d512055de3afc646396119f783c373aa

    • SHA512

      ccc23aac4ee88dc94e4ef0742de252955a9396d5fa1f3b96e35a223cdd2d4bbd05a429a98f68c4233fe4bbc881d9f27dbcf6106f65c04228665e0820cf2b5483

    • SSDEEP

      768:Wp/BXs3Y+92M/5v7ZvHvvOSqo0zXU3K3Xs3XzwdU+6n5lfWsI/0EH85GR8xvWTh2:xhGsd85e

    Score
    3/10
    execution
    behavioral23

    • Target

      Compiler/include/winrt/Windows.ApplicationModel.Preview.Holographic.h

    • Size

      9KB

    • MD5

      7961f651f5c756639f100cfd8e69b9c6

    • SHA1

      87728fe9482b58e3e83cc52fb7207d43b472ea8f

    • SHA256

      024a1a40601078bd43ee638e9a2787b31f3c59e7102eda38e999b207f653356d

    • SHA512

      a976628033eb3ee2bc3110e04cce8b2e39fe0937ac804673e0be57886e8da0da5198cae7158b726ef025a8661c9259d7c0ce151c3912bd93ae9734ed54dd36a9

    • SSDEEP

      192:SGj+6EUaKt8QzUaKt8i0gIC5aPokeWa98FqaMVrasaxa0pYLj+UQKz7f:LBaKt8QQaKt8i0a8FOV+p2/57f

    Score
    3/10
    execution
    behavioral24

    • Target

      Compiler/include/winrt/Windows.ApplicationModel.Preview.InkWorkspace.h

    • Size

      4KB

    • MD5

      d025e59bc0b2f2e8aa1fd18328f1eafb

    • SHA1

      e4644b885a16fd17f28dc49e25f66150257c85aa

    • SHA256

      18fefbdce7aa2d3ffecce5dfdc0decbd811c6f69363d6bb481ae5a7e21d67d19

    • SHA512

      d39ca7b8b7893d51c9d3c1050960f677bef4af72eefe06a29524707b8beb32dbd87a05a300169dfa407c56c847934134a1d9c050c8bef5c6d2cf4cbeb3dc6955

    • SSDEEP

      48:qnPutmDtmn1QfGIRYjM+HNJakHCdQaz3m5gw54wncKNKx:TmDtm1QfzutNJaUCdQaTm5gw54w1O

    Score
    3/10
    execution
    behavioral25

    • Target

      Compiler/include/winrt/Windows.ApplicationModel.Preview.Notes.h

    • Size

      25KB

    • MD5

      ea87775c2a23a142203995346a185d20

    • SHA1

      537565d9eb0fc0d0e0afe7a8c81caf84e75be1b5

    • SHA256

      65143d041ab1ad5b7c1e0fdc97c69817f8565f546d9fdab4c529fda9961e1fac

    • SHA512

      c7008716facf60eb437c50aab6b9f387b3d048d651e0708a5d27da4aa87617120f2c7b10ed5fe9b2e579477f8fb2a7619ed022a3a6b88de4548be56c5c0f6940

    • SSDEEP

      384:MOoID+DSzFuFiKSySDEvTU+/4IWEfrMDI:MOoID+DSzFuFiKSySDEvTU+AIWEfrMDI

    Score
    3/10
    execution
    behavioral26

    • Target

      Compiler/include/winrt/Windows.ApplicationModel.Resources.Core.h

    • Size

      49KB

    • MD5

      f8cce9f5c58f88a8a3c77fb5704cfb82

    • SHA1

      a991a342c5fd18d65e2f92ac22de9c787c3f5c34

    • SHA256

      b98c8996f87f8a3e4b8879b61908e61185b32723f8f55f1485bd4310f658944f

    • SHA512

      85188b01bfc6d76973df8180b72de5d4cbc49137dd8497a4cd5693477cbdd80d692a06b614ed656e2c38bbfe6785da58ab1339462f021151d29743626721f52e

    • SSDEEP

      768:3KRNiJl1A2pHYp+mCXx7Gs8z4ks8zzR3mlf3Gk/SzEW9z+Woz2RViT/8gp1s89WN:WU2V

    Score
    3/10
    execution
    behavioral27

    • Target

      Compiler/include/winrt/Windows.ApplicationModel.Resources.Management.h

    • Size

      14KB

    • MD5

      b9a6395895ab1b1ca839f40d480bf528

    • SHA1

      ae20573e45ce1f9a1a79d2b1da039efe19b325e9

    • SHA256

      af892dd89c11f62aa8d5f8c20b26f7f925455d2562a2fa00a17b2ab351d78fa0

    • SHA512

      1111d86bcf31dd076e9df51c7f0ef7b093cd526f533ac29b8b2d591780ab38f713a538b3acc4a5b64f136e177659e77cbcf8ffa2f1a01a3f5a664e325d6da3f0

    • SSDEEP

      192:Jhtde4khBBa9sqR8m28Rt7l8NO868AxayDalana5Z/aNazabaqwha0WtUdaakpar:s5QRt+dnkAWtUuftAnEQ

    Score
    3/10
    execution
    behavioral28

    • Target

      Compiler/include/winrt/Windows.ApplicationModel.Resources.h

    • Size

      14KB

    • MD5

      217379b1b868648725d73e4458561955

    • SHA1

      13348effadad768fd3bfbcd7f57dbe9e38378224

    • SHA256

      65b152244583c54174931d5852a975f79b5c0416cc15dab2160e3aea7fd365ee

    • SHA512

      bd7f76047d4b6542a6b35a305d2be42992fb1ae28c8c6ad3f25169bbecc815a18b6707eda0b2472d87a087d94acf485585d87a88a9962d7db51e0d9aaf46c1e2

    • SSDEEP

      384:UZg6CuhhtfzNfkIAHpzMDA99Prt6n+2xDR25Dhb7oFe:UZg6CuhhtfzNfkIAHpzMDA99Prt6n+2y

    Score
    3/10
    execution
    behavioral29

    • Target

      Compiler/include/winrt/Windows.ApplicationModel.Search.Core.h

    • Size

      23KB

    • MD5

      b676725ccb18f78baaa43e6e3e5982c9

    • SHA1

      d6912164a8fbbd12add5873b717f0a5980269bc8

    • SHA256

      87614fe95d5c3cc2b9e74bc562a3bbf8967c34709d8d6bbe48a70dbb511ca15e

    • SHA512

      d474e8d64d66f7205bfdf4521d1e9bf44f1bceae385f1e9a8708b270f7edfb27175fe8b0ef773273247b0dccb31812534c70dac540e8d814dd43521af046afa1

    • SSDEEP

      192:Mcm8V0SwgXZOf666R+66RPomsMsR46MurhuuL1qX13r5WcCQuuaXa3avaGafa9aA:78CVR8RP6xRF9ukQlbZCVv

    Score
    3/10
    execution
    behavioral30

    • Target

      Compiler/include/winrt/Windows.Graphics.Capture.h

    • Size

      31KB

    • MD5

      448f573934370d4620e1cccb78d7a720

    • SHA1

      84f8a856191b7381cd7e7ae1a1c23bc87b0d5071

    • SHA256

      41f54d873bb3e06a8f0ae21dc973dd3c066befd542786b52382fb7a0f8bcc30a

    • SHA512

      9ac9aa759cc02019af7994f212ac5c3022797c73811d8efa5697d8db609388c40c3e2bfcd219d96ea5beaf55cd1f77d48cab0037a61b6292252bece540fcdd73

    • SSDEEP

      768:wLUUVI2tLUyLUkzixuBOgnj4i+BLUtjLUHxxpHOEUMmRscS:Z8q

    Score
    3/10
    execution
    behavioral31

    • Target

      Compiler/include/winrt/Windows.Graphics.DirectX.Direct3D11.h

    • Size

      3KB

    • MD5

      676509d8626ae46329dca33f602cd1b3

    • SHA1

      a7ff76d7fb21814a154d6193f07eb0881291d1e9

    • SHA256

      421e35388c00f88eaa9676d1a7a7c64c8e93e8f7696aab46543183f6a8c3c38b

    • SHA512

      63aa019eab423c7223dd80f99247cd77b25bfec6fb6f7d001e6aca32d2a0f8c535cf293e7228a61dcb2e96ed445fabb8d6d442396064f2a883a44a28904cecf0

    Score
    3/10
    execution
    behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

discoveryexecution
Score
7/10

behavioral2

execution
Score
3/10

behavioral3

execution
Score
3/10

behavioral4

execution
Score
3/10

behavioral5

execution
Score
3/10

behavioral6

execution
Score
3/10

behavioral7

execution
Score
3/10

behavioral8

execution
Score
3/10

behavioral9

execution
Score
3/10

behavioral10

execution
Score
3/10

behavioral11

execution
Score
3/10

behavioral12

execution
Score
3/10

behavioral13

execution
Score
3/10

behavioral14

execution
Score
3/10

behavioral15

execution
Score
3/10

behavioral16

execution
Score
3/10

behavioral17

execution
Score
3/10

behavioral18

execution
Score
3/10

behavioral19

execution
Score
3/10

behavioral20

execution
Score
3/10

behavioral21

execution
Score
3/10

behavioral22

execution
Score
3/10

behavioral23

execution
Score
3/10

behavioral24

execution
Score
3/10

behavioral25

execution
Score
3/10

behavioral26

execution
Score
3/10

behavioral27

execution
Score
3/10

behavioral28

execution
Score
3/10

behavioral29

execution
Score
3/10

behavioral30

execution
Score
3/10

behavioral31

execution
Score
3/10

behavioral32

execution
Score
3/10