{"Win.Dropper.DarkComet-9987724-1": {"bis": [{"bi": "pe-encrypted-section", "hashes": ["88e478cbdf1cf481bd1b16daed1efde0eb243e144b0cf72cd27c20349dc82a93", "7f4676305a5cc0968444f30f1cdbfa04aed721176db2d20401fffb7c596c3302", "fee76f0f9fd94532154f17a232028b769b83b509ecbf029c9b8fd53462fa0905", "89b43b0ba7a914bd0c9f14f2db38aa24a221252b9f4d53600affca3986b3c88c", "e0be86684273cc8cba0a6ec9490a2143279659f11ed9cdb9bdae5d91f93a7591", "387edb31d8fbb1478a702773203645ad00d423444a7ce2213b693a35bffa1db8", "c79b5af5aaffef68cd06f92379cd36a8563ef0992c688761033f28a158cf7905", "993f856b5f28b0d05087f2d109dbf575f8fc9e9604496deb833b2af8bdc913a6", "51b176c359d6ccd836ba35283c65b1936f45d79ea410ea877cfc88478192ed74", "6fc939a835debb66a1718a11701631bdc8485cf8481bc031a1533a566fea0df1", "23b2a05f66fe4463b4a9b247e2553b3ab3e457d7692bcda4ef80b451a807cec7", "31106ecb5d2fc5a71e523638369efe1f98ce94d1e972d6f21a2eac30f248756a", "9f46a0aa254284347749d901fd9ca394bdbe7c9a14db990e493ed74f3b064445", "741bec34feb048eb37de1cd12cb70ed1d18e3aaa18af112538976d04fcc183ad", "0870345c9baf599cafbdbf6c178af59bb84ca29132be8f25a99b631a5812f2c0", "745d2dbca92dfbb840b1cbd69f71bf25248012838f1e586968ba3bfac9570141", "b1f8c81db53ca15ca183f93dab27fae3d8ffa4ecebc1edd9944abcb1cd9ae25a", "17358278cec9baf2cc39db83075199b08f063744cdbc368503e0d9f480599c6f", "5f97bd4dd258cc40c67b0ee332ec1404bd4a42574b1f263f417a9bae926200f6", "0f00ea2de2b3fbd975b0bf81b93ac892a32b9b38505ca7934975824994de5bfa", "a75a74d8013f9efed45a98a3d5b2fb21f3e0f381240582ec398270a1562e3a46", "00dd7043f8f736d307e8d432dc4d53e169a0d01bbaf18c8e9c26d3d702b5b901", "2f21b95df665d9a895eb142d540ec232775dae8ca6d3fff982110eafd98a276d", "05cf1d6e467dcacb7a8426d686aad3e467bebf56f14094a730acda703f6a8110", "84644a768c0ee235e16fd5a58e022b22a620c2e88b0b1f983ae72aa8e469a0bf", "6c1219e68eeb403bbca8f012f3add1a65e0a8e3657436e69adf731d0f8617199", "5114f0e28f24ae8b78e9b7f1bc8a7275b8c5df906bfa5051c82cc58ef0560e19", "ab6a6f36256049b826b5034e820f8f160f19ddcbbacb32421dcf88f07f23a406"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "memory-execute-readwrite", "hashes": ["88e478cbdf1cf481bd1b16daed1efde0eb243e144b0cf72cd27c20349dc82a93", "7f4676305a5cc0968444f30f1cdbfa04aed721176db2d20401fffb7c596c3302", "fee76f0f9fd94532154f17a232028b769b83b509ecbf029c9b8fd53462fa0905", "89b43b0ba7a914bd0c9f14f2db38aa24a221252b9f4d53600affca3986b3c88c", "e0be86684273cc8cba0a6ec9490a2143279659f11ed9cdb9bdae5d91f93a7591", "387edb31d8fbb1478a702773203645ad00d423444a7ce2213b693a35bffa1db8", "c79b5af5aaffef68cd06f92379cd36a8563ef0992c688761033f28a158cf7905", "993f856b5f28b0d05087f2d109dbf575f8fc9e9604496deb833b2af8bdc913a6", "51b176c359d6ccd836ba35283c65b1936f45d79ea410ea877cfc88478192ed74", "6fc939a835debb66a1718a11701631bdc8485cf8481bc031a1533a566fea0df1", "23b2a05f66fe4463b4a9b247e2553b3ab3e457d7692bcda4ef80b451a807cec7", "31106ecb5d2fc5a71e523638369efe1f98ce94d1e972d6f21a2eac30f248756a", "9f46a0aa254284347749d901fd9ca394bdbe7c9a14db990e493ed74f3b064445", "741bec34feb048eb37de1cd12cb70ed1d18e3aaa18af112538976d04fcc183ad", "0870345c9baf599cafbdbf6c178af59bb84ca29132be8f25a99b631a5812f2c0", "745d2dbca92dfbb840b1cbd69f71bf25248012838f1e586968ba3bfac9570141", "b1f8c81db53ca15ca183f93dab27fae3d8ffa4ecebc1edd9944abcb1cd9ae25a", "17358278cec9baf2cc39db83075199b08f063744cdbc368503e0d9f480599c6f", "5f97bd4dd258cc40c67b0ee332ec1404bd4a42574b1f263f417a9bae926200f6", "0f00ea2de2b3fbd975b0bf81b93ac892a32b9b38505ca7934975824994de5bfa", "a75a74d8013f9efed45a98a3d5b2fb21f3e0f381240582ec398270a1562e3a46", "00dd7043f8f736d307e8d432dc4d53e169a0d01bbaf18c8e9c26d3d702b5b901", "2f21b95df665d9a895eb142d540ec232775dae8ca6d3fff982110eafd98a276d", "05cf1d6e467dcacb7a8426d686aad3e467bebf56f14094a730acda703f6a8110", "84644a768c0ee235e16fd5a58e022b22a620c2e88b0b1f983ae72aa8e469a0bf", "6c1219e68eeb403bbca8f012f3add1a65e0a8e3657436e69adf731d0f8617199", "5114f0e28f24ae8b78e9b7f1bc8a7275b8c5df906bfa5051c82cc58ef0560e19", "ab6a6f36256049b826b5034e820f8f160f19ddcbbacb32421dcf88f07f23a406"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["88e478cbdf1cf481bd1b16daed1efde0eb243e144b0cf72cd27c20349dc82a93", "7f4676305a5cc0968444f30f1cdbfa04aed721176db2d20401fffb7c596c3302", "fee76f0f9fd94532154f17a232028b769b83b509ecbf029c9b8fd53462fa0905", "89b43b0ba7a914bd0c9f14f2db38aa24a221252b9f4d53600affca3986b3c88c", "e0be86684273cc8cba0a6ec9490a2143279659f11ed9cdb9bdae5d91f93a7591", "387edb31d8fbb1478a702773203645ad00d423444a7ce2213b693a35bffa1db8", "c79b5af5aaffef68cd06f92379cd36a8563ef0992c688761033f28a158cf7905", "993f856b5f28b0d05087f2d109dbf575f8fc9e9604496deb833b2af8bdc913a6", "51b176c359d6ccd836ba35283c65b1936f45d79ea410ea877cfc88478192ed74", "6fc939a835debb66a1718a11701631bdc8485cf8481bc031a1533a566fea0df1", "23b2a05f66fe4463b4a9b247e2553b3ab3e457d7692bcda4ef80b451a807cec7", "31106ecb5d2fc5a71e523638369efe1f98ce94d1e972d6f21a2eac30f248756a", "9f46a0aa254284347749d901fd9ca394bdbe7c9a14db990e493ed74f3b064445", "741bec34feb048eb37de1cd12cb70ed1d18e3aaa18af112538976d04fcc183ad", "0870345c9baf599cafbdbf6c178af59bb84ca29132be8f25a99b631a5812f2c0", "745d2dbca92dfbb840b1cbd69f71bf25248012838f1e586968ba3bfac9570141", "b1f8c81db53ca15ca183f93dab27fae3d8ffa4ecebc1edd9944abcb1cd9ae25a", "17358278cec9baf2cc39db83075199b08f063744cdbc368503e0d9f480599c6f", "5f97bd4dd258cc40c67b0ee332ec1404bd4a42574b1f263f417a9bae926200f6", "0f00ea2de2b3fbd975b0bf81b93ac892a32b9b38505ca7934975824994de5bfa", "a75a74d8013f9efed45a98a3d5b2fb21f3e0f381240582ec398270a1562e3a46", "00dd7043f8f736d307e8d432dc4d53e169a0d01bbaf18c8e9c26d3d702b5b901", "2f21b95df665d9a895eb142d540ec232775dae8ca6d3fff982110eafd98a276d", "05cf1d6e467dcacb7a8426d686aad3e467bebf56f14094a730acda703f6a8110", "84644a768c0ee235e16fd5a58e022b22a620c2e88b0b1f983ae72aa8e469a0bf", "6c1219e68eeb403bbca8f012f3add1a65e0a8e3657436e69adf731d0f8617199", "5114f0e28f24ae8b78e9b7f1bc8a7275b8c5df906bfa5051c82cc58ef0560e19", "ab6a6f36256049b826b5034e820f8f160f19ddcbbacb32421dcf88f07f23a406"], "mitre_attack_tags": []}, {"bi": "modified-file-in-user-dir", "hashes": ["88e478cbdf1cf481bd1b16daed1efde0eb243e144b0cf72cd27c20349dc82a93", "7f4676305a5cc0968444f30f1cdbfa04aed721176db2d20401fffb7c596c3302", "fee76f0f9fd94532154f17a232028b769b83b509ecbf029c9b8fd53462fa0905", "89b43b0ba7a914bd0c9f14f2db38aa24a221252b9f4d53600affca3986b3c88c", "e0be86684273cc8cba0a6ec9490a2143279659f11ed9cdb9bdae5d91f93a7591", "387edb31d8fbb1478a702773203645ad00d423444a7ce2213b693a35bffa1db8", "c79b5af5aaffef68cd06f92379cd36a8563ef0992c688761033f28a158cf7905", "993f856b5f28b0d05087f2d109dbf575f8fc9e9604496deb833b2af8bdc913a6", "51b176c359d6ccd836ba35283c65b1936f45d79ea410ea877cfc88478192ed74", "6fc939a835debb66a1718a11701631bdc8485cf8481bc031a1533a566fea0df1", "23b2a05f66fe4463b4a9b247e2553b3ab3e457d7692bcda4ef80b451a807cec7", "31106ecb5d2fc5a71e523638369efe1f98ce94d1e972d6f21a2eac30f248756a", "9f46a0aa254284347749d901fd9ca394bdbe7c9a14db990e493ed74f3b064445", "741bec34feb048eb37de1cd12cb70ed1d18e3aaa18af112538976d04fcc183ad", "0870345c9baf599cafbdbf6c178af59bb84ca29132be8f25a99b631a5812f2c0", "745d2dbca92dfbb840b1cbd69f71bf25248012838f1e586968ba3bfac9570141", "b1f8c81db53ca15ca183f93dab27fae3d8ffa4ecebc1edd9944abcb1cd9ae25a", "17358278cec9baf2cc39db83075199b08f063744cdbc368503e0d9f480599c6f", "5f97bd4dd258cc40c67b0ee332ec1404bd4a42574b1f263f417a9bae926200f6", "0f00ea2de2b3fbd975b0bf81b93ac892a32b9b38505ca7934975824994de5bfa", "a75a74d8013f9efed45a98a3d5b2fb21f3e0f381240582ec398270a1562e3a46", "00dd7043f8f736d307e8d432dc4d53e169a0d01bbaf18c8e9c26d3d702b5b901", "2f21b95df665d9a895eb142d540ec232775dae8ca6d3fff982110eafd98a276d", "05cf1d6e467dcacb7a8426d686aad3e467bebf56f14094a730acda703f6a8110", "84644a768c0ee235e16fd5a58e022b22a620c2e88b0b1f983ae72aa8e469a0bf", "6c1219e68eeb403bbca8f012f3add1a65e0a8e3657436e69adf731d0f8617199", "5114f0e28f24ae8b78e9b7f1bc8a7275b8c5df906bfa5051c82cc58ef0560e19", "ab6a6f36256049b826b5034e820f8f160f19ddcbbacb32421dcf88f07f23a406"], "mitre_attack_tags": []}, {"bi": "artifact-flagged-anomaly", "hashes": ["88e478cbdf1cf481bd1b16daed1efde0eb243e144b0cf72cd27c20349dc82a93", "7f4676305a5cc0968444f30f1cdbfa04aed721176db2d20401fffb7c596c3302", "fee76f0f9fd94532154f17a232028b769b83b509ecbf029c9b8fd53462fa0905", "89b43b0ba7a914bd0c9f14f2db38aa24a221252b9f4d53600affca3986b3c88c", "e0be86684273cc8cba0a6ec9490a2143279659f11ed9cdb9bdae5d91f93a7591", "387edb31d8fbb1478a702773203645ad00d423444a7ce2213b693a35bffa1db8", "c79b5af5aaffef68cd06f92379cd36a8563ef0992c688761033f28a158cf7905", "993f856b5f28b0d05087f2d109dbf575f8fc9e9604496deb833b2af8bdc913a6", "51b176c359d6ccd836ba35283c65b1936f45d79ea410ea877cfc88478192ed74", "6fc939a835debb66a1718a11701631bdc8485cf8481bc031a1533a566fea0df1", "23b2a05f66fe4463b4a9b247e2553b3ab3e457d7692bcda4ef80b451a807cec7", "31106ecb5d2fc5a71e523638369efe1f98ce94d1e972d6f21a2eac30f248756a", "9f46a0aa254284347749d901fd9ca394bdbe7c9a14db990e493ed74f3b064445", "741bec34feb048eb37de1cd12cb70ed1d18e3aaa18af112538976d04fcc183ad", "0870345c9baf599cafbdbf6c178af59bb84ca29132be8f25a99b631a5812f2c0", "745d2dbca92dfbb840b1cbd69f71bf25248012838f1e586968ba3bfac9570141", "b1f8c81db53ca15ca183f93dab27fae3d8ffa4ecebc1edd9944abcb1cd9ae25a", "17358278cec9baf2cc39db83075199b08f063744cdbc368503e0d9f480599c6f", "5f97bd4dd258cc40c67b0ee332ec1404bd4a42574b1f263f417a9bae926200f6", "0f00ea2de2b3fbd975b0bf81b93ac892a32b9b38505ca7934975824994de5bfa", "a75a74d8013f9efed45a98a3d5b2fb21f3e0f381240582ec398270a1562e3a46", "00dd7043f8f736d307e8d432dc4d53e169a0d01bbaf18c8e9c26d3d702b5b901", "2f21b95df665d9a895eb142d540ec232775dae8ca6d3fff982110eafd98a276d", "05cf1d6e467dcacb7a8426d686aad3e467bebf56f14094a730acda703f6a8110", "84644a768c0ee235e16fd5a58e022b22a620c2e88b0b1f983ae72aa8e469a0bf", "6c1219e68eeb403bbca8f012f3add1a65e0a8e3657436e69adf731d0f8617199", "5114f0e28f24ae8b78e9b7f1bc8a7275b8c5df906bfa5051c82cc58ef0560e19", "ab6a6f36256049b826b5034e820f8f160f19ddcbbacb32421dcf88f07f23a406"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "pe-section-execute-writable", "hashes": ["88e478cbdf1cf481bd1b16daed1efde0eb243e144b0cf72cd27c20349dc82a93", "7f4676305a5cc0968444f30f1cdbfa04aed721176db2d20401fffb7c596c3302", "fee76f0f9fd94532154f17a232028b769b83b509ecbf029c9b8fd53462fa0905", "89b43b0ba7a914bd0c9f14f2db38aa24a221252b9f4d53600affca3986b3c88c", "e0be86684273cc8cba0a6ec9490a2143279659f11ed9cdb9bdae5d91f93a7591", "387edb31d8fbb1478a702773203645ad00d423444a7ce2213b693a35bffa1db8", "c79b5af5aaffef68cd06f92379cd36a8563ef0992c688761033f28a158cf7905", "993f856b5f28b0d05087f2d109dbf575f8fc9e9604496deb833b2af8bdc913a6", "51b176c359d6ccd836ba35283c65b1936f45d79ea410ea877cfc88478192ed74", "6fc939a835debb66a1718a11701631bdc8485cf8481bc031a1533a566fea0df1", "23b2a05f66fe4463b4a9b247e2553b3ab3e457d7692bcda4ef80b451a807cec7", "31106ecb5d2fc5a71e523638369efe1f98ce94d1e972d6f21a2eac30f248756a", "9f46a0aa254284347749d901fd9ca394bdbe7c9a14db990e493ed74f3b064445", "741bec34feb048eb37de1cd12cb70ed1d18e3aaa18af112538976d04fcc183ad", "0870345c9baf599cafbdbf6c178af59bb84ca29132be8f25a99b631a5812f2c0", "745d2dbca92dfbb840b1cbd69f71bf25248012838f1e586968ba3bfac9570141", "b1f8c81db53ca15ca183f93dab27fae3d8ffa4ecebc1edd9944abcb1cd9ae25a", "17358278cec9baf2cc39db83075199b08f063744cdbc368503e0d9f480599c6f", "5f97bd4dd258cc40c67b0ee332ec1404bd4a42574b1f263f417a9bae926200f6", "0f00ea2de2b3fbd975b0bf81b93ac892a32b9b38505ca7934975824994de5bfa", "a75a74d8013f9efed45a98a3d5b2fb21f3e0f381240582ec398270a1562e3a46", "00dd7043f8f736d307e8d432dc4d53e169a0d01bbaf18c8e9c26d3d702b5b901", "2f21b95df665d9a895eb142d540ec232775dae8ca6d3fff982110eafd98a276d", "05cf1d6e467dcacb7a8426d686aad3e467bebf56f14094a730acda703f6a8110", "84644a768c0ee235e16fd5a58e022b22a620c2e88b0b1f983ae72aa8e469a0bf", "6c1219e68eeb403bbca8f012f3add1a65e0a8e3657436e69adf731d0f8617199", "5114f0e28f24ae8b78e9b7f1bc8a7275b8c5df906bfa5051c82cc58ef0560e19", "ab6a6f36256049b826b5034e820f8f160f19ddcbbacb32421dcf88f07f23a406"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "pe-packed-upx", "hashes": ["88e478cbdf1cf481bd1b16daed1efde0eb243e144b0cf72cd27c20349dc82a93", "7f4676305a5cc0968444f30f1cdbfa04aed721176db2d20401fffb7c596c3302", "fee76f0f9fd94532154f17a232028b769b83b509ecbf029c9b8fd53462fa0905", "89b43b0ba7a914bd0c9f14f2db38aa24a221252b9f4d53600affca3986b3c88c", "e0be86684273cc8cba0a6ec9490a2143279659f11ed9cdb9bdae5d91f93a7591", "387edb31d8fbb1478a702773203645ad00d423444a7ce2213b693a35bffa1db8", "c79b5af5aaffef68cd06f92379cd36a8563ef0992c688761033f28a158cf7905", "993f856b5f28b0d05087f2d109dbf575f8fc9e9604496deb833b2af8bdc913a6", "51b176c359d6ccd836ba35283c65b1936f45d79ea410ea877cfc88478192ed74", "6fc939a835debb66a1718a11701631bdc8485cf8481bc031a1533a566fea0df1", "23b2a05f66fe4463b4a9b247e2553b3ab3e457d7692bcda4ef80b451a807cec7", "31106ecb5d2fc5a71e523638369efe1f98ce94d1e972d6f21a2eac30f248756a", "9f46a0aa254284347749d901fd9ca394bdbe7c9a14db990e493ed74f3b064445", "741bec34feb048eb37de1cd12cb70ed1d18e3aaa18af112538976d04fcc183ad", "0870345c9baf599cafbdbf6c178af59bb84ca29132be8f25a99b631a5812f2c0", "745d2dbca92dfbb840b1cbd69f71bf25248012838f1e586968ba3bfac9570141", "b1f8c81db53ca15ca183f93dab27fae3d8ffa4ecebc1edd9944abcb1cd9ae25a", "17358278cec9baf2cc39db83075199b08f063744cdbc368503e0d9f480599c6f", "5f97bd4dd258cc40c67b0ee332ec1404bd4a42574b1f263f417a9bae926200f6", "0f00ea2de2b3fbd975b0bf81b93ac892a32b9b38505ca7934975824994de5bfa", "a75a74d8013f9efed45a98a3d5b2fb21f3e0f381240582ec398270a1562e3a46", "00dd7043f8f736d307e8d432dc4d53e169a0d01bbaf18c8e9c26d3d702b5b901", "2f21b95df665d9a895eb142d540ec232775dae8ca6d3fff982110eafd98a276d", "05cf1d6e467dcacb7a8426d686aad3e467bebf56f14094a730acda703f6a8110", "84644a768c0ee235e16fd5a58e022b22a620c2e88b0b1f983ae72aa8e469a0bf", "6c1219e68eeb403bbca8f012f3add1a65e0a8e3657436e69adf731d0f8617199", "5114f0e28f24ae8b78e9b7f1bc8a7275b8c5df906bfa5051c82cc58ef0560e19", "ab6a6f36256049b826b5034e820f8f160f19ddcbbacb32421dcf88f07f23a406"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "excessive-foreign-memory-modification", "hashes": ["88e478cbdf1cf481bd1b16daed1efde0eb243e144b0cf72cd27c20349dc82a93", "7f4676305a5cc0968444f30f1cdbfa04aed721176db2d20401fffb7c596c3302", "fee76f0f9fd94532154f17a232028b769b83b509ecbf029c9b8fd53462fa0905", "89b43b0ba7a914bd0c9f14f2db38aa24a221252b9f4d53600affca3986b3c88c", "e0be86684273cc8cba0a6ec9490a2143279659f11ed9cdb9bdae5d91f93a7591", "387edb31d8fbb1478a702773203645ad00d423444a7ce2213b693a35bffa1db8", "c79b5af5aaffef68cd06f92379cd36a8563ef0992c688761033f28a158cf7905", "51b176c359d6ccd836ba35283c65b1936f45d79ea410ea877cfc88478192ed74", "6fc939a835debb66a1718a11701631bdc8485cf8481bc031a1533a566fea0df1", "23b2a05f66fe4463b4a9b247e2553b3ab3e457d7692bcda4ef80b451a807cec7", "31106ecb5d2fc5a71e523638369efe1f98ce94d1e972d6f21a2eac30f248756a", "9f46a0aa254284347749d901fd9ca394bdbe7c9a14db990e493ed74f3b064445", "741bec34feb048eb37de1cd12cb70ed1d18e3aaa18af112538976d04fcc183ad", "0870345c9baf599cafbdbf6c178af59bb84ca29132be8f25a99b631a5812f2c0", "745d2dbca92dfbb840b1cbd69f71bf25248012838f1e586968ba3bfac9570141", "b1f8c81db53ca15ca183f93dab27fae3d8ffa4ecebc1edd9944abcb1cd9ae25a", "17358278cec9baf2cc39db83075199b08f063744cdbc368503e0d9f480599c6f", "5f97bd4dd258cc40c67b0ee332ec1404bd4a42574b1f263f417a9bae926200f6", "0f00ea2de2b3fbd975b0bf81b93ac892a32b9b38505ca7934975824994de5bfa", "a75a74d8013f9efed45a98a3d5b2fb21f3e0f381240582ec398270a1562e3a46", "05cf1d6e467dcacb7a8426d686aad3e467bebf56f14094a730acda703f6a8110", "84644a768c0ee235e16fd5a58e022b22a620c2e88b0b1f983ae72aa8e469a0bf", "5114f0e28f24ae8b78e9b7f1bc8a7275b8c5df906bfa5051c82cc58ef0560e19", "ab6a6f36256049b826b5034e820f8f160f19ddcbbacb32421dcf88f07f23a406"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "sample-launched-copy-of-self", "hashes": ["88e478cbdf1cf481bd1b16daed1efde0eb243e144b0cf72cd27c20349dc82a93", "7f4676305a5cc0968444f30f1cdbfa04aed721176db2d20401fffb7c596c3302", "fee76f0f9fd94532154f17a232028b769b83b509ecbf029c9b8fd53462fa0905", "89b43b0ba7a914bd0c9f14f2db38aa24a221252b9f4d53600affca3986b3c88c", "e0be86684273cc8cba0a6ec9490a2143279659f11ed9cdb9bdae5d91f93a7591", "387edb31d8fbb1478a702773203645ad00d423444a7ce2213b693a35bffa1db8", "c79b5af5aaffef68cd06f92379cd36a8563ef0992c688761033f28a158cf7905", "51b176c359d6ccd836ba35283c65b1936f45d79ea410ea877cfc88478192ed74", "6fc939a835debb66a1718a11701631bdc8485cf8481bc031a1533a566fea0df1", "23b2a05f66fe4463b4a9b247e2553b3ab3e457d7692bcda4ef80b451a807cec7", "31106ecb5d2fc5a71e523638369efe1f98ce94d1e972d6f21a2eac30f248756a", "9f46a0aa254284347749d901fd9ca394bdbe7c9a14db990e493ed74f3b064445", "741bec34feb048eb37de1cd12cb70ed1d18e3aaa18af112538976d04fcc183ad", "0870345c9baf599cafbdbf6c178af59bb84ca29132be8f25a99b631a5812f2c0", "745d2dbca92dfbb840b1cbd69f71bf25248012838f1e586968ba3bfac9570141", "b1f8c81db53ca15ca183f93dab27fae3d8ffa4ecebc1edd9944abcb1cd9ae25a", "17358278cec9baf2cc39db83075199b08f063744cdbc368503e0d9f480599c6f", "5f97bd4dd258cc40c67b0ee332ec1404bd4a42574b1f263f417a9bae926200f6", "0f00ea2de2b3fbd975b0bf81b93ac892a32b9b38505ca7934975824994de5bfa", "a75a74d8013f9efed45a98a3d5b2fb21f3e0f381240582ec398270a1562e3a46", "05cf1d6e467dcacb7a8426d686aad3e467bebf56f14094a730acda703f6a8110", "84644a768c0ee235e16fd5a58e022b22a620c2e88b0b1f983ae72aa8e469a0bf", "5114f0e28f24ae8b78e9b7f1bc8a7275b8c5df906bfa5051c82cc58ef0560e19", "ab6a6f36256049b826b5034e820f8f160f19ddcbbacb32421dcf88f07f23a406"], "mitre_attack_tags": ["TA0005", "T1202"]}, {"bi": "process-explorer-suspicious-launch", "hashes": ["88e478cbdf1cf481bd1b16daed1efde0eb243e144b0cf72cd27c20349dc82a93", "7f4676305a5cc0968444f30f1cdbfa04aed721176db2d20401fffb7c596c3302", "fee76f0f9fd94532154f17a232028b769b83b509ecbf029c9b8fd53462fa0905", "89b43b0ba7a914bd0c9f14f2db38aa24a221252b9f4d53600affca3986b3c88c", "e0be86684273cc8cba0a6ec9490a2143279659f11ed9cdb9bdae5d91f93a7591", "387edb31d8fbb1478a702773203645ad00d423444a7ce2213b693a35bffa1db8", "c79b5af5aaffef68cd06f92379cd36a8563ef0992c688761033f28a158cf7905", "51b176c359d6ccd836ba35283c65b1936f45d79ea410ea877cfc88478192ed74", "6fc939a835debb66a1718a11701631bdc8485cf8481bc031a1533a566fea0df1", "23b2a05f66fe4463b4a9b247e2553b3ab3e457d7692bcda4ef80b451a807cec7", "31106ecb5d2fc5a71e523638369efe1f98ce94d1e972d6f21a2eac30f248756a", "9f46a0aa254284347749d901fd9ca394bdbe7c9a14db990e493ed74f3b064445", "741bec34feb048eb37de1cd12cb70ed1d18e3aaa18af112538976d04fcc183ad", "0870345c9baf599cafbdbf6c178af59bb84ca29132be8f25a99b631a5812f2c0", "745d2dbca92dfbb840b1cbd69f71bf25248012838f1e586968ba3bfac9570141", "b1f8c81db53ca15ca183f93dab27fae3d8ffa4ecebc1edd9944abcb1cd9ae25a", "17358278cec9baf2cc39db83075199b08f063744cdbc368503e0d9f480599c6f", "5f97bd4dd258cc40c67b0ee332ec1404bd4a42574b1f263f417a9bae926200f6", "0f00ea2de2b3fbd975b0bf81b93ac892a32b9b38505ca7934975824994de5bfa", "a75a74d8013f9efed45a98a3d5b2fb21f3e0f381240582ec398270a1562e3a46", "05cf1d6e467dcacb7a8426d686aad3e467bebf56f14094a730acda703f6a8110", "84644a768c0ee235e16fd5a58e022b22a620c2e88b0b1f983ae72aa8e469a0bf", "5114f0e28f24ae8b78e9b7f1bc8a7275b8c5df906bfa5051c82cc58ef0560e19", "ab6a6f36256049b826b5034e820f8f160f19ddcbbacb32421dcf88f07f23a406"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "process-hollowing-detected", "hashes": ["88e478cbdf1cf481bd1b16daed1efde0eb243e144b0cf72cd27c20349dc82a93", "7f4676305a5cc0968444f30f1cdbfa04aed721176db2d20401fffb7c596c3302", "fee76f0f9fd94532154f17a232028b769b83b509ecbf029c9b8fd53462fa0905", "89b43b0ba7a914bd0c9f14f2db38aa24a221252b9f4d53600affca3986b3c88c", "e0be86684273cc8cba0a6ec9490a2143279659f11ed9cdb9bdae5d91f93a7591", "387edb31d8fbb1478a702773203645ad00d423444a7ce2213b693a35bffa1db8", "c79b5af5aaffef68cd06f92379cd36a8563ef0992c688761033f28a158cf7905", "51b176c359d6ccd836ba35283c65b1936f45d79ea410ea877cfc88478192ed74", "6fc939a835debb66a1718a11701631bdc8485cf8481bc031a1533a566fea0df1", "23b2a05f66fe4463b4a9b247e2553b3ab3e457d7692bcda4ef80b451a807cec7", "31106ecb5d2fc5a71e523638369efe1f98ce94d1e972d6f21a2eac30f248756a", "9f46a0aa254284347749d901fd9ca394bdbe7c9a14db990e493ed74f3b064445", "741bec34feb048eb37de1cd12cb70ed1d18e3aaa18af112538976d04fcc183ad", "0870345c9baf599cafbdbf6c178af59bb84ca29132be8f25a99b631a5812f2c0", "745d2dbca92dfbb840b1cbd69f71bf25248012838f1e586968ba3bfac9570141", "b1f8c81db53ca15ca183f93dab27fae3d8ffa4ecebc1edd9944abcb1cd9ae25a", "17358278cec9baf2cc39db83075199b08f063744cdbc368503e0d9f480599c6f", "5f97bd4dd258cc40c67b0ee332ec1404bd4a42574b1f263f417a9bae926200f6", "0f00ea2de2b3fbd975b0bf81b93ac892a32b9b38505ca7934975824994de5bfa", "a75a74d8013f9efed45a98a3d5b2fb21f3e0f381240582ec398270a1562e3a46", "05cf1d6e467dcacb7a8426d686aad3e467bebf56f14094a730acda703f6a8110", "84644a768c0ee235e16fd5a58e022b22a620c2e88b0b1f983ae72aa8e469a0bf", "5114f0e28f24ae8b78e9b7f1bc8a7275b8c5df906bfa5051c82cc58ef0560e19", "ab6a6f36256049b826b5034e820f8f160f19ddcbbacb32421dcf88f07f23a406"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "malware-darkcomet-mutex-detected", "hashes": ["88e478cbdf1cf481bd1b16daed1efde0eb243e144b0cf72cd27c20349dc82a93", "7f4676305a5cc0968444f30f1cdbfa04aed721176db2d20401fffb7c596c3302", "fee76f0f9fd94532154f17a232028b769b83b509ecbf029c9b8fd53462fa0905", "89b43b0ba7a914bd0c9f14f2db38aa24a221252b9f4d53600affca3986b3c88c", "e0be86684273cc8cba0a6ec9490a2143279659f11ed9cdb9bdae5d91f93a7591", "387edb31d8fbb1478a702773203645ad00d423444a7ce2213b693a35bffa1db8", "c79b5af5aaffef68cd06f92379cd36a8563ef0992c688761033f28a158cf7905", "51b176c359d6ccd836ba35283c65b1936f45d79ea410ea877cfc88478192ed74", "6fc939a835debb66a1718a11701631bdc8485cf8481bc031a1533a566fea0df1", "23b2a05f66fe4463b4a9b247e2553b3ab3e457d7692bcda4ef80b451a807cec7", "31106ecb5d2fc5a71e523638369efe1f98ce94d1e972d6f21a2eac30f248756a", "9f46a0aa254284347749d901fd9ca394bdbe7c9a14db990e493ed74f3b064445", "741bec34feb048eb37de1cd12cb70ed1d18e3aaa18af112538976d04fcc183ad", "0870345c9baf599cafbdbf6c178af59bb84ca29132be8f25a99b631a5812f2c0", "745d2dbca92dfbb840b1cbd69f71bf25248012838f1e586968ba3bfac9570141", "b1f8c81db53ca15ca183f93dab27fae3d8ffa4ecebc1edd9944abcb1cd9ae25a", "17358278cec9baf2cc39db83075199b08f063744cdbc368503e0d9f480599c6f", "5f97bd4dd258cc40c67b0ee332ec1404bd4a42574b1f263f417a9bae926200f6", "0f00ea2de2b3fbd975b0bf81b93ac892a32b9b38505ca7934975824994de5bfa", "a75a74d8013f9efed45a98a3d5b2fb21f3e0f381240582ec398270a1562e3a46", "05cf1d6e467dcacb7a8426d686aad3e467bebf56f14094a730acda703f6a8110", "84644a768c0ee235e16fd5a58e022b22a620c2e88b0b1f983ae72aa8e469a0bf", "5114f0e28f24ae8b78e9b7f1bc8a7275b8c5df906bfa5051c82cc58ef0560e19", "ab6a6f36256049b826b5034e820f8f160f19ddcbbacb32421dcf88f07f23a406"], "mitre_attack_tags": []}, {"bi": "windows-crash-tool-execution-detected", "hashes": ["993f856b5f28b0d05087f2d109dbf575f8fc9e9604496deb833b2af8bdc913a6", "00dd7043f8f736d307e8d432dc4d53e169a0d01bbaf18c8e9c26d3d702b5b901", "2f21b95df665d9a895eb142d540ec232775dae8ca6d3fff982110eafd98a276d", "6c1219e68eeb403bbca8f012f3add1a65e0a8e3657436e69adf731d0f8617199"], "mitre_attack_tags": []}, {"bi": "crash-dump-file-created", "hashes": ["993f856b5f28b0d05087f2d109dbf575f8fc9e9604496deb833b2af8bdc913a6", "00dd7043f8f736d307e8d432dc4d53e169a0d01bbaf18c8e9c26d3d702b5b901", "2f21b95df665d9a895eb142d540ec232775dae8ca6d3fff982110eafd98a276d", "6c1219e68eeb403bbca8f012f3add1a65e0a8e3657436e69adf731d0f8617199"], "mitre_attack_tags": []}, {"bi": "fault-report-file-created", "hashes": ["993f856b5f28b0d05087f2d109dbf575f8fc9e9604496deb833b2af8bdc913a6", "00dd7043f8f736d307e8d432dc4d53e169a0d01bbaf18c8e9c26d3d702b5b901", "2f21b95df665d9a895eb142d540ec232775dae8ca6d3fff982110eafd98a276d", "6c1219e68eeb403bbca8f012f3add1a65e0a8e3657436e69adf731d0f8617199"], "mitre_attack_tags": []}], "category": "Dropper", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": false, "Threat Grid": true, "Umbrella": false, "WSA": false}, "description": "DarkComet and related variants are a family of remote access trojans designed to provide an attacker with control over an infected system. The malware can download files from a user's machine, mechanisms for persistence and hiding, and the ability to send back usernames and passwords from the infected system.", "hashes": ["00dd7043f8f736d307e8d432dc4d53e169a0d01bbaf18c8e9c26d3d702b5b901", "05cf1d6e467dcacb7a8426d686aad3e467bebf56f14094a730acda703f6a8110", "0870345c9baf599cafbdbf6c178af59bb84ca29132be8f25a99b631a5812f2c0", "0f00ea2de2b3fbd975b0bf81b93ac892a32b9b38505ca7934975824994de5bfa", "17358278cec9baf2cc39db83075199b08f063744cdbc368503e0d9f480599c6f", "23b2a05f66fe4463b4a9b247e2553b3ab3e457d7692bcda4ef80b451a807cec7", "2f21b95df665d9a895eb142d540ec232775dae8ca6d3fff982110eafd98a276d", "31106ecb5d2fc5a71e523638369efe1f98ce94d1e972d6f21a2eac30f248756a", "387edb31d8fbb1478a702773203645ad00d423444a7ce2213b693a35bffa1db8", "5114f0e28f24ae8b78e9b7f1bc8a7275b8c5df906bfa5051c82cc58ef0560e19", "51b176c359d6ccd836ba35283c65b1936f45d79ea410ea877cfc88478192ed74", "5f97bd4dd258cc40c67b0ee332ec1404bd4a42574b1f263f417a9bae926200f6", "6c1219e68eeb403bbca8f012f3add1a65e0a8e3657436e69adf731d0f8617199", "6fc939a835debb66a1718a11701631bdc8485cf8481bc031a1533a566fea0df1", "741bec34feb048eb37de1cd12cb70ed1d18e3aaa18af112538976d04fcc183ad", "745d2dbca92dfbb840b1cbd69f71bf25248012838f1e586968ba3bfac9570141", "7f4676305a5cc0968444f30f1cdbfa04aed721176db2d20401fffb7c596c3302", "84644a768c0ee235e16fd5a58e022b22a620c2e88b0b1f983ae72aa8e469a0bf", "88e478cbdf1cf481bd1b16daed1efde0eb243e144b0cf72cd27c20349dc82a93", "89b43b0ba7a914bd0c9f14f2db38aa24a221252b9f4d53600affca3986b3c88c", "993f856b5f28b0d05087f2d109dbf575f8fc9e9604496deb833b2af8bdc913a6", "9f46a0aa254284347749d901fd9ca394bdbe7c9a14db990e493ed74f3b064445", "a75a74d8013f9efed45a98a3d5b2fb21f3e0f381240582ec398270a1562e3a46", "ab6a6f36256049b826b5034e820f8f160f19ddcbbacb32421dcf88f07f23a406", "b1f8c81db53ca15ca183f93dab27fae3d8ffa4ecebc1edd9944abcb1cd9ae25a", "c257a383fc17456312a3ff6cb26fa045a1ab1e926c720b0d09aff89494edc8f1", "c79b5af5aaffef68cd06f92379cd36a8563ef0992c688761033f28a158cf7905", "cdc3b0df940ef9002a7008141a364016eddff32cffe3b52bb549c8bfccb5530e", "d720e007eac64b5cfbfba5d2fff10640a26e2ff9d9ac8cc8a1aeaed07b5be37f", "e0be86684273cc8cba0a6ec9490a2143279659f11ed9cdb9bdae5d91f93a7591", "e2dd589b347aa6e4aa0fc4f892a67f705764d5ebc36cfa5a9bc404982faab943", "ea6c02c1d3858f7f41e4fdd924782e445073343704862a6c5f71d7c284144187", "f1b2f8b446b7cd25a1e72958a4cba586787772be48c892f3cd838be914992aa1", "fee76f0f9fd94532154f17a232028b769b83b509ecbf029c9b8fd53462fa0905"], "iocs": {"domain": [], "file": [{"hashes": ["05cf1d6e467dcacb7a8426d686aad3e467bebf56f14094a730acda703f6a8110", "0870345c9baf599cafbdbf6c178af59bb84ca29132be8f25a99b631a5812f2c0", "0f00ea2de2b3fbd975b0bf81b93ac892a32b9b38505ca7934975824994de5bfa", "17358278cec9baf2cc39db83075199b08f063744cdbc368503e0d9f480599c6f", "23b2a05f66fe4463b4a9b247e2553b3ab3e457d7692bcda4ef80b451a807cec7", "31106ecb5d2fc5a71e523638369efe1f98ce94d1e972d6f21a2eac30f248756a", "387edb31d8fbb1478a702773203645ad00d423444a7ce2213b693a35bffa1db8", "5114f0e28f24ae8b78e9b7f1bc8a7275b8c5df906bfa5051c82cc58ef0560e19", "51b176c359d6ccd836ba35283c65b1936f45d79ea410ea877cfc88478192ed74", "5f97bd4dd258cc40c67b0ee332ec1404bd4a42574b1f263f417a9bae926200f6", "6fc939a835debb66a1718a11701631bdc8485cf8481bc031a1533a566fea0df1", "741bec34feb048eb37de1cd12cb70ed1d18e3aaa18af112538976d04fcc183ad", "745d2dbca92dfbb840b1cbd69f71bf25248012838f1e586968ba3bfac9570141", "7f4676305a5cc0968444f30f1cdbfa04aed721176db2d20401fffb7c596c3302", "84644a768c0ee235e16fd5a58e022b22a620c2e88b0b1f983ae72aa8e469a0bf", "88e478cbdf1cf481bd1b16daed1efde0eb243e144b0cf72cd27c20349dc82a93", "89b43b0ba7a914bd0c9f14f2db38aa24a221252b9f4d53600affca3986b3c88c", "9f46a0aa254284347749d901fd9ca394bdbe7c9a14db990e493ed74f3b064445", "a75a74d8013f9efed45a98a3d5b2fb21f3e0f381240582ec398270a1562e3a46", "ab6a6f36256049b826b5034e820f8f160f19ddcbbacb32421dcf88f07f23a406", "b1f8c81db53ca15ca183f93dab27fae3d8ffa4ecebc1edd9944abcb1cd9ae25a", "c79b5af5aaffef68cd06f92379cd36a8563ef0992c688761033f28a158cf7905", "e0be86684273cc8cba0a6ec9490a2143279659f11ed9cdb9bdae5d91f93a7591", "fee76f0f9fd94532154f17a232028b769b83b509ecbf029c9b8fd53462fa0905"], "path": "%TEMP%\\Administrator7"}, {"hashes": ["05cf1d6e467dcacb7a8426d686aad3e467bebf56f14094a730acda703f6a8110", "0870345c9baf599cafbdbf6c178af59bb84ca29132be8f25a99b631a5812f2c0", "0f00ea2de2b3fbd975b0bf81b93ac892a32b9b38505ca7934975824994de5bfa", "17358278cec9baf2cc39db83075199b08f063744cdbc368503e0d9f480599c6f", "23b2a05f66fe4463b4a9b247e2553b3ab3e457d7692bcda4ef80b451a807cec7", "31106ecb5d2fc5a71e523638369efe1f98ce94d1e972d6f21a2eac30f248756a", "387edb31d8fbb1478a702773203645ad00d423444a7ce2213b693a35bffa1db8", "5114f0e28f24ae8b78e9b7f1bc8a7275b8c5df906bfa5051c82cc58ef0560e19", "51b176c359d6ccd836ba35283c65b1936f45d79ea410ea877cfc88478192ed74", "5f97bd4dd258cc40c67b0ee332ec1404bd4a42574b1f263f417a9bae926200f6", "6fc939a835debb66a1718a11701631bdc8485cf8481bc031a1533a566fea0df1", "741bec34feb048eb37de1cd12cb70ed1d18e3aaa18af112538976d04fcc183ad", "745d2dbca92dfbb840b1cbd69f71bf25248012838f1e586968ba3bfac9570141", "7f4676305a5cc0968444f30f1cdbfa04aed721176db2d20401fffb7c596c3302", "84644a768c0ee235e16fd5a58e022b22a620c2e88b0b1f983ae72aa8e469a0bf", "88e478cbdf1cf481bd1b16daed1efde0eb243e144b0cf72cd27c20349dc82a93", "89b43b0ba7a914bd0c9f14f2db38aa24a221252b9f4d53600affca3986b3c88c", "9f46a0aa254284347749d901fd9ca394bdbe7c9a14db990e493ed74f3b064445", "a75a74d8013f9efed45a98a3d5b2fb21f3e0f381240582ec398270a1562e3a46", "ab6a6f36256049b826b5034e820f8f160f19ddcbbacb32421dcf88f07f23a406", "b1f8c81db53ca15ca183f93dab27fae3d8ffa4ecebc1edd9944abcb1cd9ae25a", "c79b5af5aaffef68cd06f92379cd36a8563ef0992c688761033f28a158cf7905", "e0be86684273cc8cba0a6ec9490a2143279659f11ed9cdb9bdae5d91f93a7591", "fee76f0f9fd94532154f17a232028b769b83b509ecbf029c9b8fd53462fa0905"], "path": "%TEMP%\\Administrator8"}, {"hashes": ["05cf1d6e467dcacb7a8426d686aad3e467bebf56f14094a730acda703f6a8110", "0870345c9baf599cafbdbf6c178af59bb84ca29132be8f25a99b631a5812f2c0", "0f00ea2de2b3fbd975b0bf81b93ac892a32b9b38505ca7934975824994de5bfa", "17358278cec9baf2cc39db83075199b08f063744cdbc368503e0d9f480599c6f", "23b2a05f66fe4463b4a9b247e2553b3ab3e457d7692bcda4ef80b451a807cec7", "31106ecb5d2fc5a71e523638369efe1f98ce94d1e972d6f21a2eac30f248756a", "387edb31d8fbb1478a702773203645ad00d423444a7ce2213b693a35bffa1db8", "5114f0e28f24ae8b78e9b7f1bc8a7275b8c5df906bfa5051c82cc58ef0560e19", "51b176c359d6ccd836ba35283c65b1936f45d79ea410ea877cfc88478192ed74", "5f97bd4dd258cc40c67b0ee332ec1404bd4a42574b1f263f417a9bae926200f6", "6fc939a835debb66a1718a11701631bdc8485cf8481bc031a1533a566fea0df1", "741bec34feb048eb37de1cd12cb70ed1d18e3aaa18af112538976d04fcc183ad", "745d2dbca92dfbb840b1cbd69f71bf25248012838f1e586968ba3bfac9570141", "7f4676305a5cc0968444f30f1cdbfa04aed721176db2d20401fffb7c596c3302", "84644a768c0ee235e16fd5a58e022b22a620c2e88b0b1f983ae72aa8e469a0bf", "88e478cbdf1cf481bd1b16daed1efde0eb243e144b0cf72cd27c20349dc82a93", "89b43b0ba7a914bd0c9f14f2db38aa24a221252b9f4d53600affca3986b3c88c", "9f46a0aa254284347749d901fd9ca394bdbe7c9a14db990e493ed74f3b064445", "a75a74d8013f9efed45a98a3d5b2fb21f3e0f381240582ec398270a1562e3a46", "ab6a6f36256049b826b5034e820f8f160f19ddcbbacb32421dcf88f07f23a406", "b1f8c81db53ca15ca183f93dab27fae3d8ffa4ecebc1edd9944abcb1cd9ae25a", "c79b5af5aaffef68cd06f92379cd36a8563ef0992c688761033f28a158cf7905", "e0be86684273cc8cba0a6ec9490a2143279659f11ed9cdb9bdae5d91f93a7591", "fee76f0f9fd94532154f17a232028b769b83b509ecbf029c9b8fd53462fa0905"], "path": "%TEMP%\\Administrator2.txt"}, {"hashes": ["05cf1d6e467dcacb7a8426d686aad3e467bebf56f14094a730acda703f6a8110", "0870345c9baf599cafbdbf6c178af59bb84ca29132be8f25a99b631a5812f2c0", "0f00ea2de2b3fbd975b0bf81b93ac892a32b9b38505ca7934975824994de5bfa", "17358278cec9baf2cc39db83075199b08f063744cdbc368503e0d9f480599c6f", "23b2a05f66fe4463b4a9b247e2553b3ab3e457d7692bcda4ef80b451a807cec7", "31106ecb5d2fc5a71e523638369efe1f98ce94d1e972d6f21a2eac30f248756a", "387edb31d8fbb1478a702773203645ad00d423444a7ce2213b693a35bffa1db8", "5114f0e28f24ae8b78e9b7f1bc8a7275b8c5df906bfa5051c82cc58ef0560e19", "51b176c359d6ccd836ba35283c65b1936f45d79ea410ea877cfc88478192ed74", "5f97bd4dd258cc40c67b0ee332ec1404bd4a42574b1f263f417a9bae926200f6", "6fc939a835debb66a1718a11701631bdc8485cf8481bc031a1533a566fea0df1", "741bec34feb048eb37de1cd12cb70ed1d18e3aaa18af112538976d04fcc183ad", "745d2dbca92dfbb840b1cbd69f71bf25248012838f1e586968ba3bfac9570141", "7f4676305a5cc0968444f30f1cdbfa04aed721176db2d20401fffb7c596c3302", "84644a768c0ee235e16fd5a58e022b22a620c2e88b0b1f983ae72aa8e469a0bf", "88e478cbdf1cf481bd1b16daed1efde0eb243e144b0cf72cd27c20349dc82a93", "89b43b0ba7a914bd0c9f14f2db38aa24a221252b9f4d53600affca3986b3c88c", "9f46a0aa254284347749d901fd9ca394bdbe7c9a14db990e493ed74f3b064445", "a75a74d8013f9efed45a98a3d5b2fb21f3e0f381240582ec398270a1562e3a46", "ab6a6f36256049b826b5034e820f8f160f19ddcbbacb32421dcf88f07f23a406", "b1f8c81db53ca15ca183f93dab27fae3d8ffa4ecebc1edd9944abcb1cd9ae25a", "c79b5af5aaffef68cd06f92379cd36a8563ef0992c688761033f28a158cf7905", "e0be86684273cc8cba0a6ec9490a2143279659f11ed9cdb9bdae5d91f93a7591", "fee76f0f9fd94532154f17a232028b769b83b509ecbf029c9b8fd53462fa0905"], "path": "%APPDATA%\\98B68E3C"}, {"hashes": ["05cf1d6e467dcacb7a8426d686aad3e467bebf56f14094a730acda703f6a8110", "0870345c9baf599cafbdbf6c178af59bb84ca29132be8f25a99b631a5812f2c0", "0f00ea2de2b3fbd975b0bf81b93ac892a32b9b38505ca7934975824994de5bfa", "17358278cec9baf2cc39db83075199b08f063744cdbc368503e0d9f480599c6f", "23b2a05f66fe4463b4a9b247e2553b3ab3e457d7692bcda4ef80b451a807cec7", "31106ecb5d2fc5a71e523638369efe1f98ce94d1e972d6f21a2eac30f248756a", "387edb31d8fbb1478a702773203645ad00d423444a7ce2213b693a35bffa1db8", "5114f0e28f24ae8b78e9b7f1bc8a7275b8c5df906bfa5051c82cc58ef0560e19", "51b176c359d6ccd836ba35283c65b1936f45d79ea410ea877cfc88478192ed74", "5f97bd4dd258cc40c67b0ee332ec1404bd4a42574b1f263f417a9bae926200f6", "6fc939a835debb66a1718a11701631bdc8485cf8481bc031a1533a566fea0df1", "741bec34feb048eb37de1cd12cb70ed1d18e3aaa18af112538976d04fcc183ad", "745d2dbca92dfbb840b1cbd69f71bf25248012838f1e586968ba3bfac9570141", "7f4676305a5cc0968444f30f1cdbfa04aed721176db2d20401fffb7c596c3302", "84644a768c0ee235e16fd5a58e022b22a620c2e88b0b1f983ae72aa8e469a0bf", "88e478cbdf1cf481bd1b16daed1efde0eb243e144b0cf72cd27c20349dc82a93", "89b43b0ba7a914bd0c9f14f2db38aa24a221252b9f4d53600affca3986b3c88c", "9f46a0aa254284347749d901fd9ca394bdbe7c9a14db990e493ed74f3b064445", "a75a74d8013f9efed45a98a3d5b2fb21f3e0f381240582ec398270a1562e3a46", "ab6a6f36256049b826b5034e820f8f160f19ddcbbacb32421dcf88f07f23a406", "b1f8c81db53ca15ca183f93dab27fae3d8ffa4ecebc1edd9944abcb1cd9ae25a", "c79b5af5aaffef68cd06f92379cd36a8563ef0992c688761033f28a158cf7905", "e0be86684273cc8cba0a6ec9490a2143279659f11ed9cdb9bdae5d91f93a7591", "fee76f0f9fd94532154f17a232028b769b83b509ecbf029c9b8fd53462fa0905"], "path": "%APPDATA%\\98B68E3C\\ak.tmp"}, {"hashes": ["05cf1d6e467dcacb7a8426d686aad3e467bebf56f14094a730acda703f6a8110", "0870345c9baf599cafbdbf6c178af59bb84ca29132be8f25a99b631a5812f2c0", "0f00ea2de2b3fbd975b0bf81b93ac892a32b9b38505ca7934975824994de5bfa", "17358278cec9baf2cc39db83075199b08f063744cdbc368503e0d9f480599c6f", "23b2a05f66fe4463b4a9b247e2553b3ab3e457d7692bcda4ef80b451a807cec7", "31106ecb5d2fc5a71e523638369efe1f98ce94d1e972d6f21a2eac30f248756a", "387edb31d8fbb1478a702773203645ad00d423444a7ce2213b693a35bffa1db8", "5114f0e28f24ae8b78e9b7f1bc8a7275b8c5df906bfa5051c82cc58ef0560e19", "51b176c359d6ccd836ba35283c65b1936f45d79ea410ea877cfc88478192ed74", "5f97bd4dd258cc40c67b0ee332ec1404bd4a42574b1f263f417a9bae926200f6", "6fc939a835debb66a1718a11701631bdc8485cf8481bc031a1533a566fea0df1", "741bec34feb048eb37de1cd12cb70ed1d18e3aaa18af112538976d04fcc183ad", "745d2dbca92dfbb840b1cbd69f71bf25248012838f1e586968ba3bfac9570141", "7f4676305a5cc0968444f30f1cdbfa04aed721176db2d20401fffb7c596c3302", "84644a768c0ee235e16fd5a58e022b22a620c2e88b0b1f983ae72aa8e469a0bf", "88e478cbdf1cf481bd1b16daed1efde0eb243e144b0cf72cd27c20349dc82a93", "89b43b0ba7a914bd0c9f14f2db38aa24a221252b9f4d53600affca3986b3c88c", "9f46a0aa254284347749d901fd9ca394bdbe7c9a14db990e493ed74f3b064445", "a75a74d8013f9efed45a98a3d5b2fb21f3e0f381240582ec398270a1562e3a46", "ab6a6f36256049b826b5034e820f8f160f19ddcbbacb32421dcf88f07f23a406", "b1f8c81db53ca15ca183f93dab27fae3d8ffa4ecebc1edd9944abcb1cd9ae25a", "c79b5af5aaffef68cd06f92379cd36a8563ef0992c688761033f28a158cf7905", "e0be86684273cc8cba0a6ec9490a2143279659f11ed9cdb9bdae5d91f93a7591", "fee76f0f9fd94532154f17a232028b769b83b509ecbf029c9b8fd53462fa0905"], "path": "\\default.html"}], "ip": [], "mutex": [{"hashes": ["05cf1d6e467dcacb7a8426d686aad3e467bebf56f14094a730acda703f6a8110", "0870345c9baf599cafbdbf6c178af59bb84ca29132be8f25a99b631a5812f2c0", "0f00ea2de2b3fbd975b0bf81b93ac892a32b9b38505ca7934975824994de5bfa", "17358278cec9baf2cc39db83075199b08f063744cdbc368503e0d9f480599c6f", "23b2a05f66fe4463b4a9b247e2553b3ab3e457d7692bcda4ef80b451a807cec7", "31106ecb5d2fc5a71e523638369efe1f98ce94d1e972d6f21a2eac30f248756a", "387edb31d8fbb1478a702773203645ad00d423444a7ce2213b693a35bffa1db8", "5114f0e28f24ae8b78e9b7f1bc8a7275b8c5df906bfa5051c82cc58ef0560e19", "51b176c359d6ccd836ba35283c65b1936f45d79ea410ea877cfc88478192ed74", "5f97bd4dd258cc40c67b0ee332ec1404bd4a42574b1f263f417a9bae926200f6", "6fc939a835debb66a1718a11701631bdc8485cf8481bc031a1533a566fea0df1", "741bec34feb048eb37de1cd12cb70ed1d18e3aaa18af112538976d04fcc183ad", "745d2dbca92dfbb840b1cbd69f71bf25248012838f1e586968ba3bfac9570141", "7f4676305a5cc0968444f30f1cdbfa04aed721176db2d20401fffb7c596c3302", "84644a768c0ee235e16fd5a58e022b22a620c2e88b0b1f983ae72aa8e469a0bf", "88e478cbdf1cf481bd1b16daed1efde0eb243e144b0cf72cd27c20349dc82a93", "89b43b0ba7a914bd0c9f14f2db38aa24a221252b9f4d53600affca3986b3c88c", "9f46a0aa254284347749d901fd9ca394bdbe7c9a14db990e493ed74f3b064445", "a75a74d8013f9efed45a98a3d5b2fb21f3e0f381240582ec398270a1562e3a46", "ab6a6f36256049b826b5034e820f8f160f19ddcbbacb32421dcf88f07f23a406", "b1f8c81db53ca15ca183f93dab27fae3d8ffa4ecebc1edd9944abcb1cd9ae25a", "c79b5af5aaffef68cd06f92379cd36a8563ef0992c688761033f28a158cf7905", "e0be86684273cc8cba0a6ec9490a2143279659f11ed9cdb9bdae5d91f93a7591", "fee76f0f9fd94532154f17a232028b769b83b509ecbf029c9b8fd53462fa0905"], "name": "Administrator5"}, {"hashes": ["05cf1d6e467dcacb7a8426d686aad3e467bebf56f14094a730acda703f6a8110", "0870345c9baf599cafbdbf6c178af59bb84ca29132be8f25a99b631a5812f2c0", "0f00ea2de2b3fbd975b0bf81b93ac892a32b9b38505ca7934975824994de5bfa", "17358278cec9baf2cc39db83075199b08f063744cdbc368503e0d9f480599c6f", "23b2a05f66fe4463b4a9b247e2553b3ab3e457d7692bcda4ef80b451a807cec7", "31106ecb5d2fc5a71e523638369efe1f98ce94d1e972d6f21a2eac30f248756a", "387edb31d8fbb1478a702773203645ad00d423444a7ce2213b693a35bffa1db8", "5114f0e28f24ae8b78e9b7f1bc8a7275b8c5df906bfa5051c82cc58ef0560e19", "51b176c359d6ccd836ba35283c65b1936f45d79ea410ea877cfc88478192ed74", "5f97bd4dd258cc40c67b0ee332ec1404bd4a42574b1f263f417a9bae926200f6", "6fc939a835debb66a1718a11701631bdc8485cf8481bc031a1533a566fea0df1", "741bec34feb048eb37de1cd12cb70ed1d18e3aaa18af112538976d04fcc183ad", "745d2dbca92dfbb840b1cbd69f71bf25248012838f1e586968ba3bfac9570141", "7f4676305a5cc0968444f30f1cdbfa04aed721176db2d20401fffb7c596c3302", "84644a768c0ee235e16fd5a58e022b22a620c2e88b0b1f983ae72aa8e469a0bf", "88e478cbdf1cf481bd1b16daed1efde0eb243e144b0cf72cd27c20349dc82a93", "89b43b0ba7a914bd0c9f14f2db38aa24a221252b9f4d53600affca3986b3c88c", "9f46a0aa254284347749d901fd9ca394bdbe7c9a14db990e493ed74f3b064445", "a75a74d8013f9efed45a98a3d5b2fb21f3e0f381240582ec398270a1562e3a46", "ab6a6f36256049b826b5034e820f8f160f19ddcbbacb32421dcf88f07f23a406", "b1f8c81db53ca15ca183f93dab27fae3d8ffa4ecebc1edd9944abcb1cd9ae25a", "c79b5af5aaffef68cd06f92379cd36a8563ef0992c688761033f28a158cf7905", "e0be86684273cc8cba0a6ec9490a2143279659f11ed9cdb9bdae5d91f93a7591", "fee76f0f9fd94532154f17a232028b769b83b509ecbf029c9b8fd53462fa0905"], "name": "xXx_key_xXx"}, {"hashes": ["05cf1d6e467dcacb7a8426d686aad3e467bebf56f14094a730acda703f6a8110", "0870345c9baf599cafbdbf6c178af59bb84ca29132be8f25a99b631a5812f2c0", "0f00ea2de2b3fbd975b0bf81b93ac892a32b9b38505ca7934975824994de5bfa", "17358278cec9baf2cc39db83075199b08f063744cdbc368503e0d9f480599c6f", "23b2a05f66fe4463b4a9b247e2553b3ab3e457d7692bcda4ef80b451a807cec7", "31106ecb5d2fc5a71e523638369efe1f98ce94d1e972d6f21a2eac30f248756a", "387edb31d8fbb1478a702773203645ad00d423444a7ce2213b693a35bffa1db8", "5114f0e28f24ae8b78e9b7f1bc8a7275b8c5df906bfa5051c82cc58ef0560e19", "51b176c359d6ccd836ba35283c65b1936f45d79ea410ea877cfc88478192ed74", "5f97bd4dd258cc40c67b0ee332ec1404bd4a42574b1f263f417a9bae926200f6", "6fc939a835debb66a1718a11701631bdc8485cf8481bc031a1533a566fea0df1", "741bec34feb048eb37de1cd12cb70ed1d18e3aaa18af112538976d04fcc183ad", "745d2dbca92dfbb840b1cbd69f71bf25248012838f1e586968ba3bfac9570141", "7f4676305a5cc0968444f30f1cdbfa04aed721176db2d20401fffb7c596c3302", "84644a768c0ee235e16fd5a58e022b22a620c2e88b0b1f983ae72aa8e469a0bf", "88e478cbdf1cf481bd1b16daed1efde0eb243e144b0cf72cd27c20349dc82a93", "89b43b0ba7a914bd0c9f14f2db38aa24a221252b9f4d53600affca3986b3c88c", "9f46a0aa254284347749d901fd9ca394bdbe7c9a14db990e493ed74f3b064445", "a75a74d8013f9efed45a98a3d5b2fb21f3e0f381240582ec398270a1562e3a46", "ab6a6f36256049b826b5034e820f8f160f19ddcbbacb32421dcf88f07f23a406", "b1f8c81db53ca15ca183f93dab27fae3d8ffa4ecebc1edd9944abcb1cd9ae25a", "c79b5af5aaffef68cd06f92379cd36a8563ef0992c688761033f28a158cf7905", "e0be86684273cc8cba0a6ec9490a2143279659f11ed9cdb9bdae5d91f93a7591", "fee76f0f9fd94532154f17a232028b769b83b509ecbf029c9b8fd53462fa0905"], "name": "PFS7NJ0GG650A3"}, {"hashes": ["6c1219e68eeb403bbca8f012f3add1a65e0a8e3657436e69adf731d0f8617199"], "name": "Global\\62c608e1-84fc-11ed-9660-001517a057b6"}, {"hashes": ["00dd7043f8f736d307e8d432dc4d53e169a0d01bbaf18c8e9c26d3d702b5b901"], "name": "Global\\19563541-ab9e-11ed-9660-001517d2a55d"}, {"hashes": ["993f856b5f28b0d05087f2d109dbf575f8fc9e9604496deb833b2af8bdc913a6"], "name": "Global\\19d95f61-ab9e-11ed-9660-001517a99db1"}, {"hashes": ["2f21b95df665d9a895eb142d540ec232775dae8ca6d3fff982110eafd98a276d"], "name": "Global\\1a63ada1-ab9e-11ed-9660-0015172fcdb5"}], "registry": [{"hashes": ["05cf1d6e467dcacb7a8426d686aad3e467bebf56f14094a730acda703f6a8110", "0870345c9baf599cafbdbf6c178af59bb84ca29132be8f25a99b631a5812f2c0", "0f00ea2de2b3fbd975b0bf81b93ac892a32b9b38505ca7934975824994de5bfa", "17358278cec9baf2cc39db83075199b08f063744cdbc368503e0d9f480599c6f", "23b2a05f66fe4463b4a9b247e2553b3ab3e457d7692bcda4ef80b451a807cec7", "31106ecb5d2fc5a71e523638369efe1f98ce94d1e972d6f21a2eac30f248756a", "387edb31d8fbb1478a702773203645ad00d423444a7ce2213b693a35bffa1db8", "5114f0e28f24ae8b78e9b7f1bc8a7275b8c5df906bfa5051c82cc58ef0560e19", "51b176c359d6ccd836ba35283c65b1936f45d79ea410ea877cfc88478192ed74", "5f97bd4dd258cc40c67b0ee332ec1404bd4a42574b1f263f417a9bae926200f6", "6fc939a835debb66a1718a11701631bdc8485cf8481bc031a1533a566fea0df1", "741bec34feb048eb37de1cd12cb70ed1d18e3aaa18af112538976d04fcc183ad", "745d2dbca92dfbb840b1cbd69f71bf25248012838f1e586968ba3bfac9570141", "7f4676305a5cc0968444f30f1cdbfa04aed721176db2d20401fffb7c596c3302", "84644a768c0ee235e16fd5a58e022b22a620c2e88b0b1f983ae72aa8e469a0bf", "88e478cbdf1cf481bd1b16daed1efde0eb243e144b0cf72cd27c20349dc82a93", "89b43b0ba7a914bd0c9f14f2db38aa24a221252b9f4d53600affca3986b3c88c", "9f46a0aa254284347749d901fd9ca394bdbe7c9a14db990e493ed74f3b064445", "a75a74d8013f9efed45a98a3d5b2fb21f3e0f381240582ec398270a1562e3a46", "ab6a6f36256049b826b5034e820f8f160f19ddcbbacb32421dcf88f07f23a406", "b1f8c81db53ca15ca183f93dab27fae3d8ffa4ecebc1edd9944abcb1cd9ae25a", "c79b5af5aaffef68cd06f92379cd36a8563ef0992c688761033f28a158cf7905", "e0be86684273cc8cba0a6ec9490a2143279659f11ed9cdb9bdae5d91f93a7591", "fee76f0f9fd94532154f17a232028b769b83b509ecbf029c9b8fd53462fa0905"], "key": "<HKCU>\\SOFTWARE\\REMOTE", "value_name": "NewIdentification"}, {"hashes": ["05cf1d6e467dcacb7a8426d686aad3e467bebf56f14094a730acda703f6a8110", "0870345c9baf599cafbdbf6c178af59bb84ca29132be8f25a99b631a5812f2c0", "0f00ea2de2b3fbd975b0bf81b93ac892a32b9b38505ca7934975824994de5bfa", "17358278cec9baf2cc39db83075199b08f063744cdbc368503e0d9f480599c6f", "23b2a05f66fe4463b4a9b247e2553b3ab3e457d7692bcda4ef80b451a807cec7", "31106ecb5d2fc5a71e523638369efe1f98ce94d1e972d6f21a2eac30f248756a", "387edb31d8fbb1478a702773203645ad00d423444a7ce2213b693a35bffa1db8", "5114f0e28f24ae8b78e9b7f1bc8a7275b8c5df906bfa5051c82cc58ef0560e19", "51b176c359d6ccd836ba35283c65b1936f45d79ea410ea877cfc88478192ed74", "5f97bd4dd258cc40c67b0ee332ec1404bd4a42574b1f263f417a9bae926200f6", "6fc939a835debb66a1718a11701631bdc8485cf8481bc031a1533a566fea0df1", "741bec34feb048eb37de1cd12cb70ed1d18e3aaa18af112538976d04fcc183ad", "745d2dbca92dfbb840b1cbd69f71bf25248012838f1e586968ba3bfac9570141", "7f4676305a5cc0968444f30f1cdbfa04aed721176db2d20401fffb7c596c3302", "84644a768c0ee235e16fd5a58e022b22a620c2e88b0b1f983ae72aa8e469a0bf", "88e478cbdf1cf481bd1b16daed1efde0eb243e144b0cf72cd27c20349dc82a93", "89b43b0ba7a914bd0c9f14f2db38aa24a221252b9f4d53600affca3986b3c88c", "9f46a0aa254284347749d901fd9ca394bdbe7c9a14db990e493ed74f3b064445", "a75a74d8013f9efed45a98a3d5b2fb21f3e0f381240582ec398270a1562e3a46", "ab6a6f36256049b826b5034e820f8f160f19ddcbbacb32421dcf88f07f23a406", "b1f8c81db53ca15ca183f93dab27fae3d8ffa4ecebc1edd9944abcb1cd9ae25a", "c79b5af5aaffef68cd06f92379cd36a8563ef0992c688761033f28a158cf7905", "e0be86684273cc8cba0a6ec9490a2143279659f11ed9cdb9bdae5d91f93a7591", "fee76f0f9fd94532154f17a232028b769b83b509ecbf029c9b8fd53462fa0905"], "key": "<HKCU>\\SOFTWARE\\REMOTE", "value_name": "NewGroup"}, {"hashes": ["05cf1d6e467dcacb7a8426d686aad3e467bebf56f14094a730acda703f6a8110", "0870345c9baf599cafbdbf6c178af59bb84ca29132be8f25a99b631a5812f2c0", "0f00ea2de2b3fbd975b0bf81b93ac892a32b9b38505ca7934975824994de5bfa", "17358278cec9baf2cc39db83075199b08f063744cdbc368503e0d9f480599c6f", "23b2a05f66fe4463b4a9b247e2553b3ab3e457d7692bcda4ef80b451a807cec7", "31106ecb5d2fc5a71e523638369efe1f98ce94d1e972d6f21a2eac30f248756a", "387edb31d8fbb1478a702773203645ad00d423444a7ce2213b693a35bffa1db8", "5114f0e28f24ae8b78e9b7f1bc8a7275b8c5df906bfa5051c82cc58ef0560e19", "51b176c359d6ccd836ba35283c65b1936f45d79ea410ea877cfc88478192ed74", "5f97bd4dd258cc40c67b0ee332ec1404bd4a42574b1f263f417a9bae926200f6", "6fc939a835debb66a1718a11701631bdc8485cf8481bc031a1533a566fea0df1", "741bec34feb048eb37de1cd12cb70ed1d18e3aaa18af112538976d04fcc183ad", "745d2dbca92dfbb840b1cbd69f71bf25248012838f1e586968ba3bfac9570141", "7f4676305a5cc0968444f30f1cdbfa04aed721176db2d20401fffb7c596c3302", "84644a768c0ee235e16fd5a58e022b22a620c2e88b0b1f983ae72aa8e469a0bf", "88e478cbdf1cf481bd1b16daed1efde0eb243e144b0cf72cd27c20349dc82a93", "89b43b0ba7a914bd0c9f14f2db38aa24a221252b9f4d53600affca3986b3c88c", "9f46a0aa254284347749d901fd9ca394bdbe7c9a14db990e493ed74f3b064445", "a75a74d8013f9efed45a98a3d5b2fb21f3e0f381240582ec398270a1562e3a46", "ab6a6f36256049b826b5034e820f8f160f19ddcbbacb32421dcf88f07f23a406", "b1f8c81db53ca15ca183f93dab27fae3d8ffa4ecebc1edd9944abcb1cd9ae25a", "c79b5af5aaffef68cd06f92379cd36a8563ef0992c688761033f28a158cf7905", "e0be86684273cc8cba0a6ec9490a2143279659f11ed9cdb9bdae5d91f93a7591", "fee76f0f9fd94532154f17a232028b769b83b509ecbf029c9b8fd53462fa0905"], "key": "<HKCU>\\SOFTWARE\\REMOTE", "value_name": null}, {"hashes": ["05cf1d6e467dcacb7a8426d686aad3e467bebf56f14094a730acda703f6a8110", "0870345c9baf599cafbdbf6c178af59bb84ca29132be8f25a99b631a5812f2c0", "0f00ea2de2b3fbd975b0bf81b93ac892a32b9b38505ca7934975824994de5bfa", "17358278cec9baf2cc39db83075199b08f063744cdbc368503e0d9f480599c6f", "23b2a05f66fe4463b4a9b247e2553b3ab3e457d7692bcda4ef80b451a807cec7", "31106ecb5d2fc5a71e523638369efe1f98ce94d1e972d6f21a2eac30f248756a", "387edb31d8fbb1478a702773203645ad00d423444a7ce2213b693a35bffa1db8", "5114f0e28f24ae8b78e9b7f1bc8a7275b8c5df906bfa5051c82cc58ef0560e19", "51b176c359d6ccd836ba35283c65b1936f45d79ea410ea877cfc88478192ed74", "5f97bd4dd258cc40c67b0ee332ec1404bd4a42574b1f263f417a9bae926200f6", "6fc939a835debb66a1718a11701631bdc8485cf8481bc031a1533a566fea0df1", "741bec34feb048eb37de1cd12cb70ed1d18e3aaa18af112538976d04fcc183ad", "745d2dbca92dfbb840b1cbd69f71bf25248012838f1e586968ba3bfac9570141", "7f4676305a5cc0968444f30f1cdbfa04aed721176db2d20401fffb7c596c3302", "84644a768c0ee235e16fd5a58e022b22a620c2e88b0b1f983ae72aa8e469a0bf", "88e478cbdf1cf481bd1b16daed1efde0eb243e144b0cf72cd27c20349dc82a93", "89b43b0ba7a914bd0c9f14f2db38aa24a221252b9f4d53600affca3986b3c88c", "9f46a0aa254284347749d901fd9ca394bdbe7c9a14db990e493ed74f3b064445", "a75a74d8013f9efed45a98a3d5b2fb21f3e0f381240582ec398270a1562e3a46", "ab6a6f36256049b826b5034e820f8f160f19ddcbbacb32421dcf88f07f23a406", "b1f8c81db53ca15ca183f93dab27fae3d8ffa4ecebc1edd9944abcb1cd9ae25a", "c79b5af5aaffef68cd06f92379cd36a8563ef0992c688761033f28a158cf7905", "e0be86684273cc8cba0a6ec9490a2143279659f11ed9cdb9bdae5d91f93a7591", "fee76f0f9fd94532154f17a232028b769b83b509ecbf029c9b8fd53462fa0905"], "key": "<HKCU>\\SOFTWARE\\REMOTE", "value_name": "FirstExecution"}]}, "reports_count": 28}, "Win.Dropper.Gandcrab-9987386-0": {"bis": [{"bi": "memory-execute-readwrite", "hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "ffa35debf7c75fa5edbca2a5bec9cee472fe56c376d94c30e6bb7f4ac6c9c353", "b5cbe9afa4667aec874360e40ed65629e454eb3d855dc0830b6a3b8f3ba36a4d", "f4c8798bbc75092d7f4ef15f8c03c332e3c3b573e47c206a8805b5f2350abda3", "0c9a8168c677c7d0f142bf2fb40911129fba345b6f2cc987e330200270b26e8c", "458c95a42deef0f5e7607899260126cf4b3c775200e9da6bad210f185d2cbff5", "d5a91ecaaa28f02c643345715e70fda018185cd6e263532b35054425d63ac790", "9a63c28232e75a2f33f12a67fcfc36b066629e969bbfc8c62a9d8fdd1228ee9c", "198f1ff97b3eeb1f167b6a620173f3f3dae13b2d25a9cfd4378f19904df07682", "f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e", "2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "ffa35debf7c75fa5edbca2a5bec9cee472fe56c376d94c30e6bb7f4ac6c9c353", "b5cbe9afa4667aec874360e40ed65629e454eb3d855dc0830b6a3b8f3ba36a4d", "f4c8798bbc75092d7f4ef15f8c03c332e3c3b573e47c206a8805b5f2350abda3", "0c9a8168c677c7d0f142bf2fb40911129fba345b6f2cc987e330200270b26e8c", "458c95a42deef0f5e7607899260126cf4b3c775200e9da6bad210f185d2cbff5", "d5a91ecaaa28f02c643345715e70fda018185cd6e263532b35054425d63ac790", "9a63c28232e75a2f33f12a67fcfc36b066629e969bbfc8c62a9d8fdd1228ee9c", "198f1ff97b3eeb1f167b6a620173f3f3dae13b2d25a9cfd4378f19904df07682", "f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e", "2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e"], "mitre_attack_tags": []}, {"bi": "imports-IsDebuggerPresent", "hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "ffa35debf7c75fa5edbca2a5bec9cee472fe56c376d94c30e6bb7f4ac6c9c353", "b5cbe9afa4667aec874360e40ed65629e454eb3d855dc0830b6a3b8f3ba36a4d", "f4c8798bbc75092d7f4ef15f8c03c332e3c3b573e47c206a8805b5f2350abda3", "0c9a8168c677c7d0f142bf2fb40911129fba345b6f2cc987e330200270b26e8c", "458c95a42deef0f5e7607899260126cf4b3c775200e9da6bad210f185d2cbff5", "d5a91ecaaa28f02c643345715e70fda018185cd6e263532b35054425d63ac790", "9a63c28232e75a2f33f12a67fcfc36b066629e969bbfc8c62a9d8fdd1228ee9c", "198f1ff97b3eeb1f167b6a620173f3f3dae13b2d25a9cfd4378f19904df07682", "f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e", "2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e"], "mitre_attack_tags": ["TA0005", "TA0007"]}, {"bi": "feed-domain-antivirus-service", "hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "ffa35debf7c75fa5edbca2a5bec9cee472fe56c376d94c30e6bb7f4ac6c9c353", "f4c8798bbc75092d7f4ef15f8c03c332e3c3b573e47c206a8805b5f2350abda3", "458c95a42deef0f5e7607899260126cf4b3c775200e9da6bad210f185d2cbff5", "198f1ff97b3eeb1f167b6a620173f3f3dae13b2d25a9cfd4378f19904df07682", "f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e", "2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e"], "mitre_attack_tags": []}, {"bi": "modified-file-in-user-dir", "hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "d5a91ecaaa28f02c643345715e70fda018185cd6e263532b35054425d63ac790", "9a63c28232e75a2f33f12a67fcfc36b066629e969bbfc8c62a9d8fdd1228ee9c", "f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e", "2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e"], "mitre_attack_tags": []}, {"bi": "network-fast-flux-domain", "hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "b5cbe9afa4667aec874360e40ed65629e454eb3d855dc0830b6a3b8f3ba36a4d", "0c9a8168c677c7d0f142bf2fb40911129fba345b6f2cc987e330200270b26e8c", "f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e", "2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e"], "mitre_attack_tags": []}, {"bi": "network-communications-http-get", "hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "b5cbe9afa4667aec874360e40ed65629e454eb3d855dc0830b6a3b8f3ba36a4d", "0c9a8168c677c7d0f142bf2fb40911129fba345b6f2cc987e330200270b26e8c", "f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e", "2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e"], "mitre_attack_tags": ["TA0011", "T1105"]}, {"bi": "network-snort-malware", "hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "b5cbe9afa4667aec874360e40ed65629e454eb3d855dc0830b6a3b8f3ba36a4d", "0c9a8168c677c7d0f142bf2fb40911129fba345b6f2cc987e330200270b26e8c", "f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e", "2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e"], "mitre_attack_tags": []}, {"bi": "network-only-safe-domains-contacted", "hashes": ["b5cbe9afa4667aec874360e40ed65629e454eb3d855dc0830b6a3b8f3ba36a4d", "0c9a8168c677c7d0f142bf2fb40911129fba345b6f2cc987e330200270b26e8c", "f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e", "2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e"], "mitre_attack_tags": []}, {"bi": "network-opendns-malicious", "hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e", "2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e"], "mitre_attack_tags": []}, {"bi": "dns-query-nxdomain", "hashes": ["ffa35debf7c75fa5edbca2a5bec9cee472fe56c376d94c30e6bb7f4ac6c9c353", "f4c8798bbc75092d7f4ef15f8c03c332e3c3b573e47c206a8805b5f2350abda3", "458c95a42deef0f5e7607899260126cf4b3c775200e9da6bad210f185d2cbff5", "198f1ff97b3eeb1f167b6a620173f3f3dae13b2d25a9cfd4378f19904df07682", "f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e", "2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e"], "mitre_attack_tags": []}, {"bi": "netbios-query", "hashes": ["ffa35debf7c75fa5edbca2a5bec9cee472fe56c376d94c30e6bb7f4ac6c9c353", "f4c8798bbc75092d7f4ef15f8c03c332e3c3b573e47c206a8805b5f2350abda3", "458c95a42deef0f5e7607899260126cf4b3c775200e9da6bad210f185d2cbff5", "198f1ff97b3eeb1f167b6a620173f3f3dae13b2d25a9cfd4378f19904df07682", "f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e", "2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e"], "mitre_attack_tags": ["TA0007", "T1016"]}, {"bi": "network-fast-flux-nameserver", "hashes": ["f4c8798bbc75092d7f4ef15f8c03c332e3c3b573e47c206a8805b5f2350abda3", "458c95a42deef0f5e7607899260126cf4b3c775200e9da6bad210f185d2cbff5", "198f1ff97b3eeb1f167b6a620173f3f3dae13b2d25a9cfd4378f19904df07682", "f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e", "2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e"], "mitre_attack_tags": []}, {"bi": "network-file-uploaded", "hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "b5cbe9afa4667aec874360e40ed65629e454eb3d855dc0830b6a3b8f3ba36a4d", "0c9a8168c677c7d0f142bf2fb40911129fba345b6f2cc987e330200270b26e8c", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde"], "mitre_attack_tags": ["TA0010", "T1011"]}, {"bi": "network-communications-http-post", "hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "b5cbe9afa4667aec874360e40ed65629e454eb3d855dc0830b6a3b8f3ba36a4d", "0c9a8168c677c7d0f142bf2fb40911129fba345b6f2cc987e330200270b26e8c", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde"], "mitre_attack_tags": ["TA0010", "T1048"]}, {"bi": "http-response-redirect", "hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "b5cbe9afa4667aec874360e40ed65629e454eb3d855dc0830b6a3b8f3ba36a4d", "0c9a8168c677c7d0f142bf2fb40911129fba345b6f2cc987e330200270b26e8c", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde"], "mitre_attack_tags": []}, {"bi": "malware-azorult-mutex-detected", "hashes": ["ffa35debf7c75fa5edbca2a5bec9cee472fe56c376d94c30e6bb7f4ac6c9c353", "b5cbe9afa4667aec874360e40ed65629e454eb3d855dc0830b6a3b8f3ba36a4d", "f4c8798bbc75092d7f4ef15f8c03c332e3c3b573e47c206a8805b5f2350abda3", "0c9a8168c677c7d0f142bf2fb40911129fba345b6f2cc987e330200270b26e8c", "458c95a42deef0f5e7607899260126cf4b3c775200e9da6bad210f185d2cbff5", "198f1ff97b3eeb1f167b6a620173f3f3dae13b2d25a9cfd4378f19904df07682"], "mitre_attack_tags": []}, {"bi": "pe-encrypted-section", "hashes": ["d5a91ecaaa28f02c643345715e70fda018185cd6e263532b35054425d63ac790", "9a63c28232e75a2f33f12a67fcfc36b066629e969bbfc8c62a9d8fdd1228ee9c", "f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e", "2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "antivirus-flagged-artifact", "hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde"], "mitre_attack_tags": []}, {"bi": "artifact-flagged-anomaly", "hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "artifact-flagged-obfuscation", "hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "network-dns-malicious-snort", "hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde"], "mitre_attack_tags": ["TA0011", "T1102"]}, {"bi": "process-requested-named-pipe", "hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "modified-file-in-program-dir", "hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde"], "mitre_attack_tags": []}, {"bi": "network-dns-upload-file", "hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde"], "mitre_attack_tags": []}, {"bi": "url-not-found", "hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde"], "mitre_attack_tags": []}, {"bi": "pe-imports-toolhelp", "hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde"], "mitre_attack_tags": ["TA0007", "T1057"]}, {"bi": "malware-generic-ransomware-entropy", "hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde"], "mitre_attack_tags": []}, {"bi": "feed-domain-ransomware", "hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde"], "mitre_attack_tags": []}, {"bi": "malware-gandcrab-mutex-v412", "hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde"], "mitre_attack_tags": []}, {"bi": "excessive-logical-drive-enumeration", "hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde"], "mitre_attack_tags": ["TA0007", "TA0009", "T1120", "T1025"]}, {"bi": "recycler-file-creation", "hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "process-deletes-many-files", "hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde"], "mitre_attack_tags": []}, {"bi": "artifact-multiple-extensions", "hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde"], "mitre_attack_tags": ["TA0005", "T1036"]}, {"bi": "pe-uses-heavens-gate", "hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "modified-executable", "hashes": ["f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e", "2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e"], "mitre_attack_tags": []}, {"bi": "created-executable-in-user-dir", "hashes": ["f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e", "2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e"], "mitre_attack_tags": []}, {"bi": "excessive-foreign-memory-modification", "hashes": ["f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e", "2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "deleted-submitted-file", "hashes": ["f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e", "2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e"], "mitre_attack_tags": ["TA0005"]}, {"bi": "altered-sample-snort-flagged", "hashes": ["f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e", "2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e"], "mitre_attack_tags": ["TA0011", "T1102"]}, {"bi": "artifact-windows-task", "hashes": ["f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e", "2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e"], "mitre_attack_tags": ["TA0002", "TA0003", "TA0004", "T1053"]}, {"bi": "altered-sample-dns-flagged", "hashes": ["f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e", "2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e"], "mitre_attack_tags": ["TA0011", "T1102"]}, {"bi": "process-hollowing-detected", "hashes": ["f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e", "2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "startup-folder-modification", "hashes": ["f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e", "2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e"], "mitre_attack_tags": ["TA0003", "TA0004", "T1547"]}, {"bi": "dns-bypassed-assigned-server", "hashes": ["f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e", "2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e"], "mitre_attack_tags": ["TA0011", "TA0005"]}, {"bi": "network-explorer-process", "hashes": ["f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e", "2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "artifact-lnk-calls-cmd", "hashes": ["f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e", "2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e"], "mitre_attack_tags": ["TA0002", "T1059"]}, {"bi": "startup-folder-lnk-file", "hashes": ["f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e", "2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e"], "mitre_attack_tags": ["TA0003", "TA0004", "T1547"]}, {"bi": "opennic-domain-detected", "hashes": ["f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e", "2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e"], "mitre_attack_tags": []}, {"bi": "sinkholed-domain-detected", "hashes": ["f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e", "2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e"], "mitre_attack_tags": []}, {"bi": "malware-smokeloader-mutex-detected", "hashes": ["f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e", "2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e"], "mitre_attack_tags": []}, {"bi": "malware-smokeloader-artifact-detected", "hashes": ["f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e", "2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e"], "mitre_attack_tags": []}, {"bi": "process-check-zone-identifier", "hashes": ["f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e", "2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e"], "mitre_attack_tags": ["TA0007", "TA0005", "T1518", "T1553"]}, {"bi": "created-executable-sample-appdata", "hashes": ["f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e", "2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e"], "mitre_attack_tags": ["TA0005", "T1564"]}, {"bi": "http-post-image-url", "hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde"], "mitre_attack_tags": ["TA0010", "T1011"]}, {"bi": "html-js-document-location-href", "hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde"], "mitre_attack_tags": ["TA0001", "T1189"]}, {"bi": "html-js-uses-window-open", "hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57"], "mitre_attack_tags": ["TA0001", "T1189"]}, {"bi": "malware-generic-ransomware", "hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde"], "mitre_attack_tags": []}, {"bi": "nginx-webserver-detected", "hashes": ["b5cbe9afa4667aec874360e40ed65629e454eb3d855dc0830b6a3b8f3ba36a4d", "0c9a8168c677c7d0f142bf2fb40911129fba345b6f2cc987e330200270b26e8c"], "mitre_attack_tags": []}, {"bi": "network-http-numeric-ip", "hashes": ["b5cbe9afa4667aec874360e40ed65629e454eb3d855dc0830b6a3b8f3ba36a4d", "0c9a8168c677c7d0f142bf2fb40911129fba345b6f2cc987e330200270b26e8c"], "mitre_attack_tags": ["TA0011", "T1071"]}, {"bi": "network-file-downloaded-to-disk", "hashes": ["b5cbe9afa4667aec874360e40ed65629e454eb3d855dc0830b6a3b8f3ba36a4d", "0c9a8168c677c7d0f142bf2fb40911129fba345b6f2cc987e330200270b26e8c"], "mitre_attack_tags": []}, {"bi": "windows-headless-iexplore", "hashes": ["d5a91ecaaa28f02c643345715e70fda018185cd6e263532b35054425d63ac790", "9a63c28232e75a2f33f12a67fcfc36b066629e969bbfc8c62a9d8fdd1228ee9c"], "mitre_attack_tags": ["TA0005", "T1202"]}, {"bi": "html-js-uses-location-replace", "hashes": ["83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde"], "mitre_attack_tags": ["TA0001", "T1189"]}, {"bi": "html-redirect", "hashes": ["83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde"], "mitre_attack_tags": ["TA0001", "T1189"]}], "category": "Dropper", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": true, "Threat Grid": true, "Umbrella": true, "WSA": true}, "description": "Gandcrab is ransomware that encrypts documents, photos, databases and other important files using the file extension \".GDCB,\" \".CRAB\" or \".KRAB\". Gandcrab is spread through both traditional spam campaigns, as well as multiple exploit kits, including Rig and Grandsoft.", "hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0c9a8168c677c7d0f142bf2fb40911129fba345b6f2cc987e330200270b26e8c", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "198f1ff97b3eeb1f167b6a620173f3f3dae13b2d25a9cfd4378f19904df07682", "2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "458c95a42deef0f5e7607899260126cf4b3c775200e9da6bad210f185d2cbff5", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e", "9a63c28232e75a2f33f12a67fcfc36b066629e969bbfc8c62a9d8fdd1228ee9c", "b5cbe9afa4667aec874360e40ed65629e454eb3d855dc0830b6a3b8f3ba36a4d", "d5a91ecaaa28f02c643345715e70fda018185cd6e263532b35054425d63ac790", "f4c8798bbc75092d7f4ef15f8c03c332e3c3b573e47c206a8805b5f2350abda3", "f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e", "ffa35debf7c75fa5edbca2a5bec9cee472fe56c376d94c30e6bb7f4ac6c9c353"], "iocs": {"domain": [{"hashes": ["2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e", "f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e"], "host": "www[.]msftncsi[.]com"}, {"hashes": ["2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e", "f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e"], "host": "d3s1[.]me"}, {"hashes": ["2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e", "f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e"], "host": "kiyanka[.]club"}, {"hashes": ["2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e", "f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e"], "host": "proxy-exe[.]bit"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "host": "www[.]billerimpex[.]com"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "host": "www[.]macartegrise[.]eu"}, {"hashes": ["198f1ff97b3eeb1f167b6a620173f3f3dae13b2d25a9cfd4378f19904df07682", "458c95a42deef0f5e7607899260126cf4b3c775200e9da6bad210f185d2cbff5", "f4c8798bbc75092d7f4ef15f8c03c332e3c3b573e47c206a8805b5f2350abda3", "ffa35debf7c75fa5edbca2a5bec9cee472fe56c376d94c30e6bb7f4ac6c9c353"], "host": "dom2[.]website"}, {"hashes": ["0c9a8168c677c7d0f142bf2fb40911129fba345b6f2cc987e330200270b26e8c", "b5cbe9afa4667aec874360e40ed65629e454eb3d855dc0830b6a3b8f3ba36a4d"], "host": "apps[.]identrust[.]com"}, {"hashes": ["83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "host": "www[.]poketeg[.]com"}], "file": [{"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Adobe\\Acrobat\\9.0\\JavaScripts\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Adobe\\Acrobat\\9.0\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Adobe\\Acrobat\\9.0\\Security\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Adobe\\Acrobat\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Adobe\\Flash Player\\AssetCache\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Adobe\\Flash Player\\AssetCache\\TRFRW6GU\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Adobe\\Flash Player\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Adobe\\Flash Player\\NativeCache\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Adobe\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Identities\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Macromedia\\Flash Player\\#SharedObjects\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Macromedia\\Flash Player\\#SharedObjects\\YXTRFETG\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Macromedia\\Flash Player\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Macromedia\\Flash Player\\macromedia.com\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Macromedia\\Flash Player\\macromedia.com\\support\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Macromedia\\Flash Player\\macromedia.com\\support\\flashplayer\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Macromedia\\Flash Player\\macromedia.com\\support\\flashplayer\\sys\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Macromedia\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Media Center Programs\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Microsoft\\Access\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Microsoft\\AddIns\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Microsoft\\Credentials\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Microsoft\\Crypto\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Microsoft\\Crypto\\RSA\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Microsoft\\Crypto\\RSA\\S-1-5-21-2580483871-590521980-3826313501-500\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Microsoft\\Document Building Blocks\\1033\\14\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Microsoft\\Document Building Blocks\\1033\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Microsoft\\Document Building Blocks\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Microsoft\\Excel\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Microsoft\\HTML Help\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Microsoft\\InfoPath\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Microsoft\\Internet Explorer\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Microsoft\\Internet Explorer\\Quick Launch\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Microsoft\\Internet Explorer\\Quick Launch\\User Pinned\\ImplicitAppShortcuts\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Microsoft\\Internet Explorer\\Quick Launch\\User Pinned\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Microsoft\\Internet Explorer\\Quick Launch\\User Pinned\\TaskBar\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Microsoft\\Internet Explorer\\UserData\\19CDHY5T\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Microsoft\\Internet Explorer\\UserData\\8HDD5GFC\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Microsoft\\Internet Explorer\\UserData\\EUPM6R87\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Microsoft\\Internet Explorer\\UserData\\EXUAAUDV\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Microsoft\\Internet Explorer\\UserData\\KKRPCQ2X\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Microsoft\\Internet Explorer\\UserData\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Microsoft\\Internet Explorer\\UserData\\Low\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Microsoft\\Internet Explorer\\UserData\\M2V73K19\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Microsoft\\Internet Explorer\\UserData\\MA3SBLRS\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Microsoft\\Internet Explorer\\UserData\\N03JH1M1\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Microsoft\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%HOMEPATH%\\KRAB-DECRYPT.txt"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "path": "%APPDATA%\\Microsoft\\Excel\\XLSTART\\KRAB-DECRYPT.txt"}], "ip": [{"hashes": ["2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e", "f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e"], "ip": "139[.]59[.]208[.]246"}, {"hashes": ["2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e", "f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e"], "ip": "130[.]255[.]73[.]90"}, {"hashes": ["2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e", "f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e"], "ip": "185[.]121[.]177[.]177"}, {"hashes": ["2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e", "f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e"], "ip": "192[.]42[.]116[.]41"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "ip": "204[.]11[.]56[.]48"}, {"hashes": ["2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e", "f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e"], "ip": "193[.]183[.]98[.]66"}, {"hashes": ["2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e", "f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e"], "ip": "5[.]135[.]183[.]146"}, {"hashes": ["2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e", "f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e"], "ip": "185[.]121[.]177[.]53"}, {"hashes": ["2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e", "f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e"], "ip": "169[.]239[.]202[.]202"}, {"hashes": ["2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e", "f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e"], "ip": "144[.]76[.]133[.]38"}, {"hashes": ["2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e", "f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e"], "ip": "51[.]254[.]25[.]115"}, {"hashes": ["2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e", "f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e"], "ip": "51[.]255[.]48[.]78"}, {"hashes": ["2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e"], "ip": "23[.]56[.]169[.]147"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "ip": "15[.]188[.]214[.]230"}, {"hashes": ["0c9a8168c677c7d0f142bf2fb40911129fba345b6f2cc987e330200270b26e8c", "b5cbe9afa4667aec874360e40ed65629e454eb3d855dc0830b6a3b8f3ba36a4d"], "ip": "51[.]15[.]229[.]127"}, {"hashes": ["83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "ip": "35[.]205[.]61[.]67"}, {"hashes": ["0c9a8168c677c7d0f142bf2fb40911129fba345b6f2cc987e330200270b26e8c"], "ip": "23[.]221[.]227[.]165"}, {"hashes": ["b5cbe9afa4667aec874360e40ed65629e454eb3d855dc0830b6a3b8f3ba36a4d"], "ip": "23[.]221[.]227[.]172"}, {"hashes": ["0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57"], "ip": "13[.]37[.]189[.]21"}, {"hashes": ["993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e"], "ip": "23[.]56[.]169[.]152"}], "mutex": [{"hashes": ["0c9a8168c677c7d0f142bf2fb40911129fba345b6f2cc987e330200270b26e8c", "198f1ff97b3eeb1f167b6a620173f3f3dae13b2d25a9cfd4378f19904df07682", "458c95a42deef0f5e7607899260126cf4b3c775200e9da6bad210f185d2cbff5", "b5cbe9afa4667aec874360e40ed65629e454eb3d855dc0830b6a3b8f3ba36a4d", "f4c8798bbc75092d7f4ef15f8c03c332e3c3b573e47c206a8805b5f2350abda3", "ffa35debf7c75fa5edbca2a5bec9cee472fe56c376d94c30e6bb7f4ac6c9c353"], "name": "A16467FA-7343A2EC-6F235135-4B9A74AC-F1DC8406A"}, {"hashes": ["2c6f1952bf690b431ab3d7fb0c5e09e9d3fb23d4d77d987c12ca2b5827ef20bb", "8f4ee5d0479a95e21085b79b27bf715e6e1a713284143945da888cfb7db34354", "993bf34450e99ae94dc4ab207f94b5a76d9d58d5409e8c3b33997d8101ead59e", "f7ed8a78e183bf47923b494c986ad97492a7af97cb6bd8cb4f42ab009052819e"], "name": "10853E93BDB42AC8C03259A196091EB198B68E3C"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "name": "Global\\8B5BAAB9E36E4507C5F5.lock"}], "registry": [{"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "key": "<HKCU>\\SOFTWARE\\KEYS_DATA", "value_name": null}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "key": "<HKCU>\\SOFTWARE\\KEYS_DATA\\DATA", "value_name": null}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "key": "<HKCU>\\SOFTWARE\\KEYS_DATA\\DATA", "value_name": "public"}, {"hashes": ["011d8dcf09e7c54b212d4037f7a71ac101b38af87f59587527924ab7262fba41", "0e24bd59a7468274a57a681b6b864591747db3af0ee1c00e24e61516b57ecc57", "3dddef51b9ae680dcd1a2bb65f7c1d0a012d16bae4b34fcbc734687d29818bde", "83af4f8b7564e214be08bb6565bb8639a351798be2ea899ac8d7587ece452e53"], "key": "<HKCU>\\SOFTWARE\\KEYS_DATA\\DATA", "value_name": "private"}, {"hashes": ["d5a91ecaaa28f02c643345715e70fda018185cd6e263532b35054425d63ac790"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\EXT\\STATS\\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}", "value_name": null}]}, "reports_count": 16}, "Win.Dropper.LokiBot-9987759-0": {"bis": [{"bi": "antivirus-flagged-artifact", "hashes": ["1621a2bb84b4c0d8e88be841f5bbf2d9457bba1d316d674faa7bc9c64bd50fea", "7479bfd01c46646868bab0ad2839fafd1d850aa8386600a9580e1c0f53e28370", "6bfeb75aef998110a3a4e1ac4f5b8dcfce294ddc87d533c78a26fe0d111c4f5f", "1e9623428570505c6ee127a9afaa4741c2ed8958c77f59367edfeaa0660ecaa7", "0be581f5f102f0fce5d5cf26b69942231d842cd7b221f008f0e633deeee05500", "a18f7246f1250ba929c3c58b858939668e8ce96da1187148cb126ef399e42b8a", "64f47d30e8f110c89ed56a7c8344bc17aa46df114ec9d19cc3dae5889ad7cd79", "c1a398db47a98d88de0ce57b36a29f67828f6ec6343bdf13e8323b33b8cddbe2", "b86886b7f3d80e751d0bba0f3a22c63613be992973fe4f8f0dacf2883f8d4dde", "78bcde4345b33c5ad9a30a07e0ab9e858b93aef79a6862a1ffa2e092502484e1", "dc896be13aed92322cd28ddacd63286ce933c335f3f2745d9ce53fee65298c4b", "dd355884a68a133f02930c8937e082cd4aca1124d6a1e61f0aed07bebaad053c", "90d22eeb34f609676a6afc04b431851565d50f497b5a731391b4a7ded766b201", "9f88c5ca55ed9d689f59af586c55bbacfd9680677f8b8061377505cae622bafd", "fff5ccde8416fb79e016aaadecf5abd40786c84f76d137e6d792293c40a22576", "9c5b4f080db8c8a25d52e1353d1672d72b8b663464774a6f4ed103c3c4798d67", "07f02393195d8c9d597419c4ca54eb4dc90b2e847763d3d479caa69935411bc0", "6bc3d5bdea707ec5ef5fbffd0ee59ba99b1ca0a0fdaf7bb294549b067f397a98"], "mitre_attack_tags": []}, {"bi": "memory-execute-readwrite", "hashes": ["1621a2bb84b4c0d8e88be841f5bbf2d9457bba1d316d674faa7bc9c64bd50fea", "7479bfd01c46646868bab0ad2839fafd1d850aa8386600a9580e1c0f53e28370", "6bfeb75aef998110a3a4e1ac4f5b8dcfce294ddc87d533c78a26fe0d111c4f5f", "1e9623428570505c6ee127a9afaa4741c2ed8958c77f59367edfeaa0660ecaa7", "0be581f5f102f0fce5d5cf26b69942231d842cd7b221f008f0e633deeee05500", "a18f7246f1250ba929c3c58b858939668e8ce96da1187148cb126ef399e42b8a", "64f47d30e8f110c89ed56a7c8344bc17aa46df114ec9d19cc3dae5889ad7cd79", "c1a398db47a98d88de0ce57b36a29f67828f6ec6343bdf13e8323b33b8cddbe2", "b86886b7f3d80e751d0bba0f3a22c63613be992973fe4f8f0dacf2883f8d4dde", "78bcde4345b33c5ad9a30a07e0ab9e858b93aef79a6862a1ffa2e092502484e1", "dc896be13aed92322cd28ddacd63286ce933c335f3f2745d9ce53fee65298c4b", "dd355884a68a133f02930c8937e082cd4aca1124d6a1e61f0aed07bebaad053c", "90d22eeb34f609676a6afc04b431851565d50f497b5a731391b4a7ded766b201", "9f88c5ca55ed9d689f59af586c55bbacfd9680677f8b8061377505cae622bafd", "fff5ccde8416fb79e016aaadecf5abd40786c84f76d137e6d792293c40a22576", "9c5b4f080db8c8a25d52e1353d1672d72b8b663464774a6f4ed103c3c4798d67", "07f02393195d8c9d597419c4ca54eb4dc90b2e847763d3d479caa69935411bc0", "6bc3d5bdea707ec5ef5fbffd0ee59ba99b1ca0a0fdaf7bb294549b067f397a98"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["1621a2bb84b4c0d8e88be841f5bbf2d9457bba1d316d674faa7bc9c64bd50fea", "7479bfd01c46646868bab0ad2839fafd1d850aa8386600a9580e1c0f53e28370", "6bfeb75aef998110a3a4e1ac4f5b8dcfce294ddc87d533c78a26fe0d111c4f5f", "1e9623428570505c6ee127a9afaa4741c2ed8958c77f59367edfeaa0660ecaa7", "0be581f5f102f0fce5d5cf26b69942231d842cd7b221f008f0e633deeee05500", "a18f7246f1250ba929c3c58b858939668e8ce96da1187148cb126ef399e42b8a", "64f47d30e8f110c89ed56a7c8344bc17aa46df114ec9d19cc3dae5889ad7cd79", "c1a398db47a98d88de0ce57b36a29f67828f6ec6343bdf13e8323b33b8cddbe2", "b86886b7f3d80e751d0bba0f3a22c63613be992973fe4f8f0dacf2883f8d4dde", "78bcde4345b33c5ad9a30a07e0ab9e858b93aef79a6862a1ffa2e092502484e1", "dc896be13aed92322cd28ddacd63286ce933c335f3f2745d9ce53fee65298c4b", "dd355884a68a133f02930c8937e082cd4aca1124d6a1e61f0aed07bebaad053c", "90d22eeb34f609676a6afc04b431851565d50f497b5a731391b4a7ded766b201", "9f88c5ca55ed9d689f59af586c55bbacfd9680677f8b8061377505cae622bafd", "fff5ccde8416fb79e016aaadecf5abd40786c84f76d137e6d792293c40a22576", "9c5b4f080db8c8a25d52e1353d1672d72b8b663464774a6f4ed103c3c4798d67", "07f02393195d8c9d597419c4ca54eb4dc90b2e847763d3d479caa69935411bc0", "6bc3d5bdea707ec5ef5fbffd0ee59ba99b1ca0a0fdaf7bb294549b067f397a98"], "mitre_attack_tags": []}, {"bi": "pe-invalid-checksum", "hashes": ["1621a2bb84b4c0d8e88be841f5bbf2d9457bba1d316d674faa7bc9c64bd50fea", "7479bfd01c46646868bab0ad2839fafd1d850aa8386600a9580e1c0f53e28370", "6bfeb75aef998110a3a4e1ac4f5b8dcfce294ddc87d533c78a26fe0d111c4f5f", "1e9623428570505c6ee127a9afaa4741c2ed8958c77f59367edfeaa0660ecaa7", "0be581f5f102f0fce5d5cf26b69942231d842cd7b221f008f0e633deeee05500", "a18f7246f1250ba929c3c58b858939668e8ce96da1187148cb126ef399e42b8a", "64f47d30e8f110c89ed56a7c8344bc17aa46df114ec9d19cc3dae5889ad7cd79", "c1a398db47a98d88de0ce57b36a29f67828f6ec6343bdf13e8323b33b8cddbe2", "b86886b7f3d80e751d0bba0f3a22c63613be992973fe4f8f0dacf2883f8d4dde", "78bcde4345b33c5ad9a30a07e0ab9e858b93aef79a6862a1ffa2e092502484e1", "dc896be13aed92322cd28ddacd63286ce933c335f3f2745d9ce53fee65298c4b", "dd355884a68a133f02930c8937e082cd4aca1124d6a1e61f0aed07bebaad053c", "90d22eeb34f609676a6afc04b431851565d50f497b5a731391b4a7ded766b201", "9f88c5ca55ed9d689f59af586c55bbacfd9680677f8b8061377505cae622bafd", "fff5ccde8416fb79e016aaadecf5abd40786c84f76d137e6d792293c40a22576", "9c5b4f080db8c8a25d52e1353d1672d72b8b663464774a6f4ed103c3c4798d67", "07f02393195d8c9d597419c4ca54eb4dc90b2e847763d3d479caa69935411bc0", "6bc3d5bdea707ec5ef5fbffd0ee59ba99b1ca0a0fdaf7bb294549b067f397a98"], "mitre_attack_tags": []}, {"bi": "pe-filename-mismatch", "hashes": ["1621a2bb84b4c0d8e88be841f5bbf2d9457bba1d316d674faa7bc9c64bd50fea", "7479bfd01c46646868bab0ad2839fafd1d850aa8386600a9580e1c0f53e28370", "6bfeb75aef998110a3a4e1ac4f5b8dcfce294ddc87d533c78a26fe0d111c4f5f", "1e9623428570505c6ee127a9afaa4741c2ed8958c77f59367edfeaa0660ecaa7", "0be581f5f102f0fce5d5cf26b69942231d842cd7b221f008f0e633deeee05500", "a18f7246f1250ba929c3c58b858939668e8ce96da1187148cb126ef399e42b8a", "64f47d30e8f110c89ed56a7c8344bc17aa46df114ec9d19cc3dae5889ad7cd79", "c1a398db47a98d88de0ce57b36a29f67828f6ec6343bdf13e8323b33b8cddbe2", "b86886b7f3d80e751d0bba0f3a22c63613be992973fe4f8f0dacf2883f8d4dde", "78bcde4345b33c5ad9a30a07e0ab9e858b93aef79a6862a1ffa2e092502484e1", "dc896be13aed92322cd28ddacd63286ce933c335f3f2745d9ce53fee65298c4b", "dd355884a68a133f02930c8937e082cd4aca1124d6a1e61f0aed07bebaad053c", "90d22eeb34f609676a6afc04b431851565d50f497b5a731391b4a7ded766b201", "9f88c5ca55ed9d689f59af586c55bbacfd9680677f8b8061377505cae622bafd", "fff5ccde8416fb79e016aaadecf5abd40786c84f76d137e6d792293c40a22576", "9c5b4f080db8c8a25d52e1353d1672d72b8b663464774a6f4ed103c3c4798d67", "07f02393195d8c9d597419c4ca54eb4dc90b2e847763d3d479caa69935411bc0", "6bc3d5bdea707ec5ef5fbffd0ee59ba99b1ca0a0fdaf7bb294549b067f397a98"], "mitre_attack_tags": []}, {"bi": "process-long-cmdline", "hashes": ["1621a2bb84b4c0d8e88be841f5bbf2d9457bba1d316d674faa7bc9c64bd50fea", "7479bfd01c46646868bab0ad2839fafd1d850aa8386600a9580e1c0f53e28370", "6bfeb75aef998110a3a4e1ac4f5b8dcfce294ddc87d533c78a26fe0d111c4f5f", "1e9623428570505c6ee127a9afaa4741c2ed8958c77f59367edfeaa0660ecaa7", "0be581f5f102f0fce5d5cf26b69942231d842cd7b221f008f0e633deeee05500", "a18f7246f1250ba929c3c58b858939668e8ce96da1187148cb126ef399e42b8a", "64f47d30e8f110c89ed56a7c8344bc17aa46df114ec9d19cc3dae5889ad7cd79", "c1a398db47a98d88de0ce57b36a29f67828f6ec6343bdf13e8323b33b8cddbe2", "b86886b7f3d80e751d0bba0f3a22c63613be992973fe4f8f0dacf2883f8d4dde", "78bcde4345b33c5ad9a30a07e0ab9e858b93aef79a6862a1ffa2e092502484e1", "dc896be13aed92322cd28ddacd63286ce933c335f3f2745d9ce53fee65298c4b", "dd355884a68a133f02930c8937e082cd4aca1124d6a1e61f0aed07bebaad053c", "90d22eeb34f609676a6afc04b431851565d50f497b5a731391b4a7ded766b201", "9f88c5ca55ed9d689f59af586c55bbacfd9680677f8b8061377505cae622bafd", "fff5ccde8416fb79e016aaadecf5abd40786c84f76d137e6d792293c40a22576", "9c5b4f080db8c8a25d52e1353d1672d72b8b663464774a6f4ed103c3c4798d67", "07f02393195d8c9d597419c4ca54eb4dc90b2e847763d3d479caa69935411bc0", "6bc3d5bdea707ec5ef5fbffd0ee59ba99b1ca0a0fdaf7bb294549b067f397a98"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "pe-uses-visual-basic", "hashes": ["1621a2bb84b4c0d8e88be841f5bbf2d9457bba1d316d674faa7bc9c64bd50fea", "7479bfd01c46646868bab0ad2839fafd1d850aa8386600a9580e1c0f53e28370", "6bfeb75aef998110a3a4e1ac4f5b8dcfce294ddc87d533c78a26fe0d111c4f5f", "1e9623428570505c6ee127a9afaa4741c2ed8958c77f59367edfeaa0660ecaa7", "0be581f5f102f0fce5d5cf26b69942231d842cd7b221f008f0e633deeee05500", "a18f7246f1250ba929c3c58b858939668e8ce96da1187148cb126ef399e42b8a", "64f47d30e8f110c89ed56a7c8344bc17aa46df114ec9d19cc3dae5889ad7cd79", "c1a398db47a98d88de0ce57b36a29f67828f6ec6343bdf13e8323b33b8cddbe2", "b86886b7f3d80e751d0bba0f3a22c63613be992973fe4f8f0dacf2883f8d4dde", "78bcde4345b33c5ad9a30a07e0ab9e858b93aef79a6862a1ffa2e092502484e1", "dc896be13aed92322cd28ddacd63286ce933c335f3f2745d9ce53fee65298c4b", "dd355884a68a133f02930c8937e082cd4aca1124d6a1e61f0aed07bebaad053c", "90d22eeb34f609676a6afc04b431851565d50f497b5a731391b4a7ded766b201", "9f88c5ca55ed9d689f59af586c55bbacfd9680677f8b8061377505cae622bafd", "fff5ccde8416fb79e016aaadecf5abd40786c84f76d137e6d792293c40a22576", "9c5b4f080db8c8a25d52e1353d1672d72b8b663464774a6f4ed103c3c4798d67", "07f02393195d8c9d597419c4ca54eb4dc90b2e847763d3d479caa69935411bc0", "6bc3d5bdea707ec5ef5fbffd0ee59ba99b1ca0a0fdaf7bb294549b067f397a98"], "mitre_attack_tags": []}, {"bi": "artifact-windows-task", "hashes": ["1621a2bb84b4c0d8e88be841f5bbf2d9457bba1d316d674faa7bc9c64bd50fea", "7479bfd01c46646868bab0ad2839fafd1d850aa8386600a9580e1c0f53e28370", "6bfeb75aef998110a3a4e1ac4f5b8dcfce294ddc87d533c78a26fe0d111c4f5f", "1e9623428570505c6ee127a9afaa4741c2ed8958c77f59367edfeaa0660ecaa7", "0be581f5f102f0fce5d5cf26b69942231d842cd7b221f008f0e633deeee05500", "a18f7246f1250ba929c3c58b858939668e8ce96da1187148cb126ef399e42b8a", "64f47d30e8f110c89ed56a7c8344bc17aa46df114ec9d19cc3dae5889ad7cd79", "c1a398db47a98d88de0ce57b36a29f67828f6ec6343bdf13e8323b33b8cddbe2", "b86886b7f3d80e751d0bba0f3a22c63613be992973fe4f8f0dacf2883f8d4dde", "78bcde4345b33c5ad9a30a07e0ab9e858b93aef79a6862a1ffa2e092502484e1", "dc896be13aed92322cd28ddacd63286ce933c335f3f2745d9ce53fee65298c4b", "dd355884a68a133f02930c8937e082cd4aca1124d6a1e61f0aed07bebaad053c", "90d22eeb34f609676a6afc04b431851565d50f497b5a731391b4a7ded766b201", "9f88c5ca55ed9d689f59af586c55bbacfd9680677f8b8061377505cae622bafd", "fff5ccde8416fb79e016aaadecf5abd40786c84f76d137e6d792293c40a22576", "9c5b4f080db8c8a25d52e1353d1672d72b8b663464774a6f4ed103c3c4798d67", "07f02393195d8c9d597419c4ca54eb4dc90b2e847763d3d479caa69935411bc0", "6bc3d5bdea707ec5ef5fbffd0ee59ba99b1ca0a0fdaf7bb294549b067f397a98"], "mitre_attack_tags": ["TA0002", "TA0003", "TA0004", "T1053"]}, {"bi": "registry-autorun-key-modified", "hashes": ["1621a2bb84b4c0d8e88be841f5bbf2d9457bba1d316d674faa7bc9c64bd50fea", "7479bfd01c46646868bab0ad2839fafd1d850aa8386600a9580e1c0f53e28370", "6bfeb75aef998110a3a4e1ac4f5b8dcfce294ddc87d533c78a26fe0d111c4f5f", "1e9623428570505c6ee127a9afaa4741c2ed8958c77f59367edfeaa0660ecaa7", "0be581f5f102f0fce5d5cf26b69942231d842cd7b221f008f0e633deeee05500", "a18f7246f1250ba929c3c58b858939668e8ce96da1187148cb126ef399e42b8a", "64f47d30e8f110c89ed56a7c8344bc17aa46df114ec9d19cc3dae5889ad7cd79", "c1a398db47a98d88de0ce57b36a29f67828f6ec6343bdf13e8323b33b8cddbe2", "b86886b7f3d80e751d0bba0f3a22c63613be992973fe4f8f0dacf2883f8d4dde", "78bcde4345b33c5ad9a30a07e0ab9e858b93aef79a6862a1ffa2e092502484e1", "dc896be13aed92322cd28ddacd63286ce933c335f3f2745d9ce53fee65298c4b", "dd355884a68a133f02930c8937e082cd4aca1124d6a1e61f0aed07bebaad053c", "90d22eeb34f609676a6afc04b431851565d50f497b5a731391b4a7ded766b201", "9f88c5ca55ed9d689f59af586c55bbacfd9680677f8b8061377505cae622bafd", "fff5ccde8416fb79e016aaadecf5abd40786c84f76d137e6d792293c40a22576", "9c5b4f080db8c8a25d52e1353d1672d72b8b663464774a6f4ed103c3c4798d67", "07f02393195d8c9d597419c4ca54eb4dc90b2e847763d3d479caa69935411bc0", "6bc3d5bdea707ec5ef5fbffd0ee59ba99b1ca0a0fdaf7bb294549b067f397a98"], "mitre_attack_tags": ["TA0003", "TA0004", "T1547"]}, {"bi": "windows-util-schtask", "hashes": ["1621a2bb84b4c0d8e88be841f5bbf2d9457bba1d316d674faa7bc9c64bd50fea", "7479bfd01c46646868bab0ad2839fafd1d850aa8386600a9580e1c0f53e28370", "6bfeb75aef998110a3a4e1ac4f5b8dcfce294ddc87d533c78a26fe0d111c4f5f", "1e9623428570505c6ee127a9afaa4741c2ed8958c77f59367edfeaa0660ecaa7", "0be581f5f102f0fce5d5cf26b69942231d842cd7b221f008f0e633deeee05500", "a18f7246f1250ba929c3c58b858939668e8ce96da1187148cb126ef399e42b8a", "64f47d30e8f110c89ed56a7c8344bc17aa46df114ec9d19cc3dae5889ad7cd79", "c1a398db47a98d88de0ce57b36a29f67828f6ec6343bdf13e8323b33b8cddbe2", "b86886b7f3d80e751d0bba0f3a22c63613be992973fe4f8f0dacf2883f8d4dde", "78bcde4345b33c5ad9a30a07e0ab9e858b93aef79a6862a1ffa2e092502484e1", "dc896be13aed92322cd28ddacd63286ce933c335f3f2745d9ce53fee65298c4b", "dd355884a68a133f02930c8937e082cd4aca1124d6a1e61f0aed07bebaad053c", "90d22eeb34f609676a6afc04b431851565d50f497b5a731391b4a7ded766b201", "9f88c5ca55ed9d689f59af586c55bbacfd9680677f8b8061377505cae622bafd", "fff5ccde8416fb79e016aaadecf5abd40786c84f76d137e6d792293c40a22576", "9c5b4f080db8c8a25d52e1353d1672d72b8b663464774a6f4ed103c3c4798d67", "07f02393195d8c9d597419c4ca54eb4dc90b2e847763d3d479caa69935411bc0", "6bc3d5bdea707ec5ef5fbffd0ee59ba99b1ca0a0fdaf7bb294549b067f397a98"], "mitre_attack_tags": ["TA0002", "TA0003", "TA0004", "T1053"]}, {"bi": "windows-util-schtask-generic", "hashes": ["1621a2bb84b4c0d8e88be841f5bbf2d9457bba1d316d674faa7bc9c64bd50fea", "7479bfd01c46646868bab0ad2839fafd1d850aa8386600a9580e1c0f53e28370", "6bfeb75aef998110a3a4e1ac4f5b8dcfce294ddc87d533c78a26fe0d111c4f5f", "1e9623428570505c6ee127a9afaa4741c2ed8958c77f59367edfeaa0660ecaa7", "0be581f5f102f0fce5d5cf26b69942231d842cd7b221f008f0e633deeee05500", "a18f7246f1250ba929c3c58b858939668e8ce96da1187148cb126ef399e42b8a", "64f47d30e8f110c89ed56a7c8344bc17aa46df114ec9d19cc3dae5889ad7cd79", "c1a398db47a98d88de0ce57b36a29f67828f6ec6343bdf13e8323b33b8cddbe2", "b86886b7f3d80e751d0bba0f3a22c63613be992973fe4f8f0dacf2883f8d4dde", "78bcde4345b33c5ad9a30a07e0ab9e858b93aef79a6862a1ffa2e092502484e1", "dc896be13aed92322cd28ddacd63286ce933c335f3f2745d9ce53fee65298c4b", "dd355884a68a133f02930c8937e082cd4aca1124d6a1e61f0aed07bebaad053c", "90d22eeb34f609676a6afc04b431851565d50f497b5a731391b4a7ded766b201", "9f88c5ca55ed9d689f59af586c55bbacfd9680677f8b8061377505cae622bafd", "fff5ccde8416fb79e016aaadecf5abd40786c84f76d137e6d792293c40a22576", "9c5b4f080db8c8a25d52e1353d1672d72b8b663464774a6f4ed103c3c4798d67", "07f02393195d8c9d597419c4ca54eb4dc90b2e847763d3d479caa69935411bc0", "6bc3d5bdea707ec5ef5fbffd0ee59ba99b1ca0a0fdaf7bb294549b067f397a98"], "mitre_attack_tags": ["TA0002", "TA0003", "TA0004", "T1053"]}, {"bi": "registry-modification-reg", "hashes": ["1621a2bb84b4c0d8e88be841f5bbf2d9457bba1d316d674faa7bc9c64bd50fea", "7479bfd01c46646868bab0ad2839fafd1d850aa8386600a9580e1c0f53e28370", "6bfeb75aef998110a3a4e1ac4f5b8dcfce294ddc87d533c78a26fe0d111c4f5f", "1e9623428570505c6ee127a9afaa4741c2ed8958c77f59367edfeaa0660ecaa7", "0be581f5f102f0fce5d5cf26b69942231d842cd7b221f008f0e633deeee05500", "a18f7246f1250ba929c3c58b858939668e8ce96da1187148cb126ef399e42b8a", "64f47d30e8f110c89ed56a7c8344bc17aa46df114ec9d19cc3dae5889ad7cd79", "c1a398db47a98d88de0ce57b36a29f67828f6ec6343bdf13e8323b33b8cddbe2", "b86886b7f3d80e751d0bba0f3a22c63613be992973fe4f8f0dacf2883f8d4dde", "78bcde4345b33c5ad9a30a07e0ab9e858b93aef79a6862a1ffa2e092502484e1", "dc896be13aed92322cd28ddacd63286ce933c335f3f2745d9ce53fee65298c4b", "dd355884a68a133f02930c8937e082cd4aca1124d6a1e61f0aed07bebaad053c", "90d22eeb34f609676a6afc04b431851565d50f497b5a731391b4a7ded766b201", "9f88c5ca55ed9d689f59af586c55bbacfd9680677f8b8061377505cae622bafd", "fff5ccde8416fb79e016aaadecf5abd40786c84f76d137e6d792293c40a22576", "9c5b4f080db8c8a25d52e1353d1672d72b8b663464774a6f4ed103c3c4798d67", "07f02393195d8c9d597419c4ca54eb4dc90b2e847763d3d479caa69935411bc0", "6bc3d5bdea707ec5ef5fbffd0ee59ba99b1ca0a0fdaf7bb294549b067f397a98"], "mitre_attack_tags": []}, {"bi": "sample-pe-modified-on-disk", "hashes": ["1621a2bb84b4c0d8e88be841f5bbf2d9457bba1d316d674faa7bc9c64bd50fea", "7479bfd01c46646868bab0ad2839fafd1d850aa8386600a9580e1c0f53e28370", "6bfeb75aef998110a3a4e1ac4f5b8dcfce294ddc87d533c78a26fe0d111c4f5f", "1e9623428570505c6ee127a9afaa4741c2ed8958c77f59367edfeaa0660ecaa7", "0be581f5f102f0fce5d5cf26b69942231d842cd7b221f008f0e633deeee05500", "a18f7246f1250ba929c3c58b858939668e8ce96da1187148cb126ef399e42b8a", "64f47d30e8f110c89ed56a7c8344bc17aa46df114ec9d19cc3dae5889ad7cd79", "c1a398db47a98d88de0ce57b36a29f67828f6ec6343bdf13e8323b33b8cddbe2", "b86886b7f3d80e751d0bba0f3a22c63613be992973fe4f8f0dacf2883f8d4dde", "78bcde4345b33c5ad9a30a07e0ab9e858b93aef79a6862a1ffa2e092502484e1", "dc896be13aed92322cd28ddacd63286ce933c335f3f2745d9ce53fee65298c4b", "dd355884a68a133f02930c8937e082cd4aca1124d6a1e61f0aed07bebaad053c", "90d22eeb34f609676a6afc04b431851565d50f497b5a731391b4a7ded766b201", "9f88c5ca55ed9d689f59af586c55bbacfd9680677f8b8061377505cae622bafd", "fff5ccde8416fb79e016aaadecf5abd40786c84f76d137e6d792293c40a22576", "9c5b4f080db8c8a25d52e1353d1672d72b8b663464774a6f4ed103c3c4798d67", "07f02393195d8c9d597419c4ca54eb4dc90b2e847763d3d479caa69935411bc0", "6bc3d5bdea707ec5ef5fbffd0ee59ba99b1ca0a0fdaf7bb294549b067f397a98"], "mitre_attack_tags": ["TA0005", "T1202"]}], "category": "Dropper", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": false, "Threat Grid": true, "Umbrella": false, "WSA": false}, "description": "Lokibot is an information-stealing malware designed to siphon sensitive information stored on an infected device. It is modular in nature, including the ability to steal sensitive information from several popular applications. It is commonly pushed via malicious documents delivered via spam emails.", "hashes": ["07f02393195d8c9d597419c4ca54eb4dc90b2e847763d3d479caa69935411bc0", "0be581f5f102f0fce5d5cf26b69942231d842cd7b221f008f0e633deeee05500", "1621a2bb84b4c0d8e88be841f5bbf2d9457bba1d316d674faa7bc9c64bd50fea", "1e9623428570505c6ee127a9afaa4741c2ed8958c77f59367edfeaa0660ecaa7", "64f47d30e8f110c89ed56a7c8344bc17aa46df114ec9d19cc3dae5889ad7cd79", "6bc3d5bdea707ec5ef5fbffd0ee59ba99b1ca0a0fdaf7bb294549b067f397a98", "6bfeb75aef998110a3a4e1ac4f5b8dcfce294ddc87d533c78a26fe0d111c4f5f", "7479bfd01c46646868bab0ad2839fafd1d850aa8386600a9580e1c0f53e28370", "78bcde4345b33c5ad9a30a07e0ab9e858b93aef79a6862a1ffa2e092502484e1", "90d22eeb34f609676a6afc04b431851565d50f497b5a731391b4a7ded766b201", "9c5b4f080db8c8a25d52e1353d1672d72b8b663464774a6f4ed103c3c4798d67", "9f88c5ca55ed9d689f59af586c55bbacfd9680677f8b8061377505cae622bafd", "a18f7246f1250ba929c3c58b858939668e8ce96da1187148cb126ef399e42b8a", "b86886b7f3d80e751d0bba0f3a22c63613be992973fe4f8f0dacf2883f8d4dde", "c1a398db47a98d88de0ce57b36a29f67828f6ec6343bdf13e8323b33b8cddbe2", "dc896be13aed92322cd28ddacd63286ce933c335f3f2745d9ce53fee65298c4b", "dd355884a68a133f02930c8937e082cd4aca1124d6a1e61f0aed07bebaad053c", "fff5ccde8416fb79e016aaadecf5abd40786c84f76d137e6d792293c40a22576"], "iocs": {"domain": [], "file": [{"hashes": ["07f02393195d8c9d597419c4ca54eb4dc90b2e847763d3d479caa69935411bc0", "0be581f5f102f0fce5d5cf26b69942231d842cd7b221f008f0e633deeee05500", "1621a2bb84b4c0d8e88be841f5bbf2d9457bba1d316d674faa7bc9c64bd50fea", "1e9623428570505c6ee127a9afaa4741c2ed8958c77f59367edfeaa0660ecaa7", "64f47d30e8f110c89ed56a7c8344bc17aa46df114ec9d19cc3dae5889ad7cd79", "6bc3d5bdea707ec5ef5fbffd0ee59ba99b1ca0a0fdaf7bb294549b067f397a98", "6bfeb75aef998110a3a4e1ac4f5b8dcfce294ddc87d533c78a26fe0d111c4f5f", "7479bfd01c46646868bab0ad2839fafd1d850aa8386600a9580e1c0f53e28370", "78bcde4345b33c5ad9a30a07e0ab9e858b93aef79a6862a1ffa2e092502484e1", "90d22eeb34f609676a6afc04b431851565d50f497b5a731391b4a7ded766b201", "9c5b4f080db8c8a25d52e1353d1672d72b8b663464774a6f4ed103c3c4798d67", "9f88c5ca55ed9d689f59af586c55bbacfd9680677f8b8061377505cae622bafd", "a18f7246f1250ba929c3c58b858939668e8ce96da1187148cb126ef399e42b8a", "b86886b7f3d80e751d0bba0f3a22c63613be992973fe4f8f0dacf2883f8d4dde", "c1a398db47a98d88de0ce57b36a29f67828f6ec6343bdf13e8323b33b8cddbe2", "dc896be13aed92322cd28ddacd63286ce933c335f3f2745d9ce53fee65298c4b", "dd355884a68a133f02930c8937e082cd4aca1124d6a1e61f0aed07bebaad053c", "fff5ccde8416fb79e016aaadecf5abd40786c84f76d137e6d792293c40a22576"], "path": "%ProgramData%\\TVINDINGER.scr"}, {"hashes": ["07f02393195d8c9d597419c4ca54eb4dc90b2e847763d3d479caa69935411bc0", "0be581f5f102f0fce5d5cf26b69942231d842cd7b221f008f0e633deeee05500", "1621a2bb84b4c0d8e88be841f5bbf2d9457bba1d316d674faa7bc9c64bd50fea", "1e9623428570505c6ee127a9afaa4741c2ed8958c77f59367edfeaa0660ecaa7", "64f47d30e8f110c89ed56a7c8344bc17aa46df114ec9d19cc3dae5889ad7cd79", "6bc3d5bdea707ec5ef5fbffd0ee59ba99b1ca0a0fdaf7bb294549b067f397a98", "6bfeb75aef998110a3a4e1ac4f5b8dcfce294ddc87d533c78a26fe0d111c4f5f", "7479bfd01c46646868bab0ad2839fafd1d850aa8386600a9580e1c0f53e28370", "78bcde4345b33c5ad9a30a07e0ab9e858b93aef79a6862a1ffa2e092502484e1", "90d22eeb34f609676a6afc04b431851565d50f497b5a731391b4a7ded766b201", "9c5b4f080db8c8a25d52e1353d1672d72b8b663464774a6f4ed103c3c4798d67", "9f88c5ca55ed9d689f59af586c55bbacfd9680677f8b8061377505cae622bafd", "a18f7246f1250ba929c3c58b858939668e8ce96da1187148cb126ef399e42b8a", "b86886b7f3d80e751d0bba0f3a22c63613be992973fe4f8f0dacf2883f8d4dde", "c1a398db47a98d88de0ce57b36a29f67828f6ec6343bdf13e8323b33b8cddbe2", "dc896be13aed92322cd28ddacd63286ce933c335f3f2745d9ce53fee65298c4b", "dd355884a68a133f02930c8937e082cd4aca1124d6a1e61f0aed07bebaad053c", "fff5ccde8416fb79e016aaadecf5abd40786c84f76d137e6d792293c40a22576"], "path": "%System32%\\Tasks\\LLENES"}], "ip": [], "mutex": [], "registry": [{"hashes": ["07f02393195d8c9d597419c4ca54eb4dc90b2e847763d3d479caa69935411bc0", "0be581f5f102f0fce5d5cf26b69942231d842cd7b221f008f0e633deeee05500", "1621a2bb84b4c0d8e88be841f5bbf2d9457bba1d316d674faa7bc9c64bd50fea", "1e9623428570505c6ee127a9afaa4741c2ed8958c77f59367edfeaa0660ecaa7", "64f47d30e8f110c89ed56a7c8344bc17aa46df114ec9d19cc3dae5889ad7cd79", "6bc3d5bdea707ec5ef5fbffd0ee59ba99b1ca0a0fdaf7bb294549b067f397a98", "6bfeb75aef998110a3a4e1ac4f5b8dcfce294ddc87d533c78a26fe0d111c4f5f", "7479bfd01c46646868bab0ad2839fafd1d850aa8386600a9580e1c0f53e28370", "78bcde4345b33c5ad9a30a07e0ab9e858b93aef79a6862a1ffa2e092502484e1", "90d22eeb34f609676a6afc04b431851565d50f497b5a731391b4a7ded766b201", "9c5b4f080db8c8a25d52e1353d1672d72b8b663464774a6f4ed103c3c4798d67", "9f88c5ca55ed9d689f59af586c55bbacfd9680677f8b8061377505cae622bafd", "a18f7246f1250ba929c3c58b858939668e8ce96da1187148cb126ef399e42b8a", "b86886b7f3d80e751d0bba0f3a22c63613be992973fe4f8f0dacf2883f8d4dde", "c1a398db47a98d88de0ce57b36a29f67828f6ec6343bdf13e8323b33b8cddbe2", "dc896be13aed92322cd28ddacd63286ce933c335f3f2745d9ce53fee65298c4b", "dd355884a68a133f02930c8937e082cd4aca1124d6a1e61f0aed07bebaad053c", "fff5ccde8416fb79e016aaadecf5abd40786c84f76d137e6d792293c40a22576"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUNONCE", "value_name": "LLENES"}, {"hashes": ["dc896be13aed92322cd28ddacd63286ce933c335f3f2745d9ce53fee65298c4b"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\SCHEDULE\\TASKCACHE\\TASKS", "value_name": "DynamicInfo"}]}, "reports_count": 18}, "Win.Dropper.Ramnit-9987280-0": {"bis": [{"bi": "pe-encrypted-section", "hashes": ["2e0fc89b9e4676bf7966ed1485581ca395d01bea1ea89df0c0529f5281bc73b0", "e32b75754d202bb7c92bc52cbbba3ec65a712450eb42c25e92515111c825c18a", "2cf0e11b4d3ed524a99a327e52a246b73d5d91ff938bcbe58d31d4511d2b910f", "59040541282c5325a0a35f19ef601f3c1eb8ba444c084d8c4980e0272f26411c", "3c6b98c113741da5f2ac7896a314b8800bf60d90ab6e2ef7acb7380460d51f16", "906f24487e4f9a5db9372e91cab6197f74bb98f15aa4ffc97d6432d993af817d", "8787f5e369fa69155d22a1f0bcaaef6e65cec46e410f8e2c4b4cba04a5d3dbdf", "7b20b62a3d60a2505f6581b52f7d9b785e995dbf7f47f6286695d3b13ddbc727", "08eb344569251e4fc99c3de92a7bf8d8ac36a1c6aa410273dd1e063ededb4a42", "ee87b76910174892715ba17e2ab18784fc81e8ea0f003248369e8fb8c8a3d628", "02bd161beee232d6ecf9c7a8a0fe80c2545227451547459f4612c5da81ba5b5b", "3e71f6d4e7142c28ee7fcc14925293f0c4608b0e0ae3a8e025faff261b4263b1", "1b6e4c705bd5306e35649e5ee0812c80a0cdfa60b045454f488dd7ef8f55d473", "cbe6a1aa3eceafa8531d38499f3a24c4c727b032af7051109d439ec515d7edff", "6a609b2e0a47e4de97677965ea36b42fa35b1fb78cddb3db64921fe77419dcc7", "bb0a356d6e48c62138b28d5ff273cd847c46001a62af08a766f488cb1933eed2", "37e19470f3e2161ae58a9bda0a9fdce6e7ba726ee13027d5a50f7bcd1b891818", "a2ac76c4e7fc5312f3553b1ac36f8eed8485b35add8d4941e86caa05581ee94b", "a3a36f24fbd52508e76892c042ab819a817e95ee9ded2e3597b5e9c539aa8c45", "2ba72a8de72521e03d24fd9c062d7c1d11e347198f09fbfc9726f78739a50baf", "abc342fd840ed1751d8428d78e092789cc9a9ae06e3f1540ff08b2cfc80a71e1", "8ca3cf28225f57830a300456ee5b931becc4ebe26eb9b21c7bc97541579e0584", "ea3caafe6eb473b167ebbe87fce2570540b122f51481d4788082cbff1abe1487", "4a040cac7eb8d50b0ee74a8a9719672011436a75d015e8659b7fcd3eba712f79", "ace0558cc717628863817fd070f2e3754f15694ae05f600861daa365bad93781", "54d0ee19b0725bf78372c3fc84776b1a81324ff4c8a0be7d816eebdbbf0af18c", "3642e57a9da01bd7b6b5d9a1054c21fbbc73656e7253f0b7434fc952c9761b6d", "e403c9c9a0d416eae05dcd022a9b54fdaa27604669d7fcae343d3c77b1001a73", "a81df49be52a7d9b6e990c82171df3b93a702f821605b93ab4453b8a775db80d", "511c72e9ed64927018d094d9df2901a5d9b3a01963f1d38415c7360caa92da78", "d0e6a6a105e90cc08e635fcf6cdf0961f0a05c1552c65b2ce3ba494fc2a1c871", "380bf2a2bac7a49b9dfaa3dae8b56397672108ab24f41dfb3d670ffb28f6a825", "b7581157aa029b748559f4b9052d2aba833792a99fc0240bcab7586759140be3", "dd61eab422089382aac1e16e47e25f49990086c95bb7d8b3eef8275f005612fa", "b897378d3ae7794fa32aa16eedc828e7c80b7f2517ecd7f3a7dbe6e5f0132c3d", "e1e7bcb3a0b05d4793bd9876ddc0079ed72a86777a7d1d49777bcaff0d416baf", "b9b9926458b52e38c5dae8489ef62a21dab36bca4e95c74dde7add49b91c8b0c", "0d62d5ab9c799ad6d0121505f965400007cecc4f2b7fd5f907e69bb96e1f83c4", "9176bd87a4af64bba79e23b110420a6756cdcc0cec01632dfc9a0c67d9b99de2", "c6afe03c0edb82874b4d1bcdf0354f1ed3ed2941cc1fc0adc5636b2492029f1a", "efbf347aa6fcd7df3a7537ed8bcb672439e69dc5d0c27a76dfdfe5706198fd09", "7081564c824770ff62a6d7712d558cf94a5afb3c88652284ae8484b38e797d80", "4f2f1363b34e00914235dbec86ab50cf08e6dc1657c16b4d3249c6fb57f4fb94", "8461890eba27128485afd38c2c735bb66a56cbfc85b801f673cd56911b894995", "60683e63a880b6c14843690a5b7ca011db647d468a5966f7076dd3f23bebbc27", "c599f7713c49a202111f30dba0185b72d251e91a9b182f17d07c4badf0e99672", "3a5f79652f87ccb4c9798113f7a919f9f88cf4221de4486d249a24eac1e846fc", "86a157fefa7022630be7aa6e305243e349ad54e37abcbf406f9f966af659e108", "096d82b60d52de1e7ec7e85c234db5bf8140730051127e87b5e8957c332b19f2", "0fdb520255fdc09c07c596f670e077e7e974af4e9b2df6fa254ef034631d950c", "e0e4ff87d4507282bf4a60921c0cecb881f113d3df330e6d129cc80a84d85f19", "69771ec35f954d09b78b55b6e3d6b240ebf7738ee682997f3fd3c6b750fec5e3", "d118a88b1ecd7dfbb01afbaea6122eec93d227f500d030a50e0a60e2e0b6c728", "c1b429f0de9ebdf1ff28a8f62f364afe420c1c9c3ccf64c72a26364e7d338822", "0368afd2468ede3c2a87c5988d8d880017b66907890d36285d4e878585ff1ff5", "7fd7642348a4caa03a387b3caecd11c4c2a585b57a6a75a748671426685cdcec", "48cec8cd4596904505d23f49a9da1486332f3c896c2723d196c2cdec617e12a1", "2d3ce270807d037b5cdc8ec95351c82ad17e03508ef554cdb9b4b419d0084e26", "10bbc14c15b368e4a48aba3cf2e6e0192e73e3e190c1952df5d6a13f57295d9e", "b8cfdd16f5bc4d13a805fe0fbc11fc0e569cd7e5d9b84255739baaceb3c3fe5a", "7d913f06c252acee7495e34f57c13938adc5c6a93386baaabd6fc758a1cd90de", "3b69ea5e38470aa747535697b40dc6f5a2924ce2c44ff8b809459bdbd41edf7d", "0e8673929faeaed582fbb578afa829f9363e7e297e2fea9addbe5a679ae5c038", "2107ea6810560dcedfc5a4ed35a11caa5619cba7cde29557642482b83dccdf27", "dcce500c1986e36a5a9442857dc606c11745214aa3dcddd01365b025fc2f2559", "418458f7a25840f6c8b8a9982dec09d02e297b93aeb73e2e87ce30eaf171622a", "d94660a0e74d31307af0054b78167923aeda8aac641a1b6b196b9950abea4899", "2a6578cf548414e7f684ddb608b09d0584c6ee755e16bec78624368d2463b508", "041401ea1601b14048afc6b726d4b417ca8aa1a6358e51744ee4a123ba636f87", "efb2b92a9ad40fb2d039fed04162ec421d3fd4bcd86adedbcb52d03ed5b742c1", "d1aa8f9c83cb795f77652001b3eb8fbb3bd6d03c387c053c6dad31143b145092", "57fe3c34a73768fce9e42473532850c03b47eddcdf878a3afb14318aaacd6b0c", "b32f2fdc3526f6326ae7ffc3848166ae3315e1fce6158ee6070cf5f9afc05152", "14a3bcfe545de508cb00e55ed07bf88577f1f705ca6cdd15b733235f1d384729", "ccf4d5167a10a49756ab0cf8a204b5d1a06356b5e9bdbee58f4eda966ec551a8"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "memory-execute-readwrite", "hashes": ["2e0fc89b9e4676bf7966ed1485581ca395d01bea1ea89df0c0529f5281bc73b0", "e32b75754d202bb7c92bc52cbbba3ec65a712450eb42c25e92515111c825c18a", "2cf0e11b4d3ed524a99a327e52a246b73d5d91ff938bcbe58d31d4511d2b910f", "59040541282c5325a0a35f19ef601f3c1eb8ba444c084d8c4980e0272f26411c", "3c6b98c113741da5f2ac7896a314b8800bf60d90ab6e2ef7acb7380460d51f16", "906f24487e4f9a5db9372e91cab6197f74bb98f15aa4ffc97d6432d993af817d", "8787f5e369fa69155d22a1f0bcaaef6e65cec46e410f8e2c4b4cba04a5d3dbdf", "7b20b62a3d60a2505f6581b52f7d9b785e995dbf7f47f6286695d3b13ddbc727", "08eb344569251e4fc99c3de92a7bf8d8ac36a1c6aa410273dd1e063ededb4a42", "ee87b76910174892715ba17e2ab18784fc81e8ea0f003248369e8fb8c8a3d628", "02bd161beee232d6ecf9c7a8a0fe80c2545227451547459f4612c5da81ba5b5b", "3e71f6d4e7142c28ee7fcc14925293f0c4608b0e0ae3a8e025faff261b4263b1", "1b6e4c705bd5306e35649e5ee0812c80a0cdfa60b045454f488dd7ef8f55d473", "cbe6a1aa3eceafa8531d38499f3a24c4c727b032af7051109d439ec515d7edff", "6a609b2e0a47e4de97677965ea36b42fa35b1fb78cddb3db64921fe77419dcc7", "bb0a356d6e48c62138b28d5ff273cd847c46001a62af08a766f488cb1933eed2", "37e19470f3e2161ae58a9bda0a9fdce6e7ba726ee13027d5a50f7bcd1b891818", "a2ac76c4e7fc5312f3553b1ac36f8eed8485b35add8d4941e86caa05581ee94b", "a3a36f24fbd52508e76892c042ab819a817e95ee9ded2e3597b5e9c539aa8c45", "2ba72a8de72521e03d24fd9c062d7c1d11e347198f09fbfc9726f78739a50baf", "abc342fd840ed1751d8428d78e092789cc9a9ae06e3f1540ff08b2cfc80a71e1", "8ca3cf28225f57830a300456ee5b931becc4ebe26eb9b21c7bc97541579e0584", "ea3caafe6eb473b167ebbe87fce2570540b122f51481d4788082cbff1abe1487", "4a040cac7eb8d50b0ee74a8a9719672011436a75d015e8659b7fcd3eba712f79", "ace0558cc717628863817fd070f2e3754f15694ae05f600861daa365bad93781", "54d0ee19b0725bf78372c3fc84776b1a81324ff4c8a0be7d816eebdbbf0af18c", "3642e57a9da01bd7b6b5d9a1054c21fbbc73656e7253f0b7434fc952c9761b6d", "e403c9c9a0d416eae05dcd022a9b54fdaa27604669d7fcae343d3c77b1001a73", "a81df49be52a7d9b6e990c82171df3b93a702f821605b93ab4453b8a775db80d", "511c72e9ed64927018d094d9df2901a5d9b3a01963f1d38415c7360caa92da78", "d0e6a6a105e90cc08e635fcf6cdf0961f0a05c1552c65b2ce3ba494fc2a1c871", "380bf2a2bac7a49b9dfaa3dae8b56397672108ab24f41dfb3d670ffb28f6a825", "b7581157aa029b748559f4b9052d2aba833792a99fc0240bcab7586759140be3", "dd61eab422089382aac1e16e47e25f49990086c95bb7d8b3eef8275f005612fa", "b897378d3ae7794fa32aa16eedc828e7c80b7f2517ecd7f3a7dbe6e5f0132c3d", "e1e7bcb3a0b05d4793bd9876ddc0079ed72a86777a7d1d49777bcaff0d416baf", "b9b9926458b52e38c5dae8489ef62a21dab36bca4e95c74dde7add49b91c8b0c", "0d62d5ab9c799ad6d0121505f965400007cecc4f2b7fd5f907e69bb96e1f83c4", "9176bd87a4af64bba79e23b110420a6756cdcc0cec01632dfc9a0c67d9b99de2", "c6afe03c0edb82874b4d1bcdf0354f1ed3ed2941cc1fc0adc5636b2492029f1a", "efbf347aa6fcd7df3a7537ed8bcb672439e69dc5d0c27a76dfdfe5706198fd09", "7081564c824770ff62a6d7712d558cf94a5afb3c88652284ae8484b38e797d80", "4f2f1363b34e00914235dbec86ab50cf08e6dc1657c16b4d3249c6fb57f4fb94", "8461890eba27128485afd38c2c735bb66a56cbfc85b801f673cd56911b894995", "60683e63a880b6c14843690a5b7ca011db647d468a5966f7076dd3f23bebbc27", "c599f7713c49a202111f30dba0185b72d251e91a9b182f17d07c4badf0e99672", "3a5f79652f87ccb4c9798113f7a919f9f88cf4221de4486d249a24eac1e846fc", "86a157fefa7022630be7aa6e305243e349ad54e37abcbf406f9f966af659e108", "096d82b60d52de1e7ec7e85c234db5bf8140730051127e87b5e8957c332b19f2", "0fdb520255fdc09c07c596f670e077e7e974af4e9b2df6fa254ef034631d950c", "e0e4ff87d4507282bf4a60921c0cecb881f113d3df330e6d129cc80a84d85f19", "69771ec35f954d09b78b55b6e3d6b240ebf7738ee682997f3fd3c6b750fec5e3", "d118a88b1ecd7dfbb01afbaea6122eec93d227f500d030a50e0a60e2e0b6c728", "c1b429f0de9ebdf1ff28a8f62f364afe420c1c9c3ccf64c72a26364e7d338822", "0368afd2468ede3c2a87c5988d8d880017b66907890d36285d4e878585ff1ff5", "7fd7642348a4caa03a387b3caecd11c4c2a585b57a6a75a748671426685cdcec", "48cec8cd4596904505d23f49a9da1486332f3c896c2723d196c2cdec617e12a1", "2d3ce270807d037b5cdc8ec95351c82ad17e03508ef554cdb9b4b419d0084e26", "10bbc14c15b368e4a48aba3cf2e6e0192e73e3e190c1952df5d6a13f57295d9e", "b8cfdd16f5bc4d13a805fe0fbc11fc0e569cd7e5d9b84255739baaceb3c3fe5a", "7d913f06c252acee7495e34f57c13938adc5c6a93386baaabd6fc758a1cd90de", "3b69ea5e38470aa747535697b40dc6f5a2924ce2c44ff8b809459bdbd41edf7d", "0e8673929faeaed582fbb578afa829f9363e7e297e2fea9addbe5a679ae5c038", "2107ea6810560dcedfc5a4ed35a11caa5619cba7cde29557642482b83dccdf27", "dcce500c1986e36a5a9442857dc606c11745214aa3dcddd01365b025fc2f2559", "418458f7a25840f6c8b8a9982dec09d02e297b93aeb73e2e87ce30eaf171622a", "d94660a0e74d31307af0054b78167923aeda8aac641a1b6b196b9950abea4899", "2a6578cf548414e7f684ddb608b09d0584c6ee755e16bec78624368d2463b508", "041401ea1601b14048afc6b726d4b417ca8aa1a6358e51744ee4a123ba636f87", "efb2b92a9ad40fb2d039fed04162ec421d3fd4bcd86adedbcb52d03ed5b742c1", "d1aa8f9c83cb795f77652001b3eb8fbb3bd6d03c387c053c6dad31143b145092", "57fe3c34a73768fce9e42473532850c03b47eddcdf878a3afb14318aaacd6b0c", "b32f2fdc3526f6326ae7ffc3848166ae3315e1fce6158ee6070cf5f9afc05152", "14a3bcfe545de508cb00e55ed07bf88577f1f705ca6cdd15b733235f1d384729", "ccf4d5167a10a49756ab0cf8a204b5d1a06356b5e9bdbee58f4eda966ec551a8"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "pe-invalid-checksum", "hashes": ["2e0fc89b9e4676bf7966ed1485581ca395d01bea1ea89df0c0529f5281bc73b0", "e32b75754d202bb7c92bc52cbbba3ec65a712450eb42c25e92515111c825c18a", "2cf0e11b4d3ed524a99a327e52a246b73d5d91ff938bcbe58d31d4511d2b910f", "59040541282c5325a0a35f19ef601f3c1eb8ba444c084d8c4980e0272f26411c", "3c6b98c113741da5f2ac7896a314b8800bf60d90ab6e2ef7acb7380460d51f16", "906f24487e4f9a5db9372e91cab6197f74bb98f15aa4ffc97d6432d993af817d", "8787f5e369fa69155d22a1f0bcaaef6e65cec46e410f8e2c4b4cba04a5d3dbdf", "7b20b62a3d60a2505f6581b52f7d9b785e995dbf7f47f6286695d3b13ddbc727", "08eb344569251e4fc99c3de92a7bf8d8ac36a1c6aa410273dd1e063ededb4a42", "ee87b76910174892715ba17e2ab18784fc81e8ea0f003248369e8fb8c8a3d628", "02bd161beee232d6ecf9c7a8a0fe80c2545227451547459f4612c5da81ba5b5b", "3e71f6d4e7142c28ee7fcc14925293f0c4608b0e0ae3a8e025faff261b4263b1", "1b6e4c705bd5306e35649e5ee0812c80a0cdfa60b045454f488dd7ef8f55d473", "cbe6a1aa3eceafa8531d38499f3a24c4c727b032af7051109d439ec515d7edff", "6a609b2e0a47e4de97677965ea36b42fa35b1fb78cddb3db64921fe77419dcc7", "bb0a356d6e48c62138b28d5ff273cd847c46001a62af08a766f488cb1933eed2", "37e19470f3e2161ae58a9bda0a9fdce6e7ba726ee13027d5a50f7bcd1b891818", "a2ac76c4e7fc5312f3553b1ac36f8eed8485b35add8d4941e86caa05581ee94b", "a3a36f24fbd52508e76892c042ab819a817e95ee9ded2e3597b5e9c539aa8c45", "2ba72a8de72521e03d24fd9c062d7c1d11e347198f09fbfc9726f78739a50baf", "abc342fd840ed1751d8428d78e092789cc9a9ae06e3f1540ff08b2cfc80a71e1", "8ca3cf28225f57830a300456ee5b931becc4ebe26eb9b21c7bc97541579e0584", "ea3caafe6eb473b167ebbe87fce2570540b122f51481d4788082cbff1abe1487", "4a040cac7eb8d50b0ee74a8a9719672011436a75d015e8659b7fcd3eba712f79", "ace0558cc717628863817fd070f2e3754f15694ae05f600861daa365bad93781", "54d0ee19b0725bf78372c3fc84776b1a81324ff4c8a0be7d816eebdbbf0af18c", "3642e57a9da01bd7b6b5d9a1054c21fbbc73656e7253f0b7434fc952c9761b6d", "e403c9c9a0d416eae05dcd022a9b54fdaa27604669d7fcae343d3c77b1001a73", "a81df49be52a7d9b6e990c82171df3b93a702f821605b93ab4453b8a775db80d", "511c72e9ed64927018d094d9df2901a5d9b3a01963f1d38415c7360caa92da78", "d0e6a6a105e90cc08e635fcf6cdf0961f0a05c1552c65b2ce3ba494fc2a1c871", "380bf2a2bac7a49b9dfaa3dae8b56397672108ab24f41dfb3d670ffb28f6a825", "b7581157aa029b748559f4b9052d2aba833792a99fc0240bcab7586759140be3", "dd61eab422089382aac1e16e47e25f49990086c95bb7d8b3eef8275f005612fa", "b897378d3ae7794fa32aa16eedc828e7c80b7f2517ecd7f3a7dbe6e5f0132c3d", "e1e7bcb3a0b05d4793bd9876ddc0079ed72a86777a7d1d49777bcaff0d416baf", "b9b9926458b52e38c5dae8489ef62a21dab36bca4e95c74dde7add49b91c8b0c", "0d62d5ab9c799ad6d0121505f965400007cecc4f2b7fd5f907e69bb96e1f83c4", "9176bd87a4af64bba79e23b110420a6756cdcc0cec01632dfc9a0c67d9b99de2", "c6afe03c0edb82874b4d1bcdf0354f1ed3ed2941cc1fc0adc5636b2492029f1a", "efbf347aa6fcd7df3a7537ed8bcb672439e69dc5d0c27a76dfdfe5706198fd09", "7081564c824770ff62a6d7712d558cf94a5afb3c88652284ae8484b38e797d80", "4f2f1363b34e00914235dbec86ab50cf08e6dc1657c16b4d3249c6fb57f4fb94", "8461890eba27128485afd38c2c735bb66a56cbfc85b801f673cd56911b894995", "60683e63a880b6c14843690a5b7ca011db647d468a5966f7076dd3f23bebbc27", "c599f7713c49a202111f30dba0185b72d251e91a9b182f17d07c4badf0e99672", "3a5f79652f87ccb4c9798113f7a919f9f88cf4221de4486d249a24eac1e846fc", "86a157fefa7022630be7aa6e305243e349ad54e37abcbf406f9f966af659e108", "096d82b60d52de1e7ec7e85c234db5bf8140730051127e87b5e8957c332b19f2", "0fdb520255fdc09c07c596f670e077e7e974af4e9b2df6fa254ef034631d950c", "e0e4ff87d4507282bf4a60921c0cecb881f113d3df330e6d129cc80a84d85f19", "69771ec35f954d09b78b55b6e3d6b240ebf7738ee682997f3fd3c6b750fec5e3", "d118a88b1ecd7dfbb01afbaea6122eec93d227f500d030a50e0a60e2e0b6c728", "c1b429f0de9ebdf1ff28a8f62f364afe420c1c9c3ccf64c72a26364e7d338822", "0368afd2468ede3c2a87c5988d8d880017b66907890d36285d4e878585ff1ff5", "7fd7642348a4caa03a387b3caecd11c4c2a585b57a6a75a748671426685cdcec", "48cec8cd4596904505d23f49a9da1486332f3c896c2723d196c2cdec617e12a1", "2d3ce270807d037b5cdc8ec95351c82ad17e03508ef554cdb9b4b419d0084e26", "10bbc14c15b368e4a48aba3cf2e6e0192e73e3e190c1952df5d6a13f57295d9e", "b8cfdd16f5bc4d13a805fe0fbc11fc0e569cd7e5d9b84255739baaceb3c3fe5a", "7d913f06c252acee7495e34f57c13938adc5c6a93386baaabd6fc758a1cd90de", "3b69ea5e38470aa747535697b40dc6f5a2924ce2c44ff8b809459bdbd41edf7d", "0e8673929faeaed582fbb578afa829f9363e7e297e2fea9addbe5a679ae5c038", "2107ea6810560dcedfc5a4ed35a11caa5619cba7cde29557642482b83dccdf27", "dcce500c1986e36a5a9442857dc606c11745214aa3dcddd01365b025fc2f2559", "418458f7a25840f6c8b8a9982dec09d02e297b93aeb73e2e87ce30eaf171622a", "d94660a0e74d31307af0054b78167923aeda8aac641a1b6b196b9950abea4899", "2a6578cf548414e7f684ddb608b09d0584c6ee755e16bec78624368d2463b508", "041401ea1601b14048afc6b726d4b417ca8aa1a6358e51744ee4a123ba636f87", "efb2b92a9ad40fb2d039fed04162ec421d3fd4bcd86adedbcb52d03ed5b742c1", "d1aa8f9c83cb795f77652001b3eb8fbb3bd6d03c387c053c6dad31143b145092", "57fe3c34a73768fce9e42473532850c03b47eddcdf878a3afb14318aaacd6b0c", "b32f2fdc3526f6326ae7ffc3848166ae3315e1fce6158ee6070cf5f9afc05152", "14a3bcfe545de508cb00e55ed07bf88577f1f705ca6cdd15b733235f1d384729", "ccf4d5167a10a49756ab0cf8a204b5d1a06356b5e9bdbee58f4eda966ec551a8"], "mitre_attack_tags": []}, {"bi": "pe-section-execute-writable", "hashes": ["2e0fc89b9e4676bf7966ed1485581ca395d01bea1ea89df0c0529f5281bc73b0", "e32b75754d202bb7c92bc52cbbba3ec65a712450eb42c25e92515111c825c18a", "2cf0e11b4d3ed524a99a327e52a246b73d5d91ff938bcbe58d31d4511d2b910f", "59040541282c5325a0a35f19ef601f3c1eb8ba444c084d8c4980e0272f26411c", "3c6b98c113741da5f2ac7896a314b8800bf60d90ab6e2ef7acb7380460d51f16", "906f24487e4f9a5db9372e91cab6197f74bb98f15aa4ffc97d6432d993af817d", "8787f5e369fa69155d22a1f0bcaaef6e65cec46e410f8e2c4b4cba04a5d3dbdf", "7b20b62a3d60a2505f6581b52f7d9b785e995dbf7f47f6286695d3b13ddbc727", "08eb344569251e4fc99c3de92a7bf8d8ac36a1c6aa410273dd1e063ededb4a42", "ee87b76910174892715ba17e2ab18784fc81e8ea0f003248369e8fb8c8a3d628", "02bd161beee232d6ecf9c7a8a0fe80c2545227451547459f4612c5da81ba5b5b", "3e71f6d4e7142c28ee7fcc14925293f0c4608b0e0ae3a8e025faff261b4263b1", "1b6e4c705bd5306e35649e5ee0812c80a0cdfa60b045454f488dd7ef8f55d473", "cbe6a1aa3eceafa8531d38499f3a24c4c727b032af7051109d439ec515d7edff", "6a609b2e0a47e4de97677965ea36b42fa35b1fb78cddb3db64921fe77419dcc7", "bb0a356d6e48c62138b28d5ff273cd847c46001a62af08a766f488cb1933eed2", "37e19470f3e2161ae58a9bda0a9fdce6e7ba726ee13027d5a50f7bcd1b891818", "a2ac76c4e7fc5312f3553b1ac36f8eed8485b35add8d4941e86caa05581ee94b", "a3a36f24fbd52508e76892c042ab819a817e95ee9ded2e3597b5e9c539aa8c45", "2ba72a8de72521e03d24fd9c062d7c1d11e347198f09fbfc9726f78739a50baf", "abc342fd840ed1751d8428d78e092789cc9a9ae06e3f1540ff08b2cfc80a71e1", "8ca3cf28225f57830a300456ee5b931becc4ebe26eb9b21c7bc97541579e0584", "ea3caafe6eb473b167ebbe87fce2570540b122f51481d4788082cbff1abe1487", "4a040cac7eb8d50b0ee74a8a9719672011436a75d015e8659b7fcd3eba712f79", "ace0558cc717628863817fd070f2e3754f15694ae05f600861daa365bad93781", "54d0ee19b0725bf78372c3fc84776b1a81324ff4c8a0be7d816eebdbbf0af18c", "3642e57a9da01bd7b6b5d9a1054c21fbbc73656e7253f0b7434fc952c9761b6d", "e403c9c9a0d416eae05dcd022a9b54fdaa27604669d7fcae343d3c77b1001a73", "a81df49be52a7d9b6e990c82171df3b93a702f821605b93ab4453b8a775db80d", "511c72e9ed64927018d094d9df2901a5d9b3a01963f1d38415c7360caa92da78", "d0e6a6a105e90cc08e635fcf6cdf0961f0a05c1552c65b2ce3ba494fc2a1c871", "380bf2a2bac7a49b9dfaa3dae8b56397672108ab24f41dfb3d670ffb28f6a825", "b7581157aa029b748559f4b9052d2aba833792a99fc0240bcab7586759140be3", "dd61eab422089382aac1e16e47e25f49990086c95bb7d8b3eef8275f005612fa", "b897378d3ae7794fa32aa16eedc828e7c80b7f2517ecd7f3a7dbe6e5f0132c3d", "e1e7bcb3a0b05d4793bd9876ddc0079ed72a86777a7d1d49777bcaff0d416baf", "b9b9926458b52e38c5dae8489ef62a21dab36bca4e95c74dde7add49b91c8b0c", "0d62d5ab9c799ad6d0121505f965400007cecc4f2b7fd5f907e69bb96e1f83c4", "9176bd87a4af64bba79e23b110420a6756cdcc0cec01632dfc9a0c67d9b99de2", "c6afe03c0edb82874b4d1bcdf0354f1ed3ed2941cc1fc0adc5636b2492029f1a", "efbf347aa6fcd7df3a7537ed8bcb672439e69dc5d0c27a76dfdfe5706198fd09", "7081564c824770ff62a6d7712d558cf94a5afb3c88652284ae8484b38e797d80", "4f2f1363b34e00914235dbec86ab50cf08e6dc1657c16b4d3249c6fb57f4fb94", "8461890eba27128485afd38c2c735bb66a56cbfc85b801f673cd56911b894995", "60683e63a880b6c14843690a5b7ca011db647d468a5966f7076dd3f23bebbc27", "c599f7713c49a202111f30dba0185b72d251e91a9b182f17d07c4badf0e99672", "3a5f79652f87ccb4c9798113f7a919f9f88cf4221de4486d249a24eac1e846fc", "86a157fefa7022630be7aa6e305243e349ad54e37abcbf406f9f966af659e108", "096d82b60d52de1e7ec7e85c234db5bf8140730051127e87b5e8957c332b19f2", "0fdb520255fdc09c07c596f670e077e7e974af4e9b2df6fa254ef034631d950c", "e0e4ff87d4507282bf4a60921c0cecb881f113d3df330e6d129cc80a84d85f19", "69771ec35f954d09b78b55b6e3d6b240ebf7738ee682997f3fd3c6b750fec5e3", "d118a88b1ecd7dfbb01afbaea6122eec93d227f500d030a50e0a60e2e0b6c728", "c1b429f0de9ebdf1ff28a8f62f364afe420c1c9c3ccf64c72a26364e7d338822", "0368afd2468ede3c2a87c5988d8d880017b66907890d36285d4e878585ff1ff5", "7fd7642348a4caa03a387b3caecd11c4c2a585b57a6a75a748671426685cdcec", "48cec8cd4596904505d23f49a9da1486332f3c896c2723d196c2cdec617e12a1", "2d3ce270807d037b5cdc8ec95351c82ad17e03508ef554cdb9b4b419d0084e26", "10bbc14c15b368e4a48aba3cf2e6e0192e73e3e190c1952df5d6a13f57295d9e", "b8cfdd16f5bc4d13a805fe0fbc11fc0e569cd7e5d9b84255739baaceb3c3fe5a", "7d913f06c252acee7495e34f57c13938adc5c6a93386baaabd6fc758a1cd90de", "3b69ea5e38470aa747535697b40dc6f5a2924ce2c44ff8b809459bdbd41edf7d", "0e8673929faeaed582fbb578afa829f9363e7e297e2fea9addbe5a679ae5c038", "2107ea6810560dcedfc5a4ed35a11caa5619cba7cde29557642482b83dccdf27", "dcce500c1986e36a5a9442857dc606c11745214aa3dcddd01365b025fc2f2559", "418458f7a25840f6c8b8a9982dec09d02e297b93aeb73e2e87ce30eaf171622a", "d94660a0e74d31307af0054b78167923aeda8aac641a1b6b196b9950abea4899", "2a6578cf548414e7f684ddb608b09d0584c6ee755e16bec78624368d2463b508", "041401ea1601b14048afc6b726d4b417ca8aa1a6358e51744ee4a123ba636f87", "efb2b92a9ad40fb2d039fed04162ec421d3fd4bcd86adedbcb52d03ed5b742c1", "d1aa8f9c83cb795f77652001b3eb8fbb3bd6d03c387c053c6dad31143b145092", "57fe3c34a73768fce9e42473532850c03b47eddcdf878a3afb14318aaacd6b0c", "b32f2fdc3526f6326ae7ffc3848166ae3315e1fce6158ee6070cf5f9afc05152", "14a3bcfe545de508cb00e55ed07bf88577f1f705ca6cdd15b733235f1d384729", "ccf4d5167a10a49756ab0cf8a204b5d1a06356b5e9bdbee58f4eda966ec551a8"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "pe-certificate", "hashes": ["2e0fc89b9e4676bf7966ed1485581ca395d01bea1ea89df0c0529f5281bc73b0", "e32b75754d202bb7c92bc52cbbba3ec65a712450eb42c25e92515111c825c18a", "2cf0e11b4d3ed524a99a327e52a246b73d5d91ff938bcbe58d31d4511d2b910f", "59040541282c5325a0a35f19ef601f3c1eb8ba444c084d8c4980e0272f26411c", "3c6b98c113741da5f2ac7896a314b8800bf60d90ab6e2ef7acb7380460d51f16", "906f24487e4f9a5db9372e91cab6197f74bb98f15aa4ffc97d6432d993af817d", "8787f5e369fa69155d22a1f0bcaaef6e65cec46e410f8e2c4b4cba04a5d3dbdf", "7b20b62a3d60a2505f6581b52f7d9b785e995dbf7f47f6286695d3b13ddbc727", "08eb344569251e4fc99c3de92a7bf8d8ac36a1c6aa410273dd1e063ededb4a42", "ee87b76910174892715ba17e2ab18784fc81e8ea0f003248369e8fb8c8a3d628", "02bd161beee232d6ecf9c7a8a0fe80c2545227451547459f4612c5da81ba5b5b", "3e71f6d4e7142c28ee7fcc14925293f0c4608b0e0ae3a8e025faff261b4263b1", "1b6e4c705bd5306e35649e5ee0812c80a0cdfa60b045454f488dd7ef8f55d473", "cbe6a1aa3eceafa8531d38499f3a24c4c727b032af7051109d439ec515d7edff", "6a609b2e0a47e4de97677965ea36b42fa35b1fb78cddb3db64921fe77419dcc7", "bb0a356d6e48c62138b28d5ff273cd847c46001a62af08a766f488cb1933eed2", "37e19470f3e2161ae58a9bda0a9fdce6e7ba726ee13027d5a50f7bcd1b891818", "a2ac76c4e7fc5312f3553b1ac36f8eed8485b35add8d4941e86caa05581ee94b", "a3a36f24fbd52508e76892c042ab819a817e95ee9ded2e3597b5e9c539aa8c45", "2ba72a8de72521e03d24fd9c062d7c1d11e347198f09fbfc9726f78739a50baf", "abc342fd840ed1751d8428d78e092789cc9a9ae06e3f1540ff08b2cfc80a71e1", "8ca3cf28225f57830a300456ee5b931becc4ebe26eb9b21c7bc97541579e0584", "ea3caafe6eb473b167ebbe87fce2570540b122f51481d4788082cbff1abe1487", "4a040cac7eb8d50b0ee74a8a9719672011436a75d015e8659b7fcd3eba712f79", "ace0558cc717628863817fd070f2e3754f15694ae05f600861daa365bad93781", "54d0ee19b0725bf78372c3fc84776b1a81324ff4c8a0be7d816eebdbbf0af18c", "3642e57a9da01bd7b6b5d9a1054c21fbbc73656e7253f0b7434fc952c9761b6d", "e403c9c9a0d416eae05dcd022a9b54fdaa27604669d7fcae343d3c77b1001a73", "a81df49be52a7d9b6e990c82171df3b93a702f821605b93ab4453b8a775db80d", "511c72e9ed64927018d094d9df2901a5d9b3a01963f1d38415c7360caa92da78", "d0e6a6a105e90cc08e635fcf6cdf0961f0a05c1552c65b2ce3ba494fc2a1c871", "380bf2a2bac7a49b9dfaa3dae8b56397672108ab24f41dfb3d670ffb28f6a825", "b7581157aa029b748559f4b9052d2aba833792a99fc0240bcab7586759140be3", "dd61eab422089382aac1e16e47e25f49990086c95bb7d8b3eef8275f005612fa", "b897378d3ae7794fa32aa16eedc828e7c80b7f2517ecd7f3a7dbe6e5f0132c3d", "e1e7bcb3a0b05d4793bd9876ddc0079ed72a86777a7d1d49777bcaff0d416baf", "b9b9926458b52e38c5dae8489ef62a21dab36bca4e95c74dde7add49b91c8b0c", "0d62d5ab9c799ad6d0121505f965400007cecc4f2b7fd5f907e69bb96e1f83c4", "9176bd87a4af64bba79e23b110420a6756cdcc0cec01632dfc9a0c67d9b99de2", "c6afe03c0edb82874b4d1bcdf0354f1ed3ed2941cc1fc0adc5636b2492029f1a", "efbf347aa6fcd7df3a7537ed8bcb672439e69dc5d0c27a76dfdfe5706198fd09", "7081564c824770ff62a6d7712d558cf94a5afb3c88652284ae8484b38e797d80", "4f2f1363b34e00914235dbec86ab50cf08e6dc1657c16b4d3249c6fb57f4fb94", "8461890eba27128485afd38c2c735bb66a56cbfc85b801f673cd56911b894995", "60683e63a880b6c14843690a5b7ca011db647d468a5966f7076dd3f23bebbc27", "c599f7713c49a202111f30dba0185b72d251e91a9b182f17d07c4badf0e99672", "3a5f79652f87ccb4c9798113f7a919f9f88cf4221de4486d249a24eac1e846fc", "86a157fefa7022630be7aa6e305243e349ad54e37abcbf406f9f966af659e108", "096d82b60d52de1e7ec7e85c234db5bf8140730051127e87b5e8957c332b19f2", "0fdb520255fdc09c07c596f670e077e7e974af4e9b2df6fa254ef034631d950c", "e0e4ff87d4507282bf4a60921c0cecb881f113d3df330e6d129cc80a84d85f19", "69771ec35f954d09b78b55b6e3d6b240ebf7738ee682997f3fd3c6b750fec5e3", "d118a88b1ecd7dfbb01afbaea6122eec93d227f500d030a50e0a60e2e0b6c728", "c1b429f0de9ebdf1ff28a8f62f364afe420c1c9c3ccf64c72a26364e7d338822", "0368afd2468ede3c2a87c5988d8d880017b66907890d36285d4e878585ff1ff5", "7fd7642348a4caa03a387b3caecd11c4c2a585b57a6a75a748671426685cdcec", "48cec8cd4596904505d23f49a9da1486332f3c896c2723d196c2cdec617e12a1", "2d3ce270807d037b5cdc8ec95351c82ad17e03508ef554cdb9b4b419d0084e26", "10bbc14c15b368e4a48aba3cf2e6e0192e73e3e190c1952df5d6a13f57295d9e", "b8cfdd16f5bc4d13a805fe0fbc11fc0e569cd7e5d9b84255739baaceb3c3fe5a", "7d913f06c252acee7495e34f57c13938adc5c6a93386baaabd6fc758a1cd90de", "3b69ea5e38470aa747535697b40dc6f5a2924ce2c44ff8b809459bdbd41edf7d", "0e8673929faeaed582fbb578afa829f9363e7e297e2fea9addbe5a679ae5c038", "2107ea6810560dcedfc5a4ed35a11caa5619cba7cde29557642482b83dccdf27", "dcce500c1986e36a5a9442857dc606c11745214aa3dcddd01365b025fc2f2559", "418458f7a25840f6c8b8a9982dec09d02e297b93aeb73e2e87ce30eaf171622a", "d94660a0e74d31307af0054b78167923aeda8aac641a1b6b196b9950abea4899", "2a6578cf548414e7f684ddb608b09d0584c6ee755e16bec78624368d2463b508", "041401ea1601b14048afc6b726d4b417ca8aa1a6358e51744ee4a123ba636f87", "efb2b92a9ad40fb2d039fed04162ec421d3fd4bcd86adedbcb52d03ed5b742c1", "d1aa8f9c83cb795f77652001b3eb8fbb3bd6d03c387c053c6dad31143b145092", "57fe3c34a73768fce9e42473532850c03b47eddcdf878a3afb14318aaacd6b0c", "b32f2fdc3526f6326ae7ffc3848166ae3315e1fce6158ee6070cf5f9afc05152", "14a3bcfe545de508cb00e55ed07bf88577f1f705ca6cdd15b733235f1d384729", "ccf4d5167a10a49756ab0cf8a204b5d1a06356b5e9bdbee58f4eda966ec551a8"], "mitre_attack_tags": []}, {"bi": "pe-invalid-certificate-signature", "hashes": ["2e0fc89b9e4676bf7966ed1485581ca395d01bea1ea89df0c0529f5281bc73b0", "e32b75754d202bb7c92bc52cbbba3ec65a712450eb42c25e92515111c825c18a", "2cf0e11b4d3ed524a99a327e52a246b73d5d91ff938bcbe58d31d4511d2b910f", "59040541282c5325a0a35f19ef601f3c1eb8ba444c084d8c4980e0272f26411c", "3c6b98c113741da5f2ac7896a314b8800bf60d90ab6e2ef7acb7380460d51f16", "906f24487e4f9a5db9372e91cab6197f74bb98f15aa4ffc97d6432d993af817d", "8787f5e369fa69155d22a1f0bcaaef6e65cec46e410f8e2c4b4cba04a5d3dbdf", "7b20b62a3d60a2505f6581b52f7d9b785e995dbf7f47f6286695d3b13ddbc727", "08eb344569251e4fc99c3de92a7bf8d8ac36a1c6aa410273dd1e063ededb4a42", "ee87b76910174892715ba17e2ab18784fc81e8ea0f003248369e8fb8c8a3d628", "02bd161beee232d6ecf9c7a8a0fe80c2545227451547459f4612c5da81ba5b5b", "3e71f6d4e7142c28ee7fcc14925293f0c4608b0e0ae3a8e025faff261b4263b1", "1b6e4c705bd5306e35649e5ee0812c80a0cdfa60b045454f488dd7ef8f55d473", "cbe6a1aa3eceafa8531d38499f3a24c4c727b032af7051109d439ec515d7edff", "6a609b2e0a47e4de97677965ea36b42fa35b1fb78cddb3db64921fe77419dcc7", "bb0a356d6e48c62138b28d5ff273cd847c46001a62af08a766f488cb1933eed2", "37e19470f3e2161ae58a9bda0a9fdce6e7ba726ee13027d5a50f7bcd1b891818", "a2ac76c4e7fc5312f3553b1ac36f8eed8485b35add8d4941e86caa05581ee94b", "a3a36f24fbd52508e76892c042ab819a817e95ee9ded2e3597b5e9c539aa8c45", "2ba72a8de72521e03d24fd9c062d7c1d11e347198f09fbfc9726f78739a50baf", "abc342fd840ed1751d8428d78e092789cc9a9ae06e3f1540ff08b2cfc80a71e1", "8ca3cf28225f57830a300456ee5b931becc4ebe26eb9b21c7bc97541579e0584", "ea3caafe6eb473b167ebbe87fce2570540b122f51481d4788082cbff1abe1487", "4a040cac7eb8d50b0ee74a8a9719672011436a75d015e8659b7fcd3eba712f79", "ace0558cc717628863817fd070f2e3754f15694ae05f600861daa365bad93781", "54d0ee19b0725bf78372c3fc84776b1a81324ff4c8a0be7d816eebdbbf0af18c", "3642e57a9da01bd7b6b5d9a1054c21fbbc73656e7253f0b7434fc952c9761b6d", "e403c9c9a0d416eae05dcd022a9b54fdaa27604669d7fcae343d3c77b1001a73", "a81df49be52a7d9b6e990c82171df3b93a702f821605b93ab4453b8a775db80d", "511c72e9ed64927018d094d9df2901a5d9b3a01963f1d38415c7360caa92da78", "d0e6a6a105e90cc08e635fcf6cdf0961f0a05c1552c65b2ce3ba494fc2a1c871", "380bf2a2bac7a49b9dfaa3dae8b56397672108ab24f41dfb3d670ffb28f6a825", "b7581157aa029b748559f4b9052d2aba833792a99fc0240bcab7586759140be3", "dd61eab422089382aac1e16e47e25f49990086c95bb7d8b3eef8275f005612fa", "b897378d3ae7794fa32aa16eedc828e7c80b7f2517ecd7f3a7dbe6e5f0132c3d", "e1e7bcb3a0b05d4793bd9876ddc0079ed72a86777a7d1d49777bcaff0d416baf", "b9b9926458b52e38c5dae8489ef62a21dab36bca4e95c74dde7add49b91c8b0c", "0d62d5ab9c799ad6d0121505f965400007cecc4f2b7fd5f907e69bb96e1f83c4", "9176bd87a4af64bba79e23b110420a6756cdcc0cec01632dfc9a0c67d9b99de2", "c6afe03c0edb82874b4d1bcdf0354f1ed3ed2941cc1fc0adc5636b2492029f1a", "efbf347aa6fcd7df3a7537ed8bcb672439e69dc5d0c27a76dfdfe5706198fd09", "7081564c824770ff62a6d7712d558cf94a5afb3c88652284ae8484b38e797d80", "4f2f1363b34e00914235dbec86ab50cf08e6dc1657c16b4d3249c6fb57f4fb94", "8461890eba27128485afd38c2c735bb66a56cbfc85b801f673cd56911b894995", "60683e63a880b6c14843690a5b7ca011db647d468a5966f7076dd3f23bebbc27", "c599f7713c49a202111f30dba0185b72d251e91a9b182f17d07c4badf0e99672", "3a5f79652f87ccb4c9798113f7a919f9f88cf4221de4486d249a24eac1e846fc", "86a157fefa7022630be7aa6e305243e349ad54e37abcbf406f9f966af659e108", "096d82b60d52de1e7ec7e85c234db5bf8140730051127e87b5e8957c332b19f2", "0fdb520255fdc09c07c596f670e077e7e974af4e9b2df6fa254ef034631d950c", "e0e4ff87d4507282bf4a60921c0cecb881f113d3df330e6d129cc80a84d85f19", "69771ec35f954d09b78b55b6e3d6b240ebf7738ee682997f3fd3c6b750fec5e3", "d118a88b1ecd7dfbb01afbaea6122eec93d227f500d030a50e0a60e2e0b6c728", "c1b429f0de9ebdf1ff28a8f62f364afe420c1c9c3ccf64c72a26364e7d338822", "0368afd2468ede3c2a87c5988d8d880017b66907890d36285d4e878585ff1ff5", "7fd7642348a4caa03a387b3caecd11c4c2a585b57a6a75a748671426685cdcec", "48cec8cd4596904505d23f49a9da1486332f3c896c2723d196c2cdec617e12a1", "2d3ce270807d037b5cdc8ec95351c82ad17e03508ef554cdb9b4b419d0084e26", "10bbc14c15b368e4a48aba3cf2e6e0192e73e3e190c1952df5d6a13f57295d9e", "b8cfdd16f5bc4d13a805fe0fbc11fc0e569cd7e5d9b84255739baaceb3c3fe5a", "7d913f06c252acee7495e34f57c13938adc5c6a93386baaabd6fc758a1cd90de", "3b69ea5e38470aa747535697b40dc6f5a2924ce2c44ff8b809459bdbd41edf7d", "0e8673929faeaed582fbb578afa829f9363e7e297e2fea9addbe5a679ae5c038", "2107ea6810560dcedfc5a4ed35a11caa5619cba7cde29557642482b83dccdf27", "dcce500c1986e36a5a9442857dc606c11745214aa3dcddd01365b025fc2f2559", "418458f7a25840f6c8b8a9982dec09d02e297b93aeb73e2e87ce30eaf171622a", "d94660a0e74d31307af0054b78167923aeda8aac641a1b6b196b9950abea4899", "2a6578cf548414e7f684ddb608b09d0584c6ee755e16bec78624368d2463b508", "041401ea1601b14048afc6b726d4b417ca8aa1a6358e51744ee4a123ba636f87", "efb2b92a9ad40fb2d039fed04162ec421d3fd4bcd86adedbcb52d03ed5b742c1", "d1aa8f9c83cb795f77652001b3eb8fbb3bd6d03c387c053c6dad31143b145092", "57fe3c34a73768fce9e42473532850c03b47eddcdf878a3afb14318aaacd6b0c", "b32f2fdc3526f6326ae7ffc3848166ae3315e1fce6158ee6070cf5f9afc05152", "14a3bcfe545de508cb00e55ed07bf88577f1f705ca6cdd15b733235f1d384729", "ccf4d5167a10a49756ab0cf8a204b5d1a06356b5e9bdbee58f4eda966ec551a8"], "mitre_attack_tags": ["TA0005", "T1553"]}, {"bi": "process-requested-softice", "hashes": ["2e0fc89b9e4676bf7966ed1485581ca395d01bea1ea89df0c0529f5281bc73b0", "e32b75754d202bb7c92bc52cbbba3ec65a712450eb42c25e92515111c825c18a", "2cf0e11b4d3ed524a99a327e52a246b73d5d91ff938bcbe58d31d4511d2b910f", "59040541282c5325a0a35f19ef601f3c1eb8ba444c084d8c4980e0272f26411c", "3c6b98c113741da5f2ac7896a314b8800bf60d90ab6e2ef7acb7380460d51f16", "906f24487e4f9a5db9372e91cab6197f74bb98f15aa4ffc97d6432d993af817d", "8787f5e369fa69155d22a1f0bcaaef6e65cec46e410f8e2c4b4cba04a5d3dbdf", "7b20b62a3d60a2505f6581b52f7d9b785e995dbf7f47f6286695d3b13ddbc727", "08eb344569251e4fc99c3de92a7bf8d8ac36a1c6aa410273dd1e063ededb4a42", "ee87b76910174892715ba17e2ab18784fc81e8ea0f003248369e8fb8c8a3d628", "02bd161beee232d6ecf9c7a8a0fe80c2545227451547459f4612c5da81ba5b5b", "3e71f6d4e7142c28ee7fcc14925293f0c4608b0e0ae3a8e025faff261b4263b1", "1b6e4c705bd5306e35649e5ee0812c80a0cdfa60b045454f488dd7ef8f55d473", "cbe6a1aa3eceafa8531d38499f3a24c4c727b032af7051109d439ec515d7edff", "6a609b2e0a47e4de97677965ea36b42fa35b1fb78cddb3db64921fe77419dcc7", "bb0a356d6e48c62138b28d5ff273cd847c46001a62af08a766f488cb1933eed2", "37e19470f3e2161ae58a9bda0a9fdce6e7ba726ee13027d5a50f7bcd1b891818", "a2ac76c4e7fc5312f3553b1ac36f8eed8485b35add8d4941e86caa05581ee94b", "a3a36f24fbd52508e76892c042ab819a817e95ee9ded2e3597b5e9c539aa8c45", "2ba72a8de72521e03d24fd9c062d7c1d11e347198f09fbfc9726f78739a50baf", "abc342fd840ed1751d8428d78e092789cc9a9ae06e3f1540ff08b2cfc80a71e1", "8ca3cf28225f57830a300456ee5b931becc4ebe26eb9b21c7bc97541579e0584", "ea3caafe6eb473b167ebbe87fce2570540b122f51481d4788082cbff1abe1487", "4a040cac7eb8d50b0ee74a8a9719672011436a75d015e8659b7fcd3eba712f79", "ace0558cc717628863817fd070f2e3754f15694ae05f600861daa365bad93781", "54d0ee19b0725bf78372c3fc84776b1a81324ff4c8a0be7d816eebdbbf0af18c", "3642e57a9da01bd7b6b5d9a1054c21fbbc73656e7253f0b7434fc952c9761b6d", "e403c9c9a0d416eae05dcd022a9b54fdaa27604669d7fcae343d3c77b1001a73", "a81df49be52a7d9b6e990c82171df3b93a702f821605b93ab4453b8a775db80d", "511c72e9ed64927018d094d9df2901a5d9b3a01963f1d38415c7360caa92da78", "d0e6a6a105e90cc08e635fcf6cdf0961f0a05c1552c65b2ce3ba494fc2a1c871", "380bf2a2bac7a49b9dfaa3dae8b56397672108ab24f41dfb3d670ffb28f6a825", "b7581157aa029b748559f4b9052d2aba833792a99fc0240bcab7586759140be3", "dd61eab422089382aac1e16e47e25f49990086c95bb7d8b3eef8275f005612fa", "b897378d3ae7794fa32aa16eedc828e7c80b7f2517ecd7f3a7dbe6e5f0132c3d", "e1e7bcb3a0b05d4793bd9876ddc0079ed72a86777a7d1d49777bcaff0d416baf", "b9b9926458b52e38c5dae8489ef62a21dab36bca4e95c74dde7add49b91c8b0c", "0d62d5ab9c799ad6d0121505f965400007cecc4f2b7fd5f907e69bb96e1f83c4", "9176bd87a4af64bba79e23b110420a6756cdcc0cec01632dfc9a0c67d9b99de2", "c6afe03c0edb82874b4d1bcdf0354f1ed3ed2941cc1fc0adc5636b2492029f1a", "efbf347aa6fcd7df3a7537ed8bcb672439e69dc5d0c27a76dfdfe5706198fd09", "7081564c824770ff62a6d7712d558cf94a5afb3c88652284ae8484b38e797d80", "4f2f1363b34e00914235dbec86ab50cf08e6dc1657c16b4d3249c6fb57f4fb94", "8461890eba27128485afd38c2c735bb66a56cbfc85b801f673cd56911b894995", "60683e63a880b6c14843690a5b7ca011db647d468a5966f7076dd3f23bebbc27", "c599f7713c49a202111f30dba0185b72d251e91a9b182f17d07c4badf0e99672", "3a5f79652f87ccb4c9798113f7a919f9f88cf4221de4486d249a24eac1e846fc", "86a157fefa7022630be7aa6e305243e349ad54e37abcbf406f9f966af659e108", "096d82b60d52de1e7ec7e85c234db5bf8140730051127e87b5e8957c332b19f2", "0fdb520255fdc09c07c596f670e077e7e974af4e9b2df6fa254ef034631d950c", "e0e4ff87d4507282bf4a60921c0cecb881f113d3df330e6d129cc80a84d85f19", "69771ec35f954d09b78b55b6e3d6b240ebf7738ee682997f3fd3c6b750fec5e3", "d118a88b1ecd7dfbb01afbaea6122eec93d227f500d030a50e0a60e2e0b6c728", "c1b429f0de9ebdf1ff28a8f62f364afe420c1c9c3ccf64c72a26364e7d338822", "0368afd2468ede3c2a87c5988d8d880017b66907890d36285d4e878585ff1ff5", "7fd7642348a4caa03a387b3caecd11c4c2a585b57a6a75a748671426685cdcec", "48cec8cd4596904505d23f49a9da1486332f3c896c2723d196c2cdec617e12a1", "2d3ce270807d037b5cdc8ec95351c82ad17e03508ef554cdb9b4b419d0084e26", "10bbc14c15b368e4a48aba3cf2e6e0192e73e3e190c1952df5d6a13f57295d9e", "b8cfdd16f5bc4d13a805fe0fbc11fc0e569cd7e5d9b84255739baaceb3c3fe5a", "7d913f06c252acee7495e34f57c13938adc5c6a93386baaabd6fc758a1cd90de", "3b69ea5e38470aa747535697b40dc6f5a2924ce2c44ff8b809459bdbd41edf7d", "0e8673929faeaed582fbb578afa829f9363e7e297e2fea9addbe5a679ae5c038", "2107ea6810560dcedfc5a4ed35a11caa5619cba7cde29557642482b83dccdf27", "dcce500c1986e36a5a9442857dc606c11745214aa3dcddd01365b025fc2f2559", "418458f7a25840f6c8b8a9982dec09d02e297b93aeb73e2e87ce30eaf171622a", "d94660a0e74d31307af0054b78167923aeda8aac641a1b6b196b9950abea4899", "2a6578cf548414e7f684ddb608b09d0584c6ee755e16bec78624368d2463b508", "041401ea1601b14048afc6b726d4b417ca8aa1a6358e51744ee4a123ba636f87", "efb2b92a9ad40fb2d039fed04162ec421d3fd4bcd86adedbcb52d03ed5b742c1", "d1aa8f9c83cb795f77652001b3eb8fbb3bd6d03c387c053c6dad31143b145092", "57fe3c34a73768fce9e42473532850c03b47eddcdf878a3afb14318aaacd6b0c", "b32f2fdc3526f6326ae7ffc3848166ae3315e1fce6158ee6070cf5f9afc05152", "14a3bcfe545de508cb00e55ed07bf88577f1f705ca6cdd15b733235f1d384729", "ccf4d5167a10a49756ab0cf8a204b5d1a06356b5e9bdbee58f4eda966ec551a8"], "mitre_attack_tags": ["TA0005", "TA0007", "T1497"]}, {"bi": "pe-section-name-contains-whitespace", "hashes": ["2e0fc89b9e4676bf7966ed1485581ca395d01bea1ea89df0c0529f5281bc73b0", "e32b75754d202bb7c92bc52cbbba3ec65a712450eb42c25e92515111c825c18a", "2cf0e11b4d3ed524a99a327e52a246b73d5d91ff938bcbe58d31d4511d2b910f", "59040541282c5325a0a35f19ef601f3c1eb8ba444c084d8c4980e0272f26411c", "3c6b98c113741da5f2ac7896a314b8800bf60d90ab6e2ef7acb7380460d51f16", "906f24487e4f9a5db9372e91cab6197f74bb98f15aa4ffc97d6432d993af817d", "8787f5e369fa69155d22a1f0bcaaef6e65cec46e410f8e2c4b4cba04a5d3dbdf", "7b20b62a3d60a2505f6581b52f7d9b785e995dbf7f47f6286695d3b13ddbc727", "08eb344569251e4fc99c3de92a7bf8d8ac36a1c6aa410273dd1e063ededb4a42", "ee87b76910174892715ba17e2ab18784fc81e8ea0f003248369e8fb8c8a3d628", "02bd161beee232d6ecf9c7a8a0fe80c2545227451547459f4612c5da81ba5b5b", "3e71f6d4e7142c28ee7fcc14925293f0c4608b0e0ae3a8e025faff261b4263b1", "1b6e4c705bd5306e35649e5ee0812c80a0cdfa60b045454f488dd7ef8f55d473", "cbe6a1aa3eceafa8531d38499f3a24c4c727b032af7051109d439ec515d7edff", "6a609b2e0a47e4de97677965ea36b42fa35b1fb78cddb3db64921fe77419dcc7", "bb0a356d6e48c62138b28d5ff273cd847c46001a62af08a766f488cb1933eed2", "37e19470f3e2161ae58a9bda0a9fdce6e7ba726ee13027d5a50f7bcd1b891818", "a2ac76c4e7fc5312f3553b1ac36f8eed8485b35add8d4941e86caa05581ee94b", "a3a36f24fbd52508e76892c042ab819a817e95ee9ded2e3597b5e9c539aa8c45", "2ba72a8de72521e03d24fd9c062d7c1d11e347198f09fbfc9726f78739a50baf", "abc342fd840ed1751d8428d78e092789cc9a9ae06e3f1540ff08b2cfc80a71e1", "8ca3cf28225f57830a300456ee5b931becc4ebe26eb9b21c7bc97541579e0584", "ea3caafe6eb473b167ebbe87fce2570540b122f51481d4788082cbff1abe1487", "4a040cac7eb8d50b0ee74a8a9719672011436a75d015e8659b7fcd3eba712f79", "ace0558cc717628863817fd070f2e3754f15694ae05f600861daa365bad93781", "54d0ee19b0725bf78372c3fc84776b1a81324ff4c8a0be7d816eebdbbf0af18c", "3642e57a9da01bd7b6b5d9a1054c21fbbc73656e7253f0b7434fc952c9761b6d", "e403c9c9a0d416eae05dcd022a9b54fdaa27604669d7fcae343d3c77b1001a73", "a81df49be52a7d9b6e990c82171df3b93a702f821605b93ab4453b8a775db80d", "511c72e9ed64927018d094d9df2901a5d9b3a01963f1d38415c7360caa92da78", "d0e6a6a105e90cc08e635fcf6cdf0961f0a05c1552c65b2ce3ba494fc2a1c871", "380bf2a2bac7a49b9dfaa3dae8b56397672108ab24f41dfb3d670ffb28f6a825", "b7581157aa029b748559f4b9052d2aba833792a99fc0240bcab7586759140be3", "dd61eab422089382aac1e16e47e25f49990086c95bb7d8b3eef8275f005612fa", "b897378d3ae7794fa32aa16eedc828e7c80b7f2517ecd7f3a7dbe6e5f0132c3d", "e1e7bcb3a0b05d4793bd9876ddc0079ed72a86777a7d1d49777bcaff0d416baf", "b9b9926458b52e38c5dae8489ef62a21dab36bca4e95c74dde7add49b91c8b0c", "0d62d5ab9c799ad6d0121505f965400007cecc4f2b7fd5f907e69bb96e1f83c4", "9176bd87a4af64bba79e23b110420a6756cdcc0cec01632dfc9a0c67d9b99de2", "c6afe03c0edb82874b4d1bcdf0354f1ed3ed2941cc1fc0adc5636b2492029f1a", "efbf347aa6fcd7df3a7537ed8bcb672439e69dc5d0c27a76dfdfe5706198fd09", "7081564c824770ff62a6d7712d558cf94a5afb3c88652284ae8484b38e797d80", "4f2f1363b34e00914235dbec86ab50cf08e6dc1657c16b4d3249c6fb57f4fb94", "8461890eba27128485afd38c2c735bb66a56cbfc85b801f673cd56911b894995", "60683e63a880b6c14843690a5b7ca011db647d468a5966f7076dd3f23bebbc27", "c599f7713c49a202111f30dba0185b72d251e91a9b182f17d07c4badf0e99672", "3a5f79652f87ccb4c9798113f7a919f9f88cf4221de4486d249a24eac1e846fc", "86a157fefa7022630be7aa6e305243e349ad54e37abcbf406f9f966af659e108", "096d82b60d52de1e7ec7e85c234db5bf8140730051127e87b5e8957c332b19f2", "0fdb520255fdc09c07c596f670e077e7e974af4e9b2df6fa254ef034631d950c", "e0e4ff87d4507282bf4a60921c0cecb881f113d3df330e6d129cc80a84d85f19", "69771ec35f954d09b78b55b6e3d6b240ebf7738ee682997f3fd3c6b750fec5e3", "d118a88b1ecd7dfbb01afbaea6122eec93d227f500d030a50e0a60e2e0b6c728", "c1b429f0de9ebdf1ff28a8f62f364afe420c1c9c3ccf64c72a26364e7d338822", "0368afd2468ede3c2a87c5988d8d880017b66907890d36285d4e878585ff1ff5", "7fd7642348a4caa03a387b3caecd11c4c2a585b57a6a75a748671426685cdcec", "48cec8cd4596904505d23f49a9da1486332f3c896c2723d196c2cdec617e12a1", "2d3ce270807d037b5cdc8ec95351c82ad17e03508ef554cdb9b4b419d0084e26", "10bbc14c15b368e4a48aba3cf2e6e0192e73e3e190c1952df5d6a13f57295d9e", "b8cfdd16f5bc4d13a805fe0fbc11fc0e569cd7e5d9b84255739baaceb3c3fe5a", "7d913f06c252acee7495e34f57c13938adc5c6a93386baaabd6fc758a1cd90de", "3b69ea5e38470aa747535697b40dc6f5a2924ce2c44ff8b809459bdbd41edf7d", "0e8673929faeaed582fbb578afa829f9363e7e297e2fea9addbe5a679ae5c038", "2107ea6810560dcedfc5a4ed35a11caa5619cba7cde29557642482b83dccdf27", "dcce500c1986e36a5a9442857dc606c11745214aa3dcddd01365b025fc2f2559", "418458f7a25840f6c8b8a9982dec09d02e297b93aeb73e2e87ce30eaf171622a", "d94660a0e74d31307af0054b78167923aeda8aac641a1b6b196b9950abea4899", "2a6578cf548414e7f684ddb608b09d0584c6ee755e16bec78624368d2463b508", "041401ea1601b14048afc6b726d4b417ca8aa1a6358e51744ee4a123ba636f87", "efb2b92a9ad40fb2d039fed04162ec421d3fd4bcd86adedbcb52d03ed5b742c1", "d1aa8f9c83cb795f77652001b3eb8fbb3bd6d03c387c053c6dad31143b145092", "57fe3c34a73768fce9e42473532850c03b47eddcdf878a3afb14318aaacd6b0c", "b32f2fdc3526f6326ae7ffc3848166ae3315e1fce6158ee6070cf5f9afc05152", "14a3bcfe545de508cb00e55ed07bf88577f1f705ca6cdd15b733235f1d384729", "ccf4d5167a10a49756ab0cf8a204b5d1a06356b5e9bdbee58f4eda966ec551a8"], "mitre_attack_tags": []}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["2e0fc89b9e4676bf7966ed1485581ca395d01bea1ea89df0c0529f5281bc73b0", "e32b75754d202bb7c92bc52cbbba3ec65a712450eb42c25e92515111c825c18a", "2cf0e11b4d3ed524a99a327e52a246b73d5d91ff938bcbe58d31d4511d2b910f", "59040541282c5325a0a35f19ef601f3c1eb8ba444c084d8c4980e0272f26411c", "3c6b98c113741da5f2ac7896a314b8800bf60d90ab6e2ef7acb7380460d51f16", "906f24487e4f9a5db9372e91cab6197f74bb98f15aa4ffc97d6432d993af817d", "8787f5e369fa69155d22a1f0bcaaef6e65cec46e410f8e2c4b4cba04a5d3dbdf", "7b20b62a3d60a2505f6581b52f7d9b785e995dbf7f47f6286695d3b13ddbc727", "08eb344569251e4fc99c3de92a7bf8d8ac36a1c6aa410273dd1e063ededb4a42", "ee87b76910174892715ba17e2ab18784fc81e8ea0f003248369e8fb8c8a3d628", "02bd161beee232d6ecf9c7a8a0fe80c2545227451547459f4612c5da81ba5b5b", "3e71f6d4e7142c28ee7fcc14925293f0c4608b0e0ae3a8e025faff261b4263b1", "1b6e4c705bd5306e35649e5ee0812c80a0cdfa60b045454f488dd7ef8f55d473", "cbe6a1aa3eceafa8531d38499f3a24c4c727b032af7051109d439ec515d7edff", "6a609b2e0a47e4de97677965ea36b42fa35b1fb78cddb3db64921fe77419dcc7", "bb0a356d6e48c62138b28d5ff273cd847c46001a62af08a766f488cb1933eed2", "37e19470f3e2161ae58a9bda0a9fdce6e7ba726ee13027d5a50f7bcd1b891818", "a2ac76c4e7fc5312f3553b1ac36f8eed8485b35add8d4941e86caa05581ee94b", "a3a36f24fbd52508e76892c042ab819a817e95ee9ded2e3597b5e9c539aa8c45", "2ba72a8de72521e03d24fd9c062d7c1d11e347198f09fbfc9726f78739a50baf", "8ca3cf28225f57830a300456ee5b931becc4ebe26eb9b21c7bc97541579e0584", "ea3caafe6eb473b167ebbe87fce2570540b122f51481d4788082cbff1abe1487", "ace0558cc717628863817fd070f2e3754f15694ae05f600861daa365bad93781", "54d0ee19b0725bf78372c3fc84776b1a81324ff4c8a0be7d816eebdbbf0af18c", "3642e57a9da01bd7b6b5d9a1054c21fbbc73656e7253f0b7434fc952c9761b6d", "e403c9c9a0d416eae05dcd022a9b54fdaa27604669d7fcae343d3c77b1001a73", "a81df49be52a7d9b6e990c82171df3b93a702f821605b93ab4453b8a775db80d", "511c72e9ed64927018d094d9df2901a5d9b3a01963f1d38415c7360caa92da78", "d0e6a6a105e90cc08e635fcf6cdf0961f0a05c1552c65b2ce3ba494fc2a1c871", "380bf2a2bac7a49b9dfaa3dae8b56397672108ab24f41dfb3d670ffb28f6a825", "b7581157aa029b748559f4b9052d2aba833792a99fc0240bcab7586759140be3", "dd61eab422089382aac1e16e47e25f49990086c95bb7d8b3eef8275f005612fa", "b897378d3ae7794fa32aa16eedc828e7c80b7f2517ecd7f3a7dbe6e5f0132c3d", "e1e7bcb3a0b05d4793bd9876ddc0079ed72a86777a7d1d49777bcaff0d416baf", "b9b9926458b52e38c5dae8489ef62a21dab36bca4e95c74dde7add49b91c8b0c", "0d62d5ab9c799ad6d0121505f965400007cecc4f2b7fd5f907e69bb96e1f83c4", "9176bd87a4af64bba79e23b110420a6756cdcc0cec01632dfc9a0c67d9b99de2", "c6afe03c0edb82874b4d1bcdf0354f1ed3ed2941cc1fc0adc5636b2492029f1a", "efbf347aa6fcd7df3a7537ed8bcb672439e69dc5d0c27a76dfdfe5706198fd09", "7081564c824770ff62a6d7712d558cf94a5afb3c88652284ae8484b38e797d80", "4f2f1363b34e00914235dbec86ab50cf08e6dc1657c16b4d3249c6fb57f4fb94", "8461890eba27128485afd38c2c735bb66a56cbfc85b801f673cd56911b894995", "60683e63a880b6c14843690a5b7ca011db647d468a5966f7076dd3f23bebbc27", "c599f7713c49a202111f30dba0185b72d251e91a9b182f17d07c4badf0e99672", "3a5f79652f87ccb4c9798113f7a919f9f88cf4221de4486d249a24eac1e846fc", "86a157fefa7022630be7aa6e305243e349ad54e37abcbf406f9f966af659e108", "096d82b60d52de1e7ec7e85c234db5bf8140730051127e87b5e8957c332b19f2", "0fdb520255fdc09c07c596f670e077e7e974af4e9b2df6fa254ef034631d950c", "e0e4ff87d4507282bf4a60921c0cecb881f113d3df330e6d129cc80a84d85f19", "69771ec35f954d09b78b55b6e3d6b240ebf7738ee682997f3fd3c6b750fec5e3", "d118a88b1ecd7dfbb01afbaea6122eec93d227f500d030a50e0a60e2e0b6c728", "0368afd2468ede3c2a87c5988d8d880017b66907890d36285d4e878585ff1ff5", "7fd7642348a4caa03a387b3caecd11c4c2a585b57a6a75a748671426685cdcec", "48cec8cd4596904505d23f49a9da1486332f3c896c2723d196c2cdec617e12a1", "2d3ce270807d037b5cdc8ec95351c82ad17e03508ef554cdb9b4b419d0084e26", "10bbc14c15b368e4a48aba3cf2e6e0192e73e3e190c1952df5d6a13f57295d9e", "7d913f06c252acee7495e34f57c13938adc5c6a93386baaabd6fc758a1cd90de", "0e8673929faeaed582fbb578afa829f9363e7e297e2fea9addbe5a679ae5c038", "2107ea6810560dcedfc5a4ed35a11caa5619cba7cde29557642482b83dccdf27", "dcce500c1986e36a5a9442857dc606c11745214aa3dcddd01365b025fc2f2559", "418458f7a25840f6c8b8a9982dec09d02e297b93aeb73e2e87ce30eaf171622a", "d94660a0e74d31307af0054b78167923aeda8aac641a1b6b196b9950abea4899", "2a6578cf548414e7f684ddb608b09d0584c6ee755e16bec78624368d2463b508", "041401ea1601b14048afc6b726d4b417ca8aa1a6358e51744ee4a123ba636f87", "efb2b92a9ad40fb2d039fed04162ec421d3fd4bcd86adedbcb52d03ed5b742c1", "57fe3c34a73768fce9e42473532850c03b47eddcdf878a3afb14318aaacd6b0c", "14a3bcfe545de508cb00e55ed07bf88577f1f705ca6cdd15b733235f1d384729"], "mitre_attack_tags": []}, {"bi": "pe-packed-themida", "hashes": ["2e0fc89b9e4676bf7966ed1485581ca395d01bea1ea89df0c0529f5281bc73b0", "e32b75754d202bb7c92bc52cbbba3ec65a712450eb42c25e92515111c825c18a", "2cf0e11b4d3ed524a99a327e52a246b73d5d91ff938bcbe58d31d4511d2b910f", "59040541282c5325a0a35f19ef601f3c1eb8ba444c084d8c4980e0272f26411c", "3c6b98c113741da5f2ac7896a314b8800bf60d90ab6e2ef7acb7380460d51f16", "906f24487e4f9a5db9372e91cab6197f74bb98f15aa4ffc97d6432d993af817d", "8787f5e369fa69155d22a1f0bcaaef6e65cec46e410f8e2c4b4cba04a5d3dbdf", "7b20b62a3d60a2505f6581b52f7d9b785e995dbf7f47f6286695d3b13ddbc727", "08eb344569251e4fc99c3de92a7bf8d8ac36a1c6aa410273dd1e063ededb4a42", "ee87b76910174892715ba17e2ab18784fc81e8ea0f003248369e8fb8c8a3d628", "02bd161beee232d6ecf9c7a8a0fe80c2545227451547459f4612c5da81ba5b5b", "3e71f6d4e7142c28ee7fcc14925293f0c4608b0e0ae3a8e025faff261b4263b1", "1b6e4c705bd5306e35649e5ee0812c80a0cdfa60b045454f488dd7ef8f55d473", "cbe6a1aa3eceafa8531d38499f3a24c4c727b032af7051109d439ec515d7edff", "6a609b2e0a47e4de97677965ea36b42fa35b1fb78cddb3db64921fe77419dcc7", "bb0a356d6e48c62138b28d5ff273cd847c46001a62af08a766f488cb1933eed2", "37e19470f3e2161ae58a9bda0a9fdce6e7ba726ee13027d5a50f7bcd1b891818", "a3a36f24fbd52508e76892c042ab819a817e95ee9ded2e3597b5e9c539aa8c45", "2ba72a8de72521e03d24fd9c062d7c1d11e347198f09fbfc9726f78739a50baf", "abc342fd840ed1751d8428d78e092789cc9a9ae06e3f1540ff08b2cfc80a71e1", "8ca3cf28225f57830a300456ee5b931becc4ebe26eb9b21c7bc97541579e0584", "4a040cac7eb8d50b0ee74a8a9719672011436a75d015e8659b7fcd3eba712f79", "ace0558cc717628863817fd070f2e3754f15694ae05f600861daa365bad93781", "54d0ee19b0725bf78372c3fc84776b1a81324ff4c8a0be7d816eebdbbf0af18c", "3642e57a9da01bd7b6b5d9a1054c21fbbc73656e7253f0b7434fc952c9761b6d", "e403c9c9a0d416eae05dcd022a9b54fdaa27604669d7fcae343d3c77b1001a73", "a81df49be52a7d9b6e990c82171df3b93a702f821605b93ab4453b8a775db80d", "d0e6a6a105e90cc08e635fcf6cdf0961f0a05c1552c65b2ce3ba494fc2a1c871", "380bf2a2bac7a49b9dfaa3dae8b56397672108ab24f41dfb3d670ffb28f6a825", "b7581157aa029b748559f4b9052d2aba833792a99fc0240bcab7586759140be3", "b897378d3ae7794fa32aa16eedc828e7c80b7f2517ecd7f3a7dbe6e5f0132c3d", "e1e7bcb3a0b05d4793bd9876ddc0079ed72a86777a7d1d49777bcaff0d416baf", "b9b9926458b52e38c5dae8489ef62a21dab36bca4e95c74dde7add49b91c8b0c", "0d62d5ab9c799ad6d0121505f965400007cecc4f2b7fd5f907e69bb96e1f83c4", "9176bd87a4af64bba79e23b110420a6756cdcc0cec01632dfc9a0c67d9b99de2", "c6afe03c0edb82874b4d1bcdf0354f1ed3ed2941cc1fc0adc5636b2492029f1a", "efbf347aa6fcd7df3a7537ed8bcb672439e69dc5d0c27a76dfdfe5706198fd09", "7081564c824770ff62a6d7712d558cf94a5afb3c88652284ae8484b38e797d80", "4f2f1363b34e00914235dbec86ab50cf08e6dc1657c16b4d3249c6fb57f4fb94", "8461890eba27128485afd38c2c735bb66a56cbfc85b801f673cd56911b894995", "60683e63a880b6c14843690a5b7ca011db647d468a5966f7076dd3f23bebbc27", "c599f7713c49a202111f30dba0185b72d251e91a9b182f17d07c4badf0e99672", "3a5f79652f87ccb4c9798113f7a919f9f88cf4221de4486d249a24eac1e846fc", "86a157fefa7022630be7aa6e305243e349ad54e37abcbf406f9f966af659e108", "096d82b60d52de1e7ec7e85c234db5bf8140730051127e87b5e8957c332b19f2", "0fdb520255fdc09c07c596f670e077e7e974af4e9b2df6fa254ef034631d950c", "e0e4ff87d4507282bf4a60921c0cecb881f113d3df330e6d129cc80a84d85f19", "69771ec35f954d09b78b55b6e3d6b240ebf7738ee682997f3fd3c6b750fec5e3", "d118a88b1ecd7dfbb01afbaea6122eec93d227f500d030a50e0a60e2e0b6c728", "2d3ce270807d037b5cdc8ec95351c82ad17e03508ef554cdb9b4b419d0084e26", "10bbc14c15b368e4a48aba3cf2e6e0192e73e3e190c1952df5d6a13f57295d9e", "b8cfdd16f5bc4d13a805fe0fbc11fc0e569cd7e5d9b84255739baaceb3c3fe5a", "7d913f06c252acee7495e34f57c13938adc5c6a93386baaabd6fc758a1cd90de", "3b69ea5e38470aa747535697b40dc6f5a2924ce2c44ff8b809459bdbd41edf7d", "0e8673929faeaed582fbb578afa829f9363e7e297e2fea9addbe5a679ae5c038", "2107ea6810560dcedfc5a4ed35a11caa5619cba7cde29557642482b83dccdf27", "dcce500c1986e36a5a9442857dc606c11745214aa3dcddd01365b025fc2f2559", "418458f7a25840f6c8b8a9982dec09d02e297b93aeb73e2e87ce30eaf171622a", "d94660a0e74d31307af0054b78167923aeda8aac641a1b6b196b9950abea4899", "041401ea1601b14048afc6b726d4b417ca8aa1a6358e51744ee4a123ba636f87", "efb2b92a9ad40fb2d039fed04162ec421d3fd4bcd86adedbcb52d03ed5b742c1", "d1aa8f9c83cb795f77652001b3eb8fbb3bd6d03c387c053c6dad31143b145092", "57fe3c34a73768fce9e42473532850c03b47eddcdf878a3afb14318aaacd6b0c", "b32f2fdc3526f6326ae7ffc3848166ae3315e1fce6158ee6070cf5f9afc05152", "14a3bcfe545de508cb00e55ed07bf88577f1f705ca6cdd15b733235f1d384729", "ccf4d5167a10a49756ab0cf8a204b5d1a06356b5e9bdbee58f4eda966ec551a8"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "antivirus-flagged-artifact", "hashes": ["2e0fc89b9e4676bf7966ed1485581ca395d01bea1ea89df0c0529f5281bc73b0", "2cf0e11b4d3ed524a99a327e52a246b73d5d91ff938bcbe58d31d4511d2b910f", "59040541282c5325a0a35f19ef601f3c1eb8ba444c084d8c4980e0272f26411c", "8787f5e369fa69155d22a1f0bcaaef6e65cec46e410f8e2c4b4cba04a5d3dbdf", "08eb344569251e4fc99c3de92a7bf8d8ac36a1c6aa410273dd1e063ededb4a42", "02bd161beee232d6ecf9c7a8a0fe80c2545227451547459f4612c5da81ba5b5b", "1b6e4c705bd5306e35649e5ee0812c80a0cdfa60b045454f488dd7ef8f55d473", "37e19470f3e2161ae58a9bda0a9fdce6e7ba726ee13027d5a50f7bcd1b891818", "a2ac76c4e7fc5312f3553b1ac36f8eed8485b35add8d4941e86caa05581ee94b", "ea3caafe6eb473b167ebbe87fce2570540b122f51481d4788082cbff1abe1487", "ace0558cc717628863817fd070f2e3754f15694ae05f600861daa365bad93781", "54d0ee19b0725bf78372c3fc84776b1a81324ff4c8a0be7d816eebdbbf0af18c", "3642e57a9da01bd7b6b5d9a1054c21fbbc73656e7253f0b7434fc952c9761b6d", "e403c9c9a0d416eae05dcd022a9b54fdaa27604669d7fcae343d3c77b1001a73", "a81df49be52a7d9b6e990c82171df3b93a702f821605b93ab4453b8a775db80d", "511c72e9ed64927018d094d9df2901a5d9b3a01963f1d38415c7360caa92da78", "d0e6a6a105e90cc08e635fcf6cdf0961f0a05c1552c65b2ce3ba494fc2a1c871", "380bf2a2bac7a49b9dfaa3dae8b56397672108ab24f41dfb3d670ffb28f6a825", "b7581157aa029b748559f4b9052d2aba833792a99fc0240bcab7586759140be3", "dd61eab422089382aac1e16e47e25f49990086c95bb7d8b3eef8275f005612fa", "b897378d3ae7794fa32aa16eedc828e7c80b7f2517ecd7f3a7dbe6e5f0132c3d", "e1e7bcb3a0b05d4793bd9876ddc0079ed72a86777a7d1d49777bcaff0d416baf", "b9b9926458b52e38c5dae8489ef62a21dab36bca4e95c74dde7add49b91c8b0c", "0d62d5ab9c799ad6d0121505f965400007cecc4f2b7fd5f907e69bb96e1f83c4", "9176bd87a4af64bba79e23b110420a6756cdcc0cec01632dfc9a0c67d9b99de2", "c6afe03c0edb82874b4d1bcdf0354f1ed3ed2941cc1fc0adc5636b2492029f1a", "efbf347aa6fcd7df3a7537ed8bcb672439e69dc5d0c27a76dfdfe5706198fd09", "7081564c824770ff62a6d7712d558cf94a5afb3c88652284ae8484b38e797d80", "4f2f1363b34e00914235dbec86ab50cf08e6dc1657c16b4d3249c6fb57f4fb94", "8461890eba27128485afd38c2c735bb66a56cbfc85b801f673cd56911b894995", "60683e63a880b6c14843690a5b7ca011db647d468a5966f7076dd3f23bebbc27", "3a5f79652f87ccb4c9798113f7a919f9f88cf4221de4486d249a24eac1e846fc", "86a157fefa7022630be7aa6e305243e349ad54e37abcbf406f9f966af659e108", "096d82b60d52de1e7ec7e85c234db5bf8140730051127e87b5e8957c332b19f2", "0fdb520255fdc09c07c596f670e077e7e974af4e9b2df6fa254ef034631d950c", "e0e4ff87d4507282bf4a60921c0cecb881f113d3df330e6d129cc80a84d85f19", "69771ec35f954d09b78b55b6e3d6b240ebf7738ee682997f3fd3c6b750fec5e3", "d118a88b1ecd7dfbb01afbaea6122eec93d227f500d030a50e0a60e2e0b6c728", "c1b429f0de9ebdf1ff28a8f62f364afe420c1c9c3ccf64c72a26364e7d338822", "0368afd2468ede3c2a87c5988d8d880017b66907890d36285d4e878585ff1ff5", "7fd7642348a4caa03a387b3caecd11c4c2a585b57a6a75a748671426685cdcec", "2d3ce270807d037b5cdc8ec95351c82ad17e03508ef554cdb9b4b419d0084e26", "7d913f06c252acee7495e34f57c13938adc5c6a93386baaabd6fc758a1cd90de", "3b69ea5e38470aa747535697b40dc6f5a2924ce2c44ff8b809459bdbd41edf7d", "0e8673929faeaed582fbb578afa829f9363e7e297e2fea9addbe5a679ae5c038", "dcce500c1986e36a5a9442857dc606c11745214aa3dcddd01365b025fc2f2559", "041401ea1601b14048afc6b726d4b417ca8aa1a6358e51744ee4a123ba636f87", "d1aa8f9c83cb795f77652001b3eb8fbb3bd6d03c387c053c6dad31143b145092", "b32f2fdc3526f6326ae7ffc3848166ae3315e1fce6158ee6070cf5f9afc05152"], "mitre_attack_tags": []}, {"bi": "artifact-flagged-vm", "hashes": ["2e0fc89b9e4676bf7966ed1485581ca395d01bea1ea89df0c0529f5281bc73b0", "e32b75754d202bb7c92bc52cbbba3ec65a712450eb42c25e92515111c825c18a", "59040541282c5325a0a35f19ef601f3c1eb8ba444c084d8c4980e0272f26411c", "7b20b62a3d60a2505f6581b52f7d9b785e995dbf7f47f6286695d3b13ddbc727", "08eb344569251e4fc99c3de92a7bf8d8ac36a1c6aa410273dd1e063ededb4a42", "02bd161beee232d6ecf9c7a8a0fe80c2545227451547459f4612c5da81ba5b5b", "1b6e4c705bd5306e35649e5ee0812c80a0cdfa60b045454f488dd7ef8f55d473", "a3a36f24fbd52508e76892c042ab819a817e95ee9ded2e3597b5e9c539aa8c45", "abc342fd840ed1751d8428d78e092789cc9a9ae06e3f1540ff08b2cfc80a71e1", "ea3caafe6eb473b167ebbe87fce2570540b122f51481d4788082cbff1abe1487", "ace0558cc717628863817fd070f2e3754f15694ae05f600861daa365bad93781", "3642e57a9da01bd7b6b5d9a1054c21fbbc73656e7253f0b7434fc952c9761b6d", "511c72e9ed64927018d094d9df2901a5d9b3a01963f1d38415c7360caa92da78", "380bf2a2bac7a49b9dfaa3dae8b56397672108ab24f41dfb3d670ffb28f6a825", "b897378d3ae7794fa32aa16eedc828e7c80b7f2517ecd7f3a7dbe6e5f0132c3d", "b9b9926458b52e38c5dae8489ef62a21dab36bca4e95c74dde7add49b91c8b0c", "0d62d5ab9c799ad6d0121505f965400007cecc4f2b7fd5f907e69bb96e1f83c4", "c6afe03c0edb82874b4d1bcdf0354f1ed3ed2941cc1fc0adc5636b2492029f1a", "c599f7713c49a202111f30dba0185b72d251e91a9b182f17d07c4badf0e99672", "2d3ce270807d037b5cdc8ec95351c82ad17e03508ef554cdb9b4b419d0084e26", "7d913f06c252acee7495e34f57c13938adc5c6a93386baaabd6fc758a1cd90de", "0e8673929faeaed582fbb578afa829f9363e7e297e2fea9addbe5a679ae5c038", "418458f7a25840f6c8b8a9982dec09d02e297b93aeb73e2e87ce30eaf171622a", "2a6578cf548414e7f684ddb608b09d0584c6ee755e16bec78624368d2463b508", "041401ea1601b14048afc6b726d4b417ca8aa1a6358e51744ee4a123ba636f87", "efb2b92a9ad40fb2d039fed04162ec421d3fd4bcd86adedbcb52d03ed5b742c1", "b32f2fdc3526f6326ae7ffc3848166ae3315e1fce6158ee6070cf5f9afc05152", "14a3bcfe545de508cb00e55ed07bf88577f1f705ca6cdd15b733235f1d384729"], "mitre_attack_tags": ["TA0005", "TA0007", "T1497"]}, {"bi": "sample-launched-copy-of-self", "hashes": ["e32b75754d202bb7c92bc52cbbba3ec65a712450eb42c25e92515111c825c18a", "3c6b98c113741da5f2ac7896a314b8800bf60d90ab6e2ef7acb7380460d51f16", "906f24487e4f9a5db9372e91cab6197f74bb98f15aa4ffc97d6432d993af817d", "7b20b62a3d60a2505f6581b52f7d9b785e995dbf7f47f6286695d3b13ddbc727", "ee87b76910174892715ba17e2ab18784fc81e8ea0f003248369e8fb8c8a3d628", "3e71f6d4e7142c28ee7fcc14925293f0c4608b0e0ae3a8e025faff261b4263b1", "cbe6a1aa3eceafa8531d38499f3a24c4c727b032af7051109d439ec515d7edff", "6a609b2e0a47e4de97677965ea36b42fa35b1fb78cddb3db64921fe77419dcc7", "bb0a356d6e48c62138b28d5ff273cd847c46001a62af08a766f488cb1933eed2", "a3a36f24fbd52508e76892c042ab819a817e95ee9ded2e3597b5e9c539aa8c45", "2ba72a8de72521e03d24fd9c062d7c1d11e347198f09fbfc9726f78739a50baf", "8ca3cf28225f57830a300456ee5b931becc4ebe26eb9b21c7bc97541579e0584", "c599f7713c49a202111f30dba0185b72d251e91a9b182f17d07c4badf0e99672", "10bbc14c15b368e4a48aba3cf2e6e0192e73e3e190c1952df5d6a13f57295d9e", "b8cfdd16f5bc4d13a805fe0fbc11fc0e569cd7e5d9b84255739baaceb3c3fe5a", "2107ea6810560dcedfc5a4ed35a11caa5619cba7cde29557642482b83dccdf27", "418458f7a25840f6c8b8a9982dec09d02e297b93aeb73e2e87ce30eaf171622a", "d94660a0e74d31307af0054b78167923aeda8aac641a1b6b196b9950abea4899", "efb2b92a9ad40fb2d039fed04162ec421d3fd4bcd86adedbcb52d03ed5b742c1", "57fe3c34a73768fce9e42473532850c03b47eddcdf878a3afb14318aaacd6b0c", "14a3bcfe545de508cb00e55ed07bf88577f1f705ca6cdd15b733235f1d384729", "ccf4d5167a10a49756ab0cf8a204b5d1a06356b5e9bdbee58f4eda966ec551a8"], "mitre_attack_tags": ["TA0005", "T1202"]}, {"bi": "artifact-windows-task", "hashes": ["e32b75754d202bb7c92bc52cbbba3ec65a712450eb42c25e92515111c825c18a", "3c6b98c113741da5f2ac7896a314b8800bf60d90ab6e2ef7acb7380460d51f16", "906f24487e4f9a5db9372e91cab6197f74bb98f15aa4ffc97d6432d993af817d", "7b20b62a3d60a2505f6581b52f7d9b785e995dbf7f47f6286695d3b13ddbc727", "ee87b76910174892715ba17e2ab18784fc81e8ea0f003248369e8fb8c8a3d628", "3e71f6d4e7142c28ee7fcc14925293f0c4608b0e0ae3a8e025faff261b4263b1", "cbe6a1aa3eceafa8531d38499f3a24c4c727b032af7051109d439ec515d7edff", "6a609b2e0a47e4de97677965ea36b42fa35b1fb78cddb3db64921fe77419dcc7", "bb0a356d6e48c62138b28d5ff273cd847c46001a62af08a766f488cb1933eed2", "a3a36f24fbd52508e76892c042ab819a817e95ee9ded2e3597b5e9c539aa8c45", "2ba72a8de72521e03d24fd9c062d7c1d11e347198f09fbfc9726f78739a50baf", "8ca3cf28225f57830a300456ee5b931becc4ebe26eb9b21c7bc97541579e0584", "c599f7713c49a202111f30dba0185b72d251e91a9b182f17d07c4badf0e99672", "10bbc14c15b368e4a48aba3cf2e6e0192e73e3e190c1952df5d6a13f57295d9e", "2107ea6810560dcedfc5a4ed35a11caa5619cba7cde29557642482b83dccdf27", "418458f7a25840f6c8b8a9982dec09d02e297b93aeb73e2e87ce30eaf171622a", "d94660a0e74d31307af0054b78167923aeda8aac641a1b6b196b9950abea4899", "efb2b92a9ad40fb2d039fed04162ec421d3fd4bcd86adedbcb52d03ed5b742c1", "57fe3c34a73768fce9e42473532850c03b47eddcdf878a3afb14318aaacd6b0c", "14a3bcfe545de508cb00e55ed07bf88577f1f705ca6cdd15b733235f1d384729", "ccf4d5167a10a49756ab0cf8a204b5d1a06356b5e9bdbee58f4eda966ec551a8"], "mitre_attack_tags": ["TA0002", "TA0003", "TA0004", "T1053"]}, {"bi": "modified-file-in-user-dir", "hashes": ["e32b75754d202bb7c92bc52cbbba3ec65a712450eb42c25e92515111c825c18a", "3c6b98c113741da5f2ac7896a314b8800bf60d90ab6e2ef7acb7380460d51f16", "906f24487e4f9a5db9372e91cab6197f74bb98f15aa4ffc97d6432d993af817d", "7b20b62a3d60a2505f6581b52f7d9b785e995dbf7f47f6286695d3b13ddbc727", "ee87b76910174892715ba17e2ab18784fc81e8ea0f003248369e8fb8c8a3d628", "3e71f6d4e7142c28ee7fcc14925293f0c4608b0e0ae3a8e025faff261b4263b1", "cbe6a1aa3eceafa8531d38499f3a24c4c727b032af7051109d439ec515d7edff", "6a609b2e0a47e4de97677965ea36b42fa35b1fb78cddb3db64921fe77419dcc7", "bb0a356d6e48c62138b28d5ff273cd847c46001a62af08a766f488cb1933eed2", "a3a36f24fbd52508e76892c042ab819a817e95ee9ded2e3597b5e9c539aa8c45", "2ba72a8de72521e03d24fd9c062d7c1d11e347198f09fbfc9726f78739a50baf", "8ca3cf28225f57830a300456ee5b931becc4ebe26eb9b21c7bc97541579e0584", "c599f7713c49a202111f30dba0185b72d251e91a9b182f17d07c4badf0e99672", "10bbc14c15b368e4a48aba3cf2e6e0192e73e3e190c1952df5d6a13f57295d9e", "b8cfdd16f5bc4d13a805fe0fbc11fc0e569cd7e5d9b84255739baaceb3c3fe5a", "2107ea6810560dcedfc5a4ed35a11caa5619cba7cde29557642482b83dccdf27", "418458f7a25840f6c8b8a9982dec09d02e297b93aeb73e2e87ce30eaf171622a", "d94660a0e74d31307af0054b78167923aeda8aac641a1b6b196b9950abea4899"], "mitre_attack_tags": []}, {"bi": "process-long-cmdline", "hashes": ["e32b75754d202bb7c92bc52cbbba3ec65a712450eb42c25e92515111c825c18a", "3c6b98c113741da5f2ac7896a314b8800bf60d90ab6e2ef7acb7380460d51f16", "906f24487e4f9a5db9372e91cab6197f74bb98f15aa4ffc97d6432d993af817d", "7b20b62a3d60a2505f6581b52f7d9b785e995dbf7f47f6286695d3b13ddbc727", "ee87b76910174892715ba17e2ab18784fc81e8ea0f003248369e8fb8c8a3d628", "3e71f6d4e7142c28ee7fcc14925293f0c4608b0e0ae3a8e025faff261b4263b1", "cbe6a1aa3eceafa8531d38499f3a24c4c727b032af7051109d439ec515d7edff", "6a609b2e0a47e4de97677965ea36b42fa35b1fb78cddb3db64921fe77419dcc7", "bb0a356d6e48c62138b28d5ff273cd847c46001a62af08a766f488cb1933eed2", "a3a36f24fbd52508e76892c042ab819a817e95ee9ded2e3597b5e9c539aa8c45", "2ba72a8de72521e03d24fd9c062d7c1d11e347198f09fbfc9726f78739a50baf", "8ca3cf28225f57830a300456ee5b931becc4ebe26eb9b21c7bc97541579e0584", "c599f7713c49a202111f30dba0185b72d251e91a9b182f17d07c4badf0e99672", "10bbc14c15b368e4a48aba3cf2e6e0192e73e3e190c1952df5d6a13f57295d9e", "2107ea6810560dcedfc5a4ed35a11caa5619cba7cde29557642482b83dccdf27", "418458f7a25840f6c8b8a9982dec09d02e297b93aeb73e2e87ce30eaf171622a", "d94660a0e74d31307af0054b78167923aeda8aac641a1b6b196b9950abea4899"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "pe-header-linker-major", "hashes": ["a2ac76c4e7fc5312f3553b1ac36f8eed8485b35add8d4941e86caa05581ee94b", "abc342fd840ed1751d8428d78e092789cc9a9ae06e3f1540ff08b2cfc80a71e1", "ea3caafe6eb473b167ebbe87fce2570540b122f51481d4788082cbff1abe1487", "4a040cac7eb8d50b0ee74a8a9719672011436a75d015e8659b7fcd3eba712f79", "ace0558cc717628863817fd070f2e3754f15694ae05f600861daa365bad93781", "511c72e9ed64927018d094d9df2901a5d9b3a01963f1d38415c7360caa92da78", "dd61eab422089382aac1e16e47e25f49990086c95bb7d8b3eef8275f005612fa", "c1b429f0de9ebdf1ff28a8f62f364afe420c1c9c3ccf64c72a26364e7d338822", "0368afd2468ede3c2a87c5988d8d880017b66907890d36285d4e878585ff1ff5", "7fd7642348a4caa03a387b3caecd11c4c2a585b57a6a75a748671426685cdcec", "48cec8cd4596904505d23f49a9da1486332f3c896c2723d196c2cdec617e12a1", "b8cfdd16f5bc4d13a805fe0fbc11fc0e569cd7e5d9b84255739baaceb3c3fe5a", "2a6578cf548414e7f684ddb608b09d0584c6ee755e16bec78624368d2463b508"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "pe-header-timestamp-future", "hashes": ["a2ac76c4e7fc5312f3553b1ac36f8eed8485b35add8d4941e86caa05581ee94b", "abc342fd840ed1751d8428d78e092789cc9a9ae06e3f1540ff08b2cfc80a71e1", "ea3caafe6eb473b167ebbe87fce2570540b122f51481d4788082cbff1abe1487", "4a040cac7eb8d50b0ee74a8a9719672011436a75d015e8659b7fcd3eba712f79", "ace0558cc717628863817fd070f2e3754f15694ae05f600861daa365bad93781", "511c72e9ed64927018d094d9df2901a5d9b3a01963f1d38415c7360caa92da78", "dd61eab422089382aac1e16e47e25f49990086c95bb7d8b3eef8275f005612fa", "c1b429f0de9ebdf1ff28a8f62f364afe420c1c9c3ccf64c72a26364e7d338822", "0368afd2468ede3c2a87c5988d8d880017b66907890d36285d4e878585ff1ff5", "7fd7642348a4caa03a387b3caecd11c4c2a585b57a6a75a748671426685cdcec", "48cec8cd4596904505d23f49a9da1486332f3c896c2723d196c2cdec617e12a1", "2a6578cf548414e7f684ddb608b09d0584c6ee755e16bec78624368d2463b508"], "mitre_attack_tags": []}, {"bi": "malware-known-trojan-av", "hashes": ["a2ac76c4e7fc5312f3553b1ac36f8eed8485b35add8d4941e86caa05581ee94b", "ea3caafe6eb473b167ebbe87fce2570540b122f51481d4788082cbff1abe1487", "ace0558cc717628863817fd070f2e3754f15694ae05f600861daa365bad93781", "511c72e9ed64927018d094d9df2901a5d9b3a01963f1d38415c7360caa92da78", "dd61eab422089382aac1e16e47e25f49990086c95bb7d8b3eef8275f005612fa", "c1b429f0de9ebdf1ff28a8f62f364afe420c1c9c3ccf64c72a26364e7d338822", "0368afd2468ede3c2a87c5988d8d880017b66907890d36285d4e878585ff1ff5", "7fd7642348a4caa03a387b3caecd11c4c2a585b57a6a75a748671426685cdcec"], "mitre_attack_tags": []}, {"bi": "network-fast-flux-domain", "hashes": ["abc342fd840ed1751d8428d78e092789cc9a9ae06e3f1540ff08b2cfc80a71e1", "4a040cac7eb8d50b0ee74a8a9719672011436a75d015e8659b7fcd3eba712f79", "48cec8cd4596904505d23f49a9da1486332f3c896c2723d196c2cdec617e12a1", "2a6578cf548414e7f684ddb608b09d0584c6ee755e16bec78624368d2463b508", "efb2b92a9ad40fb2d039fed04162ec421d3fd4bcd86adedbcb52d03ed5b742c1", "57fe3c34a73768fce9e42473532850c03b47eddcdf878a3afb14318aaacd6b0c", "14a3bcfe545de508cb00e55ed07bf88577f1f705ca6cdd15b733235f1d384729", "ccf4d5167a10a49756ab0cf8a204b5d1a06356b5e9bdbee58f4eda966ec551a8"], "mitre_attack_tags": []}, {"bi": "feed-domain-antivirus-service", "hashes": ["abc342fd840ed1751d8428d78e092789cc9a9ae06e3f1540ff08b2cfc80a71e1", "4a040cac7eb8d50b0ee74a8a9719672011436a75d015e8659b7fcd3eba712f79", "48cec8cd4596904505d23f49a9da1486332f3c896c2723d196c2cdec617e12a1", "2a6578cf548414e7f684ddb608b09d0584c6ee755e16bec78624368d2463b508", "efb2b92a9ad40fb2d039fed04162ec421d3fd4bcd86adedbcb52d03ed5b742c1", "57fe3c34a73768fce9e42473532850c03b47eddcdf878a3afb14318aaacd6b0c", "14a3bcfe545de508cb00e55ed07bf88577f1f705ca6cdd15b733235f1d384729"], "mitre_attack_tags": []}, {"bi": "network-snort-malware", "hashes": ["abc342fd840ed1751d8428d78e092789cc9a9ae06e3f1540ff08b2cfc80a71e1", "4a040cac7eb8d50b0ee74a8a9719672011436a75d015e8659b7fcd3eba712f79", "48cec8cd4596904505d23f49a9da1486332f3c896c2723d196c2cdec617e12a1", "2a6578cf548414e7f684ddb608b09d0584c6ee755e16bec78624368d2463b508"], "mitre_attack_tags": []}, {"bi": "enumeration-browser-information", "hashes": ["abc342fd840ed1751d8428d78e092789cc9a9ae06e3f1540ff08b2cfc80a71e1", "4a040cac7eb8d50b0ee74a8a9719672011436a75d015e8659b7fcd3eba712f79", "48cec8cd4596904505d23f49a9da1486332f3c896c2723d196c2cdec617e12a1", "2a6578cf548414e7f684ddb608b09d0584c6ee755e16bec78624368d2463b508"], "mitre_attack_tags": ["TA0007", "TA0009", "TA0006", "T1083", "T1217", "T1005", "T1119", "T1552", "T1539", "T1555"]}, {"bi": "firefox-cookie-read", "hashes": ["abc342fd840ed1751d8428d78e092789cc9a9ae06e3f1540ff08b2cfc80a71e1", "4a040cac7eb8d50b0ee74a8a9719672011436a75d015e8659b7fcd3eba712f79", "48cec8cd4596904505d23f49a9da1486332f3c896c2723d196c2cdec617e12a1", "2a6578cf548414e7f684ddb608b09d0584c6ee755e16bec78624368d2463b508"], "mitre_attack_tags": ["TA0009", "T1005", "T1119"]}, {"bi": "malware-generic-infostealer", "hashes": ["abc342fd840ed1751d8428d78e092789cc9a9ae06e3f1540ff08b2cfc80a71e1", "4a040cac7eb8d50b0ee74a8a9719672011436a75d015e8659b7fcd3eba712f79", "48cec8cd4596904505d23f49a9da1486332f3c896c2723d196c2cdec617e12a1", "2a6578cf548414e7f684ddb608b09d0584c6ee755e16bec78624368d2463b508"], "mitre_attack_tags": ["TA0007", "TA0009", "TA0006", "T1083", "T1005", "T1119", "T1552"]}, {"bi": "enumeration-cryptocurrency-information", "hashes": ["abc342fd840ed1751d8428d78e092789cc9a9ae06e3f1540ff08b2cfc80a71e1", "4a040cac7eb8d50b0ee74a8a9719672011436a75d015e8659b7fcd3eba712f79", "48cec8cd4596904505d23f49a9da1486332f3c896c2723d196c2cdec617e12a1", "2a6578cf548414e7f684ddb608b09d0584c6ee755e16bec78624368d2463b508"], "mitre_attack_tags": ["TA0007", "TA0009", "TA0006", "T1083", "T1005", "T1119", "T1552"]}, {"bi": "enumeration-email-program-information", "hashes": ["abc342fd840ed1751d8428d78e092789cc9a9ae06e3f1540ff08b2cfc80a71e1", "4a040cac7eb8d50b0ee74a8a9719672011436a75d015e8659b7fcd3eba712f79", "48cec8cd4596904505d23f49a9da1486332f3c896c2723d196c2cdec617e12a1", "2a6578cf548414e7f684ddb608b09d0584c6ee755e16bec78624368d2463b508"], "mitre_attack_tags": ["TA0007", "TA0009", "TA0006", "T1083", "T1087", "T1005", "T1119", "T1114", "T1552"]}, {"bi": "enumeration-game-information", "hashes": ["abc342fd840ed1751d8428d78e092789cc9a9ae06e3f1540ff08b2cfc80a71e1", "4a040cac7eb8d50b0ee74a8a9719672011436a75d015e8659b7fcd3eba712f79", "48cec8cd4596904505d23f49a9da1486332f3c896c2723d196c2cdec617e12a1", "2a6578cf548414e7f684ddb608b09d0584c6ee755e16bec78624368d2463b508"], "mitre_attack_tags": ["TA0007", "TA0009", "TA0006", "T1083", "T1005", "T1119", "T1552", "T1555"]}, {"bi": "modified-executable", "hashes": ["efb2b92a9ad40fb2d039fed04162ec421d3fd4bcd86adedbcb52d03ed5b742c1", "57fe3c34a73768fce9e42473532850c03b47eddcdf878a3afb14318aaacd6b0c", "14a3bcfe545de508cb00e55ed07bf88577f1f705ca6cdd15b733235f1d384729", "ccf4d5167a10a49756ab0cf8a204b5d1a06356b5e9bdbee58f4eda966ec551a8"], "mitre_attack_tags": []}, {"bi": "antivirus-service-flagged-artifact-mid", "hashes": ["abc342fd840ed1751d8428d78e092789cc9a9ae06e3f1540ff08b2cfc80a71e1", "4a040cac7eb8d50b0ee74a8a9719672011436a75d015e8659b7fcd3eba712f79", "c1b429f0de9ebdf1ff28a8f62f364afe420c1c9c3ccf64c72a26364e7d338822"], "mitre_attack_tags": []}, {"bi": "network-opendns-malicious", "hashes": ["48cec8cd4596904505d23f49a9da1486332f3c896c2723d196c2cdec617e12a1", "2a6578cf548414e7f684ddb608b09d0584c6ee755e16bec78624368d2463b508"], "mitre_attack_tags": []}, {"bi": "network-dns-malicious-snort", "hashes": ["48cec8cd4596904505d23f49a9da1486332f3c896c2723d196c2cdec617e12a1", "2a6578cf548414e7f684ddb608b09d0584c6ee755e16bec78624368d2463b508"], "mitre_attack_tags": ["TA0011", "T1102"]}, {"bi": "netbios-query", "hashes": ["48cec8cd4596904505d23f49a9da1486332f3c896c2723d196c2cdec617e12a1", "2a6578cf548414e7f684ddb608b09d0584c6ee755e16bec78624368d2463b508"], "mitre_attack_tags": ["TA0007", "T1016"]}, {"bi": "network-dns-category-cnc", "hashes": ["48cec8cd4596904505d23f49a9da1486332f3c896c2723d196c2cdec617e12a1", "2a6578cf548414e7f684ddb608b09d0584c6ee755e16bec78624368d2463b508"], "mitre_attack_tags": ["TA0011"]}, {"bi": "files-deleted-used-batch", "hashes": ["b8cfdd16f5bc4d13a805fe0fbc11fc0e569cd7e5d9b84255739baaceb3c3fe5a"], "mitre_attack_tags": ["TA0005"]}, {"bi": "cmd-exe-file-execution", "hashes": ["b8cfdd16f5bc4d13a805fe0fbc11fc0e569cd7e5d9b84255739baaceb3c3fe5a"], "mitre_attack_tags": ["TA0002", "T1059"]}, {"bi": "excessive-process-creates", "hashes": ["b8cfdd16f5bc4d13a805fe0fbc11fc0e569cd7e5d9b84255739baaceb3c3fe5a"], "mitre_attack_tags": ["TA0040", "T1499"]}, {"bi": "files-created-batch", "hashes": ["b8cfdd16f5bc4d13a805fe0fbc11fc0e569cd7e5d9b84255739baaceb3c3fe5a"], "mitre_attack_tags": ["TA0002", "T1059"]}, {"bi": "process-ping", "hashes": ["b8cfdd16f5bc4d13a805fe0fbc11fc0e569cd7e5d9b84255739baaceb3c3fe5a"], "mitre_attack_tags": ["TA0007", "T1049"]}, {"bi": "process-ping-localhost", "hashes": ["b8cfdd16f5bc4d13a805fe0fbc11fc0e569cd7e5d9b84255739baaceb3c3fe5a"], "mitre_attack_tags": ["TA0007", "T1016"]}], "category": "Dropper", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": true, "Threat Grid": true, "Umbrella": true, "WSA": true}, "description": "Ramnit is a banking trojan that monitors web browser activity on an infected machine and collects login information from financial websites. It can also steal browser cookies and try to hide from popular antivirus software.", "hashes": ["02bd161beee232d6ecf9c7a8a0fe80c2545227451547459f4612c5da81ba5b5b", "0368afd2468ede3c2a87c5988d8d880017b66907890d36285d4e878585ff1ff5", "041401ea1601b14048afc6b726d4b417ca8aa1a6358e51744ee4a123ba636f87", "08eb344569251e4fc99c3de92a7bf8d8ac36a1c6aa410273dd1e063ededb4a42", "096d82b60d52de1e7ec7e85c234db5bf8140730051127e87b5e8957c332b19f2", "0d62d5ab9c799ad6d0121505f965400007cecc4f2b7fd5f907e69bb96e1f83c4", "0e8673929faeaed582fbb578afa829f9363e7e297e2fea9addbe5a679ae5c038", "0fdb520255fdc09c07c596f670e077e7e974af4e9b2df6fa254ef034631d950c", "10bbc14c15b368e4a48aba3cf2e6e0192e73e3e190c1952df5d6a13f57295d9e", "14a3bcfe545de508cb00e55ed07bf88577f1f705ca6cdd15b733235f1d384729", "1b6e4c705bd5306e35649e5ee0812c80a0cdfa60b045454f488dd7ef8f55d473", "2107ea6810560dcedfc5a4ed35a11caa5619cba7cde29557642482b83dccdf27", "2a6578cf548414e7f684ddb608b09d0584c6ee755e16bec78624368d2463b508", "2ba72a8de72521e03d24fd9c062d7c1d11e347198f09fbfc9726f78739a50baf", "2cf0e11b4d3ed524a99a327e52a246b73d5d91ff938bcbe58d31d4511d2b910f", "2d3ce270807d037b5cdc8ec95351c82ad17e03508ef554cdb9b4b419d0084e26", "2e0fc89b9e4676bf7966ed1485581ca395d01bea1ea89df0c0529f5281bc73b0", "3642e57a9da01bd7b6b5d9a1054c21fbbc73656e7253f0b7434fc952c9761b6d", "37e19470f3e2161ae58a9bda0a9fdce6e7ba726ee13027d5a50f7bcd1b891818", "380bf2a2bac7a49b9dfaa3dae8b56397672108ab24f41dfb3d670ffb28f6a825", "3a5f79652f87ccb4c9798113f7a919f9f88cf4221de4486d249a24eac1e846fc", "3b69ea5e38470aa747535697b40dc6f5a2924ce2c44ff8b809459bdbd41edf7d", "3c6b98c113741da5f2ac7896a314b8800bf60d90ab6e2ef7acb7380460d51f16", "3e71f6d4e7142c28ee7fcc14925293f0c4608b0e0ae3a8e025faff261b4263b1", "418458f7a25840f6c8b8a9982dec09d02e297b93aeb73e2e87ce30eaf171622a", "48c5e413fd6ab373a692453e844ff6ab0a5b91944a9b3dfeb9a3e4b79b016b3c", "48cec8cd4596904505d23f49a9da1486332f3c896c2723d196c2cdec617e12a1", "4a040cac7eb8d50b0ee74a8a9719672011436a75d015e8659b7fcd3eba712f79", "4f2f1363b34e00914235dbec86ab50cf08e6dc1657c16b4d3249c6fb57f4fb94", "511c72e9ed64927018d094d9df2901a5d9b3a01963f1d38415c7360caa92da78", "54d0ee19b0725bf78372c3fc84776b1a81324ff4c8a0be7d816eebdbbf0af18c", "57fe3c34a73768fce9e42473532850c03b47eddcdf878a3afb14318aaacd6b0c", "59040541282c5325a0a35f19ef601f3c1eb8ba444c084d8c4980e0272f26411c", "5b01264cdb69b01ec534449db1aca49d346436f1431b2fede4b2500fe5372323", "5fd53451a546ab1f46243d4cbcf9b30f96c79da331f1bfc6a374d9187d9dc423", "60683e63a880b6c14843690a5b7ca011db647d468a5966f7076dd3f23bebbc27", "69771ec35f954d09b78b55b6e3d6b240ebf7738ee682997f3fd3c6b750fec5e3", "6a609b2e0a47e4de97677965ea36b42fa35b1fb78cddb3db64921fe77419dcc7", "7081564c824770ff62a6d7712d558cf94a5afb3c88652284ae8484b38e797d80", "70d9589714a905598fb88eed66d10166b5e094ae69352bcaf5e0e338c2ca05ee", "72954d8828b3ee1b3720da41b215de2cc04cf60ec1c04cb2e2fda0cb00af01c5", "769b5f6c4b789dc17ae3b91dd6666ae324e5eb2d1aa644bcec418f6637cbccb8", "7b20b62a3d60a2505f6581b52f7d9b785e995dbf7f47f6286695d3b13ddbc727", "7d913f06c252acee7495e34f57c13938adc5c6a93386baaabd6fc758a1cd90de", "7fd7642348a4caa03a387b3caecd11c4c2a585b57a6a75a748671426685cdcec", "8461890eba27128485afd38c2c735bb66a56cbfc85b801f673cd56911b894995", "86a157fefa7022630be7aa6e305243e349ad54e37abcbf406f9f966af659e108", "8787f5e369fa69155d22a1f0bcaaef6e65cec46e410f8e2c4b4cba04a5d3dbdf", "8ca3cf28225f57830a300456ee5b931becc4ebe26eb9b21c7bc97541579e0584", "906f24487e4f9a5db9372e91cab6197f74bb98f15aa4ffc97d6432d993af817d", "9176bd87a4af64bba79e23b110420a6756cdcc0cec01632dfc9a0c67d9b99de2", "9e145977fe750e9b5042c70f00af4fcf22c1757527dd7aa1eae7b7f6f3a915f3", "9ea95879e83d2ba1f74b3d73485768afb4dd7167db57cdfca6d2aac4e9678574", "a2ac76c4e7fc5312f3553b1ac36f8eed8485b35add8d4941e86caa05581ee94b", "a3a36f24fbd52508e76892c042ab819a817e95ee9ded2e3597b5e9c539aa8c45", "a81df49be52a7d9b6e990c82171df3b93a702f821605b93ab4453b8a775db80d", "abc342fd840ed1751d8428d78e092789cc9a9ae06e3f1540ff08b2cfc80a71e1", "ace0558cc717628863817fd070f2e3754f15694ae05f600861daa365bad93781", "af943d5d3b63993209e5ab4d5f1ac56018bd76b53c05c21be04585f2e8d5aea0", "b32f2fdc3526f6326ae7ffc3848166ae3315e1fce6158ee6070cf5f9afc05152", "b7581157aa029b748559f4b9052d2aba833792a99fc0240bcab7586759140be3", "b897378d3ae7794fa32aa16eedc828e7c80b7f2517ecd7f3a7dbe6e5f0132c3d", "b8cfdd16f5bc4d13a805fe0fbc11fc0e569cd7e5d9b84255739baaceb3c3fe5a", "b9b9926458b52e38c5dae8489ef62a21dab36bca4e95c74dde7add49b91c8b0c", "bb0a356d6e48c62138b28d5ff273cd847c46001a62af08a766f488cb1933eed2", "bc1694603bf164384027b56ecfac03ef2f5540e5050383b869e99b2bf383a222", "c1b429f0de9ebdf1ff28a8f62f364afe420c1c9c3ccf64c72a26364e7d338822", "c599f7713c49a202111f30dba0185b72d251e91a9b182f17d07c4badf0e99672", "c6afe03c0edb82874b4d1bcdf0354f1ed3ed2941cc1fc0adc5636b2492029f1a", "cbe6a1aa3eceafa8531d38499f3a24c4c727b032af7051109d439ec515d7edff", "ccf4d5167a10a49756ab0cf8a204b5d1a06356b5e9bdbee58f4eda966ec551a8", "d0e6a6a105e90cc08e635fcf6cdf0961f0a05c1552c65b2ce3ba494fc2a1c871", "d118a88b1ecd7dfbb01afbaea6122eec93d227f500d030a50e0a60e2e0b6c728", "d1aa8f9c83cb795f77652001b3eb8fbb3bd6d03c387c053c6dad31143b145092", "d94660a0e74d31307af0054b78167923aeda8aac641a1b6b196b9950abea4899", "dc83b46a38815959a5855527db00bdf5c3da3764e79f2e65ecd1e8f812f568c6", "dcce500c1986e36a5a9442857dc606c11745214aa3dcddd01365b025fc2f2559", "dd61eab422089382aac1e16e47e25f49990086c95bb7d8b3eef8275f005612fa", "e0e4ff87d4507282bf4a60921c0cecb881f113d3df330e6d129cc80a84d85f19", "e1e7bcb3a0b05d4793bd9876ddc0079ed72a86777a7d1d49777bcaff0d416baf", "e32b75754d202bb7c92bc52cbbba3ec65a712450eb42c25e92515111c825c18a", "e403c9c9a0d416eae05dcd022a9b54fdaa27604669d7fcae343d3c77b1001a73", "ea3caafe6eb473b167ebbe87fce2570540b122f51481d4788082cbff1abe1487", "ee03161b421df5328a250ebe71a28fb12ccc495da0dd5b9ee29331043725bed4", "ee87b76910174892715ba17e2ab18784fc81e8ea0f003248369e8fb8c8a3d628", "efb2b92a9ad40fb2d039fed04162ec421d3fd4bcd86adedbcb52d03ed5b742c1", "efbf347aa6fcd7df3a7537ed8bcb672439e69dc5d0c27a76dfdfe5706198fd09", "f887b49a5b77e55fd62cd2623840725709c75ec059033dffeb7d662886d4510d"], "iocs": {"domain": [{"hashes": ["14a3bcfe545de508cb00e55ed07bf88577f1f705ca6cdd15b733235f1d384729", "57fe3c34a73768fce9e42473532850c03b47eddcdf878a3afb14318aaacd6b0c", "ccf4d5167a10a49756ab0cf8a204b5d1a06356b5e9bdbee58f4eda966ec551a8", "efb2b92a9ad40fb2d039fed04162ec421d3fd4bcd86adedbcb52d03ed5b742c1"], "host": "cryptotab[.]me"}, {"hashes": ["2a6578cf548414e7f684ddb608b09d0584c6ee755e16bec78624368d2463b508", "48cec8cd4596904505d23f49a9da1486332f3c896c2723d196c2cdec617e12a1"], "host": "portexgame[.]xyz"}, {"hashes": ["4a040cac7eb8d50b0ee74a8a9719672011436a75d015e8659b7fcd3eba712f79", "abc342fd840ed1751d8428d78e092789cc9a9ae06e3f1540ff08b2cfc80a71e1"], "host": "loadlink[.]xyz"}], "file": [{"hashes": ["10bbc14c15b368e4a48aba3cf2e6e0192e73e3e190c1952df5d6a13f57295d9e", "2107ea6810560dcedfc5a4ed35a11caa5619cba7cde29557642482b83dccdf27", "2ba72a8de72521e03d24fd9c062d7c1d11e347198f09fbfc9726f78739a50baf", "3c6b98c113741da5f2ac7896a314b8800bf60d90ab6e2ef7acb7380460d51f16", "3e71f6d4e7142c28ee7fcc14925293f0c4608b0e0ae3a8e025faff261b4263b1", "418458f7a25840f6c8b8a9982dec09d02e297b93aeb73e2e87ce30eaf171622a", "6a609b2e0a47e4de97677965ea36b42fa35b1fb78cddb3db64921fe77419dcc7", "7b20b62a3d60a2505f6581b52f7d9b785e995dbf7f47f6286695d3b13ddbc727", "8ca3cf28225f57830a300456ee5b931becc4ebe26eb9b21c7bc97541579e0584", "906f24487e4f9a5db9372e91cab6197f74bb98f15aa4ffc97d6432d993af817d", "a3a36f24fbd52508e76892c042ab819a817e95ee9ded2e3597b5e9c539aa8c45", "bb0a356d6e48c62138b28d5ff273cd847c46001a62af08a766f488cb1933eed2", "c599f7713c49a202111f30dba0185b72d251e91a9b182f17d07c4badf0e99672", "cbe6a1aa3eceafa8531d38499f3a24c4c727b032af7051109d439ec515d7edff", "d94660a0e74d31307af0054b78167923aeda8aac641a1b6b196b9950abea4899", "e32b75754d202bb7c92bc52cbbba3ec65a712450eb42c25e92515111c825c18a", "ee87b76910174892715ba17e2ab18784fc81e8ea0f003248369e8fb8c8a3d628"], "path": "%System32%\\Tasks\\DriverUpdates"}, {"hashes": ["10bbc14c15b368e4a48aba3cf2e6e0192e73e3e190c1952df5d6a13f57295d9e", "2107ea6810560dcedfc5a4ed35a11caa5619cba7cde29557642482b83dccdf27", "2ba72a8de72521e03d24fd9c062d7c1d11e347198f09fbfc9726f78739a50baf", "3c6b98c113741da5f2ac7896a314b8800bf60d90ab6e2ef7acb7380460d51f16", "3e71f6d4e7142c28ee7fcc14925293f0c4608b0e0ae3a8e025faff261b4263b1", "418458f7a25840f6c8b8a9982dec09d02e297b93aeb73e2e87ce30eaf171622a", "6a609b2e0a47e4de97677965ea36b42fa35b1fb78cddb3db64921fe77419dcc7", "7b20b62a3d60a2505f6581b52f7d9b785e995dbf7f47f6286695d3b13ddbc727", "8ca3cf28225f57830a300456ee5b931becc4ebe26eb9b21c7bc97541579e0584", "906f24487e4f9a5db9372e91cab6197f74bb98f15aa4ffc97d6432d993af817d", "a3a36f24fbd52508e76892c042ab819a817e95ee9ded2e3597b5e9c539aa8c45", "bb0a356d6e48c62138b28d5ff273cd847c46001a62af08a766f488cb1933eed2", "c599f7713c49a202111f30dba0185b72d251e91a9b182f17d07c4badf0e99672", "cbe6a1aa3eceafa8531d38499f3a24c4c727b032af7051109d439ec515d7edff", "d94660a0e74d31307af0054b78167923aeda8aac641a1b6b196b9950abea4899", "e32b75754d202bb7c92bc52cbbba3ec65a712450eb42c25e92515111c825c18a", "ee87b76910174892715ba17e2ab18784fc81e8ea0f003248369e8fb8c8a3d628"], "path": "%TEMP%\\RES<random, matching '[A-F0-9]{3,4}'>.tmp"}, {"hashes": ["10bbc14c15b368e4a48aba3cf2e6e0192e73e3e190c1952df5d6a13f57295d9e", "2107ea6810560dcedfc5a4ed35a11caa5619cba7cde29557642482b83dccdf27", "2ba72a8de72521e03d24fd9c062d7c1d11e347198f09fbfc9726f78739a50baf", "3c6b98c113741da5f2ac7896a314b8800bf60d90ab6e2ef7acb7380460d51f16", "3e71f6d4e7142c28ee7fcc14925293f0c4608b0e0ae3a8e025faff261b4263b1", "418458f7a25840f6c8b8a9982dec09d02e297b93aeb73e2e87ce30eaf171622a", "6a609b2e0a47e4de97677965ea36b42fa35b1fb78cddb3db64921fe77419dcc7", "7b20b62a3d60a2505f6581b52f7d9b785e995dbf7f47f6286695d3b13ddbc727", "8ca3cf28225f57830a300456ee5b931becc4ebe26eb9b21c7bc97541579e0584", "906f24487e4f9a5db9372e91cab6197f74bb98f15aa4ffc97d6432d993af817d", "a3a36f24fbd52508e76892c042ab819a817e95ee9ded2e3597b5e9c539aa8c45", "bb0a356d6e48c62138b28d5ff273cd847c46001a62af08a766f488cb1933eed2", "c599f7713c49a202111f30dba0185b72d251e91a9b182f17d07c4badf0e99672", "cbe6a1aa3eceafa8531d38499f3a24c4c727b032af7051109d439ec515d7edff", "d94660a0e74d31307af0054b78167923aeda8aac641a1b6b196b9950abea4899", "e32b75754d202bb7c92bc52cbbba3ec65a712450eb42c25e92515111c825c18a", "ee87b76910174892715ba17e2ab18784fc81e8ea0f003248369e8fb8c8a3d628"], "path": "%TEMP%\\<random, matching '[a-z]{3}[A-F0-9]{3,4}'>.tmp"}, {"hashes": ["10bbc14c15b368e4a48aba3cf2e6e0192e73e3e190c1952df5d6a13f57295d9e", "2107ea6810560dcedfc5a4ed35a11caa5619cba7cde29557642482b83dccdf27", "2ba72a8de72521e03d24fd9c062d7c1d11e347198f09fbfc9726f78739a50baf", "3c6b98c113741da5f2ac7896a314b8800bf60d90ab6e2ef7acb7380460d51f16", "3e71f6d4e7142c28ee7fcc14925293f0c4608b0e0ae3a8e025faff261b4263b1", "418458f7a25840f6c8b8a9982dec09d02e297b93aeb73e2e87ce30eaf171622a", "6a609b2e0a47e4de97677965ea36b42fa35b1fb78cddb3db64921fe77419dcc7", "7b20b62a3d60a2505f6581b52f7d9b785e995dbf7f47f6286695d3b13ddbc727", "8ca3cf28225f57830a300456ee5b931becc4ebe26eb9b21c7bc97541579e0584", "906f24487e4f9a5db9372e91cab6197f74bb98f15aa4ffc97d6432d993af817d", "a3a36f24fbd52508e76892c042ab819a817e95ee9ded2e3597b5e9c539aa8c45", "bb0a356d6e48c62138b28d5ff273cd847c46001a62af08a766f488cb1933eed2", "c599f7713c49a202111f30dba0185b72d251e91a9b182f17d07c4badf0e99672", "cbe6a1aa3eceafa8531d38499f3a24c4c727b032af7051109d439ec515d7edff", "d94660a0e74d31307af0054b78167923aeda8aac641a1b6b196b9950abea4899", "e32b75754d202bb7c92bc52cbbba3ec65a712450eb42c25e92515111c825c18a", "ee87b76910174892715ba17e2ab18784fc81e8ea0f003248369e8fb8c8a3d628"], "path": "%TEMP%\\<random, matching '[a-z0-9]{8}'>.dll"}, {"hashes": ["10bbc14c15b368e4a48aba3cf2e6e0192e73e3e190c1952df5d6a13f57295d9e", "2107ea6810560dcedfc5a4ed35a11caa5619cba7cde29557642482b83dccdf27", "2ba72a8de72521e03d24fd9c062d7c1d11e347198f09fbfc9726f78739a50baf", "3c6b98c113741da5f2ac7896a314b8800bf60d90ab6e2ef7acb7380460d51f16", "3e71f6d4e7142c28ee7fcc14925293f0c4608b0e0ae3a8e025faff261b4263b1", "418458f7a25840f6c8b8a9982dec09d02e297b93aeb73e2e87ce30eaf171622a", "6a609b2e0a47e4de97677965ea36b42fa35b1fb78cddb3db64921fe77419dcc7", "7b20b62a3d60a2505f6581b52f7d9b785e995dbf7f47f6286695d3b13ddbc727", "8ca3cf28225f57830a300456ee5b931becc4ebe26eb9b21c7bc97541579e0584", "906f24487e4f9a5db9372e91cab6197f74bb98f15aa4ffc97d6432d993af817d", "a3a36f24fbd52508e76892c042ab819a817e95ee9ded2e3597b5e9c539aa8c45", "bb0a356d6e48c62138b28d5ff273cd847c46001a62af08a766f488cb1933eed2", "c599f7713c49a202111f30dba0185b72d251e91a9b182f17d07c4badf0e99672", "cbe6a1aa3eceafa8531d38499f3a24c4c727b032af7051109d439ec515d7edff", "d94660a0e74d31307af0054b78167923aeda8aac641a1b6b196b9950abea4899", "e32b75754d202bb7c92bc52cbbba3ec65a712450eb42c25e92515111c825c18a", "ee87b76910174892715ba17e2ab18784fc81e8ea0f003248369e8fb8c8a3d628"], "path": "%TEMP%\\<random, matching '[a-z0-9]{8}'>.out"}, {"hashes": ["10bbc14c15b368e4a48aba3cf2e6e0192e73e3e190c1952df5d6a13f57295d9e", "2107ea6810560dcedfc5a4ed35a11caa5619cba7cde29557642482b83dccdf27", "2ba72a8de72521e03d24fd9c062d7c1d11e347198f09fbfc9726f78739a50baf", "3c6b98c113741da5f2ac7896a314b8800bf60d90ab6e2ef7acb7380460d51f16", "3e71f6d4e7142c28ee7fcc14925293f0c4608b0e0ae3a8e025faff261b4263b1", "418458f7a25840f6c8b8a9982dec09d02e297b93aeb73e2e87ce30eaf171622a", "6a609b2e0a47e4de97677965ea36b42fa35b1fb78cddb3db64921fe77419dcc7", "7b20b62a3d60a2505f6581b52f7d9b785e995dbf7f47f6286695d3b13ddbc727", "8ca3cf28225f57830a300456ee5b931becc4ebe26eb9b21c7bc97541579e0584", "906f24487e4f9a5db9372e91cab6197f74bb98f15aa4ffc97d6432d993af817d", "a3a36f24fbd52508e76892c042ab819a817e95ee9ded2e3597b5e9c539aa8c45", "bb0a356d6e48c62138b28d5ff273cd847c46001a62af08a766f488cb1933eed2", "c599f7713c49a202111f30dba0185b72d251e91a9b182f17d07c4badf0e99672", "cbe6a1aa3eceafa8531d38499f3a24c4c727b032af7051109d439ec515d7edff", "d94660a0e74d31307af0054b78167923aeda8aac641a1b6b196b9950abea4899", "e32b75754d202bb7c92bc52cbbba3ec65a712450eb42c25e92515111c825c18a", "ee87b76910174892715ba17e2ab18784fc81e8ea0f003248369e8fb8c8a3d628"], "path": "%TEMP%\\<random, matching '[a-z0-9]{8}'>.0.cs"}, {"hashes": ["10bbc14c15b368e4a48aba3cf2e6e0192e73e3e190c1952df5d6a13f57295d9e", "2107ea6810560dcedfc5a4ed35a11caa5619cba7cde29557642482b83dccdf27", "2ba72a8de72521e03d24fd9c062d7c1d11e347198f09fbfc9726f78739a50baf", "3c6b98c113741da5f2ac7896a314b8800bf60d90ab6e2ef7acb7380460d51f16", "3e71f6d4e7142c28ee7fcc14925293f0c4608b0e0ae3a8e025faff261b4263b1", "418458f7a25840f6c8b8a9982dec09d02e297b93aeb73e2e87ce30eaf171622a", "6a609b2e0a47e4de97677965ea36b42fa35b1fb78cddb3db64921fe77419dcc7", "7b20b62a3d60a2505f6581b52f7d9b785e995dbf7f47f6286695d3b13ddbc727", "8ca3cf28225f57830a300456ee5b931becc4ebe26eb9b21c7bc97541579e0584", "906f24487e4f9a5db9372e91cab6197f74bb98f15aa4ffc97d6432d993af817d", "a3a36f24fbd52508e76892c042ab819a817e95ee9ded2e3597b5e9c539aa8c45", "bb0a356d6e48c62138b28d5ff273cd847c46001a62af08a766f488cb1933eed2", "c599f7713c49a202111f30dba0185b72d251e91a9b182f17d07c4badf0e99672", "cbe6a1aa3eceafa8531d38499f3a24c4c727b032af7051109d439ec515d7edff", "d94660a0e74d31307af0054b78167923aeda8aac641a1b6b196b9950abea4899", "e32b75754d202bb7c92bc52cbbba3ec65a712450eb42c25e92515111c825c18a", "ee87b76910174892715ba17e2ab18784fc81e8ea0f003248369e8fb8c8a3d628"], "path": "%TEMP%\\<random, matching '[a-z0-9]{8}'>.cmdline"}, {"hashes": ["2a6578cf548414e7f684ddb608b09d0584c6ee755e16bec78624368d2463b508", "48cec8cd4596904505d23f49a9da1486332f3c896c2723d196c2cdec617e12a1", "4a040cac7eb8d50b0ee74a8a9719672011436a75d015e8659b7fcd3eba712f79", "abc342fd840ed1751d8428d78e092789cc9a9ae06e3f1540ff08b2cfc80a71e1"], "path": "%LOCALAPPDATA%\\Yandex"}, {"hashes": ["2a6578cf548414e7f684ddb608b09d0584c6ee755e16bec78624368d2463b508", "48cec8cd4596904505d23f49a9da1486332f3c896c2723d196c2cdec617e12a1", "4a040cac7eb8d50b0ee74a8a9719672011436a75d015e8659b7fcd3eba712f79", "abc342fd840ed1751d8428d78e092789cc9a9ae06e3f1540ff08b2cfc80a71e1"], "path": "%LOCALAPPDATA%\\Yandex\\YaAddon"}, {"hashes": ["14a3bcfe545de508cb00e55ed07bf88577f1f705ca6cdd15b733235f1d384729"], "path": "%SystemRoot%\\Tasks\\iwqdo.job"}, {"hashes": ["57fe3c34a73768fce9e42473532850c03b47eddcdf878a3afb14318aaacd6b0c"], "path": "%SystemRoot%\\Tasks\\mabwk.job"}, {"hashes": ["bb0a356d6e48c62138b28d5ff273cd847c46001a62af08a766f488cb1933eed2"], "path": "%TEMP%\\-5yl__pn.dll"}, {"hashes": ["bb0a356d6e48c62138b28d5ff273cd847c46001a62af08a766f488cb1933eed2"], "path": "%TEMP%\\-5yl__pn.0.cs"}, {"hashes": ["bb0a356d6e48c62138b28d5ff273cd847c46001a62af08a766f488cb1933eed2"], "path": "%TEMP%\\-5yl__pn.cmdline"}, {"hashes": ["bb0a356d6e48c62138b28d5ff273cd847c46001a62af08a766f488cb1933eed2"], "path": "%TEMP%\\-5yl__pn.out"}, {"hashes": ["3c6b98c113741da5f2ac7896a314b8800bf60d90ab6e2ef7acb7380460d51f16"], "path": "%TEMP%\\iln_-8bo.0.cs"}, {"hashes": ["3c6b98c113741da5f2ac7896a314b8800bf60d90ab6e2ef7acb7380460d51f16"], "path": "%TEMP%\\iln_-8bo.cmdline"}, {"hashes": ["3c6b98c113741da5f2ac7896a314b8800bf60d90ab6e2ef7acb7380460d51f16"], "path": "%TEMP%\\iln_-8bo.dll"}, {"hashes": ["3c6b98c113741da5f2ac7896a314b8800bf60d90ab6e2ef7acb7380460d51f16"], "path": "%TEMP%\\iln_-8bo.out"}, {"hashes": ["ee87b76910174892715ba17e2ab18784fc81e8ea0f003248369e8fb8c8a3d628"], "path": "%TEMP%\\fhg_fw_h.0.cs"}, {"hashes": ["ee87b76910174892715ba17e2ab18784fc81e8ea0f003248369e8fb8c8a3d628"], "path": "%TEMP%\\fhg_fw_h.cmdline"}, {"hashes": ["ee87b76910174892715ba17e2ab18784fc81e8ea0f003248369e8fb8c8a3d628"], "path": "%TEMP%\\fhg_fw_h.dll"}, {"hashes": ["ee87b76910174892715ba17e2ab18784fc81e8ea0f003248369e8fb8c8a3d628"], "path": "%TEMP%\\fhg_fw_h.out"}, {"hashes": ["cbe6a1aa3eceafa8531d38499f3a24c4c727b032af7051109d439ec515d7edff"], "path": "%TEMP%\\_rbzi2m4.0.cs"}, {"hashes": ["cbe6a1aa3eceafa8531d38499f3a24c4c727b032af7051109d439ec515d7edff"], "path": "%TEMP%\\_rbzi2m4.cmdline"}, {"hashes": ["cbe6a1aa3eceafa8531d38499f3a24c4c727b032af7051109d439ec515d7edff"], "path": "%TEMP%\\_rbzi2m4.dll"}, {"hashes": ["cbe6a1aa3eceafa8531d38499f3a24c4c727b032af7051109d439ec515d7edff"], "path": "%TEMP%\\_rbzi2m4.out"}, {"hashes": ["e32b75754d202bb7c92bc52cbbba3ec65a712450eb42c25e92515111c825c18a"], "path": "%TEMP%\\kxi_bjud.0.cs"}, {"hashes": ["e32b75754d202bb7c92bc52cbbba3ec65a712450eb42c25e92515111c825c18a"], "path": "%TEMP%\\kxi_bjud.cmdline"}, {"hashes": ["e32b75754d202bb7c92bc52cbbba3ec65a712450eb42c25e92515111c825c18a"], "path": "%TEMP%\\kxi_bjud.dll"}, {"hashes": ["e32b75754d202bb7c92bc52cbbba3ec65a712450eb42c25e92515111c825c18a"], "path": "%TEMP%\\kxi_bjud.out"}, {"hashes": ["b8cfdd16f5bc4d13a805fe0fbc11fc0e569cd7e5d9b84255739baaceb3c3fe5a"], "path": "%TEMP%\\EgWcFu9B21yG.bat"}, {"hashes": ["b8cfdd16f5bc4d13a805fe0fbc11fc0e569cd7e5d9b84255739baaceb3c3fe5a"], "path": "%TEMP%\\V4gXAg8INS36.bat"}, {"hashes": ["b8cfdd16f5bc4d13a805fe0fbc11fc0e569cd7e5d9b84255739baaceb3c3fe5a"], "path": "%TEMP%\\NDljE50Wc8ny.bat"}, {"hashes": ["b8cfdd16f5bc4d13a805fe0fbc11fc0e569cd7e5d9b84255739baaceb3c3fe5a"], "path": "%TEMP%\\7y2gGK2b2AZs.bat"}, {"hashes": ["b8cfdd16f5bc4d13a805fe0fbc11fc0e569cd7e5d9b84255739baaceb3c3fe5a"], "path": "%TEMP%\\b22JVT1nqiJL.bat"}, {"hashes": ["b8cfdd16f5bc4d13a805fe0fbc11fc0e569cd7e5d9b84255739baaceb3c3fe5a"], "path": "%TEMP%\\WerdUxGo09tX.bat"}, {"hashes": ["b8cfdd16f5bc4d13a805fe0fbc11fc0e569cd7e5d9b84255739baaceb3c3fe5a"], "path": "%TEMP%\\43KjTHhkVinJ.bat"}, {"hashes": ["b8cfdd16f5bc4d13a805fe0fbc11fc0e569cd7e5d9b84255739baaceb3c3fe5a"], "path": "%TEMP%\\ociq5WRp7jHn.bat"}, {"hashes": ["b8cfdd16f5bc4d13a805fe0fbc11fc0e569cd7e5d9b84255739baaceb3c3fe5a"], "path": "%TEMP%\\pxpKfp40CfNO.bat"}, {"hashes": ["2107ea6810560dcedfc5a4ed35a11caa5619cba7cde29557642482b83dccdf27"], "path": "%TEMP%\\v_4mx_89.dll"}, {"hashes": ["2107ea6810560dcedfc5a4ed35a11caa5619cba7cde29557642482b83dccdf27"], "path": "%TEMP%\\v_4mx_89.0.cs"}, {"hashes": ["2107ea6810560dcedfc5a4ed35a11caa5619cba7cde29557642482b83dccdf27"], "path": "%TEMP%\\v_4mx_89.cmdline"}, {"hashes": ["2107ea6810560dcedfc5a4ed35a11caa5619cba7cde29557642482b83dccdf27"], "path": "%TEMP%\\v_4mx_89.out"}, {"hashes": ["ccf4d5167a10a49756ab0cf8a204b5d1a06356b5e9bdbee58f4eda966ec551a8"], "path": "%ProgramData%\\ovtbg\\bewc.exe"}, {"hashes": ["ccf4d5167a10a49756ab0cf8a204b5d1a06356b5e9bdbee58f4eda966ec551a8"], "path": "%SystemRoot%\\Tasks\\bewc.job"}, {"hashes": ["ccf4d5167a10a49756ab0cf8a204b5d1a06356b5e9bdbee58f4eda966ec551a8"], "path": "%System32%\\Tasks\\bewc"}, {"hashes": ["efb2b92a9ad40fb2d039fed04162ec421d3fd4bcd86adedbcb52d03ed5b742c1"], "path": "%ProgramData%\\rtps\\kcmkg.exe"}, {"hashes": ["efb2b92a9ad40fb2d039fed04162ec421d3fd4bcd86adedbcb52d03ed5b742c1"], "path": "%SystemRoot%\\Tasks\\kcmkg.job"}, {"hashes": ["efb2b92a9ad40fb2d039fed04162ec421d3fd4bcd86adedbcb52d03ed5b742c1"], "path": "%System32%\\Tasks\\kcmkg"}], "ip": [{"hashes": ["10bbc14c15b368e4a48aba3cf2e6e0192e73e3e190c1952df5d6a13f57295d9e", "2107ea6810560dcedfc5a4ed35a11caa5619cba7cde29557642482b83dccdf27", "2ba72a8de72521e03d24fd9c062d7c1d11e347198f09fbfc9726f78739a50baf", "3c6b98c113741da5f2ac7896a314b8800bf60d90ab6e2ef7acb7380460d51f16", "3e71f6d4e7142c28ee7fcc14925293f0c4608b0e0ae3a8e025faff261b4263b1", "418458f7a25840f6c8b8a9982dec09d02e297b93aeb73e2e87ce30eaf171622a", "6a609b2e0a47e4de97677965ea36b42fa35b1fb78cddb3db64921fe77419dcc7", "7b20b62a3d60a2505f6581b52f7d9b785e995dbf7f47f6286695d3b13ddbc727", "8ca3cf28225f57830a300456ee5b931becc4ebe26eb9b21c7bc97541579e0584", "906f24487e4f9a5db9372e91cab6197f74bb98f15aa4ffc97d6432d993af817d", "a3a36f24fbd52508e76892c042ab819a817e95ee9ded2e3597b5e9c539aa8c45", "bb0a356d6e48c62138b28d5ff273cd847c46001a62af08a766f488cb1933eed2", "c599f7713c49a202111f30dba0185b72d251e91a9b182f17d07c4badf0e99672", "cbe6a1aa3eceafa8531d38499f3a24c4c727b032af7051109d439ec515d7edff", "d94660a0e74d31307af0054b78167923aeda8aac641a1b6b196b9950abea4899", "e32b75754d202bb7c92bc52cbbba3ec65a712450eb42c25e92515111c825c18a", "ee87b76910174892715ba17e2ab18784fc81e8ea0f003248369e8fb8c8a3d628"], "ip": "74[.]208[.]208[.]183"}, {"hashes": ["0368afd2468ede3c2a87c5988d8d880017b66907890d36285d4e878585ff1ff5", "511c72e9ed64927018d094d9df2901a5d9b3a01963f1d38415c7360caa92da78", "7fd7642348a4caa03a387b3caecd11c4c2a585b57a6a75a748671426685cdcec", "a2ac76c4e7fc5312f3553b1ac36f8eed8485b35add8d4941e86caa05581ee94b", "ace0558cc717628863817fd070f2e3754f15694ae05f600861daa365bad93781", "c1b429f0de9ebdf1ff28a8f62f364afe420c1c9c3ccf64c72a26364e7d338822", "dd61eab422089382aac1e16e47e25f49990086c95bb7d8b3eef8275f005612fa", "ea3caafe6eb473b167ebbe87fce2570540b122f51481d4788082cbff1abe1487"], "ip": "74[.]208[.]175[.]106"}, {"hashes": ["0368afd2468ede3c2a87c5988d8d880017b66907890d36285d4e878585ff1ff5", "511c72e9ed64927018d094d9df2901a5d9b3a01963f1d38415c7360caa92da78", "7fd7642348a4caa03a387b3caecd11c4c2a585b57a6a75a748671426685cdcec", "a2ac76c4e7fc5312f3553b1ac36f8eed8485b35add8d4941e86caa05581ee94b", "c1b429f0de9ebdf1ff28a8f62f364afe420c1c9c3ccf64c72a26364e7d338822", "dd61eab422089382aac1e16e47e25f49990086c95bb7d8b3eef8275f005612fa", "ea3caafe6eb473b167ebbe87fce2570540b122f51481d4788082cbff1abe1487"], "ip": "74[.]208[.]181[.]179"}, {"hashes": ["14a3bcfe545de508cb00e55ed07bf88577f1f705ca6cdd15b733235f1d384729", "57fe3c34a73768fce9e42473532850c03b47eddcdf878a3afb14318aaacd6b0c", "ccf4d5167a10a49756ab0cf8a204b5d1a06356b5e9bdbee58f4eda966ec551a8", "efb2b92a9ad40fb2d039fed04162ec421d3fd4bcd86adedbcb52d03ed5b742c1"], "ip": "23[.]94[.]163[.]16"}, {"hashes": ["2a6578cf548414e7f684ddb608b09d0584c6ee755e16bec78624368d2463b508", "48cec8cd4596904505d23f49a9da1486332f3c896c2723d196c2cdec617e12a1", "4a040cac7eb8d50b0ee74a8a9719672011436a75d015e8659b7fcd3eba712f79", "abc342fd840ed1751d8428d78e092789cc9a9ae06e3f1540ff08b2cfc80a71e1"], "ip": "198[.]12[.]107[.]243"}, {"hashes": ["0368afd2468ede3c2a87c5988d8d880017b66907890d36285d4e878585ff1ff5", "511c72e9ed64927018d094d9df2901a5d9b3a01963f1d38415c7360caa92da78", "7fd7642348a4caa03a387b3caecd11c4c2a585b57a6a75a748671426685cdcec"], "ip": "198[.]71[.]56[.]73"}, {"hashes": ["a2ac76c4e7fc5312f3553b1ac36f8eed8485b35add8d4941e86caa05581ee94b", "dd61eab422089382aac1e16e47e25f49990086c95bb7d8b3eef8275f005612fa", "ea3caafe6eb473b167ebbe87fce2570540b122f51481d4788082cbff1abe1487"], "ip": "74[.]208[.]33[.]148"}, {"hashes": ["ace0558cc717628863817fd070f2e3754f15694ae05f600861daa365bad93781"], "ip": "74[.]208[.]151[.]209"}], "mutex": [{"hashes": ["10bbc14c15b368e4a48aba3cf2e6e0192e73e3e190c1952df5d6a13f57295d9e", "2107ea6810560dcedfc5a4ed35a11caa5619cba7cde29557642482b83dccdf27", "2ba72a8de72521e03d24fd9c062d7c1d11e347198f09fbfc9726f78739a50baf", "3c6b98c113741da5f2ac7896a314b8800bf60d90ab6e2ef7acb7380460d51f16", "3e71f6d4e7142c28ee7fcc14925293f0c4608b0e0ae3a8e025faff261b4263b1", "418458f7a25840f6c8b8a9982dec09d02e297b93aeb73e2e87ce30eaf171622a", "6a609b2e0a47e4de97677965ea36b42fa35b1fb78cddb3db64921fe77419dcc7", "7b20b62a3d60a2505f6581b52f7d9b785e995dbf7f47f6286695d3b13ddbc727", "8ca3cf28225f57830a300456ee5b931becc4ebe26eb9b21c7bc97541579e0584", "906f24487e4f9a5db9372e91cab6197f74bb98f15aa4ffc97d6432d993af817d", "a3a36f24fbd52508e76892c042ab819a817e95ee9ded2e3597b5e9c539aa8c45", "bb0a356d6e48c62138b28d5ff273cd847c46001a62af08a766f488cb1933eed2", "c599f7713c49a202111f30dba0185b72d251e91a9b182f17d07c4badf0e99672", "cbe6a1aa3eceafa8531d38499f3a24c4c727b032af7051109d439ec515d7edff", "d94660a0e74d31307af0054b78167923aeda8aac641a1b6b196b9950abea4899", "e32b75754d202bb7c92bc52cbbba3ec65a712450eb42c25e92515111c825c18a", "ee87b76910174892715ba17e2ab18784fc81e8ea0f003248369e8fb8c8a3d628"], "name": "b3c4139ec8994c68bbff2d53a795f301"}, {"hashes": ["14a3bcfe545de508cb00e55ed07bf88577f1f705ca6cdd15b733235f1d384729"], "name": "iwqdo"}, {"hashes": ["57fe3c34a73768fce9e42473532850c03b47eddcdf878a3afb14318aaacd6b0c"], "name": "mabwk"}, {"hashes": ["ccf4d5167a10a49756ab0cf8a204b5d1a06356b5e9bdbee58f4eda966ec551a8"], "name": "bewc"}, {"hashes": ["efb2b92a9ad40fb2d039fed04162ec421d3fd4bcd86adedbcb52d03ed5b742c1"], "name": "kcmkg"}], "registry": []}, "reports_count": 75}, "Win.Dropper.TrickBot-9987411-0": {"bis": [{"bi": "memory-execute-readwrite", "hashes": ["a5c2f8d2e689be5b36e6e34223323965eb8d832217af5c5f93a8bfb3c24a35f2", "1b9263870412c0947f709b1045f9e8fa21afd08c6444536ae261408ffbb1c046", "12a376757c742e6f94031b9286e9b4c0025092a65bdc0f0a15cc6125e66eee35", "28d76e4d23fcf2f994cbda0cc2bcee9208af9eb9cc7cefb4b737574ae12eb14d", "5f2c6c223db3cec8c103bbdee1321c2ff4301652ff51cf9524d91e4f7864a7d2", "82b638848df5e8f1ae07a0fda4dbe376cad1bbadaef1473742a98919e741696d", "71656bab86e7c96d3f293a9b0a4b5e2b6d87c454796d070760383f14d2d92c81", "9b2f63670a1e5724b69a25d6de99250636f453fe46823c6766a7dfa7ea2625b9", "6477fa75e074c14bd33376825a9fe7f59f8e7a923828e418823769885a4f6ca8", "01987037a00d02cef3050228a5c851e241c6aa9ec931e109756bc999dcf1c88f", "2f1348fc757fe991abbcde8dfedde245bffb06270a4dd52aa210447c3b827916", "74094e2772540474f893ad07860f49cc618fee75ec8e275bdc6332ac2c1a3ced", "1943fa2ca5fd556d27f0b571e41e0447f3dec7e9991375590133315ddcc2d7f6", "1932391e0efe4f06e8de343cbfb922accd4a9f2e0e4cba9c83621471713dc34f", "89c72fd3a0ad686e8277a2cc74d3ae885dbc97cafef1bb0f7560f182df098d90", "52aab1fe985479e1fc98d520caa011f977ae858605cd532de95730cde39760d2", "8a6ea1a10a9ce26e7a30729c5a60cb29edbce32fa39bc8984ccbb33281688725", "9733d44e41600aea32ec42c44016c9d3abc50973ffe7f7f8d281e7f6a13d65bd", "1c6caf1c53dde8437efbc6efa952215dcd30e33065a0a8156a3c38435af4c3a8", "59756273791a7fcc28951ffbb252c5e8206487ebc1d3975f7fe1c12da5f2226c", "950970aeedb226f0e03d1d85966d52138f482d3500fda7c0216034304acd67d8", "0c2dd463bf50ddbabc71dc084848ce95f78972c0600aa26bed751e5bef18057e", "423c4ec707ea2743fcecacd8d08826c1a885a9d1fdeae3e424bdefea426b97c3", "6d48bb5316929dff81f3b0280a242dce971c0861cb47ba9ad3e0049025652e0b", "5adc95e24e7a2d0cfad0fe91a94ab3ab63e3749348b8bbf5c278db267efe8b76"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "pe-section-execute-writable", "hashes": ["a5c2f8d2e689be5b36e6e34223323965eb8d832217af5c5f93a8bfb3c24a35f2", "1b9263870412c0947f709b1045f9e8fa21afd08c6444536ae261408ffbb1c046", "12a376757c742e6f94031b9286e9b4c0025092a65bdc0f0a15cc6125e66eee35", "28d76e4d23fcf2f994cbda0cc2bcee9208af9eb9cc7cefb4b737574ae12eb14d", "5f2c6c223db3cec8c103bbdee1321c2ff4301652ff51cf9524d91e4f7864a7d2", "82b638848df5e8f1ae07a0fda4dbe376cad1bbadaef1473742a98919e741696d", "71656bab86e7c96d3f293a9b0a4b5e2b6d87c454796d070760383f14d2d92c81", "9b2f63670a1e5724b69a25d6de99250636f453fe46823c6766a7dfa7ea2625b9", "6477fa75e074c14bd33376825a9fe7f59f8e7a923828e418823769885a4f6ca8", "01987037a00d02cef3050228a5c851e241c6aa9ec931e109756bc999dcf1c88f", "2f1348fc757fe991abbcde8dfedde245bffb06270a4dd52aa210447c3b827916", "74094e2772540474f893ad07860f49cc618fee75ec8e275bdc6332ac2c1a3ced", "1943fa2ca5fd556d27f0b571e41e0447f3dec7e9991375590133315ddcc2d7f6", "1932391e0efe4f06e8de343cbfb922accd4a9f2e0e4cba9c83621471713dc34f", "89c72fd3a0ad686e8277a2cc74d3ae885dbc97cafef1bb0f7560f182df098d90", "52aab1fe985479e1fc98d520caa011f977ae858605cd532de95730cde39760d2", "8a6ea1a10a9ce26e7a30729c5a60cb29edbce32fa39bc8984ccbb33281688725", "9733d44e41600aea32ec42c44016c9d3abc50973ffe7f7f8d281e7f6a13d65bd", "1c6caf1c53dde8437efbc6efa952215dcd30e33065a0a8156a3c38435af4c3a8", "59756273791a7fcc28951ffbb252c5e8206487ebc1d3975f7fe1c12da5f2226c", "950970aeedb226f0e03d1d85966d52138f482d3500fda7c0216034304acd67d8", "0c2dd463bf50ddbabc71dc084848ce95f78972c0600aa26bed751e5bef18057e", "423c4ec707ea2743fcecacd8d08826c1a885a9d1fdeae3e424bdefea426b97c3", "6d48bb5316929dff81f3b0280a242dce971c0861cb47ba9ad3e0049025652e0b", "5adc95e24e7a2d0cfad0fe91a94ab3ab63e3749348b8bbf5c278db267efe8b76"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "pe-packed-upx", "hashes": ["a5c2f8d2e689be5b36e6e34223323965eb8d832217af5c5f93a8bfb3c24a35f2", "1b9263870412c0947f709b1045f9e8fa21afd08c6444536ae261408ffbb1c046", "12a376757c742e6f94031b9286e9b4c0025092a65bdc0f0a15cc6125e66eee35", "28d76e4d23fcf2f994cbda0cc2bcee9208af9eb9cc7cefb4b737574ae12eb14d", "5f2c6c223db3cec8c103bbdee1321c2ff4301652ff51cf9524d91e4f7864a7d2", "82b638848df5e8f1ae07a0fda4dbe376cad1bbadaef1473742a98919e741696d", "71656bab86e7c96d3f293a9b0a4b5e2b6d87c454796d070760383f14d2d92c81", "9b2f63670a1e5724b69a25d6de99250636f453fe46823c6766a7dfa7ea2625b9", "6477fa75e074c14bd33376825a9fe7f59f8e7a923828e418823769885a4f6ca8", "01987037a00d02cef3050228a5c851e241c6aa9ec931e109756bc999dcf1c88f", "2f1348fc757fe991abbcde8dfedde245bffb06270a4dd52aa210447c3b827916", "74094e2772540474f893ad07860f49cc618fee75ec8e275bdc6332ac2c1a3ced", "1943fa2ca5fd556d27f0b571e41e0447f3dec7e9991375590133315ddcc2d7f6", "1932391e0efe4f06e8de343cbfb922accd4a9f2e0e4cba9c83621471713dc34f", "89c72fd3a0ad686e8277a2cc74d3ae885dbc97cafef1bb0f7560f182df098d90", "52aab1fe985479e1fc98d520caa011f977ae858605cd532de95730cde39760d2", "8a6ea1a10a9ce26e7a30729c5a60cb29edbce32fa39bc8984ccbb33281688725", "9733d44e41600aea32ec42c44016c9d3abc50973ffe7f7f8d281e7f6a13d65bd", "1c6caf1c53dde8437efbc6efa952215dcd30e33065a0a8156a3c38435af4c3a8", "59756273791a7fcc28951ffbb252c5e8206487ebc1d3975f7fe1c12da5f2226c", "950970aeedb226f0e03d1d85966d52138f482d3500fda7c0216034304acd67d8", "0c2dd463bf50ddbabc71dc084848ce95f78972c0600aa26bed751e5bef18057e", "423c4ec707ea2743fcecacd8d08826c1a885a9d1fdeae3e424bdefea426b97c3", "6d48bb5316929dff81f3b0280a242dce971c0861cb47ba9ad3e0049025652e0b", "5adc95e24e7a2d0cfad0fe91a94ab3ab63e3749348b8bbf5c278db267efe8b76"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "deleted-submitted-file", "hashes": ["a5c2f8d2e689be5b36e6e34223323965eb8d832217af5c5f93a8bfb3c24a35f2", "1b9263870412c0947f709b1045f9e8fa21afd08c6444536ae261408ffbb1c046", "12a376757c742e6f94031b9286e9b4c0025092a65bdc0f0a15cc6125e66eee35", "28d76e4d23fcf2f994cbda0cc2bcee9208af9eb9cc7cefb4b737574ae12eb14d", "5f2c6c223db3cec8c103bbdee1321c2ff4301652ff51cf9524d91e4f7864a7d2", "82b638848df5e8f1ae07a0fda4dbe376cad1bbadaef1473742a98919e741696d", "71656bab86e7c96d3f293a9b0a4b5e2b6d87c454796d070760383f14d2d92c81", "9b2f63670a1e5724b69a25d6de99250636f453fe46823c6766a7dfa7ea2625b9", "6477fa75e074c14bd33376825a9fe7f59f8e7a923828e418823769885a4f6ca8", "01987037a00d02cef3050228a5c851e241c6aa9ec931e109756bc999dcf1c88f", "2f1348fc757fe991abbcde8dfedde245bffb06270a4dd52aa210447c3b827916", "74094e2772540474f893ad07860f49cc618fee75ec8e275bdc6332ac2c1a3ced", "1943fa2ca5fd556d27f0b571e41e0447f3dec7e9991375590133315ddcc2d7f6", "1932391e0efe4f06e8de343cbfb922accd4a9f2e0e4cba9c83621471713dc34f", "89c72fd3a0ad686e8277a2cc74d3ae885dbc97cafef1bb0f7560f182df098d90", "52aab1fe985479e1fc98d520caa011f977ae858605cd532de95730cde39760d2", "8a6ea1a10a9ce26e7a30729c5a60cb29edbce32fa39bc8984ccbb33281688725", "9733d44e41600aea32ec42c44016c9d3abc50973ffe7f7f8d281e7f6a13d65bd", "1c6caf1c53dde8437efbc6efa952215dcd30e33065a0a8156a3c38435af4c3a8", "59756273791a7fcc28951ffbb252c5e8206487ebc1d3975f7fe1c12da5f2226c", "950970aeedb226f0e03d1d85966d52138f482d3500fda7c0216034304acd67d8", "0c2dd463bf50ddbabc71dc084848ce95f78972c0600aa26bed751e5bef18057e", "423c4ec707ea2743fcecacd8d08826c1a885a9d1fdeae3e424bdefea426b97c3", "6d48bb5316929dff81f3b0280a242dce971c0861cb47ba9ad3e0049025652e0b", "5adc95e24e7a2d0cfad0fe91a94ab3ab63e3749348b8bbf5c278db267efe8b76"], "mitre_attack_tags": ["TA0005"]}, {"bi": "pe-header-timestamp-prior", "hashes": ["a5c2f8d2e689be5b36e6e34223323965eb8d832217af5c5f93a8bfb3c24a35f2", "1b9263870412c0947f709b1045f9e8fa21afd08c6444536ae261408ffbb1c046", "12a376757c742e6f94031b9286e9b4c0025092a65bdc0f0a15cc6125e66eee35", "28d76e4d23fcf2f994cbda0cc2bcee9208af9eb9cc7cefb4b737574ae12eb14d", "5f2c6c223db3cec8c103bbdee1321c2ff4301652ff51cf9524d91e4f7864a7d2", "82b638848df5e8f1ae07a0fda4dbe376cad1bbadaef1473742a98919e741696d", "71656bab86e7c96d3f293a9b0a4b5e2b6d87c454796d070760383f14d2d92c81", "9b2f63670a1e5724b69a25d6de99250636f453fe46823c6766a7dfa7ea2625b9", "6477fa75e074c14bd33376825a9fe7f59f8e7a923828e418823769885a4f6ca8", "01987037a00d02cef3050228a5c851e241c6aa9ec931e109756bc999dcf1c88f", "2f1348fc757fe991abbcde8dfedde245bffb06270a4dd52aa210447c3b827916", "74094e2772540474f893ad07860f49cc618fee75ec8e275bdc6332ac2c1a3ced", "1943fa2ca5fd556d27f0b571e41e0447f3dec7e9991375590133315ddcc2d7f6", "1932391e0efe4f06e8de343cbfb922accd4a9f2e0e4cba9c83621471713dc34f", "89c72fd3a0ad686e8277a2cc74d3ae885dbc97cafef1bb0f7560f182df098d90", "52aab1fe985479e1fc98d520caa011f977ae858605cd532de95730cde39760d2", "8a6ea1a10a9ce26e7a30729c5a60cb29edbce32fa39bc8984ccbb33281688725", "9733d44e41600aea32ec42c44016c9d3abc50973ffe7f7f8d281e7f6a13d65bd", "1c6caf1c53dde8437efbc6efa952215dcd30e33065a0a8156a3c38435af4c3a8", "59756273791a7fcc28951ffbb252c5e8206487ebc1d3975f7fe1c12da5f2226c", "950970aeedb226f0e03d1d85966d52138f482d3500fda7c0216034304acd67d8", "0c2dd463bf50ddbabc71dc084848ce95f78972c0600aa26bed751e5bef18057e", "423c4ec707ea2743fcecacd8d08826c1a885a9d1fdeae3e424bdefea426b97c3", "6d48bb5316929dff81f3b0280a242dce971c0861cb47ba9ad3e0049025652e0b", "5adc95e24e7a2d0cfad0fe91a94ab3ab63e3749348b8bbf5c278db267efe8b76"], "mitre_attack_tags": []}, {"bi": "pe-header-timestamp-null", "hashes": ["a5c2f8d2e689be5b36e6e34223323965eb8d832217af5c5f93a8bfb3c24a35f2", "1b9263870412c0947f709b1045f9e8fa21afd08c6444536ae261408ffbb1c046", "12a376757c742e6f94031b9286e9b4c0025092a65bdc0f0a15cc6125e66eee35", "28d76e4d23fcf2f994cbda0cc2bcee9208af9eb9cc7cefb4b737574ae12eb14d", "5f2c6c223db3cec8c103bbdee1321c2ff4301652ff51cf9524d91e4f7864a7d2", "82b638848df5e8f1ae07a0fda4dbe376cad1bbadaef1473742a98919e741696d", "71656bab86e7c96d3f293a9b0a4b5e2b6d87c454796d070760383f14d2d92c81", "9b2f63670a1e5724b69a25d6de99250636f453fe46823c6766a7dfa7ea2625b9", "6477fa75e074c14bd33376825a9fe7f59f8e7a923828e418823769885a4f6ca8", "01987037a00d02cef3050228a5c851e241c6aa9ec931e109756bc999dcf1c88f", "2f1348fc757fe991abbcde8dfedde245bffb06270a4dd52aa210447c3b827916", "74094e2772540474f893ad07860f49cc618fee75ec8e275bdc6332ac2c1a3ced", "1943fa2ca5fd556d27f0b571e41e0447f3dec7e9991375590133315ddcc2d7f6", "1932391e0efe4f06e8de343cbfb922accd4a9f2e0e4cba9c83621471713dc34f", "89c72fd3a0ad686e8277a2cc74d3ae885dbc97cafef1bb0f7560f182df098d90", "52aab1fe985479e1fc98d520caa011f977ae858605cd532de95730cde39760d2", "8a6ea1a10a9ce26e7a30729c5a60cb29edbce32fa39bc8984ccbb33281688725", "9733d44e41600aea32ec42c44016c9d3abc50973ffe7f7f8d281e7f6a13d65bd", "1c6caf1c53dde8437efbc6efa952215dcd30e33065a0a8156a3c38435af4c3a8", "59756273791a7fcc28951ffbb252c5e8206487ebc1d3975f7fe1c12da5f2226c", "950970aeedb226f0e03d1d85966d52138f482d3500fda7c0216034304acd67d8", "0c2dd463bf50ddbabc71dc084848ce95f78972c0600aa26bed751e5bef18057e", "423c4ec707ea2743fcecacd8d08826c1a885a9d1fdeae3e424bdefea426b97c3", "6d48bb5316929dff81f3b0280a242dce971c0861cb47ba9ad3e0049025652e0b", "5adc95e24e7a2d0cfad0fe91a94ab3ab63e3749348b8bbf5c278db267efe8b76"], "mitre_attack_tags": []}, {"bi": "pe-resource-lang-arabic", "hashes": ["a5c2f8d2e689be5b36e6e34223323965eb8d832217af5c5f93a8bfb3c24a35f2", "1b9263870412c0947f709b1045f9e8fa21afd08c6444536ae261408ffbb1c046", "12a376757c742e6f94031b9286e9b4c0025092a65bdc0f0a15cc6125e66eee35", "28d76e4d23fcf2f994cbda0cc2bcee9208af9eb9cc7cefb4b737574ae12eb14d", "5f2c6c223db3cec8c103bbdee1321c2ff4301652ff51cf9524d91e4f7864a7d2", "82b638848df5e8f1ae07a0fda4dbe376cad1bbadaef1473742a98919e741696d", "71656bab86e7c96d3f293a9b0a4b5e2b6d87c454796d070760383f14d2d92c81", "9b2f63670a1e5724b69a25d6de99250636f453fe46823c6766a7dfa7ea2625b9", "6477fa75e074c14bd33376825a9fe7f59f8e7a923828e418823769885a4f6ca8", "01987037a00d02cef3050228a5c851e241c6aa9ec931e109756bc999dcf1c88f", "2f1348fc757fe991abbcde8dfedde245bffb06270a4dd52aa210447c3b827916", "74094e2772540474f893ad07860f49cc618fee75ec8e275bdc6332ac2c1a3ced", "1943fa2ca5fd556d27f0b571e41e0447f3dec7e9991375590133315ddcc2d7f6", "1932391e0efe4f06e8de343cbfb922accd4a9f2e0e4cba9c83621471713dc34f", "89c72fd3a0ad686e8277a2cc74d3ae885dbc97cafef1bb0f7560f182df098d90", "52aab1fe985479e1fc98d520caa011f977ae858605cd532de95730cde39760d2", "8a6ea1a10a9ce26e7a30729c5a60cb29edbce32fa39bc8984ccbb33281688725", "9733d44e41600aea32ec42c44016c9d3abc50973ffe7f7f8d281e7f6a13d65bd", "1c6caf1c53dde8437efbc6efa952215dcd30e33065a0a8156a3c38435af4c3a8", "59756273791a7fcc28951ffbb252c5e8206487ebc1d3975f7fe1c12da5f2226c", "950970aeedb226f0e03d1d85966d52138f482d3500fda7c0216034304acd67d8", "0c2dd463bf50ddbabc71dc084848ce95f78972c0600aa26bed751e5bef18057e", "423c4ec707ea2743fcecacd8d08826c1a885a9d1fdeae3e424bdefea426b97c3", "6d48bb5316929dff81f3b0280a242dce971c0861cb47ba9ad3e0049025652e0b", "5adc95e24e7a2d0cfad0fe91a94ab3ab63e3749348b8bbf5c278db267efe8b76"], "mitre_attack_tags": []}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["a5c2f8d2e689be5b36e6e34223323965eb8d832217af5c5f93a8bfb3c24a35f2", "1b9263870412c0947f709b1045f9e8fa21afd08c6444536ae261408ffbb1c046", "12a376757c742e6f94031b9286e9b4c0025092a65bdc0f0a15cc6125e66eee35", "28d76e4d23fcf2f994cbda0cc2bcee9208af9eb9cc7cefb4b737574ae12eb14d", "82b638848df5e8f1ae07a0fda4dbe376cad1bbadaef1473742a98919e741696d", "71656bab86e7c96d3f293a9b0a4b5e2b6d87c454796d070760383f14d2d92c81", "9b2f63670a1e5724b69a25d6de99250636f453fe46823c6766a7dfa7ea2625b9", "6477fa75e074c14bd33376825a9fe7f59f8e7a923828e418823769885a4f6ca8", "01987037a00d02cef3050228a5c851e241c6aa9ec931e109756bc999dcf1c88f", "2f1348fc757fe991abbcde8dfedde245bffb06270a4dd52aa210447c3b827916", "74094e2772540474f893ad07860f49cc618fee75ec8e275bdc6332ac2c1a3ced", "1943fa2ca5fd556d27f0b571e41e0447f3dec7e9991375590133315ddcc2d7f6", "1932391e0efe4f06e8de343cbfb922accd4a9f2e0e4cba9c83621471713dc34f", "89c72fd3a0ad686e8277a2cc74d3ae885dbc97cafef1bb0f7560f182df098d90", "52aab1fe985479e1fc98d520caa011f977ae858605cd532de95730cde39760d2", "8a6ea1a10a9ce26e7a30729c5a60cb29edbce32fa39bc8984ccbb33281688725", "9733d44e41600aea32ec42c44016c9d3abc50973ffe7f7f8d281e7f6a13d65bd", "1c6caf1c53dde8437efbc6efa952215dcd30e33065a0a8156a3c38435af4c3a8", "59756273791a7fcc28951ffbb252c5e8206487ebc1d3975f7fe1c12da5f2226c", "950970aeedb226f0e03d1d85966d52138f482d3500fda7c0216034304acd67d8", "0c2dd463bf50ddbabc71dc084848ce95f78972c0600aa26bed751e5bef18057e", "423c4ec707ea2743fcecacd8d08826c1a885a9d1fdeae3e424bdefea426b97c3", "6d48bb5316929dff81f3b0280a242dce971c0861cb47ba9ad3e0049025652e0b", "5adc95e24e7a2d0cfad0fe91a94ab3ab63e3749348b8bbf5c278db267efe8b76"], "mitre_attack_tags": []}, {"bi": "dns-query-nxdomain", "hashes": ["a5c2f8d2e689be5b36e6e34223323965eb8d832217af5c5f93a8bfb3c24a35f2", "1b9263870412c0947f709b1045f9e8fa21afd08c6444536ae261408ffbb1c046", "12a376757c742e6f94031b9286e9b4c0025092a65bdc0f0a15cc6125e66eee35", "82b638848df5e8f1ae07a0fda4dbe376cad1bbadaef1473742a98919e741696d", "71656bab86e7c96d3f293a9b0a4b5e2b6d87c454796d070760383f14d2d92c81", "9b2f63670a1e5724b69a25d6de99250636f453fe46823c6766a7dfa7ea2625b9", "6477fa75e074c14bd33376825a9fe7f59f8e7a923828e418823769885a4f6ca8", "01987037a00d02cef3050228a5c851e241c6aa9ec931e109756bc999dcf1c88f", "2f1348fc757fe991abbcde8dfedde245bffb06270a4dd52aa210447c3b827916", "74094e2772540474f893ad07860f49cc618fee75ec8e275bdc6332ac2c1a3ced", "1943fa2ca5fd556d27f0b571e41e0447f3dec7e9991375590133315ddcc2d7f6", "1932391e0efe4f06e8de343cbfb922accd4a9f2e0e4cba9c83621471713dc34f", "89c72fd3a0ad686e8277a2cc74d3ae885dbc97cafef1bb0f7560f182df098d90", "52aab1fe985479e1fc98d520caa011f977ae858605cd532de95730cde39760d2", "8a6ea1a10a9ce26e7a30729c5a60cb29edbce32fa39bc8984ccbb33281688725", "9733d44e41600aea32ec42c44016c9d3abc50973ffe7f7f8d281e7f6a13d65bd", "1c6caf1c53dde8437efbc6efa952215dcd30e33065a0a8156a3c38435af4c3a8", "59756273791a7fcc28951ffbb252c5e8206487ebc1d3975f7fe1c12da5f2226c", "950970aeedb226f0e03d1d85966d52138f482d3500fda7c0216034304acd67d8", "0c2dd463bf50ddbabc71dc084848ce95f78972c0600aa26bed751e5bef18057e", "423c4ec707ea2743fcecacd8d08826c1a885a9d1fdeae3e424bdefea426b97c3", "6d48bb5316929dff81f3b0280a242dce971c0861cb47ba9ad3e0049025652e0b", "5adc95e24e7a2d0cfad0fe91a94ab3ab63e3749348b8bbf5c278db267efe8b76"], "mitre_attack_tags": []}, {"bi": "netbios-query", "hashes": ["a5c2f8d2e689be5b36e6e34223323965eb8d832217af5c5f93a8bfb3c24a35f2", "1b9263870412c0947f709b1045f9e8fa21afd08c6444536ae261408ffbb1c046", "12a376757c742e6f94031b9286e9b4c0025092a65bdc0f0a15cc6125e66eee35", "82b638848df5e8f1ae07a0fda4dbe376cad1bbadaef1473742a98919e741696d", "71656bab86e7c96d3f293a9b0a4b5e2b6d87c454796d070760383f14d2d92c81", "9b2f63670a1e5724b69a25d6de99250636f453fe46823c6766a7dfa7ea2625b9", "6477fa75e074c14bd33376825a9fe7f59f8e7a923828e418823769885a4f6ca8", "01987037a00d02cef3050228a5c851e241c6aa9ec931e109756bc999dcf1c88f", "2f1348fc757fe991abbcde8dfedde245bffb06270a4dd52aa210447c3b827916", "74094e2772540474f893ad07860f49cc618fee75ec8e275bdc6332ac2c1a3ced", "1943fa2ca5fd556d27f0b571e41e0447f3dec7e9991375590133315ddcc2d7f6", "1932391e0efe4f06e8de343cbfb922accd4a9f2e0e4cba9c83621471713dc34f", "89c72fd3a0ad686e8277a2cc74d3ae885dbc97cafef1bb0f7560f182df098d90", "52aab1fe985479e1fc98d520caa011f977ae858605cd532de95730cde39760d2", "8a6ea1a10a9ce26e7a30729c5a60cb29edbce32fa39bc8984ccbb33281688725", "9733d44e41600aea32ec42c44016c9d3abc50973ffe7f7f8d281e7f6a13d65bd", "1c6caf1c53dde8437efbc6efa952215dcd30e33065a0a8156a3c38435af4c3a8", "59756273791a7fcc28951ffbb252c5e8206487ebc1d3975f7fe1c12da5f2226c", "950970aeedb226f0e03d1d85966d52138f482d3500fda7c0216034304acd67d8", "0c2dd463bf50ddbabc71dc084848ce95f78972c0600aa26bed751e5bef18057e", "423c4ec707ea2743fcecacd8d08826c1a885a9d1fdeae3e424bdefea426b97c3", "6d48bb5316929dff81f3b0280a242dce971c0861cb47ba9ad3e0049025652e0b", "5adc95e24e7a2d0cfad0fe91a94ab3ab63e3749348b8bbf5c278db267efe8b76"], "mitre_attack_tags": ["TA0007", "T1016"]}, {"bi": "feed-domain-banking", "hashes": ["a5c2f8d2e689be5b36e6e34223323965eb8d832217af5c5f93a8bfb3c24a35f2", "1b9263870412c0947f709b1045f9e8fa21afd08c6444536ae261408ffbb1c046", "12a376757c742e6f94031b9286e9b4c0025092a65bdc0f0a15cc6125e66eee35", "82b638848df5e8f1ae07a0fda4dbe376cad1bbadaef1473742a98919e741696d", "71656bab86e7c96d3f293a9b0a4b5e2b6d87c454796d070760383f14d2d92c81", "9b2f63670a1e5724b69a25d6de99250636f453fe46823c6766a7dfa7ea2625b9", "6477fa75e074c14bd33376825a9fe7f59f8e7a923828e418823769885a4f6ca8", "01987037a00d02cef3050228a5c851e241c6aa9ec931e109756bc999dcf1c88f", "2f1348fc757fe991abbcde8dfedde245bffb06270a4dd52aa210447c3b827916", "74094e2772540474f893ad07860f49cc618fee75ec8e275bdc6332ac2c1a3ced", "1943fa2ca5fd556d27f0b571e41e0447f3dec7e9991375590133315ddcc2d7f6", "1932391e0efe4f06e8de343cbfb922accd4a9f2e0e4cba9c83621471713dc34f", "89c72fd3a0ad686e8277a2cc74d3ae885dbc97cafef1bb0f7560f182df098d90", "52aab1fe985479e1fc98d520caa011f977ae858605cd532de95730cde39760d2", "8a6ea1a10a9ce26e7a30729c5a60cb29edbce32fa39bc8984ccbb33281688725", "9733d44e41600aea32ec42c44016c9d3abc50973ffe7f7f8d281e7f6a13d65bd", "1c6caf1c53dde8437efbc6efa952215dcd30e33065a0a8156a3c38435af4c3a8", "59756273791a7fcc28951ffbb252c5e8206487ebc1d3975f7fe1c12da5f2226c", "950970aeedb226f0e03d1d85966d52138f482d3500fda7c0216034304acd67d8", "0c2dd463bf50ddbabc71dc084848ce95f78972c0600aa26bed751e5bef18057e", "423c4ec707ea2743fcecacd8d08826c1a885a9d1fdeae3e424bdefea426b97c3", "6d48bb5316929dff81f3b0280a242dce971c0861cb47ba9ad3e0049025652e0b", "5adc95e24e7a2d0cfad0fe91a94ab3ab63e3749348b8bbf5c278db267efe8b76"], "mitre_attack_tags": []}, {"bi": "feed-domain-antivirus-service", "hashes": ["a5c2f8d2e689be5b36e6e34223323965eb8d832217af5c5f93a8bfb3c24a35f2", "1b9263870412c0947f709b1045f9e8fa21afd08c6444536ae261408ffbb1c046", "12a376757c742e6f94031b9286e9b4c0025092a65bdc0f0a15cc6125e66eee35", "82b638848df5e8f1ae07a0fda4dbe376cad1bbadaef1473742a98919e741696d", "71656bab86e7c96d3f293a9b0a4b5e2b6d87c454796d070760383f14d2d92c81", "9b2f63670a1e5724b69a25d6de99250636f453fe46823c6766a7dfa7ea2625b9", "6477fa75e074c14bd33376825a9fe7f59f8e7a923828e418823769885a4f6ca8", "01987037a00d02cef3050228a5c851e241c6aa9ec931e109756bc999dcf1c88f", "2f1348fc757fe991abbcde8dfedde245bffb06270a4dd52aa210447c3b827916", "74094e2772540474f893ad07860f49cc618fee75ec8e275bdc6332ac2c1a3ced", "1943fa2ca5fd556d27f0b571e41e0447f3dec7e9991375590133315ddcc2d7f6", "1932391e0efe4f06e8de343cbfb922accd4a9f2e0e4cba9c83621471713dc34f", "89c72fd3a0ad686e8277a2cc74d3ae885dbc97cafef1bb0f7560f182df098d90", "52aab1fe985479e1fc98d520caa011f977ae858605cd532de95730cde39760d2", "8a6ea1a10a9ce26e7a30729c5a60cb29edbce32fa39bc8984ccbb33281688725", "9733d44e41600aea32ec42c44016c9d3abc50973ffe7f7f8d281e7f6a13d65bd", "1c6caf1c53dde8437efbc6efa952215dcd30e33065a0a8156a3c38435af4c3a8", "59756273791a7fcc28951ffbb252c5e8206487ebc1d3975f7fe1c12da5f2226c", "950970aeedb226f0e03d1d85966d52138f482d3500fda7c0216034304acd67d8", "0c2dd463bf50ddbabc71dc084848ce95f78972c0600aa26bed751e5bef18057e", "423c4ec707ea2743fcecacd8d08826c1a885a9d1fdeae3e424bdefea426b97c3", "6d48bb5316929dff81f3b0280a242dce971c0861cb47ba9ad3e0049025652e0b", "5adc95e24e7a2d0cfad0fe91a94ab3ab63e3749348b8bbf5c278db267efe8b76"], "mitre_attack_tags": []}, {"bi": "malware-trickbot-mutex", "hashes": ["a5c2f8d2e689be5b36e6e34223323965eb8d832217af5c5f93a8bfb3c24a35f2", "1b9263870412c0947f709b1045f9e8fa21afd08c6444536ae261408ffbb1c046", "12a376757c742e6f94031b9286e9b4c0025092a65bdc0f0a15cc6125e66eee35", "82b638848df5e8f1ae07a0fda4dbe376cad1bbadaef1473742a98919e741696d", "71656bab86e7c96d3f293a9b0a4b5e2b6d87c454796d070760383f14d2d92c81", "9b2f63670a1e5724b69a25d6de99250636f453fe46823c6766a7dfa7ea2625b9", "6477fa75e074c14bd33376825a9fe7f59f8e7a923828e418823769885a4f6ca8", "01987037a00d02cef3050228a5c851e241c6aa9ec931e109756bc999dcf1c88f", "2f1348fc757fe991abbcde8dfedde245bffb06270a4dd52aa210447c3b827916", "74094e2772540474f893ad07860f49cc618fee75ec8e275bdc6332ac2c1a3ced", "1943fa2ca5fd556d27f0b571e41e0447f3dec7e9991375590133315ddcc2d7f6", "1932391e0efe4f06e8de343cbfb922accd4a9f2e0e4cba9c83621471713dc34f", "89c72fd3a0ad686e8277a2cc74d3ae885dbc97cafef1bb0f7560f182df098d90", "52aab1fe985479e1fc98d520caa011f977ae858605cd532de95730cde39760d2", "8a6ea1a10a9ce26e7a30729c5a60cb29edbce32fa39bc8984ccbb33281688725", "9733d44e41600aea32ec42c44016c9d3abc50973ffe7f7f8d281e7f6a13d65bd", "1c6caf1c53dde8437efbc6efa952215dcd30e33065a0a8156a3c38435af4c3a8", "59756273791a7fcc28951ffbb252c5e8206487ebc1d3975f7fe1c12da5f2226c", "950970aeedb226f0e03d1d85966d52138f482d3500fda7c0216034304acd67d8", "0c2dd463bf50ddbabc71dc084848ce95f78972c0600aa26bed751e5bef18057e", "423c4ec707ea2743fcecacd8d08826c1a885a9d1fdeae3e424bdefea426b97c3", "6d48bb5316929dff81f3b0280a242dce971c0861cb47ba9ad3e0049025652e0b", "5adc95e24e7a2d0cfad0fe91a94ab3ab63e3749348b8bbf5c278db267efe8b76"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "network-fast-flux-nameserver", "hashes": ["9b2f63670a1e5724b69a25d6de99250636f453fe46823c6766a7dfa7ea2625b9", "89c72fd3a0ad686e8277a2cc74d3ae885dbc97cafef1bb0f7560f182df098d90", "59756273791a7fcc28951ffbb252c5e8206487ebc1d3975f7fe1c12da5f2226c"], "mitre_attack_tags": []}, {"bi": "network-snort-protocol", "hashes": ["71656bab86e7c96d3f293a9b0a4b5e2b6d87c454796d070760383f14d2d92c81", "74094e2772540474f893ad07860f49cc618fee75ec8e275bdc6332ac2c1a3ced"], "mitre_attack_tags": []}], "category": "Dropper", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": true, "Threat Grid": true, "Umbrella": false, "WSA": false}, "description": "Trickbot is a banking trojan targeting sensitive information for certain financial institutions. This malware is frequently distributed through malicious spam campaigns. Many of these campaigns rely on downloaders for distribution, such as VB scripts.", "hashes": ["01987037a00d02cef3050228a5c851e241c6aa9ec931e109756bc999dcf1c88f", "0c2dd463bf50ddbabc71dc084848ce95f78972c0600aa26bed751e5bef18057e", "12a376757c742e6f94031b9286e9b4c0025092a65bdc0f0a15cc6125e66eee35", "1932391e0efe4f06e8de343cbfb922accd4a9f2e0e4cba9c83621471713dc34f", "1943fa2ca5fd556d27f0b571e41e0447f3dec7e9991375590133315ddcc2d7f6", "1b9263870412c0947f709b1045f9e8fa21afd08c6444536ae261408ffbb1c046", "1c6caf1c53dde8437efbc6efa952215dcd30e33065a0a8156a3c38435af4c3a8", "28d76e4d23fcf2f994cbda0cc2bcee9208af9eb9cc7cefb4b737574ae12eb14d", "2f1348fc757fe991abbcde8dfedde245bffb06270a4dd52aa210447c3b827916", "423c4ec707ea2743fcecacd8d08826c1a885a9d1fdeae3e424bdefea426b97c3", "52aab1fe985479e1fc98d520caa011f977ae858605cd532de95730cde39760d2", "59756273791a7fcc28951ffbb252c5e8206487ebc1d3975f7fe1c12da5f2226c", "5adc95e24e7a2d0cfad0fe91a94ab3ab63e3749348b8bbf5c278db267efe8b76", "5f2c6c223db3cec8c103bbdee1321c2ff4301652ff51cf9524d91e4f7864a7d2", "6477fa75e074c14bd33376825a9fe7f59f8e7a923828e418823769885a4f6ca8", "6d48bb5316929dff81f3b0280a242dce971c0861cb47ba9ad3e0049025652e0b", "71656bab86e7c96d3f293a9b0a4b5e2b6d87c454796d070760383f14d2d92c81", "74094e2772540474f893ad07860f49cc618fee75ec8e275bdc6332ac2c1a3ced", "82b638848df5e8f1ae07a0fda4dbe376cad1bbadaef1473742a98919e741696d", "89c72fd3a0ad686e8277a2cc74d3ae885dbc97cafef1bb0f7560f182df098d90", "8a6ea1a10a9ce26e7a30729c5a60cb29edbce32fa39bc8984ccbb33281688725", "950970aeedb226f0e03d1d85966d52138f482d3500fda7c0216034304acd67d8", "9733d44e41600aea32ec42c44016c9d3abc50973ffe7f7f8d281e7f6a13d65bd", "9b2f63670a1e5724b69a25d6de99250636f453fe46823c6766a7dfa7ea2625b9", "a5c2f8d2e689be5b36e6e34223323965eb8d832217af5c5f93a8bfb3c24a35f2", "b1a9afcb784fd91009b9bff9b8b4661cd5857f9435fbfa52449879f46f4bd79c", "b7954099175efbd9428eb2a145e63238bab93abdc11ecaa8a8425d842d9c2dc0", "baeddb9c0a0be94c2ee52d2ed21eb64a5cb0f9ea90f7554ce3ec821668a5b28c", "bf85f7f720307e108a115dbe62497040012d307e19984dcf18df6a58a31de397", "c2f73dbcf60a47b92d090bcef675024eaaf97577404af184eb6283ab2c38c9b8", "c85304e8393e4ba317d5edbe891c7dc17c2ce874fa8599141098357f64f104a6", "ccd74f31a7ed46dfdd14709e1e419c303a0ea76fc7abc58c6086113530f77c33", "d3dcc870bea86be40cbfc19de732161d2d6c7f9d1b9b347c16d12cbe3f469535", "d538a117d5bb27be92590a650a2a6c25297bc34cf9ebc3b294e4b6a466c560ce", "d5e2355c0a03841490d920fee7555d5b6dc9530034e043a9bd0dd67fc4149f59", "d72a70f50f9e61fa8d2790bace5e019ce3e09ebb085b934f17fd9f3599db9c22", "dc35e4566bae4211417f4ebc0655fcf09dfb13caafd66760bfa55ff17554ffc6", "e142ff872b77b9d881a04b9c627e8f048609b6d367b7ff5991c9f35034f45e3e", "e837f79ccf7dc21b4a0513481f6f3a724d7dc092853eea2567f2de392155c335", "f262b3fa4a1cb7c5ee16d26fc96a230aa458a87e99e31fe17061d15eee57f4b5", "f2fe05335d333aed7b3a386f6f8cc8521a897997c49073d787fac0b03aea7296"], "iocs": {"domain": [{"hashes": ["0c2dd463bf50ddbabc71dc084848ce95f78972c0600aa26bed751e5bef18057e", "1c6caf1c53dde8437efbc6efa952215dcd30e33065a0a8156a3c38435af4c3a8", "423c4ec707ea2743fcecacd8d08826c1a885a9d1fdeae3e424bdefea426b97c3", "52aab1fe985479e1fc98d520caa011f977ae858605cd532de95730cde39760d2", "5adc95e24e7a2d0cfad0fe91a94ab3ab63e3749348b8bbf5c278db267efe8b76"], "host": "elosadywo[.]pl"}, {"hashes": ["59756273791a7fcc28951ffbb252c5e8206487ebc1d3975f7fe1c12da5f2226c", "6d48bb5316929dff81f3b0280a242dce971c0861cb47ba9ad3e0049025652e0b", "8a6ea1a10a9ce26e7a30729c5a60cb29edbce32fa39bc8984ccbb33281688725", "950970aeedb226f0e03d1d85966d52138f482d3500fda7c0216034304acd67d8"], "host": "inydufevi[.]pl"}, {"hashes": ["1943fa2ca5fd556d27f0b571e41e0447f3dec7e9991375590133315ddcc2d7f6", "82b638848df5e8f1ae07a0fda4dbe376cad1bbadaef1473742a98919e741696d", "89c72fd3a0ad686e8277a2cc74d3ae885dbc97cafef1bb0f7560f182df098d90"], "host": "utesoryzy[.]pl"}, {"hashes": ["1932391e0efe4f06e8de343cbfb922accd4a9f2e0e4cba9c83621471713dc34f", "2f1348fc757fe991abbcde8dfedde245bffb06270a4dd52aa210447c3b827916"], "host": "oloqucovu[.]pl"}, {"hashes": ["12a376757c742e6f94031b9286e9b4c0025092a65bdc0f0a15cc6125e66eee35", "9733d44e41600aea32ec42c44016c9d3abc50973ffe7f7f8d281e7f6a13d65bd"], "host": "ikurumona[.]pl"}, {"hashes": ["01987037a00d02cef3050228a5c851e241c6aa9ec931e109756bc999dcf1c88f", "6477fa75e074c14bd33376825a9fe7f59f8e7a923828e418823769885a4f6ca8"], "host": "upikemugo[.]pl"}, {"hashes": ["71656bab86e7c96d3f293a9b0a4b5e2b6d87c454796d070760383f14d2d92c81", "74094e2772540474f893ad07860f49cc618fee75ec8e275bdc6332ac2c1a3ced"], "host": "ikymucucy[.]pl"}, {"hashes": ["1b9263870412c0947f709b1045f9e8fa21afd08c6444536ae261408ffbb1c046"], "host": "uzawabono[.]pl"}, {"hashes": ["9b2f63670a1e5724b69a25d6de99250636f453fe46823c6766a7dfa7ea2625b9"], "host": "upuhisadi[.]pl"}, {"hashes": ["a5c2f8d2e689be5b36e6e34223323965eb8d832217af5c5f93a8bfb3c24a35f2"], "host": "ufyjelefe[.]pl"}], "file": [], "ip": [], "mutex": [{"hashes": ["0c2dd463bf50ddbabc71dc084848ce95f78972c0600aa26bed751e5bef18057e", "1c6caf1c53dde8437efbc6efa952215dcd30e33065a0a8156a3c38435af4c3a8", "423c4ec707ea2743fcecacd8d08826c1a885a9d1fdeae3e424bdefea426b97c3", "52aab1fe985479e1fc98d520caa011f977ae858605cd532de95730cde39760d2", "5adc95e24e7a2d0cfad0fe91a94ab3ab63e3749348b8bbf5c278db267efe8b76"], "name": "42601376242144035359"}, {"hashes": ["59756273791a7fcc28951ffbb252c5e8206487ebc1d3975f7fe1c12da5f2226c", "6d48bb5316929dff81f3b0280a242dce971c0861cb47ba9ad3e0049025652e0b", "8a6ea1a10a9ce26e7a30729c5a60cb29edbce32fa39bc8984ccbb33281688725", "950970aeedb226f0e03d1d85966d52138f482d3500fda7c0216034304acd67d8"], "name": "15975048583708818909"}, {"hashes": ["1943fa2ca5fd556d27f0b571e41e0447f3dec7e9991375590133315ddcc2d7f6", "82b638848df5e8f1ae07a0fda4dbe376cad1bbadaef1473742a98919e741696d", "89c72fd3a0ad686e8277a2cc74d3ae885dbc97cafef1bb0f7560f182df098d90"], "name": "215537997439818625"}, {"hashes": ["1932391e0efe4f06e8de343cbfb922accd4a9f2e0e4cba9c83621471713dc34f", "2f1348fc757fe991abbcde8dfedde245bffb06270a4dd52aa210447c3b827916"], "name": "37191566291602894610"}, {"hashes": ["12a376757c742e6f94031b9286e9b4c0025092a65bdc0f0a15cc6125e66eee35", "9733d44e41600aea32ec42c44016c9d3abc50973ffe7f7f8d281e7f6a13d65bd"], "name": "32517245571140230538"}, {"hashes": ["01987037a00d02cef3050228a5c851e241c6aa9ec931e109756bc999dcf1c88f", "6477fa75e074c14bd33376825a9fe7f59f8e7a923828e418823769885a4f6ca8"], "name": "4509300882563198255"}, {"hashes": ["71656bab86e7c96d3f293a9b0a4b5e2b6d87c454796d070760383f14d2d92c81", "74094e2772540474f893ad07860f49cc618fee75ec8e275bdc6332ac2c1a3ced"], "name": "6587820802774785799"}, {"hashes": ["1b9263870412c0947f709b1045f9e8fa21afd08c6444536ae261408ffbb1c046"], "name": "4012840982513237125"}, {"hashes": ["9b2f63670a1e5724b69a25d6de99250636f453fe46823c6766a7dfa7ea2625b9"], "name": "10818456253260829694"}, {"hashes": ["a5c2f8d2e689be5b36e6e34223323965eb8d832217af5c5f93a8bfb3c24a35f2"], "name": "2456360213273612178"}], "registry": []}, "reports_count": 25}, "Win.Malware.Upatre-9987791-0": {"bis": [{"bi": "antivirus-service-flagged-artifact", "hashes": ["089ab142bc7f8da4183552f2171a6c286cd794238cdb24c5ea1518fd45aa3367", "02ee375ae0dccec565db9e27ba3b24718760cdacd85b8cd74ed6102325114c65", "3e4ea0b03196c236d194aa1fffb576f05609ff492bd0aa75d865d535e5424002", "25092b994541d8745e19da88f5a4a0fe4f11aa56eac0f3d8dc61d63c1add3556", "0c726ff73b0d2611da857e263fad49b26526fec7f94843a1f1f524e0d48dc753", "1e26e6342757fc44a0481be553a7da9cfc7e7bee74f8d047ecdd3db48099cb8e", "16f0667362c8c5dd9335987ab41c24b92036945c9d1c0ddea04d90948516cb22", "17641c06747629a7720673f5dd039f5bf7df239ae1f8958ed3dc2f7705226d0c", "7f8ce5a455849bc8edca043acff87216c97c7b7400ff83e7d49e47bcb343fc31", "8eb12396c1d850da7c9bc709fb209a25ae1f71e9680f5d5bf63b89595eb81e6e", "eaf7e2693a89b91b75f50bec521bad71a0a1952ab59d2d4feb2d68706706cb6c", "1e854f3b2e5ac899a6b7af69222158dc863dbb6df3e772de4370fb9760d81420", "060023bf7c5d1145bb08fffbc448274c20dd80c85a80e57f0df823e9f3c79c8a", "256e5aaff5776ae40c7e6125768229deb6b17682d6bd92985bc22f7c917e24c6", "2784a7512e3c82f8525f358ea544fc613f7d47fc421004e0803dc1dd1e35d2d6", "23ebe4536966753f6bbab01b39ffccb11c53be2e165511457945bd27b037aba1", "010243c7767a6b837801673fec5f7e2633a0e11c879cfeefb2bd4db175a7816a", "1c15b4eaf47ca47b54bd28bc9b153a8ede290944494061ba2bb5b8c85469d4b0", "24db56ac2049c9a8301b1da437ba4b444ffca88c878aba8edd742ef011768ccd", "1d0578ae82bfd0fa95e9ed545cf5ed279950afd7a9d781b56b2da199644f94c5", "24dca6c92172a2f6c6fd58cfdba88b1a6aa0be1ce57fc0675d5ca0da8df65a53", "05d00dd79e4213b8aa6f2d89e84fd9e183bf900d39d36ab2f013ab67f8291be3", "0c8737ef332da6de9b470248f936c9aa177d4fd2aba7ffc8c9ed47fda93d7bdd", "23c32f21fc7ec2b52e8c7ac55e5d1e3dacdacc436d5ee85f8ab9720f027aaf8d", "067258b2e61211b48cda093ec5472e6fc9af69126cd9df35d1a07694f5c24ffb", "1156286e6dbd4cfb3f9c4aa84d4eef23440bfb8e2f21b07f6f5354590a1c3f72", "1855312928b2aa88ad5ac89ba51a862d4b2de4eeb33a0ae886e5e1966e780aae", "212e75aa87694683016e93419f5cbc8780ac745fdc1042bd386eeda4062cc249", "25e9b2184b29eb5da0c534c675bee126c09ddccd01f1c653612b6fb07342d732"], "mitre_attack_tags": []}, {"bi": "pe-invalid-checksum", "hashes": ["089ab142bc7f8da4183552f2171a6c286cd794238cdb24c5ea1518fd45aa3367", "02ee375ae0dccec565db9e27ba3b24718760cdacd85b8cd74ed6102325114c65", "3e4ea0b03196c236d194aa1fffb576f05609ff492bd0aa75d865d535e5424002", "25092b994541d8745e19da88f5a4a0fe4f11aa56eac0f3d8dc61d63c1add3556", "0c726ff73b0d2611da857e263fad49b26526fec7f94843a1f1f524e0d48dc753", "1e26e6342757fc44a0481be553a7da9cfc7e7bee74f8d047ecdd3db48099cb8e", "16f0667362c8c5dd9335987ab41c24b92036945c9d1c0ddea04d90948516cb22", "17641c06747629a7720673f5dd039f5bf7df239ae1f8958ed3dc2f7705226d0c", "7f8ce5a455849bc8edca043acff87216c97c7b7400ff83e7d49e47bcb343fc31", "8eb12396c1d850da7c9bc709fb209a25ae1f71e9680f5d5bf63b89595eb81e6e", "eaf7e2693a89b91b75f50bec521bad71a0a1952ab59d2d4feb2d68706706cb6c", "1e854f3b2e5ac899a6b7af69222158dc863dbb6df3e772de4370fb9760d81420", "060023bf7c5d1145bb08fffbc448274c20dd80c85a80e57f0df823e9f3c79c8a", "256e5aaff5776ae40c7e6125768229deb6b17682d6bd92985bc22f7c917e24c6", "2784a7512e3c82f8525f358ea544fc613f7d47fc421004e0803dc1dd1e35d2d6", "23ebe4536966753f6bbab01b39ffccb11c53be2e165511457945bd27b037aba1", "010243c7767a6b837801673fec5f7e2633a0e11c879cfeefb2bd4db175a7816a", "1c15b4eaf47ca47b54bd28bc9b153a8ede290944494061ba2bb5b8c85469d4b0", "24db56ac2049c9a8301b1da437ba4b444ffca88c878aba8edd742ef011768ccd", "1d0578ae82bfd0fa95e9ed545cf5ed279950afd7a9d781b56b2da199644f94c5", "24dca6c92172a2f6c6fd58cfdba88b1a6aa0be1ce57fc0675d5ca0da8df65a53", "05d00dd79e4213b8aa6f2d89e84fd9e183bf900d39d36ab2f013ab67f8291be3", "0c8737ef332da6de9b470248f936c9aa177d4fd2aba7ffc8c9ed47fda93d7bdd", "23c32f21fc7ec2b52e8c7ac55e5d1e3dacdacc436d5ee85f8ab9720f027aaf8d", "067258b2e61211b48cda093ec5472e6fc9af69126cd9df35d1a07694f5c24ffb", "1156286e6dbd4cfb3f9c4aa84d4eef23440bfb8e2f21b07f6f5354590a1c3f72", "1855312928b2aa88ad5ac89ba51a862d4b2de4eeb33a0ae886e5e1966e780aae", "212e75aa87694683016e93419f5cbc8780ac745fdc1042bd386eeda4062cc249", "25e9b2184b29eb5da0c534c675bee126c09ddccd01f1c653612b6fb07342d732"], "mitre_attack_tags": []}, {"bi": "memory-execute-readwrite", "hashes": ["089ab142bc7f8da4183552f2171a6c286cd794238cdb24c5ea1518fd45aa3367", "02ee375ae0dccec565db9e27ba3b24718760cdacd85b8cd74ed6102325114c65", "3e4ea0b03196c236d194aa1fffb576f05609ff492bd0aa75d865d535e5424002", "25092b994541d8745e19da88f5a4a0fe4f11aa56eac0f3d8dc61d63c1add3556", "0c726ff73b0d2611da857e263fad49b26526fec7f94843a1f1f524e0d48dc753", "16f0667362c8c5dd9335987ab41c24b92036945c9d1c0ddea04d90948516cb22", "17641c06747629a7720673f5dd039f5bf7df239ae1f8958ed3dc2f7705226d0c", "7f8ce5a455849bc8edca043acff87216c97c7b7400ff83e7d49e47bcb343fc31", "8eb12396c1d850da7c9bc709fb209a25ae1f71e9680f5d5bf63b89595eb81e6e", "eaf7e2693a89b91b75f50bec521bad71a0a1952ab59d2d4feb2d68706706cb6c", "1e854f3b2e5ac899a6b7af69222158dc863dbb6df3e772de4370fb9760d81420", "060023bf7c5d1145bb08fffbc448274c20dd80c85a80e57f0df823e9f3c79c8a", "256e5aaff5776ae40c7e6125768229deb6b17682d6bd92985bc22f7c917e24c6", "2784a7512e3c82f8525f358ea544fc613f7d47fc421004e0803dc1dd1e35d2d6", "23ebe4536966753f6bbab01b39ffccb11c53be2e165511457945bd27b037aba1", "010243c7767a6b837801673fec5f7e2633a0e11c879cfeefb2bd4db175a7816a", "1c15b4eaf47ca47b54bd28bc9b153a8ede290944494061ba2bb5b8c85469d4b0", "24db56ac2049c9a8301b1da437ba4b444ffca88c878aba8edd742ef011768ccd", "1d0578ae82bfd0fa95e9ed545cf5ed279950afd7a9d781b56b2da199644f94c5", "24dca6c92172a2f6c6fd58cfdba88b1a6aa0be1ce57fc0675d5ca0da8df65a53", "05d00dd79e4213b8aa6f2d89e84fd9e183bf900d39d36ab2f013ab67f8291be3", "0c8737ef332da6de9b470248f936c9aa177d4fd2aba7ffc8c9ed47fda93d7bdd", "23c32f21fc7ec2b52e8c7ac55e5d1e3dacdacc436d5ee85f8ab9720f027aaf8d", "067258b2e61211b48cda093ec5472e6fc9af69126cd9df35d1a07694f5c24ffb", "1156286e6dbd4cfb3f9c4aa84d4eef23440bfb8e2f21b07f6f5354590a1c3f72", "1855312928b2aa88ad5ac89ba51a862d4b2de4eeb33a0ae886e5e1966e780aae", "212e75aa87694683016e93419f5cbc8780ac745fdc1042bd386eeda4062cc249", "25e9b2184b29eb5da0c534c675bee126c09ddccd01f1c653612b6fb07342d732"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "modified-executable", "hashes": ["089ab142bc7f8da4183552f2171a6c286cd794238cdb24c5ea1518fd45aa3367", "02ee375ae0dccec565db9e27ba3b24718760cdacd85b8cd74ed6102325114c65", "3e4ea0b03196c236d194aa1fffb576f05609ff492bd0aa75d865d535e5424002", "25092b994541d8745e19da88f5a4a0fe4f11aa56eac0f3d8dc61d63c1add3556", "0c726ff73b0d2611da857e263fad49b26526fec7f94843a1f1f524e0d48dc753", "16f0667362c8c5dd9335987ab41c24b92036945c9d1c0ddea04d90948516cb22", "17641c06747629a7720673f5dd039f5bf7df239ae1f8958ed3dc2f7705226d0c", "7f8ce5a455849bc8edca043acff87216c97c7b7400ff83e7d49e47bcb343fc31", "8eb12396c1d850da7c9bc709fb209a25ae1f71e9680f5d5bf63b89595eb81e6e", "eaf7e2693a89b91b75f50bec521bad71a0a1952ab59d2d4feb2d68706706cb6c", "1e854f3b2e5ac899a6b7af69222158dc863dbb6df3e772de4370fb9760d81420", "060023bf7c5d1145bb08fffbc448274c20dd80c85a80e57f0df823e9f3c79c8a", "256e5aaff5776ae40c7e6125768229deb6b17682d6bd92985bc22f7c917e24c6", "2784a7512e3c82f8525f358ea544fc613f7d47fc421004e0803dc1dd1e35d2d6", "23ebe4536966753f6bbab01b39ffccb11c53be2e165511457945bd27b037aba1", "010243c7767a6b837801673fec5f7e2633a0e11c879cfeefb2bd4db175a7816a", "1c15b4eaf47ca47b54bd28bc9b153a8ede290944494061ba2bb5b8c85469d4b0", "24db56ac2049c9a8301b1da437ba4b444ffca88c878aba8edd742ef011768ccd", "1d0578ae82bfd0fa95e9ed545cf5ed279950afd7a9d781b56b2da199644f94c5", "24dca6c92172a2f6c6fd58cfdba88b1a6aa0be1ce57fc0675d5ca0da8df65a53", "05d00dd79e4213b8aa6f2d89e84fd9e183bf900d39d36ab2f013ab67f8291be3", "0c8737ef332da6de9b470248f936c9aa177d4fd2aba7ffc8c9ed47fda93d7bdd", "23c32f21fc7ec2b52e8c7ac55e5d1e3dacdacc436d5ee85f8ab9720f027aaf8d", "067258b2e61211b48cda093ec5472e6fc9af69126cd9df35d1a07694f5c24ffb", "1156286e6dbd4cfb3f9c4aa84d4eef23440bfb8e2f21b07f6f5354590a1c3f72", "1855312928b2aa88ad5ac89ba51a862d4b2de4eeb33a0ae886e5e1966e780aae", "212e75aa87694683016e93419f5cbc8780ac745fdc1042bd386eeda4062cc249", "25e9b2184b29eb5da0c534c675bee126c09ddccd01f1c653612b6fb07342d732"], "mitre_attack_tags": []}, {"bi": "created-executable-in-user-dir", "hashes": ["089ab142bc7f8da4183552f2171a6c286cd794238cdb24c5ea1518fd45aa3367", "02ee375ae0dccec565db9e27ba3b24718760cdacd85b8cd74ed6102325114c65", "3e4ea0b03196c236d194aa1fffb576f05609ff492bd0aa75d865d535e5424002", "25092b994541d8745e19da88f5a4a0fe4f11aa56eac0f3d8dc61d63c1add3556", "0c726ff73b0d2611da857e263fad49b26526fec7f94843a1f1f524e0d48dc753", "16f0667362c8c5dd9335987ab41c24b92036945c9d1c0ddea04d90948516cb22", "17641c06747629a7720673f5dd039f5bf7df239ae1f8958ed3dc2f7705226d0c", "7f8ce5a455849bc8edca043acff87216c97c7b7400ff83e7d49e47bcb343fc31", "8eb12396c1d850da7c9bc709fb209a25ae1f71e9680f5d5bf63b89595eb81e6e", "eaf7e2693a89b91b75f50bec521bad71a0a1952ab59d2d4feb2d68706706cb6c", "1e854f3b2e5ac899a6b7af69222158dc863dbb6df3e772de4370fb9760d81420", "060023bf7c5d1145bb08fffbc448274c20dd80c85a80e57f0df823e9f3c79c8a", "256e5aaff5776ae40c7e6125768229deb6b17682d6bd92985bc22f7c917e24c6", "2784a7512e3c82f8525f358ea544fc613f7d47fc421004e0803dc1dd1e35d2d6", "23ebe4536966753f6bbab01b39ffccb11c53be2e165511457945bd27b037aba1", "010243c7767a6b837801673fec5f7e2633a0e11c879cfeefb2bd4db175a7816a", "1c15b4eaf47ca47b54bd28bc9b153a8ede290944494061ba2bb5b8c85469d4b0", "24db56ac2049c9a8301b1da437ba4b444ffca88c878aba8edd742ef011768ccd", "1d0578ae82bfd0fa95e9ed545cf5ed279950afd7a9d781b56b2da199644f94c5", "24dca6c92172a2f6c6fd58cfdba88b1a6aa0be1ce57fc0675d5ca0da8df65a53", "05d00dd79e4213b8aa6f2d89e84fd9e183bf900d39d36ab2f013ab67f8291be3", "0c8737ef332da6de9b470248f936c9aa177d4fd2aba7ffc8c9ed47fda93d7bdd", "23c32f21fc7ec2b52e8c7ac55e5d1e3dacdacc436d5ee85f8ab9720f027aaf8d", "067258b2e61211b48cda093ec5472e6fc9af69126cd9df35d1a07694f5c24ffb", "1156286e6dbd4cfb3f9c4aa84d4eef23440bfb8e2f21b07f6f5354590a1c3f72", "1855312928b2aa88ad5ac89ba51a862d4b2de4eeb33a0ae886e5e1966e780aae", "212e75aa87694683016e93419f5cbc8780ac745fdc1042bd386eeda4062cc249", "25e9b2184b29eb5da0c534c675bee126c09ddccd01f1c653612b6fb07342d732"], "mitre_attack_tags": []}, {"bi": "modified-file-in-user-dir", "hashes": ["089ab142bc7f8da4183552f2171a6c286cd794238cdb24c5ea1518fd45aa3367", "02ee375ae0dccec565db9e27ba3b24718760cdacd85b8cd74ed6102325114c65", "3e4ea0b03196c236d194aa1fffb576f05609ff492bd0aa75d865d535e5424002", "25092b994541d8745e19da88f5a4a0fe4f11aa56eac0f3d8dc61d63c1add3556", "0c726ff73b0d2611da857e263fad49b26526fec7f94843a1f1f524e0d48dc753", "16f0667362c8c5dd9335987ab41c24b92036945c9d1c0ddea04d90948516cb22", "17641c06747629a7720673f5dd039f5bf7df239ae1f8958ed3dc2f7705226d0c", "7f8ce5a455849bc8edca043acff87216c97c7b7400ff83e7d49e47bcb343fc31", "8eb12396c1d850da7c9bc709fb209a25ae1f71e9680f5d5bf63b89595eb81e6e", "eaf7e2693a89b91b75f50bec521bad71a0a1952ab59d2d4feb2d68706706cb6c", "1e854f3b2e5ac899a6b7af69222158dc863dbb6df3e772de4370fb9760d81420", "060023bf7c5d1145bb08fffbc448274c20dd80c85a80e57f0df823e9f3c79c8a", "256e5aaff5776ae40c7e6125768229deb6b17682d6bd92985bc22f7c917e24c6", "2784a7512e3c82f8525f358ea544fc613f7d47fc421004e0803dc1dd1e35d2d6", "23ebe4536966753f6bbab01b39ffccb11c53be2e165511457945bd27b037aba1", "010243c7767a6b837801673fec5f7e2633a0e11c879cfeefb2bd4db175a7816a", "1c15b4eaf47ca47b54bd28bc9b153a8ede290944494061ba2bb5b8c85469d4b0", "24db56ac2049c9a8301b1da437ba4b444ffca88c878aba8edd742ef011768ccd", "1d0578ae82bfd0fa95e9ed545cf5ed279950afd7a9d781b56b2da199644f94c5", "24dca6c92172a2f6c6fd58cfdba88b1a6aa0be1ce57fc0675d5ca0da8df65a53", "05d00dd79e4213b8aa6f2d89e84fd9e183bf900d39d36ab2f013ab67f8291be3", "0c8737ef332da6de9b470248f936c9aa177d4fd2aba7ffc8c9ed47fda93d7bdd", "23c32f21fc7ec2b52e8c7ac55e5d1e3dacdacc436d5ee85f8ab9720f027aaf8d", "067258b2e61211b48cda093ec5472e6fc9af69126cd9df35d1a07694f5c24ffb", "1156286e6dbd4cfb3f9c4aa84d4eef23440bfb8e2f21b07f6f5354590a1c3f72", "1855312928b2aa88ad5ac89ba51a862d4b2de4eeb33a0ae886e5e1966e780aae", "212e75aa87694683016e93419f5cbc8780ac745fdc1042bd386eeda4062cc249", "25e9b2184b29eb5da0c534c675bee126c09ddccd01f1c653612b6fb07342d732"], "mitre_attack_tags": []}, {"bi": "network-fast-flux-domain", "hashes": ["089ab142bc7f8da4183552f2171a6c286cd794238cdb24c5ea1518fd45aa3367", "02ee375ae0dccec565db9e27ba3b24718760cdacd85b8cd74ed6102325114c65", "3e4ea0b03196c236d194aa1fffb576f05609ff492bd0aa75d865d535e5424002", "25092b994541d8745e19da88f5a4a0fe4f11aa56eac0f3d8dc61d63c1add3556", "0c726ff73b0d2611da857e263fad49b26526fec7f94843a1f1f524e0d48dc753", "16f0667362c8c5dd9335987ab41c24b92036945c9d1c0ddea04d90948516cb22", "17641c06747629a7720673f5dd039f5bf7df239ae1f8958ed3dc2f7705226d0c", "7f8ce5a455849bc8edca043acff87216c97c7b7400ff83e7d49e47bcb343fc31", "8eb12396c1d850da7c9bc709fb209a25ae1f71e9680f5d5bf63b89595eb81e6e", "eaf7e2693a89b91b75f50bec521bad71a0a1952ab59d2d4feb2d68706706cb6c", "1e854f3b2e5ac899a6b7af69222158dc863dbb6df3e772de4370fb9760d81420", "060023bf7c5d1145bb08fffbc448274c20dd80c85a80e57f0df823e9f3c79c8a", "256e5aaff5776ae40c7e6125768229deb6b17682d6bd92985bc22f7c917e24c6", "2784a7512e3c82f8525f358ea544fc613f7d47fc421004e0803dc1dd1e35d2d6", "23ebe4536966753f6bbab01b39ffccb11c53be2e165511457945bd27b037aba1", "010243c7767a6b837801673fec5f7e2633a0e11c879cfeefb2bd4db175a7816a", "1c15b4eaf47ca47b54bd28bc9b153a8ede290944494061ba2bb5b8c85469d4b0", "24db56ac2049c9a8301b1da437ba4b444ffca88c878aba8edd742ef011768ccd", "1d0578ae82bfd0fa95e9ed545cf5ed279950afd7a9d781b56b2da199644f94c5", "24dca6c92172a2f6c6fd58cfdba88b1a6aa0be1ce57fc0675d5ca0da8df65a53", "05d00dd79e4213b8aa6f2d89e84fd9e183bf900d39d36ab2f013ab67f8291be3", "0c8737ef332da6de9b470248f936c9aa177d4fd2aba7ffc8c9ed47fda93d7bdd", "23c32f21fc7ec2b52e8c7ac55e5d1e3dacdacc436d5ee85f8ab9720f027aaf8d", "067258b2e61211b48cda093ec5472e6fc9af69126cd9df35d1a07694f5c24ffb", "1156286e6dbd4cfb3f9c4aa84d4eef23440bfb8e2f21b07f6f5354590a1c3f72", "1855312928b2aa88ad5ac89ba51a862d4b2de4eeb33a0ae886e5e1966e780aae", "212e75aa87694683016e93419f5cbc8780ac745fdc1042bd386eeda4062cc249", "25e9b2184b29eb5da0c534c675bee126c09ddccd01f1c653612b6fb07342d732"], "mitre_attack_tags": []}, {"bi": "network-communications-http-get", "hashes": ["089ab142bc7f8da4183552f2171a6c286cd794238cdb24c5ea1518fd45aa3367", "02ee375ae0dccec565db9e27ba3b24718760cdacd85b8cd74ed6102325114c65", "3e4ea0b03196c236d194aa1fffb576f05609ff492bd0aa75d865d535e5424002", "25092b994541d8745e19da88f5a4a0fe4f11aa56eac0f3d8dc61d63c1add3556", "0c726ff73b0d2611da857e263fad49b26526fec7f94843a1f1f524e0d48dc753", "16f0667362c8c5dd9335987ab41c24b92036945c9d1c0ddea04d90948516cb22", "17641c06747629a7720673f5dd039f5bf7df239ae1f8958ed3dc2f7705226d0c", "7f8ce5a455849bc8edca043acff87216c97c7b7400ff83e7d49e47bcb343fc31", "8eb12396c1d850da7c9bc709fb209a25ae1f71e9680f5d5bf63b89595eb81e6e", "eaf7e2693a89b91b75f50bec521bad71a0a1952ab59d2d4feb2d68706706cb6c", "1e854f3b2e5ac899a6b7af69222158dc863dbb6df3e772de4370fb9760d81420", "060023bf7c5d1145bb08fffbc448274c20dd80c85a80e57f0df823e9f3c79c8a", "256e5aaff5776ae40c7e6125768229deb6b17682d6bd92985bc22f7c917e24c6", "2784a7512e3c82f8525f358ea544fc613f7d47fc421004e0803dc1dd1e35d2d6", "23ebe4536966753f6bbab01b39ffccb11c53be2e165511457945bd27b037aba1", "010243c7767a6b837801673fec5f7e2633a0e11c879cfeefb2bd4db175a7816a", "1c15b4eaf47ca47b54bd28bc9b153a8ede290944494061ba2bb5b8c85469d4b0", "24db56ac2049c9a8301b1da437ba4b444ffca88c878aba8edd742ef011768ccd", "1d0578ae82bfd0fa95e9ed545cf5ed279950afd7a9d781b56b2da199644f94c5", "24dca6c92172a2f6c6fd58cfdba88b1a6aa0be1ce57fc0675d5ca0da8df65a53", "05d00dd79e4213b8aa6f2d89e84fd9e183bf900d39d36ab2f013ab67f8291be3", "0c8737ef332da6de9b470248f936c9aa177d4fd2aba7ffc8c9ed47fda93d7bdd", "23c32f21fc7ec2b52e8c7ac55e5d1e3dacdacc436d5ee85f8ab9720f027aaf8d", "067258b2e61211b48cda093ec5472e6fc9af69126cd9df35d1a07694f5c24ffb", "1156286e6dbd4cfb3f9c4aa84d4eef23440bfb8e2f21b07f6f5354590a1c3f72", "1855312928b2aa88ad5ac89ba51a862d4b2de4eeb33a0ae886e5e1966e780aae", "212e75aa87694683016e93419f5cbc8780ac745fdc1042bd386eeda4062cc249", "25e9b2184b29eb5da0c534c675bee126c09ddccd01f1c653612b6fb07342d732"], "mitre_attack_tags": ["TA0011", "T1105"]}, {"bi": "dns-query-nxdomain", "hashes": ["089ab142bc7f8da4183552f2171a6c286cd794238cdb24c5ea1518fd45aa3367", "02ee375ae0dccec565db9e27ba3b24718760cdacd85b8cd74ed6102325114c65", "3e4ea0b03196c236d194aa1fffb576f05609ff492bd0aa75d865d535e5424002", "25092b994541d8745e19da88f5a4a0fe4f11aa56eac0f3d8dc61d63c1add3556", "0c726ff73b0d2611da857e263fad49b26526fec7f94843a1f1f524e0d48dc753", "16f0667362c8c5dd9335987ab41c24b92036945c9d1c0ddea04d90948516cb22", "17641c06747629a7720673f5dd039f5bf7df239ae1f8958ed3dc2f7705226d0c", "7f8ce5a455849bc8edca043acff87216c97c7b7400ff83e7d49e47bcb343fc31", "8eb12396c1d850da7c9bc709fb209a25ae1f71e9680f5d5bf63b89595eb81e6e", "eaf7e2693a89b91b75f50bec521bad71a0a1952ab59d2d4feb2d68706706cb6c", "1e854f3b2e5ac899a6b7af69222158dc863dbb6df3e772de4370fb9760d81420", "060023bf7c5d1145bb08fffbc448274c20dd80c85a80e57f0df823e9f3c79c8a", "256e5aaff5776ae40c7e6125768229deb6b17682d6bd92985bc22f7c917e24c6", "2784a7512e3c82f8525f358ea544fc613f7d47fc421004e0803dc1dd1e35d2d6", "23ebe4536966753f6bbab01b39ffccb11c53be2e165511457945bd27b037aba1", "010243c7767a6b837801673fec5f7e2633a0e11c879cfeefb2bd4db175a7816a", "1c15b4eaf47ca47b54bd28bc9b153a8ede290944494061ba2bb5b8c85469d4b0", "24db56ac2049c9a8301b1da437ba4b444ffca88c878aba8edd742ef011768ccd", "1d0578ae82bfd0fa95e9ed545cf5ed279950afd7a9d781b56b2da199644f94c5", "24dca6c92172a2f6c6fd58cfdba88b1a6aa0be1ce57fc0675d5ca0da8df65a53", "05d00dd79e4213b8aa6f2d89e84fd9e183bf900d39d36ab2f013ab67f8291be3", "0c8737ef332da6de9b470248f936c9aa177d4fd2aba7ffc8c9ed47fda93d7bdd", "23c32f21fc7ec2b52e8c7ac55e5d1e3dacdacc436d5ee85f8ab9720f027aaf8d", "067258b2e61211b48cda093ec5472e6fc9af69126cd9df35d1a07694f5c24ffb", "1156286e6dbd4cfb3f9c4aa84d4eef23440bfb8e2f21b07f6f5354590a1c3f72", "1855312928b2aa88ad5ac89ba51a862d4b2de4eeb33a0ae886e5e1966e780aae", "212e75aa87694683016e93419f5cbc8780ac745fdc1042bd386eeda4062cc249", "25e9b2184b29eb5da0c534c675bee126c09ddccd01f1c653612b6fb07342d732"], "mitre_attack_tags": []}, {"bi": "network-only-safe-domains-contacted", "hashes": ["089ab142bc7f8da4183552f2171a6c286cd794238cdb24c5ea1518fd45aa3367", "02ee375ae0dccec565db9e27ba3b24718760cdacd85b8cd74ed6102325114c65", "3e4ea0b03196c236d194aa1fffb576f05609ff492bd0aa75d865d535e5424002", "25092b994541d8745e19da88f5a4a0fe4f11aa56eac0f3d8dc61d63c1add3556", "0c726ff73b0d2611da857e263fad49b26526fec7f94843a1f1f524e0d48dc753", "16f0667362c8c5dd9335987ab41c24b92036945c9d1c0ddea04d90948516cb22", "17641c06747629a7720673f5dd039f5bf7df239ae1f8958ed3dc2f7705226d0c", "7f8ce5a455849bc8edca043acff87216c97c7b7400ff83e7d49e47bcb343fc31", "8eb12396c1d850da7c9bc709fb209a25ae1f71e9680f5d5bf63b89595eb81e6e", "eaf7e2693a89b91b75f50bec521bad71a0a1952ab59d2d4feb2d68706706cb6c", "1e854f3b2e5ac899a6b7af69222158dc863dbb6df3e772de4370fb9760d81420", "060023bf7c5d1145bb08fffbc448274c20dd80c85a80e57f0df823e9f3c79c8a", "256e5aaff5776ae40c7e6125768229deb6b17682d6bd92985bc22f7c917e24c6", "2784a7512e3c82f8525f358ea544fc613f7d47fc421004e0803dc1dd1e35d2d6", "23ebe4536966753f6bbab01b39ffccb11c53be2e165511457945bd27b037aba1", "010243c7767a6b837801673fec5f7e2633a0e11c879cfeefb2bd4db175a7816a", "1c15b4eaf47ca47b54bd28bc9b153a8ede290944494061ba2bb5b8c85469d4b0", "24db56ac2049c9a8301b1da437ba4b444ffca88c878aba8edd742ef011768ccd", "1d0578ae82bfd0fa95e9ed545cf5ed279950afd7a9d781b56b2da199644f94c5", "24dca6c92172a2f6c6fd58cfdba88b1a6aa0be1ce57fc0675d5ca0da8df65a53", "05d00dd79e4213b8aa6f2d89e84fd9e183bf900d39d36ab2f013ab67f8291be3", "0c8737ef332da6de9b470248f936c9aa177d4fd2aba7ffc8c9ed47fda93d7bdd", "23c32f21fc7ec2b52e8c7ac55e5d1e3dacdacc436d5ee85f8ab9720f027aaf8d", "067258b2e61211b48cda093ec5472e6fc9af69126cd9df35d1a07694f5c24ffb", "1156286e6dbd4cfb3f9c4aa84d4eef23440bfb8e2f21b07f6f5354590a1c3f72", "1855312928b2aa88ad5ac89ba51a862d4b2de4eeb33a0ae886e5e1966e780aae", "212e75aa87694683016e93419f5cbc8780ac745fdc1042bd386eeda4062cc249", "25e9b2184b29eb5da0c534c675bee126c09ddccd01f1c653612b6fb07342d732"], "mitre_attack_tags": []}, {"bi": "network-file-downloaded-to-disk", "hashes": ["089ab142bc7f8da4183552f2171a6c286cd794238cdb24c5ea1518fd45aa3367", "02ee375ae0dccec565db9e27ba3b24718760cdacd85b8cd74ed6102325114c65", "3e4ea0b03196c236d194aa1fffb576f05609ff492bd0aa75d865d535e5424002", "25092b994541d8745e19da88f5a4a0fe4f11aa56eac0f3d8dc61d63c1add3556", "0c726ff73b0d2611da857e263fad49b26526fec7f94843a1f1f524e0d48dc753", "16f0667362c8c5dd9335987ab41c24b92036945c9d1c0ddea04d90948516cb22", "17641c06747629a7720673f5dd039f5bf7df239ae1f8958ed3dc2f7705226d0c", "7f8ce5a455849bc8edca043acff87216c97c7b7400ff83e7d49e47bcb343fc31", "8eb12396c1d850da7c9bc709fb209a25ae1f71e9680f5d5bf63b89595eb81e6e", "eaf7e2693a89b91b75f50bec521bad71a0a1952ab59d2d4feb2d68706706cb6c", "1e854f3b2e5ac899a6b7af69222158dc863dbb6df3e772de4370fb9760d81420", "060023bf7c5d1145bb08fffbc448274c20dd80c85a80e57f0df823e9f3c79c8a", "256e5aaff5776ae40c7e6125768229deb6b17682d6bd92985bc22f7c917e24c6", "2784a7512e3c82f8525f358ea544fc613f7d47fc421004e0803dc1dd1e35d2d6", "23ebe4536966753f6bbab01b39ffccb11c53be2e165511457945bd27b037aba1", "010243c7767a6b837801673fec5f7e2633a0e11c879cfeefb2bd4db175a7816a", "1c15b4eaf47ca47b54bd28bc9b153a8ede290944494061ba2bb5b8c85469d4b0", "24db56ac2049c9a8301b1da437ba4b444ffca88c878aba8edd742ef011768ccd", "1d0578ae82bfd0fa95e9ed545cf5ed279950afd7a9d781b56b2da199644f94c5", "24dca6c92172a2f6c6fd58cfdba88b1a6aa0be1ce57fc0675d5ca0da8df65a53", "05d00dd79e4213b8aa6f2d89e84fd9e183bf900d39d36ab2f013ab67f8291be3", "0c8737ef332da6de9b470248f936c9aa177d4fd2aba7ffc8c9ed47fda93d7bdd", "23c32f21fc7ec2b52e8c7ac55e5d1e3dacdacc436d5ee85f8ab9720f027aaf8d", "067258b2e61211b48cda093ec5472e6fc9af69126cd9df35d1a07694f5c24ffb", "1156286e6dbd4cfb3f9c4aa84d4eef23440bfb8e2f21b07f6f5354590a1c3f72", "1855312928b2aa88ad5ac89ba51a862d4b2de4eeb33a0ae886e5e1966e780aae", "212e75aa87694683016e93419f5cbc8780ac745fdc1042bd386eeda4062cc249", "25e9b2184b29eb5da0c534c675bee126c09ddccd01f1c653612b6fb07342d732"], "mitre_attack_tags": []}, {"bi": "feed-domain-antivirus-service", "hashes": ["089ab142bc7f8da4183552f2171a6c286cd794238cdb24c5ea1518fd45aa3367", "02ee375ae0dccec565db9e27ba3b24718760cdacd85b8cd74ed6102325114c65", "3e4ea0b03196c236d194aa1fffb576f05609ff492bd0aa75d865d535e5424002", "25092b994541d8745e19da88f5a4a0fe4f11aa56eac0f3d8dc61d63c1add3556", "0c726ff73b0d2611da857e263fad49b26526fec7f94843a1f1f524e0d48dc753", "16f0667362c8c5dd9335987ab41c24b92036945c9d1c0ddea04d90948516cb22", "17641c06747629a7720673f5dd039f5bf7df239ae1f8958ed3dc2f7705226d0c", "7f8ce5a455849bc8edca043acff87216c97c7b7400ff83e7d49e47bcb343fc31", "8eb12396c1d850da7c9bc709fb209a25ae1f71e9680f5d5bf63b89595eb81e6e", "eaf7e2693a89b91b75f50bec521bad71a0a1952ab59d2d4feb2d68706706cb6c", "1e854f3b2e5ac899a6b7af69222158dc863dbb6df3e772de4370fb9760d81420", "060023bf7c5d1145bb08fffbc448274c20dd80c85a80e57f0df823e9f3c79c8a", "256e5aaff5776ae40c7e6125768229deb6b17682d6bd92985bc22f7c917e24c6", "2784a7512e3c82f8525f358ea544fc613f7d47fc421004e0803dc1dd1e35d2d6", "23ebe4536966753f6bbab01b39ffccb11c53be2e165511457945bd27b037aba1", "010243c7767a6b837801673fec5f7e2633a0e11c879cfeefb2bd4db175a7816a", "1c15b4eaf47ca47b54bd28bc9b153a8ede290944494061ba2bb5b8c85469d4b0", "24db56ac2049c9a8301b1da437ba4b444ffca88c878aba8edd742ef011768ccd", "1d0578ae82bfd0fa95e9ed545cf5ed279950afd7a9d781b56b2da199644f94c5", "24dca6c92172a2f6c6fd58cfdba88b1a6aa0be1ce57fc0675d5ca0da8df65a53", "05d00dd79e4213b8aa6f2d89e84fd9e183bf900d39d36ab2f013ab67f8291be3", "0c8737ef332da6de9b470248f936c9aa177d4fd2aba7ffc8c9ed47fda93d7bdd", "23c32f21fc7ec2b52e8c7ac55e5d1e3dacdacc436d5ee85f8ab9720f027aaf8d", "067258b2e61211b48cda093ec5472e6fc9af69126cd9df35d1a07694f5c24ffb", "1156286e6dbd4cfb3f9c4aa84d4eef23440bfb8e2f21b07f6f5354590a1c3f72", "1855312928b2aa88ad5ac89ba51a862d4b2de4eeb33a0ae886e5e1966e780aae", "212e75aa87694683016e93419f5cbc8780ac745fdc1042bd386eeda4062cc249", "25e9b2184b29eb5da0c534c675bee126c09ddccd01f1c653612b6fb07342d732"], "mitre_attack_tags": []}, {"bi": "pe-header-subsystem", "hashes": ["1e26e6342757fc44a0481be553a7da9cfc7e7bee74f8d047ecdd3db48099cb8e"], "mitre_attack_tags": ["TA0005", "T1027"]}], "category": "Malware", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": true, "Threat Grid": true, "Umbrella": false, "WSA": false}, "description": "Upatre is a malicious downloader often used by exploit kits and phishing campaigns. Upatre downloads and executes malicious executables such as banking malware.", "hashes": ["010243c7767a6b837801673fec5f7e2633a0e11c879cfeefb2bd4db175a7816a", "02ee375ae0dccec565db9e27ba3b24718760cdacd85b8cd74ed6102325114c65", "05d00dd79e4213b8aa6f2d89e84fd9e183bf900d39d36ab2f013ab67f8291be3", "060023bf7c5d1145bb08fffbc448274c20dd80c85a80e57f0df823e9f3c79c8a", "067258b2e61211b48cda093ec5472e6fc9af69126cd9df35d1a07694f5c24ffb", "089ab142bc7f8da4183552f2171a6c286cd794238cdb24c5ea1518fd45aa3367", "0c726ff73b0d2611da857e263fad49b26526fec7f94843a1f1f524e0d48dc753", "0c8737ef332da6de9b470248f936c9aa177d4fd2aba7ffc8c9ed47fda93d7bdd", "1156286e6dbd4cfb3f9c4aa84d4eef23440bfb8e2f21b07f6f5354590a1c3f72", "16f0667362c8c5dd9335987ab41c24b92036945c9d1c0ddea04d90948516cb22", "17641c06747629a7720673f5dd039f5bf7df239ae1f8958ed3dc2f7705226d0c", "1855312928b2aa88ad5ac89ba51a862d4b2de4eeb33a0ae886e5e1966e780aae", "1c15b4eaf47ca47b54bd28bc9b153a8ede290944494061ba2bb5b8c85469d4b0", "1d0578ae82bfd0fa95e9ed545cf5ed279950afd7a9d781b56b2da199644f94c5", "1e26e6342757fc44a0481be553a7da9cfc7e7bee74f8d047ecdd3db48099cb8e", "1e854f3b2e5ac899a6b7af69222158dc863dbb6df3e772de4370fb9760d81420", "212e75aa87694683016e93419f5cbc8780ac745fdc1042bd386eeda4062cc249", "23c32f21fc7ec2b52e8c7ac55e5d1e3dacdacc436d5ee85f8ab9720f027aaf8d", "23ebe4536966753f6bbab01b39ffccb11c53be2e165511457945bd27b037aba1", "24db56ac2049c9a8301b1da437ba4b444ffca88c878aba8edd742ef011768ccd", "24dca6c92172a2f6c6fd58cfdba88b1a6aa0be1ce57fc0675d5ca0da8df65a53", "25092b994541d8745e19da88f5a4a0fe4f11aa56eac0f3d8dc61d63c1add3556", "256e5aaff5776ae40c7e6125768229deb6b17682d6bd92985bc22f7c917e24c6", "25e9b2184b29eb5da0c534c675bee126c09ddccd01f1c653612b6fb07342d732", "2784a7512e3c82f8525f358ea544fc613f7d47fc421004e0803dc1dd1e35d2d6", "2d20ff2f732bb25071f156cd5ea02a0dd4cfdd783e8631554a7763c593703b09", "2d76bdc1a3f9008429459a6e21f070e501f788b53e3bfedb01268c667832a71d", "2e958563ccb6d0a77d5dbd1f2f561a9965827c3744faf201c068b83068cd61ee", "305318dd0f4afcecc42faa804eef150756c0dc6f7fd099da37f0890bb855dbc7", "3085b6a5d98875f54b28b212e11bad1a1106b65dd222f289720727dca3821510", "31cd9cd01c86abacdb78c5277bec57464b51a95533084a937b0666007b318dc4", "340dd648aa4401540e89d7b9aa2fd80c431bc0800d2012adf896e581d078a8a3", "3589ad0017302caaf45246634c98344c15ac2fb41df8f5b3b545bdc74ba5f760", "36a7bc0f04a749e8b4372e489d60487203995719289efe455ae46f6e2e5973f0", "38e1f7aa028b1937d68d115cc9fe4aeff083a37639e3c4578e749d9aaf12bdfa", "396d0013f8b0e8948e1e92b40a63f5975f6a8f457ee295e958164a6fabf6bb5d", "3aaa78540807b8856f749a31d57200559f6a005e884801da4766c828a9eb4b82", "3b07ca53eeda0acca572da82d19e2a2b2ed0d1a4320f819b2b6a143d9b8b4214", "3d1b7a84558dcc41fb74677083221bd24eff92a5a6377b88e28610abe1bf278e", "3e4ea0b03196c236d194aa1fffb576f05609ff492bd0aa75d865d535e5424002", "3ee2334542c2c61ac6eea96fac3f05cdcbb8c75f927f55033272263004a45323", "400e8212c8a1e39b2e066e76bede21097152510c70b1be8da085fea736709ea2", "431d8d293d61172182c1a127e818aac2901307cdcc36d93da631cbf6ed9a5c90", "481c305ef21ebcd3b50284feec355e008e8979535b5902e458f57237a43e52ff", "485a53b9f535d0e5fa239bca320c9bd2d4ff2e29aba067d922abfaf853c3a7d1", "4881f96210c7bbf5182c80a48f56f8fd0f2d59aaf2074faa4b9f541c282a24ed", "48bf8e7c15c201aa45054a0f7d50b9158214a49c44cc5a04d159b2f0c7d4a085", "4987fc3e0dfdb32319679887b4dbc60aa8e69f649e8c3c00481bc19371721ba9", "4bfc232ffff7150ee15131d320cd8f342da804622e9b84eba4c9c7274f4f4cfc", "4da89143b2e8aeeb657a7abf12d0b4b1fdcce2813eee34e820f4bf5b9ffcfdbe", "503b3646da97230f45dd833e41332b188043f0e5f0cb264dbcb22b8243c6b51c", "52c2fd524ba625bfdfe21beb670024056720aa24b7dd07c55abbe75aa77e2583", "54b6b136f05c40de598c740a7f8e7788409f7d5b345d0c32c934e28c8f304b77", "562e764eed234dffcf388b9eee70c16daf42ba9b713b440b28c37b986351dcee", "5873630dc927b02238038d6ab12411d305a4cdffe37c22e978b6676ccdfc2864", "590126fb25108b64aa3f3feedf44562449ef732d4671d393bb087f107e5e0c7b", "5cab4ff8066192213237f604a09d9684d6d32ceae000007c66174aef762b7f71", "5e12ad8b0cc7a908036b27e87cc32185dcb0ed6c889ff3f1d1b6ac99c3a87346", "62ea2362faf002441ffdce5682b03e5f330d0fb72ab07387e3e72aadb6b7b56c", "63b18c0f1849def69dddeae245459307ad4d44dffff698a5a7f9773b4ba7501f", "64d7526cc687e8bf8e0b316653970063bb3b0becc504328183ad9ae5ff4fab8b", "65eaa4f0f2d964cc13fd243dcb17f2deacc571aedac4b7f3f980dc92278e13c6", "6883e3d4c0fb8cc3928a8d73e31890475a4d88bc301279a29cb7b7def493e686", "692f51a5176a91e897a94917975210404965d2cc5b39ee01de93707b79dcbeb4", "6b496a8cb7c4857d5ef595c30f72136892523504cb7d0b0e93fc41f4229a56dc", "6ddcdc8f6e4e072bc5584c605b722c8d0775cad8c54ddf4946223032e8995ecf", "70cc27652081bd6c2cc86810cfb9811885b29f59660913fca3ef9568f94a908e", "70daea7081d172da23fef05ed3aa0adbd9c814f9c9dc996c467f1ae05e091968", "717997154ab981c0098fe0f10985f869d26d25a2980642cd38d6c2d0b23d1257", "74623709249f9e233d0e73b1bec83d1450abea97ba17a71c7013bb63f799dd46", "74a1020bbd7170e54b5b91471a2603704af22c737a65815e8798f88059b06522", "74eb23c38abe80ed4b10aa382a841a20e9df50be39f603c9a838763f89f7f4a2", "757fc060bb17846891cb63a217549001f2b609dbeba94e1a0b368888c94fe94d", "758273293a1ee77aa930d95a4bfb72e4b971963179c86b2465c11b4cbd1421d0", "79f81706cc4cdea236f0d20fb0fbb7c35d0e36b69004ca4aa8194f01f4c3c81c", "7a8a5cf46e6f533636ddfff73b3d6c0097159d12b27cfd7c213c65ebf023a707", "7adc7083930558a43623e26e3da4b031f6a7c376d90b5c24a4360b1578e3eae8", "7b01f487e76582226a7884299b811b3904c92c2b227508e453086b0e19181405", "7b748cd97fac51c5d60157aae4bafe9e9f0add4ac1ba149ef18d30be8484f2f8", "7f8ce5a455849bc8edca043acff87216c97c7b7400ff83e7d49e47bcb343fc31", "84bdfa7f7a01e4224a47ed8a938a8fdfaff2b8a46cf079894078179cd82e5435", "86baabcf40635c2826ab84d73e25ecbca4a3aa6d404e11d5d5b0b44b02014ec9", "874b998ca4af275e132e5e6966c391621ec29f3fdb285a7d7d484ed7edcf4a61", "88dab844acbecde34bdd2e91b2dd562695eeb01fbdefafe35b4a1e4b497a22bc", "8a08a119d3be0dc6f1b9e3065d56cb882f0bfe068851701170982a2cc83047ba", "8b961d7a82dde9a1de8594dae3c0d472cde7b43b5d07ba02f661c64920917b9a", "8bef443748239e5316813383f1843718db98efbfe87033471d421c230761dc6c", "8e59f0cab987b76b2dc7a34fd6c2ebe893a4ca1666b02f76a69fbd636abf0888", "8e6e683709bc1b57c4ab83f405ec4174b62531c8a591f64b76f84ce047be2b18", "8eb12396c1d850da7c9bc709fb209a25ae1f71e9680f5d5bf63b89595eb81e6e", "8fd74ad631c8affde8e45b98e402751e4bde00b59ac05f7bf59545a1890e111e", "9045d3bb6d515905c592d93b5b6d5cd9ce9378d14ba47b8926363fef752db7c0", "92dc1af1eb0836362ed57834bc3a0e108112a637d0aaac119e8ed94bd6032e8f", "959c28ae2604a0c1d3bd4c8af65d60d4ee1ab0dd88b4ec54829b43f9a841ce4d", "9933de3eefac69b714ef1ecb6105326263105871aae5d5a14da66861e12f05a8", "9b876a2cacaa9dc6906f4947e1d69da1c5928caae9894a23ab700b3c3105b930", "9e684f892b3158b332dd259b38bc4ed7c29c7fe2039710205dc29ee3a784b218", "a00c182f9606c49f8d2574ccd1771fdce0bab35fad65097e695b45d992146737", "a1472a5f2b832f6c127ae017ad3cdbb865af17af445058d6dddbec8a3968cc1b", "a3750319b15a71f4ca9e5de2d5392955edd8a5835e5ae782816c005a53e1becf", "a46f24da0d9d31b5a0706e9ba6d3da6b127b527e4b6088dd3d6f37a0aec6153e", "a5be555f4ff0bb74b0fccd8b872b68ce2c95a574b8c9de8061dd604fc154063e", "a6495443ad160e5b68b3e084434f687a4c1547a334f211bba5d03ee2231ba95f", "a710cf67b001f6060e95f2231685936e4a51800e35418d0f65e841f2d97b973c", "ab71d53b26df32a7ef46b6f92139b99c674af610fc16e9c13e4b9528e68be706", "ad48ecc5467e541302726c4091777d758dc891354391ac3401bd2f42ceaf5d72", "ad662d62f199e4b25b90802fbddaf8df7866f10aea6a9688814f23bd05c00a63", "afeadda743f0f67b65410b38a016e380f95d4c30857f85464f193c643ebb5045", "b01bcaa89106452295a28c9c42f240a621ddc85b7bde9a48d38e802858320ce1", "b133b90b6191db88962f15dbe71c8ff70303e8163bcc69868411f13d726dcccd", "b262d4cf9eaa6e4366cc52dbe65946fcd8f083fd2cc65d7eb5f74a5b50f7111d", "b2dfd8b54343d6ec53202604c78fabbcd7dbba262c6fd1790ba0d20b162d53c7", "b3c8cd40331057cea0f808a475afeb56ca2b7b85edc28aabb297f1f768ba948e", "b455f9a9d5a3eec8b69263ee529e5dfa18ca1731f4bb02485fb3433f5dfa2073", "b4e92076608593bbab69bbe9aea769016c89af7849ee9cc5e9ce35f11c2c1f51", "b6cd2c4e99f8fa59b3aef6d8c6ff3a59aa77cdaac9fec79d2921d3d482a617d6", "b77b89ab265497dbc196e2ac2c4f9167a3d25f539f2a6587e83678f75d0ca194", "ba5c54a21e487eebffacd3be393d3505ec9013be0eeffc828b7433ec431a256d", "bb895aede866404f92ceb1329209e8cfa91c1a4507fb2ac66414e035cd375de0", "bf4038b2fdeafca61e40471effb9f8af6578fb9698f0022d2fce36f88cd8979f", "c22ef686dd17a94493b220b14760998369a6d111a8271bb3b4bf56cf2a21d8db", "c2ba02fcc73dd5a25a8f9ce56dbba66307a1e67fbb0002465afdae0a5fad0182", "c2e00b343bb9b945cc9aecb7f504d34920eaa2136b01d584cde6cce88de0b009", "c3d39356bf96e7074f4ec5e6a48921072263ed0b8186d46f643523452e8d4735", "c3d71005a6a8dce39a94e80e05f498e91c9d241d09e6b4480e97a1bcef5c1124", "c4b1cf3e65b1fb5cc20ba97f899eb2be0c74f61d3c2b8c79f4fd674dacdf3e37", "c5070c7b2ddb7beb89b061e60d00049aa23fc6781601e14063e5d523647d6fa3", "c91e261cfbde45463d76a3ef040ababad910d13edf4c3ed7b8415647ce80f19f", "c9913d3995c41bd2c50fff008a1d90e9527ff9a192630435525bd3c3d2c2ec15", "ca493bcac56130568a1a01ee6ef5fe29fd93534a04b51d03d4f8fcff70e7f544", "caa36a9c6ace4ccc439e88e5b5f17c3487bda822b87dcded364d63133cc1742c", "cd2915bb7eef5460ba8d63024ac936dd9f0040efa1871cba8eae324a453d1ed1", "cfdfec6133d2fae9cebe3a2d5abd829feafb5d5c44a8e93ddce3f1ef8afdea56", "d0714c0e07f4e9ca5e25144a86df33eae46ecad87a662898a3d53afd42c71b93", "d27e190f049b9e3bbaefbf4671076154b2f969d26c0668bdd8f3cabfa32f39b7", "d37baef8cb827cbe74526c1795a735069f527bd4c604d905671429183a88b6b8", "d5f3f8e31429ef0863e76c36bb5627c931b5e6c0e8fd2f8048d1cfc204c1b596", "d8737d84f76eb699b48b883e458d52046553a2bcb1c265173ac837016fdc3f23", "da641c0111c2d915f2334151ff4d0721ef1647c37550271af2ca7d65624f3ec3", "daaee682798279d45690a33659322eb6b540e0b63092ab7079107d6aba1a94c7", "dd15f9939e2b020a62876a5206a7f0321a735e02505c0f73ef90b737dd8dba2f", "dd3d1e07761d33ad4db9fc54e86b5cba4138952d7634e4cf09e1bb822a5a151c", "dd3d2bdc1786f22790526874f6c2cf714c14c2b22bbeac547dcd9d2e0758e6fc", "e1cedde63b5b7daa075f2627edf2e37be48ffd76b5701a43d718369c782f97c4", "e339792d8cc833dd28a4dbc6f82afbf3dda81f623a8bb7466310786999947de7", "e38abe9b62ac9583e8a905936064a6320439f08aa545dff680125cd69284c1d7", "e3e49b04efa1188138f5e3396ad947160a089cf533a27fc10b7c3644c6c3c028", "e4a0f65c7720a88116eb9ac17f3f6bd01e6c10d931b2db421afeaaefa5fe8e9b", "e4ad2a9c47677fdef3725225bdcca86c4e566e8e8fc84fb5f01122f3d504b827", "e4b4ea6bd39b4ece6b336263cdde8efbeabd636d48a72b8190073038b311548d", "e50b67f583eda005a2526a5b912979085b02fa5d7f527fc7018a1f9276759ab7", "e542c1fede00d56f255217cbdab8648065e5db5ed207524accaa3500cf66ef10", "e6b8c264836cfb70dbb5acb36781821c5f9bf6f0ca2cff5fda325e595dc56b26", "e88c51396a22901a77bec206816a6f5cc376b6d8811283c34e57cdd4c131bd92", "eaf7e2693a89b91b75f50bec521bad71a0a1952ab59d2d4feb2d68706706cb6c", "ed9640bb48699b78f1cc1778d5282d0695fa525c7d4976a74aec1d87ab9451f0", "f08a3f69a980121f7afceff0b2ee47e36ca575f3249d5db0ab0ce985e5a44b10", "f45ab632c08bed99193a8af00036deaafb5ebca833b1bceec40584ad5635b239", "f71fe4b65030a11491d28b6347db97a7b6ca0be4d6a7333944b362230f12671f", "f7e3ed05c8e1ca6a5982e5b74335a16cb0dec4cdfa0fbcad01ff134cbfb177f4", "fc28e99d0e6ec0a3449d8de88c90bdcf8a523bee2545f110bdba6a62bca9794d", "fcb75210806178fc5576ffc2e46cabd6272ceae3860bbd19c85732516cff09b9", "fe382bec3b3f50abc336ab16130cf24d83418bc4a14812ab15318a698136ebef", "ff3ab72d6d499cea85ae375cdfc87a1f9eeaff12261a063be0eaab19607892e6", "ffda83606516e52e8e2bd42cace1ce9725bdcec70f07949c22cbb621ac12051c"], "iocs": {"domain": [{"hashes": ["010243c7767a6b837801673fec5f7e2633a0e11c879cfeefb2bd4db175a7816a", "02ee375ae0dccec565db9e27ba3b24718760cdacd85b8cd74ed6102325114c65", "05d00dd79e4213b8aa6f2d89e84fd9e183bf900d39d36ab2f013ab67f8291be3", "060023bf7c5d1145bb08fffbc448274c20dd80c85a80e57f0df823e9f3c79c8a", "067258b2e61211b48cda093ec5472e6fc9af69126cd9df35d1a07694f5c24ffb", "089ab142bc7f8da4183552f2171a6c286cd794238cdb24c5ea1518fd45aa3367", "0c726ff73b0d2611da857e263fad49b26526fec7f94843a1f1f524e0d48dc753", "0c8737ef332da6de9b470248f936c9aa177d4fd2aba7ffc8c9ed47fda93d7bdd", "1156286e6dbd4cfb3f9c4aa84d4eef23440bfb8e2f21b07f6f5354590a1c3f72", "16f0667362c8c5dd9335987ab41c24b92036945c9d1c0ddea04d90948516cb22", "17641c06747629a7720673f5dd039f5bf7df239ae1f8958ed3dc2f7705226d0c", "1855312928b2aa88ad5ac89ba51a862d4b2de4eeb33a0ae886e5e1966e780aae", "1c15b4eaf47ca47b54bd28bc9b153a8ede290944494061ba2bb5b8c85469d4b0", "1d0578ae82bfd0fa95e9ed545cf5ed279950afd7a9d781b56b2da199644f94c5", "1e854f3b2e5ac899a6b7af69222158dc863dbb6df3e772de4370fb9760d81420", "212e75aa87694683016e93419f5cbc8780ac745fdc1042bd386eeda4062cc249", "23c32f21fc7ec2b52e8c7ac55e5d1e3dacdacc436d5ee85f8ab9720f027aaf8d", "23ebe4536966753f6bbab01b39ffccb11c53be2e165511457945bd27b037aba1", "24db56ac2049c9a8301b1da437ba4b444ffca88c878aba8edd742ef011768ccd", "24dca6c92172a2f6c6fd58cfdba88b1a6aa0be1ce57fc0675d5ca0da8df65a53", "25092b994541d8745e19da88f5a4a0fe4f11aa56eac0f3d8dc61d63c1add3556", "256e5aaff5776ae40c7e6125768229deb6b17682d6bd92985bc22f7c917e24c6", "25e9b2184b29eb5da0c534c675bee126c09ddccd01f1c653612b6fb07342d732", "2784a7512e3c82f8525f358ea544fc613f7d47fc421004e0803dc1dd1e35d2d6", "3e4ea0b03196c236d194aa1fffb576f05609ff492bd0aa75d865d535e5424002", "7f8ce5a455849bc8edca043acff87216c97c7b7400ff83e7d49e47bcb343fc31", "8eb12396c1d850da7c9bc709fb209a25ae1f71e9680f5d5bf63b89595eb81e6e", "eaf7e2693a89b91b75f50bec521bad71a0a1952ab59d2d4feb2d68706706cb6c"], "host": "apps[.]identrust[.]com"}, {"hashes": ["010243c7767a6b837801673fec5f7e2633a0e11c879cfeefb2bd4db175a7816a", "02ee375ae0dccec565db9e27ba3b24718760cdacd85b8cd74ed6102325114c65", "05d00dd79e4213b8aa6f2d89e84fd9e183bf900d39d36ab2f013ab67f8291be3", "060023bf7c5d1145bb08fffbc448274c20dd80c85a80e57f0df823e9f3c79c8a", "067258b2e61211b48cda093ec5472e6fc9af69126cd9df35d1a07694f5c24ffb", "089ab142bc7f8da4183552f2171a6c286cd794238cdb24c5ea1518fd45aa3367", "0c726ff73b0d2611da857e263fad49b26526fec7f94843a1f1f524e0d48dc753", "0c8737ef332da6de9b470248f936c9aa177d4fd2aba7ffc8c9ed47fda93d7bdd", "1156286e6dbd4cfb3f9c4aa84d4eef23440bfb8e2f21b07f6f5354590a1c3f72", "16f0667362c8c5dd9335987ab41c24b92036945c9d1c0ddea04d90948516cb22", "17641c06747629a7720673f5dd039f5bf7df239ae1f8958ed3dc2f7705226d0c", "1855312928b2aa88ad5ac89ba51a862d4b2de4eeb33a0ae886e5e1966e780aae", "1c15b4eaf47ca47b54bd28bc9b153a8ede290944494061ba2bb5b8c85469d4b0", "1d0578ae82bfd0fa95e9ed545cf5ed279950afd7a9d781b56b2da199644f94c5", "1e854f3b2e5ac899a6b7af69222158dc863dbb6df3e772de4370fb9760d81420", "212e75aa87694683016e93419f5cbc8780ac745fdc1042bd386eeda4062cc249", "23c32f21fc7ec2b52e8c7ac55e5d1e3dacdacc436d5ee85f8ab9720f027aaf8d", "23ebe4536966753f6bbab01b39ffccb11c53be2e165511457945bd27b037aba1", "24db56ac2049c9a8301b1da437ba4b444ffca88c878aba8edd742ef011768ccd", "24dca6c92172a2f6c6fd58cfdba88b1a6aa0be1ce57fc0675d5ca0da8df65a53", "25092b994541d8745e19da88f5a4a0fe4f11aa56eac0f3d8dc61d63c1add3556", "256e5aaff5776ae40c7e6125768229deb6b17682d6bd92985bc22f7c917e24c6", "25e9b2184b29eb5da0c534c675bee126c09ddccd01f1c653612b6fb07342d732", "2784a7512e3c82f8525f358ea544fc613f7d47fc421004e0803dc1dd1e35d2d6", "3e4ea0b03196c236d194aa1fffb576f05609ff492bd0aa75d865d535e5424002", "7f8ce5a455849bc8edca043acff87216c97c7b7400ff83e7d49e47bcb343fc31", "8eb12396c1d850da7c9bc709fb209a25ae1f71e9680f5d5bf63b89595eb81e6e", "eaf7e2693a89b91b75f50bec521bad71a0a1952ab59d2d4feb2d68706706cb6c"], "host": "tuhostingprofesional[.]net"}, {"hashes": ["010243c7767a6b837801673fec5f7e2633a0e11c879cfeefb2bd4db175a7816a", "02ee375ae0dccec565db9e27ba3b24718760cdacd85b8cd74ed6102325114c65", "05d00dd79e4213b8aa6f2d89e84fd9e183bf900d39d36ab2f013ab67f8291be3", "060023bf7c5d1145bb08fffbc448274c20dd80c85a80e57f0df823e9f3c79c8a", "067258b2e61211b48cda093ec5472e6fc9af69126cd9df35d1a07694f5c24ffb", "089ab142bc7f8da4183552f2171a6c286cd794238cdb24c5ea1518fd45aa3367", "0c726ff73b0d2611da857e263fad49b26526fec7f94843a1f1f524e0d48dc753", "0c8737ef332da6de9b470248f936c9aa177d4fd2aba7ffc8c9ed47fda93d7bdd", "1156286e6dbd4cfb3f9c4aa84d4eef23440bfb8e2f21b07f6f5354590a1c3f72", "16f0667362c8c5dd9335987ab41c24b92036945c9d1c0ddea04d90948516cb22", "17641c06747629a7720673f5dd039f5bf7df239ae1f8958ed3dc2f7705226d0c", "1855312928b2aa88ad5ac89ba51a862d4b2de4eeb33a0ae886e5e1966e780aae", "1c15b4eaf47ca47b54bd28bc9b153a8ede290944494061ba2bb5b8c85469d4b0", "1d0578ae82bfd0fa95e9ed545cf5ed279950afd7a9d781b56b2da199644f94c5", "1e854f3b2e5ac899a6b7af69222158dc863dbb6df3e772de4370fb9760d81420", "212e75aa87694683016e93419f5cbc8780ac745fdc1042bd386eeda4062cc249", "23c32f21fc7ec2b52e8c7ac55e5d1e3dacdacc436d5ee85f8ab9720f027aaf8d", "23ebe4536966753f6bbab01b39ffccb11c53be2e165511457945bd27b037aba1", "24db56ac2049c9a8301b1da437ba4b444ffca88c878aba8edd742ef011768ccd", "24dca6c92172a2f6c6fd58cfdba88b1a6aa0be1ce57fc0675d5ca0da8df65a53", "25092b994541d8745e19da88f5a4a0fe4f11aa56eac0f3d8dc61d63c1add3556", "256e5aaff5776ae40c7e6125768229deb6b17682d6bd92985bc22f7c917e24c6", "25e9b2184b29eb5da0c534c675bee126c09ddccd01f1c653612b6fb07342d732", "2784a7512e3c82f8525f358ea544fc613f7d47fc421004e0803dc1dd1e35d2d6", "3e4ea0b03196c236d194aa1fffb576f05609ff492bd0aa75d865d535e5424002", "7f8ce5a455849bc8edca043acff87216c97c7b7400ff83e7d49e47bcb343fc31", "8eb12396c1d850da7c9bc709fb209a25ae1f71e9680f5d5bf63b89595eb81e6e", "eaf7e2693a89b91b75f50bec521bad71a0a1952ab59d2d4feb2d68706706cb6c"], "host": "anuudyog[.]com"}], "file": [{"hashes": ["010243c7767a6b837801673fec5f7e2633a0e11c879cfeefb2bd4db175a7816a", "02ee375ae0dccec565db9e27ba3b24718760cdacd85b8cd74ed6102325114c65", "05d00dd79e4213b8aa6f2d89e84fd9e183bf900d39d36ab2f013ab67f8291be3", "060023bf7c5d1145bb08fffbc448274c20dd80c85a80e57f0df823e9f3c79c8a", "067258b2e61211b48cda093ec5472e6fc9af69126cd9df35d1a07694f5c24ffb", "089ab142bc7f8da4183552f2171a6c286cd794238cdb24c5ea1518fd45aa3367", "0c726ff73b0d2611da857e263fad49b26526fec7f94843a1f1f524e0d48dc753", "0c8737ef332da6de9b470248f936c9aa177d4fd2aba7ffc8c9ed47fda93d7bdd", "1156286e6dbd4cfb3f9c4aa84d4eef23440bfb8e2f21b07f6f5354590a1c3f72", "16f0667362c8c5dd9335987ab41c24b92036945c9d1c0ddea04d90948516cb22", "17641c06747629a7720673f5dd039f5bf7df239ae1f8958ed3dc2f7705226d0c", "1855312928b2aa88ad5ac89ba51a862d4b2de4eeb33a0ae886e5e1966e780aae", "1c15b4eaf47ca47b54bd28bc9b153a8ede290944494061ba2bb5b8c85469d4b0", "1d0578ae82bfd0fa95e9ed545cf5ed279950afd7a9d781b56b2da199644f94c5", "1e854f3b2e5ac899a6b7af69222158dc863dbb6df3e772de4370fb9760d81420", "212e75aa87694683016e93419f5cbc8780ac745fdc1042bd386eeda4062cc249", "23c32f21fc7ec2b52e8c7ac55e5d1e3dacdacc436d5ee85f8ab9720f027aaf8d", "23ebe4536966753f6bbab01b39ffccb11c53be2e165511457945bd27b037aba1", "24db56ac2049c9a8301b1da437ba4b444ffca88c878aba8edd742ef011768ccd", "24dca6c92172a2f6c6fd58cfdba88b1a6aa0be1ce57fc0675d5ca0da8df65a53", "25092b994541d8745e19da88f5a4a0fe4f11aa56eac0f3d8dc61d63c1add3556", "256e5aaff5776ae40c7e6125768229deb6b17682d6bd92985bc22f7c917e24c6", "25e9b2184b29eb5da0c534c675bee126c09ddccd01f1c653612b6fb07342d732", "2784a7512e3c82f8525f358ea544fc613f7d47fc421004e0803dc1dd1e35d2d6", "3e4ea0b03196c236d194aa1fffb576f05609ff492bd0aa75d865d535e5424002", "7f8ce5a455849bc8edca043acff87216c97c7b7400ff83e7d49e47bcb343fc31", "8eb12396c1d850da7c9bc709fb209a25ae1f71e9680f5d5bf63b89595eb81e6e", "eaf7e2693a89b91b75f50bec521bad71a0a1952ab59d2d4feb2d68706706cb6c"], "path": "%TEMP%\\supdater.exe"}], "ip": [{"hashes": ["010243c7767a6b837801673fec5f7e2633a0e11c879cfeefb2bd4db175a7816a", "02ee375ae0dccec565db9e27ba3b24718760cdacd85b8cd74ed6102325114c65", "05d00dd79e4213b8aa6f2d89e84fd9e183bf900d39d36ab2f013ab67f8291be3", "060023bf7c5d1145bb08fffbc448274c20dd80c85a80e57f0df823e9f3c79c8a", "067258b2e61211b48cda093ec5472e6fc9af69126cd9df35d1a07694f5c24ffb", "089ab142bc7f8da4183552f2171a6c286cd794238cdb24c5ea1518fd45aa3367", "0c726ff73b0d2611da857e263fad49b26526fec7f94843a1f1f524e0d48dc753", "0c8737ef332da6de9b470248f936c9aa177d4fd2aba7ffc8c9ed47fda93d7bdd", "1156286e6dbd4cfb3f9c4aa84d4eef23440bfb8e2f21b07f6f5354590a1c3f72", "16f0667362c8c5dd9335987ab41c24b92036945c9d1c0ddea04d90948516cb22", "17641c06747629a7720673f5dd039f5bf7df239ae1f8958ed3dc2f7705226d0c", "1855312928b2aa88ad5ac89ba51a862d4b2de4eeb33a0ae886e5e1966e780aae", "1c15b4eaf47ca47b54bd28bc9b153a8ede290944494061ba2bb5b8c85469d4b0", "1d0578ae82bfd0fa95e9ed545cf5ed279950afd7a9d781b56b2da199644f94c5", "1e854f3b2e5ac899a6b7af69222158dc863dbb6df3e772de4370fb9760d81420", "212e75aa87694683016e93419f5cbc8780ac745fdc1042bd386eeda4062cc249", "23c32f21fc7ec2b52e8c7ac55e5d1e3dacdacc436d5ee85f8ab9720f027aaf8d", "23ebe4536966753f6bbab01b39ffccb11c53be2e165511457945bd27b037aba1", "24db56ac2049c9a8301b1da437ba4b444ffca88c878aba8edd742ef011768ccd", "24dca6c92172a2f6c6fd58cfdba88b1a6aa0be1ce57fc0675d5ca0da8df65a53", "25092b994541d8745e19da88f5a4a0fe4f11aa56eac0f3d8dc61d63c1add3556", "256e5aaff5776ae40c7e6125768229deb6b17682d6bd92985bc22f7c917e24c6", "25e9b2184b29eb5da0c534c675bee126c09ddccd01f1c653612b6fb07342d732", "2784a7512e3c82f8525f358ea544fc613f7d47fc421004e0803dc1dd1e35d2d6", "3e4ea0b03196c236d194aa1fffb576f05609ff492bd0aa75d865d535e5424002", "7f8ce5a455849bc8edca043acff87216c97c7b7400ff83e7d49e47bcb343fc31", "8eb12396c1d850da7c9bc709fb209a25ae1f71e9680f5d5bf63b89595eb81e6e", "eaf7e2693a89b91b75f50bec521bad71a0a1952ab59d2d4feb2d68706706cb6c"], "ip": "101[.]53[.]147[.]26"}, {"hashes": ["05d00dd79e4213b8aa6f2d89e84fd9e183bf900d39d36ab2f013ab67f8291be3", "067258b2e61211b48cda093ec5472e6fc9af69126cd9df35d1a07694f5c24ffb", "089ab142bc7f8da4183552f2171a6c286cd794238cdb24c5ea1518fd45aa3367", "0c726ff73b0d2611da857e263fad49b26526fec7f94843a1f1f524e0d48dc753", "0c8737ef332da6de9b470248f936c9aa177d4fd2aba7ffc8c9ed47fda93d7bdd", "1c15b4eaf47ca47b54bd28bc9b153a8ede290944494061ba2bb5b8c85469d4b0", "212e75aa87694683016e93419f5cbc8780ac745fdc1042bd386eeda4062cc249", "23c32f21fc7ec2b52e8c7ac55e5d1e3dacdacc436d5ee85f8ab9720f027aaf8d", "23ebe4536966753f6bbab01b39ffccb11c53be2e165511457945bd27b037aba1", "24db56ac2049c9a8301b1da437ba4b444ffca88c878aba8edd742ef011768ccd", "24dca6c92172a2f6c6fd58cfdba88b1a6aa0be1ce57fc0675d5ca0da8df65a53", "25092b994541d8745e19da88f5a4a0fe4f11aa56eac0f3d8dc61d63c1add3556", "256e5aaff5776ae40c7e6125768229deb6b17682d6bd92985bc22f7c917e24c6", "25e9b2184b29eb5da0c534c675bee126c09ddccd01f1c653612b6fb07342d732", "2784a7512e3c82f8525f358ea544fc613f7d47fc421004e0803dc1dd1e35d2d6", "8eb12396c1d850da7c9bc709fb209a25ae1f71e9680f5d5bf63b89595eb81e6e"], "ip": "23[.]221[.]227[.]165"}, {"hashes": ["010243c7767a6b837801673fec5f7e2633a0e11c879cfeefb2bd4db175a7816a", "02ee375ae0dccec565db9e27ba3b24718760cdacd85b8cd74ed6102325114c65", "060023bf7c5d1145bb08fffbc448274c20dd80c85a80e57f0df823e9f3c79c8a", "1156286e6dbd4cfb3f9c4aa84d4eef23440bfb8e2f21b07f6f5354590a1c3f72", "16f0667362c8c5dd9335987ab41c24b92036945c9d1c0ddea04d90948516cb22", "17641c06747629a7720673f5dd039f5bf7df239ae1f8958ed3dc2f7705226d0c", "1855312928b2aa88ad5ac89ba51a862d4b2de4eeb33a0ae886e5e1966e780aae", "1d0578ae82bfd0fa95e9ed545cf5ed279950afd7a9d781b56b2da199644f94c5", "1e854f3b2e5ac899a6b7af69222158dc863dbb6df3e772de4370fb9760d81420"], "ip": "23[.]221[.]227[.]172"}, {"hashes": ["3e4ea0b03196c236d194aa1fffb576f05609ff492bd0aa75d865d535e5424002", "7f8ce5a455849bc8edca043acff87216c97c7b7400ff83e7d49e47bcb343fc31"], "ip": "23[.]221[.]227[.]169"}, {"hashes": ["eaf7e2693a89b91b75f50bec521bad71a0a1952ab59d2d4feb2d68706706cb6c"], "ip": "23[.]3[.]13[.]152"}], "mutex": [], "registry": [{"hashes": ["010243c7767a6b837801673fec5f7e2633a0e11c879cfeefb2bd4db175a7816a", "02ee375ae0dccec565db9e27ba3b24718760cdacd85b8cd74ed6102325114c65", "05d00dd79e4213b8aa6f2d89e84fd9e183bf900d39d36ab2f013ab67f8291be3", "060023bf7c5d1145bb08fffbc448274c20dd80c85a80e57f0df823e9f3c79c8a", "067258b2e61211b48cda093ec5472e6fc9af69126cd9df35d1a07694f5c24ffb", "089ab142bc7f8da4183552f2171a6c286cd794238cdb24c5ea1518fd45aa3367", "0c726ff73b0d2611da857e263fad49b26526fec7f94843a1f1f524e0d48dc753", "0c8737ef332da6de9b470248f936c9aa177d4fd2aba7ffc8c9ed47fda93d7bdd", "1156286e6dbd4cfb3f9c4aa84d4eef23440bfb8e2f21b07f6f5354590a1c3f72", "16f0667362c8c5dd9335987ab41c24b92036945c9d1c0ddea04d90948516cb22", "17641c06747629a7720673f5dd039f5bf7df239ae1f8958ed3dc2f7705226d0c", "1855312928b2aa88ad5ac89ba51a862d4b2de4eeb33a0ae886e5e1966e780aae", "1c15b4eaf47ca47b54bd28bc9b153a8ede290944494061ba2bb5b8c85469d4b0", "1d0578ae82bfd0fa95e9ed545cf5ed279950afd7a9d781b56b2da199644f94c5", "1e854f3b2e5ac899a6b7af69222158dc863dbb6df3e772de4370fb9760d81420", "212e75aa87694683016e93419f5cbc8780ac745fdc1042bd386eeda4062cc249", "23c32f21fc7ec2b52e8c7ac55e5d1e3dacdacc436d5ee85f8ab9720f027aaf8d", "23ebe4536966753f6bbab01b39ffccb11c53be2e165511457945bd27b037aba1", "24db56ac2049c9a8301b1da437ba4b444ffca88c878aba8edd742ef011768ccd", "24dca6c92172a2f6c6fd58cfdba88b1a6aa0be1ce57fc0675d5ca0da8df65a53", "25092b994541d8745e19da88f5a4a0fe4f11aa56eac0f3d8dc61d63c1add3556", "256e5aaff5776ae40c7e6125768229deb6b17682d6bd92985bc22f7c917e24c6", "25e9b2184b29eb5da0c534c675bee126c09ddccd01f1c653612b6fb07342d732", "2784a7512e3c82f8525f358ea544fc613f7d47fc421004e0803dc1dd1e35d2d6", "3e4ea0b03196c236d194aa1fffb576f05609ff492bd0aa75d865d535e5424002", "7f8ce5a455849bc8edca043acff87216c97c7b7400ff83e7d49e47bcb343fc31", "8eb12396c1d850da7c9bc709fb209a25ae1f71e9680f5d5bf63b89595eb81e6e", "eaf7e2693a89b91b75f50bec521bad71a0a1952ab59d2d4feb2d68706706cb6c"], "key": "<HKCR>\\LOCAL SETTINGS\\MUICACHE\\82\\52C64B7E", "value_name": "LanguageList"}]}, "reports_count": 29}, "Win.Packed.Shiz-9987720-0": {"bis": [{"bi": "pe-encrypted-section", "hashes": ["f7e62e5bcc96a9820b674ef0134222e0050acb2035b8f8260e84b6afcc6e643d", "9b8a1b42707e3cf61bc5167c45287c231c15f05d21c781512ba7a42418fa663e", "d27abb5761c73a05e6d2e729fc5a39f0de881d44e81465a2e5742ee251a61386", "b49e6e226ecfbe22f5e14f8581e5fbdf82e0660b31aac0d91a59252100f535e6", "0c2997425536269afe16a8b8b6c4be49f7e580897cad9e754ca4f381adb26bae", "c4211dcd759802490cf3295c434c6f406f65c3b4b4e53292e1daaaaa5cf13d0e", "1f1f395ecb32379dbb2184c475f2cb12e8ad9850830f16892283f68886def842", "ce6e4769ebfda72940dc984db39956ef6f1f0becdd076262f4181a29f7591b54", "3e9ab9a9d9908138887813e35ad0e3f5939b4fd2b63500928e47b6f708f0d7c3", "cb1505686cf31cdd0ff71e5c3dc3875f7e3f90166996dbaf04956f39bb7fbb40", "ae0e6672faa1fed222b66f2f28e5a84bdfc6eb2b870e12d1017bdb31b8bda566", "1ebc5c21db31eda328cce469c9c056a352d1ab6fcaa825b7deaf56bf05b0b832", "60991b4ce81c27bdf0b89e5856c2a22c662f34ad7b67f27ef14e64eef4d27e48", "9b52e5276250652efa36ff6a4ee5212ffa7a7220db6f44ca1be7fed689b9eb86", "ae70ed3cc01b0631a382136060c3085407e98e09205ed786b9fee5e5a20a139d", "d2a13fc8ea13355725e0db940203aaf57acc059464735950345defc4140ff4d0", "14bccab22d068b3f5b4938b0559f808b13b393490948f21c14952d6b68238eec"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "memory-execute-readwrite", "hashes": ["f7e62e5bcc96a9820b674ef0134222e0050acb2035b8f8260e84b6afcc6e643d", "9b8a1b42707e3cf61bc5167c45287c231c15f05d21c781512ba7a42418fa663e", "d27abb5761c73a05e6d2e729fc5a39f0de881d44e81465a2e5742ee251a61386", "b49e6e226ecfbe22f5e14f8581e5fbdf82e0660b31aac0d91a59252100f535e6", "0c2997425536269afe16a8b8b6c4be49f7e580897cad9e754ca4f381adb26bae", "c4211dcd759802490cf3295c434c6f406f65c3b4b4e53292e1daaaaa5cf13d0e", "1f1f395ecb32379dbb2184c475f2cb12e8ad9850830f16892283f68886def842", "ce6e4769ebfda72940dc984db39956ef6f1f0becdd076262f4181a29f7591b54", "3e9ab9a9d9908138887813e35ad0e3f5939b4fd2b63500928e47b6f708f0d7c3", "cb1505686cf31cdd0ff71e5c3dc3875f7e3f90166996dbaf04956f39bb7fbb40", "ae0e6672faa1fed222b66f2f28e5a84bdfc6eb2b870e12d1017bdb31b8bda566", "1ebc5c21db31eda328cce469c9c056a352d1ab6fcaa825b7deaf56bf05b0b832", "60991b4ce81c27bdf0b89e5856c2a22c662f34ad7b67f27ef14e64eef4d27e48", "9b52e5276250652efa36ff6a4ee5212ffa7a7220db6f44ca1be7fed689b9eb86", "ae70ed3cc01b0631a382136060c3085407e98e09205ed786b9fee5e5a20a139d", "d2a13fc8ea13355725e0db940203aaf57acc059464735950345defc4140ff4d0", "14bccab22d068b3f5b4938b0559f808b13b393490948f21c14952d6b68238eec"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["f7e62e5bcc96a9820b674ef0134222e0050acb2035b8f8260e84b6afcc6e643d", "9b8a1b42707e3cf61bc5167c45287c231c15f05d21c781512ba7a42418fa663e", "d27abb5761c73a05e6d2e729fc5a39f0de881d44e81465a2e5742ee251a61386", "b49e6e226ecfbe22f5e14f8581e5fbdf82e0660b31aac0d91a59252100f535e6", "0c2997425536269afe16a8b8b6c4be49f7e580897cad9e754ca4f381adb26bae", "c4211dcd759802490cf3295c434c6f406f65c3b4b4e53292e1daaaaa5cf13d0e", "1f1f395ecb32379dbb2184c475f2cb12e8ad9850830f16892283f68886def842", "ce6e4769ebfda72940dc984db39956ef6f1f0becdd076262f4181a29f7591b54", "3e9ab9a9d9908138887813e35ad0e3f5939b4fd2b63500928e47b6f708f0d7c3", "cb1505686cf31cdd0ff71e5c3dc3875f7e3f90166996dbaf04956f39bb7fbb40", "ae0e6672faa1fed222b66f2f28e5a84bdfc6eb2b870e12d1017bdb31b8bda566", "1ebc5c21db31eda328cce469c9c056a352d1ab6fcaa825b7deaf56bf05b0b832", "60991b4ce81c27bdf0b89e5856c2a22c662f34ad7b67f27ef14e64eef4d27e48", "9b52e5276250652efa36ff6a4ee5212ffa7a7220db6f44ca1be7fed689b9eb86", "ae70ed3cc01b0631a382136060c3085407e98e09205ed786b9fee5e5a20a139d", "d2a13fc8ea13355725e0db940203aaf57acc059464735950345defc4140ff4d0", "14bccab22d068b3f5b4938b0559f808b13b393490948f21c14952d6b68238eec"], "mitre_attack_tags": []}, {"bi": "modified-file-in-user-dir", "hashes": ["f7e62e5bcc96a9820b674ef0134222e0050acb2035b8f8260e84b6afcc6e643d", "9b8a1b42707e3cf61bc5167c45287c231c15f05d21c781512ba7a42418fa663e", "d27abb5761c73a05e6d2e729fc5a39f0de881d44e81465a2e5742ee251a61386", "b49e6e226ecfbe22f5e14f8581e5fbdf82e0660b31aac0d91a59252100f535e6", "0c2997425536269afe16a8b8b6c4be49f7e580897cad9e754ca4f381adb26bae", "c4211dcd759802490cf3295c434c6f406f65c3b4b4e53292e1daaaaa5cf13d0e", "1f1f395ecb32379dbb2184c475f2cb12e8ad9850830f16892283f68886def842", "ce6e4769ebfda72940dc984db39956ef6f1f0becdd076262f4181a29f7591b54", "3e9ab9a9d9908138887813e35ad0e3f5939b4fd2b63500928e47b6f708f0d7c3", "cb1505686cf31cdd0ff71e5c3dc3875f7e3f90166996dbaf04956f39bb7fbb40", "ae0e6672faa1fed222b66f2f28e5a84bdfc6eb2b870e12d1017bdb31b8bda566", "1ebc5c21db31eda328cce469c9c056a352d1ab6fcaa825b7deaf56bf05b0b832", "60991b4ce81c27bdf0b89e5856c2a22c662f34ad7b67f27ef14e64eef4d27e48", "9b52e5276250652efa36ff6a4ee5212ffa7a7220db6f44ca1be7fed689b9eb86", "ae70ed3cc01b0631a382136060c3085407e98e09205ed786b9fee5e5a20a139d", "d2a13fc8ea13355725e0db940203aaf57acc059464735950345defc4140ff4d0", "14bccab22d068b3f5b4938b0559f808b13b393490948f21c14952d6b68238eec"], "mitre_attack_tags": []}, {"bi": "pe-invalid-checksum", "hashes": ["f7e62e5bcc96a9820b674ef0134222e0050acb2035b8f8260e84b6afcc6e643d", "9b8a1b42707e3cf61bc5167c45287c231c15f05d21c781512ba7a42418fa663e", "d27abb5761c73a05e6d2e729fc5a39f0de881d44e81465a2e5742ee251a61386", "b49e6e226ecfbe22f5e14f8581e5fbdf82e0660b31aac0d91a59252100f535e6", "0c2997425536269afe16a8b8b6c4be49f7e580897cad9e754ca4f381adb26bae", "c4211dcd759802490cf3295c434c6f406f65c3b4b4e53292e1daaaaa5cf13d0e", "1f1f395ecb32379dbb2184c475f2cb12e8ad9850830f16892283f68886def842", "ce6e4769ebfda72940dc984db39956ef6f1f0becdd076262f4181a29f7591b54", "3e9ab9a9d9908138887813e35ad0e3f5939b4fd2b63500928e47b6f708f0d7c3", "cb1505686cf31cdd0ff71e5c3dc3875f7e3f90166996dbaf04956f39bb7fbb40", "ae0e6672faa1fed222b66f2f28e5a84bdfc6eb2b870e12d1017bdb31b8bda566", "1ebc5c21db31eda328cce469c9c056a352d1ab6fcaa825b7deaf56bf05b0b832", "60991b4ce81c27bdf0b89e5856c2a22c662f34ad7b67f27ef14e64eef4d27e48", "9b52e5276250652efa36ff6a4ee5212ffa7a7220db6f44ca1be7fed689b9eb86", "ae70ed3cc01b0631a382136060c3085407e98e09205ed786b9fee5e5a20a139d", "d2a13fc8ea13355725e0db940203aaf57acc059464735950345defc4140ff4d0", "14bccab22d068b3f5b4938b0559f808b13b393490948f21c14952d6b68238eec"], "mitre_attack_tags": []}, {"bi": "imports-IsDebuggerPresent", "hashes": ["f7e62e5bcc96a9820b674ef0134222e0050acb2035b8f8260e84b6afcc6e643d", "9b8a1b42707e3cf61bc5167c45287c231c15f05d21c781512ba7a42418fa663e", "d27abb5761c73a05e6d2e729fc5a39f0de881d44e81465a2e5742ee251a61386", "b49e6e226ecfbe22f5e14f8581e5fbdf82e0660b31aac0d91a59252100f535e6", "0c2997425536269afe16a8b8b6c4be49f7e580897cad9e754ca4f381adb26bae", "c4211dcd759802490cf3295c434c6f406f65c3b4b4e53292e1daaaaa5cf13d0e", "1f1f395ecb32379dbb2184c475f2cb12e8ad9850830f16892283f68886def842", "ce6e4769ebfda72940dc984db39956ef6f1f0becdd076262f4181a29f7591b54", "3e9ab9a9d9908138887813e35ad0e3f5939b4fd2b63500928e47b6f708f0d7c3", "cb1505686cf31cdd0ff71e5c3dc3875f7e3f90166996dbaf04956f39bb7fbb40", "ae0e6672faa1fed222b66f2f28e5a84bdfc6eb2b870e12d1017bdb31b8bda566", "1ebc5c21db31eda328cce469c9c056a352d1ab6fcaa825b7deaf56bf05b0b832", "60991b4ce81c27bdf0b89e5856c2a22c662f34ad7b67f27ef14e64eef4d27e48", "9b52e5276250652efa36ff6a4ee5212ffa7a7220db6f44ca1be7fed689b9eb86", "ae70ed3cc01b0631a382136060c3085407e98e09205ed786b9fee5e5a20a139d", "d2a13fc8ea13355725e0db940203aaf57acc059464735950345defc4140ff4d0", "14bccab22d068b3f5b4938b0559f808b13b393490948f21c14952d6b68238eec"], "mitre_attack_tags": ["TA0005", "TA0007"]}, {"bi": "windows-crash-tool-execution-detected", "hashes": ["f7e62e5bcc96a9820b674ef0134222e0050acb2035b8f8260e84b6afcc6e643d", "9b8a1b42707e3cf61bc5167c45287c231c15f05d21c781512ba7a42418fa663e", "d27abb5761c73a05e6d2e729fc5a39f0de881d44e81465a2e5742ee251a61386", "b49e6e226ecfbe22f5e14f8581e5fbdf82e0660b31aac0d91a59252100f535e6", "0c2997425536269afe16a8b8b6c4be49f7e580897cad9e754ca4f381adb26bae", "c4211dcd759802490cf3295c434c6f406f65c3b4b4e53292e1daaaaa5cf13d0e", "1f1f395ecb32379dbb2184c475f2cb12e8ad9850830f16892283f68886def842", "ce6e4769ebfda72940dc984db39956ef6f1f0becdd076262f4181a29f7591b54", "3e9ab9a9d9908138887813e35ad0e3f5939b4fd2b63500928e47b6f708f0d7c3", "cb1505686cf31cdd0ff71e5c3dc3875f7e3f90166996dbaf04956f39bb7fbb40", "ae0e6672faa1fed222b66f2f28e5a84bdfc6eb2b870e12d1017bdb31b8bda566", "1ebc5c21db31eda328cce469c9c056a352d1ab6fcaa825b7deaf56bf05b0b832", "60991b4ce81c27bdf0b89e5856c2a22c662f34ad7b67f27ef14e64eef4d27e48", "9b52e5276250652efa36ff6a4ee5212ffa7a7220db6f44ca1be7fed689b9eb86", "ae70ed3cc01b0631a382136060c3085407e98e09205ed786b9fee5e5a20a139d", "d2a13fc8ea13355725e0db940203aaf57acc059464735950345defc4140ff4d0", "14bccab22d068b3f5b4938b0559f808b13b393490948f21c14952d6b68238eec"], "mitre_attack_tags": []}, {"bi": "crash-dump-file-created", "hashes": ["f7e62e5bcc96a9820b674ef0134222e0050acb2035b8f8260e84b6afcc6e643d", "9b8a1b42707e3cf61bc5167c45287c231c15f05d21c781512ba7a42418fa663e", "d27abb5761c73a05e6d2e729fc5a39f0de881d44e81465a2e5742ee251a61386", "b49e6e226ecfbe22f5e14f8581e5fbdf82e0660b31aac0d91a59252100f535e6", "0c2997425536269afe16a8b8b6c4be49f7e580897cad9e754ca4f381adb26bae", "c4211dcd759802490cf3295c434c6f406f65c3b4b4e53292e1daaaaa5cf13d0e", "1f1f395ecb32379dbb2184c475f2cb12e8ad9850830f16892283f68886def842", "ce6e4769ebfda72940dc984db39956ef6f1f0becdd076262f4181a29f7591b54", "3e9ab9a9d9908138887813e35ad0e3f5939b4fd2b63500928e47b6f708f0d7c3", "cb1505686cf31cdd0ff71e5c3dc3875f7e3f90166996dbaf04956f39bb7fbb40", "ae0e6672faa1fed222b66f2f28e5a84bdfc6eb2b870e12d1017bdb31b8bda566", "1ebc5c21db31eda328cce469c9c056a352d1ab6fcaa825b7deaf56bf05b0b832", "60991b4ce81c27bdf0b89e5856c2a22c662f34ad7b67f27ef14e64eef4d27e48", "9b52e5276250652efa36ff6a4ee5212ffa7a7220db6f44ca1be7fed689b9eb86", "ae70ed3cc01b0631a382136060c3085407e98e09205ed786b9fee5e5a20a139d", "d2a13fc8ea13355725e0db940203aaf57acc059464735950345defc4140ff4d0", "14bccab22d068b3f5b4938b0559f808b13b393490948f21c14952d6b68238eec"], "mitre_attack_tags": []}, {"bi": "fault-report-file-created", "hashes": ["f7e62e5bcc96a9820b674ef0134222e0050acb2035b8f8260e84b6afcc6e643d", "9b8a1b42707e3cf61bc5167c45287c231c15f05d21c781512ba7a42418fa663e", "d27abb5761c73a05e6d2e729fc5a39f0de881d44e81465a2e5742ee251a61386", "b49e6e226ecfbe22f5e14f8581e5fbdf82e0660b31aac0d91a59252100f535e6", "0c2997425536269afe16a8b8b6c4be49f7e580897cad9e754ca4f381adb26bae", "c4211dcd759802490cf3295c434c6f406f65c3b4b4e53292e1daaaaa5cf13d0e", "1f1f395ecb32379dbb2184c475f2cb12e8ad9850830f16892283f68886def842", "ce6e4769ebfda72940dc984db39956ef6f1f0becdd076262f4181a29f7591b54", "3e9ab9a9d9908138887813e35ad0e3f5939b4fd2b63500928e47b6f708f0d7c3", "cb1505686cf31cdd0ff71e5c3dc3875f7e3f90166996dbaf04956f39bb7fbb40", "ae0e6672faa1fed222b66f2f28e5a84bdfc6eb2b870e12d1017bdb31b8bda566", "1ebc5c21db31eda328cce469c9c056a352d1ab6fcaa825b7deaf56bf05b0b832", "60991b4ce81c27bdf0b89e5856c2a22c662f34ad7b67f27ef14e64eef4d27e48", "9b52e5276250652efa36ff6a4ee5212ffa7a7220db6f44ca1be7fed689b9eb86", "ae70ed3cc01b0631a382136060c3085407e98e09205ed786b9fee5e5a20a139d", "d2a13fc8ea13355725e0db940203aaf57acc059464735950345defc4140ff4d0", "14bccab22d068b3f5b4938b0559f808b13b393490948f21c14952d6b68238eec"], "mitre_attack_tags": []}, {"bi": "modified-executable", "hashes": ["f7e62e5bcc96a9820b674ef0134222e0050acb2035b8f8260e84b6afcc6e643d", "9b8a1b42707e3cf61bc5167c45287c231c15f05d21c781512ba7a42418fa663e", "d27abb5761c73a05e6d2e729fc5a39f0de881d44e81465a2e5742ee251a61386", "b49e6e226ecfbe22f5e14f8581e5fbdf82e0660b31aac0d91a59252100f535e6", "0c2997425536269afe16a8b8b6c4be49f7e580897cad9e754ca4f381adb26bae", "c4211dcd759802490cf3295c434c6f406f65c3b4b4e53292e1daaaaa5cf13d0e", "1f1f395ecb32379dbb2184c475f2cb12e8ad9850830f16892283f68886def842", "ce6e4769ebfda72940dc984db39956ef6f1f0becdd076262f4181a29f7591b54", "3e9ab9a9d9908138887813e35ad0e3f5939b4fd2b63500928e47b6f708f0d7c3", "cb1505686cf31cdd0ff71e5c3dc3875f7e3f90166996dbaf04956f39bb7fbb40", "ae0e6672faa1fed222b66f2f28e5a84bdfc6eb2b870e12d1017bdb31b8bda566", "1ebc5c21db31eda328cce469c9c056a352d1ab6fcaa825b7deaf56bf05b0b832", "9b52e5276250652efa36ff6a4ee5212ffa7a7220db6f44ca1be7fed689b9eb86", "ae70ed3cc01b0631a382136060c3085407e98e09205ed786b9fee5e5a20a139d", "d2a13fc8ea13355725e0db940203aaf57acc059464735950345defc4140ff4d0", "14bccab22d068b3f5b4938b0559f808b13b393490948f21c14952d6b68238eec"], "mitre_attack_tags": []}, {"bi": "network-fast-flux-domain", "hashes": ["f7e62e5bcc96a9820b674ef0134222e0050acb2035b8f8260e84b6afcc6e643d", "9b8a1b42707e3cf61bc5167c45287c231c15f05d21c781512ba7a42418fa663e", "d27abb5761c73a05e6d2e729fc5a39f0de881d44e81465a2e5742ee251a61386", "b49e6e226ecfbe22f5e14f8581e5fbdf82e0660b31aac0d91a59252100f535e6", "0c2997425536269afe16a8b8b6c4be49f7e580897cad9e754ca4f381adb26bae", "c4211dcd759802490cf3295c434c6f406f65c3b4b4e53292e1daaaaa5cf13d0e", "1f1f395ecb32379dbb2184c475f2cb12e8ad9850830f16892283f68886def842", "ce6e4769ebfda72940dc984db39956ef6f1f0becdd076262f4181a29f7591b54", "3e9ab9a9d9908138887813e35ad0e3f5939b4fd2b63500928e47b6f708f0d7c3", "cb1505686cf31cdd0ff71e5c3dc3875f7e3f90166996dbaf04956f39bb7fbb40", "ae0e6672faa1fed222b66f2f28e5a84bdfc6eb2b870e12d1017bdb31b8bda566", "1ebc5c21db31eda328cce469c9c056a352d1ab6fcaa825b7deaf56bf05b0b832", "9b52e5276250652efa36ff6a4ee5212ffa7a7220db6f44ca1be7fed689b9eb86", "ae70ed3cc01b0631a382136060c3085407e98e09205ed786b9fee5e5a20a139d", "d2a13fc8ea13355725e0db940203aaf57acc059464735950345defc4140ff4d0", "14bccab22d068b3f5b4938b0559f808b13b393490948f21c14952d6b68238eec"], "mitre_attack_tags": []}, {"bi": "listening-port-opened", "hashes": ["f7e62e5bcc96a9820b674ef0134222e0050acb2035b8f8260e84b6afcc6e643d", "9b8a1b42707e3cf61bc5167c45287c231c15f05d21c781512ba7a42418fa663e", "d27abb5761c73a05e6d2e729fc5a39f0de881d44e81465a2e5742ee251a61386", "b49e6e226ecfbe22f5e14f8581e5fbdf82e0660b31aac0d91a59252100f535e6", "0c2997425536269afe16a8b8b6c4be49f7e580897cad9e754ca4f381adb26bae", "c4211dcd759802490cf3295c434c6f406f65c3b4b4e53292e1daaaaa5cf13d0e", "1f1f395ecb32379dbb2184c475f2cb12e8ad9850830f16892283f68886def842", "ce6e4769ebfda72940dc984db39956ef6f1f0becdd076262f4181a29f7591b54", "3e9ab9a9d9908138887813e35ad0e3f5939b4fd2b63500928e47b6f708f0d7c3", "cb1505686cf31cdd0ff71e5c3dc3875f7e3f90166996dbaf04956f39bb7fbb40", "ae0e6672faa1fed222b66f2f28e5a84bdfc6eb2b870e12d1017bdb31b8bda566", "1ebc5c21db31eda328cce469c9c056a352d1ab6fcaa825b7deaf56bf05b0b832", "9b52e5276250652efa36ff6a4ee5212ffa7a7220db6f44ca1be7fed689b9eb86", "ae70ed3cc01b0631a382136060c3085407e98e09205ed786b9fee5e5a20a139d", "d2a13fc8ea13355725e0db940203aaf57acc059464735950345defc4140ff4d0", "14bccab22d068b3f5b4938b0559f808b13b393490948f21c14952d6b68238eec"], "mitre_attack_tags": ["TA0011", "T1219"]}, {"bi": "potential-registry-persistence", "hashes": ["f7e62e5bcc96a9820b674ef0134222e0050acb2035b8f8260e84b6afcc6e643d", "9b8a1b42707e3cf61bc5167c45287c231c15f05d21c781512ba7a42418fa663e", "d27abb5761c73a05e6d2e729fc5a39f0de881d44e81465a2e5742ee251a61386", "b49e6e226ecfbe22f5e14f8581e5fbdf82e0660b31aac0d91a59252100f535e6", "0c2997425536269afe16a8b8b6c4be49f7e580897cad9e754ca4f381adb26bae", "c4211dcd759802490cf3295c434c6f406f65c3b4b4e53292e1daaaaa5cf13d0e", "1f1f395ecb32379dbb2184c475f2cb12e8ad9850830f16892283f68886def842", "ce6e4769ebfda72940dc984db39956ef6f1f0becdd076262f4181a29f7591b54", "3e9ab9a9d9908138887813e35ad0e3f5939b4fd2b63500928e47b6f708f0d7c3", "cb1505686cf31cdd0ff71e5c3dc3875f7e3f90166996dbaf04956f39bb7fbb40", "ae0e6672faa1fed222b66f2f28e5a84bdfc6eb2b870e12d1017bdb31b8bda566", "1ebc5c21db31eda328cce469c9c056a352d1ab6fcaa825b7deaf56bf05b0b832", "9b52e5276250652efa36ff6a4ee5212ffa7a7220db6f44ca1be7fed689b9eb86", "ae70ed3cc01b0631a382136060c3085407e98e09205ed786b9fee5e5a20a139d", "d2a13fc8ea13355725e0db940203aaf57acc059464735950345defc4140ff4d0", "14bccab22d068b3f5b4938b0559f808b13b393490948f21c14952d6b68238eec"], "mitre_attack_tags": ["TA0003"]}, {"bi": "modified-file-in-system-dir", "hashes": ["f7e62e5bcc96a9820b674ef0134222e0050acb2035b8f8260e84b6afcc6e643d", "9b8a1b42707e3cf61bc5167c45287c231c15f05d21c781512ba7a42418fa663e", "d27abb5761c73a05e6d2e729fc5a39f0de881d44e81465a2e5742ee251a61386", "b49e6e226ecfbe22f5e14f8581e5fbdf82e0660b31aac0d91a59252100f535e6", "0c2997425536269afe16a8b8b6c4be49f7e580897cad9e754ca4f381adb26bae", "c4211dcd759802490cf3295c434c6f406f65c3b4b4e53292e1daaaaa5cf13d0e", "1f1f395ecb32379dbb2184c475f2cb12e8ad9850830f16892283f68886def842", "ce6e4769ebfda72940dc984db39956ef6f1f0becdd076262f4181a29f7591b54", "3e9ab9a9d9908138887813e35ad0e3f5939b4fd2b63500928e47b6f708f0d7c3", "cb1505686cf31cdd0ff71e5c3dc3875f7e3f90166996dbaf04956f39bb7fbb40", "ae0e6672faa1fed222b66f2f28e5a84bdfc6eb2b870e12d1017bdb31b8bda566", "1ebc5c21db31eda328cce469c9c056a352d1ab6fcaa825b7deaf56bf05b0b832", "9b52e5276250652efa36ff6a4ee5212ffa7a7220db6f44ca1be7fed689b9eb86", "ae70ed3cc01b0631a382136060c3085407e98e09205ed786b9fee5e5a20a139d", "d2a13fc8ea13355725e0db940203aaf57acc059464735950345defc4140ff4d0", "14bccab22d068b3f5b4938b0559f808b13b393490948f21c14952d6b68238eec"], "mitre_attack_tags": []}, {"bi": "registry-winlogon-key-modified-nt", "hashes": ["f7e62e5bcc96a9820b674ef0134222e0050acb2035b8f8260e84b6afcc6e643d", "9b8a1b42707e3cf61bc5167c45287c231c15f05d21c781512ba7a42418fa663e", "d27abb5761c73a05e6d2e729fc5a39f0de881d44e81465a2e5742ee251a61386", "b49e6e226ecfbe22f5e14f8581e5fbdf82e0660b31aac0d91a59252100f535e6", "0c2997425536269afe16a8b8b6c4be49f7e580897cad9e754ca4f381adb26bae", "c4211dcd759802490cf3295c434c6f406f65c3b4b4e53292e1daaaaa5cf13d0e", "1f1f395ecb32379dbb2184c475f2cb12e8ad9850830f16892283f68886def842", "ce6e4769ebfda72940dc984db39956ef6f1f0becdd076262f4181a29f7591b54", "3e9ab9a9d9908138887813e35ad0e3f5939b4fd2b63500928e47b6f708f0d7c3", "cb1505686cf31cdd0ff71e5c3dc3875f7e3f90166996dbaf04956f39bb7fbb40", "ae0e6672faa1fed222b66f2f28e5a84bdfc6eb2b870e12d1017bdb31b8bda566", "1ebc5c21db31eda328cce469c9c056a352d1ab6fcaa825b7deaf56bf05b0b832", "9b52e5276250652efa36ff6a4ee5212ffa7a7220db6f44ca1be7fed689b9eb86", "ae70ed3cc01b0631a382136060c3085407e98e09205ed786b9fee5e5a20a139d", "d2a13fc8ea13355725e0db940203aaf57acc059464735950345defc4140ff4d0", "14bccab22d068b3f5b4938b0559f808b13b393490948f21c14952d6b68238eec"], "mitre_attack_tags": ["TA0005", "TA0003", "TA0004", "T1112", "T1547"]}, {"bi": "pe-certificate", "hashes": ["f7e62e5bcc96a9820b674ef0134222e0050acb2035b8f8260e84b6afcc6e643d", "9b8a1b42707e3cf61bc5167c45287c231c15f05d21c781512ba7a42418fa663e", "d27abb5761c73a05e6d2e729fc5a39f0de881d44e81465a2e5742ee251a61386", "b49e6e226ecfbe22f5e14f8581e5fbdf82e0660b31aac0d91a59252100f535e6", "0c2997425536269afe16a8b8b6c4be49f7e580897cad9e754ca4f381adb26bae", "c4211dcd759802490cf3295c434c6f406f65c3b4b4e53292e1daaaaa5cf13d0e", "1f1f395ecb32379dbb2184c475f2cb12e8ad9850830f16892283f68886def842", "ce6e4769ebfda72940dc984db39956ef6f1f0becdd076262f4181a29f7591b54", "3e9ab9a9d9908138887813e35ad0e3f5939b4fd2b63500928e47b6f708f0d7c3", "cb1505686cf31cdd0ff71e5c3dc3875f7e3f90166996dbaf04956f39bb7fbb40", "ae0e6672faa1fed222b66f2f28e5a84bdfc6eb2b870e12d1017bdb31b8bda566", "1ebc5c21db31eda328cce469c9c056a352d1ab6fcaa825b7deaf56bf05b0b832", "9b52e5276250652efa36ff6a4ee5212ffa7a7220db6f44ca1be7fed689b9eb86", "ae70ed3cc01b0631a382136060c3085407e98e09205ed786b9fee5e5a20a139d", "d2a13fc8ea13355725e0db940203aaf57acc059464735950345defc4140ff4d0", "14bccab22d068b3f5b4938b0559f808b13b393490948f21c14952d6b68238eec"], "mitre_attack_tags": []}, {"bi": "sample-pe-modified-on-disk", "hashes": ["f7e62e5bcc96a9820b674ef0134222e0050acb2035b8f8260e84b6afcc6e643d", "9b8a1b42707e3cf61bc5167c45287c231c15f05d21c781512ba7a42418fa663e", "d27abb5761c73a05e6d2e729fc5a39f0de881d44e81465a2e5742ee251a61386", "b49e6e226ecfbe22f5e14f8581e5fbdf82e0660b31aac0d91a59252100f535e6", "0c2997425536269afe16a8b8b6c4be49f7e580897cad9e754ca4f381adb26bae", "c4211dcd759802490cf3295c434c6f406f65c3b4b4e53292e1daaaaa5cf13d0e", "1f1f395ecb32379dbb2184c475f2cb12e8ad9850830f16892283f68886def842", "ce6e4769ebfda72940dc984db39956ef6f1f0becdd076262f4181a29f7591b54", "3e9ab9a9d9908138887813e35ad0e3f5939b4fd2b63500928e47b6f708f0d7c3", "cb1505686cf31cdd0ff71e5c3dc3875f7e3f90166996dbaf04956f39bb7fbb40", "ae0e6672faa1fed222b66f2f28e5a84bdfc6eb2b870e12d1017bdb31b8bda566", "1ebc5c21db31eda328cce469c9c056a352d1ab6fcaa825b7deaf56bf05b0b832", "9b52e5276250652efa36ff6a4ee5212ffa7a7220db6f44ca1be7fed689b9eb86", "ae70ed3cc01b0631a382136060c3085407e98e09205ed786b9fee5e5a20a139d", "d2a13fc8ea13355725e0db940203aaf57acc059464735950345defc4140ff4d0", "14bccab22d068b3f5b4938b0559f808b13b393490948f21c14952d6b68238eec"], "mitre_attack_tags": ["TA0005", "T1202"]}, {"bi": "artifact-exec-extension-obfuscation", "hashes": ["f7e62e5bcc96a9820b674ef0134222e0050acb2035b8f8260e84b6afcc6e643d", "9b8a1b42707e3cf61bc5167c45287c231c15f05d21c781512ba7a42418fa663e", "d27abb5761c73a05e6d2e729fc5a39f0de881d44e81465a2e5742ee251a61386", "b49e6e226ecfbe22f5e14f8581e5fbdf82e0660b31aac0d91a59252100f535e6", "0c2997425536269afe16a8b8b6c4be49f7e580897cad9e754ca4f381adb26bae", "c4211dcd759802490cf3295c434c6f406f65c3b4b4e53292e1daaaaa5cf13d0e", "1f1f395ecb32379dbb2184c475f2cb12e8ad9850830f16892283f68886def842", "ce6e4769ebfda72940dc984db39956ef6f1f0becdd076262f4181a29f7591b54", "3e9ab9a9d9908138887813e35ad0e3f5939b4fd2b63500928e47b6f708f0d7c3", "cb1505686cf31cdd0ff71e5c3dc3875f7e3f90166996dbaf04956f39bb7fbb40", "ae0e6672faa1fed222b66f2f28e5a84bdfc6eb2b870e12d1017bdb31b8bda566", "1ebc5c21db31eda328cce469c9c056a352d1ab6fcaa825b7deaf56bf05b0b832", "9b52e5276250652efa36ff6a4ee5212ffa7a7220db6f44ca1be7fed689b9eb86", "ae70ed3cc01b0631a382136060c3085407e98e09205ed786b9fee5e5a20a139d", "d2a13fc8ea13355725e0db940203aaf57acc059464735950345defc4140ff4d0", "14bccab22d068b3f5b4938b0559f808b13b393490948f21c14952d6b68238eec"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "file-pending-delete", "hashes": ["f7e62e5bcc96a9820b674ef0134222e0050acb2035b8f8260e84b6afcc6e643d", "9b8a1b42707e3cf61bc5167c45287c231c15f05d21c781512ba7a42418fa663e", "d27abb5761c73a05e6d2e729fc5a39f0de881d44e81465a2e5742ee251a61386", "b49e6e226ecfbe22f5e14f8581e5fbdf82e0660b31aac0d91a59252100f535e6", "0c2997425536269afe16a8b8b6c4be49f7e580897cad9e754ca4f381adb26bae", "c4211dcd759802490cf3295c434c6f406f65c3b4b4e53292e1daaaaa5cf13d0e", "1f1f395ecb32379dbb2184c475f2cb12e8ad9850830f16892283f68886def842", "ce6e4769ebfda72940dc984db39956ef6f1f0becdd076262f4181a29f7591b54", "3e9ab9a9d9908138887813e35ad0e3f5939b4fd2b63500928e47b6f708f0d7c3", "cb1505686cf31cdd0ff71e5c3dc3875f7e3f90166996dbaf04956f39bb7fbb40", "ae0e6672faa1fed222b66f2f28e5a84bdfc6eb2b870e12d1017bdb31b8bda566", "1ebc5c21db31eda328cce469c9c056a352d1ab6fcaa825b7deaf56bf05b0b832", "9b52e5276250652efa36ff6a4ee5212ffa7a7220db6f44ca1be7fed689b9eb86", "ae70ed3cc01b0631a382136060c3085407e98e09205ed786b9fee5e5a20a139d", "d2a13fc8ea13355725e0db940203aaf57acc059464735950345defc4140ff4d0", "14bccab22d068b3f5b4938b0559f808b13b393490948f21c14952d6b68238eec"], "mitre_attack_tags": ["TA0005"]}, {"bi": "pe-invalid-certificate-signature", "hashes": ["f7e62e5bcc96a9820b674ef0134222e0050acb2035b8f8260e84b6afcc6e643d", "9b8a1b42707e3cf61bc5167c45287c231c15f05d21c781512ba7a42418fa663e", "d27abb5761c73a05e6d2e729fc5a39f0de881d44e81465a2e5742ee251a61386", "b49e6e226ecfbe22f5e14f8581e5fbdf82e0660b31aac0d91a59252100f535e6", "0c2997425536269afe16a8b8b6c4be49f7e580897cad9e754ca4f381adb26bae", "c4211dcd759802490cf3295c434c6f406f65c3b4b4e53292e1daaaaa5cf13d0e", "1f1f395ecb32379dbb2184c475f2cb12e8ad9850830f16892283f68886def842", "ce6e4769ebfda72940dc984db39956ef6f1f0becdd076262f4181a29f7591b54", "3e9ab9a9d9908138887813e35ad0e3f5939b4fd2b63500928e47b6f708f0d7c3", "cb1505686cf31cdd0ff71e5c3dc3875f7e3f90166996dbaf04956f39bb7fbb40", "ae0e6672faa1fed222b66f2f28e5a84bdfc6eb2b870e12d1017bdb31b8bda566", "1ebc5c21db31eda328cce469c9c056a352d1ab6fcaa825b7deaf56bf05b0b832", "9b52e5276250652efa36ff6a4ee5212ffa7a7220db6f44ca1be7fed689b9eb86", "ae70ed3cc01b0631a382136060c3085407e98e09205ed786b9fee5e5a20a139d", "d2a13fc8ea13355725e0db940203aaf57acc059464735950345defc4140ff4d0", "14bccab22d068b3f5b4938b0559f808b13b393490948f21c14952d6b68238eec"], "mitre_attack_tags": ["TA0005", "T1553"]}, {"bi": "registry-winlogon-key-value-modified-to-userinit", "hashes": ["f7e62e5bcc96a9820b674ef0134222e0050acb2035b8f8260e84b6afcc6e643d", "9b8a1b42707e3cf61bc5167c45287c231c15f05d21c781512ba7a42418fa663e", "d27abb5761c73a05e6d2e729fc5a39f0de881d44e81465a2e5742ee251a61386", "b49e6e226ecfbe22f5e14f8581e5fbdf82e0660b31aac0d91a59252100f535e6", "0c2997425536269afe16a8b8b6c4be49f7e580897cad9e754ca4f381adb26bae", "c4211dcd759802490cf3295c434c6f406f65c3b4b4e53292e1daaaaa5cf13d0e", "1f1f395ecb32379dbb2184c475f2cb12e8ad9850830f16892283f68886def842", "ce6e4769ebfda72940dc984db39956ef6f1f0becdd076262f4181a29f7591b54", "3e9ab9a9d9908138887813e35ad0e3f5939b4fd2b63500928e47b6f708f0d7c3", "cb1505686cf31cdd0ff71e5c3dc3875f7e3f90166996dbaf04956f39bb7fbb40", "ae0e6672faa1fed222b66f2f28e5a84bdfc6eb2b870e12d1017bdb31b8bda566", "1ebc5c21db31eda328cce469c9c056a352d1ab6fcaa825b7deaf56bf05b0b832", "9b52e5276250652efa36ff6a4ee5212ffa7a7220db6f44ca1be7fed689b9eb86", "ae70ed3cc01b0631a382136060c3085407e98e09205ed786b9fee5e5a20a139d", "d2a13fc8ea13355725e0db940203aaf57acc059464735950345defc4140ff4d0", "14bccab22d068b3f5b4938b0559f808b13b393490948f21c14952d6b68238eec"], "mitre_attack_tags": ["TA0005", "TA0003", "TA0004", "T1112", "T1547"]}, {"bi": "malware-shiz-mutex-detected", "hashes": ["f7e62e5bcc96a9820b674ef0134222e0050acb2035b8f8260e84b6afcc6e643d", "9b8a1b42707e3cf61bc5167c45287c231c15f05d21c781512ba7a42418fa663e", "d27abb5761c73a05e6d2e729fc5a39f0de881d44e81465a2e5742ee251a61386", "b49e6e226ecfbe22f5e14f8581e5fbdf82e0660b31aac0d91a59252100f535e6", "0c2997425536269afe16a8b8b6c4be49f7e580897cad9e754ca4f381adb26bae", "c4211dcd759802490cf3295c434c6f406f65c3b4b4e53292e1daaaaa5cf13d0e", "1f1f395ecb32379dbb2184c475f2cb12e8ad9850830f16892283f68886def842", "ce6e4769ebfda72940dc984db39956ef6f1f0becdd076262f4181a29f7591b54", "3e9ab9a9d9908138887813e35ad0e3f5939b4fd2b63500928e47b6f708f0d7c3", "cb1505686cf31cdd0ff71e5c3dc3875f7e3f90166996dbaf04956f39bb7fbb40", "ae0e6672faa1fed222b66f2f28e5a84bdfc6eb2b870e12d1017bdb31b8bda566", "1ebc5c21db31eda328cce469c9c056a352d1ab6fcaa825b7deaf56bf05b0b832", "9b52e5276250652efa36ff6a4ee5212ffa7a7220db6f44ca1be7fed689b9eb86", "ae70ed3cc01b0631a382136060c3085407e98e09205ed786b9fee5e5a20a139d", "d2a13fc8ea13355725e0db940203aaf57acc059464735950345defc4140ff4d0", "14bccab22d068b3f5b4938b0559f808b13b393490948f21c14952d6b68238eec"], "mitre_attack_tags": []}, {"bi": "network-file-uploaded", "hashes": ["f7e62e5bcc96a9820b674ef0134222e0050acb2035b8f8260e84b6afcc6e643d", "9b8a1b42707e3cf61bc5167c45287c231c15f05d21c781512ba7a42418fa663e", "b49e6e226ecfbe22f5e14f8581e5fbdf82e0660b31aac0d91a59252100f535e6", "0c2997425536269afe16a8b8b6c4be49f7e580897cad9e754ca4f381adb26bae", "1f1f395ecb32379dbb2184c475f2cb12e8ad9850830f16892283f68886def842", "ce6e4769ebfda72940dc984db39956ef6f1f0becdd076262f4181a29f7591b54", "cb1505686cf31cdd0ff71e5c3dc3875f7e3f90166996dbaf04956f39bb7fbb40", "ae70ed3cc01b0631a382136060c3085407e98e09205ed786b9fee5e5a20a139d", "14bccab22d068b3f5b4938b0559f808b13b393490948f21c14952d6b68238eec"], "mitre_attack_tags": ["TA0010", "T1011"]}, {"bi": "network-communications-http-post", "hashes": ["f7e62e5bcc96a9820b674ef0134222e0050acb2035b8f8260e84b6afcc6e643d", "9b8a1b42707e3cf61bc5167c45287c231c15f05d21c781512ba7a42418fa663e", "b49e6e226ecfbe22f5e14f8581e5fbdf82e0660b31aac0d91a59252100f535e6", "0c2997425536269afe16a8b8b6c4be49f7e580897cad9e754ca4f381adb26bae", "1f1f395ecb32379dbb2184c475f2cb12e8ad9850830f16892283f68886def842", "ce6e4769ebfda72940dc984db39956ef6f1f0becdd076262f4181a29f7591b54", "cb1505686cf31cdd0ff71e5c3dc3875f7e3f90166996dbaf04956f39bb7fbb40", "ae70ed3cc01b0631a382136060c3085407e98e09205ed786b9fee5e5a20a139d", "14bccab22d068b3f5b4938b0559f808b13b393490948f21c14952d6b68238eec"], "mitre_attack_tags": ["TA0010", "T1048"]}, {"bi": "feed-domain-antivirus-service", "hashes": ["f7e62e5bcc96a9820b674ef0134222e0050acb2035b8f8260e84b6afcc6e643d", "9b8a1b42707e3cf61bc5167c45287c231c15f05d21c781512ba7a42418fa663e", "b49e6e226ecfbe22f5e14f8581e5fbdf82e0660b31aac0d91a59252100f535e6", "0c2997425536269afe16a8b8b6c4be49f7e580897cad9e754ca4f381adb26bae", "1f1f395ecb32379dbb2184c475f2cb12e8ad9850830f16892283f68886def842", "ce6e4769ebfda72940dc984db39956ef6f1f0becdd076262f4181a29f7591b54", "cb1505686cf31cdd0ff71e5c3dc3875f7e3f90166996dbaf04956f39bb7fbb40", "ae70ed3cc01b0631a382136060c3085407e98e09205ed786b9fee5e5a20a139d", "14bccab22d068b3f5b4938b0559f808b13b393490948f21c14952d6b68238eec"], "mitre_attack_tags": []}], "category": "Packed", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": true, "Threat Grid": true, "Umbrella": false, "WSA": false}, "description": "Shiz is a remote access trojan that allows an attacker to access an infected machine to harvest sensitive information. It is commonly spread via droppers or by visiting a malicious site.", "hashes": ["0c2997425536269afe16a8b8b6c4be49f7e580897cad9e754ca4f381adb26bae", "14bccab22d068b3f5b4938b0559f808b13b393490948f21c14952d6b68238eec", "1ebc5c21db31eda328cce469c9c056a352d1ab6fcaa825b7deaf56bf05b0b832", "1f1f395ecb32379dbb2184c475f2cb12e8ad9850830f16892283f68886def842", "3e9ab9a9d9908138887813e35ad0e3f5939b4fd2b63500928e47b6f708f0d7c3", "60991b4ce81c27bdf0b89e5856c2a22c662f34ad7b67f27ef14e64eef4d27e48", "9b52e5276250652efa36ff6a4ee5212ffa7a7220db6f44ca1be7fed689b9eb86", "9b8a1b42707e3cf61bc5167c45287c231c15f05d21c781512ba7a42418fa663e", "ae0e6672faa1fed222b66f2f28e5a84bdfc6eb2b870e12d1017bdb31b8bda566", "ae70ed3cc01b0631a382136060c3085407e98e09205ed786b9fee5e5a20a139d", "b49e6e226ecfbe22f5e14f8581e5fbdf82e0660b31aac0d91a59252100f535e6", "c4211dcd759802490cf3295c434c6f406f65c3b4b4e53292e1daaaaa5cf13d0e", "cb1505686cf31cdd0ff71e5c3dc3875f7e3f90166996dbaf04956f39bb7fbb40", "ce6e4769ebfda72940dc984db39956ef6f1f0becdd076262f4181a29f7591b54", "d27abb5761c73a05e6d2e729fc5a39f0de881d44e81465a2e5742ee251a61386", "d2a13fc8ea13355725e0db940203aaf57acc059464735950345defc4140ff4d0", "f7e62e5bcc96a9820b674ef0134222e0050acb2035b8f8260e84b6afcc6e643d"], "iocs": {"domain": [{"hashes": ["0c2997425536269afe16a8b8b6c4be49f7e580897cad9e754ca4f381adb26bae", "14bccab22d068b3f5b4938b0559f808b13b393490948f21c14952d6b68238eec", "1ebc5c21db31eda328cce469c9c056a352d1ab6fcaa825b7deaf56bf05b0b832", "1f1f395ecb32379dbb2184c475f2cb12e8ad9850830f16892283f68886def842", "3e9ab9a9d9908138887813e35ad0e3f5939b4fd2b63500928e47b6f708f0d7c3", "9b52e5276250652efa36ff6a4ee5212ffa7a7220db6f44ca1be7fed689b9eb86", "9b8a1b42707e3cf61bc5167c45287c231c15f05d21c781512ba7a42418fa663e", "ae0e6672faa1fed222b66f2f28e5a84bdfc6eb2b870e12d1017bdb31b8bda566", "ae70ed3cc01b0631a382136060c3085407e98e09205ed786b9fee5e5a20a139d", "b49e6e226ecfbe22f5e14f8581e5fbdf82e0660b31aac0d91a59252100f535e6", "c4211dcd759802490cf3295c434c6f406f65c3b4b4e53292e1daaaaa5cf13d0e", "cb1505686cf31cdd0ff71e5c3dc3875f7e3f90166996dbaf04956f39bb7fbb40", "ce6e4769ebfda72940dc984db39956ef6f1f0becdd076262f4181a29f7591b54", "d27abb5761c73a05e6d2e729fc5a39f0de881d44e81465a2e5742ee251a61386", "d2a13fc8ea13355725e0db940203aaf57acc059464735950345defc4140ff4d0", "f7e62e5bcc96a9820b674ef0134222e0050acb2035b8f8260e84b6afcc6e643d"], "host": "www[.]bing[.]com"}, {"hashes": ["0c2997425536269afe16a8b8b6c4be49f7e580897cad9e754ca4f381adb26bae", "14bccab22d068b3f5b4938b0559f808b13b393490948f21c14952d6b68238eec", "1ebc5c21db31eda328cce469c9c056a352d1ab6fcaa825b7deaf56bf05b0b832", "1f1f395ecb32379dbb2184c475f2cb12e8ad9850830f16892283f68886def842", "3e9ab9a9d9908138887813e35ad0e3f5939b4fd2b63500928e47b6f708f0d7c3", "9b52e5276250652efa36ff6a4ee5212ffa7a7220db6f44ca1be7fed689b9eb86", "9b8a1b42707e3cf61bc5167c45287c231c15f05d21c781512ba7a42418fa663e", "ae0e6672faa1fed222b66f2f28e5a84bdfc6eb2b870e12d1017bdb31b8bda566", "ae70ed3cc01b0631a382136060c3085407e98e09205ed786b9fee5e5a20a139d", "b49e6e226ecfbe22f5e14f8581e5fbdf82e0660b31aac0d91a59252100f535e6", "c4211dcd759802490cf3295c434c6f406f65c3b4b4e53292e1daaaaa5cf13d0e", "cb1505686cf31cdd0ff71e5c3dc3875f7e3f90166996dbaf04956f39bb7fbb40", "ce6e4769ebfda72940dc984db39956ef6f1f0becdd076262f4181a29f7591b54", "d27abb5761c73a05e6d2e729fc5a39f0de881d44e81465a2e5742ee251a61386", "d2a13fc8ea13355725e0db940203aaf57acc059464735950345defc4140ff4d0", "f7e62e5bcc96a9820b674ef0134222e0050acb2035b8f8260e84b6afcc6e643d"], "host": "bloodguiltiness[.]com"}], "file": [{"hashes": ["0c2997425536269afe16a8b8b6c4be49f7e580897cad9e754ca4f381adb26bae", "14bccab22d068b3f5b4938b0559f808b13b393490948f21c14952d6b68238eec", "1ebc5c21db31eda328cce469c9c056a352d1ab6fcaa825b7deaf56bf05b0b832", "1f1f395ecb32379dbb2184c475f2cb12e8ad9850830f16892283f68886def842", "3e9ab9a9d9908138887813e35ad0e3f5939b4fd2b63500928e47b6f708f0d7c3", "9b52e5276250652efa36ff6a4ee5212ffa7a7220db6f44ca1be7fed689b9eb86", "9b8a1b42707e3cf61bc5167c45287c231c15f05d21c781512ba7a42418fa663e", "ae0e6672faa1fed222b66f2f28e5a84bdfc6eb2b870e12d1017bdb31b8bda566", "ae70ed3cc01b0631a382136060c3085407e98e09205ed786b9fee5e5a20a139d", "b49e6e226ecfbe22f5e14f8581e5fbdf82e0660b31aac0d91a59252100f535e6", "c4211dcd759802490cf3295c434c6f406f65c3b4b4e53292e1daaaaa5cf13d0e", "cb1505686cf31cdd0ff71e5c3dc3875f7e3f90166996dbaf04956f39bb7fbb40", "ce6e4769ebfda72940dc984db39956ef6f1f0becdd076262f4181a29f7591b54", "d27abb5761c73a05e6d2e729fc5a39f0de881d44e81465a2e5742ee251a61386", "d2a13fc8ea13355725e0db940203aaf57acc059464735950345defc4140ff4d0", "f7e62e5bcc96a9820b674ef0134222e0050acb2035b8f8260e84b6afcc6e643d"], "path": "%SystemRoot%\\apppatch\\svchost.exe"}], "ip": [{"hashes": ["0c2997425536269afe16a8b8b6c4be49f7e580897cad9e754ca4f381adb26bae", "14bccab22d068b3f5b4938b0559f808b13b393490948f21c14952d6b68238eec", "1ebc5c21db31eda328cce469c9c056a352d1ab6fcaa825b7deaf56bf05b0b832", "1f1f395ecb32379dbb2184c475f2cb12e8ad9850830f16892283f68886def842", "3e9ab9a9d9908138887813e35ad0e3f5939b4fd2b63500928e47b6f708f0d7c3", "9b52e5276250652efa36ff6a4ee5212ffa7a7220db6f44ca1be7fed689b9eb86", "9b8a1b42707e3cf61bc5167c45287c231c15f05d21c781512ba7a42418fa663e", "ae0e6672faa1fed222b66f2f28e5a84bdfc6eb2b870e12d1017bdb31b8bda566", "ae70ed3cc01b0631a382136060c3085407e98e09205ed786b9fee5e5a20a139d", "b49e6e226ecfbe22f5e14f8581e5fbdf82e0660b31aac0d91a59252100f535e6", "c4211dcd759802490cf3295c434c6f406f65c3b4b4e53292e1daaaaa5cf13d0e", "cb1505686cf31cdd0ff71e5c3dc3875f7e3f90166996dbaf04956f39bb7fbb40", "ce6e4769ebfda72940dc984db39956ef6f1f0becdd076262f4181a29f7591b54", "d27abb5761c73a05e6d2e729fc5a39f0de881d44e81465a2e5742ee251a61386", "d2a13fc8ea13355725e0db940203aaf57acc059464735950345defc4140ff4d0", "f7e62e5bcc96a9820b674ef0134222e0050acb2035b8f8260e84b6afcc6e643d"], "ip": "194[.]195[.]211[.]98"}, {"hashes": ["0c2997425536269afe16a8b8b6c4be49f7e580897cad9e754ca4f381adb26bae", "14bccab22d068b3f5b4938b0559f808b13b393490948f21c14952d6b68238eec", "1f1f395ecb32379dbb2184c475f2cb12e8ad9850830f16892283f68886def842", "3e9ab9a9d9908138887813e35ad0e3f5939b4fd2b63500928e47b6f708f0d7c3", "9b52e5276250652efa36ff6a4ee5212ffa7a7220db6f44ca1be7fed689b9eb86", "9b8a1b42707e3cf61bc5167c45287c231c15f05d21c781512ba7a42418fa663e", "ae70ed3cc01b0631a382136060c3085407e98e09205ed786b9fee5e5a20a139d", "b49e6e226ecfbe22f5e14f8581e5fbdf82e0660b31aac0d91a59252100f535e6", "c4211dcd759802490cf3295c434c6f406f65c3b4b4e53292e1daaaaa5cf13d0e", "cb1505686cf31cdd0ff71e5c3dc3875f7e3f90166996dbaf04956f39bb7fbb40", "ce6e4769ebfda72940dc984db39956ef6f1f0becdd076262f4181a29f7591b54", "d27abb5761c73a05e6d2e729fc5a39f0de881d44e81465a2e5742ee251a61386"], "ip": "13[.]107[.]21[.]200"}], "mutex": [{"hashes": ["0c2997425536269afe16a8b8b6c4be49f7e580897cad9e754ca4f381adb26bae", "14bccab22d068b3f5b4938b0559f808b13b393490948f21c14952d6b68238eec", "1ebc5c21db31eda328cce469c9c056a352d1ab6fcaa825b7deaf56bf05b0b832", "1f1f395ecb32379dbb2184c475f2cb12e8ad9850830f16892283f68886def842", "3e9ab9a9d9908138887813e35ad0e3f5939b4fd2b63500928e47b6f708f0d7c3", "60991b4ce81c27bdf0b89e5856c2a22c662f34ad7b67f27ef14e64eef4d27e48", "9b52e5276250652efa36ff6a4ee5212ffa7a7220db6f44ca1be7fed689b9eb86", "9b8a1b42707e3cf61bc5167c45287c231c15f05d21c781512ba7a42418fa663e", "ae0e6672faa1fed222b66f2f28e5a84bdfc6eb2b870e12d1017bdb31b8bda566", "ae70ed3cc01b0631a382136060c3085407e98e09205ed786b9fee5e5a20a139d", "b49e6e226ecfbe22f5e14f8581e5fbdf82e0660b31aac0d91a59252100f535e6", "c4211dcd759802490cf3295c434c6f406f65c3b4b4e53292e1daaaaa5cf13d0e", "cb1505686cf31cdd0ff71e5c3dc3875f7e3f90166996dbaf04956f39bb7fbb40", "ce6e4769ebfda72940dc984db39956ef6f1f0becdd076262f4181a29f7591b54", "d27abb5761c73a05e6d2e729fc5a39f0de881d44e81465a2e5742ee251a61386", "d2a13fc8ea13355725e0db940203aaf57acc059464735950345defc4140ff4d0", "f7e62e5bcc96a9820b674ef0134222e0050acb2035b8f8260e84b6afcc6e643d"], "name": "Global\\<random guid>"}, {"hashes": ["0c2997425536269afe16a8b8b6c4be49f7e580897cad9e754ca4f381adb26bae", "14bccab22d068b3f5b4938b0559f808b13b393490948f21c14952d6b68238eec", "1ebc5c21db31eda328cce469c9c056a352d1ab6fcaa825b7deaf56bf05b0b832", "1f1f395ecb32379dbb2184c475f2cb12e8ad9850830f16892283f68886def842", "3e9ab9a9d9908138887813e35ad0e3f5939b4fd2b63500928e47b6f708f0d7c3", "9b52e5276250652efa36ff6a4ee5212ffa7a7220db6f44ca1be7fed689b9eb86", "9b8a1b42707e3cf61bc5167c45287c231c15f05d21c781512ba7a42418fa663e", "ae0e6672faa1fed222b66f2f28e5a84bdfc6eb2b870e12d1017bdb31b8bda566", "ae70ed3cc01b0631a382136060c3085407e98e09205ed786b9fee5e5a20a139d", "b49e6e226ecfbe22f5e14f8581e5fbdf82e0660b31aac0d91a59252100f535e6", "c4211dcd759802490cf3295c434c6f406f65c3b4b4e53292e1daaaaa5cf13d0e", "cb1505686cf31cdd0ff71e5c3dc3875f7e3f90166996dbaf04956f39bb7fbb40", "ce6e4769ebfda72940dc984db39956ef6f1f0becdd076262f4181a29f7591b54", "d27abb5761c73a05e6d2e729fc5a39f0de881d44e81465a2e5742ee251a61386", "d2a13fc8ea13355725e0db940203aaf57acc059464735950345defc4140ff4d0", "f7e62e5bcc96a9820b674ef0134222e0050acb2035b8f8260e84b6afcc6e643d"], "name": "674972E3a"}], "registry": [{"hashes": ["0c2997425536269afe16a8b8b6c4be49f7e580897cad9e754ca4f381adb26bae", "14bccab22d068b3f5b4938b0559f808b13b393490948f21c14952d6b68238eec", "1ebc5c21db31eda328cce469c9c056a352d1ab6fcaa825b7deaf56bf05b0b832", "1f1f395ecb32379dbb2184c475f2cb12e8ad9850830f16892283f68886def842", "3e9ab9a9d9908138887813e35ad0e3f5939b4fd2b63500928e47b6f708f0d7c3", "9b52e5276250652efa36ff6a4ee5212ffa7a7220db6f44ca1be7fed689b9eb86", "9b8a1b42707e3cf61bc5167c45287c231c15f05d21c781512ba7a42418fa663e", "ae0e6672faa1fed222b66f2f28e5a84bdfc6eb2b870e12d1017bdb31b8bda566", "ae70ed3cc01b0631a382136060c3085407e98e09205ed786b9fee5e5a20a139d", "b49e6e226ecfbe22f5e14f8581e5fbdf82e0660b31aac0d91a59252100f535e6", "c4211dcd759802490cf3295c434c6f406f65c3b4b4e53292e1daaaaa5cf13d0e", "cb1505686cf31cdd0ff71e5c3dc3875f7e3f90166996dbaf04956f39bb7fbb40", "ce6e4769ebfda72940dc984db39956ef6f1f0becdd076262f4181a29f7591b54", "d27abb5761c73a05e6d2e729fc5a39f0de881d44e81465a2e5742ee251a61386", "d2a13fc8ea13355725e0db940203aaf57acc059464735950345defc4140ff4d0", "f7e62e5bcc96a9820b674ef0134222e0050acb2035b8f8260e84b6afcc6e643d"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINLOGON", "value_name": "98b68e3c"}, {"hashes": ["0c2997425536269afe16a8b8b6c4be49f7e580897cad9e754ca4f381adb26bae", "14bccab22d068b3f5b4938b0559f808b13b393490948f21c14952d6b68238eec", "1ebc5c21db31eda328cce469c9c056a352d1ab6fcaa825b7deaf56bf05b0b832", "1f1f395ecb32379dbb2184c475f2cb12e8ad9850830f16892283f68886def842", "3e9ab9a9d9908138887813e35ad0e3f5939b4fd2b63500928e47b6f708f0d7c3", "9b52e5276250652efa36ff6a4ee5212ffa7a7220db6f44ca1be7fed689b9eb86", "9b8a1b42707e3cf61bc5167c45287c231c15f05d21c781512ba7a42418fa663e", "ae0e6672faa1fed222b66f2f28e5a84bdfc6eb2b870e12d1017bdb31b8bda566", "ae70ed3cc01b0631a382136060c3085407e98e09205ed786b9fee5e5a20a139d", "b49e6e226ecfbe22f5e14f8581e5fbdf82e0660b31aac0d91a59252100f535e6", "c4211dcd759802490cf3295c434c6f406f65c3b4b4e53292e1daaaaa5cf13d0e", "cb1505686cf31cdd0ff71e5c3dc3875f7e3f90166996dbaf04956f39bb7fbb40", "ce6e4769ebfda72940dc984db39956ef6f1f0becdd076262f4181a29f7591b54", "d27abb5761c73a05e6d2e729fc5a39f0de881d44e81465a2e5742ee251a61386", "d2a13fc8ea13355725e0db940203aaf57acc059464735950345defc4140ff4d0", "f7e62e5bcc96a9820b674ef0134222e0050acb2035b8f8260e84b6afcc6e643d"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINLOGON", "value_name": "userinit"}]}, "reports_count": 17}, "Win.Packed.Zbot-9987774-0": {"bis": [{"bi": "memory-execute-readwrite", "hashes": ["45b7ed6c121b1ee32bf6ff166e811dc28accd1f6fac06b9e7b9c81db0941f162", "4d3589494daf19228c1a02c7ae9e0dc3093b2b308e41cd5b576622ab03d26f7f", "094128fb2e38e2feff3360d922c08340c5ab51f4e5941d4b2e5e4e136886da40", "09cb932db632c40a5da9d5b50bac23d3aaa68a69bfaefdd6f9763d61ede0c343", "079bb9784c275de6cec815b7fd8fc1ad35ce0cbaabbb5108ebf741fcfd02c008", "03dd7a9a03627752acd6276135953f4e23a567211cda122055fe945ac058547e", "3cfc925e6f333f18ee59b6f7fd5ab0ab54362ca293d419a9df1459616e9ad9f3", "3bd4ec15b4d7006c48c6dfb076ca2355aa5596bea444a2acfa0cd9ae8bd71a7f", "0308c618d462657e6fa1ab1566ea439fe7bc8fa175e00c3b3cb92b7de0a15fad", "06b5d0d4827be79fc4eb1f518ad2f64cb8011c878172e0f44f9563b7233060be", "902523fa3d9206e30313a4c77ffd89f63b44c2b48c7dfc1fd0d59720a007f0f1", "49e0dea7ab27ccd376baa71485996afe877625eb007f81c09f467b7452e77cd7", "4489cc3d5fb44ed8b9c74398fe4df16c807eb9cb4031e893889fd4645bb73901", "289ec0a1b22e2be005801b3fb2b1d48ac345742038a4bbe2192be959e7145fec", "294a696b1863f81b97547b9b836307fea2e28097f9d27996626f82014e3816c7", "12d34ae371b5b947943eb4feb650c8e8549e74f3d17a178bbdc9e129ff555f76", "28cb32d599283024709037c22455f78c0f9020e9b76e75cf0a3929e2c519d36b", "f6768240e9a8c490bbc907ba4db523d6a56db466d1d20ad805b87416a4295394", "539d73a462ed75f850d021ff0a2f904032b7dadf45a200fafbab1dda4da58c9a", "7cb08257f399bb3f4fa6684ad39a66290cba35fddc9776c2396c0c40e9088537", "fab4b6a9bac9f9e226b86eccdbb8f766594168fc083b6a7cd722c3da68e4c311", "f3672675be78c502c0bf7875a992c3fe201aa985794192e9bb203432b67e1d79", "d2faccfec046d7363bac2f547db5b0f18affc0eb54bd1c98770cc12e0c59e9c1", "47aead43ac3117bc934c7d9ec8dd9ab90cec420b9eb7821fc603c32c02741c71", "101ddaf72d55116c5f72c5d5226f7aa8e7d7814c7cf28503e97a6eaf9e8e22f7", "37ff60c4f945a0e45ea794f60275f2765c2223cf94ef1a128b28f5b99d14324a", "a8bf7411bb8c956792058490586b3f0392288697d4a32b3875ac27c8788cb0cc", "4e577f844290b9b3e8da1fcdf155c7262420fd8e7937b7fe1db380e156ce6d83", "2211d255c056d866229c85c779427986eefe2772d327739040a3ea4d2dd7e111", "689cb3df8b60c04c02b72a4f9fc2f9ccce0b76e00996353a78e863ed3b6728cb", "95591a2aae668e0179590d200aea9f293c3bb8a7e86fcb7c30f71dff1d5bb093", "702324d5ccd0076adc3844b62dc0fc504dfc4ba21e8b67338cecfecdafbbef9d", "d93f4f09f7ba919fa70576666fa95cf479d9bd80e72fb7db2bb01683a2ab4c24", "2cd6c35ecc0c0b83a7a103ff06ae9e4038fbdeab7ed5822ad45d508966cfe29c", "1014177749ae458c7ac423564a0eda01319c5b68ea6b6c1c177e600a10d822eb", "416aa8d052b98c97f3c0ea910d8422bda3817df5457279a5c8595d28738222d6", "5cdf3f861d027aea2acba730dfab176f678f296d94f78e1af750dc0dafbc3352", "856963b180b57d21f83ab02adf8673856193e51bbecddff081ab7b881c56c347", "21115d414e5926ca60587ca7d9a6f2cd653663637344175fbbcaf77826758c63", "0339ade6fc92c17d85d0a3063e1090d1d88f3e7013c63f962ac238ca6a5be0f2", "44f88766d121efb2c1497258e2cdea16475356520fb77e4fa97529569f46d1dd", "bf115fbe42896fe43f82584206c241e8ad02904d884969d8205c4773c5e76344", "a015804ed3476ca89c2df77c7d26fc6ea6f211f728d2db9f3d4e31d193105200", "18c31e85259273e6dc438f1b96136ee59f6729e043e31a927ddd5fa4ae2fa33c", "47684eaa052f94ae5c08406b2fa188e600c98e03307c1076a76360989d4371d3", "08db7034fce7c18a40454d7d3371739a5a27b324f07a3a84ece5daec32d1b78e", "7247efb7a6312337d743f5853779db4b64b8e00fc4e21b353fd9882764a87898", "8ff7b013639cc9cdbe90b02a62f17d827959fe4353028fba87cbb05ae142be84", "05a90746447511e32622f90440082d5ea344c81f408f2a8180a1a62554f4e563", "4435700a8e0a5dc38c9c2f5681e469092550ac803d3ff0eba25c3fe079b58d2e", "280bca24427f12400fd0413bb86c0bbf7170f0cef7566ae432c8469298de6271", "1a02515c612ec31e7cb0edd12649c2e5c7db6e9bd4eff0d969d7a42bbdd8a9cb", "04049bf401f386b71c3f9370076fa0388ef36317379bd27a3d77521f319ef66c", "17c76e2e811e75062c333aa263aa8f1800f8f1bc5f6909b021c872fd9d5d1856", "134cbcb9d9f7d69f3121eeeb8e6fd0b69075ec5755d34b1bb84506507c2fa804", "0afe581c70113703a47f4a4a320025d8c42287f3d2b0f50294417e1105d4265b", "6dd84ad54be2d0c4a3a8f8ecd3385bccff471ca5d9c1358c594d1c5c7cc47f95", "30a77605ff10125255c4b1e1f6569dbc615c270bf995261ba93324fd7735d217", "0b66ff19dded846c3ac661dda9a53af6fbc4f87164d160de4077164992152a65", "0b66628a42bf861e41ac999ecef8edd7e200cbea9127c0eb6b3c1b94894a9cfe", "11df0c2317b792d8e2c71e51cba375f26fa79c3893dee13bc5b3948b173cc128", "2e2ee259af95e4781cc345813c6a098906a0523021742855f71c5ea50138455d", "106e36ed4efd530cadc507496a32ba2fbb3f40e6e6a860128c38dec4cb56767e", "9fe93f26c37754d4b921c7e6e832767fd0a12c1982d2c74ed936bf78cf50ea79", "5fce9cb98a8b03290f92c268f2bc2dfeaabdbc19c61956874138fd75877f2398", "1ef25d6351df3dc68796c5accbee97d0222a5b1c2244430860266e613aebd969", "2b06c756c570200a22107b1107ace9270b21601a43ed85534d54050b4ab2f9e7", "7a50f2279d32284037a1b84f3d2c857cfe52e0582bc0a638a071f5be29133a0b", "8c35193913219a4891e0654f7d9daf2d50d920712ba88fdd5aa410a7f79c5060", "14e9065ecc478c011cdd3be32626706e32a2ae16b8e8abc785f610f369e640f1", "4ad1822ec704e0bd7ad05256c5bb1035c217c7275c61795d408f7e50e62b2a69", "421359043a6df01ccba0b86e7e772fd8adb08003a1fe7a21cf65c7cec1464517", "2c3224bcbd61a4e56c857735fb012406129586c580ae4dae786ff3355205345e", "1b2953efae71ba7d7741ce06be87e804257131ac0b14ffd59fb3c95ab800851a", "0fc67b499b0d5c5a42183bcdfb947fe44e3684597844f75e9d88bd9a9b3630d9", "0f04fc60a33db62f9f2683efeb0f13701cb2847fe33b15391fb1038162481243", "4e19347cde2f38e46f2ef1165b108ddf13dd251f81411da20bff7aa73c536d05", "0ca014f86962ffa520a1761912131c403e38f512ea37dae6d6ad669c9c5a3e6d", "b1f21f7dec397f2b2a276b343c6669e046c808ad3cebf74897df620a41da4c43", "4e94bbbf29b3404766a6ec991a7b533031ed360bf940acc22792f876e5ca999f", "b40437005419f7ea4bafc1cf0040789b6d4f3fdbba4ea88e8ceb96831557be75", "259acd15dd50eda6c0f8f42a2538bf691f9749e77c4b2ac4cba725607812f4ed", "47be5c4f874622937d521517c120be7143f9e168a530ce459ed859aac66a2ec1", "0134f50d273b3bbfc40f69b037ceeb8c4a0f9c57ef55e14cc564b2647c91d50b", "22adcaf31287f6a953c48fbee75626cbb9b8a8f6ea07863637ef9037a299aa36", "072854dbde422a9f17539752183436f9df9e13cd508e0705adf0a2fedd4b01c6", "429f7efa1ffae3da51fcf3d3a8f88006cd5208a389963821dcf68e3f941ba049", "d8d345af04e1849f6eb7f972564e6d969c46f390c035034f682a6cdc40bac5dc", "0e8761857683220f2f36a62feb8ed9912a555bbcfbca1e38edb201ca1cd91561", "219cc3967aeabb6e569095a9e96024c387835937c16f01d4e929b30bc3e4c343"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "modified-executable", "hashes": ["45b7ed6c121b1ee32bf6ff166e811dc28accd1f6fac06b9e7b9c81db0941f162", "4d3589494daf19228c1a02c7ae9e0dc3093b2b308e41cd5b576622ab03d26f7f", "094128fb2e38e2feff3360d922c08340c5ab51f4e5941d4b2e5e4e136886da40", "09cb932db632c40a5da9d5b50bac23d3aaa68a69bfaefdd6f9763d61ede0c343", "079bb9784c275de6cec815b7fd8fc1ad35ce0cbaabbb5108ebf741fcfd02c008", "03dd7a9a03627752acd6276135953f4e23a567211cda122055fe945ac058547e", "3cfc925e6f333f18ee59b6f7fd5ab0ab54362ca293d419a9df1459616e9ad9f3", "3bd4ec15b4d7006c48c6dfb076ca2355aa5596bea444a2acfa0cd9ae8bd71a7f", "0308c618d462657e6fa1ab1566ea439fe7bc8fa175e00c3b3cb92b7de0a15fad", "06b5d0d4827be79fc4eb1f518ad2f64cb8011c878172e0f44f9563b7233060be", "902523fa3d9206e30313a4c77ffd89f63b44c2b48c7dfc1fd0d59720a007f0f1", "49e0dea7ab27ccd376baa71485996afe877625eb007f81c09f467b7452e77cd7", "4489cc3d5fb44ed8b9c74398fe4df16c807eb9cb4031e893889fd4645bb73901", "289ec0a1b22e2be005801b3fb2b1d48ac345742038a4bbe2192be959e7145fec", "294a696b1863f81b97547b9b836307fea2e28097f9d27996626f82014e3816c7", "12d34ae371b5b947943eb4feb650c8e8549e74f3d17a178bbdc9e129ff555f76", "28cb32d599283024709037c22455f78c0f9020e9b76e75cf0a3929e2c519d36b", "f6768240e9a8c490bbc907ba4db523d6a56db466d1d20ad805b87416a4295394", "539d73a462ed75f850d021ff0a2f904032b7dadf45a200fafbab1dda4da58c9a", "7cb08257f399bb3f4fa6684ad39a66290cba35fddc9776c2396c0c40e9088537", "fab4b6a9bac9f9e226b86eccdbb8f766594168fc083b6a7cd722c3da68e4c311", "f3672675be78c502c0bf7875a992c3fe201aa985794192e9bb203432b67e1d79", "d2faccfec046d7363bac2f547db5b0f18affc0eb54bd1c98770cc12e0c59e9c1", "47aead43ac3117bc934c7d9ec8dd9ab90cec420b9eb7821fc603c32c02741c71", "101ddaf72d55116c5f72c5d5226f7aa8e7d7814c7cf28503e97a6eaf9e8e22f7", "37ff60c4f945a0e45ea794f60275f2765c2223cf94ef1a128b28f5b99d14324a", "a8bf7411bb8c956792058490586b3f0392288697d4a32b3875ac27c8788cb0cc", "4e577f844290b9b3e8da1fcdf155c7262420fd8e7937b7fe1db380e156ce6d83", "2211d255c056d866229c85c779427986eefe2772d327739040a3ea4d2dd7e111", "689cb3df8b60c04c02b72a4f9fc2f9ccce0b76e00996353a78e863ed3b6728cb", "95591a2aae668e0179590d200aea9f293c3bb8a7e86fcb7c30f71dff1d5bb093", "702324d5ccd0076adc3844b62dc0fc504dfc4ba21e8b67338cecfecdafbbef9d", "d93f4f09f7ba919fa70576666fa95cf479d9bd80e72fb7db2bb01683a2ab4c24", "2cd6c35ecc0c0b83a7a103ff06ae9e4038fbdeab7ed5822ad45d508966cfe29c", "1014177749ae458c7ac423564a0eda01319c5b68ea6b6c1c177e600a10d822eb", "416aa8d052b98c97f3c0ea910d8422bda3817df5457279a5c8595d28738222d6", "5cdf3f861d027aea2acba730dfab176f678f296d94f78e1af750dc0dafbc3352", "856963b180b57d21f83ab02adf8673856193e51bbecddff081ab7b881c56c347", "21115d414e5926ca60587ca7d9a6f2cd653663637344175fbbcaf77826758c63", "0339ade6fc92c17d85d0a3063e1090d1d88f3e7013c63f962ac238ca6a5be0f2", "44f88766d121efb2c1497258e2cdea16475356520fb77e4fa97529569f46d1dd", "bf115fbe42896fe43f82584206c241e8ad02904d884969d8205c4773c5e76344", "a015804ed3476ca89c2df77c7d26fc6ea6f211f728d2db9f3d4e31d193105200", "18c31e85259273e6dc438f1b96136ee59f6729e043e31a927ddd5fa4ae2fa33c", "47684eaa052f94ae5c08406b2fa188e600c98e03307c1076a76360989d4371d3", "08db7034fce7c18a40454d7d3371739a5a27b324f07a3a84ece5daec32d1b78e", "7247efb7a6312337d743f5853779db4b64b8e00fc4e21b353fd9882764a87898", "8ff7b013639cc9cdbe90b02a62f17d827959fe4353028fba87cbb05ae142be84", "05a90746447511e32622f90440082d5ea344c81f408f2a8180a1a62554f4e563", "4435700a8e0a5dc38c9c2f5681e469092550ac803d3ff0eba25c3fe079b58d2e", "280bca24427f12400fd0413bb86c0bbf7170f0cef7566ae432c8469298de6271", "1a02515c612ec31e7cb0edd12649c2e5c7db6e9bd4eff0d969d7a42bbdd8a9cb", "04049bf401f386b71c3f9370076fa0388ef36317379bd27a3d77521f319ef66c", "17c76e2e811e75062c333aa263aa8f1800f8f1bc5f6909b021c872fd9d5d1856", "134cbcb9d9f7d69f3121eeeb8e6fd0b69075ec5755d34b1bb84506507c2fa804", "0afe581c70113703a47f4a4a320025d8c42287f3d2b0f50294417e1105d4265b", "6dd84ad54be2d0c4a3a8f8ecd3385bccff471ca5d9c1358c594d1c5c7cc47f95", "30a77605ff10125255c4b1e1f6569dbc615c270bf995261ba93324fd7735d217", "0b66ff19dded846c3ac661dda9a53af6fbc4f87164d160de4077164992152a65", "0b66628a42bf861e41ac999ecef8edd7e200cbea9127c0eb6b3c1b94894a9cfe", "11df0c2317b792d8e2c71e51cba375f26fa79c3893dee13bc5b3948b173cc128", "2e2ee259af95e4781cc345813c6a098906a0523021742855f71c5ea50138455d", "106e36ed4efd530cadc507496a32ba2fbb3f40e6e6a860128c38dec4cb56767e", "9fe93f26c37754d4b921c7e6e832767fd0a12c1982d2c74ed936bf78cf50ea79", "5fce9cb98a8b03290f92c268f2bc2dfeaabdbc19c61956874138fd75877f2398", "1ef25d6351df3dc68796c5accbee97d0222a5b1c2244430860266e613aebd969", "2b06c756c570200a22107b1107ace9270b21601a43ed85534d54050b4ab2f9e7", "7a50f2279d32284037a1b84f3d2c857cfe52e0582bc0a638a071f5be29133a0b", "8c35193913219a4891e0654f7d9daf2d50d920712ba88fdd5aa410a7f79c5060", "14e9065ecc478c011cdd3be32626706e32a2ae16b8e8abc785f610f369e640f1", "4ad1822ec704e0bd7ad05256c5bb1035c217c7275c61795d408f7e50e62b2a69", "421359043a6df01ccba0b86e7e772fd8adb08003a1fe7a21cf65c7cec1464517", "2c3224bcbd61a4e56c857735fb012406129586c580ae4dae786ff3355205345e", "1b2953efae71ba7d7741ce06be87e804257131ac0b14ffd59fb3c95ab800851a", "0fc67b499b0d5c5a42183bcdfb947fe44e3684597844f75e9d88bd9a9b3630d9", "0f04fc60a33db62f9f2683efeb0f13701cb2847fe33b15391fb1038162481243", "4e19347cde2f38e46f2ef1165b108ddf13dd251f81411da20bff7aa73c536d05", "0ca014f86962ffa520a1761912131c403e38f512ea37dae6d6ad669c9c5a3e6d", "b1f21f7dec397f2b2a276b343c6669e046c808ad3cebf74897df620a41da4c43", "4e94bbbf29b3404766a6ec991a7b533031ed360bf940acc22792f876e5ca999f", "b40437005419f7ea4bafc1cf0040789b6d4f3fdbba4ea88e8ceb96831557be75", "259acd15dd50eda6c0f8f42a2538bf691f9749e77c4b2ac4cba725607812f4ed", "47be5c4f874622937d521517c120be7143f9e168a530ce459ed859aac66a2ec1", "0134f50d273b3bbfc40f69b037ceeb8c4a0f9c57ef55e14cc564b2647c91d50b", "22adcaf31287f6a953c48fbee75626cbb9b8a8f6ea07863637ef9037a299aa36", "072854dbde422a9f17539752183436f9df9e13cd508e0705adf0a2fedd4b01c6", "429f7efa1ffae3da51fcf3d3a8f88006cd5208a389963821dcf68e3f941ba049", "d8d345af04e1849f6eb7f972564e6d969c46f390c035034f682a6cdc40bac5dc", "0e8761857683220f2f36a62feb8ed9912a555bbcfbca1e38edb201ca1cd91561", "219cc3967aeabb6e569095a9e96024c387835937c16f01d4e929b30bc3e4c343"], "mitre_attack_tags": []}, {"bi": "created-executable-in-user-dir", "hashes": ["45b7ed6c121b1ee32bf6ff166e811dc28accd1f6fac06b9e7b9c81db0941f162", "4d3589494daf19228c1a02c7ae9e0dc3093b2b308e41cd5b576622ab03d26f7f", "094128fb2e38e2feff3360d922c08340c5ab51f4e5941d4b2e5e4e136886da40", "09cb932db632c40a5da9d5b50bac23d3aaa68a69bfaefdd6f9763d61ede0c343", "079bb9784c275de6cec815b7fd8fc1ad35ce0cbaabbb5108ebf741fcfd02c008", "03dd7a9a03627752acd6276135953f4e23a567211cda122055fe945ac058547e", "3cfc925e6f333f18ee59b6f7fd5ab0ab54362ca293d419a9df1459616e9ad9f3", "3bd4ec15b4d7006c48c6dfb076ca2355aa5596bea444a2acfa0cd9ae8bd71a7f", "0308c618d462657e6fa1ab1566ea439fe7bc8fa175e00c3b3cb92b7de0a15fad", "06b5d0d4827be79fc4eb1f518ad2f64cb8011c878172e0f44f9563b7233060be", "902523fa3d9206e30313a4c77ffd89f63b44c2b48c7dfc1fd0d59720a007f0f1", "49e0dea7ab27ccd376baa71485996afe877625eb007f81c09f467b7452e77cd7", "4489cc3d5fb44ed8b9c74398fe4df16c807eb9cb4031e893889fd4645bb73901", "289ec0a1b22e2be005801b3fb2b1d48ac345742038a4bbe2192be959e7145fec", "294a696b1863f81b97547b9b836307fea2e28097f9d27996626f82014e3816c7", "12d34ae371b5b947943eb4feb650c8e8549e74f3d17a178bbdc9e129ff555f76", "28cb32d599283024709037c22455f78c0f9020e9b76e75cf0a3929e2c519d36b", "f6768240e9a8c490bbc907ba4db523d6a56db466d1d20ad805b87416a4295394", "539d73a462ed75f850d021ff0a2f904032b7dadf45a200fafbab1dda4da58c9a", "7cb08257f399bb3f4fa6684ad39a66290cba35fddc9776c2396c0c40e9088537", "fab4b6a9bac9f9e226b86eccdbb8f766594168fc083b6a7cd722c3da68e4c311", "f3672675be78c502c0bf7875a992c3fe201aa985794192e9bb203432b67e1d79", "d2faccfec046d7363bac2f547db5b0f18affc0eb54bd1c98770cc12e0c59e9c1", "47aead43ac3117bc934c7d9ec8dd9ab90cec420b9eb7821fc603c32c02741c71", "101ddaf72d55116c5f72c5d5226f7aa8e7d7814c7cf28503e97a6eaf9e8e22f7", "37ff60c4f945a0e45ea794f60275f2765c2223cf94ef1a128b28f5b99d14324a", "a8bf7411bb8c956792058490586b3f0392288697d4a32b3875ac27c8788cb0cc", "4e577f844290b9b3e8da1fcdf155c7262420fd8e7937b7fe1db380e156ce6d83", "2211d255c056d866229c85c779427986eefe2772d327739040a3ea4d2dd7e111", "689cb3df8b60c04c02b72a4f9fc2f9ccce0b76e00996353a78e863ed3b6728cb", "95591a2aae668e0179590d200aea9f293c3bb8a7e86fcb7c30f71dff1d5bb093", "702324d5ccd0076adc3844b62dc0fc504dfc4ba21e8b67338cecfecdafbbef9d", "d93f4f09f7ba919fa70576666fa95cf479d9bd80e72fb7db2bb01683a2ab4c24", "2cd6c35ecc0c0b83a7a103ff06ae9e4038fbdeab7ed5822ad45d508966cfe29c", "1014177749ae458c7ac423564a0eda01319c5b68ea6b6c1c177e600a10d822eb", "416aa8d052b98c97f3c0ea910d8422bda3817df5457279a5c8595d28738222d6", "5cdf3f861d027aea2acba730dfab176f678f296d94f78e1af750dc0dafbc3352", "856963b180b57d21f83ab02adf8673856193e51bbecddff081ab7b881c56c347", "21115d414e5926ca60587ca7d9a6f2cd653663637344175fbbcaf77826758c63", "0339ade6fc92c17d85d0a3063e1090d1d88f3e7013c63f962ac238ca6a5be0f2", "44f88766d121efb2c1497258e2cdea16475356520fb77e4fa97529569f46d1dd", "bf115fbe42896fe43f82584206c241e8ad02904d884969d8205c4773c5e76344", "a015804ed3476ca89c2df77c7d26fc6ea6f211f728d2db9f3d4e31d193105200", "18c31e85259273e6dc438f1b96136ee59f6729e043e31a927ddd5fa4ae2fa33c", "47684eaa052f94ae5c08406b2fa188e600c98e03307c1076a76360989d4371d3", "08db7034fce7c18a40454d7d3371739a5a27b324f07a3a84ece5daec32d1b78e", "7247efb7a6312337d743f5853779db4b64b8e00fc4e21b353fd9882764a87898", "8ff7b013639cc9cdbe90b02a62f17d827959fe4353028fba87cbb05ae142be84", "05a90746447511e32622f90440082d5ea344c81f408f2a8180a1a62554f4e563", "4435700a8e0a5dc38c9c2f5681e469092550ac803d3ff0eba25c3fe079b58d2e", "280bca24427f12400fd0413bb86c0bbf7170f0cef7566ae432c8469298de6271", "1a02515c612ec31e7cb0edd12649c2e5c7db6e9bd4eff0d969d7a42bbdd8a9cb", "04049bf401f386b71c3f9370076fa0388ef36317379bd27a3d77521f319ef66c", "17c76e2e811e75062c333aa263aa8f1800f8f1bc5f6909b021c872fd9d5d1856", "134cbcb9d9f7d69f3121eeeb8e6fd0b69075ec5755d34b1bb84506507c2fa804", "0afe581c70113703a47f4a4a320025d8c42287f3d2b0f50294417e1105d4265b", "6dd84ad54be2d0c4a3a8f8ecd3385bccff471ca5d9c1358c594d1c5c7cc47f95", "30a77605ff10125255c4b1e1f6569dbc615c270bf995261ba93324fd7735d217", "0b66ff19dded846c3ac661dda9a53af6fbc4f87164d160de4077164992152a65", "0b66628a42bf861e41ac999ecef8edd7e200cbea9127c0eb6b3c1b94894a9cfe", "11df0c2317b792d8e2c71e51cba375f26fa79c3893dee13bc5b3948b173cc128", "2e2ee259af95e4781cc345813c6a098906a0523021742855f71c5ea50138455d", "106e36ed4efd530cadc507496a32ba2fbb3f40e6e6a860128c38dec4cb56767e", "9fe93f26c37754d4b921c7e6e832767fd0a12c1982d2c74ed936bf78cf50ea79", "5fce9cb98a8b03290f92c268f2bc2dfeaabdbc19c61956874138fd75877f2398", "1ef25d6351df3dc68796c5accbee97d0222a5b1c2244430860266e613aebd969", "2b06c756c570200a22107b1107ace9270b21601a43ed85534d54050b4ab2f9e7", "7a50f2279d32284037a1b84f3d2c857cfe52e0582bc0a638a071f5be29133a0b", "8c35193913219a4891e0654f7d9daf2d50d920712ba88fdd5aa410a7f79c5060", "14e9065ecc478c011cdd3be32626706e32a2ae16b8e8abc785f610f369e640f1", "4ad1822ec704e0bd7ad05256c5bb1035c217c7275c61795d408f7e50e62b2a69", "421359043a6df01ccba0b86e7e772fd8adb08003a1fe7a21cf65c7cec1464517", "2c3224bcbd61a4e56c857735fb012406129586c580ae4dae786ff3355205345e", "1b2953efae71ba7d7741ce06be87e804257131ac0b14ffd59fb3c95ab800851a", "0fc67b499b0d5c5a42183bcdfb947fe44e3684597844f75e9d88bd9a9b3630d9", "0f04fc60a33db62f9f2683efeb0f13701cb2847fe33b15391fb1038162481243", "4e19347cde2f38e46f2ef1165b108ddf13dd251f81411da20bff7aa73c536d05", "0ca014f86962ffa520a1761912131c403e38f512ea37dae6d6ad669c9c5a3e6d", "b1f21f7dec397f2b2a276b343c6669e046c808ad3cebf74897df620a41da4c43", "4e94bbbf29b3404766a6ec991a7b533031ed360bf940acc22792f876e5ca999f", "b40437005419f7ea4bafc1cf0040789b6d4f3fdbba4ea88e8ceb96831557be75", "259acd15dd50eda6c0f8f42a2538bf691f9749e77c4b2ac4cba725607812f4ed", "47be5c4f874622937d521517c120be7143f9e168a530ce459ed859aac66a2ec1", "0134f50d273b3bbfc40f69b037ceeb8c4a0f9c57ef55e14cc564b2647c91d50b", "22adcaf31287f6a953c48fbee75626cbb9b8a8f6ea07863637ef9037a299aa36", "072854dbde422a9f17539752183436f9df9e13cd508e0705adf0a2fedd4b01c6", "429f7efa1ffae3da51fcf3d3a8f88006cd5208a389963821dcf68e3f941ba049", "d8d345af04e1849f6eb7f972564e6d969c46f390c035034f682a6cdc40bac5dc", "0e8761857683220f2f36a62feb8ed9912a555bbcfbca1e38edb201ca1cd91561", "219cc3967aeabb6e569095a9e96024c387835937c16f01d4e929b30bc3e4c343"], "mitre_attack_tags": []}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["45b7ed6c121b1ee32bf6ff166e811dc28accd1f6fac06b9e7b9c81db0941f162", "4d3589494daf19228c1a02c7ae9e0dc3093b2b308e41cd5b576622ab03d26f7f", "094128fb2e38e2feff3360d922c08340c5ab51f4e5941d4b2e5e4e136886da40", "09cb932db632c40a5da9d5b50bac23d3aaa68a69bfaefdd6f9763d61ede0c343", "079bb9784c275de6cec815b7fd8fc1ad35ce0cbaabbb5108ebf741fcfd02c008", "03dd7a9a03627752acd6276135953f4e23a567211cda122055fe945ac058547e", "3cfc925e6f333f18ee59b6f7fd5ab0ab54362ca293d419a9df1459616e9ad9f3", "3bd4ec15b4d7006c48c6dfb076ca2355aa5596bea444a2acfa0cd9ae8bd71a7f", "0308c618d462657e6fa1ab1566ea439fe7bc8fa175e00c3b3cb92b7de0a15fad", "06b5d0d4827be79fc4eb1f518ad2f64cb8011c878172e0f44f9563b7233060be", "902523fa3d9206e30313a4c77ffd89f63b44c2b48c7dfc1fd0d59720a007f0f1", "49e0dea7ab27ccd376baa71485996afe877625eb007f81c09f467b7452e77cd7", "4489cc3d5fb44ed8b9c74398fe4df16c807eb9cb4031e893889fd4645bb73901", "289ec0a1b22e2be005801b3fb2b1d48ac345742038a4bbe2192be959e7145fec", "294a696b1863f81b97547b9b836307fea2e28097f9d27996626f82014e3816c7", "12d34ae371b5b947943eb4feb650c8e8549e74f3d17a178bbdc9e129ff555f76", "28cb32d599283024709037c22455f78c0f9020e9b76e75cf0a3929e2c519d36b", "f6768240e9a8c490bbc907ba4db523d6a56db466d1d20ad805b87416a4295394", "539d73a462ed75f850d021ff0a2f904032b7dadf45a200fafbab1dda4da58c9a", "7cb08257f399bb3f4fa6684ad39a66290cba35fddc9776c2396c0c40e9088537", "fab4b6a9bac9f9e226b86eccdbb8f766594168fc083b6a7cd722c3da68e4c311", "f3672675be78c502c0bf7875a992c3fe201aa985794192e9bb203432b67e1d79", "d2faccfec046d7363bac2f547db5b0f18affc0eb54bd1c98770cc12e0c59e9c1", "47aead43ac3117bc934c7d9ec8dd9ab90cec420b9eb7821fc603c32c02741c71", "101ddaf72d55116c5f72c5d5226f7aa8e7d7814c7cf28503e97a6eaf9e8e22f7", "37ff60c4f945a0e45ea794f60275f2765c2223cf94ef1a128b28f5b99d14324a", "a8bf7411bb8c956792058490586b3f0392288697d4a32b3875ac27c8788cb0cc", "4e577f844290b9b3e8da1fcdf155c7262420fd8e7937b7fe1db380e156ce6d83", "2211d255c056d866229c85c779427986eefe2772d327739040a3ea4d2dd7e111", "689cb3df8b60c04c02b72a4f9fc2f9ccce0b76e00996353a78e863ed3b6728cb", "95591a2aae668e0179590d200aea9f293c3bb8a7e86fcb7c30f71dff1d5bb093", "702324d5ccd0076adc3844b62dc0fc504dfc4ba21e8b67338cecfecdafbbef9d", "d93f4f09f7ba919fa70576666fa95cf479d9bd80e72fb7db2bb01683a2ab4c24", "2cd6c35ecc0c0b83a7a103ff06ae9e4038fbdeab7ed5822ad45d508966cfe29c", "1014177749ae458c7ac423564a0eda01319c5b68ea6b6c1c177e600a10d822eb", "416aa8d052b98c97f3c0ea910d8422bda3817df5457279a5c8595d28738222d6", "5cdf3f861d027aea2acba730dfab176f678f296d94f78e1af750dc0dafbc3352", "856963b180b57d21f83ab02adf8673856193e51bbecddff081ab7b881c56c347", "21115d414e5926ca60587ca7d9a6f2cd653663637344175fbbcaf77826758c63", "0339ade6fc92c17d85d0a3063e1090d1d88f3e7013c63f962ac238ca6a5be0f2", "44f88766d121efb2c1497258e2cdea16475356520fb77e4fa97529569f46d1dd", "bf115fbe42896fe43f82584206c241e8ad02904d884969d8205c4773c5e76344", "a015804ed3476ca89c2df77c7d26fc6ea6f211f728d2db9f3d4e31d193105200", "18c31e85259273e6dc438f1b96136ee59f6729e043e31a927ddd5fa4ae2fa33c", "47684eaa052f94ae5c08406b2fa188e600c98e03307c1076a76360989d4371d3", "08db7034fce7c18a40454d7d3371739a5a27b324f07a3a84ece5daec32d1b78e", "7247efb7a6312337d743f5853779db4b64b8e00fc4e21b353fd9882764a87898", "8ff7b013639cc9cdbe90b02a62f17d827959fe4353028fba87cbb05ae142be84", "05a90746447511e32622f90440082d5ea344c81f408f2a8180a1a62554f4e563", "4435700a8e0a5dc38c9c2f5681e469092550ac803d3ff0eba25c3fe079b58d2e", "280bca24427f12400fd0413bb86c0bbf7170f0cef7566ae432c8469298de6271", "1a02515c612ec31e7cb0edd12649c2e5c7db6e9bd4eff0d969d7a42bbdd8a9cb", "04049bf401f386b71c3f9370076fa0388ef36317379bd27a3d77521f319ef66c", "17c76e2e811e75062c333aa263aa8f1800f8f1bc5f6909b021c872fd9d5d1856", "134cbcb9d9f7d69f3121eeeb8e6fd0b69075ec5755d34b1bb84506507c2fa804", "0afe581c70113703a47f4a4a320025d8c42287f3d2b0f50294417e1105d4265b", "6dd84ad54be2d0c4a3a8f8ecd3385bccff471ca5d9c1358c594d1c5c7cc47f95", "30a77605ff10125255c4b1e1f6569dbc615c270bf995261ba93324fd7735d217", "0b66ff19dded846c3ac661dda9a53af6fbc4f87164d160de4077164992152a65", "0b66628a42bf861e41ac999ecef8edd7e200cbea9127c0eb6b3c1b94894a9cfe", "11df0c2317b792d8e2c71e51cba375f26fa79c3893dee13bc5b3948b173cc128", "2e2ee259af95e4781cc345813c6a098906a0523021742855f71c5ea50138455d", "106e36ed4efd530cadc507496a32ba2fbb3f40e6e6a860128c38dec4cb56767e", "9fe93f26c37754d4b921c7e6e832767fd0a12c1982d2c74ed936bf78cf50ea79", "5fce9cb98a8b03290f92c268f2bc2dfeaabdbc19c61956874138fd75877f2398", "1ef25d6351df3dc68796c5accbee97d0222a5b1c2244430860266e613aebd969", "2b06c756c570200a22107b1107ace9270b21601a43ed85534d54050b4ab2f9e7", "7a50f2279d32284037a1b84f3d2c857cfe52e0582bc0a638a071f5be29133a0b", "8c35193913219a4891e0654f7d9daf2d50d920712ba88fdd5aa410a7f79c5060", "14e9065ecc478c011cdd3be32626706e32a2ae16b8e8abc785f610f369e640f1", "4ad1822ec704e0bd7ad05256c5bb1035c217c7275c61795d408f7e50e62b2a69", "421359043a6df01ccba0b86e7e772fd8adb08003a1fe7a21cf65c7cec1464517", "2c3224bcbd61a4e56c857735fb012406129586c580ae4dae786ff3355205345e", "1b2953efae71ba7d7741ce06be87e804257131ac0b14ffd59fb3c95ab800851a", "0fc67b499b0d5c5a42183bcdfb947fe44e3684597844f75e9d88bd9a9b3630d9", "0f04fc60a33db62f9f2683efeb0f13701cb2847fe33b15391fb1038162481243", "4e19347cde2f38e46f2ef1165b108ddf13dd251f81411da20bff7aa73c536d05", "0ca014f86962ffa520a1761912131c403e38f512ea37dae6d6ad669c9c5a3e6d", "b1f21f7dec397f2b2a276b343c6669e046c808ad3cebf74897df620a41da4c43", "4e94bbbf29b3404766a6ec991a7b533031ed360bf940acc22792f876e5ca999f", "b40437005419f7ea4bafc1cf0040789b6d4f3fdbba4ea88e8ceb96831557be75", "259acd15dd50eda6c0f8f42a2538bf691f9749e77c4b2ac4cba725607812f4ed", "47be5c4f874622937d521517c120be7143f9e168a530ce459ed859aac66a2ec1", "0134f50d273b3bbfc40f69b037ceeb8c4a0f9c57ef55e14cc564b2647c91d50b", "22adcaf31287f6a953c48fbee75626cbb9b8a8f6ea07863637ef9037a299aa36", "072854dbde422a9f17539752183436f9df9e13cd508e0705adf0a2fedd4b01c6", "429f7efa1ffae3da51fcf3d3a8f88006cd5208a389963821dcf68e3f941ba049", "d8d345af04e1849f6eb7f972564e6d969c46f390c035034f682a6cdc40bac5dc", "0e8761857683220f2f36a62feb8ed9912a555bbcfbca1e38edb201ca1cd91561", "219cc3967aeabb6e569095a9e96024c387835937c16f01d4e929b30bc3e4c343"], "mitre_attack_tags": []}, {"bi": "modified-file-in-user-dir", "hashes": ["45b7ed6c121b1ee32bf6ff166e811dc28accd1f6fac06b9e7b9c81db0941f162", "4d3589494daf19228c1a02c7ae9e0dc3093b2b308e41cd5b576622ab03d26f7f", "094128fb2e38e2feff3360d922c08340c5ab51f4e5941d4b2e5e4e136886da40", "09cb932db632c40a5da9d5b50bac23d3aaa68a69bfaefdd6f9763d61ede0c343", "079bb9784c275de6cec815b7fd8fc1ad35ce0cbaabbb5108ebf741fcfd02c008", "03dd7a9a03627752acd6276135953f4e23a567211cda122055fe945ac058547e", "3cfc925e6f333f18ee59b6f7fd5ab0ab54362ca293d419a9df1459616e9ad9f3", "3bd4ec15b4d7006c48c6dfb076ca2355aa5596bea444a2acfa0cd9ae8bd71a7f", "0308c618d462657e6fa1ab1566ea439fe7bc8fa175e00c3b3cb92b7de0a15fad", "06b5d0d4827be79fc4eb1f518ad2f64cb8011c878172e0f44f9563b7233060be", "902523fa3d9206e30313a4c77ffd89f63b44c2b48c7dfc1fd0d59720a007f0f1", "49e0dea7ab27ccd376baa71485996afe877625eb007f81c09f467b7452e77cd7", "4489cc3d5fb44ed8b9c74398fe4df16c807eb9cb4031e893889fd4645bb73901", "289ec0a1b22e2be005801b3fb2b1d48ac345742038a4bbe2192be959e7145fec", "294a696b1863f81b97547b9b836307fea2e28097f9d27996626f82014e3816c7", "12d34ae371b5b947943eb4feb650c8e8549e74f3d17a178bbdc9e129ff555f76", "28cb32d599283024709037c22455f78c0f9020e9b76e75cf0a3929e2c519d36b", "f6768240e9a8c490bbc907ba4db523d6a56db466d1d20ad805b87416a4295394", "539d73a462ed75f850d021ff0a2f904032b7dadf45a200fafbab1dda4da58c9a", "7cb08257f399bb3f4fa6684ad39a66290cba35fddc9776c2396c0c40e9088537", "fab4b6a9bac9f9e226b86eccdbb8f766594168fc083b6a7cd722c3da68e4c311", "f3672675be78c502c0bf7875a992c3fe201aa985794192e9bb203432b67e1d79", "d2faccfec046d7363bac2f547db5b0f18affc0eb54bd1c98770cc12e0c59e9c1", "47aead43ac3117bc934c7d9ec8dd9ab90cec420b9eb7821fc603c32c02741c71", "101ddaf72d55116c5f72c5d5226f7aa8e7d7814c7cf28503e97a6eaf9e8e22f7", "37ff60c4f945a0e45ea794f60275f2765c2223cf94ef1a128b28f5b99d14324a", "a8bf7411bb8c956792058490586b3f0392288697d4a32b3875ac27c8788cb0cc", "4e577f844290b9b3e8da1fcdf155c7262420fd8e7937b7fe1db380e156ce6d83", "2211d255c056d866229c85c779427986eefe2772d327739040a3ea4d2dd7e111", "689cb3df8b60c04c02b72a4f9fc2f9ccce0b76e00996353a78e863ed3b6728cb", "95591a2aae668e0179590d200aea9f293c3bb8a7e86fcb7c30f71dff1d5bb093", "702324d5ccd0076adc3844b62dc0fc504dfc4ba21e8b67338cecfecdafbbef9d", "d93f4f09f7ba919fa70576666fa95cf479d9bd80e72fb7db2bb01683a2ab4c24", "2cd6c35ecc0c0b83a7a103ff06ae9e4038fbdeab7ed5822ad45d508966cfe29c", "1014177749ae458c7ac423564a0eda01319c5b68ea6b6c1c177e600a10d822eb", "416aa8d052b98c97f3c0ea910d8422bda3817df5457279a5c8595d28738222d6", "5cdf3f861d027aea2acba730dfab176f678f296d94f78e1af750dc0dafbc3352", "856963b180b57d21f83ab02adf8673856193e51bbecddff081ab7b881c56c347", "21115d414e5926ca60587ca7d9a6f2cd653663637344175fbbcaf77826758c63", "0339ade6fc92c17d85d0a3063e1090d1d88f3e7013c63f962ac238ca6a5be0f2", "44f88766d121efb2c1497258e2cdea16475356520fb77e4fa97529569f46d1dd", "bf115fbe42896fe43f82584206c241e8ad02904d884969d8205c4773c5e76344", "a015804ed3476ca89c2df77c7d26fc6ea6f211f728d2db9f3d4e31d193105200", "18c31e85259273e6dc438f1b96136ee59f6729e043e31a927ddd5fa4ae2fa33c", "47684eaa052f94ae5c08406b2fa188e600c98e03307c1076a76360989d4371d3", "08db7034fce7c18a40454d7d3371739a5a27b324f07a3a84ece5daec32d1b78e", "7247efb7a6312337d743f5853779db4b64b8e00fc4e21b353fd9882764a87898", "8ff7b013639cc9cdbe90b02a62f17d827959fe4353028fba87cbb05ae142be84", "05a90746447511e32622f90440082d5ea344c81f408f2a8180a1a62554f4e563", "4435700a8e0a5dc38c9c2f5681e469092550ac803d3ff0eba25c3fe079b58d2e", "280bca24427f12400fd0413bb86c0bbf7170f0cef7566ae432c8469298de6271", "1a02515c612ec31e7cb0edd12649c2e5c7db6e9bd4eff0d969d7a42bbdd8a9cb", "04049bf401f386b71c3f9370076fa0388ef36317379bd27a3d77521f319ef66c", "17c76e2e811e75062c333aa263aa8f1800f8f1bc5f6909b021c872fd9d5d1856", "134cbcb9d9f7d69f3121eeeb8e6fd0b69075ec5755d34b1bb84506507c2fa804", "0afe581c70113703a47f4a4a320025d8c42287f3d2b0f50294417e1105d4265b", "6dd84ad54be2d0c4a3a8f8ecd3385bccff471ca5d9c1358c594d1c5c7cc47f95", "30a77605ff10125255c4b1e1f6569dbc615c270bf995261ba93324fd7735d217", "0b66ff19dded846c3ac661dda9a53af6fbc4f87164d160de4077164992152a65", "0b66628a42bf861e41ac999ecef8edd7e200cbea9127c0eb6b3c1b94894a9cfe", "11df0c2317b792d8e2c71e51cba375f26fa79c3893dee13bc5b3948b173cc128", "2e2ee259af95e4781cc345813c6a098906a0523021742855f71c5ea50138455d", "106e36ed4efd530cadc507496a32ba2fbb3f40e6e6a860128c38dec4cb56767e", "9fe93f26c37754d4b921c7e6e832767fd0a12c1982d2c74ed936bf78cf50ea79", "5fce9cb98a8b03290f92c268f2bc2dfeaabdbc19c61956874138fd75877f2398", "1ef25d6351df3dc68796c5accbee97d0222a5b1c2244430860266e613aebd969", "2b06c756c570200a22107b1107ace9270b21601a43ed85534d54050b4ab2f9e7", "7a50f2279d32284037a1b84f3d2c857cfe52e0582bc0a638a071f5be29133a0b", "8c35193913219a4891e0654f7d9daf2d50d920712ba88fdd5aa410a7f79c5060", "14e9065ecc478c011cdd3be32626706e32a2ae16b8e8abc785f610f369e640f1", "4ad1822ec704e0bd7ad05256c5bb1035c217c7275c61795d408f7e50e62b2a69", "421359043a6df01ccba0b86e7e772fd8adb08003a1fe7a21cf65c7cec1464517", "2c3224bcbd61a4e56c857735fb012406129586c580ae4dae786ff3355205345e", "1b2953efae71ba7d7741ce06be87e804257131ac0b14ffd59fb3c95ab800851a", "0fc67b499b0d5c5a42183bcdfb947fe44e3684597844f75e9d88bd9a9b3630d9", "0f04fc60a33db62f9f2683efeb0f13701cb2847fe33b15391fb1038162481243", "4e19347cde2f38e46f2ef1165b108ddf13dd251f81411da20bff7aa73c536d05", "0ca014f86962ffa520a1761912131c403e38f512ea37dae6d6ad669c9c5a3e6d", "b1f21f7dec397f2b2a276b343c6669e046c808ad3cebf74897df620a41da4c43", "4e94bbbf29b3404766a6ec991a7b533031ed360bf940acc22792f876e5ca999f", "b40437005419f7ea4bafc1cf0040789b6d4f3fdbba4ea88e8ceb96831557be75", "259acd15dd50eda6c0f8f42a2538bf691f9749e77c4b2ac4cba725607812f4ed", "47be5c4f874622937d521517c120be7143f9e168a530ce459ed859aac66a2ec1", "0134f50d273b3bbfc40f69b037ceeb8c4a0f9c57ef55e14cc564b2647c91d50b", "22adcaf31287f6a953c48fbee75626cbb9b8a8f6ea07863637ef9037a299aa36", "072854dbde422a9f17539752183436f9df9e13cd508e0705adf0a2fedd4b01c6", "429f7efa1ffae3da51fcf3d3a8f88006cd5208a389963821dcf68e3f941ba049", "d8d345af04e1849f6eb7f972564e6d969c46f390c035034f682a6cdc40bac5dc", "0e8761857683220f2f36a62feb8ed9912a555bbcfbca1e38edb201ca1cd91561", "219cc3967aeabb6e569095a9e96024c387835937c16f01d4e929b30bc3e4c343"], "mitre_attack_tags": []}, {"bi": "pe-invalid-checksum", "hashes": ["45b7ed6c121b1ee32bf6ff166e811dc28accd1f6fac06b9e7b9c81db0941f162", "4d3589494daf19228c1a02c7ae9e0dc3093b2b308e41cd5b576622ab03d26f7f", "094128fb2e38e2feff3360d922c08340c5ab51f4e5941d4b2e5e4e136886da40", "09cb932db632c40a5da9d5b50bac23d3aaa68a69bfaefdd6f9763d61ede0c343", "079bb9784c275de6cec815b7fd8fc1ad35ce0cbaabbb5108ebf741fcfd02c008", "03dd7a9a03627752acd6276135953f4e23a567211cda122055fe945ac058547e", "3cfc925e6f333f18ee59b6f7fd5ab0ab54362ca293d419a9df1459616e9ad9f3", "3bd4ec15b4d7006c48c6dfb076ca2355aa5596bea444a2acfa0cd9ae8bd71a7f", "0308c618d462657e6fa1ab1566ea439fe7bc8fa175e00c3b3cb92b7de0a15fad", "06b5d0d4827be79fc4eb1f518ad2f64cb8011c878172e0f44f9563b7233060be", "902523fa3d9206e30313a4c77ffd89f63b44c2b48c7dfc1fd0d59720a007f0f1", "49e0dea7ab27ccd376baa71485996afe877625eb007f81c09f467b7452e77cd7", "4489cc3d5fb44ed8b9c74398fe4df16c807eb9cb4031e893889fd4645bb73901", "289ec0a1b22e2be005801b3fb2b1d48ac345742038a4bbe2192be959e7145fec", "294a696b1863f81b97547b9b836307fea2e28097f9d27996626f82014e3816c7", "12d34ae371b5b947943eb4feb650c8e8549e74f3d17a178bbdc9e129ff555f76", "28cb32d599283024709037c22455f78c0f9020e9b76e75cf0a3929e2c519d36b", "f6768240e9a8c490bbc907ba4db523d6a56db466d1d20ad805b87416a4295394", "539d73a462ed75f850d021ff0a2f904032b7dadf45a200fafbab1dda4da58c9a", "7cb08257f399bb3f4fa6684ad39a66290cba35fddc9776c2396c0c40e9088537", "fab4b6a9bac9f9e226b86eccdbb8f766594168fc083b6a7cd722c3da68e4c311", "f3672675be78c502c0bf7875a992c3fe201aa985794192e9bb203432b67e1d79", "d2faccfec046d7363bac2f547db5b0f18affc0eb54bd1c98770cc12e0c59e9c1", "47aead43ac3117bc934c7d9ec8dd9ab90cec420b9eb7821fc603c32c02741c71", "101ddaf72d55116c5f72c5d5226f7aa8e7d7814c7cf28503e97a6eaf9e8e22f7", "37ff60c4f945a0e45ea794f60275f2765c2223cf94ef1a128b28f5b99d14324a", "a8bf7411bb8c956792058490586b3f0392288697d4a32b3875ac27c8788cb0cc", "4e577f844290b9b3e8da1fcdf155c7262420fd8e7937b7fe1db380e156ce6d83", "2211d255c056d866229c85c779427986eefe2772d327739040a3ea4d2dd7e111", "689cb3df8b60c04c02b72a4f9fc2f9ccce0b76e00996353a78e863ed3b6728cb", "95591a2aae668e0179590d200aea9f293c3bb8a7e86fcb7c30f71dff1d5bb093", "702324d5ccd0076adc3844b62dc0fc504dfc4ba21e8b67338cecfecdafbbef9d", "d93f4f09f7ba919fa70576666fa95cf479d9bd80e72fb7db2bb01683a2ab4c24", "2cd6c35ecc0c0b83a7a103ff06ae9e4038fbdeab7ed5822ad45d508966cfe29c", "1014177749ae458c7ac423564a0eda01319c5b68ea6b6c1c177e600a10d822eb", "416aa8d052b98c97f3c0ea910d8422bda3817df5457279a5c8595d28738222d6", "5cdf3f861d027aea2acba730dfab176f678f296d94f78e1af750dc0dafbc3352", "856963b180b57d21f83ab02adf8673856193e51bbecddff081ab7b881c56c347", "21115d414e5926ca60587ca7d9a6f2cd653663637344175fbbcaf77826758c63", "0339ade6fc92c17d85d0a3063e1090d1d88f3e7013c63f962ac238ca6a5be0f2", "44f88766d121efb2c1497258e2cdea16475356520fb77e4fa97529569f46d1dd", "bf115fbe42896fe43f82584206c241e8ad02904d884969d8205c4773c5e76344", "a015804ed3476ca89c2df77c7d26fc6ea6f211f728d2db9f3d4e31d193105200", "18c31e85259273e6dc438f1b96136ee59f6729e043e31a927ddd5fa4ae2fa33c", "47684eaa052f94ae5c08406b2fa188e600c98e03307c1076a76360989d4371d3", "08db7034fce7c18a40454d7d3371739a5a27b324f07a3a84ece5daec32d1b78e", "7247efb7a6312337d743f5853779db4b64b8e00fc4e21b353fd9882764a87898", "8ff7b013639cc9cdbe90b02a62f17d827959fe4353028fba87cbb05ae142be84", "05a90746447511e32622f90440082d5ea344c81f408f2a8180a1a62554f4e563", "4435700a8e0a5dc38c9c2f5681e469092550ac803d3ff0eba25c3fe079b58d2e", "280bca24427f12400fd0413bb86c0bbf7170f0cef7566ae432c8469298de6271", "1a02515c612ec31e7cb0edd12649c2e5c7db6e9bd4eff0d969d7a42bbdd8a9cb", "04049bf401f386b71c3f9370076fa0388ef36317379bd27a3d77521f319ef66c", "17c76e2e811e75062c333aa263aa8f1800f8f1bc5f6909b021c872fd9d5d1856", "134cbcb9d9f7d69f3121eeeb8e6fd0b69075ec5755d34b1bb84506507c2fa804", "0afe581c70113703a47f4a4a320025d8c42287f3d2b0f50294417e1105d4265b", "6dd84ad54be2d0c4a3a8f8ecd3385bccff471ca5d9c1358c594d1c5c7cc47f95", "30a77605ff10125255c4b1e1f6569dbc615c270bf995261ba93324fd7735d217", "0b66ff19dded846c3ac661dda9a53af6fbc4f87164d160de4077164992152a65", "0b66628a42bf861e41ac999ecef8edd7e200cbea9127c0eb6b3c1b94894a9cfe", "11df0c2317b792d8e2c71e51cba375f26fa79c3893dee13bc5b3948b173cc128", "2e2ee259af95e4781cc345813c6a098906a0523021742855f71c5ea50138455d", "106e36ed4efd530cadc507496a32ba2fbb3f40e6e6a860128c38dec4cb56767e", "9fe93f26c37754d4b921c7e6e832767fd0a12c1982d2c74ed936bf78cf50ea79", "5fce9cb98a8b03290f92c268f2bc2dfeaabdbc19c61956874138fd75877f2398", "1ef25d6351df3dc68796c5accbee97d0222a5b1c2244430860266e613aebd969", "2b06c756c570200a22107b1107ace9270b21601a43ed85534d54050b4ab2f9e7", "7a50f2279d32284037a1b84f3d2c857cfe52e0582bc0a638a071f5be29133a0b", "8c35193913219a4891e0654f7d9daf2d50d920712ba88fdd5aa410a7f79c5060", "14e9065ecc478c011cdd3be32626706e32a2ae16b8e8abc785f610f369e640f1", "4ad1822ec704e0bd7ad05256c5bb1035c217c7275c61795d408f7e50e62b2a69", "421359043a6df01ccba0b86e7e772fd8adb08003a1fe7a21cf65c7cec1464517", "2c3224bcbd61a4e56c857735fb012406129586c580ae4dae786ff3355205345e", "1b2953efae71ba7d7741ce06be87e804257131ac0b14ffd59fb3c95ab800851a", "0fc67b499b0d5c5a42183bcdfb947fe44e3684597844f75e9d88bd9a9b3630d9", "0f04fc60a33db62f9f2683efeb0f13701cb2847fe33b15391fb1038162481243", "4e19347cde2f38e46f2ef1165b108ddf13dd251f81411da20bff7aa73c536d05", "0ca014f86962ffa520a1761912131c403e38f512ea37dae6d6ad669c9c5a3e6d", "b1f21f7dec397f2b2a276b343c6669e046c808ad3cebf74897df620a41da4c43", "4e94bbbf29b3404766a6ec991a7b533031ed360bf940acc22792f876e5ca999f", "b40437005419f7ea4bafc1cf0040789b6d4f3fdbba4ea88e8ceb96831557be75", "259acd15dd50eda6c0f8f42a2538bf691f9749e77c4b2ac4cba725607812f4ed", "47be5c4f874622937d521517c120be7143f9e168a530ce459ed859aac66a2ec1", "0134f50d273b3bbfc40f69b037ceeb8c4a0f9c57ef55e14cc564b2647c91d50b", "22adcaf31287f6a953c48fbee75626cbb9b8a8f6ea07863637ef9037a299aa36", "072854dbde422a9f17539752183436f9df9e13cd508e0705adf0a2fedd4b01c6", "429f7efa1ffae3da51fcf3d3a8f88006cd5208a389963821dcf68e3f941ba049", "d8d345af04e1849f6eb7f972564e6d969c46f390c035034f682a6cdc40bac5dc", "0e8761857683220f2f36a62feb8ed9912a555bbcfbca1e38edb201ca1cd91561", "219cc3967aeabb6e569095a9e96024c387835937c16f01d4e929b30bc3e4c343"], "mitre_attack_tags": []}, {"bi": "network-fast-flux-domain", "hashes": ["45b7ed6c121b1ee32bf6ff166e811dc28accd1f6fac06b9e7b9c81db0941f162", "4d3589494daf19228c1a02c7ae9e0dc3093b2b308e41cd5b576622ab03d26f7f", "094128fb2e38e2feff3360d922c08340c5ab51f4e5941d4b2e5e4e136886da40", "09cb932db632c40a5da9d5b50bac23d3aaa68a69bfaefdd6f9763d61ede0c343", "079bb9784c275de6cec815b7fd8fc1ad35ce0cbaabbb5108ebf741fcfd02c008", "03dd7a9a03627752acd6276135953f4e23a567211cda122055fe945ac058547e", "3cfc925e6f333f18ee59b6f7fd5ab0ab54362ca293d419a9df1459616e9ad9f3", "3bd4ec15b4d7006c48c6dfb076ca2355aa5596bea444a2acfa0cd9ae8bd71a7f", "0308c618d462657e6fa1ab1566ea439fe7bc8fa175e00c3b3cb92b7de0a15fad", "06b5d0d4827be79fc4eb1f518ad2f64cb8011c878172e0f44f9563b7233060be", "902523fa3d9206e30313a4c77ffd89f63b44c2b48c7dfc1fd0d59720a007f0f1", "49e0dea7ab27ccd376baa71485996afe877625eb007f81c09f467b7452e77cd7", "4489cc3d5fb44ed8b9c74398fe4df16c807eb9cb4031e893889fd4645bb73901", "289ec0a1b22e2be005801b3fb2b1d48ac345742038a4bbe2192be959e7145fec", "294a696b1863f81b97547b9b836307fea2e28097f9d27996626f82014e3816c7", "12d34ae371b5b947943eb4feb650c8e8549e74f3d17a178bbdc9e129ff555f76", "28cb32d599283024709037c22455f78c0f9020e9b76e75cf0a3929e2c519d36b", "f6768240e9a8c490bbc907ba4db523d6a56db466d1d20ad805b87416a4295394", "539d73a462ed75f850d021ff0a2f904032b7dadf45a200fafbab1dda4da58c9a", "7cb08257f399bb3f4fa6684ad39a66290cba35fddc9776c2396c0c40e9088537", "fab4b6a9bac9f9e226b86eccdbb8f766594168fc083b6a7cd722c3da68e4c311", "f3672675be78c502c0bf7875a992c3fe201aa985794192e9bb203432b67e1d79", "d2faccfec046d7363bac2f547db5b0f18affc0eb54bd1c98770cc12e0c59e9c1", "47aead43ac3117bc934c7d9ec8dd9ab90cec420b9eb7821fc603c32c02741c71", "101ddaf72d55116c5f72c5d5226f7aa8e7d7814c7cf28503e97a6eaf9e8e22f7", "37ff60c4f945a0e45ea794f60275f2765c2223cf94ef1a128b28f5b99d14324a", "a8bf7411bb8c956792058490586b3f0392288697d4a32b3875ac27c8788cb0cc", "4e577f844290b9b3e8da1fcdf155c7262420fd8e7937b7fe1db380e156ce6d83", "2211d255c056d866229c85c779427986eefe2772d327739040a3ea4d2dd7e111", "689cb3df8b60c04c02b72a4f9fc2f9ccce0b76e00996353a78e863ed3b6728cb", "95591a2aae668e0179590d200aea9f293c3bb8a7e86fcb7c30f71dff1d5bb093", "702324d5ccd0076adc3844b62dc0fc504dfc4ba21e8b67338cecfecdafbbef9d", "d93f4f09f7ba919fa70576666fa95cf479d9bd80e72fb7db2bb01683a2ab4c24", "2cd6c35ecc0c0b83a7a103ff06ae9e4038fbdeab7ed5822ad45d508966cfe29c", "1014177749ae458c7ac423564a0eda01319c5b68ea6b6c1c177e600a10d822eb", "416aa8d052b98c97f3c0ea910d8422bda3817df5457279a5c8595d28738222d6", "5cdf3f861d027aea2acba730dfab176f678f296d94f78e1af750dc0dafbc3352", "856963b180b57d21f83ab02adf8673856193e51bbecddff081ab7b881c56c347", "21115d414e5926ca60587ca7d9a6f2cd653663637344175fbbcaf77826758c63", "0339ade6fc92c17d85d0a3063e1090d1d88f3e7013c63f962ac238ca6a5be0f2", "44f88766d121efb2c1497258e2cdea16475356520fb77e4fa97529569f46d1dd", "bf115fbe42896fe43f82584206c241e8ad02904d884969d8205c4773c5e76344", "a015804ed3476ca89c2df77c7d26fc6ea6f211f728d2db9f3d4e31d193105200", "18c31e85259273e6dc438f1b96136ee59f6729e043e31a927ddd5fa4ae2fa33c", "47684eaa052f94ae5c08406b2fa188e600c98e03307c1076a76360989d4371d3", "08db7034fce7c18a40454d7d3371739a5a27b324f07a3a84ece5daec32d1b78e", "7247efb7a6312337d743f5853779db4b64b8e00fc4e21b353fd9882764a87898", "8ff7b013639cc9cdbe90b02a62f17d827959fe4353028fba87cbb05ae142be84", "05a90746447511e32622f90440082d5ea344c81f408f2a8180a1a62554f4e563", "4435700a8e0a5dc38c9c2f5681e469092550ac803d3ff0eba25c3fe079b58d2e", "280bca24427f12400fd0413bb86c0bbf7170f0cef7566ae432c8469298de6271", "1a02515c612ec31e7cb0edd12649c2e5c7db6e9bd4eff0d969d7a42bbdd8a9cb", "04049bf401f386b71c3f9370076fa0388ef36317379bd27a3d77521f319ef66c", "17c76e2e811e75062c333aa263aa8f1800f8f1bc5f6909b021c872fd9d5d1856", "134cbcb9d9f7d69f3121eeeb8e6fd0b69075ec5755d34b1bb84506507c2fa804", "0afe581c70113703a47f4a4a320025d8c42287f3d2b0f50294417e1105d4265b", "6dd84ad54be2d0c4a3a8f8ecd3385bccff471ca5d9c1358c594d1c5c7cc47f95", "30a77605ff10125255c4b1e1f6569dbc615c270bf995261ba93324fd7735d217", "0b66ff19dded846c3ac661dda9a53af6fbc4f87164d160de4077164992152a65", "0b66628a42bf861e41ac999ecef8edd7e200cbea9127c0eb6b3c1b94894a9cfe", "11df0c2317b792d8e2c71e51cba375f26fa79c3893dee13bc5b3948b173cc128", "2e2ee259af95e4781cc345813c6a098906a0523021742855f71c5ea50138455d", "106e36ed4efd530cadc507496a32ba2fbb3f40e6e6a860128c38dec4cb56767e", "9fe93f26c37754d4b921c7e6e832767fd0a12c1982d2c74ed936bf78cf50ea79", "5fce9cb98a8b03290f92c268f2bc2dfeaabdbc19c61956874138fd75877f2398", "1ef25d6351df3dc68796c5accbee97d0222a5b1c2244430860266e613aebd969", "2b06c756c570200a22107b1107ace9270b21601a43ed85534d54050b4ab2f9e7", "7a50f2279d32284037a1b84f3d2c857cfe52e0582bc0a638a071f5be29133a0b", "8c35193913219a4891e0654f7d9daf2d50d920712ba88fdd5aa410a7f79c5060", "14e9065ecc478c011cdd3be32626706e32a2ae16b8e8abc785f610f369e640f1", "4ad1822ec704e0bd7ad05256c5bb1035c217c7275c61795d408f7e50e62b2a69", "421359043a6df01ccba0b86e7e772fd8adb08003a1fe7a21cf65c7cec1464517", "2c3224bcbd61a4e56c857735fb012406129586c580ae4dae786ff3355205345e", "1b2953efae71ba7d7741ce06be87e804257131ac0b14ffd59fb3c95ab800851a", "0fc67b499b0d5c5a42183bcdfb947fe44e3684597844f75e9d88bd9a9b3630d9", "0f04fc60a33db62f9f2683efeb0f13701cb2847fe33b15391fb1038162481243", "4e19347cde2f38e46f2ef1165b108ddf13dd251f81411da20bff7aa73c536d05", "0ca014f86962ffa520a1761912131c403e38f512ea37dae6d6ad669c9c5a3e6d", "b1f21f7dec397f2b2a276b343c6669e046c808ad3cebf74897df620a41da4c43", "4e94bbbf29b3404766a6ec991a7b533031ed360bf940acc22792f876e5ca999f", "b40437005419f7ea4bafc1cf0040789b6d4f3fdbba4ea88e8ceb96831557be75", "259acd15dd50eda6c0f8f42a2538bf691f9749e77c4b2ac4cba725607812f4ed", "47be5c4f874622937d521517c120be7143f9e168a530ce459ed859aac66a2ec1", "0134f50d273b3bbfc40f69b037ceeb8c4a0f9c57ef55e14cc564b2647c91d50b", "22adcaf31287f6a953c48fbee75626cbb9b8a8f6ea07863637ef9037a299aa36", "072854dbde422a9f17539752183436f9df9e13cd508e0705adf0a2fedd4b01c6", "429f7efa1ffae3da51fcf3d3a8f88006cd5208a389963821dcf68e3f941ba049", "d8d345af04e1849f6eb7f972564e6d969c46f390c035034f682a6cdc40bac5dc", "0e8761857683220f2f36a62feb8ed9912a555bbcfbca1e38edb201ca1cd91561", "219cc3967aeabb6e569095a9e96024c387835937c16f01d4e929b30bc3e4c343"], "mitre_attack_tags": []}, {"bi": "network-communications-http-get", "hashes": ["45b7ed6c121b1ee32bf6ff166e811dc28accd1f6fac06b9e7b9c81db0941f162", "4d3589494daf19228c1a02c7ae9e0dc3093b2b308e41cd5b576622ab03d26f7f", "094128fb2e38e2feff3360d922c08340c5ab51f4e5941d4b2e5e4e136886da40", "09cb932db632c40a5da9d5b50bac23d3aaa68a69bfaefdd6f9763d61ede0c343", "079bb9784c275de6cec815b7fd8fc1ad35ce0cbaabbb5108ebf741fcfd02c008", "03dd7a9a03627752acd6276135953f4e23a567211cda122055fe945ac058547e", "3cfc925e6f333f18ee59b6f7fd5ab0ab54362ca293d419a9df1459616e9ad9f3", "3bd4ec15b4d7006c48c6dfb076ca2355aa5596bea444a2acfa0cd9ae8bd71a7f", "0308c618d462657e6fa1ab1566ea439fe7bc8fa175e00c3b3cb92b7de0a15fad", "06b5d0d4827be79fc4eb1f518ad2f64cb8011c878172e0f44f9563b7233060be", "902523fa3d9206e30313a4c77ffd89f63b44c2b48c7dfc1fd0d59720a007f0f1", "49e0dea7ab27ccd376baa71485996afe877625eb007f81c09f467b7452e77cd7", "4489cc3d5fb44ed8b9c74398fe4df16c807eb9cb4031e893889fd4645bb73901", "289ec0a1b22e2be005801b3fb2b1d48ac345742038a4bbe2192be959e7145fec", "294a696b1863f81b97547b9b836307fea2e28097f9d27996626f82014e3816c7", "12d34ae371b5b947943eb4feb650c8e8549e74f3d17a178bbdc9e129ff555f76", "28cb32d599283024709037c22455f78c0f9020e9b76e75cf0a3929e2c519d36b", "f6768240e9a8c490bbc907ba4db523d6a56db466d1d20ad805b87416a4295394", "539d73a462ed75f850d021ff0a2f904032b7dadf45a200fafbab1dda4da58c9a", "7cb08257f399bb3f4fa6684ad39a66290cba35fddc9776c2396c0c40e9088537", "fab4b6a9bac9f9e226b86eccdbb8f766594168fc083b6a7cd722c3da68e4c311", "f3672675be78c502c0bf7875a992c3fe201aa985794192e9bb203432b67e1d79", "d2faccfec046d7363bac2f547db5b0f18affc0eb54bd1c98770cc12e0c59e9c1", "47aead43ac3117bc934c7d9ec8dd9ab90cec420b9eb7821fc603c32c02741c71", "101ddaf72d55116c5f72c5d5226f7aa8e7d7814c7cf28503e97a6eaf9e8e22f7", "37ff60c4f945a0e45ea794f60275f2765c2223cf94ef1a128b28f5b99d14324a", "a8bf7411bb8c956792058490586b3f0392288697d4a32b3875ac27c8788cb0cc", "4e577f844290b9b3e8da1fcdf155c7262420fd8e7937b7fe1db380e156ce6d83", "2211d255c056d866229c85c779427986eefe2772d327739040a3ea4d2dd7e111", "689cb3df8b60c04c02b72a4f9fc2f9ccce0b76e00996353a78e863ed3b6728cb", "95591a2aae668e0179590d200aea9f293c3bb8a7e86fcb7c30f71dff1d5bb093", "702324d5ccd0076adc3844b62dc0fc504dfc4ba21e8b67338cecfecdafbbef9d", "d93f4f09f7ba919fa70576666fa95cf479d9bd80e72fb7db2bb01683a2ab4c24", "2cd6c35ecc0c0b83a7a103ff06ae9e4038fbdeab7ed5822ad45d508966cfe29c", "1014177749ae458c7ac423564a0eda01319c5b68ea6b6c1c177e600a10d822eb", "416aa8d052b98c97f3c0ea910d8422bda3817df5457279a5c8595d28738222d6", "5cdf3f861d027aea2acba730dfab176f678f296d94f78e1af750dc0dafbc3352", "856963b180b57d21f83ab02adf8673856193e51bbecddff081ab7b881c56c347", "21115d414e5926ca60587ca7d9a6f2cd653663637344175fbbcaf77826758c63", "0339ade6fc92c17d85d0a3063e1090d1d88f3e7013c63f962ac238ca6a5be0f2", "44f88766d121efb2c1497258e2cdea16475356520fb77e4fa97529569f46d1dd", "bf115fbe42896fe43f82584206c241e8ad02904d884969d8205c4773c5e76344", "a015804ed3476ca89c2df77c7d26fc6ea6f211f728d2db9f3d4e31d193105200", "18c31e85259273e6dc438f1b96136ee59f6729e043e31a927ddd5fa4ae2fa33c", "47684eaa052f94ae5c08406b2fa188e600c98e03307c1076a76360989d4371d3", "08db7034fce7c18a40454d7d3371739a5a27b324f07a3a84ece5daec32d1b78e", "7247efb7a6312337d743f5853779db4b64b8e00fc4e21b353fd9882764a87898", "8ff7b013639cc9cdbe90b02a62f17d827959fe4353028fba87cbb05ae142be84", "05a90746447511e32622f90440082d5ea344c81f408f2a8180a1a62554f4e563", "4435700a8e0a5dc38c9c2f5681e469092550ac803d3ff0eba25c3fe079b58d2e", "280bca24427f12400fd0413bb86c0bbf7170f0cef7566ae432c8469298de6271", "1a02515c612ec31e7cb0edd12649c2e5c7db6e9bd4eff0d969d7a42bbdd8a9cb", "04049bf401f386b71c3f9370076fa0388ef36317379bd27a3d77521f319ef66c", "17c76e2e811e75062c333aa263aa8f1800f8f1bc5f6909b021c872fd9d5d1856", "134cbcb9d9f7d69f3121eeeb8e6fd0b69075ec5755d34b1bb84506507c2fa804", "0afe581c70113703a47f4a4a320025d8c42287f3d2b0f50294417e1105d4265b", "6dd84ad54be2d0c4a3a8f8ecd3385bccff471ca5d9c1358c594d1c5c7cc47f95", "30a77605ff10125255c4b1e1f6569dbc615c270bf995261ba93324fd7735d217", "0b66ff19dded846c3ac661dda9a53af6fbc4f87164d160de4077164992152a65", "0b66628a42bf861e41ac999ecef8edd7e200cbea9127c0eb6b3c1b94894a9cfe", "11df0c2317b792d8e2c71e51cba375f26fa79c3893dee13bc5b3948b173cc128", "2e2ee259af95e4781cc345813c6a098906a0523021742855f71c5ea50138455d", "106e36ed4efd530cadc507496a32ba2fbb3f40e6e6a860128c38dec4cb56767e", "9fe93f26c37754d4b921c7e6e832767fd0a12c1982d2c74ed936bf78cf50ea79", "5fce9cb98a8b03290f92c268f2bc2dfeaabdbc19c61956874138fd75877f2398", "1ef25d6351df3dc68796c5accbee97d0222a5b1c2244430860266e613aebd969", "2b06c756c570200a22107b1107ace9270b21601a43ed85534d54050b4ab2f9e7", "7a50f2279d32284037a1b84f3d2c857cfe52e0582bc0a638a071f5be29133a0b", "8c35193913219a4891e0654f7d9daf2d50d920712ba88fdd5aa410a7f79c5060", "14e9065ecc478c011cdd3be32626706e32a2ae16b8e8abc785f610f369e640f1", "4ad1822ec704e0bd7ad05256c5bb1035c217c7275c61795d408f7e50e62b2a69", "421359043a6df01ccba0b86e7e772fd8adb08003a1fe7a21cf65c7cec1464517", "2c3224bcbd61a4e56c857735fb012406129586c580ae4dae786ff3355205345e", "1b2953efae71ba7d7741ce06be87e804257131ac0b14ffd59fb3c95ab800851a", "0fc67b499b0d5c5a42183bcdfb947fe44e3684597844f75e9d88bd9a9b3630d9", "0f04fc60a33db62f9f2683efeb0f13701cb2847fe33b15391fb1038162481243", "4e19347cde2f38e46f2ef1165b108ddf13dd251f81411da20bff7aa73c536d05", "0ca014f86962ffa520a1761912131c403e38f512ea37dae6d6ad669c9c5a3e6d", "b1f21f7dec397f2b2a276b343c6669e046c808ad3cebf74897df620a41da4c43", "4e94bbbf29b3404766a6ec991a7b533031ed360bf940acc22792f876e5ca999f", "b40437005419f7ea4bafc1cf0040789b6d4f3fdbba4ea88e8ceb96831557be75", "259acd15dd50eda6c0f8f42a2538bf691f9749e77c4b2ac4cba725607812f4ed", "47be5c4f874622937d521517c120be7143f9e168a530ce459ed859aac66a2ec1", "0134f50d273b3bbfc40f69b037ceeb8c4a0f9c57ef55e14cc564b2647c91d50b", "22adcaf31287f6a953c48fbee75626cbb9b8a8f6ea07863637ef9037a299aa36", "072854dbde422a9f17539752183436f9df9e13cd508e0705adf0a2fedd4b01c6", "429f7efa1ffae3da51fcf3d3a8f88006cd5208a389963821dcf68e3f941ba049", "d8d345af04e1849f6eb7f972564e6d969c46f390c035034f682a6cdc40bac5dc", "0e8761857683220f2f36a62feb8ed9912a555bbcfbca1e38edb201ca1cd91561", "219cc3967aeabb6e569095a9e96024c387835937c16f01d4e929b30bc3e4c343"], "mitre_attack_tags": ["TA0011", "T1105"]}, {"bi": "network-only-safe-domains-contacted", "hashes": ["45b7ed6c121b1ee32bf6ff166e811dc28accd1f6fac06b9e7b9c81db0941f162", "4d3589494daf19228c1a02c7ae9e0dc3093b2b308e41cd5b576622ab03d26f7f", "094128fb2e38e2feff3360d922c08340c5ab51f4e5941d4b2e5e4e136886da40", "09cb932db632c40a5da9d5b50bac23d3aaa68a69bfaefdd6f9763d61ede0c343", "079bb9784c275de6cec815b7fd8fc1ad35ce0cbaabbb5108ebf741fcfd02c008", "03dd7a9a03627752acd6276135953f4e23a567211cda122055fe945ac058547e", "3cfc925e6f333f18ee59b6f7fd5ab0ab54362ca293d419a9df1459616e9ad9f3", "3bd4ec15b4d7006c48c6dfb076ca2355aa5596bea444a2acfa0cd9ae8bd71a7f", "0308c618d462657e6fa1ab1566ea439fe7bc8fa175e00c3b3cb92b7de0a15fad", "06b5d0d4827be79fc4eb1f518ad2f64cb8011c878172e0f44f9563b7233060be", "902523fa3d9206e30313a4c77ffd89f63b44c2b48c7dfc1fd0d59720a007f0f1", "49e0dea7ab27ccd376baa71485996afe877625eb007f81c09f467b7452e77cd7", "4489cc3d5fb44ed8b9c74398fe4df16c807eb9cb4031e893889fd4645bb73901", "289ec0a1b22e2be005801b3fb2b1d48ac345742038a4bbe2192be959e7145fec", "294a696b1863f81b97547b9b836307fea2e28097f9d27996626f82014e3816c7", "12d34ae371b5b947943eb4feb650c8e8549e74f3d17a178bbdc9e129ff555f76", "28cb32d599283024709037c22455f78c0f9020e9b76e75cf0a3929e2c519d36b", "f6768240e9a8c490bbc907ba4db523d6a56db466d1d20ad805b87416a4295394", "539d73a462ed75f850d021ff0a2f904032b7dadf45a200fafbab1dda4da58c9a", "7cb08257f399bb3f4fa6684ad39a66290cba35fddc9776c2396c0c40e9088537", "fab4b6a9bac9f9e226b86eccdbb8f766594168fc083b6a7cd722c3da68e4c311", "f3672675be78c502c0bf7875a992c3fe201aa985794192e9bb203432b67e1d79", "d2faccfec046d7363bac2f547db5b0f18affc0eb54bd1c98770cc12e0c59e9c1", "47aead43ac3117bc934c7d9ec8dd9ab90cec420b9eb7821fc603c32c02741c71", "101ddaf72d55116c5f72c5d5226f7aa8e7d7814c7cf28503e97a6eaf9e8e22f7", "37ff60c4f945a0e45ea794f60275f2765c2223cf94ef1a128b28f5b99d14324a", "a8bf7411bb8c956792058490586b3f0392288697d4a32b3875ac27c8788cb0cc", "4e577f844290b9b3e8da1fcdf155c7262420fd8e7937b7fe1db380e156ce6d83", "2211d255c056d866229c85c779427986eefe2772d327739040a3ea4d2dd7e111", "689cb3df8b60c04c02b72a4f9fc2f9ccce0b76e00996353a78e863ed3b6728cb", "95591a2aae668e0179590d200aea9f293c3bb8a7e86fcb7c30f71dff1d5bb093", "702324d5ccd0076adc3844b62dc0fc504dfc4ba21e8b67338cecfecdafbbef9d", "d93f4f09f7ba919fa70576666fa95cf479d9bd80e72fb7db2bb01683a2ab4c24", "2cd6c35ecc0c0b83a7a103ff06ae9e4038fbdeab7ed5822ad45d508966cfe29c", "1014177749ae458c7ac423564a0eda01319c5b68ea6b6c1c177e600a10d822eb", "416aa8d052b98c97f3c0ea910d8422bda3817df5457279a5c8595d28738222d6", "5cdf3f861d027aea2acba730dfab176f678f296d94f78e1af750dc0dafbc3352", "856963b180b57d21f83ab02adf8673856193e51bbecddff081ab7b881c56c347", "21115d414e5926ca60587ca7d9a6f2cd653663637344175fbbcaf77826758c63", "0339ade6fc92c17d85d0a3063e1090d1d88f3e7013c63f962ac238ca6a5be0f2", "44f88766d121efb2c1497258e2cdea16475356520fb77e4fa97529569f46d1dd", "bf115fbe42896fe43f82584206c241e8ad02904d884969d8205c4773c5e76344", "a015804ed3476ca89c2df77c7d26fc6ea6f211f728d2db9f3d4e31d193105200", "18c31e85259273e6dc438f1b96136ee59f6729e043e31a927ddd5fa4ae2fa33c", "47684eaa052f94ae5c08406b2fa188e600c98e03307c1076a76360989d4371d3", "08db7034fce7c18a40454d7d3371739a5a27b324f07a3a84ece5daec32d1b78e", "7247efb7a6312337d743f5853779db4b64b8e00fc4e21b353fd9882764a87898", "8ff7b013639cc9cdbe90b02a62f17d827959fe4353028fba87cbb05ae142be84", "05a90746447511e32622f90440082d5ea344c81f408f2a8180a1a62554f4e563", "4435700a8e0a5dc38c9c2f5681e469092550ac803d3ff0eba25c3fe079b58d2e", "280bca24427f12400fd0413bb86c0bbf7170f0cef7566ae432c8469298de6271", "1a02515c612ec31e7cb0edd12649c2e5c7db6e9bd4eff0d969d7a42bbdd8a9cb", "04049bf401f386b71c3f9370076fa0388ef36317379bd27a3d77521f319ef66c", "17c76e2e811e75062c333aa263aa8f1800f8f1bc5f6909b021c872fd9d5d1856", "134cbcb9d9f7d69f3121eeeb8e6fd0b69075ec5755d34b1bb84506507c2fa804", "0afe581c70113703a47f4a4a320025d8c42287f3d2b0f50294417e1105d4265b", "6dd84ad54be2d0c4a3a8f8ecd3385bccff471ca5d9c1358c594d1c5c7cc47f95", "30a77605ff10125255c4b1e1f6569dbc615c270bf995261ba93324fd7735d217", "0b66ff19dded846c3ac661dda9a53af6fbc4f87164d160de4077164992152a65", "0b66628a42bf861e41ac999ecef8edd7e200cbea9127c0eb6b3c1b94894a9cfe", "11df0c2317b792d8e2c71e51cba375f26fa79c3893dee13bc5b3948b173cc128", "2e2ee259af95e4781cc345813c6a098906a0523021742855f71c5ea50138455d", "106e36ed4efd530cadc507496a32ba2fbb3f40e6e6a860128c38dec4cb56767e", "9fe93f26c37754d4b921c7e6e832767fd0a12c1982d2c74ed936bf78cf50ea79", "5fce9cb98a8b03290f92c268f2bc2dfeaabdbc19c61956874138fd75877f2398", "1ef25d6351df3dc68796c5accbee97d0222a5b1c2244430860266e613aebd969", "2b06c756c570200a22107b1107ace9270b21601a43ed85534d54050b4ab2f9e7", "7a50f2279d32284037a1b84f3d2c857cfe52e0582bc0a638a071f5be29133a0b", "8c35193913219a4891e0654f7d9daf2d50d920712ba88fdd5aa410a7f79c5060", "14e9065ecc478c011cdd3be32626706e32a2ae16b8e8abc785f610f369e640f1", "4ad1822ec704e0bd7ad05256c5bb1035c217c7275c61795d408f7e50e62b2a69", "421359043a6df01ccba0b86e7e772fd8adb08003a1fe7a21cf65c7cec1464517", "2c3224bcbd61a4e56c857735fb012406129586c580ae4dae786ff3355205345e", "1b2953efae71ba7d7741ce06be87e804257131ac0b14ffd59fb3c95ab800851a", "0fc67b499b0d5c5a42183bcdfb947fe44e3684597844f75e9d88bd9a9b3630d9", "0f04fc60a33db62f9f2683efeb0f13701cb2847fe33b15391fb1038162481243", "4e19347cde2f38e46f2ef1165b108ddf13dd251f81411da20bff7aa73c536d05", "0ca014f86962ffa520a1761912131c403e38f512ea37dae6d6ad669c9c5a3e6d", "b1f21f7dec397f2b2a276b343c6669e046c808ad3cebf74897df620a41da4c43", "4e94bbbf29b3404766a6ec991a7b533031ed360bf940acc22792f876e5ca999f", "b40437005419f7ea4bafc1cf0040789b6d4f3fdbba4ea88e8ceb96831557be75", "259acd15dd50eda6c0f8f42a2538bf691f9749e77c4b2ac4cba725607812f4ed", "47be5c4f874622937d521517c120be7143f9e168a530ce459ed859aac66a2ec1", "0134f50d273b3bbfc40f69b037ceeb8c4a0f9c57ef55e14cc564b2647c91d50b", "22adcaf31287f6a953c48fbee75626cbb9b8a8f6ea07863637ef9037a299aa36", "072854dbde422a9f17539752183436f9df9e13cd508e0705adf0a2fedd4b01c6", "429f7efa1ffae3da51fcf3d3a8f88006cd5208a389963821dcf68e3f941ba049", "d8d345af04e1849f6eb7f972564e6d969c46f390c035034f682a6cdc40bac5dc", "0e8761857683220f2f36a62feb8ed9912a555bbcfbca1e38edb201ca1cd91561", "219cc3967aeabb6e569095a9e96024c387835937c16f01d4e929b30bc3e4c343"], "mitre_attack_tags": []}, {"bi": "network-file-downloaded-to-disk", "hashes": ["45b7ed6c121b1ee32bf6ff166e811dc28accd1f6fac06b9e7b9c81db0941f162", "4d3589494daf19228c1a02c7ae9e0dc3093b2b308e41cd5b576622ab03d26f7f", "094128fb2e38e2feff3360d922c08340c5ab51f4e5941d4b2e5e4e136886da40", "09cb932db632c40a5da9d5b50bac23d3aaa68a69bfaefdd6f9763d61ede0c343", "079bb9784c275de6cec815b7fd8fc1ad35ce0cbaabbb5108ebf741fcfd02c008", "03dd7a9a03627752acd6276135953f4e23a567211cda122055fe945ac058547e", "3cfc925e6f333f18ee59b6f7fd5ab0ab54362ca293d419a9df1459616e9ad9f3", "3bd4ec15b4d7006c48c6dfb076ca2355aa5596bea444a2acfa0cd9ae8bd71a7f", "0308c618d462657e6fa1ab1566ea439fe7bc8fa175e00c3b3cb92b7de0a15fad", "06b5d0d4827be79fc4eb1f518ad2f64cb8011c878172e0f44f9563b7233060be", "902523fa3d9206e30313a4c77ffd89f63b44c2b48c7dfc1fd0d59720a007f0f1", "49e0dea7ab27ccd376baa71485996afe877625eb007f81c09f467b7452e77cd7", "4489cc3d5fb44ed8b9c74398fe4df16c807eb9cb4031e893889fd4645bb73901", "289ec0a1b22e2be005801b3fb2b1d48ac345742038a4bbe2192be959e7145fec", "294a696b1863f81b97547b9b836307fea2e28097f9d27996626f82014e3816c7", "12d34ae371b5b947943eb4feb650c8e8549e74f3d17a178bbdc9e129ff555f76", "28cb32d599283024709037c22455f78c0f9020e9b76e75cf0a3929e2c519d36b", "f6768240e9a8c490bbc907ba4db523d6a56db466d1d20ad805b87416a4295394", "539d73a462ed75f850d021ff0a2f904032b7dadf45a200fafbab1dda4da58c9a", "7cb08257f399bb3f4fa6684ad39a66290cba35fddc9776c2396c0c40e9088537", "fab4b6a9bac9f9e226b86eccdbb8f766594168fc083b6a7cd722c3da68e4c311", "f3672675be78c502c0bf7875a992c3fe201aa985794192e9bb203432b67e1d79", "d2faccfec046d7363bac2f547db5b0f18affc0eb54bd1c98770cc12e0c59e9c1", "47aead43ac3117bc934c7d9ec8dd9ab90cec420b9eb7821fc603c32c02741c71", "101ddaf72d55116c5f72c5d5226f7aa8e7d7814c7cf28503e97a6eaf9e8e22f7", "37ff60c4f945a0e45ea794f60275f2765c2223cf94ef1a128b28f5b99d14324a", "a8bf7411bb8c956792058490586b3f0392288697d4a32b3875ac27c8788cb0cc", "4e577f844290b9b3e8da1fcdf155c7262420fd8e7937b7fe1db380e156ce6d83", "2211d255c056d866229c85c779427986eefe2772d327739040a3ea4d2dd7e111", "689cb3df8b60c04c02b72a4f9fc2f9ccce0b76e00996353a78e863ed3b6728cb", "95591a2aae668e0179590d200aea9f293c3bb8a7e86fcb7c30f71dff1d5bb093", "702324d5ccd0076adc3844b62dc0fc504dfc4ba21e8b67338cecfecdafbbef9d", "d93f4f09f7ba919fa70576666fa95cf479d9bd80e72fb7db2bb01683a2ab4c24", "2cd6c35ecc0c0b83a7a103ff06ae9e4038fbdeab7ed5822ad45d508966cfe29c", "1014177749ae458c7ac423564a0eda01319c5b68ea6b6c1c177e600a10d822eb", "416aa8d052b98c97f3c0ea910d8422bda3817df5457279a5c8595d28738222d6", "5cdf3f861d027aea2acba730dfab176f678f296d94f78e1af750dc0dafbc3352", "856963b180b57d21f83ab02adf8673856193e51bbecddff081ab7b881c56c347", "21115d414e5926ca60587ca7d9a6f2cd653663637344175fbbcaf77826758c63", "0339ade6fc92c17d85d0a3063e1090d1d88f3e7013c63f962ac238ca6a5be0f2", "44f88766d121efb2c1497258e2cdea16475356520fb77e4fa97529569f46d1dd", "bf115fbe42896fe43f82584206c241e8ad02904d884969d8205c4773c5e76344", "a015804ed3476ca89c2df77c7d26fc6ea6f211f728d2db9f3d4e31d193105200", "18c31e85259273e6dc438f1b96136ee59f6729e043e31a927ddd5fa4ae2fa33c", "47684eaa052f94ae5c08406b2fa188e600c98e03307c1076a76360989d4371d3", "08db7034fce7c18a40454d7d3371739a5a27b324f07a3a84ece5daec32d1b78e", "7247efb7a6312337d743f5853779db4b64b8e00fc4e21b353fd9882764a87898", "8ff7b013639cc9cdbe90b02a62f17d827959fe4353028fba87cbb05ae142be84", "05a90746447511e32622f90440082d5ea344c81f408f2a8180a1a62554f4e563", "4435700a8e0a5dc38c9c2f5681e469092550ac803d3ff0eba25c3fe079b58d2e", "280bca24427f12400fd0413bb86c0bbf7170f0cef7566ae432c8469298de6271", "1a02515c612ec31e7cb0edd12649c2e5c7db6e9bd4eff0d969d7a42bbdd8a9cb", "04049bf401f386b71c3f9370076fa0388ef36317379bd27a3d77521f319ef66c", "17c76e2e811e75062c333aa263aa8f1800f8f1bc5f6909b021c872fd9d5d1856", "134cbcb9d9f7d69f3121eeeb8e6fd0b69075ec5755d34b1bb84506507c2fa804", "0afe581c70113703a47f4a4a320025d8c42287f3d2b0f50294417e1105d4265b", "6dd84ad54be2d0c4a3a8f8ecd3385bccff471ca5d9c1358c594d1c5c7cc47f95", "30a77605ff10125255c4b1e1f6569dbc615c270bf995261ba93324fd7735d217", "0b66ff19dded846c3ac661dda9a53af6fbc4f87164d160de4077164992152a65", "0b66628a42bf861e41ac999ecef8edd7e200cbea9127c0eb6b3c1b94894a9cfe", "11df0c2317b792d8e2c71e51cba375f26fa79c3893dee13bc5b3948b173cc128", "2e2ee259af95e4781cc345813c6a098906a0523021742855f71c5ea50138455d", "106e36ed4efd530cadc507496a32ba2fbb3f40e6e6a860128c38dec4cb56767e", "9fe93f26c37754d4b921c7e6e832767fd0a12c1982d2c74ed936bf78cf50ea79", "5fce9cb98a8b03290f92c268f2bc2dfeaabdbc19c61956874138fd75877f2398", "1ef25d6351df3dc68796c5accbee97d0222a5b1c2244430860266e613aebd969", "2b06c756c570200a22107b1107ace9270b21601a43ed85534d54050b4ab2f9e7", "7a50f2279d32284037a1b84f3d2c857cfe52e0582bc0a638a071f5be29133a0b", "8c35193913219a4891e0654f7d9daf2d50d920712ba88fdd5aa410a7f79c5060", "14e9065ecc478c011cdd3be32626706e32a2ae16b8e8abc785f610f369e640f1", "4ad1822ec704e0bd7ad05256c5bb1035c217c7275c61795d408f7e50e62b2a69", "421359043a6df01ccba0b86e7e772fd8adb08003a1fe7a21cf65c7cec1464517", "2c3224bcbd61a4e56c857735fb012406129586c580ae4dae786ff3355205345e", "1b2953efae71ba7d7741ce06be87e804257131ac0b14ffd59fb3c95ab800851a", "0fc67b499b0d5c5a42183bcdfb947fe44e3684597844f75e9d88bd9a9b3630d9", "0f04fc60a33db62f9f2683efeb0f13701cb2847fe33b15391fb1038162481243", "4e19347cde2f38e46f2ef1165b108ddf13dd251f81411da20bff7aa73c536d05", "0ca014f86962ffa520a1761912131c403e38f512ea37dae6d6ad669c9c5a3e6d", "b1f21f7dec397f2b2a276b343c6669e046c808ad3cebf74897df620a41da4c43", "4e94bbbf29b3404766a6ec991a7b533031ed360bf940acc22792f876e5ca999f", "b40437005419f7ea4bafc1cf0040789b6d4f3fdbba4ea88e8ceb96831557be75", "259acd15dd50eda6c0f8f42a2538bf691f9749e77c4b2ac4cba725607812f4ed", "47be5c4f874622937d521517c120be7143f9e168a530ce459ed859aac66a2ec1", "0134f50d273b3bbfc40f69b037ceeb8c4a0f9c57ef55e14cc564b2647c91d50b", "22adcaf31287f6a953c48fbee75626cbb9b8a8f6ea07863637ef9037a299aa36", "072854dbde422a9f17539752183436f9df9e13cd508e0705adf0a2fedd4b01c6", "429f7efa1ffae3da51fcf3d3a8f88006cd5208a389963821dcf68e3f941ba049", "d8d345af04e1849f6eb7f972564e6d969c46f390c035034f682a6cdc40bac5dc", "0e8761857683220f2f36a62feb8ed9912a555bbcfbca1e38edb201ca1cd91561", "219cc3967aeabb6e569095a9e96024c387835937c16f01d4e929b30bc3e4c343"], "mitre_attack_tags": []}, {"bi": "network-snort-server", "hashes": ["d93f4f09f7ba919fa70576666fa95cf479d9bd80e72fb7db2bb01683a2ab4c24"], "mitre_attack_tags": []}], "category": "Packed", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": true, "Threat Grid": true, "Umbrella": false, "WSA": false}, "description": "Zbot, also known as Zeus, is a trojan that steals information such as banking credentials, using methods like key-logging and form-grabbing.", "hashes": ["0134f50d273b3bbfc40f69b037ceeb8c4a0f9c57ef55e14cc564b2647c91d50b", "0308c618d462657e6fa1ab1566ea439fe7bc8fa175e00c3b3cb92b7de0a15fad", "0339ade6fc92c17d85d0a3063e1090d1d88f3e7013c63f962ac238ca6a5be0f2", "03dd7a9a03627752acd6276135953f4e23a567211cda122055fe945ac058547e", "04049bf401f386b71c3f9370076fa0388ef36317379bd27a3d77521f319ef66c", "05a90746447511e32622f90440082d5ea344c81f408f2a8180a1a62554f4e563", "06b5d0d4827be79fc4eb1f518ad2f64cb8011c878172e0f44f9563b7233060be", "072854dbde422a9f17539752183436f9df9e13cd508e0705adf0a2fedd4b01c6", "079bb9784c275de6cec815b7fd8fc1ad35ce0cbaabbb5108ebf741fcfd02c008", "08db7034fce7c18a40454d7d3371739a5a27b324f07a3a84ece5daec32d1b78e", "094128fb2e38e2feff3360d922c08340c5ab51f4e5941d4b2e5e4e136886da40", "09cb932db632c40a5da9d5b50bac23d3aaa68a69bfaefdd6f9763d61ede0c343", "0afe581c70113703a47f4a4a320025d8c42287f3d2b0f50294417e1105d4265b", "0b66628a42bf861e41ac999ecef8edd7e200cbea9127c0eb6b3c1b94894a9cfe", "0b66ff19dded846c3ac661dda9a53af6fbc4f87164d160de4077164992152a65", "0ca014f86962ffa520a1761912131c403e38f512ea37dae6d6ad669c9c5a3e6d", "0e8761857683220f2f36a62feb8ed9912a555bbcfbca1e38edb201ca1cd91561", "0f04fc60a33db62f9f2683efeb0f13701cb2847fe33b15391fb1038162481243", "0fc67b499b0d5c5a42183bcdfb947fe44e3684597844f75e9d88bd9a9b3630d9", "1014177749ae458c7ac423564a0eda01319c5b68ea6b6c1c177e600a10d822eb", "101ddaf72d55116c5f72c5d5226f7aa8e7d7814c7cf28503e97a6eaf9e8e22f7", "106e36ed4efd530cadc507496a32ba2fbb3f40e6e6a860128c38dec4cb56767e", "11df0c2317b792d8e2c71e51cba375f26fa79c3893dee13bc5b3948b173cc128", "12d34ae371b5b947943eb4feb650c8e8549e74f3d17a178bbdc9e129ff555f76", "134cbcb9d9f7d69f3121eeeb8e6fd0b69075ec5755d34b1bb84506507c2fa804", "136ea7ad64721ebbd0ceb497acf9cb6d5b48fa218e865ddec929e203663671cf", "14b41281ebf75af87217eb9ccd2175233551e37609fea7e6bd2a8310f15b2cf2", "14e9065ecc478c011cdd3be32626706e32a2ae16b8e8abc785f610f369e640f1", "161ccfdbdefc3a41f6e46744f605d70e9b9dff741185c291b5676f5e134d15fb", "17c76e2e811e75062c333aa263aa8f1800f8f1bc5f6909b021c872fd9d5d1856", "1833fa7fd012ca9ae165c5b75cee7090a2ee8a9340a59a44ba7b9dc7adea0140", "18c31e85259273e6dc438f1b96136ee59f6729e043e31a927ddd5fa4ae2fa33c", "1925eb33ee7201f8a4569c6b1f388e1c2cf96bcd5f47907e511cddf617bc3889", "196cd3a4032d170dd3f9ba1cbf7710c48bb9ec2aec50f415f120421f342cf50b", "19974af9e73afb963ab5d2cc59c57d942f9bcb222da0dfc8ef70173d871209ae", "199efab92c6dcdb00f2237357eef19c52bbc1314051461c69869688edeeab843", "1a02515c612ec31e7cb0edd12649c2e5c7db6e9bd4eff0d969d7a42bbdd8a9cb", "1a207fa257f4c92af13b41e201b3a2d0f54a2e707110c87fa6323a98fd2ea22b", "1ac70e2357f15fc413d57965c68f005f909ac05a5ecf097a89f8fbd828460d54", "1b2953efae71ba7d7741ce06be87e804257131ac0b14ffd59fb3c95ab800851a", "1b4a41004081ad653387f40e7c841720d3f6656f4be6dc4acdaec06b55123bc5", "1b6b306de2a78dd0061aba3ce81115742b718a1ba868d03aedd89f17024760d1", "1c12e728aa200ee7538749a4d74e8bd5f0a4e496a4e5ebeff7b8d404a2361014", "1c3767b49a232dd60484231da81e3daa524c846dc1f07dcd408c6d378e7d9710", "1e0fa9f93950d31f26153df91b34d70b1265ec8e9c934aa78ed5de7f8993c862", "1e1ce74e71c113fb4be288572222ea91b76708d63a47cc6acedd2349b46dc33e", "1ef25d6351df3dc68796c5accbee97d0222a5b1c2244430860266e613aebd969", "1f40a95697a819e53996eeee77f5c9997131cd096c2bc6ee397f8ca2eb20a512", "1fb1118acb3263a3c7171873c5af3b7136b1e66545e82ad9cffcf24eec87e57d", "21115d414e5926ca60587ca7d9a6f2cd653663637344175fbbcaf77826758c63", "219cc3967aeabb6e569095a9e96024c387835937c16f01d4e929b30bc3e4c343", "2211d255c056d866229c85c779427986eefe2772d327739040a3ea4d2dd7e111", "2230e2523b591f081406fc8937b0f08e34808483b88b1b39e5c10e90df5d426e", "2298a56e2dec9107c671538076026cf5c587ba159681218e379957386716445f", "22adcaf31287f6a953c48fbee75626cbb9b8a8f6ea07863637ef9037a299aa36", "22e022e9d5212de3fe4a338247c4a81d293c51c989c016246dbff8571d1e86c8", "232c00761a54c3f9e1a56280ed35d329761d7aba5f6832eb577950e83352f763", "2383a1baccf0f1d09761798b361f80a84184ba68ba620a28a07d418cbf3815a9", "259acd15dd50eda6c0f8f42a2538bf691f9749e77c4b2ac4cba725607812f4ed", "27c403ce96cb4e7d6e043f7aa1a9ac0d5adca95e29732da63496ba00bdde7afe", "27c674f63be36f6216676e735d92b3b11a89dbac1bf09bd09b1a060e2fd63db4", "280bca24427f12400fd0413bb86c0bbf7170f0cef7566ae432c8469298de6271", "289ec0a1b22e2be005801b3fb2b1d48ac345742038a4bbe2192be959e7145fec", "28cb32d599283024709037c22455f78c0f9020e9b76e75cf0a3929e2c519d36b", "294a696b1863f81b97547b9b836307fea2e28097f9d27996626f82014e3816c7", "29e5f6003ef4e35779f6ab0c27d3302df6d2fce0b3beb71430d7b415a1a11cbf", "2b06c756c570200a22107b1107ace9270b21601a43ed85534d54050b4ab2f9e7", "2c3224bcbd61a4e56c857735fb012406129586c580ae4dae786ff3355205345e", "2c3f6c106919a34256fa8a3add29ce1f78b633e622533c2a0ab335c9f32b9e6b", "2cd6c35ecc0c0b83a7a103ff06ae9e4038fbdeab7ed5822ad45d508966cfe29c", "2e2ee259af95e4781cc345813c6a098906a0523021742855f71c5ea50138455d", "2e2f803de4b092596d0694243f06fe41bf1dc761499b5528fd0dccdaa430f79f", "2f85dab8d55223794894747b19f0ef61fc9eb9b4b2aafb3e77a1d6ce709b4190", "30a77605ff10125255c4b1e1f6569dbc615c270bf995261ba93324fd7735d217", "31f99431dfa0fae8cd511bb0b171a400088c34ff2cf2b053ce1c22db1fe48f0e", "32049270b2f5cfda0b0f0c7731f1ff0195acd0d6c456307598857bb82c395a7f", "33f002470773ab3083b37b2200e49d47a4e7598cfbf7bc448511cf64a1e4b3e9", "36047d2af352aa980b9cad3c4d659602795893e5fc5090a952dcd9c1221b9ebc", "37ff60c4f945a0e45ea794f60275f2765c2223cf94ef1a128b28f5b99d14324a", "3bd4ec15b4d7006c48c6dfb076ca2355aa5596bea444a2acfa0cd9ae8bd71a7f", "3cfc925e6f333f18ee59b6f7fd5ab0ab54362ca293d419a9df1459616e9ad9f3", "3d3775dcdb82786e68357acd5a7573da8c9ab00a45a362f587cce9ec28036f8c", "3e6c4f3fc0b32d48591a82aae725f8c24d2201a8887c3ce39746fd638e5f7d5f", "4092aa2cf72f9f8049b15aed564771b02e6e55df22b32dd84df1023f7a70adbb", "416aa8d052b98c97f3c0ea910d8422bda3817df5457279a5c8595d28738222d6", "421359043a6df01ccba0b86e7e772fd8adb08003a1fe7a21cf65c7cec1464517", "429f7efa1ffae3da51fcf3d3a8f88006cd5208a389963821dcf68e3f941ba049", "4435700a8e0a5dc38c9c2f5681e469092550ac803d3ff0eba25c3fe079b58d2e", "44477a21803a60e74738d5619a3029978885e617379e187ba981c588abc6b1f2", "4489cc3d5fb44ed8b9c74398fe4df16c807eb9cb4031e893889fd4645bb73901", "44f88766d121efb2c1497258e2cdea16475356520fb77e4fa97529569f46d1dd", "45b7ed6c121b1ee32bf6ff166e811dc28accd1f6fac06b9e7b9c81db0941f162", "460a90e323ca7d71b7e62f054cd91a657d3609b296d7a33eee5b42379e424881", "46b82d486c0ac15577697fb26c4cab031f0ee74b71157d186fcf4f50da133af2", "4711305ccb28942052a00b79c1eb3bb9a1a05536c062f5164d190e9dfea35b92", "471bedc3b299fd49c1cc947c8a7e1c86aeea395d6d5ecd4a46e786c121382635", "47684eaa052f94ae5c08406b2fa188e600c98e03307c1076a76360989d4371d3", "47a7756dfcf7c6052ea1534ba3ec39b0ecd108102ef8220333ae095951d47f6d", "47aead43ac3117bc934c7d9ec8dd9ab90cec420b9eb7821fc603c32c02741c71", "47be5c4f874622937d521517c120be7143f9e168a530ce459ed859aac66a2ec1", "48dbee6fd6cd9338f9b79e33b0c09f2fa8409f4fb88796e67ca545f07dc1d4f2", "48f25a1df02b30509d526645f43f80144bae6ce45f3169e72bc6f36cc65b907e", "4959a7af359e07f8693aefd905128f9e3d6c47fd66474327237df8cd5a53182c", "49e0dea7ab27ccd376baa71485996afe877625eb007f81c09f467b7452e77cd7", "4a0c6402d6d4c738b115b57712da61918d6d862797a6f6f62512a8897096d648", "4ad1822ec704e0bd7ad05256c5bb1035c217c7275c61795d408f7e50e62b2a69", "4bddd39d1066ef3d133e1d4cebd8d4400e2430ff7c42fdf389888685bc087860", "4c5f7a0ca1681f2c5c6c5d1ece00e0d03863555f41358d2c6183913f1abce91b", "4d3589494daf19228c1a02c7ae9e0dc3093b2b308e41cd5b576622ab03d26f7f", "4d68e5778a7de047918380acdb31f399e4337ef47e919f0df3bd67b840cc271a", "4e19347cde2f38e46f2ef1165b108ddf13dd251f81411da20bff7aa73c536d05", "4e577f844290b9b3e8da1fcdf155c7262420fd8e7937b7fe1db380e156ce6d83", "4e94bbbf29b3404766a6ec991a7b533031ed360bf940acc22792f876e5ca999f", "50e2e0c6c6e8982416708bb764c38ff9a97e371a61e579ade27a7035855b0f7e", "512cc8fcc450769bfb3735e99ac1685a68a8728c7914fc654dcf0cf27ab32943", "5250c91eb8ca6619b4e5cca2eaea3573d0d400e1fd12b1e8d83e6f4adf07af74", "52947ddb8b5f98beda9ab04dc96d17597cbfdb251b201890394f3ace2402f908", "539d73a462ed75f850d021ff0a2f904032b7dadf45a200fafbab1dda4da58c9a", "53eadddb6e34146a84980873832297226c245dfbf42a91bfdc33fc390a1fbdf7", "55d492feb49439eff73b34ff249e1665b1e7e9747ca178ae54744a369bde81af", "5628d90ed41793c14b86463315d93c23d3e21f7a1b6ab0dd1d12c6c317aa2eb7", "5680ea936b816efb926bfb3a19b5637e71067d3dccf6e4945847acd4e35efeff", "5688454d2c81799b01cb2a0319daca47d444026a08c7767beaca57acc5336e7a", "56c738edfdd73846992ef6140f292319cd823cc05852a5267b43742a9cb652e7", "578f211cdf4449aeca4b918e55b0fcd6d00d6b26aec5d08ccdb4ede974009b70", "5aa4e6f825f74354d811a5b04352529598282a80ef124b2821386f9787d66e37", "5b7fa6497a12fb91bc3ea06772ecadecfc717f2a2921b8961a7fb980e927fed0", "5cdf3f861d027aea2acba730dfab176f678f296d94f78e1af750dc0dafbc3352", "5ce8d2199a737e71690bbbf89dc5e98d549a1f49fb500b04917a283e44fba1b6", "5cf109a56acec830c8f4e845d2100fd89693136491aaef3548b93565e64d9d3d", "5d47c745db20b7afcdd1b6104d625a779353bb952434f26ba29a989ca1c0038b", "5e2a9473bab07713bc42a5b5576a7de85b7708f679d7d4668e529aa6d051df9d", "5fce9cb98a8b03290f92c268f2bc2dfeaabdbc19c61956874138fd75877f2398", "5fdd217a2fdce33fc2ac86e11c8df186651f790511394139bc9b7ed15c6aaaea", "5fee4464507742e62c892cc5ba9bd1559ebfab4ec4c16574c4f677a573f36d97", "5ff5e468c2b91aa4bc26f4ac8de47be1bb300643239ec69a5d0a29f0aa2f0abf", "61a6435908f621fa39a719e4c1fda2c7e7e62c1c1c87e5e871a2df2cdebc7c1c", "6637ed36a3c13773ce6613b66d8b0a0fedee40583fe7ba5e5c12a54502fbc2d0", "66e764f08aa8bb806d9761be7a5dad214466581a855b19a975c89f6fc224b5ed", "689cb3df8b60c04c02b72a4f9fc2f9ccce0b76e00996353a78e863ed3b6728cb", "6acd7d71183cebb01a6bfd57362e2b252a52b6526b77cb869741f09c85e9b955", "6b6706a8e5428f42c263ee7d88e6aa42d8f2211abf61f429cf5fbb4ad0236cd0", "6c9a94af4eadc1b6ba7f9827bc7fa832fe8f8b515cf96d713616484a1e37a641", "6dd84ad54be2d0c4a3a8f8ecd3385bccff471ca5d9c1358c594d1c5c7cc47f95", "702324d5ccd0076adc3844b62dc0fc504dfc4ba21e8b67338cecfecdafbbef9d", "7097befe2e0c22860ed40f28f3fcfbe5a8fdf2c6d7537200de4f772cbfaad11c", "70b94ed1df141877c57db80e97913bc69ef79996e84f96492f6e201efc1610e5", "7175f1930f87aa1d55ba914c08bce3d4786678b181ef0394f24c0f6dcf0fa96a", "7247efb7a6312337d743f5853779db4b64b8e00fc4e21b353fd9882764a87898", "72eb26c59cbe2073fd62949add83fae1fa6069b7232c780d9813a0409b56b508", "739d8bc8af25fad737c65207dddfe0f143c27bdfd0ace8b3d6220507a831a903", "7453dc4f6e192e90286021fae45a6110c2061ab4f47960c7e55bd8224989673c", "771936c0aa5dfec92110b3b7b6d9b3d21de6a057ae0cfc9ec69b9bca4bd4587e", "77aeec9e1dafd233bd395f355c468eb803a5f3f8084425e2eba865be36948971", "77b2aca27171fd740a3abbbeaaa66f5ea21ac9d45327dd7ef950fa8001a89390", "78b893775edce9b696a45f885bb9f33dc2e37ae1de49a88c31b9ccfbcf7fd883", "7a50f2279d32284037a1b84f3d2c857cfe52e0582bc0a638a071f5be29133a0b", "7cb08257f399bb3f4fa6684ad39a66290cba35fddc9776c2396c0c40e9088537", "7d4a0f8719c255e5249f3b98e1c81563f6fc40325d518e9429da0f7cbf86a37d", "7d7a7eab35704d05889f75255d542dbd4ef29e25b56a3fa1e380873e1732dfb0", "7f439dfd7d1fd3ec46c709a721673d0f49062f2e8932e72491a0957e0c50720b", "7ff564ef7d8b99a83c8108de5a9ae88d7b0284392ba50f5af6c1923cb6c0fc50", "82793f88740bbb2abafb99ef09112314f1fbea11f2823e4e2adea1f10cfe7f17", "839ab16d7fc82d4b0200798158d21770a07ba298995e470054ab75d7ef6ab22b", "83be2e17be080badb5096395575a88b9e72a7685f393825956cc549dc9132d83", "8447204bc06a727d79f94588d4f1d83708a50cdcd2fa53fa675fdb60ff727597", "85472a48bfcb69e97c048613435f062256e770d16c56a7bf5f851164ac427816", "8554803f15e4b17e467bcca5c6f8e9ba66b8c6b02278f806eabc193bfc017801", "856963b180b57d21f83ab02adf8673856193e51bbecddff081ab7b881c56c347", "868a86697980f9c8d81884ba8122a07070cc037694ae798a3a8fed62f40a5996", "889fdc14cf3f01c4e906eeccfe87986ffced93d3dfa5e6c4d863885687ece2b4", "89f64967d31d4b7bc7025e92ba0a30902dcc0bd1c2fe20984e649a9a3a1d29c0", "8a78c0ccd8b683cb635367eb5f1118e18939ab48e1030b25221caa90c3caf8f8", "8c35193913219a4891e0654f7d9daf2d50d920712ba88fdd5aa410a7f79c5060", "8c54ed49dd9e932ae1427e6488272b7683b4e4c067b12ecfe9e55be74eb6d256", "8c555c566a868ef4437a80208b2a0bbd27cd8eb27e088357fa35ecc57176a004", "8cdfabc5e3d339aaf2101242e1954f524a39d8dffeac76022c3998cf4c466362", "8decd0228c9ce9178416df858650d24a58a5637e15232a002bfb632f034d9fb1", "8f75adf4a0748d06681645df7cd8cb4371499372a4d1318a3671c9b9d0827e82", "8f854f92706413942d9d10996a070fec2d211d69dae63732c5c64017bfec0341", "8fca4e6df7f8e0808da8688376a114d9957d95eed0e93f1bbe2bbe952e0f0c6b", "8ff7b013639cc9cdbe90b02a62f17d827959fe4353028fba87cbb05ae142be84", "902523fa3d9206e30313a4c77ffd89f63b44c2b48c7dfc1fd0d59720a007f0f1", "9096e16db1592cd24ee535d645edd52f85560be568437d664d7847c27d537fd8", "92f5e020d9f3c8e3ed77089ca03ecca9af6ed146c48ae50af6c5c1e392ea7f10", "944f56345fff1eb074bfa5b93bf81efe7055e903f8b87ce9ab433f9a1cda7856", "95591a2aae668e0179590d200aea9f293c3bb8a7e86fcb7c30f71dff1d5bb093", "956f107aca9abae5d8c7422bfac694dda500fb3159efafeaebcb7d79aeece859", "959e244f1e5466a16cef605a235eeec3deb184c3c55c5ce5798d9cbb75d7dbb5", "95d1f53ee91fd8056cf9a5c4c4d23f6c5b73a75a83bd44c72a61b9fe15ce41db", "96c7946ac06c201f53e3e00e9c2689d6d1506c1f07b2c81dd9db3e730bc57b2a", "98ab2a0d305216f920804d2426903536923548a51dc77026f696d419290ef654", "98b8b17b2b405da4e2edc864ee6c67940241f3e23be0f06c70bf2ee8ef537d13", "9ad85647c7da35c8be4c918dfa0b0ebc9338c636ab4a3fc1129275e72ce2b703", "9c6d9d46d73f6cb260fc2ab53a8d43515418bd5ef7f1d94aec9be043604362de", "9c905b573cb482a01f6f99f987422051f5812662301cf1565a36501b187cf358", "9c98b0579ebc8f5bcf88834184ef704917aa619d9baf66cae952671840401d29", "9cc3fec4ffb9e8532e540a0fb0e499904c624baed7f31a31918f19f4740e5331", "9dbc2e5780f09316dbfc42aa5f74f94623b4630ca0387da666dd6d4ebaf7a685", "9e753a7301caf02a128fc81e8d32fbe32949233f35baabcb8eecec7734d83959", "9e8072224a6c9cdc65459c889969b5551a8c375a86c68b05622283334d702d49", "9eac0f858047b0c645b50e072572b3e502d4ad939f8f2ed55b29f558a52d2de7", "9f0545010f49502c559fb9fcd8f0a217edc0993807cde3c63459702840ffd77f", "9fe93f26c37754d4b921c7e6e832767fd0a12c1982d2c74ed936bf78cf50ea79", "a015804ed3476ca89c2df77c7d26fc6ea6f211f728d2db9f3d4e31d193105200", "a018f53221e17863ec4c57dc4719e5eb846da09ed0ec88edf60c3e3b5d1062ab", "a0c9b2a40f4b67bc1cd335ce5a91b370ac3cf69ca17934d982253ff53f0431ee", "a24a1b448f88953653b287d6dc05a4312e5e9e2a4a83a3a894992edd8b310e3e", "a4306e1ff42f1e1c5d8917be62555855f36b0113e439894e11bb1083ff4c3f88", "a4bfed6c50cdfec28cbb74ba6979fd6844d61c688476152e3bb1bfd01221218c", "a4ed9f47da5baa27fd9f4c9ec32cb938fd5b62c6342f7cef065ba88203374594", "a57f7bf70cbbdf057aa93f1895a14ac03fe8caf1c4788a3147e8b94f72620970", "a7af3d148b66c072d24fd01ee93a74c8520fa33e04b755e0014ebaab840947d5", "a7e53346ead64cc851b6719a90c3707a1c1ad52ceafddb4c34490d40e443a2b1", "a87f977a65f4ecfb1a538a08df011aec0b609c0132a5455d47fef7fce7ca502f", "a89557958492dcb0618191b5dac41e04b2e4e0ef69d158bba04d693c63e0ef92", "a8bf7411bb8c956792058490586b3f0392288697d4a32b3875ac27c8788cb0cc", "a902a0144787d968b80d97aaa7315772f5ac5c39a7a1fb62a4f18936f01a7a32", "ad97d03bbdfdf792237d1e2002fdbbcf60108660f0270e11ded846ace24cbba1", "af689cf4cf4d1a8b27f2741b08cf0ddcda3057b6d91a7f89eed085c9a14b2f0f", "af8df4d876736b45e46468f3413f0574ca5989b1ac4616ede52eecec0e969e55", "b0678e9f66463c842565851be5c184b31521d4a9de7ac6c2dc93a4105168532e", "b0e9c485f9992a448975a9f3421db6e688c5c6428a95d716a14380449296da68", "b1f21f7dec397f2b2a276b343c6669e046c808ad3cebf74897df620a41da4c43", "b40437005419f7ea4bafc1cf0040789b6d4f3fdbba4ea88e8ceb96831557be75", "b53bce881df88d157e3234997f81e81ebb0a2550e18ec9fe3852d044cd18aaca", "b5fff3a5d5bb066e8a50153f3fadb6ffe27015bcf14684c15bd8f69b1689cfd1", "b6baec21b5a1a355706098da9872d4616e2c04c3cc18d77c994242f292a2bf3b", "b7cd31e7a706dd23d9af0930944a4307a5d30299d3f068dfd4eb260d0c4be3e0", "b9d6ca428dcef5bc9ad99c6b1514ebb713f4cc1884fed5754684f123aa7b7861", "ba376cd6e66fe40f33474cf2d1dc88f18488093de43bc3b70cc8e1ef0357a46d", "bb14cfb1e548974a943d46de2dc9efd6889946a42a5e032649a588c4f1d66d4f", "bb87d14f547fd2525cdeccadd44e517245af21de7b790ad9a22f800119f35717", "bdbdb6473fb22bc5f27657037d62ece8905a526a9885607d89d420a7c3c5c987", "bea8779666086de951c85a5094b8548bb2cc522279807df6f39d30d38ec94b46", "bef1cf9e4b9debf0dfe52311acc08970c6a7d86ffc7b230eea70f9b92734cd4e", "bf0eb7710f2df88da6e63a92fd0afcc215f3a01ed15779597077376e168ba4a4", "bf115fbe42896fe43f82584206c241e8ad02904d884969d8205c4773c5e76344", "c06dfe544541f3a443b3ad50b79644163137d89713e2e5ce6a4644c89466a16e", "c08cf5366005ec31ad73a758bc2c15018625905b4370cf7a1ed7fe79f63f4742", "c1afc0dd5d6ecc428d8d2a214055f000b6b75272e5b2a9efd1a8e2dd3d5afb5b", "c28c1cb9b9b21d68d81383c8d98c5ccc120d28863021dc9c0b263f78d7f95e18", "c351fbc3488fe418aa29d64a453eccd9e18965bad06af2d89906a187a70faab9", "c525720bc573020fb01d91db146fefdb0f2fff3a326c2aec1a5eae9ebb3be126", "c5b969d7031819ebb3eef2b7cfc763d989108d580e2cf758c0ce537ba83ec408", "c64c15d688a4b9cf3e38a848d4da27f7409c1483472fc78ead070d49899cc18a", "c70d879205a0effc6e24f5822ab603e5536f795ba7e5729c097b5a5e23df1e23", "c730937fe624661153c2527c81ba4f6d68d4d2ceedb07de2e460f4206049e60e", "c837d5a619a3be2df73040c8cacb9676ebf39432feb00654cc05832c9207bfe0", "ca486ab42a686f4bb314a82dcd69fd9e0d244366912e5b679668e4d6a54cc132", "cba75d66c38738b2caae063d516815076b0f7ca3d1151e22847aed2fd5ceec11", "cbd90b9613284068ce895a28ca929b3e11f23324c8dd16f4f120dd7bdecefe78", "cce4e9ae325fa498b06533816e2cbefb163c7ea57000495847abe6643543bef8", "ceb766f3f653f411954d6256518cf1a0b3814861962271eeea6135d9642eafea", "cfedc854208d059d02dbef0831b5613d98d36e6bcf3bc25940a2d0b8ddedc38e", "d2b763f0787beef257c4f8ed64513b7cbec15f563e6188eb48e2ec73a238d025", "d2faccfec046d7363bac2f547db5b0f18affc0eb54bd1c98770cc12e0c59e9c1", "d3b6150d0ce690884e14c19465b01af68f3384896abd0b47f5880df06e456c81", "d641e8ce142b1a29e1714788c4da1d741f03dec72673db3010883a4234ce1480", "d707bbf64c7352193e8115cf600ba867c2f3941ce5894339051c806e00a97d1e", "d7ce374ccf8a64405728037e3977a76d3e2d7f575639abc3bc2f6f62bded5249", "d8d345af04e1849f6eb7f972564e6d969c46f390c035034f682a6cdc40bac5dc", "d9169faf922185fdc8c600bf51f618f9e0a4e7a58344c656973d3eb9227c5de0", "d939e3d72eb12d47875f958f1c76596034b94710c6a5be2151d6067a1108ddca", "d93f4f09f7ba919fa70576666fa95cf479d9bd80e72fb7db2bb01683a2ab4c24", "d94a07fec69e51dc022e21d80328fb9c8f4e432201c34b78fe8fc418eafb3632", "dab813473e21cf1ebe0de87398c80f96c30cdec76ac036eb69d768457dd8ede8", "ddc7e14577affcbe8889dc2b36620d3a317fd5d9eb3d440595ad1f3e8ab076d0", "ddd008959206e69cd1c07a603927aa635a88add2963eba3e1f660e550738ea9e", "defbdfa0c287eb3ef54d549a5d9e8ba1511d5b0b15cf9815a9c91f852b62ecb5", "e06ce5a58a59c746a2477e1633e7eafbdb93266665965ca122c8a80066e2b320", "e16e0d725dc93d06915ec1d054e31fc29804eab9ff763962a8d5cb821d4ae11d", "e22b4efc7fd08db0d94e5250094c2f006b2fbb7aa09fff5222e84c0ff78dd909", "e2397c9802f5b3bf523f621808cb00a2bc9e4863d4b68801b5e282c322ee7df1", "e37b3cb7d2c4d98a9236f479d5330a641f37ae5358082df4cddd7b015872e75c", "e44a7ab9601da3ea8723bf1330982e56970f9ec4f5e58503bcd26446376ce8a2", "e4a54c1960b09c392a68b2b571598dfaeb3d3bcb2126b01bce1f34bb29c32873", "e4a9082b7ff831f7f40e3d6c87499d597c5328b23994d98955cad2270bf595c2", "e4d42a0e687eff4491f23494a272d82217279066ce6e76ee1b939b3c05b70917", "e4e80a9ec0344a0f14055de9ee6c2ef5340e26e52f467ee38630acb90d05f28f", "e792f8c96c967a28d91f9ea9b8d241b18551b6adbaa497c27a24ac9a985aeb72", "e8d64175449030f9e3f7fb1e4247b28dbf9c88ef46b2e18573dd599e025dbb9e", "e8fb86a871722a5084f4aa1a242a4ece7d21bba9321eea6985c37d2e8cdedcdc", "ee2849a6086a7684a4c7f18000e03eba6517c258aebd5f623758d65b0ae24613", "eea74e11082be8966d2004264bf025b7802a2965dfd2141555de2082931dcf37", "ef3fa1f5994c06693f796739a23c73eebd545518cf84333c0958b9e71427fba9", "f05056047e3051a1e71e5c06e7f27f8723875c07688fc73e83003f847cf24a29", "f0a67aa44a2a19a22b1c59cd6ea6ca07ec866a8f6b5ad0b1c1293edc764b2f3c", "f0b3cb2507fc747335d2fbdd4b294d92a61d0c991a3311a85dfda56e82da479b", "f3672675be78c502c0bf7875a992c3fe201aa985794192e9bb203432b67e1d79", "f4277d56c36099c444b1f85f264a14f72cee5a1e2fe54bc2c42439c36f7842de", "f46509ac0a9d0f0dd432e888590ee088cc9e09a9fca22ec95fbcad4a0f6c7b73", "f5be456f064bfeffdaf3fa10359fabf6ca5893c88135eff6a6c34aefa80e82ef", "f5cb972bf35e3ce081a380b70c82ee72dc7dd49cf1416af30683285339278071", "f5fd58758e0209f0e6a7648d7102569bbddf7bc6e2ccbc00fb1cd2ea6714b355", "f6768240e9a8c490bbc907ba4db523d6a56db466d1d20ad805b87416a4295394", "f74b05186a92e89fd15ffee842baad15e54348e0f424259cdcf063328ece105d", "f8130240d37f02784a3b79cf53e8216d159d25302ea1c6cfc919a3c8653a9b27", "f86a5776ad71b793d4e748b5bad0000cff51ac3e791ab2be17f1d0cacf6fac28", "fab4b6a9bac9f9e226b86eccdbb8f766594168fc083b6a7cd722c3da68e4c311"], "iocs": {"domain": [{"hashes": ["0134f50d273b3bbfc40f69b037ceeb8c4a0f9c57ef55e14cc564b2647c91d50b", "0308c618d462657e6fa1ab1566ea439fe7bc8fa175e00c3b3cb92b7de0a15fad", "0339ade6fc92c17d85d0a3063e1090d1d88f3e7013c63f962ac238ca6a5be0f2", "03dd7a9a03627752acd6276135953f4e23a567211cda122055fe945ac058547e", "04049bf401f386b71c3f9370076fa0388ef36317379bd27a3d77521f319ef66c", "05a90746447511e32622f90440082d5ea344c81f408f2a8180a1a62554f4e563", "06b5d0d4827be79fc4eb1f518ad2f64cb8011c878172e0f44f9563b7233060be", "072854dbde422a9f17539752183436f9df9e13cd508e0705adf0a2fedd4b01c6", "079bb9784c275de6cec815b7fd8fc1ad35ce0cbaabbb5108ebf741fcfd02c008", "08db7034fce7c18a40454d7d3371739a5a27b324f07a3a84ece5daec32d1b78e", "094128fb2e38e2feff3360d922c08340c5ab51f4e5941d4b2e5e4e136886da40", "09cb932db632c40a5da9d5b50bac23d3aaa68a69bfaefdd6f9763d61ede0c343", "0afe581c70113703a47f4a4a320025d8c42287f3d2b0f50294417e1105d4265b", "0b66628a42bf861e41ac999ecef8edd7e200cbea9127c0eb6b3c1b94894a9cfe", "0b66ff19dded846c3ac661dda9a53af6fbc4f87164d160de4077164992152a65", "0ca014f86962ffa520a1761912131c403e38f512ea37dae6d6ad669c9c5a3e6d", "0e8761857683220f2f36a62feb8ed9912a555bbcfbca1e38edb201ca1cd91561", "0f04fc60a33db62f9f2683efeb0f13701cb2847fe33b15391fb1038162481243", "0fc67b499b0d5c5a42183bcdfb947fe44e3684597844f75e9d88bd9a9b3630d9", "1014177749ae458c7ac423564a0eda01319c5b68ea6b6c1c177e600a10d822eb", "101ddaf72d55116c5f72c5d5226f7aa8e7d7814c7cf28503e97a6eaf9e8e22f7", "106e36ed4efd530cadc507496a32ba2fbb3f40e6e6a860128c38dec4cb56767e", "11df0c2317b792d8e2c71e51cba375f26fa79c3893dee13bc5b3948b173cc128", "12d34ae371b5b947943eb4feb650c8e8549e74f3d17a178bbdc9e129ff555f76", "134cbcb9d9f7d69f3121eeeb8e6fd0b69075ec5755d34b1bb84506507c2fa804", "14e9065ecc478c011cdd3be32626706e32a2ae16b8e8abc785f610f369e640f1", "17c76e2e811e75062c333aa263aa8f1800f8f1bc5f6909b021c872fd9d5d1856", "18c31e85259273e6dc438f1b96136ee59f6729e043e31a927ddd5fa4ae2fa33c", "1a02515c612ec31e7cb0edd12649c2e5c7db6e9bd4eff0d969d7a42bbdd8a9cb", "1b2953efae71ba7d7741ce06be87e804257131ac0b14ffd59fb3c95ab800851a", "1ef25d6351df3dc68796c5accbee97d0222a5b1c2244430860266e613aebd969", "21115d414e5926ca60587ca7d9a6f2cd653663637344175fbbcaf77826758c63", "219cc3967aeabb6e569095a9e96024c387835937c16f01d4e929b30bc3e4c343", "2211d255c056d866229c85c779427986eefe2772d327739040a3ea4d2dd7e111", "22adcaf31287f6a953c48fbee75626cbb9b8a8f6ea07863637ef9037a299aa36", "259acd15dd50eda6c0f8f42a2538bf691f9749e77c4b2ac4cba725607812f4ed", "280bca24427f12400fd0413bb86c0bbf7170f0cef7566ae432c8469298de6271", "289ec0a1b22e2be005801b3fb2b1d48ac345742038a4bbe2192be959e7145fec", "28cb32d599283024709037c22455f78c0f9020e9b76e75cf0a3929e2c519d36b", "294a696b1863f81b97547b9b836307fea2e28097f9d27996626f82014e3816c7", "2b06c756c570200a22107b1107ace9270b21601a43ed85534d54050b4ab2f9e7", "2c3224bcbd61a4e56c857735fb012406129586c580ae4dae786ff3355205345e", "2cd6c35ecc0c0b83a7a103ff06ae9e4038fbdeab7ed5822ad45d508966cfe29c", "2e2ee259af95e4781cc345813c6a098906a0523021742855f71c5ea50138455d", "30a77605ff10125255c4b1e1f6569dbc615c270bf995261ba93324fd7735d217", "37ff60c4f945a0e45ea794f60275f2765c2223cf94ef1a128b28f5b99d14324a", "3bd4ec15b4d7006c48c6dfb076ca2355aa5596bea444a2acfa0cd9ae8bd71a7f", "3cfc925e6f333f18ee59b6f7fd5ab0ab54362ca293d419a9df1459616e9ad9f3", "416aa8d052b98c97f3c0ea910d8422bda3817df5457279a5c8595d28738222d6", "421359043a6df01ccba0b86e7e772fd8adb08003a1fe7a21cf65c7cec1464517", "429f7efa1ffae3da51fcf3d3a8f88006cd5208a389963821dcf68e3f941ba049", "4435700a8e0a5dc38c9c2f5681e469092550ac803d3ff0eba25c3fe079b58d2e", "4489cc3d5fb44ed8b9c74398fe4df16c807eb9cb4031e893889fd4645bb73901", "44f88766d121efb2c1497258e2cdea16475356520fb77e4fa97529569f46d1dd", "45b7ed6c121b1ee32bf6ff166e811dc28accd1f6fac06b9e7b9c81db0941f162", "47684eaa052f94ae5c08406b2fa188e600c98e03307c1076a76360989d4371d3", "47aead43ac3117bc934c7d9ec8dd9ab90cec420b9eb7821fc603c32c02741c71", "47be5c4f874622937d521517c120be7143f9e168a530ce459ed859aac66a2ec1", "49e0dea7ab27ccd376baa71485996afe877625eb007f81c09f467b7452e77cd7", "4ad1822ec704e0bd7ad05256c5bb1035c217c7275c61795d408f7e50e62b2a69", "4d3589494daf19228c1a02c7ae9e0dc3093b2b308e41cd5b576622ab03d26f7f", "4e19347cde2f38e46f2ef1165b108ddf13dd251f81411da20bff7aa73c536d05", "4e577f844290b9b3e8da1fcdf155c7262420fd8e7937b7fe1db380e156ce6d83", "4e94bbbf29b3404766a6ec991a7b533031ed360bf940acc22792f876e5ca999f", "539d73a462ed75f850d021ff0a2f904032b7dadf45a200fafbab1dda4da58c9a", "5cdf3f861d027aea2acba730dfab176f678f296d94f78e1af750dc0dafbc3352", "5fce9cb98a8b03290f92c268f2bc2dfeaabdbc19c61956874138fd75877f2398", "689cb3df8b60c04c02b72a4f9fc2f9ccce0b76e00996353a78e863ed3b6728cb", "6dd84ad54be2d0c4a3a8f8ecd3385bccff471ca5d9c1358c594d1c5c7cc47f95", "702324d5ccd0076adc3844b62dc0fc504dfc4ba21e8b67338cecfecdafbbef9d", "7247efb7a6312337d743f5853779db4b64b8e00fc4e21b353fd9882764a87898", "7a50f2279d32284037a1b84f3d2c857cfe52e0582bc0a638a071f5be29133a0b", "7cb08257f399bb3f4fa6684ad39a66290cba35fddc9776c2396c0c40e9088537", "856963b180b57d21f83ab02adf8673856193e51bbecddff081ab7b881c56c347", "8c35193913219a4891e0654f7d9daf2d50d920712ba88fdd5aa410a7f79c5060", "8ff7b013639cc9cdbe90b02a62f17d827959fe4353028fba87cbb05ae142be84", "902523fa3d9206e30313a4c77ffd89f63b44c2b48c7dfc1fd0d59720a007f0f1", "95591a2aae668e0179590d200aea9f293c3bb8a7e86fcb7c30f71dff1d5bb093", "9fe93f26c37754d4b921c7e6e832767fd0a12c1982d2c74ed936bf78cf50ea79", "a015804ed3476ca89c2df77c7d26fc6ea6f211f728d2db9f3d4e31d193105200", "a8bf7411bb8c956792058490586b3f0392288697d4a32b3875ac27c8788cb0cc", "b1f21f7dec397f2b2a276b343c6669e046c808ad3cebf74897df620a41da4c43", "b40437005419f7ea4bafc1cf0040789b6d4f3fdbba4ea88e8ceb96831557be75", "bf115fbe42896fe43f82584206c241e8ad02904d884969d8205c4773c5e76344", "d2faccfec046d7363bac2f547db5b0f18affc0eb54bd1c98770cc12e0c59e9c1", "d8d345af04e1849f6eb7f972564e6d969c46f390c035034f682a6cdc40bac5dc", "d93f4f09f7ba919fa70576666fa95cf479d9bd80e72fb7db2bb01683a2ab4c24", "f3672675be78c502c0bf7875a992c3fe201aa985794192e9bb203432b67e1d79", "f6768240e9a8c490bbc907ba4db523d6a56db466d1d20ad805b87416a4295394", "fab4b6a9bac9f9e226b86eccdbb8f766594168fc083b6a7cd722c3da68e4c311"], "host": "apps[.]identrust[.]com"}, {"hashes": ["0134f50d273b3bbfc40f69b037ceeb8c4a0f9c57ef55e14cc564b2647c91d50b", "0308c618d462657e6fa1ab1566ea439fe7bc8fa175e00c3b3cb92b7de0a15fad", "0339ade6fc92c17d85d0a3063e1090d1d88f3e7013c63f962ac238ca6a5be0f2", "03dd7a9a03627752acd6276135953f4e23a567211cda122055fe945ac058547e", "04049bf401f386b71c3f9370076fa0388ef36317379bd27a3d77521f319ef66c", "05a90746447511e32622f90440082d5ea344c81f408f2a8180a1a62554f4e563", "06b5d0d4827be79fc4eb1f518ad2f64cb8011c878172e0f44f9563b7233060be", "072854dbde422a9f17539752183436f9df9e13cd508e0705adf0a2fedd4b01c6", "079bb9784c275de6cec815b7fd8fc1ad35ce0cbaabbb5108ebf741fcfd02c008", "08db7034fce7c18a40454d7d3371739a5a27b324f07a3a84ece5daec32d1b78e", "094128fb2e38e2feff3360d922c08340c5ab51f4e5941d4b2e5e4e136886da40", "09cb932db632c40a5da9d5b50bac23d3aaa68a69bfaefdd6f9763d61ede0c343", "0afe581c70113703a47f4a4a320025d8c42287f3d2b0f50294417e1105d4265b", "0b66628a42bf861e41ac999ecef8edd7e200cbea9127c0eb6b3c1b94894a9cfe", "0b66ff19dded846c3ac661dda9a53af6fbc4f87164d160de4077164992152a65", "0ca014f86962ffa520a1761912131c403e38f512ea37dae6d6ad669c9c5a3e6d", "0e8761857683220f2f36a62feb8ed9912a555bbcfbca1e38edb201ca1cd91561", "0f04fc60a33db62f9f2683efeb0f13701cb2847fe33b15391fb1038162481243", "0fc67b499b0d5c5a42183bcdfb947fe44e3684597844f75e9d88bd9a9b3630d9", "1014177749ae458c7ac423564a0eda01319c5b68ea6b6c1c177e600a10d822eb", "101ddaf72d55116c5f72c5d5226f7aa8e7d7814c7cf28503e97a6eaf9e8e22f7", "106e36ed4efd530cadc507496a32ba2fbb3f40e6e6a860128c38dec4cb56767e", "11df0c2317b792d8e2c71e51cba375f26fa79c3893dee13bc5b3948b173cc128", "12d34ae371b5b947943eb4feb650c8e8549e74f3d17a178bbdc9e129ff555f76", "134cbcb9d9f7d69f3121eeeb8e6fd0b69075ec5755d34b1bb84506507c2fa804", "14e9065ecc478c011cdd3be32626706e32a2ae16b8e8abc785f610f369e640f1", "17c76e2e811e75062c333aa263aa8f1800f8f1bc5f6909b021c872fd9d5d1856", "18c31e85259273e6dc438f1b96136ee59f6729e043e31a927ddd5fa4ae2fa33c", "1a02515c612ec31e7cb0edd12649c2e5c7db6e9bd4eff0d969d7a42bbdd8a9cb", "1b2953efae71ba7d7741ce06be87e804257131ac0b14ffd59fb3c95ab800851a", "1ef25d6351df3dc68796c5accbee97d0222a5b1c2244430860266e613aebd969", "21115d414e5926ca60587ca7d9a6f2cd653663637344175fbbcaf77826758c63", "219cc3967aeabb6e569095a9e96024c387835937c16f01d4e929b30bc3e4c343", "2211d255c056d866229c85c779427986eefe2772d327739040a3ea4d2dd7e111", "22adcaf31287f6a953c48fbee75626cbb9b8a8f6ea07863637ef9037a299aa36", "259acd15dd50eda6c0f8f42a2538bf691f9749e77c4b2ac4cba725607812f4ed", "280bca24427f12400fd0413bb86c0bbf7170f0cef7566ae432c8469298de6271", "289ec0a1b22e2be005801b3fb2b1d48ac345742038a4bbe2192be959e7145fec", "28cb32d599283024709037c22455f78c0f9020e9b76e75cf0a3929e2c519d36b", "294a696b1863f81b97547b9b836307fea2e28097f9d27996626f82014e3816c7", "2b06c756c570200a22107b1107ace9270b21601a43ed85534d54050b4ab2f9e7", "2c3224bcbd61a4e56c857735fb012406129586c580ae4dae786ff3355205345e", "2cd6c35ecc0c0b83a7a103ff06ae9e4038fbdeab7ed5822ad45d508966cfe29c", "2e2ee259af95e4781cc345813c6a098906a0523021742855f71c5ea50138455d", "30a77605ff10125255c4b1e1f6569dbc615c270bf995261ba93324fd7735d217", "37ff60c4f945a0e45ea794f60275f2765c2223cf94ef1a128b28f5b99d14324a", "3bd4ec15b4d7006c48c6dfb076ca2355aa5596bea444a2acfa0cd9ae8bd71a7f", "3cfc925e6f333f18ee59b6f7fd5ab0ab54362ca293d419a9df1459616e9ad9f3", "416aa8d052b98c97f3c0ea910d8422bda3817df5457279a5c8595d28738222d6", "421359043a6df01ccba0b86e7e772fd8adb08003a1fe7a21cf65c7cec1464517", "429f7efa1ffae3da51fcf3d3a8f88006cd5208a389963821dcf68e3f941ba049", "4435700a8e0a5dc38c9c2f5681e469092550ac803d3ff0eba25c3fe079b58d2e", "4489cc3d5fb44ed8b9c74398fe4df16c807eb9cb4031e893889fd4645bb73901", "44f88766d121efb2c1497258e2cdea16475356520fb77e4fa97529569f46d1dd", "45b7ed6c121b1ee32bf6ff166e811dc28accd1f6fac06b9e7b9c81db0941f162", "47684eaa052f94ae5c08406b2fa188e600c98e03307c1076a76360989d4371d3", "47aead43ac3117bc934c7d9ec8dd9ab90cec420b9eb7821fc603c32c02741c71", "47be5c4f874622937d521517c120be7143f9e168a530ce459ed859aac66a2ec1", "49e0dea7ab27ccd376baa71485996afe877625eb007f81c09f467b7452e77cd7", "4ad1822ec704e0bd7ad05256c5bb1035c217c7275c61795d408f7e50e62b2a69", "4d3589494daf19228c1a02c7ae9e0dc3093b2b308e41cd5b576622ab03d26f7f", "4e19347cde2f38e46f2ef1165b108ddf13dd251f81411da20bff7aa73c536d05", "4e577f844290b9b3e8da1fcdf155c7262420fd8e7937b7fe1db380e156ce6d83", "4e94bbbf29b3404766a6ec991a7b533031ed360bf940acc22792f876e5ca999f", "539d73a462ed75f850d021ff0a2f904032b7dadf45a200fafbab1dda4da58c9a", "5cdf3f861d027aea2acba730dfab176f678f296d94f78e1af750dc0dafbc3352", "5fce9cb98a8b03290f92c268f2bc2dfeaabdbc19c61956874138fd75877f2398", "689cb3df8b60c04c02b72a4f9fc2f9ccce0b76e00996353a78e863ed3b6728cb", "6dd84ad54be2d0c4a3a8f8ecd3385bccff471ca5d9c1358c594d1c5c7cc47f95", "702324d5ccd0076adc3844b62dc0fc504dfc4ba21e8b67338cecfecdafbbef9d", "7247efb7a6312337d743f5853779db4b64b8e00fc4e21b353fd9882764a87898", "7a50f2279d32284037a1b84f3d2c857cfe52e0582bc0a638a071f5be29133a0b", "7cb08257f399bb3f4fa6684ad39a66290cba35fddc9776c2396c0c40e9088537", "856963b180b57d21f83ab02adf8673856193e51bbecddff081ab7b881c56c347", "8c35193913219a4891e0654f7d9daf2d50d920712ba88fdd5aa410a7f79c5060", "8ff7b013639cc9cdbe90b02a62f17d827959fe4353028fba87cbb05ae142be84", "902523fa3d9206e30313a4c77ffd89f63b44c2b48c7dfc1fd0d59720a007f0f1", "95591a2aae668e0179590d200aea9f293c3bb8a7e86fcb7c30f71dff1d5bb093", "9fe93f26c37754d4b921c7e6e832767fd0a12c1982d2c74ed936bf78cf50ea79", "a015804ed3476ca89c2df77c7d26fc6ea6f211f728d2db9f3d4e31d193105200", "a8bf7411bb8c956792058490586b3f0392288697d4a32b3875ac27c8788cb0cc", "b1f21f7dec397f2b2a276b343c6669e046c808ad3cebf74897df620a41da4c43", "b40437005419f7ea4bafc1cf0040789b6d4f3fdbba4ea88e8ceb96831557be75", "bf115fbe42896fe43f82584206c241e8ad02904d884969d8205c4773c5e76344", "d2faccfec046d7363bac2f547db5b0f18affc0eb54bd1c98770cc12e0c59e9c1", "d8d345af04e1849f6eb7f972564e6d969c46f390c035034f682a6cdc40bac5dc", "d93f4f09f7ba919fa70576666fa95cf479d9bd80e72fb7db2bb01683a2ab4c24", "f3672675be78c502c0bf7875a992c3fe201aa985794192e9bb203432b67e1d79", "f6768240e9a8c490bbc907ba4db523d6a56db466d1d20ad805b87416a4295394", "fab4b6a9bac9f9e226b86eccdbb8f766594168fc083b6a7cd722c3da68e4c311"], "host": "steve[.]dxstorm[.]com"}, {"hashes": ["0134f50d273b3bbfc40f69b037ceeb8c4a0f9c57ef55e14cc564b2647c91d50b", "0308c618d462657e6fa1ab1566ea439fe7bc8fa175e00c3b3cb92b7de0a15fad", "0339ade6fc92c17d85d0a3063e1090d1d88f3e7013c63f962ac238ca6a5be0f2", "03dd7a9a03627752acd6276135953f4e23a567211cda122055fe945ac058547e", "04049bf401f386b71c3f9370076fa0388ef36317379bd27a3d77521f319ef66c", "05a90746447511e32622f90440082d5ea344c81f408f2a8180a1a62554f4e563", "06b5d0d4827be79fc4eb1f518ad2f64cb8011c878172e0f44f9563b7233060be", "072854dbde422a9f17539752183436f9df9e13cd508e0705adf0a2fedd4b01c6", "079bb9784c275de6cec815b7fd8fc1ad35ce0cbaabbb5108ebf741fcfd02c008", "08db7034fce7c18a40454d7d3371739a5a27b324f07a3a84ece5daec32d1b78e", "094128fb2e38e2feff3360d922c08340c5ab51f4e5941d4b2e5e4e136886da40", "09cb932db632c40a5da9d5b50bac23d3aaa68a69bfaefdd6f9763d61ede0c343", "0afe581c70113703a47f4a4a320025d8c42287f3d2b0f50294417e1105d4265b", "0b66628a42bf861e41ac999ecef8edd7e200cbea9127c0eb6b3c1b94894a9cfe", "0b66ff19dded846c3ac661dda9a53af6fbc4f87164d160de4077164992152a65", "0ca014f86962ffa520a1761912131c403e38f512ea37dae6d6ad669c9c5a3e6d", "0e8761857683220f2f36a62feb8ed9912a555bbcfbca1e38edb201ca1cd91561", "0f04fc60a33db62f9f2683efeb0f13701cb2847fe33b15391fb1038162481243", "0fc67b499b0d5c5a42183bcdfb947fe44e3684597844f75e9d88bd9a9b3630d9", "1014177749ae458c7ac423564a0eda01319c5b68ea6b6c1c177e600a10d822eb", "101ddaf72d55116c5f72c5d5226f7aa8e7d7814c7cf28503e97a6eaf9e8e22f7", "106e36ed4efd530cadc507496a32ba2fbb3f40e6e6a860128c38dec4cb56767e", "11df0c2317b792d8e2c71e51cba375f26fa79c3893dee13bc5b3948b173cc128", "12d34ae371b5b947943eb4feb650c8e8549e74f3d17a178bbdc9e129ff555f76", "134cbcb9d9f7d69f3121eeeb8e6fd0b69075ec5755d34b1bb84506507c2fa804", "14e9065ecc478c011cdd3be32626706e32a2ae16b8e8abc785f610f369e640f1", "17c76e2e811e75062c333aa263aa8f1800f8f1bc5f6909b021c872fd9d5d1856", "18c31e85259273e6dc438f1b96136ee59f6729e043e31a927ddd5fa4ae2fa33c", "1a02515c612ec31e7cb0edd12649c2e5c7db6e9bd4eff0d969d7a42bbdd8a9cb", "1b2953efae71ba7d7741ce06be87e804257131ac0b14ffd59fb3c95ab800851a", "1ef25d6351df3dc68796c5accbee97d0222a5b1c2244430860266e613aebd969", "21115d414e5926ca60587ca7d9a6f2cd653663637344175fbbcaf77826758c63", "219cc3967aeabb6e569095a9e96024c387835937c16f01d4e929b30bc3e4c343", "2211d255c056d866229c85c779427986eefe2772d327739040a3ea4d2dd7e111", "22adcaf31287f6a953c48fbee75626cbb9b8a8f6ea07863637ef9037a299aa36", "259acd15dd50eda6c0f8f42a2538bf691f9749e77c4b2ac4cba725607812f4ed", "280bca24427f12400fd0413bb86c0bbf7170f0cef7566ae432c8469298de6271", "289ec0a1b22e2be005801b3fb2b1d48ac345742038a4bbe2192be959e7145fec", "28cb32d599283024709037c22455f78c0f9020e9b76e75cf0a3929e2c519d36b", "294a696b1863f81b97547b9b836307fea2e28097f9d27996626f82014e3816c7", "2b06c756c570200a22107b1107ace9270b21601a43ed85534d54050b4ab2f9e7", "2c3224bcbd61a4e56c857735fb012406129586c580ae4dae786ff3355205345e", "2cd6c35ecc0c0b83a7a103ff06ae9e4038fbdeab7ed5822ad45d508966cfe29c", "2e2ee259af95e4781cc345813c6a098906a0523021742855f71c5ea50138455d", "30a77605ff10125255c4b1e1f6569dbc615c270bf995261ba93324fd7735d217", "37ff60c4f945a0e45ea794f60275f2765c2223cf94ef1a128b28f5b99d14324a", "3bd4ec15b4d7006c48c6dfb076ca2355aa5596bea444a2acfa0cd9ae8bd71a7f", "3cfc925e6f333f18ee59b6f7fd5ab0ab54362ca293d419a9df1459616e9ad9f3", "416aa8d052b98c97f3c0ea910d8422bda3817df5457279a5c8595d28738222d6", "421359043a6df01ccba0b86e7e772fd8adb08003a1fe7a21cf65c7cec1464517", "429f7efa1ffae3da51fcf3d3a8f88006cd5208a389963821dcf68e3f941ba049", "4435700a8e0a5dc38c9c2f5681e469092550ac803d3ff0eba25c3fe079b58d2e", "4489cc3d5fb44ed8b9c74398fe4df16c807eb9cb4031e893889fd4645bb73901", "44f88766d121efb2c1497258e2cdea16475356520fb77e4fa97529569f46d1dd", "45b7ed6c121b1ee32bf6ff166e811dc28accd1f6fac06b9e7b9c81db0941f162", "47684eaa052f94ae5c08406b2fa188e600c98e03307c1076a76360989d4371d3", "47aead43ac3117bc934c7d9ec8dd9ab90cec420b9eb7821fc603c32c02741c71", "47be5c4f874622937d521517c120be7143f9e168a530ce459ed859aac66a2ec1", "49e0dea7ab27ccd376baa71485996afe877625eb007f81c09f467b7452e77cd7", "4ad1822ec704e0bd7ad05256c5bb1035c217c7275c61795d408f7e50e62b2a69", "4d3589494daf19228c1a02c7ae9e0dc3093b2b308e41cd5b576622ab03d26f7f", "4e19347cde2f38e46f2ef1165b108ddf13dd251f81411da20bff7aa73c536d05", "4e577f844290b9b3e8da1fcdf155c7262420fd8e7937b7fe1db380e156ce6d83", "4e94bbbf29b3404766a6ec991a7b533031ed360bf940acc22792f876e5ca999f", "539d73a462ed75f850d021ff0a2f904032b7dadf45a200fafbab1dda4da58c9a", "5cdf3f861d027aea2acba730dfab176f678f296d94f78e1af750dc0dafbc3352", "5fce9cb98a8b03290f92c268f2bc2dfeaabdbc19c61956874138fd75877f2398", "689cb3df8b60c04c02b72a4f9fc2f9ccce0b76e00996353a78e863ed3b6728cb", "6dd84ad54be2d0c4a3a8f8ecd3385bccff471ca5d9c1358c594d1c5c7cc47f95", "702324d5ccd0076adc3844b62dc0fc504dfc4ba21e8b67338cecfecdafbbef9d", "7247efb7a6312337d743f5853779db4b64b8e00fc4e21b353fd9882764a87898", "7a50f2279d32284037a1b84f3d2c857cfe52e0582bc0a638a071f5be29133a0b", "7cb08257f399bb3f4fa6684ad39a66290cba35fddc9776c2396c0c40e9088537", "856963b180b57d21f83ab02adf8673856193e51bbecddff081ab7b881c56c347", "8c35193913219a4891e0654f7d9daf2d50d920712ba88fdd5aa410a7f79c5060", "8ff7b013639cc9cdbe90b02a62f17d827959fe4353028fba87cbb05ae142be84", "902523fa3d9206e30313a4c77ffd89f63b44c2b48c7dfc1fd0d59720a007f0f1", "95591a2aae668e0179590d200aea9f293c3bb8a7e86fcb7c30f71dff1d5bb093", "9fe93f26c37754d4b921c7e6e832767fd0a12c1982d2c74ed936bf78cf50ea79", "a015804ed3476ca89c2df77c7d26fc6ea6f211f728d2db9f3d4e31d193105200", "a8bf7411bb8c956792058490586b3f0392288697d4a32b3875ac27c8788cb0cc", "b1f21f7dec397f2b2a276b343c6669e046c808ad3cebf74897df620a41da4c43", "b40437005419f7ea4bafc1cf0040789b6d4f3fdbba4ea88e8ceb96831557be75", "bf115fbe42896fe43f82584206c241e8ad02904d884969d8205c4773c5e76344", "d2faccfec046d7363bac2f547db5b0f18affc0eb54bd1c98770cc12e0c59e9c1", "d8d345af04e1849f6eb7f972564e6d969c46f390c035034f682a6cdc40bac5dc", "d93f4f09f7ba919fa70576666fa95cf479d9bd80e72fb7db2bb01683a2ab4c24", "f3672675be78c502c0bf7875a992c3fe201aa985794192e9bb203432b67e1d79", "f6768240e9a8c490bbc907ba4db523d6a56db466d1d20ad805b87416a4295394", "fab4b6a9bac9f9e226b86eccdbb8f766594168fc083b6a7cd722c3da68e4c311"], "host": "benefitanswers[.]co[.]uk"}], "file": [{"hashes": ["0134f50d273b3bbfc40f69b037ceeb8c4a0f9c57ef55e14cc564b2647c91d50b", "0308c618d462657e6fa1ab1566ea439fe7bc8fa175e00c3b3cb92b7de0a15fad", "0339ade6fc92c17d85d0a3063e1090d1d88f3e7013c63f962ac238ca6a5be0f2", "03dd7a9a03627752acd6276135953f4e23a567211cda122055fe945ac058547e", "04049bf401f386b71c3f9370076fa0388ef36317379bd27a3d77521f319ef66c", "05a90746447511e32622f90440082d5ea344c81f408f2a8180a1a62554f4e563", "06b5d0d4827be79fc4eb1f518ad2f64cb8011c878172e0f44f9563b7233060be", "072854dbde422a9f17539752183436f9df9e13cd508e0705adf0a2fedd4b01c6", "079bb9784c275de6cec815b7fd8fc1ad35ce0cbaabbb5108ebf741fcfd02c008", "08db7034fce7c18a40454d7d3371739a5a27b324f07a3a84ece5daec32d1b78e", "094128fb2e38e2feff3360d922c08340c5ab51f4e5941d4b2e5e4e136886da40", "09cb932db632c40a5da9d5b50bac23d3aaa68a69bfaefdd6f9763d61ede0c343", "0afe581c70113703a47f4a4a320025d8c42287f3d2b0f50294417e1105d4265b", "0b66628a42bf861e41ac999ecef8edd7e200cbea9127c0eb6b3c1b94894a9cfe", "0b66ff19dded846c3ac661dda9a53af6fbc4f87164d160de4077164992152a65", "0ca014f86962ffa520a1761912131c403e38f512ea37dae6d6ad669c9c5a3e6d", "0e8761857683220f2f36a62feb8ed9912a555bbcfbca1e38edb201ca1cd91561", "0f04fc60a33db62f9f2683efeb0f13701cb2847fe33b15391fb1038162481243", "0fc67b499b0d5c5a42183bcdfb947fe44e3684597844f75e9d88bd9a9b3630d9", "1014177749ae458c7ac423564a0eda01319c5b68ea6b6c1c177e600a10d822eb", "101ddaf72d55116c5f72c5d5226f7aa8e7d7814c7cf28503e97a6eaf9e8e22f7", "106e36ed4efd530cadc507496a32ba2fbb3f40e6e6a860128c38dec4cb56767e", "11df0c2317b792d8e2c71e51cba375f26fa79c3893dee13bc5b3948b173cc128", "12d34ae371b5b947943eb4feb650c8e8549e74f3d17a178bbdc9e129ff555f76", "134cbcb9d9f7d69f3121eeeb8e6fd0b69075ec5755d34b1bb84506507c2fa804", "14e9065ecc478c011cdd3be32626706e32a2ae16b8e8abc785f610f369e640f1", "17c76e2e811e75062c333aa263aa8f1800f8f1bc5f6909b021c872fd9d5d1856", "18c31e85259273e6dc438f1b96136ee59f6729e043e31a927ddd5fa4ae2fa33c", "1a02515c612ec31e7cb0edd12649c2e5c7db6e9bd4eff0d969d7a42bbdd8a9cb", "1b2953efae71ba7d7741ce06be87e804257131ac0b14ffd59fb3c95ab800851a", "1ef25d6351df3dc68796c5accbee97d0222a5b1c2244430860266e613aebd969", "21115d414e5926ca60587ca7d9a6f2cd653663637344175fbbcaf77826758c63", "219cc3967aeabb6e569095a9e96024c387835937c16f01d4e929b30bc3e4c343", "2211d255c056d866229c85c779427986eefe2772d327739040a3ea4d2dd7e111", "22adcaf31287f6a953c48fbee75626cbb9b8a8f6ea07863637ef9037a299aa36", "259acd15dd50eda6c0f8f42a2538bf691f9749e77c4b2ac4cba725607812f4ed", "280bca24427f12400fd0413bb86c0bbf7170f0cef7566ae432c8469298de6271", "289ec0a1b22e2be005801b3fb2b1d48ac345742038a4bbe2192be959e7145fec", "28cb32d599283024709037c22455f78c0f9020e9b76e75cf0a3929e2c519d36b", "294a696b1863f81b97547b9b836307fea2e28097f9d27996626f82014e3816c7", "2b06c756c570200a22107b1107ace9270b21601a43ed85534d54050b4ab2f9e7", "2c3224bcbd61a4e56c857735fb012406129586c580ae4dae786ff3355205345e", "2cd6c35ecc0c0b83a7a103ff06ae9e4038fbdeab7ed5822ad45d508966cfe29c", "2e2ee259af95e4781cc345813c6a098906a0523021742855f71c5ea50138455d", "30a77605ff10125255c4b1e1f6569dbc615c270bf995261ba93324fd7735d217", "37ff60c4f945a0e45ea794f60275f2765c2223cf94ef1a128b28f5b99d14324a", "3bd4ec15b4d7006c48c6dfb076ca2355aa5596bea444a2acfa0cd9ae8bd71a7f", "3cfc925e6f333f18ee59b6f7fd5ab0ab54362ca293d419a9df1459616e9ad9f3", "416aa8d052b98c97f3c0ea910d8422bda3817df5457279a5c8595d28738222d6", "421359043a6df01ccba0b86e7e772fd8adb08003a1fe7a21cf65c7cec1464517", "429f7efa1ffae3da51fcf3d3a8f88006cd5208a389963821dcf68e3f941ba049", "4435700a8e0a5dc38c9c2f5681e469092550ac803d3ff0eba25c3fe079b58d2e", "4489cc3d5fb44ed8b9c74398fe4df16c807eb9cb4031e893889fd4645bb73901", "44f88766d121efb2c1497258e2cdea16475356520fb77e4fa97529569f46d1dd", "45b7ed6c121b1ee32bf6ff166e811dc28accd1f6fac06b9e7b9c81db0941f162", "47684eaa052f94ae5c08406b2fa188e600c98e03307c1076a76360989d4371d3", "47aead43ac3117bc934c7d9ec8dd9ab90cec420b9eb7821fc603c32c02741c71", "47be5c4f874622937d521517c120be7143f9e168a530ce459ed859aac66a2ec1", "49e0dea7ab27ccd376baa71485996afe877625eb007f81c09f467b7452e77cd7", "4ad1822ec704e0bd7ad05256c5bb1035c217c7275c61795d408f7e50e62b2a69", "4d3589494daf19228c1a02c7ae9e0dc3093b2b308e41cd5b576622ab03d26f7f", "4e19347cde2f38e46f2ef1165b108ddf13dd251f81411da20bff7aa73c536d05", "4e577f844290b9b3e8da1fcdf155c7262420fd8e7937b7fe1db380e156ce6d83", "4e94bbbf29b3404766a6ec991a7b533031ed360bf940acc22792f876e5ca999f", "539d73a462ed75f850d021ff0a2f904032b7dadf45a200fafbab1dda4da58c9a", "5cdf3f861d027aea2acba730dfab176f678f296d94f78e1af750dc0dafbc3352", "5fce9cb98a8b03290f92c268f2bc2dfeaabdbc19c61956874138fd75877f2398", "689cb3df8b60c04c02b72a4f9fc2f9ccce0b76e00996353a78e863ed3b6728cb", "6dd84ad54be2d0c4a3a8f8ecd3385bccff471ca5d9c1358c594d1c5c7cc47f95", "702324d5ccd0076adc3844b62dc0fc504dfc4ba21e8b67338cecfecdafbbef9d", "7247efb7a6312337d743f5853779db4b64b8e00fc4e21b353fd9882764a87898", "7a50f2279d32284037a1b84f3d2c857cfe52e0582bc0a638a071f5be29133a0b", "7cb08257f399bb3f4fa6684ad39a66290cba35fddc9776c2396c0c40e9088537", "856963b180b57d21f83ab02adf8673856193e51bbecddff081ab7b881c56c347", "8c35193913219a4891e0654f7d9daf2d50d920712ba88fdd5aa410a7f79c5060", "8ff7b013639cc9cdbe90b02a62f17d827959fe4353028fba87cbb05ae142be84", "902523fa3d9206e30313a4c77ffd89f63b44c2b48c7dfc1fd0d59720a007f0f1", "95591a2aae668e0179590d200aea9f293c3bb8a7e86fcb7c30f71dff1d5bb093", "9fe93f26c37754d4b921c7e6e832767fd0a12c1982d2c74ed936bf78cf50ea79", "a015804ed3476ca89c2df77c7d26fc6ea6f211f728d2db9f3d4e31d193105200", "a8bf7411bb8c956792058490586b3f0392288697d4a32b3875ac27c8788cb0cc", "b1f21f7dec397f2b2a276b343c6669e046c808ad3cebf74897df620a41da4c43", "b40437005419f7ea4bafc1cf0040789b6d4f3fdbba4ea88e8ceb96831557be75", "bf115fbe42896fe43f82584206c241e8ad02904d884969d8205c4773c5e76344", "d2faccfec046d7363bac2f547db5b0f18affc0eb54bd1c98770cc12e0c59e9c1", "d8d345af04e1849f6eb7f972564e6d969c46f390c035034f682a6cdc40bac5dc", "d93f4f09f7ba919fa70576666fa95cf479d9bd80e72fb7db2bb01683a2ab4c24", "f3672675be78c502c0bf7875a992c3fe201aa985794192e9bb203432b67e1d79", "f6768240e9a8c490bbc907ba4db523d6a56db466d1d20ad805b87416a4295394", "fab4b6a9bac9f9e226b86eccdbb8f766594168fc083b6a7cd722c3da68e4c311"], "path": "%TEMP%\\pdflauncher.exe"}], "ip": [{"hashes": ["0134f50d273b3bbfc40f69b037ceeb8c4a0f9c57ef55e14cc564b2647c91d50b", "0308c618d462657e6fa1ab1566ea439fe7bc8fa175e00c3b3cb92b7de0a15fad", "0339ade6fc92c17d85d0a3063e1090d1d88f3e7013c63f962ac238ca6a5be0f2", "03dd7a9a03627752acd6276135953f4e23a567211cda122055fe945ac058547e", "04049bf401f386b71c3f9370076fa0388ef36317379bd27a3d77521f319ef66c", "05a90746447511e32622f90440082d5ea344c81f408f2a8180a1a62554f4e563", "06b5d0d4827be79fc4eb1f518ad2f64cb8011c878172e0f44f9563b7233060be", "072854dbde422a9f17539752183436f9df9e13cd508e0705adf0a2fedd4b01c6", "079bb9784c275de6cec815b7fd8fc1ad35ce0cbaabbb5108ebf741fcfd02c008", "08db7034fce7c18a40454d7d3371739a5a27b324f07a3a84ece5daec32d1b78e", "094128fb2e38e2feff3360d922c08340c5ab51f4e5941d4b2e5e4e136886da40", "09cb932db632c40a5da9d5b50bac23d3aaa68a69bfaefdd6f9763d61ede0c343", "0afe581c70113703a47f4a4a320025d8c42287f3d2b0f50294417e1105d4265b", "0b66628a42bf861e41ac999ecef8edd7e200cbea9127c0eb6b3c1b94894a9cfe", "0b66ff19dded846c3ac661dda9a53af6fbc4f87164d160de4077164992152a65", "0ca014f86962ffa520a1761912131c403e38f512ea37dae6d6ad669c9c5a3e6d", "0e8761857683220f2f36a62feb8ed9912a555bbcfbca1e38edb201ca1cd91561", "0f04fc60a33db62f9f2683efeb0f13701cb2847fe33b15391fb1038162481243", "0fc67b499b0d5c5a42183bcdfb947fe44e3684597844f75e9d88bd9a9b3630d9", "1014177749ae458c7ac423564a0eda01319c5b68ea6b6c1c177e600a10d822eb", "101ddaf72d55116c5f72c5d5226f7aa8e7d7814c7cf28503e97a6eaf9e8e22f7", "106e36ed4efd530cadc507496a32ba2fbb3f40e6e6a860128c38dec4cb56767e", "11df0c2317b792d8e2c71e51cba375f26fa79c3893dee13bc5b3948b173cc128", "12d34ae371b5b947943eb4feb650c8e8549e74f3d17a178bbdc9e129ff555f76", "134cbcb9d9f7d69f3121eeeb8e6fd0b69075ec5755d34b1bb84506507c2fa804", "14e9065ecc478c011cdd3be32626706e32a2ae16b8e8abc785f610f369e640f1", "17c76e2e811e75062c333aa263aa8f1800f8f1bc5f6909b021c872fd9d5d1856", "18c31e85259273e6dc438f1b96136ee59f6729e043e31a927ddd5fa4ae2fa33c", "1a02515c612ec31e7cb0edd12649c2e5c7db6e9bd4eff0d969d7a42bbdd8a9cb", "1b2953efae71ba7d7741ce06be87e804257131ac0b14ffd59fb3c95ab800851a", "1ef25d6351df3dc68796c5accbee97d0222a5b1c2244430860266e613aebd969", "21115d414e5926ca60587ca7d9a6f2cd653663637344175fbbcaf77826758c63", "219cc3967aeabb6e569095a9e96024c387835937c16f01d4e929b30bc3e4c343", "2211d255c056d866229c85c779427986eefe2772d327739040a3ea4d2dd7e111", "22adcaf31287f6a953c48fbee75626cbb9b8a8f6ea07863637ef9037a299aa36", "259acd15dd50eda6c0f8f42a2538bf691f9749e77c4b2ac4cba725607812f4ed", "280bca24427f12400fd0413bb86c0bbf7170f0cef7566ae432c8469298de6271", "289ec0a1b22e2be005801b3fb2b1d48ac345742038a4bbe2192be959e7145fec", "28cb32d599283024709037c22455f78c0f9020e9b76e75cf0a3929e2c519d36b", "294a696b1863f81b97547b9b836307fea2e28097f9d27996626f82014e3816c7", "2b06c756c570200a22107b1107ace9270b21601a43ed85534d54050b4ab2f9e7", "2c3224bcbd61a4e56c857735fb012406129586c580ae4dae786ff3355205345e", "2cd6c35ecc0c0b83a7a103ff06ae9e4038fbdeab7ed5822ad45d508966cfe29c", "2e2ee259af95e4781cc345813c6a098906a0523021742855f71c5ea50138455d", "30a77605ff10125255c4b1e1f6569dbc615c270bf995261ba93324fd7735d217", "37ff60c4f945a0e45ea794f60275f2765c2223cf94ef1a128b28f5b99d14324a", "3bd4ec15b4d7006c48c6dfb076ca2355aa5596bea444a2acfa0cd9ae8bd71a7f", "3cfc925e6f333f18ee59b6f7fd5ab0ab54362ca293d419a9df1459616e9ad9f3", "416aa8d052b98c97f3c0ea910d8422bda3817df5457279a5c8595d28738222d6", "421359043a6df01ccba0b86e7e772fd8adb08003a1fe7a21cf65c7cec1464517", "429f7efa1ffae3da51fcf3d3a8f88006cd5208a389963821dcf68e3f941ba049", "4435700a8e0a5dc38c9c2f5681e469092550ac803d3ff0eba25c3fe079b58d2e", "4489cc3d5fb44ed8b9c74398fe4df16c807eb9cb4031e893889fd4645bb73901", "44f88766d121efb2c1497258e2cdea16475356520fb77e4fa97529569f46d1dd", "45b7ed6c121b1ee32bf6ff166e811dc28accd1f6fac06b9e7b9c81db0941f162", "47684eaa052f94ae5c08406b2fa188e600c98e03307c1076a76360989d4371d3", "47aead43ac3117bc934c7d9ec8dd9ab90cec420b9eb7821fc603c32c02741c71", "47be5c4f874622937d521517c120be7143f9e168a530ce459ed859aac66a2ec1", "49e0dea7ab27ccd376baa71485996afe877625eb007f81c09f467b7452e77cd7", "4ad1822ec704e0bd7ad05256c5bb1035c217c7275c61795d408f7e50e62b2a69", "4d3589494daf19228c1a02c7ae9e0dc3093b2b308e41cd5b576622ab03d26f7f", "4e19347cde2f38e46f2ef1165b108ddf13dd251f81411da20bff7aa73c536d05", "4e577f844290b9b3e8da1fcdf155c7262420fd8e7937b7fe1db380e156ce6d83", "4e94bbbf29b3404766a6ec991a7b533031ed360bf940acc22792f876e5ca999f", "539d73a462ed75f850d021ff0a2f904032b7dadf45a200fafbab1dda4da58c9a", "5cdf3f861d027aea2acba730dfab176f678f296d94f78e1af750dc0dafbc3352", "5fce9cb98a8b03290f92c268f2bc2dfeaabdbc19c61956874138fd75877f2398", "689cb3df8b60c04c02b72a4f9fc2f9ccce0b76e00996353a78e863ed3b6728cb", "6dd84ad54be2d0c4a3a8f8ecd3385bccff471ca5d9c1358c594d1c5c7cc47f95", "702324d5ccd0076adc3844b62dc0fc504dfc4ba21e8b67338cecfecdafbbef9d", "7247efb7a6312337d743f5853779db4b64b8e00fc4e21b353fd9882764a87898", "7a50f2279d32284037a1b84f3d2c857cfe52e0582bc0a638a071f5be29133a0b", "7cb08257f399bb3f4fa6684ad39a66290cba35fddc9776c2396c0c40e9088537", "856963b180b57d21f83ab02adf8673856193e51bbecddff081ab7b881c56c347", "8c35193913219a4891e0654f7d9daf2d50d920712ba88fdd5aa410a7f79c5060", "8ff7b013639cc9cdbe90b02a62f17d827959fe4353028fba87cbb05ae142be84", "902523fa3d9206e30313a4c77ffd89f63b44c2b48c7dfc1fd0d59720a007f0f1", "95591a2aae668e0179590d200aea9f293c3bb8a7e86fcb7c30f71dff1d5bb093", "9fe93f26c37754d4b921c7e6e832767fd0a12c1982d2c74ed936bf78cf50ea79", "a015804ed3476ca89c2df77c7d26fc6ea6f211f728d2db9f3d4e31d193105200", "a8bf7411bb8c956792058490586b3f0392288697d4a32b3875ac27c8788cb0cc", "b1f21f7dec397f2b2a276b343c6669e046c808ad3cebf74897df620a41da4c43", "b40437005419f7ea4bafc1cf0040789b6d4f3fdbba4ea88e8ceb96831557be75", "bf115fbe42896fe43f82584206c241e8ad02904d884969d8205c4773c5e76344", "d2faccfec046d7363bac2f547db5b0f18affc0eb54bd1c98770cc12e0c59e9c1", "d8d345af04e1849f6eb7f972564e6d969c46f390c035034f682a6cdc40bac5dc", "d93f4f09f7ba919fa70576666fa95cf479d9bd80e72fb7db2bb01683a2ab4c24", "f3672675be78c502c0bf7875a992c3fe201aa985794192e9bb203432b67e1d79", "f6768240e9a8c490bbc907ba4db523d6a56db466d1d20ad805b87416a4295394", "fab4b6a9bac9f9e226b86eccdbb8f766594168fc083b6a7cd722c3da68e4c311"], "ip": "77[.]68[.]74[.]189"}, {"hashes": ["0134f50d273b3bbfc40f69b037ceeb8c4a0f9c57ef55e14cc564b2647c91d50b", "0308c618d462657e6fa1ab1566ea439fe7bc8fa175e00c3b3cb92b7de0a15fad", "0339ade6fc92c17d85d0a3063e1090d1d88f3e7013c63f962ac238ca6a5be0f2", "03dd7a9a03627752acd6276135953f4e23a567211cda122055fe945ac058547e", "05a90746447511e32622f90440082d5ea344c81f408f2a8180a1a62554f4e563", "06b5d0d4827be79fc4eb1f518ad2f64cb8011c878172e0f44f9563b7233060be", "072854dbde422a9f17539752183436f9df9e13cd508e0705adf0a2fedd4b01c6", "079bb9784c275de6cec815b7fd8fc1ad35ce0cbaabbb5108ebf741fcfd02c008", "08db7034fce7c18a40454d7d3371739a5a27b324f07a3a84ece5daec32d1b78e", "094128fb2e38e2feff3360d922c08340c5ab51f4e5941d4b2e5e4e136886da40", "09cb932db632c40a5da9d5b50bac23d3aaa68a69bfaefdd6f9763d61ede0c343", "0afe581c70113703a47f4a4a320025d8c42287f3d2b0f50294417e1105d4265b", "0b66628a42bf861e41ac999ecef8edd7e200cbea9127c0eb6b3c1b94894a9cfe", "0b66ff19dded846c3ac661dda9a53af6fbc4f87164d160de4077164992152a65", "0ca014f86962ffa520a1761912131c403e38f512ea37dae6d6ad669c9c5a3e6d", "0e8761857683220f2f36a62feb8ed9912a555bbcfbca1e38edb201ca1cd91561", "0f04fc60a33db62f9f2683efeb0f13701cb2847fe33b15391fb1038162481243", "0fc67b499b0d5c5a42183bcdfb947fe44e3684597844f75e9d88bd9a9b3630d9", "1014177749ae458c7ac423564a0eda01319c5b68ea6b6c1c177e600a10d822eb", "101ddaf72d55116c5f72c5d5226f7aa8e7d7814c7cf28503e97a6eaf9e8e22f7", "106e36ed4efd530cadc507496a32ba2fbb3f40e6e6a860128c38dec4cb56767e", "11df0c2317b792d8e2c71e51cba375f26fa79c3893dee13bc5b3948b173cc128", "12d34ae371b5b947943eb4feb650c8e8549e74f3d17a178bbdc9e129ff555f76", "134cbcb9d9f7d69f3121eeeb8e6fd0b69075ec5755d34b1bb84506507c2fa804", "14e9065ecc478c011cdd3be32626706e32a2ae16b8e8abc785f610f369e640f1", "18c31e85259273e6dc438f1b96136ee59f6729e043e31a927ddd5fa4ae2fa33c", "1a02515c612ec31e7cb0edd12649c2e5c7db6e9bd4eff0d969d7a42bbdd8a9cb", "1b2953efae71ba7d7741ce06be87e804257131ac0b14ffd59fb3c95ab800851a", "1ef25d6351df3dc68796c5accbee97d0222a5b1c2244430860266e613aebd969", "21115d414e5926ca60587ca7d9a6f2cd653663637344175fbbcaf77826758c63", "219cc3967aeabb6e569095a9e96024c387835937c16f01d4e929b30bc3e4c343", "2211d255c056d866229c85c779427986eefe2772d327739040a3ea4d2dd7e111", "22adcaf31287f6a953c48fbee75626cbb9b8a8f6ea07863637ef9037a299aa36", "259acd15dd50eda6c0f8f42a2538bf691f9749e77c4b2ac4cba725607812f4ed", "280bca24427f12400fd0413bb86c0bbf7170f0cef7566ae432c8469298de6271", "289ec0a1b22e2be005801b3fb2b1d48ac345742038a4bbe2192be959e7145fec", "28cb32d599283024709037c22455f78c0f9020e9b76e75cf0a3929e2c519d36b", "294a696b1863f81b97547b9b836307fea2e28097f9d27996626f82014e3816c7", "2b06c756c570200a22107b1107ace9270b21601a43ed85534d54050b4ab2f9e7", "2c3224bcbd61a4e56c857735fb012406129586c580ae4dae786ff3355205345e", "2cd6c35ecc0c0b83a7a103ff06ae9e4038fbdeab7ed5822ad45d508966cfe29c", "2e2ee259af95e4781cc345813c6a098906a0523021742855f71c5ea50138455d", "30a77605ff10125255c4b1e1f6569dbc615c270bf995261ba93324fd7735d217", "37ff60c4f945a0e45ea794f60275f2765c2223cf94ef1a128b28f5b99d14324a", "3bd4ec15b4d7006c48c6dfb076ca2355aa5596bea444a2acfa0cd9ae8bd71a7f", "3cfc925e6f333f18ee59b6f7fd5ab0ab54362ca293d419a9df1459616e9ad9f3", "416aa8d052b98c97f3c0ea910d8422bda3817df5457279a5c8595d28738222d6", "421359043a6df01ccba0b86e7e772fd8adb08003a1fe7a21cf65c7cec1464517", "429f7efa1ffae3da51fcf3d3a8f88006cd5208a389963821dcf68e3f941ba049", "4435700a8e0a5dc38c9c2f5681e469092550ac803d3ff0eba25c3fe079b58d2e", "4489cc3d5fb44ed8b9c74398fe4df16c807eb9cb4031e893889fd4645bb73901", "44f88766d121efb2c1497258e2cdea16475356520fb77e4fa97529569f46d1dd", "45b7ed6c121b1ee32bf6ff166e811dc28accd1f6fac06b9e7b9c81db0941f162", "47684eaa052f94ae5c08406b2fa188e600c98e03307c1076a76360989d4371d3", "47aead43ac3117bc934c7d9ec8dd9ab90cec420b9eb7821fc603c32c02741c71", "47be5c4f874622937d521517c120be7143f9e168a530ce459ed859aac66a2ec1", "49e0dea7ab27ccd376baa71485996afe877625eb007f81c09f467b7452e77cd7", "4ad1822ec704e0bd7ad05256c5bb1035c217c7275c61795d408f7e50e62b2a69", "4d3589494daf19228c1a02c7ae9e0dc3093b2b308e41cd5b576622ab03d26f7f", "4e19347cde2f38e46f2ef1165b108ddf13dd251f81411da20bff7aa73c536d05", "4e577f844290b9b3e8da1fcdf155c7262420fd8e7937b7fe1db380e156ce6d83", "4e94bbbf29b3404766a6ec991a7b533031ed360bf940acc22792f876e5ca999f", "539d73a462ed75f850d021ff0a2f904032b7dadf45a200fafbab1dda4da58c9a", "5cdf3f861d027aea2acba730dfab176f678f296d94f78e1af750dc0dafbc3352", "5fce9cb98a8b03290f92c268f2bc2dfeaabdbc19c61956874138fd75877f2398", "689cb3df8b60c04c02b72a4f9fc2f9ccce0b76e00996353a78e863ed3b6728cb", "6dd84ad54be2d0c4a3a8f8ecd3385bccff471ca5d9c1358c594d1c5c7cc47f95", "702324d5ccd0076adc3844b62dc0fc504dfc4ba21e8b67338cecfecdafbbef9d", "7247efb7a6312337d743f5853779db4b64b8e00fc4e21b353fd9882764a87898", "7a50f2279d32284037a1b84f3d2c857cfe52e0582bc0a638a071f5be29133a0b", "7cb08257f399bb3f4fa6684ad39a66290cba35fddc9776c2396c0c40e9088537", "856963b180b57d21f83ab02adf8673856193e51bbecddff081ab7b881c56c347", "8c35193913219a4891e0654f7d9daf2d50d920712ba88fdd5aa410a7f79c5060", "8ff7b013639cc9cdbe90b02a62f17d827959fe4353028fba87cbb05ae142be84", "902523fa3d9206e30313a4c77ffd89f63b44c2b48c7dfc1fd0d59720a007f0f1", "95591a2aae668e0179590d200aea9f293c3bb8a7e86fcb7c30f71dff1d5bb093", "9fe93f26c37754d4b921c7e6e832767fd0a12c1982d2c74ed936bf78cf50ea79", "a015804ed3476ca89c2df77c7d26fc6ea6f211f728d2db9f3d4e31d193105200", "a8bf7411bb8c956792058490586b3f0392288697d4a32b3875ac27c8788cb0cc", "b1f21f7dec397f2b2a276b343c6669e046c808ad3cebf74897df620a41da4c43", "b40437005419f7ea4bafc1cf0040789b6d4f3fdbba4ea88e8ceb96831557be75", "bf115fbe42896fe43f82584206c241e8ad02904d884969d8205c4773c5e76344", "d2faccfec046d7363bac2f547db5b0f18affc0eb54bd1c98770cc12e0c59e9c1", "d8d345af04e1849f6eb7f972564e6d969c46f390c035034f682a6cdc40bac5dc", "d93f4f09f7ba919fa70576666fa95cf479d9bd80e72fb7db2bb01683a2ab4c24", "f3672675be78c502c0bf7875a992c3fe201aa985794192e9bb203432b67e1d79", "f6768240e9a8c490bbc907ba4db523d6a56db466d1d20ad805b87416a4295394", "fab4b6a9bac9f9e226b86eccdbb8f766594168fc083b6a7cd722c3da68e4c311"], "ip": "54[.]235[.]219[.]186"}, {"hashes": ["072854dbde422a9f17539752183436f9df9e13cd508e0705adf0a2fedd4b01c6", "08db7034fce7c18a40454d7d3371739a5a27b324f07a3a84ece5daec32d1b78e", "094128fb2e38e2feff3360d922c08340c5ab51f4e5941d4b2e5e4e136886da40", "09cb932db632c40a5da9d5b50bac23d3aaa68a69bfaefdd6f9763d61ede0c343", "0ca014f86962ffa520a1761912131c403e38f512ea37dae6d6ad669c9c5a3e6d", "1014177749ae458c7ac423564a0eda01319c5b68ea6b6c1c177e600a10d822eb", "106e36ed4efd530cadc507496a32ba2fbb3f40e6e6a860128c38dec4cb56767e", "134cbcb9d9f7d69f3121eeeb8e6fd0b69075ec5755d34b1bb84506507c2fa804", "14e9065ecc478c011cdd3be32626706e32a2ae16b8e8abc785f610f369e640f1", "21115d414e5926ca60587ca7d9a6f2cd653663637344175fbbcaf77826758c63", "219cc3967aeabb6e569095a9e96024c387835937c16f01d4e929b30bc3e4c343", "2211d255c056d866229c85c779427986eefe2772d327739040a3ea4d2dd7e111", "22adcaf31287f6a953c48fbee75626cbb9b8a8f6ea07863637ef9037a299aa36", "259acd15dd50eda6c0f8f42a2538bf691f9749e77c4b2ac4cba725607812f4ed", "280bca24427f12400fd0413bb86c0bbf7170f0cef7566ae432c8469298de6271", "289ec0a1b22e2be005801b3fb2b1d48ac345742038a4bbe2192be959e7145fec", "28cb32d599283024709037c22455f78c0f9020e9b76e75cf0a3929e2c519d36b", "2b06c756c570200a22107b1107ace9270b21601a43ed85534d54050b4ab2f9e7", "2c3224bcbd61a4e56c857735fb012406129586c580ae4dae786ff3355205345e", "2cd6c35ecc0c0b83a7a103ff06ae9e4038fbdeab7ed5822ad45d508966cfe29c", "37ff60c4f945a0e45ea794f60275f2765c2223cf94ef1a128b28f5b99d14324a", "429f7efa1ffae3da51fcf3d3a8f88006cd5208a389963821dcf68e3f941ba049", "4435700a8e0a5dc38c9c2f5681e469092550ac803d3ff0eba25c3fe079b58d2e", "4489cc3d5fb44ed8b9c74398fe4df16c807eb9cb4031e893889fd4645bb73901", "44f88766d121efb2c1497258e2cdea16475356520fb77e4fa97529569f46d1dd", "45b7ed6c121b1ee32bf6ff166e811dc28accd1f6fac06b9e7b9c81db0941f162", "47be5c4f874622937d521517c120be7143f9e168a530ce459ed859aac66a2ec1", "4d3589494daf19228c1a02c7ae9e0dc3093b2b308e41cd5b576622ab03d26f7f", "4e577f844290b9b3e8da1fcdf155c7262420fd8e7937b7fe1db380e156ce6d83", "689cb3df8b60c04c02b72a4f9fc2f9ccce0b76e00996353a78e863ed3b6728cb", "6dd84ad54be2d0c4a3a8f8ecd3385bccff471ca5d9c1358c594d1c5c7cc47f95", "702324d5ccd0076adc3844b62dc0fc504dfc4ba21e8b67338cecfecdafbbef9d", "7247efb7a6312337d743f5853779db4b64b8e00fc4e21b353fd9882764a87898", "7a50f2279d32284037a1b84f3d2c857cfe52e0582bc0a638a071f5be29133a0b", "7cb08257f399bb3f4fa6684ad39a66290cba35fddc9776c2396c0c40e9088537", "856963b180b57d21f83ab02adf8673856193e51bbecddff081ab7b881c56c347", "902523fa3d9206e30313a4c77ffd89f63b44c2b48c7dfc1fd0d59720a007f0f1", "a015804ed3476ca89c2df77c7d26fc6ea6f211f728d2db9f3d4e31d193105200", "bf115fbe42896fe43f82584206c241e8ad02904d884969d8205c4773c5e76344", "fab4b6a9bac9f9e226b86eccdbb8f766594168fc083b6a7cd722c3da68e4c311"], "ip": "23[.]221[.]227[.]172"}, {"hashes": ["0134f50d273b3bbfc40f69b037ceeb8c4a0f9c57ef55e14cc564b2647c91d50b", "0308c618d462657e6fa1ab1566ea439fe7bc8fa175e00c3b3cb92b7de0a15fad", "0339ade6fc92c17d85d0a3063e1090d1d88f3e7013c63f962ac238ca6a5be0f2", "03dd7a9a03627752acd6276135953f4e23a567211cda122055fe945ac058547e", "06b5d0d4827be79fc4eb1f518ad2f64cb8011c878172e0f44f9563b7233060be", "079bb9784c275de6cec815b7fd8fc1ad35ce0cbaabbb5108ebf741fcfd02c008", "0b66628a42bf861e41ac999ecef8edd7e200cbea9127c0eb6b3c1b94894a9cfe", "0b66ff19dded846c3ac661dda9a53af6fbc4f87164d160de4077164992152a65", "0e8761857683220f2f36a62feb8ed9912a555bbcfbca1e38edb201ca1cd91561", "0f04fc60a33db62f9f2683efeb0f13701cb2847fe33b15391fb1038162481243", "0fc67b499b0d5c5a42183bcdfb947fe44e3684597844f75e9d88bd9a9b3630d9", "101ddaf72d55116c5f72c5d5226f7aa8e7d7814c7cf28503e97a6eaf9e8e22f7", "11df0c2317b792d8e2c71e51cba375f26fa79c3893dee13bc5b3948b173cc128", "12d34ae371b5b947943eb4feb650c8e8549e74f3d17a178bbdc9e129ff555f76", "18c31e85259273e6dc438f1b96136ee59f6729e043e31a927ddd5fa4ae2fa33c", "1b2953efae71ba7d7741ce06be87e804257131ac0b14ffd59fb3c95ab800851a", "1ef25d6351df3dc68796c5accbee97d0222a5b1c2244430860266e613aebd969", "294a696b1863f81b97547b9b836307fea2e28097f9d27996626f82014e3816c7", "2e2ee259af95e4781cc345813c6a098906a0523021742855f71c5ea50138455d", "3bd4ec15b4d7006c48c6dfb076ca2355aa5596bea444a2acfa0cd9ae8bd71a7f", "3cfc925e6f333f18ee59b6f7fd5ab0ab54362ca293d419a9df1459616e9ad9f3", "416aa8d052b98c97f3c0ea910d8422bda3817df5457279a5c8595d28738222d6", "421359043a6df01ccba0b86e7e772fd8adb08003a1fe7a21cf65c7cec1464517", "47684eaa052f94ae5c08406b2fa188e600c98e03307c1076a76360989d4371d3", "47aead43ac3117bc934c7d9ec8dd9ab90cec420b9eb7821fc603c32c02741c71", "49e0dea7ab27ccd376baa71485996afe877625eb007f81c09f467b7452e77cd7", "4ad1822ec704e0bd7ad05256c5bb1035c217c7275c61795d408f7e50e62b2a69", "4e94bbbf29b3404766a6ec991a7b533031ed360bf940acc22792f876e5ca999f", "539d73a462ed75f850d021ff0a2f904032b7dadf45a200fafbab1dda4da58c9a", "5fce9cb98a8b03290f92c268f2bc2dfeaabdbc19c61956874138fd75877f2398", "8c35193913219a4891e0654f7d9daf2d50d920712ba88fdd5aa410a7f79c5060", "95591a2aae668e0179590d200aea9f293c3bb8a7e86fcb7c30f71dff1d5bb093", "a8bf7411bb8c956792058490586b3f0392288697d4a32b3875ac27c8788cb0cc", "b1f21f7dec397f2b2a276b343c6669e046c808ad3cebf74897df620a41da4c43", "b40437005419f7ea4bafc1cf0040789b6d4f3fdbba4ea88e8ceb96831557be75", "d2faccfec046d7363bac2f547db5b0f18affc0eb54bd1c98770cc12e0c59e9c1", "d8d345af04e1849f6eb7f972564e6d969c46f390c035034f682a6cdc40bac5dc", "d93f4f09f7ba919fa70576666fa95cf479d9bd80e72fb7db2bb01683a2ab4c24", "f3672675be78c502c0bf7875a992c3fe201aa985794192e9bb203432b67e1d79"], "ip": "23[.]221[.]227[.]165"}, {"hashes": ["05a90746447511e32622f90440082d5ea344c81f408f2a8180a1a62554f4e563", "0afe581c70113703a47f4a4a320025d8c42287f3d2b0f50294417e1105d4265b", "30a77605ff10125255c4b1e1f6569dbc615c270bf995261ba93324fd7735d217", "4e19347cde2f38e46f2ef1165b108ddf13dd251f81411da20bff7aa73c536d05", "5cdf3f861d027aea2acba730dfab176f678f296d94f78e1af750dc0dafbc3352", "8ff7b013639cc9cdbe90b02a62f17d827959fe4353028fba87cbb05ae142be84", "9fe93f26c37754d4b921c7e6e832767fd0a12c1982d2c74ed936bf78cf50ea79", "f6768240e9a8c490bbc907ba4db523d6a56db466d1d20ad805b87416a4295394"], "ip": "23[.]221[.]227[.]169"}, {"hashes": ["04049bf401f386b71c3f9370076fa0388ef36317379bd27a3d77521f319ef66c", "17c76e2e811e75062c333aa263aa8f1800f8f1bc5f6909b021c872fd9d5d1856"], "ip": "23[.]3[.]13[.]152"}, {"hashes": ["1a02515c612ec31e7cb0edd12649c2e5c7db6e9bd4eff0d969d7a42bbdd8a9cb"], "ip": "23[.]3[.]13[.]129"}], "mutex": [], "registry": [{"hashes": ["2cd6c35ecc0c0b83a7a103ff06ae9e4038fbdeab7ed5822ad45d508966cfe29c"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\EXPLORER\\STARTPAGE", "value_name": "StartMenu_Balloon_Time"}]}, "reports_count": 90}, "Win.Ransomware.Cerber-9987352-0": {"bis": [{"bi": "pe-encrypted-section", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "memory-execute-readwrite", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": []}, {"bi": "modified-file-in-user-dir", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": []}, {"bi": "pe-section-execute-writable", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "network-fast-flux-domain", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": []}, {"bi": "network-communications-http-get", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": ["TA0011", "T1105"]}, {"bi": "dns-query-nxdomain", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": []}, {"bi": "network-only-safe-domains-contacted", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": []}, {"bi": "feed-domain-antivirus-service", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": []}, {"bi": "process-requested-named-pipe", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "excessive-foreign-memory-modification", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "deleted-submitted-file", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": ["TA0005"]}, {"bi": "potential-registry-persistence", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": ["TA0003"]}, {"bi": "imports-IsDebuggerPresent", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": ["TA0005", "TA0007"]}, {"bi": "process-hollowing-detected", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "excessive-udp-connections", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": ["TA0011", "T1095", "T1008"]}, {"bi": "randomly-named-files", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "document-decoy-dropped", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": []}, {"bi": "malware-ransomware-cerber", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": ["TA0040", "T1486"]}, {"bi": "process-uses-localhost-traffic", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": ["TA0007", "T1049"]}, {"bi": "process-ping", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": ["TA0007", "T1049"]}, {"bi": "process-ping-localhost", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": ["TA0007", "T1016"]}, {"bi": "netsh-firewall-generic", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": ["TA0007", "TA0005", "T1016", "T1562"]}, {"bi": "feed-domain-ransomware", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": []}, {"bi": "file-pending-delete", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": ["TA0005"]}, {"bi": "microsoft-block-rule-list-app-executed", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": ["TA0005", "T1562"]}, {"bi": "process-taskkill", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": ["TA0005", "T1562"]}, {"bi": "pdf-password-protected", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "process-deletes-many-files", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": []}, {"bi": "malware-generic-infostealer", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": ["TA0007", "TA0009", "TA0006", "T1083", "T1005", "T1119", "T1552"]}, {"bi": "enumeration-cryptocurrency-information", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": ["TA0007", "TA0009", "TA0006", "T1083", "T1005", "T1119", "T1552"]}, {"bi": "enumeration-email-program-information", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": ["TA0007", "TA0009", "TA0006", "T1083", "T1087", "T1005", "T1119", "T1114", "T1552"]}, {"bi": "rtf-appended-data", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "rtf-high-entropy", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "enumeration-game-information", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": ["TA0007", "TA0009", "TA0006", "T1083", "T1005", "T1119", "T1552", "T1555"]}, {"bi": "enumeration-sql-server-information", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": ["TA0007", "T1082"]}, {"bi": "pe-invalid-checksum", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": []}, {"bi": "netbios-query", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": ["TA0007", "T1016"]}, {"bi": "http-response-client-error", "hashes": ["8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c"], "mitre_attack_tags": []}, {"bi": "network-fast-flux-nameserver", "hashes": ["73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee"], "mitre_attack_tags": []}, {"bi": "network-snort-protocol", "hashes": ["73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee"], "mitre_attack_tags": []}, {"bi": "network-file-downloaded-to-disk", "hashes": ["73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee"], "mitre_attack_tags": []}, {"bi": "network-snort-indicator-compromise", "hashes": ["73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee"], "mitre_attack_tags": []}], "category": "Ransomware", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": true, "Threat Grid": true, "Umbrella": false, "WSA": false}, "description": "Cerber is ransomware that encrypts documents, photos, databases and other important files. Historically, this malware would replace files with encrypted versions and add the file extension \".cerber,\" although in more recent campaigns, other file extensions are used.", "hashes": ["06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac"], "iocs": {"domain": [{"hashes": ["06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac"], "host": "api[.]blockcypher[.]com"}, {"hashes": ["06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c", "8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac"], "host": "bitaps[.]com"}, {"hashes": ["06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c", "8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac"], "host": "chain[.]so"}, {"hashes": ["06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c", "8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac"], "host": "btc[.]blockr[.]io"}, {"hashes": ["73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee"], "host": "hjhqmbxyinislkkt[.]1j9r76[.]top"}], "file": [{"hashes": ["06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac"], "path": "%TEMP%\\d19ab989"}, {"hashes": ["06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac"], "path": "%TEMP%\\d19ab989\\4710.tmp"}, {"hashes": ["06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac"], "path": "%TEMP%\\d19ab989\\a35f.tmp"}, {"hashes": ["06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac"], "path": "%LOCALAPPDATA%\\Microsoft\\Office\\Groove1\\System\\CSMIPC.dat"}, {"hashes": ["06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac"], "path": "<dir>\\_READ_THI$_FILE_<random, matching [A-F0-9]{4,8}>_.hta"}, {"hashes": ["06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac"], "path": "<dir>\\_READ_THI$_FILE_<random, matching [A-F0-9]{4,8}>_.txt"}, {"hashes": ["06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac"], "path": "\\pc\\users\\public\\recorded tv\\sample media\\win7_scenic-demoshort_raw.wtv"}], "ip": [{"hashes": ["06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac"], "ip": "94[.]21[.]172[.]0/27"}, {"hashes": ["06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac"], "ip": "94[.]22[.]172[.]0/27"}, {"hashes": ["06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac"], "ip": "94[.]23[.]172[.]0/22"}, {"hashes": ["06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c", "8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac"], "ip": "178[.]128[.]255[.]179"}, {"hashes": ["06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac"], "ip": "104[.]20[.]21[.]251"}, {"hashes": ["14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac"], "ip": "172[.]66[.]42[.]238"}, {"hashes": ["06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504"], "ip": "172[.]66[.]41[.]18"}, {"hashes": ["14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539"], "ip": "104[.]20[.]20[.]251"}, {"hashes": ["5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c", "8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482"], "ip": "172[.]67[.]2[.]88"}], "mutex": [{"hashes": ["06b444d20ea1a2fc7726b4e1bc2c03708cb0719dd09db2e41604dc2f30755dfc", "14bff12c186c1042535d7ca79bab96738ddd5dbdc975ac4fb271113c01ff8c02", "14c70464b6367a5a9afe3254d5ceb04013896506cac23bead508b4a004429157", "17eaac07edc82c30cdcdb7e7ac163d9aa67607af29c25324de84a40fe4084e0f", "27fb7cd60bb97d1fe8ba827b8537191511391fb49c97da1208e982c325b4bc48", "5d14e28719b83655d43461ea60f557e24c365269ffc41993e6c51eb7fa794f1c", "73c3883e26a9a403053c673859709b0a43fb32de196c71d86c4e7480b78207ee", "8be38ae7931c75bc6d8cb80fc9a2d95660eb269f321970cc7da453238bcd7482", "ca5f7747f518aa7b48e3454643860cd8d9909bbc965f6955ea70c8889ffe4504", "dacf34683b6aaf0f233d22d99eb5af7cdab36398e2e86af52ea53464e8be1539", "f73a96e66ead8238a4d5d83cf076456cd7e5b47558dbb5dc52e2ce9f9d91beac"], "name": "shell.{381828AA-8B28-3374-1B67-35680555C5EF}"}], "registry": []}, "reports_count": 11}, "exprev": [], "info": {"origin": "Cisco Talos Intelligence Group", "publication_date": "2023-02-17T14:55:03+00:00", "version": "2.1", "warning": "As a reminder, the information provided for the following threatsin this post is non-exhaustive and current as of the date ofpublication. Additionally, please keep in mind that IOC searchingis only one part of threat hunting. Spotting a single IOC does notnecessarily indicate maliciousness. Detection and coverage for thefollowing threats is subject to updates, pending additional threator vulnerability analysis. For the most current information, pleaserefer to your Firepower Management Center, Snort.org, or ClamAV.net."}, "signatures": ["Win.Ransomware.Cerber-9987352-0", "Win.Dropper.LokiBot-9987759-0", "Win.Dropper.Ramnit-9987280-0", "Win.Dropper.Gandcrab-9987386-0", "Win.Dropper.TrickBot-9987411-0", "Win.Dropper.DarkComet-9987724-1", "Win.Packed.Shiz-9987720-0", "Win.Packed.Zbot-9987774-0", "Win.Malware.Upatre-9987791-0"]}