{"Win.Dropper.Bifrost-9999421-0": {"bis": [{"bi": "pe-encrypted-section", "hashes": ["e4dc994221574eff6af87a233c7ddfa33b007293c1c8619c22414b1ff051f719", "317ad67576e5f51b4503b5a58790ae583d1298e2ad50c42f1d54f1607e740865", "2d3c4909441820d1de63983c97ad0964558f6024da7e3df9f96175d4403bf218", "7f8ba1643800ef5c68f36fc5c7bd5f58e4bbf3488d1afe9457db3ff9f192f72c", "a25c4046bcb78ca6a41cf37262365cb6e630713d996962c5ed5624de6b70ce77", "8ecaeb0d4ab61d5b194f532e91402ee67f56cfeeca7f14bafe310f6c4f17ca8b", "70531690675458171a874b65e0446279933e41fceebb0510b43d0b910874b111", "f90910b0082c3cb94d48d090d0910f14fc3e62d9c05781e136e99c28bc977436", "ea3ae31a4b957e8f7b34fe94599a2c34b0acc3dd6d8f01409fd68c90d50da2a4", "528e5c62e0e8e3af8fc991a7c0401202675b71267e58ed2053631064b7bd0196", "c98f65ea7dd4196e3c68318d4c51322bd5cfe6d4449dc2be633e0aab32509bdb", "b1b116c818bb99e56d2bf16797fc561848ddbe2ce1fddc83a4c3533cd3686084", "f81ab857124dd17d90252c5b291d0e23f8d2331109a5b25f4651e4ad955e10b3", "15b848b09c13701b9cf4d7ec1546abaf4843a8cd4f93219465082594109b5a15", "7baa86e12a2c0cced0a644f2e0de4b34d3183e14e0ec0229decb7df669a1edf7", "3e434e528d5bdce10d103f262e13053037ba3f1d7d0cac058b697edbc5e7cf1f", "05b60c3808ba135a4782eb1ee6bec09856f5677154ece35a180033d7cece493c", "559fcab27f1bf9546475545d540aa891b901611247ede2b475c5093d31c859b3", "72d732766780f90c15b04466e29dfae232a2080b6a53a8a7d0b375f13bb59ded", "0585e38214fea7ac0452aa4c91ce1866a7c11196c3ac433d5d2c8f0926b1d993", "0a2742d35fef3309868a747e585d542912fa8e6b82ff64b6df0ddec693b954e0", "f9aa6fa501379435e45be9a9a626ee1205b7dfa193c36c5e8530d88ec6effa28", "39df2f083999781a16ab03af79cae3f5e7ecb33e616d073e3669114ecc5d644b"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "memory-execute-readwrite", "hashes": ["e4dc994221574eff6af87a233c7ddfa33b007293c1c8619c22414b1ff051f719", "317ad67576e5f51b4503b5a58790ae583d1298e2ad50c42f1d54f1607e740865", "2d3c4909441820d1de63983c97ad0964558f6024da7e3df9f96175d4403bf218", "7f8ba1643800ef5c68f36fc5c7bd5f58e4bbf3488d1afe9457db3ff9f192f72c", "a25c4046bcb78ca6a41cf37262365cb6e630713d996962c5ed5624de6b70ce77", "8ecaeb0d4ab61d5b194f532e91402ee67f56cfeeca7f14bafe310f6c4f17ca8b", "70531690675458171a874b65e0446279933e41fceebb0510b43d0b910874b111", "f90910b0082c3cb94d48d090d0910f14fc3e62d9c05781e136e99c28bc977436", "ea3ae31a4b957e8f7b34fe94599a2c34b0acc3dd6d8f01409fd68c90d50da2a4", "528e5c62e0e8e3af8fc991a7c0401202675b71267e58ed2053631064b7bd0196", "c98f65ea7dd4196e3c68318d4c51322bd5cfe6d4449dc2be633e0aab32509bdb", "b1b116c818bb99e56d2bf16797fc561848ddbe2ce1fddc83a4c3533cd3686084", "f81ab857124dd17d90252c5b291d0e23f8d2331109a5b25f4651e4ad955e10b3", "15b848b09c13701b9cf4d7ec1546abaf4843a8cd4f93219465082594109b5a15", "7baa86e12a2c0cced0a644f2e0de4b34d3183e14e0ec0229decb7df669a1edf7", "3e434e528d5bdce10d103f262e13053037ba3f1d7d0cac058b697edbc5e7cf1f", "05b60c3808ba135a4782eb1ee6bec09856f5677154ece35a180033d7cece493c", "559fcab27f1bf9546475545d540aa891b901611247ede2b475c5093d31c859b3", "72d732766780f90c15b04466e29dfae232a2080b6a53a8a7d0b375f13bb59ded", "0585e38214fea7ac0452aa4c91ce1866a7c11196c3ac433d5d2c8f0926b1d993", "0a2742d35fef3309868a747e585d542912fa8e6b82ff64b6df0ddec693b954e0", "f9aa6fa501379435e45be9a9a626ee1205b7dfa193c36c5e8530d88ec6effa28", "39df2f083999781a16ab03af79cae3f5e7ecb33e616d073e3669114ecc5d644b"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["e4dc994221574eff6af87a233c7ddfa33b007293c1c8619c22414b1ff051f719", "317ad67576e5f51b4503b5a58790ae583d1298e2ad50c42f1d54f1607e740865", "2d3c4909441820d1de63983c97ad0964558f6024da7e3df9f96175d4403bf218", "7f8ba1643800ef5c68f36fc5c7bd5f58e4bbf3488d1afe9457db3ff9f192f72c", "a25c4046bcb78ca6a41cf37262365cb6e630713d996962c5ed5624de6b70ce77", "8ecaeb0d4ab61d5b194f532e91402ee67f56cfeeca7f14bafe310f6c4f17ca8b", "70531690675458171a874b65e0446279933e41fceebb0510b43d0b910874b111", "f90910b0082c3cb94d48d090d0910f14fc3e62d9c05781e136e99c28bc977436", "ea3ae31a4b957e8f7b34fe94599a2c34b0acc3dd6d8f01409fd68c90d50da2a4", "528e5c62e0e8e3af8fc991a7c0401202675b71267e58ed2053631064b7bd0196", "c98f65ea7dd4196e3c68318d4c51322bd5cfe6d4449dc2be633e0aab32509bdb", "b1b116c818bb99e56d2bf16797fc561848ddbe2ce1fddc83a4c3533cd3686084", "f81ab857124dd17d90252c5b291d0e23f8d2331109a5b25f4651e4ad955e10b3", "15b848b09c13701b9cf4d7ec1546abaf4843a8cd4f93219465082594109b5a15", "7baa86e12a2c0cced0a644f2e0de4b34d3183e14e0ec0229decb7df669a1edf7", "3e434e528d5bdce10d103f262e13053037ba3f1d7d0cac058b697edbc5e7cf1f", "05b60c3808ba135a4782eb1ee6bec09856f5677154ece35a180033d7cece493c", "559fcab27f1bf9546475545d540aa891b901611247ede2b475c5093d31c859b3", "72d732766780f90c15b04466e29dfae232a2080b6a53a8a7d0b375f13bb59ded", "0585e38214fea7ac0452aa4c91ce1866a7c11196c3ac433d5d2c8f0926b1d993", "0a2742d35fef3309868a747e585d542912fa8e6b82ff64b6df0ddec693b954e0", "f9aa6fa501379435e45be9a9a626ee1205b7dfa193c36c5e8530d88ec6effa28", "39df2f083999781a16ab03af79cae3f5e7ecb33e616d073e3669114ecc5d644b"], "mitre_attack_tags": []}, {"bi": "artifact-flagged-anomaly", "hashes": ["e4dc994221574eff6af87a233c7ddfa33b007293c1c8619c22414b1ff051f719", "317ad67576e5f51b4503b5a58790ae583d1298e2ad50c42f1d54f1607e740865", "2d3c4909441820d1de63983c97ad0964558f6024da7e3df9f96175d4403bf218", "7f8ba1643800ef5c68f36fc5c7bd5f58e4bbf3488d1afe9457db3ff9f192f72c", "a25c4046bcb78ca6a41cf37262365cb6e630713d996962c5ed5624de6b70ce77", "8ecaeb0d4ab61d5b194f532e91402ee67f56cfeeca7f14bafe310f6c4f17ca8b", "70531690675458171a874b65e0446279933e41fceebb0510b43d0b910874b111", "f90910b0082c3cb94d48d090d0910f14fc3e62d9c05781e136e99c28bc977436", "ea3ae31a4b957e8f7b34fe94599a2c34b0acc3dd6d8f01409fd68c90d50da2a4", "528e5c62e0e8e3af8fc991a7c0401202675b71267e58ed2053631064b7bd0196", "c98f65ea7dd4196e3c68318d4c51322bd5cfe6d4449dc2be633e0aab32509bdb", "b1b116c818bb99e56d2bf16797fc561848ddbe2ce1fddc83a4c3533cd3686084", "f81ab857124dd17d90252c5b291d0e23f8d2331109a5b25f4651e4ad955e10b3", "15b848b09c13701b9cf4d7ec1546abaf4843a8cd4f93219465082594109b5a15", "7baa86e12a2c0cced0a644f2e0de4b34d3183e14e0ec0229decb7df669a1edf7", "3e434e528d5bdce10d103f262e13053037ba3f1d7d0cac058b697edbc5e7cf1f", "05b60c3808ba135a4782eb1ee6bec09856f5677154ece35a180033d7cece493c", "559fcab27f1bf9546475545d540aa891b901611247ede2b475c5093d31c859b3", "72d732766780f90c15b04466e29dfae232a2080b6a53a8a7d0b375f13bb59ded", "0585e38214fea7ac0452aa4c91ce1866a7c11196c3ac433d5d2c8f0926b1d993", "0a2742d35fef3309868a747e585d542912fa8e6b82ff64b6df0ddec693b954e0", "f9aa6fa501379435e45be9a9a626ee1205b7dfa193c36c5e8530d88ec6effa28", "39df2f083999781a16ab03af79cae3f5e7ecb33e616d073e3669114ecc5d644b"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "pe-section-execute-writable", "hashes": ["e4dc994221574eff6af87a233c7ddfa33b007293c1c8619c22414b1ff051f719", "317ad67576e5f51b4503b5a58790ae583d1298e2ad50c42f1d54f1607e740865", "2d3c4909441820d1de63983c97ad0964558f6024da7e3df9f96175d4403bf218", "7f8ba1643800ef5c68f36fc5c7bd5f58e4bbf3488d1afe9457db3ff9f192f72c", "a25c4046bcb78ca6a41cf37262365cb6e630713d996962c5ed5624de6b70ce77", "8ecaeb0d4ab61d5b194f532e91402ee67f56cfeeca7f14bafe310f6c4f17ca8b", "70531690675458171a874b65e0446279933e41fceebb0510b43d0b910874b111", "f90910b0082c3cb94d48d090d0910f14fc3e62d9c05781e136e99c28bc977436", "ea3ae31a4b957e8f7b34fe94599a2c34b0acc3dd6d8f01409fd68c90d50da2a4", "528e5c62e0e8e3af8fc991a7c0401202675b71267e58ed2053631064b7bd0196", "c98f65ea7dd4196e3c68318d4c51322bd5cfe6d4449dc2be633e0aab32509bdb", "b1b116c818bb99e56d2bf16797fc561848ddbe2ce1fddc83a4c3533cd3686084", "f81ab857124dd17d90252c5b291d0e23f8d2331109a5b25f4651e4ad955e10b3", "15b848b09c13701b9cf4d7ec1546abaf4843a8cd4f93219465082594109b5a15", "7baa86e12a2c0cced0a644f2e0de4b34d3183e14e0ec0229decb7df669a1edf7", "3e434e528d5bdce10d103f262e13053037ba3f1d7d0cac058b697edbc5e7cf1f", "05b60c3808ba135a4782eb1ee6bec09856f5677154ece35a180033d7cece493c", "559fcab27f1bf9546475545d540aa891b901611247ede2b475c5093d31c859b3", "72d732766780f90c15b04466e29dfae232a2080b6a53a8a7d0b375f13bb59ded", "0585e38214fea7ac0452aa4c91ce1866a7c11196c3ac433d5d2c8f0926b1d993", "0a2742d35fef3309868a747e585d542912fa8e6b82ff64b6df0ddec693b954e0", "f9aa6fa501379435e45be9a9a626ee1205b7dfa193c36c5e8530d88ec6effa28", "39df2f083999781a16ab03af79cae3f5e7ecb33e616d073e3669114ecc5d644b"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "pe-packed-upx", "hashes": ["e4dc994221574eff6af87a233c7ddfa33b007293c1c8619c22414b1ff051f719", "317ad67576e5f51b4503b5a58790ae583d1298e2ad50c42f1d54f1607e740865", "2d3c4909441820d1de63983c97ad0964558f6024da7e3df9f96175d4403bf218", "7f8ba1643800ef5c68f36fc5c7bd5f58e4bbf3488d1afe9457db3ff9f192f72c", "a25c4046bcb78ca6a41cf37262365cb6e630713d996962c5ed5624de6b70ce77", "8ecaeb0d4ab61d5b194f532e91402ee67f56cfeeca7f14bafe310f6c4f17ca8b", "70531690675458171a874b65e0446279933e41fceebb0510b43d0b910874b111", "f90910b0082c3cb94d48d090d0910f14fc3e62d9c05781e136e99c28bc977436", "ea3ae31a4b957e8f7b34fe94599a2c34b0acc3dd6d8f01409fd68c90d50da2a4", "528e5c62e0e8e3af8fc991a7c0401202675b71267e58ed2053631064b7bd0196", "c98f65ea7dd4196e3c68318d4c51322bd5cfe6d4449dc2be633e0aab32509bdb", "b1b116c818bb99e56d2bf16797fc561848ddbe2ce1fddc83a4c3533cd3686084", "f81ab857124dd17d90252c5b291d0e23f8d2331109a5b25f4651e4ad955e10b3", "15b848b09c13701b9cf4d7ec1546abaf4843a8cd4f93219465082594109b5a15", "7baa86e12a2c0cced0a644f2e0de4b34d3183e14e0ec0229decb7df669a1edf7", "3e434e528d5bdce10d103f262e13053037ba3f1d7d0cac058b697edbc5e7cf1f", "05b60c3808ba135a4782eb1ee6bec09856f5677154ece35a180033d7cece493c", "559fcab27f1bf9546475545d540aa891b901611247ede2b475c5093d31c859b3", "72d732766780f90c15b04466e29dfae232a2080b6a53a8a7d0b375f13bb59ded", "0585e38214fea7ac0452aa4c91ce1866a7c11196c3ac433d5d2c8f0926b1d993", "0a2742d35fef3309868a747e585d542912fa8e6b82ff64b6df0ddec693b954e0", "f9aa6fa501379435e45be9a9a626ee1205b7dfa193c36c5e8530d88ec6effa28", "39df2f083999781a16ab03af79cae3f5e7ecb33e616d073e3669114ecc5d644b"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "excessive-foreign-memory-modification", "hashes": ["e4dc994221574eff6af87a233c7ddfa33b007293c1c8619c22414b1ff051f719", "317ad67576e5f51b4503b5a58790ae583d1298e2ad50c42f1d54f1607e740865", "2d3c4909441820d1de63983c97ad0964558f6024da7e3df9f96175d4403bf218", "7f8ba1643800ef5c68f36fc5c7bd5f58e4bbf3488d1afe9457db3ff9f192f72c", "a25c4046bcb78ca6a41cf37262365cb6e630713d996962c5ed5624de6b70ce77", "8ecaeb0d4ab61d5b194f532e91402ee67f56cfeeca7f14bafe310f6c4f17ca8b", "70531690675458171a874b65e0446279933e41fceebb0510b43d0b910874b111", "f90910b0082c3cb94d48d090d0910f14fc3e62d9c05781e136e99c28bc977436", "ea3ae31a4b957e8f7b34fe94599a2c34b0acc3dd6d8f01409fd68c90d50da2a4", "528e5c62e0e8e3af8fc991a7c0401202675b71267e58ed2053631064b7bd0196", "c98f65ea7dd4196e3c68318d4c51322bd5cfe6d4449dc2be633e0aab32509bdb", "b1b116c818bb99e56d2bf16797fc561848ddbe2ce1fddc83a4c3533cd3686084", "f81ab857124dd17d90252c5b291d0e23f8d2331109a5b25f4651e4ad955e10b3", "15b848b09c13701b9cf4d7ec1546abaf4843a8cd4f93219465082594109b5a15", "7baa86e12a2c0cced0a644f2e0de4b34d3183e14e0ec0229decb7df669a1edf7", "3e434e528d5bdce10d103f262e13053037ba3f1d7d0cac058b697edbc5e7cf1f", "05b60c3808ba135a4782eb1ee6bec09856f5677154ece35a180033d7cece493c", "559fcab27f1bf9546475545d540aa891b901611247ede2b475c5093d31c859b3", "72d732766780f90c15b04466e29dfae232a2080b6a53a8a7d0b375f13bb59ded", "0585e38214fea7ac0452aa4c91ce1866a7c11196c3ac433d5d2c8f0926b1d993", "0a2742d35fef3309868a747e585d542912fa8e6b82ff64b6df0ddec693b954e0", "f9aa6fa501379435e45be9a9a626ee1205b7dfa193c36c5e8530d88ec6effa28", "39df2f083999781a16ab03af79cae3f5e7ecb33e616d073e3669114ecc5d644b"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "sample-launched-copy-of-self", "hashes": ["e4dc994221574eff6af87a233c7ddfa33b007293c1c8619c22414b1ff051f719", "317ad67576e5f51b4503b5a58790ae583d1298e2ad50c42f1d54f1607e740865", "2d3c4909441820d1de63983c97ad0964558f6024da7e3df9f96175d4403bf218", "7f8ba1643800ef5c68f36fc5c7bd5f58e4bbf3488d1afe9457db3ff9f192f72c", "a25c4046bcb78ca6a41cf37262365cb6e630713d996962c5ed5624de6b70ce77", "8ecaeb0d4ab61d5b194f532e91402ee67f56cfeeca7f14bafe310f6c4f17ca8b", "70531690675458171a874b65e0446279933e41fceebb0510b43d0b910874b111", "f90910b0082c3cb94d48d090d0910f14fc3e62d9c05781e136e99c28bc977436", "ea3ae31a4b957e8f7b34fe94599a2c34b0acc3dd6d8f01409fd68c90d50da2a4", "528e5c62e0e8e3af8fc991a7c0401202675b71267e58ed2053631064b7bd0196", "c98f65ea7dd4196e3c68318d4c51322bd5cfe6d4449dc2be633e0aab32509bdb", "b1b116c818bb99e56d2bf16797fc561848ddbe2ce1fddc83a4c3533cd3686084", "f81ab857124dd17d90252c5b291d0e23f8d2331109a5b25f4651e4ad955e10b3", "15b848b09c13701b9cf4d7ec1546abaf4843a8cd4f93219465082594109b5a15", "7baa86e12a2c0cced0a644f2e0de4b34d3183e14e0ec0229decb7df669a1edf7", "3e434e528d5bdce10d103f262e13053037ba3f1d7d0cac058b697edbc5e7cf1f", "05b60c3808ba135a4782eb1ee6bec09856f5677154ece35a180033d7cece493c", "559fcab27f1bf9546475545d540aa891b901611247ede2b475c5093d31c859b3", "72d732766780f90c15b04466e29dfae232a2080b6a53a8a7d0b375f13bb59ded", "0585e38214fea7ac0452aa4c91ce1866a7c11196c3ac433d5d2c8f0926b1d993", "0a2742d35fef3309868a747e585d542912fa8e6b82ff64b6df0ddec693b954e0", "f9aa6fa501379435e45be9a9a626ee1205b7dfa193c36c5e8530d88ec6effa28", "39df2f083999781a16ab03af79cae3f5e7ecb33e616d073e3669114ecc5d644b"], "mitre_attack_tags": ["TA0005", "T1202"]}, {"bi": "process-hollowing-detected", "hashes": ["e4dc994221574eff6af87a233c7ddfa33b007293c1c8619c22414b1ff051f719", "317ad67576e5f51b4503b5a58790ae583d1298e2ad50c42f1d54f1607e740865", "2d3c4909441820d1de63983c97ad0964558f6024da7e3df9f96175d4403bf218", "7f8ba1643800ef5c68f36fc5c7bd5f58e4bbf3488d1afe9457db3ff9f192f72c", "a25c4046bcb78ca6a41cf37262365cb6e630713d996962c5ed5624de6b70ce77", "8ecaeb0d4ab61d5b194f532e91402ee67f56cfeeca7f14bafe310f6c4f17ca8b", "70531690675458171a874b65e0446279933e41fceebb0510b43d0b910874b111", "f90910b0082c3cb94d48d090d0910f14fc3e62d9c05781e136e99c28bc977436", "ea3ae31a4b957e8f7b34fe94599a2c34b0acc3dd6d8f01409fd68c90d50da2a4", "528e5c62e0e8e3af8fc991a7c0401202675b71267e58ed2053631064b7bd0196", "c98f65ea7dd4196e3c68318d4c51322bd5cfe6d4449dc2be633e0aab32509bdb", "b1b116c818bb99e56d2bf16797fc561848ddbe2ce1fddc83a4c3533cd3686084", "f81ab857124dd17d90252c5b291d0e23f8d2331109a5b25f4651e4ad955e10b3", "15b848b09c13701b9cf4d7ec1546abaf4843a8cd4f93219465082594109b5a15", "7baa86e12a2c0cced0a644f2e0de4b34d3183e14e0ec0229decb7df669a1edf7", "3e434e528d5bdce10d103f262e13053037ba3f1d7d0cac058b697edbc5e7cf1f", "05b60c3808ba135a4782eb1ee6bec09856f5677154ece35a180033d7cece493c", "559fcab27f1bf9546475545d540aa891b901611247ede2b475c5093d31c859b3", "72d732766780f90c15b04466e29dfae232a2080b6a53a8a7d0b375f13bb59ded", "0585e38214fea7ac0452aa4c91ce1866a7c11196c3ac433d5d2c8f0926b1d993", "0a2742d35fef3309868a747e585d542912fa8e6b82ff64b6df0ddec693b954e0", "f9aa6fa501379435e45be9a9a626ee1205b7dfa193c36c5e8530d88ec6effa28", "39df2f083999781a16ab03af79cae3f5e7ecb33e616d073e3669114ecc5d644b"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "pe-dos-header-paragraphs", "hashes": ["e4dc994221574eff6af87a233c7ddfa33b007293c1c8619c22414b1ff051f719", "317ad67576e5f51b4503b5a58790ae583d1298e2ad50c42f1d54f1607e740865", "2d3c4909441820d1de63983c97ad0964558f6024da7e3df9f96175d4403bf218", "7f8ba1643800ef5c68f36fc5c7bd5f58e4bbf3488d1afe9457db3ff9f192f72c", "a25c4046bcb78ca6a41cf37262365cb6e630713d996962c5ed5624de6b70ce77", "8ecaeb0d4ab61d5b194f532e91402ee67f56cfeeca7f14bafe310f6c4f17ca8b", "70531690675458171a874b65e0446279933e41fceebb0510b43d0b910874b111", "f90910b0082c3cb94d48d090d0910f14fc3e62d9c05781e136e99c28bc977436", "ea3ae31a4b957e8f7b34fe94599a2c34b0acc3dd6d8f01409fd68c90d50da2a4", "528e5c62e0e8e3af8fc991a7c0401202675b71267e58ed2053631064b7bd0196", "c98f65ea7dd4196e3c68318d4c51322bd5cfe6d4449dc2be633e0aab32509bdb", "b1b116c818bb99e56d2bf16797fc561848ddbe2ce1fddc83a4c3533cd3686084", "f81ab857124dd17d90252c5b291d0e23f8d2331109a5b25f4651e4ad955e10b3", "15b848b09c13701b9cf4d7ec1546abaf4843a8cd4f93219465082594109b5a15", "7baa86e12a2c0cced0a644f2e0de4b34d3183e14e0ec0229decb7df669a1edf7", "3e434e528d5bdce10d103f262e13053037ba3f1d7d0cac058b697edbc5e7cf1f", "05b60c3808ba135a4782eb1ee6bec09856f5677154ece35a180033d7cece493c", "559fcab27f1bf9546475545d540aa891b901611247ede2b475c5093d31c859b3", "72d732766780f90c15b04466e29dfae232a2080b6a53a8a7d0b375f13bb59ded", "0585e38214fea7ac0452aa4c91ce1866a7c11196c3ac433d5d2c8f0926b1d993", "0a2742d35fef3309868a747e585d542912fa8e6b82ff64b6df0ddec693b954e0", "f9aa6fa501379435e45be9a9a626ee1205b7dfa193c36c5e8530d88ec6effa28", "39df2f083999781a16ab03af79cae3f5e7ecb33e616d073e3669114ecc5d644b"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "pe-dos-header-initialsp", "hashes": ["e4dc994221574eff6af87a233c7ddfa33b007293c1c8619c22414b1ff051f719", "317ad67576e5f51b4503b5a58790ae583d1298e2ad50c42f1d54f1607e740865", "2d3c4909441820d1de63983c97ad0964558f6024da7e3df9f96175d4403bf218", "7f8ba1643800ef5c68f36fc5c7bd5f58e4bbf3488d1afe9457db3ff9f192f72c", "a25c4046bcb78ca6a41cf37262365cb6e630713d996962c5ed5624de6b70ce77", "8ecaeb0d4ab61d5b194f532e91402ee67f56cfeeca7f14bafe310f6c4f17ca8b", "70531690675458171a874b65e0446279933e41fceebb0510b43d0b910874b111", "f90910b0082c3cb94d48d090d0910f14fc3e62d9c05781e136e99c28bc977436", "ea3ae31a4b957e8f7b34fe94599a2c34b0acc3dd6d8f01409fd68c90d50da2a4", "528e5c62e0e8e3af8fc991a7c0401202675b71267e58ed2053631064b7bd0196", "c98f65ea7dd4196e3c68318d4c51322bd5cfe6d4449dc2be633e0aab32509bdb", "b1b116c818bb99e56d2bf16797fc561848ddbe2ce1fddc83a4c3533cd3686084", "f81ab857124dd17d90252c5b291d0e23f8d2331109a5b25f4651e4ad955e10b3", "15b848b09c13701b9cf4d7ec1546abaf4843a8cd4f93219465082594109b5a15", "7baa86e12a2c0cced0a644f2e0de4b34d3183e14e0ec0229decb7df669a1edf7", "3e434e528d5bdce10d103f262e13053037ba3f1d7d0cac058b697edbc5e7cf1f", "05b60c3808ba135a4782eb1ee6bec09856f5677154ece35a180033d7cece493c", "559fcab27f1bf9546475545d540aa891b901611247ede2b475c5093d31c859b3", "72d732766780f90c15b04466e29dfae232a2080b6a53a8a7d0b375f13bb59ded", "0585e38214fea7ac0452aa4c91ce1866a7c11196c3ac433d5d2c8f0926b1d993", "0a2742d35fef3309868a747e585d542912fa8e6b82ff64b6df0ddec693b954e0", "f9aa6fa501379435e45be9a9a626ee1205b7dfa193c36c5e8530d88ec6effa28", "39df2f083999781a16ab03af79cae3f5e7ecb33e616d073e3669114ecc5d644b"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "pe-dos-header-initialip", "hashes": ["e4dc994221574eff6af87a233c7ddfa33b007293c1c8619c22414b1ff051f719", "317ad67576e5f51b4503b5a58790ae583d1298e2ad50c42f1d54f1607e740865", "2d3c4909441820d1de63983c97ad0964558f6024da7e3df9f96175d4403bf218", "7f8ba1643800ef5c68f36fc5c7bd5f58e4bbf3488d1afe9457db3ff9f192f72c", "a25c4046bcb78ca6a41cf37262365cb6e630713d996962c5ed5624de6b70ce77", "8ecaeb0d4ab61d5b194f532e91402ee67f56cfeeca7f14bafe310f6c4f17ca8b", "70531690675458171a874b65e0446279933e41fceebb0510b43d0b910874b111", "f90910b0082c3cb94d48d090d0910f14fc3e62d9c05781e136e99c28bc977436", "ea3ae31a4b957e8f7b34fe94599a2c34b0acc3dd6d8f01409fd68c90d50da2a4", "528e5c62e0e8e3af8fc991a7c0401202675b71267e58ed2053631064b7bd0196", "c98f65ea7dd4196e3c68318d4c51322bd5cfe6d4449dc2be633e0aab32509bdb", "b1b116c818bb99e56d2bf16797fc561848ddbe2ce1fddc83a4c3533cd3686084", "f81ab857124dd17d90252c5b291d0e23f8d2331109a5b25f4651e4ad955e10b3", "15b848b09c13701b9cf4d7ec1546abaf4843a8cd4f93219465082594109b5a15", "7baa86e12a2c0cced0a644f2e0de4b34d3183e14e0ec0229decb7df669a1edf7", "3e434e528d5bdce10d103f262e13053037ba3f1d7d0cac058b697edbc5e7cf1f", "05b60c3808ba135a4782eb1ee6bec09856f5677154ece35a180033d7cece493c", "559fcab27f1bf9546475545d540aa891b901611247ede2b475c5093d31c859b3", "72d732766780f90c15b04466e29dfae232a2080b6a53a8a7d0b375f13bb59ded", "0585e38214fea7ac0452aa4c91ce1866a7c11196c3ac433d5d2c8f0926b1d993", "0a2742d35fef3309868a747e585d542912fa8e6b82ff64b6df0ddec693b954e0", "f9aa6fa501379435e45be9a9a626ee1205b7dfa193c36c5e8530d88ec6effa28", "39df2f083999781a16ab03af79cae3f5e7ecb33e616d073e3669114ecc5d644b"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "artifact-pe-no-dos", "hashes": ["e4dc994221574eff6af87a233c7ddfa33b007293c1c8619c22414b1ff051f719", "317ad67576e5f51b4503b5a58790ae583d1298e2ad50c42f1d54f1607e740865", "2d3c4909441820d1de63983c97ad0964558f6024da7e3df9f96175d4403bf218", "7f8ba1643800ef5c68f36fc5c7bd5f58e4bbf3488d1afe9457db3ff9f192f72c", "a25c4046bcb78ca6a41cf37262365cb6e630713d996962c5ed5624de6b70ce77", "8ecaeb0d4ab61d5b194f532e91402ee67f56cfeeca7f14bafe310f6c4f17ca8b", "70531690675458171a874b65e0446279933e41fceebb0510b43d0b910874b111", "f90910b0082c3cb94d48d090d0910f14fc3e62d9c05781e136e99c28bc977436", "ea3ae31a4b957e8f7b34fe94599a2c34b0acc3dd6d8f01409fd68c90d50da2a4", "528e5c62e0e8e3af8fc991a7c0401202675b71267e58ed2053631064b7bd0196", "c98f65ea7dd4196e3c68318d4c51322bd5cfe6d4449dc2be633e0aab32509bdb", "b1b116c818bb99e56d2bf16797fc561848ddbe2ce1fddc83a4c3533cd3686084", "f81ab857124dd17d90252c5b291d0e23f8d2331109a5b25f4651e4ad955e10b3", "15b848b09c13701b9cf4d7ec1546abaf4843a8cd4f93219465082594109b5a15", "7baa86e12a2c0cced0a644f2e0de4b34d3183e14e0ec0229decb7df669a1edf7", "3e434e528d5bdce10d103f262e13053037ba3f1d7d0cac058b697edbc5e7cf1f", "05b60c3808ba135a4782eb1ee6bec09856f5677154ece35a180033d7cece493c", "559fcab27f1bf9546475545d540aa891b901611247ede2b475c5093d31c859b3", "72d732766780f90c15b04466e29dfae232a2080b6a53a8a7d0b375f13bb59ded", "0585e38214fea7ac0452aa4c91ce1866a7c11196c3ac433d5d2c8f0926b1d993", "0a2742d35fef3309868a747e585d542912fa8e6b82ff64b6df0ddec693b954e0", "f9aa6fa501379435e45be9a9a626ee1205b7dfa193c36c5e8530d88ec6effa28", "39df2f083999781a16ab03af79cae3f5e7ecb33e616d073e3669114ecc5d644b"], "mitre_attack_tags": []}, {"bi": "pe-header-numofsymbols", "hashes": ["e4dc994221574eff6af87a233c7ddfa33b007293c1c8619c22414b1ff051f719", "317ad67576e5f51b4503b5a58790ae583d1298e2ad50c42f1d54f1607e740865", "2d3c4909441820d1de63983c97ad0964558f6024da7e3df9f96175d4403bf218", "7f8ba1643800ef5c68f36fc5c7bd5f58e4bbf3488d1afe9457db3ff9f192f72c", "a25c4046bcb78ca6a41cf37262365cb6e630713d996962c5ed5624de6b70ce77", "8ecaeb0d4ab61d5b194f532e91402ee67f56cfeeca7f14bafe310f6c4f17ca8b", "70531690675458171a874b65e0446279933e41fceebb0510b43d0b910874b111", "f90910b0082c3cb94d48d090d0910f14fc3e62d9c05781e136e99c28bc977436", "ea3ae31a4b957e8f7b34fe94599a2c34b0acc3dd6d8f01409fd68c90d50da2a4", "528e5c62e0e8e3af8fc991a7c0401202675b71267e58ed2053631064b7bd0196", "c98f65ea7dd4196e3c68318d4c51322bd5cfe6d4449dc2be633e0aab32509bdb", "b1b116c818bb99e56d2bf16797fc561848ddbe2ce1fddc83a4c3533cd3686084", "f81ab857124dd17d90252c5b291d0e23f8d2331109a5b25f4651e4ad955e10b3", "15b848b09c13701b9cf4d7ec1546abaf4843a8cd4f93219465082594109b5a15", "7baa86e12a2c0cced0a644f2e0de4b34d3183e14e0ec0229decb7df669a1edf7", "3e434e528d5bdce10d103f262e13053037ba3f1d7d0cac058b697edbc5e7cf1f", "05b60c3808ba135a4782eb1ee6bec09856f5677154ece35a180033d7cece493c", "559fcab27f1bf9546475545d540aa891b901611247ede2b475c5093d31c859b3", "72d732766780f90c15b04466e29dfae232a2080b6a53a8a7d0b375f13bb59ded", "0585e38214fea7ac0452aa4c91ce1866a7c11196c3ac433d5d2c8f0926b1d993", "0a2742d35fef3309868a747e585d542912fa8e6b82ff64b6df0ddec693b954e0", "f9aa6fa501379435e45be9a9a626ee1205b7dfa193c36c5e8530d88ec6effa28", "39df2f083999781a16ab03af79cae3f5e7ecb33e616d073e3669114ecc5d644b"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "malware-bifrost-default-mutex-detected", "hashes": ["e4dc994221574eff6af87a233c7ddfa33b007293c1c8619c22414b1ff051f719", "2d3c4909441820d1de63983c97ad0964558f6024da7e3df9f96175d4403bf218", "7f8ba1643800ef5c68f36fc5c7bd5f58e4bbf3488d1afe9457db3ff9f192f72c", "a25c4046bcb78ca6a41cf37262365cb6e630713d996962c5ed5624de6b70ce77", "70531690675458171a874b65e0446279933e41fceebb0510b43d0b910874b111", "f90910b0082c3cb94d48d090d0910f14fc3e62d9c05781e136e99c28bc977436", "ea3ae31a4b957e8f7b34fe94599a2c34b0acc3dd6d8f01409fd68c90d50da2a4", "528e5c62e0e8e3af8fc991a7c0401202675b71267e58ed2053631064b7bd0196", "c98f65ea7dd4196e3c68318d4c51322bd5cfe6d4449dc2be633e0aab32509bdb", "b1b116c818bb99e56d2bf16797fc561848ddbe2ce1fddc83a4c3533cd3686084", "f81ab857124dd17d90252c5b291d0e23f8d2331109a5b25f4651e4ad955e10b3", "15b848b09c13701b9cf4d7ec1546abaf4843a8cd4f93219465082594109b5a15", "7baa86e12a2c0cced0a644f2e0de4b34d3183e14e0ec0229decb7df669a1edf7", "3e434e528d5bdce10d103f262e13053037ba3f1d7d0cac058b697edbc5e7cf1f", "05b60c3808ba135a4782eb1ee6bec09856f5677154ece35a180033d7cece493c", "72d732766780f90c15b04466e29dfae232a2080b6a53a8a7d0b375f13bb59ded", "f9aa6fa501379435e45be9a9a626ee1205b7dfa193c36c5e8530d88ec6effa28", "39df2f083999781a16ab03af79cae3f5e7ecb33e616d073e3669114ecc5d644b"], "mitre_attack_tags": []}, {"bi": "modified-file-in-user-dir", "hashes": ["317ad67576e5f51b4503b5a58790ae583d1298e2ad50c42f1d54f1607e740865", "2d3c4909441820d1de63983c97ad0964558f6024da7e3df9f96175d4403bf218"], "mitre_attack_tags": []}], "category": "Dropper", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": false, "Threat Grid": true, "Umbrella": false, "WSA": false}, "description": "Bifrost is a backdoor with more than 10 variants. Bifrost uses the typical server, server builder and client backdoor program configuration to allow a remote attacker who uses the client to execute arbitrary code on the compromised machine. The malware contains standard RAT features including a file manager, screen capture utility, keylogging, video recording, microphone and camera monitoring, and a process manager. To mark its presence in the system, Bifrost uses a mutex that may be named \"Bif1234\" or \"Tr0gBot.\"", "hashes": ["0585e38214fea7ac0452aa4c91ce1866a7c11196c3ac433d5d2c8f0926b1d993", "05b60c3808ba135a4782eb1ee6bec09856f5677154ece35a180033d7cece493c", "0a2742d35fef3309868a747e585d542912fa8e6b82ff64b6df0ddec693b954e0", "15b848b09c13701b9cf4d7ec1546abaf4843a8cd4f93219465082594109b5a15", "2d3c4909441820d1de63983c97ad0964558f6024da7e3df9f96175d4403bf218", "317ad67576e5f51b4503b5a58790ae583d1298e2ad50c42f1d54f1607e740865", "39df2f083999781a16ab03af79cae3f5e7ecb33e616d073e3669114ecc5d644b", "3e434e528d5bdce10d103f262e13053037ba3f1d7d0cac058b697edbc5e7cf1f", "528e5c62e0e8e3af8fc991a7c0401202675b71267e58ed2053631064b7bd0196", "559fcab27f1bf9546475545d540aa891b901611247ede2b475c5093d31c859b3", "70531690675458171a874b65e0446279933e41fceebb0510b43d0b910874b111", "72d732766780f90c15b04466e29dfae232a2080b6a53a8a7d0b375f13bb59ded", "7baa86e12a2c0cced0a644f2e0de4b34d3183e14e0ec0229decb7df669a1edf7", "7f8ba1643800ef5c68f36fc5c7bd5f58e4bbf3488d1afe9457db3ff9f192f72c", "8ecaeb0d4ab61d5b194f532e91402ee67f56cfeeca7f14bafe310f6c4f17ca8b", "a25c4046bcb78ca6a41cf37262365cb6e630713d996962c5ed5624de6b70ce77", "b1b116c818bb99e56d2bf16797fc561848ddbe2ce1fddc83a4c3533cd3686084", "c98f65ea7dd4196e3c68318d4c51322bd5cfe6d4449dc2be633e0aab32509bdb", "e4dc994221574eff6af87a233c7ddfa33b007293c1c8619c22414b1ff051f719", "ea3ae31a4b957e8f7b34fe94599a2c34b0acc3dd6d8f01409fd68c90d50da2a4", "f81ab857124dd17d90252c5b291d0e23f8d2331109a5b25f4651e4ad955e10b3", "f90910b0082c3cb94d48d090d0910f14fc3e62d9c05781e136e99c28bc977436", "f9aa6fa501379435e45be9a9a626ee1205b7dfa193c36c5e8530d88ec6effa28"], "iocs": {"domain": [], "file": [{"hashes": ["2d3c4909441820d1de63983c97ad0964558f6024da7e3df9f96175d4403bf218", "317ad67576e5f51b4503b5a58790ae583d1298e2ad50c42f1d54f1607e740865"], "path": "%APPDATA%\\addons.dat"}], "ip": [], "mutex": [{"hashes": ["05b60c3808ba135a4782eb1ee6bec09856f5677154ece35a180033d7cece493c", "15b848b09c13701b9cf4d7ec1546abaf4843a8cd4f93219465082594109b5a15", "2d3c4909441820d1de63983c97ad0964558f6024da7e3df9f96175d4403bf218", "39df2f083999781a16ab03af79cae3f5e7ecb33e616d073e3669114ecc5d644b", "3e434e528d5bdce10d103f262e13053037ba3f1d7d0cac058b697edbc5e7cf1f", "528e5c62e0e8e3af8fc991a7c0401202675b71267e58ed2053631064b7bd0196", "70531690675458171a874b65e0446279933e41fceebb0510b43d0b910874b111", "72d732766780f90c15b04466e29dfae232a2080b6a53a8a7d0b375f13bb59ded", "7baa86e12a2c0cced0a644f2e0de4b34d3183e14e0ec0229decb7df669a1edf7", "7f8ba1643800ef5c68f36fc5c7bd5f58e4bbf3488d1afe9457db3ff9f192f72c", "a25c4046bcb78ca6a41cf37262365cb6e630713d996962c5ed5624de6b70ce77", "b1b116c818bb99e56d2bf16797fc561848ddbe2ce1fddc83a4c3533cd3686084", "c98f65ea7dd4196e3c68318d4c51322bd5cfe6d4449dc2be633e0aab32509bdb", "e4dc994221574eff6af87a233c7ddfa33b007293c1c8619c22414b1ff051f719", "ea3ae31a4b957e8f7b34fe94599a2c34b0acc3dd6d8f01409fd68c90d50da2a4", "f81ab857124dd17d90252c5b291d0e23f8d2331109a5b25f4651e4ad955e10b3", "f90910b0082c3cb94d48d090d0910f14fc3e62d9c05781e136e99c28bc977436", "f9aa6fa501379435e45be9a9a626ee1205b7dfa193c36c5e8530d88ec6effa28"], "name": "Bif1234"}, {"hashes": ["0585e38214fea7ac0452aa4c91ce1866a7c11196c3ac433d5d2c8f0926b1d993", "0a2742d35fef3309868a747e585d542912fa8e6b82ff64b6df0ddec693b954e0", "317ad67576e5f51b4503b5a58790ae583d1298e2ad50c42f1d54f1607e740865", "559fcab27f1bf9546475545d540aa891b901611247ede2b475c5093d31c859b3", "8ecaeb0d4ab61d5b194f532e91402ee67f56cfeeca7f14bafe310f6c4f17ca8b"], "name": "<random, matching [a-zA-Z0-9]{5,9}>"}], "registry": []}, "reports_count": 23}, "Win.Dropper.Kuluoz-9999994-0": {"bis": [{"bi": "pe-encrypted-section", "hashes": ["bffc4ce4aaa6bc170bda9add99f472156487dc312fd95bf6c78ed26e2c2309a3", "924a3c1317e1f4cc772b9a0de3e95ec4f9f8070f407bd537c4e51574a6c15995", "baed3471b03a58c6e1a8eb071a7222c8b3cddc9e060b037b20f7688cab589428", "506602749b567b9884d91c7a728764d2500d3860c32ee315703148dc594e594c", "66b435ae8f847ca30c42ff42ea504d099c04b017410b6770fb675973428c9e64", "aad3e3b8506fe64eaca3828050ce78be32582a621a79e869e253e924f2dca99e", "10c08a7e1cd4f6561f3996b871831d21c7c4671c9dc42176c8f560e8c515f8d2", "aca38b67e6d24e77fae537d82f49ffd344ef75bc4458d626b697ac0be4ebbab4", "e53a65c88ac8a732e06305b6ac0fbb8fc9f6b1035f71e7191df440daa75099c1", "1e55c11a9f3bd854166e1c6ef53a384fece89b8fc421047359a2b99fa049cf6e", "9f07d324155b0aa405671f8e56d8a36ccbc7a66842d175f379029c6480a84077", "00417d6eb1a336d0e1414544264bff6f924822e3da217cd61892f322c30e5f9d", "464d669aeb5c011158cf8faca6a674fdaaa7df444c91948837d3b8c75c8c9a34", "19cff7bd4713b5d8103f19715c96e6878dcbb2634ba901a05719d2bd0fb2ff4b", "34a354c972b87640c6dc11e76be22c81da7ead7da852e64ac5d917df6c71faa6", "ba905bf22b38e1f3869279bfef60f3998e0521c0b2f9e045adc9b517826f8dcf", "667b0dfd97f1a4b6f66681f49621a2ec69f5f72f0aaf7d210d8fa7fca40f0d7d", "7ad944253149901bdadc966f740c6e56b7ce87ec2678d31bccb7b4622a3b0516", "f2fa0559b22f7db6171a49318175f20e70052f9c4f747e79434c419c0fba0806", "29e0a59f6d38ec701ca6aa122c6a54726d5b0ed5536d2f89abdecca3f1a2de24", "1c77cbe7e26592746c4f7b8e3995234ce89efab7a1f08f4c725935ee6ed469e1", "5a422203f58d9e0344c737cc1166aba480742ede8d3baf2903ae42c3a0279e43"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "memory-execute-readwrite", "hashes": ["bffc4ce4aaa6bc170bda9add99f472156487dc312fd95bf6c78ed26e2c2309a3", "924a3c1317e1f4cc772b9a0de3e95ec4f9f8070f407bd537c4e51574a6c15995", "baed3471b03a58c6e1a8eb071a7222c8b3cddc9e060b037b20f7688cab589428", "506602749b567b9884d91c7a728764d2500d3860c32ee315703148dc594e594c", "66b435ae8f847ca30c42ff42ea504d099c04b017410b6770fb675973428c9e64", "aad3e3b8506fe64eaca3828050ce78be32582a621a79e869e253e924f2dca99e", "10c08a7e1cd4f6561f3996b871831d21c7c4671c9dc42176c8f560e8c515f8d2", "aca38b67e6d24e77fae537d82f49ffd344ef75bc4458d626b697ac0be4ebbab4", "e53a65c88ac8a732e06305b6ac0fbb8fc9f6b1035f71e7191df440daa75099c1", "1e55c11a9f3bd854166e1c6ef53a384fece89b8fc421047359a2b99fa049cf6e", "9f07d324155b0aa405671f8e56d8a36ccbc7a66842d175f379029c6480a84077", "00417d6eb1a336d0e1414544264bff6f924822e3da217cd61892f322c30e5f9d", "464d669aeb5c011158cf8faca6a674fdaaa7df444c91948837d3b8c75c8c9a34", "19cff7bd4713b5d8103f19715c96e6878dcbb2634ba901a05719d2bd0fb2ff4b", "34a354c972b87640c6dc11e76be22c81da7ead7da852e64ac5d917df6c71faa6", "ba905bf22b38e1f3869279bfef60f3998e0521c0b2f9e045adc9b517826f8dcf", "667b0dfd97f1a4b6f66681f49621a2ec69f5f72f0aaf7d210d8fa7fca40f0d7d", "7ad944253149901bdadc966f740c6e56b7ce87ec2678d31bccb7b4622a3b0516", "f2fa0559b22f7db6171a49318175f20e70052f9c4f747e79434c419c0fba0806", "29e0a59f6d38ec701ca6aa122c6a54726d5b0ed5536d2f89abdecca3f1a2de24", "1c77cbe7e26592746c4f7b8e3995234ce89efab7a1f08f4c725935ee6ed469e1", "5a422203f58d9e0344c737cc1166aba480742ede8d3baf2903ae42c3a0279e43"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "modified-executable", "hashes": ["bffc4ce4aaa6bc170bda9add99f472156487dc312fd95bf6c78ed26e2c2309a3", "924a3c1317e1f4cc772b9a0de3e95ec4f9f8070f407bd537c4e51574a6c15995", "baed3471b03a58c6e1a8eb071a7222c8b3cddc9e060b037b20f7688cab589428", "506602749b567b9884d91c7a728764d2500d3860c32ee315703148dc594e594c", "66b435ae8f847ca30c42ff42ea504d099c04b017410b6770fb675973428c9e64", "aad3e3b8506fe64eaca3828050ce78be32582a621a79e869e253e924f2dca99e", "10c08a7e1cd4f6561f3996b871831d21c7c4671c9dc42176c8f560e8c515f8d2", "aca38b67e6d24e77fae537d82f49ffd344ef75bc4458d626b697ac0be4ebbab4", "e53a65c88ac8a732e06305b6ac0fbb8fc9f6b1035f71e7191df440daa75099c1", "1e55c11a9f3bd854166e1c6ef53a384fece89b8fc421047359a2b99fa049cf6e", "9f07d324155b0aa405671f8e56d8a36ccbc7a66842d175f379029c6480a84077", "00417d6eb1a336d0e1414544264bff6f924822e3da217cd61892f322c30e5f9d", "464d669aeb5c011158cf8faca6a674fdaaa7df444c91948837d3b8c75c8c9a34", "19cff7bd4713b5d8103f19715c96e6878dcbb2634ba901a05719d2bd0fb2ff4b", "34a354c972b87640c6dc11e76be22c81da7ead7da852e64ac5d917df6c71faa6", "ba905bf22b38e1f3869279bfef60f3998e0521c0b2f9e045adc9b517826f8dcf", "667b0dfd97f1a4b6f66681f49621a2ec69f5f72f0aaf7d210d8fa7fca40f0d7d", "7ad944253149901bdadc966f740c6e56b7ce87ec2678d31bccb7b4622a3b0516", "f2fa0559b22f7db6171a49318175f20e70052f9c4f747e79434c419c0fba0806", "29e0a59f6d38ec701ca6aa122c6a54726d5b0ed5536d2f89abdecca3f1a2de24", "1c77cbe7e26592746c4f7b8e3995234ce89efab7a1f08f4c725935ee6ed469e1", "5a422203f58d9e0344c737cc1166aba480742ede8d3baf2903ae42c3a0279e43"], "mitre_attack_tags": []}, {"bi": "created-executable-in-user-dir", "hashes": ["bffc4ce4aaa6bc170bda9add99f472156487dc312fd95bf6c78ed26e2c2309a3", "924a3c1317e1f4cc772b9a0de3e95ec4f9f8070f407bd537c4e51574a6c15995", "baed3471b03a58c6e1a8eb071a7222c8b3cddc9e060b037b20f7688cab589428", "506602749b567b9884d91c7a728764d2500d3860c32ee315703148dc594e594c", "66b435ae8f847ca30c42ff42ea504d099c04b017410b6770fb675973428c9e64", "aad3e3b8506fe64eaca3828050ce78be32582a621a79e869e253e924f2dca99e", "10c08a7e1cd4f6561f3996b871831d21c7c4671c9dc42176c8f560e8c515f8d2", "aca38b67e6d24e77fae537d82f49ffd344ef75bc4458d626b697ac0be4ebbab4", "e53a65c88ac8a732e06305b6ac0fbb8fc9f6b1035f71e7191df440daa75099c1", "1e55c11a9f3bd854166e1c6ef53a384fece89b8fc421047359a2b99fa049cf6e", "9f07d324155b0aa405671f8e56d8a36ccbc7a66842d175f379029c6480a84077", "00417d6eb1a336d0e1414544264bff6f924822e3da217cd61892f322c30e5f9d", "464d669aeb5c011158cf8faca6a674fdaaa7df444c91948837d3b8c75c8c9a34", "19cff7bd4713b5d8103f19715c96e6878dcbb2634ba901a05719d2bd0fb2ff4b", "34a354c972b87640c6dc11e76be22c81da7ead7da852e64ac5d917df6c71faa6", "ba905bf22b38e1f3869279bfef60f3998e0521c0b2f9e045adc9b517826f8dcf", "667b0dfd97f1a4b6f66681f49621a2ec69f5f72f0aaf7d210d8fa7fca40f0d7d", "7ad944253149901bdadc966f740c6e56b7ce87ec2678d31bccb7b4622a3b0516", "f2fa0559b22f7db6171a49318175f20e70052f9c4f747e79434c419c0fba0806", "29e0a59f6d38ec701ca6aa122c6a54726d5b0ed5536d2f89abdecca3f1a2de24", "1c77cbe7e26592746c4f7b8e3995234ce89efab7a1f08f4c725935ee6ed469e1", "5a422203f58d9e0344c737cc1166aba480742ede8d3baf2903ae42c3a0279e43"], "mitre_attack_tags": []}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["bffc4ce4aaa6bc170bda9add99f472156487dc312fd95bf6c78ed26e2c2309a3", "924a3c1317e1f4cc772b9a0de3e95ec4f9f8070f407bd537c4e51574a6c15995", "baed3471b03a58c6e1a8eb071a7222c8b3cddc9e060b037b20f7688cab589428", "506602749b567b9884d91c7a728764d2500d3860c32ee315703148dc594e594c", "66b435ae8f847ca30c42ff42ea504d099c04b017410b6770fb675973428c9e64", "aad3e3b8506fe64eaca3828050ce78be32582a621a79e869e253e924f2dca99e", "10c08a7e1cd4f6561f3996b871831d21c7c4671c9dc42176c8f560e8c515f8d2", "aca38b67e6d24e77fae537d82f49ffd344ef75bc4458d626b697ac0be4ebbab4", "e53a65c88ac8a732e06305b6ac0fbb8fc9f6b1035f71e7191df440daa75099c1", "1e55c11a9f3bd854166e1c6ef53a384fece89b8fc421047359a2b99fa049cf6e", "9f07d324155b0aa405671f8e56d8a36ccbc7a66842d175f379029c6480a84077", "00417d6eb1a336d0e1414544264bff6f924822e3da217cd61892f322c30e5f9d", "464d669aeb5c011158cf8faca6a674fdaaa7df444c91948837d3b8c75c8c9a34", "19cff7bd4713b5d8103f19715c96e6878dcbb2634ba901a05719d2bd0fb2ff4b", "34a354c972b87640c6dc11e76be22c81da7ead7da852e64ac5d917df6c71faa6", "ba905bf22b38e1f3869279bfef60f3998e0521c0b2f9e045adc9b517826f8dcf", "667b0dfd97f1a4b6f66681f49621a2ec69f5f72f0aaf7d210d8fa7fca40f0d7d", "7ad944253149901bdadc966f740c6e56b7ce87ec2678d31bccb7b4622a3b0516", "f2fa0559b22f7db6171a49318175f20e70052f9c4f747e79434c419c0fba0806", "29e0a59f6d38ec701ca6aa122c6a54726d5b0ed5536d2f89abdecca3f1a2de24", "1c77cbe7e26592746c4f7b8e3995234ce89efab7a1f08f4c725935ee6ed469e1", "5a422203f58d9e0344c737cc1166aba480742ede8d3baf2903ae42c3a0279e43"], "mitre_attack_tags": []}, {"bi": "modified-file-in-user-dir", "hashes": ["bffc4ce4aaa6bc170bda9add99f472156487dc312fd95bf6c78ed26e2c2309a3", "924a3c1317e1f4cc772b9a0de3e95ec4f9f8070f407bd537c4e51574a6c15995", "baed3471b03a58c6e1a8eb071a7222c8b3cddc9e060b037b20f7688cab589428", "506602749b567b9884d91c7a728764d2500d3860c32ee315703148dc594e594c", "66b435ae8f847ca30c42ff42ea504d099c04b017410b6770fb675973428c9e64", "aad3e3b8506fe64eaca3828050ce78be32582a621a79e869e253e924f2dca99e", "10c08a7e1cd4f6561f3996b871831d21c7c4671c9dc42176c8f560e8c515f8d2", "aca38b67e6d24e77fae537d82f49ffd344ef75bc4458d626b697ac0be4ebbab4", "e53a65c88ac8a732e06305b6ac0fbb8fc9f6b1035f71e7191df440daa75099c1", "1e55c11a9f3bd854166e1c6ef53a384fece89b8fc421047359a2b99fa049cf6e", "9f07d324155b0aa405671f8e56d8a36ccbc7a66842d175f379029c6480a84077", "00417d6eb1a336d0e1414544264bff6f924822e3da217cd61892f322c30e5f9d", "464d669aeb5c011158cf8faca6a674fdaaa7df444c91948837d3b8c75c8c9a34", "19cff7bd4713b5d8103f19715c96e6878dcbb2634ba901a05719d2bd0fb2ff4b", "34a354c972b87640c6dc11e76be22c81da7ead7da852e64ac5d917df6c71faa6", "ba905bf22b38e1f3869279bfef60f3998e0521c0b2f9e045adc9b517826f8dcf", "667b0dfd97f1a4b6f66681f49621a2ec69f5f72f0aaf7d210d8fa7fca40f0d7d", "7ad944253149901bdadc966f740c6e56b7ce87ec2678d31bccb7b4622a3b0516", "f2fa0559b22f7db6171a49318175f20e70052f9c4f747e79434c419c0fba0806", "29e0a59f6d38ec701ca6aa122c6a54726d5b0ed5536d2f89abdecca3f1a2de24", "1c77cbe7e26592746c4f7b8e3995234ce89efab7a1f08f4c725935ee6ed469e1", "5a422203f58d9e0344c737cc1166aba480742ede8d3baf2903ae42c3a0279e43"], "mitre_attack_tags": []}, {"bi": "process-svchost-suspicious-launch", "hashes": ["bffc4ce4aaa6bc170bda9add99f472156487dc312fd95bf6c78ed26e2c2309a3", "924a3c1317e1f4cc772b9a0de3e95ec4f9f8070f407bd537c4e51574a6c15995", "baed3471b03a58c6e1a8eb071a7222c8b3cddc9e060b037b20f7688cab589428", "506602749b567b9884d91c7a728764d2500d3860c32ee315703148dc594e594c", "66b435ae8f847ca30c42ff42ea504d099c04b017410b6770fb675973428c9e64", "aad3e3b8506fe64eaca3828050ce78be32582a621a79e869e253e924f2dca99e", "10c08a7e1cd4f6561f3996b871831d21c7c4671c9dc42176c8f560e8c515f8d2", "aca38b67e6d24e77fae537d82f49ffd344ef75bc4458d626b697ac0be4ebbab4", "e53a65c88ac8a732e06305b6ac0fbb8fc9f6b1035f71e7191df440daa75099c1", "1e55c11a9f3bd854166e1c6ef53a384fece89b8fc421047359a2b99fa049cf6e", "9f07d324155b0aa405671f8e56d8a36ccbc7a66842d175f379029c6480a84077", "00417d6eb1a336d0e1414544264bff6f924822e3da217cd61892f322c30e5f9d", "464d669aeb5c011158cf8faca6a674fdaaa7df444c91948837d3b8c75c8c9a34", "19cff7bd4713b5d8103f19715c96e6878dcbb2634ba901a05719d2bd0fb2ff4b", "34a354c972b87640c6dc11e76be22c81da7ead7da852e64ac5d917df6c71faa6", "ba905bf22b38e1f3869279bfef60f3998e0521c0b2f9e045adc9b517826f8dcf", "667b0dfd97f1a4b6f66681f49621a2ec69f5f72f0aaf7d210d8fa7fca40f0d7d", "7ad944253149901bdadc966f740c6e56b7ce87ec2678d31bccb7b4622a3b0516", "f2fa0559b22f7db6171a49318175f20e70052f9c4f747e79434c419c0fba0806", "29e0a59f6d38ec701ca6aa122c6a54726d5b0ed5536d2f89abdecca3f1a2de24", "1c77cbe7e26592746c4f7b8e3995234ce89efab7a1f08f4c725935ee6ed469e1", "5a422203f58d9e0344c737cc1166aba480742ede8d3baf2903ae42c3a0279e43"], "mitre_attack_tags": ["TA0005", "T1036"]}, {"bi": "registry-autorun-key-data-dir", "hashes": ["bffc4ce4aaa6bc170bda9add99f472156487dc312fd95bf6c78ed26e2c2309a3", "924a3c1317e1f4cc772b9a0de3e95ec4f9f8070f407bd537c4e51574a6c15995", "baed3471b03a58c6e1a8eb071a7222c8b3cddc9e060b037b20f7688cab589428", "506602749b567b9884d91c7a728764d2500d3860c32ee315703148dc594e594c", "66b435ae8f847ca30c42ff42ea504d099c04b017410b6770fb675973428c9e64", "aad3e3b8506fe64eaca3828050ce78be32582a621a79e869e253e924f2dca99e", "10c08a7e1cd4f6561f3996b871831d21c7c4671c9dc42176c8f560e8c515f8d2", "aca38b67e6d24e77fae537d82f49ffd344ef75bc4458d626b697ac0be4ebbab4", "e53a65c88ac8a732e06305b6ac0fbb8fc9f6b1035f71e7191df440daa75099c1", "1e55c11a9f3bd854166e1c6ef53a384fece89b8fc421047359a2b99fa049cf6e", "9f07d324155b0aa405671f8e56d8a36ccbc7a66842d175f379029c6480a84077", "00417d6eb1a336d0e1414544264bff6f924822e3da217cd61892f322c30e5f9d", "464d669aeb5c011158cf8faca6a674fdaaa7df444c91948837d3b8c75c8c9a34", "19cff7bd4713b5d8103f19715c96e6878dcbb2634ba901a05719d2bd0fb2ff4b", "34a354c972b87640c6dc11e76be22c81da7ead7da852e64ac5d917df6c71faa6", "ba905bf22b38e1f3869279bfef60f3998e0521c0b2f9e045adc9b517826f8dcf", "667b0dfd97f1a4b6f66681f49621a2ec69f5f72f0aaf7d210d8fa7fca40f0d7d", "7ad944253149901bdadc966f740c6e56b7ce87ec2678d31bccb7b4622a3b0516", "f2fa0559b22f7db6171a49318175f20e70052f9c4f747e79434c419c0fba0806", "29e0a59f6d38ec701ca6aa122c6a54726d5b0ed5536d2f89abdecca3f1a2de24", "1c77cbe7e26592746c4f7b8e3995234ce89efab7a1f08f4c725935ee6ed469e1", "5a422203f58d9e0344c737cc1166aba480742ede8d3baf2903ae42c3a0279e43"], "mitre_attack_tags": ["TA0003", "TA0004", "T1547"]}, {"bi": "registry-autorun-key-modified", "hashes": ["bffc4ce4aaa6bc170bda9add99f472156487dc312fd95bf6c78ed26e2c2309a3", "924a3c1317e1f4cc772b9a0de3e95ec4f9f8070f407bd537c4e51574a6c15995", "baed3471b03a58c6e1a8eb071a7222c8b3cddc9e060b037b20f7688cab589428", "506602749b567b9884d91c7a728764d2500d3860c32ee315703148dc594e594c", "66b435ae8f847ca30c42ff42ea504d099c04b017410b6770fb675973428c9e64", "aad3e3b8506fe64eaca3828050ce78be32582a621a79e869e253e924f2dca99e", "10c08a7e1cd4f6561f3996b871831d21c7c4671c9dc42176c8f560e8c515f8d2", "aca38b67e6d24e77fae537d82f49ffd344ef75bc4458d626b697ac0be4ebbab4", "e53a65c88ac8a732e06305b6ac0fbb8fc9f6b1035f71e7191df440daa75099c1", "1e55c11a9f3bd854166e1c6ef53a384fece89b8fc421047359a2b99fa049cf6e", "9f07d324155b0aa405671f8e56d8a36ccbc7a66842d175f379029c6480a84077", "00417d6eb1a336d0e1414544264bff6f924822e3da217cd61892f322c30e5f9d", "464d669aeb5c011158cf8faca6a674fdaaa7df444c91948837d3b8c75c8c9a34", "19cff7bd4713b5d8103f19715c96e6878dcbb2634ba901a05719d2bd0fb2ff4b", "34a354c972b87640c6dc11e76be22c81da7ead7da852e64ac5d917df6c71faa6", "ba905bf22b38e1f3869279bfef60f3998e0521c0b2f9e045adc9b517826f8dcf", "667b0dfd97f1a4b6f66681f49621a2ec69f5f72f0aaf7d210d8fa7fca40f0d7d", "7ad944253149901bdadc966f740c6e56b7ce87ec2678d31bccb7b4622a3b0516", "f2fa0559b22f7db6171a49318175f20e70052f9c4f747e79434c419c0fba0806", "29e0a59f6d38ec701ca6aa122c6a54726d5b0ed5536d2f89abdecca3f1a2de24", "1c77cbe7e26592746c4f7b8e3995234ce89efab7a1f08f4c725935ee6ed469e1", "5a422203f58d9e0344c737cc1166aba480742ede8d3baf2903ae42c3a0279e43"], "mitre_attack_tags": ["TA0003", "TA0004", "T1547"]}, {"bi": "imports-IsDebuggerPresent", "hashes": ["bffc4ce4aaa6bc170bda9add99f472156487dc312fd95bf6c78ed26e2c2309a3", "924a3c1317e1f4cc772b9a0de3e95ec4f9f8070f407bd537c4e51574a6c15995", "baed3471b03a58c6e1a8eb071a7222c8b3cddc9e060b037b20f7688cab589428", "506602749b567b9884d91c7a728764d2500d3860c32ee315703148dc594e594c", "66b435ae8f847ca30c42ff42ea504d099c04b017410b6770fb675973428c9e64", "aad3e3b8506fe64eaca3828050ce78be32582a621a79e869e253e924f2dca99e", "10c08a7e1cd4f6561f3996b871831d21c7c4671c9dc42176c8f560e8c515f8d2", "aca38b67e6d24e77fae537d82f49ffd344ef75bc4458d626b697ac0be4ebbab4", "e53a65c88ac8a732e06305b6ac0fbb8fc9f6b1035f71e7191df440daa75099c1", "1e55c11a9f3bd854166e1c6ef53a384fece89b8fc421047359a2b99fa049cf6e", "9f07d324155b0aa405671f8e56d8a36ccbc7a66842d175f379029c6480a84077", "00417d6eb1a336d0e1414544264bff6f924822e3da217cd61892f322c30e5f9d", "464d669aeb5c011158cf8faca6a674fdaaa7df444c91948837d3b8c75c8c9a34", "19cff7bd4713b5d8103f19715c96e6878dcbb2634ba901a05719d2bd0fb2ff4b", "34a354c972b87640c6dc11e76be22c81da7ead7da852e64ac5d917df6c71faa6", "ba905bf22b38e1f3869279bfef60f3998e0521c0b2f9e045adc9b517826f8dcf", "667b0dfd97f1a4b6f66681f49621a2ec69f5f72f0aaf7d210d8fa7fca40f0d7d", "7ad944253149901bdadc966f740c6e56b7ce87ec2678d31bccb7b4622a3b0516", "f2fa0559b22f7db6171a49318175f20e70052f9c4f747e79434c419c0fba0806", "29e0a59f6d38ec701ca6aa122c6a54726d5b0ed5536d2f89abdecca3f1a2de24", "1c77cbe7e26592746c4f7b8e3995234ce89efab7a1f08f4c725935ee6ed469e1", "5a422203f58d9e0344c737cc1166aba480742ede8d3baf2903ae42c3a0279e43"], "mitre_attack_tags": ["TA0005", "TA0007"]}, {"bi": "malware-kuluoz-mutex", "hashes": ["bffc4ce4aaa6bc170bda9add99f472156487dc312fd95bf6c78ed26e2c2309a3", "924a3c1317e1f4cc772b9a0de3e95ec4f9f8070f407bd537c4e51574a6c15995", "baed3471b03a58c6e1a8eb071a7222c8b3cddc9e060b037b20f7688cab589428", "506602749b567b9884d91c7a728764d2500d3860c32ee315703148dc594e594c", "66b435ae8f847ca30c42ff42ea504d099c04b017410b6770fb675973428c9e64", "aad3e3b8506fe64eaca3828050ce78be32582a621a79e869e253e924f2dca99e", "10c08a7e1cd4f6561f3996b871831d21c7c4671c9dc42176c8f560e8c515f8d2", "aca38b67e6d24e77fae537d82f49ffd344ef75bc4458d626b697ac0be4ebbab4", "e53a65c88ac8a732e06305b6ac0fbb8fc9f6b1035f71e7191df440daa75099c1", "1e55c11a9f3bd854166e1c6ef53a384fece89b8fc421047359a2b99fa049cf6e", "9f07d324155b0aa405671f8e56d8a36ccbc7a66842d175f379029c6480a84077", "00417d6eb1a336d0e1414544264bff6f924822e3da217cd61892f322c30e5f9d", "464d669aeb5c011158cf8faca6a674fdaaa7df444c91948837d3b8c75c8c9a34", "19cff7bd4713b5d8103f19715c96e6878dcbb2634ba901a05719d2bd0fb2ff4b", "34a354c972b87640c6dc11e76be22c81da7ead7da852e64ac5d917df6c71faa6", "ba905bf22b38e1f3869279bfef60f3998e0521c0b2f9e045adc9b517826f8dcf", "667b0dfd97f1a4b6f66681f49621a2ec69f5f72f0aaf7d210d8fa7fca40f0d7d", "7ad944253149901bdadc966f740c6e56b7ce87ec2678d31bccb7b4622a3b0516", "f2fa0559b22f7db6171a49318175f20e70052f9c4f747e79434c419c0fba0806", "29e0a59f6d38ec701ca6aa122c6a54726d5b0ed5536d2f89abdecca3f1a2de24", "1c77cbe7e26592746c4f7b8e3995234ce89efab7a1f08f4c725935ee6ed469e1", "5a422203f58d9e0344c737cc1166aba480742ede8d3baf2903ae42c3a0279e43"], "mitre_attack_tags": []}, {"bi": "created-executable-sample-appdata", "hashes": ["bffc4ce4aaa6bc170bda9add99f472156487dc312fd95bf6c78ed26e2c2309a3", "924a3c1317e1f4cc772b9a0de3e95ec4f9f8070f407bd537c4e51574a6c15995", "baed3471b03a58c6e1a8eb071a7222c8b3cddc9e060b037b20f7688cab589428", "506602749b567b9884d91c7a728764d2500d3860c32ee315703148dc594e594c", "66b435ae8f847ca30c42ff42ea504d099c04b017410b6770fb675973428c9e64", "aad3e3b8506fe64eaca3828050ce78be32582a621a79e869e253e924f2dca99e", "10c08a7e1cd4f6561f3996b871831d21c7c4671c9dc42176c8f560e8c515f8d2", "aca38b67e6d24e77fae537d82f49ffd344ef75bc4458d626b697ac0be4ebbab4", "e53a65c88ac8a732e06305b6ac0fbb8fc9f6b1035f71e7191df440daa75099c1", "1e55c11a9f3bd854166e1c6ef53a384fece89b8fc421047359a2b99fa049cf6e", "9f07d324155b0aa405671f8e56d8a36ccbc7a66842d175f379029c6480a84077", "00417d6eb1a336d0e1414544264bff6f924822e3da217cd61892f322c30e5f9d", "464d669aeb5c011158cf8faca6a674fdaaa7df444c91948837d3b8c75c8c9a34", "19cff7bd4713b5d8103f19715c96e6878dcbb2634ba901a05719d2bd0fb2ff4b", "34a354c972b87640c6dc11e76be22c81da7ead7da852e64ac5d917df6c71faa6", "ba905bf22b38e1f3869279bfef60f3998e0521c0b2f9e045adc9b517826f8dcf", "667b0dfd97f1a4b6f66681f49621a2ec69f5f72f0aaf7d210d8fa7fca40f0d7d", "7ad944253149901bdadc966f740c6e56b7ce87ec2678d31bccb7b4622a3b0516", "f2fa0559b22f7db6171a49318175f20e70052f9c4f747e79434c419c0fba0806", "29e0a59f6d38ec701ca6aa122c6a54726d5b0ed5536d2f89abdecca3f1a2de24", "1c77cbe7e26592746c4f7b8e3995234ce89efab7a1f08f4c725935ee6ed469e1", "5a422203f58d9e0344c737cc1166aba480742ede8d3baf2903ae42c3a0279e43"], "mitre_attack_tags": ["TA0005", "T1564"]}], "category": "Dropper", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": false, "Threat Grid": true, "Umbrella": false, "WSA": false}, "description": "Kuluoz, sometimes known as \"Asprox,\" is a modular remote access trojan that is also known to download and execute follow-on malware, such as fake antivirus software. Kuluoz is often delivered via spam emails pretending to be shipment delivery notifications or flight booking confirmations.", "hashes": ["00417d6eb1a336d0e1414544264bff6f924822e3da217cd61892f322c30e5f9d", "10c08a7e1cd4f6561f3996b871831d21c7c4671c9dc42176c8f560e8c515f8d2", "19cff7bd4713b5d8103f19715c96e6878dcbb2634ba901a05719d2bd0fb2ff4b", "1c77cbe7e26592746c4f7b8e3995234ce89efab7a1f08f4c725935ee6ed469e1", "1e55c11a9f3bd854166e1c6ef53a384fece89b8fc421047359a2b99fa049cf6e", "29e0a59f6d38ec701ca6aa122c6a54726d5b0ed5536d2f89abdecca3f1a2de24", "34a354c972b87640c6dc11e76be22c81da7ead7da852e64ac5d917df6c71faa6", "464d669aeb5c011158cf8faca6a674fdaaa7df444c91948837d3b8c75c8c9a34", "506602749b567b9884d91c7a728764d2500d3860c32ee315703148dc594e594c", "5a422203f58d9e0344c737cc1166aba480742ede8d3baf2903ae42c3a0279e43", "667b0dfd97f1a4b6f66681f49621a2ec69f5f72f0aaf7d210d8fa7fca40f0d7d", "66b435ae8f847ca30c42ff42ea504d099c04b017410b6770fb675973428c9e64", "7ad944253149901bdadc966f740c6e56b7ce87ec2678d31bccb7b4622a3b0516", "924a3c1317e1f4cc772b9a0de3e95ec4f9f8070f407bd537c4e51574a6c15995", "9f07d324155b0aa405671f8e56d8a36ccbc7a66842d175f379029c6480a84077", "aad3e3b8506fe64eaca3828050ce78be32582a621a79e869e253e924f2dca99e", "aca38b67e6d24e77fae537d82f49ffd344ef75bc4458d626b697ac0be4ebbab4", "ba905bf22b38e1f3869279bfef60f3998e0521c0b2f9e045adc9b517826f8dcf", "baed3471b03a58c6e1a8eb071a7222c8b3cddc9e060b037b20f7688cab589428", "bffc4ce4aaa6bc170bda9add99f472156487dc312fd95bf6c78ed26e2c2309a3", "e53a65c88ac8a732e06305b6ac0fbb8fc9f6b1035f71e7191df440daa75099c1", "f2fa0559b22f7db6171a49318175f20e70052f9c4f747e79434c419c0fba0806"], "iocs": {"domain": [], "file": [{"hashes": ["00417d6eb1a336d0e1414544264bff6f924822e3da217cd61892f322c30e5f9d", "10c08a7e1cd4f6561f3996b871831d21c7c4671c9dc42176c8f560e8c515f8d2", "19cff7bd4713b5d8103f19715c96e6878dcbb2634ba901a05719d2bd0fb2ff4b", "1c77cbe7e26592746c4f7b8e3995234ce89efab7a1f08f4c725935ee6ed469e1", "1e55c11a9f3bd854166e1c6ef53a384fece89b8fc421047359a2b99fa049cf6e", "29e0a59f6d38ec701ca6aa122c6a54726d5b0ed5536d2f89abdecca3f1a2de24", "34a354c972b87640c6dc11e76be22c81da7ead7da852e64ac5d917df6c71faa6", "464d669aeb5c011158cf8faca6a674fdaaa7df444c91948837d3b8c75c8c9a34", "506602749b567b9884d91c7a728764d2500d3860c32ee315703148dc594e594c", "5a422203f58d9e0344c737cc1166aba480742ede8d3baf2903ae42c3a0279e43", "667b0dfd97f1a4b6f66681f49621a2ec69f5f72f0aaf7d210d8fa7fca40f0d7d", "66b435ae8f847ca30c42ff42ea504d099c04b017410b6770fb675973428c9e64", "7ad944253149901bdadc966f740c6e56b7ce87ec2678d31bccb7b4622a3b0516", "924a3c1317e1f4cc772b9a0de3e95ec4f9f8070f407bd537c4e51574a6c15995", "9f07d324155b0aa405671f8e56d8a36ccbc7a66842d175f379029c6480a84077", "aad3e3b8506fe64eaca3828050ce78be32582a621a79e869e253e924f2dca99e", "aca38b67e6d24e77fae537d82f49ffd344ef75bc4458d626b697ac0be4ebbab4", "ba905bf22b38e1f3869279bfef60f3998e0521c0b2f9e045adc9b517826f8dcf", "baed3471b03a58c6e1a8eb071a7222c8b3cddc9e060b037b20f7688cab589428", "bffc4ce4aaa6bc170bda9add99f472156487dc312fd95bf6c78ed26e2c2309a3", "e53a65c88ac8a732e06305b6ac0fbb8fc9f6b1035f71e7191df440daa75099c1", "f2fa0559b22f7db6171a49318175f20e70052f9c4f747e79434c419c0fba0806"], "path": "%LOCALAPPDATA%\\<random, matching '[a-z]{8}'>.exe"}], "ip": [{"hashes": ["10c08a7e1cd4f6561f3996b871831d21c7c4671c9dc42176c8f560e8c515f8d2", "19cff7bd4713b5d8103f19715c96e6878dcbb2634ba901a05719d2bd0fb2ff4b", "1c77cbe7e26592746c4f7b8e3995234ce89efab7a1f08f4c725935ee6ed469e1", "29e0a59f6d38ec701ca6aa122c6a54726d5b0ed5536d2f89abdecca3f1a2de24", "34a354c972b87640c6dc11e76be22c81da7ead7da852e64ac5d917df6c71faa6", "464d669aeb5c011158cf8faca6a674fdaaa7df444c91948837d3b8c75c8c9a34", "506602749b567b9884d91c7a728764d2500d3860c32ee315703148dc594e594c", "5a422203f58d9e0344c737cc1166aba480742ede8d3baf2903ae42c3a0279e43", "667b0dfd97f1a4b6f66681f49621a2ec69f5f72f0aaf7d210d8fa7fca40f0d7d", "66b435ae8f847ca30c42ff42ea504d099c04b017410b6770fb675973428c9e64", "7ad944253149901bdadc966f740c6e56b7ce87ec2678d31bccb7b4622a3b0516", "924a3c1317e1f4cc772b9a0de3e95ec4f9f8070f407bd537c4e51574a6c15995", "9f07d324155b0aa405671f8e56d8a36ccbc7a66842d175f379029c6480a84077", "aad3e3b8506fe64eaca3828050ce78be32582a621a79e869e253e924f2dca99e", "aca38b67e6d24e77fae537d82f49ffd344ef75bc4458d626b697ac0be4ebbab4", "baed3471b03a58c6e1a8eb071a7222c8b3cddc9e060b037b20f7688cab589428", "f2fa0559b22f7db6171a49318175f20e70052f9c4f747e79434c419c0fba0806"], "ip": "5[.]39[.]86[.]97"}, {"hashes": ["00417d6eb1a336d0e1414544264bff6f924822e3da217cd61892f322c30e5f9d", "10c08a7e1cd4f6561f3996b871831d21c7c4671c9dc42176c8f560e8c515f8d2", "19cff7bd4713b5d8103f19715c96e6878dcbb2634ba901a05719d2bd0fb2ff4b", "1c77cbe7e26592746c4f7b8e3995234ce89efab7a1f08f4c725935ee6ed469e1", "1e55c11a9f3bd854166e1c6ef53a384fece89b8fc421047359a2b99fa049cf6e", "29e0a59f6d38ec701ca6aa122c6a54726d5b0ed5536d2f89abdecca3f1a2de24", "34a354c972b87640c6dc11e76be22c81da7ead7da852e64ac5d917df6c71faa6", "464d669aeb5c011158cf8faca6a674fdaaa7df444c91948837d3b8c75c8c9a34", "506602749b567b9884d91c7a728764d2500d3860c32ee315703148dc594e594c", "667b0dfd97f1a4b6f66681f49621a2ec69f5f72f0aaf7d210d8fa7fca40f0d7d", "7ad944253149901bdadc966f740c6e56b7ce87ec2678d31bccb7b4622a3b0516", "924a3c1317e1f4cc772b9a0de3e95ec4f9f8070f407bd537c4e51574a6c15995", "aad3e3b8506fe64eaca3828050ce78be32582a621a79e869e253e924f2dca99e", "ba905bf22b38e1f3869279bfef60f3998e0521c0b2f9e045adc9b517826f8dcf", "baed3471b03a58c6e1a8eb071a7222c8b3cddc9e060b037b20f7688cab589428", "bffc4ce4aaa6bc170bda9add99f472156487dc312fd95bf6c78ed26e2c2309a3", "e53a65c88ac8a732e06305b6ac0fbb8fc9f6b1035f71e7191df440daa75099c1"], "ip": "77[.]237[.]121[.]19"}, {"hashes": ["00417d6eb1a336d0e1414544264bff6f924822e3da217cd61892f322c30e5f9d", "10c08a7e1cd4f6561f3996b871831d21c7c4671c9dc42176c8f560e8c515f8d2", "19cff7bd4713b5d8103f19715c96e6878dcbb2634ba901a05719d2bd0fb2ff4b", "1e55c11a9f3bd854166e1c6ef53a384fece89b8fc421047359a2b99fa049cf6e", "29e0a59f6d38ec701ca6aa122c6a54726d5b0ed5536d2f89abdecca3f1a2de24", "34a354c972b87640c6dc11e76be22c81da7ead7da852e64ac5d917df6c71faa6", "464d669aeb5c011158cf8faca6a674fdaaa7df444c91948837d3b8c75c8c9a34", "506602749b567b9884d91c7a728764d2500d3860c32ee315703148dc594e594c", "5a422203f58d9e0344c737cc1166aba480742ede8d3baf2903ae42c3a0279e43", "9f07d324155b0aa405671f8e56d8a36ccbc7a66842d175f379029c6480a84077", "aad3e3b8506fe64eaca3828050ce78be32582a621a79e869e253e924f2dca99e", "ba905bf22b38e1f3869279bfef60f3998e0521c0b2f9e045adc9b517826f8dcf", "baed3471b03a58c6e1a8eb071a7222c8b3cddc9e060b037b20f7688cab589428", "e53a65c88ac8a732e06305b6ac0fbb8fc9f6b1035f71e7191df440daa75099c1", "f2fa0559b22f7db6171a49318175f20e70052f9c4f747e79434c419c0fba0806"], "ip": "78[.]47[.]33[.]171"}, {"hashes": ["19cff7bd4713b5d8103f19715c96e6878dcbb2634ba901a05719d2bd0fb2ff4b", "1e55c11a9f3bd854166e1c6ef53a384fece89b8fc421047359a2b99fa049cf6e", "29e0a59f6d38ec701ca6aa122c6a54726d5b0ed5536d2f89abdecca3f1a2de24", "464d669aeb5c011158cf8faca6a674fdaaa7df444c91948837d3b8c75c8c9a34", "506602749b567b9884d91c7a728764d2500d3860c32ee315703148dc594e594c", "5a422203f58d9e0344c737cc1166aba480742ede8d3baf2903ae42c3a0279e43", "667b0dfd97f1a4b6f66681f49621a2ec69f5f72f0aaf7d210d8fa7fca40f0d7d", "66b435ae8f847ca30c42ff42ea504d099c04b017410b6770fb675973428c9e64", "7ad944253149901bdadc966f740c6e56b7ce87ec2678d31bccb7b4622a3b0516", "924a3c1317e1f4cc772b9a0de3e95ec4f9f8070f407bd537c4e51574a6c15995", "9f07d324155b0aa405671f8e56d8a36ccbc7a66842d175f379029c6480a84077", "baed3471b03a58c6e1a8eb071a7222c8b3cddc9e060b037b20f7688cab589428", "bffc4ce4aaa6bc170bda9add99f472156487dc312fd95bf6c78ed26e2c2309a3", "e53a65c88ac8a732e06305b6ac0fbb8fc9f6b1035f71e7191df440daa75099c1"], "ip": "162[.]216[.]112[.]217"}, {"hashes": ["00417d6eb1a336d0e1414544264bff6f924822e3da217cd61892f322c30e5f9d", "10c08a7e1cd4f6561f3996b871831d21c7c4671c9dc42176c8f560e8c515f8d2", "1c77cbe7e26592746c4f7b8e3995234ce89efab7a1f08f4c725935ee6ed469e1", "1e55c11a9f3bd854166e1c6ef53a384fece89b8fc421047359a2b99fa049cf6e", "29e0a59f6d38ec701ca6aa122c6a54726d5b0ed5536d2f89abdecca3f1a2de24", "34a354c972b87640c6dc11e76be22c81da7ead7da852e64ac5d917df6c71faa6", "5a422203f58d9e0344c737cc1166aba480742ede8d3baf2903ae42c3a0279e43", "667b0dfd97f1a4b6f66681f49621a2ec69f5f72f0aaf7d210d8fa7fca40f0d7d", "66b435ae8f847ca30c42ff42ea504d099c04b017410b6770fb675973428c9e64", "9f07d324155b0aa405671f8e56d8a36ccbc7a66842d175f379029c6480a84077", "aca38b67e6d24e77fae537d82f49ffd344ef75bc4458d626b697ac0be4ebbab4", "ba905bf22b38e1f3869279bfef60f3998e0521c0b2f9e045adc9b517826f8dcf", "f2fa0559b22f7db6171a49318175f20e70052f9c4f747e79434c419c0fba0806"], "ip": "194[.]146[.]226[.]81"}, {"hashes": ["1c77cbe7e26592746c4f7b8e3995234ce89efab7a1f08f4c725935ee6ed469e1", "34a354c972b87640c6dc11e76be22c81da7ead7da852e64ac5d917df6c71faa6", "667b0dfd97f1a4b6f66681f49621a2ec69f5f72f0aaf7d210d8fa7fca40f0d7d", "66b435ae8f847ca30c42ff42ea504d099c04b017410b6770fb675973428c9e64", "7ad944253149901bdadc966f740c6e56b7ce87ec2678d31bccb7b4622a3b0516", "924a3c1317e1f4cc772b9a0de3e95ec4f9f8070f407bd537c4e51574a6c15995", "aad3e3b8506fe64eaca3828050ce78be32582a621a79e869e253e924f2dca99e", "ba905bf22b38e1f3869279bfef60f3998e0521c0b2f9e045adc9b517826f8dcf", "baed3471b03a58c6e1a8eb071a7222c8b3cddc9e060b037b20f7688cab589428", "bffc4ce4aaa6bc170bda9add99f472156487dc312fd95bf6c78ed26e2c2309a3", "e53a65c88ac8a732e06305b6ac0fbb8fc9f6b1035f71e7191df440daa75099c1"], "ip": "187[.]95[.]41[.]194"}, {"hashes": ["10c08a7e1cd4f6561f3996b871831d21c7c4671c9dc42176c8f560e8c515f8d2", "464d669aeb5c011158cf8faca6a674fdaaa7df444c91948837d3b8c75c8c9a34", "667b0dfd97f1a4b6f66681f49621a2ec69f5f72f0aaf7d210d8fa7fca40f0d7d", "66b435ae8f847ca30c42ff42ea504d099c04b017410b6770fb675973428c9e64", "7ad944253149901bdadc966f740c6e56b7ce87ec2678d31bccb7b4622a3b0516", "924a3c1317e1f4cc772b9a0de3e95ec4f9f8070f407bd537c4e51574a6c15995", "ba905bf22b38e1f3869279bfef60f3998e0521c0b2f9e045adc9b517826f8dcf", "e53a65c88ac8a732e06305b6ac0fbb8fc9f6b1035f71e7191df440daa75099c1"], "ip": "164[.]177[.]152[.]110"}, {"hashes": ["00417d6eb1a336d0e1414544264bff6f924822e3da217cd61892f322c30e5f9d", "1e55c11a9f3bd854166e1c6ef53a384fece89b8fc421047359a2b99fa049cf6e", "29e0a59f6d38ec701ca6aa122c6a54726d5b0ed5536d2f89abdecca3f1a2de24", "667b0dfd97f1a4b6f66681f49621a2ec69f5f72f0aaf7d210d8fa7fca40f0d7d", "7ad944253149901bdadc966f740c6e56b7ce87ec2678d31bccb7b4622a3b0516", "9f07d324155b0aa405671f8e56d8a36ccbc7a66842d175f379029c6480a84077"], "ip": "190[.]124[.]250[.]29"}], "mutex": [{"hashes": ["00417d6eb1a336d0e1414544264bff6f924822e3da217cd61892f322c30e5f9d", "10c08a7e1cd4f6561f3996b871831d21c7c4671c9dc42176c8f560e8c515f8d2", "19cff7bd4713b5d8103f19715c96e6878dcbb2634ba901a05719d2bd0fb2ff4b", "1c77cbe7e26592746c4f7b8e3995234ce89efab7a1f08f4c725935ee6ed469e1", "1e55c11a9f3bd854166e1c6ef53a384fece89b8fc421047359a2b99fa049cf6e", "29e0a59f6d38ec701ca6aa122c6a54726d5b0ed5536d2f89abdecca3f1a2de24", "34a354c972b87640c6dc11e76be22c81da7ead7da852e64ac5d917df6c71faa6", "464d669aeb5c011158cf8faca6a674fdaaa7df444c91948837d3b8c75c8c9a34", "506602749b567b9884d91c7a728764d2500d3860c32ee315703148dc594e594c", "5a422203f58d9e0344c737cc1166aba480742ede8d3baf2903ae42c3a0279e43", "667b0dfd97f1a4b6f66681f49621a2ec69f5f72f0aaf7d210d8fa7fca40f0d7d", "66b435ae8f847ca30c42ff42ea504d099c04b017410b6770fb675973428c9e64", "7ad944253149901bdadc966f740c6e56b7ce87ec2678d31bccb7b4622a3b0516", "924a3c1317e1f4cc772b9a0de3e95ec4f9f8070f407bd537c4e51574a6c15995", "9f07d324155b0aa405671f8e56d8a36ccbc7a66842d175f379029c6480a84077", "aad3e3b8506fe64eaca3828050ce78be32582a621a79e869e253e924f2dca99e", "aca38b67e6d24e77fae537d82f49ffd344ef75bc4458d626b697ac0be4ebbab4", "ba905bf22b38e1f3869279bfef60f3998e0521c0b2f9e045adc9b517826f8dcf", "baed3471b03a58c6e1a8eb071a7222c8b3cddc9e060b037b20f7688cab589428", "bffc4ce4aaa6bc170bda9add99f472156487dc312fd95bf6c78ed26e2c2309a3", "e53a65c88ac8a732e06305b6ac0fbb8fc9f6b1035f71e7191df440daa75099c1", "f2fa0559b22f7db6171a49318175f20e70052f9c4f747e79434c419c0fba0806"], "name": "2GVWNQJz1"}], "registry": [{"hashes": ["00417d6eb1a336d0e1414544264bff6f924822e3da217cd61892f322c30e5f9d", "10c08a7e1cd4f6561f3996b871831d21c7c4671c9dc42176c8f560e8c515f8d2", "19cff7bd4713b5d8103f19715c96e6878dcbb2634ba901a05719d2bd0fb2ff4b", "1c77cbe7e26592746c4f7b8e3995234ce89efab7a1f08f4c725935ee6ed469e1", "1e55c11a9f3bd854166e1c6ef53a384fece89b8fc421047359a2b99fa049cf6e", "29e0a59f6d38ec701ca6aa122c6a54726d5b0ed5536d2f89abdecca3f1a2de24", "34a354c972b87640c6dc11e76be22c81da7ead7da852e64ac5d917df6c71faa6", "464d669aeb5c011158cf8faca6a674fdaaa7df444c91948837d3b8c75c8c9a34", "506602749b567b9884d91c7a728764d2500d3860c32ee315703148dc594e594c", "5a422203f58d9e0344c737cc1166aba480742ede8d3baf2903ae42c3a0279e43", "667b0dfd97f1a4b6f66681f49621a2ec69f5f72f0aaf7d210d8fa7fca40f0d7d", "66b435ae8f847ca30c42ff42ea504d099c04b017410b6770fb675973428c9e64", "7ad944253149901bdadc966f740c6e56b7ce87ec2678d31bccb7b4622a3b0516", "924a3c1317e1f4cc772b9a0de3e95ec4f9f8070f407bd537c4e51574a6c15995", "9f07d324155b0aa405671f8e56d8a36ccbc7a66842d175f379029c6480a84077", "aad3e3b8506fe64eaca3828050ce78be32582a621a79e869e253e924f2dca99e", "aca38b67e6d24e77fae537d82f49ffd344ef75bc4458d626b697ac0be4ebbab4", "ba905bf22b38e1f3869279bfef60f3998e0521c0b2f9e045adc9b517826f8dcf", "baed3471b03a58c6e1a8eb071a7222c8b3cddc9e060b037b20f7688cab589428", "bffc4ce4aaa6bc170bda9add99f472156487dc312fd95bf6c78ed26e2c2309a3", "e53a65c88ac8a732e06305b6ac0fbb8fc9f6b1035f71e7191df440daa75099c1", "f2fa0559b22f7db6171a49318175f20e70052f9c4f747e79434c419c0fba0806"], "key": "<HKCU>\\SOFTWARE\\<random, matching '[a-zA-Z0-9]{5,9}'>", "value_name": null}, {"hashes": ["bffc4ce4aaa6bc170bda9add99f472156487dc312fd95bf6c78ed26e2c2309a3"], "key": "<HKCU>\\SOFTWARE\\WAMXWQPD", "value_name": "smujtlwk"}, {"hashes": ["bffc4ce4aaa6bc170bda9add99f472156487dc312fd95bf6c78ed26e2c2309a3"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "luvplgpk"}, {"hashes": ["924a3c1317e1f4cc772b9a0de3e95ec4f9f8070f407bd537c4e51574a6c15995"], "key": "<HKCU>\\SOFTWARE\\QPVIUNPR", "value_name": "frptnefc"}, {"hashes": ["924a3c1317e1f4cc772b9a0de3e95ec4f9f8070f407bd537c4e51574a6c15995"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "rjkqqpxr"}, {"hashes": ["464d669aeb5c011158cf8faca6a674fdaaa7df444c91948837d3b8c75c8c9a34"], "key": "<HKCU>\\SOFTWARE\\EUMGPSEO", "value_name": "cbovpnfk"}, {"hashes": ["464d669aeb5c011158cf8faca6a674fdaaa7df444c91948837d3b8c75c8c9a34"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "cnggsxff"}, {"hashes": ["aad3e3b8506fe64eaca3828050ce78be32582a621a79e869e253e924f2dca99e"], "key": "<HKCU>\\SOFTWARE\\ETTNCOSJ", "value_name": "lwbgsdcv"}, {"hashes": ["aad3e3b8506fe64eaca3828050ce78be32582a621a79e869e253e924f2dca99e"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "ttaxvitj"}, {"hashes": ["29e0a59f6d38ec701ca6aa122c6a54726d5b0ed5536d2f89abdecca3f1a2de24"], "key": "<HKCU>\\SOFTWARE\\CTTQGKIS", "value_name": "cmxfrtnw"}, {"hashes": ["29e0a59f6d38ec701ca6aa122c6a54726d5b0ed5536d2f89abdecca3f1a2de24"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "pbqsbklx"}, {"hashes": ["34a354c972b87640c6dc11e76be22c81da7ead7da852e64ac5d917df6c71faa6"], "key": "<HKCU>\\SOFTWARE\\NAXXBCNW", "value_name": "oafjkbjk"}, {"hashes": ["7ad944253149901bdadc966f740c6e56b7ce87ec2678d31bccb7b4622a3b0516"], "key": "<HKCU>\\SOFTWARE\\CNEBDSXT", "value_name": "bchenplg"}, {"hashes": ["19cff7bd4713b5d8103f19715c96e6878dcbb2634ba901a05719d2bd0fb2ff4b"], "key": "<HKCU>\\SOFTWARE\\CDEKCHEP", "value_name": "wwbdhrid"}, {"hashes": ["34a354c972b87640c6dc11e76be22c81da7ead7da852e64ac5d917df6c71faa6"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "rrdssxrn"}, {"hashes": ["7ad944253149901bdadc966f740c6e56b7ce87ec2678d31bccb7b4622a3b0516"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "nsungxkd"}, {"hashes": ["ba905bf22b38e1f3869279bfef60f3998e0521c0b2f9e045adc9b517826f8dcf"], "key": "<HKCU>\\SOFTWARE\\RTNNUWUL", "value_name": "wtmaaxmw"}, {"hashes": ["19cff7bd4713b5d8103f19715c96e6878dcbb2634ba901a05719d2bd0fb2ff4b"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "lwvjaujt"}, {"hashes": ["9f07d324155b0aa405671f8e56d8a36ccbc7a66842d175f379029c6480a84077"], "key": "<HKCU>\\SOFTWARE\\CPHRRTRK", "value_name": "soxcrgal"}, {"hashes": ["ba905bf22b38e1f3869279bfef60f3998e0521c0b2f9e045adc9b517826f8dcf"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "dptacodg"}, {"hashes": ["1e55c11a9f3bd854166e1c6ef53a384fece89b8fc421047359a2b99fa049cf6e"], "key": "<HKCU>\\SOFTWARE\\CDLCLVRJ", "value_name": "guiqcbwp"}, {"hashes": ["9f07d324155b0aa405671f8e56d8a36ccbc7a66842d175f379029c6480a84077"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "vniggsma"}, {"hashes": ["1e55c11a9f3bd854166e1c6ef53a384fece89b8fc421047359a2b99fa049cf6e"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "wpbtwsab"}, {"hashes": ["66b435ae8f847ca30c42ff42ea504d099c04b017410b6770fb675973428c9e64"], "key": "<HKCU>\\SOFTWARE\\LECNFNCL", "value_name": "sxofspsj"}, {"hashes": ["66b435ae8f847ca30c42ff42ea504d099c04b017410b6770fb675973428c9e64"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "qxmseevb"}, {"hashes": ["5a422203f58d9e0344c737cc1166aba480742ede8d3baf2903ae42c3a0279e43"], "key": "<HKCU>\\SOFTWARE\\MTUNCOVL", "value_name": "wcnspptm"}, {"hashes": ["1c77cbe7e26592746c4f7b8e3995234ce89efab7a1f08f4c725935ee6ed469e1"], "key": "<HKCU>\\SOFTWARE\\PDWDHGVS", "value_name": "obgjqxdw"}, {"hashes": ["5a422203f58d9e0344c737cc1166aba480742ede8d3baf2903ae42c3a0279e43"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "ovfphsfl"}, {"hashes": ["1c77cbe7e26592746c4f7b8e3995234ce89efab7a1f08f4c725935ee6ed469e1"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "bikuvali"}, {"hashes": ["00417d6eb1a336d0e1414544264bff6f924822e3da217cd61892f322c30e5f9d"], "key": "<HKCU>\\SOFTWARE\\BTDVEHND", "value_name": "aaxuvbsi"}, {"hashes": ["00417d6eb1a336d0e1414544264bff6f924822e3da217cd61892f322c30e5f9d"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "dvfbsula"}, {"hashes": ["f2fa0559b22f7db6171a49318175f20e70052f9c4f747e79434c419c0fba0806"], "key": "<HKCU>\\SOFTWARE\\RXWVMOPS", "value_name": "rfpsnnvv"}, {"hashes": ["f2fa0559b22f7db6171a49318175f20e70052f9c4f747e79434c419c0fba0806"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "ebstghir"}, {"hashes": ["aca38b67e6d24e77fae537d82f49ffd344ef75bc4458d626b697ac0be4ebbab4"], "key": "<HKCU>\\SOFTWARE\\WAUPWFXV", "value_name": "liwsfrgd"}, {"hashes": ["aca38b67e6d24e77fae537d82f49ffd344ef75bc4458d626b697ac0be4ebbab4"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "ursjsxgi"}, {"hashes": ["10c08a7e1cd4f6561f3996b871831d21c7c4671c9dc42176c8f560e8c515f8d2"], "key": "<HKCU>\\SOFTWARE\\IHKGHJAX", "value_name": "fpuwbmci"}, {"hashes": ["10c08a7e1cd4f6561f3996b871831d21c7c4671c9dc42176c8f560e8c515f8d2"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "aedkuuta"}, {"hashes": ["667b0dfd97f1a4b6f66681f49621a2ec69f5f72f0aaf7d210d8fa7fca40f0d7d"], "key": "<HKCU>\\SOFTWARE\\NWHNAHIG", "value_name": "joubkoda"}, {"hashes": ["506602749b567b9884d91c7a728764d2500d3860c32ee315703148dc594e594c"], "key": "<HKCU>\\SOFTWARE\\BMPUCTMC", "value_name": "ejxfqand"}, {"hashes": ["667b0dfd97f1a4b6f66681f49621a2ec69f5f72f0aaf7d210d8fa7fca40f0d7d"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "klovotqj"}, {"hashes": ["baed3471b03a58c6e1a8eb071a7222c8b3cddc9e060b037b20f7688cab589428"], "key": "<HKCU>\\SOFTWARE\\PQOAPEGT", "value_name": "jojxqooe"}, {"hashes": ["506602749b567b9884d91c7a728764d2500d3860c32ee315703148dc594e594c"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "kbdrphfl"}, {"hashes": ["baed3471b03a58c6e1a8eb071a7222c8b3cddc9e060b037b20f7688cab589428"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "oamsiosp"}, {"hashes": ["e53a65c88ac8a732e06305b6ac0fbb8fc9f6b1035f71e7191df440daa75099c1"], "key": "<HKCU>\\SOFTWARE\\PKOVCLPH", "value_name": "gmurodcu"}, {"hashes": ["e53a65c88ac8a732e06305b6ac0fbb8fc9f6b1035f71e7191df440daa75099c1"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "cqruckwl"}]}, "reports_count": 22}, "Win.Dropper.Tofsee-10000005-0": {"bis": [{"bi": "pe-encrypted-section", "hashes": ["c0918bc97bc3bfa2834d79a42ffbc60f52ac612b9633f0747d7e0240421ddfd5", "dfba0caa89709c29f21377076153edbc57c05452d8bc71197f02b5b06f4d5412", "d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8", "6bf05462cb13eb0efb05f3126e481dfc69ce775470e3e02edef55379ed1de28c", "cf044e90bef8edf53332c5a4c9a42ca0f0f24d874951c9fd2c6ceb0470c4a922", "7b9d39e064315300c64a5c2e84e822394ae7404903288970dbc46610759d6566", "e7440d97e42d4b47ea1126336ce881c888ae268a1bd2a1e1ad89e11386f30765", "5871a6a9839f2c0594f62f6923891e339bed635d14dbc23aaafd0ebbd26903e3", "f9cfae9d3ebabeefe379e6098d4b0fda2e9af51ea16e6a6c7f2813e3cbcc54b8", "9604112525ccb7a316e5d71f9ce4624e574ef32b084b4974e8b8c4930a86b747", "88896b9e26d3a6c995c6c8e6263909ef6d4aa32a0b3ea80de35841442bff5a66", "d7db6598f81560869ab607b545a98ba0137b924844b34faf56a8bfc3920b5541", "1b203972e5f19418d1ac3516ccd2805f2622058608e70e106bf083d06b26af6a", "1f5a48c6de3756ea45bc49d01425438dbef0000494d93394277e37838dd0e2c2", "12d076a14fa94b8e4a290a8b96afaa95fc336bdd0e2551b61694db67a1e49d43", "77b580345a37827a4706830ac1e94cf07137d5a3f170579b91b91edb0412fc6e", "0ec37d41525ee0c5995446e6163fa32d0b6fd05a92bcab4b973b83791d022155", "e51d7c91d0ac9496158348890efc861beb7a2abb86d61dbb7b52cd97cf3944ff", "fc1834bfb587a3b317322aeaf0cfe1160d98a2ca389d7cd19e46b4a55d7122b0", "40902f59d70b569b4b240116bd43593746395042f99d96c1d31770e7fd670509", "7d18f4893dd9981df67cf6b82b86e2c48d6f71efe205d870aa323e206be709c0", "1c3641047cd096ea8ae7c13ac0dfe7e57b97920a2002c86cd1dc475782229fe7", "e2866278244c3c3f5b5f2c4badaf40904a04104075b15e06a9f1f2c8736d44bf", "1f2164eed8463a61b8b74c726eca872492b7998ec1b93637d88982acf677fece", "3341fb4c70db0226c50d769ecc2ee479890a1f42d59c8e67a90a9264dd17529f", "7370354d570ed9682a58e59865885bbf16a07d9d2de5e7f9cc0e472b551f5d3c", "47652ea29d25c78ccf67448047e9d5e4ea6e530c4d0f1f6560615522432d2e23", "8240f050790c4a526a2ae65bb739e28e1f3cdc018623fe17ea30aa0c9a1bef26", "b6fc55805897776e88d183ad9075c88815cc23227b20ff724ac11fdc3c49da81", "50e2e2a2e7354cf10246fa1d1891faf913bf5b9c38563c3bfc5b65128a7ceab9", "1639c21ce9570b200bcbc40da2c299ef18366f24fce3f81ff4621c264128e1c4", "470f99e26209edda90f154852026d6eda1dcd3948586236c6240b481d85f381e", "b839b9ce91d54fc6aceed09568afd8ac45dfb275a4d24fface81b3f574bffe87", "2748358acbd71868da3945a1c0bff0c3f215f9a6f674e6cc7eae01da08fb3ebb", "2557e803f9addcdaf17a57b3bb8d424cc7befb24aa26f9e856be185897c57116", "887346cc2da305ccb97a752a8a9967cf58395ad5cd30eb1d4a80536d9fa4a40d", "347b42a92d481e418ed9b7a34d493bf53b374e4b71ac8f0431556a4912abd863", "1deff8f3cab9e0cb8b42a9cae86778344b69bfa227f0fc96265236a7066bfa68", "70ae2f0ffeac351706fd3f327013e34f0992aa607097c14dd17f394193b1d08a", "12c4f1a7804bcd0557676c249d7ac371f2871bf8057f5ea88664f05c77bed719", "c9063a4bfc7b38cac55532e7af3109a95219d335b399a716d83a678308caadb7", "fe3723bcd6d47ba56eb577e16a87be5ebdba39d3c20a03af7a17fc297a744815", "200acae29bca6ce1a2446970d7591628aa18bcaca901fb078802b36cd4bab4c1", "9a835872836f62bc17da590abf85ffc9f06876a86f64788d5be224ddbd981f0f", "75ac2de7028f8462b625b28d60034ab1a53eedd2c09787fcd286ebcf66a65a67", "b23b29f4557d734fe3166a875607f6701701e07e558a1e8cd93db3b73f01fa12", "7cc21cb8896c2d9cdaa0203f6fe264d77e4a168fe4f0cec6d3d2bf15c16e2fdf", "fb140f70bed813fb515657932cc3ae8eff99dedfb59336ea17403bd1720ac973", "5835ddb0071dbde1bfddf661d24ab706c2553be1ebe7dd68d119baacd57422e7", "d73b661052c4f62fb57739128c5ee155364496ee09c67af987db8ee84aac9022", "f22686f4d000955b5bf304c7c9024f3bc2c1d00e5494073db86416ec6a1845c5", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "c685a9f2203a051486ac094794b5f11cd4996126cf503087d25a0356fe1b026f", "0585f6fdd47eea51bddd77a2a4ff35d8d601d1b9a0a5120d74d86887c3f31f3c", "3d16f9d8728cf8e0e1b8e437e31f97b93c2816fcf7115b913250efa194c0708f", "30f356b7c5b33da719938b1ecf3674097bb9a80373aee214dd4962712c0fc5aa", "0f2584ba5e0633404ff7a283a0c4931c2a161c052ad6e91385744512c12972dd", "9977cda6684bc5eea321fa5611e3462bf9135a11c3a0a67ace0cd2332c8ca336", "3a0821a19a70e429adf239ad8c1f36709d3a446872a0fbb7e1eec995a9ffd656", "431f51ceda2403d84a429d565cb10f28e7776e0a68ace94b0b6fc444427371f8", "acc10afe9e3f86551b75a771c2f990c6207924161ab8c76ad87cc8dc6249e6b9", "b0b076a8a631bb6f81936b10826df7a09f54cb2a20c6c0195efc340853c30105", "9b1c1b7a4c036d71eb8efb15aa8b12112d3852352f685139c598355410de689a", "973c5328f68928a61c265efcce9e256f17b8f418ad3e6b5c0295d322a3d2b84c", "de5bbeb53b8b0575785420667cb7c04e7bf410552a05a390f32a9b6e7d43a81b", "bc388862c01fee70fe9f4fda0cc25836e44e0d1736a6108743275fe0b5183586", "8e293ac82db5e40a7da49a59fdb7cacdf15d0870c54babd508b34efaebf1bdda", "e998c602dff4650a8d38d86f4dcb9d46d29f23402314915aeb5ad89ccc11217e", "a03c1e1d21508020a347cda3dae5141c51dd3ee482053a364d5b055aa7df0255", "c7cdb09679fbc85590a50144eae10470a374de4a052b83ce8449cc86ed11cf4b", "31460296fbfc4dcd31b5bd8978088dce48c1e60357f64730de6d952e6bee33fe", "39e9ea2973521669029531407fad8e193a98f84d88626bb2323fd4b9d0cf389a", "015446106849e64c790d08cf9ccc81523b1022f358b7f3f22b0faf6dce4d1cd9", "19db38a3d52c3f9196ea1bf1db4b687fe8b887467213c4138b34665aa717392f", "f164003d23027ac757c50a1d220c331b3c65bdad05ce4dcc71f4c609c084c0e6", "529c3926848d01d88c8fb58b734921cb003644953055bc65691dfa854d53109b", "273530b5aa7733745abea770ee350b56d6014a763e11ddee56ebf065757ba4ca", "8261a01cc48dd93f96ab5faea1041580fe95f9addb7d5113ea08ea3b2f38ae40", "cb80fda361675785b2d6d87b127b7df5b8f51b01f897d4f9970bef4421e54167", "e02400cd6782a13f3fe13fe3a9149c4c797cf2f3d0376b9dc5e9cb9e6e1eecec", "a06df55979af7e35b98c9dcc128e3d9c20b662d46d7920fc517b8c6f1d4f0ff4", "5f5e905541a650d6f3f854e0e4f60716953c1752db01f93ee106dd641e7bad93", "6ca0a65401c68d203ce7d71cf1988c0be32cd2366603a47e08c918ca22492294"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "memory-execute-readwrite", "hashes": ["c0918bc97bc3bfa2834d79a42ffbc60f52ac612b9633f0747d7e0240421ddfd5", "dfba0caa89709c29f21377076153edbc57c05452d8bc71197f02b5b06f4d5412", "d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8", "6bf05462cb13eb0efb05f3126e481dfc69ce775470e3e02edef55379ed1de28c", "cf044e90bef8edf53332c5a4c9a42ca0f0f24d874951c9fd2c6ceb0470c4a922", "7b9d39e064315300c64a5c2e84e822394ae7404903288970dbc46610759d6566", "e7440d97e42d4b47ea1126336ce881c888ae268a1bd2a1e1ad89e11386f30765", "5871a6a9839f2c0594f62f6923891e339bed635d14dbc23aaafd0ebbd26903e3", "f9cfae9d3ebabeefe379e6098d4b0fda2e9af51ea16e6a6c7f2813e3cbcc54b8", "9604112525ccb7a316e5d71f9ce4624e574ef32b084b4974e8b8c4930a86b747", "88896b9e26d3a6c995c6c8e6263909ef6d4aa32a0b3ea80de35841442bff5a66", "d7db6598f81560869ab607b545a98ba0137b924844b34faf56a8bfc3920b5541", "1b203972e5f19418d1ac3516ccd2805f2622058608e70e106bf083d06b26af6a", "1f5a48c6de3756ea45bc49d01425438dbef0000494d93394277e37838dd0e2c2", "12d076a14fa94b8e4a290a8b96afaa95fc336bdd0e2551b61694db67a1e49d43", "77b580345a37827a4706830ac1e94cf07137d5a3f170579b91b91edb0412fc6e", "0ec37d41525ee0c5995446e6163fa32d0b6fd05a92bcab4b973b83791d022155", "e51d7c91d0ac9496158348890efc861beb7a2abb86d61dbb7b52cd97cf3944ff", "fc1834bfb587a3b317322aeaf0cfe1160d98a2ca389d7cd19e46b4a55d7122b0", "40902f59d70b569b4b240116bd43593746395042f99d96c1d31770e7fd670509", "7d18f4893dd9981df67cf6b82b86e2c48d6f71efe205d870aa323e206be709c0", "1c3641047cd096ea8ae7c13ac0dfe7e57b97920a2002c86cd1dc475782229fe7", "e2866278244c3c3f5b5f2c4badaf40904a04104075b15e06a9f1f2c8736d44bf", "1f2164eed8463a61b8b74c726eca872492b7998ec1b93637d88982acf677fece", "3341fb4c70db0226c50d769ecc2ee479890a1f42d59c8e67a90a9264dd17529f", "7370354d570ed9682a58e59865885bbf16a07d9d2de5e7f9cc0e472b551f5d3c", "47652ea29d25c78ccf67448047e9d5e4ea6e530c4d0f1f6560615522432d2e23", "8240f050790c4a526a2ae65bb739e28e1f3cdc018623fe17ea30aa0c9a1bef26", "b6fc55805897776e88d183ad9075c88815cc23227b20ff724ac11fdc3c49da81", "50e2e2a2e7354cf10246fa1d1891faf913bf5b9c38563c3bfc5b65128a7ceab9", "1639c21ce9570b200bcbc40da2c299ef18366f24fce3f81ff4621c264128e1c4", "470f99e26209edda90f154852026d6eda1dcd3948586236c6240b481d85f381e", "b839b9ce91d54fc6aceed09568afd8ac45dfb275a4d24fface81b3f574bffe87", "2748358acbd71868da3945a1c0bff0c3f215f9a6f674e6cc7eae01da08fb3ebb", "2557e803f9addcdaf17a57b3bb8d424cc7befb24aa26f9e856be185897c57116", "887346cc2da305ccb97a752a8a9967cf58395ad5cd30eb1d4a80536d9fa4a40d", "347b42a92d481e418ed9b7a34d493bf53b374e4b71ac8f0431556a4912abd863", "1deff8f3cab9e0cb8b42a9cae86778344b69bfa227f0fc96265236a7066bfa68", "70ae2f0ffeac351706fd3f327013e34f0992aa607097c14dd17f394193b1d08a", "12c4f1a7804bcd0557676c249d7ac371f2871bf8057f5ea88664f05c77bed719", "c9063a4bfc7b38cac55532e7af3109a95219d335b399a716d83a678308caadb7", "fe3723bcd6d47ba56eb577e16a87be5ebdba39d3c20a03af7a17fc297a744815", "200acae29bca6ce1a2446970d7591628aa18bcaca901fb078802b36cd4bab4c1", "9a835872836f62bc17da590abf85ffc9f06876a86f64788d5be224ddbd981f0f", "75ac2de7028f8462b625b28d60034ab1a53eedd2c09787fcd286ebcf66a65a67", "b23b29f4557d734fe3166a875607f6701701e07e558a1e8cd93db3b73f01fa12", "7cc21cb8896c2d9cdaa0203f6fe264d77e4a168fe4f0cec6d3d2bf15c16e2fdf", "fb140f70bed813fb515657932cc3ae8eff99dedfb59336ea17403bd1720ac973", "5835ddb0071dbde1bfddf661d24ab706c2553be1ebe7dd68d119baacd57422e7", "d73b661052c4f62fb57739128c5ee155364496ee09c67af987db8ee84aac9022", "f22686f4d000955b5bf304c7c9024f3bc2c1d00e5494073db86416ec6a1845c5", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "c685a9f2203a051486ac094794b5f11cd4996126cf503087d25a0356fe1b026f", "0585f6fdd47eea51bddd77a2a4ff35d8d601d1b9a0a5120d74d86887c3f31f3c", "3d16f9d8728cf8e0e1b8e437e31f97b93c2816fcf7115b913250efa194c0708f", "30f356b7c5b33da719938b1ecf3674097bb9a80373aee214dd4962712c0fc5aa", "0f2584ba5e0633404ff7a283a0c4931c2a161c052ad6e91385744512c12972dd", "9977cda6684bc5eea321fa5611e3462bf9135a11c3a0a67ace0cd2332c8ca336", "3a0821a19a70e429adf239ad8c1f36709d3a446872a0fbb7e1eec995a9ffd656", "431f51ceda2403d84a429d565cb10f28e7776e0a68ace94b0b6fc444427371f8", "acc10afe9e3f86551b75a771c2f990c6207924161ab8c76ad87cc8dc6249e6b9", "b0b076a8a631bb6f81936b10826df7a09f54cb2a20c6c0195efc340853c30105", "9b1c1b7a4c036d71eb8efb15aa8b12112d3852352f685139c598355410de689a", "973c5328f68928a61c265efcce9e256f17b8f418ad3e6b5c0295d322a3d2b84c", "de5bbeb53b8b0575785420667cb7c04e7bf410552a05a390f32a9b6e7d43a81b", "bc388862c01fee70fe9f4fda0cc25836e44e0d1736a6108743275fe0b5183586", "8e293ac82db5e40a7da49a59fdb7cacdf15d0870c54babd508b34efaebf1bdda", "e998c602dff4650a8d38d86f4dcb9d46d29f23402314915aeb5ad89ccc11217e", "a03c1e1d21508020a347cda3dae5141c51dd3ee482053a364d5b055aa7df0255", "c7cdb09679fbc85590a50144eae10470a374de4a052b83ce8449cc86ed11cf4b", "31460296fbfc4dcd31b5bd8978088dce48c1e60357f64730de6d952e6bee33fe", "39e9ea2973521669029531407fad8e193a98f84d88626bb2323fd4b9d0cf389a", "015446106849e64c790d08cf9ccc81523b1022f358b7f3f22b0faf6dce4d1cd9", "19db38a3d52c3f9196ea1bf1db4b687fe8b887467213c4138b34665aa717392f", "f164003d23027ac757c50a1d220c331b3c65bdad05ce4dcc71f4c609c084c0e6", "529c3926848d01d88c8fb58b734921cb003644953055bc65691dfa854d53109b", "273530b5aa7733745abea770ee350b56d6014a763e11ddee56ebf065757ba4ca", "8261a01cc48dd93f96ab5faea1041580fe95f9addb7d5113ea08ea3b2f38ae40", "cb80fda361675785b2d6d87b127b7df5b8f51b01f897d4f9970bef4421e54167", "e02400cd6782a13f3fe13fe3a9149c4c797cf2f3d0376b9dc5e9cb9e6e1eecec", "a06df55979af7e35b98c9dcc128e3d9c20b662d46d7920fc517b8c6f1d4f0ff4", "5f5e905541a650d6f3f854e0e4f60716953c1752db01f93ee106dd641e7bad93", "6ca0a65401c68d203ce7d71cf1988c0be32cd2366603a47e08c918ca22492294"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "imports-IsDebuggerPresent", "hashes": ["c0918bc97bc3bfa2834d79a42ffbc60f52ac612b9633f0747d7e0240421ddfd5", "dfba0caa89709c29f21377076153edbc57c05452d8bc71197f02b5b06f4d5412", "d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8", "6bf05462cb13eb0efb05f3126e481dfc69ce775470e3e02edef55379ed1de28c", "cf044e90bef8edf53332c5a4c9a42ca0f0f24d874951c9fd2c6ceb0470c4a922", "7b9d39e064315300c64a5c2e84e822394ae7404903288970dbc46610759d6566", "e7440d97e42d4b47ea1126336ce881c888ae268a1bd2a1e1ad89e11386f30765", "5871a6a9839f2c0594f62f6923891e339bed635d14dbc23aaafd0ebbd26903e3", "f9cfae9d3ebabeefe379e6098d4b0fda2e9af51ea16e6a6c7f2813e3cbcc54b8", "9604112525ccb7a316e5d71f9ce4624e574ef32b084b4974e8b8c4930a86b747", "88896b9e26d3a6c995c6c8e6263909ef6d4aa32a0b3ea80de35841442bff5a66", "d7db6598f81560869ab607b545a98ba0137b924844b34faf56a8bfc3920b5541", "1b203972e5f19418d1ac3516ccd2805f2622058608e70e106bf083d06b26af6a", "1f5a48c6de3756ea45bc49d01425438dbef0000494d93394277e37838dd0e2c2", "12d076a14fa94b8e4a290a8b96afaa95fc336bdd0e2551b61694db67a1e49d43", "77b580345a37827a4706830ac1e94cf07137d5a3f170579b91b91edb0412fc6e", "0ec37d41525ee0c5995446e6163fa32d0b6fd05a92bcab4b973b83791d022155", "e51d7c91d0ac9496158348890efc861beb7a2abb86d61dbb7b52cd97cf3944ff", "fc1834bfb587a3b317322aeaf0cfe1160d98a2ca389d7cd19e46b4a55d7122b0", "40902f59d70b569b4b240116bd43593746395042f99d96c1d31770e7fd670509", "7d18f4893dd9981df67cf6b82b86e2c48d6f71efe205d870aa323e206be709c0", "1c3641047cd096ea8ae7c13ac0dfe7e57b97920a2002c86cd1dc475782229fe7", "e2866278244c3c3f5b5f2c4badaf40904a04104075b15e06a9f1f2c8736d44bf", "1f2164eed8463a61b8b74c726eca872492b7998ec1b93637d88982acf677fece", "3341fb4c70db0226c50d769ecc2ee479890a1f42d59c8e67a90a9264dd17529f", "7370354d570ed9682a58e59865885bbf16a07d9d2de5e7f9cc0e472b551f5d3c", "47652ea29d25c78ccf67448047e9d5e4ea6e530c4d0f1f6560615522432d2e23", "8240f050790c4a526a2ae65bb739e28e1f3cdc018623fe17ea30aa0c9a1bef26", "b6fc55805897776e88d183ad9075c88815cc23227b20ff724ac11fdc3c49da81", "50e2e2a2e7354cf10246fa1d1891faf913bf5b9c38563c3bfc5b65128a7ceab9", "1639c21ce9570b200bcbc40da2c299ef18366f24fce3f81ff4621c264128e1c4", "470f99e26209edda90f154852026d6eda1dcd3948586236c6240b481d85f381e", "b839b9ce91d54fc6aceed09568afd8ac45dfb275a4d24fface81b3f574bffe87", "2748358acbd71868da3945a1c0bff0c3f215f9a6f674e6cc7eae01da08fb3ebb", "2557e803f9addcdaf17a57b3bb8d424cc7befb24aa26f9e856be185897c57116", "887346cc2da305ccb97a752a8a9967cf58395ad5cd30eb1d4a80536d9fa4a40d", "347b42a92d481e418ed9b7a34d493bf53b374e4b71ac8f0431556a4912abd863", "1deff8f3cab9e0cb8b42a9cae86778344b69bfa227f0fc96265236a7066bfa68", "70ae2f0ffeac351706fd3f327013e34f0992aa607097c14dd17f394193b1d08a", "12c4f1a7804bcd0557676c249d7ac371f2871bf8057f5ea88664f05c77bed719", "c9063a4bfc7b38cac55532e7af3109a95219d335b399a716d83a678308caadb7", "fe3723bcd6d47ba56eb577e16a87be5ebdba39d3c20a03af7a17fc297a744815", "200acae29bca6ce1a2446970d7591628aa18bcaca901fb078802b36cd4bab4c1", "9a835872836f62bc17da590abf85ffc9f06876a86f64788d5be224ddbd981f0f", "75ac2de7028f8462b625b28d60034ab1a53eedd2c09787fcd286ebcf66a65a67", "b23b29f4557d734fe3166a875607f6701701e07e558a1e8cd93db3b73f01fa12", "7cc21cb8896c2d9cdaa0203f6fe264d77e4a168fe4f0cec6d3d2bf15c16e2fdf", "fb140f70bed813fb515657932cc3ae8eff99dedfb59336ea17403bd1720ac973", "5835ddb0071dbde1bfddf661d24ab706c2553be1ebe7dd68d119baacd57422e7", "d73b661052c4f62fb57739128c5ee155364496ee09c67af987db8ee84aac9022", "f22686f4d000955b5bf304c7c9024f3bc2c1d00e5494073db86416ec6a1845c5", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "c685a9f2203a051486ac094794b5f11cd4996126cf503087d25a0356fe1b026f", "0585f6fdd47eea51bddd77a2a4ff35d8d601d1b9a0a5120d74d86887c3f31f3c", "3d16f9d8728cf8e0e1b8e437e31f97b93c2816fcf7115b913250efa194c0708f", "30f356b7c5b33da719938b1ecf3674097bb9a80373aee214dd4962712c0fc5aa", "0f2584ba5e0633404ff7a283a0c4931c2a161c052ad6e91385744512c12972dd", "9977cda6684bc5eea321fa5611e3462bf9135a11c3a0a67ace0cd2332c8ca336", "3a0821a19a70e429adf239ad8c1f36709d3a446872a0fbb7e1eec995a9ffd656", "431f51ceda2403d84a429d565cb10f28e7776e0a68ace94b0b6fc444427371f8", "acc10afe9e3f86551b75a771c2f990c6207924161ab8c76ad87cc8dc6249e6b9", "b0b076a8a631bb6f81936b10826df7a09f54cb2a20c6c0195efc340853c30105", "9b1c1b7a4c036d71eb8efb15aa8b12112d3852352f685139c598355410de689a", "973c5328f68928a61c265efcce9e256f17b8f418ad3e6b5c0295d322a3d2b84c", "de5bbeb53b8b0575785420667cb7c04e7bf410552a05a390f32a9b6e7d43a81b", "bc388862c01fee70fe9f4fda0cc25836e44e0d1736a6108743275fe0b5183586", "8e293ac82db5e40a7da49a59fdb7cacdf15d0870c54babd508b34efaebf1bdda", "e998c602dff4650a8d38d86f4dcb9d46d29f23402314915aeb5ad89ccc11217e", "a03c1e1d21508020a347cda3dae5141c51dd3ee482053a364d5b055aa7df0255", "c7cdb09679fbc85590a50144eae10470a374de4a052b83ce8449cc86ed11cf4b", "31460296fbfc4dcd31b5bd8978088dce48c1e60357f64730de6d952e6bee33fe", "39e9ea2973521669029531407fad8e193a98f84d88626bb2323fd4b9d0cf389a", "015446106849e64c790d08cf9ccc81523b1022f358b7f3f22b0faf6dce4d1cd9", "19db38a3d52c3f9196ea1bf1db4b687fe8b887467213c4138b34665aa717392f", "f164003d23027ac757c50a1d220c331b3c65bdad05ce4dcc71f4c609c084c0e6", "529c3926848d01d88c8fb58b734921cb003644953055bc65691dfa854d53109b", "273530b5aa7733745abea770ee350b56d6014a763e11ddee56ebf065757ba4ca", "8261a01cc48dd93f96ab5faea1041580fe95f9addb7d5113ea08ea3b2f38ae40", "cb80fda361675785b2d6d87b127b7df5b8f51b01f897d4f9970bef4421e54167", "e02400cd6782a13f3fe13fe3a9149c4c797cf2f3d0376b9dc5e9cb9e6e1eecec", "a06df55979af7e35b98c9dcc128e3d9c20b662d46d7920fc517b8c6f1d4f0ff4", "5f5e905541a650d6f3f854e0e4f60716953c1752db01f93ee106dd641e7bad93", "6ca0a65401c68d203ce7d71cf1988c0be32cd2366603a47e08c918ca22492294"], "mitre_attack_tags": ["TA0005", "TA0007"]}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["5871a6a9839f2c0594f62f6923891e339bed635d14dbc23aaafd0ebbd26903e3", "f9cfae9d3ebabeefe379e6098d4b0fda2e9af51ea16e6a6c7f2813e3cbcc54b8", "9604112525ccb7a316e5d71f9ce4624e574ef32b084b4974e8b8c4930a86b747", "88896b9e26d3a6c995c6c8e6263909ef6d4aa32a0b3ea80de35841442bff5a66", "d7db6598f81560869ab607b545a98ba0137b924844b34faf56a8bfc3920b5541", "1b203972e5f19418d1ac3516ccd2805f2622058608e70e106bf083d06b26af6a", "1f5a48c6de3756ea45bc49d01425438dbef0000494d93394277e37838dd0e2c2", "12d076a14fa94b8e4a290a8b96afaa95fc336bdd0e2551b61694db67a1e49d43", "77b580345a37827a4706830ac1e94cf07137d5a3f170579b91b91edb0412fc6e", "0ec37d41525ee0c5995446e6163fa32d0b6fd05a92bcab4b973b83791d022155", "e51d7c91d0ac9496158348890efc861beb7a2abb86d61dbb7b52cd97cf3944ff", "fc1834bfb587a3b317322aeaf0cfe1160d98a2ca389d7cd19e46b4a55d7122b0", "40902f59d70b569b4b240116bd43593746395042f99d96c1d31770e7fd670509", "7d18f4893dd9981df67cf6b82b86e2c48d6f71efe205d870aa323e206be709c0", "1c3641047cd096ea8ae7c13ac0dfe7e57b97920a2002c86cd1dc475782229fe7", "e2866278244c3c3f5b5f2c4badaf40904a04104075b15e06a9f1f2c8736d44bf", "1f2164eed8463a61b8b74c726eca872492b7998ec1b93637d88982acf677fece", "3341fb4c70db0226c50d769ecc2ee479890a1f42d59c8e67a90a9264dd17529f", "7370354d570ed9682a58e59865885bbf16a07d9d2de5e7f9cc0e472b551f5d3c", "8240f050790c4a526a2ae65bb739e28e1f3cdc018623fe17ea30aa0c9a1bef26", "b6fc55805897776e88d183ad9075c88815cc23227b20ff724ac11fdc3c49da81", "50e2e2a2e7354cf10246fa1d1891faf913bf5b9c38563c3bfc5b65128a7ceab9", "1639c21ce9570b200bcbc40da2c299ef18366f24fce3f81ff4621c264128e1c4", "b839b9ce91d54fc6aceed09568afd8ac45dfb275a4d24fface81b3f574bffe87", "2748358acbd71868da3945a1c0bff0c3f215f9a6f674e6cc7eae01da08fb3ebb", "2557e803f9addcdaf17a57b3bb8d424cc7befb24aa26f9e856be185897c57116", "887346cc2da305ccb97a752a8a9967cf58395ad5cd30eb1d4a80536d9fa4a40d", "1deff8f3cab9e0cb8b42a9cae86778344b69bfa227f0fc96265236a7066bfa68", "70ae2f0ffeac351706fd3f327013e34f0992aa607097c14dd17f394193b1d08a", "12c4f1a7804bcd0557676c249d7ac371f2871bf8057f5ea88664f05c77bed719", "c9063a4bfc7b38cac55532e7af3109a95219d335b399a716d83a678308caadb7", "fe3723bcd6d47ba56eb577e16a87be5ebdba39d3c20a03af7a17fc297a744815", "200acae29bca6ce1a2446970d7591628aa18bcaca901fb078802b36cd4bab4c1", "9a835872836f62bc17da590abf85ffc9f06876a86f64788d5be224ddbd981f0f", "75ac2de7028f8462b625b28d60034ab1a53eedd2c09787fcd286ebcf66a65a67", "b23b29f4557d734fe3166a875607f6701701e07e558a1e8cd93db3b73f01fa12", "7cc21cb8896c2d9cdaa0203f6fe264d77e4a168fe4f0cec6d3d2bf15c16e2fdf", "fb140f70bed813fb515657932cc3ae8eff99dedfb59336ea17403bd1720ac973", "5835ddb0071dbde1bfddf661d24ab706c2553be1ebe7dd68d119baacd57422e7", "d73b661052c4f62fb57739128c5ee155364496ee09c67af987db8ee84aac9022", "f22686f4d000955b5bf304c7c9024f3bc2c1d00e5494073db86416ec6a1845c5", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "c685a9f2203a051486ac094794b5f11cd4996126cf503087d25a0356fe1b026f", "0585f6fdd47eea51bddd77a2a4ff35d8d601d1b9a0a5120d74d86887c3f31f3c", "3d16f9d8728cf8e0e1b8e437e31f97b93c2816fcf7115b913250efa194c0708f", "9977cda6684bc5eea321fa5611e3462bf9135a11c3a0a67ace0cd2332c8ca336", "3a0821a19a70e429adf239ad8c1f36709d3a446872a0fbb7e1eec995a9ffd656", "431f51ceda2403d84a429d565cb10f28e7776e0a68ace94b0b6fc444427371f8", "acc10afe9e3f86551b75a771c2f990c6207924161ab8c76ad87cc8dc6249e6b9", "b0b076a8a631bb6f81936b10826df7a09f54cb2a20c6c0195efc340853c30105", "9b1c1b7a4c036d71eb8efb15aa8b12112d3852352f685139c598355410de689a", "973c5328f68928a61c265efcce9e256f17b8f418ad3e6b5c0295d322a3d2b84c", "de5bbeb53b8b0575785420667cb7c04e7bf410552a05a390f32a9b6e7d43a81b", "bc388862c01fee70fe9f4fda0cc25836e44e0d1736a6108743275fe0b5183586", "8e293ac82db5e40a7da49a59fdb7cacdf15d0870c54babd508b34efaebf1bdda", "e998c602dff4650a8d38d86f4dcb9d46d29f23402314915aeb5ad89ccc11217e", "a03c1e1d21508020a347cda3dae5141c51dd3ee482053a364d5b055aa7df0255", "c7cdb09679fbc85590a50144eae10470a374de4a052b83ce8449cc86ed11cf4b", "31460296fbfc4dcd31b5bd8978088dce48c1e60357f64730de6d952e6bee33fe", "39e9ea2973521669029531407fad8e193a98f84d88626bb2323fd4b9d0cf389a", "015446106849e64c790d08cf9ccc81523b1022f358b7f3f22b0faf6dce4d1cd9", "19db38a3d52c3f9196ea1bf1db4b687fe8b887467213c4138b34665aa717392f", "f164003d23027ac757c50a1d220c331b3c65bdad05ce4dcc71f4c609c084c0e6", "529c3926848d01d88c8fb58b734921cb003644953055bc65691dfa854d53109b", "8261a01cc48dd93f96ab5faea1041580fe95f9addb7d5113ea08ea3b2f38ae40", "cb80fda361675785b2d6d87b127b7df5b8f51b01f897d4f9970bef4421e54167", "e02400cd6782a13f3fe13fe3a9149c4c797cf2f3d0376b9dc5e9cb9e6e1eecec", "a06df55979af7e35b98c9dcc128e3d9c20b662d46d7920fc517b8c6f1d4f0ff4", "5f5e905541a650d6f3f854e0e4f60716953c1752db01f93ee106dd641e7bad93", "6ca0a65401c68d203ce7d71cf1988c0be32cd2366603a47e08c918ca22492294"], "mitre_attack_tags": []}, {"bi": "modified-file-in-user-dir", "hashes": ["dfba0caa89709c29f21377076153edbc57c05452d8bc71197f02b5b06f4d5412", "d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8", "e7440d97e42d4b47ea1126336ce881c888ae268a1bd2a1e1ad89e11386f30765", "5871a6a9839f2c0594f62f6923891e339bed635d14dbc23aaafd0ebbd26903e3", "f9cfae9d3ebabeefe379e6098d4b0fda2e9af51ea16e6a6c7f2813e3cbcc54b8", "77b580345a37827a4706830ac1e94cf07137d5a3f170579b91b91edb0412fc6e", "fc1834bfb587a3b317322aeaf0cfe1160d98a2ca389d7cd19e46b4a55d7122b0", "1c3641047cd096ea8ae7c13ac0dfe7e57b97920a2002c86cd1dc475782229fe7", "1639c21ce9570b200bcbc40da2c299ef18366f24fce3f81ff4621c264128e1c4", "b839b9ce91d54fc6aceed09568afd8ac45dfb275a4d24fface81b3f574bffe87", "2557e803f9addcdaf17a57b3bb8d424cc7befb24aa26f9e856be185897c57116", "347b42a92d481e418ed9b7a34d493bf53b374e4b71ac8f0431556a4912abd863", "1deff8f3cab9e0cb8b42a9cae86778344b69bfa227f0fc96265236a7066bfa68", "70ae2f0ffeac351706fd3f327013e34f0992aa607097c14dd17f394193b1d08a", "200acae29bca6ce1a2446970d7591628aa18bcaca901fb078802b36cd4bab4c1", "9a835872836f62bc17da590abf85ffc9f06876a86f64788d5be224ddbd981f0f", "75ac2de7028f8462b625b28d60034ab1a53eedd2c09787fcd286ebcf66a65a67", "b23b29f4557d734fe3166a875607f6701701e07e558a1e8cd93db3b73f01fa12", "7cc21cb8896c2d9cdaa0203f6fe264d77e4a168fe4f0cec6d3d2bf15c16e2fdf", "fb140f70bed813fb515657932cc3ae8eff99dedfb59336ea17403bd1720ac973", "5835ddb0071dbde1bfddf661d24ab706c2553be1ebe7dd68d119baacd57422e7", "d73b661052c4f62fb57739128c5ee155364496ee09c67af987db8ee84aac9022", "f22686f4d000955b5bf304c7c9024f3bc2c1d00e5494073db86416ec6a1845c5", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "c685a9f2203a051486ac094794b5f11cd4996126cf503087d25a0356fe1b026f", "0585f6fdd47eea51bddd77a2a4ff35d8d601d1b9a0a5120d74d86887c3f31f3c", "3d16f9d8728cf8e0e1b8e437e31f97b93c2816fcf7115b913250efa194c0708f", "30f356b7c5b33da719938b1ecf3674097bb9a80373aee214dd4962712c0fc5aa", "9977cda6684bc5eea321fa5611e3462bf9135a11c3a0a67ace0cd2332c8ca336", "3a0821a19a70e429adf239ad8c1f36709d3a446872a0fbb7e1eec995a9ffd656", "431f51ceda2403d84a429d565cb10f28e7776e0a68ace94b0b6fc444427371f8", "973c5328f68928a61c265efcce9e256f17b8f418ad3e6b5c0295d322a3d2b84c", "de5bbeb53b8b0575785420667cb7c04e7bf410552a05a390f32a9b6e7d43a81b", "bc388862c01fee70fe9f4fda0cc25836e44e0d1736a6108743275fe0b5183586", "8e293ac82db5e40a7da49a59fdb7cacdf15d0870c54babd508b34efaebf1bdda", "a03c1e1d21508020a347cda3dae5141c51dd3ee482053a364d5b055aa7df0255", "31460296fbfc4dcd31b5bd8978088dce48c1e60357f64730de6d952e6bee33fe", "f164003d23027ac757c50a1d220c331b3c65bdad05ce4dcc71f4c609c084c0e6", "273530b5aa7733745abea770ee350b56d6014a763e11ddee56ebf065757ba4ca", "8261a01cc48dd93f96ab5faea1041580fe95f9addb7d5113ea08ea3b2f38ae40", "e02400cd6782a13f3fe13fe3a9149c4c797cf2f3d0376b9dc5e9cb9e6e1eecec", "a06df55979af7e35b98c9dcc128e3d9c20b662d46d7920fc517b8c6f1d4f0ff4"], "mitre_attack_tags": []}, {"bi": "modified-executable", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8", "f9cfae9d3ebabeefe379e6098d4b0fda2e9af51ea16e6a6c7f2813e3cbcc54b8", "77b580345a37827a4706830ac1e94cf07137d5a3f170579b91b91edb0412fc6e", "fc1834bfb587a3b317322aeaf0cfe1160d98a2ca389d7cd19e46b4a55d7122b0", "1639c21ce9570b200bcbc40da2c299ef18366f24fce3f81ff4621c264128e1c4", "b839b9ce91d54fc6aceed09568afd8ac45dfb275a4d24fface81b3f574bffe87", "2557e803f9addcdaf17a57b3bb8d424cc7befb24aa26f9e856be185897c57116", "1deff8f3cab9e0cb8b42a9cae86778344b69bfa227f0fc96265236a7066bfa68", "70ae2f0ffeac351706fd3f327013e34f0992aa607097c14dd17f394193b1d08a", "200acae29bca6ce1a2446970d7591628aa18bcaca901fb078802b36cd4bab4c1", "75ac2de7028f8462b625b28d60034ab1a53eedd2c09787fcd286ebcf66a65a67", "b23b29f4557d734fe3166a875607f6701701e07e558a1e8cd93db3b73f01fa12", "7cc21cb8896c2d9cdaa0203f6fe264d77e4a168fe4f0cec6d3d2bf15c16e2fdf", "fb140f70bed813fb515657932cc3ae8eff99dedfb59336ea17403bd1720ac973", "d73b661052c4f62fb57739128c5ee155364496ee09c67af987db8ee84aac9022", "f22686f4d000955b5bf304c7c9024f3bc2c1d00e5494073db86416ec6a1845c5", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "c685a9f2203a051486ac094794b5f11cd4996126cf503087d25a0356fe1b026f", "0585f6fdd47eea51bddd77a2a4ff35d8d601d1b9a0a5120d74d86887c3f31f3c", "3d16f9d8728cf8e0e1b8e437e31f97b93c2816fcf7115b913250efa194c0708f", "9977cda6684bc5eea321fa5611e3462bf9135a11c3a0a67ace0cd2332c8ca336", "431f51ceda2403d84a429d565cb10f28e7776e0a68ace94b0b6fc444427371f8", "de5bbeb53b8b0575785420667cb7c04e7bf410552a05a390f32a9b6e7d43a81b", "bc388862c01fee70fe9f4fda0cc25836e44e0d1736a6108743275fe0b5183586", "8e293ac82db5e40a7da49a59fdb7cacdf15d0870c54babd508b34efaebf1bdda", "a03c1e1d21508020a347cda3dae5141c51dd3ee482053a364d5b055aa7df0255", "8261a01cc48dd93f96ab5faea1041580fe95f9addb7d5113ea08ea3b2f38ae40", "e02400cd6782a13f3fe13fe3a9149c4c797cf2f3d0376b9dc5e9cb9e6e1eecec"], "mitre_attack_tags": []}, {"bi": "created-executable-in-user-dir", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8", "f9cfae9d3ebabeefe379e6098d4b0fda2e9af51ea16e6a6c7f2813e3cbcc54b8", "77b580345a37827a4706830ac1e94cf07137d5a3f170579b91b91edb0412fc6e", "fc1834bfb587a3b317322aeaf0cfe1160d98a2ca389d7cd19e46b4a55d7122b0", "1639c21ce9570b200bcbc40da2c299ef18366f24fce3f81ff4621c264128e1c4", "b839b9ce91d54fc6aceed09568afd8ac45dfb275a4d24fface81b3f574bffe87", "2557e803f9addcdaf17a57b3bb8d424cc7befb24aa26f9e856be185897c57116", "1deff8f3cab9e0cb8b42a9cae86778344b69bfa227f0fc96265236a7066bfa68", "70ae2f0ffeac351706fd3f327013e34f0992aa607097c14dd17f394193b1d08a", "200acae29bca6ce1a2446970d7591628aa18bcaca901fb078802b36cd4bab4c1", "75ac2de7028f8462b625b28d60034ab1a53eedd2c09787fcd286ebcf66a65a67", "b23b29f4557d734fe3166a875607f6701701e07e558a1e8cd93db3b73f01fa12", "7cc21cb8896c2d9cdaa0203f6fe264d77e4a168fe4f0cec6d3d2bf15c16e2fdf", "fb140f70bed813fb515657932cc3ae8eff99dedfb59336ea17403bd1720ac973", "d73b661052c4f62fb57739128c5ee155364496ee09c67af987db8ee84aac9022", "f22686f4d000955b5bf304c7c9024f3bc2c1d00e5494073db86416ec6a1845c5", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "c685a9f2203a051486ac094794b5f11cd4996126cf503087d25a0356fe1b026f", "0585f6fdd47eea51bddd77a2a4ff35d8d601d1b9a0a5120d74d86887c3f31f3c", "3d16f9d8728cf8e0e1b8e437e31f97b93c2816fcf7115b913250efa194c0708f", "9977cda6684bc5eea321fa5611e3462bf9135a11c3a0a67ace0cd2332c8ca336", "431f51ceda2403d84a429d565cb10f28e7776e0a68ace94b0b6fc444427371f8", "de5bbeb53b8b0575785420667cb7c04e7bf410552a05a390f32a9b6e7d43a81b", "bc388862c01fee70fe9f4fda0cc25836e44e0d1736a6108743275fe0b5183586", "8e293ac82db5e40a7da49a59fdb7cacdf15d0870c54babd508b34efaebf1bdda", "a03c1e1d21508020a347cda3dae5141c51dd3ee482053a364d5b055aa7df0255", "8261a01cc48dd93f96ab5faea1041580fe95f9addb7d5113ea08ea3b2f38ae40", "e02400cd6782a13f3fe13fe3a9149c4c797cf2f3d0376b9dc5e9cb9e6e1eecec"], "mitre_attack_tags": []}, {"bi": "process-long-cmdline", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8", "f9cfae9d3ebabeefe379e6098d4b0fda2e9af51ea16e6a6c7f2813e3cbcc54b8", "77b580345a37827a4706830ac1e94cf07137d5a3f170579b91b91edb0412fc6e", "fc1834bfb587a3b317322aeaf0cfe1160d98a2ca389d7cd19e46b4a55d7122b0", "1639c21ce9570b200bcbc40da2c299ef18366f24fce3f81ff4621c264128e1c4", "b839b9ce91d54fc6aceed09568afd8ac45dfb275a4d24fface81b3f574bffe87", "2557e803f9addcdaf17a57b3bb8d424cc7befb24aa26f9e856be185897c57116", "1deff8f3cab9e0cb8b42a9cae86778344b69bfa227f0fc96265236a7066bfa68", "70ae2f0ffeac351706fd3f327013e34f0992aa607097c14dd17f394193b1d08a", "200acae29bca6ce1a2446970d7591628aa18bcaca901fb078802b36cd4bab4c1", "75ac2de7028f8462b625b28d60034ab1a53eedd2c09787fcd286ebcf66a65a67", "b23b29f4557d734fe3166a875607f6701701e07e558a1e8cd93db3b73f01fa12", "7cc21cb8896c2d9cdaa0203f6fe264d77e4a168fe4f0cec6d3d2bf15c16e2fdf", "fb140f70bed813fb515657932cc3ae8eff99dedfb59336ea17403bd1720ac973", "d73b661052c4f62fb57739128c5ee155364496ee09c67af987db8ee84aac9022", "f22686f4d000955b5bf304c7c9024f3bc2c1d00e5494073db86416ec6a1845c5", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "c685a9f2203a051486ac094794b5f11cd4996126cf503087d25a0356fe1b026f", "0585f6fdd47eea51bddd77a2a4ff35d8d601d1b9a0a5120d74d86887c3f31f3c", "3d16f9d8728cf8e0e1b8e437e31f97b93c2816fcf7115b913250efa194c0708f", "9977cda6684bc5eea321fa5611e3462bf9135a11c3a0a67ace0cd2332c8ca336", "431f51ceda2403d84a429d565cb10f28e7776e0a68ace94b0b6fc444427371f8", "de5bbeb53b8b0575785420667cb7c04e7bf410552a05a390f32a9b6e7d43a81b", "bc388862c01fee70fe9f4fda0cc25836e44e0d1736a6108743275fe0b5183586", "8e293ac82db5e40a7da49a59fdb7cacdf15d0870c54babd508b34efaebf1bdda", "a03c1e1d21508020a347cda3dae5141c51dd3ee482053a364d5b055aa7df0255", "8261a01cc48dd93f96ab5faea1041580fe95f9addb7d5113ea08ea3b2f38ae40", "e02400cd6782a13f3fe13fe3a9149c4c797cf2f3d0376b9dc5e9cb9e6e1eecec"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "artifact-windows-task", "hashes": ["f9cfae9d3ebabeefe379e6098d4b0fda2e9af51ea16e6a6c7f2813e3cbcc54b8", "77b580345a37827a4706830ac1e94cf07137d5a3f170579b91b91edb0412fc6e", "fc1834bfb587a3b317322aeaf0cfe1160d98a2ca389d7cd19e46b4a55d7122b0", "1639c21ce9570b200bcbc40da2c299ef18366f24fce3f81ff4621c264128e1c4", "b839b9ce91d54fc6aceed09568afd8ac45dfb275a4d24fface81b3f574bffe87", "2557e803f9addcdaf17a57b3bb8d424cc7befb24aa26f9e856be185897c57116", "1deff8f3cab9e0cb8b42a9cae86778344b69bfa227f0fc96265236a7066bfa68", "70ae2f0ffeac351706fd3f327013e34f0992aa607097c14dd17f394193b1d08a", "200acae29bca6ce1a2446970d7591628aa18bcaca901fb078802b36cd4bab4c1", "75ac2de7028f8462b625b28d60034ab1a53eedd2c09787fcd286ebcf66a65a67", "b23b29f4557d734fe3166a875607f6701701e07e558a1e8cd93db3b73f01fa12", "7cc21cb8896c2d9cdaa0203f6fe264d77e4a168fe4f0cec6d3d2bf15c16e2fdf", "fb140f70bed813fb515657932cc3ae8eff99dedfb59336ea17403bd1720ac973", "d73b661052c4f62fb57739128c5ee155364496ee09c67af987db8ee84aac9022", "f22686f4d000955b5bf304c7c9024f3bc2c1d00e5494073db86416ec6a1845c5", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "c685a9f2203a051486ac094794b5f11cd4996126cf503087d25a0356fe1b026f", "0585f6fdd47eea51bddd77a2a4ff35d8d601d1b9a0a5120d74d86887c3f31f3c", "3d16f9d8728cf8e0e1b8e437e31f97b93c2816fcf7115b913250efa194c0708f", "9977cda6684bc5eea321fa5611e3462bf9135a11c3a0a67ace0cd2332c8ca336", "431f51ceda2403d84a429d565cb10f28e7776e0a68ace94b0b6fc444427371f8", "de5bbeb53b8b0575785420667cb7c04e7bf410552a05a390f32a9b6e7d43a81b", "bc388862c01fee70fe9f4fda0cc25836e44e0d1736a6108743275fe0b5183586", "8e293ac82db5e40a7da49a59fdb7cacdf15d0870c54babd508b34efaebf1bdda", "a03c1e1d21508020a347cda3dae5141c51dd3ee482053a364d5b055aa7df0255", "8261a01cc48dd93f96ab5faea1041580fe95f9addb7d5113ea08ea3b2f38ae40", "e02400cd6782a13f3fe13fe3a9149c4c797cf2f3d0376b9dc5e9cb9e6e1eecec"], "mitre_attack_tags": ["TA0002", "TA0003", "TA0004", "T1053"]}, {"bi": "windows-util-schtask", "hashes": ["f9cfae9d3ebabeefe379e6098d4b0fda2e9af51ea16e6a6c7f2813e3cbcc54b8", "77b580345a37827a4706830ac1e94cf07137d5a3f170579b91b91edb0412fc6e", "fc1834bfb587a3b317322aeaf0cfe1160d98a2ca389d7cd19e46b4a55d7122b0", "1639c21ce9570b200bcbc40da2c299ef18366f24fce3f81ff4621c264128e1c4", "b839b9ce91d54fc6aceed09568afd8ac45dfb275a4d24fface81b3f574bffe87", "2557e803f9addcdaf17a57b3bb8d424cc7befb24aa26f9e856be185897c57116", "1deff8f3cab9e0cb8b42a9cae86778344b69bfa227f0fc96265236a7066bfa68", "70ae2f0ffeac351706fd3f327013e34f0992aa607097c14dd17f394193b1d08a", "200acae29bca6ce1a2446970d7591628aa18bcaca901fb078802b36cd4bab4c1", "75ac2de7028f8462b625b28d60034ab1a53eedd2c09787fcd286ebcf66a65a67", "b23b29f4557d734fe3166a875607f6701701e07e558a1e8cd93db3b73f01fa12", "7cc21cb8896c2d9cdaa0203f6fe264d77e4a168fe4f0cec6d3d2bf15c16e2fdf", "fb140f70bed813fb515657932cc3ae8eff99dedfb59336ea17403bd1720ac973", "d73b661052c4f62fb57739128c5ee155364496ee09c67af987db8ee84aac9022", "f22686f4d000955b5bf304c7c9024f3bc2c1d00e5494073db86416ec6a1845c5", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "c685a9f2203a051486ac094794b5f11cd4996126cf503087d25a0356fe1b026f", "0585f6fdd47eea51bddd77a2a4ff35d8d601d1b9a0a5120d74d86887c3f31f3c", "3d16f9d8728cf8e0e1b8e437e31f97b93c2816fcf7115b913250efa194c0708f", "9977cda6684bc5eea321fa5611e3462bf9135a11c3a0a67ace0cd2332c8ca336", "431f51ceda2403d84a429d565cb10f28e7776e0a68ace94b0b6fc444427371f8", "de5bbeb53b8b0575785420667cb7c04e7bf410552a05a390f32a9b6e7d43a81b", "bc388862c01fee70fe9f4fda0cc25836e44e0d1736a6108743275fe0b5183586", "8e293ac82db5e40a7da49a59fdb7cacdf15d0870c54babd508b34efaebf1bdda", "a03c1e1d21508020a347cda3dae5141c51dd3ee482053a364d5b055aa7df0255", "8261a01cc48dd93f96ab5faea1041580fe95f9addb7d5113ea08ea3b2f38ae40", "e02400cd6782a13f3fe13fe3a9149c4c797cf2f3d0376b9dc5e9cb9e6e1eecec"], "mitre_attack_tags": ["TA0002", "TA0003", "TA0004", "T1053"]}, {"bi": "windows-util-schtask-generic", "hashes": ["f9cfae9d3ebabeefe379e6098d4b0fda2e9af51ea16e6a6c7f2813e3cbcc54b8", "77b580345a37827a4706830ac1e94cf07137d5a3f170579b91b91edb0412fc6e", "fc1834bfb587a3b317322aeaf0cfe1160d98a2ca389d7cd19e46b4a55d7122b0", "1639c21ce9570b200bcbc40da2c299ef18366f24fce3f81ff4621c264128e1c4", "b839b9ce91d54fc6aceed09568afd8ac45dfb275a4d24fface81b3f574bffe87", "2557e803f9addcdaf17a57b3bb8d424cc7befb24aa26f9e856be185897c57116", "1deff8f3cab9e0cb8b42a9cae86778344b69bfa227f0fc96265236a7066bfa68", "70ae2f0ffeac351706fd3f327013e34f0992aa607097c14dd17f394193b1d08a", "200acae29bca6ce1a2446970d7591628aa18bcaca901fb078802b36cd4bab4c1", "75ac2de7028f8462b625b28d60034ab1a53eedd2c09787fcd286ebcf66a65a67", "b23b29f4557d734fe3166a875607f6701701e07e558a1e8cd93db3b73f01fa12", "7cc21cb8896c2d9cdaa0203f6fe264d77e4a168fe4f0cec6d3d2bf15c16e2fdf", "fb140f70bed813fb515657932cc3ae8eff99dedfb59336ea17403bd1720ac973", "d73b661052c4f62fb57739128c5ee155364496ee09c67af987db8ee84aac9022", "f22686f4d000955b5bf304c7c9024f3bc2c1d00e5494073db86416ec6a1845c5", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "c685a9f2203a051486ac094794b5f11cd4996126cf503087d25a0356fe1b026f", "0585f6fdd47eea51bddd77a2a4ff35d8d601d1b9a0a5120d74d86887c3f31f3c", "3d16f9d8728cf8e0e1b8e437e31f97b93c2816fcf7115b913250efa194c0708f", "9977cda6684bc5eea321fa5611e3462bf9135a11c3a0a67ace0cd2332c8ca336", "431f51ceda2403d84a429d565cb10f28e7776e0a68ace94b0b6fc444427371f8", "de5bbeb53b8b0575785420667cb7c04e7bf410552a05a390f32a9b6e7d43a81b", "bc388862c01fee70fe9f4fda0cc25836e44e0d1736a6108743275fe0b5183586", "8e293ac82db5e40a7da49a59fdb7cacdf15d0870c54babd508b34efaebf1bdda", "a03c1e1d21508020a347cda3dae5141c51dd3ee482053a364d5b055aa7df0255", "8261a01cc48dd93f96ab5faea1041580fe95f9addb7d5113ea08ea3b2f38ae40", "e02400cd6782a13f3fe13fe3a9149c4c797cf2f3d0376b9dc5e9cb9e6e1eecec"], "mitre_attack_tags": ["TA0002", "TA0003", "TA0004", "T1053"]}, {"bi": "potential-registry-persistence", "hashes": ["f9cfae9d3ebabeefe379e6098d4b0fda2e9af51ea16e6a6c7f2813e3cbcc54b8", "77b580345a37827a4706830ac1e94cf07137d5a3f170579b91b91edb0412fc6e", "fc1834bfb587a3b317322aeaf0cfe1160d98a2ca389d7cd19e46b4a55d7122b0", "1639c21ce9570b200bcbc40da2c299ef18366f24fce3f81ff4621c264128e1c4", "b839b9ce91d54fc6aceed09568afd8ac45dfb275a4d24fface81b3f574bffe87", "2557e803f9addcdaf17a57b3bb8d424cc7befb24aa26f9e856be185897c57116", "1deff8f3cab9e0cb8b42a9cae86778344b69bfa227f0fc96265236a7066bfa68", "70ae2f0ffeac351706fd3f327013e34f0992aa607097c14dd17f394193b1d08a", "200acae29bca6ce1a2446970d7591628aa18bcaca901fb078802b36cd4bab4c1", "75ac2de7028f8462b625b28d60034ab1a53eedd2c09787fcd286ebcf66a65a67", "b23b29f4557d734fe3166a875607f6701701e07e558a1e8cd93db3b73f01fa12", "7cc21cb8896c2d9cdaa0203f6fe264d77e4a168fe4f0cec6d3d2bf15c16e2fdf", "fb140f70bed813fb515657932cc3ae8eff99dedfb59336ea17403bd1720ac973", "d73b661052c4f62fb57739128c5ee155364496ee09c67af987db8ee84aac9022", "f22686f4d000955b5bf304c7c9024f3bc2c1d00e5494073db86416ec6a1845c5", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "c685a9f2203a051486ac094794b5f11cd4996126cf503087d25a0356fe1b026f", "0585f6fdd47eea51bddd77a2a4ff35d8d601d1b9a0a5120d74d86887c3f31f3c", "3d16f9d8728cf8e0e1b8e437e31f97b93c2816fcf7115b913250efa194c0708f", "9977cda6684bc5eea321fa5611e3462bf9135a11c3a0a67ace0cd2332c8ca336", "431f51ceda2403d84a429d565cb10f28e7776e0a68ace94b0b6fc444427371f8", "de5bbeb53b8b0575785420667cb7c04e7bf410552a05a390f32a9b6e7d43a81b", "bc388862c01fee70fe9f4fda0cc25836e44e0d1736a6108743275fe0b5183586", "8e293ac82db5e40a7da49a59fdb7cacdf15d0870c54babd508b34efaebf1bdda", "a03c1e1d21508020a347cda3dae5141c51dd3ee482053a364d5b055aa7df0255", "8261a01cc48dd93f96ab5faea1041580fe95f9addb7d5113ea08ea3b2f38ae40", "e02400cd6782a13f3fe13fe3a9149c4c797cf2f3d0376b9dc5e9cb9e6e1eecec"], "mitre_attack_tags": ["TA0003"]}, {"bi": "pe-tls-callback", "hashes": ["f9cfae9d3ebabeefe379e6098d4b0fda2e9af51ea16e6a6c7f2813e3cbcc54b8", "77b580345a37827a4706830ac1e94cf07137d5a3f170579b91b91edb0412fc6e", "fc1834bfb587a3b317322aeaf0cfe1160d98a2ca389d7cd19e46b4a55d7122b0", "1639c21ce9570b200bcbc40da2c299ef18366f24fce3f81ff4621c264128e1c4", "b839b9ce91d54fc6aceed09568afd8ac45dfb275a4d24fface81b3f574bffe87", "2557e803f9addcdaf17a57b3bb8d424cc7befb24aa26f9e856be185897c57116", "1deff8f3cab9e0cb8b42a9cae86778344b69bfa227f0fc96265236a7066bfa68", "70ae2f0ffeac351706fd3f327013e34f0992aa607097c14dd17f394193b1d08a", "200acae29bca6ce1a2446970d7591628aa18bcaca901fb078802b36cd4bab4c1", "75ac2de7028f8462b625b28d60034ab1a53eedd2c09787fcd286ebcf66a65a67", "b23b29f4557d734fe3166a875607f6701701e07e558a1e8cd93db3b73f01fa12", "7cc21cb8896c2d9cdaa0203f6fe264d77e4a168fe4f0cec6d3d2bf15c16e2fdf", "fb140f70bed813fb515657932cc3ae8eff99dedfb59336ea17403bd1720ac973", "d73b661052c4f62fb57739128c5ee155364496ee09c67af987db8ee84aac9022", "f22686f4d000955b5bf304c7c9024f3bc2c1d00e5494073db86416ec6a1845c5", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "c685a9f2203a051486ac094794b5f11cd4996126cf503087d25a0356fe1b026f", "0585f6fdd47eea51bddd77a2a4ff35d8d601d1b9a0a5120d74d86887c3f31f3c", "3d16f9d8728cf8e0e1b8e437e31f97b93c2816fcf7115b913250efa194c0708f", "9977cda6684bc5eea321fa5611e3462bf9135a11c3a0a67ace0cd2332c8ca336", "431f51ceda2403d84a429d565cb10f28e7776e0a68ace94b0b6fc444427371f8", "de5bbeb53b8b0575785420667cb7c04e7bf410552a05a390f32a9b6e7d43a81b", "bc388862c01fee70fe9f4fda0cc25836e44e0d1736a6108743275fe0b5183586", "8e293ac82db5e40a7da49a59fdb7cacdf15d0870c54babd508b34efaebf1bdda", "a03c1e1d21508020a347cda3dae5141c51dd3ee482053a364d5b055aa7df0255", "8261a01cc48dd93f96ab5faea1041580fe95f9addb7d5113ea08ea3b2f38ae40", "e02400cd6782a13f3fe13fe3a9149c4c797cf2f3d0376b9dc5e9cb9e6e1eecec"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "task-pointed-to-appdata-directory", "hashes": ["f9cfae9d3ebabeefe379e6098d4b0fda2e9af51ea16e6a6c7f2813e3cbcc54b8", "77b580345a37827a4706830ac1e94cf07137d5a3f170579b91b91edb0412fc6e", "fc1834bfb587a3b317322aeaf0cfe1160d98a2ca389d7cd19e46b4a55d7122b0", "1639c21ce9570b200bcbc40da2c299ef18366f24fce3f81ff4621c264128e1c4", "b839b9ce91d54fc6aceed09568afd8ac45dfb275a4d24fface81b3f574bffe87", "2557e803f9addcdaf17a57b3bb8d424cc7befb24aa26f9e856be185897c57116", "1deff8f3cab9e0cb8b42a9cae86778344b69bfa227f0fc96265236a7066bfa68", "70ae2f0ffeac351706fd3f327013e34f0992aa607097c14dd17f394193b1d08a", "200acae29bca6ce1a2446970d7591628aa18bcaca901fb078802b36cd4bab4c1", "75ac2de7028f8462b625b28d60034ab1a53eedd2c09787fcd286ebcf66a65a67", "b23b29f4557d734fe3166a875607f6701701e07e558a1e8cd93db3b73f01fa12", "7cc21cb8896c2d9cdaa0203f6fe264d77e4a168fe4f0cec6d3d2bf15c16e2fdf", "fb140f70bed813fb515657932cc3ae8eff99dedfb59336ea17403bd1720ac973", "d73b661052c4f62fb57739128c5ee155364496ee09c67af987db8ee84aac9022", "f22686f4d000955b5bf304c7c9024f3bc2c1d00e5494073db86416ec6a1845c5", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "c685a9f2203a051486ac094794b5f11cd4996126cf503087d25a0356fe1b026f", "0585f6fdd47eea51bddd77a2a4ff35d8d601d1b9a0a5120d74d86887c3f31f3c", "3d16f9d8728cf8e0e1b8e437e31f97b93c2816fcf7115b913250efa194c0708f", "9977cda6684bc5eea321fa5611e3462bf9135a11c3a0a67ace0cd2332c8ca336", "431f51ceda2403d84a429d565cb10f28e7776e0a68ace94b0b6fc444427371f8", "de5bbeb53b8b0575785420667cb7c04e7bf410552a05a390f32a9b6e7d43a81b", "bc388862c01fee70fe9f4fda0cc25836e44e0d1736a6108743275fe0b5183586", "8e293ac82db5e40a7da49a59fdb7cacdf15d0870c54babd508b34efaebf1bdda", "a03c1e1d21508020a347cda3dae5141c51dd3ee482053a364d5b055aa7df0255", "8261a01cc48dd93f96ab5faea1041580fe95f9addb7d5113ea08ea3b2f38ae40", "e02400cd6782a13f3fe13fe3a9149c4c797cf2f3d0376b9dc5e9cb9e6e1eecec"], "mitre_attack_tags": ["TA0002", "TA0003", "TA0004", "T1053"]}, {"bi": "registry-user-shell-folder-modified", "hashes": ["f9cfae9d3ebabeefe379e6098d4b0fda2e9af51ea16e6a6c7f2813e3cbcc54b8", "77b580345a37827a4706830ac1e94cf07137d5a3f170579b91b91edb0412fc6e", "fc1834bfb587a3b317322aeaf0cfe1160d98a2ca389d7cd19e46b4a55d7122b0", "1639c21ce9570b200bcbc40da2c299ef18366f24fce3f81ff4621c264128e1c4", "b839b9ce91d54fc6aceed09568afd8ac45dfb275a4d24fface81b3f574bffe87", "2557e803f9addcdaf17a57b3bb8d424cc7befb24aa26f9e856be185897c57116", "1deff8f3cab9e0cb8b42a9cae86778344b69bfa227f0fc96265236a7066bfa68", "70ae2f0ffeac351706fd3f327013e34f0992aa607097c14dd17f394193b1d08a", "200acae29bca6ce1a2446970d7591628aa18bcaca901fb078802b36cd4bab4c1", "75ac2de7028f8462b625b28d60034ab1a53eedd2c09787fcd286ebcf66a65a67", "b23b29f4557d734fe3166a875607f6701701e07e558a1e8cd93db3b73f01fa12", "7cc21cb8896c2d9cdaa0203f6fe264d77e4a168fe4f0cec6d3d2bf15c16e2fdf", "fb140f70bed813fb515657932cc3ae8eff99dedfb59336ea17403bd1720ac973", "d73b661052c4f62fb57739128c5ee155364496ee09c67af987db8ee84aac9022", "f22686f4d000955b5bf304c7c9024f3bc2c1d00e5494073db86416ec6a1845c5", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "c685a9f2203a051486ac094794b5f11cd4996126cf503087d25a0356fe1b026f", "0585f6fdd47eea51bddd77a2a4ff35d8d601d1b9a0a5120d74d86887c3f31f3c", "3d16f9d8728cf8e0e1b8e437e31f97b93c2816fcf7115b913250efa194c0708f", "9977cda6684bc5eea321fa5611e3462bf9135a11c3a0a67ace0cd2332c8ca336", "431f51ceda2403d84a429d565cb10f28e7776e0a68ace94b0b6fc444427371f8", "de5bbeb53b8b0575785420667cb7c04e7bf410552a05a390f32a9b6e7d43a81b", "bc388862c01fee70fe9f4fda0cc25836e44e0d1736a6108743275fe0b5183586", "8e293ac82db5e40a7da49a59fdb7cacdf15d0870c54babd508b34efaebf1bdda", "a03c1e1d21508020a347cda3dae5141c51dd3ee482053a364d5b055aa7df0255", "8261a01cc48dd93f96ab5faea1041580fe95f9addb7d5113ea08ea3b2f38ae40", "e02400cd6782a13f3fe13fe3a9149c4c797cf2f3d0376b9dc5e9cb9e6e1eecec"], "mitre_attack_tags": ["TA0005", "TA0003", "TA0004", "T1112", "T1547"]}, {"bi": "created-executable-sample-appdata", "hashes": ["f9cfae9d3ebabeefe379e6098d4b0fda2e9af51ea16e6a6c7f2813e3cbcc54b8", "77b580345a37827a4706830ac1e94cf07137d5a3f170579b91b91edb0412fc6e", "fc1834bfb587a3b317322aeaf0cfe1160d98a2ca389d7cd19e46b4a55d7122b0", "1639c21ce9570b200bcbc40da2c299ef18366f24fce3f81ff4621c264128e1c4", "b839b9ce91d54fc6aceed09568afd8ac45dfb275a4d24fface81b3f574bffe87", "2557e803f9addcdaf17a57b3bb8d424cc7befb24aa26f9e856be185897c57116", "1deff8f3cab9e0cb8b42a9cae86778344b69bfa227f0fc96265236a7066bfa68", "70ae2f0ffeac351706fd3f327013e34f0992aa607097c14dd17f394193b1d08a", "200acae29bca6ce1a2446970d7591628aa18bcaca901fb078802b36cd4bab4c1", "75ac2de7028f8462b625b28d60034ab1a53eedd2c09787fcd286ebcf66a65a67", "b23b29f4557d734fe3166a875607f6701701e07e558a1e8cd93db3b73f01fa12", "7cc21cb8896c2d9cdaa0203f6fe264d77e4a168fe4f0cec6d3d2bf15c16e2fdf", "fb140f70bed813fb515657932cc3ae8eff99dedfb59336ea17403bd1720ac973", "d73b661052c4f62fb57739128c5ee155364496ee09c67af987db8ee84aac9022", "f22686f4d000955b5bf304c7c9024f3bc2c1d00e5494073db86416ec6a1845c5", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "c685a9f2203a051486ac094794b5f11cd4996126cf503087d25a0356fe1b026f", "0585f6fdd47eea51bddd77a2a4ff35d8d601d1b9a0a5120d74d86887c3f31f3c", "3d16f9d8728cf8e0e1b8e437e31f97b93c2816fcf7115b913250efa194c0708f", "9977cda6684bc5eea321fa5611e3462bf9135a11c3a0a67ace0cd2332c8ca336", "431f51ceda2403d84a429d565cb10f28e7776e0a68ace94b0b6fc444427371f8", "de5bbeb53b8b0575785420667cb7c04e7bf410552a05a390f32a9b6e7d43a81b", "bc388862c01fee70fe9f4fda0cc25836e44e0d1736a6108743275fe0b5183586", "8e293ac82db5e40a7da49a59fdb7cacdf15d0870c54babd508b34efaebf1bdda", "a03c1e1d21508020a347cda3dae5141c51dd3ee482053a364d5b055aa7df0255", "8261a01cc48dd93f96ab5faea1041580fe95f9addb7d5113ea08ea3b2f38ae40", "e02400cd6782a13f3fe13fe3a9149c4c797cf2f3d0376b9dc5e9cb9e6e1eecec"], "mitre_attack_tags": ["TA0005", "T1564"]}, {"bi": "registry-service-autostart-disabled", "hashes": ["c0918bc97bc3bfa2834d79a42ffbc60f52ac612b9633f0747d7e0240421ddfd5", "cf044e90bef8edf53332c5a4c9a42ca0f0f24d874951c9fd2c6ceb0470c4a922", "7b9d39e064315300c64a5c2e84e822394ae7404903288970dbc46610759d6566", "9604112525ccb7a316e5d71f9ce4624e574ef32b084b4974e8b8c4930a86b747", "88896b9e26d3a6c995c6c8e6263909ef6d4aa32a0b3ea80de35841442bff5a66", "d7db6598f81560869ab607b545a98ba0137b924844b34faf56a8bfc3920b5541", "1b203972e5f19418d1ac3516ccd2805f2622058608e70e106bf083d06b26af6a", "1f5a48c6de3756ea45bc49d01425438dbef0000494d93394277e37838dd0e2c2", "12d076a14fa94b8e4a290a8b96afaa95fc336bdd0e2551b61694db67a1e49d43", "0ec37d41525ee0c5995446e6163fa32d0b6fd05a92bcab4b973b83791d022155", "e51d7c91d0ac9496158348890efc861beb7a2abb86d61dbb7b52cd97cf3944ff", "40902f59d70b569b4b240116bd43593746395042f99d96c1d31770e7fd670509", "7d18f4893dd9981df67cf6b82b86e2c48d6f71efe205d870aa323e206be709c0", "e2866278244c3c3f5b5f2c4badaf40904a04104075b15e06a9f1f2c8736d44bf", "1f2164eed8463a61b8b74c726eca872492b7998ec1b93637d88982acf677fece", "3341fb4c70db0226c50d769ecc2ee479890a1f42d59c8e67a90a9264dd17529f", "7370354d570ed9682a58e59865885bbf16a07d9d2de5e7f9cc0e472b551f5d3c", "47652ea29d25c78ccf67448047e9d5e4ea6e530c4d0f1f6560615522432d2e23", "8240f050790c4a526a2ae65bb739e28e1f3cdc018623fe17ea30aa0c9a1bef26", "b6fc55805897776e88d183ad9075c88815cc23227b20ff724ac11fdc3c49da81", "50e2e2a2e7354cf10246fa1d1891faf913bf5b9c38563c3bfc5b65128a7ceab9", "470f99e26209edda90f154852026d6eda1dcd3948586236c6240b481d85f381e", "2748358acbd71868da3945a1c0bff0c3f215f9a6f674e6cc7eae01da08fb3ebb", "887346cc2da305ccb97a752a8a9967cf58395ad5cd30eb1d4a80536d9fa4a40d", "12c4f1a7804bcd0557676c249d7ac371f2871bf8057f5ea88664f05c77bed719", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "mitre_attack_tags": ["TA0005", "TA0040", "TA0003", "TA0004", "T1112", "T1574", "T1489"]}, {"bi": "auto-update-disabled", "hashes": ["c0918bc97bc3bfa2834d79a42ffbc60f52ac612b9633f0747d7e0240421ddfd5", "cf044e90bef8edf53332c5a4c9a42ca0f0f24d874951c9fd2c6ceb0470c4a922", "7b9d39e064315300c64a5c2e84e822394ae7404903288970dbc46610759d6566", "9604112525ccb7a316e5d71f9ce4624e574ef32b084b4974e8b8c4930a86b747", "88896b9e26d3a6c995c6c8e6263909ef6d4aa32a0b3ea80de35841442bff5a66", "d7db6598f81560869ab607b545a98ba0137b924844b34faf56a8bfc3920b5541", "1b203972e5f19418d1ac3516ccd2805f2622058608e70e106bf083d06b26af6a", "1f5a48c6de3756ea45bc49d01425438dbef0000494d93394277e37838dd0e2c2", "12d076a14fa94b8e4a290a8b96afaa95fc336bdd0e2551b61694db67a1e49d43", "0ec37d41525ee0c5995446e6163fa32d0b6fd05a92bcab4b973b83791d022155", "e51d7c91d0ac9496158348890efc861beb7a2abb86d61dbb7b52cd97cf3944ff", "40902f59d70b569b4b240116bd43593746395042f99d96c1d31770e7fd670509", "7d18f4893dd9981df67cf6b82b86e2c48d6f71efe205d870aa323e206be709c0", "e2866278244c3c3f5b5f2c4badaf40904a04104075b15e06a9f1f2c8736d44bf", "1f2164eed8463a61b8b74c726eca872492b7998ec1b93637d88982acf677fece", "3341fb4c70db0226c50d769ecc2ee479890a1f42d59c8e67a90a9264dd17529f", "7370354d570ed9682a58e59865885bbf16a07d9d2de5e7f9cc0e472b551f5d3c", "47652ea29d25c78ccf67448047e9d5e4ea6e530c4d0f1f6560615522432d2e23", "8240f050790c4a526a2ae65bb739e28e1f3cdc018623fe17ea30aa0c9a1bef26", "b6fc55805897776e88d183ad9075c88815cc23227b20ff724ac11fdc3c49da81", "50e2e2a2e7354cf10246fa1d1891faf913bf5b9c38563c3bfc5b65128a7ceab9", "470f99e26209edda90f154852026d6eda1dcd3948586236c6240b481d85f381e", "2748358acbd71868da3945a1c0bff0c3f215f9a6f674e6cc7eae01da08fb3ebb", "887346cc2da305ccb97a752a8a9967cf58395ad5cd30eb1d4a80536d9fa4a40d", "12c4f1a7804bcd0557676c249d7ac371f2871bf8057f5ea88664f05c77bed719", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "mitre_attack_tags": ["TA0005", "T1562"]}, {"bi": "registry-disable-windefender", "hashes": ["c0918bc97bc3bfa2834d79a42ffbc60f52ac612b9633f0747d7e0240421ddfd5", "cf044e90bef8edf53332c5a4c9a42ca0f0f24d874951c9fd2c6ceb0470c4a922", "7b9d39e064315300c64a5c2e84e822394ae7404903288970dbc46610759d6566", "9604112525ccb7a316e5d71f9ce4624e574ef32b084b4974e8b8c4930a86b747", "88896b9e26d3a6c995c6c8e6263909ef6d4aa32a0b3ea80de35841442bff5a66", "d7db6598f81560869ab607b545a98ba0137b924844b34faf56a8bfc3920b5541", "1b203972e5f19418d1ac3516ccd2805f2622058608e70e106bf083d06b26af6a", "1f5a48c6de3756ea45bc49d01425438dbef0000494d93394277e37838dd0e2c2", "12d076a14fa94b8e4a290a8b96afaa95fc336bdd0e2551b61694db67a1e49d43", "0ec37d41525ee0c5995446e6163fa32d0b6fd05a92bcab4b973b83791d022155", "e51d7c91d0ac9496158348890efc861beb7a2abb86d61dbb7b52cd97cf3944ff", "40902f59d70b569b4b240116bd43593746395042f99d96c1d31770e7fd670509", "7d18f4893dd9981df67cf6b82b86e2c48d6f71efe205d870aa323e206be709c0", "e2866278244c3c3f5b5f2c4badaf40904a04104075b15e06a9f1f2c8736d44bf", "1f2164eed8463a61b8b74c726eca872492b7998ec1b93637d88982acf677fece", "3341fb4c70db0226c50d769ecc2ee479890a1f42d59c8e67a90a9264dd17529f", "7370354d570ed9682a58e59865885bbf16a07d9d2de5e7f9cc0e472b551f5d3c", "47652ea29d25c78ccf67448047e9d5e4ea6e530c4d0f1f6560615522432d2e23", "8240f050790c4a526a2ae65bb739e28e1f3cdc018623fe17ea30aa0c9a1bef26", "b6fc55805897776e88d183ad9075c88815cc23227b20ff724ac11fdc3c49da81", "50e2e2a2e7354cf10246fa1d1891faf913bf5b9c38563c3bfc5b65128a7ceab9", "470f99e26209edda90f154852026d6eda1dcd3948586236c6240b481d85f381e", "2748358acbd71868da3945a1c0bff0c3f215f9a6f674e6cc7eae01da08fb3ebb", "887346cc2da305ccb97a752a8a9967cf58395ad5cd30eb1d4a80536d9fa4a40d", "12c4f1a7804bcd0557676c249d7ac371f2871bf8057f5ea88664f05c77bed719", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "mitre_attack_tags": ["TA0005", "T1562"]}, {"bi": "excessive-foreign-memory-modification", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8", "6bf05462cb13eb0efb05f3126e481dfc69ce775470e3e02edef55379ed1de28c", "c9063a4bfc7b38cac55532e7af3109a95219d335b399a716d83a678308caadb7", "fe3723bcd6d47ba56eb577e16a87be5ebdba39d3c20a03af7a17fc297a744815", "0f2584ba5e0633404ff7a283a0c4931c2a161c052ad6e91385744512c12972dd", "acc10afe9e3f86551b75a771c2f990c6207924161ab8c76ad87cc8dc6249e6b9", "9b1c1b7a4c036d71eb8efb15aa8b12112d3852352f685139c598355410de689a", "e998c602dff4650a8d38d86f4dcb9d46d29f23402314915aeb5ad89ccc11217e", "c7cdb09679fbc85590a50144eae10470a374de4a052b83ce8449cc86ed11cf4b", "39e9ea2973521669029531407fad8e193a98f84d88626bb2323fd4b9d0cf389a", "015446106849e64c790d08cf9ccc81523b1022f358b7f3f22b0faf6dce4d1cd9", "19db38a3d52c3f9196ea1bf1db4b687fe8b887467213c4138b34665aa717392f", "529c3926848d01d88c8fb58b734921cb003644953055bc65691dfa854d53109b", "cb80fda361675785b2d6d87b127b7df5b8f51b01f897d4f9970bef4421e54167", "5f5e905541a650d6f3f854e0e4f60716953c1752db01f93ee106dd641e7bad93", "6ca0a65401c68d203ce7d71cf1988c0be32cd2366603a47e08c918ca22492294"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "sample-launched-copy-of-self", "hashes": ["6bf05462cb13eb0efb05f3126e481dfc69ce775470e3e02edef55379ed1de28c", "c9063a4bfc7b38cac55532e7af3109a95219d335b399a716d83a678308caadb7", "fe3723bcd6d47ba56eb577e16a87be5ebdba39d3c20a03af7a17fc297a744815", "0f2584ba5e0633404ff7a283a0c4931c2a161c052ad6e91385744512c12972dd", "acc10afe9e3f86551b75a771c2f990c6207924161ab8c76ad87cc8dc6249e6b9", "9b1c1b7a4c036d71eb8efb15aa8b12112d3852352f685139c598355410de689a", "e998c602dff4650a8d38d86f4dcb9d46d29f23402314915aeb5ad89ccc11217e", "c7cdb09679fbc85590a50144eae10470a374de4a052b83ce8449cc86ed11cf4b", "39e9ea2973521669029531407fad8e193a98f84d88626bb2323fd4b9d0cf389a", "015446106849e64c790d08cf9ccc81523b1022f358b7f3f22b0faf6dce4d1cd9", "19db38a3d52c3f9196ea1bf1db4b687fe8b887467213c4138b34665aa717392f", "529c3926848d01d88c8fb58b734921cb003644953055bc65691dfa854d53109b", "cb80fda361675785b2d6d87b127b7df5b8f51b01f897d4f9970bef4421e54167", "5f5e905541a650d6f3f854e0e4f60716953c1752db01f93ee106dd641e7bad93", "6ca0a65401c68d203ce7d71cf1988c0be32cd2366603a47e08c918ca22492294"], "mitre_attack_tags": ["TA0005", "T1202"]}, {"bi": "process-hollowing-detected", "hashes": ["6bf05462cb13eb0efb05f3126e481dfc69ce775470e3e02edef55379ed1de28c", "c9063a4bfc7b38cac55532e7af3109a95219d335b399a716d83a678308caadb7", "fe3723bcd6d47ba56eb577e16a87be5ebdba39d3c20a03af7a17fc297a744815", "0f2584ba5e0633404ff7a283a0c4931c2a161c052ad6e91385744512c12972dd", "acc10afe9e3f86551b75a771c2f990c6207924161ab8c76ad87cc8dc6249e6b9", "9b1c1b7a4c036d71eb8efb15aa8b12112d3852352f685139c598355410de689a", "e998c602dff4650a8d38d86f4dcb9d46d29f23402314915aeb5ad89ccc11217e", "c7cdb09679fbc85590a50144eae10470a374de4a052b83ce8449cc86ed11cf4b", "39e9ea2973521669029531407fad8e193a98f84d88626bb2323fd4b9d0cf389a", "015446106849e64c790d08cf9ccc81523b1022f358b7f3f22b0faf6dce4d1cd9", "19db38a3d52c3f9196ea1bf1db4b687fe8b887467213c4138b34665aa717392f", "529c3926848d01d88c8fb58b734921cb003644953055bc65691dfa854d53109b", "cb80fda361675785b2d6d87b127b7df5b8f51b01f897d4f9970bef4421e54167", "5f5e905541a650d6f3f854e0e4f60716953c1752db01f93ee106dd641e7bad93", "6ca0a65401c68d203ce7d71cf1988c0be32cd2366603a47e08c918ca22492294"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "windows-crash-tool-execution-detected", "hashes": ["dfba0caa89709c29f21377076153edbc57c05452d8bc71197f02b5b06f4d5412", "e7440d97e42d4b47ea1126336ce881c888ae268a1bd2a1e1ad89e11386f30765", "5871a6a9839f2c0594f62f6923891e339bed635d14dbc23aaafd0ebbd26903e3", "1c3641047cd096ea8ae7c13ac0dfe7e57b97920a2002c86cd1dc475782229fe7", "347b42a92d481e418ed9b7a34d493bf53b374e4b71ac8f0431556a4912abd863", "9a835872836f62bc17da590abf85ffc9f06876a86f64788d5be224ddbd981f0f", "5835ddb0071dbde1bfddf661d24ab706c2553be1ebe7dd68d119baacd57422e7", "30f356b7c5b33da719938b1ecf3674097bb9a80373aee214dd4962712c0fc5aa", "3a0821a19a70e429adf239ad8c1f36709d3a446872a0fbb7e1eec995a9ffd656", "973c5328f68928a61c265efcce9e256f17b8f418ad3e6b5c0295d322a3d2b84c", "31460296fbfc4dcd31b5bd8978088dce48c1e60357f64730de6d952e6bee33fe", "f164003d23027ac757c50a1d220c331b3c65bdad05ce4dcc71f4c609c084c0e6", "273530b5aa7733745abea770ee350b56d6014a763e11ddee56ebf065757ba4ca", "a06df55979af7e35b98c9dcc128e3d9c20b662d46d7920fc517b8c6f1d4f0ff4"], "mitre_attack_tags": []}, {"bi": "crash-dump-file-created", "hashes": ["dfba0caa89709c29f21377076153edbc57c05452d8bc71197f02b5b06f4d5412", "e7440d97e42d4b47ea1126336ce881c888ae268a1bd2a1e1ad89e11386f30765", "5871a6a9839f2c0594f62f6923891e339bed635d14dbc23aaafd0ebbd26903e3", "1c3641047cd096ea8ae7c13ac0dfe7e57b97920a2002c86cd1dc475782229fe7", "347b42a92d481e418ed9b7a34d493bf53b374e4b71ac8f0431556a4912abd863", "9a835872836f62bc17da590abf85ffc9f06876a86f64788d5be224ddbd981f0f", "5835ddb0071dbde1bfddf661d24ab706c2553be1ebe7dd68d119baacd57422e7", "30f356b7c5b33da719938b1ecf3674097bb9a80373aee214dd4962712c0fc5aa", "3a0821a19a70e429adf239ad8c1f36709d3a446872a0fbb7e1eec995a9ffd656", "973c5328f68928a61c265efcce9e256f17b8f418ad3e6b5c0295d322a3d2b84c", "31460296fbfc4dcd31b5bd8978088dce48c1e60357f64730de6d952e6bee33fe", "f164003d23027ac757c50a1d220c331b3c65bdad05ce4dcc71f4c609c084c0e6", "273530b5aa7733745abea770ee350b56d6014a763e11ddee56ebf065757ba4ca", "a06df55979af7e35b98c9dcc128e3d9c20b662d46d7920fc517b8c6f1d4f0ff4"], "mitre_attack_tags": []}, {"bi": "fault-report-file-created", "hashes": ["dfba0caa89709c29f21377076153edbc57c05452d8bc71197f02b5b06f4d5412", "e7440d97e42d4b47ea1126336ce881c888ae268a1bd2a1e1ad89e11386f30765", "5871a6a9839f2c0594f62f6923891e339bed635d14dbc23aaafd0ebbd26903e3", "1c3641047cd096ea8ae7c13ac0dfe7e57b97920a2002c86cd1dc475782229fe7", "347b42a92d481e418ed9b7a34d493bf53b374e4b71ac8f0431556a4912abd863", "9a835872836f62bc17da590abf85ffc9f06876a86f64788d5be224ddbd981f0f", "5835ddb0071dbde1bfddf661d24ab706c2553be1ebe7dd68d119baacd57422e7", "30f356b7c5b33da719938b1ecf3674097bb9a80373aee214dd4962712c0fc5aa", "3a0821a19a70e429adf239ad8c1f36709d3a446872a0fbb7e1eec995a9ffd656", "973c5328f68928a61c265efcce9e256f17b8f418ad3e6b5c0295d322a3d2b84c", "31460296fbfc4dcd31b5bd8978088dce48c1e60357f64730de6d952e6bee33fe", "f164003d23027ac757c50a1d220c331b3c65bdad05ce4dcc71f4c609c084c0e6", "273530b5aa7733745abea770ee350b56d6014a763e11ddee56ebf065757ba4ca", "a06df55979af7e35b98c9dcc128e3d9c20b662d46d7920fc517b8c6f1d4f0ff4"], "mitre_attack_tags": []}, {"bi": "nginx-webserver-detected", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8", "75ac2de7028f8462b625b28d60034ab1a53eedd2c09787fcd286ebcf66a65a67", "b23b29f4557d734fe3166a875607f6701701e07e558a1e8cd93db3b73f01fa12", "7cc21cb8896c2d9cdaa0203f6fe264d77e4a168fe4f0cec6d3d2bf15c16e2fdf", "fb140f70bed813fb515657932cc3ae8eff99dedfb59336ea17403bd1720ac973", "f22686f4d000955b5bf304c7c9024f3bc2c1d00e5494073db86416ec6a1845c5", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "c685a9f2203a051486ac094794b5f11cd4996126cf503087d25a0356fe1b026f"], "mitre_attack_tags": []}, {"bi": "network-communications-http-get", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8", "75ac2de7028f8462b625b28d60034ab1a53eedd2c09787fcd286ebcf66a65a67", "b23b29f4557d734fe3166a875607f6701701e07e558a1e8cd93db3b73f01fa12", "7cc21cb8896c2d9cdaa0203f6fe264d77e4a168fe4f0cec6d3d2bf15c16e2fdf", "fb140f70bed813fb515657932cc3ae8eff99dedfb59336ea17403bd1720ac973", "f22686f4d000955b5bf304c7c9024f3bc2c1d00e5494073db86416ec6a1845c5", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "c685a9f2203a051486ac094794b5f11cd4996126cf503087d25a0356fe1b026f"], "mitre_attack_tags": ["TA0011", "T1105"]}, {"bi": "network-communications-http-post", "hashes": ["75ac2de7028f8462b625b28d60034ab1a53eedd2c09787fcd286ebcf66a65a67", "b23b29f4557d734fe3166a875607f6701701e07e558a1e8cd93db3b73f01fa12", "7cc21cb8896c2d9cdaa0203f6fe264d77e4a168fe4f0cec6d3d2bf15c16e2fdf", "fb140f70bed813fb515657932cc3ae8eff99dedfb59336ea17403bd1720ac973", "f22686f4d000955b5bf304c7c9024f3bc2c1d00e5494073db86416ec6a1845c5", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "c685a9f2203a051486ac094794b5f11cd4996126cf503087d25a0356fe1b026f", "b0b076a8a631bb6f81936b10826df7a09f54cb2a20c6c0195efc340853c30105"], "mitre_attack_tags": ["TA0010", "T1048"]}, {"bi": "network-http-blank-user-agent", "hashes": ["75ac2de7028f8462b625b28d60034ab1a53eedd2c09787fcd286ebcf66a65a67", "b23b29f4557d734fe3166a875607f6701701e07e558a1e8cd93db3b73f01fa12", "7cc21cb8896c2d9cdaa0203f6fe264d77e4a168fe4f0cec6d3d2bf15c16e2fdf", "fb140f70bed813fb515657932cc3ae8eff99dedfb59336ea17403bd1720ac973", "f22686f4d000955b5bf304c7c9024f3bc2c1d00e5494073db86416ec6a1845c5", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "c685a9f2203a051486ac094794b5f11cd4996126cf503087d25a0356fe1b026f", "b0b076a8a631bb6f81936b10826df7a09f54cb2a20c6c0195efc340853c30105"], "mitre_attack_tags": ["TA0011", "T1071"]}, {"bi": "network-file-uploaded", "hashes": ["75ac2de7028f8462b625b28d60034ab1a53eedd2c09787fcd286ebcf66a65a67", "b23b29f4557d734fe3166a875607f6701701e07e558a1e8cd93db3b73f01fa12", "7cc21cb8896c2d9cdaa0203f6fe264d77e4a168fe4f0cec6d3d2bf15c16e2fdf", "fb140f70bed813fb515657932cc3ae8eff99dedfb59336ea17403bd1720ac973", "f22686f4d000955b5bf304c7c9024f3bc2c1d00e5494073db86416ec6a1845c5", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "c685a9f2203a051486ac094794b5f11cd4996126cf503087d25a0356fe1b026f"], "mitre_attack_tags": ["TA0010", "T1011"]}, {"bi": "network-http-numeric-ip", "hashes": ["75ac2de7028f8462b625b28d60034ab1a53eedd2c09787fcd286ebcf66a65a67", "b23b29f4557d734fe3166a875607f6701701e07e558a1e8cd93db3b73f01fa12", "7cc21cb8896c2d9cdaa0203f6fe264d77e4a168fe4f0cec6d3d2bf15c16e2fdf", "fb140f70bed813fb515657932cc3ae8eff99dedfb59336ea17403bd1720ac973", "f22686f4d000955b5bf304c7c9024f3bc2c1d00e5494073db86416ec6a1845c5", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "c685a9f2203a051486ac094794b5f11cd4996126cf503087d25a0356fe1b026f"], "mitre_attack_tags": ["TA0011", "T1071"]}, {"bi": "network-downloaded-executable", "hashes": ["75ac2de7028f8462b625b28d60034ab1a53eedd2c09787fcd286ebcf66a65a67", "b23b29f4557d734fe3166a875607f6701701e07e558a1e8cd93db3b73f01fa12", "7cc21cb8896c2d9cdaa0203f6fe264d77e4a168fe4f0cec6d3d2bf15c16e2fdf", "fb140f70bed813fb515657932cc3ae8eff99dedfb59336ea17403bd1720ac973", "f22686f4d000955b5bf304c7c9024f3bc2c1d00e5494073db86416ec6a1845c5", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "c685a9f2203a051486ac094794b5f11cd4996126cf503087d25a0356fe1b026f"], "mitre_attack_tags": ["TA0011", "T1105"]}, {"bi": "network-snort-file-exe", "hashes": ["75ac2de7028f8462b625b28d60034ab1a53eedd2c09787fcd286ebcf66a65a67", "b23b29f4557d734fe3166a875607f6701701e07e558a1e8cd93db3b73f01fa12", "7cc21cb8896c2d9cdaa0203f6fe264d77e4a168fe4f0cec6d3d2bf15c16e2fdf", "fb140f70bed813fb515657932cc3ae8eff99dedfb59336ea17403bd1720ac973", "f22686f4d000955b5bf304c7c9024f3bc2c1d00e5494073db86416ec6a1845c5", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "c685a9f2203a051486ac094794b5f11cd4996126cf503087d25a0356fe1b026f"], "mitre_attack_tags": []}, {"bi": "network-file-downloaded-to-disk", "hashes": ["75ac2de7028f8462b625b28d60034ab1a53eedd2c09787fcd286ebcf66a65a67", "b23b29f4557d734fe3166a875607f6701701e07e558a1e8cd93db3b73f01fa12", "7cc21cb8896c2d9cdaa0203f6fe264d77e4a168fe4f0cec6d3d2bf15c16e2fdf", "fb140f70bed813fb515657932cc3ae8eff99dedfb59336ea17403bd1720ac973", "f22686f4d000955b5bf304c7c9024f3bc2c1d00e5494073db86416ec6a1845c5", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "c685a9f2203a051486ac094794b5f11cd4996126cf503087d25a0356fe1b026f"], "mitre_attack_tags": []}, {"bi": "http-response-client-error", "hashes": ["75ac2de7028f8462b625b28d60034ab1a53eedd2c09787fcd286ebcf66a65a67", "b23b29f4557d734fe3166a875607f6701701e07e558a1e8cd93db3b73f01fa12", "7cc21cb8896c2d9cdaa0203f6fe264d77e4a168fe4f0cec6d3d2bf15c16e2fdf", "fb140f70bed813fb515657932cc3ae8eff99dedfb59336ea17403bd1720ac973", "f22686f4d000955b5bf304c7c9024f3bc2c1d00e5494073db86416ec6a1845c5", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "c685a9f2203a051486ac094794b5f11cd4996126cf503087d25a0356fe1b026f"], "mitre_attack_tags": []}, {"bi": "network-snort-malware", "hashes": ["75ac2de7028f8462b625b28d60034ab1a53eedd2c09787fcd286ebcf66a65a67", "b23b29f4557d734fe3166a875607f6701701e07e558a1e8cd93db3b73f01fa12", "7cc21cb8896c2d9cdaa0203f6fe264d77e4a168fe4f0cec6d3d2bf15c16e2fdf", "fb140f70bed813fb515657932cc3ae8eff99dedfb59336ea17403bd1720ac973", "f22686f4d000955b5bf304c7c9024f3bc2c1d00e5494073db86416ec6a1845c5", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "c685a9f2203a051486ac094794b5f11cd4996126cf503087d25a0356fe1b026f"], "mitre_attack_tags": []}, {"bi": "html-page-not-found", "hashes": ["75ac2de7028f8462b625b28d60034ab1a53eedd2c09787fcd286ebcf66a65a67", "b23b29f4557d734fe3166a875607f6701701e07e558a1e8cd93db3b73f01fa12", "7cc21cb8896c2d9cdaa0203f6fe264d77e4a168fe4f0cec6d3d2bf15c16e2fdf", "fb140f70bed813fb515657932cc3ae8eff99dedfb59336ea17403bd1720ac973", "f22686f4d000955b5bf304c7c9024f3bc2c1d00e5494073db86416ec6a1845c5", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "c685a9f2203a051486ac094794b5f11cd4996126cf503087d25a0356fe1b026f"], "mitre_attack_tags": []}, {"bi": "pe-invalid-checksum", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "mitre_attack_tags": []}, {"bi": "network-opendns-malicious", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8", "b0b076a8a631bb6f81936b10826df7a09f54cb2a20c6c0195efc340853c30105"], "mitre_attack_tags": []}, {"bi": "registry-service-with-autostart-created", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "mitre_attack_tags": ["TA0005", "TA0003", "TA0004", "T1112", "T1574"]}, {"bi": "currentcontrolset-service-added", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "mitre_attack_tags": ["TA0002", "TA0003", "TA0004", "T1569", "T1547"]}, {"bi": "network-fast-flux-domain", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "mitre_attack_tags": []}, {"bi": "network-snort-server", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "mitre_attack_tags": []}, {"bi": "network-fast-flux-nameserver", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "mitre_attack_tags": []}, {"bi": "network-communications-smtp", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "mitre_attack_tags": ["TA0011", "T1071"]}, {"bi": "dns-query-nxdomain", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "mitre_attack_tags": []}, {"bi": "network-smtp-spambot", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "mitre_attack_tags": []}, {"bi": "dns-excessive-domain-queries", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "mitre_attack_tags": ["TA0011", "T1008"]}, {"bi": "network-only-safe-domains-contacted", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "mitre_attack_tags": []}, {"bi": "feed-domain-rat", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "mitre_attack_tags": []}, {"bi": "process-requested-named-pipe", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "network-dns-category-file-storage", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "mitre_attack_tags": []}, {"bi": "deleted-submitted-file", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "mitre_attack_tags": ["TA0005"]}, {"bi": "listening-port-opened", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "mitre_attack_tags": ["TA0011", "T1219"]}, {"bi": "process-svchost-suspicious-launch", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "mitre_attack_tags": ["TA0005", "T1036"]}, {"bi": "altered-sample-dns-flagged", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "mitre_attack_tags": ["TA0011", "T1102"]}, {"bi": "localhost-ipaddress-detected", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "mitre_attack_tags": []}, {"bi": "cmd-exe-file-execution", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "mitre_attack_tags": ["TA0002", "T1059"]}, {"bi": "http-response-redirect", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "mitre_attack_tags": []}, {"bi": "registry-large-data-entry", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "mitre_attack_tags": ["TA0005", "T1112"]}, {"bi": "network-dns-category-cnc", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "mitre_attack_tags": ["TA0011"]}, {"bi": "sc-service-start", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "mitre_attack_tags": ["TA0002", "TA0003", "TA0004", "T1569", "T1543"]}, {"bi": "netbios-null-domain", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "mitre_attack_tags": []}, {"bi": "file-alternate-data-stream-modification", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "mitre_attack_tags": ["TA0005", "T1564"]}, {"bi": "malware-tofsee-cmd-detected", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "mitre_attack_tags": ["TA0005", "T1562"]}, {"bi": "netsh-firewall-generic", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "mitre_attack_tags": ["TA0007", "TA0005", "T1016", "T1562"]}, {"bi": "sc-service-create", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "mitre_attack_tags": ["TA0003", "TA0004", "T1543"]}, {"bi": "file-alternate-data-stream-creation", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "mitre_attack_tags": ["TA0005", "T1564"]}, {"bi": "registry-windows-defender-exclusions-added", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "mitre_attack_tags": ["TA0005", "T1562"]}, {"bi": "dns-bypassed-assigned-server", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "mitre_attack_tags": ["TA0011", "TA0005"]}, {"bi": "netsh-firewall-add", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "mitre_attack_tags": ["TA0005", "T1562"]}, {"bi": "html-small-file-redirect", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "mitre_attack_tags": []}, {"bi": "malware-tofsee-domain-detected", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "mitre_attack_tags": []}, {"bi": "malware-tofsee-filepath", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "mitre_attack_tags": ["TA0011", "TA0005", "T1105", "T1112"]}, {"bi": "sc-service-create-execute", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "mitre_attack_tags": ["TA0002", "TA0003", "TA0004", "T1569", "T1543"]}, {"bi": "double-url-detected", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "mitre_attack_tags": ["TA0011", "T1102"]}, {"bi": "zen-spamhaus-domain-contacted", "hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "mitre_attack_tags": ["TA0005", "TA0007", "T1497"]}, {"bi": "antivirus-flagged-artifact", "hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "mitre_attack_tags": []}, {"bi": "artifact-flagged-anomaly", "hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "pe-filename-mismatch", "hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "mitre_attack_tags": []}, {"bi": "network-downloaded-obfuscated-executable", "hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "mitre_attack_tags": ["TA0005", "TA0011", "T1027", "T1105"]}, {"bi": "network-snort-file-generic", "hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "mitre_attack_tags": []}, {"bi": "enumeration-browser-information", "hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "mitre_attack_tags": ["TA0007", "TA0009", "TA0006", "T1083", "T1217", "T1005", "T1119", "T1552", "T1539", "T1555"]}, {"bi": "pe-uses-dot-net", "hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "mitre_attack_tags": []}, {"bi": "registry-autorun-key-modified", "hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "mitre_attack_tags": ["TA0003", "TA0004", "T1547"]}, {"bi": "network-downloaded-antivirus-flagged", "hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "mitre_attack_tags": []}, {"bi": "firefox-cookie-read", "hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "mitre_attack_tags": ["TA0009", "T1005", "T1119"]}, {"bi": "pe-imports-toolhelp", "hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "mitre_attack_tags": ["TA0007", "T1057"]}, {"bi": "pe-header-linker-major", "hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "registry-autorun-key-temp-dir", "hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "mitre_attack_tags": ["TA0003", "TA0004", "T1547"]}, {"bi": "malware-generic-dotnet-trojan-uses-random-guid-mutex", "hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "mitre_attack_tags": []}, {"bi": "pe-uses-fasm", "hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "mitre_attack_tags": []}, {"bi": "pe-header-timestamp-future", "hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "mitre_attack_tags": []}, {"bi": "malware-generic-infostealer", "hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "mitre_attack_tags": ["TA0007", "TA0009", "TA0006", "T1083", "T1005", "T1119", "T1552"]}, {"bi": "enumeration-cryptocurrency-information", "hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "mitre_attack_tags": ["TA0007", "TA0009", "TA0006", "T1083", "T1005", "T1119", "T1552"]}, {"bi": "enumeration-email-program-information", "hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "mitre_attack_tags": ["TA0007", "TA0009", "TA0006", "T1083", "T1087", "T1005", "T1119", "T1114", "T1552"]}, {"bi": "enumeration-game-information", "hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "mitre_attack_tags": ["TA0007", "TA0009", "TA0006", "T1083", "T1005", "T1119", "T1552", "T1555"]}, {"bi": "pe-uses-iexpress", "hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "feed-domain-antivirus-service", "hashes": ["b0b076a8a631bb6f81936b10826df7a09f54cb2a20c6c0195efc340853c30105"], "mitre_attack_tags": []}, {"bi": "network-snort-indicator-compromise", "hashes": ["b0b076a8a631bb6f81936b10826df7a09f54cb2a20c6c0195efc340853c30105"], "mitre_attack_tags": []}], "category": "Dropper", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": true, "Threat Grid": true, "Umbrella": true, "WSA": true}, "description": "Tofsee is multi-purpose malware that features several modules to carry out various activities such as sending spam messages, conducting click fraud, mining cryptocurrency and more. Infected systems become part of the Tofsee spam botnet and send large volumes of spam messages to infect additional systems and increase the size of the botnet under the operator's control.", "hashes": ["015446106849e64c790d08cf9ccc81523b1022f358b7f3f22b0faf6dce4d1cd9", "0585f6fdd47eea51bddd77a2a4ff35d8d601d1b9a0a5120d74d86887c3f31f3c", "0ec37d41525ee0c5995446e6163fa32d0b6fd05a92bcab4b973b83791d022155", "0f2584ba5e0633404ff7a283a0c4931c2a161c052ad6e91385744512c12972dd", "12c4f1a7804bcd0557676c249d7ac371f2871bf8057f5ea88664f05c77bed719", "12d076a14fa94b8e4a290a8b96afaa95fc336bdd0e2551b61694db67a1e49d43", "1639c21ce9570b200bcbc40da2c299ef18366f24fce3f81ff4621c264128e1c4", "19db38a3d52c3f9196ea1bf1db4b687fe8b887467213c4138b34665aa717392f", "1b203972e5f19418d1ac3516ccd2805f2622058608e70e106bf083d06b26af6a", "1c3641047cd096ea8ae7c13ac0dfe7e57b97920a2002c86cd1dc475782229fe7", "1deff8f3cab9e0cb8b42a9cae86778344b69bfa227f0fc96265236a7066bfa68", "1f2164eed8463a61b8b74c726eca872492b7998ec1b93637d88982acf677fece", "1f5a48c6de3756ea45bc49d01425438dbef0000494d93394277e37838dd0e2c2", "200acae29bca6ce1a2446970d7591628aa18bcaca901fb078802b36cd4bab4c1", "2557e803f9addcdaf17a57b3bb8d424cc7befb24aa26f9e856be185897c57116", "273530b5aa7733745abea770ee350b56d6014a763e11ddee56ebf065757ba4ca", "2748358acbd71868da3945a1c0bff0c3f215f9a6f674e6cc7eae01da08fb3ebb", "30f356b7c5b33da719938b1ecf3674097bb9a80373aee214dd4962712c0fc5aa", "31460296fbfc4dcd31b5bd8978088dce48c1e60357f64730de6d952e6bee33fe", "3341fb4c70db0226c50d769ecc2ee479890a1f42d59c8e67a90a9264dd17529f", "347b42a92d481e418ed9b7a34d493bf53b374e4b71ac8f0431556a4912abd863", "39e9ea2973521669029531407fad8e193a98f84d88626bb2323fd4b9d0cf389a", "3a0821a19a70e429adf239ad8c1f36709d3a446872a0fbb7e1eec995a9ffd656", "3d16f9d8728cf8e0e1b8e437e31f97b93c2816fcf7115b913250efa194c0708f", "40902f59d70b569b4b240116bd43593746395042f99d96c1d31770e7fd670509", "431f51ceda2403d84a429d565cb10f28e7776e0a68ace94b0b6fc444427371f8", "470f99e26209edda90f154852026d6eda1dcd3948586236c6240b481d85f381e", "47652ea29d25c78ccf67448047e9d5e4ea6e530c4d0f1f6560615522432d2e23", "50e2e2a2e7354cf10246fa1d1891faf913bf5b9c38563c3bfc5b65128a7ceab9", "529c3926848d01d88c8fb58b734921cb003644953055bc65691dfa854d53109b", "5835ddb0071dbde1bfddf661d24ab706c2553be1ebe7dd68d119baacd57422e7", "5871a6a9839f2c0594f62f6923891e339bed635d14dbc23aaafd0ebbd26903e3", "5f5e905541a650d6f3f854e0e4f60716953c1752db01f93ee106dd641e7bad93", "6bf05462cb13eb0efb05f3126e481dfc69ce775470e3e02edef55379ed1de28c", "6ca0a65401c68d203ce7d71cf1988c0be32cd2366603a47e08c918ca22492294", "70ae2f0ffeac351706fd3f327013e34f0992aa607097c14dd17f394193b1d08a", "7370354d570ed9682a58e59865885bbf16a07d9d2de5e7f9cc0e472b551f5d3c", "75ac2de7028f8462b625b28d60034ab1a53eedd2c09787fcd286ebcf66a65a67", "77b580345a37827a4706830ac1e94cf07137d5a3f170579b91b91edb0412fc6e", "7b9d39e064315300c64a5c2e84e822394ae7404903288970dbc46610759d6566", "7cc21cb8896c2d9cdaa0203f6fe264d77e4a168fe4f0cec6d3d2bf15c16e2fdf", "7d18f4893dd9981df67cf6b82b86e2c48d6f71efe205d870aa323e206be709c0", "8240f050790c4a526a2ae65bb739e28e1f3cdc018623fe17ea30aa0c9a1bef26", "8261a01cc48dd93f96ab5faea1041580fe95f9addb7d5113ea08ea3b2f38ae40", "887346cc2da305ccb97a752a8a9967cf58395ad5cd30eb1d4a80536d9fa4a40d", "88896b9e26d3a6c995c6c8e6263909ef6d4aa32a0b3ea80de35841442bff5a66", "8e293ac82db5e40a7da49a59fdb7cacdf15d0870c54babd508b34efaebf1bdda", "9604112525ccb7a316e5d71f9ce4624e574ef32b084b4974e8b8c4930a86b747", "973c5328f68928a61c265efcce9e256f17b8f418ad3e6b5c0295d322a3d2b84c", "9977cda6684bc5eea321fa5611e3462bf9135a11c3a0a67ace0cd2332c8ca336", "9a835872836f62bc17da590abf85ffc9f06876a86f64788d5be224ddbd981f0f", "9b1c1b7a4c036d71eb8efb15aa8b12112d3852352f685139c598355410de689a", "a03c1e1d21508020a347cda3dae5141c51dd3ee482053a364d5b055aa7df0255", "a06df55979af7e35b98c9dcc128e3d9c20b662d46d7920fc517b8c6f1d4f0ff4", "acc10afe9e3f86551b75a771c2f990c6207924161ab8c76ad87cc8dc6249e6b9", "b0b076a8a631bb6f81936b10826df7a09f54cb2a20c6c0195efc340853c30105", "b23b29f4557d734fe3166a875607f6701701e07e558a1e8cd93db3b73f01fa12", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "b6fc55805897776e88d183ad9075c88815cc23227b20ff724ac11fdc3c49da81", "b839b9ce91d54fc6aceed09568afd8ac45dfb275a4d24fface81b3f574bffe87", "bc388862c01fee70fe9f4fda0cc25836e44e0d1736a6108743275fe0b5183586", "c0918bc97bc3bfa2834d79a42ffbc60f52ac612b9633f0747d7e0240421ddfd5", "c685a9f2203a051486ac094794b5f11cd4996126cf503087d25a0356fe1b026f", "c7cdb09679fbc85590a50144eae10470a374de4a052b83ce8449cc86ed11cf4b", "c9063a4bfc7b38cac55532e7af3109a95219d335b399a716d83a678308caadb7", "cb80fda361675785b2d6d87b127b7df5b8f51b01f897d4f9970bef4421e54167", "cf044e90bef8edf53332c5a4c9a42ca0f0f24d874951c9fd2c6ceb0470c4a922", "d73b661052c4f62fb57739128c5ee155364496ee09c67af987db8ee84aac9022", "d7db6598f81560869ab607b545a98ba0137b924844b34faf56a8bfc3920b5541", "d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8", "de5bbeb53b8b0575785420667cb7c04e7bf410552a05a390f32a9b6e7d43a81b", "dfba0caa89709c29f21377076153edbc57c05452d8bc71197f02b5b06f4d5412", "e02400cd6782a13f3fe13fe3a9149c4c797cf2f3d0376b9dc5e9cb9e6e1eecec", "e2866278244c3c3f5b5f2c4badaf40904a04104075b15e06a9f1f2c8736d44bf", "e51d7c91d0ac9496158348890efc861beb7a2abb86d61dbb7b52cd97cf3944ff", "e7440d97e42d4b47ea1126336ce881c888ae268a1bd2a1e1ad89e11386f30765", "e998c602dff4650a8d38d86f4dcb9d46d29f23402314915aeb5ad89ccc11217e", "f164003d23027ac757c50a1d220c331b3c65bdad05ce4dcc71f4c609c084c0e6", "f22686f4d000955b5bf304c7c9024f3bc2c1d00e5494073db86416ec6a1845c5", "f9cfae9d3ebabeefe379e6098d4b0fda2e9af51ea16e6a6c7f2813e3cbcc54b8", "fb140f70bed813fb515657932cc3ae8eff99dedfb59336ea17403bd1720ac973", "fc1834bfb587a3b317322aeaf0cfe1160d98a2ca389d7cd19e46b4a55d7122b0", "fe3723bcd6d47ba56eb577e16a87be5ebdba39d3c20a03af7a17fc297a744815"], "iocs": {"domain": [{"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "host": "249[.]5[.]55[.]69[.]bl[.]spamcop[.]net"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "host": "249[.]5[.]55[.]69[.]cbl[.]abuseat[.]org"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "host": "249[.]5[.]55[.]69[.]dnsbl[.]sorbs[.]net"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "host": "249[.]5[.]55[.]69[.]in-addr[.]arpa"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "host": "249[.]5[.]55[.]69[.]sbl-xbl[.]spamhaus[.]org"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "host": "249[.]5[.]55[.]69[.]zen[.]spamhaus[.]org"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "host": "i[.]instagram[.]com"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "host": "microsoft-com[.]mail[.]protection[.]outlook[.]com"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "host": "microsoft[.]com"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "host": "www[.]google[.]com"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "host": "www[.]youtube[.]com"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "host": "www[.]tiktok[.]com"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "host": "t[.]me"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "host": "api[.]twitter[.]com"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "host": "www[.]pornhub[.]com"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "host": "imap[.]free[.]fr"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "host": "mx01[.]bnr[.]ca"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "host": "imap[.]ntlworld[.]com"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "host": "imap[.]t-online[.]de"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "host": "steamcommunity[.]com"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "host": "api[.]steampowered[.]com"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "host": "api[.]solscan[.]io"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "host": "in-jsproxy[.]globh[.]com"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "host": "cv-h[.]phncdn[.]com"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "host": "vanaheim[.]cn"}, {"hashes": ["b0b076a8a631bb6f81936b10826df7a09f54cb2a20c6c0195efc340853c30105"], "host": "getbehavior[.]top"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "host": "imap[.]virginmedia[.]com"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "host": "blockscout[.]com"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "host": "mail[.]coldreams[.]com"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "host": "apilist[.]tronscan[.]org"}], "file": [{"hashes": ["0585f6fdd47eea51bddd77a2a4ff35d8d601d1b9a0a5120d74d86887c3f31f3c", "1639c21ce9570b200bcbc40da2c299ef18366f24fce3f81ff4621c264128e1c4", "1deff8f3cab9e0cb8b42a9cae86778344b69bfa227f0fc96265236a7066bfa68", "200acae29bca6ce1a2446970d7591628aa18bcaca901fb078802b36cd4bab4c1", "2557e803f9addcdaf17a57b3bb8d424cc7befb24aa26f9e856be185897c57116", "3d16f9d8728cf8e0e1b8e437e31f97b93c2816fcf7115b913250efa194c0708f", "431f51ceda2403d84a429d565cb10f28e7776e0a68ace94b0b6fc444427371f8", "70ae2f0ffeac351706fd3f327013e34f0992aa607097c14dd17f394193b1d08a", "75ac2de7028f8462b625b28d60034ab1a53eedd2c09787fcd286ebcf66a65a67", "77b580345a37827a4706830ac1e94cf07137d5a3f170579b91b91edb0412fc6e", "7cc21cb8896c2d9cdaa0203f6fe264d77e4a168fe4f0cec6d3d2bf15c16e2fdf", "8261a01cc48dd93f96ab5faea1041580fe95f9addb7d5113ea08ea3b2f38ae40", "8e293ac82db5e40a7da49a59fdb7cacdf15d0870c54babd508b34efaebf1bdda", "9977cda6684bc5eea321fa5611e3462bf9135a11c3a0a67ace0cd2332c8ca336", "a03c1e1d21508020a347cda3dae5141c51dd3ee482053a364d5b055aa7df0255", "b23b29f4557d734fe3166a875607f6701701e07e558a1e8cd93db3b73f01fa12", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "b839b9ce91d54fc6aceed09568afd8ac45dfb275a4d24fface81b3f574bffe87", "bc388862c01fee70fe9f4fda0cc25836e44e0d1736a6108743275fe0b5183586", "c685a9f2203a051486ac094794b5f11cd4996126cf503087d25a0356fe1b026f", "d73b661052c4f62fb57739128c5ee155364496ee09c67af987db8ee84aac9022", "de5bbeb53b8b0575785420667cb7c04e7bf410552a05a390f32a9b6e7d43a81b", "e02400cd6782a13f3fe13fe3a9149c4c797cf2f3d0376b9dc5e9cb9e6e1eecec", "f22686f4d000955b5bf304c7c9024f3bc2c1d00e5494073db86416ec6a1845c5", "f9cfae9d3ebabeefe379e6098d4b0fda2e9af51ea16e6a6c7f2813e3cbcc54b8", "fb140f70bed813fb515657932cc3ae8eff99dedfb59336ea17403bd1720ac973", "fc1834bfb587a3b317322aeaf0cfe1160d98a2ca389d7cd19e46b4a55d7122b0"], "path": "%APPDATA%\\006700e5a2ab05"}, {"hashes": ["0585f6fdd47eea51bddd77a2a4ff35d8d601d1b9a0a5120d74d86887c3f31f3c", "1639c21ce9570b200bcbc40da2c299ef18366f24fce3f81ff4621c264128e1c4", "1deff8f3cab9e0cb8b42a9cae86778344b69bfa227f0fc96265236a7066bfa68", "200acae29bca6ce1a2446970d7591628aa18bcaca901fb078802b36cd4bab4c1", "2557e803f9addcdaf17a57b3bb8d424cc7befb24aa26f9e856be185897c57116", "3d16f9d8728cf8e0e1b8e437e31f97b93c2816fcf7115b913250efa194c0708f", "431f51ceda2403d84a429d565cb10f28e7776e0a68ace94b0b6fc444427371f8", "70ae2f0ffeac351706fd3f327013e34f0992aa607097c14dd17f394193b1d08a", "75ac2de7028f8462b625b28d60034ab1a53eedd2c09787fcd286ebcf66a65a67", "77b580345a37827a4706830ac1e94cf07137d5a3f170579b91b91edb0412fc6e", "7cc21cb8896c2d9cdaa0203f6fe264d77e4a168fe4f0cec6d3d2bf15c16e2fdf", "8261a01cc48dd93f96ab5faea1041580fe95f9addb7d5113ea08ea3b2f38ae40", "8e293ac82db5e40a7da49a59fdb7cacdf15d0870c54babd508b34efaebf1bdda", "9977cda6684bc5eea321fa5611e3462bf9135a11c3a0a67ace0cd2332c8ca336", "a03c1e1d21508020a347cda3dae5141c51dd3ee482053a364d5b055aa7df0255", "b23b29f4557d734fe3166a875607f6701701e07e558a1e8cd93db3b73f01fa12", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "b839b9ce91d54fc6aceed09568afd8ac45dfb275a4d24fface81b3f574bffe87", "bc388862c01fee70fe9f4fda0cc25836e44e0d1736a6108743275fe0b5183586", "c685a9f2203a051486ac094794b5f11cd4996126cf503087d25a0356fe1b026f", "d73b661052c4f62fb57739128c5ee155364496ee09c67af987db8ee84aac9022", "de5bbeb53b8b0575785420667cb7c04e7bf410552a05a390f32a9b6e7d43a81b", "e02400cd6782a13f3fe13fe3a9149c4c797cf2f3d0376b9dc5e9cb9e6e1eecec", "f22686f4d000955b5bf304c7c9024f3bc2c1d00e5494073db86416ec6a1845c5", "f9cfae9d3ebabeefe379e6098d4b0fda2e9af51ea16e6a6c7f2813e3cbcc54b8", "fb140f70bed813fb515657932cc3ae8eff99dedfb59336ea17403bd1720ac973", "fc1834bfb587a3b317322aeaf0cfe1160d98a2ca389d7cd19e46b4a55d7122b0"], "path": "%APPDATA%\\006700e5a2ab05\\clip64.dll"}, {"hashes": ["0585f6fdd47eea51bddd77a2a4ff35d8d601d1b9a0a5120d74d86887c3f31f3c", "1639c21ce9570b200bcbc40da2c299ef18366f24fce3f81ff4621c264128e1c4", "1deff8f3cab9e0cb8b42a9cae86778344b69bfa227f0fc96265236a7066bfa68", "200acae29bca6ce1a2446970d7591628aa18bcaca901fb078802b36cd4bab4c1", "2557e803f9addcdaf17a57b3bb8d424cc7befb24aa26f9e856be185897c57116", "3d16f9d8728cf8e0e1b8e437e31f97b93c2816fcf7115b913250efa194c0708f", "431f51ceda2403d84a429d565cb10f28e7776e0a68ace94b0b6fc444427371f8", "70ae2f0ffeac351706fd3f327013e34f0992aa607097c14dd17f394193b1d08a", "75ac2de7028f8462b625b28d60034ab1a53eedd2c09787fcd286ebcf66a65a67", "77b580345a37827a4706830ac1e94cf07137d5a3f170579b91b91edb0412fc6e", "7cc21cb8896c2d9cdaa0203f6fe264d77e4a168fe4f0cec6d3d2bf15c16e2fdf", "8261a01cc48dd93f96ab5faea1041580fe95f9addb7d5113ea08ea3b2f38ae40", "8e293ac82db5e40a7da49a59fdb7cacdf15d0870c54babd508b34efaebf1bdda", "9977cda6684bc5eea321fa5611e3462bf9135a11c3a0a67ace0cd2332c8ca336", "a03c1e1d21508020a347cda3dae5141c51dd3ee482053a364d5b055aa7df0255", "b23b29f4557d734fe3166a875607f6701701e07e558a1e8cd93db3b73f01fa12", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "b839b9ce91d54fc6aceed09568afd8ac45dfb275a4d24fface81b3f574bffe87", "bc388862c01fee70fe9f4fda0cc25836e44e0d1736a6108743275fe0b5183586", "c685a9f2203a051486ac094794b5f11cd4996126cf503087d25a0356fe1b026f", "d73b661052c4f62fb57739128c5ee155364496ee09c67af987db8ee84aac9022", "de5bbeb53b8b0575785420667cb7c04e7bf410552a05a390f32a9b6e7d43a81b", "e02400cd6782a13f3fe13fe3a9149c4c797cf2f3d0376b9dc5e9cb9e6e1eecec", "f22686f4d000955b5bf304c7c9024f3bc2c1d00e5494073db86416ec6a1845c5", "f9cfae9d3ebabeefe379e6098d4b0fda2e9af51ea16e6a6c7f2813e3cbcc54b8", "fb140f70bed813fb515657932cc3ae8eff99dedfb59336ea17403bd1720ac973", "fc1834bfb587a3b317322aeaf0cfe1160d98a2ca389d7cd19e46b4a55d7122b0"], "path": "%APPDATA%\\006700e5a2ab05\\cred64.dll"}, {"hashes": ["0585f6fdd47eea51bddd77a2a4ff35d8d601d1b9a0a5120d74d86887c3f31f3c", "1639c21ce9570b200bcbc40da2c299ef18366f24fce3f81ff4621c264128e1c4", "1deff8f3cab9e0cb8b42a9cae86778344b69bfa227f0fc96265236a7066bfa68", "200acae29bca6ce1a2446970d7591628aa18bcaca901fb078802b36cd4bab4c1", "2557e803f9addcdaf17a57b3bb8d424cc7befb24aa26f9e856be185897c57116", "3d16f9d8728cf8e0e1b8e437e31f97b93c2816fcf7115b913250efa194c0708f", "431f51ceda2403d84a429d565cb10f28e7776e0a68ace94b0b6fc444427371f8", "70ae2f0ffeac351706fd3f327013e34f0992aa607097c14dd17f394193b1d08a", "75ac2de7028f8462b625b28d60034ab1a53eedd2c09787fcd286ebcf66a65a67", "77b580345a37827a4706830ac1e94cf07137d5a3f170579b91b91edb0412fc6e", "7cc21cb8896c2d9cdaa0203f6fe264d77e4a168fe4f0cec6d3d2bf15c16e2fdf", "8261a01cc48dd93f96ab5faea1041580fe95f9addb7d5113ea08ea3b2f38ae40", "8e293ac82db5e40a7da49a59fdb7cacdf15d0870c54babd508b34efaebf1bdda", "9977cda6684bc5eea321fa5611e3462bf9135a11c3a0a67ace0cd2332c8ca336", "a03c1e1d21508020a347cda3dae5141c51dd3ee482053a364d5b055aa7df0255", "b23b29f4557d734fe3166a875607f6701701e07e558a1e8cd93db3b73f01fa12", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "b839b9ce91d54fc6aceed09568afd8ac45dfb275a4d24fface81b3f574bffe87", "bc388862c01fee70fe9f4fda0cc25836e44e0d1736a6108743275fe0b5183586", "c685a9f2203a051486ac094794b5f11cd4996126cf503087d25a0356fe1b026f", "d73b661052c4f62fb57739128c5ee155364496ee09c67af987db8ee84aac9022", "de5bbeb53b8b0575785420667cb7c04e7bf410552a05a390f32a9b6e7d43a81b", "e02400cd6782a13f3fe13fe3a9149c4c797cf2f3d0376b9dc5e9cb9e6e1eecec", "f22686f4d000955b5bf304c7c9024f3bc2c1d00e5494073db86416ec6a1845c5", "f9cfae9d3ebabeefe379e6098d4b0fda2e9af51ea16e6a6c7f2813e3cbcc54b8", "fb140f70bed813fb515657932cc3ae8eff99dedfb59336ea17403bd1720ac973", "fc1834bfb587a3b317322aeaf0cfe1160d98a2ca389d7cd19e46b4a55d7122b0"], "path": "%System32%\\Tasks\\oneetx.exe"}, {"hashes": ["0585f6fdd47eea51bddd77a2a4ff35d8d601d1b9a0a5120d74d86887c3f31f3c", "1639c21ce9570b200bcbc40da2c299ef18366f24fce3f81ff4621c264128e1c4", "1deff8f3cab9e0cb8b42a9cae86778344b69bfa227f0fc96265236a7066bfa68", "200acae29bca6ce1a2446970d7591628aa18bcaca901fb078802b36cd4bab4c1", "2557e803f9addcdaf17a57b3bb8d424cc7befb24aa26f9e856be185897c57116", "3d16f9d8728cf8e0e1b8e437e31f97b93c2816fcf7115b913250efa194c0708f", "431f51ceda2403d84a429d565cb10f28e7776e0a68ace94b0b6fc444427371f8", "70ae2f0ffeac351706fd3f327013e34f0992aa607097c14dd17f394193b1d08a", "75ac2de7028f8462b625b28d60034ab1a53eedd2c09787fcd286ebcf66a65a67", "77b580345a37827a4706830ac1e94cf07137d5a3f170579b91b91edb0412fc6e", "7cc21cb8896c2d9cdaa0203f6fe264d77e4a168fe4f0cec6d3d2bf15c16e2fdf", "8261a01cc48dd93f96ab5faea1041580fe95f9addb7d5113ea08ea3b2f38ae40", "8e293ac82db5e40a7da49a59fdb7cacdf15d0870c54babd508b34efaebf1bdda", "9977cda6684bc5eea321fa5611e3462bf9135a11c3a0a67ace0cd2332c8ca336", "a03c1e1d21508020a347cda3dae5141c51dd3ee482053a364d5b055aa7df0255", "b23b29f4557d734fe3166a875607f6701701e07e558a1e8cd93db3b73f01fa12", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "b839b9ce91d54fc6aceed09568afd8ac45dfb275a4d24fface81b3f574bffe87", "bc388862c01fee70fe9f4fda0cc25836e44e0d1736a6108743275fe0b5183586", "c685a9f2203a051486ac094794b5f11cd4996126cf503087d25a0356fe1b026f", "d73b661052c4f62fb57739128c5ee155364496ee09c67af987db8ee84aac9022", "de5bbeb53b8b0575785420667cb7c04e7bf410552a05a390f32a9b6e7d43a81b", "e02400cd6782a13f3fe13fe3a9149c4c797cf2f3d0376b9dc5e9cb9e6e1eecec", "f22686f4d000955b5bf304c7c9024f3bc2c1d00e5494073db86416ec6a1845c5", "f9cfae9d3ebabeefe379e6098d4b0fda2e9af51ea16e6a6c7f2813e3cbcc54b8", "fb140f70bed813fb515657932cc3ae8eff99dedfb59336ea17403bd1720ac973", "fc1834bfb587a3b317322aeaf0cfe1160d98a2ca389d7cd19e46b4a55d7122b0"], "path": "%TEMP%\\cb7ae701b3"}, {"hashes": ["0585f6fdd47eea51bddd77a2a4ff35d8d601d1b9a0a5120d74d86887c3f31f3c", "1639c21ce9570b200bcbc40da2c299ef18366f24fce3f81ff4621c264128e1c4", "1deff8f3cab9e0cb8b42a9cae86778344b69bfa227f0fc96265236a7066bfa68", "200acae29bca6ce1a2446970d7591628aa18bcaca901fb078802b36cd4bab4c1", "2557e803f9addcdaf17a57b3bb8d424cc7befb24aa26f9e856be185897c57116", "3d16f9d8728cf8e0e1b8e437e31f97b93c2816fcf7115b913250efa194c0708f", "431f51ceda2403d84a429d565cb10f28e7776e0a68ace94b0b6fc444427371f8", "70ae2f0ffeac351706fd3f327013e34f0992aa607097c14dd17f394193b1d08a", "75ac2de7028f8462b625b28d60034ab1a53eedd2c09787fcd286ebcf66a65a67", "77b580345a37827a4706830ac1e94cf07137d5a3f170579b91b91edb0412fc6e", "7cc21cb8896c2d9cdaa0203f6fe264d77e4a168fe4f0cec6d3d2bf15c16e2fdf", "8261a01cc48dd93f96ab5faea1041580fe95f9addb7d5113ea08ea3b2f38ae40", "8e293ac82db5e40a7da49a59fdb7cacdf15d0870c54babd508b34efaebf1bdda", "9977cda6684bc5eea321fa5611e3462bf9135a11c3a0a67ace0cd2332c8ca336", "a03c1e1d21508020a347cda3dae5141c51dd3ee482053a364d5b055aa7df0255", "b23b29f4557d734fe3166a875607f6701701e07e558a1e8cd93db3b73f01fa12", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "b839b9ce91d54fc6aceed09568afd8ac45dfb275a4d24fface81b3f574bffe87", "bc388862c01fee70fe9f4fda0cc25836e44e0d1736a6108743275fe0b5183586", "c685a9f2203a051486ac094794b5f11cd4996126cf503087d25a0356fe1b026f", "d73b661052c4f62fb57739128c5ee155364496ee09c67af987db8ee84aac9022", "de5bbeb53b8b0575785420667cb7c04e7bf410552a05a390f32a9b6e7d43a81b", "e02400cd6782a13f3fe13fe3a9149c4c797cf2f3d0376b9dc5e9cb9e6e1eecec", "f22686f4d000955b5bf304c7c9024f3bc2c1d00e5494073db86416ec6a1845c5", "f9cfae9d3ebabeefe379e6098d4b0fda2e9af51ea16e6a6c7f2813e3cbcc54b8", "fb140f70bed813fb515657932cc3ae8eff99dedfb59336ea17403bd1720ac973", "fc1834bfb587a3b317322aeaf0cfe1160d98a2ca389d7cd19e46b4a55d7122b0"], "path": "%TEMP%\\cb7ae701b3\\oneetx.exe"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "path": "%SystemRoot%\\SysWOW64\\config\\systemprofile"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "path": "%SystemRoot%\\SysWOW64\\config\\systemprofile:.repos"}, {"hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "path": "%TEMP%\\IXP001.TMP"}, {"hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "path": "%TEMP%\\IXP001.TMP\\TMP4351$.TMP"}, {"hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "path": "%TEMP%\\IXP002.TMP"}, {"hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "path": "%TEMP%\\IXP002.TMP\\TMP4351$.TMP"}, {"hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "path": "%TEMP%\\IXP003.TMP"}, {"hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "path": "%TEMP%\\IXP003.TMP\\TMP4351$.TMP"}, {"hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "path": "%LOCALAPPDATA%\\Yandex"}, {"hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "path": "%LOCALAPPDATA%\\Yandex\\YaAddon"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "path": "%SystemRoot%\\SysWOW64\\isupldcy"}, {"hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "path": "%SystemRoot%\\Temp\\1.exe"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "path": "%TEMP%\\wmixskiq.exe"}, {"hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "path": "%TEMP%\\1000011051"}, {"hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "path": "%TEMP%\\1000011051\\foto0174.exe"}, {"hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "path": "%TEMP%\\1000012051"}, {"hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "path": "%TEMP%\\1000012051\\foto34.exe"}, {"hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "path": "%TEMP%\\IXP000.TMP\\s54755209.exe"}, {"hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "path": "%TEMP%\\IXP000.TMP\\y52881425.exe"}, {"hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "path": "%TEMP%\\IXP001.TMP\\p57030941.exe"}, {"hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "path": "%TEMP%\\IXP001.TMP\\r50349653.exe"}, {"hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "path": "%TEMP%\\IXP002.TMP\\o97298483.exe"}, {"hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "path": "%TEMP%\\IXP002.TMP\\x15832487.exe"}, {"hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "path": "%TEMP%\\IXP003.TMP\\m66874797.exe"}, {"hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "path": "%TEMP%\\IXP003.TMP\\n45109937.exe"}], "ip": [{"hashes": ["0585f6fdd47eea51bddd77a2a4ff35d8d601d1b9a0a5120d74d86887c3f31f3c", "1639c21ce9570b200bcbc40da2c299ef18366f24fce3f81ff4621c264128e1c4", "1deff8f3cab9e0cb8b42a9cae86778344b69bfa227f0fc96265236a7066bfa68", "200acae29bca6ce1a2446970d7591628aa18bcaca901fb078802b36cd4bab4c1", "2557e803f9addcdaf17a57b3bb8d424cc7befb24aa26f9e856be185897c57116", "3d16f9d8728cf8e0e1b8e437e31f97b93c2816fcf7115b913250efa194c0708f", "431f51ceda2403d84a429d565cb10f28e7776e0a68ace94b0b6fc444427371f8", "70ae2f0ffeac351706fd3f327013e34f0992aa607097c14dd17f394193b1d08a", "75ac2de7028f8462b625b28d60034ab1a53eedd2c09787fcd286ebcf66a65a67", "77b580345a37827a4706830ac1e94cf07137d5a3f170579b91b91edb0412fc6e", "7cc21cb8896c2d9cdaa0203f6fe264d77e4a168fe4f0cec6d3d2bf15c16e2fdf", "8261a01cc48dd93f96ab5faea1041580fe95f9addb7d5113ea08ea3b2f38ae40", "8e293ac82db5e40a7da49a59fdb7cacdf15d0870c54babd508b34efaebf1bdda", "9977cda6684bc5eea321fa5611e3462bf9135a11c3a0a67ace0cd2332c8ca336", "a03c1e1d21508020a347cda3dae5141c51dd3ee482053a364d5b055aa7df0255", "b23b29f4557d734fe3166a875607f6701701e07e558a1e8cd93db3b73f01fa12", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "b839b9ce91d54fc6aceed09568afd8ac45dfb275a4d24fface81b3f574bffe87", "bc388862c01fee70fe9f4fda0cc25836e44e0d1736a6108743275fe0b5183586", "c685a9f2203a051486ac094794b5f11cd4996126cf503087d25a0356fe1b026f", "d73b661052c4f62fb57739128c5ee155364496ee09c67af987db8ee84aac9022", "de5bbeb53b8b0575785420667cb7c04e7bf410552a05a390f32a9b6e7d43a81b", "e02400cd6782a13f3fe13fe3a9149c4c797cf2f3d0376b9dc5e9cb9e6e1eecec", "f22686f4d000955b5bf304c7c9024f3bc2c1d00e5494073db86416ec6a1845c5", "f9cfae9d3ebabeefe379e6098d4b0fda2e9af51ea16e6a6c7f2813e3cbcc54b8", "fb140f70bed813fb515657932cc3ae8eff99dedfb59336ea17403bd1720ac973", "fc1834bfb587a3b317322aeaf0cfe1160d98a2ca389d7cd19e46b4a55d7122b0"], "ip": "193[.]3[.]19[.]154"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "ip": "194[.]25[.]134[.]115"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "ip": "212[.]27[.]48[.]2"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "ip": "149[.]154[.]167[.]99"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "ip": "152[.]195[.]33[.]132"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "ip": "31[.]13[.]65[.]52"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "ip": "66[.]254[.]114[.]41"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "ip": "198[.]133[.]159[.]250"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "ip": "104[.]244[.]42[.]66"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "ip": "176[.]113[.]115[.]136"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "ip": "142[.]250[.]65[.]228"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "ip": "212[.]54[.]56[.]52"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "ip": "142[.]251[.]40[.]142"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "ip": "20[.]103[.]85[.]33"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "ip": "80[.]66[.]75[.]254"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "ip": "80[.]66[.]75[.]4"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "ip": "20[.]44[.]209[.]209"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "ip": "176[.]113[.]115[.]239"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "ip": "176[.]113[.]115[.]135"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "ip": "104[.]127[.]87[.]210"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "ip": "40[.]93[.]207[.]7"}, {"hashes": ["b0b076a8a631bb6f81936b10826df7a09f54cb2a20c6c0195efc340853c30105"], "ip": "176[.]124[.]192[.]33"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "ip": "23[.]15[.]9[.]58"}, {"hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "ip": "185[.]161[.]248[.]73"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "ip": "176[.]124[.]192[.]212"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "ip": "18[.]216[.]178[.]128"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "ip": "212[.]54[.]56[.]51"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "ip": "45[.]143[.]201[.]238"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "ip": "185[.]161[.]248[.]127"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "ip": "104[.]26[.]0[.]65"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "ip": "3[.]16[.]16[.]216"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "ip": "104[.]26[.]6[.]183"}], "mutex": [{"hashes": ["0585f6fdd47eea51bddd77a2a4ff35d8d601d1b9a0a5120d74d86887c3f31f3c", "1639c21ce9570b200bcbc40da2c299ef18366f24fce3f81ff4621c264128e1c4", "1deff8f3cab9e0cb8b42a9cae86778344b69bfa227f0fc96265236a7066bfa68", "200acae29bca6ce1a2446970d7591628aa18bcaca901fb078802b36cd4bab4c1", "2557e803f9addcdaf17a57b3bb8d424cc7befb24aa26f9e856be185897c57116", "3d16f9d8728cf8e0e1b8e437e31f97b93c2816fcf7115b913250efa194c0708f", "431f51ceda2403d84a429d565cb10f28e7776e0a68ace94b0b6fc444427371f8", "70ae2f0ffeac351706fd3f327013e34f0992aa607097c14dd17f394193b1d08a", "75ac2de7028f8462b625b28d60034ab1a53eedd2c09787fcd286ebcf66a65a67", "77b580345a37827a4706830ac1e94cf07137d5a3f170579b91b91edb0412fc6e", "7cc21cb8896c2d9cdaa0203f6fe264d77e4a168fe4f0cec6d3d2bf15c16e2fdf", "8261a01cc48dd93f96ab5faea1041580fe95f9addb7d5113ea08ea3b2f38ae40", "8e293ac82db5e40a7da49a59fdb7cacdf15d0870c54babd508b34efaebf1bdda", "9977cda6684bc5eea321fa5611e3462bf9135a11c3a0a67ace0cd2332c8ca336", "a03c1e1d21508020a347cda3dae5141c51dd3ee482053a364d5b055aa7df0255", "b23b29f4557d734fe3166a875607f6701701e07e558a1e8cd93db3b73f01fa12", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "b839b9ce91d54fc6aceed09568afd8ac45dfb275a4d24fface81b3f574bffe87", "bc388862c01fee70fe9f4fda0cc25836e44e0d1736a6108743275fe0b5183586", "c685a9f2203a051486ac094794b5f11cd4996126cf503087d25a0356fe1b026f", "d73b661052c4f62fb57739128c5ee155364496ee09c67af987db8ee84aac9022", "de5bbeb53b8b0575785420667cb7c04e7bf410552a05a390f32a9b6e7d43a81b", "e02400cd6782a13f3fe13fe3a9149c4c797cf2f3d0376b9dc5e9cb9e6e1eecec", "f22686f4d000955b5bf304c7c9024f3bc2c1d00e5494073db86416ec6a1845c5", "f9cfae9d3ebabeefe379e6098d4b0fda2e9af51ea16e6a6c7f2813e3cbcc54b8", "fb140f70bed813fb515657932cc3ae8eff99dedfb59336ea17403bd1720ac973", "fc1834bfb587a3b317322aeaf0cfe1160d98a2ca389d7cd19e46b4a55d7122b0"], "name": "006700e5a2ab05704bbb0c589b88924d"}, {"hashes": ["1c3641047cd096ea8ae7c13ac0dfe7e57b97920a2002c86cd1dc475782229fe7", "273530b5aa7733745abea770ee350b56d6014a763e11ddee56ebf065757ba4ca", "30f356b7c5b33da719938b1ecf3674097bb9a80373aee214dd4962712c0fc5aa", "31460296fbfc4dcd31b5bd8978088dce48c1e60357f64730de6d952e6bee33fe", "347b42a92d481e418ed9b7a34d493bf53b374e4b71ac8f0431556a4912abd863", "3a0821a19a70e429adf239ad8c1f36709d3a446872a0fbb7e1eec995a9ffd656", "5835ddb0071dbde1bfddf661d24ab706c2553be1ebe7dd68d119baacd57422e7", "5871a6a9839f2c0594f62f6923891e339bed635d14dbc23aaafd0ebbd26903e3", "973c5328f68928a61c265efcce9e256f17b8f418ad3e6b5c0295d322a3d2b84c", "9a835872836f62bc17da590abf85ffc9f06876a86f64788d5be224ddbd981f0f", "a06df55979af7e35b98c9dcc128e3d9c20b662d46d7920fc517b8c6f1d4f0ff4", "dfba0caa89709c29f21377076153edbc57c05452d8bc71197f02b5b06f4d5412", "e7440d97e42d4b47ea1126336ce881c888ae268a1bd2a1e1ad89e11386f30765", "f164003d23027ac757c50a1d220c331b3c65bdad05ce4dcc71f4c609c084c0e6"], "name": "Global\\<random guid>"}], "registry": [{"hashes": ["0585f6fdd47eea51bddd77a2a4ff35d8d601d1b9a0a5120d74d86887c3f31f3c", "1639c21ce9570b200bcbc40da2c299ef18366f24fce3f81ff4621c264128e1c4", "1deff8f3cab9e0cb8b42a9cae86778344b69bfa227f0fc96265236a7066bfa68", "200acae29bca6ce1a2446970d7591628aa18bcaca901fb078802b36cd4bab4c1", "2557e803f9addcdaf17a57b3bb8d424cc7befb24aa26f9e856be185897c57116", "3d16f9d8728cf8e0e1b8e437e31f97b93c2816fcf7115b913250efa194c0708f", "431f51ceda2403d84a429d565cb10f28e7776e0a68ace94b0b6fc444427371f8", "70ae2f0ffeac351706fd3f327013e34f0992aa607097c14dd17f394193b1d08a", "75ac2de7028f8462b625b28d60034ab1a53eedd2c09787fcd286ebcf66a65a67", "77b580345a37827a4706830ac1e94cf07137d5a3f170579b91b91edb0412fc6e", "7cc21cb8896c2d9cdaa0203f6fe264d77e4a168fe4f0cec6d3d2bf15c16e2fdf", "8261a01cc48dd93f96ab5faea1041580fe95f9addb7d5113ea08ea3b2f38ae40", "8e293ac82db5e40a7da49a59fdb7cacdf15d0870c54babd508b34efaebf1bdda", "9977cda6684bc5eea321fa5611e3462bf9135a11c3a0a67ace0cd2332c8ca336", "a03c1e1d21508020a347cda3dae5141c51dd3ee482053a364d5b055aa7df0255", "b23b29f4557d734fe3166a875607f6701701e07e558a1e8cd93db3b73f01fa12", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "b839b9ce91d54fc6aceed09568afd8ac45dfb275a4d24fface81b3f574bffe87", "bc388862c01fee70fe9f4fda0cc25836e44e0d1736a6108743275fe0b5183586", "c685a9f2203a051486ac094794b5f11cd4996126cf503087d25a0356fe1b026f", "d73b661052c4f62fb57739128c5ee155364496ee09c67af987db8ee84aac9022", "de5bbeb53b8b0575785420667cb7c04e7bf410552a05a390f32a9b6e7d43a81b", "e02400cd6782a13f3fe13fe3a9149c4c797cf2f3d0376b9dc5e9cb9e6e1eecec", "f22686f4d000955b5bf304c7c9024f3bc2c1d00e5494073db86416ec6a1845c5", "f9cfae9d3ebabeefe379e6098d4b0fda2e9af51ea16e6a6c7f2813e3cbcc54b8", "fb140f70bed813fb515657932cc3ae8eff99dedfb59336ea17403bd1720ac973", "fc1834bfb587a3b317322aeaf0cfe1160d98a2ca389d7cd19e46b4a55d7122b0"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\EXPLORER\\USER SHELL FOLDERS", "value_name": "Startup"}, {"hashes": ["0ec37d41525ee0c5995446e6163fa32d0b6fd05a92bcab4b973b83791d022155", "12c4f1a7804bcd0557676c249d7ac371f2871bf8057f5ea88664f05c77bed719", "12d076a14fa94b8e4a290a8b96afaa95fc336bdd0e2551b61694db67a1e49d43", "1b203972e5f19418d1ac3516ccd2805f2622058608e70e106bf083d06b26af6a", "1f2164eed8463a61b8b74c726eca872492b7998ec1b93637d88982acf677fece", "1f5a48c6de3756ea45bc49d01425438dbef0000494d93394277e37838dd0e2c2", "2748358acbd71868da3945a1c0bff0c3f215f9a6f674e6cc7eae01da08fb3ebb", "3341fb4c70db0226c50d769ecc2ee479890a1f42d59c8e67a90a9264dd17529f", "40902f59d70b569b4b240116bd43593746395042f99d96c1d31770e7fd670509", "470f99e26209edda90f154852026d6eda1dcd3948586236c6240b481d85f381e", "47652ea29d25c78ccf67448047e9d5e4ea6e530c4d0f1f6560615522432d2e23", "50e2e2a2e7354cf10246fa1d1891faf913bf5b9c38563c3bfc5b65128a7ceab9", "7370354d570ed9682a58e59865885bbf16a07d9d2de5e7f9cc0e472b551f5d3c", "7b9d39e064315300c64a5c2e84e822394ae7404903288970dbc46610759d6566", "7d18f4893dd9981df67cf6b82b86e2c48d6f71efe205d870aa323e206be709c0", "8240f050790c4a526a2ae65bb739e28e1f3cdc018623fe17ea30aa0c9a1bef26", "887346cc2da305ccb97a752a8a9967cf58395ad5cd30eb1d4a80536d9fa4a40d", "88896b9e26d3a6c995c6c8e6263909ef6d4aa32a0b3ea80de35841442bff5a66", "9604112525ccb7a316e5d71f9ce4624e574ef32b084b4974e8b8c4930a86b747", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "b6fc55805897776e88d183ad9075c88815cc23227b20ff724ac11fdc3c49da81", "c0918bc97bc3bfa2834d79a42ffbc60f52ac612b9633f0747d7e0240421ddfd5", "cf044e90bef8edf53332c5a4c9a42ca0f0f24d874951c9fd2c6ceb0470c4a922", "d7db6598f81560869ab607b545a98ba0137b924844b34faf56a8bfc3920b5541", "e2866278244c3c3f5b5f2c4badaf40904a04104075b15e06a9f1f2c8736d44bf", "e51d7c91d0ac9496158348890efc861beb7a2abb86d61dbb7b52cd97cf3944ff"], "key": "<HKLM>\\SOFTWARE\\POLICIES\\MICROSOFT\\WINDOWS DEFENDER", "value_name": "DisableAntiSpyware"}, {"hashes": ["0ec37d41525ee0c5995446e6163fa32d0b6fd05a92bcab4b973b83791d022155", "12c4f1a7804bcd0557676c249d7ac371f2871bf8057f5ea88664f05c77bed719", "12d076a14fa94b8e4a290a8b96afaa95fc336bdd0e2551b61694db67a1e49d43", "1b203972e5f19418d1ac3516ccd2805f2622058608e70e106bf083d06b26af6a", "1f2164eed8463a61b8b74c726eca872492b7998ec1b93637d88982acf677fece", "1f5a48c6de3756ea45bc49d01425438dbef0000494d93394277e37838dd0e2c2", "2748358acbd71868da3945a1c0bff0c3f215f9a6f674e6cc7eae01da08fb3ebb", "3341fb4c70db0226c50d769ecc2ee479890a1f42d59c8e67a90a9264dd17529f", "40902f59d70b569b4b240116bd43593746395042f99d96c1d31770e7fd670509", "470f99e26209edda90f154852026d6eda1dcd3948586236c6240b481d85f381e", "47652ea29d25c78ccf67448047e9d5e4ea6e530c4d0f1f6560615522432d2e23", "50e2e2a2e7354cf10246fa1d1891faf913bf5b9c38563c3bfc5b65128a7ceab9", "7370354d570ed9682a58e59865885bbf16a07d9d2de5e7f9cc0e472b551f5d3c", "7b9d39e064315300c64a5c2e84e822394ae7404903288970dbc46610759d6566", "7d18f4893dd9981df67cf6b82b86e2c48d6f71efe205d870aa323e206be709c0", "8240f050790c4a526a2ae65bb739e28e1f3cdc018623fe17ea30aa0c9a1bef26", "887346cc2da305ccb97a752a8a9967cf58395ad5cd30eb1d4a80536d9fa4a40d", "88896b9e26d3a6c995c6c8e6263909ef6d4aa32a0b3ea80de35841442bff5a66", "9604112525ccb7a316e5d71f9ce4624e574ef32b084b4974e8b8c4930a86b747", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "b6fc55805897776e88d183ad9075c88815cc23227b20ff724ac11fdc3c49da81", "c0918bc97bc3bfa2834d79a42ffbc60f52ac612b9633f0747d7e0240421ddfd5", "cf044e90bef8edf53332c5a4c9a42ca0f0f24d874951c9fd2c6ceb0470c4a922", "d7db6598f81560869ab607b545a98ba0137b924844b34faf56a8bfc3920b5541", "e2866278244c3c3f5b5f2c4badaf40904a04104075b15e06a9f1f2c8736d44bf", "e51d7c91d0ac9496158348890efc861beb7a2abb86d61dbb7b52cd97cf3944ff"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\WINDEFEND", "value_name": "Start"}, {"hashes": ["0ec37d41525ee0c5995446e6163fa32d0b6fd05a92bcab4b973b83791d022155", "12c4f1a7804bcd0557676c249d7ac371f2871bf8057f5ea88664f05c77bed719", "12d076a14fa94b8e4a290a8b96afaa95fc336bdd0e2551b61694db67a1e49d43", "1b203972e5f19418d1ac3516ccd2805f2622058608e70e106bf083d06b26af6a", "1f2164eed8463a61b8b74c726eca872492b7998ec1b93637d88982acf677fece", "1f5a48c6de3756ea45bc49d01425438dbef0000494d93394277e37838dd0e2c2", "2748358acbd71868da3945a1c0bff0c3f215f9a6f674e6cc7eae01da08fb3ebb", "3341fb4c70db0226c50d769ecc2ee479890a1f42d59c8e67a90a9264dd17529f", "40902f59d70b569b4b240116bd43593746395042f99d96c1d31770e7fd670509", "470f99e26209edda90f154852026d6eda1dcd3948586236c6240b481d85f381e", "47652ea29d25c78ccf67448047e9d5e4ea6e530c4d0f1f6560615522432d2e23", "50e2e2a2e7354cf10246fa1d1891faf913bf5b9c38563c3bfc5b65128a7ceab9", "7370354d570ed9682a58e59865885bbf16a07d9d2de5e7f9cc0e472b551f5d3c", "7b9d39e064315300c64a5c2e84e822394ae7404903288970dbc46610759d6566", "7d18f4893dd9981df67cf6b82b86e2c48d6f71efe205d870aa323e206be709c0", "8240f050790c4a526a2ae65bb739e28e1f3cdc018623fe17ea30aa0c9a1bef26", "887346cc2da305ccb97a752a8a9967cf58395ad5cd30eb1d4a80536d9fa4a40d", "88896b9e26d3a6c995c6c8e6263909ef6d4aa32a0b3ea80de35841442bff5a66", "9604112525ccb7a316e5d71f9ce4624e574ef32b084b4974e8b8c4930a86b747", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "b6fc55805897776e88d183ad9075c88815cc23227b20ff724ac11fdc3c49da81", "c0918bc97bc3bfa2834d79a42ffbc60f52ac612b9633f0747d7e0240421ddfd5", "cf044e90bef8edf53332c5a4c9a42ca0f0f24d874951c9fd2c6ceb0470c4a922", "d7db6598f81560869ab607b545a98ba0137b924844b34faf56a8bfc3920b5541", "e2866278244c3c3f5b5f2c4badaf40904a04104075b15e06a9f1f2c8736d44bf", "e51d7c91d0ac9496158348890efc861beb7a2abb86d61dbb7b52cd97cf3944ff"], "key": "<HKLM>\\SOFTWARE\\POLICIES\\MICROSOFT\\WINDOWS\\WINDOWSUPDATE\\AU", "value_name": null}, {"hashes": ["0ec37d41525ee0c5995446e6163fa32d0b6fd05a92bcab4b973b83791d022155", "12c4f1a7804bcd0557676c249d7ac371f2871bf8057f5ea88664f05c77bed719", "12d076a14fa94b8e4a290a8b96afaa95fc336bdd0e2551b61694db67a1e49d43", "1b203972e5f19418d1ac3516ccd2805f2622058608e70e106bf083d06b26af6a", "1f2164eed8463a61b8b74c726eca872492b7998ec1b93637d88982acf677fece", "1f5a48c6de3756ea45bc49d01425438dbef0000494d93394277e37838dd0e2c2", "2748358acbd71868da3945a1c0bff0c3f215f9a6f674e6cc7eae01da08fb3ebb", "3341fb4c70db0226c50d769ecc2ee479890a1f42d59c8e67a90a9264dd17529f", "40902f59d70b569b4b240116bd43593746395042f99d96c1d31770e7fd670509", "470f99e26209edda90f154852026d6eda1dcd3948586236c6240b481d85f381e", "47652ea29d25c78ccf67448047e9d5e4ea6e530c4d0f1f6560615522432d2e23", "50e2e2a2e7354cf10246fa1d1891faf913bf5b9c38563c3bfc5b65128a7ceab9", "7370354d570ed9682a58e59865885bbf16a07d9d2de5e7f9cc0e472b551f5d3c", "7b9d39e064315300c64a5c2e84e822394ae7404903288970dbc46610759d6566", "7d18f4893dd9981df67cf6b82b86e2c48d6f71efe205d870aa323e206be709c0", "8240f050790c4a526a2ae65bb739e28e1f3cdc018623fe17ea30aa0c9a1bef26", "887346cc2da305ccb97a752a8a9967cf58395ad5cd30eb1d4a80536d9fa4a40d", "88896b9e26d3a6c995c6c8e6263909ef6d4aa32a0b3ea80de35841442bff5a66", "9604112525ccb7a316e5d71f9ce4624e574ef32b084b4974e8b8c4930a86b747", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "b6fc55805897776e88d183ad9075c88815cc23227b20ff724ac11fdc3c49da81", "c0918bc97bc3bfa2834d79a42ffbc60f52ac612b9633f0747d7e0240421ddfd5", "cf044e90bef8edf53332c5a4c9a42ca0f0f24d874951c9fd2c6ceb0470c4a922", "d7db6598f81560869ab607b545a98ba0137b924844b34faf56a8bfc3920b5541", "e2866278244c3c3f5b5f2c4badaf40904a04104075b15e06a9f1f2c8736d44bf", "e51d7c91d0ac9496158348890efc861beb7a2abb86d61dbb7b52cd97cf3944ff"], "key": "<HKLM>\\SOFTWARE\\POLICIES\\MICROSOFT\\WINDOWS\\WINDOWSUPDATE\\AU", "value_name": "NoAutoRebootWithLoggedOnUsers"}, {"hashes": ["0ec37d41525ee0c5995446e6163fa32d0b6fd05a92bcab4b973b83791d022155", "12c4f1a7804bcd0557676c249d7ac371f2871bf8057f5ea88664f05c77bed719", "12d076a14fa94b8e4a290a8b96afaa95fc336bdd0e2551b61694db67a1e49d43", "1b203972e5f19418d1ac3516ccd2805f2622058608e70e106bf083d06b26af6a", "1f2164eed8463a61b8b74c726eca872492b7998ec1b93637d88982acf677fece", "1f5a48c6de3756ea45bc49d01425438dbef0000494d93394277e37838dd0e2c2", "2748358acbd71868da3945a1c0bff0c3f215f9a6f674e6cc7eae01da08fb3ebb", "3341fb4c70db0226c50d769ecc2ee479890a1f42d59c8e67a90a9264dd17529f", "40902f59d70b569b4b240116bd43593746395042f99d96c1d31770e7fd670509", "470f99e26209edda90f154852026d6eda1dcd3948586236c6240b481d85f381e", "47652ea29d25c78ccf67448047e9d5e4ea6e530c4d0f1f6560615522432d2e23", "50e2e2a2e7354cf10246fa1d1891faf913bf5b9c38563c3bfc5b65128a7ceab9", "7370354d570ed9682a58e59865885bbf16a07d9d2de5e7f9cc0e472b551f5d3c", "7b9d39e064315300c64a5c2e84e822394ae7404903288970dbc46610759d6566", "7d18f4893dd9981df67cf6b82b86e2c48d6f71efe205d870aa323e206be709c0", "8240f050790c4a526a2ae65bb739e28e1f3cdc018623fe17ea30aa0c9a1bef26", "887346cc2da305ccb97a752a8a9967cf58395ad5cd30eb1d4a80536d9fa4a40d", "88896b9e26d3a6c995c6c8e6263909ef6d4aa32a0b3ea80de35841442bff5a66", "9604112525ccb7a316e5d71f9ce4624e574ef32b084b4974e8b8c4930a86b747", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "b6fc55805897776e88d183ad9075c88815cc23227b20ff724ac11fdc3c49da81", "c0918bc97bc3bfa2834d79a42ffbc60f52ac612b9633f0747d7e0240421ddfd5", "cf044e90bef8edf53332c5a4c9a42ca0f0f24d874951c9fd2c6ceb0470c4a922", "d7db6598f81560869ab607b545a98ba0137b924844b34faf56a8bfc3920b5541", "e2866278244c3c3f5b5f2c4badaf40904a04104075b15e06a9f1f2c8736d44bf", "e51d7c91d0ac9496158348890efc861beb7a2abb86d61dbb7b52cd97cf3944ff"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\WUAUSERV", "value_name": "Start"}, {"hashes": ["0ec37d41525ee0c5995446e6163fa32d0b6fd05a92bcab4b973b83791d022155", "12c4f1a7804bcd0557676c249d7ac371f2871bf8057f5ea88664f05c77bed719", "12d076a14fa94b8e4a290a8b96afaa95fc336bdd0e2551b61694db67a1e49d43", "1b203972e5f19418d1ac3516ccd2805f2622058608e70e106bf083d06b26af6a", "1f2164eed8463a61b8b74c726eca872492b7998ec1b93637d88982acf677fece", "1f5a48c6de3756ea45bc49d01425438dbef0000494d93394277e37838dd0e2c2", "2748358acbd71868da3945a1c0bff0c3f215f9a6f674e6cc7eae01da08fb3ebb", "3341fb4c70db0226c50d769ecc2ee479890a1f42d59c8e67a90a9264dd17529f", "40902f59d70b569b4b240116bd43593746395042f99d96c1d31770e7fd670509", "470f99e26209edda90f154852026d6eda1dcd3948586236c6240b481d85f381e", "47652ea29d25c78ccf67448047e9d5e4ea6e530c4d0f1f6560615522432d2e23", "50e2e2a2e7354cf10246fa1d1891faf913bf5b9c38563c3bfc5b65128a7ceab9", "7370354d570ed9682a58e59865885bbf16a07d9d2de5e7f9cc0e472b551f5d3c", "7b9d39e064315300c64a5c2e84e822394ae7404903288970dbc46610759d6566", "7d18f4893dd9981df67cf6b82b86e2c48d6f71efe205d870aa323e206be709c0", "8240f050790c4a526a2ae65bb739e28e1f3cdc018623fe17ea30aa0c9a1bef26", "887346cc2da305ccb97a752a8a9967cf58395ad5cd30eb1d4a80536d9fa4a40d", "88896b9e26d3a6c995c6c8e6263909ef6d4aa32a0b3ea80de35841442bff5a66", "9604112525ccb7a316e5d71f9ce4624e574ef32b084b4974e8b8c4930a86b747", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "b6fc55805897776e88d183ad9075c88815cc23227b20ff724ac11fdc3c49da81", "c0918bc97bc3bfa2834d79a42ffbc60f52ac612b9633f0747d7e0240421ddfd5", "cf044e90bef8edf53332c5a4c9a42ca0f0f24d874951c9fd2c6ceb0470c4a922", "d7db6598f81560869ab607b545a98ba0137b924844b34faf56a8bfc3920b5541", "e2866278244c3c3f5b5f2c4badaf40904a04104075b15e06a9f1f2c8736d44bf", "e51d7c91d0ac9496158348890efc861beb7a2abb86d61dbb7b52cd97cf3944ff"], "key": "<HKLM>\\SOFTWARE\\POLICIES\\MICROSOFT\\WINDOWS\\WINDOWSUPDATE\\AU", "value_name": "NoAutoUpdate"}, {"hashes": ["0ec37d41525ee0c5995446e6163fa32d0b6fd05a92bcab4b973b83791d022155", "12c4f1a7804bcd0557676c249d7ac371f2871bf8057f5ea88664f05c77bed719", "12d076a14fa94b8e4a290a8b96afaa95fc336bdd0e2551b61694db67a1e49d43", "1b203972e5f19418d1ac3516ccd2805f2622058608e70e106bf083d06b26af6a", "1f2164eed8463a61b8b74c726eca872492b7998ec1b93637d88982acf677fece", "1f5a48c6de3756ea45bc49d01425438dbef0000494d93394277e37838dd0e2c2", "2748358acbd71868da3945a1c0bff0c3f215f9a6f674e6cc7eae01da08fb3ebb", "3341fb4c70db0226c50d769ecc2ee479890a1f42d59c8e67a90a9264dd17529f", "40902f59d70b569b4b240116bd43593746395042f99d96c1d31770e7fd670509", "470f99e26209edda90f154852026d6eda1dcd3948586236c6240b481d85f381e", "47652ea29d25c78ccf67448047e9d5e4ea6e530c4d0f1f6560615522432d2e23", "50e2e2a2e7354cf10246fa1d1891faf913bf5b9c38563c3bfc5b65128a7ceab9", "7370354d570ed9682a58e59865885bbf16a07d9d2de5e7f9cc0e472b551f5d3c", "7b9d39e064315300c64a5c2e84e822394ae7404903288970dbc46610759d6566", "7d18f4893dd9981df67cf6b82b86e2c48d6f71efe205d870aa323e206be709c0", "8240f050790c4a526a2ae65bb739e28e1f3cdc018623fe17ea30aa0c9a1bef26", "887346cc2da305ccb97a752a8a9967cf58395ad5cd30eb1d4a80536d9fa4a40d", "88896b9e26d3a6c995c6c8e6263909ef6d4aa32a0b3ea80de35841442bff5a66", "9604112525ccb7a316e5d71f9ce4624e574ef32b084b4974e8b8c4930a86b747", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "b6fc55805897776e88d183ad9075c88815cc23227b20ff724ac11fdc3c49da81", "c0918bc97bc3bfa2834d79a42ffbc60f52ac612b9633f0747d7e0240421ddfd5", "cf044e90bef8edf53332c5a4c9a42ca0f0f24d874951c9fd2c6ceb0470c4a922", "d7db6598f81560869ab607b545a98ba0137b924844b34faf56a8bfc3920b5541", "e2866278244c3c3f5b5f2c4badaf40904a04104075b15e06a9f1f2c8736d44bf", "e51d7c91d0ac9496158348890efc861beb7a2abb86d61dbb7b52cd97cf3944ff"], "key": "<HKLM>\\SOFTWARE\\POLICIES\\MICROSOFT\\WINDOWS DEFENDER\\REAL-TIME PROTECTION", "value_name": "DisableBehaviorMonitoring"}, {"hashes": ["0ec37d41525ee0c5995446e6163fa32d0b6fd05a92bcab4b973b83791d022155", "12c4f1a7804bcd0557676c249d7ac371f2871bf8057f5ea88664f05c77bed719", "12d076a14fa94b8e4a290a8b96afaa95fc336bdd0e2551b61694db67a1e49d43", "1b203972e5f19418d1ac3516ccd2805f2622058608e70e106bf083d06b26af6a", "1f2164eed8463a61b8b74c726eca872492b7998ec1b93637d88982acf677fece", "1f5a48c6de3756ea45bc49d01425438dbef0000494d93394277e37838dd0e2c2", "2748358acbd71868da3945a1c0bff0c3f215f9a6f674e6cc7eae01da08fb3ebb", "3341fb4c70db0226c50d769ecc2ee479890a1f42d59c8e67a90a9264dd17529f", "40902f59d70b569b4b240116bd43593746395042f99d96c1d31770e7fd670509", "470f99e26209edda90f154852026d6eda1dcd3948586236c6240b481d85f381e", "47652ea29d25c78ccf67448047e9d5e4ea6e530c4d0f1f6560615522432d2e23", "50e2e2a2e7354cf10246fa1d1891faf913bf5b9c38563c3bfc5b65128a7ceab9", "7370354d570ed9682a58e59865885bbf16a07d9d2de5e7f9cc0e472b551f5d3c", "7b9d39e064315300c64a5c2e84e822394ae7404903288970dbc46610759d6566", "7d18f4893dd9981df67cf6b82b86e2c48d6f71efe205d870aa323e206be709c0", "8240f050790c4a526a2ae65bb739e28e1f3cdc018623fe17ea30aa0c9a1bef26", "887346cc2da305ccb97a752a8a9967cf58395ad5cd30eb1d4a80536d9fa4a40d", "88896b9e26d3a6c995c6c8e6263909ef6d4aa32a0b3ea80de35841442bff5a66", "9604112525ccb7a316e5d71f9ce4624e574ef32b084b4974e8b8c4930a86b747", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "b6fc55805897776e88d183ad9075c88815cc23227b20ff724ac11fdc3c49da81", "c0918bc97bc3bfa2834d79a42ffbc60f52ac612b9633f0747d7e0240421ddfd5", "cf044e90bef8edf53332c5a4c9a42ca0f0f24d874951c9fd2c6ceb0470c4a922", "d7db6598f81560869ab607b545a98ba0137b924844b34faf56a8bfc3920b5541", "e2866278244c3c3f5b5f2c4badaf40904a04104075b15e06a9f1f2c8736d44bf", "e51d7c91d0ac9496158348890efc861beb7a2abb86d61dbb7b52cd97cf3944ff"], "key": "<HKLM>\\SOFTWARE\\POLICIES\\MICROSOFT\\WINDOWS DEFENDER\\REAL-TIME PROTECTION", "value_name": "DisableOnAccessProtection"}, {"hashes": ["0ec37d41525ee0c5995446e6163fa32d0b6fd05a92bcab4b973b83791d022155", "12c4f1a7804bcd0557676c249d7ac371f2871bf8057f5ea88664f05c77bed719", "12d076a14fa94b8e4a290a8b96afaa95fc336bdd0e2551b61694db67a1e49d43", "1b203972e5f19418d1ac3516ccd2805f2622058608e70e106bf083d06b26af6a", "1f2164eed8463a61b8b74c726eca872492b7998ec1b93637d88982acf677fece", "1f5a48c6de3756ea45bc49d01425438dbef0000494d93394277e37838dd0e2c2", "2748358acbd71868da3945a1c0bff0c3f215f9a6f674e6cc7eae01da08fb3ebb", "3341fb4c70db0226c50d769ecc2ee479890a1f42d59c8e67a90a9264dd17529f", "40902f59d70b569b4b240116bd43593746395042f99d96c1d31770e7fd670509", "470f99e26209edda90f154852026d6eda1dcd3948586236c6240b481d85f381e", "47652ea29d25c78ccf67448047e9d5e4ea6e530c4d0f1f6560615522432d2e23", "50e2e2a2e7354cf10246fa1d1891faf913bf5b9c38563c3bfc5b65128a7ceab9", "7370354d570ed9682a58e59865885bbf16a07d9d2de5e7f9cc0e472b551f5d3c", "7b9d39e064315300c64a5c2e84e822394ae7404903288970dbc46610759d6566", "7d18f4893dd9981df67cf6b82b86e2c48d6f71efe205d870aa323e206be709c0", "8240f050790c4a526a2ae65bb739e28e1f3cdc018623fe17ea30aa0c9a1bef26", "887346cc2da305ccb97a752a8a9967cf58395ad5cd30eb1d4a80536d9fa4a40d", "88896b9e26d3a6c995c6c8e6263909ef6d4aa32a0b3ea80de35841442bff5a66", "9604112525ccb7a316e5d71f9ce4624e574ef32b084b4974e8b8c4930a86b747", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "b6fc55805897776e88d183ad9075c88815cc23227b20ff724ac11fdc3c49da81", "c0918bc97bc3bfa2834d79a42ffbc60f52ac612b9633f0747d7e0240421ddfd5", "cf044e90bef8edf53332c5a4c9a42ca0f0f24d874951c9fd2c6ceb0470c4a922", "d7db6598f81560869ab607b545a98ba0137b924844b34faf56a8bfc3920b5541", "e2866278244c3c3f5b5f2c4badaf40904a04104075b15e06a9f1f2c8736d44bf", "e51d7c91d0ac9496158348890efc861beb7a2abb86d61dbb7b52cd97cf3944ff"], "key": "<HKLM>\\SOFTWARE\\POLICIES\\MICROSOFT\\WINDOWS DEFENDER\\REAL-TIME PROTECTION", "value_name": "DisableScanOnRealtimeEnable"}, {"hashes": ["0ec37d41525ee0c5995446e6163fa32d0b6fd05a92bcab4b973b83791d022155", "12c4f1a7804bcd0557676c249d7ac371f2871bf8057f5ea88664f05c77bed719", "12d076a14fa94b8e4a290a8b96afaa95fc336bdd0e2551b61694db67a1e49d43", "1b203972e5f19418d1ac3516ccd2805f2622058608e70e106bf083d06b26af6a", "1f2164eed8463a61b8b74c726eca872492b7998ec1b93637d88982acf677fece", "1f5a48c6de3756ea45bc49d01425438dbef0000494d93394277e37838dd0e2c2", "2748358acbd71868da3945a1c0bff0c3f215f9a6f674e6cc7eae01da08fb3ebb", "3341fb4c70db0226c50d769ecc2ee479890a1f42d59c8e67a90a9264dd17529f", "40902f59d70b569b4b240116bd43593746395042f99d96c1d31770e7fd670509", "470f99e26209edda90f154852026d6eda1dcd3948586236c6240b481d85f381e", "47652ea29d25c78ccf67448047e9d5e4ea6e530c4d0f1f6560615522432d2e23", "50e2e2a2e7354cf10246fa1d1891faf913bf5b9c38563c3bfc5b65128a7ceab9", "7370354d570ed9682a58e59865885bbf16a07d9d2de5e7f9cc0e472b551f5d3c", "7b9d39e064315300c64a5c2e84e822394ae7404903288970dbc46610759d6566", "7d18f4893dd9981df67cf6b82b86e2c48d6f71efe205d870aa323e206be709c0", "8240f050790c4a526a2ae65bb739e28e1f3cdc018623fe17ea30aa0c9a1bef26", "887346cc2da305ccb97a752a8a9967cf58395ad5cd30eb1d4a80536d9fa4a40d", "88896b9e26d3a6c995c6c8e6263909ef6d4aa32a0b3ea80de35841442bff5a66", "9604112525ccb7a316e5d71f9ce4624e574ef32b084b4974e8b8c4930a86b747", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "b6fc55805897776e88d183ad9075c88815cc23227b20ff724ac11fdc3c49da81", "c0918bc97bc3bfa2834d79a42ffbc60f52ac612b9633f0747d7e0240421ddfd5", "cf044e90bef8edf53332c5a4c9a42ca0f0f24d874951c9fd2c6ceb0470c4a922", "d7db6598f81560869ab607b545a98ba0137b924844b34faf56a8bfc3920b5541", "e2866278244c3c3f5b5f2c4badaf40904a04104075b15e06a9f1f2c8736d44bf", "e51d7c91d0ac9496158348890efc861beb7a2abb86d61dbb7b52cd97cf3944ff"], "key": "<HKLM>\\SOFTWARE\\POLICIES\\MICROSOFT\\WINDOWS DEFENDER\\REAL-TIME PROTECTION", "value_name": "DisableIOAVProtection"}, {"hashes": ["0ec37d41525ee0c5995446e6163fa32d0b6fd05a92bcab4b973b83791d022155", "12c4f1a7804bcd0557676c249d7ac371f2871bf8057f5ea88664f05c77bed719", "12d076a14fa94b8e4a290a8b96afaa95fc336bdd0e2551b61694db67a1e49d43", "1b203972e5f19418d1ac3516ccd2805f2622058608e70e106bf083d06b26af6a", "1f2164eed8463a61b8b74c726eca872492b7998ec1b93637d88982acf677fece", "1f5a48c6de3756ea45bc49d01425438dbef0000494d93394277e37838dd0e2c2", "2748358acbd71868da3945a1c0bff0c3f215f9a6f674e6cc7eae01da08fb3ebb", "3341fb4c70db0226c50d769ecc2ee479890a1f42d59c8e67a90a9264dd17529f", "40902f59d70b569b4b240116bd43593746395042f99d96c1d31770e7fd670509", "470f99e26209edda90f154852026d6eda1dcd3948586236c6240b481d85f381e", "47652ea29d25c78ccf67448047e9d5e4ea6e530c4d0f1f6560615522432d2e23", "50e2e2a2e7354cf10246fa1d1891faf913bf5b9c38563c3bfc5b65128a7ceab9", "7370354d570ed9682a58e59865885bbf16a07d9d2de5e7f9cc0e472b551f5d3c", "7b9d39e064315300c64a5c2e84e822394ae7404903288970dbc46610759d6566", "7d18f4893dd9981df67cf6b82b86e2c48d6f71efe205d870aa323e206be709c0", "8240f050790c4a526a2ae65bb739e28e1f3cdc018623fe17ea30aa0c9a1bef26", "887346cc2da305ccb97a752a8a9967cf58395ad5cd30eb1d4a80536d9fa4a40d", "88896b9e26d3a6c995c6c8e6263909ef6d4aa32a0b3ea80de35841442bff5a66", "9604112525ccb7a316e5d71f9ce4624e574ef32b084b4974e8b8c4930a86b747", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "b6fc55805897776e88d183ad9075c88815cc23227b20ff724ac11fdc3c49da81", "c0918bc97bc3bfa2834d79a42ffbc60f52ac612b9633f0747d7e0240421ddfd5", "cf044e90bef8edf53332c5a4c9a42ca0f0f24d874951c9fd2c6ceb0470c4a922", "d7db6598f81560869ab607b545a98ba0137b924844b34faf56a8bfc3920b5541", "e2866278244c3c3f5b5f2c4badaf40904a04104075b15e06a9f1f2c8736d44bf", "e51d7c91d0ac9496158348890efc861beb7a2abb86d61dbb7b52cd97cf3944ff"], "key": "<HKLM>\\SOFTWARE\\POLICIES\\MICROSOFT\\WINDOWS DEFENDER", "value_name": null}, {"hashes": ["0ec37d41525ee0c5995446e6163fa32d0b6fd05a92bcab4b973b83791d022155", "12c4f1a7804bcd0557676c249d7ac371f2871bf8057f5ea88664f05c77bed719", "12d076a14fa94b8e4a290a8b96afaa95fc336bdd0e2551b61694db67a1e49d43", "1b203972e5f19418d1ac3516ccd2805f2622058608e70e106bf083d06b26af6a", "1f2164eed8463a61b8b74c726eca872492b7998ec1b93637d88982acf677fece", "1f5a48c6de3756ea45bc49d01425438dbef0000494d93394277e37838dd0e2c2", "2748358acbd71868da3945a1c0bff0c3f215f9a6f674e6cc7eae01da08fb3ebb", "3341fb4c70db0226c50d769ecc2ee479890a1f42d59c8e67a90a9264dd17529f", "40902f59d70b569b4b240116bd43593746395042f99d96c1d31770e7fd670509", "470f99e26209edda90f154852026d6eda1dcd3948586236c6240b481d85f381e", "47652ea29d25c78ccf67448047e9d5e4ea6e530c4d0f1f6560615522432d2e23", "50e2e2a2e7354cf10246fa1d1891faf913bf5b9c38563c3bfc5b65128a7ceab9", "7370354d570ed9682a58e59865885bbf16a07d9d2de5e7f9cc0e472b551f5d3c", "7b9d39e064315300c64a5c2e84e822394ae7404903288970dbc46610759d6566", "7d18f4893dd9981df67cf6b82b86e2c48d6f71efe205d870aa323e206be709c0", "8240f050790c4a526a2ae65bb739e28e1f3cdc018623fe17ea30aa0c9a1bef26", "887346cc2da305ccb97a752a8a9967cf58395ad5cd30eb1d4a80536d9fa4a40d", "88896b9e26d3a6c995c6c8e6263909ef6d4aa32a0b3ea80de35841442bff5a66", "9604112525ccb7a316e5d71f9ce4624e574ef32b084b4974e8b8c4930a86b747", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "b6fc55805897776e88d183ad9075c88815cc23227b20ff724ac11fdc3c49da81", "c0918bc97bc3bfa2834d79a42ffbc60f52ac612b9633f0747d7e0240421ddfd5", "cf044e90bef8edf53332c5a4c9a42ca0f0f24d874951c9fd2c6ceb0470c4a922", "d7db6598f81560869ab607b545a98ba0137b924844b34faf56a8bfc3920b5541", "e2866278244c3c3f5b5f2c4badaf40904a04104075b15e06a9f1f2c8736d44bf", "e51d7c91d0ac9496158348890efc861beb7a2abb86d61dbb7b52cd97cf3944ff"], "key": "<HKLM>\\SOFTWARE\\POLICIES\\MICROSOFT\\WINDOWS DEFENDER\\REAL-TIME PROTECTION", "value_name": null}, {"hashes": ["0ec37d41525ee0c5995446e6163fa32d0b6fd05a92bcab4b973b83791d022155", "12c4f1a7804bcd0557676c249d7ac371f2871bf8057f5ea88664f05c77bed719", "12d076a14fa94b8e4a290a8b96afaa95fc336bdd0e2551b61694db67a1e49d43", "1b203972e5f19418d1ac3516ccd2805f2622058608e70e106bf083d06b26af6a", "1f2164eed8463a61b8b74c726eca872492b7998ec1b93637d88982acf677fece", "1f5a48c6de3756ea45bc49d01425438dbef0000494d93394277e37838dd0e2c2", "2748358acbd71868da3945a1c0bff0c3f215f9a6f674e6cc7eae01da08fb3ebb", "3341fb4c70db0226c50d769ecc2ee479890a1f42d59c8e67a90a9264dd17529f", "40902f59d70b569b4b240116bd43593746395042f99d96c1d31770e7fd670509", "470f99e26209edda90f154852026d6eda1dcd3948586236c6240b481d85f381e", "47652ea29d25c78ccf67448047e9d5e4ea6e530c4d0f1f6560615522432d2e23", "50e2e2a2e7354cf10246fa1d1891faf913bf5b9c38563c3bfc5b65128a7ceab9", "7370354d570ed9682a58e59865885bbf16a07d9d2de5e7f9cc0e472b551f5d3c", "7b9d39e064315300c64a5c2e84e822394ae7404903288970dbc46610759d6566", "7d18f4893dd9981df67cf6b82b86e2c48d6f71efe205d870aa323e206be709c0", "8240f050790c4a526a2ae65bb739e28e1f3cdc018623fe17ea30aa0c9a1bef26", "887346cc2da305ccb97a752a8a9967cf58395ad5cd30eb1d4a80536d9fa4a40d", "88896b9e26d3a6c995c6c8e6263909ef6d4aa32a0b3ea80de35841442bff5a66", "9604112525ccb7a316e5d71f9ce4624e574ef32b084b4974e8b8c4930a86b747", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "b6fc55805897776e88d183ad9075c88815cc23227b20ff724ac11fdc3c49da81", "c0918bc97bc3bfa2834d79a42ffbc60f52ac612b9633f0747d7e0240421ddfd5", "cf044e90bef8edf53332c5a4c9a42ca0f0f24d874951c9fd2c6ceb0470c4a922", "d7db6598f81560869ab607b545a98ba0137b924844b34faf56a8bfc3920b5541", "e2866278244c3c3f5b5f2c4badaf40904a04104075b15e06a9f1f2c8736d44bf", "e51d7c91d0ac9496158348890efc861beb7a2abb86d61dbb7b52cd97cf3944ff"], "key": "<HKLM>\\SOFTWARE\\POLICIES\\MICROSOFT\\WINDOWS\\WINDOWSUPDATE", "value_name": null}, {"hashes": ["0ec37d41525ee0c5995446e6163fa32d0b6fd05a92bcab4b973b83791d022155", "12c4f1a7804bcd0557676c249d7ac371f2871bf8057f5ea88664f05c77bed719", "12d076a14fa94b8e4a290a8b96afaa95fc336bdd0e2551b61694db67a1e49d43", "1b203972e5f19418d1ac3516ccd2805f2622058608e70e106bf083d06b26af6a", "1f2164eed8463a61b8b74c726eca872492b7998ec1b93637d88982acf677fece", "1f5a48c6de3756ea45bc49d01425438dbef0000494d93394277e37838dd0e2c2", "2748358acbd71868da3945a1c0bff0c3f215f9a6f674e6cc7eae01da08fb3ebb", "3341fb4c70db0226c50d769ecc2ee479890a1f42d59c8e67a90a9264dd17529f", "40902f59d70b569b4b240116bd43593746395042f99d96c1d31770e7fd670509", "470f99e26209edda90f154852026d6eda1dcd3948586236c6240b481d85f381e", "47652ea29d25c78ccf67448047e9d5e4ea6e530c4d0f1f6560615522432d2e23", "50e2e2a2e7354cf10246fa1d1891faf913bf5b9c38563c3bfc5b65128a7ceab9", "7370354d570ed9682a58e59865885bbf16a07d9d2de5e7f9cc0e472b551f5d3c", "7b9d39e064315300c64a5c2e84e822394ae7404903288970dbc46610759d6566", "7d18f4893dd9981df67cf6b82b86e2c48d6f71efe205d870aa323e206be709c0", "8240f050790c4a526a2ae65bb739e28e1f3cdc018623fe17ea30aa0c9a1bef26", "887346cc2da305ccb97a752a8a9967cf58395ad5cd30eb1d4a80536d9fa4a40d", "88896b9e26d3a6c995c6c8e6263909ef6d4aa32a0b3ea80de35841442bff5a66", "9604112525ccb7a316e5d71f9ce4624e574ef32b084b4974e8b8c4930a86b747", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "b6fc55805897776e88d183ad9075c88815cc23227b20ff724ac11fdc3c49da81", "c0918bc97bc3bfa2834d79a42ffbc60f52ac612b9633f0747d7e0240421ddfd5", "cf044e90bef8edf53332c5a4c9a42ca0f0f24d874951c9fd2c6ceb0470c4a922", "d7db6598f81560869ab607b545a98ba0137b924844b34faf56a8bfc3920b5541", "e2866278244c3c3f5b5f2c4badaf40904a04104075b15e06a9f1f2c8736d44bf", "e51d7c91d0ac9496158348890efc861beb7a2abb86d61dbb7b52cd97cf3944ff"], "key": "<HKLM>\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\WINDOWS DEFENDER\\FEATURES", "value_name": null}, {"hashes": ["0ec37d41525ee0c5995446e6163fa32d0b6fd05a92bcab4b973b83791d022155", "12c4f1a7804bcd0557676c249d7ac371f2871bf8057f5ea88664f05c77bed719", "12d076a14fa94b8e4a290a8b96afaa95fc336bdd0e2551b61694db67a1e49d43", "1b203972e5f19418d1ac3516ccd2805f2622058608e70e106bf083d06b26af6a", "1f2164eed8463a61b8b74c726eca872492b7998ec1b93637d88982acf677fece", "1f5a48c6de3756ea45bc49d01425438dbef0000494d93394277e37838dd0e2c2", "2748358acbd71868da3945a1c0bff0c3f215f9a6f674e6cc7eae01da08fb3ebb", "3341fb4c70db0226c50d769ecc2ee479890a1f42d59c8e67a90a9264dd17529f", "40902f59d70b569b4b240116bd43593746395042f99d96c1d31770e7fd670509", "470f99e26209edda90f154852026d6eda1dcd3948586236c6240b481d85f381e", "47652ea29d25c78ccf67448047e9d5e4ea6e530c4d0f1f6560615522432d2e23", "50e2e2a2e7354cf10246fa1d1891faf913bf5b9c38563c3bfc5b65128a7ceab9", "7370354d570ed9682a58e59865885bbf16a07d9d2de5e7f9cc0e472b551f5d3c", "7b9d39e064315300c64a5c2e84e822394ae7404903288970dbc46610759d6566", "7d18f4893dd9981df67cf6b82b86e2c48d6f71efe205d870aa323e206be709c0", "8240f050790c4a526a2ae65bb739e28e1f3cdc018623fe17ea30aa0c9a1bef26", "887346cc2da305ccb97a752a8a9967cf58395ad5cd30eb1d4a80536d9fa4a40d", "88896b9e26d3a6c995c6c8e6263909ef6d4aa32a0b3ea80de35841442bff5a66", "9604112525ccb7a316e5d71f9ce4624e574ef32b084b4974e8b8c4930a86b747", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "b6fc55805897776e88d183ad9075c88815cc23227b20ff724ac11fdc3c49da81", "c0918bc97bc3bfa2834d79a42ffbc60f52ac612b9633f0747d7e0240421ddfd5", "cf044e90bef8edf53332c5a4c9a42ca0f0f24d874951c9fd2c6ceb0470c4a922", "d7db6598f81560869ab607b545a98ba0137b924844b34faf56a8bfc3920b5541", "e2866278244c3c3f5b5f2c4badaf40904a04104075b15e06a9f1f2c8736d44bf", "e51d7c91d0ac9496158348890efc861beb7a2abb86d61dbb7b52cd97cf3944ff"], "key": "<HKLM>\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\WINDOWS DEFENDER\\FEATURES", "value_name": "TamperProtection"}, {"hashes": ["0ec37d41525ee0c5995446e6163fa32d0b6fd05a92bcab4b973b83791d022155", "12c4f1a7804bcd0557676c249d7ac371f2871bf8057f5ea88664f05c77bed719", "12d076a14fa94b8e4a290a8b96afaa95fc336bdd0e2551b61694db67a1e49d43", "1b203972e5f19418d1ac3516ccd2805f2622058608e70e106bf083d06b26af6a", "1f2164eed8463a61b8b74c726eca872492b7998ec1b93637d88982acf677fece", "1f5a48c6de3756ea45bc49d01425438dbef0000494d93394277e37838dd0e2c2", "2748358acbd71868da3945a1c0bff0c3f215f9a6f674e6cc7eae01da08fb3ebb", "3341fb4c70db0226c50d769ecc2ee479890a1f42d59c8e67a90a9264dd17529f", "40902f59d70b569b4b240116bd43593746395042f99d96c1d31770e7fd670509", "470f99e26209edda90f154852026d6eda1dcd3948586236c6240b481d85f381e", "47652ea29d25c78ccf67448047e9d5e4ea6e530c4d0f1f6560615522432d2e23", "50e2e2a2e7354cf10246fa1d1891faf913bf5b9c38563c3bfc5b65128a7ceab9", "7370354d570ed9682a58e59865885bbf16a07d9d2de5e7f9cc0e472b551f5d3c", "7b9d39e064315300c64a5c2e84e822394ae7404903288970dbc46610759d6566", "7d18f4893dd9981df67cf6b82b86e2c48d6f71efe205d870aa323e206be709c0", "8240f050790c4a526a2ae65bb739e28e1f3cdc018623fe17ea30aa0c9a1bef26", "887346cc2da305ccb97a752a8a9967cf58395ad5cd30eb1d4a80536d9fa4a40d", "88896b9e26d3a6c995c6c8e6263909ef6d4aa32a0b3ea80de35841442bff5a66", "9604112525ccb7a316e5d71f9ce4624e574ef32b084b4974e8b8c4930a86b747", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "b6fc55805897776e88d183ad9075c88815cc23227b20ff724ac11fdc3c49da81", "c0918bc97bc3bfa2834d79a42ffbc60f52ac612b9633f0747d7e0240421ddfd5", "cf044e90bef8edf53332c5a4c9a42ca0f0f24d874951c9fd2c6ceb0470c4a922", "d7db6598f81560869ab607b545a98ba0137b924844b34faf56a8bfc3920b5541", "e2866278244c3c3f5b5f2c4badaf40904a04104075b15e06a9f1f2c8736d44bf", "e51d7c91d0ac9496158348890efc861beb7a2abb86d61dbb7b52cd97cf3944ff"], "key": "<HKLM>\\SOFTWARE\\POLICIES\\MICROSOFT\\WINDOWS DEFENDER\\REAL-TIME PROTECTION", "value_name": "DisableRealtimeMonitoring"}, {"hashes": ["0ec37d41525ee0c5995446e6163fa32d0b6fd05a92bcab4b973b83791d022155", "12c4f1a7804bcd0557676c249d7ac371f2871bf8057f5ea88664f05c77bed719", "12d076a14fa94b8e4a290a8b96afaa95fc336bdd0e2551b61694db67a1e49d43", "1b203972e5f19418d1ac3516ccd2805f2622058608e70e106bf083d06b26af6a", "1f2164eed8463a61b8b74c726eca872492b7998ec1b93637d88982acf677fece", "1f5a48c6de3756ea45bc49d01425438dbef0000494d93394277e37838dd0e2c2", "2748358acbd71868da3945a1c0bff0c3f215f9a6f674e6cc7eae01da08fb3ebb", "3341fb4c70db0226c50d769ecc2ee479890a1f42d59c8e67a90a9264dd17529f", "40902f59d70b569b4b240116bd43593746395042f99d96c1d31770e7fd670509", "470f99e26209edda90f154852026d6eda1dcd3948586236c6240b481d85f381e", "47652ea29d25c78ccf67448047e9d5e4ea6e530c4d0f1f6560615522432d2e23", "50e2e2a2e7354cf10246fa1d1891faf913bf5b9c38563c3bfc5b65128a7ceab9", "7370354d570ed9682a58e59865885bbf16a07d9d2de5e7f9cc0e472b551f5d3c", "7b9d39e064315300c64a5c2e84e822394ae7404903288970dbc46610759d6566", "7d18f4893dd9981df67cf6b82b86e2c48d6f71efe205d870aa323e206be709c0", "8240f050790c4a526a2ae65bb739e28e1f3cdc018623fe17ea30aa0c9a1bef26", "887346cc2da305ccb97a752a8a9967cf58395ad5cd30eb1d4a80536d9fa4a40d", "88896b9e26d3a6c995c6c8e6263909ef6d4aa32a0b3ea80de35841442bff5a66", "9604112525ccb7a316e5d71f9ce4624e574ef32b084b4974e8b8c4930a86b747", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "b6fc55805897776e88d183ad9075c88815cc23227b20ff724ac11fdc3c49da81", "c0918bc97bc3bfa2834d79a42ffbc60f52ac612b9633f0747d7e0240421ddfd5", "cf044e90bef8edf53332c5a4c9a42ca0f0f24d874951c9fd2c6ceb0470c4a922", "d7db6598f81560869ab607b545a98ba0137b924844b34faf56a8bfc3920b5541", "e2866278244c3c3f5b5f2c4badaf40904a04104075b15e06a9f1f2c8736d44bf", "e51d7c91d0ac9496158348890efc861beb7a2abb86d61dbb7b52cd97cf3944ff"], "key": "<HKLM>\\SOFTWARE\\POLICIES\\MICROSOFT\\WINDOWS DEFENDER SECURITY CENTER", "value_name": null}, {"hashes": ["0ec37d41525ee0c5995446e6163fa32d0b6fd05a92bcab4b973b83791d022155", "12c4f1a7804bcd0557676c249d7ac371f2871bf8057f5ea88664f05c77bed719", "12d076a14fa94b8e4a290a8b96afaa95fc336bdd0e2551b61694db67a1e49d43", "1b203972e5f19418d1ac3516ccd2805f2622058608e70e106bf083d06b26af6a", "1f2164eed8463a61b8b74c726eca872492b7998ec1b93637d88982acf677fece", "1f5a48c6de3756ea45bc49d01425438dbef0000494d93394277e37838dd0e2c2", "2748358acbd71868da3945a1c0bff0c3f215f9a6f674e6cc7eae01da08fb3ebb", "3341fb4c70db0226c50d769ecc2ee479890a1f42d59c8e67a90a9264dd17529f", "40902f59d70b569b4b240116bd43593746395042f99d96c1d31770e7fd670509", "470f99e26209edda90f154852026d6eda1dcd3948586236c6240b481d85f381e", "47652ea29d25c78ccf67448047e9d5e4ea6e530c4d0f1f6560615522432d2e23", "50e2e2a2e7354cf10246fa1d1891faf913bf5b9c38563c3bfc5b65128a7ceab9", "7370354d570ed9682a58e59865885bbf16a07d9d2de5e7f9cc0e472b551f5d3c", "7b9d39e064315300c64a5c2e84e822394ae7404903288970dbc46610759d6566", "7d18f4893dd9981df67cf6b82b86e2c48d6f71efe205d870aa323e206be709c0", "8240f050790c4a526a2ae65bb739e28e1f3cdc018623fe17ea30aa0c9a1bef26", "887346cc2da305ccb97a752a8a9967cf58395ad5cd30eb1d4a80536d9fa4a40d", "88896b9e26d3a6c995c6c8e6263909ef6d4aa32a0b3ea80de35841442bff5a66", "9604112525ccb7a316e5d71f9ce4624e574ef32b084b4974e8b8c4930a86b747", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "b6fc55805897776e88d183ad9075c88815cc23227b20ff724ac11fdc3c49da81", "c0918bc97bc3bfa2834d79a42ffbc60f52ac612b9633f0747d7e0240421ddfd5", "cf044e90bef8edf53332c5a4c9a42ca0f0f24d874951c9fd2c6ceb0470c4a922", "d7db6598f81560869ab607b545a98ba0137b924844b34faf56a8bfc3920b5541", "e2866278244c3c3f5b5f2c4badaf40904a04104075b15e06a9f1f2c8736d44bf", "e51d7c91d0ac9496158348890efc861beb7a2abb86d61dbb7b52cd97cf3944ff"], "key": "<HKLM>\\SOFTWARE\\POLICIES\\MICROSOFT\\WINDOWS\\WINDOWSUPDATE\\AU", "value_name": "AUOptions"}, {"hashes": ["0ec37d41525ee0c5995446e6163fa32d0b6fd05a92bcab4b973b83791d022155", "12c4f1a7804bcd0557676c249d7ac371f2871bf8057f5ea88664f05c77bed719", "12d076a14fa94b8e4a290a8b96afaa95fc336bdd0e2551b61694db67a1e49d43", "1b203972e5f19418d1ac3516ccd2805f2622058608e70e106bf083d06b26af6a", "1f2164eed8463a61b8b74c726eca872492b7998ec1b93637d88982acf677fece", "1f5a48c6de3756ea45bc49d01425438dbef0000494d93394277e37838dd0e2c2", "2748358acbd71868da3945a1c0bff0c3f215f9a6f674e6cc7eae01da08fb3ebb", "3341fb4c70db0226c50d769ecc2ee479890a1f42d59c8e67a90a9264dd17529f", "40902f59d70b569b4b240116bd43593746395042f99d96c1d31770e7fd670509", "470f99e26209edda90f154852026d6eda1dcd3948586236c6240b481d85f381e", "47652ea29d25c78ccf67448047e9d5e4ea6e530c4d0f1f6560615522432d2e23", "50e2e2a2e7354cf10246fa1d1891faf913bf5b9c38563c3bfc5b65128a7ceab9", "7370354d570ed9682a58e59865885bbf16a07d9d2de5e7f9cc0e472b551f5d3c", "7b9d39e064315300c64a5c2e84e822394ae7404903288970dbc46610759d6566", "7d18f4893dd9981df67cf6b82b86e2c48d6f71efe205d870aa323e206be709c0", "8240f050790c4a526a2ae65bb739e28e1f3cdc018623fe17ea30aa0c9a1bef26", "887346cc2da305ccb97a752a8a9967cf58395ad5cd30eb1d4a80536d9fa4a40d", "88896b9e26d3a6c995c6c8e6263909ef6d4aa32a0b3ea80de35841442bff5a66", "9604112525ccb7a316e5d71f9ce4624e574ef32b084b4974e8b8c4930a86b747", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "b6fc55805897776e88d183ad9075c88815cc23227b20ff724ac11fdc3c49da81", "c0918bc97bc3bfa2834d79a42ffbc60f52ac612b9633f0747d7e0240421ddfd5", "cf044e90bef8edf53332c5a4c9a42ca0f0f24d874951c9fd2c6ceb0470c4a922", "d7db6598f81560869ab607b545a98ba0137b924844b34faf56a8bfc3920b5541", "e2866278244c3c3f5b5f2c4badaf40904a04104075b15e06a9f1f2c8736d44bf", "e51d7c91d0ac9496158348890efc861beb7a2abb86d61dbb7b52cd97cf3944ff"], "key": "<HKLM>\\SOFTWARE\\POLICIES\\MICROSOFT\\WINDOWS\\WINDOWSUPDATE\\AU", "value_name": "AutoInstallMinorUpdates"}, {"hashes": ["0ec37d41525ee0c5995446e6163fa32d0b6fd05a92bcab4b973b83791d022155", "12c4f1a7804bcd0557676c249d7ac371f2871bf8057f5ea88664f05c77bed719", "12d076a14fa94b8e4a290a8b96afaa95fc336bdd0e2551b61694db67a1e49d43", "1b203972e5f19418d1ac3516ccd2805f2622058608e70e106bf083d06b26af6a", "1f2164eed8463a61b8b74c726eca872492b7998ec1b93637d88982acf677fece", "1f5a48c6de3756ea45bc49d01425438dbef0000494d93394277e37838dd0e2c2", "2748358acbd71868da3945a1c0bff0c3f215f9a6f674e6cc7eae01da08fb3ebb", "3341fb4c70db0226c50d769ecc2ee479890a1f42d59c8e67a90a9264dd17529f", "40902f59d70b569b4b240116bd43593746395042f99d96c1d31770e7fd670509", "470f99e26209edda90f154852026d6eda1dcd3948586236c6240b481d85f381e", "47652ea29d25c78ccf67448047e9d5e4ea6e530c4d0f1f6560615522432d2e23", "50e2e2a2e7354cf10246fa1d1891faf913bf5b9c38563c3bfc5b65128a7ceab9", "7370354d570ed9682a58e59865885bbf16a07d9d2de5e7f9cc0e472b551f5d3c", "7b9d39e064315300c64a5c2e84e822394ae7404903288970dbc46610759d6566", "7d18f4893dd9981df67cf6b82b86e2c48d6f71efe205d870aa323e206be709c0", "8240f050790c4a526a2ae65bb739e28e1f3cdc018623fe17ea30aa0c9a1bef26", "887346cc2da305ccb97a752a8a9967cf58395ad5cd30eb1d4a80536d9fa4a40d", "88896b9e26d3a6c995c6c8e6263909ef6d4aa32a0b3ea80de35841442bff5a66", "9604112525ccb7a316e5d71f9ce4624e574ef32b084b4974e8b8c4930a86b747", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "b6fc55805897776e88d183ad9075c88815cc23227b20ff724ac11fdc3c49da81", "c0918bc97bc3bfa2834d79a42ffbc60f52ac612b9633f0747d7e0240421ddfd5", "cf044e90bef8edf53332c5a4c9a42ca0f0f24d874951c9fd2c6ceb0470c4a922", "d7db6598f81560869ab607b545a98ba0137b924844b34faf56a8bfc3920b5541", "e2866278244c3c3f5b5f2c4badaf40904a04104075b15e06a9f1f2c8736d44bf", "e51d7c91d0ac9496158348890efc861beb7a2abb86d61dbb7b52cd97cf3944ff"], "key": "<HKLM>\\SOFTWARE\\POLICIES\\MICROSOFT\\WINDOWS DEFENDER SECURITY CENTER\\NOTIFICATIONS", "value_name": null}, {"hashes": ["0ec37d41525ee0c5995446e6163fa32d0b6fd05a92bcab4b973b83791d022155", "12c4f1a7804bcd0557676c249d7ac371f2871bf8057f5ea88664f05c77bed719", "12d076a14fa94b8e4a290a8b96afaa95fc336bdd0e2551b61694db67a1e49d43", "1b203972e5f19418d1ac3516ccd2805f2622058608e70e106bf083d06b26af6a", "1f2164eed8463a61b8b74c726eca872492b7998ec1b93637d88982acf677fece", "1f5a48c6de3756ea45bc49d01425438dbef0000494d93394277e37838dd0e2c2", "2748358acbd71868da3945a1c0bff0c3f215f9a6f674e6cc7eae01da08fb3ebb", "3341fb4c70db0226c50d769ecc2ee479890a1f42d59c8e67a90a9264dd17529f", "40902f59d70b569b4b240116bd43593746395042f99d96c1d31770e7fd670509", "470f99e26209edda90f154852026d6eda1dcd3948586236c6240b481d85f381e", "47652ea29d25c78ccf67448047e9d5e4ea6e530c4d0f1f6560615522432d2e23", "50e2e2a2e7354cf10246fa1d1891faf913bf5b9c38563c3bfc5b65128a7ceab9", "7370354d570ed9682a58e59865885bbf16a07d9d2de5e7f9cc0e472b551f5d3c", "7b9d39e064315300c64a5c2e84e822394ae7404903288970dbc46610759d6566", "7d18f4893dd9981df67cf6b82b86e2c48d6f71efe205d870aa323e206be709c0", "8240f050790c4a526a2ae65bb739e28e1f3cdc018623fe17ea30aa0c9a1bef26", "887346cc2da305ccb97a752a8a9967cf58395ad5cd30eb1d4a80536d9fa4a40d", "88896b9e26d3a6c995c6c8e6263909ef6d4aa32a0b3ea80de35841442bff5a66", "9604112525ccb7a316e5d71f9ce4624e574ef32b084b4974e8b8c4930a86b747", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "b6fc55805897776e88d183ad9075c88815cc23227b20ff724ac11fdc3c49da81", "c0918bc97bc3bfa2834d79a42ffbc60f52ac612b9633f0747d7e0240421ddfd5", "cf044e90bef8edf53332c5a4c9a42ca0f0f24d874951c9fd2c6ceb0470c4a922", "d7db6598f81560869ab607b545a98ba0137b924844b34faf56a8bfc3920b5541", "e2866278244c3c3f5b5f2c4badaf40904a04104075b15e06a9f1f2c8736d44bf", "e51d7c91d0ac9496158348890efc861beb7a2abb86d61dbb7b52cd97cf3944ff"], "key": "<HKLM>\\SOFTWARE\\POLICIES\\MICROSOFT\\WINDOWS DEFENDER SECURITY CENTER\\NOTIFICATIONS", "value_name": "DisableNotifications"}, {"hashes": ["0ec37d41525ee0c5995446e6163fa32d0b6fd05a92bcab4b973b83791d022155", "12c4f1a7804bcd0557676c249d7ac371f2871bf8057f5ea88664f05c77bed719", "12d076a14fa94b8e4a290a8b96afaa95fc336bdd0e2551b61694db67a1e49d43", "1b203972e5f19418d1ac3516ccd2805f2622058608e70e106bf083d06b26af6a", "1f2164eed8463a61b8b74c726eca872492b7998ec1b93637d88982acf677fece", "1f5a48c6de3756ea45bc49d01425438dbef0000494d93394277e37838dd0e2c2", "2748358acbd71868da3945a1c0bff0c3f215f9a6f674e6cc7eae01da08fb3ebb", "3341fb4c70db0226c50d769ecc2ee479890a1f42d59c8e67a90a9264dd17529f", "40902f59d70b569b4b240116bd43593746395042f99d96c1d31770e7fd670509", "470f99e26209edda90f154852026d6eda1dcd3948586236c6240b481d85f381e", "47652ea29d25c78ccf67448047e9d5e4ea6e530c4d0f1f6560615522432d2e23", "50e2e2a2e7354cf10246fa1d1891faf913bf5b9c38563c3bfc5b65128a7ceab9", "7370354d570ed9682a58e59865885bbf16a07d9d2de5e7f9cc0e472b551f5d3c", "7b9d39e064315300c64a5c2e84e822394ae7404903288970dbc46610759d6566", "7d18f4893dd9981df67cf6b82b86e2c48d6f71efe205d870aa323e206be709c0", "8240f050790c4a526a2ae65bb739e28e1f3cdc018623fe17ea30aa0c9a1bef26", "887346cc2da305ccb97a752a8a9967cf58395ad5cd30eb1d4a80536d9fa4a40d", "88896b9e26d3a6c995c6c8e6263909ef6d4aa32a0b3ea80de35841442bff5a66", "9604112525ccb7a316e5d71f9ce4624e574ef32b084b4974e8b8c4930a86b747", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "b6fc55805897776e88d183ad9075c88815cc23227b20ff724ac11fdc3c49da81", "c0918bc97bc3bfa2834d79a42ffbc60f52ac612b9633f0747d7e0240421ddfd5", "cf044e90bef8edf53332c5a4c9a42ca0f0f24d874951c9fd2c6ceb0470c4a922", "d7db6598f81560869ab607b545a98ba0137b924844b34faf56a8bfc3920b5541", "e2866278244c3c3f5b5f2c4badaf40904a04104075b15e06a9f1f2c8736d44bf", "e51d7c91d0ac9496158348890efc861beb7a2abb86d61dbb7b52cd97cf3944ff"], "key": "<HKLM>\\SOFTWARE\\POLICIES\\MICROSOFT\\WINDOWS\\WINDOWSUPDATE\\AU", "value_name": "UseWUServer"}, {"hashes": ["0ec37d41525ee0c5995446e6163fa32d0b6fd05a92bcab4b973b83791d022155", "12c4f1a7804bcd0557676c249d7ac371f2871bf8057f5ea88664f05c77bed719", "12d076a14fa94b8e4a290a8b96afaa95fc336bdd0e2551b61694db67a1e49d43", "1b203972e5f19418d1ac3516ccd2805f2622058608e70e106bf083d06b26af6a", "1f2164eed8463a61b8b74c726eca872492b7998ec1b93637d88982acf677fece", "1f5a48c6de3756ea45bc49d01425438dbef0000494d93394277e37838dd0e2c2", "2748358acbd71868da3945a1c0bff0c3f215f9a6f674e6cc7eae01da08fb3ebb", "3341fb4c70db0226c50d769ecc2ee479890a1f42d59c8e67a90a9264dd17529f", "40902f59d70b569b4b240116bd43593746395042f99d96c1d31770e7fd670509", "470f99e26209edda90f154852026d6eda1dcd3948586236c6240b481d85f381e", "47652ea29d25c78ccf67448047e9d5e4ea6e530c4d0f1f6560615522432d2e23", "50e2e2a2e7354cf10246fa1d1891faf913bf5b9c38563c3bfc5b65128a7ceab9", "7370354d570ed9682a58e59865885bbf16a07d9d2de5e7f9cc0e472b551f5d3c", "7b9d39e064315300c64a5c2e84e822394ae7404903288970dbc46610759d6566", "7d18f4893dd9981df67cf6b82b86e2c48d6f71efe205d870aa323e206be709c0", "8240f050790c4a526a2ae65bb739e28e1f3cdc018623fe17ea30aa0c9a1bef26", "887346cc2da305ccb97a752a8a9967cf58395ad5cd30eb1d4a80536d9fa4a40d", "88896b9e26d3a6c995c6c8e6263909ef6d4aa32a0b3ea80de35841442bff5a66", "9604112525ccb7a316e5d71f9ce4624e574ef32b084b4974e8b8c4930a86b747", "b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6", "b6fc55805897776e88d183ad9075c88815cc23227b20ff724ac11fdc3c49da81", "c0918bc97bc3bfa2834d79a42ffbc60f52ac612b9633f0747d7e0240421ddfd5", "cf044e90bef8edf53332c5a4c9a42ca0f0f24d874951c9fd2c6ceb0470c4a922", "d7db6598f81560869ab607b545a98ba0137b924844b34faf56a8bfc3920b5541", "e2866278244c3c3f5b5f2c4badaf40904a04104075b15e06a9f1f2c8736d44bf", "e51d7c91d0ac9496158348890efc861beb7a2abb86d61dbb7b52cd97cf3944ff"], "key": "<HKLM>\\SOFTWARE\\POLICIES\\MICROSOFT\\WINDOWS\\WINDOWSUPDATE", "value_name": "DoNotConnectToWindowsUpdateInternetLocations"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\ISUPLDCY", "value_name": "Description"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS DEFENDER\\EXCLUSIONS\\PATHS", "value_name": "C:\\Windows\\SysWOW64\\isupldcy"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\ISUPLDCY", "value_name": "ImagePath"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "key": "<HKU>\\.DEFAULT\\CONTROL PANEL\\BUSES", "value_name": "Config0"}, {"hashes": ["d813a01110e3f0b727f781f53f16cb07ae40ffd4ac2a77ea12a2f8bfdff8f3b8"], "key": "<HKU>\\.DEFAULT\\CONTROL PANEL\\BUSES", "value_name": "Config1"}, {"hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "foto0174.exe"}, {"hashes": ["b6190ef278581f5e68ea8e42c3710e0d4110a2042f988cf1e7bb81ba21f9edf6"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "foto34.exe"}]}, "reports_count": 83}, "Win.Dropper.XtremeRAT-10000002-0": {"bis": [{"bi": "memory-execute-readwrite", "hashes": ["58af4794f298f9400c39d4969b3f9c86e7af6bccc2979f935a9cabb8c6550809", "0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "8fbb2e6350b19ba45327ade5793b770681831057ce7e1cce8f2ecb739cccdb16", "022a66b7d76fa2bbee56a8d848675aa96b3eddc509fac5d8fbdbb97bed96e9be", "d02b4d47e478fc3c32be5cb6c7e3676bfc5d2ea9da9c82de703a77b7db413234", "5e4a7bed76322611ed15503c9098fe45220a27b2b815d0d6d6fe345be15b7442", "db5f642ebbe88990f1a730702aa04bd10597a8a64d6de6c2069d63a5a78436a2", "a3fb508141d2b3d5ece76a08c6e44b3722a2c2ff1a2e008c2523d9d4fb0f6afd", "57cd9099f10692125ac0afd3c7f5b9444dbde9bc47564a3d584b9bda2f87cd2e", "66fb2dc71474458e662a759fe2084845f5f6489c5d286c1cd8f53fdd9d95e737", "91f15f387d44b62958841cff29958eec303100e9380f0ee83183265c6260bb73", "1cd038ba74864d02eddc3eb3c3219b7fdebd00e7563229224fc06fa74f4d837d", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce", "d6e7d60618a250526d41024db54798d7cbee0409433c2f0d4a64daa0d9a0b0dd", "552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20", "6ce952804873e2f3de87ab77355d51292c9b321b18b47f6cc770ba715e4ed4f8", "cd4161a9fd864e25664f7d55126a0bd64f047cc4c5e2e081f5e745f0f7434b9d", "e23bd9fdebb967ead6dced4e7b4a5fd5c12e37ffdaaf4b7ac854f07b087c1a6e", "314e8e577dacf2287a1205ceb98ff4548ba513ee4b55a634ee48acce14f63c94", "2ec90cfa025740aa44baecf8eee2de66707678df216b4d555d95ee14221f1830", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "143cb3c0433dc9e9bdb163a08b279b8ca1df76841a62c52819fc460a86a3384c", "cf3d62473b1bce75d5e04984b8c6c986e7ebea664b277c14dcc3c8d5ebf408ad", "0e7b5c92e2c18f75466fbc674fbb7cd728778fa094e590fea7b26def741ca48a", "013663989aa28f3582e2aa90eed455a969d0de2abe419b5b3ec8824fc7a7fef2", "956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "13df35df42bc3c6c1c47b18b280722923396284f9c3d5b05f6db2de90e7bb9a0", "457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd", "731038173f7dfc821a5063bb21a530dca1163ba8c9857c09bc580fe8f1e4efea", "6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896", "1e3e862c60e25429d06231f72a5271c46528066bc82cf49431c4ad52552d0ebc", "a3aeb393fb10e3953f1cb8f6b28e4b7d8cadd64054deef1ab1ca8d4dd7ed5865", "8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2", "5f06d57a637c9844d6b2720992dc4e2074409c54a4a16a060c6f596c17ab2bff", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "5feb6fe880703e5d69cb45554d77f86fc1e03005f67226dc84601a548b02efd1", "4a61d9901d5c11bd68512937826fec243f49b88cbb0ac9c927794efb83f224f6", "c18f19a328b9ae58e71f6a06f6f40b841827d2bd1dbb98b0b295d809bd86c699", "e62d2891d7a76c7e08a27e0eb0bd7fa5546abf7eedec274e4b1a5b119e9eab71", "95b13017d2f0d22191ba9c0e1d0c92e18bf42149d87464eec60aee1206b0eead", "6c6c96eec533d302af2672f2226d2e52770feb08240aa32face53ce23328d6ca", "4ac11ec8d9add6278b5318c52ab3eb96db37a9c36705fe7128e606338221b649", "67481b7fc97f7ae8af3c6f5c7c04cd252c8a31b3c2394379844428277d8d696a", "38712d1de42f33c02e3ff7bd73caff8bb5e4c7f89fd11f6920207b094bc81fa6", "fedec73d39c3a44da986c67f848199a5d49699d2115ea786458a9360904c4934", "709f6a3b5fa4d5e8b36d26adf17c92d86e8802c65b76a83b5f642c4f837624d0", "0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "41eec2a4b3f6589097321436053722c95ab9b81f2f71c508e67a9764372e0fe7", "92c5ed42144de1d8f43e9cf41d629a4c90ee138bab080746e02e9bd83f9bd5ab", "c329047dc623c362427fdfa42941239ea92e4cd6cf2144084ff8bb3973a52b9b", "987fbf1ce97028d6a74085b8900bed68696cb7abf69a1378ceecaaf40007c676", "8adc54c7c64dcc8a6a10823931a759fcd1779eac69b035cb457782ef04f14025", "22037f54606da56dab0da53ba84cac987a99c1d81787a170e19812ad3ed6b0b2", "8cae48c56db1b0b7c97ccf1e616047cd2360576c10edbac691fc50642707513f", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "4847ff9a4a02048dd5d9fccaa0d9e1bf377193f141ed0d3ce11aa554424e1e45", "4a20d0d4786573ffa78c283fd882080b30a860f3668c81fb027640b8e0faaf3d", "a6bcdea90efec0be5cc16224e8d6b9e55841b19d56c25102f2f3dff3a5196d8a", "e17fd9b924f92308f765ca5e2a46b1f717bd51c0a63a5e5077b5973358d1190d", "68d790cfecf0d4b0874ae50da67a2b31f96e577b9cefa3aeaac07bea79bbbf72", "fe6d769e299642f334ffb01177169b6e52c1dfad7a8bfca971dc4888130ec18b", "8e8ccb9d6033d90ca0663786b24db738b1307cc38d839899f16ba19ecbe96a6b", "9dc03a8a056285aa4e96343c46dbc22414b3914a97b6fc4195a2e8a23c0109fb", "e64ad9768bd8547bc0abfaf212c80dd9dac5b32d121756feecffed3f2c9015aa", "f35d3ddbd151304fd7adf4499c46f9bc4a52eff04dfb68ca39943c49386054c9", "45bded663194abc4170e80e83abbe48e74fc91b4a2b2c5043e5479d89bd2b9e7", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4", "113fddf6ffad33cc8ddccabb51d1530529b5ad93f5881282ddc64977dbe32583", "4327d0f53f24d02cd6761ce90773cb02a085328ea261f7449686c4fd35e5ecca", "6e4d8c39b3ab09629fe4cdc495b4227460c17571637ee4a55e595f3b6b51d6f8", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "4a32978af2064d452f26b42e60749e3ac43c6e36bf6a2d24107064467d02ca86", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46", "8f338df3c10927b31c13e08649a35a8c6589a2c37d5780b952f4661d90daaca5", "3e848b438998dcd3aa40311d041d40c230ed22125625e5396f03d6265a5834fa", "9cdc95194df1ce3c3ce0e00a9d519bf473e234e3df77251020b5da6094e567c8", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b", "b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452", "32fef765f38580d1c018596d379620487cb8a0ab03ac149aeef6e9b42d8c792b", "1a63251dd369eecd63916d0835327d68da1aa50aa28623a2f4bd1481e968d238", "361ecf702e46b665843216d9be94fbdd84b231575c1a2026f04e6a4cced6f577"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["58af4794f298f9400c39d4969b3f9c86e7af6bccc2979f935a9cabb8c6550809", "0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "8fbb2e6350b19ba45327ade5793b770681831057ce7e1cce8f2ecb739cccdb16", "022a66b7d76fa2bbee56a8d848675aa96b3eddc509fac5d8fbdbb97bed96e9be", "d02b4d47e478fc3c32be5cb6c7e3676bfc5d2ea9da9c82de703a77b7db413234", "5e4a7bed76322611ed15503c9098fe45220a27b2b815d0d6d6fe345be15b7442", "db5f642ebbe88990f1a730702aa04bd10597a8a64d6de6c2069d63a5a78436a2", "a3fb508141d2b3d5ece76a08c6e44b3722a2c2ff1a2e008c2523d9d4fb0f6afd", "57cd9099f10692125ac0afd3c7f5b9444dbde9bc47564a3d584b9bda2f87cd2e", "66fb2dc71474458e662a759fe2084845f5f6489c5d286c1cd8f53fdd9d95e737", "91f15f387d44b62958841cff29958eec303100e9380f0ee83183265c6260bb73", "1cd038ba74864d02eddc3eb3c3219b7fdebd00e7563229224fc06fa74f4d837d", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce", "d6e7d60618a250526d41024db54798d7cbee0409433c2f0d4a64daa0d9a0b0dd", "552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20", "6ce952804873e2f3de87ab77355d51292c9b321b18b47f6cc770ba715e4ed4f8", "cd4161a9fd864e25664f7d55126a0bd64f047cc4c5e2e081f5e745f0f7434b9d", "e23bd9fdebb967ead6dced4e7b4a5fd5c12e37ffdaaf4b7ac854f07b087c1a6e", "314e8e577dacf2287a1205ceb98ff4548ba513ee4b55a634ee48acce14f63c94", "2ec90cfa025740aa44baecf8eee2de66707678df216b4d555d95ee14221f1830", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "143cb3c0433dc9e9bdb163a08b279b8ca1df76841a62c52819fc460a86a3384c", "cf3d62473b1bce75d5e04984b8c6c986e7ebea664b277c14dcc3c8d5ebf408ad", "0e7b5c92e2c18f75466fbc674fbb7cd728778fa094e590fea7b26def741ca48a", "013663989aa28f3582e2aa90eed455a969d0de2abe419b5b3ec8824fc7a7fef2", "956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "13df35df42bc3c6c1c47b18b280722923396284f9c3d5b05f6db2de90e7bb9a0", "457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd", "731038173f7dfc821a5063bb21a530dca1163ba8c9857c09bc580fe8f1e4efea", "6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896", "1e3e862c60e25429d06231f72a5271c46528066bc82cf49431c4ad52552d0ebc", "a3aeb393fb10e3953f1cb8f6b28e4b7d8cadd64054deef1ab1ca8d4dd7ed5865", "8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2", "5f06d57a637c9844d6b2720992dc4e2074409c54a4a16a060c6f596c17ab2bff", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "5feb6fe880703e5d69cb45554d77f86fc1e03005f67226dc84601a548b02efd1", "4a61d9901d5c11bd68512937826fec243f49b88cbb0ac9c927794efb83f224f6", "c18f19a328b9ae58e71f6a06f6f40b841827d2bd1dbb98b0b295d809bd86c699", "e62d2891d7a76c7e08a27e0eb0bd7fa5546abf7eedec274e4b1a5b119e9eab71", "95b13017d2f0d22191ba9c0e1d0c92e18bf42149d87464eec60aee1206b0eead", "6c6c96eec533d302af2672f2226d2e52770feb08240aa32face53ce23328d6ca", "4ac11ec8d9add6278b5318c52ab3eb96db37a9c36705fe7128e606338221b649", "67481b7fc97f7ae8af3c6f5c7c04cd252c8a31b3c2394379844428277d8d696a", "38712d1de42f33c02e3ff7bd73caff8bb5e4c7f89fd11f6920207b094bc81fa6", "fedec73d39c3a44da986c67f848199a5d49699d2115ea786458a9360904c4934", "709f6a3b5fa4d5e8b36d26adf17c92d86e8802c65b76a83b5f642c4f837624d0", "0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "41eec2a4b3f6589097321436053722c95ab9b81f2f71c508e67a9764372e0fe7", "92c5ed42144de1d8f43e9cf41d629a4c90ee138bab080746e02e9bd83f9bd5ab", "c329047dc623c362427fdfa42941239ea92e4cd6cf2144084ff8bb3973a52b9b", "987fbf1ce97028d6a74085b8900bed68696cb7abf69a1378ceecaaf40007c676", "8adc54c7c64dcc8a6a10823931a759fcd1779eac69b035cb457782ef04f14025", "22037f54606da56dab0da53ba84cac987a99c1d81787a170e19812ad3ed6b0b2", "8cae48c56db1b0b7c97ccf1e616047cd2360576c10edbac691fc50642707513f", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "4847ff9a4a02048dd5d9fccaa0d9e1bf377193f141ed0d3ce11aa554424e1e45", "4a20d0d4786573ffa78c283fd882080b30a860f3668c81fb027640b8e0faaf3d", "a6bcdea90efec0be5cc16224e8d6b9e55841b19d56c25102f2f3dff3a5196d8a", "e17fd9b924f92308f765ca5e2a46b1f717bd51c0a63a5e5077b5973358d1190d", "68d790cfecf0d4b0874ae50da67a2b31f96e577b9cefa3aeaac07bea79bbbf72", "fe6d769e299642f334ffb01177169b6e52c1dfad7a8bfca971dc4888130ec18b", "8e8ccb9d6033d90ca0663786b24db738b1307cc38d839899f16ba19ecbe96a6b", "9dc03a8a056285aa4e96343c46dbc22414b3914a97b6fc4195a2e8a23c0109fb", "e64ad9768bd8547bc0abfaf212c80dd9dac5b32d121756feecffed3f2c9015aa", "f35d3ddbd151304fd7adf4499c46f9bc4a52eff04dfb68ca39943c49386054c9", "45bded663194abc4170e80e83abbe48e74fc91b4a2b2c5043e5479d89bd2b9e7", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4", "113fddf6ffad33cc8ddccabb51d1530529b5ad93f5881282ddc64977dbe32583", "4327d0f53f24d02cd6761ce90773cb02a085328ea261f7449686c4fd35e5ecca", "6e4d8c39b3ab09629fe4cdc495b4227460c17571637ee4a55e595f3b6b51d6f8", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "4a32978af2064d452f26b42e60749e3ac43c6e36bf6a2d24107064467d02ca86", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46", "8f338df3c10927b31c13e08649a35a8c6589a2c37d5780b952f4661d90daaca5", "3e848b438998dcd3aa40311d041d40c230ed22125625e5396f03d6265a5834fa", "9cdc95194df1ce3c3ce0e00a9d519bf473e234e3df77251020b5da6094e567c8", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b", "b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452", "32fef765f38580d1c018596d379620487cb8a0ab03ac149aeef6e9b42d8c792b", "1a63251dd369eecd63916d0835327d68da1aa50aa28623a2f4bd1481e968d238", "361ecf702e46b665843216d9be94fbdd84b231575c1a2026f04e6a4cced6f577"], "mitre_attack_tags": []}, {"bi": "pe-imports-empty", "hashes": ["58af4794f298f9400c39d4969b3f9c86e7af6bccc2979f935a9cabb8c6550809", "0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "8fbb2e6350b19ba45327ade5793b770681831057ce7e1cce8f2ecb739cccdb16", "022a66b7d76fa2bbee56a8d848675aa96b3eddc509fac5d8fbdbb97bed96e9be", "d02b4d47e478fc3c32be5cb6c7e3676bfc5d2ea9da9c82de703a77b7db413234", "5e4a7bed76322611ed15503c9098fe45220a27b2b815d0d6d6fe345be15b7442", "db5f642ebbe88990f1a730702aa04bd10597a8a64d6de6c2069d63a5a78436a2", "a3fb508141d2b3d5ece76a08c6e44b3722a2c2ff1a2e008c2523d9d4fb0f6afd", "57cd9099f10692125ac0afd3c7f5b9444dbde9bc47564a3d584b9bda2f87cd2e", "66fb2dc71474458e662a759fe2084845f5f6489c5d286c1cd8f53fdd9d95e737", "91f15f387d44b62958841cff29958eec303100e9380f0ee83183265c6260bb73", "1cd038ba74864d02eddc3eb3c3219b7fdebd00e7563229224fc06fa74f4d837d", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce", "d6e7d60618a250526d41024db54798d7cbee0409433c2f0d4a64daa0d9a0b0dd", "552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20", "6ce952804873e2f3de87ab77355d51292c9b321b18b47f6cc770ba715e4ed4f8", "cd4161a9fd864e25664f7d55126a0bd64f047cc4c5e2e081f5e745f0f7434b9d", "e23bd9fdebb967ead6dced4e7b4a5fd5c12e37ffdaaf4b7ac854f07b087c1a6e", "314e8e577dacf2287a1205ceb98ff4548ba513ee4b55a634ee48acce14f63c94", "2ec90cfa025740aa44baecf8eee2de66707678df216b4d555d95ee14221f1830", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "143cb3c0433dc9e9bdb163a08b279b8ca1df76841a62c52819fc460a86a3384c", "cf3d62473b1bce75d5e04984b8c6c986e7ebea664b277c14dcc3c8d5ebf408ad", "0e7b5c92e2c18f75466fbc674fbb7cd728778fa094e590fea7b26def741ca48a", "013663989aa28f3582e2aa90eed455a969d0de2abe419b5b3ec8824fc7a7fef2", "956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "13df35df42bc3c6c1c47b18b280722923396284f9c3d5b05f6db2de90e7bb9a0", "457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd", "731038173f7dfc821a5063bb21a530dca1163ba8c9857c09bc580fe8f1e4efea", "6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896", "1e3e862c60e25429d06231f72a5271c46528066bc82cf49431c4ad52552d0ebc", "a3aeb393fb10e3953f1cb8f6b28e4b7d8cadd64054deef1ab1ca8d4dd7ed5865", "8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2", "5f06d57a637c9844d6b2720992dc4e2074409c54a4a16a060c6f596c17ab2bff", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "5feb6fe880703e5d69cb45554d77f86fc1e03005f67226dc84601a548b02efd1", "4a61d9901d5c11bd68512937826fec243f49b88cbb0ac9c927794efb83f224f6", "c18f19a328b9ae58e71f6a06f6f40b841827d2bd1dbb98b0b295d809bd86c699", "e62d2891d7a76c7e08a27e0eb0bd7fa5546abf7eedec274e4b1a5b119e9eab71", "95b13017d2f0d22191ba9c0e1d0c92e18bf42149d87464eec60aee1206b0eead", "6c6c96eec533d302af2672f2226d2e52770feb08240aa32face53ce23328d6ca", "4ac11ec8d9add6278b5318c52ab3eb96db37a9c36705fe7128e606338221b649", "67481b7fc97f7ae8af3c6f5c7c04cd252c8a31b3c2394379844428277d8d696a", "38712d1de42f33c02e3ff7bd73caff8bb5e4c7f89fd11f6920207b094bc81fa6", "fedec73d39c3a44da986c67f848199a5d49699d2115ea786458a9360904c4934", "709f6a3b5fa4d5e8b36d26adf17c92d86e8802c65b76a83b5f642c4f837624d0", "0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "41eec2a4b3f6589097321436053722c95ab9b81f2f71c508e67a9764372e0fe7", "92c5ed42144de1d8f43e9cf41d629a4c90ee138bab080746e02e9bd83f9bd5ab", "c329047dc623c362427fdfa42941239ea92e4cd6cf2144084ff8bb3973a52b9b", "987fbf1ce97028d6a74085b8900bed68696cb7abf69a1378ceecaaf40007c676", "8adc54c7c64dcc8a6a10823931a759fcd1779eac69b035cb457782ef04f14025", "22037f54606da56dab0da53ba84cac987a99c1d81787a170e19812ad3ed6b0b2", "8cae48c56db1b0b7c97ccf1e616047cd2360576c10edbac691fc50642707513f", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "4847ff9a4a02048dd5d9fccaa0d9e1bf377193f141ed0d3ce11aa554424e1e45", "4a20d0d4786573ffa78c283fd882080b30a860f3668c81fb027640b8e0faaf3d", "a6bcdea90efec0be5cc16224e8d6b9e55841b19d56c25102f2f3dff3a5196d8a", "e17fd9b924f92308f765ca5e2a46b1f717bd51c0a63a5e5077b5973358d1190d", "68d790cfecf0d4b0874ae50da67a2b31f96e577b9cefa3aeaac07bea79bbbf72", "fe6d769e299642f334ffb01177169b6e52c1dfad7a8bfca971dc4888130ec18b", "8e8ccb9d6033d90ca0663786b24db738b1307cc38d839899f16ba19ecbe96a6b", "9dc03a8a056285aa4e96343c46dbc22414b3914a97b6fc4195a2e8a23c0109fb", "e64ad9768bd8547bc0abfaf212c80dd9dac5b32d121756feecffed3f2c9015aa", "f35d3ddbd151304fd7adf4499c46f9bc4a52eff04dfb68ca39943c49386054c9", "45bded663194abc4170e80e83abbe48e74fc91b4a2b2c5043e5479d89bd2b9e7", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4", "113fddf6ffad33cc8ddccabb51d1530529b5ad93f5881282ddc64977dbe32583", "4327d0f53f24d02cd6761ce90773cb02a085328ea261f7449686c4fd35e5ecca", "6e4d8c39b3ab09629fe4cdc495b4227460c17571637ee4a55e595f3b6b51d6f8", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "4a32978af2064d452f26b42e60749e3ac43c6e36bf6a2d24107064467d02ca86", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46", "8f338df3c10927b31c13e08649a35a8c6589a2c37d5780b952f4661d90daaca5", "3e848b438998dcd3aa40311d041d40c230ed22125625e5396f03d6265a5834fa", "9cdc95194df1ce3c3ce0e00a9d519bf473e234e3df77251020b5da6094e567c8", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b", "b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452", "32fef765f38580d1c018596d379620487cb8a0ab03ac149aeef6e9b42d8c792b", "1a63251dd369eecd63916d0835327d68da1aa50aa28623a2f4bd1481e968d238", "361ecf702e46b665843216d9be94fbdd84b231575c1a2026f04e6a4cced6f577"], "mitre_attack_tags": []}, {"bi": "pe-section-blank-name", "hashes": ["58af4794f298f9400c39d4969b3f9c86e7af6bccc2979f935a9cabb8c6550809", "0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "8fbb2e6350b19ba45327ade5793b770681831057ce7e1cce8f2ecb739cccdb16", "022a66b7d76fa2bbee56a8d848675aa96b3eddc509fac5d8fbdbb97bed96e9be", "d02b4d47e478fc3c32be5cb6c7e3676bfc5d2ea9da9c82de703a77b7db413234", "5e4a7bed76322611ed15503c9098fe45220a27b2b815d0d6d6fe345be15b7442", "db5f642ebbe88990f1a730702aa04bd10597a8a64d6de6c2069d63a5a78436a2", "a3fb508141d2b3d5ece76a08c6e44b3722a2c2ff1a2e008c2523d9d4fb0f6afd", "57cd9099f10692125ac0afd3c7f5b9444dbde9bc47564a3d584b9bda2f87cd2e", "66fb2dc71474458e662a759fe2084845f5f6489c5d286c1cd8f53fdd9d95e737", "91f15f387d44b62958841cff29958eec303100e9380f0ee83183265c6260bb73", "1cd038ba74864d02eddc3eb3c3219b7fdebd00e7563229224fc06fa74f4d837d", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce", "d6e7d60618a250526d41024db54798d7cbee0409433c2f0d4a64daa0d9a0b0dd", "552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20", "6ce952804873e2f3de87ab77355d51292c9b321b18b47f6cc770ba715e4ed4f8", "cd4161a9fd864e25664f7d55126a0bd64f047cc4c5e2e081f5e745f0f7434b9d", "e23bd9fdebb967ead6dced4e7b4a5fd5c12e37ffdaaf4b7ac854f07b087c1a6e", "314e8e577dacf2287a1205ceb98ff4548ba513ee4b55a634ee48acce14f63c94", "2ec90cfa025740aa44baecf8eee2de66707678df216b4d555d95ee14221f1830", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "143cb3c0433dc9e9bdb163a08b279b8ca1df76841a62c52819fc460a86a3384c", "cf3d62473b1bce75d5e04984b8c6c986e7ebea664b277c14dcc3c8d5ebf408ad", "0e7b5c92e2c18f75466fbc674fbb7cd728778fa094e590fea7b26def741ca48a", "013663989aa28f3582e2aa90eed455a969d0de2abe419b5b3ec8824fc7a7fef2", "956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "13df35df42bc3c6c1c47b18b280722923396284f9c3d5b05f6db2de90e7bb9a0", "457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd", "731038173f7dfc821a5063bb21a530dca1163ba8c9857c09bc580fe8f1e4efea", "6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896", "1e3e862c60e25429d06231f72a5271c46528066bc82cf49431c4ad52552d0ebc", "a3aeb393fb10e3953f1cb8f6b28e4b7d8cadd64054deef1ab1ca8d4dd7ed5865", "8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2", "5f06d57a637c9844d6b2720992dc4e2074409c54a4a16a060c6f596c17ab2bff", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "5feb6fe880703e5d69cb45554d77f86fc1e03005f67226dc84601a548b02efd1", "4a61d9901d5c11bd68512937826fec243f49b88cbb0ac9c927794efb83f224f6", "c18f19a328b9ae58e71f6a06f6f40b841827d2bd1dbb98b0b295d809bd86c699", "e62d2891d7a76c7e08a27e0eb0bd7fa5546abf7eedec274e4b1a5b119e9eab71", "95b13017d2f0d22191ba9c0e1d0c92e18bf42149d87464eec60aee1206b0eead", "6c6c96eec533d302af2672f2226d2e52770feb08240aa32face53ce23328d6ca", "4ac11ec8d9add6278b5318c52ab3eb96db37a9c36705fe7128e606338221b649", "67481b7fc97f7ae8af3c6f5c7c04cd252c8a31b3c2394379844428277d8d696a", "38712d1de42f33c02e3ff7bd73caff8bb5e4c7f89fd11f6920207b094bc81fa6", "fedec73d39c3a44da986c67f848199a5d49699d2115ea786458a9360904c4934", "709f6a3b5fa4d5e8b36d26adf17c92d86e8802c65b76a83b5f642c4f837624d0", "0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "41eec2a4b3f6589097321436053722c95ab9b81f2f71c508e67a9764372e0fe7", "92c5ed42144de1d8f43e9cf41d629a4c90ee138bab080746e02e9bd83f9bd5ab", "c329047dc623c362427fdfa42941239ea92e4cd6cf2144084ff8bb3973a52b9b", "987fbf1ce97028d6a74085b8900bed68696cb7abf69a1378ceecaaf40007c676", "8adc54c7c64dcc8a6a10823931a759fcd1779eac69b035cb457782ef04f14025", "22037f54606da56dab0da53ba84cac987a99c1d81787a170e19812ad3ed6b0b2", "8cae48c56db1b0b7c97ccf1e616047cd2360576c10edbac691fc50642707513f", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "4847ff9a4a02048dd5d9fccaa0d9e1bf377193f141ed0d3ce11aa554424e1e45", "4a20d0d4786573ffa78c283fd882080b30a860f3668c81fb027640b8e0faaf3d", "a6bcdea90efec0be5cc16224e8d6b9e55841b19d56c25102f2f3dff3a5196d8a", "e17fd9b924f92308f765ca5e2a46b1f717bd51c0a63a5e5077b5973358d1190d", "68d790cfecf0d4b0874ae50da67a2b31f96e577b9cefa3aeaac07bea79bbbf72", "fe6d769e299642f334ffb01177169b6e52c1dfad7a8bfca971dc4888130ec18b", "8e8ccb9d6033d90ca0663786b24db738b1307cc38d839899f16ba19ecbe96a6b", "9dc03a8a056285aa4e96343c46dbc22414b3914a97b6fc4195a2e8a23c0109fb", "e64ad9768bd8547bc0abfaf212c80dd9dac5b32d121756feecffed3f2c9015aa", "f35d3ddbd151304fd7adf4499c46f9bc4a52eff04dfb68ca39943c49386054c9", "45bded663194abc4170e80e83abbe48e74fc91b4a2b2c5043e5479d89bd2b9e7", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4", "113fddf6ffad33cc8ddccabb51d1530529b5ad93f5881282ddc64977dbe32583", "4327d0f53f24d02cd6761ce90773cb02a085328ea261f7449686c4fd35e5ecca", "6e4d8c39b3ab09629fe4cdc495b4227460c17571637ee4a55e595f3b6b51d6f8", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "4a32978af2064d452f26b42e60749e3ac43c6e36bf6a2d24107064467d02ca86", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46", "8f338df3c10927b31c13e08649a35a8c6589a2c37d5780b952f4661d90daaca5", "3e848b438998dcd3aa40311d041d40c230ed22125625e5396f03d6265a5834fa", "9cdc95194df1ce3c3ce0e00a9d519bf473e234e3df77251020b5da6094e567c8", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b", "b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452", "32fef765f38580d1c018596d379620487cb8a0ab03ac149aeef6e9b42d8c792b", "1a63251dd369eecd63916d0835327d68da1aa50aa28623a2f4bd1481e968d238", "361ecf702e46b665843216d9be94fbdd84b231575c1a2026f04e6a4cced6f577"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "excessive-foreign-memory-modification", "hashes": ["58af4794f298f9400c39d4969b3f9c86e7af6bccc2979f935a9cabb8c6550809", "0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "8fbb2e6350b19ba45327ade5793b770681831057ce7e1cce8f2ecb739cccdb16", "022a66b7d76fa2bbee56a8d848675aa96b3eddc509fac5d8fbdbb97bed96e9be", "d02b4d47e478fc3c32be5cb6c7e3676bfc5d2ea9da9c82de703a77b7db413234", "5e4a7bed76322611ed15503c9098fe45220a27b2b815d0d6d6fe345be15b7442", "db5f642ebbe88990f1a730702aa04bd10597a8a64d6de6c2069d63a5a78436a2", "a3fb508141d2b3d5ece76a08c6e44b3722a2c2ff1a2e008c2523d9d4fb0f6afd", "57cd9099f10692125ac0afd3c7f5b9444dbde9bc47564a3d584b9bda2f87cd2e", "91f15f387d44b62958841cff29958eec303100e9380f0ee83183265c6260bb73", "1cd038ba74864d02eddc3eb3c3219b7fdebd00e7563229224fc06fa74f4d837d", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce", "d6e7d60618a250526d41024db54798d7cbee0409433c2f0d4a64daa0d9a0b0dd", "552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20", "6ce952804873e2f3de87ab77355d51292c9b321b18b47f6cc770ba715e4ed4f8", "e23bd9fdebb967ead6dced4e7b4a5fd5c12e37ffdaaf4b7ac854f07b087c1a6e", "314e8e577dacf2287a1205ceb98ff4548ba513ee4b55a634ee48acce14f63c94", "2ec90cfa025740aa44baecf8eee2de66707678df216b4d555d95ee14221f1830", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "143cb3c0433dc9e9bdb163a08b279b8ca1df76841a62c52819fc460a86a3384c", "cf3d62473b1bce75d5e04984b8c6c986e7ebea664b277c14dcc3c8d5ebf408ad", "0e7b5c92e2c18f75466fbc674fbb7cd728778fa094e590fea7b26def741ca48a", "013663989aa28f3582e2aa90eed455a969d0de2abe419b5b3ec8824fc7a7fef2", "956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "13df35df42bc3c6c1c47b18b280722923396284f9c3d5b05f6db2de90e7bb9a0", "457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd", "731038173f7dfc821a5063bb21a530dca1163ba8c9857c09bc580fe8f1e4efea", "6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896", "1e3e862c60e25429d06231f72a5271c46528066bc82cf49431c4ad52552d0ebc", "a3aeb393fb10e3953f1cb8f6b28e4b7d8cadd64054deef1ab1ca8d4dd7ed5865", "8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "5feb6fe880703e5d69cb45554d77f86fc1e03005f67226dc84601a548b02efd1", "4a61d9901d5c11bd68512937826fec243f49b88cbb0ac9c927794efb83f224f6", "e62d2891d7a76c7e08a27e0eb0bd7fa5546abf7eedec274e4b1a5b119e9eab71", "95b13017d2f0d22191ba9c0e1d0c92e18bf42149d87464eec60aee1206b0eead", "6c6c96eec533d302af2672f2226d2e52770feb08240aa32face53ce23328d6ca", "4ac11ec8d9add6278b5318c52ab3eb96db37a9c36705fe7128e606338221b649", "67481b7fc97f7ae8af3c6f5c7c04cd252c8a31b3c2394379844428277d8d696a", "38712d1de42f33c02e3ff7bd73caff8bb5e4c7f89fd11f6920207b094bc81fa6", "fedec73d39c3a44da986c67f848199a5d49699d2115ea786458a9360904c4934", "709f6a3b5fa4d5e8b36d26adf17c92d86e8802c65b76a83b5f642c4f837624d0", "0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "41eec2a4b3f6589097321436053722c95ab9b81f2f71c508e67a9764372e0fe7", "92c5ed42144de1d8f43e9cf41d629a4c90ee138bab080746e02e9bd83f9bd5ab", "c329047dc623c362427fdfa42941239ea92e4cd6cf2144084ff8bb3973a52b9b", "987fbf1ce97028d6a74085b8900bed68696cb7abf69a1378ceecaaf40007c676", "8adc54c7c64dcc8a6a10823931a759fcd1779eac69b035cb457782ef04f14025", "22037f54606da56dab0da53ba84cac987a99c1d81787a170e19812ad3ed6b0b2", "8cae48c56db1b0b7c97ccf1e616047cd2360576c10edbac691fc50642707513f", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "4847ff9a4a02048dd5d9fccaa0d9e1bf377193f141ed0d3ce11aa554424e1e45", "4a20d0d4786573ffa78c283fd882080b30a860f3668c81fb027640b8e0faaf3d", "a6bcdea90efec0be5cc16224e8d6b9e55841b19d56c25102f2f3dff3a5196d8a", "e17fd9b924f92308f765ca5e2a46b1f717bd51c0a63a5e5077b5973358d1190d", "68d790cfecf0d4b0874ae50da67a2b31f96e577b9cefa3aeaac07bea79bbbf72", "fe6d769e299642f334ffb01177169b6e52c1dfad7a8bfca971dc4888130ec18b", "8e8ccb9d6033d90ca0663786b24db738b1307cc38d839899f16ba19ecbe96a6b", "9dc03a8a056285aa4e96343c46dbc22414b3914a97b6fc4195a2e8a23c0109fb", "e64ad9768bd8547bc0abfaf212c80dd9dac5b32d121756feecffed3f2c9015aa", "f35d3ddbd151304fd7adf4499c46f9bc4a52eff04dfb68ca39943c49386054c9", "45bded663194abc4170e80e83abbe48e74fc91b4a2b2c5043e5479d89bd2b9e7", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4", "4327d0f53f24d02cd6761ce90773cb02a085328ea261f7449686c4fd35e5ecca", "6e4d8c39b3ab09629fe4cdc495b4227460c17571637ee4a55e595f3b6b51d6f8", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "4a32978af2064d452f26b42e60749e3ac43c6e36bf6a2d24107064467d02ca86", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46", "8f338df3c10927b31c13e08649a35a8c6589a2c37d5780b952f4661d90daaca5", "3e848b438998dcd3aa40311d041d40c230ed22125625e5396f03d6265a5834fa", "9cdc95194df1ce3c3ce0e00a9d519bf473e234e3df77251020b5da6094e567c8", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b", "b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452", "32fef765f38580d1c018596d379620487cb8a0ab03ac149aeef6e9b42d8c792b", "1a63251dd369eecd63916d0835327d68da1aa50aa28623a2f4bd1481e968d238", "361ecf702e46b665843216d9be94fbdd84b231575c1a2026f04e6a4cced6f577"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "sample-launched-copy-of-self", "hashes": ["58af4794f298f9400c39d4969b3f9c86e7af6bccc2979f935a9cabb8c6550809", "0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "8fbb2e6350b19ba45327ade5793b770681831057ce7e1cce8f2ecb739cccdb16", "022a66b7d76fa2bbee56a8d848675aa96b3eddc509fac5d8fbdbb97bed96e9be", "d02b4d47e478fc3c32be5cb6c7e3676bfc5d2ea9da9c82de703a77b7db413234", "5e4a7bed76322611ed15503c9098fe45220a27b2b815d0d6d6fe345be15b7442", "db5f642ebbe88990f1a730702aa04bd10597a8a64d6de6c2069d63a5a78436a2", "a3fb508141d2b3d5ece76a08c6e44b3722a2c2ff1a2e008c2523d9d4fb0f6afd", "57cd9099f10692125ac0afd3c7f5b9444dbde9bc47564a3d584b9bda2f87cd2e", "91f15f387d44b62958841cff29958eec303100e9380f0ee83183265c6260bb73", "1cd038ba74864d02eddc3eb3c3219b7fdebd00e7563229224fc06fa74f4d837d", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce", "d6e7d60618a250526d41024db54798d7cbee0409433c2f0d4a64daa0d9a0b0dd", "552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20", "6ce952804873e2f3de87ab77355d51292c9b321b18b47f6cc770ba715e4ed4f8", "e23bd9fdebb967ead6dced4e7b4a5fd5c12e37ffdaaf4b7ac854f07b087c1a6e", "314e8e577dacf2287a1205ceb98ff4548ba513ee4b55a634ee48acce14f63c94", "2ec90cfa025740aa44baecf8eee2de66707678df216b4d555d95ee14221f1830", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "143cb3c0433dc9e9bdb163a08b279b8ca1df76841a62c52819fc460a86a3384c", "cf3d62473b1bce75d5e04984b8c6c986e7ebea664b277c14dcc3c8d5ebf408ad", "0e7b5c92e2c18f75466fbc674fbb7cd728778fa094e590fea7b26def741ca48a", "013663989aa28f3582e2aa90eed455a969d0de2abe419b5b3ec8824fc7a7fef2", "956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "13df35df42bc3c6c1c47b18b280722923396284f9c3d5b05f6db2de90e7bb9a0", "457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd", "731038173f7dfc821a5063bb21a530dca1163ba8c9857c09bc580fe8f1e4efea", "6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896", "1e3e862c60e25429d06231f72a5271c46528066bc82cf49431c4ad52552d0ebc", "a3aeb393fb10e3953f1cb8f6b28e4b7d8cadd64054deef1ab1ca8d4dd7ed5865", "8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "5feb6fe880703e5d69cb45554d77f86fc1e03005f67226dc84601a548b02efd1", "4a61d9901d5c11bd68512937826fec243f49b88cbb0ac9c927794efb83f224f6", "e62d2891d7a76c7e08a27e0eb0bd7fa5546abf7eedec274e4b1a5b119e9eab71", "95b13017d2f0d22191ba9c0e1d0c92e18bf42149d87464eec60aee1206b0eead", "6c6c96eec533d302af2672f2226d2e52770feb08240aa32face53ce23328d6ca", "4ac11ec8d9add6278b5318c52ab3eb96db37a9c36705fe7128e606338221b649", "67481b7fc97f7ae8af3c6f5c7c04cd252c8a31b3c2394379844428277d8d696a", "38712d1de42f33c02e3ff7bd73caff8bb5e4c7f89fd11f6920207b094bc81fa6", "fedec73d39c3a44da986c67f848199a5d49699d2115ea786458a9360904c4934", "709f6a3b5fa4d5e8b36d26adf17c92d86e8802c65b76a83b5f642c4f837624d0", "0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "41eec2a4b3f6589097321436053722c95ab9b81f2f71c508e67a9764372e0fe7", "92c5ed42144de1d8f43e9cf41d629a4c90ee138bab080746e02e9bd83f9bd5ab", "c329047dc623c362427fdfa42941239ea92e4cd6cf2144084ff8bb3973a52b9b", "987fbf1ce97028d6a74085b8900bed68696cb7abf69a1378ceecaaf40007c676", "8adc54c7c64dcc8a6a10823931a759fcd1779eac69b035cb457782ef04f14025", "22037f54606da56dab0da53ba84cac987a99c1d81787a170e19812ad3ed6b0b2", "8cae48c56db1b0b7c97ccf1e616047cd2360576c10edbac691fc50642707513f", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "4847ff9a4a02048dd5d9fccaa0d9e1bf377193f141ed0d3ce11aa554424e1e45", "4a20d0d4786573ffa78c283fd882080b30a860f3668c81fb027640b8e0faaf3d", "a6bcdea90efec0be5cc16224e8d6b9e55841b19d56c25102f2f3dff3a5196d8a", "e17fd9b924f92308f765ca5e2a46b1f717bd51c0a63a5e5077b5973358d1190d", "68d790cfecf0d4b0874ae50da67a2b31f96e577b9cefa3aeaac07bea79bbbf72", "fe6d769e299642f334ffb01177169b6e52c1dfad7a8bfca971dc4888130ec18b", "8e8ccb9d6033d90ca0663786b24db738b1307cc38d839899f16ba19ecbe96a6b", "9dc03a8a056285aa4e96343c46dbc22414b3914a97b6fc4195a2e8a23c0109fb", "e64ad9768bd8547bc0abfaf212c80dd9dac5b32d121756feecffed3f2c9015aa", "f35d3ddbd151304fd7adf4499c46f9bc4a52eff04dfb68ca39943c49386054c9", "45bded663194abc4170e80e83abbe48e74fc91b4a2b2c5043e5479d89bd2b9e7", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4", "4327d0f53f24d02cd6761ce90773cb02a085328ea261f7449686c4fd35e5ecca", "6e4d8c39b3ab09629fe4cdc495b4227460c17571637ee4a55e595f3b6b51d6f8", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "4a32978af2064d452f26b42e60749e3ac43c6e36bf6a2d24107064467d02ca86", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46", "8f338df3c10927b31c13e08649a35a8c6589a2c37d5780b952f4661d90daaca5", "3e848b438998dcd3aa40311d041d40c230ed22125625e5396f03d6265a5834fa", "9cdc95194df1ce3c3ce0e00a9d519bf473e234e3df77251020b5da6094e567c8", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b", "b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452", "32fef765f38580d1c018596d379620487cb8a0ab03ac149aeef6e9b42d8c792b", "1a63251dd369eecd63916d0835327d68da1aa50aa28623a2f4bd1481e968d238", "361ecf702e46b665843216d9be94fbdd84b231575c1a2026f04e6a4cced6f577"], "mitre_attack_tags": ["TA0005", "T1202"]}, {"bi": "pe-encrypted-section", "hashes": ["58af4794f298f9400c39d4969b3f9c86e7af6bccc2979f935a9cabb8c6550809", "0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "8fbb2e6350b19ba45327ade5793b770681831057ce7e1cce8f2ecb739cccdb16", "022a66b7d76fa2bbee56a8d848675aa96b3eddc509fac5d8fbdbb97bed96e9be", "5e4a7bed76322611ed15503c9098fe45220a27b2b815d0d6d6fe345be15b7442", "db5f642ebbe88990f1a730702aa04bd10597a8a64d6de6c2069d63a5a78436a2", "57cd9099f10692125ac0afd3c7f5b9444dbde9bc47564a3d584b9bda2f87cd2e", "66fb2dc71474458e662a759fe2084845f5f6489c5d286c1cd8f53fdd9d95e737", "91f15f387d44b62958841cff29958eec303100e9380f0ee83183265c6260bb73", "1cd038ba74864d02eddc3eb3c3219b7fdebd00e7563229224fc06fa74f4d837d", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce", "d6e7d60618a250526d41024db54798d7cbee0409433c2f0d4a64daa0d9a0b0dd", "552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20", "cd4161a9fd864e25664f7d55126a0bd64f047cc4c5e2e081f5e745f0f7434b9d", "e23bd9fdebb967ead6dced4e7b4a5fd5c12e37ffdaaf4b7ac854f07b087c1a6e", "314e8e577dacf2287a1205ceb98ff4548ba513ee4b55a634ee48acce14f63c94", "2ec90cfa025740aa44baecf8eee2de66707678df216b4d555d95ee14221f1830", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "143cb3c0433dc9e9bdb163a08b279b8ca1df76841a62c52819fc460a86a3384c", "cf3d62473b1bce75d5e04984b8c6c986e7ebea664b277c14dcc3c8d5ebf408ad", "0e7b5c92e2c18f75466fbc674fbb7cd728778fa094e590fea7b26def741ca48a", "013663989aa28f3582e2aa90eed455a969d0de2abe419b5b3ec8824fc7a7fef2", "956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "13df35df42bc3c6c1c47b18b280722923396284f9c3d5b05f6db2de90e7bb9a0", "457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd", "731038173f7dfc821a5063bb21a530dca1163ba8c9857c09bc580fe8f1e4efea", "6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896", "1e3e862c60e25429d06231f72a5271c46528066bc82cf49431c4ad52552d0ebc", "a3aeb393fb10e3953f1cb8f6b28e4b7d8cadd64054deef1ab1ca8d4dd7ed5865", "8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "5feb6fe880703e5d69cb45554d77f86fc1e03005f67226dc84601a548b02efd1", "4a61d9901d5c11bd68512937826fec243f49b88cbb0ac9c927794efb83f224f6", "95b13017d2f0d22191ba9c0e1d0c92e18bf42149d87464eec60aee1206b0eead", "6c6c96eec533d302af2672f2226d2e52770feb08240aa32face53ce23328d6ca", "67481b7fc97f7ae8af3c6f5c7c04cd252c8a31b3c2394379844428277d8d696a", "38712d1de42f33c02e3ff7bd73caff8bb5e4c7f89fd11f6920207b094bc81fa6", "fedec73d39c3a44da986c67f848199a5d49699d2115ea786458a9360904c4934", "709f6a3b5fa4d5e8b36d26adf17c92d86e8802c65b76a83b5f642c4f837624d0", "0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "41eec2a4b3f6589097321436053722c95ab9b81f2f71c508e67a9764372e0fe7", "92c5ed42144de1d8f43e9cf41d629a4c90ee138bab080746e02e9bd83f9bd5ab", "c329047dc623c362427fdfa42941239ea92e4cd6cf2144084ff8bb3973a52b9b", "987fbf1ce97028d6a74085b8900bed68696cb7abf69a1378ceecaaf40007c676", "8adc54c7c64dcc8a6a10823931a759fcd1779eac69b035cb457782ef04f14025", "22037f54606da56dab0da53ba84cac987a99c1d81787a170e19812ad3ed6b0b2", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "4847ff9a4a02048dd5d9fccaa0d9e1bf377193f141ed0d3ce11aa554424e1e45", "4a20d0d4786573ffa78c283fd882080b30a860f3668c81fb027640b8e0faaf3d", "a6bcdea90efec0be5cc16224e8d6b9e55841b19d56c25102f2f3dff3a5196d8a", "68d790cfecf0d4b0874ae50da67a2b31f96e577b9cefa3aeaac07bea79bbbf72", "fe6d769e299642f334ffb01177169b6e52c1dfad7a8bfca971dc4888130ec18b", "8e8ccb9d6033d90ca0663786b24db738b1307cc38d839899f16ba19ecbe96a6b", "9dc03a8a056285aa4e96343c46dbc22414b3914a97b6fc4195a2e8a23c0109fb", "e64ad9768bd8547bc0abfaf212c80dd9dac5b32d121756feecffed3f2c9015aa", "45bded663194abc4170e80e83abbe48e74fc91b4a2b2c5043e5479d89bd2b9e7", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4", "113fddf6ffad33cc8ddccabb51d1530529b5ad93f5881282ddc64977dbe32583", "4327d0f53f24d02cd6761ce90773cb02a085328ea261f7449686c4fd35e5ecca", "6e4d8c39b3ab09629fe4cdc495b4227460c17571637ee4a55e595f3b6b51d6f8", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "4a32978af2064d452f26b42e60749e3ac43c6e36bf6a2d24107064467d02ca86", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46", "8f338df3c10927b31c13e08649a35a8c6589a2c37d5780b952f4661d90daaca5", "3e848b438998dcd3aa40311d041d40c230ed22125625e5396f03d6265a5834fa", "9cdc95194df1ce3c3ce0e00a9d519bf473e234e3df77251020b5da6094e567c8", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b", "b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452", "32fef765f38580d1c018596d379620487cb8a0ab03ac149aeef6e9b42d8c792b", "361ecf702e46b665843216d9be94fbdd84b231575c1a2026f04e6a4cced6f577"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "process-hollowing-detected", "hashes": ["58af4794f298f9400c39d4969b3f9c86e7af6bccc2979f935a9cabb8c6550809", "0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "022a66b7d76fa2bbee56a8d848675aa96b3eddc509fac5d8fbdbb97bed96e9be", "d02b4d47e478fc3c32be5cb6c7e3676bfc5d2ea9da9c82de703a77b7db413234", "5e4a7bed76322611ed15503c9098fe45220a27b2b815d0d6d6fe345be15b7442", "db5f642ebbe88990f1a730702aa04bd10597a8a64d6de6c2069d63a5a78436a2", "a3fb508141d2b3d5ece76a08c6e44b3722a2c2ff1a2e008c2523d9d4fb0f6afd", "91f15f387d44b62958841cff29958eec303100e9380f0ee83183265c6260bb73", "1cd038ba74864d02eddc3eb3c3219b7fdebd00e7563229224fc06fa74f4d837d", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce", "d6e7d60618a250526d41024db54798d7cbee0409433c2f0d4a64daa0d9a0b0dd", "552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20", "6ce952804873e2f3de87ab77355d51292c9b321b18b47f6cc770ba715e4ed4f8", "314e8e577dacf2287a1205ceb98ff4548ba513ee4b55a634ee48acce14f63c94", "2ec90cfa025740aa44baecf8eee2de66707678df216b4d555d95ee14221f1830", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "cf3d62473b1bce75d5e04984b8c6c986e7ebea664b277c14dcc3c8d5ebf408ad", "0e7b5c92e2c18f75466fbc674fbb7cd728778fa094e590fea7b26def741ca48a", "013663989aa28f3582e2aa90eed455a969d0de2abe419b5b3ec8824fc7a7fef2", "956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "13df35df42bc3c6c1c47b18b280722923396284f9c3d5b05f6db2de90e7bb9a0", "457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd", "731038173f7dfc821a5063bb21a530dca1163ba8c9857c09bc580fe8f1e4efea", "6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896", "1e3e862c60e25429d06231f72a5271c46528066bc82cf49431c4ad52552d0ebc", "a3aeb393fb10e3953f1cb8f6b28e4b7d8cadd64054deef1ab1ca8d4dd7ed5865", "8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2", "5feb6fe880703e5d69cb45554d77f86fc1e03005f67226dc84601a548b02efd1", "4a61d9901d5c11bd68512937826fec243f49b88cbb0ac9c927794efb83f224f6", "e62d2891d7a76c7e08a27e0eb0bd7fa5546abf7eedec274e4b1a5b119e9eab71", "6c6c96eec533d302af2672f2226d2e52770feb08240aa32face53ce23328d6ca", "4ac11ec8d9add6278b5318c52ab3eb96db37a9c36705fe7128e606338221b649", "67481b7fc97f7ae8af3c6f5c7c04cd252c8a31b3c2394379844428277d8d696a", "38712d1de42f33c02e3ff7bd73caff8bb5e4c7f89fd11f6920207b094bc81fa6", "fedec73d39c3a44da986c67f848199a5d49699d2115ea786458a9360904c4934", "709f6a3b5fa4d5e8b36d26adf17c92d86e8802c65b76a83b5f642c4f837624d0", "0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "41eec2a4b3f6589097321436053722c95ab9b81f2f71c508e67a9764372e0fe7", "92c5ed42144de1d8f43e9cf41d629a4c90ee138bab080746e02e9bd83f9bd5ab", "c329047dc623c362427fdfa42941239ea92e4cd6cf2144084ff8bb3973a52b9b", "987fbf1ce97028d6a74085b8900bed68696cb7abf69a1378ceecaaf40007c676", "8adc54c7c64dcc8a6a10823931a759fcd1779eac69b035cb457782ef04f14025", "22037f54606da56dab0da53ba84cac987a99c1d81787a170e19812ad3ed6b0b2", "8cae48c56db1b0b7c97ccf1e616047cd2360576c10edbac691fc50642707513f", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "4847ff9a4a02048dd5d9fccaa0d9e1bf377193f141ed0d3ce11aa554424e1e45", "4a20d0d4786573ffa78c283fd882080b30a860f3668c81fb027640b8e0faaf3d", "a6bcdea90efec0be5cc16224e8d6b9e55841b19d56c25102f2f3dff3a5196d8a", "e17fd9b924f92308f765ca5e2a46b1f717bd51c0a63a5e5077b5973358d1190d", "68d790cfecf0d4b0874ae50da67a2b31f96e577b9cefa3aeaac07bea79bbbf72", "fe6d769e299642f334ffb01177169b6e52c1dfad7a8bfca971dc4888130ec18b", "8e8ccb9d6033d90ca0663786b24db738b1307cc38d839899f16ba19ecbe96a6b", "9dc03a8a056285aa4e96343c46dbc22414b3914a97b6fc4195a2e8a23c0109fb", "e64ad9768bd8547bc0abfaf212c80dd9dac5b32d121756feecffed3f2c9015aa", "45bded663194abc4170e80e83abbe48e74fc91b4a2b2c5043e5479d89bd2b9e7", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4", "4327d0f53f24d02cd6761ce90773cb02a085328ea261f7449686c4fd35e5ecca", "6e4d8c39b3ab09629fe4cdc495b4227460c17571637ee4a55e595f3b6b51d6f8", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "4a32978af2064d452f26b42e60749e3ac43c6e36bf6a2d24107064467d02ca86", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46", "3e848b438998dcd3aa40311d041d40c230ed22125625e5396f03d6265a5834fa", "9cdc95194df1ce3c3ce0e00a9d519bf473e234e3df77251020b5da6094e567c8", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b", "b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452", "32fef765f38580d1c018596d379620487cb8a0ab03ac149aeef6e9b42d8c792b", "1a63251dd369eecd63916d0835327d68da1aa50aa28623a2f4bd1481e968d238", "361ecf702e46b665843216d9be94fbdd84b231575c1a2026f04e6a4cced6f577"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "modified-file-in-user-dir", "hashes": ["0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "8fbb2e6350b19ba45327ade5793b770681831057ce7e1cce8f2ecb739cccdb16", "5e4a7bed76322611ed15503c9098fe45220a27b2b815d0d6d6fe345be15b7442", "db5f642ebbe88990f1a730702aa04bd10597a8a64d6de6c2069d63a5a78436a2", "57cd9099f10692125ac0afd3c7f5b9444dbde9bc47564a3d584b9bda2f87cd2e", "66fb2dc71474458e662a759fe2084845f5f6489c5d286c1cd8f53fdd9d95e737", "91f15f387d44b62958841cff29958eec303100e9380f0ee83183265c6260bb73", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce", "d6e7d60618a250526d41024db54798d7cbee0409433c2f0d4a64daa0d9a0b0dd", "552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20", "cd4161a9fd864e25664f7d55126a0bd64f047cc4c5e2e081f5e745f0f7434b9d", "e23bd9fdebb967ead6dced4e7b4a5fd5c12e37ffdaaf4b7ac854f07b087c1a6e", "314e8e577dacf2287a1205ceb98ff4548ba513ee4b55a634ee48acce14f63c94", "2ec90cfa025740aa44baecf8eee2de66707678df216b4d555d95ee14221f1830", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "143cb3c0433dc9e9bdb163a08b279b8ca1df76841a62c52819fc460a86a3384c", "956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "13df35df42bc3c6c1c47b18b280722923396284f9c3d5b05f6db2de90e7bb9a0", "457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd", "731038173f7dfc821a5063bb21a530dca1163ba8c9857c09bc580fe8f1e4efea", "6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896", "a3aeb393fb10e3953f1cb8f6b28e4b7d8cadd64054deef1ab1ca8d4dd7ed5865", "8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "95b13017d2f0d22191ba9c0e1d0c92e18bf42149d87464eec60aee1206b0eead", "67481b7fc97f7ae8af3c6f5c7c04cd252c8a31b3c2394379844428277d8d696a", "38712d1de42f33c02e3ff7bd73caff8bb5e4c7f89fd11f6920207b094bc81fa6", "0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "41eec2a4b3f6589097321436053722c95ab9b81f2f71c508e67a9764372e0fe7", "92c5ed42144de1d8f43e9cf41d629a4c90ee138bab080746e02e9bd83f9bd5ab", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "4847ff9a4a02048dd5d9fccaa0d9e1bf377193f141ed0d3ce11aa554424e1e45", "4a20d0d4786573ffa78c283fd882080b30a860f3668c81fb027640b8e0faaf3d", "a6bcdea90efec0be5cc16224e8d6b9e55841b19d56c25102f2f3dff3a5196d8a", "68d790cfecf0d4b0874ae50da67a2b31f96e577b9cefa3aeaac07bea79bbbf72", "fe6d769e299642f334ffb01177169b6e52c1dfad7a8bfca971dc4888130ec18b", "45bded663194abc4170e80e83abbe48e74fc91b4a2b2c5043e5479d89bd2b9e7", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4", "6e4d8c39b3ab09629fe4cdc495b4227460c17571637ee4a55e595f3b6b51d6f8", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b", "b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452", "361ecf702e46b665843216d9be94fbdd84b231575c1a2026f04e6a4cced6f577"], "mitre_attack_tags": []}, {"bi": "antivirus-flagged-artifact", "hashes": ["58af4794f298f9400c39d4969b3f9c86e7af6bccc2979f935a9cabb8c6550809", "0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "d02b4d47e478fc3c32be5cb6c7e3676bfc5d2ea9da9c82de703a77b7db413234", "5e4a7bed76322611ed15503c9098fe45220a27b2b815d0d6d6fe345be15b7442", "db5f642ebbe88990f1a730702aa04bd10597a8a64d6de6c2069d63a5a78436a2", "a3fb508141d2b3d5ece76a08c6e44b3722a2c2ff1a2e008c2523d9d4fb0f6afd", "91f15f387d44b62958841cff29958eec303100e9380f0ee83183265c6260bb73", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce", "d6e7d60618a250526d41024db54798d7cbee0409433c2f0d4a64daa0d9a0b0dd", "552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20", "314e8e577dacf2287a1205ceb98ff4548ba513ee4b55a634ee48acce14f63c94", "2ec90cfa025740aa44baecf8eee2de66707678df216b4d555d95ee14221f1830", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "0e7b5c92e2c18f75466fbc674fbb7cd728778fa094e590fea7b26def741ca48a", "956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd", "731038173f7dfc821a5063bb21a530dca1163ba8c9857c09bc580fe8f1e4efea", "6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896", "1e3e862c60e25429d06231f72a5271c46528066bc82cf49431c4ad52552d0ebc", "8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "95b13017d2f0d22191ba9c0e1d0c92e18bf42149d87464eec60aee1206b0eead", "6c6c96eec533d302af2672f2226d2e52770feb08240aa32face53ce23328d6ca", "4ac11ec8d9add6278b5318c52ab3eb96db37a9c36705fe7128e606338221b649", "67481b7fc97f7ae8af3c6f5c7c04cd252c8a31b3c2394379844428277d8d696a", "fedec73d39c3a44da986c67f848199a5d49699d2115ea786458a9360904c4934", "709f6a3b5fa4d5e8b36d26adf17c92d86e8802c65b76a83b5f642c4f837624d0", "0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "41eec2a4b3f6589097321436053722c95ab9b81f2f71c508e67a9764372e0fe7", "92c5ed42144de1d8f43e9cf41d629a4c90ee138bab080746e02e9bd83f9bd5ab", "22037f54606da56dab0da53ba84cac987a99c1d81787a170e19812ad3ed6b0b2", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "4847ff9a4a02048dd5d9fccaa0d9e1bf377193f141ed0d3ce11aa554424e1e45", "e17fd9b924f92308f765ca5e2a46b1f717bd51c0a63a5e5077b5973358d1190d", "68d790cfecf0d4b0874ae50da67a2b31f96e577b9cefa3aeaac07bea79bbbf72", "fe6d769e299642f334ffb01177169b6e52c1dfad7a8bfca971dc4888130ec18b", "e64ad9768bd8547bc0abfaf212c80dd9dac5b32d121756feecffed3f2c9015aa", "45bded663194abc4170e80e83abbe48e74fc91b4a2b2c5043e5479d89bd2b9e7", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4", "6e4d8c39b3ab09629fe4cdc495b4227460c17571637ee4a55e595f3b6b51d6f8", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b"], "mitre_attack_tags": []}, {"bi": "modified-executable", "hashes": ["0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "8fbb2e6350b19ba45327ade5793b770681831057ce7e1cce8f2ecb739cccdb16", "5e4a7bed76322611ed15503c9098fe45220a27b2b815d0d6d6fe345be15b7442", "57cd9099f10692125ac0afd3c7f5b9444dbde9bc47564a3d584b9bda2f87cd2e", "91f15f387d44b62958841cff29958eec303100e9380f0ee83183265c6260bb73", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce", "d6e7d60618a250526d41024db54798d7cbee0409433c2f0d4a64daa0d9a0b0dd", "552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20", "e23bd9fdebb967ead6dced4e7b4a5fd5c12e37ffdaaf4b7ac854f07b087c1a6e", "314e8e577dacf2287a1205ceb98ff4548ba513ee4b55a634ee48acce14f63c94", "2ec90cfa025740aa44baecf8eee2de66707678df216b4d555d95ee14221f1830", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "143cb3c0433dc9e9bdb163a08b279b8ca1df76841a62c52819fc460a86a3384c", "0e7b5c92e2c18f75466fbc674fbb7cd728778fa094e590fea7b26def741ca48a", "956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd", "731038173f7dfc821a5063bb21a530dca1163ba8c9857c09bc580fe8f1e4efea", "6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896", "1e3e862c60e25429d06231f72a5271c46528066bc82cf49431c4ad52552d0ebc", "a3aeb393fb10e3953f1cb8f6b28e4b7d8cadd64054deef1ab1ca8d4dd7ed5865", "8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "95b13017d2f0d22191ba9c0e1d0c92e18bf42149d87464eec60aee1206b0eead", "6c6c96eec533d302af2672f2226d2e52770feb08240aa32face53ce23328d6ca", "fedec73d39c3a44da986c67f848199a5d49699d2115ea786458a9360904c4934", "0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "41eec2a4b3f6589097321436053722c95ab9b81f2f71c508e67a9764372e0fe7", "987fbf1ce97028d6a74085b8900bed68696cb7abf69a1378ceecaaf40007c676", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "4847ff9a4a02048dd5d9fccaa0d9e1bf377193f141ed0d3ce11aa554424e1e45", "68d790cfecf0d4b0874ae50da67a2b31f96e577b9cefa3aeaac07bea79bbbf72", "fe6d769e299642f334ffb01177169b6e52c1dfad7a8bfca971dc4888130ec18b", "45bded663194abc4170e80e83abbe48e74fc91b4a2b2c5043e5479d89bd2b9e7", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4", "6e4d8c39b3ab09629fe4cdc495b4227460c17571637ee4a55e595f3b6b51d6f8", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46", "8f338df3c10927b31c13e08649a35a8c6589a2c37d5780b952f4661d90daaca5", "3e848b438998dcd3aa40311d041d40c230ed22125625e5396f03d6265a5834fa", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b", "b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "mitre_attack_tags": []}, {"bi": "registry-autorun-key-modified", "hashes": ["0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "8fbb2e6350b19ba45327ade5793b770681831057ce7e1cce8f2ecb739cccdb16", "5e4a7bed76322611ed15503c9098fe45220a27b2b815d0d6d6fe345be15b7442", "57cd9099f10692125ac0afd3c7f5b9444dbde9bc47564a3d584b9bda2f87cd2e", "91f15f387d44b62958841cff29958eec303100e9380f0ee83183265c6260bb73", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce", "d6e7d60618a250526d41024db54798d7cbee0409433c2f0d4a64daa0d9a0b0dd", "552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20", "e23bd9fdebb967ead6dced4e7b4a5fd5c12e37ffdaaf4b7ac854f07b087c1a6e", "314e8e577dacf2287a1205ceb98ff4548ba513ee4b55a634ee48acce14f63c94", "2ec90cfa025740aa44baecf8eee2de66707678df216b4d555d95ee14221f1830", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "143cb3c0433dc9e9bdb163a08b279b8ca1df76841a62c52819fc460a86a3384c", "0e7b5c92e2c18f75466fbc674fbb7cd728778fa094e590fea7b26def741ca48a", "956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd", "731038173f7dfc821a5063bb21a530dca1163ba8c9857c09bc580fe8f1e4efea", "6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896", "a3aeb393fb10e3953f1cb8f6b28e4b7d8cadd64054deef1ab1ca8d4dd7ed5865", "8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "95b13017d2f0d22191ba9c0e1d0c92e18bf42149d87464eec60aee1206b0eead", "fedec73d39c3a44da986c67f848199a5d49699d2115ea786458a9360904c4934", "0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "41eec2a4b3f6589097321436053722c95ab9b81f2f71c508e67a9764372e0fe7", "92c5ed42144de1d8f43e9cf41d629a4c90ee138bab080746e02e9bd83f9bd5ab", "987fbf1ce97028d6a74085b8900bed68696cb7abf69a1378ceecaaf40007c676", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "4847ff9a4a02048dd5d9fccaa0d9e1bf377193f141ed0d3ce11aa554424e1e45", "68d790cfecf0d4b0874ae50da67a2b31f96e577b9cefa3aeaac07bea79bbbf72", "fe6d769e299642f334ffb01177169b6e52c1dfad7a8bfca971dc4888130ec18b", "45bded663194abc4170e80e83abbe48e74fc91b4a2b2c5043e5479d89bd2b9e7", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46", "8f338df3c10927b31c13e08649a35a8c6589a2c37d5780b952f4661d90daaca5", "3e848b438998dcd3aa40311d041d40c230ed22125625e5396f03d6265a5834fa", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b"], "mitre_attack_tags": ["TA0003", "TA0004", "T1547"]}, {"bi": "malware-known-trojan-av", "hashes": ["58af4794f298f9400c39d4969b3f9c86e7af6bccc2979f935a9cabb8c6550809", "0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "5e4a7bed76322611ed15503c9098fe45220a27b2b815d0d6d6fe345be15b7442", "91f15f387d44b62958841cff29958eec303100e9380f0ee83183265c6260bb73", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce", "d6e7d60618a250526d41024db54798d7cbee0409433c2f0d4a64daa0d9a0b0dd", "552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20", "314e8e577dacf2287a1205ceb98ff4548ba513ee4b55a634ee48acce14f63c94", "2ec90cfa025740aa44baecf8eee2de66707678df216b4d555d95ee14221f1830", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "0e7b5c92e2c18f75466fbc674fbb7cd728778fa094e590fea7b26def741ca48a", "956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "731038173f7dfc821a5063bb21a530dca1163ba8c9857c09bc580fe8f1e4efea", "6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896", "1e3e862c60e25429d06231f72a5271c46528066bc82cf49431c4ad52552d0ebc", "8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "95b13017d2f0d22191ba9c0e1d0c92e18bf42149d87464eec60aee1206b0eead", "6c6c96eec533d302af2672f2226d2e52770feb08240aa32face53ce23328d6ca", "67481b7fc97f7ae8af3c6f5c7c04cd252c8a31b3c2394379844428277d8d696a", "fedec73d39c3a44da986c67f848199a5d49699d2115ea786458a9360904c4934", "709f6a3b5fa4d5e8b36d26adf17c92d86e8802c65b76a83b5f642c4f837624d0", "0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "41eec2a4b3f6589097321436053722c95ab9b81f2f71c508e67a9764372e0fe7", "92c5ed42144de1d8f43e9cf41d629a4c90ee138bab080746e02e9bd83f9bd5ab", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "4847ff9a4a02048dd5d9fccaa0d9e1bf377193f141ed0d3ce11aa554424e1e45", "68d790cfecf0d4b0874ae50da67a2b31f96e577b9cefa3aeaac07bea79bbbf72", "fe6d769e299642f334ffb01177169b6e52c1dfad7a8bfca971dc4888130ec18b", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4", "6e4d8c39b3ab09629fe4cdc495b4227460c17571637ee4a55e595f3b6b51d6f8", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70"], "mitre_attack_tags": []}, {"bi": "registry-activesetup-key-modified", "hashes": ["0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "8fbb2e6350b19ba45327ade5793b770681831057ce7e1cce8f2ecb739cccdb16", "57cd9099f10692125ac0afd3c7f5b9444dbde9bc47564a3d584b9bda2f87cd2e", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce", "d6e7d60618a250526d41024db54798d7cbee0409433c2f0d4a64daa0d9a0b0dd", "552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20", "e23bd9fdebb967ead6dced4e7b4a5fd5c12e37ffdaaf4b7ac854f07b087c1a6e", "314e8e577dacf2287a1205ceb98ff4548ba513ee4b55a634ee48acce14f63c94", "2ec90cfa025740aa44baecf8eee2de66707678df216b4d555d95ee14221f1830", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "143cb3c0433dc9e9bdb163a08b279b8ca1df76841a62c52819fc460a86a3384c", "956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd", "731038173f7dfc821a5063bb21a530dca1163ba8c9857c09bc580fe8f1e4efea", "a3aeb393fb10e3953f1cb8f6b28e4b7d8cadd64054deef1ab1ca8d4dd7ed5865", "8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "95b13017d2f0d22191ba9c0e1d0c92e18bf42149d87464eec60aee1206b0eead", "0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "987fbf1ce97028d6a74085b8900bed68696cb7abf69a1378ceecaaf40007c676", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "68d790cfecf0d4b0874ae50da67a2b31f96e577b9cefa3aeaac07bea79bbbf72", "fe6d769e299642f334ffb01177169b6e52c1dfad7a8bfca971dc4888130ec18b", "45bded663194abc4170e80e83abbe48e74fc91b4a2b2c5043e5479d89bd2b9e7", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46", "8f338df3c10927b31c13e08649a35a8c6589a2c37d5780b952f4661d90daaca5", "3e848b438998dcd3aa40311d041d40c230ed22125625e5396f03d6265a5834fa", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b"], "mitre_attack_tags": ["TA0003", "TA0004", "T1547"]}, {"bi": "malware-darkcomet-mutex-detected", "hashes": ["0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "57cd9099f10692125ac0afd3c7f5b9444dbde9bc47564a3d584b9bda2f87cd2e", "91f15f387d44b62958841cff29958eec303100e9380f0ee83183265c6260bb73", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce", "d6e7d60618a250526d41024db54798d7cbee0409433c2f0d4a64daa0d9a0b0dd", "552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20", "314e8e577dacf2287a1205ceb98ff4548ba513ee4b55a634ee48acce14f63c94", "2ec90cfa025740aa44baecf8eee2de66707678df216b4d555d95ee14221f1830", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "0e7b5c92e2c18f75466fbc674fbb7cd728778fa094e590fea7b26def741ca48a", "956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd", "731038173f7dfc821a5063bb21a530dca1163ba8c9857c09bc580fe8f1e4efea", "a3aeb393fb10e3953f1cb8f6b28e4b7d8cadd64054deef1ab1ca8d4dd7ed5865", "8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "41eec2a4b3f6589097321436053722c95ab9b81f2f71c508e67a9764372e0fe7", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "4847ff9a4a02048dd5d9fccaa0d9e1bf377193f141ed0d3ce11aa554424e1e45", "68d790cfecf0d4b0874ae50da67a2b31f96e577b9cefa3aeaac07bea79bbbf72", "fe6d769e299642f334ffb01177169b6e52c1dfad7a8bfca971dc4888130ec18b", "45bded663194abc4170e80e83abbe48e74fc91b4a2b2c5043e5479d89bd2b9e7", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b"], "mitre_attack_tags": []}, {"bi": "modified-file-in-system-dir", "hashes": ["8fbb2e6350b19ba45327ade5793b770681831057ce7e1cce8f2ecb739cccdb16", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce", "d6e7d60618a250526d41024db54798d7cbee0409433c2f0d4a64daa0d9a0b0dd", "552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20", "e23bd9fdebb967ead6dced4e7b4a5fd5c12e37ffdaaf4b7ac854f07b087c1a6e", "314e8e577dacf2287a1205ceb98ff4548ba513ee4b55a634ee48acce14f63c94", "143cb3c0433dc9e9bdb163a08b279b8ca1df76841a62c52819fc460a86a3384c", "0e7b5c92e2c18f75466fbc674fbb7cd728778fa094e590fea7b26def741ca48a", "457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd", "1e3e862c60e25429d06231f72a5271c46528066bc82cf49431c4ad52552d0ebc", "a3aeb393fb10e3953f1cb8f6b28e4b7d8cadd64054deef1ab1ca8d4dd7ed5865", "8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "95b13017d2f0d22191ba9c0e1d0c92e18bf42149d87464eec60aee1206b0eead", "6c6c96eec533d302af2672f2226d2e52770feb08240aa32face53ce23328d6ca", "fedec73d39c3a44da986c67f848199a5d49699d2115ea786458a9360904c4934", "0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "987fbf1ce97028d6a74085b8900bed68696cb7abf69a1378ceecaaf40007c676", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "fe6d769e299642f334ffb01177169b6e52c1dfad7a8bfca971dc4888130ec18b", "45bded663194abc4170e80e83abbe48e74fc91b4a2b2c5043e5479d89bd2b9e7", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46", "8f338df3c10927b31c13e08649a35a8c6589a2c37d5780b952f4661d90daaca5", "3e848b438998dcd3aa40311d041d40c230ed22125625e5396f03d6265a5834fa", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b", "b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "mitre_attack_tags": []}, {"bi": "artifact-memory-vm-detect", "hashes": ["91f15f387d44b62958841cff29958eec303100e9380f0ee83183265c6260bb73", "d6e7d60618a250526d41024db54798d7cbee0409433c2f0d4a64daa0d9a0b0dd", "552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20", "314e8e577dacf2287a1205ceb98ff4548ba513ee4b55a634ee48acce14f63c94", "2ec90cfa025740aa44baecf8eee2de66707678df216b4d555d95ee14221f1830", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "0e7b5c92e2c18f75466fbc674fbb7cd728778fa094e590fea7b26def741ca48a", "457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd", "731038173f7dfc821a5063bb21a530dca1163ba8c9857c09bc580fe8f1e4efea", "8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2", "6c6c96eec533d302af2672f2226d2e52770feb08240aa32face53ce23328d6ca", "fedec73d39c3a44da986c67f848199a5d49699d2115ea786458a9360904c4934", "709f6a3b5fa4d5e8b36d26adf17c92d86e8802c65b76a83b5f642c4f837624d0", "0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "41eec2a4b3f6589097321436053722c95ab9b81f2f71c508e67a9764372e0fe7", "987fbf1ce97028d6a74085b8900bed68696cb7abf69a1378ceecaaf40007c676", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "4847ff9a4a02048dd5d9fccaa0d9e1bf377193f141ed0d3ce11aa554424e1e45", "68d790cfecf0d4b0874ae50da67a2b31f96e577b9cefa3aeaac07bea79bbbf72", "fe6d769e299642f334ffb01177169b6e52c1dfad7a8bfca971dc4888130ec18b", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46", "8f338df3c10927b31c13e08649a35a8c6589a2c37d5780b952f4661d90daaca5", "3e848b438998dcd3aa40311d041d40c230ed22125625e5396f03d6265a5834fa"], "mitre_attack_tags": ["TA0005", "TA0007", "T1497"]}, {"bi": "network-dns-safe-categories", "hashes": ["0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "8fbb2e6350b19ba45327ade5793b770681831057ce7e1cce8f2ecb739cccdb16", "91f15f387d44b62958841cff29958eec303100e9380f0ee83183265c6260bb73", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce", "e23bd9fdebb967ead6dced4e7b4a5fd5c12e37ffdaaf4b7ac854f07b087c1a6e", "314e8e577dacf2287a1205ceb98ff4548ba513ee4b55a634ee48acce14f63c94", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "0e7b5c92e2c18f75466fbc674fbb7cd728778fa094e590fea7b26def741ca48a", "956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd", "6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896", "a3aeb393fb10e3953f1cb8f6b28e4b7d8cadd64054deef1ab1ca8d4dd7ed5865", "8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2", "0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "4847ff9a4a02048dd5d9fccaa0d9e1bf377193f141ed0d3ce11aa554424e1e45", "fe6d769e299642f334ffb01177169b6e52c1dfad7a8bfca971dc4888130ec18b", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46", "8f338df3c10927b31c13e08649a35a8c6589a2c37d5780b952f4661d90daaca5"], "mitre_attack_tags": []}, {"bi": "process-explorer-suspicious-launch", "hashes": ["0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "57cd9099f10692125ac0afd3c7f5b9444dbde9bc47564a3d584b9bda2f87cd2e", "91f15f387d44b62958841cff29958eec303100e9380f0ee83183265c6260bb73", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce", "d6e7d60618a250526d41024db54798d7cbee0409433c2f0d4a64daa0d9a0b0dd", "552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "143cb3c0433dc9e9bdb163a08b279b8ca1df76841a62c52819fc460a86a3384c", "956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd", "a3aeb393fb10e3953f1cb8f6b28e4b7d8cadd64054deef1ab1ca8d4dd7ed5865", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "fe6d769e299642f334ffb01177169b6e52c1dfad7a8bfca971dc4888130ec18b", "45bded663194abc4170e80e83abbe48e74fc91b4a2b2c5043e5479d89bd2b9e7", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "process-requested-softice", "hashes": ["0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce", "552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20", "314e8e577dacf2287a1205ceb98ff4548ba513ee4b55a634ee48acce14f63c94", "2ec90cfa025740aa44baecf8eee2de66707678df216b4d555d95ee14221f1830", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd", "731038173f7dfc821a5063bb21a530dca1163ba8c9857c09bc580fe8f1e4efea", "a3aeb393fb10e3953f1cb8f6b28e4b7d8cadd64054deef1ab1ca8d4dd7ed5865", "8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "68d790cfecf0d4b0874ae50da67a2b31f96e577b9cefa3aeaac07bea79bbbf72", "45bded663194abc4170e80e83abbe48e74fc91b4a2b2c5043e5479d89bd2b9e7", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b"], "mitre_attack_tags": ["TA0005", "TA0007", "T1497"]}, {"bi": "network-dns-category-dynamic", "hashes": ["0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "8fbb2e6350b19ba45327ade5793b770681831057ce7e1cce8f2ecb739cccdb16", "91f15f387d44b62958841cff29958eec303100e9380f0ee83183265c6260bb73", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce", "e23bd9fdebb967ead6dced4e7b4a5fd5c12e37ffdaaf4b7ac854f07b087c1a6e", "314e8e577dacf2287a1205ceb98ff4548ba513ee4b55a634ee48acce14f63c94", "2ec90cfa025740aa44baecf8eee2de66707678df216b4d555d95ee14221f1830", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "0e7b5c92e2c18f75466fbc674fbb7cd728778fa094e590fea7b26def741ca48a", "956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd", "6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896", "a3aeb393fb10e3953f1cb8f6b28e4b7d8cadd64054deef1ab1ca8d4dd7ed5865", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "4847ff9a4a02048dd5d9fccaa0d9e1bf377193f141ed0d3ce11aa554424e1e45", "fe6d769e299642f334ffb01177169b6e52c1dfad7a8bfca971dc4888130ec18b", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4", "8f338df3c10927b31c13e08649a35a8c6589a2c37d5780b952f4661d90daaca5"], "mitre_attack_tags": []}, {"bi": "network-fast-flux-nameserver", "hashes": ["0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "8fbb2e6350b19ba45327ade5793b770681831057ce7e1cce8f2ecb739cccdb16", "91f15f387d44b62958841cff29958eec303100e9380f0ee83183265c6260bb73", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce", "e23bd9fdebb967ead6dced4e7b4a5fd5c12e37ffdaaf4b7ac854f07b087c1a6e", "314e8e577dacf2287a1205ceb98ff4548ba513ee4b55a634ee48acce14f63c94", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "0e7b5c92e2c18f75466fbc674fbb7cd728778fa094e590fea7b26def741ca48a", "956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896", "a3aeb393fb10e3953f1cb8f6b28e4b7d8cadd64054deef1ab1ca8d4dd7ed5865", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "4847ff9a4a02048dd5d9fccaa0d9e1bf377193f141ed0d3ce11aa554424e1e45", "fe6d769e299642f334ffb01177169b6e52c1dfad7a8bfca971dc4888130ec18b", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4", "8f338df3c10927b31c13e08649a35a8c6589a2c37d5780b952f4661d90daaca5"], "mitre_attack_tags": []}, {"bi": "feed-domain-antivirus-service", "hashes": ["58af4794f298f9400c39d4969b3f9c86e7af6bccc2979f935a9cabb8c6550809", "5e4a7bed76322611ed15503c9098fe45220a27b2b815d0d6d6fe345be15b7442", "db5f642ebbe88990f1a730702aa04bd10597a8a64d6de6c2069d63a5a78436a2", "1cd038ba74864d02eddc3eb3c3219b7fdebd00e7563229224fc06fa74f4d837d", "552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20", "cf3d62473b1bce75d5e04984b8c6c986e7ebea664b277c14dcc3c8d5ebf408ad", "013663989aa28f3582e2aa90eed455a969d0de2abe419b5b3ec8824fc7a7fef2", "4a61d9901d5c11bd68512937826fec243f49b88cbb0ac9c927794efb83f224f6", "67481b7fc97f7ae8af3c6f5c7c04cd252c8a31b3c2394379844428277d8d696a", "38712d1de42f33c02e3ff7bd73caff8bb5e4c7f89fd11f6920207b094bc81fa6", "fedec73d39c3a44da986c67f848199a5d49699d2115ea786458a9360904c4934", "92c5ed42144de1d8f43e9cf41d629a4c90ee138bab080746e02e9bd83f9bd5ab", "22037f54606da56dab0da53ba84cac987a99c1d81787a170e19812ad3ed6b0b2", "8e8ccb9d6033d90ca0663786b24db738b1307cc38d839899f16ba19ecbe96a6b", "6e4d8c39b3ab09629fe4cdc495b4227460c17571637ee4a55e595f3b6b51d6f8", "361ecf702e46b665843216d9be94fbdd84b231575c1a2026f04e6a4cced6f577"], "mitre_attack_tags": []}, {"bi": "network-only-safe-domains-contacted", "hashes": ["58af4794f298f9400c39d4969b3f9c86e7af6bccc2979f935a9cabb8c6550809", "db5f642ebbe88990f1a730702aa04bd10597a8a64d6de6c2069d63a5a78436a2", "1cd038ba74864d02eddc3eb3c3219b7fdebd00e7563229224fc06fa74f4d837d", "013663989aa28f3582e2aa90eed455a969d0de2abe419b5b3ec8824fc7a7fef2", "8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2", "4a61d9901d5c11bd68512937826fec243f49b88cbb0ac9c927794efb83f224f6", "67481b7fc97f7ae8af3c6f5c7c04cd252c8a31b3c2394379844428277d8d696a", "38712d1de42f33c02e3ff7bd73caff8bb5e4c7f89fd11f6920207b094bc81fa6", "92c5ed42144de1d8f43e9cf41d629a4c90ee138bab080746e02e9bd83f9bd5ab", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "8e8ccb9d6033d90ca0663786b24db738b1307cc38d839899f16ba19ecbe96a6b", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46", "361ecf702e46b665843216d9be94fbdd84b231575c1a2026f04e6a4cced6f577"], "mitre_attack_tags": []}, {"bi": "created-executable-in-user-dir", "hashes": ["0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "5e4a7bed76322611ed15503c9098fe45220a27b2b815d0d6d6fe345be15b7442", "e23bd9fdebb967ead6dced4e7b4a5fd5c12e37ffdaaf4b7ac854f07b087c1a6e", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896", "8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "41eec2a4b3f6589097321436053722c95ab9b81f2f71c508e67a9764372e0fe7", "4847ff9a4a02048dd5d9fccaa0d9e1bf377193f141ed0d3ce11aa554424e1e45", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4", "6e4d8c39b3ab09629fe4cdc495b4227460c17571637ee4a55e595f3b6b51d6f8", "b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "mitre_attack_tags": []}, {"bi": "pe-packed-upx", "hashes": ["0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "314e8e577dacf2287a1205ceb98ff4548ba513ee4b55a634ee48acce14f63c94", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "0e7b5c92e2c18f75466fbc674fbb7cd728778fa094e590fea7b26def741ca48a", "8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "709f6a3b5fa4d5e8b36d26adf17c92d86e8802c65b76a83b5f642c4f837624d0", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "registry-autorun-key-system-dir", "hashes": ["8fbb2e6350b19ba45327ade5793b770681831057ce7e1cce8f2ecb739cccdb16", "e23bd9fdebb967ead6dced4e7b4a5fd5c12e37ffdaaf4b7ac854f07b087c1a6e", "95b13017d2f0d22191ba9c0e1d0c92e18bf42149d87464eec60aee1206b0eead", "987fbf1ce97028d6a74085b8900bed68696cb7abf69a1378ceecaaf40007c676", "45bded663194abc4170e80e83abbe48e74fc91b4a2b2c5043e5479d89bd2b9e7", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46", "8f338df3c10927b31c13e08649a35a8c6589a2c37d5780b952f4661d90daaca5", "3e848b438998dcd3aa40311d041d40c230ed22125625e5396f03d6265a5834fa", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b"], "mitre_attack_tags": ["TA0003", "TA0004", "T1547"]}, {"bi": "artifact-vm-detect", "hashes": ["91f15f387d44b62958841cff29958eec303100e9380f0ee83183265c6260bb73", "552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20", "2ec90cfa025740aa44baecf8eee2de66707678df216b4d555d95ee14221f1830", "731038173f7dfc821a5063bb21a530dca1163ba8c9857c09bc580fe8f1e4efea", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "709f6a3b5fa4d5e8b36d26adf17c92d86e8802c65b76a83b5f642c4f837624d0", "0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "68d790cfecf0d4b0874ae50da67a2b31f96e577b9cefa3aeaac07bea79bbbf72", "fe6d769e299642f334ffb01177169b6e52c1dfad7a8bfca971dc4888130ec18b"], "mitre_attack_tags": ["TA0005", "TA0007", "T1497"]}, {"bi": "potential-registry-persistence", "hashes": ["8fbb2e6350b19ba45327ade5793b770681831057ce7e1cce8f2ecb739cccdb16", "e23bd9fdebb967ead6dced4e7b4a5fd5c12e37ffdaaf4b7ac854f07b087c1a6e", "143cb3c0433dc9e9bdb163a08b279b8ca1df76841a62c52819fc460a86a3384c", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "95b13017d2f0d22191ba9c0e1d0c92e18bf42149d87464eec60aee1206b0eead", "987fbf1ce97028d6a74085b8900bed68696cb7abf69a1378ceecaaf40007c676", "8f338df3c10927b31c13e08649a35a8c6589a2c37d5780b952f4661d90daaca5", "3e848b438998dcd3aa40311d041d40c230ed22125625e5396f03d6265a5834fa"], "mitre_attack_tags": ["TA0003"]}, {"bi": "network-fast-flux-domain", "hashes": ["5e4a7bed76322611ed15503c9098fe45220a27b2b815d0d6d6fe345be15b7442", "552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20", "8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2", "67481b7fc97f7ae8af3c6f5c7c04cd252c8a31b3c2394379844428277d8d696a", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46", "361ecf702e46b665843216d9be94fbdd84b231575c1a2026f04e6a4cced6f577"], "mitre_attack_tags": []}, {"bi": "feed-domain-rat", "hashes": ["58af4794f298f9400c39d4969b3f9c86e7af6bccc2979f935a9cabb8c6550809", "5e4a7bed76322611ed15503c9098fe45220a27b2b815d0d6d6fe345be15b7442", "552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20", "67481b7fc97f7ae8af3c6f5c7c04cd252c8a31b3c2394379844428277d8d696a", "fedec73d39c3a44da986c67f848199a5d49699d2115ea786458a9360904c4934", "92c5ed42144de1d8f43e9cf41d629a4c90ee138bab080746e02e9bd83f9bd5ab", "6e4d8c39b3ab09629fe4cdc495b4227460c17571637ee4a55e595f3b6b51d6f8"], "mitre_attack_tags": []}, {"bi": "network-communications-http-get", "hashes": ["58af4794f298f9400c39d4969b3f9c86e7af6bccc2979f935a9cabb8c6550809", "1cd038ba74864d02eddc3eb3c3219b7fdebd00e7563229224fc06fa74f4d837d", "013663989aa28f3582e2aa90eed455a969d0de2abe419b5b3ec8824fc7a7fef2", "4a61d9901d5c11bd68512937826fec243f49b88cbb0ac9c927794efb83f224f6", "8e8ccb9d6033d90ca0663786b24db738b1307cc38d839899f16ba19ecbe96a6b", "361ecf702e46b665843216d9be94fbdd84b231575c1a2026f04e6a4cced6f577"], "mitre_attack_tags": ["TA0011", "T1105"]}, {"bi": "malware-ufr-mutex-detected", "hashes": ["db5f642ebbe88990f1a730702aa04bd10597a8a64d6de6c2069d63a5a78436a2", "67481b7fc97f7ae8af3c6f5c7c04cd252c8a31b3c2394379844428277d8d696a", "38712d1de42f33c02e3ff7bd73caff8bb5e4c7f89fd11f6920207b094bc81fa6", "22037f54606da56dab0da53ba84cac987a99c1d81787a170e19812ad3ed6b0b2", "6e4d8c39b3ab09629fe4cdc495b4227460c17571637ee4a55e595f3b6b51d6f8", "361ecf702e46b665843216d9be94fbdd84b231575c1a2026f04e6a4cced6f577"], "mitre_attack_tags": []}, {"bi": "registry-winlogon-key-modified-nt", "hashes": ["0e7b5c92e2c18f75466fbc674fbb7cd728778fa094e590fea7b26def741ca48a", "41eec2a4b3f6589097321436053722c95ab9b81f2f71c508e67a9764372e0fe7", "987fbf1ce97028d6a74085b8900bed68696cb7abf69a1378ceecaaf40007c676", "4847ff9a4a02048dd5d9fccaa0d9e1bf377193f141ed0d3ce11aa554424e1e45", "8f338df3c10927b31c13e08649a35a8c6589a2c37d5780b952f4661d90daaca5", "3e848b438998dcd3aa40311d041d40c230ed22125625e5396f03d6265a5834fa"], "mitre_attack_tags": ["TA0005", "TA0003", "TA0004", "T1112", "T1547"]}, {"bi": "process-long-cmdline", "hashes": ["58af4794f298f9400c39d4969b3f9c86e7af6bccc2979f935a9cabb8c6550809", "1cd038ba74864d02eddc3eb3c3219b7fdebd00e7563229224fc06fa74f4d837d", "013663989aa28f3582e2aa90eed455a969d0de2abe419b5b3ec8824fc7a7fef2", "4a61d9901d5c11bd68512937826fec243f49b88cbb0ac9c927794efb83f224f6", "8e8ccb9d6033d90ca0663786b24db738b1307cc38d839899f16ba19ecbe96a6b"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "http-response-redirect", "hashes": ["58af4794f298f9400c39d4969b3f9c86e7af6bccc2979f935a9cabb8c6550809", "1cd038ba74864d02eddc3eb3c3219b7fdebd00e7563229224fc06fa74f4d837d", "013663989aa28f3582e2aa90eed455a969d0de2abe419b5b3ec8824fc7a7fef2", "4a61d9901d5c11bd68512937826fec243f49b88cbb0ac9c927794efb83f224f6", "8e8ccb9d6033d90ca0663786b24db738b1307cc38d839899f16ba19ecbe96a6b"], "mitre_attack_tags": []}, {"bi": "url-not-found", "hashes": ["58af4794f298f9400c39d4969b3f9c86e7af6bccc2979f935a9cabb8c6550809", "1cd038ba74864d02eddc3eb3c3219b7fdebd00e7563229224fc06fa74f4d837d", "013663989aa28f3582e2aa90eed455a969d0de2abe419b5b3ec8824fc7a7fef2", "4a61d9901d5c11bd68512937826fec243f49b88cbb0ac9c927794efb83f224f6", "8e8ccb9d6033d90ca0663786b24db738b1307cc38d839899f16ba19ecbe96a6b"], "mitre_attack_tags": []}, {"bi": "registry-autorun-key-data-dir", "hashes": ["0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "5e4a7bed76322611ed15503c9098fe45220a27b2b815d0d6d6fe345be15b7442", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4"], "mitre_attack_tags": ["TA0003", "TA0004", "T1547"]}, {"bi": "fake-explorer-process", "hashes": ["0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4"], "mitre_attack_tags": ["TA0005", "T1036"]}, {"bi": "process-svchost-suspicious-launch", "hashes": ["8fbb2e6350b19ba45327ade5793b770681831057ce7e1cce8f2ecb739cccdb16", "e23bd9fdebb967ead6dced4e7b4a5fd5c12e37ffdaaf4b7ac854f07b087c1a6e", "143cb3c0433dc9e9bdb163a08b279b8ca1df76841a62c52819fc460a86a3384c", "5feb6fe880703e5d69cb45554d77f86fc1e03005f67226dc84601a548b02efd1", "c329047dc623c362427fdfa42941239ea92e4cd6cf2144084ff8bb3973a52b9b"], "mitre_attack_tags": ["TA0005", "T1036"]}, {"bi": "pe-resource-lang-spanish", "hashes": ["d02b4d47e478fc3c32be5cb6c7e3676bfc5d2ea9da9c82de703a77b7db413234", "a3fb508141d2b3d5ece76a08c6e44b3722a2c2ff1a2e008c2523d9d4fb0f6afd", "4ac11ec8d9add6278b5318c52ab3eb96db37a9c36705fe7128e606338221b649", "e17fd9b924f92308f765ca5e2a46b1f717bd51c0a63a5e5077b5973358d1190d", "e64ad9768bd8547bc0abfaf212c80dd9dac5b32d121756feecffed3f2c9015aa"], "mitre_attack_tags": []}, {"bi": "deleted-submitted-file", "hashes": ["db5f642ebbe88990f1a730702aa04bd10597a8a64d6de6c2069d63a5a78436a2", "143cb3c0433dc9e9bdb163a08b279b8ca1df76841a62c52819fc460a86a3384c", "6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896", "6e4d8c39b3ab09629fe4cdc495b4227460c17571637ee4a55e595f3b6b51d6f8", "b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "mitre_attack_tags": ["TA0005"]}, {"bi": "enumeration-email-program-information", "hashes": ["db5f642ebbe88990f1a730702aa04bd10597a8a64d6de6c2069d63a5a78436a2", "6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896", "67481b7fc97f7ae8af3c6f5c7c04cd252c8a31b3c2394379844428277d8d696a", "38712d1de42f33c02e3ff7bd73caff8bb5e4c7f89fd11f6920207b094bc81fa6", "361ecf702e46b665843216d9be94fbdd84b231575c1a2026f04e6a4cced6f577"], "mitre_attack_tags": ["TA0007", "TA0009", "TA0006", "T1083", "T1087", "T1005", "T1119", "T1114", "T1552"]}, {"bi": "windows-crash-tool-execution-detected", "hashes": ["66fb2dc71474458e662a759fe2084845f5f6489c5d286c1cd8f53fdd9d95e737", "cd4161a9fd864e25664f7d55126a0bd64f047cc4c5e2e081f5e745f0f7434b9d", "13df35df42bc3c6c1c47b18b280722923396284f9c3d5b05f6db2de90e7bb9a0", "4a20d0d4786573ffa78c283fd882080b30a860f3668c81fb027640b8e0faaf3d", "a6bcdea90efec0be5cc16224e8d6b9e55841b19d56c25102f2f3dff3a5196d8a"], "mitre_attack_tags": []}, {"bi": "crash-dump-file-created", "hashes": ["66fb2dc71474458e662a759fe2084845f5f6489c5d286c1cd8f53fdd9d95e737", "cd4161a9fd864e25664f7d55126a0bd64f047cc4c5e2e081f5e745f0f7434b9d", "13df35df42bc3c6c1c47b18b280722923396284f9c3d5b05f6db2de90e7bb9a0", "4a20d0d4786573ffa78c283fd882080b30a860f3668c81fb027640b8e0faaf3d", "a6bcdea90efec0be5cc16224e8d6b9e55841b19d56c25102f2f3dff3a5196d8a"], "mitre_attack_tags": []}, {"bi": "fault-report-file-created", "hashes": ["66fb2dc71474458e662a759fe2084845f5f6489c5d286c1cd8f53fdd9d95e737", "cd4161a9fd864e25664f7d55126a0bd64f047cc4c5e2e081f5e745f0f7434b9d", "13df35df42bc3c6c1c47b18b280722923396284f9c3d5b05f6db2de90e7bb9a0", "4a20d0d4786573ffa78c283fd882080b30a860f3668c81fb027640b8e0faaf3d", "a6bcdea90efec0be5cc16224e8d6b9e55841b19d56c25102f2f3dff3a5196d8a"], "mitre_attack_tags": []}, {"bi": "artifact-windows-component-suspicious-creation", "hashes": ["0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4"], "mitre_attack_tags": ["TA0005", "TA0002", "T1036", "T1569"]}, {"bi": "malware-xtreme-rat-default-mutex-detected", "hashes": ["8fbb2e6350b19ba45327ade5793b770681831057ce7e1cce8f2ecb739cccdb16", "e23bd9fdebb967ead6dced4e7b4a5fd5c12e37ffdaaf4b7ac854f07b087c1a6e", "143cb3c0433dc9e9bdb163a08b279b8ca1df76841a62c52819fc460a86a3384c", "95b13017d2f0d22191ba9c0e1d0c92e18bf42149d87464eec60aee1206b0eead"], "mitre_attack_tags": []}, {"bi": "pe-header-timestamp-prior", "hashes": ["d02b4d47e478fc3c32be5cb6c7e3676bfc5d2ea9da9c82de703a77b7db413234", "a3fb508141d2b3d5ece76a08c6e44b3722a2c2ff1a2e008c2523d9d4fb0f6afd", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "4ac11ec8d9add6278b5318c52ab3eb96db37a9c36705fe7128e606338221b649"], "mitre_attack_tags": []}, {"bi": "pe-uses-armadillo", "hashes": ["5e4a7bed76322611ed15503c9098fe45220a27b2b815d0d6d6fe345be15b7442", "6c6c96eec533d302af2672f2226d2e52770feb08240aa32face53ce23328d6ca", "fedec73d39c3a44da986c67f848199a5d49699d2115ea786458a9360904c4934", "92c5ed42144de1d8f43e9cf41d629a4c90ee138bab080746e02e9bd83f9bd5ab"], "mitre_attack_tags": ["TA0005", "TA0007", "T1027"]}, {"bi": "firefox-password-manager-local-database-access", "hashes": ["db5f642ebbe88990f1a730702aa04bd10597a8a64d6de6c2069d63a5a78436a2", "67481b7fc97f7ae8af3c6f5c7c04cd252c8a31b3c2394379844428277d8d696a", "38712d1de42f33c02e3ff7bd73caff8bb5e4c7f89fd11f6920207b094bc81fa6", "361ecf702e46b665843216d9be94fbdd84b231575c1a2026f04e6a4cced6f577"], "mitre_attack_tags": ["TA0006", "T1003"]}, {"bi": "enumeration-browser-information", "hashes": ["db5f642ebbe88990f1a730702aa04bd10597a8a64d6de6c2069d63a5a78436a2", "67481b7fc97f7ae8af3c6f5c7c04cd252c8a31b3c2394379844428277d8d696a", "38712d1de42f33c02e3ff7bd73caff8bb5e4c7f89fd11f6920207b094bc81fa6", "361ecf702e46b665843216d9be94fbdd84b231575c1a2026f04e6a4cced6f577"], "mitre_attack_tags": ["TA0007", "TA0009", "TA0006", "T1083", "T1217", "T1005", "T1119", "T1552", "T1539", "T1555"]}, {"bi": "cmd-exe-file-execution", "hashes": ["db5f642ebbe88990f1a730702aa04bd10597a8a64d6de6c2069d63a5a78436a2", "6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896", "6e4d8c39b3ab09629fe4cdc495b4227460c17571637ee4a55e595f3b6b51d6f8", "b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "mitre_attack_tags": ["TA0002", "T1059"]}, {"bi": "malware-generic-infostealer", "hashes": ["db5f642ebbe88990f1a730702aa04bd10597a8a64d6de6c2069d63a5a78436a2", "67481b7fc97f7ae8af3c6f5c7c04cd252c8a31b3c2394379844428277d8d696a", "38712d1de42f33c02e3ff7bd73caff8bb5e4c7f89fd11f6920207b094bc81fa6", "361ecf702e46b665843216d9be94fbdd84b231575c1a2026f04e6a4cced6f577"], "mitre_attack_tags": ["TA0007", "TA0009", "TA0006", "T1083", "T1005", "T1119", "T1552"]}, {"bi": "enumeration-chat-program-information", "hashes": ["db5f642ebbe88990f1a730702aa04bd10597a8a64d6de6c2069d63a5a78436a2", "67481b7fc97f7ae8af3c6f5c7c04cd252c8a31b3c2394379844428277d8d696a", "38712d1de42f33c02e3ff7bd73caff8bb5e4c7f89fd11f6920207b094bc81fa6", "361ecf702e46b665843216d9be94fbdd84b231575c1a2026f04e6a4cced6f577"], "mitre_attack_tags": ["TA0007", "TA0009", "TA0006", "T1083", "T1005", "T1119", "T1552"]}, {"bi": "enumeration-vpn-program-information", "hashes": ["db5f642ebbe88990f1a730702aa04bd10597a8a64d6de6c2069d63a5a78436a2", "67481b7fc97f7ae8af3c6f5c7c04cd252c8a31b3c2394379844428277d8d696a", "38712d1de42f33c02e3ff7bd73caff8bb5e4c7f89fd11f6920207b094bc81fa6", "361ecf702e46b665843216d9be94fbdd84b231575c1a2026f04e6a4cced6f577"], "mitre_attack_tags": ["TA0007", "TA0009", "TA0006", "T1083", "T1005", "T1119", "T1552", "T1555"]}, {"bi": "modified-file-in-program-dir", "hashes": ["57cd9099f10692125ac0afd3c7f5b9444dbde9bc47564a3d584b9bda2f87cd2e", "91f15f387d44b62958841cff29958eec303100e9380f0ee83183265c6260bb73", "2ec90cfa025740aa44baecf8eee2de66707678df216b4d555d95ee14221f1830", "956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65"], "mitre_attack_tags": []}, {"bi": "dns-query-nxdomain", "hashes": ["fedec73d39c3a44da986c67f848199a5d49699d2115ea786458a9360904c4934", "92c5ed42144de1d8f43e9cf41d629a4c90ee138bab080746e02e9bd83f9bd5ab", "22037f54606da56dab0da53ba84cac987a99c1d81787a170e19812ad3ed6b0b2", "6e4d8c39b3ab09629fe4cdc495b4227460c17571637ee4a55e595f3b6b51d6f8"], "mitre_attack_tags": []}, {"bi": "unsigned-roaming-execution", "hashes": ["0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4"], "mitre_attack_tags": ["TA0005"]}, {"bi": "decoy-wpfv", "hashes": ["8fbb2e6350b19ba45327ade5793b770681831057ce7e1cce8f2ecb739cccdb16", "e23bd9fdebb967ead6dced4e7b4a5fd5c12e37ffdaaf4b7ac854f07b087c1a6e", "731038173f7dfc821a5063bb21a530dca1163ba8c9857c09bc580fe8f1e4efea"], "mitre_attack_tags": ["TA0001", "T1566"]}, {"bi": "network-communications-ftp", "hashes": ["db5f642ebbe88990f1a730702aa04bd10597a8a64d6de6c2069d63a5a78436a2", "cf3d62473b1bce75d5e04984b8c6c986e7ebea664b277c14dcc3c8d5ebf408ad", "38712d1de42f33c02e3ff7bd73caff8bb5e4c7f89fd11f6920207b094bc81fa6"], "mitre_attack_tags": ["TA0011", "T1071"]}, {"bi": "network-ftp-no-artifact", "hashes": ["db5f642ebbe88990f1a730702aa04bd10597a8a64d6de6c2069d63a5a78436a2", "cf3d62473b1bce75d5e04984b8c6c986e7ebea664b277c14dcc3c8d5ebf408ad", "38712d1de42f33c02e3ff7bd73caff8bb5e4c7f89fd11f6920207b094bc81fa6"], "mitre_attack_tags": ["TA0011", "T1071"]}, {"bi": "network-private-ip-address", "hashes": ["d6e7d60618a250526d41024db54798d7cbee0409433c2f0d4a64daa0d9a0b0dd", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "4a32978af2064d452f26b42e60749e3ac43c6e36bf6a2d24107064467d02ca86"], "mitre_attack_tags": ["TA0007", "T1016"]}, {"bi": "malware-darkcomet-detected", "hashes": ["0e7b5c92e2c18f75466fbc674fbb7cd728778fa094e590fea7b26def741ca48a", "41eec2a4b3f6589097321436053722c95ab9b81f2f71c508e67a9764372e0fe7", "4847ff9a4a02048dd5d9fccaa0d9e1bf377193f141ed0d3ce11aa554424e1e45"], "mitre_attack_tags": []}, {"bi": "malware-darkcomet-registry-detected", "hashes": ["0e7b5c92e2c18f75466fbc674fbb7cd728778fa094e590fea7b26def741ca48a", "41eec2a4b3f6589097321436053722c95ab9b81f2f71c508e67a9764372e0fe7", "4847ff9a4a02048dd5d9fccaa0d9e1bf377193f141ed0d3ce11aa554424e1e45"], "mitre_attack_tags": []}, {"bi": "registry-winlogon-key-value-modified-to-userinit", "hashes": ["0e7b5c92e2c18f75466fbc674fbb7cd728778fa094e590fea7b26def741ca48a", "41eec2a4b3f6589097321436053722c95ab9b81f2f71c508e67a9764372e0fe7", "4847ff9a4a02048dd5d9fccaa0d9e1bf377193f141ed0d3ce11aa554424e1e45"], "mitre_attack_tags": ["TA0005", "TA0003", "TA0004", "T1112", "T1547"]}, {"bi": "netbios-query", "hashes": ["a3aeb393fb10e3953f1cb8f6b28e4b7d8cadd64054deef1ab1ca8d4dd7ed5865", "22037f54606da56dab0da53ba84cac987a99c1d81787a170e19812ad3ed6b0b2", "6e4d8c39b3ab09629fe4cdc495b4227460c17571637ee4a55e595f3b6b51d6f8"], "mitre_attack_tags": ["TA0007", "T1016"]}, {"bi": "hook-installed", "hashes": ["755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "41eec2a4b3f6589097321436053722c95ab9b81f2f71c508e67a9764372e0fe7", "4847ff9a4a02048dd5d9fccaa0d9e1bf377193f141ed0d3ce11aa554424e1e45"], "mitre_attack_tags": ["TA0009", "TA0006", "T1056"]}, {"bi": "registry-autorun-key-modified-nt", "hashes": ["987fbf1ce97028d6a74085b8900bed68696cb7abf69a1378ceecaaf40007c676", "8f338df3c10927b31c13e08649a35a8c6589a2c37d5780b952f4661d90daaca5", "3e848b438998dcd3aa40311d041d40c230ed22125625e5396f03d6265a5834fa"], "mitre_attack_tags": ["TA0003", "TA0004", "T1547"]}, {"bi": "process-with-multiple-children", "hashes": ["8fbb2e6350b19ba45327ade5793b770681831057ce7e1cce8f2ecb739cccdb16", "e23bd9fdebb967ead6dced4e7b4a5fd5c12e37ffdaaf4b7ac854f07b087c1a6e"], "mitre_attack_tags": ["TA0005"]}, {"bi": "artifact-multiple-extensions", "hashes": ["8fbb2e6350b19ba45327ade5793b770681831057ce7e1cce8f2ecb739cccdb16", "b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "mitre_attack_tags": ["TA0005", "T1036"]}, {"bi": "network-file-downloaded-to-disk", "hashes": ["db5f642ebbe88990f1a730702aa04bd10597a8a64d6de6c2069d63a5a78436a2", "38712d1de42f33c02e3ff7bd73caff8bb5e4c7f89fd11f6920207b094bc81fa6"], "mitre_attack_tags": []}, {"bi": "cmd-exe-file-deletion", "hashes": ["db5f642ebbe88990f1a730702aa04bd10597a8a64d6de6c2069d63a5a78436a2", "6e4d8c39b3ab09629fe4cdc495b4227460c17571637ee4a55e595f3b6b51d6f8"], "mitre_attack_tags": ["TA0005"]}, {"bi": "network-communications-ftp-data", "hashes": ["db5f642ebbe88990f1a730702aa04bd10597a8a64d6de6c2069d63a5a78436a2", "38712d1de42f33c02e3ff7bd73caff8bb5e4c7f89fd11f6920207b094bc81fa6"], "mitre_attack_tags": ["TA0011", "T1071"]}, {"bi": "pe-resource-lang-russian", "hashes": ["57cd9099f10692125ac0afd3c7f5b9444dbde9bc47564a3d584b9bda2f87cd2e", "709f6a3b5fa4d5e8b36d26adf17c92d86e8802c65b76a83b5f642c4f837624d0"], "mitre_attack_tags": []}, {"bi": "pe-section-execute-writable", "hashes": ["cd4161a9fd864e25664f7d55126a0bd64f047cc4c5e2e081f5e745f0f7434b9d", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "windows-util-attrib-hide", "hashes": ["0e7b5c92e2c18f75466fbc674fbb7cd728778fa094e590fea7b26def741ca48a", "4847ff9a4a02048dd5d9fccaa0d9e1bf377193f141ed0d3ce11aa554424e1e45"], "mitre_attack_tags": ["TA0005", "T1564"]}, {"bi": "file-attribute-modification", "hashes": ["0e7b5c92e2c18f75466fbc674fbb7cd728778fa094e590fea7b26def741ca48a", "4847ff9a4a02048dd5d9fccaa0d9e1bf377193f141ed0d3ce11aa554424e1e45"], "mitre_attack_tags": ["TA0005", "T1564"]}, {"bi": "disables-windows-firewall", "hashes": ["0e7b5c92e2c18f75466fbc674fbb7cd728778fa094e590fea7b26def741ca48a", "b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "mitre_attack_tags": ["TA0005", "T1562"]}, {"bi": "disables-security-center-notifications", "hashes": ["0e7b5c92e2c18f75466fbc674fbb7cd728778fa094e590fea7b26def741ca48a", "b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "mitre_attack_tags": ["TA0005", "T1562"]}, {"bi": "excessive-logical-drive-enumeration", "hashes": ["956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "mitre_attack_tags": ["TA0007", "TA0009", "T1120", "T1025"]}, {"bi": "malware-cybergate-rat", "hashes": ["457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd", "68d790cfecf0d4b0874ae50da67a2b31f96e577b9cefa3aeaac07bea79bbbf72"], "mitre_attack_tags": []}, {"bi": "files-created-batch", "hashes": ["6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896", "b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "mitre_attack_tags": ["TA0002", "T1059"]}, {"bi": "registry-ie-zone-settings-modified", "hashes": ["6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896", "92c5ed42144de1d8f43e9cf41d629a4c90ee138bab080746e02e9bd83f9bd5ab"], "mitre_attack_tags": ["TA0005", "T1562"]}, {"bi": "artifact-flagged-anomaly", "hashes": ["755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "92c5ed42144de1d8f43e9cf41d629a4c90ee138bab080746e02e9bd83f9bd5ab"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "malware-trojan-xtreme-rat-registry-key", "hashes": ["5feb6fe880703e5d69cb45554d77f86fc1e03005f67226dc84601a548b02efd1", "c329047dc623c362427fdfa42941239ea92e4cd6cf2144084ff8bb3973a52b9b"], "mitre_attack_tags": []}, {"bi": "excessive-process-creates", "hashes": ["95b13017d2f0d22191ba9c0e1d0c92e18bf42149d87464eec60aee1206b0eead", "6c6c96eec533d302af2672f2226d2e52770feb08240aa32face53ce23328d6ca"], "mitre_attack_tags": ["TA0040", "T1499"]}, {"bi": "excessive-sample-duplication", "hashes": ["6c6c96eec533d302af2672f2226d2e52770feb08240aa32face53ce23328d6ca", "6e4d8c39b3ab09629fe4cdc495b4227460c17571637ee4a55e595f3b6b51d6f8"], "mitre_attack_tags": ["TA0005", "TA0003"]}, {"bi": "network-communications-smtp", "hashes": ["67481b7fc97f7ae8af3c6f5c7c04cd252c8a31b3c2394379844428277d8d696a", "361ecf702e46b665843216d9be94fbdd84b231575c1a2026f04e6a4cced6f577"], "mitre_attack_tags": ["TA0011", "T1071"]}, {"bi": "network-smtp-spambot", "hashes": ["67481b7fc97f7ae8af3c6f5c7c04cd252c8a31b3c2394379844428277d8d696a", "361ecf702e46b665843216d9be94fbdd84b231575c1a2026f04e6a4cced6f577"], "mitre_attack_tags": []}, {"bi": "pe-filename-mismatch", "hashes": ["5e4a7bed76322611ed15503c9098fe45220a27b2b815d0d6d6fe345be15b7442"], "mitre_attack_tags": []}, {"bi": "sample-launched-copy-domain-flagged", "hashes": ["5e4a7bed76322611ed15503c9098fe45220a27b2b815d0d6d6fe345be15b7442"], "mitre_attack_tags": ["TA0011", "T1102"]}, {"bi": "imports-IsDebuggerPresent", "hashes": ["5e4a7bed76322611ed15503c9098fe45220a27b2b815d0d6d6fe345be15b7442"], "mitre_attack_tags": ["TA0005", "TA0007"]}, {"bi": "network-dns-category-cryptomining", "hashes": ["5e4a7bed76322611ed15503c9098fe45220a27b2b815d0d6d6fe345be15b7442"], "mitre_attack_tags": []}, {"bi": "cryptominer-network-detected", "hashes": ["5e4a7bed76322611ed15503c9098fe45220a27b2b815d0d6d6fe345be15b7442"], "mitre_attack_tags": ["TA0011", "T1571"]}, {"bi": "created-executable-sample-appdata", "hashes": ["5e4a7bed76322611ed15503c9098fe45220a27b2b815d0d6d6fe345be15b7442"], "mitre_attack_tags": ["TA0005", "T1564"]}, {"bi": "dns-dynamic-domain", "hashes": ["552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20"], "mitre_attack_tags": ["TA0011", "T1568"]}, {"bi": "registry-ie-lock-toolbar", "hashes": ["143cb3c0433dc9e9bdb163a08b279b8ca1df76841a62c52819fc460a86a3384c"], "mitre_attack_tags": ["TA0009"]}, {"bi": "network-snort-app-detect", "hashes": ["cf3d62473b1bce75d5e04984b8c6c986e7ebea664b277c14dcc3c8d5ebf408ad"], "mitre_attack_tags": []}, {"bi": "registry-service-autostart-disabled", "hashes": ["0e7b5c92e2c18f75466fbc674fbb7cd728778fa094e590fea7b26def741ca48a"], "mitre_attack_tags": ["TA0005", "TA0040", "TA0003", "TA0004", "T1112", "T1574", "T1489"]}, {"bi": "registry-disable-windefender", "hashes": ["0e7b5c92e2c18f75466fbc674fbb7cd728778fa094e590fea7b26def741ca48a"], "mitre_attack_tags": ["TA0005", "T1562"]}, {"bi": "listening-port-opened", "hashes": ["6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896"], "mitre_attack_tags": ["TA0011", "T1219"]}, {"bi": "pe-imports-toolhelp", "hashes": ["6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896"], "mitre_attack_tags": ["TA0007", "T1057"]}, {"bi": "sample-pe-modified-on-disk", "hashes": ["6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896"], "mitre_attack_tags": ["TA0005", "T1202"]}, {"bi": "file-alternate-data-stream-modification", "hashes": ["6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896"], "mitre_attack_tags": ["TA0005", "T1564"]}, {"bi": "file-alternate-data-stream-creation", "hashes": ["6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896"], "mitre_attack_tags": ["TA0005", "T1564"]}, {"bi": "malware-zeus-mutex-detected", "hashes": ["6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896"], "mitre_attack_tags": []}, {"bi": "sample-modified-deleted", "hashes": ["6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896"], "mitre_attack_tags": ["TA0005"]}, {"bi": "malware-zeus-variant-av", "hashes": ["6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896"], "mitre_attack_tags": []}, {"bi": "malware-zeus-variant-detected", "hashes": ["6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896"], "mitre_attack_tags": []}, {"bi": "eml-same-sender-recipient", "hashes": ["6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896"], "mitre_attack_tags": ["TA0001", "T1566"]}, {"bi": "outlook-express-com-server", "hashes": ["6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896"], "mitre_attack_tags": ["TA0009", "TA0003", "TA0004", "T1114", "T1546"]}, {"bi": "eml-link", "hashes": ["6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896"], "mitre_attack_tags": ["TA0001", "T1566"]}, {"bi": "eml-mismatched-name-to-header", "hashes": ["6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896"], "mitre_attack_tags": ["TA0001", "T1566"]}, {"bi": "email-same-sender-receiver-domain", "hashes": ["6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896"], "mitre_attack_tags": []}, {"bi": "artifact-flagged-sandbox", "hashes": ["755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2"], "mitre_attack_tags": ["TA0005", "TA0007", "T1497"]}, {"bi": "artifact-flagged-vm", "hashes": ["755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2"], "mitre_attack_tags": ["TA0005", "TA0007", "T1497"]}, {"bi": "pe-imports-psapi-dll", "hashes": ["755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2"], "mitre_attack_tags": ["TA0007", "T1057"]}, {"bi": "pe-tls-callback", "hashes": ["755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "pe-section-shared", "hashes": ["755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "artifact-flagged-antianalysis", "hashes": ["755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "pe-uses-autoit", "hashes": ["755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "pe-uses-iexpress", "hashes": ["755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "randomly-named-files", "hashes": ["6c6c96eec533d302af2672f2226d2e52770feb08240aa32face53ce23328d6ca"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "network-dns-category-file-storage", "hashes": ["38712d1de42f33c02e3ff7bd73caff8bb5e4c7f89fd11f6920207b094bc81fa6"], "mitre_attack_tags": []}, {"bi": "malware-blazebot-rat", "hashes": ["fedec73d39c3a44da986c67f848199a5d49699d2115ea786458a9360904c4934"], "mitre_attack_tags": []}, {"bi": "registry-large-data-entry", "hashes": ["92c5ed42144de1d8f43e9cf41d629a4c90ee138bab080746e02e9bd83f9bd5ab"], "mitre_attack_tags": ["TA0005", "T1112"]}, {"bi": "malware-adware-av", "hashes": ["22037f54606da56dab0da53ba84cac987a99c1d81787a170e19812ad3ed6b0b2"], "mitre_attack_tags": []}, {"bi": "registry-autorun-key-temp-dir", "hashes": ["4847ff9a4a02048dd5d9fccaa0d9e1bf377193f141ed0d3ce11aa554424e1e45"], "mitre_attack_tags": ["TA0003", "TA0004", "T1547"]}, {"bi": "file-ini-read", "hashes": ["b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "mitre_attack_tags": []}, {"bi": "registry-hide-files", "hashes": ["b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "mitre_attack_tags": ["TA0005", "T1564"]}, {"bi": "registry-disablesuac", "hashes": ["b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "mitre_attack_tags": ["TA0005", "TA0004", "T1548", "T1562"]}, {"bi": "file-ini-modified", "hashes": ["b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "mitre_attack_tags": ["TA0003"]}, {"bi": "registry-firewall-exceptions-enabled", "hashes": ["b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "mitre_attack_tags": ["TA0005", "T1562"]}, {"bi": "cmd-misleading-extension-execution", "hashes": ["b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "mitre_attack_tags": ["TA0005"]}, {"bi": "malware-sality-mutex", "hashes": ["b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "mitre_attack_tags": []}, {"bi": "registry-firewall-notifications-disabled", "hashes": ["b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "mitre_attack_tags": ["TA0005", "T1562"]}, {"bi": "registry-ie-work-offline-settings-modified", "hashes": ["b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "mitre_attack_tags": ["TA0040", "T1498"]}, {"bi": "system-startup-file-modification", "hashes": ["b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "mitre_attack_tags": ["TA0003", "TA0004", "T1547"]}, {"bi": "safeboot-alternateshell-changed", "hashes": ["b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "mitre_attack_tags": ["TA0005", "T1562"]}, {"bi": "process-override-security-center-monitoring", "hashes": ["b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "mitre_attack_tags": ["TA0005", "T1562"]}, {"bi": "registry-hex-data", "hashes": ["b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "public-ip-address-identification-attempt", "hashes": ["361ecf702e46b665843216d9be94fbdd84b231575c1a2026f04e6a4cced6f577"], "mitre_attack_tags": ["TA0007", "T1082", "T1016"]}, {"bi": "feed-public-ip-check-dns", "hashes": ["361ecf702e46b665843216d9be94fbdd84b231575c1a2026f04e6a4cced6f577"], "mitre_attack_tags": []}], "category": "Dropper", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": true, "Threat Grid": true, "Umbrella": false, "WSA": false}, "description": "XtremeRAT is a remote access trojan active since 2010 that allows the attacker to eavesdrop on users and modify the running system. The source code for XtremeRAT, written in Delphi, was leaked online and has since been used by similar RATs.", "hashes": ["013663989aa28f3582e2aa90eed455a969d0de2abe419b5b3ec8824fc7a7fef2", "022a66b7d76fa2bbee56a8d848675aa96b3eddc509fac5d8fbdbb97bed96e9be", "0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "0e7b5c92e2c18f75466fbc674fbb7cd728778fa094e590fea7b26def741ca48a", "113fddf6ffad33cc8ddccabb51d1530529b5ad93f5881282ddc64977dbe32583", "13df35df42bc3c6c1c47b18b280722923396284f9c3d5b05f6db2de90e7bb9a0", "143cb3c0433dc9e9bdb163a08b279b8ca1df76841a62c52819fc460a86a3384c", "1a63251dd369eecd63916d0835327d68da1aa50aa28623a2f4bd1481e968d238", "1cd038ba74864d02eddc3eb3c3219b7fdebd00e7563229224fc06fa74f4d837d", "1e3e862c60e25429d06231f72a5271c46528066bc82cf49431c4ad52552d0ebc", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "22037f54606da56dab0da53ba84cac987a99c1d81787a170e19812ad3ed6b0b2", "2ec90cfa025740aa44baecf8eee2de66707678df216b4d555d95ee14221f1830", "314e8e577dacf2287a1205ceb98ff4548ba513ee4b55a634ee48acce14f63c94", "32fef765f38580d1c018596d379620487cb8a0ab03ac149aeef6e9b42d8c792b", "361ecf702e46b665843216d9be94fbdd84b231575c1a2026f04e6a4cced6f577", "38712d1de42f33c02e3ff7bd73caff8bb5e4c7f89fd11f6920207b094bc81fa6", "3e848b438998dcd3aa40311d041d40c230ed22125625e5396f03d6265a5834fa", "41eec2a4b3f6589097321436053722c95ab9b81f2f71c508e67a9764372e0fe7", "4327d0f53f24d02cd6761ce90773cb02a085328ea261f7449686c4fd35e5ecca", "457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd", "45bded663194abc4170e80e83abbe48e74fc91b4a2b2c5043e5479d89bd2b9e7", "4847ff9a4a02048dd5d9fccaa0d9e1bf377193f141ed0d3ce11aa554424e1e45", "4a20d0d4786573ffa78c283fd882080b30a860f3668c81fb027640b8e0faaf3d", "4a32978af2064d452f26b42e60749e3ac43c6e36bf6a2d24107064467d02ca86", "4a61d9901d5c11bd68512937826fec243f49b88cbb0ac9c927794efb83f224f6", "4ac11ec8d9add6278b5318c52ab3eb96db37a9c36705fe7128e606338221b649", "552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20", "57cd9099f10692125ac0afd3c7f5b9444dbde9bc47564a3d584b9bda2f87cd2e", "58af4794f298f9400c39d4969b3f9c86e7af6bccc2979f935a9cabb8c6550809", "5e4a7bed76322611ed15503c9098fe45220a27b2b815d0d6d6fe345be15b7442", "5f06d57a637c9844d6b2720992dc4e2074409c54a4a16a060c6f596c17ab2bff", "5feb6fe880703e5d69cb45554d77f86fc1e03005f67226dc84601a548b02efd1", "66fb2dc71474458e662a759fe2084845f5f6489c5d286c1cd8f53fdd9d95e737", "67481b7fc97f7ae8af3c6f5c7c04cd252c8a31b3c2394379844428277d8d696a", "68d790cfecf0d4b0874ae50da67a2b31f96e577b9cefa3aeaac07bea79bbbf72", "6c6c96eec533d302af2672f2226d2e52770feb08240aa32face53ce23328d6ca", "6ce952804873e2f3de87ab77355d51292c9b321b18b47f6cc770ba715e4ed4f8", "6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896", "6e4d8c39b3ab09629fe4cdc495b4227460c17571637ee4a55e595f3b6b51d6f8", "709f6a3b5fa4d5e8b36d26adf17c92d86e8802c65b76a83b5f642c4f837624d0", "731038173f7dfc821a5063bb21a530dca1163ba8c9857c09bc580fe8f1e4efea", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b", "8adc54c7c64dcc8a6a10823931a759fcd1779eac69b035cb457782ef04f14025", "8cae48c56db1b0b7c97ccf1e616047cd2360576c10edbac691fc50642707513f", "8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2", "8e8ccb9d6033d90ca0663786b24db738b1307cc38d839899f16ba19ecbe96a6b", "8f338df3c10927b31c13e08649a35a8c6589a2c37d5780b952f4661d90daaca5", "8fbb2e6350b19ba45327ade5793b770681831057ce7e1cce8f2ecb739cccdb16", "91f15f387d44b62958841cff29958eec303100e9380f0ee83183265c6260bb73", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46", "92c5ed42144de1d8f43e9cf41d629a4c90ee138bab080746e02e9bd83f9bd5ab", "956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "95b13017d2f0d22191ba9c0e1d0c92e18bf42149d87464eec60aee1206b0eead", "987fbf1ce97028d6a74085b8900bed68696cb7abf69a1378ceecaaf40007c676", "9cdc95194df1ce3c3ce0e00a9d519bf473e234e3df77251020b5da6094e567c8", "9dc03a8a056285aa4e96343c46dbc22414b3914a97b6fc4195a2e8a23c0109fb", "a3aeb393fb10e3953f1cb8f6b28e4b7d8cadd64054deef1ab1ca8d4dd7ed5865", "a3fb508141d2b3d5ece76a08c6e44b3722a2c2ff1a2e008c2523d9d4fb0f6afd", "a6bcdea90efec0be5cc16224e8d6b9e55841b19d56c25102f2f3dff3a5196d8a", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "c18f19a328b9ae58e71f6a06f6f40b841827d2bd1dbb98b0b295d809bd86c699", "c329047dc623c362427fdfa42941239ea92e4cd6cf2144084ff8bb3973a52b9b", "cd4161a9fd864e25664f7d55126a0bd64f047cc4c5e2e081f5e745f0f7434b9d", "cf3d62473b1bce75d5e04984b8c6c986e7ebea664b277c14dcc3c8d5ebf408ad", "d02b4d47e478fc3c32be5cb6c7e3676bfc5d2ea9da9c82de703a77b7db413234", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4", "d6e7d60618a250526d41024db54798d7cbee0409433c2f0d4a64daa0d9a0b0dd", "db5f642ebbe88990f1a730702aa04bd10597a8a64d6de6c2069d63a5a78436a2", "e17fd9b924f92308f765ca5e2a46b1f717bd51c0a63a5e5077b5973358d1190d", "e23bd9fdebb967ead6dced4e7b4a5fd5c12e37ffdaaf4b7ac854f07b087c1a6e", "e62d2891d7a76c7e08a27e0eb0bd7fa5546abf7eedec274e4b1a5b119e9eab71", "e64ad9768bd8547bc0abfaf212c80dd9dac5b32d121756feecffed3f2c9015aa", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce", "f35d3ddbd151304fd7adf4499c46f9bc4a52eff04dfb68ca39943c49386054c9", "fe6d769e299642f334ffb01177169b6e52c1dfad7a8bfca971dc4888130ec18b", "fedec73d39c3a44da986c67f848199a5d49699d2115ea786458a9360904c4934"], "iocs": {"domain": [{"hashes": ["013663989aa28f3582e2aa90eed455a969d0de2abe419b5b3ec8824fc7a7fef2", "1cd038ba74864d02eddc3eb3c3219b7fdebd00e7563229224fc06fa74f4d837d", "4a61d9901d5c11bd68512937826fec243f49b88cbb0ac9c927794efb83f224f6", "58af4794f298f9400c39d4969b3f9c86e7af6bccc2979f935a9cabb8c6550809", "8e8ccb9d6033d90ca0663786b24db738b1307cc38d839899f16ba19ecbe96a6b"], "host": "go[.]microsoft[.]com"}, {"hashes": ["013663989aa28f3582e2aa90eed455a969d0de2abe419b5b3ec8824fc7a7fef2", "1cd038ba74864d02eddc3eb3c3219b7fdebd00e7563229224fc06fa74f4d837d", "4a61d9901d5c11bd68512937826fec243f49b88cbb0ac9c927794efb83f224f6", "58af4794f298f9400c39d4969b3f9c86e7af6bccc2979f935a9cabb8c6550809", "8e8ccb9d6033d90ca0663786b24db738b1307cc38d839899f16ba19ecbe96a6b"], "host": "www[.]bing[.]com"}, {"hashes": ["013663989aa28f3582e2aa90eed455a969d0de2abe419b5b3ec8824fc7a7fef2", "1cd038ba74864d02eddc3eb3c3219b7fdebd00e7563229224fc06fa74f4d837d", "4a61d9901d5c11bd68512937826fec243f49b88cbb0ac9c927794efb83f224f6", "58af4794f298f9400c39d4969b3f9c86e7af6bccc2979f935a9cabb8c6550809", "8e8ccb9d6033d90ca0663786b24db738b1307cc38d839899f16ba19ecbe96a6b"], "host": "learn[.]microsoft[.]com"}, {"hashes": ["203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db"], "host": "www[.]server[.]com"}, {"hashes": ["314e8e577dacf2287a1205ceb98ff4548ba513ee4b55a634ee48acce14f63c94", "956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce"], "host": "huhu1234[.]no-ip[.]org"}, {"hashes": ["0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4"], "host": "gamer9090[.]no-ip[.]org"}, {"hashes": ["361ecf702e46b665843216d9be94fbdd84b231575c1a2026f04e6a4cced6f577", "67481b7fc97f7ae8af3c6f5c7c04cd252c8a31b3c2394379844428277d8d696a"], "host": "smtp[.]mail[.]ru"}, {"hashes": ["92c5ed42144de1d8f43e9cf41d629a4c90ee138bab080746e02e9bd83f9bd5ab"], "host": "google[.]com"}, {"hashes": ["fedec73d39c3a44da986c67f848199a5d49699d2115ea786458a9360904c4934"], "host": "vids[.]p0rn-lover[.]us"}, {"hashes": ["361ecf702e46b665843216d9be94fbdd84b231575c1a2026f04e6a4cced6f577"], "host": "whatismyip[.]akamai[.]com"}, {"hashes": ["38712d1de42f33c02e3ff7bd73caff8bb5e4c7f89fd11f6920207b094bc81fa6"], "host": "ftp[.]drivehq[.]com"}, {"hashes": ["457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd"], "host": "xtremo190278[.]zapto[.]org"}, {"hashes": ["db5f642ebbe88990f1a730702aa04bd10597a8a64d6de6c2069d63a5a78436a2"], "host": "ftp[.]freehostia[.]com"}, {"hashes": ["e23bd9fdebb967ead6dced4e7b4a5fd5c12e37ffdaaf4b7ac854f07b087c1a6e"], "host": "sandra81[.]no-ip[.]org"}, {"hashes": ["8fbb2e6350b19ba45327ade5793b770681831057ce7e1cce8f2ecb739cccdb16"], "host": "entony[.]no-ip[.]org"}, {"hashes": ["cf3d62473b1bce75d5e04984b8c6c986e7ebea664b277c14dcc3c8d5ebf408ad"], "host": "anton124354[.]aiq[.]ru"}, {"hashes": ["fe6d769e299642f334ffb01177169b6e52c1dfad7a8bfca971dc4888130ec18b"], "host": "hackermibb[.]no-ip[.]info"}, {"hashes": ["22037f54606da56dab0da53ba84cac987a99c1d81787a170e19812ad3ed6b0b2"], "host": "amoral999[.]p[.]ht"}, {"hashes": ["5e4a7bed76322611ed15503c9098fe45220a27b2b815d0d6d6fe345be15b7442"], "host": "api[.]bitcoin[.]cz"}, {"hashes": ["4847ff9a4a02048dd5d9fccaa0d9e1bf377193f141ed0d3ce11aa554424e1e45"], "host": "darkcometkiller[.]no-ip[.]biz"}, {"hashes": ["552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20"], "host": "ro[.]sytes[.]net"}, {"hashes": ["6e4d8c39b3ab09629fe4cdc495b4227460c17571637ee4a55e595f3b6b51d6f8"], "host": "ambrella[.]p[.]ht"}, {"hashes": ["755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2"], "host": "merlim2[.]no-ip[.]org"}, {"hashes": ["0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd"], "host": "leechersau[.]no-ip[.]biz"}, {"hashes": ["0e7b5c92e2c18f75466fbc674fbb7cd728778fa094e590fea7b26def741ca48a"], "host": "m3hl2ad[.]no-ip[.]org"}, {"hashes": ["8f338df3c10927b31c13e08649a35a8c6589a2c37d5780b952f4661d90daaca5"], "host": "white187[.]ddns[.]net"}, {"hashes": ["8f338df3c10927b31c13e08649a35a8c6589a2c37d5780b952f4661d90daaca5"], "host": "white187[.]myftp[.]biz"}, {"hashes": ["92c5ed42144de1d8f43e9cf41d629a4c90ee138bab080746e02e9bd83f9bd5ab"], "host": "worldbussines[.]bissnes[.]net"}, {"hashes": ["a3aeb393fb10e3953f1cb8f6b28e4b7d8cadd64054deef1ab1ca8d4dd7ed5865"], "host": "semih[.]no-ip[.]biz"}, {"hashes": ["91f15f387d44b62958841cff29958eec303100e9380f0ee83183265c6260bb73"], "host": "mlx255[.]no-ip[.]org"}, {"hashes": ["6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896"], "host": "mlungisismith[.]zapto[.]org"}, {"hashes": ["2ec90cfa025740aa44baecf8eee2de66707678df216b4d555d95ee14221f1830"], "host": "univerzo2016[.]ddns[.]net"}], "file": [{"hashes": ["0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "2ec90cfa025740aa44baecf8eee2de66707678df216b4d555d95ee14221f1830", "552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20", "57cd9099f10692125ac0afd3c7f5b9444dbde9bc47564a3d584b9bda2f87cd2e", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2", "91f15f387d44b62958841cff29958eec303100e9380f0ee83183265c6260bb73", "a3aeb393fb10e3953f1cb8f6b28e4b7d8cadd64054deef1ab1ca8d4dd7ed5865", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4", "d6e7d60618a250526d41024db54798d7cbee0409433c2f0d4a64daa0d9a0b0dd", "fe6d769e299642f334ffb01177169b6e52c1dfad7a8bfca971dc4888130ec18b"], "path": "%APPDATA%\\logs.dat"}, {"hashes": ["0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "2ec90cfa025740aa44baecf8eee2de66707678df216b4d555d95ee14221f1830", "552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2", "91f15f387d44b62958841cff29958eec303100e9380f0ee83183265c6260bb73", "a3aeb393fb10e3953f1cb8f6b28e4b7d8cadd64054deef1ab1ca8d4dd7ed5865", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4", "d6e7d60618a250526d41024db54798d7cbee0409433c2f0d4a64daa0d9a0b0dd", "fe6d769e299642f334ffb01177169b6e52c1dfad7a8bfca971dc4888130ec18b"], "path": "%TEMP%\\XX--XX--XX.txt"}, {"hashes": ["0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "2ec90cfa025740aa44baecf8eee2de66707678df216b4d555d95ee14221f1830", "552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2", "91f15f387d44b62958841cff29958eec303100e9380f0ee83183265c6260bb73", "a3aeb393fb10e3953f1cb8f6b28e4b7d8cadd64054deef1ab1ca8d4dd7ed5865", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4", "d6e7d60618a250526d41024db54798d7cbee0409433c2f0d4a64daa0d9a0b0dd", "fe6d769e299642f334ffb01177169b6e52c1dfad7a8bfca971dc4888130ec18b"], "path": "%TEMP%\\UuU.uUu"}, {"hashes": ["0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "2ec90cfa025740aa44baecf8eee2de66707678df216b4d555d95ee14221f1830", "552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2", "91f15f387d44b62958841cff29958eec303100e9380f0ee83183265c6260bb73", "a3aeb393fb10e3953f1cb8f6b28e4b7d8cadd64054deef1ab1ca8d4dd7ed5865", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4", "d6e7d60618a250526d41024db54798d7cbee0409433c2f0d4a64daa0d9a0b0dd", "fe6d769e299642f334ffb01177169b6e52c1dfad7a8bfca971dc4888130ec18b"], "path": "%TEMP%\\XxX.xXx"}, {"hashes": ["0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "314e8e577dacf2287a1205ceb98ff4548ba513ee4b55a634ee48acce14f63c94", "457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd", "45bded663194abc4170e80e83abbe48e74fc91b4a2b2c5043e5479d89bd2b9e7", "68d790cfecf0d4b0874ae50da67a2b31f96e577b9cefa3aeaac07bea79bbbf72", "731038173f7dfc821a5063bb21a530dca1163ba8c9857c09bc580fe8f1e4efea", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46", "956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce"], "path": "%TEMP%\\Administrator7"}, {"hashes": ["0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "314e8e577dacf2287a1205ceb98ff4548ba513ee4b55a634ee48acce14f63c94", "457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd", "45bded663194abc4170e80e83abbe48e74fc91b4a2b2c5043e5479d89bd2b9e7", "68d790cfecf0d4b0874ae50da67a2b31f96e577b9cefa3aeaac07bea79bbbf72", "731038173f7dfc821a5063bb21a530dca1163ba8c9857c09bc580fe8f1e4efea", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46", "956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce"], "path": "%TEMP%\\Administrator8"}, {"hashes": ["0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "314e8e577dacf2287a1205ceb98ff4548ba513ee4b55a634ee48acce14f63c94", "457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd", "45bded663194abc4170e80e83abbe48e74fc91b4a2b2c5043e5479d89bd2b9e7", "68d790cfecf0d4b0874ae50da67a2b31f96e577b9cefa3aeaac07bea79bbbf72", "731038173f7dfc821a5063bb21a530dca1163ba8c9857c09bc580fe8f1e4efea", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46", "956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce"], "path": "%TEMP%\\Administrator2.txt"}, {"hashes": ["0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "314e8e577dacf2287a1205ceb98ff4548ba513ee4b55a634ee48acce14f63c94", "68d790cfecf0d4b0874ae50da67a2b31f96e577b9cefa3aeaac07bea79bbbf72", "731038173f7dfc821a5063bb21a530dca1163ba8c9857c09bc580fe8f1e4efea", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46", "956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce"], "path": "%APPDATA%\\Administratorlog.dat"}, {"hashes": ["1e3e862c60e25429d06231f72a5271c46528066bc82cf49431c4ad52552d0ebc", "457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd", "552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20", "6c6c96eec533d302af2672f2226d2e52770feb08240aa32face53ce23328d6ca", "a3aeb393fb10e3953f1cb8f6b28e4b7d8cadd64054deef1ab1ca8d4dd7ed5865", "b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452", "d6e7d60618a250526d41024db54798d7cbee0409433c2f0d4a64daa0d9a0b0dd"], "path": "%SystemRoot%\\SysWOW64\\<random, matching '[a-zA-Z0-9]{4,19}'>.exe"}, {"hashes": ["0e7b5c92e2c18f75466fbc674fbb7cd728778fa094e590fea7b26def741ca48a", "41eec2a4b3f6589097321436053722c95ab9b81f2f71c508e67a9764372e0fe7", "4847ff9a4a02048dd5d9fccaa0d9e1bf377193f141ed0d3ce11aa554424e1e45"], "path": "%APPDATA%\\dclogs"}, {"hashes": ["8fbb2e6350b19ba45327ade5793b770681831057ce7e1cce8f2ecb739cccdb16", "95b13017d2f0d22191ba9c0e1d0c92e18bf42149d87464eec60aee1206b0eead", "e23bd9fdebb967ead6dced4e7b4a5fd5c12e37ffdaaf4b7ac854f07b087c1a6e"], "path": "%SystemRoot%\\InstallDir"}, {"hashes": ["8fbb2e6350b19ba45327ade5793b770681831057ce7e1cce8f2ecb739cccdb16", "95b13017d2f0d22191ba9c0e1d0c92e18bf42149d87464eec60aee1206b0eead", "e23bd9fdebb967ead6dced4e7b4a5fd5c12e37ffdaaf4b7ac854f07b087c1a6e"], "path": "%SystemRoot%\\InstallDir\\Server.exe"}, {"hashes": ["457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd", "45bded663194abc4170e80e83abbe48e74fc91b4a2b2c5043e5479d89bd2b9e7", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b"], "path": "%APPDATA%\\98B68E3C"}, {"hashes": ["457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd", "45bded663194abc4170e80e83abbe48e74fc91b4a2b2c5043e5479d89bd2b9e7", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b"], "path": "%APPDATA%\\98B68E3C\\ak.tmp"}, {"hashes": ["457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd", "45bded663194abc4170e80e83abbe48e74fc91b4a2b2c5043e5479d89bd2b9e7", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b"], "path": "%APPDATA%\\Administrator-wchelper.dll"}, {"hashes": ["5feb6fe880703e5d69cb45554d77f86fc1e03005f67226dc84601a548b02efd1", "95b13017d2f0d22191ba9c0e1d0c92e18bf42149d87464eec60aee1206b0eead", "c329047dc623c362427fdfa42941239ea92e4cd6cf2144084ff8bb3973a52b9b"], "path": "%TEMP%\\x.html"}, {"hashes": ["0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2", "fe6d769e299642f334ffb01177169b6e52c1dfad7a8bfca971dc4888130ec18b"], "path": "%SystemRoot%\\SysWOW64\\install"}, {"hashes": ["38712d1de42f33c02e3ff7bd73caff8bb5e4c7f89fd11f6920207b094bc81fa6", "67481b7fc97f7ae8af3c6f5c7c04cd252c8a31b3c2394379844428277d8d696a", "db5f642ebbe88990f1a730702aa04bd10597a8a64d6de6c2069d63a5a78436a2"], "path": "\\TEMP\\ufr_reports"}, {"hashes": ["0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4"], "path": "%APPDATA%\\explorer.exe"}, {"hashes": ["3e848b438998dcd3aa40311d041d40c230ed22125625e5396f03d6265a5834fa", "8f338df3c10927b31c13e08649a35a8c6589a2c37d5780b952f4661d90daaca5", "987fbf1ce97028d6a74085b8900bed68696cb7abf69a1378ceecaaf40007c676"], "path": "\\Win"}, {"hashes": ["3e848b438998dcd3aa40311d041d40c230ed22125625e5396f03d6265a5834fa", "8f338df3c10927b31c13e08649a35a8c6589a2c37d5780b952f4661d90daaca5", "987fbf1ce97028d6a74085b8900bed68696cb7abf69a1378ceecaaf40007c676"], "path": "\\Win\\MSstart.exe"}, {"hashes": ["0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4"], "path": "%APPDATA%\\explorer.exe\\explorer.exe"}, {"hashes": ["68d790cfecf0d4b0874ae50da67a2b31f96e577b9cefa3aeaac07bea79bbbf72", "731038173f7dfc821a5063bb21a530dca1163ba8c9857c09bc580fe8f1e4efea"], "path": "\\directory\\CyberGate\\install\\server.exe"}, {"hashes": ["0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "fe6d769e299642f334ffb01177169b6e52c1dfad7a8bfca971dc4888130ec18b"], "path": "%SystemRoot%\\SysWOW64\\install\\server.exe"}, {"hashes": ["3e848b438998dcd3aa40311d041d40c230ed22125625e5396f03d6265a5834fa", "987fbf1ce97028d6a74085b8900bed68696cb7abf69a1378ceecaaf40007c676"], "path": "%SystemRoot%\\SpyNet\\Server.exe"}, {"hashes": ["45bded663194abc4170e80e83abbe48e74fc91b4a2b2c5043e5479d89bd2b9e7", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b"], "path": "%SystemRoot%\\media\\codec.exe"}, {"hashes": ["203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db"], "path": "%SystemRoot%\\SysWOW64\\win.32\\win.exe"}, {"hashes": ["95b13017d2f0d22191ba9c0e1d0c92e18bf42149d87464eec60aee1206b0eead"], "path": "%APPDATA%\\Microsoft\\Windows\\((Mutex)).cfg"}, {"hashes": ["8fbb2e6350b19ba45327ade5793b770681831057ce7e1cce8f2ecb739cccdb16"], "path": "%SystemRoot%\\82440efbff3a567fe49111131c0266fab38.jpg"}, {"hashes": ["8fbb2e6350b19ba45327ade5793b770681831057ce7e1cce8f2ecb739cccdb16"], "path": "%SystemRoot%\\82440efbff3a567fe49111131c0266fab38.jpg.exe"}, {"hashes": ["8fbb2e6350b19ba45327ade5793b770681831057ce7e1cce8f2ecb739cccdb16"], "path": "%APPDATA%\\Microsoft\\Windows\\QfM3%W.dat"}, {"hashes": ["8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2"], "path": "%TEMP%\\4390_1.exe"}, {"hashes": ["8f338df3c10927b31c13e08649a35a8c6589a2c37d5780b952f4661d90daaca5"], "path": "%SystemRoot%\\server\\Server.exe"}, {"hashes": ["8f338df3c10927b31c13e08649a35a8c6589a2c37d5780b952f4661d90daaca5"], "path": "%SystemRoot%\\server\\logs_hola\\logs_02-05-2023.txt"}, {"hashes": ["956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65"], "path": "%ProgramFiles(x86)%\\CMD\\svchost.exe"}, {"hashes": ["eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce"], "path": "%SystemRoot%\\SysWOW64\\CMD\\CMD.exe"}, {"hashes": ["6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896"], "path": "%TEMP%\\tmpdf59c8ea.bat"}, {"hashes": ["6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896"], "path": "%APPDATA%\\Evux\\syzu.itx"}, {"hashes": ["6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896"], "path": "%APPDATA%\\Ibyv\\umlim.exe"}, {"hashes": ["91f15f387d44b62958841cff29958eec303100e9380f0ee83183265c6260bb73"], "path": "%ProgramFiles(x86)%\\google\\index.exe"}, {"hashes": ["e23bd9fdebb967ead6dced4e7b4a5fd5c12e37ffdaaf4b7ac854f07b087c1a6e"], "path": "%TEMP%\\871oooh.jpg"}, {"hashes": ["e23bd9fdebb967ead6dced4e7b4a5fd5c12e37ffdaaf4b7ac854f07b087c1a6e"], "path": "%TEMP%\\871oooh.jpg.exe"}, {"hashes": ["e23bd9fdebb967ead6dced4e7b4a5fd5c12e37ffdaaf4b7ac854f07b087c1a6e"], "path": "%APPDATA%\\Microsoft\\Windows\\ut#Yz.cfg"}, {"hashes": ["e23bd9fdebb967ead6dced4e7b4a5fd5c12e37ffdaaf4b7ac854f07b087c1a6e"], "path": "%APPDATA%\\Microsoft\\Windows\\ut#Yz.dat"}, {"hashes": ["db5f642ebbe88990f1a730702aa04bd10597a8a64d6de6c2069d63a5a78436a2"], "path": "\\TEMP\\ufr_reports\\NO_PWDS_report_02-05-2023_11-05-09-11B0A35710D760E40567A55CF3411F9E-OFKE.bin"}, {"hashes": ["db5f642ebbe88990f1a730702aa04bd10597a8a64d6de6c2069d63a5a78436a2"], "path": "%TEMP%\\report_02-05-2023_11-05-09-11B0A35710D760E40567A55CF3411F9E-OFKE.bin"}, {"hashes": ["b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "path": "\\TEMP\\B014BF~1.EXE.bat"}, {"hashes": ["b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "path": "\\TEMP\\b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"}, {"hashes": ["2ec90cfa025740aa44baecf8eee2de66707678df216b4d555d95ee14221f1830"], "path": "%ProgramFiles(x86)%\\install\\comidin.exe"}, {"hashes": ["b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "path": "%TEMP%\\jrtg.exe"}], "ip": [{"hashes": ["013663989aa28f3582e2aa90eed455a969d0de2abe419b5b3ec8824fc7a7fef2", "1cd038ba74864d02eddc3eb3c3219b7fdebd00e7563229224fc06fa74f4d837d", "4a61d9901d5c11bd68512937826fec243f49b88cbb0ac9c927794efb83f224f6", "58af4794f298f9400c39d4969b3f9c86e7af6bccc2979f935a9cabb8c6550809", "8e8ccb9d6033d90ca0663786b24db738b1307cc38d839899f16ba19ecbe96a6b"], "ip": "104[.]127[.]184[.]49"}, {"hashes": ["013663989aa28f3582e2aa90eed455a969d0de2abe419b5b3ec8824fc7a7fef2", "1cd038ba74864d02eddc3eb3c3219b7fdebd00e7563229224fc06fa74f4d837d", "4a61d9901d5c11bd68512937826fec243f49b88cbb0ac9c927794efb83f224f6", "58af4794f298f9400c39d4969b3f9c86e7af6bccc2979f935a9cabb8c6550809", "8e8ccb9d6033d90ca0663786b24db738b1307cc38d839899f16ba19ecbe96a6b"], "ip": "23[.]7[.]178[.]157"}, {"hashes": ["203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db"], "ip": "52[.]8[.]126[.]80"}, {"hashes": ["4a61d9901d5c11bd68512937826fec243f49b88cbb0ac9c927794efb83f224f6"], "ip": "13[.]107[.]21[.]200"}, {"hashes": ["361ecf702e46b665843216d9be94fbdd84b231575c1a2026f04e6a4cced6f577"], "ip": "217[.]69[.]139[.]160"}, {"hashes": ["67481b7fc97f7ae8af3c6f5c7c04cd252c8a31b3c2394379844428277d8d696a"], "ip": "94[.]100[.]180[.]160"}, {"hashes": ["db5f642ebbe88990f1a730702aa04bd10597a8a64d6de6c2069d63a5a78436a2"], "ip": "198[.]23[.]57[.]8"}, {"hashes": ["38712d1de42f33c02e3ff7bd73caff8bb5e4c7f89fd11f6920207b094bc81fa6"], "ip": "66[.]220[.]9[.]50"}, {"hashes": ["cf3d62473b1bce75d5e04984b8c6c986e7ebea664b277c14dcc3c8d5ebf408ad"], "ip": "212[.]46[.]196[.]133"}, {"hashes": ["5e4a7bed76322611ed15503c9098fe45220a27b2b815d0d6d6fe345be15b7442"], "ip": "109[.]74[.]195[.]190"}, {"hashes": ["92c5ed42144de1d8f43e9cf41d629a4c90ee138bab080746e02e9bd83f9bd5ab"], "ip": "142[.]251[.]40[.]238"}, {"hashes": ["361ecf702e46b665843216d9be94fbdd84b231575c1a2026f04e6a4cced6f577"], "ip": "23[.]62[.]230[.]159"}, {"hashes": ["41eec2a4b3f6589097321436053722c95ab9b81f2f71c508e67a9764372e0fe7"], "ip": "200[.]6[.]76[.]9"}, {"hashes": ["552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20"], "ip": "2[.]81[.]154[.]116"}], "mutex": [{"hashes": ["0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "2ec90cfa025740aa44baecf8eee2de66707678df216b4d555d95ee14221f1830", "552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20", "57cd9099f10692125ac0afd3c7f5b9444dbde9bc47564a3d584b9bda2f87cd2e", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2", "91f15f387d44b62958841cff29958eec303100e9380f0ee83183265c6260bb73", "a3aeb393fb10e3953f1cb8f6b28e4b7d8cadd64054deef1ab1ca8d4dd7ed5865", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4", "d6e7d60618a250526d41024db54798d7cbee0409433c2f0d4a64daa0d9a0b0dd", "fe6d769e299642f334ffb01177169b6e52c1dfad7a8bfca971dc4888130ec18b"], "name": "_x_X_BLOCKMOUSE_X_x_"}, {"hashes": ["0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "2ec90cfa025740aa44baecf8eee2de66707678df216b4d555d95ee14221f1830", "552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20", "57cd9099f10692125ac0afd3c7f5b9444dbde9bc47564a3d584b9bda2f87cd2e", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2", "91f15f387d44b62958841cff29958eec303100e9380f0ee83183265c6260bb73", "a3aeb393fb10e3953f1cb8f6b28e4b7d8cadd64054deef1ab1ca8d4dd7ed5865", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4", "d6e7d60618a250526d41024db54798d7cbee0409433c2f0d4a64daa0d9a0b0dd", "fe6d769e299642f334ffb01177169b6e52c1dfad7a8bfca971dc4888130ec18b"], "name": "_x_X_PASSWORDLIST_X_x_"}, {"hashes": ["0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "2ec90cfa025740aa44baecf8eee2de66707678df216b4d555d95ee14221f1830", "552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20", "57cd9099f10692125ac0afd3c7f5b9444dbde9bc47564a3d584b9bda2f87cd2e", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2", "91f15f387d44b62958841cff29958eec303100e9380f0ee83183265c6260bb73", "a3aeb393fb10e3953f1cb8f6b28e4b7d8cadd64054deef1ab1ca8d4dd7ed5865", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4", "d6e7d60618a250526d41024db54798d7cbee0409433c2f0d4a64daa0d9a0b0dd", "fe6d769e299642f334ffb01177169b6e52c1dfad7a8bfca971dc4888130ec18b"], "name": "_x_X_UPDATE_X_x_"}, {"hashes": ["0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "143cb3c0433dc9e9bdb163a08b279b8ca1df76841a62c52819fc460a86a3384c", "1e3e862c60e25429d06231f72a5271c46528066bc82cf49431c4ad52552d0ebc", "314e8e577dacf2287a1205ceb98ff4548ba513ee4b55a634ee48acce14f63c94", "457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd", "45bded663194abc4170e80e83abbe48e74fc91b4a2b2c5043e5479d89bd2b9e7", "731038173f7dfc821a5063bb21a530dca1163ba8c9857c09bc580fe8f1e4efea", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46", "956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "c329047dc623c362427fdfa42941239ea92e4cd6cf2144084ff8bb3973a52b9b", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce"], "name": "<random, matching '[A-Z0-9]{14}'>"}, {"hashes": ["0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "314e8e577dacf2287a1205ceb98ff4548ba513ee4b55a634ee48acce14f63c94", "457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd", "45bded663194abc4170e80e83abbe48e74fc91b4a2b2c5043e5479d89bd2b9e7", "68d790cfecf0d4b0874ae50da67a2b31f96e577b9cefa3aeaac07bea79bbbf72", "731038173f7dfc821a5063bb21a530dca1163ba8c9857c09bc580fe8f1e4efea", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46", "956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce"], "name": "Administrator5"}, {"hashes": ["0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "91f15f387d44b62958841cff29958eec303100e9380f0ee83183265c6260bb73", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4", "fe6d769e299642f334ffb01177169b6e52c1dfad7a8bfca971dc4888130ec18b"], "name": "***MUTEX***"}, {"hashes": ["0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "91f15f387d44b62958841cff29958eec303100e9380f0ee83183265c6260bb73", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4", "fe6d769e299642f334ffb01177169b6e52c1dfad7a8bfca971dc4888130ec18b"], "name": "***MUTEX***_PERSIST"}, {"hashes": ["0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "91f15f387d44b62958841cff29958eec303100e9380f0ee83183265c6260bb73", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4", "fe6d769e299642f334ffb01177169b6e52c1dfad7a8bfca971dc4888130ec18b"], "name": "***MUTEX***_SAIR"}, {"hashes": ["0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "314e8e577dacf2287a1205ceb98ff4548ba513ee4b55a634ee48acce14f63c94", "457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd", "45bded663194abc4170e80e83abbe48e74fc91b4a2b2c5043e5479d89bd2b9e7", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46", "956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce"], "name": "<random, matching '[A-Z0-9]{14}'>_SAIR"}, {"hashes": ["0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "314e8e577dacf2287a1205ceb98ff4548ba513ee4b55a634ee48acce14f63c94", "68d790cfecf0d4b0874ae50da67a2b31f96e577b9cefa3aeaac07bea79bbbf72", "731038173f7dfc821a5063bb21a530dca1163ba8c9857c09bc580fe8f1e4efea", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46", "956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce"], "name": "Administrator1"}, {"hashes": ["0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "314e8e577dacf2287a1205ceb98ff4548ba513ee4b55a634ee48acce14f63c94", "68d790cfecf0d4b0874ae50da67a2b31f96e577b9cefa3aeaac07bea79bbbf72", "731038173f7dfc821a5063bb21a530dca1163ba8c9857c09bc580fe8f1e4efea", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46", "956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce"], "name": "Administrator4"}, {"hashes": ["552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20", "5feb6fe880703e5d69cb45554d77f86fc1e03005f67226dc84601a548b02efd1", "8f338df3c10927b31c13e08649a35a8c6589a2c37d5780b952f4661d90daaca5", "b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452", "c329047dc623c362427fdfa42941239ea92e4cd6cf2144084ff8bb3973a52b9b", "d6e7d60618a250526d41024db54798d7cbee0409433c2f0d4a64daa0d9a0b0dd", "fedec73d39c3a44da986c67f848199a5d49699d2115ea786458a9360904c4934"], "name": "<random, matching [a-zA-Z0-9]{5,9}>"}, {"hashes": ["22037f54606da56dab0da53ba84cac987a99c1d81787a170e19812ad3ed6b0b2", "361ecf702e46b665843216d9be94fbdd84b231575c1a2026f04e6a4cced6f577", "38712d1de42f33c02e3ff7bd73caff8bb5e4c7f89fd11f6920207b094bc81fa6", "67481b7fc97f7ae8af3c6f5c7c04cd252c8a31b3c2394379844428277d8d696a", "6e4d8c39b3ab09629fe4cdc495b4227460c17571637ee4a55e595f3b6b51d6f8", "db5f642ebbe88990f1a730702aa04bd10597a8a64d6de6c2069d63a5a78436a2"], "name": "UFR3"}, {"hashes": ["0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4"], "name": "SPY_NET_RATMUTEX"}, {"hashes": ["13df35df42bc3c6c1c47b18b280722923396284f9c3d5b05f6db2de90e7bb9a0", "4a20d0d4786573ffa78c283fd882080b30a860f3668c81fb027640b8e0faaf3d", "66fb2dc71474458e662a759fe2084845f5f6489c5d286c1cd8f53fdd9d95e737", "a6bcdea90efec0be5cc16224e8d6b9e55841b19d56c25102f2f3dff3a5196d8a", "cd4161a9fd864e25664f7d55126a0bd64f047cc4c5e2e081f5e745f0f7434b9d"], "name": "Global\\<random guid>"}, {"hashes": ["143cb3c0433dc9e9bdb163a08b279b8ca1df76841a62c52819fc460a86a3384c", "2ec90cfa025740aa44baecf8eee2de66707678df216b4d555d95ee14221f1830", "4847ff9a4a02048dd5d9fccaa0d9e1bf377193f141ed0d3ce11aa554424e1e45", "68d790cfecf0d4b0874ae50da67a2b31f96e577b9cefa3aeaac07bea79bbbf72", "8f338df3c10927b31c13e08649a35a8c6589a2c37d5780b952f4661d90daaca5"], "name": "<random, matching [A-Z0-9]{10}>"}, {"hashes": ["143cb3c0433dc9e9bdb163a08b279b8ca1df76841a62c52819fc460a86a3384c", "8fbb2e6350b19ba45327ade5793b770681831057ce7e1cce8f2ecb739cccdb16", "95b13017d2f0d22191ba9c0e1d0c92e18bf42149d87464eec60aee1206b0eead", "e23bd9fdebb967ead6dced4e7b4a5fd5c12e37ffdaaf4b7ac854f07b087c1a6e"], "name": "XTREMEUPDATE"}, {"hashes": ["457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd", "45bded663194abc4170e80e83abbe48e74fc91b4a2b2c5043e5479d89bd2b9e7", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b"], "name": "xXx_key_xXx"}, {"hashes": ["3e848b438998dcd3aa40311d041d40c230ed22125625e5396f03d6265a5834fa", "987fbf1ce97028d6a74085b8900bed68696cb7abf69a1378ceecaaf40007c676"], "name": "--((SpyNet))--"}, {"hashes": ["3e848b438998dcd3aa40311d041d40c230ed22125625e5396f03d6265a5834fa", "987fbf1ce97028d6a74085b8900bed68696cb7abf69a1378ceecaaf40007c676"], "name": "--((SpyNet))--CHECK"}, {"hashes": ["3e848b438998dcd3aa40311d041d40c230ed22125625e5396f03d6265a5834fa", "987fbf1ce97028d6a74085b8900bed68696cb7abf69a1378ceecaaf40007c676"], "name": "--((SpyNet))--INJECT"}, {"hashes": ["3e848b438998dcd3aa40311d041d40c230ed22125625e5396f03d6265a5834fa", "987fbf1ce97028d6a74085b8900bed68696cb7abf69a1378ceecaaf40007c676"], "name": "--((SpyNet))--UPDATE"}, {"hashes": ["45bded663194abc4170e80e83abbe48e74fc91b4a2b2c5043e5479d89bd2b9e7", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b"], "name": "1G3W5JF701F082Administrator15"}, {"hashes": ["95b13017d2f0d22191ba9c0e1d0c92e18bf42149d87464eec60aee1206b0eead"], "name": "((Mutex))"}, {"hashes": ["57cd9099f10692125ac0afd3c7f5b9444dbde9bc47564a3d584b9bda2f87cd2e"], "name": "XxXx"}, {"hashes": ["57cd9099f10692125ac0afd3c7f5b9444dbde9bc47564a3d584b9bda2f87cd2e"], "name": "XxXx_SAIR"}, {"hashes": ["6c6c96eec533d302af2672f2226d2e52770feb08240aa32face53ce23328d6ca"], "name": "LIQUID"}, {"hashes": ["57cd9099f10692125ac0afd3c7f5b9444dbde9bc47564a3d584b9bda2f87cd2e"], "name": "XxXx_PERSIST"}, {"hashes": ["d6e7d60618a250526d41024db54798d7cbee0409433c2f0d4a64daa0d9a0b0dd"], "name": "Ethernet_PERSIST"}, {"hashes": ["4847ff9a4a02048dd5d9fccaa0d9e1bf377193f141ed0d3ce11aa554424e1e45"], "name": "IMJDC01.exe"}, {"hashes": ["b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "name": "<process name>.exeM_<pid>_"}, {"hashes": ["457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd"], "name": "HTN001G0760767Administrator15"}, {"hashes": ["5feb6fe880703e5d69cb45554d77f86fc1e03005f67226dc84601a548b02efd1"], "name": "8E2TNkBKPERSIST"}, {"hashes": ["4847ff9a4a02048dd5d9fccaa0d9e1bf377193f141ed0d3ce11aa554424e1e45"], "name": "DC_MUTEX-1F9Z84X"}, {"hashes": ["552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20"], "name": "reyro_PERSIST"}, {"hashes": ["143cb3c0433dc9e9bdb163a08b279b8ca1df76841a62c52819fc460a86a3384c"], "name": "asfasdfasdPERSIST"}, {"hashes": ["0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd"], "name": "7T407OW43JNLRU_PERSIST"}, {"hashes": ["8fbb2e6350b19ba45327ade5793b770681831057ce7e1cce8f2ecb739cccdb16"], "name": "QfM3%W"}, {"hashes": ["8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2"], "name": "jhjahjahjah"}, {"hashes": ["8f338df3c10927b31c13e08649a35a8c6589a2c37d5780b952f4661d90daaca5"], "name": "hola"}, {"hashes": ["9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46"], "name": "I30480BFXY2FSK_PERSIST"}, {"hashes": ["a3aeb393fb10e3953f1cb8f6b28e4b7d8cadd64054deef1ab1ca8d4dd7ed5865"], "name": "67K0T0AX4QKR"}, {"hashes": ["a3aeb393fb10e3953f1cb8f6b28e4b7d8cadd64054deef1ab1ca8d4dd7ed5865"], "name": "67K0T0AX4QKR_PERSIST"}, {"hashes": ["a3aeb393fb10e3953f1cb8f6b28e4b7d8cadd64054deef1ab1ca8d4dd7ed5865"], "name": "67K0T0AX4QKR_SAIR"}, {"hashes": ["956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65"], "name": "Q050G3827S5C1X_PERSIST"}, {"hashes": ["eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce"], "name": "765QN0672RABU5_PERSIST"}, {"hashes": ["6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896"], "name": "Local\\{5BA7E93D-1604-9B62-CCAF-7A3D9A756CBB}"}, {"hashes": ["e23bd9fdebb967ead6dced4e7b4a5fd5c12e37ffdaaf4b7ac854f07b087c1a6e"], "name": "ut#Yz"}, {"hashes": ["2ec90cfa025740aa44baecf8eee2de66707678df216b4d555d95ee14221f1830"], "name": "comidasexy_SAIR"}, {"hashes": ["6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896"], "name": "GLOBAL\\{<random GUID>}"}], "registry": [{"hashes": ["0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "2ec90cfa025740aa44baecf8eee2de66707678df216b4d555d95ee14221f1830", "314e8e577dacf2287a1205ceb98ff4548ba513ee4b55a634ee48acce14f63c94", "3e848b438998dcd3aa40311d041d40c230ed22125625e5396f03d6265a5834fa", "457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd", "45bded663194abc4170e80e83abbe48e74fc91b4a2b2c5043e5479d89bd2b9e7", "552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20", "57cd9099f10692125ac0afd3c7f5b9444dbde9bc47564a3d584b9bda2f87cd2e", "68d790cfecf0d4b0874ae50da67a2b31f96e577b9cefa3aeaac07bea79bbbf72", "731038173f7dfc821a5063bb21a530dca1163ba8c9857c09bc580fe8f1e4efea", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b", "8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2", "8f338df3c10927b31c13e08649a35a8c6589a2c37d5780b952f4661d90daaca5", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46", "956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "987fbf1ce97028d6a74085b8900bed68696cb7abf69a1378ceecaaf40007c676", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4", "d6e7d60618a250526d41024db54798d7cbee0409433c2f0d4a64daa0d9a0b0dd", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce", "fe6d769e299642f334ffb01177169b6e52c1dfad7a8bfca971dc4888130ec18b"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\POLICIES\\EXPLORER\\RUN", "value_name": null}, {"hashes": ["0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "2ec90cfa025740aa44baecf8eee2de66707678df216b4d555d95ee14221f1830", "314e8e577dacf2287a1205ceb98ff4548ba513ee4b55a634ee48acce14f63c94", "3e848b438998dcd3aa40311d041d40c230ed22125625e5396f03d6265a5834fa", "457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd", "45bded663194abc4170e80e83abbe48e74fc91b4a2b2c5043e5479d89bd2b9e7", "552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20", "57cd9099f10692125ac0afd3c7f5b9444dbde9bc47564a3d584b9bda2f87cd2e", "68d790cfecf0d4b0874ae50da67a2b31f96e577b9cefa3aeaac07bea79bbbf72", "731038173f7dfc821a5063bb21a530dca1163ba8c9857c09bc580fe8f1e4efea", "755a74adcd27c031ab40154f45ddc0d978f969ff5467e68e8bb813a9c33bd9c2", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b", "8cedc252ac16f31aad75460c74fd25b7d73dd27f356ece5e4143d611add135d2", "8f338df3c10927b31c13e08649a35a8c6589a2c37d5780b952f4661d90daaca5", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46", "956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "987fbf1ce97028d6a74085b8900bed68696cb7abf69a1378ceecaaf40007c676", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4", "d6e7d60618a250526d41024db54798d7cbee0409433c2f0d4a64daa0d9a0b0dd", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce", "fe6d769e299642f334ffb01177169b6e52c1dfad7a8bfca971dc4888130ec18b"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\POLICIES\\EXPLORER\\RUN", "value_name": null}, {"hashes": ["0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd", "45bded663194abc4170e80e83abbe48e74fc91b4a2b2c5043e5479d89bd2b9e7", "552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20", "5feb6fe880703e5d69cb45554d77f86fc1e03005f67226dc84601a548b02efd1", "68d790cfecf0d4b0874ae50da67a2b31f96e577b9cefa3aeaac07bea79bbbf72", "731038173f7dfc821a5063bb21a530dca1163ba8c9857c09bc580fe8f1e4efea", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b", "91f15f387d44b62958841cff29958eec303100e9380f0ee83183265c6260bb73", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "c329047dc623c362427fdfa42941239ea92e4cd6cf2144084ff8bb3973a52b9b", "d6e7d60618a250526d41024db54798d7cbee0409433c2f0d4a64daa0d9a0b0dd"], "key": "<HKCU>\\SOFTWARE\\<random, matching '[a-zA-Z0-9]{5,9}'>", "value_name": null}, {"hashes": ["0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd", "45bded663194abc4170e80e83abbe48e74fc91b4a2b2c5043e5479d89bd2b9e7", "552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20", "68d790cfecf0d4b0874ae50da67a2b31f96e577b9cefa3aeaac07bea79bbbf72", "731038173f7dfc821a5063bb21a530dca1163ba8c9857c09bc580fe8f1e4efea", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b", "91f15f387d44b62958841cff29958eec303100e9380f0ee83183265c6260bb73", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db", "d6e7d60618a250526d41024db54798d7cbee0409433c2f0d4a64daa0d9a0b0dd"], "key": "<HKCU>\\SOFTWARE\\<random, matching '[a-zA-Z0-9]{5,9}'>", "value_name": "NewIdentification"}, {"hashes": ["203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "457a450ff6b934e8bb4c9c96a6be3065a009221474d4a950651285c1572f5dbd", "552da671fe0fa9cdbe928c6e91a0f68aeffc159e69f8d3eab7524b2d665eea20", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b", "91f15f387d44b62958841cff29958eec303100e9380f0ee83183265c6260bb73", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46", "d6e7d60618a250526d41024db54798d7cbee0409433c2f0d4a64daa0d9a0b0dd"], "key": "<HKCU>\\SOFTWARE\\<random, matching '[a-zA-Z0-9]{5,9}'>", "value_name": "FirstExecution"}, {"hashes": ["0b1a97dcdc4b5277f369f8be6df8d3cd65eecfea1f38b65bc2f296b3e55622dd", "45bded663194abc4170e80e83abbe48e74fc91b4a2b2c5043e5479d89bd2b9e7", "68d790cfecf0d4b0874ae50da67a2b31f96e577b9cefa3aeaac07bea79bbbf72", "731038173f7dfc821a5063bb21a530dca1163ba8c9857c09bc580fe8f1e4efea", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b", "9297206389ed4c7f3f080ea83f0a5a35eace48198bd0b3610bbb09f6ea5f2a46"], "key": "<HKCU>\\SOFTWARE\\REMOTE", "value_name": "NewGroup"}, {"hashes": ["013663989aa28f3582e2aa90eed455a969d0de2abe419b5b3ec8824fc7a7fef2", "1cd038ba74864d02eddc3eb3c3219b7fdebd00e7563229224fc06fa74f4d837d", "4a61d9901d5c11bd68512937826fec243f49b88cbb0ac9c927794efb83f224f6", "58af4794f298f9400c39d4969b3f9c86e7af6bccc2979f935a9cabb8c6550809", "8e8ccb9d6033d90ca0663786b24db738b1307cc38d839899f16ba19ecbe96a6b"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\INTERNET EXPLORER\\SEARCHSCOPES\\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}", "value_name": "FaviconPath"}, {"hashes": ["013663989aa28f3582e2aa90eed455a969d0de2abe419b5b3ec8824fc7a7fef2", "1cd038ba74864d02eddc3eb3c3219b7fdebd00e7563229224fc06fa74f4d837d", "4a61d9901d5c11bd68512937826fec243f49b88cbb0ac9c927794efb83f224f6", "58af4794f298f9400c39d4969b3f9c86e7af6bccc2979f935a9cabb8c6550809", "8e8ccb9d6033d90ca0663786b24db738b1307cc38d839899f16ba19ecbe96a6b"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\INTERNET EXPLORER\\SEARCHSCOPES\\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}", "value_name": "Deleted"}, {"hashes": ["013663989aa28f3582e2aa90eed455a969d0de2abe419b5b3ec8824fc7a7fef2", "1cd038ba74864d02eddc3eb3c3219b7fdebd00e7563229224fc06fa74f4d837d", "4a61d9901d5c11bd68512937826fec243f49b88cbb0ac9c927794efb83f224f6", "58af4794f298f9400c39d4969b3f9c86e7af6bccc2979f935a9cabb8c6550809", "8e8ccb9d6033d90ca0663786b24db738b1307cc38d839899f16ba19ecbe96a6b"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\INTERNET EXPLORER\\SEARCHSCOPES", "value_name": "DefaultScope"}, {"hashes": ["013663989aa28f3582e2aa90eed455a969d0de2abe419b5b3ec8824fc7a7fef2", "1cd038ba74864d02eddc3eb3c3219b7fdebd00e7563229224fc06fa74f4d837d", "4a61d9901d5c11bd68512937826fec243f49b88cbb0ac9c927794efb83f224f6", "58af4794f298f9400c39d4969b3f9c86e7af6bccc2979f935a9cabb8c6550809", "8e8ccb9d6033d90ca0663786b24db738b1307cc38d839899f16ba19ecbe96a6b"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\EXT\\STATS\\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}", "value_name": null}, {"hashes": ["0e7b5c92e2c18f75466fbc674fbb7cd728778fa094e590fea7b26def741ca48a", "41eec2a4b3f6589097321436053722c95ab9b81f2f71c508e67a9764372e0fe7", "4847ff9a4a02048dd5d9fccaa0d9e1bf377193f141ed0d3ce11aa554424e1e45"], "key": "<HKCU>\\SOFTWARE\\DC3_FEXEC", "value_name": null}, {"hashes": ["3e848b438998dcd3aa40311d041d40c230ed22125625e5396f03d6265a5834fa", "8f338df3c10927b31c13e08649a35a8c6589a2c37d5780b952f4661d90daaca5", "987fbf1ce97028d6a74085b8900bed68696cb7abf69a1378ceecaaf40007c676"], "key": "<HKLM>\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS", "value_name": "Load"}, {"hashes": ["3e848b438998dcd3aa40311d041d40c230ed22125625e5396f03d6265a5834fa", "8f338df3c10927b31c13e08649a35a8c6589a2c37d5780b952f4661d90daaca5", "987fbf1ce97028d6a74085b8900bed68696cb7abf69a1378ceecaaf40007c676"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS", "value_name": "Load"}, {"hashes": ["3e848b438998dcd3aa40311d041d40c230ed22125625e5396f03d6265a5834fa", "8f338df3c10927b31c13e08649a35a8c6589a2c37d5780b952f4661d90daaca5", "987fbf1ce97028d6a74085b8900bed68696cb7abf69a1378ceecaaf40007c676"], "key": "<HKLM>\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\ACTIVE SETUP\\INSTALLED COMPONENTS\\{2J58XP0K-ERQO-J3F4-1E5X-JB44DFP82S24}", "value_name": null}, {"hashes": ["314e8e577dacf2287a1205ceb98ff4548ba513ee4b55a634ee48acce14f63c94", "956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce"], "key": "<HKCU>\\SOFTWARE\\MASD", "value_name": null}, {"hashes": ["314e8e577dacf2287a1205ceb98ff4548ba513ee4b55a634ee48acce14f63c94", "956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce"], "key": "<HKCU>\\SOFTWARE\\MASD", "value_name": "NewIdentification"}, {"hashes": ["314e8e577dacf2287a1205ceb98ff4548ba513ee4b55a634ee48acce14f63c94", "956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce"], "key": "<HKCU>\\SOFTWARE\\MASD", "value_name": "NewGroup"}, {"hashes": ["0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4"], "key": "<HKCU>\\SOFTWARE\\INFECTED HACKING", "value_name": null}, {"hashes": ["0c1996f1cbad0ab32bc9806290ffd696c71184ee6a5622790dde2316b6a787b0", "b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4"], "key": "<HKCU>\\SOFTWARE\\INFECTED HACKING", "value_name": "NewIdentification"}, {"hashes": ["0e7b5c92e2c18f75466fbc674fbb7cd728778fa094e590fea7b26def741ca48a", "b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\SHAREDACCESS\\PARAMETERS\\FIREWALLPOLICY\\STANDARDPROFILE", "value_name": "EnableFirewall"}, {"hashes": ["143cb3c0433dc9e9bdb163a08b279b8ca1df76841a62c52819fc460a86a3384c", "95b13017d2f0d22191ba9c0e1d0c92e18bf42149d87464eec60aee1206b0eead"], "key": "<HKLM>\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\ACTIVE SETUP\\INSTALLED COMPONENTS\\{5460C4DF-B266-909E-CB58-E32B79832EB2}", "value_name": "StubPath"}, {"hashes": ["3e848b438998dcd3aa40311d041d40c230ed22125625e5396f03d6265a5834fa", "987fbf1ce97028d6a74085b8900bed68696cb7abf69a1378ceecaaf40007c676"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\--((SPYNET))--", "value_name": "InstalledServer"}, {"hashes": ["143cb3c0433dc9e9bdb163a08b279b8ca1df76841a62c52819fc460a86a3384c", "95b13017d2f0d22191ba9c0e1d0c92e18bf42149d87464eec60aee1206b0eead"], "key": "<HKLM>\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\ACTIVE SETUP\\INSTALLED COMPONENTS\\{5460C4DF-B266-909E-CB58-E32B79832EB2}", "value_name": null}, {"hashes": ["203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db"], "key": "<HKLM>\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\ACTIVE SETUP\\INSTALLED COMPONENTS\\{08B0E5JF-4FCB-11CF-AAA5-00401C6XX500}", "value_name": null}, {"hashes": ["3e848b438998dcd3aa40311d041d40c230ed22125625e5396f03d6265a5834fa", "987fbf1ce97028d6a74085b8900bed68696cb7abf69a1378ceecaaf40007c676"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\--((SPYNET))--", "value_name": null}, {"hashes": ["956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\MEDIAPLAYER\\HEALTH\\{8E9CFB64-0179-441E-8DFF-4B7C453E48CD}", "value_name": null}, {"hashes": ["956450cadab31756c93b7af18c0da3ebe913f1a541a29b3c3e8c4d8926314d65", "eeb3a7246223b3aca563736d282fce1828837922f40d26134b011bdf165acdce"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\MEDIAPLAYER\\HEALTH\\{A4CB35ED-910D-44AA-80F3-E742234EE749}", "value_name": null}, {"hashes": ["45bded663194abc4170e80e83abbe48e74fc91b4a2b2c5043e5479d89bd2b9e7", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b"], "key": "<HKLM>\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\ACTIVE SETUP\\INSTALLED COMPONENTS\\{6I7X080J-DI12-01Y0-0K2E-WLN22BB6N165}", "value_name": null}, {"hashes": ["45bded663194abc4170e80e83abbe48e74fc91b4a2b2c5043e5479d89bd2b9e7", "838c911c6c8d070bc20287d8b5e8bfeb715a82900aa1e4fd2609935dd3013a4b"], "key": "<HKLM>\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\ACTIVE SETUP\\INSTALLED COMPONENTS\\{6I7X080J-DI12-01Y0-0K2E-WLN22BB6N165}", "value_name": "StubPath"}, {"hashes": ["203652f28faffcf14891f31df19f5843c4ebca55e6c0225a2d0e17f1d610dc70", "a9d723ea1262405c6e0a97f01849571e011e4dfe6ff88fd1148fca142816f4db"], "key": "<HKLM>\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\ACTIVE SETUP\\INSTALLED COMPONENTS\\{08B0E5JF-4FCB-11CF-AAA5-00401C6XX500}", "value_name": "StubPath"}, {"hashes": ["b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4"], "key": "<HKLM>\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\ACTIVE SETUP\\INSTALLED COMPONENTS\\{1VD157HB-4AA0-3Q04-J668-8282KR2A18ID}", "value_name": null}, {"hashes": ["b228fc97525dd493eb5dcca8baa11c888052fed69100cd62cf9809c878530f38", "d0e43887f23302120ec13d74fec01cd72a25be3bf5e6856fc8aad34336b878a4"], "key": "<HKLM>\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\ACTIVE SETUP\\INSTALLED COMPONENTS\\{1VD157HB-4AA0-3Q04-J668-8282KR2A18ID}", "value_name": "StubPath"}, {"hashes": ["95b13017d2f0d22191ba9c0e1d0c92e18bf42149d87464eec60aee1206b0eead"], "key": "<HKCU>\\SOFTWARE\\((MUTEX))", "value_name": "InstalledServer"}, {"hashes": ["6d12e74e33a3a8008ec163bd60bf7cf5cc01349416397000f09cd1f08a2bb896"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\FOYHAR", "value_name": "Nehoneera"}, {"hashes": ["b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "key": "<HKCU>\\SOFTWARE\\AASPPAPMMXKVS", "value_name": "A1_591"}, {"hashes": ["b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "key": "<HKCU>\\SOFTWARE\\AASPPAPMMXKVS", "value_name": "A1_592"}, {"hashes": ["b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "key": "<HKCU>\\SOFTWARE\\AASPPAPMMXKVS", "value_name": "A1_593"}, {"hashes": ["b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "key": "<HKCU>\\SOFTWARE\\AASPPAPMMXKVS", "value_name": "A1_594"}, {"hashes": ["b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "key": "<HKCU>\\SOFTWARE\\AASPPAPMMXKVS", "value_name": "A1_595"}, {"hashes": ["b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "key": "<HKCU>\\SOFTWARE\\AASPPAPMMXKVS", "value_name": "A2_595"}, {"hashes": ["b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "key": "<HKCU>\\SOFTWARE\\AASPPAPMMXKVS", "value_name": "A1_596"}, {"hashes": ["b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "key": "<HKCU>\\SOFTWARE\\AASPPAPMMXKVS", "value_name": "A1_597"}, {"hashes": ["b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "key": "<HKCU>\\SOFTWARE\\AASPPAPMMXKVS", "value_name": "A2_597"}, {"hashes": ["b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "key": "<HKCU>\\SOFTWARE\\AASPPAPMMXKVS", "value_name": "A1_598"}, {"hashes": ["b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "key": "<HKCU>\\SOFTWARE\\AASPPAPMMXKVS", "value_name": "A1_599"}, {"hashes": ["b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "key": "<HKCU>\\SOFTWARE\\AASPPAPMMXKVS", "value_name": "A2_599"}, {"hashes": ["b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "key": "<HKCU>\\SOFTWARE\\AASPPAPMMXKVS", "value_name": "A1_600"}, {"hashes": ["b014bf0d69053322e1a6b7d382a5776854e1b535bddc852fe7bea7da83daa452"], "key": "<HKCU>\\SOFTWARE\\AASPPAPMMXKVS", "value_name": "A1_601"}]}, "reports_count": 81}, "Win.Packed.njRAT-9999411-0": {"bis": [{"bi": "memory-execute-readwrite", "hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293", "c1edf108bf51d26e6672d720ffab35de23cb2b14500f4c51372d31e2d789ce05", "a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e", "49489f01e57b62d0f7a6ab2958589e3b888ae550bf32e4d6709df1c3364201e7", "2167739d4cf736cf94b6f2156107cab8c312eac07b5a1eb26317564a9e5592b3", "c89def53ae08d75d4164de3f3d37c5b01de1216125691fa127fb0f3e9e7591f1", "b965b370bf5205a592a1756e2c02e3ccd974d4dc2d63dc6ad90135afc5c74a0e", "8ec9406c6818b968da592497a20a54a5d078686f652dfbde51d7ab510b6a58bd", "e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c", "c82097083a498aaec3bbdcbdecfc8205c92fc5eadc643d917d3a56a065e77767"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293", "c1edf108bf51d26e6672d720ffab35de23cb2b14500f4c51372d31e2d789ce05", "a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e", "49489f01e57b62d0f7a6ab2958589e3b888ae550bf32e4d6709df1c3364201e7", "2167739d4cf736cf94b6f2156107cab8c312eac07b5a1eb26317564a9e5592b3", "c89def53ae08d75d4164de3f3d37c5b01de1216125691fa127fb0f3e9e7591f1", "b965b370bf5205a592a1756e2c02e3ccd974d4dc2d63dc6ad90135afc5c74a0e", "8ec9406c6818b968da592497a20a54a5d078686f652dfbde51d7ab510b6a58bd", "e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c", "c82097083a498aaec3bbdcbdecfc8205c92fc5eadc643d917d3a56a065e77767"], "mitre_attack_tags": []}, {"bi": "excessive-foreign-memory-modification", "hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293", "c1edf108bf51d26e6672d720ffab35de23cb2b14500f4c51372d31e2d789ce05", "a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e", "49489f01e57b62d0f7a6ab2958589e3b888ae550bf32e4d6709df1c3364201e7", "2167739d4cf736cf94b6f2156107cab8c312eac07b5a1eb26317564a9e5592b3", "c89def53ae08d75d4164de3f3d37c5b01de1216125691fa127fb0f3e9e7591f1", "b965b370bf5205a592a1756e2c02e3ccd974d4dc2d63dc6ad90135afc5c74a0e", "8ec9406c6818b968da592497a20a54a5d078686f652dfbde51d7ab510b6a58bd", "e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c", "c82097083a498aaec3bbdcbdecfc8205c92fc5eadc643d917d3a56a065e77767"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "pe-uses-dot-net", "hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293", "c1edf108bf51d26e6672d720ffab35de23cb2b14500f4c51372d31e2d789ce05", "a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e", "49489f01e57b62d0f7a6ab2958589e3b888ae550bf32e4d6709df1c3364201e7", "2167739d4cf736cf94b6f2156107cab8c312eac07b5a1eb26317564a9e5592b3", "c89def53ae08d75d4164de3f3d37c5b01de1216125691fa127fb0f3e9e7591f1", "b965b370bf5205a592a1756e2c02e3ccd974d4dc2d63dc6ad90135afc5c74a0e", "8ec9406c6818b968da592497a20a54a5d078686f652dfbde51d7ab510b6a58bd", "e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c", "c82097083a498aaec3bbdcbdecfc8205c92fc5eadc643d917d3a56a065e77767"], "mitre_attack_tags": []}, {"bi": "process-hollowing-detected", "hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293", "c1edf108bf51d26e6672d720ffab35de23cb2b14500f4c51372d31e2d789ce05", "a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e", "49489f01e57b62d0f7a6ab2958589e3b888ae550bf32e4d6709df1c3364201e7", "2167739d4cf736cf94b6f2156107cab8c312eac07b5a1eb26317564a9e5592b3", "c89def53ae08d75d4164de3f3d37c5b01de1216125691fa127fb0f3e9e7591f1", "b965b370bf5205a592a1756e2c02e3ccd974d4dc2d63dc6ad90135afc5c74a0e", "8ec9406c6818b968da592497a20a54a5d078686f652dfbde51d7ab510b6a58bd", "e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c", "c82097083a498aaec3bbdcbdecfc8205c92fc5eadc643d917d3a56a065e77767"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "modified-executable", "hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293", "a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e", "49489f01e57b62d0f7a6ab2958589e3b888ae550bf32e4d6709df1c3364201e7", "c89def53ae08d75d4164de3f3d37c5b01de1216125691fa127fb0f3e9e7591f1", "b965b370bf5205a592a1756e2c02e3ccd974d4dc2d63dc6ad90135afc5c74a0e", "e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c"], "mitre_attack_tags": []}, {"bi": "created-executable-in-user-dir", "hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293", "a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e", "49489f01e57b62d0f7a6ab2958589e3b888ae550bf32e4d6709df1c3364201e7", "c89def53ae08d75d4164de3f3d37c5b01de1216125691fa127fb0f3e9e7591f1", "b965b370bf5205a592a1756e2c02e3ccd974d4dc2d63dc6ad90135afc5c74a0e", "e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c"], "mitre_attack_tags": []}, {"bi": "modified-file-in-user-dir", "hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293", "a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e", "49489f01e57b62d0f7a6ab2958589e3b888ae550bf32e4d6709df1c3364201e7", "c89def53ae08d75d4164de3f3d37c5b01de1216125691fa127fb0f3e9e7591f1", "b965b370bf5205a592a1756e2c02e3ccd974d4dc2d63dc6ad90135afc5c74a0e", "e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c"], "mitre_attack_tags": []}, {"bi": "sample-launched-copy-of-self", "hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293", "a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e", "49489f01e57b62d0f7a6ab2958589e3b888ae550bf32e4d6709df1c3364201e7", "c89def53ae08d75d4164de3f3d37c5b01de1216125691fa127fb0f3e9e7591f1", "b965b370bf5205a592a1756e2c02e3ccd974d4dc2d63dc6ad90135afc5c74a0e", "e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c"], "mitre_attack_tags": ["TA0005", "T1202"]}, {"bi": "registry-disable-open-file-security-warning", "hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293", "a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e", "49489f01e57b62d0f7a6ab2958589e3b888ae550bf32e4d6709df1c3364201e7", "c89def53ae08d75d4164de3f3d37c5b01de1216125691fa127fb0f3e9e7591f1", "b965b370bf5205a592a1756e2c02e3ccd974d4dc2d63dc6ad90135afc5c74a0e", "e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c"], "mitre_attack_tags": ["TA0005", "T1112", "T1562"]}, {"bi": "malware-trojan-njrat-registry", "hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293", "a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e", "49489f01e57b62d0f7a6ab2958589e3b888ae550bf32e4d6709df1c3364201e7", "c89def53ae08d75d4164de3f3d37c5b01de1216125691fa127fb0f3e9e7591f1", "b965b370bf5205a592a1756e2c02e3ccd974d4dc2d63dc6ad90135afc5c74a0e", "e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c"], "mitre_attack_tags": ["TA0005", "T1112"]}, {"bi": "created-executable-sample-appdata", "hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293", "a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e", "49489f01e57b62d0f7a6ab2958589e3b888ae550bf32e4d6709df1c3364201e7", "c89def53ae08d75d4164de3f3d37c5b01de1216125691fa127fb0f3e9e7591f1", "b965b370bf5205a592a1756e2c02e3ccd974d4dc2d63dc6ad90135afc5c74a0e", "e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c"], "mitre_attack_tags": ["TA0005", "T1564"]}, {"bi": "network-dns-category-dynamic", "hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293", "a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e", "49489f01e57b62d0f7a6ab2958589e3b888ae550bf32e4d6709df1c3364201e7", "c89def53ae08d75d4164de3f3d37c5b01de1216125691fa127fb0f3e9e7591f1", "e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c"], "mitre_attack_tags": []}, {"bi": "registry-autorun-key-modified", "hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293", "a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e", "49489f01e57b62d0f7a6ab2958589e3b888ae550bf32e4d6709df1c3364201e7", "c89def53ae08d75d4164de3f3d37c5b01de1216125691fa127fb0f3e9e7591f1", "e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c"], "mitre_attack_tags": ["TA0003", "TA0004", "T1547"]}, {"bi": "startup-folder-modification", "hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293", "a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e", "49489f01e57b62d0f7a6ab2958589e3b888ae550bf32e4d6709df1c3364201e7", "c89def53ae08d75d4164de3f3d37c5b01de1216125691fa127fb0f3e9e7591f1", "e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c"], "mitre_attack_tags": ["TA0003", "TA0004", "T1547"]}, {"bi": "netsh-firewall-generic", "hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293", "a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e", "49489f01e57b62d0f7a6ab2958589e3b888ae550bf32e4d6709df1c3364201e7", "c89def53ae08d75d4164de3f3d37c5b01de1216125691fa127fb0f3e9e7591f1", "e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c"], "mitre_attack_tags": ["TA0007", "TA0005", "T1016", "T1562"]}, {"bi": "netsh-firewall-add", "hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293", "a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e", "49489f01e57b62d0f7a6ab2958589e3b888ae550bf32e4d6709df1c3364201e7", "c89def53ae08d75d4164de3f3d37c5b01de1216125691fa127fb0f3e9e7591f1", "e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c"], "mitre_attack_tags": ["TA0005", "T1562"]}, {"bi": "malware-trojan-njrat-detected", "hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293", "a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e", "49489f01e57b62d0f7a6ab2958589e3b888ae550bf32e4d6709df1c3364201e7", "c89def53ae08d75d4164de3f3d37c5b01de1216125691fa127fb0f3e9e7591f1", "e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c"], "mitre_attack_tags": []}, {"bi": "malware-generic-dotnet-trojan-uses-random-guid-mutex", "hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293", "a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e", "49489f01e57b62d0f7a6ab2958589e3b888ae550bf32e4d6709df1c3364201e7", "c89def53ae08d75d4164de3f3d37c5b01de1216125691fa127fb0f3e9e7591f1", "e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c"], "mitre_attack_tags": []}, {"bi": "network-fast-flux-nameserver", "hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293", "a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e", "c89def53ae08d75d4164de3f3d37c5b01de1216125691fa127fb0f3e9e7591f1", "e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c"], "mitre_attack_tags": []}, {"bi": "firewall-exception-user-dir", "hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293", "a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e", "49489f01e57b62d0f7a6ab2958589e3b888ae550bf32e4d6709df1c3364201e7", "e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c"], "mitre_attack_tags": ["TA0005", "T1562"]}, {"bi": "modified-file-on-usb", "hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293", "a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e", "e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c"], "mitre_attack_tags": ["TA0011", "T1092"]}, {"bi": "created-executable-on-usb", "hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293", "a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e", "e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c"], "mitre_attack_tags": ["TA0001", "TA0008", "T1091"]}, {"bi": "sample-copied-to-usb", "hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293", "a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e", "e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c"], "mitre_attack_tags": ["TA0001", "TA0008", "T1091"]}, {"bi": "artifact-windows-component-suspicious-creation", "hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293", "a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e", "b965b370bf5205a592a1756e2c02e3ccd974d4dc2d63dc6ad90135afc5c74a0e"], "mitre_attack_tags": ["TA0005", "TA0002", "T1036", "T1569"]}, {"bi": "windows-crash-tool-execution-detected", "hashes": ["c1edf108bf51d26e6672d720ffab35de23cb2b14500f4c51372d31e2d789ce05", "2167739d4cf736cf94b6f2156107cab8c312eac07b5a1eb26317564a9e5592b3", "b965b370bf5205a592a1756e2c02e3ccd974d4dc2d63dc6ad90135afc5c74a0e", "8ec9406c6818b968da592497a20a54a5d078686f652dfbde51d7ab510b6a58bd", "c82097083a498aaec3bbdcbdecfc8205c92fc5eadc643d917d3a56a065e77767"], "mitre_attack_tags": []}, {"bi": "network-dns-safe-categories", "hashes": ["a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e", "49489f01e57b62d0f7a6ab2958589e3b888ae550bf32e4d6709df1c3364201e7", "c89def53ae08d75d4164de3f3d37c5b01de1216125691fa127fb0f3e9e7591f1", "e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c"], "mitre_attack_tags": []}, {"bi": "registry-autorun-key-data-dir", "hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293"], "mitre_attack_tags": ["TA0003", "TA0004", "T1547"]}, {"bi": "unsigned-roaming-execution", "hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293"], "mitre_attack_tags": ["TA0005"]}, {"bi": "artifact-multiple-extensions", "hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293"], "mitre_attack_tags": ["TA0005", "T1036"]}, {"bi": "registry-autorun-key-temp-dir", "hashes": ["a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e", "49489f01e57b62d0f7a6ab2958589e3b888ae550bf32e4d6709df1c3364201e7", "e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c"], "mitre_attack_tags": ["TA0003", "TA0004", "T1547"]}], "category": "Packed", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": false, "Threat Grid": true, "Umbrella": false, "WSA": false}, "description": "njRAT, also known as Bladabindi, is a remote access trojan (RAT) that allows attackers to execute commands on the infected host, log keystrokes and remotely turn on the victim's webcam and microphone. njRAT was developed by the Sparclyheason group. Some of the largest attacks using this malware date back to 2014.", "hashes": ["2167739d4cf736cf94b6f2156107cab8c312eac07b5a1eb26317564a9e5592b3", "40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "49489f01e57b62d0f7a6ab2958589e3b888ae550bf32e4d6709df1c3364201e7", "8ec9406c6818b968da592497a20a54a5d078686f652dfbde51d7ab510b6a58bd", "a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "b965b370bf5205a592a1756e2c02e3ccd974d4dc2d63dc6ad90135afc5c74a0e", "c1edf108bf51d26e6672d720ffab35de23cb2b14500f4c51372d31e2d789ce05", "c82097083a498aaec3bbdcbdecfc8205c92fc5eadc643d917d3a56a065e77767", "c89def53ae08d75d4164de3f3d37c5b01de1216125691fa127fb0f3e9e7591f1", "e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293"], "iocs": {"domain": [{"hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293"], "host": "torrent-leech[.]servebeer[.]com"}, {"hashes": ["a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e"], "host": "test0102[.]zapto[.]org"}, {"hashes": ["49489f01e57b62d0f7a6ab2958589e3b888ae550bf32e4d6709df1c3364201e7"], "host": "hamzahacker84[.]no-ip[.]biz"}, {"hashes": ["e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c"], "host": "de7kaaat[.]zapto[.]org"}, {"hashes": ["c89def53ae08d75d4164de3f3d37c5b01de1216125691fa127fb0f3e9e7591f1"], "host": "bobica[.]no-ip[.]info"}], "file": [{"hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293"], "path": "%APPDATA%\\svchost.exe"}, {"hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293"], "path": "%APPDATA%\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\23556fb1360f366337f97c924e76ead3.exe"}, {"hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293"], "path": "%APPDATA%\\svchost.exe.tmp"}, {"hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293"], "path": "E:\\23556fb1360f366337f97c924e76ead3.exe"}, {"hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293"], "path": "\\23556fb1360f366337f97c924e76ead3.exe"}, {"hashes": ["a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e", "b965b370bf5205a592a1756e2c02e3ccd974d4dc2d63dc6ad90135afc5c74a0e"], "path": "%TEMP%\\svchost.exe"}, {"hashes": ["e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c"], "path": "\\5cd8f17f4086744065eb0992a09e05a2.exe"}, {"hashes": ["a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e"], "path": "\\ba4c12bee3027d94da5c81db2d196bfd.exe"}, {"hashes": ["c89def53ae08d75d4164de3f3d37c5b01de1216125691fa127fb0f3e9e7591f1"], "path": "\\TEMP\\.tmp"}, {"hashes": ["e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c"], "path": "%TEMP%\\Trojan.exe"}, {"hashes": ["e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c"], "path": "%TEMP%\\Trojan.exe.tmp"}, {"hashes": ["a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e"], "path": "%TEMP%\\svchost.exe.tmp"}, {"hashes": ["a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e"], "path": "%APPDATA%\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\ba4c12bee3027d94da5c81db2d196bfd.exe"}, {"hashes": ["e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c"], "path": "E:\\5cd8f17f4086744065eb0992a09e05a2.exe"}, {"hashes": ["e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c"], "path": "%APPDATA%\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\5cd8f17f4086744065eb0992a09e05a2.exe"}, {"hashes": ["a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e"], "path": "E:\\ba4c12bee3027d94da5c81db2d196bfd.exe"}, {"hashes": ["49489f01e57b62d0f7a6ab2958589e3b888ae550bf32e4d6709df1c3364201e7"], "path": "%TEMP%\\hamza.exe"}, {"hashes": ["49489f01e57b62d0f7a6ab2958589e3b888ae550bf32e4d6709df1c3364201e7"], "path": "%TEMP%\\hamza.exe.tmp"}, {"hashes": ["49489f01e57b62d0f7a6ab2958589e3b888ae550bf32e4d6709df1c3364201e7"], "path": "%APPDATA%\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\d8d7c4726dd94e5629f337db2965c1af.exe"}, {"hashes": ["c89def53ae08d75d4164de3f3d37c5b01de1216125691fa127fb0f3e9e7591f1"], "path": "%ProgramData%\\isystem.exe"}, {"hashes": ["c89def53ae08d75d4164de3f3d37c5b01de1216125691fa127fb0f3e9e7591f1"], "path": "%APPDATA%\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\0f170b3532c72267660723e333127b4d.exe"}], "ip": [], "mutex": [{"hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "49489f01e57b62d0f7a6ab2958589e3b888ae550bf32e4d6709df1c3364201e7", "a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "c89def53ae08d75d4164de3f3d37c5b01de1216125691fa127fb0f3e9e7591f1", "e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293"], "name": "<32 random hex characters>"}], "registry": [{"hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "49489f01e57b62d0f7a6ab2958589e3b888ae550bf32e4d6709df1c3364201e7", "a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "b965b370bf5205a592a1756e2c02e3ccd974d4dc2d63dc6ad90135afc5c74a0e", "c89def53ae08d75d4164de3f3d37c5b01de1216125691fa127fb0f3e9e7591f1", "e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293"], "key": "<HKCU>\\ENVIRONMENT", "value_name": "SEE_MASK_NOZONECHECKS"}, {"hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "23556fb1360f366337f97c924e76ead3"}, {"hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293"], "key": "<HKLM>\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "23556fb1360f366337f97c924e76ead3"}, {"hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293"], "key": "<HKCU>\\SOFTWARE\\23556FB1360F366337F97C924E76EAD3", "value_name": null}, {"hashes": ["40ddedff2d7a63f99419ff69023258668d23217999e87134cf047038e59f88e4", "af81e25f6aecf9306272e46a0267a3625b19f412e0499beaee617c6ae2489371", "e8cdabd65b244c74c37b21c8949fc5a80fec74aee34f159cd4b81d8cdeb7e293"], "key": "<HKCU>\\SOFTWARE\\23556FB1360F366337F97C924E76EAD3", "value_name": "US"}, {"hashes": ["a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e", "b965b370bf5205a592a1756e2c02e3ccd974d4dc2d63dc6ad90135afc5c74a0e"], "key": "<HKCU>\\SOFTWARE\\BA4C12BEE3027D94DA5C81DB2D196BFD", "value_name": "US"}, {"hashes": ["a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e", "b965b370bf5205a592a1756e2c02e3ccd974d4dc2d63dc6ad90135afc5c74a0e"], "key": "<HKCU>\\SOFTWARE\\BA4C12BEE3027D94DA5C81DB2D196BFD", "value_name": null}, {"hashes": ["e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "5cd8f17f4086744065eb0992a09e05a2"}, {"hashes": ["e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c"], "key": "<HKLM>\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "5cd8f17f4086744065eb0992a09e05a2"}, {"hashes": ["a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "ba4c12bee3027d94da5c81db2d196bfd"}, {"hashes": ["a7b5eeea6104af0c07fa7af2cfab24670d43c4ce4aa3c113939f64b3a8c5f36e"], "key": "<HKLM>\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "ba4c12bee3027d94da5c81db2d196bfd"}, {"hashes": ["e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c"], "key": "<HKCU>\\SOFTWARE\\5CD8F17F4086744065EB0992A09E05A2", "value_name": "US"}, {"hashes": ["e69a60228101d497ddc68c11e919402fb228413c09d5d3af426451880907b95c"], "key": "<HKCU>\\SOFTWARE\\5CD8F17F4086744065EB0992A09E05A2", "value_name": null}, {"hashes": ["49489f01e57b62d0f7a6ab2958589e3b888ae550bf32e4d6709df1c3364201e7"], "key": "<HKCU>\\SOFTWARE\\D8D7C4726DD94E5629F337DB2965C1AF", "value_name": null}, {"hashes": ["49489f01e57b62d0f7a6ab2958589e3b888ae550bf32e4d6709df1c3364201e7"], "key": "<HKCU>\\SOFTWARE\\D8D7C4726DD94E5629F337DB2965C1AF", "value_name": "US"}, {"hashes": ["49489f01e57b62d0f7a6ab2958589e3b888ae550bf32e4d6709df1c3364201e7"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "d8d7c4726dd94e5629f337db2965c1af"}, {"hashes": ["49489f01e57b62d0f7a6ab2958589e3b888ae550bf32e4d6709df1c3364201e7"], "key": "<HKLM>\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "d8d7c4726dd94e5629f337db2965c1af"}, {"hashes": ["c89def53ae08d75d4164de3f3d37c5b01de1216125691fa127fb0f3e9e7591f1"], "key": "<HKCU>\\SOFTWARE\\0F170B3532C72267660723E333127B4D", "value_name": null}, {"hashes": ["c89def53ae08d75d4164de3f3d37c5b01de1216125691fa127fb0f3e9e7591f1"], "key": "<HKCU>\\SOFTWARE\\0F170B3532C72267660723E333127B4D", "value_name": "US"}, {"hashes": ["c89def53ae08d75d4164de3f3d37c5b01de1216125691fa127fb0f3e9e7591f1"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "0f170b3532c72267660723e333127b4d"}, {"hashes": ["c89def53ae08d75d4164de3f3d37c5b01de1216125691fa127fb0f3e9e7591f1"], "key": "<HKLM>\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "0f170b3532c72267660723e333127b4d"}]}, "reports_count": 12}, "Win.Ransomware.Cerber-9999985-0": {"bis": [{"bi": "memory-execute-readwrite", "hashes": ["93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f"], "mitre_attack_tags": []}, {"bi": "modified-file-in-user-dir", "hashes": ["93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f"], "mitre_attack_tags": []}, {"bi": "network-fast-flux-domain", "hashes": ["93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f"], "mitre_attack_tags": []}, {"bi": "network-communications-http-get", "hashes": ["93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f"], "mitre_attack_tags": ["TA0011", "T1105"]}, {"bi": "dns-query-nxdomain", "hashes": ["93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f"], "mitre_attack_tags": []}, {"bi": "network-only-safe-domains-contacted", "hashes": ["93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f"], "mitre_attack_tags": []}, {"bi": "feed-domain-antivirus-service", "hashes": ["93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f"], "mitre_attack_tags": []}, {"bi": "process-requested-named-pipe", "hashes": ["93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "deleted-submitted-file", "hashes": ["93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f"], "mitre_attack_tags": ["TA0005"]}, {"bi": "potential-registry-persistence", "hashes": ["93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f"], "mitre_attack_tags": ["TA0003"]}, {"bi": "imports-IsDebuggerPresent", "hashes": ["93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f"], "mitre_attack_tags": ["TA0005", "TA0007"]}, {"bi": "pe-imports-toolhelp", "hashes": ["93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f"], "mitre_attack_tags": ["TA0007", "T1057"]}, {"bi": "excessive-udp-connections", "hashes": ["93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f"], "mitre_attack_tags": ["TA0011", "T1095", "T1008"]}, {"bi": "document-decoy-dropped", "hashes": ["93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f"], "mitre_attack_tags": []}, {"bi": "malware-ransomware-cerber", "hashes": ["93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f"], "mitre_attack_tags": ["TA0040", "T1486"]}, {"bi": "process-uses-localhost-traffic", "hashes": ["93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f"], "mitre_attack_tags": ["TA0007", "T1049"]}, {"bi": "process-ping", "hashes": ["93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f"], "mitre_attack_tags": ["TA0007", "T1049"]}, {"bi": "process-ping-localhost", "hashes": ["93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f"], "mitre_attack_tags": ["TA0007", "T1016"]}, {"bi": "netsh-firewall-generic", "hashes": ["93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f"], "mitre_attack_tags": ["TA0007", "TA0005", "T1016", "T1562"]}, {"bi": "feed-domain-ransomware", "hashes": ["93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f"], "mitre_attack_tags": []}, {"bi": "file-pending-delete", "hashes": ["93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f"], "mitre_attack_tags": ["TA0005"]}, {"bi": "microsoft-block-rule-list-app-executed", "hashes": ["93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f"], "mitre_attack_tags": ["TA0005", "T1562"]}, {"bi": "process-taskkill", "hashes": ["93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f"], "mitre_attack_tags": ["TA0005", "T1562"]}, {"bi": "pdf-password-protected", "hashes": ["93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "process-deletes-many-files", "hashes": ["93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f"], "mitre_attack_tags": []}, {"bi": "malware-generic-infostealer", "hashes": ["93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f"], "mitre_attack_tags": ["TA0007", "TA0009", "TA0006", "T1083", "T1005", "T1119", "T1552"]}, {"bi": "enumeration-cryptocurrency-information", "hashes": ["93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f"], "mitre_attack_tags": ["TA0007", "TA0009", "TA0006", "T1083", "T1005", "T1119", "T1552"]}, {"bi": "enumeration-email-program-information", "hashes": ["93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f"], "mitre_attack_tags": ["TA0007", "TA0009", "TA0006", "T1083", "T1087", "T1005", "T1119", "T1114", "T1552"]}, {"bi": "rtf-appended-data", "hashes": ["93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "rtf-high-entropy", "hashes": ["93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "enumeration-game-information", "hashes": ["93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f"], "mitre_attack_tags": ["TA0007", "TA0009", "TA0006", "T1083", "T1005", "T1119", "T1552", "T1555"]}, {"bi": "enumeration-sql-server-information", "hashes": ["93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f"], "mitre_attack_tags": ["TA0007", "T1082"]}, {"bi": "randomly-named-files", "hashes": ["93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "network-file-downloaded-to-disk", "hashes": ["93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c"], "mitre_attack_tags": []}, {"bi": "network-snort-protocol", "hashes": ["93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f"], "mitre_attack_tags": []}, {"bi": "network-snort-indicator-compromise", "hashes": ["93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f"], "mitre_attack_tags": []}, {"bi": "netbios-query", "hashes": ["0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f"], "mitre_attack_tags": ["TA0007", "T1016"]}, {"bi": "http-response-client-error", "hashes": ["0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f"], "mitre_attack_tags": []}, {"bi": "process-hollowing-detected", "hashes": ["93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "ping-has-child-process", "hashes": ["664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "network-fast-flux-nameserver", "hashes": ["b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50"], "mitre_attack_tags": []}, {"bi": "process-with-multiple-children", "hashes": ["710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e"], "mitre_attack_tags": ["TA0005"]}], "category": "Ransomware", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": true, "Threat Grid": true, "Umbrella": false, "WSA": false}, "description": "Cerber is ransomware that encrypts documents, photos, databases and other important files. Historically, this malware would replace files with encrypted versions and add the file extension \".cerber,\" although in more recent campaigns, other file extensions are used.", "hashes": ["03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de"], "iocs": {"domain": [{"hashes": ["03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de"], "host": "api[.]blockcypher[.]com"}, {"hashes": ["03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de"], "host": "hjhqmbxyinislkkt[.]1j9r76[.]top"}, {"hashes": ["0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3"], "host": "bitaps[.]com"}, {"hashes": ["0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3"], "host": "chain[.]so"}, {"hashes": ["0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3"], "host": "btc[.]blockr[.]io"}], "file": [{"hashes": ["03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de"], "path": "%TEMP%\\d19ab989"}, {"hashes": ["03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de"], "path": "%TEMP%\\d19ab989\\4710.tmp"}, {"hashes": ["03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de"], "path": "%TEMP%\\d19ab989\\a35f.tmp"}, {"hashes": ["03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de"], "path": "%LOCALAPPDATA%\\Microsoft\\Office\\Groove1\\System\\CSMIPC.dat"}, {"hashes": ["03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de"], "path": "<dir>\\_READ_THIS_FILE_<random, matching [A-F0-9]{4,8}>_.hta"}, {"hashes": ["03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de"], "path": "<dir>\\_READ_THIS_FILE_<random, matching [A-F0-9]{4,8}>_.txt"}], "ip": [{"hashes": ["03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de"], "ip": "94[.]21[.]172[.]0/27"}, {"hashes": ["03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de"], "ip": "94[.]22[.]172[.]0/27"}, {"hashes": ["03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de"], "ip": "94[.]23[.]172[.]0/22"}, {"hashes": ["03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1"], "ip": "104[.]20[.]20[.]251"}, {"hashes": ["0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de"], "ip": "172[.]67[.]2[.]88"}, {"hashes": ["0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097"], "ip": "104[.]20[.]21[.]251"}, {"hashes": ["0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3"], "ip": "178[.]128[.]255[.]179"}, {"hashes": ["0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3"], "ip": "172[.]67[.]74[.]49"}, {"hashes": ["15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d"], "ip": "104[.]26[.]8[.]86"}, {"hashes": ["2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182"], "ip": "104[.]26[.]9[.]86"}], "mutex": [{"hashes": ["03611a3d29c5bfc9c60478a389999d647f07d6a906057101deace299db87ed0c", "0c14954805c6df5ed7e3a7e6eff41d49607d6952208b1bd462f3dc416b791664", "0fd37123332104ce76d91a35e5393992b5cd81fd977afb97aecd5e27ad8c37b1", "15155a362eb1e40c71af031bef0dd2dd92cf5fa7b549b365b576577decf5d01c", "18e1ec6e2bdde5242db231d2c07d951e53568017a18c21e445feb3b513e0a946", "26688f001590ab3312067b177c7b7abe9d1519dc6736aa846d5702a27eaabd33", "297ba2b3bc3a1cb638b8791df4e5e76a4ab55dcdea9063e9e851d41289625def", "2aae4f76bed26ed00582a82ee73cb7b58e9d54ca568047c3b7e1d7aaa32540a4", "2c6b60e3d9593789b7bcd045d5ace99c90fd39de1485c3f4cb32d4cad8483456", "2db8fc26bc17121b1724d72ad7abf2672710445a6fc35a3728c23f5d7dfc9c0c", "31f78896c577b0fd9f8de7323e3b37448f1b683b38fa338c1c10b08fab8a0489", "32b7762b08c045e310f15f9f8fdc16cef87f1779505c922b9076b56440641636", "33f754ae9862b34b210b14a2b5bf1a966c136c6204e2af11cbbba91d11ccdb5d", "359f1f7442d25411e9e948fe57fddc19700af351a08252f64671d24b4bad0ae9", "3743ee2c437b0458bcf3f0d605dd7aa9b5a6f7278463659028652c119cb90e32", "43b84a6ad0cd2ee1d40cc93a17785e7bc01e946e4176a98a74aa98a74e50c730", "4611109e19c031e3fff93c947cc23193e20dcc545b2837f01ab63c62b482a6c8", "49d3e05ce3c566ab41fc5de938cbc02886b79cd62e310f5c1ab2a7ad1dd7b614", "51729b1d1902b3b9bc628f866f60895a84b01307964fdeb9ba7cef683d9eeec4", "51fade9c1740e082ecd32c6971fe399863e8a386eb4bcbf32b3eaf2f89845837", "57033c8389b211d9e9726fb70bed63843ab99e1d214c5dcdc5dc9e76a53571ca", "5c814e00d32a00c46b071595af010a1ef3109ec025068449ece9886ded140a2e", "60507ad97df7c8e3eeda9733d926462a1def4944d8c764db869dbeb661221ce7", "664be3a91ac7ac0e54a5a07525a9aeddf62a94df72ebc07a6ec03e26eaef0aa0", "6d585e98246c9469086f418ec6a7645a43e3de2fa360db95f23f9a71cd6d8c77", "6f89156f4124ce78ba7fe6040c67abd11e9a3499b20745e554984e290d6e674e", "710c9b09c0e067464f5b26d34efe30baf454b464ce644818f69188c83326a24e", "73a81c58c900ddc5c97e2ca2fefe3e6d401257075651a56b16465fd649ab45e6", "75c668cd5ed2c343cfb862fbbdbc3c6b6f811ae32c1c5ac8f718755b3a2afb50", "793c41cbd38acb1aed191e54ab12768350b5f480e445d462711021d00d09a34f", "7ac57c67ade61679272aaa4237c86bd6a01a83a7621765c7f903b73e021c1182", "7f680ab6ffcaaed6cf4b7d46b37bf895441d7d6842284f6e412feda4a4f9284a", "80efc3111014003fdfd02600207287e21c5b411ffba561c435c1ed37059cc4aa", "85f20359d2aaa93d3c3ad966e26cf8f6e81d7a957ed3c5f4575dd3763cdacf9f", "90e5248d2d6ca478af07f94a7a9f48fb059d845e77a437b24623dd3f845a6247", "93f5647d273cf07ea7c64c426032c7fcd2093b91421943ea8934599a379f7fb5", "9a5d285fd9bceb0e3cb3b355612906b89c3f46b8f470564e7c387fc6576123ea", "9aac950598dd297278c757743ae64deaf6491fe04bed68b7d427dce7de04151a", "a2dd9790d62f55f49debd5ddd51be3178b69193ff56d7dd7eaa40dc93eda896d", "a8baaa8121d3ddf78502a62ffd5a6d5a08438dcfa39602a678e6dfb626547326", "a8e95e1d14180817541ffd87547ae7772986c74bf2a162d9a43bc3cd9bedb3f1", "ae2fa97fe1d01aefc12af538c39737136cfc30d454afeb8254110d583fd0c9bd", "b5f490ac2fdd31d2e49af395ce620c07dc1356c6efbfb306d6f2ee968babe658", "b70831b81f5f68edd9c8e0ac6dee427749de52a6fcfbd691212f48316c2e7198", "b82c4b354163a2812ed4b91852fb687c75f64ae6c0c29d21a48a59227acf1baf", "b8625f24154a16946deb860928778d4a27e8ae6b93809fecf8668e9be6b14b20", "c61deb1695ffc1a7e67c8474cfadf4dc0eba765eff2d8fe73bd5e14b201a66b3", "cf5bdbac89f9819cd8fbcd21b55d0051ee5bb9cfaf608ae970f585e472214097", "e138f37b1373814bee0a4edb9d3863aa0cc75fcc9c184bfef60154425adee1c2", "e199bfe5135b167e2ee026c8497bfef644029245f944ef718e82d99ab4785aa1", "e4a626b702496fded3b6b1d6a4c1a0a55e9819b7678b7d1a693e20922d3e7f6c", "f6e31351815b25eaef0cb06effaf7126194df579ab49e4f69bc361609f13db6f", "f712155d4424c2a287df59875bf396fc958f2e20f20922a04d206ea458593b98", "ffdf96e246c3f9f9aac6e0497f7ccb0535e83eb09c17055ccff47fa64cb011de"], "name": "shell.{381828AA-8B28-3374-1B67-35680555C5EF}"}], "registry": []}, "reports_count": 54}, "Win.Trojan.Ramnit-10000021-1": {"bis": [{"bi": "antivirus-flagged-artifact", "hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": []}, {"bi": "pe-encrypted-section", "hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "memory-execute-readwrite", "hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "modified-executable", "hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": []}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": []}, {"bi": "pe-filename-mismatch", "hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": []}, {"bi": "pe-section-execute-writable", "hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "network-fast-flux-domain", "hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": []}, {"bi": "hook-installed", "hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": ["TA0009", "TA0006", "T1056"]}, {"bi": "network-only-safe-domains-contacted", "hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": []}, {"bi": "excessive-foreign-memory-modification", "hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "network-snort-malware", "hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": []}, {"bi": "malware-known-trojan-av", "hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": []}, {"bi": "sample-launched-copy-of-self", "hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": ["TA0005", "T1202"]}, {"bi": "process-svchost-suspicious-launch", "hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": ["TA0005", "T1036"]}, {"bi": "modified-file-in-program-dir", "hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": []}, {"bi": "modified-file-in-system-dir", "hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": []}, {"bi": "imports-IsDebuggerPresent", "hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": ["TA0005", "TA0007"]}, {"bi": "pe-resource-lang-russian", "hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": []}, {"bi": "registry-winlogon-key-modified-nt", "hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": ["TA0005", "TA0003", "TA0004", "T1112", "T1547"]}, {"bi": "pe-subtype-com", "hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": []}, {"bi": "pe-tls-callback", "hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "usb-drive-autoplay-modification", "hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": ["TA0001", "TA0008", "T1091"]}, {"bi": "modified-file-on-usb", "hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": ["TA0011", "T1092"]}, {"bi": "created-executable-on-usb", "hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": ["TA0001", "TA0008", "T1091"]}, {"bi": "sample-copied-to-usb", "hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": ["TA0001", "TA0008", "T1091"]}, {"bi": "pe-resource-lang-spanish", "hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": []}, {"bi": "process-requested-file-external-drive", "hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": ["TA0009", "T1025"]}, {"bi": "recycler-exe-artifact", "hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "pe-resource-lang-korean", "hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": []}, {"bi": "malware-ramnit-mutex", "hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": []}, {"bi": "malware-ramnit", "hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": []}, {"bi": "registry-winlogon-key-value-modified-to-userinit", "hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": ["TA0005", "TA0003", "TA0004", "T1112", "T1547"]}, {"bi": "malware-ramnit-snort", "hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": []}, {"bi": "fake-recycler-exe-creation", "hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": ["TA0005", "T1036"]}, {"bi": "fake-recycler-file-creation", "hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": ["TA0005", "T1036"]}, {"bi": "pe-invalid-checksum", "hashes": ["0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": []}, {"bi": "antivirus-flagged-cve", "hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832"], "mitre_attack_tags": []}, {"bi": "artifact-flagged-anomaly", "hashes": ["42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "artifact-flagged-obfuscation", "hashes": ["42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "artifact-flagged-html-pe", "hashes": ["42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "artifact-html-vbs-shell", "hashes": ["42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904"], "mitre_attack_tags": ["TA0002", "T1059"]}], "category": "Trojan", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": true, "Threat Grid": true, "Umbrella": false, "WSA": false}, "description": "Ramnit is a banking trojan that monitors web browser activity on an infected machine and collects login information from financial websites. It can also steal browser cookies and hide from popular anti-virus software.", "hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "iocs": {"domain": [{"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "host": "google[.]com"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "host": "fget-career[.]com"}], "file": [{"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%CommonProgramFiles(x86)%\\microsoft shared\\TRANSLAT\\ESEN\\MSB1ESEN.DLL"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%CommonProgramFiles(x86)%\\microsoft shared\\TRANSLAT\\FREN\\MSB1FREN.DLL"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%CommonProgramFiles(x86)%\\microsoft shared\\TRANSLAT\\WTSP61MS.DLL"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%CommonProgramFiles(x86)%\\microsoft shared\\VS Help Data\\8.0\\Resources\\1033\\InterstitialPage.htm"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%CommonProgramFiles(x86)%\\microsoft shared\\VS7Debug\\coloader80.dll"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%CommonProgramFiles(x86)%\\microsoft shared\\VS7Debug\\csm.dll"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%CommonProgramFiles(x86)%\\microsoft shared\\VS7Debug\\dbgautoattach.dll"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%CommonProgramFiles(x86)%\\microsoft shared\\VS7Debug\\msdbg2.dll"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%ProgramFiles(x86)%\\Microsoft Office\\Office14\\ADDINS\\MSVCR71.DLL"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%ProgramFiles(x86)%\\Microsoft Office\\Office14\\AccessWeb\\CLNTWRAP.HTM"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%ProgramFiles(x86)%\\Microsoft Office\\Office14\\Groove\\ToolData\\groove.net\\GrooveForms3\\FormsBlankPage.html"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%ProgramFiles(x86)%\\Microsoft Office\\Office14\\Groove\\ToolData\\groove.net\\GrooveForms3\\FormsBrowserUpgrade.html"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%ProgramFiles(x86)%\\Microsoft Office\\Office14\\Groove\\ToolData\\groove.net\\GrooveForms3\\FormsColorChart.html"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%ProgramFiles(x86)%\\Microsoft Office\\Office14\\Groove\\ToolData\\groove.net\\GrooveForms3\\FormsFormTemplate.html"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%ProgramFiles(x86)%\\Microsoft Office\\Office14\\Groove\\ToolData\\groove.net\\GrooveForms3\\FormsHomePage.html"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%ProgramFiles(x86)%\\Microsoft Office\\Office14\\Groove\\ToolData\\groove.net\\GrooveForms3\\FormsImageTemplate.html"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%ProgramFiles(x86)%\\Microsoft Office\\Office14\\Groove\\ToolData\\groove.net\\GrooveForms3\\FormsMacroTemplate.html"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%ProgramFiles(x86)%\\Microsoft Office\\Office14\\Groove\\ToolData\\groove.net\\GrooveForms3\\FormsPreviewTemplate.html"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%ProgramFiles(x86)%\\Microsoft Office\\Office14\\Groove\\ToolData\\groove.net\\GrooveForms3\\FormsPrintTemplate.html"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%ProgramFiles(x86)%\\Microsoft Office\\Office14\\Groove\\ToolData\\groove.net\\GrooveForms\\FormsBlankPage.html"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%ProgramFiles(x86)%\\Microsoft Office\\Office14\\Groove\\ToolData\\groove.net\\GrooveForms\\FormsBrowserUpgrade.html"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%ProgramFiles(x86)%\\Microsoft Office\\Office14\\Groove\\ToolData\\groove.net\\GrooveForms\\FormsDoNotTrust.html"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%ProgramFiles(x86)%\\Microsoft Office\\Office14\\Groove\\ToolData\\groove.net\\GrooveForms\\FormsHomePage.html"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%ProgramFiles(x86)%\\Microsoft Office\\Office14\\Groove\\ToolData\\groove.net\\GrooveForms\\FormsPreviewTemplate.html"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%ProgramFiles(x86)%\\Microsoft Office\\Office14\\Groove\\ToolData\\groove.net\\GrooveForms\\FormsPrintTemplate.html"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%ProgramFiles(x86)%\\Microsoft Office\\Office14\\Groove\\ToolData\\groove.net\\GrooveForms\\FormsVersion1Warning.htm"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%ProgramFiles(x86)%\\Microsoft Office\\Office14\\Groove\\ToolData\\groove.net\\GrooveForms\\FormsViewFrame.html"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%ProgramFiles(x86)%\\Microsoft Office\\Office14\\Groove\\ToolData\\groove.net\\GrooveForms3\\FormsViewFrame.html"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%ProgramFiles(x86)%\\Microsoft Office\\Office14\\Groove\\ToolData\\groove.net\\GrooveForms3\\FormsViewTemplate.html"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "E:\\autorun.inf"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "E:\\RECYCLER"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%ProgramFiles(x86)%\\Microsoft"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "E:\\Copy of Shortcut to (1).lnk"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "E:\\Copy of Shortcut to (2).lnk"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "E:\\Copy of Shortcut to (3).lnk"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "E:\\Copy of Shortcut to (4).lnk"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%SystemRoot%\\SysWOW64\\dmlconf.dat"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%ProgramFiles(x86)%\\Microsoft\\WaterMark.exe"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%ProgramFiles%\\Zulu\\zulu-8\\Welcome.html"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%ProgramFiles%\\Zulu\\zulu-8\\demo\\jfc\\CodePointIM\\README.html"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%ProgramFiles%\\Zulu\\zulu-8\\demo\\jfc\\CodePointIM\\README_ja.html"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%ProgramFiles%\\Zulu\\zulu-8\\demo\\jfc\\CodePointIM\\README_zh_CN.html"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%ProgramFiles%\\Zulu\\zulu-8\\demo\\jvmti\\index.html"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%ProgramFiles%\\Zulu\\zulu-8\\demo\\management\\index.html"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%ProgramFiles%\\Zulu\\zulu-8\\sample\\annotations\\index.html"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%ProgramFiles%\\Zulu\\zulu-8\\sample\\jmx\\jmx-scandir\\index.html"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%ProgramFiles%\\Zulu\\zulu-8\\sample\\jmx\\jmx-scandir\\src\\com\\sun\\jmx\\examples\\scandir\\config\\package.html"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%ProgramFiles%\\Zulu\\zulu-8\\sample\\jmx\\jmx-scandir\\src\\com\\sun\\jmx\\examples\\scandir\\package.html"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%ProgramFiles%\\Zulu\\zulu-8\\sample\\lambda\\BulkDataOperations\\index.html"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "path": "%ProgramFiles%\\Zulu\\zulu-8\\sample\\try-with-resources\\index.html"}], "ip": [{"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "ip": "72[.]26[.]218[.]70"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "ip": "142[.]250[.]80[.]110"}], "mutex": [{"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_CONTROL"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_MAIN"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_SHUTDOWN"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_HOOK_00000000"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_HOOK_00000004"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_HOOK_000000CC"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_HOOK_00000120"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_HOOK_00000150"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_HOOK_00000158"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_HOOK_00000174"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_UNIQ_00000000"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_UNIQ_00000004"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_UNIQ_000000CC"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_UNIQ_00000120"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_UNIQ_00000150"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_UNIQ_00000158"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_UNIQ_00000174"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_HOOK_000001AC"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_HOOK_000001BC"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_HOOK_000001C4"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_HOOK_000001F0"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_HOOK_0000021C"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_HOOK_0000025C"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_HOOK_00000294"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_HOOK_000002EC"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_HOOK_00000308"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_HOOK_00000320"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_HOOK_000003D4"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_HOOK_000003F8"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_HOOK_0000043C"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_HOOK_000004B4"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_HOOK_000004DC"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_UNIQ_000001AC"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_UNIQ_000001BC"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_UNIQ_000001C4"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_UNIQ_000001F0"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_UNIQ_0000021C"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_UNIQ_0000025C"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_UNIQ_00000294"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_UNIQ_000002EC"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_UNIQ_00000308"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_UNIQ_00000320"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_UNIQ_000003D4"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_UNIQ_000003F8"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_UNIQ_0000043C"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_UNIQ_000004B4"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_UNIQ_000004DC"}, {"hashes": ["986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_HOOK_00000704"}, {"hashes": ["986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "name": "Global\\SYSTEM_DEMETRA_UNIQ_00000704"}, {"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97"], "name": "Global\\SYSTEM_DEMETRA_UNIQ_000007C0"}], "registry": [{"hashes": ["0101babc6de0885f68d564af2815913400e6c1ecfcec309ed358a17dfee6e4af", "0d36eb4b1c7d8fdf73e6160144265fa488d0b5b5741d183099f77537067068b2", "1d3ec82f736135526133101405b0287a703b7d19e55ed547ca5b38a4e0888e1c", "2e71faa6419936869da29b10761a4cb85bfa5216f53a2a71214823cf246bb3a3", "325c33566126539544c5ee9e20cb457768bbfd1323e7b52541ad087672289d87", "42b2382ace5f7574144c09b28d4758ad25b369e33bb317e4f4fdb4196e1a7904", "4c3db94d4426234d1d57ba85e99109fcac8894ce89546766b947878888e96655", "8ddb1ac3a421311ef930fa41dc04506fd01a2d7d298e68234c26701ec1c34ee7", "986e58cf8a11498f2eba1f93be224c9d94b6e5a0fef3e0ddb7528a6a8874773e", "a517e2930f308f58a6a5d8fec58d523aeade89b1239335e4da38ed9062f5598f", "afa8d3d2b57a56efc94dbacfc815eeb94fc2f88ed405b3c4f8ede6d5ca61ead4", "b30d5cbe7413e449245f5e3a39e51c1fb77a734b6431626f0cc918892bcee0a6", "b94712e6768ef42f5069ff432bbbf5b917b292fe43beb35c17613b1d60d3e832", "c7d9a2c3eca11892a61ee2f55f186ce73d3f322fd7885bb1346f7e5dc0f0c495", "cd70f028723d38966ae882a63bae7276c48e173f69b293da99d8be9ece9b0bef", "e3004c3b51fa179d9c8f67904a94f296c130194d82aff35a25e0acfe2c13ee97", "fe683c7b877c2d95af6922d80d88591868d7a7fd602a0ab2679c5f28fac0432e"], "key": "<HKLM>\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINLOGON", "value_name": "Userinit"}]}, "reports_count": 17}, "exprev": [], "info": {"origin": "Cisco Talos Intelligence Group", "publication_date": "2023-05-05T14:28:52+00:00", "version": "2.1", "warning": "As a reminder, the information provided for the following threatsin this post is non-exhaustive and current as of the date ofpublication. Additionally, please keep in mind that IOC searchingis only one part of threat hunting. Spotting a single IOC does notnecessarily indicate maliciousness. Detection and coverage for thefollowing threats is subject to updates, pending additional threator vulnerability analysis. For the most current information, pleaserefer to your Firepower Management Center, Snort.org, or ClamAV.net."}, "signatures": ["Win.Packed.njRAT-9999411-0", "Win.Dropper.Bifrost-9999421-0", "Win.Ransomware.Cerber-9999985-0", "Win.Dropper.Kuluoz-9999994-0", "Win.Dropper.XtremeRAT-10000002-0", "Win.Dropper.Tofsee-10000005-0", "Win.Trojan.Ramnit-10000021-1"]}