vidar

Sharing

General

Target

S0FTWARE.rar
Size

19.4MB
Sample

241012-tkkcsayeme
MD5

72bc876677a80374dc8244bd38597fd4
SHA1

4f803b343b61851fd763741af37e3690caee0770
SHA256

3c016adc1f9eb00be9e640014e53ebc9dcd01e934c8cafed54de6249ea82901d
SHA512

8ee959f2744b2be78b050632735163c059a7d8b33858622ae30a9ad80575bd2d1bfe49eb331bfdcfd3fae3234a7ed6137686db918b276165660d1d1dfd18a80c
SSDEEP

393216:uqo/qS+HNQEZ5REzqQ+YpwT7XxNFEWEyo1QaiBDaRJrtZtum8gWPB:uqob+HNjazqBYKHrFE/yo1Qa+e3gm8gm

Score

10^/10

Malware Config

Extracted

Family

vidar

Version

11.1

Botnet

467d1313a0fbcd97b65a6f1d261c288f

https://steamcommunity.com/profiles/76561199786602107

https://t.me/lpnjoke

Attributes

user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:130.0) Gecko/20100101 Firefox/130.0

Targets

- Target
  
  Help/en-US/credits.rtf
- Size
  
  710KB
- MD5
  
  05b931430fd173bd22900dbaa8bbff10
- SHA1
  
  af5176ee28dba4777e4ba3bd9351e5acb402b9f3
- SHA256
  
  3ce703c36dfc6282c22991519309b921ae8f5b2653561ff3f9c1617dc2d6674e
- SHA512
  
  e3fbecb7637bdcbf6045140dfd3359529d223e42ff8b03c1883b8011d9dde307f36e7cf1a4b56baa76e052314baf89a03e1f6036e9a443160db394ddd45fe55e
- SSDEEP
  
  6144:HMgRS450MZ1cMa0C6byUnw1ZD63iT/r7Dd0ypdUSKi8Sl:HMgs4CMZ1cMa0C6B2DY0T7Ddd/USKi86
Score

10^/10

vidar xmrig 467d1313a0fbcd97b65a6f1d261c288f credential_access defense_evasion discovery evasion execution miner persistence privilege_escalation spyware stealer upx
- Detect Vidar Stealer
  stealer
- Vidar
  Vidar is an infostealer based on Arkei stealer.
  stealer vidar
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Command and Scripting Interpreter: PowerShell
  Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
  execution
- Creates new service(s)
  persistence execution
- Downloads MZ/PE file
- Drops file in Drivers directory
- Stops running service(s)
  evasion execution
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
- Executes dropped EXE
- Loads dropped DLL
- Modifies file permissions
  discovery
- Unsecured Credentials: Credentials In Files
  Steal credentials from unsecured files.
  credential_access stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks for any installed AV software in registry
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Legitimate hosting services abused for malware hosting/C2
- Power Settings
  powercfg controls all configurable power system settings on a Windows system and can be abused to prevent an infected host from locking or shutting down.
  persistence
- Drops file in System32 directory
- Suspicious use of SetThreadContext
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1
- Target
  
  Help/nvcpl/nv3d.chm
- Size
  
  120KB
- MD5
  
  b5f9ed44f46dc2a2b54baf908b9b9781
- SHA1
  
  055edb27199525f84dca0adad555b5809dc70000
- SHA256
  
  53136c96a99ec7f237470db34e49742ac99427ed6f2a22045ee9c45ce390bc69
- SHA512
  
  d2a6af6df0a945e3439cdbac94ed14e1c93c3fae4a1e3cad907835abae90d0142b04c9d10a0c4a0620178f0d9f31214a45dc864241831b2a64cef371a11a66e9
- SSDEEP
  
  3072:x3VpNumKOqLlFz0PNOsD2v8CGFM0Cbzq/bRsSohL3P1:x3Pnizg9D2UC6CUbCSaR
Score

1^/10
behavioral2
- Target
  
  Help/nvcpl/nv3dara.chm
- Size
  
  166KB
- MD5
  
  c1b0257579b0d16fbe0cd2d02dbfaa75
- SHA1
  
  b9e2e3ffc55508f931a9f18021b5910edaea8228
- SHA256
  
  bde3204ce98ad07f35af5a5d77cb9bcec604ae97b90a261c731e33cd86b4ec65
- SHA512
  
  dde6f5b6df6a16362bfbce8ad5467ea26e9fca5fb73d539808902b32f9f6c69a51043fb377d142a77c7d13f4f0d023c6b4dd59a173462bcf67eccee81318f05f
- SSDEEP
  
  3072:Bu6oJv2cg2QumsY2pFkMILWKqjWLSK8L2ZyWmD0fy85IMzY:Buf9ZQuzpFkMILWKtS3qBf7FU
Score

1^/10
behavioral3
- Target
  
  Help/nvcpl/nv3ddan.chm
- Size
  
  150KB
- MD5
  
  3f5ea602a3c7df10f04607bb4036ae91
- SHA1
  
  41968743e4d80e8a1d71888dca040a26ab452ea0
- SHA256
  
  d2ecb5acf630f64891c85d796cdfc251b83604921a6057c8c747e4d0383c0cbf
- SHA512
  
  f8c57b8e8d07b5f88928cd57d07261af89f3e6ec2debf6a3d575fb113809ef31343058e750a81160b9a44ea63852f7ee1cd8d1bfac16919b059b3403086de15c
- SSDEEP
  
  3072:kpVTpx2TlTw8sFQMCv57XtzTAmOHt8/YCFPWZlfoUwUGx1fCHMM:kpV+xU8sNg7XhTYm/2VohUc6t
Score

1^/10
behavioral4
- Target
  
  Help/nvcpl/nv3ddeu.chm
- Size
  
  177KB
- MD5
  
  47a7c297543cd404c3e70086c4f8fd21
- SHA1
  
  6616b6298cbda41f896817ed40632cc605767d83
- SHA256
  
  770f86dbed72fec9ed81a0882f0fb7ef77d4880f174a03682d932c9f6215cc24
- SHA512
  
  1a76ac88571a9e0bd650d5e1d7d67d08fe10e43204b9bcf53bcae1e05894d2e96dbdc149f13c61d9df3d3211448d2810dced45b0fed72c3848089e45da5ef378
- SSDEEP
  
  3072:Bwjpf2ZQKm2WEDdvNUZxgpGb6exP5LrlBNh5DNn531iQuASoBJ7/Ob:BwjpfGQK5LhNygpGb/xP51DhlNn5YhAo
Score

1^/10
behavioral5
- Target
  
  Help/nvcpl/nv3dell.chm
- Size
  
  188KB
- MD5
  
  3b29ce38a2bf1d68b9e5f47b224fc208
- SHA1
  
  4b7181e8e31e220415b4014be9736a08394211ef
- SHA256
  
  d348907c412f241ba167d9b7455af4579816f43f61bc652fd2f948dfa4400904
- SHA512
  
  b7ae6fc5f4b2dd0b62dbd0ee18456fadc8381d62b5c152d71661113a3b4f12ae18302b9bb8e14f43301aa435621c7857a1ec4d6abc9edf1cd3a6e7ed0593be7d
- SSDEEP
  
  3072:h9TwViy3DBLpdJtSeqMZ84VT0Vodj6MBPtMStodn32knlhRoJyVrBt8KYaq:h9ELTBLpZSeHvVTqVXdndtoJwBt8jL
Score

1^/10
behavioral6
- Target
  
  Help/nvcpl/nv3deng.chm
- Size
  
  157KB
- MD5
  
  3ecd51de3a504eec21d70ccf865d43dd
- SHA1
  
  e36dc69365c8316509bde90bcd85379e088689cb
- SHA256
  
  1d80c40950a02fe124d5450f0f2a4b177a497607575b4b13eb06debf958b6cea
- SHA512
  
  7d7753c86f808440641f1d8aef255f787d23eb0af0aea886f0f8d85d994dc8a839f5df2f182e934c3508acbfa06de4a0d430df9076f141084fb1fab53f5d6490
- SSDEEP
  
  3072:TrTTUcvjPGlZ2LByOsOKYRprh/tIM10HcYLM127AbK2G51wAe:Tr8rZ3lMpRtjYLM1BLm+Ae
Score

1^/10
behavioral7
- Target
  
  Help/nvcpl/nv3desn.chm
- Size
  
  169KB
- MD5
  
  73bfe0abbe2128c47ead3c96521a9d70
- SHA1
  
  9780c4442a36f716be7b2da42068a7aa8f2d9356
- SHA256
  
  78ea2fedd3ef6b2847b59a8d98b371cf82ad728bac19c740a654d1e5b733cc43
- SHA512
  
  990b0c741a7166863fa966df7bcbc932d1e2925700e6e13f9fbf2c15cbd4d862f252c599d74074227cf6563a4e0e84a0a1475d88c8cca522aac423e420cbaaf5
- SSDEEP
  
  3072:7SBSORLxRgLh1GJr4pGODBnDkHNe7PEAGUSM8XT42wIhev7RDyZAROqtqCb:WEORLxmfKiZDFD9PsPrc2wIA9QLqtqk
Score

1^/10
behavioral8
- Target
  
  Help/nvcpl/nv3dfin.chm
- Size
  
  164KB
- MD5
  
  0efe776961d3b5d75e2f2f2054a01ec0
- SHA1
  
  46b6178eec1c2503c7563c6f8b25806327ca4c12
- SHA256
  
  cabc965762d678f14e2187bbcb109f2cc796d9a84b9f168cf49dae270136ad99
- SHA512
  
  52a6d5a6b20838611f9c1a218e2ea28c44f3fb851fcdacc5ff0e920654bf8a224be6e2671eca6603a29b6117d07c58b05438a0dd9063a9b997e2585575659f93
- SSDEEP
  
  3072:0WHIytxYXU1f+dufJeE1sQrwwX5BTihAAD/JmtEqgxm8X8U11hvJT4JuAZREcLo1:0WHIyAqCEBsbwXqhjJ+Ebxm8MULhvIun
Score

1^/10
behavioral9
- Target
  
  Help/nvcpl/nv3dfra.chm
- Size
  
  171KB
- MD5
  
  b7af0f0de555f26450bebdd9f971c838
- SHA1
  
  96048e51d0a112c2d6049c8a0752430051bc5b93
- SHA256
  
  36da94c497de59e1154391f00dc08f058dbd2b4541c182f2c0abd84021d6f72c
- SHA512
  
  1c18045ed1075e22fef6cc3ca31e8736be7845111d31e42d3c2f713637e6759130c11316d95ff2086d519e791ca68e41e6ded131f5304141c642208d5814df98
- SSDEEP
  
  3072:gQ1T633ivRFRqnLA82jUqWGIww/RsvZ0UHnzfvKAL6At+dBQz/9:gQ1T6Sv9qcpjUq3fw/qNKAL6AtNz/9
Score

1^/10
behavioral10
- Target
  
  Help/nvcpl/nv3dheb.chm
- Size
  
  171KB
- MD5
  
  60299a0e19fef09eafb629d7b292d9e8
- SHA1
  
  c482d3273069d9893bfaa52f3c4021e2335c1c37
- SHA256
  
  a9cde2717a6fb7eb8067cbe2546ec0c280a77cb29e78d82bad455dfb0827fe3d
- SHA512
  
  49c3f8a373f09a3748c2b1be157b419b93df2ec9f4915c93795cbc9547265bf33e53ced0699dccbecd92d607b4de8c8802a75b097277090752e8f8d355f99234
- SSDEEP
  
  3072:d8/BVSC1G6TLjqTUgy+XVb5t3eNv9vTkLe2z7vk41uxMp:ypVSq/qQa/38ueOkfG
Score

1^/10
behavioral11
- Target
  
  Help/nvcpl/nv3dhun.chm
- Size
  
  188KB
- MD5
  
  b1ba2dceefb1136bc33dad92e95d8dd0
- SHA1
  
  895819132aada9a9b0f1cff3c367355f4da48d06
- SHA256
  
  7fcf4826f4cc668014ed880c8d26c23ee10dbf81986d98ee322fe55014c9f01f
- SHA512
  
  d9e38404f8292d03e46f98d59c503f37104cfced4b94418ec16b546eab77b3355ab189fb77f4d6b0126359fef1283ee85c26afe2518a6151f67e835dcf13d85b
- SSDEEP
  
  3072:tKe6DfWgwSgT+5zhsoICPAmVBqWU5OLIE71Xc0CZHZVat+6ftwhqdaLaa9L9fgbB:tK3WgE4sob9BqjgIvTZEw6ftwh7LaIyr
Score

1^/10
behavioral12
- Target
  
  Help/nvcpl/nv3dita.chm
- Size
  
  172KB
- MD5
  
  046bd8e4893c7462b1384a099115398d
- SHA1
  
  0fd7be5c40ea7013a44ddc3d03ac35a8a759d98c
- SHA256
  
  5abffaea028628ea376512e29ef852308cbfd76e142029b93b09187cff33fa27
- SHA512
  
  3a8527603b0026e1d03e54e9514e39e7470877ca790dcee34f30e6ae64de058a98c4e1bfe6891eff3ea720af787b1e988979021eacb7b15c67a6cfe1d1965bdb
- SSDEEP
  
  3072:vOdDBHzoEV6ev4V1SI1/tidLAeHh/dS0xMBBhncqF3wxxQExuTQ4xd9N:vOHHzo86evY1SIWdbh/d3MBBhn3JwxxC
Score

1^/10
behavioral13
- Target
  
  Help/nvcpl/nv3djpn.chm
- Size
  
  203KB
- MD5
  
  a6be1b8e22690fa1cfdcdb57a4853313
- SHA1
  
  018230bddfe136ee605a09ff7df25d13f2e955e0
- SHA256
  
  af6baab4f0d11af7bb470b87ba48fa75dac3eb598eae9d209f067aa46269806c
- SHA512
  
  6d037ac358d80916b1084a8ef6ae7eec95f7b6ecc9ee86f1f15b8a5369609c34d430340d7a00f7f35308497d866c56964dd20726303eee55ba54ec6c7189465d
- SSDEEP
  
  6144:RLNH/Bq7ZkVKpXG5qWn7Dc20ysx8s8ouHRxWbQAU8sgi:T/Ui5R3n0ysxAJbWbQAax
Score

1^/10
behavioral14
- Target
  
  Help/nvcpl/nv3dkor.chm
- Size
  
  179KB
- MD5
  
  32f13d4a058e08459d971cf4c4b834ea
- SHA1
  
  9bcdda89048afd8e10746d19d51dcb7f30ffd142
- SHA256
  
  09d6dd19f69509795d778f2fc07cdf7d427e5a037ab3eeb6663de4749f440786
- SHA512
  
  09001afa28aafd64be1960ec88e6293b756a09227b93e2157acee7c72c79706d947ee86941553def66250d530d743f711b75bc5132a70877588920ddfc527800
- SSDEEP
  
  3072:jeEmkWFPfZ8LLeWqRRFq1sNYN05gEiv51LKB3zcshC6W0Qf5S/aH:jeEifZ8uRPkyUESO9zcsps
Score

1^/10
behavioral15
- Target
  
  Help/nvcpl/nv3dnld.chm
- Size
  
  148KB
- MD5
  
  62068e078faa52511fbe356348ba3d05
- SHA1
  
  cbc90d0a9eb18dac6c59e5a0bb86408beef617a7
- SHA256
  
  647b8b4302b60454742676a67379a04eadbd6f4df98e2e2f0c46227525855688
- SHA512
  
  415b7d664419d2caa18e8d50620fa9a8003ed2b8cba6fab457e4dbc1438496412ccc3e8a0bee8584f951ce728ea09933b4c7cf861ea7e003c2da24a5f805864c
- SSDEEP
  
  3072:Z88wa2Tieo3/LBmqs6+q3cIySQBGDPm5rK1gT4ihvVcHd3UvsfzNl6H:Z88wateo3jBwW3cpSQcOWih2H9UUO
Score

1^/10
behavioral16
- Target
  
  Help/nvcpl/nv3dnor.chm
- Size
  
  163KB
- MD5
  
  6ecc2955227353b8682a9af8070e7554
- SHA1
  
  0151c705b93145237cc72304983ad89b0fa1debf
- SHA256
  
  874fc4d5f13ae6005f2d3f8a865688bd37a1976b9dab15a0391acdb38c11f836
- SHA512
  
  0ed0550d3f27d9772826d23d89e42b11c9226b3963f5d4459d3e040e4ad7be5235c91163c11b0f1529c839f1f52f3991c0cb064aad3e6b941b3b9234c651d78c
- SSDEEP
  
  3072:EZqVy/FXTiUD/84CDo0Opj75hCDveOGL4KkPvKpJ1aiIeJWgFJ0eazKtMoZU:EZay/FXp/JCDo0OpQ3vKf1nIekMRaXX
Score

1^/10
behavioral17
- Target
  
  Help/nvcpl/nv3dplk.chm
- Size
  
  186KB
- MD5
  
  d4b0b0205a1761aeafdac4215bd12d6c
- SHA1
  
  43866eed07382f089dc2975c539b9fbbf18c1293
- SHA256
  
  625a8d6940a6248c9d0de39a4cc410f7bae12124f7477ba60fcd966d7df4d3f4
- SHA512
  
  f8cfe241a5fce6bfab8584337076a10dc613e119dd3f3a10e5c12dfa37d513566c855a619264fdaaafcda6527aba501afe26c3edad27886190d9b07cc6ede861
- SSDEEP
  
  3072:lJjpwlQp+NiyzIrDIs0+M/7yiRbOhOmgh9VQNy7B/oNvph26eQLvzT+:lJ1wlQsNvIMJ/eqZmg6Ny7GNvph2pQLO
Score

1^/10
behavioral18
- Target
  
  Help/nvcpl/nv3dptb.chm
- Size
  
  168KB
- MD5
  
  673fcda96a7235fae29477953ec062e7
- SHA1
  
  25cec04c806e545d16d991cf39e3eb9803733a38
- SHA256
  
  a9bc055d779feba6a17a7949a9d08e4acc479c21b226a972dc32d33404977118
- SHA512
  
  b0f750429ddcd2e56cb7a3cd27549b32798c3df757a783032ab4b18c10a5cfe05a41003841f33e848c3bbbb340c54169a73543e463a091b198e4cc8b81969fab
- SSDEEP
  
  3072:rpraXkRe0CxhMBq+RaitUoeqgCbi/gtmIqMrJ9LX6xvVgJ:rpako/xaWweqM/gEI17KxmJ
Score

1^/10
behavioral19
- Target
  
  Help/nvcpl/nv3dptg.chm
- Size
  
  175KB
- MD5
  
  c663c3519d4816719f0e7bb7af3496c6
- SHA1
  
  7e1b7e218815470afa44a5a93f9d60fa2f0cd2ca
- SHA256
  
  a8aa823a4888236f84a44e130a1e30ce847b0c9cdc35ce884d4e41270ca0eb8b
- SHA512
  
  826ec6bfe702dd062f5e9a85d436ce1dd9903af8314b5e9736d9bb56744f9d237269b052a299844e9e3e823afe2af95f3ae5849649bbea606c56219d2a183b8d
- SSDEEP
  
  3072:KTITtT0dYRK/v1dP5zNy+o/8v1Lz809z8Ssos6vmaakFmd0nc5rSr0/37b+7nxWY:KTITud7P5zC/8v13ODlzaal0nc58vVWY
Score

1^/10
behavioral20
- Target
  
  Help/nvcpl/nv3drus.chm
- Size
  
  177KB
- MD5
  
  d91bf2f4b5c56e55d15b058f96497dff
- SHA1
  
  54d989e874a82a0766f12bfbcc82a0535ecf6933
- SHA256
  
  135393c2a6bcfe3fa8eb18d6202292a1a2c4b0ce85135043c2f7ffcf11d69ad1
- SHA512
  
  3cc58fc1fb32de2ff3443ae6cde14d94e29bd1c0ac8e7aae33dbb72ca605d63a454964e122375c97ad3bf88bc08747f29b4ce76f90b4ce1f268c5a6515caa647
- SSDEEP
  
  3072:I58P6IQKMteI4iLICk26F8IeS+oqAFgZSbqO7viupueZJ9IzuEuIlzBQNMa5C1PM:I58PQKMTn5k18IMoB1q2v1jn+uFIJ2ND
Score

1^/10
behavioral21
- Target
  
  Help/nvcpl/nv3dsky.chm
- Size
  
  189KB
- MD5
  
  1802d7a3a1b46033b51a66c8bd99d7f4
- SHA1
  
  f311165887bf103692d432fe779b41fc70bb07b8
- SHA256
  
  1ff297e3d0eaf8838f55d790893abd702da75c0720d7be3ca821ed0698fe5b46
- SHA512
  
  118c57d82757dace1e5c2048ece46e3912f8e0c03408fa1e5dfdc357869694750b97663a6e419c0e932d49490e356b436bd4eaa9fbbf35c76014dc599c816171
- SSDEEP
  
  3072:a3dvXu/PA6ziMeezGLoFQE5LQqLr5jA+9tjEL/bvup9t8cxir2j0hkVM:a3Z+zzEGGS2qR/9tjEbM8gMgM
Score

1^/10
behavioral22
- Target
  
  Help/nvcpl/nv3dslv.chm
- Size
  
  168KB
- MD5
  
  92dfe1e958d0ba7a31bf74ddca004547
- SHA1
  
  964a14c7824bb8ff35f14b1913d21a4414755ed8
- SHA256
  
  d5e7ec5a5f7902a759c7f33b8ff7520721227c093f07a3ee2229121e52119442
- SHA512
  
  e08159145f0121d8bc78d3ccf11b5b6075c83763a784d3dd6c874518f934501534885c4ab0889cb0056f28475d8d1e9f1f6cdf3cab8cf4f5bfac72a4f86411b4
- SSDEEP
  
  3072:MteImYF616lJkqBVEZiyJYZD5MKRt9PJt5f/L8Kme+eQ8UPhkhNYAu4intiyYl7L:m7mYF3UqBWZalqoPJHAfhkoA9xDln
Score

1^/10
behavioral23
- Target
  
  Help/nvcpl/nv3dsve.chm
- Size
  
  169KB
- MD5
  
  fd8972745704381fbac7a6897daffbf2
- SHA1
  
  89eb8d1f623d6ffb3e71ac819e423ccde16f8177
- SHA256
  
  65be7626e85c1cfe615ad17f00acb04e518002d70303bccb1fe0dee9ae0f46a0
- SHA512
  
  54806ac04ec875ce0328ef3cd02b6a990043a61eb76091f0fa8c77833e9d2ada2b4e56a1b94b0674d3be40bdb31d1fef77a67af4d2549a0afef5b19f426f7938
- SSDEEP
  
  3072:g/yjPBwEDuf7qNO43ev4hpQ9huUF+AWruVlYOMUai8FtaO/RQJHArjFF4z4gqqK:g/ldzq0dXhuUnWGos8FtaQR0HArJKzI
Score

1^/10
behavioral24
- Target
  
  Help/nvcpl/nv3dtha.chm
- Size
  
  191KB
- MD5
  
  74d454f97fc5211bcbb15106ad7d1dbd
- SHA1
  
  089642b332f75d1b1a53dfe61a398d2f2bdc7483
- SHA256
  
  2b1d0e3de6706dbe310cb30a642b9d669758f87338a1c096ffe9ff6f41bcc17a
- SHA512
  
  3764361c9be53d3326e149f3f4feca5a1d53ed8d5f065dea8282dfab2cfef0188be994f84391fec3d5e95ed2272bd474f5f2b8e586090afa3eeb1a956ca49b28
- SSDEEP
  
  3072:XmjzhoquR1iJ5E54XwXGaTtNnF/NPu/JM+RVLycnYIchp7X/d9SjwzsFu4dQgq:XmjVoqzm1Pu/W2VL9n+/R9E3Qgq
Score

1^/10
behavioral25
- Target
  
  Help/nvcpl/nv3dtrk.chm
- Size
  
  165KB
- MD5
  
  fb0f06de3a0fba223fde39137f516fb1
- SHA1
  
  0b7421331e3518d1a8c1ace1d47b4629f48161ff
- SHA256
  
  9d9be76906a468a0ac675a444aeba268d755d9dc522f2667345c57c5ed0accf2
- SHA512
  
  f7bc36ac0700d10aa80a6b6ba77558382f57229f6d7f560d5aa1fa6ed0d690eff86763337207601bfffbdb762cc4e5abb0c76c4a77d9ccd57bd27c99a1b42643
- SSDEEP
  
  3072:wHZZXL16Ypo2/SubaeMovV/6axh56Zt9/waUbpntIR1JjMGsE/TfeWlAFNK4BxHT:wHZZRdo2/SubaBovV/JB6ZT/wvtIBdsD
Score

1^/10
behavioral26
- Target
  
  Help/nvcpl/nvcpl.chm
- Size
  
  130KB
- MD5
  
  8c46e168c5c04410c039917f37f4b7d6
- SHA1
  
  de9c3a5a4ed3ddad765e2243381e8413846a87ac
- SHA256
  
  5274f8740ede13ab0132b8552efa195407577db7e8f785a56d60d0aa64b3f067
- SHA512
  
  ba930f3573947bceb87fe7b7ca58a5af1b7f0c466a6b12543af5fe71f45a352da0d3e58f469b2681e6d2ecf923a96647f3dabfafcb66537d6a6ef4e0dc4317e8
- SSDEEP
  
  3072:WhrcemGg8C3jfzGOZDq/wIjjTdG2YwqfVYX4qVJb+eyZNTN/:06NFT7NY/lNGhTqoqVJbHyzF
Score

1^/10
behavioral27
- Target
  
  Help/nvcpl/nvcplara.chm
- Size
  
  133KB
- MD5
  
  3574e4ce85d6fcc19c3e321e363a9b06
- SHA1
  
  1fd47f38ba7e849e397509d64c5edb63734e1be8
- SHA256
  
  ca09913bea3dcd84c9e6c70de336129a52fd5b163cccef6d96e33ff80a3fb7ae
- SHA512
  
  76894e71dbad0306f619771db996762758841df26871dc0619ff3764b7d9665aaf2e744e6f8b473ac1b528aafb5e6d29ec6d29bd5423a13cf7bdc6189cce4a1e
- SSDEEP
  
  3072:ZNot04GSuOzsvA6o/o2x0szKIDdRsi1LrclOzC1EL:ZNyNGSVZPWszKIDsi1LrcYGmL
Score

1^/10
behavioral28
- Target
  
  Help/nvcpl/nvcplchs.chm
- Size
  
  130KB
- MD5
  
  0a4d6193d4faae8e36cfe79f985c4ea2
- SHA1
  
  627d796ebcfa10e1dd61cd6224cec508027179c0
- SHA256
  
  927623087b19d111a48ec3865dd9a4fae4f66557bd5c6625938353e6b4410441
- SHA512
  
  c93eea544640b862460ee4bb09e3a1d53f32640099a8938c17bdcf061864ce2149a80e05f5140c66db1c38fddd6d73517135207d4245fc4f44c32025b9c85f34
- SSDEEP
  
  3072:Vugvi/2bdK2xStXYsuItE2s6Czuak81sitdAIMB1rSAAQu:sgvO2wRZPtsbz1k81Vr43Ju
Score

1^/10
behavioral29
- Target
  
  Help/nvcpl/nvcplcht.chm
- Size
  
  132KB
- MD5
  
  a444e5df31f2f05a06cafcb761cf5884
- SHA1
  
  aee7372d8c5bd53907e9f9987325ff4a95670906
- SHA256
  
  ba6b7934709e72f2072453f2b4dc49e82d49ced31ff6336775c8fd84b9e69ea8
- SHA512
  
  16d0ce9aeaf1b56755a55032930569b9df65139e13e31172ecac8d5d1ad930b5cb01fee6e059d22ff7b52f25f83b02e6fe14fc00b7137c259b1e4c874cc82642
- SSDEEP
  
  3072:7eCEyRrTXWGMLykVepzlcTIMo6yTasgwob2Qj7wL2S0:7eCE4PXP8bVepZxMnyT4woS87wL2F
Score

1^/10
behavioral30
- Target
  
  Help/nvcpl/nvcplcsy.chm
- Size
  
  134KB
- MD5
  
  81a156ace7d74d3c92aa98631a662ae8
- SHA1
  
  6162f824bc784baf476fc6d21afb670ae135f92c
- SHA256
  
  66baab1fc24e69e441c679910e0e8028d6bb83906bf1dda75413c74a4e26e763
- SHA512
  
  46a89a9491dd8297b4a1efc44b3fa2139a454f76df822c0f7540676a9a40f60e23478d4862c6d33a1863bef050a371375a4dae9a3eef2af6214c6ca219a9be17
- SSDEEP
  
  3072:N+efAJZ9OfG2ufRvcpt41X7719Jo4Pgl8oSJgQoT+dmkr4IHLM+LX:N+eyZ9WGuAXzJPPglpSJgQoob4KVLX
Score

1^/10
behavioral31
- Target
  
  Help/nvcpl/nvcpldan.chm
- Size
  
  130KB
- MD5
  
  5449d599095d008ec1c19e04e60777e9
- SHA1
  
  bb69f851bcdb0ef8706e68a3dbd86573af1874fe
- SHA256
  
  a042945436ae9e9d3191864eb0893aac44b107e2ad23b4061351fbdbc289a216
- SHA512
  
  9247aec18a2777bce38aa87bdf0106d5a6f886f5c12ab5484330aa725ccf59e405bd8a489774b051ae9b9ecb645c04a7d109333288daaf81f30a07cf2ee7a1bd
- SSDEEP
  
  3072:upAHVBuTtXgpuAl0Syg2FJsJFuT+L5gEBCN9+kQBq:upACOu20Syg2Fr85gEQfJ5
Score

1^/10
behavioral32