Analysis
-
max time kernel
20s -
max time network
151s -
platform
windows11-21h2_x64 -
resource
win11-20241007-en -
resource tags
-
submitted
21-01-2025 01:18
General
-
Target
FuckTheCore.exe
-
Size
4.7MB
-
MD5
d442d703f5e157ebc8599c407d02121d
-
SHA1
9f5968b9a0e71744f0ccd750b093e1477faa6b75
-
SHA256
c486e1a0e7fd07b046d7bf229d49fae292a79663224472c77598fab95877611e
-
SHA512
8be12fd13f8a94c414760391e55291d6fa29d2358e64a8572a7c5de8dad9c9048f624abf32591ef925af679351aa0e36028f4303c53f9d3ab1443aa5d7e68baa
-
SSDEEP
49152:OK1A6CVYmiSrTsL1VON/giCnSJwDznaAkrGOTpr+y3Z3fM6sPAxBh4:OK1xUrTsBVvzaDGOlZ3fLsPm2
Score
10/10
Malware Config
Signatures
-
Darkcomet
DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
-
Darkcomet family
-
Drops file in Drivers directory 64 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
System Location Discovery: System Language Discovery 1 TTPs 64 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious use of AdjustPrivilegeToken 64 IoCs
-
Suspicious use of SetWindowsHookEx 1 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\FuckTheCore.exe"C:\Users\Admin\AppData\Local\Temp\FuckTheCore.exe"1⤵
- Drops file in Drivers directory
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"2⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"3⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"4⤵
- Drops file in Drivers directory
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"5⤵
- Drops file in Drivers directory
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"6⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"7⤵
- Drops file in Drivers directory
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"8⤵
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"9⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"10⤵
- Drops file in Drivers directory
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"11⤵
- Drops file in Drivers directory
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"12⤵
- Drops file in Drivers directory
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"13⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"14⤵
- Drops file in Drivers directory
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"15⤵
- Drops file in Drivers directory
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"16⤵
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"17⤵
- Drops file in Drivers directory
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"18⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"19⤵
- Drops file in Drivers directory
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"20⤵
- Drops file in Drivers directory
- System Location Discovery: System Language Discovery
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"21⤵
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"22⤵
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"23⤵
- Drops file in Drivers directory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"24⤵
- Drops file in Drivers directory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"25⤵
- Drops file in Drivers directory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"26⤵
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"27⤵
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"28⤵
- Drops file in Drivers directory
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"29⤵
- Drops file in Drivers directory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"30⤵
- Drops file in Drivers directory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"31⤵
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"32⤵
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"33⤵
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"34⤵
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"35⤵
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"36⤵
- Drops file in Drivers directory
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"37⤵
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"38⤵
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"39⤵
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"40⤵
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"41⤵
- Drops file in Drivers directory
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"42⤵
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"43⤵
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"44⤵
- Drops file in Drivers directory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"45⤵
- Drops file in Drivers directory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"46⤵
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"47⤵
- Drops file in Drivers directory
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"48⤵
- Drops file in Drivers directory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"49⤵
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"50⤵
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"51⤵
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"52⤵
- Drops file in Drivers directory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"53⤵
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"54⤵
- Drops file in Drivers directory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"55⤵
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"56⤵
- Drops file in Drivers directory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"57⤵
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"58⤵
- Drops file in Drivers directory
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"59⤵
- Drops file in Drivers directory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"60⤵
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"61⤵
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"62⤵
- Drops file in Drivers directory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"63⤵
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"64⤵
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"65⤵
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"66⤵
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"67⤵
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"68⤵
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"69⤵
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"70⤵
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"71⤵
- Drops file in Drivers directory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"72⤵
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"73⤵
- Drops file in Drivers directory
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"74⤵
- Drops file in Drivers directory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"75⤵
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"76⤵
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"77⤵
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"78⤵
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"79⤵
- Drops file in Drivers directory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"80⤵
- Drops file in Drivers directory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"81⤵
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"82⤵
- Drops file in Drivers directory
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"83⤵
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"84⤵
- Drops file in Drivers directory
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"85⤵
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"86⤵
- Drops file in Drivers directory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"87⤵
- Drops file in Drivers directory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"88⤵
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"89⤵
- Drops file in Drivers directory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"90⤵
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"91⤵
- Drops file in Drivers directory
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"92⤵
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"93⤵
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"94⤵
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"95⤵
- Drops file in Drivers directory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"96⤵
- Drops file in Drivers directory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"97⤵
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"98⤵
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"99⤵
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"100⤵
- Drops file in Drivers directory
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"101⤵
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"102⤵
- Drops file in Drivers directory
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"103⤵
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"104⤵
- Drops file in Drivers directory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"105⤵
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"106⤵
- Drops file in Drivers directory
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"107⤵
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"108⤵
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"109⤵
- Drops file in Drivers directory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"110⤵
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"111⤵
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"112⤵
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"113⤵
- System Location Discovery: System Language Discovery
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"114⤵
- Drops file in Drivers directory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"115⤵
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"116⤵
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"117⤵
- Drops file in Drivers directory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"118⤵
- Drops file in Drivers directory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"119⤵
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"120⤵
- Drops file in Drivers directory
-
C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"C:\Users\Admin\AppData\Local\Temp\FUCKTHECORE.EXE"121⤵
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-