b7dd3bce3ebfbc2d5e3a9f00d47f27cb6a5895c4618c878e314e573a7c216df1

Analysis

max time kernel
23s
max time network
46s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
21-10-2024 23:53

Sharing

Copy URL

Twitter E-mail

Reason

Machine shutdown

Report Analysis Logs

General

Target

The-MALWARE-Repo-master.zip
Size

198.8MB
MD5

af60ad5b6cafd14d7ebce530813e68a0
SHA1

ad81b87e7e9bbc21eb93aca7638d827498e78076
SHA256

b7dd3bce3ebfbc2d5e3a9f00d47f27cb6a5895c4618c878e314e573a7c216df1
SHA512

81314363d5d461264ed5fdf8a7976f97bceb5081c374b4ee6bbea5d8ce3386822d089d031234ddd67c5077a1cc1ed3f6b16139253fbb1b3d34d3985f9b97aba3
SSDEEP

6291456:wNl3aFW2h9/fiTwCzCLS6iilVkLZgAEtknRzq:wDaFd//Orcpi4VkL6AfRG

Score

8^/10

discovery evasion macro persistence ransomware upx xlm

Malware Config

Signatures

Disables Task Manager via registry modification
evasion

Suspicious Office macro 1 IoCs

Office document equipped with 4.0 macros.

macro xlm

resource	yara_rule
behavioral1/files/0x001c00000002aaf9-539.dat	office_xlm_macros

Executes dropped EXE 1 IoCs

pid	Process
792	000.exe

Enumerates connected drives 3 TTPs 23 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
File opened (read-only)	\??\H:	000.exe
File opened (read-only)	\??\J:	000.exe
File opened (read-only)	\??\Q:	000.exe
File opened (read-only)	\??\T:	000.exe
File opened (read-only)	\??\E:	000.exe
File opened (read-only)	\??\G:	000.exe
File opened (read-only)	\??\I:	000.exe
File opened (read-only)	\??\K:	000.exe
File opened (read-only)	\??\N:	000.exe
File opened (read-only)	\??\P:	000.exe
File opened (read-only)	\??\Y:	000.exe
File opened (read-only)	\??\B:	000.exe
File opened (read-only)	\??\S:	000.exe
File opened (read-only)	\??\V:	000.exe
File opened (read-only)	\??\X:	000.exe
File opened (read-only)	\??\Z:	000.exe
File opened (read-only)	\??\A:	000.exe
File opened (read-only)	\??\M:	000.exe
File opened (read-only)	\??\O:	000.exe
File opened (read-only)	\??\R:	000.exe
File opened (read-only)	\??\U:	000.exe
File opened (read-only)	\??\W:	000.exe
File opened (read-only)	\??\L:	000.exe

Modifies WinLogon 2 TTPs 1 IoCs

persistence

Winlogon Helper DLL

T1547.004

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\AutoRestartShell = "0"	000.exe

Sets desktop wallpaper using registry 2 TTPs 1 IoCs

ransomware

Defacement

T1491

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\USER\S-1-5-21-2253712635-4068079004-3870069674-1000\Control Panel\Desktop\Wallpaper	000.exe

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/files/0x001c00000002ab43-589.dat	upx
behavioral1/files/0x001c00000002ab3d-585.dat	upx
behavioral1/files/0x001900000002ab2d-578.dat	upx

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 4 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	000.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	cmd.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	taskkill.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	taskkill.exe

Kills process with taskkill 2 IoCs

evasion

pid	Process
1468	taskkill.exe
4572	taskkill.exe

Modifies registry class 4 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\txtfile\DefaultIcon	000.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\txtfile	000.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\txtfile\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Temp\\icon.ico"	000.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2253712635-4068079004-3870069674-1000\{545AAD5B-7EAA-4522-932D-36B6BB807979}	000.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
4824	7zFM.exe

Suspicious use of AdjustPrivilegeToken 7 IoCs

description	pid	Process
Token: SeRestorePrivilege	4824	7zFM.exe
Token: 35	4824	7zFM.exe
Token: SeSecurityPrivilege	4824	7zFM.exe
Token: SeDebugPrivilege	1468	taskkill.exe
Token: SeShutdownPrivilege	792	000.exe
Token: SeCreatePagefilePrivilege	792	000.exe
Token: SeDebugPrivilege	4572	taskkill.exe

Suspicious use of FindShellTrayWindow 2 IoCs

pid	Process
4824	7zFM.exe
4824	7zFM.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
792	000.exe
792	000.exe

Suspicious use of WriteProcessMemory 9 IoCs

description	pid	Process	procid_target
PID 792 wrote to memory of 2384	792	000.exe	85
PID 792 wrote to memory of 2384	792	000.exe	85
PID 792 wrote to memory of 2384	792	000.exe	85
PID 2384 wrote to memory of 1468	2384	cmd.exe	87
PID 2384 wrote to memory of 1468	2384	cmd.exe	87
PID 2384 wrote to memory of 1468	2384	cmd.exe	87
PID 2384 wrote to memory of 4572	2384	cmd.exe	89
PID 2384 wrote to memory of 4572	2384	cmd.exe	89
PID 2384 wrote to memory of 4572	2384	cmd.exe	89

C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\The-MALWARE-Repo-master.zip"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
PID:4824

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:4724

C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Trojan\000.exe
"C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Trojan\000.exe"
1⤵
- Executes dropped EXE
- Enumerates connected drives
- Modifies WinLogon
- Sets desktop wallpaper using registry
- System Location Discovery: System Language Discovery
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:792
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\windl.bat""
  2⤵
  - System Location Discovery: System Language Discovery
  - Suspicious use of WriteProcessMemory
  PID:2384
- - C:\Windows\SysWOW64\taskkill.exe
    taskkill /f /im explorer.exe
    3⤵
    - System Location Discovery: System Language Discovery
    - Kills process with taskkill
    - Suspicious use of AdjustPrivilegeToken
    PID:1468
- - C:\Windows\SysWOW64\taskkill.exe
    taskkill /f /im taskmgr.exe
    3⤵
    - System Location Discovery: System Language Discovery
    - Kills process with taskkill
    - Suspicious use of AdjustPrivilegeToken
    PID:4572
- - C:\Windows\SysWOW64\Wbem\WMIC.exe
    wmic useraccount where name='Admin' set FullName='UR NEXT'
    3⤵
    PID:2136
- - C:\Windows\SysWOW64\Wbem\WMIC.exe
    wmic useraccount where name='Admin' rename 'UR NEXT'
    3⤵
    PID:5092
- - C:\Windows\SysWOW64\shutdown.exe
    shutdown /f /r /t 0
    3⤵
    PID:3460

C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x4 /state0:0xa3a0c055 /state1:0x41c64e6d
1⤵
PID:1860

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Winlogon Helper DLL

T1547.004

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Winlogon Helper DLL

T1547.004

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

T1491

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Media Player\CurrentDatabase_400.wmdb

Filesize
896KB

MD5
b9e0366d268781f704bedc408ccccd66

SHA1
535d7e7a3f2f0570b8ca0d4171e3a68168c89f0f

SHA256
94f01d8be1d87ee47908ad2ade5a8b44c6e38ff812caadadedb65e525dff2628

SHA512
e0a3aefdbb32490dd4f16f62b08e46649404bb162dc67b9448e03337ffb60fed1a5a475d0d10c0e0a1a95d1390a694e3beca567272e554dff13c7bf817cf89cf

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNS.XML.bak

Filesize
9KB

MD5
7050d5ae8acfbe560fa11073fef8185d

SHA1
5bc38e77ff06785fe0aec5a345c4ccd15752560e

SHA256
cb87767c4a384c24e4a0f88455f59101b1ae7b4fb8de8a5adb4136c5f7ee545b

SHA512
a7a295ac8921bb3dde58d4bcde9372ed59def61d4b7699057274960fa8c1d1a1daff834a93f7a0698e9e5c16db43af05e9fd2d6d7c9232f7d26ffcff5fc5900b

Download Submit
C:\Users\Admin\AppData\Local\Temp\rniw.exe

Filesize
76KB

MD5
9232120b6ff11d48a90069b25aa30abc

SHA1
97bb45f4076083fca037eee15d001fd284e53e47

SHA256
70faa0e1498461731f873d3594f20cbf2beaa6f123a06b66f9df59a9cdf862be

SHA512
b06688a9fc0b853d2895f11e812c48d5871f2793183fda5e9638ded22fc5dc1e813f174baedc980a1f0b6a7b0a65cd61f29bb16acc6dd45da62988eb012d6877

Download Submit
C:\Users\Admin\AppData\Local\Temp\windl.bat

Filesize
771B

MD5
a9401e260d9856d1134692759d636e92

SHA1
4141d3c60173741e14f36dfe41588bb2716d2867

SHA256
b551fba71dfd526d4916ae277d8686d83fff36d22fcf6f18457924a070b30ef7

SHA512
5cbe38cdab0283b87d9a9875f7ba6fa4e8a7673d933ca05deddddbcf6cf793bd1bf34ac0add798b4ed59ab483e49f433ce4012f571a658bc0add28dd987a57b6

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Banking-Malware\DanaBot.exe

Filesize
2.7MB

MD5
48d8f7bbb500af66baa765279ce58045

SHA1
2cdb5fdeee4e9c7bd2e5f744150521963487eb71

SHA256
db0d72bc7d10209f7fa354ec100d57abbb9fe2e57ce72789f5f88257c5d3ebd1

SHA512
aef8aa8e0d16aab35b5cc19487e53583691e4471064bc556a2ee13e94a0546b54a33995739f0fa3c4de6ff4c6abf02014aef3efb0d93ca6847bad2220c3302bd

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Banking-Malware\Dridex\Dridex.JhiSharp.dll.9d75ff0e9447ceb89c90cca24a1dbec1_

Filesize
148KB

MD5
9d75ff0e9447ceb89c90cca24a1dbec1

SHA1
ebae1054d69619e9e70c9b2e806edb9000d7feb9

SHA256
f2b33edb7efa853eb7f11cb8259243238e220fdc0bfc6987835ba1b12c4af1eb

SHA512
6df94dbe3681c1cb572d63e54a6753b3bae7075b86507f33f152795c6e61f1feac6742986d7c72a2834f28c85d0a1890bb31b5888b98b29754300dceb63e210d

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Banking-Malware\Dridex\DridexDroppedVBS.925da3a10f7dde802c8d87047b14fda6

Filesize
140KB

MD5
925da3a10f7dde802c8d87047b14fda6

SHA1
1fc59fbf692f690b9fe82cfafc9dcbd5aac31a68

SHA256
c94fe7b646b681ac85756b4ce7f85f4745a7b505f1a2215ba8b58375238bad10

SHA512
82588188de13f34cd751da7409f780c4fc5814da780fe8cad1fa73370414fb24b9822fc56f1f162d0db4a5c27159c225bc4d4fb061a87cb3c0d89b067353a478

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Banking-Malware\Dridex\DridexLoader.bin.exe.c26203af4b3e9c81a9e634178b603601

Filesize
212KB

MD5
c26203af4b3e9c81a9e634178b603601

SHA1
5e41cbc4d7a1afdf05f441086c2caf45a44bac9e

SHA256
7b8fc6e62ef39770587a056af9709cb38f052aad5d815f808346494b7a3d00c5

SHA512
bb5aeb995d7b9b2b532812be0da4644db5f3d22635c37d7154ba39691f3561da574597618e7359b9a45b3bb906ec0b8b0104cbc05689455c952e995759e188b6

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Banking-Malware\Dridex\Trojan.Dridex.A. dbf96ab40b728c12951d317642fbd9da_

Filesize
132KB

MD5
dbf96ab40b728c12951d317642fbd9da

SHA1
38687e06f4f66a6a661b94aaf4e73d0012dfb8e3

SHA256
daab430bb5771eaa7af0fbd3417604e8af5f4693099a6393a4dc3b440863bced

SHA512
a49cc96651d01da5d6cbb833df36b7987eafb4f09cc9c516c10d0d812002d06ae8edee4e7256c84e300dc2eadad90f7bb37c797bccdee4bad16fcaf88277b381

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Banking-Malware\Dridex\Trojan.Dridex.A.6164228ed2cc0eceba9ce1828d87d827

Filesize
152KB

MD5
6164228ed2cc0eceba9ce1828d87d827

SHA1
cea5bc473c948a78ce565b6e195e6e25f029c0c6

SHA256
7fa83f0588f0f50d0635313918137c05cb59aa672d842f864073aebb72c66195

SHA512
b53ac27397ce5453fa008d1a2e98f9f66be7d7f08375b92c88007544c09ab844d6c8eeceb2221c988e0a0d6ffc2a8a290e49715e3062a74bcd2310d41bffcc37

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Banking-Malware\Dridex\Trojan.Dridex.A.97a26d9e3598fea2e1715c6c77b645c2

Filesize
628KB

MD5
97a26d9e3598fea2e1715c6c77b645c2

SHA1
c4bf3a00c9223201aa11178d0f0b53c761a551c4

SHA256
e5df93c0fedca105218296cbfc083bdc535ca99862f10d21a179213203d6794f

SHA512
acfec633714f72bd5c39f16f10e39e88b5c1cf0adab7154891a383912852f92d3415b0b2d874a8f8f3166879e63796a8ed25ee750c6e4be09a4dddd8c849920c

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Banking-Malware\Emotet.zip

Filesize
102KB

MD5
510f114800418d6b7bc60eebd1631730

SHA1
acb5bc4b83a7d383c161917d2de137fd6358aabd

SHA256
f62125428644746f081ca587ffa9449513dd786d793e83003c1f9607ca741c89

SHA512
6fe51c58a110599ea5d7f92b4b17bc2746876b4b5b504e73d339776f9dfa1c9154338d6793e8bf75b18f31eb677afd3e0c1bd33e40ac58e8520acbb39245af1a

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Banking-Malware\Zloader.xlsm

Filesize
93KB

MD5
b36a0543b28f4ad61d0f64b729b2511b

SHA1
bf62dc338b1dd50a3f7410371bc3f2206350ebea

SHA256
90c03a8ca35c33aad5e77488625598da6deeb08794e6efc9f1ddbe486df33e0c

SHA512
cf691e088f9852a3850ee458ef56406ead4aea539a46f8f90eb8e300bc06612a66dfa6c9dee8dcb801e7edf7fb4ed35226a5684f4164eaad073b9511189af037

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Botnets\FritzFrog\001eb377f0452060012124cb214f658754c7488ccb82e23ec56b2f45a636c859

Filesize
8.7MB

MD5
799c965e0a5a132ec2263d5fea0b0e1c

SHA1
a15c5a706122fabdef1989c893c72c6530fedcb4

SHA256
001eb377f0452060012124cb214f658754c7488ccb82e23ec56b2f45a636c859

SHA512
6c481a855ee6f81dd388c8a4623e519bfbb9f496dada93672360f0a7476fb2b32fd261324156fd4729cef3cbe13f0a8b5862fe47b6db1860d0d67a77283b5ad8

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Botnets\FritzFrog\041bc20ca8ac3161098cbc976e67e3c0f1b672ad36ecbe22fd21cbd53bcaa742

Filesize
8.7MB

MD5
76fe4fdd628218f630ba50f91ceba852

SHA1
6e90f2fe619597115e5b8dd8b0d1fb0c8ad33fa4

SHA256
041bc20ca8ac3161098cbc976e67e3c0f1b672ad36ecbe22fd21cbd53bcaa742

SHA512
7956505ae0d8479a92ddf97bb09a757566ef526934ee06b4273f0fc450e4da9204808ffa4f4674f4e6e313eb718a7c65f258ef8d23b9769b8aa12d47610d8011

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Botnets\FritzFrog\0ab8836efcaa62c7daac314e0b7ab1679319b2901578fd9e95ec3476b4c1a732

Filesize
8.7MB

MD5
0263de27fd997a4904ee4a92f91ac733

SHA1
da090fd76b2d92320cf7e55666bb5bd8f50796c9

SHA256
0ab8836efcaa62c7daac314e0b7ab1679319b2901578fd9e95ec3476b4c1a732

SHA512
09ef02532eb7c3a968c1d04bf1f3aa9a4bf400f8485d3be596d7db3aed5f705fc1f85a1f6218397a70830ad747aa03c61b9c5b1cca24c2620cdbb3e5361db194

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Botnets\FritzFrog\103b8404dc64c9a44511675981a09fd01395ee837452d114f1350c295357c046

Filesize
8.6MB

MD5
ae747bc7fff9bc23f06635ef60ea0e8d

SHA1
64315e834f67905ed4e47f36155362a78ac23462

SHA256
103b8404dc64c9a44511675981a09fd01395ee837452d114f1350c295357c046

SHA512
e24914a58565a43883c27ae4a41061e8edd3d5eef7b86c1c0e9910d9fbe0eef3e78ed49136ac0c9378311e99901b1847bcfd926aa9a3ea44149a7478480f82b2

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Botnets\FritzFrog\2378e76aba1ad6e0c937fb39989217bf0de616fdad4726c0f4233bf5414cde86

Filesize
8.7MB

MD5
3a371a09bfcba3d545465339f1e1d481

SHA1
7f5712878929aab6a2ab297072a5a5f3d3c15a01

SHA256
2378e76aba1ad6e0c937fb39989217bf0de616fdad4726c0f4233bf5414cde86

SHA512
35efc5129316ea697f1f4591c37e70c74b643942cdb3cb1aac6a0f14f5d133da39c0c393439490bc059361e9feeacee3d4056f88700f56dfe1088ba0ab22613b

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Botnets\FritzFrog\30c150419000d27dafcd5d00702411b2b23b0f5d7e4d0cc729a7d63b2e460a01

Filesize
8.6MB

MD5
819b0fdb2b9c8a440b734a7b72522f12

SHA1
f3aff7e1c44d21508eb60797211570c84a53597a

SHA256
30c150419000d27dafcd5d00702411b2b23b0f5d7e4d0cc729a7d63b2e460a01

SHA512
fee2c0dbbc91e2486e409e8b6a877c6ec500e6c7c0491d4c44d37006c30de79b95dd4640c7c8c8efcc920abccbdb659a590fde1e2526126279b7486778d08b5a

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Botnets\FritzFrog\3205603282a636979a55aa1e1be518cd3adcbbe491745d996ceb4b5a4dece0c5

Filesize
8.7MB

MD5
8f0cb7af15afe40ed85f35e1b40b8f38

SHA1
525f97d6e7e3cbb611a1cf37e955c0656f4b3c06

SHA256
3205603282a636979a55aa1e1be518cd3adcbbe491745d996ceb4b5a4dece0c5

SHA512
bd9e97b4042d89e081eced5781149b0d8e28a6e9d35c2a449a21aee26765ed8eea560434ba5e9a897c4e4c89d7a2b8997e31ad4ac2202a940b8731a5f447170d

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Botnets\FritzFrog\453468b86856665f2cc0e0e71668c0b6aac8b14326c623995ba5963f22257619

Filesize
8.7MB

MD5
682ac123d740321e6ba04d82e8cc4ed8

SHA1
088a8c8c2b7f9db92ec0ae39e1dc77c8707d3895

SHA256
453468b86856665f2cc0e0e71668c0b6aac8b14326c623995ba5963f22257619

SHA512
26ddc0a1b91337de2314465f82f3a02ec478f32708fa91b7cdf75fc235eda7b3cf7c495616145dc29fc081ac4398cab5aac0d42978ea694fa183518533fcf4ad

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Botnets\FritzFrog\5fb29fb0136978b9ccf60750af09cec74a257a0ca9c47159ca74dbba21fbcc59

Filesize
8.7MB

MD5
97cfb3c26a12e13792f7d1741309d767

SHA1
a010f85cdda9f83cbc738eb1b41cd621f3d6018e

SHA256
5fb29fb0136978b9ccf60750af09cec74a257a0ca9c47159ca74dbba21fbcc59

SHA512
162028b9e93bb4718427304a96767880da7094c99ae6145e61a562f09dae0ce6726b2dfac95782990f50fa9bfc9f82b1aacb9e7b12442094137872fa8a3f3379

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Botnets\FritzFrog\6fe6808b9cfe654f526108ec61cb5211bb6601d28e192cadf06102073b54f69c

Filesize
8.7MB

MD5
3fe7b88a9ba6c5acee4faae760642b78

SHA1
bae245bc98c516604838c6ce5a233f066de44a50

SHA256
6fe6808b9cfe654f526108ec61cb5211bb6601d28e192cadf06102073b54f69c

SHA512
02abc8d4fe280306a9ac6a25d28cf174a8d51a43d98b6837bc129701d8c0ab486eebaeef11062b58c455627d4de7c8782b3828aa02891fe439ca1ca617038f95

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Botnets\FritzFrog\7745b070943e910e8807e3521ac7b7a01401d131bf6c18a63433f8177ed539a6

Filesize
8.7MB

MD5
d4e533f9c11b5cc9e755d94c1315553a

SHA1
9e15020cd2688b537bae18e5f291ee8cbe9a85e7

SHA256
7745b070943e910e8807e3521ac7b7a01401d131bf6c18a63433f8177ed539a6

SHA512
149226355b2e5c3fac403289b5e66bd4164a7aee76d8dc8f1d698c509db7a081bad9d4172cc950bb0e6e6909e0073d551dcde82cbeaaf61a9c1b02c9ba48fb38

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Botnets\FritzFrog\7f18e5b5b7645a80a0d44adf3fecdafcbf937bfe30a4cfb965a1421e034996dd

Filesize
8.7MB

MD5
b2e0eede7b18253dccd0d44ebb5db85a

SHA1
ee5db9590090efd5549e1c17ec1ee956ef1ed3d1

SHA256
7f18e5b5b7645a80a0d44adf3fecdafcbf937bfe30a4cfb965a1421e034996dd

SHA512
5608fe7bde5072de7c98bacfe7beb928e6073be87c0fbccd8075c808d9a7c642abe254f6eb620d627f5324e35821fc9b41a31970264abcc472adfbe2c214a9fe

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Botnets\FritzFrog\90b61cc77bb2d726219fd00ae2d0ecdf6f0fe7078529e87b7ec8e603008232d5

Filesize
8.7MB

MD5
100bff2f4ee4d88b005bb016daa04fe6

SHA1
36e5f8f70890601aa2adaffb203afd06516097f0

SHA256
90b61cc77bb2d726219fd00ae2d0ecdf6f0fe7078529e87b7ec8e603008232d5

SHA512
a1cb52bc6edaa7f8bb216d2a5f3deb0b8468c64b43931ef570c05e6a9872c63f00aff50d69686fdc2ea25d3d83da4bf9d78f5e6910643163570d0bd6279c6e16

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Botnets\FritzFrog\9384b9e39334479194aacb53cb25ace289b6afe2e41bdc8619b2d2cae966b948

Filesize
8.6MB

MD5
4842d5cc29c97aa611fba5ca07b060a5

SHA1
f93772038406f28fa4ca1cfb23349193562414b2

SHA256
9384b9e39334479194aacb53cb25ace289b6afe2e41bdc8619b2d2cae966b948

SHA512
cf1cb3f0291f3e0c3b47ff3ee9074b624e2d9781f9637d14ede0628ebb4b8b0fe13e16583f6a933a3e20872ec084dc812237f021757efe2a6d527a0a1723b5c8

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Botnets\FritzFrog\985ffee662969825146d1b465d068ea4f5f01990d13827511415fd497cf9db86

Filesize
8.7MB

MD5
c947363b50231882723bd6b07bc291ca

SHA1
7b9a425f09da9be5dda5facff18c5fd15eed253a

SHA256
985ffee662969825146d1b465d068ea4f5f01990d13827511415fd497cf9db86

SHA512
45f511f6fe78bba853789f85549c8ac591b7812e2fc969a13148bbd1112fa356f6a1ee88a22a907e7f62ef79a0d14d75681eecd2a17f027d105afd381f161184

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Botnets\FritzFrog\d1e82d4a37959a9e6b661e31b8c8c6d2813c93ac92508a2771b2491b04ea2485

Filesize
8.7MB

MD5
aa55272ad8db954381a8eab889f087cf

SHA1
d7df26bf57530c0475247b0f3335e5d19d9cb30d

SHA256
d1e82d4a37959a9e6b661e31b8c8c6d2813c93ac92508a2771b2491b04ea2485

SHA512
5590c039eb50708fe8fe417a5b5adf1d9019db0590dee119d0907bb588114bcbeb980c5ec7f3f77e85aefcbba76c1560e8b81069434ef5774ca60b1e28dbac20

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Browser Hijackers\BabylonToolbar.txt

Filesize
57B

MD5
2ab0eb54f6e9388131e13a53d2c2af6c

SHA1
f64663b25c9141b54fe4fad4ee39e148f6d7f50a

SHA256
d24eee3b220c71fced3227906b0feed755d2e2b39958dd8cd378123dde692426

SHA512
6b5048eeff122ae33194f3f6089418e3492118288038007d62cdd30a384c79874c0728a2098a29d8ce1a9f2b4ba5f9683b3f440f85196d50dc8bc1275a909260

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Email-Worm\Amus.exe

Filesize
50KB

MD5
47abd68080eee0ea1b95ae31968a3069

SHA1
ffbdf4b2224b92bd78779a7c5ac366ccb007c14d

SHA256
b5fc4fd50e4ba69f0c8c8e5c402813c107c605cab659960ac31b3c8356c4e0ec

SHA512
c9dfabffe582b29e810db8866f8997af1bd3339fa30e79575377bde970fcad3e3b6e9036b3a88d0c5f4fa3545eea8904d9faabf00142d5775ea5508adcd4dc0a

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Email-Worm\Anap.a.exe

Filesize
16KB

MD5
0231c3a7d92ead1bad77819d5bda939d

SHA1
683523ae4b60ac43d62cac5dad05fd8b5b8b8ae0

SHA256
da1798c0a49b991fbda674f02007b0a3be4703e2b07ee540539db7e5bf983278

SHA512
e34af2a1bd8f17ddc994671db37b29728e933e62eded7aff93ab0194a813103cad9dba522388f9f67ba839196fb6ed54ce87e1bebcfd98957feb40b726a7e0c6

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Email-Worm\Axam.a.exe

Filesize
11KB

MD5
0fbf8022619ba56c545b20d172bf3b87

SHA1
752e5ce51f0cf9192b8fa1d28a7663b46e3577ff

SHA256
4ae7d63ec497143c2acde1ba79f1d9eed80086a420b6f0a07b1e2917da0a6c74

SHA512
e8d44147609d04a1a158066d89b739c00b507c8ff208dac72fdc2a42702d336c057ae4b77c305f4ccdfe089665913098d84a3160a834aaebe41f95f4b4bfddeb

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Email-Worm\Brontok.exe

Filesize
106KB

MD5
d7506150617460e34645025f1ca2c74b

SHA1
5e7d5daf73a72473795d591f831e8a2054947668

SHA256
941ebf1dc12321bbe430994a55f6e22a1b83cea2fa7d281484ea2dab06353112

SHA512
69e0bd07a8bdbfe066593cdd81acd530b3d12b21e637c1af511b8fee447831b8d822065c5a74a477fe6590962ceff8d64d83ae9c41efd930636921d4d6567f6f

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Email-Worm\BubbleBoy.html

Filesize
12KB

MD5
bb7b91d1685db89b58ac01a72921e632

SHA1
4a1dd457983a7f1bbc7943eb5fca3da6d93d4176

SHA256
940a563df059604ac0dc6a92a845da2f04236b86887208b89969b70c6781c3f8

SHA512
09e26d197b22a4553e2e87a9ee0957700766c2dcd11157b5b71744d67abfa30d71d45c7bf1081bf9337527e3b8aabde99b09bd2bd30aa302329ebf480078307e

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Email-Worm\Bugsoft.exe

Filesize
32KB

MD5
70f549ae7fafc425a4c5447293f04fdb

SHA1
af4b0ed0e0212aced62d40b24ad6861dbfd67b61

SHA256
96425ae53a5517b9f47e30f6b41fdc883831039e1faba02fe28b2d5f3efcdc29

SHA512
3f83e9e6d5bc080fb5c797617078aff9bc66efcd2ffac091a97255911c64995a2d83b5e93296f7a57ff3713d92952b30a06fc38cd574c5fe58f008593040b7f0

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Email-Worm\Duksten.exe

Filesize
9KB

MD5
900ebff3e658825f828ab95b30fad2e7

SHA1
7451f9aee3c4abc6ea6710dc83c3239a7c07173b

SHA256
caec6e664b3cff5717dd2efea8dcd8715abdcfe7f611456be7009771f22a8f50

SHA512
e325f3511722eee0658cfcf4ce30806279de322a22a89129a8883a630388ab326955923fa6228946440894bd2ef56d3e6dfda3973ea16cc6e463d058dd6e25ce

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Email-Worm\Emin.js

Filesize
2KB

MD5
d9fd66a813b647e9461e654ba80db7bc

SHA1
075344db68a3b4bb3f549c0cb79c672aaed70b87

SHA256
3db96ebba9a6875bb058a3a2a4457165103f8ed51183cf4d79a525c959602499

SHA512
55eafa2716d45a629aadb1422dd240609faa9f55c7ec4488569e6fb15298a586b7ed5a95060329e76dd4b272edce8954ea18be5f238d4cac70fbf59a391bb09f

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Email-Worm\Funsoul.exe

Filesize
44KB

MD5
a13a4db860d743a088ef7ab9bacb4dda

SHA1
8461cdeef23b6357468a7fb6e118b59273ed528c

SHA256
69ee59cee5a1d39739d935701cfa917f75787b29e0b9bda9ada9e2642ade434c

SHA512
52909b5fcbf00ef4025f6051ee1b8a933fc2a0bd7a292fe25fac708f358e7c96d6d31ba263d07128d56bc614fcbd053b2fa1249024a8138baf30da8ac5f54806

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Email-Worm\Gruel.a.exe

Filesize
100KB

MD5
b0feccddd78039aed7f1d68dae4d73d3

SHA1
8fcffb3ae7af33b9b83af4c5acbb044f888eeabf

SHA256
5714efd4746f7796bbc52a272f8e354f67edfb50129d5fdaa1396e920956d0d6

SHA512
b02b9476eeb9c43fcfef56949f867c1c88f152d65f3961a2838b8bff02df2383945aefb9a8c517ac78d79b5a9163c7677f5b6238f4624b1966994c9c09eb428d

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Email-Worm\Happy99.exe

Filesize
9KB

MD5
02dd0eaa9649a11e55fa5467fa4b8ef8

SHA1
a4a945192cb730634168f79b6e4cd298dbe3d168

SHA256
4ebe3e1af5e147c580ecce052fe7d7d0219d5e5a2f5e6d8a7f7291735923db18

SHA512
3bf69de674737ca15d6ff7ce73396194f3631dc4b8d32cc570adeeacdc210acee50fd64c97172ce7cc77f166c681d2ccd55955b3aca9188813b7ff6f49280441

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Email-Worm\ILOVEYOU.vbs

Filesize
10KB

MD5
8e2c097ca623ca32723d57968b9d2525

SHA1
dccfb092fa979fb51c8c8ca64368a6f43349e41d

SHA256
556700ac50ffa845e5de853498242ee5abb288eb5b8ae1ae12bfdb5746e3b7b1

SHA512
a468476a8463c36c2db914e3fe4dc7aee67ac35e5e39292107431d68ab1553ca3c74255a741432ba71e8a650cf19eb55d43983363bfc9710e65b212fba37bbde

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Email-Worm\Jer.html

Filesize
4KB

MD5
ecafc7fa4592920ca0948de98493a758

SHA1
6ed9a12aa6d586bdcb1b56c65411e75c539408fa

SHA256
390e460334ec801fdeadb511d7404ff2c8b7a0a945a0c763d0b3354e15639dbf

SHA512
27316d1836dfeb7b5f263d2371c3a8f4bb18ef6ee248955940a5d75a597161ab152b8e2d6092cf416bf326b629c2e6babda271b8a1e8977dd6d1f7b2317b876e

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Email-Worm\Kiray.exe

Filesize
13KB

MD5
f22ae972aee081ec86faa30e73d9675f

SHA1
a559057e10f7e524688043ca283e2380739d6744

SHA256
166865fdb90e7964e7ea57a282343026d878230215e5694145f88a8afb56132f

SHA512
80c000c1ee73a402d0960ee768272096541786eacda7b938f9791ca3da067f5838c6850c74dff466cccde11851989062328b4a3d87b2eb99a6cac0efcf45f4c1

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Email-Worm\Klez.e.exe

Filesize
86KB

MD5
f2db87b351770e5995e9fcaad47d9591

SHA1
4c75bd93f458096fbc27fa852e16ce25a602f267

SHA256
3113fa9a3cf00ed423a2c686a2ffb19586f6a047747de65a93436a7dca8fcfa7

SHA512
608e74274b555a239534a9d43514e07cb8aad9b13baf4cc383e8c21ea4e9ebd36162dc0b4bf30a0975c334facf23d6e63742e2bbe4ba400e80d9f191893a84fc

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Email-Worm\Lacon.exe

Filesize
12KB

MD5
cb0f7b3fd927cf0d0ba36302e6f9af86

SHA1
32bdc349a35916e8991e69e9be1bd2596b6321cc

SHA256
9b3f73a12a793d1648f3209e1e3f10bbb548b1ec21d53b8ac060b7b95ae4ef1f

SHA512
e6152f3645d73c63f3f3aa9881fe8b404f9794b14a8ecaea659621828462baf042c13c88bb7f2c32277fa854ceda3056d09aa5603e92b107c6c8194464154252

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Email-Worm\Magistr.exe

Filesize
107KB

MD5
9890349fe3c68f5923b29347bba021a4

SHA1
fa080a50486b205b75833a6b5c9505abb1e3b4df

SHA256
068f2ee28af7645dbf2a1684f0a5fc5ccb6aa1027f71da4468e0cba56c65e058

SHA512
aedd86837987cbe8c0b1cf3b4ca0c3a875e4cc9bcc8097c160d0d6070427ad9e1d871d5339ea95cc03499c39a6536b5a6b6d43372a49eeaf2e87bf755a3d3367

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Email-Worm\Maldal.a.exe

Filesize
80KB

MD5
cbcd34a252a7cf61250b0f7f1cba3382

SHA1
152f224d66555dd49711754bf4e29a17f4706332

SHA256
abac285f290f0cfcd308071c9dfa9b7b4b48d10b4a3b4d75048804e59a447787

SHA512
09fdcb04707a3314e584f81db5210b2390f4c3f5efa173539f9d248db48ae26b3a8b240cf254561b0ecb764f6b04bb4c129832c6502d952d1960e443371ce2a9

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Email-Worm\Mari.exe

Filesize
44KB

MD5
6513e97cffb6656fd7b5a29859fe47d3

SHA1
9ea95b90f501fa4b1fd4798622e7d736413d56f5

SHA256
efb67be90882ded2d3e53e463ae175a4b4b5229ca6929b835fa7dd4687801144

SHA512
87b34e2f980f446b0372815ee54942d42439c6b063f934f78b8ac1f8f04c9a8a48a2674621e83f62d0d2eae59f134a9eb6e033c698da56ddb8b3919d1f4e59ec

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Email-Worm\MeltingScreen.exe

Filesize
17KB

MD5
4784e42c3b15d1a141a5e0c8abc1205c

SHA1
48c958deba25a4763ef244ac87e87983c6534179

SHA256
9d355e4f9a51536b05269f696b304859155985957ba95eb575f3f38c599d913c

SHA512
d63d20a38602d4d228367b6596454a0f5b2884c831e3a95237d23b882abd624de59ea47835636b06a96e216f1decf8c468caacd45e5d3b16a5eb9e87bc69eb97

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Email-Worm\Merkur.exe

Filesize
44KB

MD5
e6f8f701d646b193139cf0a92229455f

SHA1
b7747d41fcf52c3611af1153e46183dacbb3c709

SHA256
7e89fabfdbe214bf6a6f9730f3e451e69f752b62bbd54c0a81d2aae2320abd2c

SHA512
135d69ed4b3acdeaf45639090cefd48fa02f9ff1fb168d249717d0e2d3295530b697d8ff3fea84fa20a66aeb99437e5b0f2a2c3936f2a109c1068816263003ae

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Email-Worm\MsWorld.exe

Filesize
128KB

MD5
7bd8a009b84b35868613332fe14267ab

SHA1
d36d4753aab27c6c5e253b9926406f7f97dc69a6

SHA256
56511f0b28f28c23b5a1a3c7d524ee25a4c6df9ac2b53797c95199534f86bbd2

SHA512
ad8e121f601f6698d720181d486da828781f729ca7880fb35c6fc70f021197e4a508dc46d980108a168ef2c6c89a62f3140e676ff71a1e40ea3e397ad0c63261

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Email-Worm\MyDoom.A.exe

Filesize
22KB

MD5
53df39092394741514bc050f3d6a06a9

SHA1
f91a4d7ac276b8e8b7ae41c22587c89a39ddcea5

SHA256
fff0ccf5feaf5d46b295f770ad398b6d572909b00e2b8bcd1b1c286c70cd9151

SHA512
9792017109cf6ffc783e67be2a4361aa2c0792a359718434fec53e83feed6a9a2f0f331e9951f798e7fb89421fdc1ac0e083527c3d3b6dd71b7fdd90836023a0

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Email-Worm\MyPics.a.exe

Filesize
33KB

MD5
94ec47428dabb492af96756e7c95c644

SHA1
189630f835f93aaa4c4a3a31145762fcbbb69a32

SHA256
0ae040287546a70f8a2d5fc2da45a83e253da044bf10246ae77830af971b3359

SHA512
deff74df45328126ac4b501fc6a51835eeb21efa4ae6623328797d41caef6a247b47fc1c245fc8f1d434c0eea3b7c2801b65ed4957e91a50e7b73522502e0454

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Email-Worm\NakedWife.exe

Filesize
72KB

MD5
da9dba70de70dc43d6535f2975cec68d

SHA1
f8deb4673dff2a825932d24451cc0a385328b7a4

SHA256
29ceeb3d763d307a0dd7068fa1b2009f2b0d85ca6d2aa5867b12c595ba96762a

SHA512
48bbacb953f0ffbe498767593599285ea27205a21f6ec810437952b0e8d4007a71693d34c8fc803950a5454738bea3b0bafa9ff08cd752bf57e14fedf4efb518

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Email-Worm\NewLove.vbs

Filesize
7KB

MD5
d2b8ea4a267c69040c7d3ad80f64f8ba

SHA1
ac2296b3fcaed80221c78d3a3cd9180b86bd33e7

SHA256
aa14a4bfb1e6de52750cc89b91cacbe8bd318634ccb54fa835f5e2c5d1d2f633

SHA512
4a0cbd391ae029a2262e43320c96e3f25d1f4893eb4f144cb90f248d364c11e98f6440d74a413417eee5bd9fd0c0968d53e1c4a58d8617ec80cef876759e4758

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Email-Worm\Nyxem.E.exe

Filesize
128KB

MD5
a0bdce2f937ffbb7ba548845b24749c0

SHA1
b79bbd469ae9cf3bb89adb354cd0a31ce8aceebc

SHA256
62f8364c46300bce2e75c4cc65039de3f060b854764dd90f0fa656efaf31bea9

SHA512
fd36fca722a6ff0b280f212232d92810f41e55d3832ddb14aa9eaeb269da8842ccb57709695860e502a0dc6529fcc63fdfd72de792b795b0d5f267deb45e3ea2

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Email-Worm\Pikachu.exe

Filesize
32KB

MD5
715614e09261b39dfa439fa1326c0cec

SHA1
52d118a34da7f5037cde04c31ff491eb25933b18

SHA256
e1dfc005d5403fb2f356276f0abe19df68249ce10e5035450926d56c2f8d3652

SHA512
fe905c388b0711f54941076a29b11f2b605655b4a3f409d9f0f077f2fe91f241401035310daa490afb6df50a6deff5456be5ee86984e7b9069506efa07af51ae

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Email-Worm\Pleh.vbs

Filesize
3KB

MD5
55cde934290e89ae29f92ff118b6280c

SHA1
e13989a5ba4dba2cbc7c2a779b06f381266c32c7

SHA256
dc98a3995c8c9db2897b3dcd603d0a55e9d6b42cb3900f9b5666dbb461172197

SHA512
011822883aa21cd328582dadae90190b0d51040d6c7b05463584997a1c2f67e4c9655f2e80350e8c87c4d3c073ab0d80ff9bc6459d85f03e85ff1a6db9f28157

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Email-Worm\Prolin.exe

Filesize
36KB

MD5
65eeb8a0fce412d7f236f8348357d1c0

SHA1
c31af321819481bcc15b2121f3b5c04481eaf525

SHA256
db0c7e3029fb2a048e7a3e74c9cbf3e8bcec06288b5eafac5aae678d8663bffc

SHA512
fad1b721a6420984e13d2278b1d6b5bd70442ab3517553682880a9a8d90f9d47000ad6069cb68d3218d01bc23f771936bcce2529b646501984b954ae9e9ce573

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Email-Worm\Quamo.exe

Filesize
56KB

MD5
a1f722324492fda51077449ec2db2827

SHA1
e4d8d27d77f8c2f5282a899a48184c40939c1665

SHA256
fc2ced1d89845dcfae55b6e854cd0e622fdf98baeeb4a67a60852ecd1212f93b

SHA512
6c30ce6a2055300990a951ab487039d92985271a06123d81864495bebc88fb6790be81397f729be4dfb2667d5bad506f51ce93426e4f9369f93fe5c832d8c9e9

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Email-Worm\San.html

Filesize
4KB

MD5
2e69f2fa1dfcf256549cca809cc4c9d6

SHA1
796e225ec50ef26eb3eeb9eaf2cab12ba2d9b75e

SHA256
49151419f15b1bf00dc4d5b1d988d9c2669d1e4e46c62cf2b0db3c89cd0293e7

SHA512
f0f90fe8546f4bf3717efbe5c240e52661123d2324b74356e0d92a110fd2c1f9559cdbc8a1d8bc254a8856c9bbfeb47f4d959d1a5cf4c693ddca46d8c88ec811

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Email-Worm\Scare.hta

Filesize
6KB

MD5
b4978d1e7542eafdc7b3908a5f45b8a6

SHA1
b68ed71afa32b7ba4de42feb7e0c4da2f6ff5a57

SHA256
1a8083787b336b322510f93d930f52aedeb90d2052501e864bfa5b1906e74d58

SHA512
def529cdd9216219e1ba55dca52a119de87556db0ee1c1e2f8d6257ac99b59c6015e5db23f2dfa94bdc4ba3712f5ab2caad061e5ff77c56acd4a3a8be54cdd1a

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\README.md

Filesize
57B

MD5
da53941085b635d68bba6cfd5ec25b41

SHA1
3a1fad738f5576ad8eeebaaad7f85aea1110136c

SHA256
f14b23fe8a5835b3451b2c099ae01afc77aa8a84067621cc80b31fcb5b827a32

SHA512
c3f2be04c0c805260372174d57db68e94039a6657c7b2ddd8c71cf07c7bbfbb6b4065beb037956b574f413a268461d7a551109c9cd2fc39113d54b13e6637556

Download Submit
C:\Users\Admin\Desktop\The-MALWARE-Repo-master\Trojan\000.exe

Filesize
6.7MB

MD5
f2b7074e1543720a9a98fda660e02688

SHA1
1029492c1a12789d8af78d54adcb921e24b9e5ca

SHA256
4ea1f2ecf7eb12896f2cbf8683dae8546d2b8dc43cf7710d68ce99e127c0a966

SHA512
73f9548633bc38bab64b1dd5a01401ef7f5b139163bdf291cc475dbd2613510c4c5e4d7702ecdfa74b49f3c9eaed37ed23b9d8f0064c66123eb0769c8671c6ff

Download Submit
C:\Users\Admin\Desktop\UR NEXT UR NEXT UR NEXT UR NEXT UR NEXT UR NEXT UR NEXT UR N1XT.txt

Filesize
396B

MD5
9037ebf0a18a1c17537832bc73739109

SHA1
1d951dedfa4c172a1aa1aae096cfb576c1fb1d60

SHA256
38c889b5d7bdcb79bbcb55554c520a9ce74b5bfc29c19d1e4cb1419176c99f48

SHA512
4fb5c06089524c6dcd48b6d165cedb488e9efe2d27613289ef8834dbb6c010632d2bd5e3ac75f83b1d8024477ebdf05b9e0809602bbe1780528947c36e4de32f

Download Submit
memory/792-518-0x000000000C040000-0x000000000C050000-memory.dmp

Filesize
64KB

Download
memory/792-507-0x0000000009600000-0x000000000960E000-memory.dmp

Filesize
56KB

Download
memory/792-515-0x000000000C040000-0x000000000C050000-memory.dmp

Filesize
64KB

Download
memory/792-517-0x000000000C070000-0x000000000C080000-memory.dmp

Filesize
64KB

Download
memory/792-510-0x000000000C070000-0x000000000C080000-memory.dmp

Filesize
64KB

Download
memory/792-511-0x000000000C070000-0x000000000C080000-memory.dmp

Filesize
64KB

Download
memory/792-512-0x000000000C070000-0x000000000C080000-memory.dmp

Filesize
64KB

Download
memory/792-513-0x000000000C070000-0x000000000C080000-memory.dmp

Filesize
64KB

Download
memory/792-506-0x000000000BF30000-0x000000000BF68000-memory.dmp

Filesize
224KB

Download
memory/792-516-0x000000000C070000-0x000000000C080000-memory.dmp

Filesize
64KB

Download
memory/792-495-0x0000000074790000-0x0000000074F41000-memory.dmp

Filesize
7.7MB

Download
memory/792-487-0x00000000062E0000-0x0000000006886000-memory.dmp

Filesize
5.6MB

Download
memory/792-486-0x0000000074790000-0x0000000074F41000-memory.dmp

Filesize
7.7MB

Download
memory/792-485-0x0000000000AE0000-0x000000000118E000-memory.dmp

Filesize
6.7MB

Download
memory/792-484-0x000000007479E000-0x000000007479F000-memory.dmp

Filesize
4KB

Download
memory/792-514-0x000000000C040000-0x000000000C050000-memory.dmp

Filesize
64KB

Download
memory/792-1398-0x000000007479E000-0x000000007479F000-memory.dmp

Filesize
4KB

Download
memory/792-1399-0x0000000074790000-0x0000000074F41000-memory.dmp

Filesize
7.7MB

Download
memory/792-1400-0x0000000074790000-0x0000000074F41000-memory.dmp

Filesize
7.7MB

Download
memory/792-1401-0x0000000074790000-0x0000000074F41000-memory.dmp

Filesize
7.7MB

Download

Analysis

Sharing

Errors

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads