Overview
overview
10Static
static
10329D6F9DDB...I_I386
ubuntu-24.04-amd64
329D6F9DDB...XI_X64
ubuntu-24.04-amd64
8LBB.exe
windows7-x64
9LBB.exe
windows10-2004-x64
9LBB_PS1.ps1
windows7-x64
5LBB_PS1.ps1
windows10-2004-x64
9LBB_PS1_ob...ed.ps1
windows7-x64
3LBB_PS1_ob...ed.ps1
windows10-2004-x64
3LBB_PS1_pass.ps1
windows7-x64
10LBB_PS1_pass.ps1
windows10-2004-x64
10LBB_Reflec...in.dll
windows7-x64
9LBB_Reflec...in.dll
windows10-2004-x64
7LBB_Rundll32.dll
windows7-x64
3LBB_Rundll32.dll
windows10-2004-x64
3LBB_Rundll32_pass.dll
windows7-x64
10LBB_Rundll32_pass.dll
windows10-2004-x64
10LBB_pass.exe
windows7-x64
10LBB_pass.exe
windows10-2004-x64
10FC8E43EC21...32.exe
windows7-x64
7FC8E43EC21...32.exe
windows10-2004-x64
7FC8E43EC21...64.exe
windows7-x64
7FC8E43EC21...64.exe
windows10-2004-x64
71007BF65F8..._ARM64
ubuntu-18.04-amd64
1007BF65F8..._ARM64
debian-9-armhf
1007BF65F8..._ARM64
debian-9-mips
1007BF65F8..._ARM64
debian-9-mipsel
1007BF65F8..._ARMV5
debian-9-armhf
81007BF65F8..._ARMV7
debian-9-armhf
81007BF65F8..._AMD64
ubuntu-24.04-amd64
1007BF65F8...X_I386
ubuntu-22.04-amd64
1007BF65F8...UX_X64
ubuntu-22.04-amd64
81007BF65F8...r_MIPS
debian-9-mips
8General
-
Target
Builds.7z
-
Size
1.8MB
-
Sample
241219-2bystaskej
-
MD5
484933f81970182e04f190efe2527da1
-
SHA1
72f0810a0ab7f1398ba9f0b0916ee97115e79cc4
-
SHA256
3968a850f5bc70d954bb5609d929f181a6f05a117fa3be4531cbd96cedfde5d6
-
SHA512
d9d5d96e13201de976d23783e077bb1f95af3946a44bd1347d637893e471eefed5d9b0de4a7d84d8d2040decf8cea4e3de83555b2424e58ebbc1c7eb4881e37a
-
SSDEEP
49152:bor7D7eZFTWD/gjKZ4FhydMzOoSGSW7TeXY:UfeZFT48HSCilTWB
Behavioral task
behavioral1
Sample
329D6F9DDBF138D4/locker_ESXI_I386
Resource
ubuntu2404-amd64-20240523-en
Behavioral task
behavioral2
Sample
329D6F9DDBF138D4/locker_ESXI_X64
Resource
ubuntu2404-amd64-20240523-en
Behavioral task
behavioral3
Sample
LBB.exe
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
LBB.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
LBB_PS1.ps1
Resource
win7-20241010-en
Behavioral task
behavioral6
Sample
LBB_PS1.ps1
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
LBB_PS1_obfuscated.ps1
Resource
win7-20241023-en
Behavioral task
behavioral8
Sample
LBB_PS1_obfuscated.ps1
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
LBB_PS1_pass.ps1
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
LBB_PS1_pass.ps1
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
LBB_ReflectiveDll_DllMain.dll
Resource
win7-20240903-en
Behavioral task
behavioral12
Sample
LBB_ReflectiveDll_DllMain.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral13
Sample
LBB_Rundll32.dll
Resource
win7-20240729-en
Behavioral task
behavioral14
Sample
LBB_Rundll32.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral15
Sample
LBB_Rundll32_pass.dll
Resource
win7-20240903-en
Behavioral task
behavioral16
Sample
LBB_Rundll32_pass.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral17
Sample
LBB_pass.exe
Resource
win7-20241010-en
Behavioral task
behavioral18
Sample
LBB_pass.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral19
Sample
FC8E43EC21BE9047/lbg32.exe
Resource
win7-20240903-en
Behavioral task
behavioral20
Sample
FC8E43EC21BE9047/lbg32.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral21
Sample
FC8E43EC21BE9047/lbg64.exe
Resource
win7-20240903-en
Behavioral task
behavioral22
Sample
FC8E43EC21BE9047/lbg64.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral23
Sample
1007BF65F80311D2/locker_ARM64
Resource
ubuntu1804-amd64-20240611-en
Behavioral task
behavioral24
Sample
1007BF65F80311D2/locker_ARM64
Resource
debian9-armhf-20240611-en
Behavioral task
behavioral25
Sample
1007BF65F80311D2/locker_ARM64
Resource
debian9-mipsbe-20240418-en
Behavioral task
behavioral26
Sample
1007BF65F80311D2/locker_ARM64
Resource
debian9-mipsel-20240729-en
Behavioral task
behavioral27
Sample
1007BF65F80311D2/locker_ARMV5
Resource
debian9-armhf-20240611-en
Behavioral task
behavioral28
Sample
1007BF65F80311D2/locker_ARMV7
Resource
debian9-armhf-20240611-en
Behavioral task
behavioral29
Sample
1007BF65F80311D2/locker_FREEBSD_AMD64
Resource
ubuntu2404-amd64-20240523-en
Behavioral task
behavioral30
Sample
1007BF65F80311D2/locker_LINUX_I386
Resource
ubuntu2204-amd64-20240611-en
Behavioral task
behavioral31
Sample
1007BF65F80311D2/locker_LINUX_X64
Resource
ubuntu2204-amd64-20240729-en
Malware Config
Targets
-
-
Target
329D6F9DDBF138D4/locker_ESXI_I386
-
Size
108KB
-
MD5
a720e32658193a7f76be72363fbc919d
-
SHA1
9b319e460a7000efd92e91a6f1072c4ee211dcda
-
SHA256
ab8c2aca725df02bfdbfa0f493575e0dacd4467b2d0cd90c9a6acb66cb14d590
-
SHA512
5f98f776e82c335f3a16deed12d654e7edb42236511c6eb0484fa0957ee7aa839ac85974864183e0be53333a558856ef39a1181839490b9f111a192dc71c2ff7
-
SSDEEP
3072:5twJNAs5z2NS/P8BRlzWy5BGOiXj0hvYlx1DtqR5YeC:LwJpagWI9OiXQYlx1DtqAe
Score1/10 -
-
-
Target
329D6F9DDBF138D4/locker_ESXI_X64
-
Size
93KB
-
MD5
b76b092f5188ccc8a046ffb4659c3641
-
SHA1
82e19d8b7bc5379528feb9c3a335d70d79358229
-
SHA256
dd1cf10faf4e638bb5a0efeeaa4bc2f1c91557c22e93d3f135e7e7c7f0e7be55
-
SHA512
bf06f2d65f7eca482066da6b1cace219cba2e2ebae0034de3e3bae429a2e821ea2d35a41534d6d9d159ae992ef0b5c5a268a48a05ae1fbb0da69a2122631653f
-
SSDEEP
1536:Jv8RiloA2YObuLk8WKP/gCILnPG+atNoU+tqRAJy+p4G:1Zl/2Ym8LZOnPG+iNoDtqRaya
-
Traces remote process
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Reads hardware information
Accesses system info like serial numbers, manufacturer names etc.
-
Reads network interface configuration
Fetches information about one or more active network interfaces.
-
-
-
Target
LBB.exe
-
Size
160KB
-
MD5
d1986caa455ffa11b46341e837777e52
-
SHA1
c045c2be676ebba04d7403f3636c7adb685a4011
-
SHA256
e2bda5afc3e70460223a98cd3520e4ab97fd126a48b9fe7d385e1e9730a11407
-
SHA512
ea87e4f31a45a4e54c56dc120ce26c369a02af952d0c20411677c4cba4eb442a43b776d094150458a0b72dc65b53ca29fc300739cc56f81c6f7fee5e15043359
-
SSDEEP
3072:gDDDDDDDDDDDDDDDDDDDE45d/t6sVkgZqltP3368Pu7YlTx6gIB8FrN75DyW:K5d/zugZqll3AYrG+
Score9/10-
Renames multiple (173) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
Sets desktop wallpaper using registry
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
LBB_PS1.ps1
-
Size
466KB
-
MD5
17a7cd1ead2d35ed5d69c71d4fd7386d
-
SHA1
734400d4444b88fe3848c80e3dba2ad9a5155c56
-
SHA256
20dd91f589ea77b84c8ed0f67bce837d1f4d7688e56754e709d467db0bea03c9
-
SHA512
7d5cd9b042229d1076a587b75594a002d379396d6ec889a8aee457a6a5a399130ae0a43fe0863adae23e32e46a7d17d4b55bfc2564cb17e579751161f6778828
-
SSDEEP
1536:Kk0H/lFq+N1mfoRlNyjZk11iBQcIY1Y+qFMJFOgvZ/wpKDcalOGODPNTbJYj6CJI:VA
Score9/10-
Renames multiple (144) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
Sets desktop wallpaper using registry
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
LBB_PS1_obfuscated.ps1
-
Size
274B
-
MD5
a8e97fe5a7115e42759d67f7e4d88b0d
-
SHA1
7a4dce9165f34ca44e79b06f3a07281f6cf08823
-
SHA256
d9e7a01521d956c5ef3e07153209be63da738eee98902050c06424292d7b1387
-
SHA512
77126af7f207d4ab854e3293936c73591289ca97211823513941bdae60b9da48fc3b829e2819ef1230f86cb8761eab37f6dca61281b2dfc7209ce471af68422b
Score3/10 -
-
-
Target
LBB_PS1_pass.ps1
-
Size
590KB
-
MD5
d96d2bcf13d55740f3bb64d45d2db94d
-
SHA1
4ded4b1d4866a4adf534f5a4eb66386465fe3120
-
SHA256
82d89a75d80e80e4be42c9eb79e401558c9fa3175648cd0c0467f2de1a07a908
-
SHA512
cb1fbe8f36630915796d864c5a044177ea4ad881281ec454f932232fff99ce0524fb63becd96581a23cfe12bc455d55b613aaa389aa0a68fac97748400f473bd
-
SSDEEP
1536:Kk0H/lFq+N1mfoRlNyjZk11iBQcIY1Y+qFMJFOgvZ/wpKDcalOGODPNTbJYj6CJh:QA
Score10/10-
Lockbit family
-
Rule to detect Lockbit 3.0 ransomware Windows payload
-
-
-
Target
LBB_ReflectiveDll_DllMain.dll
-
Size
113KB
-
MD5
ab5bdca69285d4838af12117c910bfde
-
SHA1
208060cf988f1702124504bae0c6a4addbeb6db3
-
SHA256
5594fea724aa3a124b259e81999f20affecb2238f7e517c56c450a3a311ab2bd
-
SHA512
33c8cb31dd142defcf52ddadaa540d86d8fdd586ad3f0f280d90c66279cf09229edde08efb9daac81383f65ba171b86344c4e5c6343b02270bfa92201e08f547
-
SSDEEP
3072:+/fNzovq5EKHttru48dBVFktgraAyHXU:+/Gvq5EKH6zdrFPraA
Score9/10-
Renames multiple (173) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
Sets desktop wallpaper using registry
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
LBB_Rundll32.dll
-
Size
158KB
-
MD5
0682f7cfceb51d4a6a213b9fe4159ad2
-
SHA1
777833fdaf0c1e5d03dde300dba3947a9b65c656
-
SHA256
00aa54bfab3963a2c006058e48cde42e299811f9b85acbc69406c5bfb331f789
-
SHA512
72d79387ca0d9579d7a7bb7c6c729048bd1321fd07653cb7cbc9bedcc217fd18414b02b46f83843b3f90d0841fc61f24f0ef19700326d8a8aaf6366a00bc5113
-
SSDEEP
3072:thKVNA/3U+Z15B5RPu+zYNkQA1Izqa26odDWtiSCC8lvdLW:thoyUyX5RPu+zY6+Wa26iDWsSCC8lvI
Score3/10 -
-
-
Target
LBB_Rundll32_pass.dll
-
Size
154KB
-
MD5
b51e42d419218e70b0ae216c3ac57784
-
SHA1
f3023c627d1dce8d5ff4e6733af420df350fdda7
-
SHA256
a98fb2671ae63d179c1cf39d163a4b3dbf769c9951a0ebad5d4c76244752253e
-
SHA512
96fa388526984f3976ddb5f5376af88200e3d85bc41754556f9b00be32c81332d52aeb5b1e0387ce83be220f34199a88379aa9c90f679eb17ac10f9cf8714f37
-
SSDEEP
3072:sUM/b6nriEhhyj26gWNOm18JcdwgqYUkSvVDjogUliww56T9tEtc:sUsmr7yX3Um18JcdwgqYUkCRjorqGTP
Score10/10-
Lockbit family
-
Rule to detect Lockbit 3.0 ransomware Windows payload
-
-
-
Target
LBB_pass.exe
-
Size
156KB
-
MD5
0e38243dcb91851f0646140a16d6832d
-
SHA1
d5a11399206c54ef1bd11945a5f6a0d721c4a6c9
-
SHA256
635e9ca3baae7e32225f05d16159e339a297a4c1b749e5a8e81ffc8df3c5c37c
-
SHA512
8198cf16b815c697e94b8b19b7555191189d6eba2e0bc2b5690277244dcf7da74907d95d8a10bb9bf43a23ae94e5fb57d062c00f947fe8558c9ef633bb066b0e
-
SSDEEP
3072:iMvRBMY5u+t3YSs1C439/FgfDcTDnHNszfp0QoHkIgep3i8Skb4wE4Ab:ikBS+5YSsdLTH6zfQEupRUb
Score10/10-
Lockbit family
-
Rule to detect Lockbit 3.0 ransomware Windows payload
-
-
-
Target
FC8E43EC21BE9047/lbg32.exe
-
Size
60KB
-
MD5
c5cc3c5cef6b382568a54f579b2965ff
-
SHA1
e85b5bf2fd1ea0d5d71841f2cc8d46fc2055c22b
-
SHA256
48e2033a286775c3419bea8702a717de0b2aaf1e737ef0e6b3bf31ef6ae00eb5
-
SHA512
74d93ba3dc7b3fdfafe30663162dad3fee0b278d12fea527eb535b4eb25979dcc365b49cb702ac9c2addbb0ee550310759e88c2657b61a2b0e4906d4099281eb
-
SSDEEP
1536:SAndsqiqdYMRgIaN04k27Gtdf/3U9s1iGbQTqL9:Fds3vIaN04kKGhjmq
Score7/10-
Credentials from Password Stores: Windows Credential Manager
Suspicious access to Credentials History.
-
Deletes itself
-
Drops startup file
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
-
-
Target
FC8E43EC21BE9047/lbg64.exe
-
Size
49KB
-
MD5
8ff61e4156c10b085e0c2233f24e8501
-
SHA1
69d50a8efd73c619aa36113ec04368db83d9b331
-
SHA256
3552dda80bd6875c1ed1273ca7562c9ace3de2f757266dae70f60bf204089a4a
-
SHA512
dbde74b89d498d708215ddfdc9a2a38cb27be931c9fe2d5965aba3c31482a0efbe39913ed17eabe5eae3b5efc9cb369589784e7d9ce5b2e89505c10406038249
-
SSDEEP
768:9pZt6fz03gUYxTSGCoTrxTjA+xqCkEiAOPZAzEZoo6Czcit6OjeB6:jpQRNSGCo64OxAgZUCcicvB6
Score7/10-
Credentials from Password Stores: Windows Credential Manager
Suspicious access to Credentials History.
-
Deletes itself
-
Drops startup file
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
-
-
Target
1007BF65F80311D2/locker_ARM64
-
Size
84KB
-
MD5
e6aba198c3154facdaa8519f8104ebd8
-
SHA1
ee6eae91568da7d71d0b3407c05d55b2e115c794
-
SHA256
ae86f2041c473ffb061518973271bda302f99391c74d12f494596edf8989f787
-
SHA512
63486d2ff59d8d9517f18e493f84c7bc81f483af3edcff2e62868cab1b00c31473f3beebb4985b6452932c5589e8da76c6a4c2b9f60efe6cd5f711b034b15566
-
SSDEEP
1536:xlu2A/VyIZ6K1zcvsDxvc/I1vn1y0ONBoU+Vqnl4ARSX6DDididcHQ:Xuv/QIZP1rxz1vn0joDVqnagSX6DDi0D
Score1/10 -
-
-
Target
1007BF65F80311D2/locker_ARMV5
-
Size
103KB
-
MD5
516b79a3c994df308172aa67d353ff2f
-
SHA1
e312f14bc1544e20af0cd41a3571a2cbe1ebe582
-
SHA256
a60acd0adeccbe29ff8402db0e974eba25c9acf98a3af98940e518d465fb1bbe
-
SHA512
b7a1a3e7ee64f8d0f538fdba5cc693134c475c4ce760cc4b314c26d1298794ff350eafd28a772f9da98332accb7a92674791d361bac0a17feb63e27bd4c84462
-
SSDEEP
3072:0zmoAp+UN6YmA4pLCQJ91ToDVqNrPOzng:0zmbkUpmA4pFJ918DVqNrOzg
-
Traces remote process
-
Checks system information (zLinux)
Check system information on IBM zSystems which indicate if the system is a virtual machine.
-
Reads network interface configuration
Fetches information about one or more active network interfaces.
-
-
-
Target
1007BF65F80311D2/locker_ARMV7
-
Size
87KB
-
MD5
89d3236f0129595a919cc70728b9316e
-
SHA1
107f6e9ab0cb01247f2c5d65388dad8fb67d4804
-
SHA256
cfc9ba36d03736d01a6208e0c9cc3cd7db29c1f8e531f53ae7dce812f19c08bb
-
SHA512
ca23b1285131eacc437f44961e8bb71c52932f399a3aee35069ee2e490fc1cf8e53c0656701e938afb8930640447b0b8ecdb6885fe908a312a11ed29c8eb4466
-
SSDEEP
1536:BcwSL24h5CJB/bfDZv3v+AToZTZ7rnCWz6J6nqPfBoU+Vq+Eauk2rVSx731fHBze:KFLr5CJBwHZTZaWuJt5oDVq+Eauk2rVN
-
Traces remote process
-
Checks system information (zLinux)
Check system information on IBM zSystems which indicate if the system is a virtual machine.
-
Reads network interface configuration
Fetches information about one or more active network interfaces.
-
-
-
Target
1007BF65F80311D2/locker_FREEBSD_AMD64
-
Size
89KB
-
MD5
1eff6c83819f04149cf7a73a9ad56969
-
SHA1
ae9d65a37ffaa4ee962df70c54978846c31b28f1
-
SHA256
3df9493be5c112266ea3ea5a3499823939c259b40f3a7b37dabba8ee7159be0e
-
SHA512
8178ca21a1f9d3e491604eea9b62b04bccddcc70ef1aa050be97aeed541065e99a01dd4dc3e221abbc6d8db3989e4a41276974d932f928cafbbeabce5274a35c
-
SSDEEP
1536:8RkgM4sJraTrK1S0ybkU+tqR+Y5mzmdMzea5YT:AlsFKuS04kDtqRZ5mzMMzR
Score1/10 -
-
-
Target
1007BF65F80311D2/locker_LINUX_I386
-
Size
104KB
-
MD5
998bff093fbc351a35cd48ebc7ef74e8
-
SHA1
518ae8806b471906bb1d8818f3fbce81d65a2dba
-
SHA256
9aa74768de5b8320610a4031c07bcfb87c7b79767aa7886b640c946fbeb5f94f
-
SHA512
94c88586194de5f64ccea764a889a4dde2aa85ddb7de76bbc187edd2ac2e3f530aa5bfd27cba23f71df2de2c89870ee18206760aa99fd1d200cf01b3181045ca
-
SSDEEP
3072:cMsNzSDXSpjkKAs5z2NS/P8BRlzWe4JXhcXT30hJuMDtqRmUWPG:cMsFSDs7agWIe8XhcXTOuMDtqVW
Score1/10 -
-
-
Target
1007BF65F80311D2/locker_LINUX_X64
-
Size
89KB
-
MD5
194a218bb7c8593df0621789488f6907
-
SHA1
89a60bc4e8b7c8188b8f3e96e799f2e455791f87
-
SHA256
6c5252c6653d82e1ff9f57cc0dc98e6d6c7a8c3405ffc418c5b94cc7e47cf057
-
SHA512
c9f32b7cdf3692a62a6e727148577bbdd753bac8df09f7c97075c50fd564ae780079ec3478e136c198027523b60767ab0d298ca01476361d299dc4eea9c0435b
-
SSDEEP
1536:h23bmHSlAhb6eo1xrac08UGNnPnEsT9VxU+tqRAsemhgYBzvI:4rmHSlAhbx+K8UUnPEsBVxDtqR19gAI
-
Traces remote process
-
Checks system information (zLinux)
Check system information on IBM zSystems which indicate if the system is a virtual machine.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Reads hardware information
Accesses system info like serial numbers, manufacturer names etc.
-
Reads network interface configuration
Fetches information about one or more active network interfaces.
-
-
-
Target
1007BF65F80311D2/locker_MIPS
-
Size
126KB
-
MD5
9700dc992a950aa6e76d8d4de5ceff38
-
SHA1
45dba47c0c0358627ae1a79463ed981017d30643
-
SHA256
9c7ff1b686e05948de8d3e51dec88ff21b9b69418a10ba3e08de340f4503c064
-
SHA512
68649687288f1dbe2e0dc202837579467eb2bc31e411d394431257fc5e3085db7283846741385e9d059bb11162bf53865e211a2d36fe8159125a377521ceff13
-
SSDEEP
1536:SXzYBjV+P1NVt1dFMMaH6HULoecIJnvjK2WIAb92aUeX/ZbnBUZulb9S4AbIPLxQ:SXzKx/FLWI7kQ4/tnU04+jOoa
-
Traces remote process
-
Checks system information (zLinux)
Check system information on IBM zSystems which indicate if the system is a virtual machine.
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Indicator Removal
1File Deletion
1Modify Registry
1Virtualization/Sandbox Evasion
2System Checks
2Credential Access
Credentials from Password Stores
2Credentials from Web Browsers
1Windows Credential Manager
1Unsecured Credentials
1Credentials In Files
1Discovery
Browser Information Discovery
1Peripheral Device Discovery
1Query Registry
2System Information Discovery
7System Location Discovery
1System Language Discovery
1System Network Configuration Discovery
2System Network Connections Discovery
1Virtualization/Sandbox Evasion
2System Checks
2