Overview

overview

10

Static

static

3

mixazed_20...20.exe

windows7-x64

10

mixazed_20...20.exe

windows10-2004-x64

10

mixazed_20...23.exe

windows7-x64

10

mixazed_20...23.exe

windows10-2004-x64

10

mixazed_20...04.exe

windows7-x64

10

mixazed_20...04.exe

windows10-2004-x64

10

mixazed_20...25.exe

windows7-x64

10

mixazed_20...25.exe

windows10-2004-x64

10

mixazed_20...06.exe

windows7-x64

10

mixazed_20...06.exe

windows10-2004-x64

10

mixazed_20...07.exe

windows7-x64

10

mixazed_20...07.exe

windows10-2004-x64

10

mixazed_20...48.exe

windows7-x64

10

mixazed_20...48.exe

windows10-2004-x64

10

mixsix_202...11.exe

windows7-x64

10

mixsix_202...11.exe

windows10-2004-x64

10

usfive_202...29.exe

windows7-x64

10

usfive_202...29.exe

windows10-2004-x64

10

usfive_202...19.exe

windows7-x64

10

usfive_202...19.exe

windows10-2004-x64

10

usfive_202...38.exe

windows7-x64

10

usfive_202...38.exe

windows10-2004-x64

10

usfive_202...22.exe

windows7-x64

10

usfive_202...22.exe

windows10-2004-x64

10

usfive_202...45.exe

windows7-x64

10

usfive_202...45.exe

windows10-2004-x64

10

usfive_202...26.exe

windows7-x64

10

usfive_202...26.exe

windows10-2004-x64

10

usfive_202...26.exe

windows7-x64

10

usfive_202...26.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5f830899b3b1cb680b762b896862e87fb11e68526fda9568d1e135160014413c

  • Size

    5.7MB

  • Sample

    241110-1g1zpawdlf

  • MD5

    a8a371dd99b0bffc68cb7d5a6df85df2

  • SHA1

    f60b5828793175456408464d2b30aa64f35980ea

  • SHA256

    5f830899b3b1cb680b762b896862e87fb11e68526fda9568d1e135160014413c

  • SHA512

    cc326cb3f52b264996a9b4cd457131af700434af9728df598c515b4a21c7aedf1dc037b3dfe98e13f46872d198a5a2496bbc1b5c4163b95fd94e26051eeb8b3f

  • SSDEEP

    98304:SCePwTUAfZGjFzEYdfdCqj2wpa5C5gMXwFTmq2BdD6ZG8rDIf8qUi4/tVP:uYTUswjFzE2fdt2wpa5ERgFyq4l8nIf0

Score
10/10
chinese_generic_botnetraccoonredlineremcossectopratc58b0b3f1f90ad7552aaf8e84180b7580f397001chasemafia1fa93985ba268e1dd8b72ef392332edcba95ddd45winslogonbotnetdiscoveryevasionexecutioninfostealerpersistenceratstealertrojan

Malware Config

Extracted

Family

remcos

Version

3.1.5 Pro

Botnet

winslogon

C2

178.18.247.224:45265

Attributes
  • audio_folder

    MicRecords

  • audio_path

    %AppData%

  • audio_record_time

    5

  • connect_delay

    0

  • connect_interval

    1

  • copy_file

    winslogon.exe

  • copy_folder

    sys

  • delete_file

    true

  • hide_file

    false

  • hide_keylog_file

    true

  • install_flag

    true

  • install_path

    %AppData%

  • keylog_crypt

    true

  • keylog_file

    logs.dat

  • keylog_flag

    false

  • keylog_folder

    sys

  • keylog_path

    %AppData%

  • mouse_option

    false

  • mutex

    winslogon-QT8NX3

  • screenshot_crypt

    true

  • screenshot_flag

    true

  • screenshot_folder

    systemp

  • screenshot_path

    %AppData%

  • screenshot_time

    1

  • startup_value

    winslogon

  • take_screenshot_option

    false

  • take_screenshot_time

    5

  • take_screenshot_title

    notepad;solitaire;

Extracted

Family

raccoon

Version

1.7.3

Botnet

fa93985ba268e1dd8b72ef392332edcba95ddd45

Attributes
  • url4cnc

    https://telete.in/h_ghaibin2_1

rc4.plain
rc4.plain

Extracted

Family

redline

Botnet

Chasemafia1

C2

185.234.247.50:55567

Extracted

Family

raccoon

Version

1.7.3

Botnet

c58b0b3f1f90ad7552aaf8e84180b7580f397001

Attributes
  • url4cnc

    https://telete.in/h_electricryptors2

rc4.plain
rc4.plain

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

https://cdn.discordapp.com/attachments/873486687085428759/873677044964282429/main_module.txt-chimera-172013.bin

Targets

    • Target

      mixazed_20210808-071120

    • Size

      542KB

    • MD5

      bdff95108f1380b097200f1a1063775c

    • SHA1

      ae61a14382009adde7b63fc0d2cac23cba715dfe

    • SHA256

      874e9527126f7470fb2482a75d1e8016f988c7ed7b417ae7e0a991e49bc094a5

    • SHA512

      8592f307efeb628e81167f693dc85d8ed54531f9540dc6cab1d35b76546b763448cab7e38380e35c8365678f798ba1a296e72044374a82f40fe7b3157b4f02e2

    • SSDEEP

      12288:3NfcfEpahAGNjIlJbkGaDmZ0uNEQxUbzkMbbzScgC:efSal+kG4w0uNEQxUbIp

    Score
    10/10
    remcoswinslogondiscoveryevasionpersistencerattrojan

    • Remcos

      Remcos is a closed-source remote control and surveillance software.

      ratremcos

    • Remcos family

      remcos

    • UAC bypass

      evasiontrojan

    • Adds policy Run key to start application

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

    • Target

      mixazed_20210808-075823

    • Size

      14KB

    • MD5

      dfe4e4a9d0d02a17fd575b94291dfcfa

    • SHA1

      4a8a44719272b2bd5b067f6b3439bb23f7ec15c6

    • SHA256

      d693bdb8fc82b3385c47a02ef9ac465a2470c1f345a5f0b7dbd835c9c7b40115

    • SHA512

      18b540a5a322350d63b5928debb80a30b2ab10419a87e11e9f6134584383ecc5a55131f5c2473c82a7686b5b52a46454b2ac62332f4cf946218071e7a784e8d7

    • SSDEEP

      384:GEhQiqMOt/RzLo07xNqj/afC/ery7s62HG:iiqtt/Rzc07xEaBO7gHG

    Score
    10/10
    discoveryexecution

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

      execution
    behavioral3behavioral4

    • Target

      mixazed_20210808-090104

    • Size

      312KB

    • MD5

      db3634519c2d504f67f0ac5518d4c208

    • SHA1

      752eaa1a95d1179ac825119d27c006ddeda41d6b

    • SHA256

      69d7973f1002d543c7e1935b95a4493ec29d0c21d3dc5e50d2f477868a914f70

    • SHA512

      3cca550e3fc9360f97b04c64172daface1e2a5f2b6508fc141f15214bf9e668a88e81ed487b40d926a944e0c71d35f2f97fb2066a66dfb4dab2f264410b6d751

    • SSDEEP

      6144:JEeHlmxEW0qLFWfs/ZnGWvAljyyqI7rRgdixjTwa/RxJg:JTgTZWk/oWvARy9oRxHY

    Score
    10/10
    chinese_generic_botnetbotnetdiscoverypersistence
    behavioral5behavioral6

    • Target

      mixazed_20210808-093225

    • Size

      496KB

    • MD5

      0afc84729688edd256ceb10640273f6e

    • SHA1

      2af9a1faf03609b53f215304ad7a53e902a70278

    • SHA256

      641a192558e576b2fccf9c0d84b97b469cb238f5a179b9c836454af32e82989b

    • SHA512

      6723870e2a8137ec4d73a10d4f8c11de1333114fa5144b54db99e83180ac42e821cac8710cf2a49cbce265705d6103c215c781c2f3cb7e337d54559cd1dadbf4

    • SSDEEP

      12288:njayzJsbBujJSiJduR+ssvE55QK5AK2R0Y:njaQJsbE1uRuE+6Y

    Score
    10/10
    raccoondiscoverystealerfa93985ba268e1dd8b72ef392332edcba95ddd45

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Raccoon Stealer V1 payload

    • Raccoon family

      raccoon
    behavioral7behavioral8

    • Target

      mixazed_20210808-094806

    • Size

      496KB

    • MD5

      138b386cec69e30ef52e4716f0654e28

    • SHA1

      f8847b8542b29f3b10740157584a4dbb6cf7c0bc

    • SHA256

      a7b31e5ff0a589250f20a79e612376489268058108d2711873b0f69cb1aaed12

    • SHA512

      9a7c3c3dd41429d412938b5754dea723a0f17e840f45e978fb97217d361284db6d2135ec94b84a5240bc9dc75012cba4587920899b71dfd6cc4f43cb24e65eb8

    • SSDEEP

      6144:YDabr3yardfPCo4w7TLpn13KVP9AJXagRpvUIjq7G4FWqXjpLD2z895BcPz6rRg1:YDajdfKO7TF13KBgpPjE1az6nRE41Y

    Score
    10/10
    raccoonfa93985ba268e1dd8b72ef392332edcba95ddd45discoverystealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Raccoon Stealer V1 payload

    • Raccoon family

      raccoon
    behavioral10behavioral9

    • Target

      mixazed_20210808-103507

    • Size

      509KB

    • MD5

      b5d662a00369e1197dc3f5c0ce757037

    • SHA1

      e0505fb10dc245624caa69bcb65d3fbdbe1d4b9c

    • SHA256

      b76da9e03bbb507768d903969827394b0da58d5e69c81e98146dcad2495af7a3

    • SHA512

      4c5dc25ca13d7e89f9074416347357120ba36492b4b1169c20e8e54827987c7bec6124a1b3270347422a16f9eec4b2aeda5ef7c18c64b17b8987f95de91253c7

    • SSDEEP

      6144:UYGJcvNWRJGzu7NqOm3WmeISIjyOTF4dExjuz75QY87+P1qexrRgijTwa/jfXLK8:TG8N1z8Nqfx5eEwFQPQ1qoRlfXLv

    Score
    10/10
    raccoonfa93985ba268e1dd8b72ef392332edcba95ddd45discoverystealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Raccoon Stealer V1 payload

    • Raccoon family

      raccoon
    behavioral11behavioral12

    • Target

      mixazed_20210808-113748

    • Size

      509KB

    • MD5

      bd5ef7bfbce71bc849e5b55fb4ac8499

    • SHA1

      5a739e10c9a10917227e16763737d8cb3dde2e38

    • SHA256

      1c46290e95d0f387c0931e1517adad82cca0096de1917bcd8c5418276bb12514

    • SHA512

      07213c5a5af7f073e7b20cefdacba330d62f010eda9c08c9dbcbe2950d035e674bc0f668384955769c6278d1f463afa1f1447ac76b6bf3176cb8adb6926a2d30

    • SSDEEP

      6144:YYGRJ4BFebBurDGUuvzAy3HhUT13Z9OoHo+e7SAZtg+GNL9kkcSrRgijTwa/RjhT:/GToFeqDPuF3HhUT3c+eXGl9kGR/hLv

    Score
    10/10
    raccoonfa93985ba268e1dd8b72ef392332edcba95ddd45discoverystealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Raccoon Stealer V1 payload

    • Raccoon family

      raccoon
    behavioral13behavioral14

    • Target

      mixsix_20210808-081411

    • Size

      843KB

    • MD5

      c46bc8453f429ca0bb33cb9d08982873

    • SHA1

      093a1e775be814d24bcaba7422d4ef6685edec0d

    • SHA256

      abcdce434d8b3a78ab1daadd366951434715cb5446be2fb08ca18f9b227ed80f

    • SHA512

      62561d0679d23884de01bfad56efad8575c23ac831d2a76325d630f9968c8e470bd9dafe13e1f380ee4b3a434c16d1c603c8c67111ddad7f5e719a233c18a03d

    • SSDEEP

      12288:x90L3Iiv1t294X2au5Agw/gvIu4QN0i/mTanrPF53A9+oyKv1AhzPRrY:x90rudu3Q0KEgU7yC1AhzZY

    Score
    10/10
    raccoondiscoverystealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Raccoon Stealer V1 payload

    • Raccoon family

      raccoon

    • Suspicious use of SetThreadContext

    behavioral15behavioral16

    • Target

      usfive_20210807-233729

    • Size

      308KB

    • MD5

      06f479481211756641803fe02a8c3f37

    • SHA1

      93dc18c50bdc4a649aaebed80f39c0c4abd0d14f

    • SHA256

      f60725c9ef99938ddb6d446677ace38ee86cf3f382e7146b3e3f749b13694115

    • SHA512

      76960bb2077413c1e56ee8417d5fe4ef421ea9981281ab57771c3614aa91e3f2fcd3a882bd96d8971c4fdbc2c792a01cde266049e7d678549aa0eaaf5b267d49

    • SSDEEP

      6144:dKdaReqwQVtHvjfP21bs1OjffqE/arRgujTwa/RxJg:dWkNes0jwRXY

    Score
    10/10
    redlinesectopratchasemafia1discoveryinfostealerrattrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

      trojanratsectoprat

    • SectopRAT payload

    • Sectoprat family

      sectoprat
    behavioral17behavioral18

    • Target

      usfive_20210808-050619

    • Size

      496KB

    • MD5

      1b9ef163f86ffae8576e35047a101f9d

    • SHA1

      00f6fda45f6cea5aad7d3af58daeb55aa7745b57

    • SHA256

      161d7b71d69469b23ce7d87a9b9498747eb9d4980926f5ac952ad12ec08c3402

    • SHA512

      b25b742b7567df44bc93fab230d56a2d78be9e1d96d3fdd43761b607bd5b47076f763c493e23ed6dede7c4f69804bde41821192ec105a3df15f053c7fe34e5bc

    • SSDEEP

      12288:VdSPi4Ywc62G3A2A/lIvjqT1BSFbPvR4Y:Vdh6c62kA2RvsMqY

    Score
    10/10
    raccoonc58b0b3f1f90ad7552aaf8e84180b7580f397001discoverystealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Raccoon Stealer V1 payload

    • Raccoon family

      raccoon
    behavioral19behavioral20

    • Target

      usfive_20210808-053738

    • Size

      495KB

    • MD5

      07268fbed6f58a231131881ef76d37af

    • SHA1

      1c35edde94c22662efa453710c0621bdc3e82f97

    • SHA256

      623f949e627bc23ebb150a210601459c9c93291794b14ecfc165d78cfbbbf1e8

    • SHA512

      1729ff2fdb641a37672614fe85bb7f392076edc266bcc755c2db94c60deebdd95092c641a85616b2b700aacca7cd0fc5dbb8a7ccdd87477935b6d67da51a9ec9

    • SSDEEP

      6144:Fds9TDLso0TlYp8eZ6Yyz2v7c8eaZCL6bv9KSlTjVFY5tYTo9zDshEPrRgAjTwau:FdGt8o6A1epL6bFKgY5tYE6hwR9Y

    Score
    10/10
    raccoonc58b0b3f1f90ad7552aaf8e84180b7580f397001discoverystealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Raccoon Stealer V1 payload

    • Raccoon family

      raccoon
    behavioral21behavioral22

    • Target

      usfive_20210808-090122

    • Size

      496KB

    • MD5

      a3211cd9975693d39bdc584b0cda71dd

    • SHA1

      6f8dc4cdbe072368222ce0a355ef2f6ea5088aab

    • SHA256

      ec6adf48e649d4eae46d23c03dc748ec040a7d20e60a1c970e7acc57ba0ba90e

    • SHA512

      c2f5ddd29d234e7c99a55298876028125249d78d85dc329f6273008b31f24d86e97417e64c0ac949d8a97f657f7b82beb1b55477a6dd66b9870c3499b013dc97

    • SSDEEP

      12288:Qja+cG3Tsz2ovs5EDc2m/wyCs4tlicRKSZHY:Qjax379Xtli8ZHY

    Score
    10/10
    raccoonc58b0b3f1f90ad7552aaf8e84180b7580f397001discoverystealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Raccoon Stealer V1 payload

    • Raccoon family

      raccoon
    behavioral23behavioral24

    • Target

      usfive_20210808-101945

    • Size

      509KB

    • MD5

      31d55e76fcc4f48c507d4b7643285a67

    • SHA1

      83afbc3e208a2fc34ba6c79ae9b4ba06a620158c

    • SHA256

      2013784f23ef6edef21cee58b5d2cfd48bb227a7960c0caa5e4dedbaf508f9f2

    • SHA512

      bb77dda8b671030aa69962188d083c73243fdbeaf0da0b4f7a228a793926f5aad9b66f91ed9b33beb73bb23af76f292d70daf2ec3f244420a29b72c0c6c98187

    • SSDEEP

      6144:zYGCM1B0K27XTfiSo76VCJlR202wnVn+tPgYqlJajFP9sCrRgijTwa/KHEqwq+Lv:cGCM1BUfpCRnfVeg17CFVHRrLv

    Score
    10/10
    raccoonc58b0b3f1f90ad7552aaf8e84180b7580f397001discoverystealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Raccoon Stealer V1 payload

    • Raccoon family

      raccoon
    behavioral25behavioral26

    • Target

      usfive_20210808-112226

    • Size

      509KB

    • MD5

      853c81b020e486e1c27a16c56cccbe9e

    • SHA1

      21a8a614c5214a43e18af99fbde0ca5d847503b7

    • SHA256

      6f746103b4d4aaffc6406311aafacc114e0595705821129e122631a0c525070b

    • SHA512

      5bdba1d856d59a4d99674e44e97af4a974ca168e1992c6c807747d7fe814f2ced980f7168fc0a67ce2d106e2428255c754a53542e9b0d7209a205bf1c5ec4043

    • SSDEEP

      12288:SGFCwUhZ6MT4aV2yg7BHD/Z863pgqRfYzLv:SGFwr/T1IBHLZ8qpj0Lv

    Score
    10/10
    raccoonc58b0b3f1f90ad7552aaf8e84180b7580f397001discoverystealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Raccoon Stealer V1 payload

    • Raccoon family

      raccoon
    behavioral27behavioral28

    • Target

      usfive_20210808-120926

    • Size

      509KB

    • MD5

      5d1736619ec4d8374530037e452cf30d

    • SHA1

      3ad3fa52a30b906844eb7011210bf87abeba04d0

    • SHA256

      12a47d5b66103cf813add71c6c27fff6c57e076b370c11e0d136084cdf9ec26b

    • SHA512

      5347725d9b9d8a5d32892d4f0299b03e7d08ad225ab90e0f640c9839b0ff26fb9d6581ac7a9f430c6781eaa0b3ac611e464cbad83c91e11b00c0d9c328ab9274

    • SSDEEP

      12288:WGfsYJF3M0mWbD1XaJj/WqELIk2X9C57Kt:WGf/80m0XLrc9

    Score
    10/10
    raccoonc58b0b3f1f90ad7552aaf8e84180b7580f397001discoverystealer

    • Raccoon

      Raccoon is an infostealer written in C++ and first seen in 2019.

      stealerraccoon

    • Raccoon Stealer V1 payload

    • Raccoon family

      raccoon
    behavioral29behavioral30

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

1
T1059

PowerShell

1
T1059.001

Persistence

Boot or Logon Autostart Execution

2
T1547

Registry Run Keys / Startup Folder

2
T1547.001

Privilege Escalation

Abuse Elevation Control Mechanism

1
T1548

Bypass User Account Control

1
T1548.002

Boot or Logon Autostart Execution

2
T1547

Registry Run Keys / Startup Folder

2
T1547.001

Defense Evasion

Abuse Elevation Control Mechanism

1
T1548

Bypass User Account Control

1
T1548.002

Impair Defenses

1
T1562

Disable or Modify Tools

1
T1562.001

Modify Registry

4
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

System Location Discovery

1
T1614

System Language Discovery

1
T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

Score
3/10

behavioral1

remcoswinslogondiscoveryevasionpersistencerattrojan
Score
10/10

behavioral2

remcoswinslogondiscoveryevasionpersistencerattrojan
Score
10/10

behavioral3

discoveryexecution
Score
10/10

behavioral4

discoveryexecution
Score
10/10

behavioral5

chinese_generic_botnetbotnetdiscovery
Score
10/10

behavioral6

chinese_generic_botnetbotnetdiscoverypersistence
Score
10/10

behavioral7

raccoondiscoverystealer
Score
10/10

behavioral8

raccoonfa93985ba268e1dd8b72ef392332edcba95ddd45discoverystealer
Score
10/10

behavioral9

raccoonfa93985ba268e1dd8b72ef392332edcba95ddd45discoverystealer
Score
10/10

behavioral10

raccoonfa93985ba268e1dd8b72ef392332edcba95ddd45discoverystealer
Score
10/10

behavioral11

raccoonfa93985ba268e1dd8b72ef392332edcba95ddd45discoverystealer
Score
10/10

behavioral12

raccoonfa93985ba268e1dd8b72ef392332edcba95ddd45discoverystealer
Score
10/10

behavioral13

raccoonfa93985ba268e1dd8b72ef392332edcba95ddd45discoverystealer
Score
10/10

behavioral14

raccoonfa93985ba268e1dd8b72ef392332edcba95ddd45discoverystealer
Score
10/10

behavioral15

raccoondiscoverystealer
Score
10/10

behavioral16

raccoondiscoverystealer
Score
10/10

behavioral17

redlinesectopratchasemafia1discoveryinfostealerrattrojan
Score
10/10

behavioral18

redlinesectopratchasemafia1discoveryinfostealerrattrojan
Score
10/10

behavioral19

raccoonc58b0b3f1f90ad7552aaf8e84180b7580f397001discoverystealer
Score
10/10

behavioral20

raccoonc58b0b3f1f90ad7552aaf8e84180b7580f397001discoverystealer
Score
10/10

behavioral21

raccoonc58b0b3f1f90ad7552aaf8e84180b7580f397001discoverystealer
Score
10/10

behavioral22

raccoonc58b0b3f1f90ad7552aaf8e84180b7580f397001discoverystealer
Score
10/10

behavioral23

raccoonc58b0b3f1f90ad7552aaf8e84180b7580f397001discoverystealer
Score
10/10

behavioral24

raccoonc58b0b3f1f90ad7552aaf8e84180b7580f397001discoverystealer
Score
10/10

behavioral25

raccoonc58b0b3f1f90ad7552aaf8e84180b7580f397001discoverystealer
Score
10/10

behavioral26

raccoonc58b0b3f1f90ad7552aaf8e84180b7580f397001discoverystealer
Score
10/10

behavioral27

raccoonc58b0b3f1f90ad7552aaf8e84180b7580f397001discoverystealer
Score
10/10

behavioral28

raccoonc58b0b3f1f90ad7552aaf8e84180b7580f397001discoverystealer
Score
10/10

behavioral29

raccoonc58b0b3f1f90ad7552aaf8e84180b7580f397001discoverystealer
Score
10/10

behavioral30

raccoonc58b0b3f1f90ad7552aaf8e84180b7580f397001discoverystealer
Score
10/10