Overview

overview

10

Static

static

10

0400b38bff...69.exe

windows7-x64

7

0400b38bff...69.exe

windows10-2004-x64

7

09a9301821...0c.exe

windows7-x64

10

09a9301821...0c.exe

windows10-2004-x64

10

0d0696212a...6b.exe

windows7-x64

7

0d0696212a...6b.exe

windows10-2004-x64

7

0f769b4c84...54.exe

windows7-x64

7

0f769b4c84...54.exe

windows10-2004-x64

7

1ab92c39e8...c2.exe

windows7-x64

10

1ab92c39e8...c2.exe

windows10-2004-x64

10

20177244bc...98.exe

windows7-x64

10

20177244bc...98.exe

windows10-2004-x64

10

274b00e384...2a.exe

windows7-x64

7

274b00e384...2a.exe

windows10-2004-x64

7

2754574ba5...6a.exe

windows7-x64

7

2754574ba5...6a.exe

windows10-2004-x64

7

38d5cf2bdc...08.exe

windows7-x64

7

38d5cf2bdc...08.exe

windows10-2004-x64

7

3c59836d51...eb.exe

windows7-x64

7

3c59836d51...eb.exe

windows10-2004-x64

7

467a61a074...ca.exe

windows7-x64

7

467a61a074...ca.exe

windows10-2004-x64

7

57e2f0d6a6...20.exe

windows7-x64

7

57e2f0d6a6...20.exe

windows10-2004-x64

7

592075e1fb...be.exe

windows7-x64

7

592075e1fb...be.exe

windows10-2004-x64

7

5a0214e85d...0f.exe

windows7-x64

7

5a0214e85d...0f.exe

windows10-2004-x64

7

5cebe74003...a7.exe

windows7-x64

7

5cebe74003...a7.exe

windows10-2004-x64

7

734cf56280...55.exe

windows7-x64

734cf56280...55.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_76082ff45cc7055692bd65c79ebe843ad9a150b0366cb03b4011356bba0ffd9e

  • Size

    31.0MB

  • Sample

    241223-v35xwawmbp

  • MD5

    ee5c3b5d48af485d19e33a36b613898e

  • SHA1

    ec69f96104cfcfaa620f1aee5951895d3987ffc2

  • SHA256

    76082ff45cc7055692bd65c79ebe843ad9a150b0366cb03b4011356bba0ffd9e

  • SHA512

    f834cea68a4a304f0be9c9f224fed8da5ce111989b8ee7dd40b188de1b1ad86d07f81be684a0bea367b6104f0db3685ee72ee12d6c8137eee5abe7e72812e635

  • SSDEEP

    786432:2ywKn7Geuj20ehpBbrRDoQ/0wcEuo6Z1jnYwyT:247Aeh/RcYTcE+GR

Score
10/10
gcleaneronlyloggerprivateloaderdiscoveryloaderpersistencespywarestealer

Malware Config

Extracted

Family

privateloader

C2

http://212.193.30.45/proxies.txt

http://45.144.225.57/server.txt

pastebin.com/raw/A7dSG1te

http://wfsdragon.ru/api/setStats.php

2.56.59.42

http://212.193.30.29/server.txt

212.193.30.21
Attributes
  • payload_url

    https://vipsofts.xyz/files/mega.bmp

Extracted

Family

gcleaner

C2

ad-storage.biz

ad-postback.biz

Targets

    • Target

      0400b38bff44e2b0ba89f392af3ec1febbe980255086e3d21ca375f8742b0a69

    • Size

      1.3MB

    • MD5

      563e2effa75ec32e724d935dd158da1c

    • SHA1

      3160e721f09618f03a1caf7b5864ca67f49d5602

    • SHA256

      0400b38bff44e2b0ba89f392af3ec1febbe980255086e3d21ca375f8742b0a69

    • SHA512

      e1d99dd4b9471d2010a9a2e4b41aee5faa3a2da725e9a41f25dadf95fd2949e4a405ed77bfc922fcfca5e00e9a52eb74ca89a55098015f5ae1037628fa2308d1

    • SSDEEP

      24576:pXDK/TwSfVcYG3K/cJHlnFR+IGNe8j3Iz:pGLNiXicJFFRGNzj3

    Score
    7/10
    discoveryspywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops file in System32 directory

    behavioral1behavioral2

    • Target

      09a93018218af02ec1b0ec179a3fed2c205ac6f48f8cee615d2dbb99399d600c

    • Size

      1.4MB

    • MD5

      a5b61580544b2c266a7b43f07e68c4d9

    • SHA1

      82697f21745a4dfc6b22826a61b1af2e8c75d605

    • SHA256

      09a93018218af02ec1b0ec179a3fed2c205ac6f48f8cee615d2dbb99399d600c

    • SHA512

      3325cd2b7687aa1ad4e55449d9299317f9f9f9f8a6836d5ed06c2dbf9ad594e9cb44a99fd476c81b9048d09f7589a91ccceb2ff9c928cc953994b7e7861f847c

    • SSDEEP

      24576:6Ji+Gn/TwSfVcYG3K/cJHlnFR+IGNe8j3Iz:6cnLNiXicJFFRGNzj3

    Score
    10/10
    privateloaderdiscoveryloaderspywarestealer

    • PrivateLoader

      PrivateLoader is a downloader sold as a pay-per-install malware distribution service.

      loaderprivateloader

    • Privateloader family

      privateloader

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Legitimate hosting services abused for malware hosting/C2

    • Drops file in System32 directory

    behavioral3behavioral4

    • Target

      0d0696212a60ba82ea918f3e9397268000acb230f4103148df9b6c0c7472b76b

    • Size

      9.3MB

    • MD5

      7f02d2bc4450b27cb13ba01f79d063b2

    • SHA1

      9d98b5f1734a26c1dd2d93133e2b13195f5340c4

    • SHA256

      0d0696212a60ba82ea918f3e9397268000acb230f4103148df9b6c0c7472b76b

    • SHA512

      d561b7d03ee24db26a554c50aea1264eac7ab64e882e8f9651fc203e9055f843183425973bef234024318adfbdd14807ec9a9a35ccb447e37b162fe9d8c77ee7

    • SSDEEP

      98304:+++cfxjnXBJ3t76NrboXEhKE82RivJkHEMXiSKCvyh7wRGpj3:+EfxDXBJ92x2FgR2JCEMHKCvQF9

    Score
    7/10
    discoveryspywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops file in System32 directory

    behavioral5behavioral6

    • Target

      0f769b4c84e763b2dae26a6ca5492ab04562eeac6e13c742a855ba8c555ee054

    • Size

      1.2MB

    • MD5

      b8edefa02f085a64c8c079e541e258b3

    • SHA1

      4949f81bf49a0ea66e3f23ce6a9aa70b6e502794

    • SHA256

      0f769b4c84e763b2dae26a6ca5492ab04562eeac6e13c742a855ba8c555ee054

    • SHA512

      526f59ee03f6b7b351caff2e0e0841286af749c294370db34f57b07f62f014e11b6b8bd3d43904c4db6c69a40b7aefe661526ae8c5d4e95153befde98380b30c

    • SSDEEP

      12288:0RJXc3ajG+hjQKymY8efKCpD7Gj9G6G1qT8nQkCu83L3Wl/np9DBDt3kbE:0TsqjnhMgeiCl7G0nehbGZpbD

    Score
    7/10
    discoveryspywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops file in System32 directory

    behavioral7behavioral8

    • Target

      1ab92c39e8b0350609fabbbd29b9a5ab8e6e3f42182b672eef049b96a3480dc2

    • Size

      1.6MB

    • MD5

      843976c4b88422100383f5281667f621

    • SHA1

      6f95b31e7a4129852fd0cd103777ceda2acceb3b

    • SHA256

      1ab92c39e8b0350609fabbbd29b9a5ab8e6e3f42182b672eef049b96a3480dc2

    • SHA512

      32060b358614d64b13efbf85098acdd31bad52bfe5dca101fab32bec5c25839821b164688d3fae9d94903e46bc7ca87e055d9aa8f6355cd5e72a8e666e196e1d

    • SSDEEP

      24576:UQUNs90gf8TTBPR2Ok/TwSfVcYG3K/cJHlnFR+IGNe8j3Iz:l0zgXLNiXicJFFRGNzj3

    Score
    10/10
    gcleaneronlyloggerdiscoveryloaderspywarestealer

    • GCleaner

      GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

      loadergcleaner

    • Gcleaner family

      gcleaner

    • OnlyLogger

      A tiny loader that uses IPLogger to get its payload.

      loaderonlylogger

    • Onlylogger family

      onlylogger

    • OnlyLogger payload

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops file in System32 directory

    behavioral10behavioral9

    • Target

      20177244bc6d226e096682dff996e09c9799cbf43bf2795a8483e25db137f998

    • Size

      1.6MB

    • MD5

      369745ad82fdafd37ad6d67e6e6a5428

    • SHA1

      1c983ff448c6a160522377bad8caf2c80131acda

    • SHA256

      20177244bc6d226e096682dff996e09c9799cbf43bf2795a8483e25db137f998

    • SHA512

      1a598a4d0f14d61869021b42ebc44a14e9bc308937ee53174a8fd665880b64366f31b28fe348cba972f2d15febd373b3885fae5ab727dc3f1cef1dabcb3eba71

    • SSDEEP

      24576:Q7ww87NKA/lu60S/wOBlkB/TwSfVcYG3K/cJHlnFR+IGNe8j3Iz:kwtNf9/0SJBlkBLNiXicJFFRGNzj3

    Score
    10/10
    privateloaderdiscoveryloaderspywarestealer

    • PrivateLoader

      PrivateLoader is a downloader sold as a pay-per-install malware distribution service.

      loaderprivateloader

    • Privateloader family

      privateloader

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Legitimate hosting services abused for malware hosting/C2

    • Drops file in System32 directory

    behavioral11behavioral12

    • Target

      274b00e3840b0b29a021e2a1a36bdc78829dfdfe2e4010ea494db6ae4276692a

    • Size

      1.2MB

    • MD5

      000275b32a155fbc8a60c0d2928af73d

    • SHA1

      48381350b7646331c7a2010b439497138a01880b

    • SHA256

      274b00e3840b0b29a021e2a1a36bdc78829dfdfe2e4010ea494db6ae4276692a

    • SHA512

      99c789dcf6e0b96ead044e053167ab1448805886e382592e4de894df0836ccf78d8c10db1350db49e7b96f879a4b80202b58387d7a20922a10e423afeb1844b5

    • SSDEEP

      12288:y3iJw/9Rrw0R1u4V/0YG3wx6EcJHUEhPUotFZr+1izHGNe8jKk34z:yD/TwSfVcYG3K/cJHlnFR+IGNe8j3Iz

    Score
    7/10
    discoveryspywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops file in System32 directory

    behavioral13behavioral14

    • Target

      2754574ba546bfe49fc852b87cf85e2fca988b0cff0394abe08e9e4dc934d86a

    • Size

      4.2MB

    • MD5

      abc71afce20361e6adb58586902680bd

    • SHA1

      31a7932bbd23c00600418329fe700b9549578173

    • SHA256

      2754574ba546bfe49fc852b87cf85e2fca988b0cff0394abe08e9e4dc934d86a

    • SHA512

      8b2ac77de848c034a945ca974f74494604c0f75db78bda93770899e707d7545ceae2c2caa40146e9c4f2cbf32a069706f435a4279e0787e909cb19f6ed2465ee

    • SSDEEP

      98304:jgcsAaZKipxGeoD+LTziBJYfl7Yh7wRGpj3:aPPeD9Yfl7cF9

    Score
    7/10
    discoveryspywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Modifies boot configuration data using bcdedit

    • Drops file in System32 directory

    behavioral15behavioral16

    • Target

      38d5cf2bdcab25afb95cda0fd3abc7911469a4c4442966b941e930947099f508

    • Size

      1.6MB

    • MD5

      868bfdf4196d2b563cda87412e5f1c7a

    • SHA1

      73068ee0a0ca192c1d3a7b48fddd5418a2879c98

    • SHA256

      38d5cf2bdcab25afb95cda0fd3abc7911469a4c4442966b941e930947099f508

    • SHA512

      0371555c5df19464b8c182165831efa60cbd8300cffd612bda7fa905e1d2331fa59bb59acd878ce977ec44ae032134ee9c24a9b29c5cf95d3b27a583d2af01a0

    • SSDEEP

      24576:Wxozmm5K5/TwSfVcYG3K/cJHlnFR+IGNe8j3Iz:a5LNiXicJFFRGNzj3

    Score
    7/10
    discoveryspywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses 2FA software files, possible credential harvesting

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Legitimate hosting services abused for malware hosting/C2

    • Drops file in System32 directory

    behavioral17behavioral18

    • Target

      3c59836d51379ebb763312245230900e181afa69064f6c8c999f1bf0d7672feb

    • Size

      1.6MB

    • MD5

      134f063d7cd47ec9ca2af5739d0822ba

    • SHA1

      5ef164a30fc13d7681b809a999f202ce8b4ee411

    • SHA256

      3c59836d51379ebb763312245230900e181afa69064f6c8c999f1bf0d7672feb

    • SHA512

      3bd1092da887c23ed2e663cd211a915b19a974ef4b17c368cf90ef781795345ff0827bd7abfeae111a6ffc00d34b7bee5a65d535131b083e855d3c9737618ffc

    • SSDEEP

      24576:6xozmm5K5/TwSfVcYG3K/cJHlnFR+IGNe8j3Iz:e5LNiXicJFFRGNzj3

    Score
    7/10
    discoveryspywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses 2FA software files, possible credential harvesting

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Legitimate hosting services abused for malware hosting/C2

    • Drops file in System32 directory

    behavioral19behavioral20

    • Target

      467a61a07498f467be1e2dc3f479efddd779e763f928bc27963f11e147bcf1ca

    • Size

      1.2MB

    • MD5

      119632982d43f1c5e4a889275df9040c

    • SHA1

      106ad6d04c126be84e1f07adb8553bb3c087681c

    • SHA256

      467a61a07498f467be1e2dc3f479efddd779e763f928bc27963f11e147bcf1ca

    • SHA512

      a05f11fffaf78da5b7dcf69fdd657e683d37151be711830ee143a0c4d6db97c11bc3066069c1d924540dd830edb5ba7eb786eadf7f163403b6fa7f2b93ff62f0

    • SSDEEP

      12288:DJaXc3ajG+hjQKymY8efKCpD7Gj9G6G1qT8nQkCu83L3Wl/np9DBDt3kbE:VasqjnhMgeiCl7G0nehbGZpbD

    Score
    7/10
    discoveryspywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops file in System32 directory

    behavioral21behavioral22

    • Target

      57e2f0d6a6007a3e90b69323108a192f3ca037ad2878547528e76aaeba3f8e20

    • Size

      1.3MB

    • MD5

      ad0a9b000501c5fefbf4339122a8c819

    • SHA1

      0ee681e181cba463d7d0567885312df82cd906e5

    • SHA256

      57e2f0d6a6007a3e90b69323108a192f3ca037ad2878547528e76aaeba3f8e20

    • SHA512

      eaa348696ed72eede5b91b61a9120f31887901c6806a530f4157a2370065f1ec4fc87c0f57552806b0042fbc21d36dab31642e1dcfb876a1c05909941cb54d1b

    • SSDEEP

      12288:+cFUPnBfJ4yb+QdIKYKNCJKHZDgdVw8XkLavV2Q9yW+GGYT7S/:+cFUPBfJ4yL/tNCJPXUQrPc

    Score
    7/10
    discoveryspywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops file in System32 directory

    behavioral23behavioral24

    • Target

      592075e1fb5e9c9f82bfb80d4f3af4816737aed1a2ac889cbea2b8e1d08edfbe

    • Size

      1.3MB

    • MD5

      6769805f4ef66963bcfc14962f883ad9

    • SHA1

      848e0f81396740e052aecdb6c23134872c2d000c

    • SHA256

      592075e1fb5e9c9f82bfb80d4f3af4816737aed1a2ac889cbea2b8e1d08edfbe

    • SHA512

      cdfbd24d641e986e69849dfc0bdfd7021f4f42aaae110b61add94d90950cc67df3022ba4ffccf333ce0307d83e7431d26fe76eac15780469de561d98e14302b2

    • SSDEEP

      12288:aOXc3ajG+hjQKymY8efKCpD7Gj9G6G1qT8nQkCu83L3Wl/np9DBDt3kbE:PsqjnhMgeiCl7G0nehbGZpbD

    Score
    7/10
    discoveryspywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops file in System32 directory

    behavioral25behavioral26

    • Target

      5a0214e85d7d0c2f2fbfc204c90099e3b553de62e8b994a65b158dd22a12ef0f

    • Size

      2.7MB

    • MD5

      f5b81b9d05f904aafc1bdcc9e07dbfe6

    • SHA1

      24bfff51d3cee692c93c3042ed1113a60aff57ca

    • SHA256

      5a0214e85d7d0c2f2fbfc204c90099e3b553de62e8b994a65b158dd22a12ef0f

    • SHA512

      916b57875f07d3d38790e98a8e2756696a06cf02424240985fbb4e195cdf1d7d07f8c96601d011264075a7ae8ca52b2da56dda5e18dfafcfa8c066d443b7b8f8

    • SSDEEP

      49152:QyFO6qPehNmKFmWhDcQi3RJbvJwT34RpAtHGIQkFzNjteyUHBdH3F2LNiXicJFFS:1OXntLEGIzNte9Bp127wRGpj3

    Score
    7/10
    discoverypersistencespywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

      persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops file in System32 directory

    behavioral27behavioral28

    • Target

      5cebe74003cf5206a46d4ab96a9ca9ed3d44b6258a8a1ac20d4dbebbc5c384a7

    • Size

      1.3MB

    • MD5

      7e7886d0451615ab6df702aa31702cce

    • SHA1

      5e3b104f66d367e2edf24868142e0d29b809994e

    • SHA256

      5cebe74003cf5206a46d4ab96a9ca9ed3d44b6258a8a1ac20d4dbebbc5c384a7

    • SHA512

      a46b2e1dc39007a5114067236665f32efe3faa6859ac4b2a3a18512f41d1a144504fe379459d927a88de258492e6a79e4fde51ab25fd6fdb6a389c2b9af755c1

    • SSDEEP

      12288:hlyfcDZXc3ajG+hjQKymY8efKCpD7Gj9G6G1qT8nQkCu83L3Wl/np9DBDt3kbE:hlwwsqjnhMgeiCl7G0nehbGZpbD

    Score
    7/10
    discoveryspywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops file in System32 directory

    behavioral29behavioral30

    • Target

      734cf562801a81b85aa3d748245a1fe2d295539a6050d824d0a1aa84bd1f0055

    • Size

      7.0MB

    • MD5

      be44f7cd85a81ac2bc531df53a629db0

    • SHA1

      f4933dddbbbeb88207fc7144e9be22ce2dbd86a4

    • SHA256

      734cf562801a81b85aa3d748245a1fe2d295539a6050d824d0a1aa84bd1f0055

    • SHA512

      92c6391f7cf8fff08271d778e5b28cf069ab20d69f1834c0c7674fc38fd90c11f6876bd2d73ddf27cee1e219c13df0f0971e85ca86323ed5008ad641743d7166

    • SSDEEP

      196608:zAHqgRSdbx2l5dt+6EniXf8eHF1fIvbL0W6Ds2w5TNmt11HT2skBF9:cKgRSdbx2l5dt+6YiXf8eHF1fIvbL0Wj

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

1
T1053

Scheduled Task

1
T1053.005

Persistence

Event Triggered Execution

1
T1546

Change Default File Association

1
T1546.001

Scheduled Task/Job

1
T1053

Scheduled Task

1
T1053.005

Privilege Escalation

Event Triggered Execution

1
T1546

Change Default File Association

1
T1546.001

Scheduled Task/Job

1
T1053

Scheduled Task

1
T1053.005

Defense Evasion

Modify Registry

3
T1112

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Credential Access

Credentials from Password Stores

1
T1555

Credentials from Web Browsers

1
T1555.003

Unsecured Credentials

3
T1552

Credentials In Files

3
T1552.001

Discovery

Peripheral Device Discovery

2
T1120

Query Registry

5
T1012

System Information Discovery

4
T1082

System Location Discovery

1
T1614

System Language Discovery

1
T1614.001

Lateral Movement

Collection

Data from Local System

3
T1005

Command and Control

Web Service

1
T1102

Exfiltration

Impact

Tasks

static1

loaderprivateloader
Score
10/10

behavioral1

discoveryspywarestealer
Score
7/10

behavioral2

discoveryspywarestealer
Score
7/10

behavioral3

privateloaderdiscoveryloaderspywarestealer
Score
10/10

behavioral4

privateloaderdiscoveryloaderspywarestealer
Score
10/10

behavioral5

discoveryspywarestealer
Score
7/10

behavioral6

discoveryspywarestealer
Score
7/10

behavioral7

discoveryspywarestealer
Score
7/10

behavioral8

discoveryspywarestealer
Score
7/10

behavioral9

gcleaneronlyloggerdiscoveryloaderspywarestealer
Score
10/10

behavioral10

gcleaneronlyloggerdiscoveryloaderspywarestealer
Score
10/10

behavioral11

privateloaderdiscoveryloaderspywarestealer
Score
10/10

behavioral12

privateloaderdiscoveryloaderspywarestealer
Score
10/10

behavioral13

discoveryspywarestealer
Score
7/10

behavioral14

discoveryspywarestealer
Score
7/10

behavioral15

discoveryspywarestealer
Score
7/10

behavioral16

discoveryspywarestealer
Score
7/10

behavioral17

discoveryspywarestealer
Score
7/10

behavioral18

discoveryspywarestealer
Score
7/10

behavioral19

discoveryspywarestealer
Score
7/10

behavioral20

discoveryspywarestealer
Score
7/10

behavioral21

discoveryspywarestealer
Score
7/10

behavioral22

discoveryspywarestealer
Score
7/10

behavioral23

discoveryspywarestealer
Score
7/10

behavioral24

discoveryspywarestealer
Score
7/10

behavioral25

discoveryspywarestealer
Score
7/10

behavioral26

discoveryspywarestealer
Score
7/10

behavioral27

discoverypersistencespywarestealer
Score
7/10

behavioral28

discoverypersistencespywarestealer
Score
7/10

behavioral29

discoveryspywarestealer
Score
7/10

behavioral30

discoveryspywarestealer
Score
7/10

behavioral31

Score
1/10

behavioral32

Score
1/10