r77 | f18f14ec50247a31a03a220e132f9317e2ac12e3905e500ba046d394575b66ee

Sharing

Copy URL

Twitter E-mail

General

Target

r8p(4).exe
Size

146.8MB
Sample

241129-kqh78swmcv
MD5

dced470b41ea05b7a850b483199a5c1b
SHA1

c1a0489c8e46e54c25ee3ecfd400047304e0df34
SHA256

f18f14ec50247a31a03a220e132f9317e2ac12e3905e500ba046d394575b66ee
SHA512

c9eff7b793cb90f6b74e203f8b33fcbc929a51b2376619f41c563c3ad69ddf9ecfaadbea3198971fe3ab529b7737bc25c0f2f0e54b86e71ad3b9fc94c5ae99cc
SSDEEP

3145728:MVnAk6G3rsMkIbbWp7wSJu24gTAiRKed5YxWkJLG5CHstXd:Jk6WrsMJbW5/p4gTAiB5ChHMt

Score

10^/10

Malware Config

Targets

- Target
  
  r8p(4).exe
- Size
  
  146.8MB
- MD5
  
  dced470b41ea05b7a850b483199a5c1b
- SHA1
  
  c1a0489c8e46e54c25ee3ecfd400047304e0df34
- SHA256
  
  f18f14ec50247a31a03a220e132f9317e2ac12e3905e500ba046d394575b66ee
- SHA512
  
  c9eff7b793cb90f6b74e203f8b33fcbc929a51b2376619f41c563c3ad69ddf9ecfaadbea3198971fe3ab529b7737bc25c0f2f0e54b86e71ad3b9fc94c5ae99cc
- SSDEEP
  
  3145728:MVnAk6G3rsMkIbbWp7wSJu24gTAiRKed5YxWkJLG5CHstXd:Jk6WrsMJbW5/p4gTAiB5ChHMt
Score

10^/10

defense_evasion discovery evasion execution persistence privilege_escalation pyinstaller
- Modifies firewall policy service
  evasion
- Modifies security service
  evasion
- Command and Scripting Interpreter: PowerShell
  Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
  execution
- Event Triggered Execution: Image File Execution Options Injection
  persistence
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
- Executes dropped EXE
- Indicator Removal: Clear Windows Event Logs
  Clear Windows Event Logs to hide the activity of an intrusion.
  defense_evasion
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops desktop.ini file(s)
- Drops file in System32 directory
behavioral1
- Target
  
  Styles/Vista-Redstone/Shell/NormalColor/en-US/shellstyle.dll.mui
- Size
  
  69KB
- MD5
  
  2f5484ed6bea507bf069407cd769c8c1
- SHA1
  
  843e91796049be18ae8f5be66a152199de4d712e
- SHA256
  
  339869ea975c67deef8afdaa6638b72b825f5899141fe68861aa4afd74cd516f
- SHA512
  
  9dfb8ed01fd231687ad8f1fe6ead0aa7b39542d1ee86a63ff44bab8d50f535397115ef338feb25b45c9f8ac8da4dd816af03c201b2a2163a39b8e87524d06bca
- SSDEEP
  
  1536:gXXo216Tvg1K8H6wMe2CLFBCd9PFXCcccNg+ZTA8JGoX:gXsQKuwe22bCk+y8fX
Score

1^/10
behavioral2
- Target
  
  Styles/Vista-Redstone/Shell/NormalColor/shellstyle.dll
- Size
  
  1.2MB
- MD5
  
  d5c53652f22db5619d26d387fc5d7b5e
- SHA1
  
  13f2724ec4bec4642d89ab386790b8f22ffd0edb
- SHA256
  
  06edce26f3907c5b50bdfdfa722ffab84dc58490d9a54f079a449dc1319e0659
- SHA512
  
  a351f383d044f1eb5706d677aa6d3446042516e6d7182836792fb9bfefe453428fdabc6579f222817b448ce25add5d603775319b2a882cdce88a514236c82a52
- SSDEEP
  
  6144:KGhQSppil43QG1j7+KXECVi+/KK1a+qa+PaE5aQaF5MPxaFuMP7PTx+iyBJc3s9K:Ko/cb9cV
Score

1^/10
behavioral3
- Target
  
  Styles/Vista-Redstone/style.msstyles
- Size
  
  2.8MB
- MD5
  
  ef34328b3fdd4fa39dd4255db7783a8c
- SHA1
  
  64789311200a507164d33911a10842af218dd554
- SHA256
  
  a8ae61838c74dca21de2b999a0ea9b00538dd683b76915708ad1181296778eaa
- SHA512
  
  f3e830809d1ae7d88d8fa35d8b7af99e4b338e6ca1fe0e8c25a90a15c467b08560c9d0e78955399f189a5e74f17e7aaef9dc9ff23e6d0a393837ad752ad805ae
- SSDEEP
  
  49152:YkWirhb9+rgwH7RViyUdc/QcoeVrqSgszrqsWrfX3Mjfp1jv:YkWir6XH7RVaKPVmMzrAr+jv
Score

1^/10
behavioral4
- Target
  
  Styles/Vista-W11/Shell/NormalColor/en-US/shellstyle.dll.mui
- Size
  
  69KB
- MD5
  
  2f5484ed6bea507bf069407cd769c8c1
- SHA1
  
  843e91796049be18ae8f5be66a152199de4d712e
- SHA256
  
  339869ea975c67deef8afdaa6638b72b825f5899141fe68861aa4afd74cd516f
- SHA512
  
  9dfb8ed01fd231687ad8f1fe6ead0aa7b39542d1ee86a63ff44bab8d50f535397115ef338feb25b45c9f8ac8da4dd816af03c201b2a2163a39b8e87524d06bca
- SSDEEP
  
  1536:gXXo216Tvg1K8H6wMe2CLFBCd9PFXCcccNg+ZTA8JGoX:gXsQKuwe22bCk+y8fX
Score

1^/10
behavioral5
- Target
  
  Styles/Vista-W11/Shell/NormalColor/shellstyle.dll
- Size
  
  1.2MB
- MD5
  
  d5c53652f22db5619d26d387fc5d7b5e
- SHA1
  
  13f2724ec4bec4642d89ab386790b8f22ffd0edb
- SHA256
  
  06edce26f3907c5b50bdfdfa722ffab84dc58490d9a54f079a449dc1319e0659
- SHA512
  
  a351f383d044f1eb5706d677aa6d3446042516e6d7182836792fb9bfefe453428fdabc6579f222817b448ce25add5d603775319b2a882cdce88a514236c82a52
- SSDEEP
  
  6144:KGhQSppil43QG1j7+KXECVi+/KK1a+qa+PaE5aQaF5MPxaFuMP7PTx+iyBJc3s9K:Ko/cb9cV
Score

1^/10
behavioral6
- Target
  
  Styles/Vista-W11/style.msstyles
- Size
  
  2.7MB
- MD5
  
  665b0d51fa3eb4b96c50f17a1a3cdbbb
- SHA1
  
  342d8f21832436f9885dc2872a9941333599e795
- SHA256
  
  43539c7034f180494078c036f6b085984469fe6636b42fa0383ef7aa1f25ee54
- SHA512
  
  441bfad21fa49fd1f0f69ab379c5905f0049a50646c6bbd680c3e67fe65d4cd1cefcdf0aafdd1a981a1bc8351d077311f81c157d22ec361976ffb33823a42aaf
- SSDEEP
  
  49152:GChLqs9Pb7hUUPV2fUNcjmhotVnXLRszrqaWrOX3mv3z7YjX1:GChLhJUUPVjxYVXOzryrZz7YjF
Score

1^/10
behavioral7
- Target
  
  Styles/W7Aero-Redstone/shell/NormalColor/en-US/shellstyle.dll.mui
- Size
  
  69KB
- MD5
  
  2f5484ed6bea507bf069407cd769c8c1
- SHA1
  
  843e91796049be18ae8f5be66a152199de4d712e
- SHA256
  
  339869ea975c67deef8afdaa6638b72b825f5899141fe68861aa4afd74cd516f
- SHA512
  
  9dfb8ed01fd231687ad8f1fe6ead0aa7b39542d1ee86a63ff44bab8d50f535397115ef338feb25b45c9f8ac8da4dd816af03c201b2a2163a39b8e87524d06bca
- SSDEEP
  
  1536:gXXo216Tvg1K8H6wMe2CLFBCd9PFXCcccNg+ZTA8JGoX:gXsQKuwe22bCk+y8fX
Score

1^/10
behavioral8
- Target
  
  Styles/W7Aero-Redstone/shell/NormalColor/shellstyle.dll
- Size
  
  1.1MB
- MD5
  
  24216c145d6aaf56d8de25acb32b5416
- SHA1
  
  d4f8a4a60e4f38a7d1be3e499d606f18fd417045
- SHA256
  
  c9a11ffbdda45340a8f48740b6f562950e57bee0c05e10a8978d1a3b93380f82
- SHA512
  
  01346babee37e3ec1df171a13fe5de008554dbb682c7a407852ded255378225328cde2f313de6e04f5113d486ff2f7efd2b88184b09fd9c3a40fb041f3f78a15
- SSDEEP
  
  6144:ZQSppil43QG1j7+KXECVi+/KK1a+qa+PaE5aQaF5MPxaFuMP7PLxMJcdus914BuY:+/cb9cV
Score

1^/10
behavioral9
- Target
  
  Styles/W7Aero-Redstone/style.msstyles
- Size
  
  2.8MB
- MD5
  
  b8e33779ecfd18e823bd0671aff5f70b
- SHA1
  
  662b2420b882981493315405ba1aeebd31d6e89a
- SHA256
  
  b6515e5e6adb1355f5657dcccc9e91cd5a86f733b57fb6d62017c5f2d25c956b
- SHA512
  
  8b9787b3cf3f9b6164fe4bfcec85db4d88f566a887a4f3f9bc62af34aa799aa55cfaaec0f64ecbacaec1e7a5fa7f3947edffce9fba1acb4bf23a1d214733e0ba
- SSDEEP
  
  49152:IWiwFQ9grgdH7CkUdc/5wW8SgszrqsWrfX38P47mPijlu:IWiwlyH781MzrArD7m6jlu
Score

1^/10
behavioral10
- Target
  
  Styles/W7Aero-W11/shell/NormalColor/en-US/shellstyle.dll.mui
- Size
  
  69KB
- MD5
  
  2f5484ed6bea507bf069407cd769c8c1
- SHA1
  
  843e91796049be18ae8f5be66a152199de4d712e
- SHA256
  
  339869ea975c67deef8afdaa6638b72b825f5899141fe68861aa4afd74cd516f
- SHA512
  
  9dfb8ed01fd231687ad8f1fe6ead0aa7b39542d1ee86a63ff44bab8d50f535397115ef338feb25b45c9f8ac8da4dd816af03c201b2a2163a39b8e87524d06bca
- SSDEEP
  
  1536:gXXo216Tvg1K8H6wMe2CLFBCd9PFXCcccNg+ZTA8JGoX:gXsQKuwe22bCk+y8fX
Score

1^/10
behavioral11
- Target
  
  Styles/W7Aero-W11/shell/NormalColor/shellstyle.dll
- Size
  
  1.1MB
- MD5
  
  24216c145d6aaf56d8de25acb32b5416
- SHA1
  
  d4f8a4a60e4f38a7d1be3e499d606f18fd417045
- SHA256
  
  c9a11ffbdda45340a8f48740b6f562950e57bee0c05e10a8978d1a3b93380f82
- SHA512
  
  01346babee37e3ec1df171a13fe5de008554dbb682c7a407852ded255378225328cde2f313de6e04f5113d486ff2f7efd2b88184b09fd9c3a40fb041f3f78a15
- SSDEEP
  
  6144:ZQSppil43QG1j7+KXECVi+/KK1a+qa+PaE5aQaF5MPxaFuMP7PLxMJcdus914BuY:+/cb9cV
Score

1^/10
behavioral12
- Target
  
  Styles/W7Aero-W11/style.msstyles
- Size
  
  2.6MB
- MD5
  
  566e8edf98428d0fe7bfd9bdd1761bb5
- SHA1
  
  5e6dce4a7dc736ed50fcf2ffd02481ae8210e29a
- SHA256
  
  c8c8e4ecaf4749a190df00bc689f89866042f9ca7fbcf5a7d3047258d5d74cbb
- SHA512
  
  8a9d49b8a4ade186f66857036a0f993cd324ad7fc1a6e56aab2fd0a3c1d8e3aa3b7d35fb6a65c24e5effd8b7bdde5a06386ad321f307a84a05c515ab03bd1db5
- SSDEEP
  
  49152:9ChycG9Pb7hUU2fUNcjNC7OLRszrqaWrOX30QUoUJj8lc:9Chy5JUUj+OzryrzJjN
Score

1^/10
behavioral13
- Target
  
  Styles/W7Basic-Redstone/shell/NormalColor/en-US/shellstyle.dll.mui
- Size
  
  69KB
- MD5
  
  2f5484ed6bea507bf069407cd769c8c1
- SHA1
  
  843e91796049be18ae8f5be66a152199de4d712e
- SHA256
  
  339869ea975c67deef8afdaa6638b72b825f5899141fe68861aa4afd74cd516f
- SHA512
  
  9dfb8ed01fd231687ad8f1fe6ead0aa7b39542d1ee86a63ff44bab8d50f535397115ef338feb25b45c9f8ac8da4dd816af03c201b2a2163a39b8e87524d06bca
- SSDEEP
  
  1536:gXXo216Tvg1K8H6wMe2CLFBCd9PFXCcccNg+ZTA8JGoX:gXsQKuwe22bCk+y8fX
Score

1^/10
behavioral14
- Target
  
  Styles/W7Basic-Redstone/shell/NormalColor/shellstyle.dll
- Size
  
  1.1MB
- MD5
  
  24216c145d6aaf56d8de25acb32b5416
- SHA1
  
  d4f8a4a60e4f38a7d1be3e499d606f18fd417045
- SHA256
  
  c9a11ffbdda45340a8f48740b6f562950e57bee0c05e10a8978d1a3b93380f82
- SHA512
  
  01346babee37e3ec1df171a13fe5de008554dbb682c7a407852ded255378225328cde2f313de6e04f5113d486ff2f7efd2b88184b09fd9c3a40fb041f3f78a15
- SSDEEP
  
  6144:ZQSppil43QG1j7+KXECVi+/KK1a+qa+PaE5aQaF5MPxaFuMP7PLxMJcdus914BuY:+/cb9cV
Score

1^/10
behavioral15
- Target
  
  Styles/W7Basic-Redstone/style.msstyles
- Size
  
  2.8MB
- MD5
  
  b8e33779ecfd18e823bd0671aff5f70b
- SHA1
  
  662b2420b882981493315405ba1aeebd31d6e89a
- SHA256
  
  b6515e5e6adb1355f5657dcccc9e91cd5a86f733b57fb6d62017c5f2d25c956b
- SHA512
  
  8b9787b3cf3f9b6164fe4bfcec85db4d88f566a887a4f3f9bc62af34aa799aa55cfaaec0f64ecbacaec1e7a5fa7f3947edffce9fba1acb4bf23a1d214733e0ba
- SSDEEP
  
  49152:IWiwFQ9grgdH7CkUdc/5wW8SgszrqsWrfX38P47mPijlu:IWiwlyH781MzrArD7m6jlu
Score

1^/10
behavioral16
- Target
  
  Styles/W7Basic-W11/shell/NormalColor/en-US/shellstyle.dll.mui
- Size
  
  69KB
- MD5
  
  2f5484ed6bea507bf069407cd769c8c1
- SHA1
  
  843e91796049be18ae8f5be66a152199de4d712e
- SHA256
  
  339869ea975c67deef8afdaa6638b72b825f5899141fe68861aa4afd74cd516f
- SHA512
  
  9dfb8ed01fd231687ad8f1fe6ead0aa7b39542d1ee86a63ff44bab8d50f535397115ef338feb25b45c9f8ac8da4dd816af03c201b2a2163a39b8e87524d06bca
- SSDEEP
  
  1536:gXXo216Tvg1K8H6wMe2CLFBCd9PFXCcccNg+ZTA8JGoX:gXsQKuwe22bCk+y8fX
Score

1^/10
behavioral17
- Target
  
  Styles/W7Basic-W11/shell/NormalColor/shellstyle.dll
- Size
  
  1.1MB
- MD5
  
  24216c145d6aaf56d8de25acb32b5416
- SHA1
  
  d4f8a4a60e4f38a7d1be3e499d606f18fd417045
- SHA256
  
  c9a11ffbdda45340a8f48740b6f562950e57bee0c05e10a8978d1a3b93380f82
- SHA512
  
  01346babee37e3ec1df171a13fe5de008554dbb682c7a407852ded255378225328cde2f313de6e04f5113d486ff2f7efd2b88184b09fd9c3a40fb041f3f78a15
- SSDEEP
  
  6144:ZQSppil43QG1j7+KXECVi+/KK1a+qa+PaE5aQaF5MPxaFuMP7PLxMJcdus914BuY:+/cb9cV
Score

1^/10
behavioral18
- Target
  
  Styles/W7Basic-W11/style.msstyles
- Size
  
  2.6MB
- MD5
  
  2850da866b0a1f6793d7a2c76ff2a82b
- SHA1
  
  f32d5a040441c925e2eda66f40f2195f25478550
- SHA256
  
  0d4eaadbe893fa6ae05114c5aa035c6cd599ac2d9becebc26ce53c543ea4ca30
- SHA512
  
  788a3e9f3f5d8f90ada2a201aa4ac04b92ad260de2c1507d3275c74643e6a7f77d2a5be64067aabaf2b013c4be4f9a7f8cdddd396e6d53f5cd38cf0878f35fdf
- SSDEEP
  
  49152:BChycO9Pb7hUU2fUNcjm87OLRszrqaWrOX30QUoUJj8lr:BChyhJUUjtOzryrzJja
Score

1^/10
behavioral19
- Target
  
  Styles/W7Classic-Redstone/style.msstyles
- Size
  
  2.8MB
- MD5
  
  b8e33779ecfd18e823bd0671aff5f70b
- SHA1
  
  662b2420b882981493315405ba1aeebd31d6e89a
- SHA256
  
  b6515e5e6adb1355f5657dcccc9e91cd5a86f733b57fb6d62017c5f2d25c956b
- SHA512
  
  8b9787b3cf3f9b6164fe4bfcec85db4d88f566a887a4f3f9bc62af34aa799aa55cfaaec0f64ecbacaec1e7a5fa7f3947edffce9fba1acb4bf23a1d214733e0ba
- SSDEEP
  
  49152:IWiwFQ9grgdH7CkUdc/5wW8SgszrqsWrfX38P47mPijlu:IWiwlyH781MzrArD7m6jlu
Score

1^/10
behavioral20
- Target
  
  Styles/W7Classic-W11/style.msstyles
- Size
  
  2.6MB
- MD5
  
  ce9b9dc1db3a63d8ac0d6ca52d3da6d7
- SHA1
  
  535dc99acc98125d276c027465ea22d2a5708a55
- SHA256
  
  9324371c0f5119f233c3c4efe030644f6a4dad8acbcdae2743db16d3c71ae9d9
- SHA512
  
  493fdf7cb8e43e651b3599ff5d03a1f442fea5e8d70eb45548912a4ec261fd45a00631b53f5847d21f417ddb1db9e09c4a9828763fe25519a582738332f6d8c5
- SSDEEP
  
  49152:tChycG9Pb7hUU65UNcjm87OLRszrqaWrOX31vYXjlF:tChy5JUUptOzryrkcjlF
Score

1^/10
behavioral21
- Target
  
  Styles/W7Dark2-Redstone/shell/NormalColor/en-US/shellstyle.dll.mui
- Size
  
  69KB
- MD5
  
  2f5484ed6bea507bf069407cd769c8c1
- SHA1
  
  843e91796049be18ae8f5be66a152199de4d712e
- SHA256
  
  339869ea975c67deef8afdaa6638b72b825f5899141fe68861aa4afd74cd516f
- SHA512
  
  9dfb8ed01fd231687ad8f1fe6ead0aa7b39542d1ee86a63ff44bab8d50f535397115ef338feb25b45c9f8ac8da4dd816af03c201b2a2163a39b8e87524d06bca
- SSDEEP
  
  1536:gXXo216Tvg1K8H6wMe2CLFBCd9PFXCcccNg+ZTA8JGoX:gXsQKuwe22bCk+y8fX
Score

1^/10
behavioral22
- Target
  
  Styles/W7Dark2-Redstone/shell/NormalColor/shellstyle.dll
- Size
  
  1.1MB
- MD5
  
  24216c145d6aaf56d8de25acb32b5416
- SHA1
  
  d4f8a4a60e4f38a7d1be3e499d606f18fd417045
- SHA256
  
  c9a11ffbdda45340a8f48740b6f562950e57bee0c05e10a8978d1a3b93380f82
- SHA512
  
  01346babee37e3ec1df171a13fe5de008554dbb682c7a407852ded255378225328cde2f313de6e04f5113d486ff2f7efd2b88184b09fd9c3a40fb041f3f78a15
- SSDEEP
  
  6144:ZQSppil43QG1j7+KXECVi+/KK1a+qa+PaE5aQaF5MPxaFuMP7PLxMJcdus914BuY:+/cb9cV
Score

1^/10
behavioral23
- Target
  
  Styles/W7Dark2-Redstone/style.msstyles
- Size
  
  2.6MB
- MD5
  
  e986dcadfc81ec3d8e34d1531c23aa7c
- SHA1
  
  8db361203d2c8e3523191ae76962ff7db7c1d282
- SHA256
  
  67312a0c9f9925e81a2b787a5ae36ca8e9da41270b2121b2b6f480f5dd51647c
- SHA512
  
  d300a6b846d23e8814b615182309861bcf625bf0860d22b96ca4b8a5364e73d73185f157973cc273c3250ab870ac1b251547857fdf38f8adebb87602eeccee2b
- SSDEEP
  
  49152:/ChTcO9Pb7hUU05UNcjt/8OLRszrqaWrOX3fm0jnbD:/ChThJUUnKOzryrezjn/
Score

1^/10
behavioral24
- Target
  
  Styles/W7Dark2-W11/shell/NormalColor/en-US/shellstyle.dll.mui
- Size
  
  69KB
- MD5
  
  2f5484ed6bea507bf069407cd769c8c1
- SHA1
  
  843e91796049be18ae8f5be66a152199de4d712e
- SHA256
  
  339869ea975c67deef8afdaa6638b72b825f5899141fe68861aa4afd74cd516f
- SHA512
  
  9dfb8ed01fd231687ad8f1fe6ead0aa7b39542d1ee86a63ff44bab8d50f535397115ef338feb25b45c9f8ac8da4dd816af03c201b2a2163a39b8e87524d06bca
- SSDEEP
  
  1536:gXXo216Tvg1K8H6wMe2CLFBCd9PFXCcccNg+ZTA8JGoX:gXsQKuwe22bCk+y8fX
Score

1^/10
behavioral25
- Target
  
  Styles/W7Dark2-W11/shell/NormalColor/shellstyle.dll
- Size
  
  1.1MB
- MD5
  
  24216c145d6aaf56d8de25acb32b5416
- SHA1
  
  d4f8a4a60e4f38a7d1be3e499d606f18fd417045
- SHA256
  
  c9a11ffbdda45340a8f48740b6f562950e57bee0c05e10a8978d1a3b93380f82
- SHA512
  
  01346babee37e3ec1df171a13fe5de008554dbb682c7a407852ded255378225328cde2f313de6e04f5113d486ff2f7efd2b88184b09fd9c3a40fb041f3f78a15
- SSDEEP
  
  6144:ZQSppil43QG1j7+KXECVi+/KK1a+qa+PaE5aQaF5MPxaFuMP7PLxMJcdus914BuY:+/cb9cV
Score

1^/10
behavioral26
- Target
  
  Styles/W7Dark2-W11/style.msstyles
- Size
  
  2.6MB
- MD5
  
  f49f0ea484a36bae52bd74212e2b326b
- SHA1
  
  fa51a4c267e4fa02cabd67bd25ef91f2d6afe1e1
- SHA256
  
  6c13765ca4e4e0ede008de4e9db73ea8540990e733543b1b52c4a713da9f8238
- SHA512
  
  b354a53323441350eada35733e00730e02bce075df398a715152c57f90fbf62ff7cc8ec8502b81c5f2df3fa1dc717a9ebd9adc367cd472c13727a46072f040a0
- SSDEEP
  
  49152:iChT8G9Pb7hUU25UNcjPC7OLRszrqaWrOX3fZ/Pj:iChTZJUUlkOzryr0/Pj
Score

1^/10
behavioral27
- Target
  
  ThemeSwitcher.exe
- Size
  
  199KB
- MD5
  
  af3b2ac4363d12af5d108073ae2cbc05
- SHA1
  
  e32b6a6d85da6472cf43f7e5139dbc1a363d8dc5
- SHA256
  
  de990e3984abe6029253e323f0b5d60b81d3d4f5392ba2768c264b2036466e44
- SHA512
  
  1da349db0a1400e742391dfd01dd90891104f16f0592fa63b0dd0fc8d497c7f5d34b77165987015383d4a6045ea545552452cfb729418755a53ec4f1124ee68e
- SSDEEP
  
  1536:W88XlnXgPINnObalaQ2djBZkv1duFnAXvt7M2OGiNyeIPcrqTWn5q112GLyG:W88xQPItMajgkvb0AXj5iNyPpT4bG2G
Score

1^/10
behavioral28
- Target
  
  duires.dll
- Size
  
  6KB
- MD5
  
  473ac42c074cd40b148b1566b66f878b
- SHA1
  
  acfda77939be0aae5c2c8dd476e0468e0d1c9e1f
- SHA256
  
  f4e47609fd6aa8d3b4664e1b2a1542013252314f8fba7e3cbfecd1401810ef6e
- SHA512
  
  7ad5a1a984bae789c971a16a0556e0479fa4aec5ef5fc39e3b90def24dcc36549285336027588602f2430a3be7993c2d243cfa8a6f88c9b6b33b13c80137beb3
- SSDEEP
  
  96:x31zME5hsmQzqQ9d6VROpMO8S1juakFQ/YYAW6DkXWwHwWDkXWw:PzM+OO6Tnka/AW6DkXWqDDkXW
Score

3^/10

discovery
behavioral29
- Target
  
  instextras.exe
- Size
  
  1.2MB
- MD5
  
  e49ddddd2f578b798d1c6e316d39b10a
- SHA1
  
  060ed2374e84314da3893e30873b253d0f8edced
- SHA256
  
  ce8143c1bb08cfc3e2f6ef150ea77966b18aed4e010c84e299c139c4b9eee561
- SHA512
  
  52363eff8b45530e8e3b304f0bc8801257f8b9eaf7e1ddeb5652d9b46c3ea75cd915b1104fe6b23f7704988b55ddb1583797d22b113e99c1ce10b43002b6e3fc
- SSDEEP
  
  12288:mfY5AX+U4h2Mh9UChdlRMfY/R22LqHDuSn5QEG39fPAkrE4yrBOXDfaNbckXLt:mfYqXaQMbUk7MfbRjfI5Pdo4yMybckLt
Score

7^/10

discovery
- Loads dropped DLL
behavioral30
- Target
  
  sym.exe
- Size
  
  7.3MB
- MD5
  
  31e6cde417b805fefaa58afd59715161
- SHA1
  
  0d6202b37f0cb0534876099a5ed1426e4c0f1a0d
- SHA256
  
  a3d83b63326cfcdc66a9e7078e8515732f198673652063a22498e96efbb597ef
- SHA512
  
  7fddc59eae04f0b211ce42e17261ef09301e697e005914ba86b5bc178ae2dae1218f17a4501144202feffcf74c80e34c0909cf5459a11422370d4c2e958f0df0
- SSDEEP
  
  98304:iOMfowCazA1h9eT393YigJhH0yc+bTu/NWPdHdda9D4oR6KU73TEOuce90w3:iOIA1HeT39IigQWc0/aFFNoS//
Score

7^/10
- Loads dropped DLL
behavioral31
- Target
  
  windhawk.exe
- Size
  
  763KB
- MD5
  
  4e26dc9976c4577830c9b287b3b9633e
- SHA1
  
  f257668bc1630e82d7a9e2b91fbd16440a9f0d72
- SHA256
  
  685d95cc192a9a46869d11b5f3dab7945c0570f4e5972a02042fde2257e96f87
- SHA512
  
  8c3d5bf8e76547321031047c2593e3da6ab1e8ca75d1f38922f87a5a2d5a455c8207984a2ccd5ee806fcbbdbc58574ca859bb8009d1d87d132c5110edf411b2e
- SSDEEP
  
  12288:Lnn5zNKqg5ViEBfXBKfj24qOlWEUUssUefST2lqBU:LnZ4qM/XBKfDjWEUxshq2lqy
Score

3^/10

discovery
behavioral32