{"Doc.Downloader.Valyria-10004543-0": {"bis": [{"bi": "document-contains-vba-macro", "hashes": ["688d6753c1d46a3f0938b3eb151b48ce50b191477ee048af86944a84fcef9e70", "c07dc139b1d0a717071bccb552bb394afc3012f960cc182d7a934144492d6520", "7681a084c13f352046dd0d519198210ecf0ac7d5f821e629b39eb7aa8ba0d342", "168707fcadc59088773a10141ea7a5d4d586e345e6637c6f831df0423f330f61", "2f2ced0420e68ca325fc6a4c03bec2945b0164ed7cc4e1f3fbf4ff1e8baa92af", "2651e81960ba8b4d9f71beff3402bfe03e4bc5a328b9ccf58a49fa10e7029720", "a2419f02381d9e7301ae637aa4e5c905f7e1d81d92fbf893e8ef68754bf08305", "7efbb2480cd82231f9d9c81e40745ecb2aa0c7228ad6383a8b929215bed753ff", "03467831309586db00451ece187de1b4294ccfe4df9c3a44b554632b5bf42be7", "e7feb77a1b6b712a0c22e855974f564cde98aaa927ea989aa8747bbb5833f321", "b78259b174c68679a885425d64d9d8c46c163358b658553533f35f08e696b937", "3324bb313bdf400aa777d05e8f7d0368c708c45857661fb75d5d89a7fb8ccfdb", "b3eb9b1a7c972460fa7c9fe3aa911cc505c5b4b9804d6c71678da99c178b6d18", "8cf066b7f08cc018e28fff8b6de40d86382967ea5c63df2fb2dc3e8e0ee46727", "4fa10efe326beacbacd2fd9751b69fa54a3086454e627c6be454bfb4760e09cd", "a0ee2881f4992d7f256b824fb535cd19524d487edc590951cc7c47164aee1db0"], "mitre_attack_tags": ["TA0002", "TA0001", "T1559", "T1566"]}, {"bi": "vba-document-import-dll-function", "hashes": ["688d6753c1d46a3f0938b3eb151b48ce50b191477ee048af86944a84fcef9e70", "c07dc139b1d0a717071bccb552bb394afc3012f960cc182d7a934144492d6520", "7681a084c13f352046dd0d519198210ecf0ac7d5f821e629b39eb7aa8ba0d342", "168707fcadc59088773a10141ea7a5d4d586e345e6637c6f831df0423f330f61", "2f2ced0420e68ca325fc6a4c03bec2945b0164ed7cc4e1f3fbf4ff1e8baa92af", "2651e81960ba8b4d9f71beff3402bfe03e4bc5a328b9ccf58a49fa10e7029720", "a2419f02381d9e7301ae637aa4e5c905f7e1d81d92fbf893e8ef68754bf08305", "7efbb2480cd82231f9d9c81e40745ecb2aa0c7228ad6383a8b929215bed753ff", "03467831309586db00451ece187de1b4294ccfe4df9c3a44b554632b5bf42be7", "e7feb77a1b6b712a0c22e855974f564cde98aaa927ea989aa8747bbb5833f321", "b78259b174c68679a885425d64d9d8c46c163358b658553533f35f08e696b937", "3324bb313bdf400aa777d05e8f7d0368c708c45857661fb75d5d89a7fb8ccfdb", "b3eb9b1a7c972460fa7c9fe3aa911cc505c5b4b9804d6c71678da99c178b6d18", "8cf066b7f08cc018e28fff8b6de40d86382967ea5c63df2fb2dc3e8e0ee46727", "4fa10efe326beacbacd2fd9751b69fa54a3086454e627c6be454bfb4760e09cd", "a0ee2881f4992d7f256b824fb535cd19524d487edc590951cc7c47164aee1db0"], "mitre_attack_tags": ["TA0005", "TA0002", "T1202"]}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["688d6753c1d46a3f0938b3eb151b48ce50b191477ee048af86944a84fcef9e70", "c07dc139b1d0a717071bccb552bb394afc3012f960cc182d7a934144492d6520", "7681a084c13f352046dd0d519198210ecf0ac7d5f821e629b39eb7aa8ba0d342", "168707fcadc59088773a10141ea7a5d4d586e345e6637c6f831df0423f330f61", "2f2ced0420e68ca325fc6a4c03bec2945b0164ed7cc4e1f3fbf4ff1e8baa92af", "2651e81960ba8b4d9f71beff3402bfe03e4bc5a328b9ccf58a49fa10e7029720", "a2419f02381d9e7301ae637aa4e5c905f7e1d81d92fbf893e8ef68754bf08305", "7efbb2480cd82231f9d9c81e40745ecb2aa0c7228ad6383a8b929215bed753ff", "03467831309586db00451ece187de1b4294ccfe4df9c3a44b554632b5bf42be7", "e7feb77a1b6b712a0c22e855974f564cde98aaa927ea989aa8747bbb5833f321", "3324bb313bdf400aa777d05e8f7d0368c708c45857661fb75d5d89a7fb8ccfdb", "b3eb9b1a7c972460fa7c9fe3aa911cc505c5b4b9804d6c71678da99c178b6d18", "8cf066b7f08cc018e28fff8b6de40d86382967ea5c63df2fb2dc3e8e0ee46727", "4fa10efe326beacbacd2fd9751b69fa54a3086454e627c6be454bfb4760e09cd", "a0ee2881f4992d7f256b824fb535cd19524d487edc590951cc7c47164aee1db0"], "mitre_attack_tags": []}, {"bi": "vba-document-open", "hashes": ["c07dc139b1d0a717071bccb552bb394afc3012f960cc182d7a934144492d6520", "7681a084c13f352046dd0d519198210ecf0ac7d5f821e629b39eb7aa8ba0d342", "168707fcadc59088773a10141ea7a5d4d586e345e6637c6f831df0423f330f61", "2f2ced0420e68ca325fc6a4c03bec2945b0164ed7cc4e1f3fbf4ff1e8baa92af", "2651e81960ba8b4d9f71beff3402bfe03e4bc5a328b9ccf58a49fa10e7029720", "a2419f02381d9e7301ae637aa4e5c905f7e1d81d92fbf893e8ef68754bf08305", "7efbb2480cd82231f9d9c81e40745ecb2aa0c7228ad6383a8b929215bed753ff", "03467831309586db00451ece187de1b4294ccfe4df9c3a44b554632b5bf42be7", "e7feb77a1b6b712a0c22e855974f564cde98aaa927ea989aa8747bbb5833f321", "b78259b174c68679a885425d64d9d8c46c163358b658553533f35f08e696b937", "3324bb313bdf400aa777d05e8f7d0368c708c45857661fb75d5d89a7fb8ccfdb", "b3eb9b1a7c972460fa7c9fe3aa911cc505c5b4b9804d6c71678da99c178b6d18", "8cf066b7f08cc018e28fff8b6de40d86382967ea5c63df2fb2dc3e8e0ee46727", "4fa10efe326beacbacd2fd9751b69fa54a3086454e627c6be454bfb4760e09cd", "a0ee2881f4992d7f256b824fb535cd19524d487edc590951cc7c47164aee1db0"], "mitre_attack_tags": ["TA0002", "T1059"]}, {"bi": "vba-document-shellcode", "hashes": ["688d6753c1d46a3f0938b3eb151b48ce50b191477ee048af86944a84fcef9e70", "c07dc139b1d0a717071bccb552bb394afc3012f960cc182d7a934144492d6520", "7681a084c13f352046dd0d519198210ecf0ac7d5f821e629b39eb7aa8ba0d342", "168707fcadc59088773a10141ea7a5d4d586e345e6637c6f831df0423f330f61", "2f2ced0420e68ca325fc6a4c03bec2945b0164ed7cc4e1f3fbf4ff1e8baa92af", "2651e81960ba8b4d9f71beff3402bfe03e4bc5a328b9ccf58a49fa10e7029720", "a2419f02381d9e7301ae637aa4e5c905f7e1d81d92fbf893e8ef68754bf08305", "7efbb2480cd82231f9d9c81e40745ecb2aa0c7228ad6383a8b929215bed753ff", "03467831309586db00451ece187de1b4294ccfe4df9c3a44b554632b5bf42be7", "e7feb77a1b6b712a0c22e855974f564cde98aaa927ea989aa8747bbb5833f321", "b78259b174c68679a885425d64d9d8c46c163358b658553533f35f08e696b937", "4fa10efe326beacbacd2fd9751b69fa54a3086454e627c6be454bfb4760e09cd", "a0ee2881f4992d7f256b824fb535cd19524d487edc590951cc7c47164aee1db0"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "vba-document-uses-xor", "hashes": ["c07dc139b1d0a717071bccb552bb394afc3012f960cc182d7a934144492d6520", "7681a084c13f352046dd0d519198210ecf0ac7d5f821e629b39eb7aa8ba0d342", "168707fcadc59088773a10141ea7a5d4d586e345e6637c6f831df0423f330f61", "2f2ced0420e68ca325fc6a4c03bec2945b0164ed7cc4e1f3fbf4ff1e8baa92af", "a2419f02381d9e7301ae637aa4e5c905f7e1d81d92fbf893e8ef68754bf08305", "7efbb2480cd82231f9d9c81e40745ecb2aa0c7228ad6383a8b929215bed753ff", "3324bb313bdf400aa777d05e8f7d0368c708c45857661fb75d5d89a7fb8ccfdb", "b3eb9b1a7c972460fa7c9fe3aa911cc505c5b4b9804d6c71678da99c178b6d18", "8cf066b7f08cc018e28fff8b6de40d86382967ea5c63df2fb2dc3e8e0ee46727", "4fa10efe326beacbacd2fd9751b69fa54a3086454e627c6be454bfb4760e09cd", "a0ee2881f4992d7f256b824fb535cd19524d487edc590951cc7c47164aee1db0"], "mitre_attack_tags": ["TA0005", "TA0011", "T1027", "T1573"]}, {"bi": "vba-document-com-object", "hashes": ["03467831309586db00451ece187de1b4294ccfe4df9c3a44b554632b5bf42be7", "e7feb77a1b6b712a0c22e855974f564cde98aaa927ea989aa8747bbb5833f321", "b78259b174c68679a885425d64d9d8c46c163358b658553533f35f08e696b937", "3324bb313bdf400aa777d05e8f7d0368c708c45857661fb75d5d89a7fb8ccfdb", "b3eb9b1a7c972460fa7c9fe3aa911cc505c5b4b9804d6c71678da99c178b6d18", "8cf066b7f08cc018e28fff8b6de40d86382967ea5c63df2fb2dc3e8e0ee46727"], "mitre_attack_tags": ["TA0003", "TA0004", "T1546"]}, {"bi": "artifact-flagged-obfuscation", "hashes": ["a0ee2881f4992d7f256b824fb535cd19524d487edc590951cc7c47164aee1db0"], "mitre_attack_tags": ["TA0005", "T1027"]}], "category": "Downloader", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": false, "Threat Grid": true, "Umbrella": false, "WSA": false}, "description": "Valyria is a malicious Microsoft Word document family that distributes other malware such as Emotet.", "hashes": ["03467831309586db00451ece187de1b4294ccfe4df9c3a44b554632b5bf42be7", "168707fcadc59088773a10141ea7a5d4d586e345e6637c6f831df0423f330f61", "2651e81960ba8b4d9f71beff3402bfe03e4bc5a328b9ccf58a49fa10e7029720", "2f2ced0420e68ca325fc6a4c03bec2945b0164ed7cc4e1f3fbf4ff1e8baa92af", "3324bb313bdf400aa777d05e8f7d0368c708c45857661fb75d5d89a7fb8ccfdb", "4fa10efe326beacbacd2fd9751b69fa54a3086454e627c6be454bfb4760e09cd", "688d6753c1d46a3f0938b3eb151b48ce50b191477ee048af86944a84fcef9e70", "7681a084c13f352046dd0d519198210ecf0ac7d5f821e629b39eb7aa8ba0d342", "7efbb2480cd82231f9d9c81e40745ecb2aa0c7228ad6383a8b929215bed753ff", "8cf066b7f08cc018e28fff8b6de40d86382967ea5c63df2fb2dc3e8e0ee46727", "a0ee2881f4992d7f256b824fb535cd19524d487edc590951cc7c47164aee1db0", "a2419f02381d9e7301ae637aa4e5c905f7e1d81d92fbf893e8ef68754bf08305", "b3eb9b1a7c972460fa7c9fe3aa911cc505c5b4b9804d6c71678da99c178b6d18", "b78259b174c68679a885425d64d9d8c46c163358b658553533f35f08e696b937", "c07dc139b1d0a717071bccb552bb394afc3012f960cc182d7a934144492d6520", "e7feb77a1b6b712a0c22e855974f564cde98aaa927ea989aa8747bbb5833f321"], "iocs": {"domain": [], "file": [{"hashes": ["03467831309586db00451ece187de1b4294ccfe4df9c3a44b554632b5bf42be7", "168707fcadc59088773a10141ea7a5d4d586e345e6637c6f831df0423f330f61", "2651e81960ba8b4d9f71beff3402bfe03e4bc5a328b9ccf58a49fa10e7029720", "2f2ced0420e68ca325fc6a4c03bec2945b0164ed7cc4e1f3fbf4ff1e8baa92af", "3324bb313bdf400aa777d05e8f7d0368c708c45857661fb75d5d89a7fb8ccfdb", "4fa10efe326beacbacd2fd9751b69fa54a3086454e627c6be454bfb4760e09cd", "688d6753c1d46a3f0938b3eb151b48ce50b191477ee048af86944a84fcef9e70", "7681a084c13f352046dd0d519198210ecf0ac7d5f821e629b39eb7aa8ba0d342", "7efbb2480cd82231f9d9c81e40745ecb2aa0c7228ad6383a8b929215bed753ff", "8cf066b7f08cc018e28fff8b6de40d86382967ea5c63df2fb2dc3e8e0ee46727", "a0ee2881f4992d7f256b824fb535cd19524d487edc590951cc7c47164aee1db0", "a2419f02381d9e7301ae637aa4e5c905f7e1d81d92fbf893e8ef68754bf08305", "b3eb9b1a7c972460fa7c9fe3aa911cc505c5b4b9804d6c71678da99c178b6d18", "b78259b174c68679a885425d64d9d8c46c163358b658553533f35f08e696b937", "c07dc139b1d0a717071bccb552bb394afc3012f960cc182d7a934144492d6520", "e7feb77a1b6b712a0c22e855974f564cde98aaa927ea989aa8747bbb5833f321"], "path": "%LOCALAPPDATA%\\Microsoft\\Windows\\Temporary Internet Files\\Content.Word\\~WRD0000.doc"}, {"hashes": ["03467831309586db00451ece187de1b4294ccfe4df9c3a44b554632b5bf42be7", "168707fcadc59088773a10141ea7a5d4d586e345e6637c6f831df0423f330f61", "2651e81960ba8b4d9f71beff3402bfe03e4bc5a328b9ccf58a49fa10e7029720", "2f2ced0420e68ca325fc6a4c03bec2945b0164ed7cc4e1f3fbf4ff1e8baa92af", "3324bb313bdf400aa777d05e8f7d0368c708c45857661fb75d5d89a7fb8ccfdb", "4fa10efe326beacbacd2fd9751b69fa54a3086454e627c6be454bfb4760e09cd", "688d6753c1d46a3f0938b3eb151b48ce50b191477ee048af86944a84fcef9e70", "7681a084c13f352046dd0d519198210ecf0ac7d5f821e629b39eb7aa8ba0d342", "7efbb2480cd82231f9d9c81e40745ecb2aa0c7228ad6383a8b929215bed753ff", "8cf066b7f08cc018e28fff8b6de40d86382967ea5c63df2fb2dc3e8e0ee46727", "a0ee2881f4992d7f256b824fb535cd19524d487edc590951cc7c47164aee1db0", "a2419f02381d9e7301ae637aa4e5c905f7e1d81d92fbf893e8ef68754bf08305", "b3eb9b1a7c972460fa7c9fe3aa911cc505c5b4b9804d6c71678da99c178b6d18", "b78259b174c68679a885425d64d9d8c46c163358b658553533f35f08e696b937", "c07dc139b1d0a717071bccb552bb394afc3012f960cc182d7a934144492d6520", "e7feb77a1b6b712a0c22e855974f564cde98aaa927ea989aa8747bbb5833f321"], "path": "%TEMP%\\<random, matching '[a-z]{3}[A-F0-9]{3,4}'>.tmp"}], "ip": [], "mutex": [{"hashes": ["03467831309586db00451ece187de1b4294ccfe4df9c3a44b554632b5bf42be7", "168707fcadc59088773a10141ea7a5d4d586e345e6637c6f831df0423f330f61", "2651e81960ba8b4d9f71beff3402bfe03e4bc5a328b9ccf58a49fa10e7029720", "2f2ced0420e68ca325fc6a4c03bec2945b0164ed7cc4e1f3fbf4ff1e8baa92af", "3324bb313bdf400aa777d05e8f7d0368c708c45857661fb75d5d89a7fb8ccfdb", "4fa10efe326beacbacd2fd9751b69fa54a3086454e627c6be454bfb4760e09cd", "688d6753c1d46a3f0938b3eb151b48ce50b191477ee048af86944a84fcef9e70", "7681a084c13f352046dd0d519198210ecf0ac7d5f821e629b39eb7aa8ba0d342", "7efbb2480cd82231f9d9c81e40745ecb2aa0c7228ad6383a8b929215bed753ff", "8cf066b7f08cc018e28fff8b6de40d86382967ea5c63df2fb2dc3e8e0ee46727", "a0ee2881f4992d7f256b824fb535cd19524d487edc590951cc7c47164aee1db0", "a2419f02381d9e7301ae637aa4e5c905f7e1d81d92fbf893e8ef68754bf08305", "b3eb9b1a7c972460fa7c9fe3aa911cc505c5b4b9804d6c71678da99c178b6d18", "b78259b174c68679a885425d64d9d8c46c163358b658553533f35f08e696b937", "c07dc139b1d0a717071bccb552bb394afc3012f960cc182d7a934144492d6520", "e7feb77a1b6b712a0c22e855974f564cde98aaa927ea989aa8747bbb5833f321"], "name": "Local\\10MU_ACB10_S-1-5-5-0-67863"}, {"hashes": ["03467831309586db00451ece187de1b4294ccfe4df9c3a44b554632b5bf42be7", "168707fcadc59088773a10141ea7a5d4d586e345e6637c6f831df0423f330f61", "2651e81960ba8b4d9f71beff3402bfe03e4bc5a328b9ccf58a49fa10e7029720", "2f2ced0420e68ca325fc6a4c03bec2945b0164ed7cc4e1f3fbf4ff1e8baa92af", "3324bb313bdf400aa777d05e8f7d0368c708c45857661fb75d5d89a7fb8ccfdb", "4fa10efe326beacbacd2fd9751b69fa54a3086454e627c6be454bfb4760e09cd", "688d6753c1d46a3f0938b3eb151b48ce50b191477ee048af86944a84fcef9e70", "7681a084c13f352046dd0d519198210ecf0ac7d5f821e629b39eb7aa8ba0d342", "7efbb2480cd82231f9d9c81e40745ecb2aa0c7228ad6383a8b929215bed753ff", "8cf066b7f08cc018e28fff8b6de40d86382967ea5c63df2fb2dc3e8e0ee46727", "a0ee2881f4992d7f256b824fb535cd19524d487edc590951cc7c47164aee1db0", "a2419f02381d9e7301ae637aa4e5c905f7e1d81d92fbf893e8ef68754bf08305", "b3eb9b1a7c972460fa7c9fe3aa911cc505c5b4b9804d6c71678da99c178b6d18", "b78259b174c68679a885425d64d9d8c46c163358b658553533f35f08e696b937", "c07dc139b1d0a717071bccb552bb394afc3012f960cc182d7a934144492d6520", "e7feb77a1b6b712a0c22e855974f564cde98aaa927ea989aa8747bbb5833f321"], "name": "Local\\10MU_ACBPIDS_S-1-5-5-0-67863"}, {"hashes": ["03467831309586db00451ece187de1b4294ccfe4df9c3a44b554632b5bf42be7", "168707fcadc59088773a10141ea7a5d4d586e345e6637c6f831df0423f330f61", "2651e81960ba8b4d9f71beff3402bfe03e4bc5a328b9ccf58a49fa10e7029720", "2f2ced0420e68ca325fc6a4c03bec2945b0164ed7cc4e1f3fbf4ff1e8baa92af", "3324bb313bdf400aa777d05e8f7d0368c708c45857661fb75d5d89a7fb8ccfdb", "4fa10efe326beacbacd2fd9751b69fa54a3086454e627c6be454bfb4760e09cd", "7681a084c13f352046dd0d519198210ecf0ac7d5f821e629b39eb7aa8ba0d342", "7efbb2480cd82231f9d9c81e40745ecb2aa0c7228ad6383a8b929215bed753ff", "8cf066b7f08cc018e28fff8b6de40d86382967ea5c63df2fb2dc3e8e0ee46727", "a0ee2881f4992d7f256b824fb535cd19524d487edc590951cc7c47164aee1db0", "a2419f02381d9e7301ae637aa4e5c905f7e1d81d92fbf893e8ef68754bf08305", "b3eb9b1a7c972460fa7c9fe3aa911cc505c5b4b9804d6c71678da99c178b6d18", "b78259b174c68679a885425d64d9d8c46c163358b658553533f35f08e696b937", "c07dc139b1d0a717071bccb552bb394afc3012f960cc182d7a934144492d6520", "e7feb77a1b6b712a0c22e855974f564cde98aaa927ea989aa8747bbb5833f321"], "name": "Local\\WinSpl64To32Mutex_10960_0_3000"}], "registry": [{"hashes": ["03467831309586db00451ece187de1b4294ccfe4df9c3a44b554632b5bf42be7", "168707fcadc59088773a10141ea7a5d4d586e345e6637c6f831df0423f330f61", "2651e81960ba8b4d9f71beff3402bfe03e4bc5a328b9ccf58a49fa10e7029720", "2f2ced0420e68ca325fc6a4c03bec2945b0164ed7cc4e1f3fbf4ff1e8baa92af", "3324bb313bdf400aa777d05e8f7d0368c708c45857661fb75d5d89a7fb8ccfdb", "4fa10efe326beacbacd2fd9751b69fa54a3086454e627c6be454bfb4760e09cd", "688d6753c1d46a3f0938b3eb151b48ce50b191477ee048af86944a84fcef9e70", "7681a084c13f352046dd0d519198210ecf0ac7d5f821e629b39eb7aa8ba0d342", "7efbb2480cd82231f9d9c81e40745ecb2aa0c7228ad6383a8b929215bed753ff", "8cf066b7f08cc018e28fff8b6de40d86382967ea5c63df2fb2dc3e8e0ee46727", "a0ee2881f4992d7f256b824fb535cd19524d487edc590951cc7c47164aee1db0", "a2419f02381d9e7301ae637aa4e5c905f7e1d81d92fbf893e8ef68754bf08305", "b3eb9b1a7c972460fa7c9fe3aa911cc505c5b4b9804d6c71678da99c178b6d18", "b78259b174c68679a885425d64d9d8c46c163358b658553533f35f08e696b937", "c07dc139b1d0a717071bccb552bb394afc3012f960cc182d7a934144492d6520", "e7feb77a1b6b712a0c22e855974f564cde98aaa927ea989aa8747bbb5833f321"], "key": "<HKLM>\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\OFFICE\\14.0\\WORD\\TEXT CONVERTERS\\IMPORT\\RECOVER", "value_name": "Name"}, {"hashes": ["03467831309586db00451ece187de1b4294ccfe4df9c3a44b554632b5bf42be7", "168707fcadc59088773a10141ea7a5d4d586e345e6637c6f831df0423f330f61", "2651e81960ba8b4d9f71beff3402bfe03e4bc5a328b9ccf58a49fa10e7029720", "2f2ced0420e68ca325fc6a4c03bec2945b0164ed7cc4e1f3fbf4ff1e8baa92af", "3324bb313bdf400aa777d05e8f7d0368c708c45857661fb75d5d89a7fb8ccfdb", "4fa10efe326beacbacd2fd9751b69fa54a3086454e627c6be454bfb4760e09cd", "688d6753c1d46a3f0938b3eb151b48ce50b191477ee048af86944a84fcef9e70", "7681a084c13f352046dd0d519198210ecf0ac7d5f821e629b39eb7aa8ba0d342", "7efbb2480cd82231f9d9c81e40745ecb2aa0c7228ad6383a8b929215bed753ff", "8cf066b7f08cc018e28fff8b6de40d86382967ea5c63df2fb2dc3e8e0ee46727", "a0ee2881f4992d7f256b824fb535cd19524d487edc590951cc7c47164aee1db0", "a2419f02381d9e7301ae637aa4e5c905f7e1d81d92fbf893e8ef68754bf08305", "b3eb9b1a7c972460fa7c9fe3aa911cc505c5b4b9804d6c71678da99c178b6d18", "b78259b174c68679a885425d64d9d8c46c163358b658553533f35f08e696b937", "c07dc139b1d0a717071bccb552bb394afc3012f960cc182d7a934144492d6520", "e7feb77a1b6b712a0c22e855974f564cde98aaa927ea989aa8747bbb5833f321"], "key": "<HKLM>\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\OFFICE\\14.0\\WORD\\TEXT CONVERTERS\\IMPORT\\RECOVER", "value_name": "Path"}, {"hashes": ["03467831309586db00451ece187de1b4294ccfe4df9c3a44b554632b5bf42be7", "168707fcadc59088773a10141ea7a5d4d586e345e6637c6f831df0423f330f61", "2651e81960ba8b4d9f71beff3402bfe03e4bc5a328b9ccf58a49fa10e7029720", "2f2ced0420e68ca325fc6a4c03bec2945b0164ed7cc4e1f3fbf4ff1e8baa92af", "3324bb313bdf400aa777d05e8f7d0368c708c45857661fb75d5d89a7fb8ccfdb", "4fa10efe326beacbacd2fd9751b69fa54a3086454e627c6be454bfb4760e09cd", "688d6753c1d46a3f0938b3eb151b48ce50b191477ee048af86944a84fcef9e70", "7681a084c13f352046dd0d519198210ecf0ac7d5f821e629b39eb7aa8ba0d342", "7efbb2480cd82231f9d9c81e40745ecb2aa0c7228ad6383a8b929215bed753ff", "8cf066b7f08cc018e28fff8b6de40d86382967ea5c63df2fb2dc3e8e0ee46727", "a0ee2881f4992d7f256b824fb535cd19524d487edc590951cc7c47164aee1db0", "a2419f02381d9e7301ae637aa4e5c905f7e1d81d92fbf893e8ef68754bf08305", "b3eb9b1a7c972460fa7c9fe3aa911cc505c5b4b9804d6c71678da99c178b6d18", "b78259b174c68679a885425d64d9d8c46c163358b658553533f35f08e696b937", "c07dc139b1d0a717071bccb552bb394afc3012f960cc182d7a934144492d6520", "e7feb77a1b6b712a0c22e855974f564cde98aaa927ea989aa8747bbb5833f321"], "key": "<HKLM>\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\OFFICE\\14.0\\WORD\\TEXT CONVERTERS\\IMPORT\\RECOVER", "value_name": "Extensions"}, {"hashes": ["03467831309586db00451ece187de1b4294ccfe4df9c3a44b554632b5bf42be7", "168707fcadc59088773a10141ea7a5d4d586e345e6637c6f831df0423f330f61", "2651e81960ba8b4d9f71beff3402bfe03e4bc5a328b9ccf58a49fa10e7029720", "2f2ced0420e68ca325fc6a4c03bec2945b0164ed7cc4e1f3fbf4ff1e8baa92af", "3324bb313bdf400aa777d05e8f7d0368c708c45857661fb75d5d89a7fb8ccfdb", "4fa10efe326beacbacd2fd9751b69fa54a3086454e627c6be454bfb4760e09cd", "688d6753c1d46a3f0938b3eb151b48ce50b191477ee048af86944a84fcef9e70", "7681a084c13f352046dd0d519198210ecf0ac7d5f821e629b39eb7aa8ba0d342", "7efbb2480cd82231f9d9c81e40745ecb2aa0c7228ad6383a8b929215bed753ff", "8cf066b7f08cc018e28fff8b6de40d86382967ea5c63df2fb2dc3e8e0ee46727", "a0ee2881f4992d7f256b824fb535cd19524d487edc590951cc7c47164aee1db0", "a2419f02381d9e7301ae637aa4e5c905f7e1d81d92fbf893e8ef68754bf08305", "b3eb9b1a7c972460fa7c9fe3aa911cc505c5b4b9804d6c71678da99c178b6d18", "b78259b174c68679a885425d64d9d8c46c163358b658553533f35f08e696b937", "c07dc139b1d0a717071bccb552bb394afc3012f960cc182d7a934144492d6520", "e7feb77a1b6b712a0c22e855974f564cde98aaa927ea989aa8747bbb5833f321"], "key": "<HKLM>\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\OFFICE\\14.0\\WORD\\TEXT CONVERTERS\\IMPORT\\WRDPRFCTDOS", "value_name": "Name"}, {"hashes": ["03467831309586db00451ece187de1b4294ccfe4df9c3a44b554632b5bf42be7", "168707fcadc59088773a10141ea7a5d4d586e345e6637c6f831df0423f330f61", "2651e81960ba8b4d9f71beff3402bfe03e4bc5a328b9ccf58a49fa10e7029720", "2f2ced0420e68ca325fc6a4c03bec2945b0164ed7cc4e1f3fbf4ff1e8baa92af", "3324bb313bdf400aa777d05e8f7d0368c708c45857661fb75d5d89a7fb8ccfdb", "4fa10efe326beacbacd2fd9751b69fa54a3086454e627c6be454bfb4760e09cd", "688d6753c1d46a3f0938b3eb151b48ce50b191477ee048af86944a84fcef9e70", "7681a084c13f352046dd0d519198210ecf0ac7d5f821e629b39eb7aa8ba0d342", "7efbb2480cd82231f9d9c81e40745ecb2aa0c7228ad6383a8b929215bed753ff", "8cf066b7f08cc018e28fff8b6de40d86382967ea5c63df2fb2dc3e8e0ee46727", "a0ee2881f4992d7f256b824fb535cd19524d487edc590951cc7c47164aee1db0", "a2419f02381d9e7301ae637aa4e5c905f7e1d81d92fbf893e8ef68754bf08305", "b3eb9b1a7c972460fa7c9fe3aa911cc505c5b4b9804d6c71678da99c178b6d18", "b78259b174c68679a885425d64d9d8c46c163358b658553533f35f08e696b937", "c07dc139b1d0a717071bccb552bb394afc3012f960cc182d7a934144492d6520", "e7feb77a1b6b712a0c22e855974f564cde98aaa927ea989aa8747bbb5833f321"], "key": "<HKLM>\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\OFFICE\\14.0\\WORD\\TEXT CONVERTERS\\IMPORT\\WRDPRFCTDOS", "value_name": "Path"}, {"hashes": ["03467831309586db00451ece187de1b4294ccfe4df9c3a44b554632b5bf42be7", "168707fcadc59088773a10141ea7a5d4d586e345e6637c6f831df0423f330f61", "2651e81960ba8b4d9f71beff3402bfe03e4bc5a328b9ccf58a49fa10e7029720", "2f2ced0420e68ca325fc6a4c03bec2945b0164ed7cc4e1f3fbf4ff1e8baa92af", "3324bb313bdf400aa777d05e8f7d0368c708c45857661fb75d5d89a7fb8ccfdb", "4fa10efe326beacbacd2fd9751b69fa54a3086454e627c6be454bfb4760e09cd", "688d6753c1d46a3f0938b3eb151b48ce50b191477ee048af86944a84fcef9e70", "7681a084c13f352046dd0d519198210ecf0ac7d5f821e629b39eb7aa8ba0d342", "7efbb2480cd82231f9d9c81e40745ecb2aa0c7228ad6383a8b929215bed753ff", "8cf066b7f08cc018e28fff8b6de40d86382967ea5c63df2fb2dc3e8e0ee46727", "a0ee2881f4992d7f256b824fb535cd19524d487edc590951cc7c47164aee1db0", "a2419f02381d9e7301ae637aa4e5c905f7e1d81d92fbf893e8ef68754bf08305", "b3eb9b1a7c972460fa7c9fe3aa911cc505c5b4b9804d6c71678da99c178b6d18", "b78259b174c68679a885425d64d9d8c46c163358b658553533f35f08e696b937", "c07dc139b1d0a717071bccb552bb394afc3012f960cc182d7a934144492d6520", "e7feb77a1b6b712a0c22e855974f564cde98aaa927ea989aa8747bbb5833f321"], "key": "<HKLM>\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\OFFICE\\14.0\\WORD\\TEXT CONVERTERS\\IMPORT\\WRDPRFCTDOS", "value_name": "Extensions"}, {"hashes": ["03467831309586db00451ece187de1b4294ccfe4df9c3a44b554632b5bf42be7", "168707fcadc59088773a10141ea7a5d4d586e345e6637c6f831df0423f330f61", "2651e81960ba8b4d9f71beff3402bfe03e4bc5a328b9ccf58a49fa10e7029720", "2f2ced0420e68ca325fc6a4c03bec2945b0164ed7cc4e1f3fbf4ff1e8baa92af", "3324bb313bdf400aa777d05e8f7d0368c708c45857661fb75d5d89a7fb8ccfdb", "4fa10efe326beacbacd2fd9751b69fa54a3086454e627c6be454bfb4760e09cd", "688d6753c1d46a3f0938b3eb151b48ce50b191477ee048af86944a84fcef9e70", "7681a084c13f352046dd0d519198210ecf0ac7d5f821e629b39eb7aa8ba0d342", "7efbb2480cd82231f9d9c81e40745ecb2aa0c7228ad6383a8b929215bed753ff", "8cf066b7f08cc018e28fff8b6de40d86382967ea5c63df2fb2dc3e8e0ee46727", "a0ee2881f4992d7f256b824fb535cd19524d487edc590951cc7c47164aee1db0", "a2419f02381d9e7301ae637aa4e5c905f7e1d81d92fbf893e8ef68754bf08305", "b3eb9b1a7c972460fa7c9fe3aa911cc505c5b4b9804d6c71678da99c178b6d18", "b78259b174c68679a885425d64d9d8c46c163358b658553533f35f08e696b937", "c07dc139b1d0a717071bccb552bb394afc3012f960cc182d7a934144492d6520", "e7feb77a1b6b712a0c22e855974f564cde98aaa927ea989aa8747bbb5833f321"], "key": "<HKLM>\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\OFFICE\\14.0\\WORD\\TEXT CONVERTERS\\IMPORT\\WORDPERFECT6X", "value_name": "Name"}, {"hashes": ["03467831309586db00451ece187de1b4294ccfe4df9c3a44b554632b5bf42be7", "168707fcadc59088773a10141ea7a5d4d586e345e6637c6f831df0423f330f61", "2651e81960ba8b4d9f71beff3402bfe03e4bc5a328b9ccf58a49fa10e7029720", "2f2ced0420e68ca325fc6a4c03bec2945b0164ed7cc4e1f3fbf4ff1e8baa92af", "3324bb313bdf400aa777d05e8f7d0368c708c45857661fb75d5d89a7fb8ccfdb", "4fa10efe326beacbacd2fd9751b69fa54a3086454e627c6be454bfb4760e09cd", "688d6753c1d46a3f0938b3eb151b48ce50b191477ee048af86944a84fcef9e70", "7681a084c13f352046dd0d519198210ecf0ac7d5f821e629b39eb7aa8ba0d342", "7efbb2480cd82231f9d9c81e40745ecb2aa0c7228ad6383a8b929215bed753ff", "8cf066b7f08cc018e28fff8b6de40d86382967ea5c63df2fb2dc3e8e0ee46727", "a0ee2881f4992d7f256b824fb535cd19524d487edc590951cc7c47164aee1db0", "a2419f02381d9e7301ae637aa4e5c905f7e1d81d92fbf893e8ef68754bf08305", "b3eb9b1a7c972460fa7c9fe3aa911cc505c5b4b9804d6c71678da99c178b6d18", "b78259b174c68679a885425d64d9d8c46c163358b658553533f35f08e696b937", "c07dc139b1d0a717071bccb552bb394afc3012f960cc182d7a934144492d6520", "e7feb77a1b6b712a0c22e855974f564cde98aaa927ea989aa8747bbb5833f321"], "key": "<HKLM>\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\OFFICE\\14.0\\WORD\\TEXT CONVERTERS\\IMPORT\\WORDPERFECT6X", "value_name": "Path"}, {"hashes": ["03467831309586db00451ece187de1b4294ccfe4df9c3a44b554632b5bf42be7", "168707fcadc59088773a10141ea7a5d4d586e345e6637c6f831df0423f330f61", "2651e81960ba8b4d9f71beff3402bfe03e4bc5a328b9ccf58a49fa10e7029720", "2f2ced0420e68ca325fc6a4c03bec2945b0164ed7cc4e1f3fbf4ff1e8baa92af", "3324bb313bdf400aa777d05e8f7d0368c708c45857661fb75d5d89a7fb8ccfdb", "4fa10efe326beacbacd2fd9751b69fa54a3086454e627c6be454bfb4760e09cd", "688d6753c1d46a3f0938b3eb151b48ce50b191477ee048af86944a84fcef9e70", "7681a084c13f352046dd0d519198210ecf0ac7d5f821e629b39eb7aa8ba0d342", "7efbb2480cd82231f9d9c81e40745ecb2aa0c7228ad6383a8b929215bed753ff", "8cf066b7f08cc018e28fff8b6de40d86382967ea5c63df2fb2dc3e8e0ee46727", "a0ee2881f4992d7f256b824fb535cd19524d487edc590951cc7c47164aee1db0", "a2419f02381d9e7301ae637aa4e5c905f7e1d81d92fbf893e8ef68754bf08305", "b3eb9b1a7c972460fa7c9fe3aa911cc505c5b4b9804d6c71678da99c178b6d18", "b78259b174c68679a885425d64d9d8c46c163358b658553533f35f08e696b937", "c07dc139b1d0a717071bccb552bb394afc3012f960cc182d7a934144492d6520", "e7feb77a1b6b712a0c22e855974f564cde98aaa927ea989aa8747bbb5833f321"], "key": "<HKLM>\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\OFFICE\\14.0\\WORD\\TEXT CONVERTERS\\IMPORT\\WORDPERFECT6X", "value_name": "Extensions"}]}, "reports_count": 16}, "Win.Downloader.Zbot-10004448-0": {"bis": [{"bi": "memory-execute-readwrite", "hashes": ["3a3283e24b8693a60341593cf3d57e5e279305a9607d30ca8b948fd9f866eca8", "79b060e8975e684bda3cf79b45ccf9389b5679cbef2cb63656b94ee2ff34f5e1", "5de5879da208a90f46d08c6bb416a5a2f78c804ea20464dbabc34eb0390aa4f5", "63ab006084041b1b6bf6f260f412c34fc56664a3a2ab0faf6a454233530b2e5d", "518253b8c0fad2934c8d06195a63030b99b7bfe2962fe42248b9e5572e435e59", "227c80b9ffc7b3aedb0331fa2c558e5691758a11c1409b3e229998ee10477481", "5d75c21c11022d4fdfc7fd6591b59111982aa567bc69e3fccf6298da1055b515", "15cd28a2bf63f2d5398e6ff68bb2c18a5ccab0deb03dc875d6113520a2f82b4d", "b1046887ffe240816c1e21e4c79ed386039e4acbbd239add34d2c5ae05ff326d", "53d4b89860e7b7cc296cd5917d46a9720b8b0baacb7b31db7d571e61c591a181", "6103228f4365322d5ceae300620cc66fbf84eb9dfdbc6a0022c268dc83aa65a6", "239cb1e55ddbb69bb3d00572d58384aadbcf2a6fa609b69fe761220bb5ae7894", "0a43fe36f8e691f067eb8b2fc41a186c53808c6e606d31c66360a2778497f738", "c979c1406f9a8776202194fd2b1630a51e066ed4a6aadfa20e4edf4005f9ebc1", "762d6eb6820eefbf2e46e2174a9ada9841d3ed55a09ac3d62fd97a14077304df", "096401e776c273e5c580f401cbaab5d2b74a1541299d8d0add5d99d68866958c", "053a330f699d8c4699b1c6bc7ec2f2a2bd6b9257c4a0eee8d514b2ad4b55e88c", "28959a0fac78cefae567abc5fe3cd33183c26ba73cf349befe43ac832848022a", "0c555bbddffcc35759b381e0508cf0666fc1b0f9e5aba0d6f5f125c42acb903b", "5936c22f97b9933088de3d142707736a64744e81c372183f8fee986328d919d5", "0a0e51d77206354a7a525c0ca44835e7657ec25378f814ae0ecab0dee94a9800", "248625ec043b72d80c240b9513123a05fe9066756e76c846a7ff3413e7823416", "f2efc731b7b699ee9c33461bf7c5669cfa7a555bee9d5494920cc8bb816c91d1", "1d292629b26d830c600d93d71e944daca4d84f57a065f3a24f30e2faf5d56809", "15156356f6965001ad4f3cc867352f5c9b4c5bed56b16a9562e2f6d5ddd1f01b", "0fecc3ec5645e4b7d93650d5ddfcbe87705828aefdcc3125ad3fb11361780703", "89ba7325f5bcd26a21c89daa30726013bb6d59812ec104b81a7229024f91510d", "eafd0e9b25f9736cf4872ccbebb866b81c47fb18c592ba04e72ad86883463159", "27700ad54347a4cb183652fb686c4ea73ac6651b3a6af40c694fdd0a632922b9"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "modified-executable", "hashes": ["3a3283e24b8693a60341593cf3d57e5e279305a9607d30ca8b948fd9f866eca8", "79b060e8975e684bda3cf79b45ccf9389b5679cbef2cb63656b94ee2ff34f5e1", "5de5879da208a90f46d08c6bb416a5a2f78c804ea20464dbabc34eb0390aa4f5", "63ab006084041b1b6bf6f260f412c34fc56664a3a2ab0faf6a454233530b2e5d", "518253b8c0fad2934c8d06195a63030b99b7bfe2962fe42248b9e5572e435e59", "227c80b9ffc7b3aedb0331fa2c558e5691758a11c1409b3e229998ee10477481", "5d75c21c11022d4fdfc7fd6591b59111982aa567bc69e3fccf6298da1055b515", "15cd28a2bf63f2d5398e6ff68bb2c18a5ccab0deb03dc875d6113520a2f82b4d", "b1046887ffe240816c1e21e4c79ed386039e4acbbd239add34d2c5ae05ff326d", "53d4b89860e7b7cc296cd5917d46a9720b8b0baacb7b31db7d571e61c591a181", "6103228f4365322d5ceae300620cc66fbf84eb9dfdbc6a0022c268dc83aa65a6", "239cb1e55ddbb69bb3d00572d58384aadbcf2a6fa609b69fe761220bb5ae7894", "0a43fe36f8e691f067eb8b2fc41a186c53808c6e606d31c66360a2778497f738", "c979c1406f9a8776202194fd2b1630a51e066ed4a6aadfa20e4edf4005f9ebc1", "762d6eb6820eefbf2e46e2174a9ada9841d3ed55a09ac3d62fd97a14077304df", "096401e776c273e5c580f401cbaab5d2b74a1541299d8d0add5d99d68866958c", "053a330f699d8c4699b1c6bc7ec2f2a2bd6b9257c4a0eee8d514b2ad4b55e88c", "28959a0fac78cefae567abc5fe3cd33183c26ba73cf349befe43ac832848022a", "0c555bbddffcc35759b381e0508cf0666fc1b0f9e5aba0d6f5f125c42acb903b", "5936c22f97b9933088de3d142707736a64744e81c372183f8fee986328d919d5", "0a0e51d77206354a7a525c0ca44835e7657ec25378f814ae0ecab0dee94a9800", "248625ec043b72d80c240b9513123a05fe9066756e76c846a7ff3413e7823416", "f2efc731b7b699ee9c33461bf7c5669cfa7a555bee9d5494920cc8bb816c91d1", "1d292629b26d830c600d93d71e944daca4d84f57a065f3a24f30e2faf5d56809", "15156356f6965001ad4f3cc867352f5c9b4c5bed56b16a9562e2f6d5ddd1f01b", "0fecc3ec5645e4b7d93650d5ddfcbe87705828aefdcc3125ad3fb11361780703", "89ba7325f5bcd26a21c89daa30726013bb6d59812ec104b81a7229024f91510d", "eafd0e9b25f9736cf4872ccbebb866b81c47fb18c592ba04e72ad86883463159", "27700ad54347a4cb183652fb686c4ea73ac6651b3a6af40c694fdd0a632922b9"], "mitre_attack_tags": []}, {"bi": "created-executable-in-user-dir", "hashes": ["3a3283e24b8693a60341593cf3d57e5e279305a9607d30ca8b948fd9f866eca8", "79b060e8975e684bda3cf79b45ccf9389b5679cbef2cb63656b94ee2ff34f5e1", "5de5879da208a90f46d08c6bb416a5a2f78c804ea20464dbabc34eb0390aa4f5", "63ab006084041b1b6bf6f260f412c34fc56664a3a2ab0faf6a454233530b2e5d", "518253b8c0fad2934c8d06195a63030b99b7bfe2962fe42248b9e5572e435e59", "227c80b9ffc7b3aedb0331fa2c558e5691758a11c1409b3e229998ee10477481", "5d75c21c11022d4fdfc7fd6591b59111982aa567bc69e3fccf6298da1055b515", "15cd28a2bf63f2d5398e6ff68bb2c18a5ccab0deb03dc875d6113520a2f82b4d", "b1046887ffe240816c1e21e4c79ed386039e4acbbd239add34d2c5ae05ff326d", "53d4b89860e7b7cc296cd5917d46a9720b8b0baacb7b31db7d571e61c591a181", "6103228f4365322d5ceae300620cc66fbf84eb9dfdbc6a0022c268dc83aa65a6", "239cb1e55ddbb69bb3d00572d58384aadbcf2a6fa609b69fe761220bb5ae7894", "0a43fe36f8e691f067eb8b2fc41a186c53808c6e606d31c66360a2778497f738", "c979c1406f9a8776202194fd2b1630a51e066ed4a6aadfa20e4edf4005f9ebc1", "762d6eb6820eefbf2e46e2174a9ada9841d3ed55a09ac3d62fd97a14077304df", "096401e776c273e5c580f401cbaab5d2b74a1541299d8d0add5d99d68866958c", "053a330f699d8c4699b1c6bc7ec2f2a2bd6b9257c4a0eee8d514b2ad4b55e88c", "28959a0fac78cefae567abc5fe3cd33183c26ba73cf349befe43ac832848022a", "0c555bbddffcc35759b381e0508cf0666fc1b0f9e5aba0d6f5f125c42acb903b", "5936c22f97b9933088de3d142707736a64744e81c372183f8fee986328d919d5", "0a0e51d77206354a7a525c0ca44835e7657ec25378f814ae0ecab0dee94a9800", "248625ec043b72d80c240b9513123a05fe9066756e76c846a7ff3413e7823416", "f2efc731b7b699ee9c33461bf7c5669cfa7a555bee9d5494920cc8bb816c91d1", "1d292629b26d830c600d93d71e944daca4d84f57a065f3a24f30e2faf5d56809", "15156356f6965001ad4f3cc867352f5c9b4c5bed56b16a9562e2f6d5ddd1f01b", "0fecc3ec5645e4b7d93650d5ddfcbe87705828aefdcc3125ad3fb11361780703", "89ba7325f5bcd26a21c89daa30726013bb6d59812ec104b81a7229024f91510d", "eafd0e9b25f9736cf4872ccbebb866b81c47fb18c592ba04e72ad86883463159", "27700ad54347a4cb183652fb686c4ea73ac6651b3a6af40c694fdd0a632922b9"], "mitre_attack_tags": []}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["3a3283e24b8693a60341593cf3d57e5e279305a9607d30ca8b948fd9f866eca8", "79b060e8975e684bda3cf79b45ccf9389b5679cbef2cb63656b94ee2ff34f5e1", "5de5879da208a90f46d08c6bb416a5a2f78c804ea20464dbabc34eb0390aa4f5", "63ab006084041b1b6bf6f260f412c34fc56664a3a2ab0faf6a454233530b2e5d", "518253b8c0fad2934c8d06195a63030b99b7bfe2962fe42248b9e5572e435e59", "227c80b9ffc7b3aedb0331fa2c558e5691758a11c1409b3e229998ee10477481", "5d75c21c11022d4fdfc7fd6591b59111982aa567bc69e3fccf6298da1055b515", "15cd28a2bf63f2d5398e6ff68bb2c18a5ccab0deb03dc875d6113520a2f82b4d", "b1046887ffe240816c1e21e4c79ed386039e4acbbd239add34d2c5ae05ff326d", "53d4b89860e7b7cc296cd5917d46a9720b8b0baacb7b31db7d571e61c591a181", "6103228f4365322d5ceae300620cc66fbf84eb9dfdbc6a0022c268dc83aa65a6", "239cb1e55ddbb69bb3d00572d58384aadbcf2a6fa609b69fe761220bb5ae7894", "0a43fe36f8e691f067eb8b2fc41a186c53808c6e606d31c66360a2778497f738", "c979c1406f9a8776202194fd2b1630a51e066ed4a6aadfa20e4edf4005f9ebc1", "762d6eb6820eefbf2e46e2174a9ada9841d3ed55a09ac3d62fd97a14077304df", "096401e776c273e5c580f401cbaab5d2b74a1541299d8d0add5d99d68866958c", "053a330f699d8c4699b1c6bc7ec2f2a2bd6b9257c4a0eee8d514b2ad4b55e88c", "28959a0fac78cefae567abc5fe3cd33183c26ba73cf349befe43ac832848022a", "0c555bbddffcc35759b381e0508cf0666fc1b0f9e5aba0d6f5f125c42acb903b", "5936c22f97b9933088de3d142707736a64744e81c372183f8fee986328d919d5", "0a0e51d77206354a7a525c0ca44835e7657ec25378f814ae0ecab0dee94a9800", "248625ec043b72d80c240b9513123a05fe9066756e76c846a7ff3413e7823416", "f2efc731b7b699ee9c33461bf7c5669cfa7a555bee9d5494920cc8bb816c91d1", "1d292629b26d830c600d93d71e944daca4d84f57a065f3a24f30e2faf5d56809", "15156356f6965001ad4f3cc867352f5c9b4c5bed56b16a9562e2f6d5ddd1f01b", "0fecc3ec5645e4b7d93650d5ddfcbe87705828aefdcc3125ad3fb11361780703", "89ba7325f5bcd26a21c89daa30726013bb6d59812ec104b81a7229024f91510d", "eafd0e9b25f9736cf4872ccbebb866b81c47fb18c592ba04e72ad86883463159", "27700ad54347a4cb183652fb686c4ea73ac6651b3a6af40c694fdd0a632922b9"], "mitre_attack_tags": []}, {"bi": "modified-file-in-user-dir", "hashes": ["3a3283e24b8693a60341593cf3d57e5e279305a9607d30ca8b948fd9f866eca8", "79b060e8975e684bda3cf79b45ccf9389b5679cbef2cb63656b94ee2ff34f5e1", "5de5879da208a90f46d08c6bb416a5a2f78c804ea20464dbabc34eb0390aa4f5", "63ab006084041b1b6bf6f260f412c34fc56664a3a2ab0faf6a454233530b2e5d", "518253b8c0fad2934c8d06195a63030b99b7bfe2962fe42248b9e5572e435e59", "227c80b9ffc7b3aedb0331fa2c558e5691758a11c1409b3e229998ee10477481", "5d75c21c11022d4fdfc7fd6591b59111982aa567bc69e3fccf6298da1055b515", "15cd28a2bf63f2d5398e6ff68bb2c18a5ccab0deb03dc875d6113520a2f82b4d", "b1046887ffe240816c1e21e4c79ed386039e4acbbd239add34d2c5ae05ff326d", "53d4b89860e7b7cc296cd5917d46a9720b8b0baacb7b31db7d571e61c591a181", "6103228f4365322d5ceae300620cc66fbf84eb9dfdbc6a0022c268dc83aa65a6", "239cb1e55ddbb69bb3d00572d58384aadbcf2a6fa609b69fe761220bb5ae7894", "0a43fe36f8e691f067eb8b2fc41a186c53808c6e606d31c66360a2778497f738", "c979c1406f9a8776202194fd2b1630a51e066ed4a6aadfa20e4edf4005f9ebc1", "762d6eb6820eefbf2e46e2174a9ada9841d3ed55a09ac3d62fd97a14077304df", "096401e776c273e5c580f401cbaab5d2b74a1541299d8d0add5d99d68866958c", "053a330f699d8c4699b1c6bc7ec2f2a2bd6b9257c4a0eee8d514b2ad4b55e88c", "28959a0fac78cefae567abc5fe3cd33183c26ba73cf349befe43ac832848022a", "0c555bbddffcc35759b381e0508cf0666fc1b0f9e5aba0d6f5f125c42acb903b", "5936c22f97b9933088de3d142707736a64744e81c372183f8fee986328d919d5", "0a0e51d77206354a7a525c0ca44835e7657ec25378f814ae0ecab0dee94a9800", "248625ec043b72d80c240b9513123a05fe9066756e76c846a7ff3413e7823416", "f2efc731b7b699ee9c33461bf7c5669cfa7a555bee9d5494920cc8bb816c91d1", "1d292629b26d830c600d93d71e944daca4d84f57a065f3a24f30e2faf5d56809", "15156356f6965001ad4f3cc867352f5c9b4c5bed56b16a9562e2f6d5ddd1f01b", "0fecc3ec5645e4b7d93650d5ddfcbe87705828aefdcc3125ad3fb11361780703", "89ba7325f5bcd26a21c89daa30726013bb6d59812ec104b81a7229024f91510d", "eafd0e9b25f9736cf4872ccbebb866b81c47fb18c592ba04e72ad86883463159", "27700ad54347a4cb183652fb686c4ea73ac6651b3a6af40c694fdd0a632922b9"], "mitre_attack_tags": []}, {"bi": "pe-invalid-checksum", "hashes": ["3a3283e24b8693a60341593cf3d57e5e279305a9607d30ca8b948fd9f866eca8", "79b060e8975e684bda3cf79b45ccf9389b5679cbef2cb63656b94ee2ff34f5e1", "5de5879da208a90f46d08c6bb416a5a2f78c804ea20464dbabc34eb0390aa4f5", "63ab006084041b1b6bf6f260f412c34fc56664a3a2ab0faf6a454233530b2e5d", "518253b8c0fad2934c8d06195a63030b99b7bfe2962fe42248b9e5572e435e59", "227c80b9ffc7b3aedb0331fa2c558e5691758a11c1409b3e229998ee10477481", "5d75c21c11022d4fdfc7fd6591b59111982aa567bc69e3fccf6298da1055b515", "15cd28a2bf63f2d5398e6ff68bb2c18a5ccab0deb03dc875d6113520a2f82b4d", "b1046887ffe240816c1e21e4c79ed386039e4acbbd239add34d2c5ae05ff326d", "53d4b89860e7b7cc296cd5917d46a9720b8b0baacb7b31db7d571e61c591a181", "6103228f4365322d5ceae300620cc66fbf84eb9dfdbc6a0022c268dc83aa65a6", "239cb1e55ddbb69bb3d00572d58384aadbcf2a6fa609b69fe761220bb5ae7894", "0a43fe36f8e691f067eb8b2fc41a186c53808c6e606d31c66360a2778497f738", "c979c1406f9a8776202194fd2b1630a51e066ed4a6aadfa20e4edf4005f9ebc1", "762d6eb6820eefbf2e46e2174a9ada9841d3ed55a09ac3d62fd97a14077304df", "096401e776c273e5c580f401cbaab5d2b74a1541299d8d0add5d99d68866958c", "053a330f699d8c4699b1c6bc7ec2f2a2bd6b9257c4a0eee8d514b2ad4b55e88c", "28959a0fac78cefae567abc5fe3cd33183c26ba73cf349befe43ac832848022a", "0c555bbddffcc35759b381e0508cf0666fc1b0f9e5aba0d6f5f125c42acb903b", "5936c22f97b9933088de3d142707736a64744e81c372183f8fee986328d919d5", "0a0e51d77206354a7a525c0ca44835e7657ec25378f814ae0ecab0dee94a9800", "248625ec043b72d80c240b9513123a05fe9066756e76c846a7ff3413e7823416", "f2efc731b7b699ee9c33461bf7c5669cfa7a555bee9d5494920cc8bb816c91d1", "1d292629b26d830c600d93d71e944daca4d84f57a065f3a24f30e2faf5d56809", "15156356f6965001ad4f3cc867352f5c9b4c5bed56b16a9562e2f6d5ddd1f01b", "0fecc3ec5645e4b7d93650d5ddfcbe87705828aefdcc3125ad3fb11361780703", "89ba7325f5bcd26a21c89daa30726013bb6d59812ec104b81a7229024f91510d", "eafd0e9b25f9736cf4872ccbebb866b81c47fb18c592ba04e72ad86883463159", "27700ad54347a4cb183652fb686c4ea73ac6651b3a6af40c694fdd0a632922b9"], "mitre_attack_tags": []}, {"bi": "dns-query-nxdomain", "hashes": ["3a3283e24b8693a60341593cf3d57e5e279305a9607d30ca8b948fd9f866eca8", "79b060e8975e684bda3cf79b45ccf9389b5679cbef2cb63656b94ee2ff34f5e1", "5de5879da208a90f46d08c6bb416a5a2f78c804ea20464dbabc34eb0390aa4f5", "63ab006084041b1b6bf6f260f412c34fc56664a3a2ab0faf6a454233530b2e5d", "518253b8c0fad2934c8d06195a63030b99b7bfe2962fe42248b9e5572e435e59", "227c80b9ffc7b3aedb0331fa2c558e5691758a11c1409b3e229998ee10477481", "5d75c21c11022d4fdfc7fd6591b59111982aa567bc69e3fccf6298da1055b515", "15cd28a2bf63f2d5398e6ff68bb2c18a5ccab0deb03dc875d6113520a2f82b4d", "b1046887ffe240816c1e21e4c79ed386039e4acbbd239add34d2c5ae05ff326d", "53d4b89860e7b7cc296cd5917d46a9720b8b0baacb7b31db7d571e61c591a181", "6103228f4365322d5ceae300620cc66fbf84eb9dfdbc6a0022c268dc83aa65a6", "239cb1e55ddbb69bb3d00572d58384aadbcf2a6fa609b69fe761220bb5ae7894", "0a43fe36f8e691f067eb8b2fc41a186c53808c6e606d31c66360a2778497f738", "c979c1406f9a8776202194fd2b1630a51e066ed4a6aadfa20e4edf4005f9ebc1", "762d6eb6820eefbf2e46e2174a9ada9841d3ed55a09ac3d62fd97a14077304df", "096401e776c273e5c580f401cbaab5d2b74a1541299d8d0add5d99d68866958c", "053a330f699d8c4699b1c6bc7ec2f2a2bd6b9257c4a0eee8d514b2ad4b55e88c", "28959a0fac78cefae567abc5fe3cd33183c26ba73cf349befe43ac832848022a", "0c555bbddffcc35759b381e0508cf0666fc1b0f9e5aba0d6f5f125c42acb903b", "5936c22f97b9933088de3d142707736a64744e81c372183f8fee986328d919d5", "0a0e51d77206354a7a525c0ca44835e7657ec25378f814ae0ecab0dee94a9800", "248625ec043b72d80c240b9513123a05fe9066756e76c846a7ff3413e7823416", "f2efc731b7b699ee9c33461bf7c5669cfa7a555bee9d5494920cc8bb816c91d1", "1d292629b26d830c600d93d71e944daca4d84f57a065f3a24f30e2faf5d56809", "15156356f6965001ad4f3cc867352f5c9b4c5bed56b16a9562e2f6d5ddd1f01b", "0fecc3ec5645e4b7d93650d5ddfcbe87705828aefdcc3125ad3fb11361780703", "89ba7325f5bcd26a21c89daa30726013bb6d59812ec104b81a7229024f91510d", "eafd0e9b25f9736cf4872ccbebb866b81c47fb18c592ba04e72ad86883463159", "27700ad54347a4cb183652fb686c4ea73ac6651b3a6af40c694fdd0a632922b9"], "mitre_attack_tags": []}, {"bi": "netbios-query", "hashes": ["3a3283e24b8693a60341593cf3d57e5e279305a9607d30ca8b948fd9f866eca8", "79b060e8975e684bda3cf79b45ccf9389b5679cbef2cb63656b94ee2ff34f5e1", "5de5879da208a90f46d08c6bb416a5a2f78c804ea20464dbabc34eb0390aa4f5", "63ab006084041b1b6bf6f260f412c34fc56664a3a2ab0faf6a454233530b2e5d", "518253b8c0fad2934c8d06195a63030b99b7bfe2962fe42248b9e5572e435e59", "227c80b9ffc7b3aedb0331fa2c558e5691758a11c1409b3e229998ee10477481", "5d75c21c11022d4fdfc7fd6591b59111982aa567bc69e3fccf6298da1055b515", "15cd28a2bf63f2d5398e6ff68bb2c18a5ccab0deb03dc875d6113520a2f82b4d", "b1046887ffe240816c1e21e4c79ed386039e4acbbd239add34d2c5ae05ff326d", "53d4b89860e7b7cc296cd5917d46a9720b8b0baacb7b31db7d571e61c591a181", "6103228f4365322d5ceae300620cc66fbf84eb9dfdbc6a0022c268dc83aa65a6", "239cb1e55ddbb69bb3d00572d58384aadbcf2a6fa609b69fe761220bb5ae7894", "0a43fe36f8e691f067eb8b2fc41a186c53808c6e606d31c66360a2778497f738", "c979c1406f9a8776202194fd2b1630a51e066ed4a6aadfa20e4edf4005f9ebc1", "762d6eb6820eefbf2e46e2174a9ada9841d3ed55a09ac3d62fd97a14077304df", "096401e776c273e5c580f401cbaab5d2b74a1541299d8d0add5d99d68866958c", "053a330f699d8c4699b1c6bc7ec2f2a2bd6b9257c4a0eee8d514b2ad4b55e88c", "28959a0fac78cefae567abc5fe3cd33183c26ba73cf349befe43ac832848022a", "0c555bbddffcc35759b381e0508cf0666fc1b0f9e5aba0d6f5f125c42acb903b", "5936c22f97b9933088de3d142707736a64744e81c372183f8fee986328d919d5", "0a0e51d77206354a7a525c0ca44835e7657ec25378f814ae0ecab0dee94a9800", "248625ec043b72d80c240b9513123a05fe9066756e76c846a7ff3413e7823416", "f2efc731b7b699ee9c33461bf7c5669cfa7a555bee9d5494920cc8bb816c91d1", "1d292629b26d830c600d93d71e944daca4d84f57a065f3a24f30e2faf5d56809", "15156356f6965001ad4f3cc867352f5c9b4c5bed56b16a9562e2f6d5ddd1f01b", "0fecc3ec5645e4b7d93650d5ddfcbe87705828aefdcc3125ad3fb11361780703", "89ba7325f5bcd26a21c89daa30726013bb6d59812ec104b81a7229024f91510d", "eafd0e9b25f9736cf4872ccbebb866b81c47fb18c592ba04e72ad86883463159", "27700ad54347a4cb183652fb686c4ea73ac6651b3a6af40c694fdd0a632922b9"], "mitre_attack_tags": ["TA0007", "T1016"]}, {"bi": "feed-domain-antivirus-service", "hashes": ["3a3283e24b8693a60341593cf3d57e5e279305a9607d30ca8b948fd9f866eca8", "79b060e8975e684bda3cf79b45ccf9389b5679cbef2cb63656b94ee2ff34f5e1", "5de5879da208a90f46d08c6bb416a5a2f78c804ea20464dbabc34eb0390aa4f5", "63ab006084041b1b6bf6f260f412c34fc56664a3a2ab0faf6a454233530b2e5d", "518253b8c0fad2934c8d06195a63030b99b7bfe2962fe42248b9e5572e435e59", "227c80b9ffc7b3aedb0331fa2c558e5691758a11c1409b3e229998ee10477481", "5d75c21c11022d4fdfc7fd6591b59111982aa567bc69e3fccf6298da1055b515", "15cd28a2bf63f2d5398e6ff68bb2c18a5ccab0deb03dc875d6113520a2f82b4d", "b1046887ffe240816c1e21e4c79ed386039e4acbbd239add34d2c5ae05ff326d", "53d4b89860e7b7cc296cd5917d46a9720b8b0baacb7b31db7d571e61c591a181", "6103228f4365322d5ceae300620cc66fbf84eb9dfdbc6a0022c268dc83aa65a6", "239cb1e55ddbb69bb3d00572d58384aadbcf2a6fa609b69fe761220bb5ae7894", "0a43fe36f8e691f067eb8b2fc41a186c53808c6e606d31c66360a2778497f738", "c979c1406f9a8776202194fd2b1630a51e066ed4a6aadfa20e4edf4005f9ebc1", "762d6eb6820eefbf2e46e2174a9ada9841d3ed55a09ac3d62fd97a14077304df", "096401e776c273e5c580f401cbaab5d2b74a1541299d8d0add5d99d68866958c", "053a330f699d8c4699b1c6bc7ec2f2a2bd6b9257c4a0eee8d514b2ad4b55e88c", "28959a0fac78cefae567abc5fe3cd33183c26ba73cf349befe43ac832848022a", "0c555bbddffcc35759b381e0508cf0666fc1b0f9e5aba0d6f5f125c42acb903b", "5936c22f97b9933088de3d142707736a64744e81c372183f8fee986328d919d5", "0a0e51d77206354a7a525c0ca44835e7657ec25378f814ae0ecab0dee94a9800", "248625ec043b72d80c240b9513123a05fe9066756e76c846a7ff3413e7823416", "f2efc731b7b699ee9c33461bf7c5669cfa7a555bee9d5494920cc8bb816c91d1", "1d292629b26d830c600d93d71e944daca4d84f57a065f3a24f30e2faf5d56809", "15156356f6965001ad4f3cc867352f5c9b4c5bed56b16a9562e2f6d5ddd1f01b", "0fecc3ec5645e4b7d93650d5ddfcbe87705828aefdcc3125ad3fb11361780703", "89ba7325f5bcd26a21c89daa30726013bb6d59812ec104b81a7229024f91510d", "eafd0e9b25f9736cf4872ccbebb866b81c47fb18c592ba04e72ad86883463159", "27700ad54347a4cb183652fb686c4ea73ac6651b3a6af40c694fdd0a632922b9"], "mitre_attack_tags": []}, {"bi": "pe-uses-fasm", "hashes": ["3a3283e24b8693a60341593cf3d57e5e279305a9607d30ca8b948fd9f866eca8", "79b060e8975e684bda3cf79b45ccf9389b5679cbef2cb63656b94ee2ff34f5e1", "5de5879da208a90f46d08c6bb416a5a2f78c804ea20464dbabc34eb0390aa4f5", "63ab006084041b1b6bf6f260f412c34fc56664a3a2ab0faf6a454233530b2e5d", "518253b8c0fad2934c8d06195a63030b99b7bfe2962fe42248b9e5572e435e59", "227c80b9ffc7b3aedb0331fa2c558e5691758a11c1409b3e229998ee10477481", "5d75c21c11022d4fdfc7fd6591b59111982aa567bc69e3fccf6298da1055b515", "15cd28a2bf63f2d5398e6ff68bb2c18a5ccab0deb03dc875d6113520a2f82b4d", "b1046887ffe240816c1e21e4c79ed386039e4acbbd239add34d2c5ae05ff326d", "53d4b89860e7b7cc296cd5917d46a9720b8b0baacb7b31db7d571e61c591a181", "6103228f4365322d5ceae300620cc66fbf84eb9dfdbc6a0022c268dc83aa65a6", "239cb1e55ddbb69bb3d00572d58384aadbcf2a6fa609b69fe761220bb5ae7894", "0a43fe36f8e691f067eb8b2fc41a186c53808c6e606d31c66360a2778497f738", "c979c1406f9a8776202194fd2b1630a51e066ed4a6aadfa20e4edf4005f9ebc1", "762d6eb6820eefbf2e46e2174a9ada9841d3ed55a09ac3d62fd97a14077304df", "096401e776c273e5c580f401cbaab5d2b74a1541299d8d0add5d99d68866958c", "053a330f699d8c4699b1c6bc7ec2f2a2bd6b9257c4a0eee8d514b2ad4b55e88c", "28959a0fac78cefae567abc5fe3cd33183c26ba73cf349befe43ac832848022a", "0c555bbddffcc35759b381e0508cf0666fc1b0f9e5aba0d6f5f125c42acb903b", "5936c22f97b9933088de3d142707736a64744e81c372183f8fee986328d919d5", "0a0e51d77206354a7a525c0ca44835e7657ec25378f814ae0ecab0dee94a9800", "248625ec043b72d80c240b9513123a05fe9066756e76c846a7ff3413e7823416", "f2efc731b7b699ee9c33461bf7c5669cfa7a555bee9d5494920cc8bb816c91d1", "1d292629b26d830c600d93d71e944daca4d84f57a065f3a24f30e2faf5d56809", "15156356f6965001ad4f3cc867352f5c9b4c5bed56b16a9562e2f6d5ddd1f01b", "0fecc3ec5645e4b7d93650d5ddfcbe87705828aefdcc3125ad3fb11361780703", "89ba7325f5bcd26a21c89daa30726013bb6d59812ec104b81a7229024f91510d", "eafd0e9b25f9736cf4872ccbebb866b81c47fb18c592ba04e72ad86883463159", "27700ad54347a4cb183652fb686c4ea73ac6651b3a6af40c694fdd0a632922b9"], "mitre_attack_tags": []}, {"bi": "artifact-flagged-anomaly", "hashes": ["3a3283e24b8693a60341593cf3d57e5e279305a9607d30ca8b948fd9f866eca8", "79b060e8975e684bda3cf79b45ccf9389b5679cbef2cb63656b94ee2ff34f5e1", "15cd28a2bf63f2d5398e6ff68bb2c18a5ccab0deb03dc875d6113520a2f82b4d", "b1046887ffe240816c1e21e4c79ed386039e4acbbd239add34d2c5ae05ff326d", "53d4b89860e7b7cc296cd5917d46a9720b8b0baacb7b31db7d571e61c591a181", "6103228f4365322d5ceae300620cc66fbf84eb9dfdbc6a0022c268dc83aa65a6", "239cb1e55ddbb69bb3d00572d58384aadbcf2a6fa609b69fe761220bb5ae7894", "0a43fe36f8e691f067eb8b2fc41a186c53808c6e606d31c66360a2778497f738", "c979c1406f9a8776202194fd2b1630a51e066ed4a6aadfa20e4edf4005f9ebc1", "762d6eb6820eefbf2e46e2174a9ada9841d3ed55a09ac3d62fd97a14077304df", "096401e776c273e5c580f401cbaab5d2b74a1541299d8d0add5d99d68866958c", "053a330f699d8c4699b1c6bc7ec2f2a2bd6b9257c4a0eee8d514b2ad4b55e88c", "28959a0fac78cefae567abc5fe3cd33183c26ba73cf349befe43ac832848022a", "0c555bbddffcc35759b381e0508cf0666fc1b0f9e5aba0d6f5f125c42acb903b", "5936c22f97b9933088de3d142707736a64744e81c372183f8fee986328d919d5", "0a0e51d77206354a7a525c0ca44835e7657ec25378f814ae0ecab0dee94a9800", "248625ec043b72d80c240b9513123a05fe9066756e76c846a7ff3413e7823416", "f2efc731b7b699ee9c33461bf7c5669cfa7a555bee9d5494920cc8bb816c91d1", "1d292629b26d830c600d93d71e944daca4d84f57a065f3a24f30e2faf5d56809", "15156356f6965001ad4f3cc867352f5c9b4c5bed56b16a9562e2f6d5ddd1f01b", "0fecc3ec5645e4b7d93650d5ddfcbe87705828aefdcc3125ad3fb11361780703", "89ba7325f5bcd26a21c89daa30726013bb6d59812ec104b81a7229024f91510d", "eafd0e9b25f9736cf4872ccbebb866b81c47fb18c592ba04e72ad86883463159", "27700ad54347a4cb183652fb686c4ea73ac6651b3a6af40c694fdd0a632922b9"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "network-fast-flux-nameserver", "hashes": ["79b060e8975e684bda3cf79b45ccf9389b5679cbef2cb63656b94ee2ff34f5e1", "6103228f4365322d5ceae300620cc66fbf84eb9dfdbc6a0022c268dc83aa65a6", "096401e776c273e5c580f401cbaab5d2b74a1541299d8d0add5d99d68866958c", "053a330f699d8c4699b1c6bc7ec2f2a2bd6b9257c4a0eee8d514b2ad4b55e88c", "5936c22f97b9933088de3d142707736a64744e81c372183f8fee986328d919d5", "248625ec043b72d80c240b9513123a05fe9066756e76c846a7ff3413e7823416", "89ba7325f5bcd26a21c89daa30726013bb6d59812ec104b81a7229024f91510d", "eafd0e9b25f9736cf4872ccbebb866b81c47fb18c592ba04e72ad86883463159", "27700ad54347a4cb183652fb686c4ea73ac6651b3a6af40c694fdd0a632922b9"], "mitre_attack_tags": []}], "category": "Downloader", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": false, "Threat Grid": true, "Umbrella": false, "WSA": false}, "description": "Zbot, also known as Zeus, is a trojan that steals information, such as banking credentials, using methods such as key-logging and form-grabbing.", "hashes": ["053a330f699d8c4699b1c6bc7ec2f2a2bd6b9257c4a0eee8d514b2ad4b55e88c", "096401e776c273e5c580f401cbaab5d2b74a1541299d8d0add5d99d68866958c", "0a0e51d77206354a7a525c0ca44835e7657ec25378f814ae0ecab0dee94a9800", "0a43fe36f8e691f067eb8b2fc41a186c53808c6e606d31c66360a2778497f738", "0c555bbddffcc35759b381e0508cf0666fc1b0f9e5aba0d6f5f125c42acb903b", "0fecc3ec5645e4b7d93650d5ddfcbe87705828aefdcc3125ad3fb11361780703", "15156356f6965001ad4f3cc867352f5c9b4c5bed56b16a9562e2f6d5ddd1f01b", "15cd28a2bf63f2d5398e6ff68bb2c18a5ccab0deb03dc875d6113520a2f82b4d", "1d292629b26d830c600d93d71e944daca4d84f57a065f3a24f30e2faf5d56809", "227c80b9ffc7b3aedb0331fa2c558e5691758a11c1409b3e229998ee10477481", "239cb1e55ddbb69bb3d00572d58384aadbcf2a6fa609b69fe761220bb5ae7894", "248625ec043b72d80c240b9513123a05fe9066756e76c846a7ff3413e7823416", "27700ad54347a4cb183652fb686c4ea73ac6651b3a6af40c694fdd0a632922b9", "28959a0fac78cefae567abc5fe3cd33183c26ba73cf349befe43ac832848022a", "3a3283e24b8693a60341593cf3d57e5e279305a9607d30ca8b948fd9f866eca8", "518253b8c0fad2934c8d06195a63030b99b7bfe2962fe42248b9e5572e435e59", "53d4b89860e7b7cc296cd5917d46a9720b8b0baacb7b31db7d571e61c591a181", "5936c22f97b9933088de3d142707736a64744e81c372183f8fee986328d919d5", "5d75c21c11022d4fdfc7fd6591b59111982aa567bc69e3fccf6298da1055b515", "5de5879da208a90f46d08c6bb416a5a2f78c804ea20464dbabc34eb0390aa4f5", "6103228f4365322d5ceae300620cc66fbf84eb9dfdbc6a0022c268dc83aa65a6", "63ab006084041b1b6bf6f260f412c34fc56664a3a2ab0faf6a454233530b2e5d", "762d6eb6820eefbf2e46e2174a9ada9841d3ed55a09ac3d62fd97a14077304df", "79b060e8975e684bda3cf79b45ccf9389b5679cbef2cb63656b94ee2ff34f5e1", "89ba7325f5bcd26a21c89daa30726013bb6d59812ec104b81a7229024f91510d", "8c326227d06e7131df57bf2f786a2582c88dcfac735b437d3e50725684b9b079", "9715496e314c702b6969dcf5f47c45aa48d19c645ec901c5fbbf8520f9d7e882", "9a5826975e092189fac9b8e9893d0168f94980b85541cfec006edff6bc2b3d23", "a4bbf0271e1a24f8862f1b00df1f95e2d5d34860d527dc3917078293834e8943", "a8f4919706dd38bfc0e0acc15830cae90c2a2f608046d485e16187660af1b249", "aeb2abdbcde2f913617dea34dd6bb2d6df1137d34f1ce0f9f01cbce295397461", "b1046887ffe240816c1e21e4c79ed386039e4acbbd239add34d2c5ae05ff326d", "c202761bfe9041c094c10cbbf371bc078cab7da7caae446f2fe12a2b6332cca6", "c979c1406f9a8776202194fd2b1630a51e066ed4a6aadfa20e4edf4005f9ebc1", "c9d059e70360e2818239ab84609c78f6a305dc104ac7c55d5c5a69bd92c078ac", "d07781dee4ec5e6833b0622f025a42d1fc6970abeb9e597b0678c2193ed65d27", "d852d171da3c207432634acf37b6ad93ada034869a5b791f9a3052b204e65218", "db3aeed00e7be6a3bf9f7133824aa4cb44c882e921baa702963ec5294d592960", "e4039a7111caaad767843b23fae6f12675274bb32845aead322efacdcc80b090", "e49ff472f60ec040ea46b0d67b74969ff816c4c6351a231e8e671a9da9e8113a", "eafd0e9b25f9736cf4872ccbebb866b81c47fb18c592ba04e72ad86883463159", "ece642ad453c417bf861c8ff33d5e82bafe5d0df5b87989bcfa9cb8529e7228e", "f2efc731b7b699ee9c33461bf7c5669cfa7a555bee9d5494920cc8bb816c91d1", "fe0c5aad7ece58275e8b4543cf30472d307a9a1e57fe0c59977f899c284ec7e1"], "iocs": {"domain": [{"hashes": ["053a330f699d8c4699b1c6bc7ec2f2a2bd6b9257c4a0eee8d514b2ad4b55e88c", "096401e776c273e5c580f401cbaab5d2b74a1541299d8d0add5d99d68866958c", "0a0e51d77206354a7a525c0ca44835e7657ec25378f814ae0ecab0dee94a9800", "0a43fe36f8e691f067eb8b2fc41a186c53808c6e606d31c66360a2778497f738", "0c555bbddffcc35759b381e0508cf0666fc1b0f9e5aba0d6f5f125c42acb903b", "0fecc3ec5645e4b7d93650d5ddfcbe87705828aefdcc3125ad3fb11361780703", "15156356f6965001ad4f3cc867352f5c9b4c5bed56b16a9562e2f6d5ddd1f01b", "15cd28a2bf63f2d5398e6ff68bb2c18a5ccab0deb03dc875d6113520a2f82b4d", "1d292629b26d830c600d93d71e944daca4d84f57a065f3a24f30e2faf5d56809", "227c80b9ffc7b3aedb0331fa2c558e5691758a11c1409b3e229998ee10477481", "239cb1e55ddbb69bb3d00572d58384aadbcf2a6fa609b69fe761220bb5ae7894", "248625ec043b72d80c240b9513123a05fe9066756e76c846a7ff3413e7823416", "27700ad54347a4cb183652fb686c4ea73ac6651b3a6af40c694fdd0a632922b9", "28959a0fac78cefae567abc5fe3cd33183c26ba73cf349befe43ac832848022a", "3a3283e24b8693a60341593cf3d57e5e279305a9607d30ca8b948fd9f866eca8", "518253b8c0fad2934c8d06195a63030b99b7bfe2962fe42248b9e5572e435e59", "53d4b89860e7b7cc296cd5917d46a9720b8b0baacb7b31db7d571e61c591a181", "5936c22f97b9933088de3d142707736a64744e81c372183f8fee986328d919d5", "5d75c21c11022d4fdfc7fd6591b59111982aa567bc69e3fccf6298da1055b515", "5de5879da208a90f46d08c6bb416a5a2f78c804ea20464dbabc34eb0390aa4f5", "6103228f4365322d5ceae300620cc66fbf84eb9dfdbc6a0022c268dc83aa65a6", "63ab006084041b1b6bf6f260f412c34fc56664a3a2ab0faf6a454233530b2e5d", "762d6eb6820eefbf2e46e2174a9ada9841d3ed55a09ac3d62fd97a14077304df", "79b060e8975e684bda3cf79b45ccf9389b5679cbef2cb63656b94ee2ff34f5e1", "89ba7325f5bcd26a21c89daa30726013bb6d59812ec104b81a7229024f91510d", "b1046887ffe240816c1e21e4c79ed386039e4acbbd239add34d2c5ae05ff326d", "c979c1406f9a8776202194fd2b1630a51e066ed4a6aadfa20e4edf4005f9ebc1", "eafd0e9b25f9736cf4872ccbebb866b81c47fb18c592ba04e72ad86883463159", "f2efc731b7b699ee9c33461bf7c5669cfa7a555bee9d5494920cc8bb816c91d1"], "host": "pro-viewer[.]com"}, {"hashes": ["053a330f699d8c4699b1c6bc7ec2f2a2bd6b9257c4a0eee8d514b2ad4b55e88c", "096401e776c273e5c580f401cbaab5d2b74a1541299d8d0add5d99d68866958c", "0a0e51d77206354a7a525c0ca44835e7657ec25378f814ae0ecab0dee94a9800", "0a43fe36f8e691f067eb8b2fc41a186c53808c6e606d31c66360a2778497f738", "0c555bbddffcc35759b381e0508cf0666fc1b0f9e5aba0d6f5f125c42acb903b", "0fecc3ec5645e4b7d93650d5ddfcbe87705828aefdcc3125ad3fb11361780703", "15156356f6965001ad4f3cc867352f5c9b4c5bed56b16a9562e2f6d5ddd1f01b", "15cd28a2bf63f2d5398e6ff68bb2c18a5ccab0deb03dc875d6113520a2f82b4d", "1d292629b26d830c600d93d71e944daca4d84f57a065f3a24f30e2faf5d56809", "227c80b9ffc7b3aedb0331fa2c558e5691758a11c1409b3e229998ee10477481", "239cb1e55ddbb69bb3d00572d58384aadbcf2a6fa609b69fe761220bb5ae7894", "248625ec043b72d80c240b9513123a05fe9066756e76c846a7ff3413e7823416", "27700ad54347a4cb183652fb686c4ea73ac6651b3a6af40c694fdd0a632922b9", "28959a0fac78cefae567abc5fe3cd33183c26ba73cf349befe43ac832848022a", "3a3283e24b8693a60341593cf3d57e5e279305a9607d30ca8b948fd9f866eca8", "518253b8c0fad2934c8d06195a63030b99b7bfe2962fe42248b9e5572e435e59", "53d4b89860e7b7cc296cd5917d46a9720b8b0baacb7b31db7d571e61c591a181", "5936c22f97b9933088de3d142707736a64744e81c372183f8fee986328d919d5", "5d75c21c11022d4fdfc7fd6591b59111982aa567bc69e3fccf6298da1055b515", "5de5879da208a90f46d08c6bb416a5a2f78c804ea20464dbabc34eb0390aa4f5", "6103228f4365322d5ceae300620cc66fbf84eb9dfdbc6a0022c268dc83aa65a6", "63ab006084041b1b6bf6f260f412c34fc56664a3a2ab0faf6a454233530b2e5d", "762d6eb6820eefbf2e46e2174a9ada9841d3ed55a09ac3d62fd97a14077304df", "79b060e8975e684bda3cf79b45ccf9389b5679cbef2cb63656b94ee2ff34f5e1", "89ba7325f5bcd26a21c89daa30726013bb6d59812ec104b81a7229024f91510d", "b1046887ffe240816c1e21e4c79ed386039e4acbbd239add34d2c5ae05ff326d", "c979c1406f9a8776202194fd2b1630a51e066ed4a6aadfa20e4edf4005f9ebc1", "eafd0e9b25f9736cf4872ccbebb866b81c47fb18c592ba04e72ad86883463159", "f2efc731b7b699ee9c33461bf7c5669cfa7a555bee9d5494920cc8bb816c91d1"], "host": "agrimarsystem[.]pe"}], "file": [{"hashes": ["053a330f699d8c4699b1c6bc7ec2f2a2bd6b9257c4a0eee8d514b2ad4b55e88c", "096401e776c273e5c580f401cbaab5d2b74a1541299d8d0add5d99d68866958c", "0a0e51d77206354a7a525c0ca44835e7657ec25378f814ae0ecab0dee94a9800", "0a43fe36f8e691f067eb8b2fc41a186c53808c6e606d31c66360a2778497f738", "0c555bbddffcc35759b381e0508cf0666fc1b0f9e5aba0d6f5f125c42acb903b", "0fecc3ec5645e4b7d93650d5ddfcbe87705828aefdcc3125ad3fb11361780703", "15156356f6965001ad4f3cc867352f5c9b4c5bed56b16a9562e2f6d5ddd1f01b", "15cd28a2bf63f2d5398e6ff68bb2c18a5ccab0deb03dc875d6113520a2f82b4d", "1d292629b26d830c600d93d71e944daca4d84f57a065f3a24f30e2faf5d56809", "227c80b9ffc7b3aedb0331fa2c558e5691758a11c1409b3e229998ee10477481", "239cb1e55ddbb69bb3d00572d58384aadbcf2a6fa609b69fe761220bb5ae7894", "248625ec043b72d80c240b9513123a05fe9066756e76c846a7ff3413e7823416", "27700ad54347a4cb183652fb686c4ea73ac6651b3a6af40c694fdd0a632922b9", "28959a0fac78cefae567abc5fe3cd33183c26ba73cf349befe43ac832848022a", "3a3283e24b8693a60341593cf3d57e5e279305a9607d30ca8b948fd9f866eca8", "518253b8c0fad2934c8d06195a63030b99b7bfe2962fe42248b9e5572e435e59", "53d4b89860e7b7cc296cd5917d46a9720b8b0baacb7b31db7d571e61c591a181", "5936c22f97b9933088de3d142707736a64744e81c372183f8fee986328d919d5", "5d75c21c11022d4fdfc7fd6591b59111982aa567bc69e3fccf6298da1055b515", "5de5879da208a90f46d08c6bb416a5a2f78c804ea20464dbabc34eb0390aa4f5", "6103228f4365322d5ceae300620cc66fbf84eb9dfdbc6a0022c268dc83aa65a6", "63ab006084041b1b6bf6f260f412c34fc56664a3a2ab0faf6a454233530b2e5d", "762d6eb6820eefbf2e46e2174a9ada9841d3ed55a09ac3d62fd97a14077304df", "79b060e8975e684bda3cf79b45ccf9389b5679cbef2cb63656b94ee2ff34f5e1", "89ba7325f5bcd26a21c89daa30726013bb6d59812ec104b81a7229024f91510d", "b1046887ffe240816c1e21e4c79ed386039e4acbbd239add34d2c5ae05ff326d", "c979c1406f9a8776202194fd2b1630a51e066ed4a6aadfa20e4edf4005f9ebc1", "eafd0e9b25f9736cf4872ccbebb866b81c47fb18c592ba04e72ad86883463159", "f2efc731b7b699ee9c33461bf7c5669cfa7a555bee9d5494920cc8bb816c91d1"], "path": "%TEMP%\\realupdater.exe"}], "ip": [], "mutex": [], "registry": []}, "reports_count": 29}, "Win.Dropper.Kuluoz-10004513-0": {"bis": [{"bi": "memory-execute-readwrite", "hashes": ["9f8eaa58bddf52d4ebc3603f00b6b19d76fe5ae486a308ac7d21330486fa0f87", "ae622c4057b66fb39cc1a341f50ceaaa7146fe4c1e06d0d6e316547cff821da4", "161dd94d902139168107ee72aa66fc2bb00ecbe72a9ea3a2645a2e5f3edb43bc", "04be2d1165429f6a1fc8217db32e549eeeb54983aa4c44f26e1147d054d954e1", "e518df8e99ed5120dc21b215830872d164c361f772382e17054ad7e1c03b7749", "d91908bf280f559b2ff54c1a8218d7fe90f9d9a890d80bfb747e47fafae92195", "ae08cd70435a6eacc7097babc6c26ecae3484bf8ca73ac1ae4f8078eef69d017", "31c10bfe9039675974640b3404fbbdccf660bbef3319ed011766f4e7e2dc6d48", "ef1f2c2a59ed193e1642da066d32b639fd810fb2950bbff8bf2fde379213ddc4", "c3087f4ebef7aa5ac5b209399a4a45e4e5988da2e5124f3967f2b765b736ce6b", "e334b50021bbd95aaa65afa523105fe8652ff83475cef4de394da01420187a05", "47f9eabe7f83bbce4b0d52282ba627f678ecc48604201101f7650ecc72a3b714", "ac097abc44ceac4f6f0b6a33e876a76284a9aad676ce924bda277925b3f12bf5", "42657321367294c31f060614894a0f13b1f38613cf3e013c94a835496e86a537", "b917589fa6394de51e2d957d056a2ad3bbe98008b7c0d80dfc34a9ef899ab7b6", "d035d109efdd781d1890618914a1281b4d5a53d6fc67179f38b1acb7caedf331", "95528ad474a06ae5c23200fac691561cae115466dd07e7f60cb5e9bf667443f5", "6ceeb2ab8b3d41fb927e0ffdcada6da07cac54124cdb8f0c9de15553a4254af5", "c415ce187918b1d143e3ab99aea5c5db4464cc913baaffeef69ae8813a708486", "47ea467e5da54049ec9c40d2173a97fb87dae67546faba7dce0631ad88fa3fa9", "75ed32ca3cc84d402a91fb13088ac3421917d427efb55bf2442b71f6dfd6a398", "f98fe265e3d49a10212f8f844677cb71fcbe73dd28fcad5ade1bbdf4a8c5e8cb", "fa94f3c28c812bdfd6ae0f7d130657ba242227de07d152fa8174a611ab7f70ea", "360e964ae4aaf043ea27780f20ab266bf55470e3d58fa20550c9f2c520823fbe", "1c5e6a11a293501d1bd41d302a7cbde8e8efc67916e4a063a5757f476190c48f", "fa542639728c094c868b5689c28d21abcfc535f8b6be37c2aebe24d4d2a602a6", "34861226330e4af50b8e03f6e9d8457ff1d1c9a7d3eeb1fc930a9f70a315dd54", "86497472773d474e05b8ecccc82dfd17d7a4ad6c38e6911d03d6956aedadd49a", "c7b65cca4f914602da625cdc2b73f558a9eae8d8868093b34374e86122487c9c", "7ef5f3c744b456b04c79e14c5923a7cfbc3894f14a473a564d843dce62293b5a", "13f0e1860121210bdcfd59887053156fee80c0e7e61ad1b2109a3ca027060ef5", "ef90c5171cfd9c48b209ca4ffa40b803c1597aece9defa3c3c56dac3a066cafd", "a23c17fe1c893ac18bcc2d524adc6b8be07ee6ed2277701d2b43a1681ba60a29", "97fc7992ceecb79f0e43c702fc69a564941b9c909ffd422a7af6a8d1c575ffdd", "a3a34b395a54043f247e09b8f6656ed66c74c6d02735e49a87e118749a1daa37", "0672e260b9febfd47b8536c8cd17866dc5cad82fbd9acf6778225c69617f8df4", "b114b13753a82d5d8330aea8c16febddd0522f611d656c71364ea2d1a7403a56", "92f407eb8a0b4562acd7f1c27c86ed365b37c37bbc2fda343efd0fe22ea73bd1", "ee96aa3c71a991cf1f87f2eff4db5f6a7f7d44a2f69970b82c8feab31449f64a", "fe89c0424531961faa0bbc70a6171467ed0ed881affa7d0f0fe9b1ea670953d9", "fe3b45f030a03252dc6724682bb3620906fe41459a870ae0699b3b4abf1b9b14", "d092ca0f68c891c6f6a92c70726af55251067c61505c64937c0630281a6aeda8", "45bedf4f08cc21eb94088a7ebd942915d8e3f834d0632cfb9264d92228c8a4f1"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "modified-executable", "hashes": ["9f8eaa58bddf52d4ebc3603f00b6b19d76fe5ae486a308ac7d21330486fa0f87", "ae622c4057b66fb39cc1a341f50ceaaa7146fe4c1e06d0d6e316547cff821da4", "161dd94d902139168107ee72aa66fc2bb00ecbe72a9ea3a2645a2e5f3edb43bc", "04be2d1165429f6a1fc8217db32e549eeeb54983aa4c44f26e1147d054d954e1", "e518df8e99ed5120dc21b215830872d164c361f772382e17054ad7e1c03b7749", "d91908bf280f559b2ff54c1a8218d7fe90f9d9a890d80bfb747e47fafae92195", "ae08cd70435a6eacc7097babc6c26ecae3484bf8ca73ac1ae4f8078eef69d017", "31c10bfe9039675974640b3404fbbdccf660bbef3319ed011766f4e7e2dc6d48", "ef1f2c2a59ed193e1642da066d32b639fd810fb2950bbff8bf2fde379213ddc4", "c3087f4ebef7aa5ac5b209399a4a45e4e5988da2e5124f3967f2b765b736ce6b", "e334b50021bbd95aaa65afa523105fe8652ff83475cef4de394da01420187a05", "47f9eabe7f83bbce4b0d52282ba627f678ecc48604201101f7650ecc72a3b714", "ac097abc44ceac4f6f0b6a33e876a76284a9aad676ce924bda277925b3f12bf5", "42657321367294c31f060614894a0f13b1f38613cf3e013c94a835496e86a537", "b917589fa6394de51e2d957d056a2ad3bbe98008b7c0d80dfc34a9ef899ab7b6", "d035d109efdd781d1890618914a1281b4d5a53d6fc67179f38b1acb7caedf331", "95528ad474a06ae5c23200fac691561cae115466dd07e7f60cb5e9bf667443f5", "6ceeb2ab8b3d41fb927e0ffdcada6da07cac54124cdb8f0c9de15553a4254af5", "c415ce187918b1d143e3ab99aea5c5db4464cc913baaffeef69ae8813a708486", "47ea467e5da54049ec9c40d2173a97fb87dae67546faba7dce0631ad88fa3fa9", "75ed32ca3cc84d402a91fb13088ac3421917d427efb55bf2442b71f6dfd6a398", "f98fe265e3d49a10212f8f844677cb71fcbe73dd28fcad5ade1bbdf4a8c5e8cb", "fa94f3c28c812bdfd6ae0f7d130657ba242227de07d152fa8174a611ab7f70ea", "360e964ae4aaf043ea27780f20ab266bf55470e3d58fa20550c9f2c520823fbe", "1c5e6a11a293501d1bd41d302a7cbde8e8efc67916e4a063a5757f476190c48f", "fa542639728c094c868b5689c28d21abcfc535f8b6be37c2aebe24d4d2a602a6", "34861226330e4af50b8e03f6e9d8457ff1d1c9a7d3eeb1fc930a9f70a315dd54", "86497472773d474e05b8ecccc82dfd17d7a4ad6c38e6911d03d6956aedadd49a", "c7b65cca4f914602da625cdc2b73f558a9eae8d8868093b34374e86122487c9c", "7ef5f3c744b456b04c79e14c5923a7cfbc3894f14a473a564d843dce62293b5a", "13f0e1860121210bdcfd59887053156fee80c0e7e61ad1b2109a3ca027060ef5", "ef90c5171cfd9c48b209ca4ffa40b803c1597aece9defa3c3c56dac3a066cafd", "a23c17fe1c893ac18bcc2d524adc6b8be07ee6ed2277701d2b43a1681ba60a29", "97fc7992ceecb79f0e43c702fc69a564941b9c909ffd422a7af6a8d1c575ffdd", "a3a34b395a54043f247e09b8f6656ed66c74c6d02735e49a87e118749a1daa37", "0672e260b9febfd47b8536c8cd17866dc5cad82fbd9acf6778225c69617f8df4", "b114b13753a82d5d8330aea8c16febddd0522f611d656c71364ea2d1a7403a56", "92f407eb8a0b4562acd7f1c27c86ed365b37c37bbc2fda343efd0fe22ea73bd1", "ee96aa3c71a991cf1f87f2eff4db5f6a7f7d44a2f69970b82c8feab31449f64a", "fe89c0424531961faa0bbc70a6171467ed0ed881affa7d0f0fe9b1ea670953d9", "fe3b45f030a03252dc6724682bb3620906fe41459a870ae0699b3b4abf1b9b14", "d092ca0f68c891c6f6a92c70726af55251067c61505c64937c0630281a6aeda8", "45bedf4f08cc21eb94088a7ebd942915d8e3f834d0632cfb9264d92228c8a4f1"], "mitre_attack_tags": []}, {"bi": "created-executable-in-user-dir", "hashes": ["9f8eaa58bddf52d4ebc3603f00b6b19d76fe5ae486a308ac7d21330486fa0f87", "ae622c4057b66fb39cc1a341f50ceaaa7146fe4c1e06d0d6e316547cff821da4", "161dd94d902139168107ee72aa66fc2bb00ecbe72a9ea3a2645a2e5f3edb43bc", "04be2d1165429f6a1fc8217db32e549eeeb54983aa4c44f26e1147d054d954e1", "e518df8e99ed5120dc21b215830872d164c361f772382e17054ad7e1c03b7749", "d91908bf280f559b2ff54c1a8218d7fe90f9d9a890d80bfb747e47fafae92195", "ae08cd70435a6eacc7097babc6c26ecae3484bf8ca73ac1ae4f8078eef69d017", "31c10bfe9039675974640b3404fbbdccf660bbef3319ed011766f4e7e2dc6d48", "ef1f2c2a59ed193e1642da066d32b639fd810fb2950bbff8bf2fde379213ddc4", "c3087f4ebef7aa5ac5b209399a4a45e4e5988da2e5124f3967f2b765b736ce6b", "e334b50021bbd95aaa65afa523105fe8652ff83475cef4de394da01420187a05", "47f9eabe7f83bbce4b0d52282ba627f678ecc48604201101f7650ecc72a3b714", "ac097abc44ceac4f6f0b6a33e876a76284a9aad676ce924bda277925b3f12bf5", "42657321367294c31f060614894a0f13b1f38613cf3e013c94a835496e86a537", "b917589fa6394de51e2d957d056a2ad3bbe98008b7c0d80dfc34a9ef899ab7b6", "d035d109efdd781d1890618914a1281b4d5a53d6fc67179f38b1acb7caedf331", "95528ad474a06ae5c23200fac691561cae115466dd07e7f60cb5e9bf667443f5", "6ceeb2ab8b3d41fb927e0ffdcada6da07cac54124cdb8f0c9de15553a4254af5", "c415ce187918b1d143e3ab99aea5c5db4464cc913baaffeef69ae8813a708486", "47ea467e5da54049ec9c40d2173a97fb87dae67546faba7dce0631ad88fa3fa9", "75ed32ca3cc84d402a91fb13088ac3421917d427efb55bf2442b71f6dfd6a398", "f98fe265e3d49a10212f8f844677cb71fcbe73dd28fcad5ade1bbdf4a8c5e8cb", "fa94f3c28c812bdfd6ae0f7d130657ba242227de07d152fa8174a611ab7f70ea", "360e964ae4aaf043ea27780f20ab266bf55470e3d58fa20550c9f2c520823fbe", "1c5e6a11a293501d1bd41d302a7cbde8e8efc67916e4a063a5757f476190c48f", "fa542639728c094c868b5689c28d21abcfc535f8b6be37c2aebe24d4d2a602a6", "34861226330e4af50b8e03f6e9d8457ff1d1c9a7d3eeb1fc930a9f70a315dd54", "86497472773d474e05b8ecccc82dfd17d7a4ad6c38e6911d03d6956aedadd49a", "c7b65cca4f914602da625cdc2b73f558a9eae8d8868093b34374e86122487c9c", "7ef5f3c744b456b04c79e14c5923a7cfbc3894f14a473a564d843dce62293b5a", "13f0e1860121210bdcfd59887053156fee80c0e7e61ad1b2109a3ca027060ef5", "ef90c5171cfd9c48b209ca4ffa40b803c1597aece9defa3c3c56dac3a066cafd", "a23c17fe1c893ac18bcc2d524adc6b8be07ee6ed2277701d2b43a1681ba60a29", "97fc7992ceecb79f0e43c702fc69a564941b9c909ffd422a7af6a8d1c575ffdd", "a3a34b395a54043f247e09b8f6656ed66c74c6d02735e49a87e118749a1daa37", "0672e260b9febfd47b8536c8cd17866dc5cad82fbd9acf6778225c69617f8df4", "b114b13753a82d5d8330aea8c16febddd0522f611d656c71364ea2d1a7403a56", "92f407eb8a0b4562acd7f1c27c86ed365b37c37bbc2fda343efd0fe22ea73bd1", "ee96aa3c71a991cf1f87f2eff4db5f6a7f7d44a2f69970b82c8feab31449f64a", "fe89c0424531961faa0bbc70a6171467ed0ed881affa7d0f0fe9b1ea670953d9", "fe3b45f030a03252dc6724682bb3620906fe41459a870ae0699b3b4abf1b9b14", "d092ca0f68c891c6f6a92c70726af55251067c61505c64937c0630281a6aeda8", "45bedf4f08cc21eb94088a7ebd942915d8e3f834d0632cfb9264d92228c8a4f1"], "mitre_attack_tags": []}, {"bi": "modified-file-in-user-dir", "hashes": ["9f8eaa58bddf52d4ebc3603f00b6b19d76fe5ae486a308ac7d21330486fa0f87", "ae622c4057b66fb39cc1a341f50ceaaa7146fe4c1e06d0d6e316547cff821da4", "161dd94d902139168107ee72aa66fc2bb00ecbe72a9ea3a2645a2e5f3edb43bc", "04be2d1165429f6a1fc8217db32e549eeeb54983aa4c44f26e1147d054d954e1", "e518df8e99ed5120dc21b215830872d164c361f772382e17054ad7e1c03b7749", "d91908bf280f559b2ff54c1a8218d7fe90f9d9a890d80bfb747e47fafae92195", "ae08cd70435a6eacc7097babc6c26ecae3484bf8ca73ac1ae4f8078eef69d017", "31c10bfe9039675974640b3404fbbdccf660bbef3319ed011766f4e7e2dc6d48", "ef1f2c2a59ed193e1642da066d32b639fd810fb2950bbff8bf2fde379213ddc4", "c3087f4ebef7aa5ac5b209399a4a45e4e5988da2e5124f3967f2b765b736ce6b", "e334b50021bbd95aaa65afa523105fe8652ff83475cef4de394da01420187a05", "47f9eabe7f83bbce4b0d52282ba627f678ecc48604201101f7650ecc72a3b714", "ac097abc44ceac4f6f0b6a33e876a76284a9aad676ce924bda277925b3f12bf5", "42657321367294c31f060614894a0f13b1f38613cf3e013c94a835496e86a537", "b917589fa6394de51e2d957d056a2ad3bbe98008b7c0d80dfc34a9ef899ab7b6", "d035d109efdd781d1890618914a1281b4d5a53d6fc67179f38b1acb7caedf331", "95528ad474a06ae5c23200fac691561cae115466dd07e7f60cb5e9bf667443f5", "6ceeb2ab8b3d41fb927e0ffdcada6da07cac54124cdb8f0c9de15553a4254af5", "c415ce187918b1d143e3ab99aea5c5db4464cc913baaffeef69ae8813a708486", "47ea467e5da54049ec9c40d2173a97fb87dae67546faba7dce0631ad88fa3fa9", "75ed32ca3cc84d402a91fb13088ac3421917d427efb55bf2442b71f6dfd6a398", "f98fe265e3d49a10212f8f844677cb71fcbe73dd28fcad5ade1bbdf4a8c5e8cb", "fa94f3c28c812bdfd6ae0f7d130657ba242227de07d152fa8174a611ab7f70ea", "360e964ae4aaf043ea27780f20ab266bf55470e3d58fa20550c9f2c520823fbe", "1c5e6a11a293501d1bd41d302a7cbde8e8efc67916e4a063a5757f476190c48f", "fa542639728c094c868b5689c28d21abcfc535f8b6be37c2aebe24d4d2a602a6", "34861226330e4af50b8e03f6e9d8457ff1d1c9a7d3eeb1fc930a9f70a315dd54", "86497472773d474e05b8ecccc82dfd17d7a4ad6c38e6911d03d6956aedadd49a", "c7b65cca4f914602da625cdc2b73f558a9eae8d8868093b34374e86122487c9c", "7ef5f3c744b456b04c79e14c5923a7cfbc3894f14a473a564d843dce62293b5a", "13f0e1860121210bdcfd59887053156fee80c0e7e61ad1b2109a3ca027060ef5", "ef90c5171cfd9c48b209ca4ffa40b803c1597aece9defa3c3c56dac3a066cafd", "a23c17fe1c893ac18bcc2d524adc6b8be07ee6ed2277701d2b43a1681ba60a29", "97fc7992ceecb79f0e43c702fc69a564941b9c909ffd422a7af6a8d1c575ffdd", "a3a34b395a54043f247e09b8f6656ed66c74c6d02735e49a87e118749a1daa37", "0672e260b9febfd47b8536c8cd17866dc5cad82fbd9acf6778225c69617f8df4", "b114b13753a82d5d8330aea8c16febddd0522f611d656c71364ea2d1a7403a56", "92f407eb8a0b4562acd7f1c27c86ed365b37c37bbc2fda343efd0fe22ea73bd1", "ee96aa3c71a991cf1f87f2eff4db5f6a7f7d44a2f69970b82c8feab31449f64a", "fe89c0424531961faa0bbc70a6171467ed0ed881affa7d0f0fe9b1ea670953d9", "fe3b45f030a03252dc6724682bb3620906fe41459a870ae0699b3b4abf1b9b14", "d092ca0f68c891c6f6a92c70726af55251067c61505c64937c0630281a6aeda8", "45bedf4f08cc21eb94088a7ebd942915d8e3f834d0632cfb9264d92228c8a4f1"], "mitre_attack_tags": []}, {"bi": "process-svchost-suspicious-launch", "hashes": ["9f8eaa58bddf52d4ebc3603f00b6b19d76fe5ae486a308ac7d21330486fa0f87", "ae622c4057b66fb39cc1a341f50ceaaa7146fe4c1e06d0d6e316547cff821da4", "161dd94d902139168107ee72aa66fc2bb00ecbe72a9ea3a2645a2e5f3edb43bc", "04be2d1165429f6a1fc8217db32e549eeeb54983aa4c44f26e1147d054d954e1", "e518df8e99ed5120dc21b215830872d164c361f772382e17054ad7e1c03b7749", "d91908bf280f559b2ff54c1a8218d7fe90f9d9a890d80bfb747e47fafae92195", "ae08cd70435a6eacc7097babc6c26ecae3484bf8ca73ac1ae4f8078eef69d017", "31c10bfe9039675974640b3404fbbdccf660bbef3319ed011766f4e7e2dc6d48", "ef1f2c2a59ed193e1642da066d32b639fd810fb2950bbff8bf2fde379213ddc4", "c3087f4ebef7aa5ac5b209399a4a45e4e5988da2e5124f3967f2b765b736ce6b", "e334b50021bbd95aaa65afa523105fe8652ff83475cef4de394da01420187a05", "47f9eabe7f83bbce4b0d52282ba627f678ecc48604201101f7650ecc72a3b714", "ac097abc44ceac4f6f0b6a33e876a76284a9aad676ce924bda277925b3f12bf5", "42657321367294c31f060614894a0f13b1f38613cf3e013c94a835496e86a537", "b917589fa6394de51e2d957d056a2ad3bbe98008b7c0d80dfc34a9ef899ab7b6", "d035d109efdd781d1890618914a1281b4d5a53d6fc67179f38b1acb7caedf331", "95528ad474a06ae5c23200fac691561cae115466dd07e7f60cb5e9bf667443f5", "6ceeb2ab8b3d41fb927e0ffdcada6da07cac54124cdb8f0c9de15553a4254af5", "c415ce187918b1d143e3ab99aea5c5db4464cc913baaffeef69ae8813a708486", "47ea467e5da54049ec9c40d2173a97fb87dae67546faba7dce0631ad88fa3fa9", "75ed32ca3cc84d402a91fb13088ac3421917d427efb55bf2442b71f6dfd6a398", "f98fe265e3d49a10212f8f844677cb71fcbe73dd28fcad5ade1bbdf4a8c5e8cb", "fa94f3c28c812bdfd6ae0f7d130657ba242227de07d152fa8174a611ab7f70ea", "360e964ae4aaf043ea27780f20ab266bf55470e3d58fa20550c9f2c520823fbe", "1c5e6a11a293501d1bd41d302a7cbde8e8efc67916e4a063a5757f476190c48f", "fa542639728c094c868b5689c28d21abcfc535f8b6be37c2aebe24d4d2a602a6", "34861226330e4af50b8e03f6e9d8457ff1d1c9a7d3eeb1fc930a9f70a315dd54", "86497472773d474e05b8ecccc82dfd17d7a4ad6c38e6911d03d6956aedadd49a", "c7b65cca4f914602da625cdc2b73f558a9eae8d8868093b34374e86122487c9c", "7ef5f3c744b456b04c79e14c5923a7cfbc3894f14a473a564d843dce62293b5a", "13f0e1860121210bdcfd59887053156fee80c0e7e61ad1b2109a3ca027060ef5", "ef90c5171cfd9c48b209ca4ffa40b803c1597aece9defa3c3c56dac3a066cafd", "a23c17fe1c893ac18bcc2d524adc6b8be07ee6ed2277701d2b43a1681ba60a29", "97fc7992ceecb79f0e43c702fc69a564941b9c909ffd422a7af6a8d1c575ffdd", "a3a34b395a54043f247e09b8f6656ed66c74c6d02735e49a87e118749a1daa37", "0672e260b9febfd47b8536c8cd17866dc5cad82fbd9acf6778225c69617f8df4", "b114b13753a82d5d8330aea8c16febddd0522f611d656c71364ea2d1a7403a56", "92f407eb8a0b4562acd7f1c27c86ed365b37c37bbc2fda343efd0fe22ea73bd1", "ee96aa3c71a991cf1f87f2eff4db5f6a7f7d44a2f69970b82c8feab31449f64a", "fe89c0424531961faa0bbc70a6171467ed0ed881affa7d0f0fe9b1ea670953d9", "fe3b45f030a03252dc6724682bb3620906fe41459a870ae0699b3b4abf1b9b14", "d092ca0f68c891c6f6a92c70726af55251067c61505c64937c0630281a6aeda8", "45bedf4f08cc21eb94088a7ebd942915d8e3f834d0632cfb9264d92228c8a4f1"], "mitre_attack_tags": ["TA0005", "T1036"]}, {"bi": "registry-autorun-key-data-dir", "hashes": ["9f8eaa58bddf52d4ebc3603f00b6b19d76fe5ae486a308ac7d21330486fa0f87", "ae622c4057b66fb39cc1a341f50ceaaa7146fe4c1e06d0d6e316547cff821da4", "161dd94d902139168107ee72aa66fc2bb00ecbe72a9ea3a2645a2e5f3edb43bc", "04be2d1165429f6a1fc8217db32e549eeeb54983aa4c44f26e1147d054d954e1", "e518df8e99ed5120dc21b215830872d164c361f772382e17054ad7e1c03b7749", "d91908bf280f559b2ff54c1a8218d7fe90f9d9a890d80bfb747e47fafae92195", "ae08cd70435a6eacc7097babc6c26ecae3484bf8ca73ac1ae4f8078eef69d017", "31c10bfe9039675974640b3404fbbdccf660bbef3319ed011766f4e7e2dc6d48", "ef1f2c2a59ed193e1642da066d32b639fd810fb2950bbff8bf2fde379213ddc4", "c3087f4ebef7aa5ac5b209399a4a45e4e5988da2e5124f3967f2b765b736ce6b", "e334b50021bbd95aaa65afa523105fe8652ff83475cef4de394da01420187a05", "47f9eabe7f83bbce4b0d52282ba627f678ecc48604201101f7650ecc72a3b714", "ac097abc44ceac4f6f0b6a33e876a76284a9aad676ce924bda277925b3f12bf5", "42657321367294c31f060614894a0f13b1f38613cf3e013c94a835496e86a537", "b917589fa6394de51e2d957d056a2ad3bbe98008b7c0d80dfc34a9ef899ab7b6", "d035d109efdd781d1890618914a1281b4d5a53d6fc67179f38b1acb7caedf331", "95528ad474a06ae5c23200fac691561cae115466dd07e7f60cb5e9bf667443f5", "6ceeb2ab8b3d41fb927e0ffdcada6da07cac54124cdb8f0c9de15553a4254af5", "c415ce187918b1d143e3ab99aea5c5db4464cc913baaffeef69ae8813a708486", "47ea467e5da54049ec9c40d2173a97fb87dae67546faba7dce0631ad88fa3fa9", "75ed32ca3cc84d402a91fb13088ac3421917d427efb55bf2442b71f6dfd6a398", "f98fe265e3d49a10212f8f844677cb71fcbe73dd28fcad5ade1bbdf4a8c5e8cb", "fa94f3c28c812bdfd6ae0f7d130657ba242227de07d152fa8174a611ab7f70ea", "360e964ae4aaf043ea27780f20ab266bf55470e3d58fa20550c9f2c520823fbe", "1c5e6a11a293501d1bd41d302a7cbde8e8efc67916e4a063a5757f476190c48f", "fa542639728c094c868b5689c28d21abcfc535f8b6be37c2aebe24d4d2a602a6", "34861226330e4af50b8e03f6e9d8457ff1d1c9a7d3eeb1fc930a9f70a315dd54", "86497472773d474e05b8ecccc82dfd17d7a4ad6c38e6911d03d6956aedadd49a", "c7b65cca4f914602da625cdc2b73f558a9eae8d8868093b34374e86122487c9c", "7ef5f3c744b456b04c79e14c5923a7cfbc3894f14a473a564d843dce62293b5a", "13f0e1860121210bdcfd59887053156fee80c0e7e61ad1b2109a3ca027060ef5", "ef90c5171cfd9c48b209ca4ffa40b803c1597aece9defa3c3c56dac3a066cafd", "a23c17fe1c893ac18bcc2d524adc6b8be07ee6ed2277701d2b43a1681ba60a29", "97fc7992ceecb79f0e43c702fc69a564941b9c909ffd422a7af6a8d1c575ffdd", "a3a34b395a54043f247e09b8f6656ed66c74c6d02735e49a87e118749a1daa37", "0672e260b9febfd47b8536c8cd17866dc5cad82fbd9acf6778225c69617f8df4", "b114b13753a82d5d8330aea8c16febddd0522f611d656c71364ea2d1a7403a56", "92f407eb8a0b4562acd7f1c27c86ed365b37c37bbc2fda343efd0fe22ea73bd1", "ee96aa3c71a991cf1f87f2eff4db5f6a7f7d44a2f69970b82c8feab31449f64a", "fe89c0424531961faa0bbc70a6171467ed0ed881affa7d0f0fe9b1ea670953d9", "fe3b45f030a03252dc6724682bb3620906fe41459a870ae0699b3b4abf1b9b14", "d092ca0f68c891c6f6a92c70726af55251067c61505c64937c0630281a6aeda8", "45bedf4f08cc21eb94088a7ebd942915d8e3f834d0632cfb9264d92228c8a4f1"], "mitre_attack_tags": ["TA0003", "TA0004", "T1547"]}, {"bi": "registry-autorun-key-modified", "hashes": ["9f8eaa58bddf52d4ebc3603f00b6b19d76fe5ae486a308ac7d21330486fa0f87", "ae622c4057b66fb39cc1a341f50ceaaa7146fe4c1e06d0d6e316547cff821da4", "161dd94d902139168107ee72aa66fc2bb00ecbe72a9ea3a2645a2e5f3edb43bc", "04be2d1165429f6a1fc8217db32e549eeeb54983aa4c44f26e1147d054d954e1", "e518df8e99ed5120dc21b215830872d164c361f772382e17054ad7e1c03b7749", "d91908bf280f559b2ff54c1a8218d7fe90f9d9a890d80bfb747e47fafae92195", "ae08cd70435a6eacc7097babc6c26ecae3484bf8ca73ac1ae4f8078eef69d017", "31c10bfe9039675974640b3404fbbdccf660bbef3319ed011766f4e7e2dc6d48", "ef1f2c2a59ed193e1642da066d32b639fd810fb2950bbff8bf2fde379213ddc4", "c3087f4ebef7aa5ac5b209399a4a45e4e5988da2e5124f3967f2b765b736ce6b", "e334b50021bbd95aaa65afa523105fe8652ff83475cef4de394da01420187a05", "47f9eabe7f83bbce4b0d52282ba627f678ecc48604201101f7650ecc72a3b714", "ac097abc44ceac4f6f0b6a33e876a76284a9aad676ce924bda277925b3f12bf5", "42657321367294c31f060614894a0f13b1f38613cf3e013c94a835496e86a537", "b917589fa6394de51e2d957d056a2ad3bbe98008b7c0d80dfc34a9ef899ab7b6", "d035d109efdd781d1890618914a1281b4d5a53d6fc67179f38b1acb7caedf331", "95528ad474a06ae5c23200fac691561cae115466dd07e7f60cb5e9bf667443f5", "6ceeb2ab8b3d41fb927e0ffdcada6da07cac54124cdb8f0c9de15553a4254af5", "c415ce187918b1d143e3ab99aea5c5db4464cc913baaffeef69ae8813a708486", "47ea467e5da54049ec9c40d2173a97fb87dae67546faba7dce0631ad88fa3fa9", "75ed32ca3cc84d402a91fb13088ac3421917d427efb55bf2442b71f6dfd6a398", "f98fe265e3d49a10212f8f844677cb71fcbe73dd28fcad5ade1bbdf4a8c5e8cb", "fa94f3c28c812bdfd6ae0f7d130657ba242227de07d152fa8174a611ab7f70ea", "360e964ae4aaf043ea27780f20ab266bf55470e3d58fa20550c9f2c520823fbe", "1c5e6a11a293501d1bd41d302a7cbde8e8efc67916e4a063a5757f476190c48f", "fa542639728c094c868b5689c28d21abcfc535f8b6be37c2aebe24d4d2a602a6", "34861226330e4af50b8e03f6e9d8457ff1d1c9a7d3eeb1fc930a9f70a315dd54", "86497472773d474e05b8ecccc82dfd17d7a4ad6c38e6911d03d6956aedadd49a", "c7b65cca4f914602da625cdc2b73f558a9eae8d8868093b34374e86122487c9c", "7ef5f3c744b456b04c79e14c5923a7cfbc3894f14a473a564d843dce62293b5a", "13f0e1860121210bdcfd59887053156fee80c0e7e61ad1b2109a3ca027060ef5", "ef90c5171cfd9c48b209ca4ffa40b803c1597aece9defa3c3c56dac3a066cafd", "a23c17fe1c893ac18bcc2d524adc6b8be07ee6ed2277701d2b43a1681ba60a29", "97fc7992ceecb79f0e43c702fc69a564941b9c909ffd422a7af6a8d1c575ffdd", "a3a34b395a54043f247e09b8f6656ed66c74c6d02735e49a87e118749a1daa37", "0672e260b9febfd47b8536c8cd17866dc5cad82fbd9acf6778225c69617f8df4", "b114b13753a82d5d8330aea8c16febddd0522f611d656c71364ea2d1a7403a56", "92f407eb8a0b4562acd7f1c27c86ed365b37c37bbc2fda343efd0fe22ea73bd1", "ee96aa3c71a991cf1f87f2eff4db5f6a7f7d44a2f69970b82c8feab31449f64a", "fe89c0424531961faa0bbc70a6171467ed0ed881affa7d0f0fe9b1ea670953d9", "fe3b45f030a03252dc6724682bb3620906fe41459a870ae0699b3b4abf1b9b14", "d092ca0f68c891c6f6a92c70726af55251067c61505c64937c0630281a6aeda8", "45bedf4f08cc21eb94088a7ebd942915d8e3f834d0632cfb9264d92228c8a4f1"], "mitre_attack_tags": ["TA0003", "TA0004", "T1547"]}, {"bi": "imports-IsDebuggerPresent", "hashes": ["9f8eaa58bddf52d4ebc3603f00b6b19d76fe5ae486a308ac7d21330486fa0f87", "ae622c4057b66fb39cc1a341f50ceaaa7146fe4c1e06d0d6e316547cff821da4", "161dd94d902139168107ee72aa66fc2bb00ecbe72a9ea3a2645a2e5f3edb43bc", "04be2d1165429f6a1fc8217db32e549eeeb54983aa4c44f26e1147d054d954e1", "e518df8e99ed5120dc21b215830872d164c361f772382e17054ad7e1c03b7749", "d91908bf280f559b2ff54c1a8218d7fe90f9d9a890d80bfb747e47fafae92195", "ae08cd70435a6eacc7097babc6c26ecae3484bf8ca73ac1ae4f8078eef69d017", "31c10bfe9039675974640b3404fbbdccf660bbef3319ed011766f4e7e2dc6d48", "ef1f2c2a59ed193e1642da066d32b639fd810fb2950bbff8bf2fde379213ddc4", "c3087f4ebef7aa5ac5b209399a4a45e4e5988da2e5124f3967f2b765b736ce6b", "e334b50021bbd95aaa65afa523105fe8652ff83475cef4de394da01420187a05", "47f9eabe7f83bbce4b0d52282ba627f678ecc48604201101f7650ecc72a3b714", "ac097abc44ceac4f6f0b6a33e876a76284a9aad676ce924bda277925b3f12bf5", "42657321367294c31f060614894a0f13b1f38613cf3e013c94a835496e86a537", "b917589fa6394de51e2d957d056a2ad3bbe98008b7c0d80dfc34a9ef899ab7b6", "d035d109efdd781d1890618914a1281b4d5a53d6fc67179f38b1acb7caedf331", "95528ad474a06ae5c23200fac691561cae115466dd07e7f60cb5e9bf667443f5", "6ceeb2ab8b3d41fb927e0ffdcada6da07cac54124cdb8f0c9de15553a4254af5", "c415ce187918b1d143e3ab99aea5c5db4464cc913baaffeef69ae8813a708486", "47ea467e5da54049ec9c40d2173a97fb87dae67546faba7dce0631ad88fa3fa9", "75ed32ca3cc84d402a91fb13088ac3421917d427efb55bf2442b71f6dfd6a398", "f98fe265e3d49a10212f8f844677cb71fcbe73dd28fcad5ade1bbdf4a8c5e8cb", "fa94f3c28c812bdfd6ae0f7d130657ba242227de07d152fa8174a611ab7f70ea", "360e964ae4aaf043ea27780f20ab266bf55470e3d58fa20550c9f2c520823fbe", "1c5e6a11a293501d1bd41d302a7cbde8e8efc67916e4a063a5757f476190c48f", "fa542639728c094c868b5689c28d21abcfc535f8b6be37c2aebe24d4d2a602a6", "34861226330e4af50b8e03f6e9d8457ff1d1c9a7d3eeb1fc930a9f70a315dd54", "86497472773d474e05b8ecccc82dfd17d7a4ad6c38e6911d03d6956aedadd49a", "c7b65cca4f914602da625cdc2b73f558a9eae8d8868093b34374e86122487c9c", "7ef5f3c744b456b04c79e14c5923a7cfbc3894f14a473a564d843dce62293b5a", "13f0e1860121210bdcfd59887053156fee80c0e7e61ad1b2109a3ca027060ef5", "ef90c5171cfd9c48b209ca4ffa40b803c1597aece9defa3c3c56dac3a066cafd", "a23c17fe1c893ac18bcc2d524adc6b8be07ee6ed2277701d2b43a1681ba60a29", "97fc7992ceecb79f0e43c702fc69a564941b9c909ffd422a7af6a8d1c575ffdd", "a3a34b395a54043f247e09b8f6656ed66c74c6d02735e49a87e118749a1daa37", "0672e260b9febfd47b8536c8cd17866dc5cad82fbd9acf6778225c69617f8df4", "b114b13753a82d5d8330aea8c16febddd0522f611d656c71364ea2d1a7403a56", "92f407eb8a0b4562acd7f1c27c86ed365b37c37bbc2fda343efd0fe22ea73bd1", "ee96aa3c71a991cf1f87f2eff4db5f6a7f7d44a2f69970b82c8feab31449f64a", "fe89c0424531961faa0bbc70a6171467ed0ed881affa7d0f0fe9b1ea670953d9", "fe3b45f030a03252dc6724682bb3620906fe41459a870ae0699b3b4abf1b9b14", "d092ca0f68c891c6f6a92c70726af55251067c61505c64937c0630281a6aeda8", "45bedf4f08cc21eb94088a7ebd942915d8e3f834d0632cfb9264d92228c8a4f1"], "mitre_attack_tags": ["TA0005", "TA0007"]}, {"bi": "malware-kuluoz-mutex", "hashes": ["9f8eaa58bddf52d4ebc3603f00b6b19d76fe5ae486a308ac7d21330486fa0f87", "ae622c4057b66fb39cc1a341f50ceaaa7146fe4c1e06d0d6e316547cff821da4", "161dd94d902139168107ee72aa66fc2bb00ecbe72a9ea3a2645a2e5f3edb43bc", "04be2d1165429f6a1fc8217db32e549eeeb54983aa4c44f26e1147d054d954e1", "e518df8e99ed5120dc21b215830872d164c361f772382e17054ad7e1c03b7749", "d91908bf280f559b2ff54c1a8218d7fe90f9d9a890d80bfb747e47fafae92195", "ae08cd70435a6eacc7097babc6c26ecae3484bf8ca73ac1ae4f8078eef69d017", "31c10bfe9039675974640b3404fbbdccf660bbef3319ed011766f4e7e2dc6d48", "ef1f2c2a59ed193e1642da066d32b639fd810fb2950bbff8bf2fde379213ddc4", "c3087f4ebef7aa5ac5b209399a4a45e4e5988da2e5124f3967f2b765b736ce6b", "e334b50021bbd95aaa65afa523105fe8652ff83475cef4de394da01420187a05", "47f9eabe7f83bbce4b0d52282ba627f678ecc48604201101f7650ecc72a3b714", "ac097abc44ceac4f6f0b6a33e876a76284a9aad676ce924bda277925b3f12bf5", "42657321367294c31f060614894a0f13b1f38613cf3e013c94a835496e86a537", "b917589fa6394de51e2d957d056a2ad3bbe98008b7c0d80dfc34a9ef899ab7b6", "d035d109efdd781d1890618914a1281b4d5a53d6fc67179f38b1acb7caedf331", "95528ad474a06ae5c23200fac691561cae115466dd07e7f60cb5e9bf667443f5", "6ceeb2ab8b3d41fb927e0ffdcada6da07cac54124cdb8f0c9de15553a4254af5", "c415ce187918b1d143e3ab99aea5c5db4464cc913baaffeef69ae8813a708486", "47ea467e5da54049ec9c40d2173a97fb87dae67546faba7dce0631ad88fa3fa9", "75ed32ca3cc84d402a91fb13088ac3421917d427efb55bf2442b71f6dfd6a398", "f98fe265e3d49a10212f8f844677cb71fcbe73dd28fcad5ade1bbdf4a8c5e8cb", "fa94f3c28c812bdfd6ae0f7d130657ba242227de07d152fa8174a611ab7f70ea", "360e964ae4aaf043ea27780f20ab266bf55470e3d58fa20550c9f2c520823fbe", "1c5e6a11a293501d1bd41d302a7cbde8e8efc67916e4a063a5757f476190c48f", "fa542639728c094c868b5689c28d21abcfc535f8b6be37c2aebe24d4d2a602a6", "34861226330e4af50b8e03f6e9d8457ff1d1c9a7d3eeb1fc930a9f70a315dd54", "86497472773d474e05b8ecccc82dfd17d7a4ad6c38e6911d03d6956aedadd49a", "c7b65cca4f914602da625cdc2b73f558a9eae8d8868093b34374e86122487c9c", "7ef5f3c744b456b04c79e14c5923a7cfbc3894f14a473a564d843dce62293b5a", "13f0e1860121210bdcfd59887053156fee80c0e7e61ad1b2109a3ca027060ef5", "ef90c5171cfd9c48b209ca4ffa40b803c1597aece9defa3c3c56dac3a066cafd", "a23c17fe1c893ac18bcc2d524adc6b8be07ee6ed2277701d2b43a1681ba60a29", "97fc7992ceecb79f0e43c702fc69a564941b9c909ffd422a7af6a8d1c575ffdd", "a3a34b395a54043f247e09b8f6656ed66c74c6d02735e49a87e118749a1daa37", "0672e260b9febfd47b8536c8cd17866dc5cad82fbd9acf6778225c69617f8df4", "b114b13753a82d5d8330aea8c16febddd0522f611d656c71364ea2d1a7403a56", "92f407eb8a0b4562acd7f1c27c86ed365b37c37bbc2fda343efd0fe22ea73bd1", "ee96aa3c71a991cf1f87f2eff4db5f6a7f7d44a2f69970b82c8feab31449f64a", "fe89c0424531961faa0bbc70a6171467ed0ed881affa7d0f0fe9b1ea670953d9", "fe3b45f030a03252dc6724682bb3620906fe41459a870ae0699b3b4abf1b9b14", "d092ca0f68c891c6f6a92c70726af55251067c61505c64937c0630281a6aeda8", "45bedf4f08cc21eb94088a7ebd942915d8e3f834d0632cfb9264d92228c8a4f1"], "mitre_attack_tags": []}, {"bi": "created-executable-sample-appdata", "hashes": ["9f8eaa58bddf52d4ebc3603f00b6b19d76fe5ae486a308ac7d21330486fa0f87", "ae622c4057b66fb39cc1a341f50ceaaa7146fe4c1e06d0d6e316547cff821da4", "161dd94d902139168107ee72aa66fc2bb00ecbe72a9ea3a2645a2e5f3edb43bc", "04be2d1165429f6a1fc8217db32e549eeeb54983aa4c44f26e1147d054d954e1", "e518df8e99ed5120dc21b215830872d164c361f772382e17054ad7e1c03b7749", "d91908bf280f559b2ff54c1a8218d7fe90f9d9a890d80bfb747e47fafae92195", "ae08cd70435a6eacc7097babc6c26ecae3484bf8ca73ac1ae4f8078eef69d017", "31c10bfe9039675974640b3404fbbdccf660bbef3319ed011766f4e7e2dc6d48", "ef1f2c2a59ed193e1642da066d32b639fd810fb2950bbff8bf2fde379213ddc4", "c3087f4ebef7aa5ac5b209399a4a45e4e5988da2e5124f3967f2b765b736ce6b", "e334b50021bbd95aaa65afa523105fe8652ff83475cef4de394da01420187a05", "47f9eabe7f83bbce4b0d52282ba627f678ecc48604201101f7650ecc72a3b714", "ac097abc44ceac4f6f0b6a33e876a76284a9aad676ce924bda277925b3f12bf5", "42657321367294c31f060614894a0f13b1f38613cf3e013c94a835496e86a537", "b917589fa6394de51e2d957d056a2ad3bbe98008b7c0d80dfc34a9ef899ab7b6", "d035d109efdd781d1890618914a1281b4d5a53d6fc67179f38b1acb7caedf331", "95528ad474a06ae5c23200fac691561cae115466dd07e7f60cb5e9bf667443f5", "6ceeb2ab8b3d41fb927e0ffdcada6da07cac54124cdb8f0c9de15553a4254af5", "c415ce187918b1d143e3ab99aea5c5db4464cc913baaffeef69ae8813a708486", "47ea467e5da54049ec9c40d2173a97fb87dae67546faba7dce0631ad88fa3fa9", "75ed32ca3cc84d402a91fb13088ac3421917d427efb55bf2442b71f6dfd6a398", "f98fe265e3d49a10212f8f844677cb71fcbe73dd28fcad5ade1bbdf4a8c5e8cb", "fa94f3c28c812bdfd6ae0f7d130657ba242227de07d152fa8174a611ab7f70ea", "360e964ae4aaf043ea27780f20ab266bf55470e3d58fa20550c9f2c520823fbe", "1c5e6a11a293501d1bd41d302a7cbde8e8efc67916e4a063a5757f476190c48f", "fa542639728c094c868b5689c28d21abcfc535f8b6be37c2aebe24d4d2a602a6", "34861226330e4af50b8e03f6e9d8457ff1d1c9a7d3eeb1fc930a9f70a315dd54", "86497472773d474e05b8ecccc82dfd17d7a4ad6c38e6911d03d6956aedadd49a", "c7b65cca4f914602da625cdc2b73f558a9eae8d8868093b34374e86122487c9c", "7ef5f3c744b456b04c79e14c5923a7cfbc3894f14a473a564d843dce62293b5a", "13f0e1860121210bdcfd59887053156fee80c0e7e61ad1b2109a3ca027060ef5", "ef90c5171cfd9c48b209ca4ffa40b803c1597aece9defa3c3c56dac3a066cafd", "a23c17fe1c893ac18bcc2d524adc6b8be07ee6ed2277701d2b43a1681ba60a29", "97fc7992ceecb79f0e43c702fc69a564941b9c909ffd422a7af6a8d1c575ffdd", "a3a34b395a54043f247e09b8f6656ed66c74c6d02735e49a87e118749a1daa37", "0672e260b9febfd47b8536c8cd17866dc5cad82fbd9acf6778225c69617f8df4", "b114b13753a82d5d8330aea8c16febddd0522f611d656c71364ea2d1a7403a56", "92f407eb8a0b4562acd7f1c27c86ed365b37c37bbc2fda343efd0fe22ea73bd1", "ee96aa3c71a991cf1f87f2eff4db5f6a7f7d44a2f69970b82c8feab31449f64a", "fe89c0424531961faa0bbc70a6171467ed0ed881affa7d0f0fe9b1ea670953d9", "fe3b45f030a03252dc6724682bb3620906fe41459a870ae0699b3b4abf1b9b14", "d092ca0f68c891c6f6a92c70726af55251067c61505c64937c0630281a6aeda8", "45bedf4f08cc21eb94088a7ebd942915d8e3f834d0632cfb9264d92228c8a4f1"], "mitre_attack_tags": ["TA0005", "T1564"]}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["ae622c4057b66fb39cc1a341f50ceaaa7146fe4c1e06d0d6e316547cff821da4", "161dd94d902139168107ee72aa66fc2bb00ecbe72a9ea3a2645a2e5f3edb43bc", "04be2d1165429f6a1fc8217db32e549eeeb54983aa4c44f26e1147d054d954e1", "e518df8e99ed5120dc21b215830872d164c361f772382e17054ad7e1c03b7749", "d91908bf280f559b2ff54c1a8218d7fe90f9d9a890d80bfb747e47fafae92195", "ae08cd70435a6eacc7097babc6c26ecae3484bf8ca73ac1ae4f8078eef69d017", "31c10bfe9039675974640b3404fbbdccf660bbef3319ed011766f4e7e2dc6d48", "ef1f2c2a59ed193e1642da066d32b639fd810fb2950bbff8bf2fde379213ddc4", "c3087f4ebef7aa5ac5b209399a4a45e4e5988da2e5124f3967f2b765b736ce6b", "e334b50021bbd95aaa65afa523105fe8652ff83475cef4de394da01420187a05", "47f9eabe7f83bbce4b0d52282ba627f678ecc48604201101f7650ecc72a3b714", "ac097abc44ceac4f6f0b6a33e876a76284a9aad676ce924bda277925b3f12bf5", "42657321367294c31f060614894a0f13b1f38613cf3e013c94a835496e86a537", "b917589fa6394de51e2d957d056a2ad3bbe98008b7c0d80dfc34a9ef899ab7b6", "d035d109efdd781d1890618914a1281b4d5a53d6fc67179f38b1acb7caedf331", "95528ad474a06ae5c23200fac691561cae115466dd07e7f60cb5e9bf667443f5", "6ceeb2ab8b3d41fb927e0ffdcada6da07cac54124cdb8f0c9de15553a4254af5", "c415ce187918b1d143e3ab99aea5c5db4464cc913baaffeef69ae8813a708486", "47ea467e5da54049ec9c40d2173a97fb87dae67546faba7dce0631ad88fa3fa9", "75ed32ca3cc84d402a91fb13088ac3421917d427efb55bf2442b71f6dfd6a398", "f98fe265e3d49a10212f8f844677cb71fcbe73dd28fcad5ade1bbdf4a8c5e8cb", "fa94f3c28c812bdfd6ae0f7d130657ba242227de07d152fa8174a611ab7f70ea", "360e964ae4aaf043ea27780f20ab266bf55470e3d58fa20550c9f2c520823fbe", "1c5e6a11a293501d1bd41d302a7cbde8e8efc67916e4a063a5757f476190c48f", "fa542639728c094c868b5689c28d21abcfc535f8b6be37c2aebe24d4d2a602a6", "34861226330e4af50b8e03f6e9d8457ff1d1c9a7d3eeb1fc930a9f70a315dd54", "86497472773d474e05b8ecccc82dfd17d7a4ad6c38e6911d03d6956aedadd49a", "c7b65cca4f914602da625cdc2b73f558a9eae8d8868093b34374e86122487c9c", "7ef5f3c744b456b04c79e14c5923a7cfbc3894f14a473a564d843dce62293b5a", "13f0e1860121210bdcfd59887053156fee80c0e7e61ad1b2109a3ca027060ef5", "ef90c5171cfd9c48b209ca4ffa40b803c1597aece9defa3c3c56dac3a066cafd", "a23c17fe1c893ac18bcc2d524adc6b8be07ee6ed2277701d2b43a1681ba60a29", "97fc7992ceecb79f0e43c702fc69a564941b9c909ffd422a7af6a8d1c575ffdd", "a3a34b395a54043f247e09b8f6656ed66c74c6d02735e49a87e118749a1daa37", "0672e260b9febfd47b8536c8cd17866dc5cad82fbd9acf6778225c69617f8df4", "b114b13753a82d5d8330aea8c16febddd0522f611d656c71364ea2d1a7403a56", "92f407eb8a0b4562acd7f1c27c86ed365b37c37bbc2fda343efd0fe22ea73bd1", "ee96aa3c71a991cf1f87f2eff4db5f6a7f7d44a2f69970b82c8feab31449f64a", "fe3b45f030a03252dc6724682bb3620906fe41459a870ae0699b3b4abf1b9b14", "d092ca0f68c891c6f6a92c70726af55251067c61505c64937c0630281a6aeda8", "45bedf4f08cc21eb94088a7ebd942915d8e3f834d0632cfb9264d92228c8a4f1"], "mitre_attack_tags": []}, {"bi": "network-file-uploaded", "hashes": ["9f8eaa58bddf52d4ebc3603f00b6b19d76fe5ae486a308ac7d21330486fa0f87", "ae622c4057b66fb39cc1a341f50ceaaa7146fe4c1e06d0d6e316547cff821da4", "161dd94d902139168107ee72aa66fc2bb00ecbe72a9ea3a2645a2e5f3edb43bc", "04be2d1165429f6a1fc8217db32e549eeeb54983aa4c44f26e1147d054d954e1", "d91908bf280f559b2ff54c1a8218d7fe90f9d9a890d80bfb747e47fafae92195", "ae08cd70435a6eacc7097babc6c26ecae3484bf8ca73ac1ae4f8078eef69d017", "ef1f2c2a59ed193e1642da066d32b639fd810fb2950bbff8bf2fde379213ddc4", "e334b50021bbd95aaa65afa523105fe8652ff83475cef4de394da01420187a05", "47f9eabe7f83bbce4b0d52282ba627f678ecc48604201101f7650ecc72a3b714", "d035d109efdd781d1890618914a1281b4d5a53d6fc67179f38b1acb7caedf331", "c415ce187918b1d143e3ab99aea5c5db4464cc913baaffeef69ae8813a708486", "47ea467e5da54049ec9c40d2173a97fb87dae67546faba7dce0631ad88fa3fa9", "75ed32ca3cc84d402a91fb13088ac3421917d427efb55bf2442b71f6dfd6a398", "1c5e6a11a293501d1bd41d302a7cbde8e8efc67916e4a063a5757f476190c48f", "fa542639728c094c868b5689c28d21abcfc535f8b6be37c2aebe24d4d2a602a6", "7ef5f3c744b456b04c79e14c5923a7cfbc3894f14a473a564d843dce62293b5a", "a3a34b395a54043f247e09b8f6656ed66c74c6d02735e49a87e118749a1daa37", "0672e260b9febfd47b8536c8cd17866dc5cad82fbd9acf6778225c69617f8df4", "b114b13753a82d5d8330aea8c16febddd0522f611d656c71364ea2d1a7403a56", "92f407eb8a0b4562acd7f1c27c86ed365b37c37bbc2fda343efd0fe22ea73bd1", "ee96aa3c71a991cf1f87f2eff4db5f6a7f7d44a2f69970b82c8feab31449f64a", "fe89c0424531961faa0bbc70a6171467ed0ed881affa7d0f0fe9b1ea670953d9", "fe3b45f030a03252dc6724682bb3620906fe41459a870ae0699b3b4abf1b9b14", "d092ca0f68c891c6f6a92c70726af55251067c61505c64937c0630281a6aeda8", "45bedf4f08cc21eb94088a7ebd942915d8e3f834d0632cfb9264d92228c8a4f1"], "mitre_attack_tags": ["TA0010", "T1011"]}, {"bi": "network-http-numeric-ip", "hashes": ["9f8eaa58bddf52d4ebc3603f00b6b19d76fe5ae486a308ac7d21330486fa0f87", "ae622c4057b66fb39cc1a341f50ceaaa7146fe4c1e06d0d6e316547cff821da4", "161dd94d902139168107ee72aa66fc2bb00ecbe72a9ea3a2645a2e5f3edb43bc", "04be2d1165429f6a1fc8217db32e549eeeb54983aa4c44f26e1147d054d954e1", "d91908bf280f559b2ff54c1a8218d7fe90f9d9a890d80bfb747e47fafae92195", "ae08cd70435a6eacc7097babc6c26ecae3484bf8ca73ac1ae4f8078eef69d017", "ef1f2c2a59ed193e1642da066d32b639fd810fb2950bbff8bf2fde379213ddc4", "e334b50021bbd95aaa65afa523105fe8652ff83475cef4de394da01420187a05", "47f9eabe7f83bbce4b0d52282ba627f678ecc48604201101f7650ecc72a3b714", "d035d109efdd781d1890618914a1281b4d5a53d6fc67179f38b1acb7caedf331", "c415ce187918b1d143e3ab99aea5c5db4464cc913baaffeef69ae8813a708486", "47ea467e5da54049ec9c40d2173a97fb87dae67546faba7dce0631ad88fa3fa9", "75ed32ca3cc84d402a91fb13088ac3421917d427efb55bf2442b71f6dfd6a398", "1c5e6a11a293501d1bd41d302a7cbde8e8efc67916e4a063a5757f476190c48f", "fa542639728c094c868b5689c28d21abcfc535f8b6be37c2aebe24d4d2a602a6", "7ef5f3c744b456b04c79e14c5923a7cfbc3894f14a473a564d843dce62293b5a", "a3a34b395a54043f247e09b8f6656ed66c74c6d02735e49a87e118749a1daa37", "0672e260b9febfd47b8536c8cd17866dc5cad82fbd9acf6778225c69617f8df4", "b114b13753a82d5d8330aea8c16febddd0522f611d656c71364ea2d1a7403a56", "92f407eb8a0b4562acd7f1c27c86ed365b37c37bbc2fda343efd0fe22ea73bd1", "ee96aa3c71a991cf1f87f2eff4db5f6a7f7d44a2f69970b82c8feab31449f64a", "fe89c0424531961faa0bbc70a6171467ed0ed881affa7d0f0fe9b1ea670953d9", "fe3b45f030a03252dc6724682bb3620906fe41459a870ae0699b3b4abf1b9b14", "d092ca0f68c891c6f6a92c70726af55251067c61505c64937c0630281a6aeda8", "45bedf4f08cc21eb94088a7ebd942915d8e3f834d0632cfb9264d92228c8a4f1"], "mitre_attack_tags": ["TA0011", "T1071"]}, {"bi": "network-communications-http-post", "hashes": ["9f8eaa58bddf52d4ebc3603f00b6b19d76fe5ae486a308ac7d21330486fa0f87", "ae622c4057b66fb39cc1a341f50ceaaa7146fe4c1e06d0d6e316547cff821da4", "161dd94d902139168107ee72aa66fc2bb00ecbe72a9ea3a2645a2e5f3edb43bc", "04be2d1165429f6a1fc8217db32e549eeeb54983aa4c44f26e1147d054d954e1", "d91908bf280f559b2ff54c1a8218d7fe90f9d9a890d80bfb747e47fafae92195", "ae08cd70435a6eacc7097babc6c26ecae3484bf8ca73ac1ae4f8078eef69d017", "ef1f2c2a59ed193e1642da066d32b639fd810fb2950bbff8bf2fde379213ddc4", "e334b50021bbd95aaa65afa523105fe8652ff83475cef4de394da01420187a05", "47f9eabe7f83bbce4b0d52282ba627f678ecc48604201101f7650ecc72a3b714", "d035d109efdd781d1890618914a1281b4d5a53d6fc67179f38b1acb7caedf331", "c415ce187918b1d143e3ab99aea5c5db4464cc913baaffeef69ae8813a708486", "47ea467e5da54049ec9c40d2173a97fb87dae67546faba7dce0631ad88fa3fa9", "75ed32ca3cc84d402a91fb13088ac3421917d427efb55bf2442b71f6dfd6a398", "1c5e6a11a293501d1bd41d302a7cbde8e8efc67916e4a063a5757f476190c48f", "fa542639728c094c868b5689c28d21abcfc535f8b6be37c2aebe24d4d2a602a6", "7ef5f3c744b456b04c79e14c5923a7cfbc3894f14a473a564d843dce62293b5a", "a3a34b395a54043f247e09b8f6656ed66c74c6d02735e49a87e118749a1daa37", "0672e260b9febfd47b8536c8cd17866dc5cad82fbd9acf6778225c69617f8df4", "b114b13753a82d5d8330aea8c16febddd0522f611d656c71364ea2d1a7403a56", "92f407eb8a0b4562acd7f1c27c86ed365b37c37bbc2fda343efd0fe22ea73bd1", "ee96aa3c71a991cf1f87f2eff4db5f6a7f7d44a2f69970b82c8feab31449f64a", "fe89c0424531961faa0bbc70a6171467ed0ed881affa7d0f0fe9b1ea670953d9", "fe3b45f030a03252dc6724682bb3620906fe41459a870ae0699b3b4abf1b9b14", "d092ca0f68c891c6f6a92c70726af55251067c61505c64937c0630281a6aeda8", "45bedf4f08cc21eb94088a7ebd942915d8e3f834d0632cfb9264d92228c8a4f1"], "mitre_attack_tags": ["TA0010", "T1048"]}, {"bi": "network-snort-server", "hashes": ["9f8eaa58bddf52d4ebc3603f00b6b19d76fe5ae486a308ac7d21330486fa0f87", "ae622c4057b66fb39cc1a341f50ceaaa7146fe4c1e06d0d6e316547cff821da4", "161dd94d902139168107ee72aa66fc2bb00ecbe72a9ea3a2645a2e5f3edb43bc", "04be2d1165429f6a1fc8217db32e549eeeb54983aa4c44f26e1147d054d954e1", "d91908bf280f559b2ff54c1a8218d7fe90f9d9a890d80bfb747e47fafae92195", "ae08cd70435a6eacc7097babc6c26ecae3484bf8ca73ac1ae4f8078eef69d017", "ef1f2c2a59ed193e1642da066d32b639fd810fb2950bbff8bf2fde379213ddc4", "e334b50021bbd95aaa65afa523105fe8652ff83475cef4de394da01420187a05", "47f9eabe7f83bbce4b0d52282ba627f678ecc48604201101f7650ecc72a3b714", "d035d109efdd781d1890618914a1281b4d5a53d6fc67179f38b1acb7caedf331", "c415ce187918b1d143e3ab99aea5c5db4464cc913baaffeef69ae8813a708486", "47ea467e5da54049ec9c40d2173a97fb87dae67546faba7dce0631ad88fa3fa9", "75ed32ca3cc84d402a91fb13088ac3421917d427efb55bf2442b71f6dfd6a398", "1c5e6a11a293501d1bd41d302a7cbde8e8efc67916e4a063a5757f476190c48f", "fa542639728c094c868b5689c28d21abcfc535f8b6be37c2aebe24d4d2a602a6", "7ef5f3c744b456b04c79e14c5923a7cfbc3894f14a473a564d843dce62293b5a", "a3a34b395a54043f247e09b8f6656ed66c74c6d02735e49a87e118749a1daa37", "0672e260b9febfd47b8536c8cd17866dc5cad82fbd9acf6778225c69617f8df4", "b114b13753a82d5d8330aea8c16febddd0522f611d656c71364ea2d1a7403a56", "92f407eb8a0b4562acd7f1c27c86ed365b37c37bbc2fda343efd0fe22ea73bd1", "ee96aa3c71a991cf1f87f2eff4db5f6a7f7d44a2f69970b82c8feab31449f64a", "fe89c0424531961faa0bbc70a6171467ed0ed881affa7d0f0fe9b1ea670953d9", "fe3b45f030a03252dc6724682bb3620906fe41459a870ae0699b3b4abf1b9b14", "d092ca0f68c891c6f6a92c70726af55251067c61505c64937c0630281a6aeda8", "45bedf4f08cc21eb94088a7ebd942915d8e3f834d0632cfb9264d92228c8a4f1"], "mitre_attack_tags": []}, {"bi": "http-response-client-error", "hashes": ["9f8eaa58bddf52d4ebc3603f00b6b19d76fe5ae486a308ac7d21330486fa0f87", "ae622c4057b66fb39cc1a341f50ceaaa7146fe4c1e06d0d6e316547cff821da4", "161dd94d902139168107ee72aa66fc2bb00ecbe72a9ea3a2645a2e5f3edb43bc", "04be2d1165429f6a1fc8217db32e549eeeb54983aa4c44f26e1147d054d954e1", "d91908bf280f559b2ff54c1a8218d7fe90f9d9a890d80bfb747e47fafae92195", "ae08cd70435a6eacc7097babc6c26ecae3484bf8ca73ac1ae4f8078eef69d017", "ef1f2c2a59ed193e1642da066d32b639fd810fb2950bbff8bf2fde379213ddc4", "e334b50021bbd95aaa65afa523105fe8652ff83475cef4de394da01420187a05", "47f9eabe7f83bbce4b0d52282ba627f678ecc48604201101f7650ecc72a3b714", "d035d109efdd781d1890618914a1281b4d5a53d6fc67179f38b1acb7caedf331", "c415ce187918b1d143e3ab99aea5c5db4464cc913baaffeef69ae8813a708486", "47ea467e5da54049ec9c40d2173a97fb87dae67546faba7dce0631ad88fa3fa9", "75ed32ca3cc84d402a91fb13088ac3421917d427efb55bf2442b71f6dfd6a398", "1c5e6a11a293501d1bd41d302a7cbde8e8efc67916e4a063a5757f476190c48f", "fa542639728c094c868b5689c28d21abcfc535f8b6be37c2aebe24d4d2a602a6", "7ef5f3c744b456b04c79e14c5923a7cfbc3894f14a473a564d843dce62293b5a", "a3a34b395a54043f247e09b8f6656ed66c74c6d02735e49a87e118749a1daa37", "0672e260b9febfd47b8536c8cd17866dc5cad82fbd9acf6778225c69617f8df4", "b114b13753a82d5d8330aea8c16febddd0522f611d656c71364ea2d1a7403a56", "92f407eb8a0b4562acd7f1c27c86ed365b37c37bbc2fda343efd0fe22ea73bd1", "ee96aa3c71a991cf1f87f2eff4db5f6a7f7d44a2f69970b82c8feab31449f64a", "fe89c0424531961faa0bbc70a6171467ed0ed881affa7d0f0fe9b1ea670953d9", "fe3b45f030a03252dc6724682bb3620906fe41459a870ae0699b3b4abf1b9b14", "d092ca0f68c891c6f6a92c70726af55251067c61505c64937c0630281a6aeda8", "45bedf4f08cc21eb94088a7ebd942915d8e3f834d0632cfb9264d92228c8a4f1"], "mitre_attack_tags": []}, {"bi": "malware-asprox-url-pattern-old", "hashes": ["9f8eaa58bddf52d4ebc3603f00b6b19d76fe5ae486a308ac7d21330486fa0f87", "ae622c4057b66fb39cc1a341f50ceaaa7146fe4c1e06d0d6e316547cff821da4", "161dd94d902139168107ee72aa66fc2bb00ecbe72a9ea3a2645a2e5f3edb43bc", "04be2d1165429f6a1fc8217db32e549eeeb54983aa4c44f26e1147d054d954e1", "d91908bf280f559b2ff54c1a8218d7fe90f9d9a890d80bfb747e47fafae92195", "ae08cd70435a6eacc7097babc6c26ecae3484bf8ca73ac1ae4f8078eef69d017", "ef1f2c2a59ed193e1642da066d32b639fd810fb2950bbff8bf2fde379213ddc4", "e334b50021bbd95aaa65afa523105fe8652ff83475cef4de394da01420187a05", "47f9eabe7f83bbce4b0d52282ba627f678ecc48604201101f7650ecc72a3b714", "d035d109efdd781d1890618914a1281b4d5a53d6fc67179f38b1acb7caedf331", "c415ce187918b1d143e3ab99aea5c5db4464cc913baaffeef69ae8813a708486", "47ea467e5da54049ec9c40d2173a97fb87dae67546faba7dce0631ad88fa3fa9", "75ed32ca3cc84d402a91fb13088ac3421917d427efb55bf2442b71f6dfd6a398", "1c5e6a11a293501d1bd41d302a7cbde8e8efc67916e4a063a5757f476190c48f", "fa542639728c094c868b5689c28d21abcfc535f8b6be37c2aebe24d4d2a602a6", "7ef5f3c744b456b04c79e14c5923a7cfbc3894f14a473a564d843dce62293b5a", "a3a34b395a54043f247e09b8f6656ed66c74c6d02735e49a87e118749a1daa37", "0672e260b9febfd47b8536c8cd17866dc5cad82fbd9acf6778225c69617f8df4", "b114b13753a82d5d8330aea8c16febddd0522f611d656c71364ea2d1a7403a56", "92f407eb8a0b4562acd7f1c27c86ed365b37c37bbc2fda343efd0fe22ea73bd1", "ee96aa3c71a991cf1f87f2eff4db5f6a7f7d44a2f69970b82c8feab31449f64a", "fe89c0424531961faa0bbc70a6171467ed0ed881affa7d0f0fe9b1ea670953d9", "fe3b45f030a03252dc6724682bb3620906fe41459a870ae0699b3b4abf1b9b14", "d092ca0f68c891c6f6a92c70726af55251067c61505c64937c0630281a6aeda8", "45bedf4f08cc21eb94088a7ebd942915d8e3f834d0632cfb9264d92228c8a4f1"], "mitre_attack_tags": []}, {"bi": "html-page-not-found", "hashes": ["9f8eaa58bddf52d4ebc3603f00b6b19d76fe5ae486a308ac7d21330486fa0f87", "ae622c4057b66fb39cc1a341f50ceaaa7146fe4c1e06d0d6e316547cff821da4", "161dd94d902139168107ee72aa66fc2bb00ecbe72a9ea3a2645a2e5f3edb43bc", "04be2d1165429f6a1fc8217db32e549eeeb54983aa4c44f26e1147d054d954e1", "d91908bf280f559b2ff54c1a8218d7fe90f9d9a890d80bfb747e47fafae92195", "ae08cd70435a6eacc7097babc6c26ecae3484bf8ca73ac1ae4f8078eef69d017", "ef1f2c2a59ed193e1642da066d32b639fd810fb2950bbff8bf2fde379213ddc4", "e334b50021bbd95aaa65afa523105fe8652ff83475cef4de394da01420187a05", "47f9eabe7f83bbce4b0d52282ba627f678ecc48604201101f7650ecc72a3b714", "d035d109efdd781d1890618914a1281b4d5a53d6fc67179f38b1acb7caedf331", "c415ce187918b1d143e3ab99aea5c5db4464cc913baaffeef69ae8813a708486", "47ea467e5da54049ec9c40d2173a97fb87dae67546faba7dce0631ad88fa3fa9", "75ed32ca3cc84d402a91fb13088ac3421917d427efb55bf2442b71f6dfd6a398", "1c5e6a11a293501d1bd41d302a7cbde8e8efc67916e4a063a5757f476190c48f", "fa542639728c094c868b5689c28d21abcfc535f8b6be37c2aebe24d4d2a602a6", "7ef5f3c744b456b04c79e14c5923a7cfbc3894f14a473a564d843dce62293b5a", "a3a34b395a54043f247e09b8f6656ed66c74c6d02735e49a87e118749a1daa37", "0672e260b9febfd47b8536c8cd17866dc5cad82fbd9acf6778225c69617f8df4", "b114b13753a82d5d8330aea8c16febddd0522f611d656c71364ea2d1a7403a56", "92f407eb8a0b4562acd7f1c27c86ed365b37c37bbc2fda343efd0fe22ea73bd1", "ee96aa3c71a991cf1f87f2eff4db5f6a7f7d44a2f69970b82c8feab31449f64a", "fe89c0424531961faa0bbc70a6171467ed0ed881affa7d0f0fe9b1ea670953d9", "fe3b45f030a03252dc6724682bb3620906fe41459a870ae0699b3b4abf1b9b14", "d092ca0f68c891c6f6a92c70726af55251067c61505c64937c0630281a6aeda8", "45bedf4f08cc21eb94088a7ebd942915d8e3f834d0632cfb9264d92228c8a4f1"], "mitre_attack_tags": []}], "category": "Dropper", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": true, "Threat Grid": true, "Umbrella": false, "WSA": false}, "description": "Kuluoz, sometimes known as \"Asprox,\" is a modular remote access trojan that is also known to download and execute follow-on malware, such as fake antivirus software. Kuluoz is often delivered via spam emails pretending to be shipment delivery notifications or flight booking confirmations.", "hashes": ["04be2d1165429f6a1fc8217db32e549eeeb54983aa4c44f26e1147d054d954e1", "0672e260b9febfd47b8536c8cd17866dc5cad82fbd9acf6778225c69617f8df4", "13f0e1860121210bdcfd59887053156fee80c0e7e61ad1b2109a3ca027060ef5", "161dd94d902139168107ee72aa66fc2bb00ecbe72a9ea3a2645a2e5f3edb43bc", "1c5e6a11a293501d1bd41d302a7cbde8e8efc67916e4a063a5757f476190c48f", "31c10bfe9039675974640b3404fbbdccf660bbef3319ed011766f4e7e2dc6d48", "34861226330e4af50b8e03f6e9d8457ff1d1c9a7d3eeb1fc930a9f70a315dd54", "360e964ae4aaf043ea27780f20ab266bf55470e3d58fa20550c9f2c520823fbe", "42657321367294c31f060614894a0f13b1f38613cf3e013c94a835496e86a537", "45bedf4f08cc21eb94088a7ebd942915d8e3f834d0632cfb9264d92228c8a4f1", "47ea467e5da54049ec9c40d2173a97fb87dae67546faba7dce0631ad88fa3fa9", "47f9eabe7f83bbce4b0d52282ba627f678ecc48604201101f7650ecc72a3b714", "6ceeb2ab8b3d41fb927e0ffdcada6da07cac54124cdb8f0c9de15553a4254af5", "75ed32ca3cc84d402a91fb13088ac3421917d427efb55bf2442b71f6dfd6a398", "7ef5f3c744b456b04c79e14c5923a7cfbc3894f14a473a564d843dce62293b5a", "86497472773d474e05b8ecccc82dfd17d7a4ad6c38e6911d03d6956aedadd49a", "92f407eb8a0b4562acd7f1c27c86ed365b37c37bbc2fda343efd0fe22ea73bd1", "95528ad474a06ae5c23200fac691561cae115466dd07e7f60cb5e9bf667443f5", "97fc7992ceecb79f0e43c702fc69a564941b9c909ffd422a7af6a8d1c575ffdd", "9f8eaa58bddf52d4ebc3603f00b6b19d76fe5ae486a308ac7d21330486fa0f87", "a23c17fe1c893ac18bcc2d524adc6b8be07ee6ed2277701d2b43a1681ba60a29", "a3a34b395a54043f247e09b8f6656ed66c74c6d02735e49a87e118749a1daa37", "ac097abc44ceac4f6f0b6a33e876a76284a9aad676ce924bda277925b3f12bf5", "ae08cd70435a6eacc7097babc6c26ecae3484bf8ca73ac1ae4f8078eef69d017", "ae622c4057b66fb39cc1a341f50ceaaa7146fe4c1e06d0d6e316547cff821da4", "b114b13753a82d5d8330aea8c16febddd0522f611d656c71364ea2d1a7403a56", "b917589fa6394de51e2d957d056a2ad3bbe98008b7c0d80dfc34a9ef899ab7b6", "c3087f4ebef7aa5ac5b209399a4a45e4e5988da2e5124f3967f2b765b736ce6b", "c415ce187918b1d143e3ab99aea5c5db4464cc913baaffeef69ae8813a708486", "c7b65cca4f914602da625cdc2b73f558a9eae8d8868093b34374e86122487c9c", "d035d109efdd781d1890618914a1281b4d5a53d6fc67179f38b1acb7caedf331", "d092ca0f68c891c6f6a92c70726af55251067c61505c64937c0630281a6aeda8", "d91908bf280f559b2ff54c1a8218d7fe90f9d9a890d80bfb747e47fafae92195", "e334b50021bbd95aaa65afa523105fe8652ff83475cef4de394da01420187a05", "e518df8e99ed5120dc21b215830872d164c361f772382e17054ad7e1c03b7749", "ee96aa3c71a991cf1f87f2eff4db5f6a7f7d44a2f69970b82c8feab31449f64a", "ef1f2c2a59ed193e1642da066d32b639fd810fb2950bbff8bf2fde379213ddc4", "ef90c5171cfd9c48b209ca4ffa40b803c1597aece9defa3c3c56dac3a066cafd", "f98fe265e3d49a10212f8f844677cb71fcbe73dd28fcad5ade1bbdf4a8c5e8cb", "fa542639728c094c868b5689c28d21abcfc535f8b6be37c2aebe24d4d2a602a6", "fa94f3c28c812bdfd6ae0f7d130657ba242227de07d152fa8174a611ab7f70ea", "fe3b45f030a03252dc6724682bb3620906fe41459a870ae0699b3b4abf1b9b14", "fe89c0424531961faa0bbc70a6171467ed0ed881affa7d0f0fe9b1ea670953d9"], "iocs": {"domain": [], "file": [{"hashes": ["04be2d1165429f6a1fc8217db32e549eeeb54983aa4c44f26e1147d054d954e1", "0672e260b9febfd47b8536c8cd17866dc5cad82fbd9acf6778225c69617f8df4", "13f0e1860121210bdcfd59887053156fee80c0e7e61ad1b2109a3ca027060ef5", "161dd94d902139168107ee72aa66fc2bb00ecbe72a9ea3a2645a2e5f3edb43bc", "1c5e6a11a293501d1bd41d302a7cbde8e8efc67916e4a063a5757f476190c48f", "31c10bfe9039675974640b3404fbbdccf660bbef3319ed011766f4e7e2dc6d48", "34861226330e4af50b8e03f6e9d8457ff1d1c9a7d3eeb1fc930a9f70a315dd54", "360e964ae4aaf043ea27780f20ab266bf55470e3d58fa20550c9f2c520823fbe", "42657321367294c31f060614894a0f13b1f38613cf3e013c94a835496e86a537", "45bedf4f08cc21eb94088a7ebd942915d8e3f834d0632cfb9264d92228c8a4f1", "47ea467e5da54049ec9c40d2173a97fb87dae67546faba7dce0631ad88fa3fa9", "47f9eabe7f83bbce4b0d52282ba627f678ecc48604201101f7650ecc72a3b714", "6ceeb2ab8b3d41fb927e0ffdcada6da07cac54124cdb8f0c9de15553a4254af5", "75ed32ca3cc84d402a91fb13088ac3421917d427efb55bf2442b71f6dfd6a398", "7ef5f3c744b456b04c79e14c5923a7cfbc3894f14a473a564d843dce62293b5a", "86497472773d474e05b8ecccc82dfd17d7a4ad6c38e6911d03d6956aedadd49a", "92f407eb8a0b4562acd7f1c27c86ed365b37c37bbc2fda343efd0fe22ea73bd1", "95528ad474a06ae5c23200fac691561cae115466dd07e7f60cb5e9bf667443f5", "97fc7992ceecb79f0e43c702fc69a564941b9c909ffd422a7af6a8d1c575ffdd", "9f8eaa58bddf52d4ebc3603f00b6b19d76fe5ae486a308ac7d21330486fa0f87", "a23c17fe1c893ac18bcc2d524adc6b8be07ee6ed2277701d2b43a1681ba60a29", "a3a34b395a54043f247e09b8f6656ed66c74c6d02735e49a87e118749a1daa37", "ac097abc44ceac4f6f0b6a33e876a76284a9aad676ce924bda277925b3f12bf5", "ae08cd70435a6eacc7097babc6c26ecae3484bf8ca73ac1ae4f8078eef69d017", "ae622c4057b66fb39cc1a341f50ceaaa7146fe4c1e06d0d6e316547cff821da4", "b114b13753a82d5d8330aea8c16febddd0522f611d656c71364ea2d1a7403a56", "b917589fa6394de51e2d957d056a2ad3bbe98008b7c0d80dfc34a9ef899ab7b6", "c3087f4ebef7aa5ac5b209399a4a45e4e5988da2e5124f3967f2b765b736ce6b", "c415ce187918b1d143e3ab99aea5c5db4464cc913baaffeef69ae8813a708486", "c7b65cca4f914602da625cdc2b73f558a9eae8d8868093b34374e86122487c9c", "d035d109efdd781d1890618914a1281b4d5a53d6fc67179f38b1acb7caedf331", "d092ca0f68c891c6f6a92c70726af55251067c61505c64937c0630281a6aeda8", "d91908bf280f559b2ff54c1a8218d7fe90f9d9a890d80bfb747e47fafae92195", "e334b50021bbd95aaa65afa523105fe8652ff83475cef4de394da01420187a05", "e518df8e99ed5120dc21b215830872d164c361f772382e17054ad7e1c03b7749", "ee96aa3c71a991cf1f87f2eff4db5f6a7f7d44a2f69970b82c8feab31449f64a", "ef1f2c2a59ed193e1642da066d32b639fd810fb2950bbff8bf2fde379213ddc4", "ef90c5171cfd9c48b209ca4ffa40b803c1597aece9defa3c3c56dac3a066cafd", "f98fe265e3d49a10212f8f844677cb71fcbe73dd28fcad5ade1bbdf4a8c5e8cb", "fa542639728c094c868b5689c28d21abcfc535f8b6be37c2aebe24d4d2a602a6", "fa94f3c28c812bdfd6ae0f7d130657ba242227de07d152fa8174a611ab7f70ea", "fe3b45f030a03252dc6724682bb3620906fe41459a870ae0699b3b4abf1b9b14", "fe89c0424531961faa0bbc70a6171467ed0ed881affa7d0f0fe9b1ea670953d9"], "path": "%LOCALAPPDATA%\\<random, matching '[a-z]{8}'>.exe"}], "ip": [{"hashes": ["04be2d1165429f6a1fc8217db32e549eeeb54983aa4c44f26e1147d054d954e1", "0672e260b9febfd47b8536c8cd17866dc5cad82fbd9acf6778225c69617f8df4", "161dd94d902139168107ee72aa66fc2bb00ecbe72a9ea3a2645a2e5f3edb43bc", "1c5e6a11a293501d1bd41d302a7cbde8e8efc67916e4a063a5757f476190c48f", "31c10bfe9039675974640b3404fbbdccf660bbef3319ed011766f4e7e2dc6d48", "360e964ae4aaf043ea27780f20ab266bf55470e3d58fa20550c9f2c520823fbe", "45bedf4f08cc21eb94088a7ebd942915d8e3f834d0632cfb9264d92228c8a4f1", "47f9eabe7f83bbce4b0d52282ba627f678ecc48604201101f7650ecc72a3b714", "6ceeb2ab8b3d41fb927e0ffdcada6da07cac54124cdb8f0c9de15553a4254af5", "75ed32ca3cc84d402a91fb13088ac3421917d427efb55bf2442b71f6dfd6a398", "7ef5f3c744b456b04c79e14c5923a7cfbc3894f14a473a564d843dce62293b5a", "95528ad474a06ae5c23200fac691561cae115466dd07e7f60cb5e9bf667443f5", "a3a34b395a54043f247e09b8f6656ed66c74c6d02735e49a87e118749a1daa37", "ac097abc44ceac4f6f0b6a33e876a76284a9aad676ce924bda277925b3f12bf5", "ae08cd70435a6eacc7097babc6c26ecae3484bf8ca73ac1ae4f8078eef69d017", "b114b13753a82d5d8330aea8c16febddd0522f611d656c71364ea2d1a7403a56", "b917589fa6394de51e2d957d056a2ad3bbe98008b7c0d80dfc34a9ef899ab7b6", "c3087f4ebef7aa5ac5b209399a4a45e4e5988da2e5124f3967f2b765b736ce6b", "c415ce187918b1d143e3ab99aea5c5db4464cc913baaffeef69ae8813a708486", "d035d109efdd781d1890618914a1281b4d5a53d6fc67179f38b1acb7caedf331", "d91908bf280f559b2ff54c1a8218d7fe90f9d9a890d80bfb747e47fafae92195", "e334b50021bbd95aaa65afa523105fe8652ff83475cef4de394da01420187a05", "e518df8e99ed5120dc21b215830872d164c361f772382e17054ad7e1c03b7749", "ee96aa3c71a991cf1f87f2eff4db5f6a7f7d44a2f69970b82c8feab31449f64a", "ef1f2c2a59ed193e1642da066d32b639fd810fb2950bbff8bf2fde379213ddc4", "fa94f3c28c812bdfd6ae0f7d130657ba242227de07d152fa8174a611ab7f70ea", "fe3b45f030a03252dc6724682bb3620906fe41459a870ae0699b3b4abf1b9b14", "fe89c0424531961faa0bbc70a6171467ed0ed881affa7d0f0fe9b1ea670953d9"], "ip": "78[.]157[.]209[.]228"}, {"hashes": ["04be2d1165429f6a1fc8217db32e549eeeb54983aa4c44f26e1147d054d954e1", "0672e260b9febfd47b8536c8cd17866dc5cad82fbd9acf6778225c69617f8df4", "161dd94d902139168107ee72aa66fc2bb00ecbe72a9ea3a2645a2e5f3edb43bc", "1c5e6a11a293501d1bd41d302a7cbde8e8efc67916e4a063a5757f476190c48f", "34861226330e4af50b8e03f6e9d8457ff1d1c9a7d3eeb1fc930a9f70a315dd54", "42657321367294c31f060614894a0f13b1f38613cf3e013c94a835496e86a537", "47f9eabe7f83bbce4b0d52282ba627f678ecc48604201101f7650ecc72a3b714", "92f407eb8a0b4562acd7f1c27c86ed365b37c37bbc2fda343efd0fe22ea73bd1", "97fc7992ceecb79f0e43c702fc69a564941b9c909ffd422a7af6a8d1c575ffdd", "9f8eaa58bddf52d4ebc3603f00b6b19d76fe5ae486a308ac7d21330486fa0f87", "a23c17fe1c893ac18bcc2d524adc6b8be07ee6ed2277701d2b43a1681ba60a29", "a3a34b395a54043f247e09b8f6656ed66c74c6d02735e49a87e118749a1daa37", "ac097abc44ceac4f6f0b6a33e876a76284a9aad676ce924bda277925b3f12bf5", "ae622c4057b66fb39cc1a341f50ceaaa7146fe4c1e06d0d6e316547cff821da4", "b114b13753a82d5d8330aea8c16febddd0522f611d656c71364ea2d1a7403a56", "b917589fa6394de51e2d957d056a2ad3bbe98008b7c0d80dfc34a9ef899ab7b6", "c3087f4ebef7aa5ac5b209399a4a45e4e5988da2e5124f3967f2b765b736ce6b", "c415ce187918b1d143e3ab99aea5c5db4464cc913baaffeef69ae8813a708486", "c7b65cca4f914602da625cdc2b73f558a9eae8d8868093b34374e86122487c9c", "d035d109efdd781d1890618914a1281b4d5a53d6fc67179f38b1acb7caedf331", "d092ca0f68c891c6f6a92c70726af55251067c61505c64937c0630281a6aeda8", "e518df8e99ed5120dc21b215830872d164c361f772382e17054ad7e1c03b7749", "f98fe265e3d49a10212f8f844677cb71fcbe73dd28fcad5ade1bbdf4a8c5e8cb", "fa542639728c094c868b5689c28d21abcfc535f8b6be37c2aebe24d4d2a602a6", "fa94f3c28c812bdfd6ae0f7d130657ba242227de07d152fa8174a611ab7f70ea", "fe3b45f030a03252dc6724682bb3620906fe41459a870ae0699b3b4abf1b9b14", "fe89c0424531961faa0bbc70a6171467ed0ed881affa7d0f0fe9b1ea670953d9"], "ip": "85[.]25[.]108[.]164"}, {"hashes": ["04be2d1165429f6a1fc8217db32e549eeeb54983aa4c44f26e1147d054d954e1", "13f0e1860121210bdcfd59887053156fee80c0e7e61ad1b2109a3ca027060ef5", "161dd94d902139168107ee72aa66fc2bb00ecbe72a9ea3a2645a2e5f3edb43bc", "1c5e6a11a293501d1bd41d302a7cbde8e8efc67916e4a063a5757f476190c48f", "360e964ae4aaf043ea27780f20ab266bf55470e3d58fa20550c9f2c520823fbe", "42657321367294c31f060614894a0f13b1f38613cf3e013c94a835496e86a537", "45bedf4f08cc21eb94088a7ebd942915d8e3f834d0632cfb9264d92228c8a4f1", "47ea467e5da54049ec9c40d2173a97fb87dae67546faba7dce0631ad88fa3fa9", "47f9eabe7f83bbce4b0d52282ba627f678ecc48604201101f7650ecc72a3b714", "6ceeb2ab8b3d41fb927e0ffdcada6da07cac54124cdb8f0c9de15553a4254af5", "75ed32ca3cc84d402a91fb13088ac3421917d427efb55bf2442b71f6dfd6a398", "7ef5f3c744b456b04c79e14c5923a7cfbc3894f14a473a564d843dce62293b5a", "95528ad474a06ae5c23200fac691561cae115466dd07e7f60cb5e9bf667443f5", "97fc7992ceecb79f0e43c702fc69a564941b9c909ffd422a7af6a8d1c575ffdd", "9f8eaa58bddf52d4ebc3603f00b6b19d76fe5ae486a308ac7d21330486fa0f87", "a23c17fe1c893ac18bcc2d524adc6b8be07ee6ed2277701d2b43a1681ba60a29", "a3a34b395a54043f247e09b8f6656ed66c74c6d02735e49a87e118749a1daa37", "ae08cd70435a6eacc7097babc6c26ecae3484bf8ca73ac1ae4f8078eef69d017", "c3087f4ebef7aa5ac5b209399a4a45e4e5988da2e5124f3967f2b765b736ce6b", "c415ce187918b1d143e3ab99aea5c5db4464cc913baaffeef69ae8813a708486", "c7b65cca4f914602da625cdc2b73f558a9eae8d8868093b34374e86122487c9c", "d092ca0f68c891c6f6a92c70726af55251067c61505c64937c0630281a6aeda8", "d91908bf280f559b2ff54c1a8218d7fe90f9d9a890d80bfb747e47fafae92195", "e334b50021bbd95aaa65afa523105fe8652ff83475cef4de394da01420187a05", "ee96aa3c71a991cf1f87f2eff4db5f6a7f7d44a2f69970b82c8feab31449f64a", "ef90c5171cfd9c48b209ca4ffa40b803c1597aece9defa3c3c56dac3a066cafd"], "ip": "94[.]23[.]84[.]94"}, {"hashes": ["04be2d1165429f6a1fc8217db32e549eeeb54983aa4c44f26e1147d054d954e1", "0672e260b9febfd47b8536c8cd17866dc5cad82fbd9acf6778225c69617f8df4", "161dd94d902139168107ee72aa66fc2bb00ecbe72a9ea3a2645a2e5f3edb43bc", "1c5e6a11a293501d1bd41d302a7cbde8e8efc67916e4a063a5757f476190c48f", "45bedf4f08cc21eb94088a7ebd942915d8e3f834d0632cfb9264d92228c8a4f1", "47ea467e5da54049ec9c40d2173a97fb87dae67546faba7dce0631ad88fa3fa9", "47f9eabe7f83bbce4b0d52282ba627f678ecc48604201101f7650ecc72a3b714", "75ed32ca3cc84d402a91fb13088ac3421917d427efb55bf2442b71f6dfd6a398", "7ef5f3c744b456b04c79e14c5923a7cfbc3894f14a473a564d843dce62293b5a", "92f407eb8a0b4562acd7f1c27c86ed365b37c37bbc2fda343efd0fe22ea73bd1", "9f8eaa58bddf52d4ebc3603f00b6b19d76fe5ae486a308ac7d21330486fa0f87", "a3a34b395a54043f247e09b8f6656ed66c74c6d02735e49a87e118749a1daa37", "ae08cd70435a6eacc7097babc6c26ecae3484bf8ca73ac1ae4f8078eef69d017", "ae622c4057b66fb39cc1a341f50ceaaa7146fe4c1e06d0d6e316547cff821da4", "b114b13753a82d5d8330aea8c16febddd0522f611d656c71364ea2d1a7403a56", "c415ce187918b1d143e3ab99aea5c5db4464cc913baaffeef69ae8813a708486", "d035d109efdd781d1890618914a1281b4d5a53d6fc67179f38b1acb7caedf331", "d092ca0f68c891c6f6a92c70726af55251067c61505c64937c0630281a6aeda8", "d91908bf280f559b2ff54c1a8218d7fe90f9d9a890d80bfb747e47fafae92195", "e334b50021bbd95aaa65afa523105fe8652ff83475cef4de394da01420187a05", "ee96aa3c71a991cf1f87f2eff4db5f6a7f7d44a2f69970b82c8feab31449f64a", "ef1f2c2a59ed193e1642da066d32b639fd810fb2950bbff8bf2fde379213ddc4", "fa542639728c094c868b5689c28d21abcfc535f8b6be37c2aebe24d4d2a602a6", "fe3b45f030a03252dc6724682bb3620906fe41459a870ae0699b3b4abf1b9b14", "fe89c0424531961faa0bbc70a6171467ed0ed881affa7d0f0fe9b1ea670953d9"], "ip": "94[.]32[.]66[.]56"}, {"hashes": ["0672e260b9febfd47b8536c8cd17866dc5cad82fbd9acf6778225c69617f8df4", "13f0e1860121210bdcfd59887053156fee80c0e7e61ad1b2109a3ca027060ef5", "31c10bfe9039675974640b3404fbbdccf660bbef3319ed011766f4e7e2dc6d48", "42657321367294c31f060614894a0f13b1f38613cf3e013c94a835496e86a537", "47ea467e5da54049ec9c40d2173a97fb87dae67546faba7dce0631ad88fa3fa9", "75ed32ca3cc84d402a91fb13088ac3421917d427efb55bf2442b71f6dfd6a398", "7ef5f3c744b456b04c79e14c5923a7cfbc3894f14a473a564d843dce62293b5a", "86497472773d474e05b8ecccc82dfd17d7a4ad6c38e6911d03d6956aedadd49a", "92f407eb8a0b4562acd7f1c27c86ed365b37c37bbc2fda343efd0fe22ea73bd1", "95528ad474a06ae5c23200fac691561cae115466dd07e7f60cb5e9bf667443f5", "97fc7992ceecb79f0e43c702fc69a564941b9c909ffd422a7af6a8d1c575ffdd", "9f8eaa58bddf52d4ebc3603f00b6b19d76fe5ae486a308ac7d21330486fa0f87", "a23c17fe1c893ac18bcc2d524adc6b8be07ee6ed2277701d2b43a1681ba60a29", "ac097abc44ceac4f6f0b6a33e876a76284a9aad676ce924bda277925b3f12bf5", "ae622c4057b66fb39cc1a341f50ceaaa7146fe4c1e06d0d6e316547cff821da4", "b917589fa6394de51e2d957d056a2ad3bbe98008b7c0d80dfc34a9ef899ab7b6", "c3087f4ebef7aa5ac5b209399a4a45e4e5988da2e5124f3967f2b765b736ce6b", "d035d109efdd781d1890618914a1281b4d5a53d6fc67179f38b1acb7caedf331", "d092ca0f68c891c6f6a92c70726af55251067c61505c64937c0630281a6aeda8", "d91908bf280f559b2ff54c1a8218d7fe90f9d9a890d80bfb747e47fafae92195", "ee96aa3c71a991cf1f87f2eff4db5f6a7f7d44a2f69970b82c8feab31449f64a", "fa542639728c094c868b5689c28d21abcfc535f8b6be37c2aebe24d4d2a602a6"], "ip": "177[.]87[.]64[.]25"}, {"hashes": ["34861226330e4af50b8e03f6e9d8457ff1d1c9a7d3eeb1fc930a9f70a315dd54", "360e964ae4aaf043ea27780f20ab266bf55470e3d58fa20550c9f2c520823fbe", "45bedf4f08cc21eb94088a7ebd942915d8e3f834d0632cfb9264d92228c8a4f1", "6ceeb2ab8b3d41fb927e0ffdcada6da07cac54124cdb8f0c9de15553a4254af5", "86497472773d474e05b8ecccc82dfd17d7a4ad6c38e6911d03d6956aedadd49a", "92f407eb8a0b4562acd7f1c27c86ed365b37c37bbc2fda343efd0fe22ea73bd1", "a3a34b395a54043f247e09b8f6656ed66c74c6d02735e49a87e118749a1daa37", "ac097abc44ceac4f6f0b6a33e876a76284a9aad676ce924bda277925b3f12bf5", "ae08cd70435a6eacc7097babc6c26ecae3484bf8ca73ac1ae4f8078eef69d017", "ae622c4057b66fb39cc1a341f50ceaaa7146fe4c1e06d0d6e316547cff821da4", "b114b13753a82d5d8330aea8c16febddd0522f611d656c71364ea2d1a7403a56", "c415ce187918b1d143e3ab99aea5c5db4464cc913baaffeef69ae8813a708486", "e334b50021bbd95aaa65afa523105fe8652ff83475cef4de394da01420187a05", "e518df8e99ed5120dc21b215830872d164c361f772382e17054ad7e1c03b7749", "ee96aa3c71a991cf1f87f2eff4db5f6a7f7d44a2f69970b82c8feab31449f64a", "ef1f2c2a59ed193e1642da066d32b639fd810fb2950bbff8bf2fde379213ddc4", "f98fe265e3d49a10212f8f844677cb71fcbe73dd28fcad5ade1bbdf4a8c5e8cb", "fa542639728c094c868b5689c28d21abcfc535f8b6be37c2aebe24d4d2a602a6", "fa94f3c28c812bdfd6ae0f7d130657ba242227de07d152fa8174a611ab7f70ea", "fe3b45f030a03252dc6724682bb3620906fe41459a870ae0699b3b4abf1b9b14"], "ip": "109[.]169[.]46[.]59"}, {"hashes": ["04be2d1165429f6a1fc8217db32e549eeeb54983aa4c44f26e1147d054d954e1", "13f0e1860121210bdcfd59887053156fee80c0e7e61ad1b2109a3ca027060ef5", "161dd94d902139168107ee72aa66fc2bb00ecbe72a9ea3a2645a2e5f3edb43bc", "1c5e6a11a293501d1bd41d302a7cbde8e8efc67916e4a063a5757f476190c48f", "45bedf4f08cc21eb94088a7ebd942915d8e3f834d0632cfb9264d92228c8a4f1", "47ea467e5da54049ec9c40d2173a97fb87dae67546faba7dce0631ad88fa3fa9", "7ef5f3c744b456b04c79e14c5923a7cfbc3894f14a473a564d843dce62293b5a", "86497472773d474e05b8ecccc82dfd17d7a4ad6c38e6911d03d6956aedadd49a", "95528ad474a06ae5c23200fac691561cae115466dd07e7f60cb5e9bf667443f5", "ae08cd70435a6eacc7097babc6c26ecae3484bf8ca73ac1ae4f8078eef69d017", "ae622c4057b66fb39cc1a341f50ceaaa7146fe4c1e06d0d6e316547cff821da4", "b114b13753a82d5d8330aea8c16febddd0522f611d656c71364ea2d1a7403a56", "c415ce187918b1d143e3ab99aea5c5db4464cc913baaffeef69ae8813a708486", "d91908bf280f559b2ff54c1a8218d7fe90f9d9a890d80bfb747e47fafae92195", "ef1f2c2a59ed193e1642da066d32b639fd810fb2950bbff8bf2fde379213ddc4", "fa542639728c094c868b5689c28d21abcfc535f8b6be37c2aebe24d4d2a602a6", "fa94f3c28c812bdfd6ae0f7d130657ba242227de07d152fa8174a611ab7f70ea", "fe89c0424531961faa0bbc70a6171467ed0ed881affa7d0f0fe9b1ea670953d9"], "ip": "176[.]31[.]110[.]165"}, {"hashes": ["13f0e1860121210bdcfd59887053156fee80c0e7e61ad1b2109a3ca027060ef5", "161dd94d902139168107ee72aa66fc2bb00ecbe72a9ea3a2645a2e5f3edb43bc", "31c10bfe9039675974640b3404fbbdccf660bbef3319ed011766f4e7e2dc6d48", "34861226330e4af50b8e03f6e9d8457ff1d1c9a7d3eeb1fc930a9f70a315dd54", "47ea467e5da54049ec9c40d2173a97fb87dae67546faba7dce0631ad88fa3fa9", "47f9eabe7f83bbce4b0d52282ba627f678ecc48604201101f7650ecc72a3b714", "6ceeb2ab8b3d41fb927e0ffdcada6da07cac54124cdb8f0c9de15553a4254af5", "95528ad474a06ae5c23200fac691561cae115466dd07e7f60cb5e9bf667443f5", "97fc7992ceecb79f0e43c702fc69a564941b9c909ffd422a7af6a8d1c575ffdd", "a23c17fe1c893ac18bcc2d524adc6b8be07ee6ed2277701d2b43a1681ba60a29", "b114b13753a82d5d8330aea8c16febddd0522f611d656c71364ea2d1a7403a56", "e334b50021bbd95aaa65afa523105fe8652ff83475cef4de394da01420187a05", "e518df8e99ed5120dc21b215830872d164c361f772382e17054ad7e1c03b7749", "ef1f2c2a59ed193e1642da066d32b639fd810fb2950bbff8bf2fde379213ddc4", "ef90c5171cfd9c48b209ca4ffa40b803c1597aece9defa3c3c56dac3a066cafd", "f98fe265e3d49a10212f8f844677cb71fcbe73dd28fcad5ade1bbdf4a8c5e8cb"], "ip": "91[.]121[.]98[.]60"}], "mutex": [{"hashes": ["04be2d1165429f6a1fc8217db32e549eeeb54983aa4c44f26e1147d054d954e1", "0672e260b9febfd47b8536c8cd17866dc5cad82fbd9acf6778225c69617f8df4", "13f0e1860121210bdcfd59887053156fee80c0e7e61ad1b2109a3ca027060ef5", "161dd94d902139168107ee72aa66fc2bb00ecbe72a9ea3a2645a2e5f3edb43bc", "1c5e6a11a293501d1bd41d302a7cbde8e8efc67916e4a063a5757f476190c48f", "31c10bfe9039675974640b3404fbbdccf660bbef3319ed011766f4e7e2dc6d48", "34861226330e4af50b8e03f6e9d8457ff1d1c9a7d3eeb1fc930a9f70a315dd54", "360e964ae4aaf043ea27780f20ab266bf55470e3d58fa20550c9f2c520823fbe", "42657321367294c31f060614894a0f13b1f38613cf3e013c94a835496e86a537", "45bedf4f08cc21eb94088a7ebd942915d8e3f834d0632cfb9264d92228c8a4f1", "47ea467e5da54049ec9c40d2173a97fb87dae67546faba7dce0631ad88fa3fa9", "47f9eabe7f83bbce4b0d52282ba627f678ecc48604201101f7650ecc72a3b714", "6ceeb2ab8b3d41fb927e0ffdcada6da07cac54124cdb8f0c9de15553a4254af5", "75ed32ca3cc84d402a91fb13088ac3421917d427efb55bf2442b71f6dfd6a398", "7ef5f3c744b456b04c79e14c5923a7cfbc3894f14a473a564d843dce62293b5a", "86497472773d474e05b8ecccc82dfd17d7a4ad6c38e6911d03d6956aedadd49a", "92f407eb8a0b4562acd7f1c27c86ed365b37c37bbc2fda343efd0fe22ea73bd1", "95528ad474a06ae5c23200fac691561cae115466dd07e7f60cb5e9bf667443f5", "97fc7992ceecb79f0e43c702fc69a564941b9c909ffd422a7af6a8d1c575ffdd", "9f8eaa58bddf52d4ebc3603f00b6b19d76fe5ae486a308ac7d21330486fa0f87", "a23c17fe1c893ac18bcc2d524adc6b8be07ee6ed2277701d2b43a1681ba60a29", "a3a34b395a54043f247e09b8f6656ed66c74c6d02735e49a87e118749a1daa37", "ac097abc44ceac4f6f0b6a33e876a76284a9aad676ce924bda277925b3f12bf5", "ae08cd70435a6eacc7097babc6c26ecae3484bf8ca73ac1ae4f8078eef69d017", "ae622c4057b66fb39cc1a341f50ceaaa7146fe4c1e06d0d6e316547cff821da4", "b114b13753a82d5d8330aea8c16febddd0522f611d656c71364ea2d1a7403a56", "b917589fa6394de51e2d957d056a2ad3bbe98008b7c0d80dfc34a9ef899ab7b6", "c3087f4ebef7aa5ac5b209399a4a45e4e5988da2e5124f3967f2b765b736ce6b", "c415ce187918b1d143e3ab99aea5c5db4464cc913baaffeef69ae8813a708486", "c7b65cca4f914602da625cdc2b73f558a9eae8d8868093b34374e86122487c9c", "d035d109efdd781d1890618914a1281b4d5a53d6fc67179f38b1acb7caedf331", "d092ca0f68c891c6f6a92c70726af55251067c61505c64937c0630281a6aeda8", "d91908bf280f559b2ff54c1a8218d7fe90f9d9a890d80bfb747e47fafae92195", "e334b50021bbd95aaa65afa523105fe8652ff83475cef4de394da01420187a05", "e518df8e99ed5120dc21b215830872d164c361f772382e17054ad7e1c03b7749", "ee96aa3c71a991cf1f87f2eff4db5f6a7f7d44a2f69970b82c8feab31449f64a", "ef1f2c2a59ed193e1642da066d32b639fd810fb2950bbff8bf2fde379213ddc4", "ef90c5171cfd9c48b209ca4ffa40b803c1597aece9defa3c3c56dac3a066cafd", "f98fe265e3d49a10212f8f844677cb71fcbe73dd28fcad5ade1bbdf4a8c5e8cb", "fa542639728c094c868b5689c28d21abcfc535f8b6be37c2aebe24d4d2a602a6", "fa94f3c28c812bdfd6ae0f7d130657ba242227de07d152fa8174a611ab7f70ea", "fe3b45f030a03252dc6724682bb3620906fe41459a870ae0699b3b4abf1b9b14", "fe89c0424531961faa0bbc70a6171467ed0ed881affa7d0f0fe9b1ea670953d9"], "name": "2GVWNQJz1"}], "registry": [{"hashes": ["04be2d1165429f6a1fc8217db32e549eeeb54983aa4c44f26e1147d054d954e1", "0672e260b9febfd47b8536c8cd17866dc5cad82fbd9acf6778225c69617f8df4", "13f0e1860121210bdcfd59887053156fee80c0e7e61ad1b2109a3ca027060ef5", "161dd94d902139168107ee72aa66fc2bb00ecbe72a9ea3a2645a2e5f3edb43bc", "1c5e6a11a293501d1bd41d302a7cbde8e8efc67916e4a063a5757f476190c48f", "31c10bfe9039675974640b3404fbbdccf660bbef3319ed011766f4e7e2dc6d48", "34861226330e4af50b8e03f6e9d8457ff1d1c9a7d3eeb1fc930a9f70a315dd54", "360e964ae4aaf043ea27780f20ab266bf55470e3d58fa20550c9f2c520823fbe", "42657321367294c31f060614894a0f13b1f38613cf3e013c94a835496e86a537", "45bedf4f08cc21eb94088a7ebd942915d8e3f834d0632cfb9264d92228c8a4f1", "47ea467e5da54049ec9c40d2173a97fb87dae67546faba7dce0631ad88fa3fa9", "47f9eabe7f83bbce4b0d52282ba627f678ecc48604201101f7650ecc72a3b714", "6ceeb2ab8b3d41fb927e0ffdcada6da07cac54124cdb8f0c9de15553a4254af5", "75ed32ca3cc84d402a91fb13088ac3421917d427efb55bf2442b71f6dfd6a398", "7ef5f3c744b456b04c79e14c5923a7cfbc3894f14a473a564d843dce62293b5a", "86497472773d474e05b8ecccc82dfd17d7a4ad6c38e6911d03d6956aedadd49a", "92f407eb8a0b4562acd7f1c27c86ed365b37c37bbc2fda343efd0fe22ea73bd1", "95528ad474a06ae5c23200fac691561cae115466dd07e7f60cb5e9bf667443f5", "97fc7992ceecb79f0e43c702fc69a564941b9c909ffd422a7af6a8d1c575ffdd", "9f8eaa58bddf52d4ebc3603f00b6b19d76fe5ae486a308ac7d21330486fa0f87", "a23c17fe1c893ac18bcc2d524adc6b8be07ee6ed2277701d2b43a1681ba60a29", "a3a34b395a54043f247e09b8f6656ed66c74c6d02735e49a87e118749a1daa37", "ac097abc44ceac4f6f0b6a33e876a76284a9aad676ce924bda277925b3f12bf5", "ae08cd70435a6eacc7097babc6c26ecae3484bf8ca73ac1ae4f8078eef69d017", "ae622c4057b66fb39cc1a341f50ceaaa7146fe4c1e06d0d6e316547cff821da4", "b114b13753a82d5d8330aea8c16febddd0522f611d656c71364ea2d1a7403a56", "b917589fa6394de51e2d957d056a2ad3bbe98008b7c0d80dfc34a9ef899ab7b6", "c3087f4ebef7aa5ac5b209399a4a45e4e5988da2e5124f3967f2b765b736ce6b", "c415ce187918b1d143e3ab99aea5c5db4464cc913baaffeef69ae8813a708486", "c7b65cca4f914602da625cdc2b73f558a9eae8d8868093b34374e86122487c9c", "d035d109efdd781d1890618914a1281b4d5a53d6fc67179f38b1acb7caedf331", "d092ca0f68c891c6f6a92c70726af55251067c61505c64937c0630281a6aeda8", "d91908bf280f559b2ff54c1a8218d7fe90f9d9a890d80bfb747e47fafae92195", "e334b50021bbd95aaa65afa523105fe8652ff83475cef4de394da01420187a05", "e518df8e99ed5120dc21b215830872d164c361f772382e17054ad7e1c03b7749", "ee96aa3c71a991cf1f87f2eff4db5f6a7f7d44a2f69970b82c8feab31449f64a", "ef1f2c2a59ed193e1642da066d32b639fd810fb2950bbff8bf2fde379213ddc4", "ef90c5171cfd9c48b209ca4ffa40b803c1597aece9defa3c3c56dac3a066cafd", "f98fe265e3d49a10212f8f844677cb71fcbe73dd28fcad5ade1bbdf4a8c5e8cb", "fa542639728c094c868b5689c28d21abcfc535f8b6be37c2aebe24d4d2a602a6", "fa94f3c28c812bdfd6ae0f7d130657ba242227de07d152fa8174a611ab7f70ea", "fe3b45f030a03252dc6724682bb3620906fe41459a870ae0699b3b4abf1b9b14", "fe89c0424531961faa0bbc70a6171467ed0ed881affa7d0f0fe9b1ea670953d9"], "key": "<HKCU>\\SOFTWARE\\<random, matching '[a-zA-Z0-9]{5,9}'>", "value_name": null}, {"hashes": ["86497472773d474e05b8ecccc82dfd17d7a4ad6c38e6911d03d6956aedadd49a"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "ewdtednn"}, {"hashes": ["9f8eaa58bddf52d4ebc3603f00b6b19d76fe5ae486a308ac7d21330486fa0f87"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "kfgsdpdv"}, {"hashes": ["c415ce187918b1d143e3ab99aea5c5db4464cc913baaffeef69ae8813a708486"], "key": "<HKCU>\\SOFTWARE\\XLWVBVLN", "value_name": "xtxmwque"}, {"hashes": ["ae622c4057b66fb39cc1a341f50ceaaa7146fe4c1e06d0d6e316547cff821da4"], "key": "<HKCU>\\SOFTWARE\\ERIUEKCR", "value_name": "dwpjqlpa"}, {"hashes": ["6ceeb2ab8b3d41fb927e0ffdcada6da07cac54124cdb8f0c9de15553a4254af5"], "key": "<HKCU>\\SOFTWARE\\FKGDWLFC", "value_name": "btcgqtxv"}, {"hashes": ["c415ce187918b1d143e3ab99aea5c5db4464cc913baaffeef69ae8813a708486"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "pwjcpvtg"}, {"hashes": ["47f9eabe7f83bbce4b0d52282ba627f678ecc48604201101f7650ecc72a3b714"], "key": "<HKCU>\\SOFTWARE\\TRDDWSJW", "value_name": "hkwogctf"}, {"hashes": ["ae622c4057b66fb39cc1a341f50ceaaa7146fe4c1e06d0d6e316547cff821da4"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "lwrnfwdh"}, {"hashes": ["6ceeb2ab8b3d41fb927e0ffdcada6da07cac54124cdb8f0c9de15553a4254af5"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "btomjvqp"}, {"hashes": ["c3087f4ebef7aa5ac5b209399a4a45e4e5988da2e5124f3967f2b765b736ce6b"], "key": "<HKCU>\\SOFTWARE\\BUGITDDP", "value_name": "txxsdgjg"}, {"hashes": ["47f9eabe7f83bbce4b0d52282ba627f678ecc48604201101f7650ecc72a3b714"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "doviudox"}, {"hashes": ["c3087f4ebef7aa5ac5b209399a4a45e4e5988da2e5124f3967f2b765b736ce6b"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "tuqsrtec"}, {"hashes": ["fe89c0424531961faa0bbc70a6171467ed0ed881affa7d0f0fe9b1ea670953d9"], "key": "<HKCU>\\SOFTWARE\\EOBOTIUK", "value_name": "ulgvwopi"}, {"hashes": ["97fc7992ceecb79f0e43c702fc69a564941b9c909ffd422a7af6a8d1c575ffdd"], "key": "<HKCU>\\SOFTWARE\\PILXJFXK", "value_name": "ktkriwfo"}, {"hashes": ["fa94f3c28c812bdfd6ae0f7d130657ba242227de07d152fa8174a611ab7f70ea"], "key": "<HKCU>\\SOFTWARE\\IDCCIMKF", "value_name": "tmumianw"}, {"hashes": ["fe89c0424531961faa0bbc70a6171467ed0ed881affa7d0f0fe9b1ea670953d9"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "lwkqralw"}, {"hashes": ["97fc7992ceecb79f0e43c702fc69a564941b9c909ffd422a7af6a8d1c575ffdd"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "vuemrbob"}, {"hashes": ["fa94f3c28c812bdfd6ae0f7d130657ba242227de07d152fa8174a611ab7f70ea"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "rssaalxp"}, {"hashes": ["ee96aa3c71a991cf1f87f2eff4db5f6a7f7d44a2f69970b82c8feab31449f64a"], "key": "<HKCU>\\SOFTWARE\\EFOKESHU", "value_name": "xulsnjws"}, {"hashes": ["ee96aa3c71a991cf1f87f2eff4db5f6a7f7d44a2f69970b82c8feab31449f64a"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "fllgmrwq"}, {"hashes": ["ef1f2c2a59ed193e1642da066d32b639fd810fb2950bbff8bf2fde379213ddc4"], "key": "<HKCU>\\SOFTWARE\\GIEJFQCE", "value_name": "iuqwifxx"}, {"hashes": ["ef1f2c2a59ed193e1642da066d32b639fd810fb2950bbff8bf2fde379213ddc4"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "toqdahjd"}, {"hashes": ["92f407eb8a0b4562acd7f1c27c86ed365b37c37bbc2fda343efd0fe22ea73bd1"], "key": "<HKCU>\\SOFTWARE\\ELNQDQUF", "value_name": "uhvnsbhc"}, {"hashes": ["92f407eb8a0b4562acd7f1c27c86ed365b37c37bbc2fda343efd0fe22ea73bd1"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "vtjkaseh"}, {"hashes": ["fe3b45f030a03252dc6724682bb3620906fe41459a870ae0699b3b4abf1b9b14"], "key": "<HKCU>\\SOFTWARE\\FGAKVLJI", "value_name": "ndviueux"}, {"hashes": ["c7b65cca4f914602da625cdc2b73f558a9eae8d8868093b34374e86122487c9c"], "key": "<HKCU>\\SOFTWARE\\MGGRHVLS", "value_name": "nqubmqqa"}, {"hashes": ["fe3b45f030a03252dc6724682bb3620906fe41459a870ae0699b3b4abf1b9b14"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "ttxmgajl"}, {"hashes": ["c7b65cca4f914602da625cdc2b73f558a9eae8d8868093b34374e86122487c9c"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "qgpotmni"}, {"hashes": ["f98fe265e3d49a10212f8f844677cb71fcbe73dd28fcad5ade1bbdf4a8c5e8cb"], "key": "<HKCU>\\SOFTWARE\\PPQVOQTP", "value_name": "fspllxxp"}, {"hashes": ["0672e260b9febfd47b8536c8cd17866dc5cad82fbd9acf6778225c69617f8df4"], "key": "<HKCU>\\SOFTWARE\\GDOQEVIE", "value_name": "mbrkrmaj"}, {"hashes": ["f98fe265e3d49a10212f8f844677cb71fcbe73dd28fcad5ade1bbdf4a8c5e8cb"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "abniafde"}, {"hashes": ["0672e260b9febfd47b8536c8cd17866dc5cad82fbd9acf6778225c69617f8df4"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "lxwktfho"}, {"hashes": ["b114b13753a82d5d8330aea8c16febddd0522f611d656c71364ea2d1a7403a56"], "key": "<HKCU>\\SOFTWARE\\BNMBMHAM", "value_name": "dukjeklm"}, {"hashes": ["ac097abc44ceac4f6f0b6a33e876a76284a9aad676ce924bda277925b3f12bf5"], "key": "<HKCU>\\SOFTWARE\\IRHXBTBC", "value_name": "fohvpwdq"}, {"hashes": ["b114b13753a82d5d8330aea8c16febddd0522f611d656c71364ea2d1a7403a56"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "lxpvljfd"}, {"hashes": ["ac097abc44ceac4f6f0b6a33e876a76284a9aad676ce924bda277925b3f12bf5"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "ojspwsvf"}, {"hashes": ["e334b50021bbd95aaa65afa523105fe8652ff83475cef4de394da01420187a05"], "key": "<HKCU>\\SOFTWARE\\QQLINHFT", "value_name": "tghfkpfq"}, {"hashes": ["d035d109efdd781d1890618914a1281b4d5a53d6fc67179f38b1acb7caedf331"], "key": "<HKCU>\\SOFTWARE\\GDVAPEPP", "value_name": "ihsnwfvi"}, {"hashes": ["ef90c5171cfd9c48b209ca4ffa40b803c1597aece9defa3c3c56dac3a066cafd"], "key": "<HKCU>\\SOFTWARE\\WUKHPXSA", "value_name": "wlurnovk"}, {"hashes": ["e334b50021bbd95aaa65afa523105fe8652ff83475cef4de394da01420187a05"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "mavbfgfo"}, {"hashes": ["d035d109efdd781d1890618914a1281b4d5a53d6fc67179f38b1acb7caedf331"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "hxgarlne"}, {"hashes": ["ef90c5171cfd9c48b209ca4ffa40b803c1597aece9defa3c3c56dac3a066cafd"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "oxgasvxs"}, {"hashes": ["fa542639728c094c868b5689c28d21abcfc535f8b6be37c2aebe24d4d2a602a6"], "key": "<HKCU>\\SOFTWARE\\PNPUBVIB", "value_name": "vfeaqwqp"}, {"hashes": ["fa542639728c094c868b5689c28d21abcfc535f8b6be37c2aebe24d4d2a602a6"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "okqwwvhf"}, {"hashes": ["d092ca0f68c891c6f6a92c70726af55251067c61505c64937c0630281a6aeda8"], "key": "<HKCU>\\SOFTWARE\\VTWMCTBA", "value_name": "xwajijuf"}, {"hashes": ["d092ca0f68c891c6f6a92c70726af55251067c61505c64937c0630281a6aeda8"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "btclgwql"}, {"hashes": ["d91908bf280f559b2ff54c1a8218d7fe90f9d9a890d80bfb747e47fafae92195"], "key": "<HKCU>\\SOFTWARE\\JFVOSROT", "value_name": "vkotfxxk"}, {"hashes": ["d91908bf280f559b2ff54c1a8218d7fe90f9d9a890d80bfb747e47fafae92195"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "fqxwdfdn"}]}, "reports_count": 43}, "Win.Dropper.Tofsee-10004548-0": {"bis": [{"bi": "pe-encrypted-section", "hashes": ["4a69cb97a79e0847fb09982fe2f1a882c8747bd31e35d7d5cdadd4c10abce623", "0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "pe-invalid-checksum", "hashes": ["4a69cb97a79e0847fb09982fe2f1a882c8747bd31e35d7d5cdadd4c10abce623", "0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "mitre_attack_tags": []}, {"bi": "imports-IsDebuggerPresent", "hashes": ["4a69cb97a79e0847fb09982fe2f1a882c8747bd31e35d7d5cdadd4c10abce623", "0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "mitre_attack_tags": ["TA0005", "TA0007"]}, {"bi": "memory-execute-readwrite", "hashes": ["0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "modified-executable", "hashes": ["0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "mitre_attack_tags": []}, {"bi": "created-executable-in-user-dir", "hashes": ["0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "mitre_attack_tags": []}, {"bi": "modified-file-in-user-dir", "hashes": ["0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "mitre_attack_tags": []}, {"bi": "network-opendns-malicious", "hashes": ["0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "mitre_attack_tags": []}, {"bi": "registry-service-with-autostart-created", "hashes": ["0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "mitre_attack_tags": ["TA0005", "TA0003", "TA0004", "T1112", "T1574"]}, {"bi": "currentcontrolset-service-added", "hashes": ["0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "mitre_attack_tags": ["TA0002", "TA0003", "TA0004", "T1569", "T1547"]}, {"bi": "process-long-cmdline", "hashes": ["0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "network-fast-flux-domain", "hashes": ["0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "mitre_attack_tags": []}, {"bi": "network-fast-flux-nameserver", "hashes": ["0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "mitre_attack_tags": []}, {"bi": "network-communications-smtp", "hashes": ["0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "mitre_attack_tags": ["TA0011", "T1071"]}, {"bi": "dns-query-nxdomain", "hashes": ["0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "mitre_attack_tags": []}, {"bi": "network-smtp-spambot", "hashes": ["0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "mitre_attack_tags": []}, {"bi": "network-only-safe-domains-contacted", "hashes": ["0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "mitre_attack_tags": []}, {"bi": "feed-domain-rat", "hashes": ["0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "mitre_attack_tags": []}, {"bi": "process-requested-named-pipe", "hashes": ["0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "excessive-foreign-memory-modification", "hashes": ["0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "deleted-submitted-file", "hashes": ["0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "mitre_attack_tags": ["TA0005"]}, {"bi": "process-svchost-suspicious-launch", "hashes": ["0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "mitre_attack_tags": ["TA0005", "T1036"]}, {"bi": "altered-sample-dns-flagged", "hashes": ["0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "mitre_attack_tags": ["TA0011", "T1102"]}, {"bi": "cmd-exe-file-execution", "hashes": ["0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "mitre_attack_tags": ["TA0002", "T1059"]}, {"bi": "network-dns-category-cnc", "hashes": ["0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "mitre_attack_tags": ["TA0011"]}, {"bi": "sc-service-start", "hashes": ["0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "mitre_attack_tags": ["TA0002", "TA0003", "TA0004", "T1569", "T1543"]}, {"bi": "netbios-null-domain", "hashes": ["0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "mitre_attack_tags": []}, {"bi": "file-alternate-data-stream-modification", "hashes": ["0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "mitre_attack_tags": ["TA0005", "T1564"]}, {"bi": "malware-tofsee-cmd-detected", "hashes": ["0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "mitre_attack_tags": ["TA0005", "T1562"]}, {"bi": "netsh-firewall-generic", "hashes": ["0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "mitre_attack_tags": ["TA0007", "TA0005", "T1016", "T1562"]}, {"bi": "sc-service-create", "hashes": ["0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "mitre_attack_tags": ["TA0003", "TA0004", "T1543"]}, {"bi": "file-alternate-data-stream-creation", "hashes": ["0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "mitre_attack_tags": ["TA0005", "T1564"]}, {"bi": "registry-windows-defender-exclusions-added", "hashes": ["0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "mitre_attack_tags": ["TA0005", "T1562"]}, {"bi": "dns-bypassed-assigned-server", "hashes": ["0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "mitre_attack_tags": ["TA0011", "TA0005"]}, {"bi": "netsh-firewall-add", "hashes": ["0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "mitre_attack_tags": ["TA0005", "T1562"]}, {"bi": "sc-service-create-execute", "hashes": ["0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "mitre_attack_tags": ["TA0002", "TA0003", "TA0004", "T1569", "T1543"]}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d"], "mitre_attack_tags": []}, {"bi": "feed-domain-antivirus-service", "hashes": ["0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d"], "mitre_attack_tags": []}, {"bi": "network-communications-http-get", "hashes": ["55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d"], "mitre_attack_tags": ["TA0011", "T1105"]}, {"bi": "network-dns-category-file-storage", "hashes": ["55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d"], "mitre_attack_tags": []}, {"bi": "listening-port-opened", "hashes": ["55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d"], "mitre_attack_tags": ["TA0011", "T1219"]}, {"bi": "localhost-ipaddress-detected", "hashes": ["55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d"], "mitre_attack_tags": []}, {"bi": "registry-large-data-entry", "hashes": ["55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d"], "mitre_attack_tags": ["TA0005", "T1112"]}, {"bi": "malware-tofsee-domain-detected", "hashes": ["55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d"], "mitre_attack_tags": []}, {"bi": "malware-tofsee-filepath", "hashes": ["55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d"], "mitre_attack_tags": ["TA0011", "TA0005", "T1105", "T1112"]}, {"bi": "zen-spamhaus-domain-contacted", "hashes": ["55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d"], "mitre_attack_tags": ["TA0005", "TA0007", "T1497"]}, {"bi": "dns-excessive-domain-queries", "hashes": ["55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d"], "mitre_attack_tags": ["TA0011", "T1008"]}, {"bi": "network-file-uploaded", "hashes": ["9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50"], "mitre_attack_tags": ["TA0010", "T1011"]}, {"bi": "network-communications-http-post", "hashes": ["9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50"], "mitre_attack_tags": ["TA0010", "T1048"]}, {"bi": "network-snort-server", "hashes": ["9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55"], "mitre_attack_tags": []}, {"bi": "nginx-webserver-detected", "hashes": ["fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d"], "mitre_attack_tags": []}, {"bi": "network-http-numeric-ip", "hashes": ["fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d"], "mitre_attack_tags": ["TA0011", "T1071"]}, {"bi": "suspicious-user-agent", "hashes": ["fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d"], "mitre_attack_tags": ["TA0011", "T1071"]}, {"bi": "double-url-detected", "hashes": ["9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50"], "mitre_attack_tags": ["TA0011", "T1102"]}, {"bi": "url-not-found", "hashes": ["fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50"], "mitre_attack_tags": []}, {"bi": "http-response-server-error", "hashes": ["fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50"], "mitre_attack_tags": []}, {"bi": "windows-utility-downloaded-artifact", "hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d"], "mitre_attack_tags": ["TA0011", "T1105"]}, {"bi": "network-smtp-spambot-v2", "hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d"], "mitre_attack_tags": []}, {"bi": "network-smtp-attachment", "hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d"], "mitre_attack_tags": ["TA0010", "T1011"]}, {"bi": "eml-mismatched-name-from-header", "hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d"], "mitre_attack_tags": ["TA0001", "T1566"]}, {"bi": "http-response-redirect", "hashes": ["9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "mitre_attack_tags": []}, {"bi": "network-snort-policy", "hashes": ["e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55"], "mitre_attack_tags": []}, {"bi": "network-snort-indicator-shellcode", "hashes": ["07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d"], "mitre_attack_tags": []}, {"bi": "html-small-file-redirect", "hashes": ["9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05"], "mitre_attack_tags": []}, {"bi": "network-snort-sensitive-data", "hashes": ["d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d"], "mitre_attack_tags": []}, {"bi": "network-snort-file-generic", "hashes": ["d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d"], "mitre_attack_tags": []}], "category": "Dropper", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": true, "Threat Grid": true, "Umbrella": true, "WSA": true}, "description": "Tofsee is multi-purpose malware that features a number of modules used to carry out various activities such as sending spam messages, conducting click fraud, mining cryptocurrency, and more. Infected systems become part of the Tofsee spam botnet and send large volumes of spam messages to infect additional systems and increase the size of the botnet under the operator's control.", "hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4a69cb97a79e0847fb09982fe2f1a882c8747bd31e35d7d5cdadd4c10abce623", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "iocs": {"domain": [{"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "host": "microsoft-com[.]mail[.]protection[.]outlook[.]com"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "host": "microsoft[.]com"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "host": "vanaheim[.]cn"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "host": "249[.]5[.]55[.]69[.]bl[.]spamcop[.]net"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "host": "249[.]5[.]55[.]69[.]cbl[.]abuseat[.]org"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "host": "249[.]5[.]55[.]69[.]dnsbl[.]sorbs[.]net"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "host": "249[.]5[.]55[.]69[.]in-addr[.]arpa"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "host": "249[.]5[.]55[.]69[.]sbl-xbl[.]spamhaus[.]org"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "host": "249[.]5[.]55[.]69[.]zen[.]spamhaus[.]org"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "host": "i[.]instagram[.]com"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "host": "www[.]google[.]com"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "host": "www[.]instagram[.]com"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "host": "api[.]youla[.]io"}, {"hashes": ["4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "host": "identity[.]bitwarden[.]com"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b"], "host": "login[.]szn[.]cz"}, {"hashes": ["06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "host": "78[.]192[.]203[.]91[.]in-addr[.]arpa"}, {"hashes": ["07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "host": "api[.]debank[.]com"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b"], "host": "www[.]google[.]de"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b"], "host": "api[.]twitter[.]com"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b"], "host": "imap[.]gmx[.]net"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b"], "host": "in-jsproxy[.]globh[.]com"}, {"hashes": ["395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d"], "host": "www[.]bing[.]com"}, {"hashes": ["e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55"], "host": "www[.]yahoo[.]com"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a"], "host": "twitter[.]com"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05"], "host": "www[.]google[.]co[.]nz"}, {"hashes": ["e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55"], "host": "login[.]web[.]de"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50"], "host": "ip[.]bablosoft[.]com"}, {"hashes": ["395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05"], "host": "t[.]me"}, {"hashes": ["e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55"], "host": "guce[.]yahoo[.]com"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b"], "host": "steamcommunity[.]com"}, {"hashes": ["07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d"], "host": "mail[.]shimediwear[.]com"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d"], "host": "cv-h[.]phncdn[.]com"}, {"hashes": ["07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50"], "host": "slp4it[.]net"}, {"hashes": ["e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b"], "host": "imap[.]tds[.]net"}, {"hashes": ["fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "host": "app[.]cine-soir[.]com"}, {"hashes": ["e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b"], "host": "ramsescom[.]com"}, {"hashes": ["e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b"], "host": "rsistemadelivery[.]com[.]br"}, {"hashes": ["e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b"], "host": "mail[.]nikeshoesoutletforsale[.]com"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d"], "host": "guiarede[.]com[.]br"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d"], "host": "mail[.]clio[.]ne[.]jp"}, {"hashes": ["3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1"], "host": "m[.]genybet[.]fr"}, {"hashes": ["07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50"], "host": "www[.]tantalinha[.]com"}, {"hashes": ["07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50"], "host": "kaitesipsych[.]com"}, {"hashes": ["9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05"], "host": "marianiregina[.]adv[.]br"}, {"hashes": ["fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "host": "afrimlab[.]com"}, {"hashes": ["d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d"], "host": "spaetec[.]com"}, {"hashes": ["55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a"], "host": "wallet-api[.]moonstake[.]io"}, {"hashes": ["55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a"], "host": "scalosllanos[.]es"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d"], "host": "bulamah[.]com[.]br"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d"], "host": "etahub[.]com"}], "file": [{"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "path": "%SystemRoot%\\SysWOW64\\config\\systemprofile"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "path": "%SystemRoot%\\SysWOW64\\config\\systemprofile:.repos"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "path": "%SystemRoot%\\SysWOW64\\<random, matching '[a-z]{8}'>"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "path": "%TEMP%\\<random, matching '[a-z]{8}'>.exe"}, {"hashes": ["f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "path": "%TEMP%\\yhnywld.exe"}, {"hashes": ["e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b"], "path": "%TEMP%\\jsyjhwo.exe"}], "ip": [{"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "ip": "91[.]203[.]192[.]78"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "ip": "80[.]66[.]75[.]254"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "ip": "31[.]13[.]65[.]52"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "ip": "176[.]113[.]115[.]136"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "ip": "80[.]66[.]75[.]4"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "ip": "176[.]113[.]115[.]239"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "ip": "176[.]113[.]115[.]135"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "ip": "45[.]143[.]201[.]238"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "ip": "176[.]113[.]115[.]84"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "ip": "31[.]13[.]65[.]174"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "ip": "142[.]250[.]176[.]196"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "ip": "157[.]240[.]205[.]63"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "ip": "5[.]61[.]236[.]235"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55"], "ip": "34[.]117[.]59[.]81"}, {"hashes": ["0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "ip": "20[.]84[.]181[.]62"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b"], "ip": "77[.]75[.]78[.]104"}, {"hashes": ["19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55"], "ip": "104[.]47[.]53[.]36"}, {"hashes": ["06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "ip": "20[.]112[.]52[.]29"}, {"hashes": ["d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "ip": "104[.]18[.]12[.]33"}, {"hashes": ["4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b"], "ip": "104[.]18[.]13[.]33"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "ip": "93[.]115[.]25[.]10"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b"], "ip": "212[.]227[.]17[.]186"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "ip": "104[.]47[.]54[.]36"}, {"hashes": ["3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b"], "ip": "104[.]16[.]120[.]50"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b"], "ip": "142[.]251[.]40[.]131"}, {"hashes": ["19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b"], "ip": "20[.]81[.]111[.]85"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b"], "ip": "20[.]44[.]209[.]209"}, {"hashes": ["3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b"], "ip": "40[.]93[.]207[.]5"}, {"hashes": ["06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "ip": "40[.]93[.]207[.]7"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "ip": "93[.]115[.]25[.]49"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b"], "ip": "93[.]115[.]25[.]13"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d"], "ip": "93[.]115[.]25[.]73"}, {"hashes": ["07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55"], "ip": "142[.]250[.]179[.]196"}, {"hashes": ["55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "ip": "13[.]224[.]214[.]68"}, {"hashes": ["e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55"], "ip": "66[.]218[.]84[.]137"}, {"hashes": ["395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05"], "ip": "149[.]154[.]167[.]99"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50"], "ip": "142[.]93[.]136[.]142"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50"], "ip": "104[.]244[.]42[.]66"}, {"hashes": ["07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2"], "ip": "40[.]93[.]207[.]1"}, {"hashes": ["395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a"], "ip": "142[.]251[.]41[.]3"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05"], "ip": "142[.]251[.]40[.]99"}, {"hashes": ["07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81"], "ip": "20[.]53[.]203[.]50"}, {"hashes": ["3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b"], "ip": "104[.]127[.]87[.]210"}, {"hashes": ["55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "ip": "13[.]224[.]214[.]80"}, {"hashes": ["07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d"], "ip": "93[.]115[.]25[.]110"}, {"hashes": ["07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d"], "ip": "162[.]241[.]123[.]39"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d"], "ip": "66[.]254[.]114[.]62"}, {"hashes": ["e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b"], "ip": "142[.]250[.]179[.]164"}, {"hashes": ["e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b"], "ip": "54[.]242[.]188[.]126"}, {"hashes": ["e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b"], "ip": "77[.]75[.]79[.]90"}], "mutex": [], "registry": [{"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "key": "<HKU>\\.DEFAULT\\CONTROL PANEL\\BUSES", "value_name": null}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\<random, matching '[A-Z0-9]{8}'>", "value_name": null}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\<random, matching '[A-Z0-9]{8}'>", "value_name": "Type"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\<random, matching '[A-Z0-9]{8}'>", "value_name": "Start"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\<random, matching '[A-Z0-9]{8}'>", "value_name": "ErrorControl"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\<random, matching '[A-Z0-9]{8}'>", "value_name": "DisplayName"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\<random, matching '[A-Z0-9]{8}'>", "value_name": "WOW64"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\<random, matching '[A-Z0-9]{8}'>", "value_name": "ObjectName"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\<random, matching '[A-Z0-9]{8}'>", "value_name": "Description"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "key": "<HKU>\\.DEFAULT\\CONTROL PANEL\\BUSES", "value_name": "Config0"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "key": "<HKU>\\.DEFAULT\\CONTROL PANEL\\BUSES", "value_name": "Config1"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "key": "<HKU>\\.DEFAULT\\CONTROL PANEL\\BUSES", "value_name": "Config2"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d", "06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2", "19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a", "9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d", "e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55", "f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\<random, matching '[A-Z0-9]{8}'>", "value_name": "ImagePath"}, {"hashes": ["07d4da3a27188a788540f90c842de1d2bb6afb225c1a7d131a54e40bf511fd50", "3a94a34b9a894ae78e3b3ecd80696c38d4365586ec04fb3b11792d3bd50b32e1", "ea1e4c113df6a534213ddd95745d5d39b9064cd80dbe9f8c0f5164e14cf83d55"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS DEFENDER\\EXCLUSIONS\\PATHS", "value_name": "C:\\Windows\\SysWOW64\\scezvnmi"}, {"hashes": ["19b0a306ef0d0410815f39e2276bd5ae2ca123229b7c542fd3b72d457dffcd44", "fc98619ec7847e749b3865dec97103f7a6f2eccbd0af1b5f9172e39ef183d139"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS DEFENDER\\EXCLUSIONS\\PATHS", "value_name": "C:\\Windows\\SysWOW64\\kuwrnfea"}, {"hashes": ["4bcb95f3d5f545d546036460b6738428a9ed2b29b0ef47a9dcef958e8481ef81", "d92be544ba54da794f253b8341715b09c2fa1b79e90492ab30ab3fad0108457d"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS DEFENDER\\EXCLUSIONS\\PATHS", "value_name": "C:\\Windows\\SysWOW64\\tdfawonj"}, {"hashes": ["06e591c1937a87cf3cb761600917baec71b79e735d4f709b61de0e498d3e341d", "55d72870eb0c4f64fa1c586856e93a470718497a5145e4c73407e55656968b5a"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS DEFENDER\\EXCLUSIONS\\PATHS", "value_name": "C:\\Windows\\SysWOW64\\qacxtlkg"}, {"hashes": ["395f1e0d90a33b3ae5a53e6c3681dc78ee92049f47fb0730e7125b0d8c864e3a"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS DEFENDER\\EXCLUSIONS\\PATHS", "value_name": "C:\\Windows\\SysWOW64\\isupldcy"}, {"hashes": ["e69ab82896844467cb51d5f4e374eda1c27424062830dcbb7bd040e6bfb4e13b"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS DEFENDER\\EXCLUSIONS\\PATHS", "value_name": "C:\\Windows\\SysWOW64\\wgidzrqm"}, {"hashes": ["044c17fc7e490ab96ab3dccf6175835de270084d56655f52ec151d4401620d0d"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS DEFENDER\\EXCLUSIONS\\PATHS", "value_name": "C:\\Windows\\SysWOW64\\pzbwskjf"}, {"hashes": ["f99c02ea4c0ffa3c2d792df9a040fe3deabafb56cae22d0995116f962037c587"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS DEFENDER\\EXCLUSIONS\\PATHS", "value_name": "C:\\Windows\\SysWOW64\\cmojfxws"}, {"hashes": ["9ed0459acce7f212e4a05c8dab6924927c070985ac2290501744868fbebb0a05"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS DEFENDER\\EXCLUSIONS\\PATHS", "value_name": "C:\\Windows\\SysWOW64\\dnpkgyxt"}, {"hashes": ["0cb53f5d3a4a05fb3194456f40cbe544d5756a472a8309baa3e057ec05a67bf2"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS DEFENDER\\EXCLUSIONS\\PATHS", "value_name": "C:\\Windows\\SysWOW64\\lvxsogfb"}]}, "reports_count": 16}, "Win.Dropper.XtremeRAT-10004704-1": {"bis": [{"bi": "pe-encrypted-section", "hashes": ["bcc11d1f898b2747579fe559497a83872a62c4ea2dd264b5149b86e41306ab0f", "3c8dccb3be508a396735bbc358cd002a8d9b064429d1d5ceee153ded6f67132b", "3876228e644d8117295f156ae0e3bc71ea821806301e48f3d81d0fe3835af68e", "b856a0ffda82e57693282206de21373d1628ec70326b84ff8f0930cc2f4a51be", "9d7bee885e6c6182d7615e375cc5c27a2f926f5d38b8c50dc46f359fb15f57e4", "7c366012bb68cd70ca388426bd9de1bb61385d6842357bc6e76d868b1e930f39", "868f2651415676ed612a62774f40f2ef3cbd2b3eec34ab279ddcefb5a335e680", "f40eb3e9eb7c09a4bf83dded46a98fb11e134dd38662c4e61151067f18a5bc1c", "373af591f388320bc53b81a7b272480cf9f64e63879bcdc726fd68350eb2a679", "682ff093d570a76206a45da68991ccfddb4a080cbdaac25372462527ed273707", "4daebecc3d8de610264cfece61b81fbb6534259a0d886bee388b4bfa9321035e"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "memory-execute-readwrite", "hashes": ["bcc11d1f898b2747579fe559497a83872a62c4ea2dd264b5149b86e41306ab0f", "3c8dccb3be508a396735bbc358cd002a8d9b064429d1d5ceee153ded6f67132b", "3876228e644d8117295f156ae0e3bc71ea821806301e48f3d81d0fe3835af68e", "b856a0ffda82e57693282206de21373d1628ec70326b84ff8f0930cc2f4a51be", "9d7bee885e6c6182d7615e375cc5c27a2f926f5d38b8c50dc46f359fb15f57e4", "7c366012bb68cd70ca388426bd9de1bb61385d6842357bc6e76d868b1e930f39", "868f2651415676ed612a62774f40f2ef3cbd2b3eec34ab279ddcefb5a335e680", "f40eb3e9eb7c09a4bf83dded46a98fb11e134dd38662c4e61151067f18a5bc1c", "373af591f388320bc53b81a7b272480cf9f64e63879bcdc726fd68350eb2a679", "682ff093d570a76206a45da68991ccfddb4a080cbdaac25372462527ed273707", "4daebecc3d8de610264cfece61b81fbb6534259a0d886bee388b4bfa9321035e"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "pe-uses-armadillo", "hashes": ["bcc11d1f898b2747579fe559497a83872a62c4ea2dd264b5149b86e41306ab0f", "3c8dccb3be508a396735bbc358cd002a8d9b064429d1d5ceee153ded6f67132b", "3876228e644d8117295f156ae0e3bc71ea821806301e48f3d81d0fe3835af68e", "b856a0ffda82e57693282206de21373d1628ec70326b84ff8f0930cc2f4a51be", "9d7bee885e6c6182d7615e375cc5c27a2f926f5d38b8c50dc46f359fb15f57e4", "7c366012bb68cd70ca388426bd9de1bb61385d6842357bc6e76d868b1e930f39", "868f2651415676ed612a62774f40f2ef3cbd2b3eec34ab279ddcefb5a335e680", "f40eb3e9eb7c09a4bf83dded46a98fb11e134dd38662c4e61151067f18a5bc1c", "373af591f388320bc53b81a7b272480cf9f64e63879bcdc726fd68350eb2a679", "682ff093d570a76206a45da68991ccfddb4a080cbdaac25372462527ed273707", "4daebecc3d8de610264cfece61b81fbb6534259a0d886bee388b4bfa9321035e"], "mitre_attack_tags": ["TA0005", "TA0007", "T1027"]}, {"bi": "excessive-foreign-memory-modification", "hashes": ["bcc11d1f898b2747579fe559497a83872a62c4ea2dd264b5149b86e41306ab0f", "3c8dccb3be508a396735bbc358cd002a8d9b064429d1d5ceee153ded6f67132b", "3876228e644d8117295f156ae0e3bc71ea821806301e48f3d81d0fe3835af68e", "b856a0ffda82e57693282206de21373d1628ec70326b84ff8f0930cc2f4a51be", "9d7bee885e6c6182d7615e375cc5c27a2f926f5d38b8c50dc46f359fb15f57e4", "7c366012bb68cd70ca388426bd9de1bb61385d6842357bc6e76d868b1e930f39", "f40eb3e9eb7c09a4bf83dded46a98fb11e134dd38662c4e61151067f18a5bc1c", "373af591f388320bc53b81a7b272480cf9f64e63879bcdc726fd68350eb2a679", "682ff093d570a76206a45da68991ccfddb4a080cbdaac25372462527ed273707", "4daebecc3d8de610264cfece61b81fbb6534259a0d886bee388b4bfa9321035e"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "sample-launched-copy-of-self", "hashes": ["bcc11d1f898b2747579fe559497a83872a62c4ea2dd264b5149b86e41306ab0f", "3c8dccb3be508a396735bbc358cd002a8d9b064429d1d5ceee153ded6f67132b", "3876228e644d8117295f156ae0e3bc71ea821806301e48f3d81d0fe3835af68e", "b856a0ffda82e57693282206de21373d1628ec70326b84ff8f0930cc2f4a51be", "9d7bee885e6c6182d7615e375cc5c27a2f926f5d38b8c50dc46f359fb15f57e4", "7c366012bb68cd70ca388426bd9de1bb61385d6842357bc6e76d868b1e930f39", "f40eb3e9eb7c09a4bf83dded46a98fb11e134dd38662c4e61151067f18a5bc1c", "373af591f388320bc53b81a7b272480cf9f64e63879bcdc726fd68350eb2a679", "682ff093d570a76206a45da68991ccfddb4a080cbdaac25372462527ed273707", "4daebecc3d8de610264cfece61b81fbb6534259a0d886bee388b4bfa9321035e"], "mitre_attack_tags": ["TA0005", "T1202"]}, {"bi": "process-hollowing-detected", "hashes": ["bcc11d1f898b2747579fe559497a83872a62c4ea2dd264b5149b86e41306ab0f", "3c8dccb3be508a396735bbc358cd002a8d9b064429d1d5ceee153ded6f67132b", "3876228e644d8117295f156ae0e3bc71ea821806301e48f3d81d0fe3835af68e", "b856a0ffda82e57693282206de21373d1628ec70326b84ff8f0930cc2f4a51be", "9d7bee885e6c6182d7615e375cc5c27a2f926f5d38b8c50dc46f359fb15f57e4", "7c366012bb68cd70ca388426bd9de1bb61385d6842357bc6e76d868b1e930f39", "f40eb3e9eb7c09a4bf83dded46a98fb11e134dd38662c4e61151067f18a5bc1c", "373af591f388320bc53b81a7b272480cf9f64e63879bcdc726fd68350eb2a679", "682ff093d570a76206a45da68991ccfddb4a080cbdaac25372462527ed273707", "4daebecc3d8de610264cfece61b81fbb6534259a0d886bee388b4bfa9321035e"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "malware-trojan-xtreme-rat-registry-key", "hashes": ["bcc11d1f898b2747579fe559497a83872a62c4ea2dd264b5149b86e41306ab0f", "3c8dccb3be508a396735bbc358cd002a8d9b064429d1d5ceee153ded6f67132b", "3876228e644d8117295f156ae0e3bc71ea821806301e48f3d81d0fe3835af68e", "b856a0ffda82e57693282206de21373d1628ec70326b84ff8f0930cc2f4a51be", "9d7bee885e6c6182d7615e375cc5c27a2f926f5d38b8c50dc46f359fb15f57e4", "7c366012bb68cd70ca388426bd9de1bb61385d6842357bc6e76d868b1e930f39", "f40eb3e9eb7c09a4bf83dded46a98fb11e134dd38662c4e61151067f18a5bc1c", "373af591f388320bc53b81a7b272480cf9f64e63879bcdc726fd68350eb2a679", "682ff093d570a76206a45da68991ccfddb4a080cbdaac25372462527ed273707", "4daebecc3d8de610264cfece61b81fbb6534259a0d886bee388b4bfa9321035e"], "mitre_attack_tags": []}, {"bi": "modified-executable", "hashes": ["3c8dccb3be508a396735bbc358cd002a8d9b064429d1d5ceee153ded6f67132b", "3876228e644d8117295f156ae0e3bc71ea821806301e48f3d81d0fe3835af68e", "b856a0ffda82e57693282206de21373d1628ec70326b84ff8f0930cc2f4a51be", "7c366012bb68cd70ca388426bd9de1bb61385d6842357bc6e76d868b1e930f39", "f40eb3e9eb7c09a4bf83dded46a98fb11e134dd38662c4e61151067f18a5bc1c", "373af591f388320bc53b81a7b272480cf9f64e63879bcdc726fd68350eb2a679", "682ff093d570a76206a45da68991ccfddb4a080cbdaac25372462527ed273707", "4daebecc3d8de610264cfece61b81fbb6534259a0d886bee388b4bfa9321035e"], "mitre_attack_tags": []}, {"bi": "registry-autorun-key-modified", "hashes": ["3c8dccb3be508a396735bbc358cd002a8d9b064429d1d5ceee153ded6f67132b", "3876228e644d8117295f156ae0e3bc71ea821806301e48f3d81d0fe3835af68e", "b856a0ffda82e57693282206de21373d1628ec70326b84ff8f0930cc2f4a51be", "7c366012bb68cd70ca388426bd9de1bb61385d6842357bc6e76d868b1e930f39", "f40eb3e9eb7c09a4bf83dded46a98fb11e134dd38662c4e61151067f18a5bc1c", "373af591f388320bc53b81a7b272480cf9f64e63879bcdc726fd68350eb2a679", "682ff093d570a76206a45da68991ccfddb4a080cbdaac25372462527ed273707", "4daebecc3d8de610264cfece61b81fbb6534259a0d886bee388b4bfa9321035e"], "mitre_attack_tags": ["TA0003", "TA0004", "T1547"]}, {"bi": "registry-activesetup-key-modified", "hashes": ["3c8dccb3be508a396735bbc358cd002a8d9b064429d1d5ceee153ded6f67132b", "3876228e644d8117295f156ae0e3bc71ea821806301e48f3d81d0fe3835af68e", "b856a0ffda82e57693282206de21373d1628ec70326b84ff8f0930cc2f4a51be", "7c366012bb68cd70ca388426bd9de1bb61385d6842357bc6e76d868b1e930f39", "f40eb3e9eb7c09a4bf83dded46a98fb11e134dd38662c4e61151067f18a5bc1c", "373af591f388320bc53b81a7b272480cf9f64e63879bcdc726fd68350eb2a679", "682ff093d570a76206a45da68991ccfddb4a080cbdaac25372462527ed273707", "4daebecc3d8de610264cfece61b81fbb6534259a0d886bee388b4bfa9321035e"], "mitre_attack_tags": ["TA0003", "TA0004", "T1547"]}, {"bi": "network-fast-flux-nameserver", "hashes": ["3876228e644d8117295f156ae0e3bc71ea821806301e48f3d81d0fe3835af68e", "b856a0ffda82e57693282206de21373d1628ec70326b84ff8f0930cc2f4a51be", "7c366012bb68cd70ca388426bd9de1bb61385d6842357bc6e76d868b1e930f39", "f40eb3e9eb7c09a4bf83dded46a98fb11e134dd38662c4e61151067f18a5bc1c", "373af591f388320bc53b81a7b272480cf9f64e63879bcdc726fd68350eb2a679", "682ff093d570a76206a45da68991ccfddb4a080cbdaac25372462527ed273707", "4daebecc3d8de610264cfece61b81fbb6534259a0d886bee388b4bfa9321035e"], "mitre_attack_tags": []}, {"bi": "network-dns-category-dynamic", "hashes": ["3876228e644d8117295f156ae0e3bc71ea821806301e48f3d81d0fe3835af68e", "b856a0ffda82e57693282206de21373d1628ec70326b84ff8f0930cc2f4a51be", "7c366012bb68cd70ca388426bd9de1bb61385d6842357bc6e76d868b1e930f39", "f40eb3e9eb7c09a4bf83dded46a98fb11e134dd38662c4e61151067f18a5bc1c", "373af591f388320bc53b81a7b272480cf9f64e63879bcdc726fd68350eb2a679", "682ff093d570a76206a45da68991ccfddb4a080cbdaac25372462527ed273707", "4daebecc3d8de610264cfece61b81fbb6534259a0d886bee388b4bfa9321035e"], "mitre_attack_tags": []}, {"bi": "network-dns-safe-categories", "hashes": ["3876228e644d8117295f156ae0e3bc71ea821806301e48f3d81d0fe3835af68e", "b856a0ffda82e57693282206de21373d1628ec70326b84ff8f0930cc2f4a51be", "7c366012bb68cd70ca388426bd9de1bb61385d6842357bc6e76d868b1e930f39", "f40eb3e9eb7c09a4bf83dded46a98fb11e134dd38662c4e61151067f18a5bc1c", "373af591f388320bc53b81a7b272480cf9f64e63879bcdc726fd68350eb2a679", "682ff093d570a76206a45da68991ccfddb4a080cbdaac25372462527ed273707", "4daebecc3d8de610264cfece61b81fbb6534259a0d886bee388b4bfa9321035e"], "mitre_attack_tags": []}, {"bi": "modified-file-in-system-dir", "hashes": ["3c8dccb3be508a396735bbc358cd002a8d9b064429d1d5ceee153ded6f67132b", "7c366012bb68cd70ca388426bd9de1bb61385d6842357bc6e76d868b1e930f39", "f40eb3e9eb7c09a4bf83dded46a98fb11e134dd38662c4e61151067f18a5bc1c", "373af591f388320bc53b81a7b272480cf9f64e63879bcdc726fd68350eb2a679", "682ff093d570a76206a45da68991ccfddb4a080cbdaac25372462527ed273707", "4daebecc3d8de610264cfece61b81fbb6534259a0d886bee388b4bfa9321035e"], "mitre_attack_tags": []}, {"bi": "pe-invalid-checksum", "hashes": ["b856a0ffda82e57693282206de21373d1628ec70326b84ff8f0930cc2f4a51be", "7c366012bb68cd70ca388426bd9de1bb61385d6842357bc6e76d868b1e930f39", "868f2651415676ed612a62774f40f2ef3cbd2b3eec34ab279ddcefb5a335e680", "f40eb3e9eb7c09a4bf83dded46a98fb11e134dd38662c4e61151067f18a5bc1c", "373af591f388320bc53b81a7b272480cf9f64e63879bcdc726fd68350eb2a679", "4daebecc3d8de610264cfece61b81fbb6534259a0d886bee388b4bfa9321035e"], "mitre_attack_tags": []}, {"bi": "process-svchost-suspicious-launch", "hashes": ["bcc11d1f898b2747579fe559497a83872a62c4ea2dd264b5149b86e41306ab0f", "3c8dccb3be508a396735bbc358cd002a8d9b064429d1d5ceee153ded6f67132b", "3876228e644d8117295f156ae0e3bc71ea821806301e48f3d81d0fe3835af68e", "b856a0ffda82e57693282206de21373d1628ec70326b84ff8f0930cc2f4a51be", "9d7bee885e6c6182d7615e375cc5c27a2f926f5d38b8c50dc46f359fb15f57e4"], "mitre_attack_tags": ["TA0005", "T1036"]}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["3876228e644d8117295f156ae0e3bc71ea821806301e48f3d81d0fe3835af68e", "7c366012bb68cd70ca388426bd9de1bb61385d6842357bc6e76d868b1e930f39", "868f2651415676ed612a62774f40f2ef3cbd2b3eec34ab279ddcefb5a335e680", "f40eb3e9eb7c09a4bf83dded46a98fb11e134dd38662c4e61151067f18a5bc1c", "373af591f388320bc53b81a7b272480cf9f64e63879bcdc726fd68350eb2a679"], "mitre_attack_tags": []}, {"bi": "registry-autorun-key-system-dir", "hashes": ["7c366012bb68cd70ca388426bd9de1bb61385d6842357bc6e76d868b1e930f39", "f40eb3e9eb7c09a4bf83dded46a98fb11e134dd38662c4e61151067f18a5bc1c", "373af591f388320bc53b81a7b272480cf9f64e63879bcdc726fd68350eb2a679", "682ff093d570a76206a45da68991ccfddb4a080cbdaac25372462527ed273707", "4daebecc3d8de610264cfece61b81fbb6534259a0d886bee388b4bfa9321035e"], "mitre_attack_tags": ["TA0003", "TA0004", "T1547"]}, {"bi": "modified-file-in-user-dir", "hashes": ["3876228e644d8117295f156ae0e3bc71ea821806301e48f3d81d0fe3835af68e", "b856a0ffda82e57693282206de21373d1628ec70326b84ff8f0930cc2f4a51be", "868f2651415676ed612a62774f40f2ef3cbd2b3eec34ab279ddcefb5a335e680"], "mitre_attack_tags": []}, {"bi": "network-opendns-malicious", "hashes": ["7c366012bb68cd70ca388426bd9de1bb61385d6842357bc6e76d868b1e930f39", "f40eb3e9eb7c09a4bf83dded46a98fb11e134dd38662c4e61151067f18a5bc1c", "373af591f388320bc53b81a7b272480cf9f64e63879bcdc726fd68350eb2a679"], "mitre_attack_tags": []}, {"bi": "sample-launched-copy-domain-flagged", "hashes": ["7c366012bb68cd70ca388426bd9de1bb61385d6842357bc6e76d868b1e930f39", "f40eb3e9eb7c09a4bf83dded46a98fb11e134dd38662c4e61151067f18a5bc1c", "373af591f388320bc53b81a7b272480cf9f64e63879bcdc726fd68350eb2a679"], "mitre_attack_tags": ["TA0011", "T1102"]}, {"bi": "process-with-multiple-children", "hashes": ["7c366012bb68cd70ca388426bd9de1bb61385d6842357bc6e76d868b1e930f39", "f40eb3e9eb7c09a4bf83dded46a98fb11e134dd38662c4e61151067f18a5bc1c", "373af591f388320bc53b81a7b272480cf9f64e63879bcdc726fd68350eb2a679"], "mitre_attack_tags": ["TA0005"]}, {"bi": "created-executable-in-user-dir", "hashes": ["3876228e644d8117295f156ae0e3bc71ea821806301e48f3d81d0fe3835af68e", "b856a0ffda82e57693282206de21373d1628ec70326b84ff8f0930cc2f4a51be"], "mitre_attack_tags": []}, {"bi": "potential-registry-persistence", "hashes": ["3876228e644d8117295f156ae0e3bc71ea821806301e48f3d81d0fe3835af68e", "b856a0ffda82e57693282206de21373d1628ec70326b84ff8f0930cc2f4a51be"], "mitre_attack_tags": ["TA0003"]}, {"bi": "registry-autorun-key-temp-dir", "hashes": ["3876228e644d8117295f156ae0e3bc71ea821806301e48f3d81d0fe3835af68e", "b856a0ffda82e57693282206de21373d1628ec70326b84ff8f0930cc2f4a51be"], "mitre_attack_tags": ["TA0003", "TA0004", "T1547"]}, {"bi": "dns-dynamic-domain", "hashes": ["3c8dccb3be508a396735bbc358cd002a8d9b064429d1d5ceee153ded6f67132b"], "mitre_attack_tags": ["TA0011", "T1568"]}, {"bi": "windows-crash-tool-execution-detected", "hashes": ["868f2651415676ed612a62774f40f2ef3cbd2b3eec34ab279ddcefb5a335e680"], "mitre_attack_tags": []}, {"bi": "crash-dump-file-created", "hashes": ["868f2651415676ed612a62774f40f2ef3cbd2b3eec34ab279ddcefb5a335e680"], "mitre_attack_tags": []}, {"bi": "fault-report-file-created", "hashes": ["868f2651415676ed612a62774f40f2ef3cbd2b3eec34ab279ddcefb5a335e680"], "mitre_attack_tags": []}], "category": "Dropper", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": false, "Threat Grid": true, "Umbrella": true, "WSA": true}, "description": "XtremeRAT is a remote access trojan active since 2010 that allows the attacker to eavesdrop on users and modify the running system. The source code for XtremeRAT, written in Delphi, was leaked online and has since been used by similar RATs.", "hashes": ["373af591f388320bc53b81a7b272480cf9f64e63879bcdc726fd68350eb2a679", "3876228e644d8117295f156ae0e3bc71ea821806301e48f3d81d0fe3835af68e", "3c8dccb3be508a396735bbc358cd002a8d9b064429d1d5ceee153ded6f67132b", "4daebecc3d8de610264cfece61b81fbb6534259a0d886bee388b4bfa9321035e", "682ff093d570a76206a45da68991ccfddb4a080cbdaac25372462527ed273707", "7c366012bb68cd70ca388426bd9de1bb61385d6842357bc6e76d868b1e930f39", "868f2651415676ed612a62774f40f2ef3cbd2b3eec34ab279ddcefb5a335e680", "9d7bee885e6c6182d7615e375cc5c27a2f926f5d38b8c50dc46f359fb15f57e4", "b856a0ffda82e57693282206de21373d1628ec70326b84ff8f0930cc2f4a51be", "bcc11d1f898b2747579fe559497a83872a62c4ea2dd264b5149b86e41306ab0f", "f40eb3e9eb7c09a4bf83dded46a98fb11e134dd38662c4e61151067f18a5bc1c"], "iocs": {"domain": [{"hashes": ["373af591f388320bc53b81a7b272480cf9f64e63879bcdc726fd68350eb2a679", "7c366012bb68cd70ca388426bd9de1bb61385d6842357bc6e76d868b1e930f39", "f40eb3e9eb7c09a4bf83dded46a98fb11e134dd38662c4e61151067f18a5bc1c"], "host": "hack4ps[.]no-ip[.]info"}, {"hashes": ["373af591f388320bc53b81a7b272480cf9f64e63879bcdc726fd68350eb2a679", "7c366012bb68cd70ca388426bd9de1bb61385d6842357bc6e76d868b1e930f39", "f40eb3e9eb7c09a4bf83dded46a98fb11e134dd38662c4e61151067f18a5bc1c"], "host": "xkiller[.]no-ip[.]info"}, {"hashes": ["3876228e644d8117295f156ae0e3bc71ea821806301e48f3d81d0fe3835af68e", "b856a0ffda82e57693282206de21373d1628ec70326b84ff8f0930cc2f4a51be"], "host": "jooh2010[.]no-ip[.]biz"}, {"hashes": ["4daebecc3d8de610264cfece61b81fbb6534259a0d886bee388b4bfa9321035e", "682ff093d570a76206a45da68991ccfddb4a080cbdaac25372462527ed273707"], "host": "deadsand[.]no-ip[.]biz"}, {"hashes": ["3c8dccb3be508a396735bbc358cd002a8d9b064429d1d5ceee153ded6f67132b"], "host": "xn8n8[.]sytes[.]net"}], "file": [{"hashes": ["373af591f388320bc53b81a7b272480cf9f64e63879bcdc726fd68350eb2a679", "4daebecc3d8de610264cfece61b81fbb6534259a0d886bee388b4bfa9321035e", "682ff093d570a76206a45da68991ccfddb4a080cbdaac25372462527ed273707", "7c366012bb68cd70ca388426bd9de1bb61385d6842357bc6e76d868b1e930f39", "f40eb3e9eb7c09a4bf83dded46a98fb11e134dd38662c4e61151067f18a5bc1c"], "path": "%SystemRoot%\\InstallDir"}, {"hashes": ["373af591f388320bc53b81a7b272480cf9f64e63879bcdc726fd68350eb2a679", "4daebecc3d8de610264cfece61b81fbb6534259a0d886bee388b4bfa9321035e", "682ff093d570a76206a45da68991ccfddb4a080cbdaac25372462527ed273707", "7c366012bb68cd70ca388426bd9de1bb61385d6842357bc6e76d868b1e930f39", "f40eb3e9eb7c09a4bf83dded46a98fb11e134dd38662c4e61151067f18a5bc1c"], "path": "%SystemRoot%\\InstallDir\\Server.exe"}, {"hashes": ["373af591f388320bc53b81a7b272480cf9f64e63879bcdc726fd68350eb2a679", "7c366012bb68cd70ca388426bd9de1bb61385d6842357bc6e76d868b1e930f39", "f40eb3e9eb7c09a4bf83dded46a98fb11e134dd38662c4e61151067f18a5bc1c"], "path": "%APPDATA%\\Microsoft\\Windows\\6JhgEskcretMKY0gNf.dat"}, {"hashes": ["9d7bee885e6c6182d7615e375cc5c27a2f926f5d38b8c50dc46f359fb15f57e4", "bcc11d1f898b2747579fe559497a83872a62c4ea2dd264b5149b86e41306ab0f"], "path": "%TEMP%\\x.html"}, {"hashes": ["4daebecc3d8de610264cfece61b81fbb6534259a0d886bee388b4bfa9321035e", "682ff093d570a76206a45da68991ccfddb4a080cbdaac25372462527ed273707"], "path": "%APPDATA%\\Microsoft\\Windows\\--((Mutex))--.dat"}, {"hashes": ["3876228e644d8117295f156ae0e3bc71ea821806301e48f3d81d0fe3835af68e", "b856a0ffda82e57693282206de21373d1628ec70326b84ff8f0930cc2f4a51be"], "path": "%TEMP%\\InstallDir"}, {"hashes": ["3876228e644d8117295f156ae0e3bc71ea821806301e48f3d81d0fe3835af68e", "b856a0ffda82e57693282206de21373d1628ec70326b84ff8f0930cc2f4a51be"], "path": "%TEMP%\\InstallDir\\wintimer.exe"}, {"hashes": ["3876228e644d8117295f156ae0e3bc71ea821806301e48f3d81d0fe3835af68e", "b856a0ffda82e57693282206de21373d1628ec70326b84ff8f0930cc2f4a51be"], "path": "%APPDATA%\\Microsoft\\Windows\\ZmzE16K9PQ.dat"}, {"hashes": ["3c8dccb3be508a396735bbc358cd002a8d9b064429d1d5ceee153ded6f67132b"], "path": "%SystemRoot%\\SysWOW64\\drivers\\system32.exe"}, {"hashes": ["3c8dccb3be508a396735bbc358cd002a8d9b064429d1d5ceee153ded6f67132b"], "path": "%APPDATA%\\Microsoft\\Windows\\dHa1Y0sucZs.dat"}], "ip": [], "mutex": [{"hashes": ["4daebecc3d8de610264cfece61b81fbb6534259a0d886bee388b4bfa9321035e", "682ff093d570a76206a45da68991ccfddb4a080cbdaac25372462527ed273707", "9d7bee885e6c6182d7615e375cc5c27a2f926f5d38b8c50dc46f359fb15f57e4", "bcc11d1f898b2747579fe559497a83872a62c4ea2dd264b5149b86e41306ab0f"], "name": "--((Mutex))--"}, {"hashes": ["373af591f388320bc53b81a7b272480cf9f64e63879bcdc726fd68350eb2a679", "7c366012bb68cd70ca388426bd9de1bb61385d6842357bc6e76d868b1e930f39", "f40eb3e9eb7c09a4bf83dded46a98fb11e134dd38662c4e61151067f18a5bc1c"], "name": "6JhgEskcretMKY0gNf"}, {"hashes": ["9d7bee885e6c6182d7615e375cc5c27a2f926f5d38b8c50dc46f359fb15f57e4", "bcc11d1f898b2747579fe559497a83872a62c4ea2dd264b5149b86e41306ab0f"], "name": "--((Mutex))--PERSIST"}, {"hashes": ["3876228e644d8117295f156ae0e3bc71ea821806301e48f3d81d0fe3835af68e", "b856a0ffda82e57693282206de21373d1628ec70326b84ff8f0930cc2f4a51be"], "name": "ZmzE16K9PQ"}, {"hashes": ["3876228e644d8117295f156ae0e3bc71ea821806301e48f3d81d0fe3835af68e", "b856a0ffda82e57693282206de21373d1628ec70326b84ff8f0930cc2f4a51be"], "name": "ZmzE16K9PQPERSIST"}, {"hashes": ["3876228e644d8117295f156ae0e3bc71ea821806301e48f3d81d0fe3835af68e", "b856a0ffda82e57693282206de21373d1628ec70326b84ff8f0930cc2f4a51be"], "name": "ZmzE16K9PQEXIT"}, {"hashes": ["3c8dccb3be508a396735bbc358cd002a8d9b064429d1d5ceee153ded6f67132b"], "name": "dHa1Y0sucZs"}, {"hashes": ["868f2651415676ed612a62774f40f2ef3cbd2b3eec34ab279ddcefb5a335e680"], "name": "Global\\a0262f01-0e7a-11ee-9660-001517a883dc"}], "registry": [{"hashes": ["373af591f388320bc53b81a7b272480cf9f64e63879bcdc726fd68350eb2a679", "3876228e644d8117295f156ae0e3bc71ea821806301e48f3d81d0fe3835af68e", "3c8dccb3be508a396735bbc358cd002a8d9b064429d1d5ceee153ded6f67132b", "4daebecc3d8de610264cfece61b81fbb6534259a0d886bee388b4bfa9321035e", "682ff093d570a76206a45da68991ccfddb4a080cbdaac25372462527ed273707", "7c366012bb68cd70ca388426bd9de1bb61385d6842357bc6e76d868b1e930f39", "9d7bee885e6c6182d7615e375cc5c27a2f926f5d38b8c50dc46f359fb15f57e4", "b856a0ffda82e57693282206de21373d1628ec70326b84ff8f0930cc2f4a51be", "bcc11d1f898b2747579fe559497a83872a62c4ea2dd264b5149b86e41306ab0f", "f40eb3e9eb7c09a4bf83dded46a98fb11e134dd38662c4e61151067f18a5bc1c"], "key": "<HKCU>\\SOFTWARE\\XTREMERAT", "value_name": null}, {"hashes": ["373af591f388320bc53b81a7b272480cf9f64e63879bcdc726fd68350eb2a679", "3876228e644d8117295f156ae0e3bc71ea821806301e48f3d81d0fe3835af68e", "3c8dccb3be508a396735bbc358cd002a8d9b064429d1d5ceee153ded6f67132b", "4daebecc3d8de610264cfece61b81fbb6534259a0d886bee388b4bfa9321035e", "682ff093d570a76206a45da68991ccfddb4a080cbdaac25372462527ed273707", "7c366012bb68cd70ca388426bd9de1bb61385d6842357bc6e76d868b1e930f39", "9d7bee885e6c6182d7615e375cc5c27a2f926f5d38b8c50dc46f359fb15f57e4", "b856a0ffda82e57693282206de21373d1628ec70326b84ff8f0930cc2f4a51be", "bcc11d1f898b2747579fe559497a83872a62c4ea2dd264b5149b86e41306ab0f", "f40eb3e9eb7c09a4bf83dded46a98fb11e134dd38662c4e61151067f18a5bc1c"], "key": "<HKCU>\\SOFTWARE\\XTREMERAT", "value_name": "Mutex"}, {"hashes": ["373af591f388320bc53b81a7b272480cf9f64e63879bcdc726fd68350eb2a679", "3876228e644d8117295f156ae0e3bc71ea821806301e48f3d81d0fe3835af68e", "3c8dccb3be508a396735bbc358cd002a8d9b064429d1d5ceee153ded6f67132b", "7c366012bb68cd70ca388426bd9de1bb61385d6842357bc6e76d868b1e930f39", "b856a0ffda82e57693282206de21373d1628ec70326b84ff8f0930cc2f4a51be", "f40eb3e9eb7c09a4bf83dded46a98fb11e134dd38662c4e61151067f18a5bc1c"], "key": "<HKLM>\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "HKLM"}, {"hashes": ["373af591f388320bc53b81a7b272480cf9f64e63879bcdc726fd68350eb2a679", "3876228e644d8117295f156ae0e3bc71ea821806301e48f3d81d0fe3835af68e", "3c8dccb3be508a396735bbc358cd002a8d9b064429d1d5ceee153ded6f67132b", "7c366012bb68cd70ca388426bd9de1bb61385d6842357bc6e76d868b1e930f39", "b856a0ffda82e57693282206de21373d1628ec70326b84ff8f0930cc2f4a51be", "f40eb3e9eb7c09a4bf83dded46a98fb11e134dd38662c4e61151067f18a5bc1c"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "HKCU"}, {"hashes": ["373af591f388320bc53b81a7b272480cf9f64e63879bcdc726fd68350eb2a679", "7c366012bb68cd70ca388426bd9de1bb61385d6842357bc6e76d868b1e930f39", "f40eb3e9eb7c09a4bf83dded46a98fb11e134dd38662c4e61151067f18a5bc1c"], "key": "<HKCU>\\SOFTWARE\\6JHGESKCRETMKY0GNF", "value_name": null}, {"hashes": ["373af591f388320bc53b81a7b272480cf9f64e63879bcdc726fd68350eb2a679", "7c366012bb68cd70ca388426bd9de1bb61385d6842357bc6e76d868b1e930f39", "f40eb3e9eb7c09a4bf83dded46a98fb11e134dd38662c4e61151067f18a5bc1c"], "key": "<HKLM>\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\ACTIVE SETUP\\INSTALLED COMPONENTS\\{4J2HF5HQ-7067-T665-0KA3-I527GLTEG0RC}", "value_name": null}, {"hashes": ["373af591f388320bc53b81a7b272480cf9f64e63879bcdc726fd68350eb2a679", "7c366012bb68cd70ca388426bd9de1bb61385d6842357bc6e76d868b1e930f39", "f40eb3e9eb7c09a4bf83dded46a98fb11e134dd38662c4e61151067f18a5bc1c"], "key": "<HKLM>\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\ACTIVE SETUP\\INSTALLED COMPONENTS\\{4J2HF5HQ-7067-T665-0KA3-I527GLTEG0RC}", "value_name": "StubPath"}, {"hashes": ["373af591f388320bc53b81a7b272480cf9f64e63879bcdc726fd68350eb2a679", "7c366012bb68cd70ca388426bd9de1bb61385d6842357bc6e76d868b1e930f39", "f40eb3e9eb7c09a4bf83dded46a98fb11e134dd38662c4e61151067f18a5bc1c"], "key": "<HKCU>\\SOFTWARE\\6JHGESKCRETMKY0GNF", "value_name": "ServerStarted"}, {"hashes": ["4daebecc3d8de610264cfece61b81fbb6534259a0d886bee388b4bfa9321035e", "682ff093d570a76206a45da68991ccfddb4a080cbdaac25372462527ed273707"], "key": "<HKCU>\\SOFTWARE\\--((MUTEX))--", "value_name": null}, {"hashes": ["4daebecc3d8de610264cfece61b81fbb6534259a0d886bee388b4bfa9321035e", "682ff093d570a76206a45da68991ccfddb4a080cbdaac25372462527ed273707"], "key": "<HKLM>\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\ACTIVE SETUP\\INSTALLED COMPONENTS\\{UDSJO3L5-XD46-H5T2-PNM2-886W401Q2WFR}", "value_name": null}, {"hashes": ["3876228e644d8117295f156ae0e3bc71ea821806301e48f3d81d0fe3835af68e", "b856a0ffda82e57693282206de21373d1628ec70326b84ff8f0930cc2f4a51be"], "key": "<HKCU>\\SOFTWARE\\ZMZE16K9PQ", "value_name": null}, {"hashes": ["3876228e644d8117295f156ae0e3bc71ea821806301e48f3d81d0fe3835af68e", "b856a0ffda82e57693282206de21373d1628ec70326b84ff8f0930cc2f4a51be"], "key": "<HKLM>\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\ACTIVE SETUP\\INSTALLED COMPONENTS\\{5TT7UVKI-8JUS-13K8-RDC6-4BUSL8303LK2}", "value_name": null}, {"hashes": ["3876228e644d8117295f156ae0e3bc71ea821806301e48f3d81d0fe3835af68e", "b856a0ffda82e57693282206de21373d1628ec70326b84ff8f0930cc2f4a51be"], "key": "<HKCU>\\SOFTWARE\\ZMZE16K9PQ", "value_name": "ServerStarted"}, {"hashes": ["3876228e644d8117295f156ae0e3bc71ea821806301e48f3d81d0fe3835af68e", "b856a0ffda82e57693282206de21373d1628ec70326b84ff8f0930cc2f4a51be"], "key": "<HKCU>\\SOFTWARE\\ZMZE16K9PQ", "value_name": "ServerName"}, {"hashes": ["3876228e644d8117295f156ae0e3bc71ea821806301e48f3d81d0fe3835af68e", "b856a0ffda82e57693282206de21373d1628ec70326b84ff8f0930cc2f4a51be"], "key": "<HKLM>\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\ACTIVE SETUP\\INSTALLED COMPONENTS\\{5TT7UVKI-8JUS-13K8-RDC6-4BUSL8303LK2}", "value_name": "StubPath"}, {"hashes": ["4daebecc3d8de610264cfece61b81fbb6534259a0d886bee388b4bfa9321035e", "682ff093d570a76206a45da68991ccfddb4a080cbdaac25372462527ed273707"], "key": "<HKCU>\\SOFTWARE\\--((MUTEX))--", "value_name": "ServerStarted"}, {"hashes": ["4daebecc3d8de610264cfece61b81fbb6534259a0d886bee388b4bfa9321035e", "682ff093d570a76206a45da68991ccfddb4a080cbdaac25372462527ed273707"], "key": "<HKLM>\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "flood"}, {"hashes": ["4daebecc3d8de610264cfece61b81fbb6534259a0d886bee388b4bfa9321035e", "682ff093d570a76206a45da68991ccfddb4a080cbdaac25372462527ed273707"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "update"}, {"hashes": ["4daebecc3d8de610264cfece61b81fbb6534259a0d886bee388b4bfa9321035e", "682ff093d570a76206a45da68991ccfddb4a080cbdaac25372462527ed273707"], "key": "<HKLM>\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\ACTIVE SETUP\\INSTALLED COMPONENTS\\{UDSJO3L5-XD46-H5T2-PNM2-886W401Q2WFR}", "value_name": "StubPath"}, {"hashes": ["4daebecc3d8de610264cfece61b81fbb6534259a0d886bee388b4bfa9321035e", "682ff093d570a76206a45da68991ccfddb4a080cbdaac25372462527ed273707"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "floods"}, {"hashes": ["3c8dccb3be508a396735bbc358cd002a8d9b064429d1d5ceee153ded6f67132b"], "key": "<HKCU>\\SOFTWARE\\DHA1Y0SUCZS", "value_name": null}, {"hashes": ["3c8dccb3be508a396735bbc358cd002a8d9b064429d1d5ceee153ded6f67132b"], "key": "<HKLM>\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\ACTIVE SETUP\\INSTALLED COMPONENTS\\{BWTHDBX6-O60P-1046-3686-46E7X3KCQBDG}", "value_name": null}, {"hashes": ["3c8dccb3be508a396735bbc358cd002a8d9b064429d1d5ceee153ded6f67132b"], "key": "<HKCU>\\SOFTWARE\\DHA1Y0SUCZS", "value_name": "ServerStarted"}, {"hashes": ["3c8dccb3be508a396735bbc358cd002a8d9b064429d1d5ceee153ded6f67132b"], "key": "<HKLM>\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\ACTIVE SETUP\\INSTALLED COMPONENTS\\{BWTHDBX6-O60P-1046-3686-46E7X3KCQBDG}", "value_name": "StubPath"}]}, "reports_count": 11}, "Win.Malware.Bublik-10004580-0": {"bis": [{"bi": "memory-execute-readwrite", "hashes": ["50f777a8486df699ffaf3aa24da23a5975117e865adb500c9ca6b57b12c673cb", "99980647b27d5f165122218de62293a74e453e1a389e287d443f70488c6330e7", "9422fe784c3ce05dc5da6f846fb45a91721265460ecd45d5c224bf1fdf85270f", "1c530345b2e47ebe50da93b2464af6cde8960e5db5f008421399d7c682e169fb", "d1dabcd229d01f104fb3724725d48abc6e88d22ae6aeb5ad6aeacde1ff14e902", "1078763c2070758f2d7af2a32cfeac195b1b19af9d7f83433451469a6456d69a", "1895e011ecb8c5efa5610c55e27a8f32dd6d4e2e24aad0f7375c6b22b13a3673", "2fb5e4c5d73bfebf5e01d40dca08bb935cf8b4e4674317a7ffadb4507aa2276f", "39cb9111fb5d6341c644cc82e1d06c36bb8c0e18c9592d3e591005b899660bda", "193de0289b48eec0d8da266d3f1ff3e5a265fa72cff2db27b45a96f58f8f3c60", "12d38c601be82a710b29744fa9856add702bba2c1cfc9d8f36726df449fa90ea", "34d59e60efd9cec0fd907a3175f17d5f60711bb80e7ec5ece678868c76b03aef", "07f8041820745c7de03ab380cdbc33fad9da6c9e87243ce4d6af1664ab2e5cae", "09e30d34ef79c10fd0f431ba287a8e89ea08c7919501a42e95ddf0b02b7a54dd", "1e53f4e81771eebb343e345524fffe8effea4c4938c27dc174dc970ee7ef5974", "4de4eb2b53e3205faaaf53ee527d40b4c8e405e2a4300ba1ef80ae33a6d5c4c4", "1b3573f9efa0a3c401e74a54737c2cb64661136df79aa1616139fa8b05a19aa5", "0d970e4dca39e6ac5d389f25ba528eac251bff7df4c15aa85e96d3c680dea37a", "ab6371a2baa7ccc4f1183c672c745611ae5e4dcc4c7b75d3bc72bfdd21784e4d", "a45a7283a67a4dd94cc36e6647e9ee4ea0e158f3abe008aac1606495d2c955a7", "01d019832f6f09a0eab7ffcb294466825148ef642519b37f225cea25fd8ccd82", "825f1f7d9ef166aa125ae1e3cf65fc2bc2d3ee82bc1eef602c79848f83216ae2", "1b21be6f06de9138a7131f2c037d1cf3aafb0cbc7e05f9e7111649593cb3f736", "2addb535adeb2b99b20aea8053e632f35a77d4673461ebe472d694d93f61d0ec", "db11c55766b301154e13a3a0442bc289b7c11c5ccde8f4fb48ebf64ada2903cd", "a9054f288c2996e0ccf783da773886406bcf30ee0cf03a569160b73c2d552669", "ac9773630804e19ec8915009e8540a07a85e25765527751f87a7ffdd5169331a", "b4432bf00380674ccaa7b6fd4bddf47c79220e43c675f167c153173f2a079bfd", "69dd47f011a3e583344e848d16b5568cedb6336fc3269fce30ac789bd3b8ce92", "edf8c887e540fefddae2cc33030281131326cc34141aee91e835c501fb73350d", "d1cef81d11242f265f3b55d9ddda64c5d510284f7f67f2863410073edcd32d89", "563ca26d49fe96cc6b222442bb2856309a5cbb3897c8f363a16f990fe6f103fb", "60d8821085704f2449170f1faa0a736609b0893fb9242997ef21a6a47f7addbf", "5c3a66f160b371f0729c087f3267ce453d2989ff5c737c950d8713c732507db3", "889396620fb66f07488ec3742e8f388564b82898fa95107d5a0fd82e4a4bfd8a", "67a56716ccb9331716b11b18474ec72f187903c17413ebef38d962827bb8e7e9", "54c02bb16bfd6665d29e47c64b39dc5c64f241d71ca6fbbea7e75c473e00878a", "a5e81215f10ef7c714612532cba97dc126353578c8aa1d7f5b6893fbbbc45707", "008272d4b93a5cefd6943952d63388198b67a34e06a93dca0e9698c0639f4f02", "3381319dacb0900a6af41c5d06843bebbe35012a6a7fcf4b781579bffe5a25ac", "21e41bdd78b229b35c9abbd43770e83b3b69ab2643f6d91271c84d25d0c5cf29", "173272cf5e8e9349b8d4ff45e6f9378fbfcd437bfaa10fc5c7b7d8adabdd998d", "47e242bb38c4dbbcf5e9ccc6e218ab8d9b03e9369f66710c483068e0aeacb422", "8afc019596fdb9ab0d4652930dbcf4a8895b592bfbaceb7cd924985e00372ad8", "1f0e53ca67d28fbae4e2cf3986df26ae1524c2655352d0d0caccfe05b09321ca", "3e472853f993af211f9535b89abba89fd9e04bf867d381784964ec122350d1be", "e09a4d92a38b7deac7ea7944e304849cf0cca2aaea8c86ab315801881a596386", "705e79b1823c9d165e21adaedd07286136265305424e5a3f809792e8d19b502d", "6cf6a40540f195bf152c961749e439a1da876e0ff98dc346126967fa3ee157a7", "41d3843050bfefb2eb013220db2c045dca05e7c8c19b301d1bdda202eb54d010", "3b6bbc1b0f465795696b5063e07926898838032487f612a325edf68d88903e85", "127769bcc6688cc1c682313689d4c0ce7915a8295797a90f4586fb379694c3fe", "1b16fc65b34fb4cb5de9a4660bc53f3c4f27ef2d69d88f82e150eca94495471a", "b6302d8e2502820381a79ffa92f7cabd7fce111e6f5e3dd3702d2fd8bf0226f7", "9cb3af10f0da5ab2337d9214add2b74841684a8c0e1e7c7bc96811c4c4fcd711", "1ae225224fdb2f8a7ecd7420c3b5f85600b87445e6ac9810978e8f21fcb8de3d", "18b0fe90a4749d21a70e7775e456f3b258638de1b10dc7c8dfad2c87bb4b4150", "1961cf9e8b78d5a638cf76bdaa2144a559056acbb97c7658cd3e3338016ff1f8", "aec880a12c1ce96b5c80d6ac88193c363a522b53b94fbe019c88cc5e7ccc596d", "35b61225ab6230c6ae23dbe0163e06320f7c1121e976afb4c2dede91fe3bd29c", "b854e2ae09aadd9cacf3fe61c0855655b8883dc81d04484f22cf6aea89d14a9f", "05878e434aefab9098e57e734d21ba96eb2731dc2022e7619ff42e6c283ac1c5", "9bdb516a39240b33a9ea42bef996c77c2a309aabd80cccf8d065e1da693ce523", "706fe073eb58eeed3fd167a20173cf2cec07d7ad4e19cb278eb5d0a57c0f04cd", "7b76196492cad99e9da6c4184b3c6b6b4e08f0441db65a345394a8c142a73c4f", "3cadbc2ab3b57b93057e9bfa54187bbbdc6c22506ada94cf3a57b1bc0e14f30e", "de88f42454f2a9364b67f4a616ed9edba4dda98ece12d9eec1cb27b96549ed36", "017c9042d7cfab02d6444805d617bfda04a590d8ee0131f0dcbb73d9f422264e", "b287e7a198f3999e8dc503c8122436763e1322b1dca200c83c143e6001851562", "9db17d1227428fa09f580b625f136f0c73998b2c8b51099b0d99b279e2e896f6", "cac8c46df3a499a37f4a47e3d0175e64f5f7b40720169e51dbc7a771a166abb1", "bb2edf6b1a9be5490267a7f4c080d0f4c685d39be28c4fe5371ccf09735d5861", "4194744fa810423e5c9a277034f822e5b561d534ed57cdd75eb2a3523ef69ca7", "146acf9b7a358237258cebeaa0870b7500c470d65855832a79ad1858de485ba4", "d7a2530b77e4d3df32f810fab08a2d807e6178da7dbdacf324479864033b86d4", "dddf49abc2db241bad39682c43a9f54c745d98f2fddc44d6c3d2a088a17101f2", "40c4e14bf1aca54e16724bd697952b8a1a48162f5ca46717890f85fd94228887", "8252041cbdf7048ffa8593337d985693dea92de627ceaecbfb5f3961702c7a56", "195c1acc646ec1f37bba891e6b6448734361ce77b79e99cb7f3d6a54e5265da1", "17e0b0e3be6ebbf026d4b7ff6da60925516f6b29e2b5f5bfd33f49544659d031", "502870abfa3b834b5072013d290429e9f35473dda57c9299c9ef6769f5479514", "892b564697110247799358ac50998e9a73d0753134b88575fff6b6cab911c394", "3fe1355f18b8f7d4919a716ab5ce485f94d9021bc7bf6aad2bf3a45e3d84bed6", "116eb648e4098b4994e20822ae2dea5f9a05bf280774e96e7f17537eeea128c1", "424cfa4d684e1763451c2ae7bebe189cbdcff4338458ed779d86bdf9074e0e32", "08de6b552e704a0bb100dcd244c0950ffb90d7d021d042f3bad4b66eab1c633b", "f09f85d3e1ec8922a52470d8df179bb0b7da1422e62f96fa8805b887a2698435", "a04ab5abf6de646db23f84c75a225d2c1316e56476e07d4b4139c16881745c10", "4704600085e453a34b69b6c99281ee65b902548f8347f10e6b4f26b585409d29", "4da95d7c973efee80b4f4f1eda718a049b8a39d0e74e505a659883113974c081", "bf47935d5abfcd2379da6b157c2d6bd9eb346d0e0b61f2fb5656ec40d1bd1dec", "5a39cab6a25f81e370381b9a7a3959edc5af740dfa6492ddfd3b8b7a2602f5bd", "352de18adbc914f4fad09aae28026ce72f31d5f4381b593f56421c9b3ad7dbc1", "bf7219b06a4be0833eda6b1a8e337666958dacb48d86a302381fc47a572caff4", "163a3b460ddcdb4561169c9466d48ded8d4535e34e4d51fee2713f6f2006f472", "b54a5dbb651236740e40a0bbff2091fff546fda4dc0df8c8d957c9852c5ecde8", "2772b6534102d78753197e88a5df9bc5cc23a267519779bbe6396943ecb9e306", "205733419c0e9fbcef100248b323f524d83c4bc4fb530459d6e924ff0685b566", "47a8d55ed5c7998c9a565ba98cde2e370d8f04b481211740988448aff6418d12", "f5db78f399fd6e5df79d48b1708558e1eaeb03bd0df67ca76d3856b304f0ac94", "3e6bae1d5811f70c58ecb368d035c918cec0784ea1e5a64c699b4b38ab951a46", "aa0f00ba9bd5c48985c2c233d05648b75bbd06a413fd56ae9551ef9e693445e1", "84edde4a5cf6dc9509eb00a1b73d786a47409902f088165d6a9023eaeb439192", "42bf7e179e1bc3e118e22537d4ffef7ff82c14ceabe7c54a20747e9a1abdb68a", "83c039f175a4fbd9f2e377868ed3266a6bf777cd8fbc556742d0b1b0a8f290eb", "2c4a04d837485631f9ee1fd683028030d354325a76f089d4fa61571e050aef6a", "5076629901250c7cbb92c63ae4437d57ca1a3315176c6f711292f24cf26e634f", "84741918908f5baa954352ca823a33635f2193f614eb82a9750ff21304b73bb7", "642f1f687831f32c4fdc9e6ec7694e5e8768b016f57815f4bb3534b3964ff697", "7aeac92c9b86fa0faf26ea521319e90ba809fc064a3fa4b57abdfa22a30eba61", "8359f177511995d6ea51318a2b7c17b9c7e492abaafb8c273483156f48facbb1", "15c9b7a21edfd29a057d881d7f4a98405dd530122b29c7d5ab15042b9f25536c", "20aaa30897fbd51594befc4dde90df6ea6b30ff734b0c36bf27b8112f4ef679c", "5f147949ece693d3312e612a23cf1f97bba86b270f481c8b299d7ab8c67b3165", "bde65f6d8374c1896a9087860d6b9e2cce669f00a30968e89d21b9439ff460f2", "cc2e43e225526b98716e58f9c9af35013937c76cca96f4a3381b40017a4c8fcd", "3417c9c325d8811267feb035627295a669ce243b60045e6e8be4a2db5f55fb30", "f6ca134ba6fc867fef2b2a84c6a35d1278e3a3bd47189d6e5a844b3e1798feee"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "modified-executable", "hashes": ["50f777a8486df699ffaf3aa24da23a5975117e865adb500c9ca6b57b12c673cb", "99980647b27d5f165122218de62293a74e453e1a389e287d443f70488c6330e7", "9422fe784c3ce05dc5da6f846fb45a91721265460ecd45d5c224bf1fdf85270f", "1c530345b2e47ebe50da93b2464af6cde8960e5db5f008421399d7c682e169fb", "d1dabcd229d01f104fb3724725d48abc6e88d22ae6aeb5ad6aeacde1ff14e902", "1078763c2070758f2d7af2a32cfeac195b1b19af9d7f83433451469a6456d69a", "1895e011ecb8c5efa5610c55e27a8f32dd6d4e2e24aad0f7375c6b22b13a3673", "2fb5e4c5d73bfebf5e01d40dca08bb935cf8b4e4674317a7ffadb4507aa2276f", "39cb9111fb5d6341c644cc82e1d06c36bb8c0e18c9592d3e591005b899660bda", "193de0289b48eec0d8da266d3f1ff3e5a265fa72cff2db27b45a96f58f8f3c60", "12d38c601be82a710b29744fa9856add702bba2c1cfc9d8f36726df449fa90ea", "34d59e60efd9cec0fd907a3175f17d5f60711bb80e7ec5ece678868c76b03aef", "07f8041820745c7de03ab380cdbc33fad9da6c9e87243ce4d6af1664ab2e5cae", "09e30d34ef79c10fd0f431ba287a8e89ea08c7919501a42e95ddf0b02b7a54dd", "1e53f4e81771eebb343e345524fffe8effea4c4938c27dc174dc970ee7ef5974", "4de4eb2b53e3205faaaf53ee527d40b4c8e405e2a4300ba1ef80ae33a6d5c4c4", "1b3573f9efa0a3c401e74a54737c2cb64661136df79aa1616139fa8b05a19aa5", "0d970e4dca39e6ac5d389f25ba528eac251bff7df4c15aa85e96d3c680dea37a", "ab6371a2baa7ccc4f1183c672c745611ae5e4dcc4c7b75d3bc72bfdd21784e4d", "a45a7283a67a4dd94cc36e6647e9ee4ea0e158f3abe008aac1606495d2c955a7", "01d019832f6f09a0eab7ffcb294466825148ef642519b37f225cea25fd8ccd82", "825f1f7d9ef166aa125ae1e3cf65fc2bc2d3ee82bc1eef602c79848f83216ae2", "1b21be6f06de9138a7131f2c037d1cf3aafb0cbc7e05f9e7111649593cb3f736", "2addb535adeb2b99b20aea8053e632f35a77d4673461ebe472d694d93f61d0ec", "db11c55766b301154e13a3a0442bc289b7c11c5ccde8f4fb48ebf64ada2903cd", "a9054f288c2996e0ccf783da773886406bcf30ee0cf03a569160b73c2d552669", "ac9773630804e19ec8915009e8540a07a85e25765527751f87a7ffdd5169331a", "b4432bf00380674ccaa7b6fd4bddf47c79220e43c675f167c153173f2a079bfd", "69dd47f011a3e583344e848d16b5568cedb6336fc3269fce30ac789bd3b8ce92", "edf8c887e540fefddae2cc33030281131326cc34141aee91e835c501fb73350d", "d1cef81d11242f265f3b55d9ddda64c5d510284f7f67f2863410073edcd32d89", "563ca26d49fe96cc6b222442bb2856309a5cbb3897c8f363a16f990fe6f103fb", "60d8821085704f2449170f1faa0a736609b0893fb9242997ef21a6a47f7addbf", "5c3a66f160b371f0729c087f3267ce453d2989ff5c737c950d8713c732507db3", "889396620fb66f07488ec3742e8f388564b82898fa95107d5a0fd82e4a4bfd8a", "67a56716ccb9331716b11b18474ec72f187903c17413ebef38d962827bb8e7e9", "54c02bb16bfd6665d29e47c64b39dc5c64f241d71ca6fbbea7e75c473e00878a", "a5e81215f10ef7c714612532cba97dc126353578c8aa1d7f5b6893fbbbc45707", "008272d4b93a5cefd6943952d63388198b67a34e06a93dca0e9698c0639f4f02", "3381319dacb0900a6af41c5d06843bebbe35012a6a7fcf4b781579bffe5a25ac", "21e41bdd78b229b35c9abbd43770e83b3b69ab2643f6d91271c84d25d0c5cf29", "173272cf5e8e9349b8d4ff45e6f9378fbfcd437bfaa10fc5c7b7d8adabdd998d", "47e242bb38c4dbbcf5e9ccc6e218ab8d9b03e9369f66710c483068e0aeacb422", "8afc019596fdb9ab0d4652930dbcf4a8895b592bfbaceb7cd924985e00372ad8", "1f0e53ca67d28fbae4e2cf3986df26ae1524c2655352d0d0caccfe05b09321ca", "3e472853f993af211f9535b89abba89fd9e04bf867d381784964ec122350d1be", "e09a4d92a38b7deac7ea7944e304849cf0cca2aaea8c86ab315801881a596386", "705e79b1823c9d165e21adaedd07286136265305424e5a3f809792e8d19b502d", "6cf6a40540f195bf152c961749e439a1da876e0ff98dc346126967fa3ee157a7", "41d3843050bfefb2eb013220db2c045dca05e7c8c19b301d1bdda202eb54d010", "3b6bbc1b0f465795696b5063e07926898838032487f612a325edf68d88903e85", "127769bcc6688cc1c682313689d4c0ce7915a8295797a90f4586fb379694c3fe", "1b16fc65b34fb4cb5de9a4660bc53f3c4f27ef2d69d88f82e150eca94495471a", "b6302d8e2502820381a79ffa92f7cabd7fce111e6f5e3dd3702d2fd8bf0226f7", "9cb3af10f0da5ab2337d9214add2b74841684a8c0e1e7c7bc96811c4c4fcd711", "1ae225224fdb2f8a7ecd7420c3b5f85600b87445e6ac9810978e8f21fcb8de3d", "18b0fe90a4749d21a70e7775e456f3b258638de1b10dc7c8dfad2c87bb4b4150", "1961cf9e8b78d5a638cf76bdaa2144a559056acbb97c7658cd3e3338016ff1f8", "aec880a12c1ce96b5c80d6ac88193c363a522b53b94fbe019c88cc5e7ccc596d", "35b61225ab6230c6ae23dbe0163e06320f7c1121e976afb4c2dede91fe3bd29c", "b854e2ae09aadd9cacf3fe61c0855655b8883dc81d04484f22cf6aea89d14a9f", "05878e434aefab9098e57e734d21ba96eb2731dc2022e7619ff42e6c283ac1c5", "9bdb516a39240b33a9ea42bef996c77c2a309aabd80cccf8d065e1da693ce523", "706fe073eb58eeed3fd167a20173cf2cec07d7ad4e19cb278eb5d0a57c0f04cd", "7b76196492cad99e9da6c4184b3c6b6b4e08f0441db65a345394a8c142a73c4f", "3cadbc2ab3b57b93057e9bfa54187bbbdc6c22506ada94cf3a57b1bc0e14f30e", "de88f42454f2a9364b67f4a616ed9edba4dda98ece12d9eec1cb27b96549ed36", "017c9042d7cfab02d6444805d617bfda04a590d8ee0131f0dcbb73d9f422264e", "b287e7a198f3999e8dc503c8122436763e1322b1dca200c83c143e6001851562", "9db17d1227428fa09f580b625f136f0c73998b2c8b51099b0d99b279e2e896f6", "cac8c46df3a499a37f4a47e3d0175e64f5f7b40720169e51dbc7a771a166abb1", "bb2edf6b1a9be5490267a7f4c080d0f4c685d39be28c4fe5371ccf09735d5861", "4194744fa810423e5c9a277034f822e5b561d534ed57cdd75eb2a3523ef69ca7", "146acf9b7a358237258cebeaa0870b7500c470d65855832a79ad1858de485ba4", "d7a2530b77e4d3df32f810fab08a2d807e6178da7dbdacf324479864033b86d4", "dddf49abc2db241bad39682c43a9f54c745d98f2fddc44d6c3d2a088a17101f2", "40c4e14bf1aca54e16724bd697952b8a1a48162f5ca46717890f85fd94228887", "8252041cbdf7048ffa8593337d985693dea92de627ceaecbfb5f3961702c7a56", "195c1acc646ec1f37bba891e6b6448734361ce77b79e99cb7f3d6a54e5265da1", "17e0b0e3be6ebbf026d4b7ff6da60925516f6b29e2b5f5bfd33f49544659d031", "502870abfa3b834b5072013d290429e9f35473dda57c9299c9ef6769f5479514", "892b564697110247799358ac50998e9a73d0753134b88575fff6b6cab911c394", "3fe1355f18b8f7d4919a716ab5ce485f94d9021bc7bf6aad2bf3a45e3d84bed6", "116eb648e4098b4994e20822ae2dea5f9a05bf280774e96e7f17537eeea128c1", "424cfa4d684e1763451c2ae7bebe189cbdcff4338458ed779d86bdf9074e0e32", "08de6b552e704a0bb100dcd244c0950ffb90d7d021d042f3bad4b66eab1c633b", "f09f85d3e1ec8922a52470d8df179bb0b7da1422e62f96fa8805b887a2698435", "a04ab5abf6de646db23f84c75a225d2c1316e56476e07d4b4139c16881745c10", "4704600085e453a34b69b6c99281ee65b902548f8347f10e6b4f26b585409d29", "4da95d7c973efee80b4f4f1eda718a049b8a39d0e74e505a659883113974c081", "bf47935d5abfcd2379da6b157c2d6bd9eb346d0e0b61f2fb5656ec40d1bd1dec", "5a39cab6a25f81e370381b9a7a3959edc5af740dfa6492ddfd3b8b7a2602f5bd", "352de18adbc914f4fad09aae28026ce72f31d5f4381b593f56421c9b3ad7dbc1", "bf7219b06a4be0833eda6b1a8e337666958dacb48d86a302381fc47a572caff4", "163a3b460ddcdb4561169c9466d48ded8d4535e34e4d51fee2713f6f2006f472", "b54a5dbb651236740e40a0bbff2091fff546fda4dc0df8c8d957c9852c5ecde8", "2772b6534102d78753197e88a5df9bc5cc23a267519779bbe6396943ecb9e306", "205733419c0e9fbcef100248b323f524d83c4bc4fb530459d6e924ff0685b566", "47a8d55ed5c7998c9a565ba98cde2e370d8f04b481211740988448aff6418d12", "f5db78f399fd6e5df79d48b1708558e1eaeb03bd0df67ca76d3856b304f0ac94", "3e6bae1d5811f70c58ecb368d035c918cec0784ea1e5a64c699b4b38ab951a46", "aa0f00ba9bd5c48985c2c233d05648b75bbd06a413fd56ae9551ef9e693445e1", "84edde4a5cf6dc9509eb00a1b73d786a47409902f088165d6a9023eaeb439192", "42bf7e179e1bc3e118e22537d4ffef7ff82c14ceabe7c54a20747e9a1abdb68a", "83c039f175a4fbd9f2e377868ed3266a6bf777cd8fbc556742d0b1b0a8f290eb", "2c4a04d837485631f9ee1fd683028030d354325a76f089d4fa61571e050aef6a", "5076629901250c7cbb92c63ae4437d57ca1a3315176c6f711292f24cf26e634f", "84741918908f5baa954352ca823a33635f2193f614eb82a9750ff21304b73bb7", "642f1f687831f32c4fdc9e6ec7694e5e8768b016f57815f4bb3534b3964ff697", "7aeac92c9b86fa0faf26ea521319e90ba809fc064a3fa4b57abdfa22a30eba61", "8359f177511995d6ea51318a2b7c17b9c7e492abaafb8c273483156f48facbb1", "15c9b7a21edfd29a057d881d7f4a98405dd530122b29c7d5ab15042b9f25536c", "20aaa30897fbd51594befc4dde90df6ea6b30ff734b0c36bf27b8112f4ef679c", "5f147949ece693d3312e612a23cf1f97bba86b270f481c8b299d7ab8c67b3165", "bde65f6d8374c1896a9087860d6b9e2cce669f00a30968e89d21b9439ff460f2", "cc2e43e225526b98716e58f9c9af35013937c76cca96f4a3381b40017a4c8fcd", "3417c9c325d8811267feb035627295a669ce243b60045e6e8be4a2db5f55fb30", "f6ca134ba6fc867fef2b2a84c6a35d1278e3a3bd47189d6e5a844b3e1798feee"], "mitre_attack_tags": []}, {"bi": "created-executable-in-user-dir", "hashes": ["50f777a8486df699ffaf3aa24da23a5975117e865adb500c9ca6b57b12c673cb", "99980647b27d5f165122218de62293a74e453e1a389e287d443f70488c6330e7", "9422fe784c3ce05dc5da6f846fb45a91721265460ecd45d5c224bf1fdf85270f", "1c530345b2e47ebe50da93b2464af6cde8960e5db5f008421399d7c682e169fb", "d1dabcd229d01f104fb3724725d48abc6e88d22ae6aeb5ad6aeacde1ff14e902", "1078763c2070758f2d7af2a32cfeac195b1b19af9d7f83433451469a6456d69a", "1895e011ecb8c5efa5610c55e27a8f32dd6d4e2e24aad0f7375c6b22b13a3673", "2fb5e4c5d73bfebf5e01d40dca08bb935cf8b4e4674317a7ffadb4507aa2276f", "39cb9111fb5d6341c644cc82e1d06c36bb8c0e18c9592d3e591005b899660bda", "193de0289b48eec0d8da266d3f1ff3e5a265fa72cff2db27b45a96f58f8f3c60", "12d38c601be82a710b29744fa9856add702bba2c1cfc9d8f36726df449fa90ea", "34d59e60efd9cec0fd907a3175f17d5f60711bb80e7ec5ece678868c76b03aef", "07f8041820745c7de03ab380cdbc33fad9da6c9e87243ce4d6af1664ab2e5cae", "09e30d34ef79c10fd0f431ba287a8e89ea08c7919501a42e95ddf0b02b7a54dd", "1e53f4e81771eebb343e345524fffe8effea4c4938c27dc174dc970ee7ef5974", "4de4eb2b53e3205faaaf53ee527d40b4c8e405e2a4300ba1ef80ae33a6d5c4c4", "1b3573f9efa0a3c401e74a54737c2cb64661136df79aa1616139fa8b05a19aa5", "0d970e4dca39e6ac5d389f25ba528eac251bff7df4c15aa85e96d3c680dea37a", "ab6371a2baa7ccc4f1183c672c745611ae5e4dcc4c7b75d3bc72bfdd21784e4d", "a45a7283a67a4dd94cc36e6647e9ee4ea0e158f3abe008aac1606495d2c955a7", "01d019832f6f09a0eab7ffcb294466825148ef642519b37f225cea25fd8ccd82", "825f1f7d9ef166aa125ae1e3cf65fc2bc2d3ee82bc1eef602c79848f83216ae2", "1b21be6f06de9138a7131f2c037d1cf3aafb0cbc7e05f9e7111649593cb3f736", "2addb535adeb2b99b20aea8053e632f35a77d4673461ebe472d694d93f61d0ec", "db11c55766b301154e13a3a0442bc289b7c11c5ccde8f4fb48ebf64ada2903cd", "a9054f288c2996e0ccf783da773886406bcf30ee0cf03a569160b73c2d552669", "ac9773630804e19ec8915009e8540a07a85e25765527751f87a7ffdd5169331a", "b4432bf00380674ccaa7b6fd4bddf47c79220e43c675f167c153173f2a079bfd", "69dd47f011a3e583344e848d16b5568cedb6336fc3269fce30ac789bd3b8ce92", "edf8c887e540fefddae2cc33030281131326cc34141aee91e835c501fb73350d", "d1cef81d11242f265f3b55d9ddda64c5d510284f7f67f2863410073edcd32d89", "563ca26d49fe96cc6b222442bb2856309a5cbb3897c8f363a16f990fe6f103fb", "60d8821085704f2449170f1faa0a736609b0893fb9242997ef21a6a47f7addbf", "5c3a66f160b371f0729c087f3267ce453d2989ff5c737c950d8713c732507db3", "889396620fb66f07488ec3742e8f388564b82898fa95107d5a0fd82e4a4bfd8a", "67a56716ccb9331716b11b18474ec72f187903c17413ebef38d962827bb8e7e9", "54c02bb16bfd6665d29e47c64b39dc5c64f241d71ca6fbbea7e75c473e00878a", "a5e81215f10ef7c714612532cba97dc126353578c8aa1d7f5b6893fbbbc45707", "008272d4b93a5cefd6943952d63388198b67a34e06a93dca0e9698c0639f4f02", "3381319dacb0900a6af41c5d06843bebbe35012a6a7fcf4b781579bffe5a25ac", "21e41bdd78b229b35c9abbd43770e83b3b69ab2643f6d91271c84d25d0c5cf29", "173272cf5e8e9349b8d4ff45e6f9378fbfcd437bfaa10fc5c7b7d8adabdd998d", "47e242bb38c4dbbcf5e9ccc6e218ab8d9b03e9369f66710c483068e0aeacb422", "8afc019596fdb9ab0d4652930dbcf4a8895b592bfbaceb7cd924985e00372ad8", "1f0e53ca67d28fbae4e2cf3986df26ae1524c2655352d0d0caccfe05b09321ca", "3e472853f993af211f9535b89abba89fd9e04bf867d381784964ec122350d1be", "e09a4d92a38b7deac7ea7944e304849cf0cca2aaea8c86ab315801881a596386", "705e79b1823c9d165e21adaedd07286136265305424e5a3f809792e8d19b502d", "6cf6a40540f195bf152c961749e439a1da876e0ff98dc346126967fa3ee157a7", "41d3843050bfefb2eb013220db2c045dca05e7c8c19b301d1bdda202eb54d010", "3b6bbc1b0f465795696b5063e07926898838032487f612a325edf68d88903e85", "127769bcc6688cc1c682313689d4c0ce7915a8295797a90f4586fb379694c3fe", "1b16fc65b34fb4cb5de9a4660bc53f3c4f27ef2d69d88f82e150eca94495471a", "b6302d8e2502820381a79ffa92f7cabd7fce111e6f5e3dd3702d2fd8bf0226f7", "9cb3af10f0da5ab2337d9214add2b74841684a8c0e1e7c7bc96811c4c4fcd711", "1ae225224fdb2f8a7ecd7420c3b5f85600b87445e6ac9810978e8f21fcb8de3d", "18b0fe90a4749d21a70e7775e456f3b258638de1b10dc7c8dfad2c87bb4b4150", "1961cf9e8b78d5a638cf76bdaa2144a559056acbb97c7658cd3e3338016ff1f8", "aec880a12c1ce96b5c80d6ac88193c363a522b53b94fbe019c88cc5e7ccc596d", "35b61225ab6230c6ae23dbe0163e06320f7c1121e976afb4c2dede91fe3bd29c", "b854e2ae09aadd9cacf3fe61c0855655b8883dc81d04484f22cf6aea89d14a9f", "05878e434aefab9098e57e734d21ba96eb2731dc2022e7619ff42e6c283ac1c5", "9bdb516a39240b33a9ea42bef996c77c2a309aabd80cccf8d065e1da693ce523", "706fe073eb58eeed3fd167a20173cf2cec07d7ad4e19cb278eb5d0a57c0f04cd", "7b76196492cad99e9da6c4184b3c6b6b4e08f0441db65a345394a8c142a73c4f", "3cadbc2ab3b57b93057e9bfa54187bbbdc6c22506ada94cf3a57b1bc0e14f30e", "de88f42454f2a9364b67f4a616ed9edba4dda98ece12d9eec1cb27b96549ed36", "017c9042d7cfab02d6444805d617bfda04a590d8ee0131f0dcbb73d9f422264e", "b287e7a198f3999e8dc503c8122436763e1322b1dca200c83c143e6001851562", "9db17d1227428fa09f580b625f136f0c73998b2c8b51099b0d99b279e2e896f6", "cac8c46df3a499a37f4a47e3d0175e64f5f7b40720169e51dbc7a771a166abb1", "bb2edf6b1a9be5490267a7f4c080d0f4c685d39be28c4fe5371ccf09735d5861", "4194744fa810423e5c9a277034f822e5b561d534ed57cdd75eb2a3523ef69ca7", "146acf9b7a358237258cebeaa0870b7500c470d65855832a79ad1858de485ba4", "d7a2530b77e4d3df32f810fab08a2d807e6178da7dbdacf324479864033b86d4", "dddf49abc2db241bad39682c43a9f54c745d98f2fddc44d6c3d2a088a17101f2", "40c4e14bf1aca54e16724bd697952b8a1a48162f5ca46717890f85fd94228887", "8252041cbdf7048ffa8593337d985693dea92de627ceaecbfb5f3961702c7a56", "195c1acc646ec1f37bba891e6b6448734361ce77b79e99cb7f3d6a54e5265da1", "17e0b0e3be6ebbf026d4b7ff6da60925516f6b29e2b5f5bfd33f49544659d031", "502870abfa3b834b5072013d290429e9f35473dda57c9299c9ef6769f5479514", "892b564697110247799358ac50998e9a73d0753134b88575fff6b6cab911c394", "3fe1355f18b8f7d4919a716ab5ce485f94d9021bc7bf6aad2bf3a45e3d84bed6", "116eb648e4098b4994e20822ae2dea5f9a05bf280774e96e7f17537eeea128c1", "424cfa4d684e1763451c2ae7bebe189cbdcff4338458ed779d86bdf9074e0e32", "08de6b552e704a0bb100dcd244c0950ffb90d7d021d042f3bad4b66eab1c633b", "f09f85d3e1ec8922a52470d8df179bb0b7da1422e62f96fa8805b887a2698435", "a04ab5abf6de646db23f84c75a225d2c1316e56476e07d4b4139c16881745c10", "4704600085e453a34b69b6c99281ee65b902548f8347f10e6b4f26b585409d29", "4da95d7c973efee80b4f4f1eda718a049b8a39d0e74e505a659883113974c081", "bf47935d5abfcd2379da6b157c2d6bd9eb346d0e0b61f2fb5656ec40d1bd1dec", "5a39cab6a25f81e370381b9a7a3959edc5af740dfa6492ddfd3b8b7a2602f5bd", "352de18adbc914f4fad09aae28026ce72f31d5f4381b593f56421c9b3ad7dbc1", "bf7219b06a4be0833eda6b1a8e337666958dacb48d86a302381fc47a572caff4", "163a3b460ddcdb4561169c9466d48ded8d4535e34e4d51fee2713f6f2006f472", "b54a5dbb651236740e40a0bbff2091fff546fda4dc0df8c8d957c9852c5ecde8", "2772b6534102d78753197e88a5df9bc5cc23a267519779bbe6396943ecb9e306", "205733419c0e9fbcef100248b323f524d83c4bc4fb530459d6e924ff0685b566", "47a8d55ed5c7998c9a565ba98cde2e370d8f04b481211740988448aff6418d12", "f5db78f399fd6e5df79d48b1708558e1eaeb03bd0df67ca76d3856b304f0ac94", "3e6bae1d5811f70c58ecb368d035c918cec0784ea1e5a64c699b4b38ab951a46", "aa0f00ba9bd5c48985c2c233d05648b75bbd06a413fd56ae9551ef9e693445e1", "84edde4a5cf6dc9509eb00a1b73d786a47409902f088165d6a9023eaeb439192", "42bf7e179e1bc3e118e22537d4ffef7ff82c14ceabe7c54a20747e9a1abdb68a", "83c039f175a4fbd9f2e377868ed3266a6bf777cd8fbc556742d0b1b0a8f290eb", "2c4a04d837485631f9ee1fd683028030d354325a76f089d4fa61571e050aef6a", "5076629901250c7cbb92c63ae4437d57ca1a3315176c6f711292f24cf26e634f", "84741918908f5baa954352ca823a33635f2193f614eb82a9750ff21304b73bb7", "642f1f687831f32c4fdc9e6ec7694e5e8768b016f57815f4bb3534b3964ff697", "7aeac92c9b86fa0faf26ea521319e90ba809fc064a3fa4b57abdfa22a30eba61", "8359f177511995d6ea51318a2b7c17b9c7e492abaafb8c273483156f48facbb1", "15c9b7a21edfd29a057d881d7f4a98405dd530122b29c7d5ab15042b9f25536c", "20aaa30897fbd51594befc4dde90df6ea6b30ff734b0c36bf27b8112f4ef679c", "5f147949ece693d3312e612a23cf1f97bba86b270f481c8b299d7ab8c67b3165", "bde65f6d8374c1896a9087860d6b9e2cce669f00a30968e89d21b9439ff460f2", "cc2e43e225526b98716e58f9c9af35013937c76cca96f4a3381b40017a4c8fcd", "3417c9c325d8811267feb035627295a669ce243b60045e6e8be4a2db5f55fb30", "f6ca134ba6fc867fef2b2a84c6a35d1278e3a3bd47189d6e5a844b3e1798feee"], "mitre_attack_tags": []}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["50f777a8486df699ffaf3aa24da23a5975117e865adb500c9ca6b57b12c673cb", "99980647b27d5f165122218de62293a74e453e1a389e287d443f70488c6330e7", "9422fe784c3ce05dc5da6f846fb45a91721265460ecd45d5c224bf1fdf85270f", "1c530345b2e47ebe50da93b2464af6cde8960e5db5f008421399d7c682e169fb", "d1dabcd229d01f104fb3724725d48abc6e88d22ae6aeb5ad6aeacde1ff14e902", "1078763c2070758f2d7af2a32cfeac195b1b19af9d7f83433451469a6456d69a", "1895e011ecb8c5efa5610c55e27a8f32dd6d4e2e24aad0f7375c6b22b13a3673", "2fb5e4c5d73bfebf5e01d40dca08bb935cf8b4e4674317a7ffadb4507aa2276f", "39cb9111fb5d6341c644cc82e1d06c36bb8c0e18c9592d3e591005b899660bda", "193de0289b48eec0d8da266d3f1ff3e5a265fa72cff2db27b45a96f58f8f3c60", "12d38c601be82a710b29744fa9856add702bba2c1cfc9d8f36726df449fa90ea", "34d59e60efd9cec0fd907a3175f17d5f60711bb80e7ec5ece678868c76b03aef", "07f8041820745c7de03ab380cdbc33fad9da6c9e87243ce4d6af1664ab2e5cae", "09e30d34ef79c10fd0f431ba287a8e89ea08c7919501a42e95ddf0b02b7a54dd", "1e53f4e81771eebb343e345524fffe8effea4c4938c27dc174dc970ee7ef5974", "4de4eb2b53e3205faaaf53ee527d40b4c8e405e2a4300ba1ef80ae33a6d5c4c4", "1b3573f9efa0a3c401e74a54737c2cb64661136df79aa1616139fa8b05a19aa5", "0d970e4dca39e6ac5d389f25ba528eac251bff7df4c15aa85e96d3c680dea37a", "ab6371a2baa7ccc4f1183c672c745611ae5e4dcc4c7b75d3bc72bfdd21784e4d", "a45a7283a67a4dd94cc36e6647e9ee4ea0e158f3abe008aac1606495d2c955a7", "01d019832f6f09a0eab7ffcb294466825148ef642519b37f225cea25fd8ccd82", "825f1f7d9ef166aa125ae1e3cf65fc2bc2d3ee82bc1eef602c79848f83216ae2", "1b21be6f06de9138a7131f2c037d1cf3aafb0cbc7e05f9e7111649593cb3f736", "2addb535adeb2b99b20aea8053e632f35a77d4673461ebe472d694d93f61d0ec", "db11c55766b301154e13a3a0442bc289b7c11c5ccde8f4fb48ebf64ada2903cd", "a9054f288c2996e0ccf783da773886406bcf30ee0cf03a569160b73c2d552669", "ac9773630804e19ec8915009e8540a07a85e25765527751f87a7ffdd5169331a", "b4432bf00380674ccaa7b6fd4bddf47c79220e43c675f167c153173f2a079bfd", "69dd47f011a3e583344e848d16b5568cedb6336fc3269fce30ac789bd3b8ce92", "edf8c887e540fefddae2cc33030281131326cc34141aee91e835c501fb73350d", "d1cef81d11242f265f3b55d9ddda64c5d510284f7f67f2863410073edcd32d89", "563ca26d49fe96cc6b222442bb2856309a5cbb3897c8f363a16f990fe6f103fb", "60d8821085704f2449170f1faa0a736609b0893fb9242997ef21a6a47f7addbf", "5c3a66f160b371f0729c087f3267ce453d2989ff5c737c950d8713c732507db3", "889396620fb66f07488ec3742e8f388564b82898fa95107d5a0fd82e4a4bfd8a", "67a56716ccb9331716b11b18474ec72f187903c17413ebef38d962827bb8e7e9", "54c02bb16bfd6665d29e47c64b39dc5c64f241d71ca6fbbea7e75c473e00878a", "a5e81215f10ef7c714612532cba97dc126353578c8aa1d7f5b6893fbbbc45707", "008272d4b93a5cefd6943952d63388198b67a34e06a93dca0e9698c0639f4f02", "3381319dacb0900a6af41c5d06843bebbe35012a6a7fcf4b781579bffe5a25ac", "21e41bdd78b229b35c9abbd43770e83b3b69ab2643f6d91271c84d25d0c5cf29", "173272cf5e8e9349b8d4ff45e6f9378fbfcd437bfaa10fc5c7b7d8adabdd998d", "47e242bb38c4dbbcf5e9ccc6e218ab8d9b03e9369f66710c483068e0aeacb422", "8afc019596fdb9ab0d4652930dbcf4a8895b592bfbaceb7cd924985e00372ad8", "1f0e53ca67d28fbae4e2cf3986df26ae1524c2655352d0d0caccfe05b09321ca", "3e472853f993af211f9535b89abba89fd9e04bf867d381784964ec122350d1be", "e09a4d92a38b7deac7ea7944e304849cf0cca2aaea8c86ab315801881a596386", "705e79b1823c9d165e21adaedd07286136265305424e5a3f809792e8d19b502d", "6cf6a40540f195bf152c961749e439a1da876e0ff98dc346126967fa3ee157a7", "41d3843050bfefb2eb013220db2c045dca05e7c8c19b301d1bdda202eb54d010", "3b6bbc1b0f465795696b5063e07926898838032487f612a325edf68d88903e85", "127769bcc6688cc1c682313689d4c0ce7915a8295797a90f4586fb379694c3fe", "1b16fc65b34fb4cb5de9a4660bc53f3c4f27ef2d69d88f82e150eca94495471a", "b6302d8e2502820381a79ffa92f7cabd7fce111e6f5e3dd3702d2fd8bf0226f7", "9cb3af10f0da5ab2337d9214add2b74841684a8c0e1e7c7bc96811c4c4fcd711", "1ae225224fdb2f8a7ecd7420c3b5f85600b87445e6ac9810978e8f21fcb8de3d", "18b0fe90a4749d21a70e7775e456f3b258638de1b10dc7c8dfad2c87bb4b4150", "1961cf9e8b78d5a638cf76bdaa2144a559056acbb97c7658cd3e3338016ff1f8", "aec880a12c1ce96b5c80d6ac88193c363a522b53b94fbe019c88cc5e7ccc596d", "35b61225ab6230c6ae23dbe0163e06320f7c1121e976afb4c2dede91fe3bd29c", "b854e2ae09aadd9cacf3fe61c0855655b8883dc81d04484f22cf6aea89d14a9f", "05878e434aefab9098e57e734d21ba96eb2731dc2022e7619ff42e6c283ac1c5", "9bdb516a39240b33a9ea42bef996c77c2a309aabd80cccf8d065e1da693ce523", "706fe073eb58eeed3fd167a20173cf2cec07d7ad4e19cb278eb5d0a57c0f04cd", "7b76196492cad99e9da6c4184b3c6b6b4e08f0441db65a345394a8c142a73c4f", "3cadbc2ab3b57b93057e9bfa54187bbbdc6c22506ada94cf3a57b1bc0e14f30e", "de88f42454f2a9364b67f4a616ed9edba4dda98ece12d9eec1cb27b96549ed36", "017c9042d7cfab02d6444805d617bfda04a590d8ee0131f0dcbb73d9f422264e", "b287e7a198f3999e8dc503c8122436763e1322b1dca200c83c143e6001851562", "9db17d1227428fa09f580b625f136f0c73998b2c8b51099b0d99b279e2e896f6", "cac8c46df3a499a37f4a47e3d0175e64f5f7b40720169e51dbc7a771a166abb1", "bb2edf6b1a9be5490267a7f4c080d0f4c685d39be28c4fe5371ccf09735d5861", "4194744fa810423e5c9a277034f822e5b561d534ed57cdd75eb2a3523ef69ca7", "146acf9b7a358237258cebeaa0870b7500c470d65855832a79ad1858de485ba4", "d7a2530b77e4d3df32f810fab08a2d807e6178da7dbdacf324479864033b86d4", "dddf49abc2db241bad39682c43a9f54c745d98f2fddc44d6c3d2a088a17101f2", "40c4e14bf1aca54e16724bd697952b8a1a48162f5ca46717890f85fd94228887", "8252041cbdf7048ffa8593337d985693dea92de627ceaecbfb5f3961702c7a56", "195c1acc646ec1f37bba891e6b6448734361ce77b79e99cb7f3d6a54e5265da1", "17e0b0e3be6ebbf026d4b7ff6da60925516f6b29e2b5f5bfd33f49544659d031", "502870abfa3b834b5072013d290429e9f35473dda57c9299c9ef6769f5479514", "892b564697110247799358ac50998e9a73d0753134b88575fff6b6cab911c394", "3fe1355f18b8f7d4919a716ab5ce485f94d9021bc7bf6aad2bf3a45e3d84bed6", "116eb648e4098b4994e20822ae2dea5f9a05bf280774e96e7f17537eeea128c1", "424cfa4d684e1763451c2ae7bebe189cbdcff4338458ed779d86bdf9074e0e32", "08de6b552e704a0bb100dcd244c0950ffb90d7d021d042f3bad4b66eab1c633b", "f09f85d3e1ec8922a52470d8df179bb0b7da1422e62f96fa8805b887a2698435", "a04ab5abf6de646db23f84c75a225d2c1316e56476e07d4b4139c16881745c10", "4704600085e453a34b69b6c99281ee65b902548f8347f10e6b4f26b585409d29", "4da95d7c973efee80b4f4f1eda718a049b8a39d0e74e505a659883113974c081", "bf47935d5abfcd2379da6b157c2d6bd9eb346d0e0b61f2fb5656ec40d1bd1dec", "5a39cab6a25f81e370381b9a7a3959edc5af740dfa6492ddfd3b8b7a2602f5bd", "352de18adbc914f4fad09aae28026ce72f31d5f4381b593f56421c9b3ad7dbc1", "bf7219b06a4be0833eda6b1a8e337666958dacb48d86a302381fc47a572caff4", "163a3b460ddcdb4561169c9466d48ded8d4535e34e4d51fee2713f6f2006f472", "b54a5dbb651236740e40a0bbff2091fff546fda4dc0df8c8d957c9852c5ecde8", "2772b6534102d78753197e88a5df9bc5cc23a267519779bbe6396943ecb9e306", "205733419c0e9fbcef100248b323f524d83c4bc4fb530459d6e924ff0685b566", "47a8d55ed5c7998c9a565ba98cde2e370d8f04b481211740988448aff6418d12", "f5db78f399fd6e5df79d48b1708558e1eaeb03bd0df67ca76d3856b304f0ac94", "3e6bae1d5811f70c58ecb368d035c918cec0784ea1e5a64c699b4b38ab951a46", "aa0f00ba9bd5c48985c2c233d05648b75bbd06a413fd56ae9551ef9e693445e1", "84edde4a5cf6dc9509eb00a1b73d786a47409902f088165d6a9023eaeb439192", "42bf7e179e1bc3e118e22537d4ffef7ff82c14ceabe7c54a20747e9a1abdb68a", "83c039f175a4fbd9f2e377868ed3266a6bf777cd8fbc556742d0b1b0a8f290eb", "2c4a04d837485631f9ee1fd683028030d354325a76f089d4fa61571e050aef6a", "5076629901250c7cbb92c63ae4437d57ca1a3315176c6f711292f24cf26e634f", "84741918908f5baa954352ca823a33635f2193f614eb82a9750ff21304b73bb7", "642f1f687831f32c4fdc9e6ec7694e5e8768b016f57815f4bb3534b3964ff697", "7aeac92c9b86fa0faf26ea521319e90ba809fc064a3fa4b57abdfa22a30eba61", "8359f177511995d6ea51318a2b7c17b9c7e492abaafb8c273483156f48facbb1", "15c9b7a21edfd29a057d881d7f4a98405dd530122b29c7d5ab15042b9f25536c", "20aaa30897fbd51594befc4dde90df6ea6b30ff734b0c36bf27b8112f4ef679c", "5f147949ece693d3312e612a23cf1f97bba86b270f481c8b299d7ab8c67b3165", "bde65f6d8374c1896a9087860d6b9e2cce669f00a30968e89d21b9439ff460f2", "cc2e43e225526b98716e58f9c9af35013937c76cca96f4a3381b40017a4c8fcd", "3417c9c325d8811267feb035627295a669ce243b60045e6e8be4a2db5f55fb30", "f6ca134ba6fc867fef2b2a84c6a35d1278e3a3bd47189d6e5a844b3e1798feee"], "mitre_attack_tags": []}, {"bi": "modified-file-in-user-dir", "hashes": ["50f777a8486df699ffaf3aa24da23a5975117e865adb500c9ca6b57b12c673cb", "99980647b27d5f165122218de62293a74e453e1a389e287d443f70488c6330e7", "9422fe784c3ce05dc5da6f846fb45a91721265460ecd45d5c224bf1fdf85270f", "1c530345b2e47ebe50da93b2464af6cde8960e5db5f008421399d7c682e169fb", "d1dabcd229d01f104fb3724725d48abc6e88d22ae6aeb5ad6aeacde1ff14e902", "1078763c2070758f2d7af2a32cfeac195b1b19af9d7f83433451469a6456d69a", "1895e011ecb8c5efa5610c55e27a8f32dd6d4e2e24aad0f7375c6b22b13a3673", "2fb5e4c5d73bfebf5e01d40dca08bb935cf8b4e4674317a7ffadb4507aa2276f", "39cb9111fb5d6341c644cc82e1d06c36bb8c0e18c9592d3e591005b899660bda", "193de0289b48eec0d8da266d3f1ff3e5a265fa72cff2db27b45a96f58f8f3c60", "12d38c601be82a710b29744fa9856add702bba2c1cfc9d8f36726df449fa90ea", "34d59e60efd9cec0fd907a3175f17d5f60711bb80e7ec5ece678868c76b03aef", "07f8041820745c7de03ab380cdbc33fad9da6c9e87243ce4d6af1664ab2e5cae", "09e30d34ef79c10fd0f431ba287a8e89ea08c7919501a42e95ddf0b02b7a54dd", "1e53f4e81771eebb343e345524fffe8effea4c4938c27dc174dc970ee7ef5974", "4de4eb2b53e3205faaaf53ee527d40b4c8e405e2a4300ba1ef80ae33a6d5c4c4", "1b3573f9efa0a3c401e74a54737c2cb64661136df79aa1616139fa8b05a19aa5", "0d970e4dca39e6ac5d389f25ba528eac251bff7df4c15aa85e96d3c680dea37a", "ab6371a2baa7ccc4f1183c672c745611ae5e4dcc4c7b75d3bc72bfdd21784e4d", "a45a7283a67a4dd94cc36e6647e9ee4ea0e158f3abe008aac1606495d2c955a7", "01d019832f6f09a0eab7ffcb294466825148ef642519b37f225cea25fd8ccd82", "825f1f7d9ef166aa125ae1e3cf65fc2bc2d3ee82bc1eef602c79848f83216ae2", "1b21be6f06de9138a7131f2c037d1cf3aafb0cbc7e05f9e7111649593cb3f736", "2addb535adeb2b99b20aea8053e632f35a77d4673461ebe472d694d93f61d0ec", "db11c55766b301154e13a3a0442bc289b7c11c5ccde8f4fb48ebf64ada2903cd", "a9054f288c2996e0ccf783da773886406bcf30ee0cf03a569160b73c2d552669", "ac9773630804e19ec8915009e8540a07a85e25765527751f87a7ffdd5169331a", "b4432bf00380674ccaa7b6fd4bddf47c79220e43c675f167c153173f2a079bfd", "69dd47f011a3e583344e848d16b5568cedb6336fc3269fce30ac789bd3b8ce92", "edf8c887e540fefddae2cc33030281131326cc34141aee91e835c501fb73350d", "d1cef81d11242f265f3b55d9ddda64c5d510284f7f67f2863410073edcd32d89", "563ca26d49fe96cc6b222442bb2856309a5cbb3897c8f363a16f990fe6f103fb", "60d8821085704f2449170f1faa0a736609b0893fb9242997ef21a6a47f7addbf", "5c3a66f160b371f0729c087f3267ce453d2989ff5c737c950d8713c732507db3", "889396620fb66f07488ec3742e8f388564b82898fa95107d5a0fd82e4a4bfd8a", "67a56716ccb9331716b11b18474ec72f187903c17413ebef38d962827bb8e7e9", "54c02bb16bfd6665d29e47c64b39dc5c64f241d71ca6fbbea7e75c473e00878a", "a5e81215f10ef7c714612532cba97dc126353578c8aa1d7f5b6893fbbbc45707", "008272d4b93a5cefd6943952d63388198b67a34e06a93dca0e9698c0639f4f02", "3381319dacb0900a6af41c5d06843bebbe35012a6a7fcf4b781579bffe5a25ac", "21e41bdd78b229b35c9abbd43770e83b3b69ab2643f6d91271c84d25d0c5cf29", "173272cf5e8e9349b8d4ff45e6f9378fbfcd437bfaa10fc5c7b7d8adabdd998d", "47e242bb38c4dbbcf5e9ccc6e218ab8d9b03e9369f66710c483068e0aeacb422", "8afc019596fdb9ab0d4652930dbcf4a8895b592bfbaceb7cd924985e00372ad8", "1f0e53ca67d28fbae4e2cf3986df26ae1524c2655352d0d0caccfe05b09321ca", "3e472853f993af211f9535b89abba89fd9e04bf867d381784964ec122350d1be", "e09a4d92a38b7deac7ea7944e304849cf0cca2aaea8c86ab315801881a596386", "705e79b1823c9d165e21adaedd07286136265305424e5a3f809792e8d19b502d", "6cf6a40540f195bf152c961749e439a1da876e0ff98dc346126967fa3ee157a7", "41d3843050bfefb2eb013220db2c045dca05e7c8c19b301d1bdda202eb54d010", "3b6bbc1b0f465795696b5063e07926898838032487f612a325edf68d88903e85", "127769bcc6688cc1c682313689d4c0ce7915a8295797a90f4586fb379694c3fe", "1b16fc65b34fb4cb5de9a4660bc53f3c4f27ef2d69d88f82e150eca94495471a", "b6302d8e2502820381a79ffa92f7cabd7fce111e6f5e3dd3702d2fd8bf0226f7", "9cb3af10f0da5ab2337d9214add2b74841684a8c0e1e7c7bc96811c4c4fcd711", "1ae225224fdb2f8a7ecd7420c3b5f85600b87445e6ac9810978e8f21fcb8de3d", "18b0fe90a4749d21a70e7775e456f3b258638de1b10dc7c8dfad2c87bb4b4150", "1961cf9e8b78d5a638cf76bdaa2144a559056acbb97c7658cd3e3338016ff1f8", "aec880a12c1ce96b5c80d6ac88193c363a522b53b94fbe019c88cc5e7ccc596d", "35b61225ab6230c6ae23dbe0163e06320f7c1121e976afb4c2dede91fe3bd29c", "b854e2ae09aadd9cacf3fe61c0855655b8883dc81d04484f22cf6aea89d14a9f", "05878e434aefab9098e57e734d21ba96eb2731dc2022e7619ff42e6c283ac1c5", "9bdb516a39240b33a9ea42bef996c77c2a309aabd80cccf8d065e1da693ce523", "706fe073eb58eeed3fd167a20173cf2cec07d7ad4e19cb278eb5d0a57c0f04cd", "7b76196492cad99e9da6c4184b3c6b6b4e08f0441db65a345394a8c142a73c4f", "3cadbc2ab3b57b93057e9bfa54187bbbdc6c22506ada94cf3a57b1bc0e14f30e", "de88f42454f2a9364b67f4a616ed9edba4dda98ece12d9eec1cb27b96549ed36", "017c9042d7cfab02d6444805d617bfda04a590d8ee0131f0dcbb73d9f422264e", "b287e7a198f3999e8dc503c8122436763e1322b1dca200c83c143e6001851562", "9db17d1227428fa09f580b625f136f0c73998b2c8b51099b0d99b279e2e896f6", "cac8c46df3a499a37f4a47e3d0175e64f5f7b40720169e51dbc7a771a166abb1", "bb2edf6b1a9be5490267a7f4c080d0f4c685d39be28c4fe5371ccf09735d5861", "4194744fa810423e5c9a277034f822e5b561d534ed57cdd75eb2a3523ef69ca7", "146acf9b7a358237258cebeaa0870b7500c470d65855832a79ad1858de485ba4", "d7a2530b77e4d3df32f810fab08a2d807e6178da7dbdacf324479864033b86d4", "dddf49abc2db241bad39682c43a9f54c745d98f2fddc44d6c3d2a088a17101f2", "40c4e14bf1aca54e16724bd697952b8a1a48162f5ca46717890f85fd94228887", "8252041cbdf7048ffa8593337d985693dea92de627ceaecbfb5f3961702c7a56", "195c1acc646ec1f37bba891e6b6448734361ce77b79e99cb7f3d6a54e5265da1", "17e0b0e3be6ebbf026d4b7ff6da60925516f6b29e2b5f5bfd33f49544659d031", "502870abfa3b834b5072013d290429e9f35473dda57c9299c9ef6769f5479514", "892b564697110247799358ac50998e9a73d0753134b88575fff6b6cab911c394", "3fe1355f18b8f7d4919a716ab5ce485f94d9021bc7bf6aad2bf3a45e3d84bed6", "116eb648e4098b4994e20822ae2dea5f9a05bf280774e96e7f17537eeea128c1", "424cfa4d684e1763451c2ae7bebe189cbdcff4338458ed779d86bdf9074e0e32", "08de6b552e704a0bb100dcd244c0950ffb90d7d021d042f3bad4b66eab1c633b", "f09f85d3e1ec8922a52470d8df179bb0b7da1422e62f96fa8805b887a2698435", "a04ab5abf6de646db23f84c75a225d2c1316e56476e07d4b4139c16881745c10", "4704600085e453a34b69b6c99281ee65b902548f8347f10e6b4f26b585409d29", "4da95d7c973efee80b4f4f1eda718a049b8a39d0e74e505a659883113974c081", "bf47935d5abfcd2379da6b157c2d6bd9eb346d0e0b61f2fb5656ec40d1bd1dec", "5a39cab6a25f81e370381b9a7a3959edc5af740dfa6492ddfd3b8b7a2602f5bd", "352de18adbc914f4fad09aae28026ce72f31d5f4381b593f56421c9b3ad7dbc1", "bf7219b06a4be0833eda6b1a8e337666958dacb48d86a302381fc47a572caff4", "163a3b460ddcdb4561169c9466d48ded8d4535e34e4d51fee2713f6f2006f472", "b54a5dbb651236740e40a0bbff2091fff546fda4dc0df8c8d957c9852c5ecde8", "2772b6534102d78753197e88a5df9bc5cc23a267519779bbe6396943ecb9e306", "205733419c0e9fbcef100248b323f524d83c4bc4fb530459d6e924ff0685b566", "47a8d55ed5c7998c9a565ba98cde2e370d8f04b481211740988448aff6418d12", "f5db78f399fd6e5df79d48b1708558e1eaeb03bd0df67ca76d3856b304f0ac94", "3e6bae1d5811f70c58ecb368d035c918cec0784ea1e5a64c699b4b38ab951a46", "aa0f00ba9bd5c48985c2c233d05648b75bbd06a413fd56ae9551ef9e693445e1", "84edde4a5cf6dc9509eb00a1b73d786a47409902f088165d6a9023eaeb439192", "42bf7e179e1bc3e118e22537d4ffef7ff82c14ceabe7c54a20747e9a1abdb68a", "83c039f175a4fbd9f2e377868ed3266a6bf777cd8fbc556742d0b1b0a8f290eb", "2c4a04d837485631f9ee1fd683028030d354325a76f089d4fa61571e050aef6a", "5076629901250c7cbb92c63ae4437d57ca1a3315176c6f711292f24cf26e634f", "84741918908f5baa954352ca823a33635f2193f614eb82a9750ff21304b73bb7", "642f1f687831f32c4fdc9e6ec7694e5e8768b016f57815f4bb3534b3964ff697", "7aeac92c9b86fa0faf26ea521319e90ba809fc064a3fa4b57abdfa22a30eba61", "8359f177511995d6ea51318a2b7c17b9c7e492abaafb8c273483156f48facbb1", "15c9b7a21edfd29a057d881d7f4a98405dd530122b29c7d5ab15042b9f25536c", "20aaa30897fbd51594befc4dde90df6ea6b30ff734b0c36bf27b8112f4ef679c", "5f147949ece693d3312e612a23cf1f97bba86b270f481c8b299d7ab8c67b3165", "bde65f6d8374c1896a9087860d6b9e2cce669f00a30968e89d21b9439ff460f2", "cc2e43e225526b98716e58f9c9af35013937c76cca96f4a3381b40017a4c8fcd", "3417c9c325d8811267feb035627295a669ce243b60045e6e8be4a2db5f55fb30", "f6ca134ba6fc867fef2b2a84c6a35d1278e3a3bd47189d6e5a844b3e1798feee"], "mitre_attack_tags": []}, {"bi": "network-snort-server", "hashes": ["9422fe784c3ce05dc5da6f846fb45a91721265460ecd45d5c224bf1fdf85270f", "1c530345b2e47ebe50da93b2464af6cde8960e5db5f008421399d7c682e169fb", "1078763c2070758f2d7af2a32cfeac195b1b19af9d7f83433451469a6456d69a", "2fb5e4c5d73bfebf5e01d40dca08bb935cf8b4e4674317a7ffadb4507aa2276f", "39cb9111fb5d6341c644cc82e1d06c36bb8c0e18c9592d3e591005b899660bda", "193de0289b48eec0d8da266d3f1ff3e5a265fa72cff2db27b45a96f58f8f3c60", "12d38c601be82a710b29744fa9856add702bba2c1cfc9d8f36726df449fa90ea", "34d59e60efd9cec0fd907a3175f17d5f60711bb80e7ec5ece678868c76b03aef", "07f8041820745c7de03ab380cdbc33fad9da6c9e87243ce4d6af1664ab2e5cae", "09e30d34ef79c10fd0f431ba287a8e89ea08c7919501a42e95ddf0b02b7a54dd", "1e53f4e81771eebb343e345524fffe8effea4c4938c27dc174dc970ee7ef5974", "4de4eb2b53e3205faaaf53ee527d40b4c8e405e2a4300ba1ef80ae33a6d5c4c4", "a45a7283a67a4dd94cc36e6647e9ee4ea0e158f3abe008aac1606495d2c955a7", "01d019832f6f09a0eab7ffcb294466825148ef642519b37f225cea25fd8ccd82", "825f1f7d9ef166aa125ae1e3cf65fc2bc2d3ee82bc1eef602c79848f83216ae2", "db11c55766b301154e13a3a0442bc289b7c11c5ccde8f4fb48ebf64ada2903cd", "a9054f288c2996e0ccf783da773886406bcf30ee0cf03a569160b73c2d552669", "69dd47f011a3e583344e848d16b5568cedb6336fc3269fce30ac789bd3b8ce92", "edf8c887e540fefddae2cc33030281131326cc34141aee91e835c501fb73350d", "60d8821085704f2449170f1faa0a736609b0893fb9242997ef21a6a47f7addbf", "5c3a66f160b371f0729c087f3267ce453d2989ff5c737c950d8713c732507db3", "889396620fb66f07488ec3742e8f388564b82898fa95107d5a0fd82e4a4bfd8a", "54c02bb16bfd6665d29e47c64b39dc5c64f241d71ca6fbbea7e75c473e00878a", "a5e81215f10ef7c714612532cba97dc126353578c8aa1d7f5b6893fbbbc45707", "173272cf5e8e9349b8d4ff45e6f9378fbfcd437bfaa10fc5c7b7d8adabdd998d", "47e242bb38c4dbbcf5e9ccc6e218ab8d9b03e9369f66710c483068e0aeacb422", "1f0e53ca67d28fbae4e2cf3986df26ae1524c2655352d0d0caccfe05b09321ca", "e09a4d92a38b7deac7ea7944e304849cf0cca2aaea8c86ab315801881a596386", "705e79b1823c9d165e21adaedd07286136265305424e5a3f809792e8d19b502d", "6cf6a40540f195bf152c961749e439a1da876e0ff98dc346126967fa3ee157a7", "1961cf9e8b78d5a638cf76bdaa2144a559056acbb97c7658cd3e3338016ff1f8", "aec880a12c1ce96b5c80d6ac88193c363a522b53b94fbe019c88cc5e7ccc596d", "05878e434aefab9098e57e734d21ba96eb2731dc2022e7619ff42e6c283ac1c5", "706fe073eb58eeed3fd167a20173cf2cec07d7ad4e19cb278eb5d0a57c0f04cd", "3cadbc2ab3b57b93057e9bfa54187bbbdc6c22506ada94cf3a57b1bc0e14f30e", "9db17d1227428fa09f580b625f136f0c73998b2c8b51099b0d99b279e2e896f6", "cac8c46df3a499a37f4a47e3d0175e64f5f7b40720169e51dbc7a771a166abb1", "bb2edf6b1a9be5490267a7f4c080d0f4c685d39be28c4fe5371ccf09735d5861", "4194744fa810423e5c9a277034f822e5b561d534ed57cdd75eb2a3523ef69ca7", "146acf9b7a358237258cebeaa0870b7500c470d65855832a79ad1858de485ba4", "d7a2530b77e4d3df32f810fab08a2d807e6178da7dbdacf324479864033b86d4", "dddf49abc2db241bad39682c43a9f54c745d98f2fddc44d6c3d2a088a17101f2", "8252041cbdf7048ffa8593337d985693dea92de627ceaecbfb5f3961702c7a56", "892b564697110247799358ac50998e9a73d0753134b88575fff6b6cab911c394", "116eb648e4098b4994e20822ae2dea5f9a05bf280774e96e7f17537eeea128c1", "424cfa4d684e1763451c2ae7bebe189cbdcff4338458ed779d86bdf9074e0e32", "08de6b552e704a0bb100dcd244c0950ffb90d7d021d042f3bad4b66eab1c633b", "f09f85d3e1ec8922a52470d8df179bb0b7da1422e62f96fa8805b887a2698435", "4704600085e453a34b69b6c99281ee65b902548f8347f10e6b4f26b585409d29", "5a39cab6a25f81e370381b9a7a3959edc5af740dfa6492ddfd3b8b7a2602f5bd", "352de18adbc914f4fad09aae28026ce72f31d5f4381b593f56421c9b3ad7dbc1", "163a3b460ddcdb4561169c9466d48ded8d4535e34e4d51fee2713f6f2006f472", "b54a5dbb651236740e40a0bbff2091fff546fda4dc0df8c8d957c9852c5ecde8", "84edde4a5cf6dc9509eb00a1b73d786a47409902f088165d6a9023eaeb439192", "42bf7e179e1bc3e118e22537d4ffef7ff82c14ceabe7c54a20747e9a1abdb68a", "83c039f175a4fbd9f2e377868ed3266a6bf777cd8fbc556742d0b1b0a8f290eb", "2c4a04d837485631f9ee1fd683028030d354325a76f089d4fa61571e050aef6a", "5076629901250c7cbb92c63ae4437d57ca1a3315176c6f711292f24cf26e634f", "642f1f687831f32c4fdc9e6ec7694e5e8768b016f57815f4bb3534b3964ff697", "7aeac92c9b86fa0faf26ea521319e90ba809fc064a3fa4b57abdfa22a30eba61", "8359f177511995d6ea51318a2b7c17b9c7e492abaafb8c273483156f48facbb1", "15c9b7a21edfd29a057d881d7f4a98405dd530122b29c7d5ab15042b9f25536c", "20aaa30897fbd51594befc4dde90df6ea6b30ff734b0c36bf27b8112f4ef679c", "3417c9c325d8811267feb035627295a669ce243b60045e6e8be4a2db5f55fb30", "f6ca134ba6fc867fef2b2a84c6a35d1278e3a3bd47189d6e5a844b3e1798feee"], "mitre_attack_tags": []}], "category": "Malware", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": true, "Threat Grid": true, "Umbrella": false, "WSA": false}, "description": "Bublik is a downloader that targets Windows hosts. Although it's primarily used as malware to distribute various banking trojans, it's also capable of extracting and exfiltrating sensitive information from the host.", "hashes": ["008272d4b93a5cefd6943952d63388198b67a34e06a93dca0e9698c0639f4f02", "017c9042d7cfab02d6444805d617bfda04a590d8ee0131f0dcbb73d9f422264e", "01d019832f6f09a0eab7ffcb294466825148ef642519b37f225cea25fd8ccd82", "05878e434aefab9098e57e734d21ba96eb2731dc2022e7619ff42e6c283ac1c5", "07f8041820745c7de03ab380cdbc33fad9da6c9e87243ce4d6af1664ab2e5cae", "08de6b552e704a0bb100dcd244c0950ffb90d7d021d042f3bad4b66eab1c633b", "09e30d34ef79c10fd0f431ba287a8e89ea08c7919501a42e95ddf0b02b7a54dd", "0d970e4dca39e6ac5d389f25ba528eac251bff7df4c15aa85e96d3c680dea37a", "1078763c2070758f2d7af2a32cfeac195b1b19af9d7f83433451469a6456d69a", "116eb648e4098b4994e20822ae2dea5f9a05bf280774e96e7f17537eeea128c1", "127769bcc6688cc1c682313689d4c0ce7915a8295797a90f4586fb379694c3fe", "12d38c601be82a710b29744fa9856add702bba2c1cfc9d8f36726df449fa90ea", "146acf9b7a358237258cebeaa0870b7500c470d65855832a79ad1858de485ba4", "15c9b7a21edfd29a057d881d7f4a98405dd530122b29c7d5ab15042b9f25536c", "163a3b460ddcdb4561169c9466d48ded8d4535e34e4d51fee2713f6f2006f472", "173272cf5e8e9349b8d4ff45e6f9378fbfcd437bfaa10fc5c7b7d8adabdd998d", "17e0b0e3be6ebbf026d4b7ff6da60925516f6b29e2b5f5bfd33f49544659d031", "1895e011ecb8c5efa5610c55e27a8f32dd6d4e2e24aad0f7375c6b22b13a3673", "18b0fe90a4749d21a70e7775e456f3b258638de1b10dc7c8dfad2c87bb4b4150", "193de0289b48eec0d8da266d3f1ff3e5a265fa72cff2db27b45a96f58f8f3c60", "195c1acc646ec1f37bba891e6b6448734361ce77b79e99cb7f3d6a54e5265da1", "1961cf9e8b78d5a638cf76bdaa2144a559056acbb97c7658cd3e3338016ff1f8", "1ae225224fdb2f8a7ecd7420c3b5f85600b87445e6ac9810978e8f21fcb8de3d", "1b16fc65b34fb4cb5de9a4660bc53f3c4f27ef2d69d88f82e150eca94495471a", "1b21be6f06de9138a7131f2c037d1cf3aafb0cbc7e05f9e7111649593cb3f736", "1b3573f9efa0a3c401e74a54737c2cb64661136df79aa1616139fa8b05a19aa5", "1bd0f0b80aebfbf01b755400f999f377f7448c81284be7b288edb690ee1f90e2", "1c530345b2e47ebe50da93b2464af6cde8960e5db5f008421399d7c682e169fb", "1c61f549d0720833ee94a2723be2beda0d027227929e7899a2fa286e0f258901", "1e53f4e81771eebb343e345524fffe8effea4c4938c27dc174dc970ee7ef5974", "1ef523052026923a87c2b479082ce34dd6a661e78c2b6c830f5ac662a6ef6f5f", "1f0e53ca67d28fbae4e2cf3986df26ae1524c2655352d0d0caccfe05b09321ca", "205733419c0e9fbcef100248b323f524d83c4bc4fb530459d6e924ff0685b566", "20aaa30897fbd51594befc4dde90df6ea6b30ff734b0c36bf27b8112f4ef679c", "21cf8017dd3f779433c55ac93f2c8f63748ba0e88a520701499d43b6ead1a1b3", "21d93a0143ef0641a0dcc99431838819a9e6c7bbca4653e8f01ae814af751358", "21e41bdd78b229b35c9abbd43770e83b3b69ab2643f6d91271c84d25d0c5cf29", "267ff78494b5bcad728830645c7f287530e32a57a4daaef4274962148643a1e8", "2772b6534102d78753197e88a5df9bc5cc23a267519779bbe6396943ecb9e306", "27a4ea78d14a5020ca2108a937debc98466328809f0ebbc086f8d3bb915eabad", "2addb535adeb2b99b20aea8053e632f35a77d4673461ebe472d694d93f61d0ec", "2c4a04d837485631f9ee1fd683028030d354325a76f089d4fa61571e050aef6a", "2d36730deaafd3905d82c4e026712cef8758bb38c53bdc37f0b31221b0b0fa50", "2fb5e4c5d73bfebf5e01d40dca08bb935cf8b4e4674317a7ffadb4507aa2276f", "30020ae1e9bd0f3a2db0d0fff07d56822fd0e56c7aee65946b7f2ee82771a9d3", "30784c84ce692ac671d04fbd0faa6f6f29efc1aecc6eba38b74f12dce6ecb901", "3381319dacb0900a6af41c5d06843bebbe35012a6a7fcf4b781579bffe5a25ac", "3413766be9e2d077d4f4d27d95b10a1d694ade15d0c69c9fac04b3167b6692a2", "3417c9c325d8811267feb035627295a669ce243b60045e6e8be4a2db5f55fb30", "34d59e60efd9cec0fd907a3175f17d5f60711bb80e7ec5ece678868c76b03aef", "3503b441f97011307b6399572a567df0e0c14de33c7071b14f3d9d0feeac58c2", "352de18adbc914f4fad09aae28026ce72f31d5f4381b593f56421c9b3ad7dbc1", "354f42fc1ca21b4fff17973290a4485bfa948ebe4e328a82f6682d381d23fd06", "35b61225ab6230c6ae23dbe0163e06320f7c1121e976afb4c2dede91fe3bd29c", "3647b1f505fd7f5c9fe484adf062bc770432757b23f196930159474195595d16", "39cb9111fb5d6341c644cc82e1d06c36bb8c0e18c9592d3e591005b899660bda", "3a7cb6d34d58691bc97e32ebbee039a1be75031dfc3b1255cfaaf4474c910d88", "3b35e9806d4fb8aa5a67dfbfb342a47a5062375bb7529f3288d356a9ce60b11a", "3b6bbc1b0f465795696b5063e07926898838032487f612a325edf68d88903e85", "3c1f240a6d4e4dfd60c3e4f56f2c98ca874eee199aa7b53009b41a176828cfc4", "3cadbc2ab3b57b93057e9bfa54187bbbdc6c22506ada94cf3a57b1bc0e14f30e", "3e472853f993af211f9535b89abba89fd9e04bf867d381784964ec122350d1be", "3e6bae1d5811f70c58ecb368d035c918cec0784ea1e5a64c699b4b38ab951a46", "3fe1355f18b8f7d4919a716ab5ce485f94d9021bc7bf6aad2bf3a45e3d84bed6", "40c4e14bf1aca54e16724bd697952b8a1a48162f5ca46717890f85fd94228887", "4194744fa810423e5c9a277034f822e5b561d534ed57cdd75eb2a3523ef69ca7", "41a64e42de708317234ee570506239b5ab6cd65e8db469aa2040eea0c105f213", "41d3843050bfefb2eb013220db2c045dca05e7c8c19b301d1bdda202eb54d010", "424cfa4d684e1763451c2ae7bebe189cbdcff4338458ed779d86bdf9074e0e32", "42b30dffc64c4912fa01f24978365bbc75ca9e5942c9bd5c55b3660fb7cac68d", "42bf7e179e1bc3e118e22537d4ffef7ff82c14ceabe7c54a20747e9a1abdb68a", "4665e5e89479b949f548ad2a50677a97a37c39e4c1014e8b056c4058ffba859e", "46ab5cf7669f10f52ee53404fea5b4ea058cb4079fc881c55f5cce3246ecd4ff", "4704600085e453a34b69b6c99281ee65b902548f8347f10e6b4f26b585409d29", "47a8d55ed5c7998c9a565ba98cde2e370d8f04b481211740988448aff6418d12", "47e242bb38c4dbbcf5e9ccc6e218ab8d9b03e9369f66710c483068e0aeacb422", "49435281f9cd3d7909ab0887d14373626abc5c09e69416c61a35654643de9e28", "49f9f3f05e56f314989c59a2ccdbf291fb982f747eb5f20d22d1bef44d898852", "4aa33317c1f48a25222b1b066abd242af4a761f8dc5c1f36624068135569c5e1", "4b39d987281234c6d01e9ae76aa9a34bda98516efec07312721a332497f97239", "4da95d7c973efee80b4f4f1eda718a049b8a39d0e74e505a659883113974c081", "4de4eb2b53e3205faaaf53ee527d40b4c8e405e2a4300ba1ef80ae33a6d5c4c4", "4edd4f2dd8c7f79cb442ec3adba6e425bd4778d628852f75a28b250847ad06b0", "4f1b79c98316e8320996627a98b2b2464c876a318911a13dbf625672083d68a5", "502870abfa3b834b5072013d290429e9f35473dda57c9299c9ef6769f5479514", "5033ab6af96aad5c26cfed14e04bb904e675699e7bdd03de884965f847074174", "5076629901250c7cbb92c63ae4437d57ca1a3315176c6f711292f24cf26e634f", "50f777a8486df699ffaf3aa24da23a5975117e865adb500c9ca6b57b12c673cb", "51df3e6636aa9efa6a6c923b94076a7b41fed89611355cac8c9e3f849b1cec9f", "52ad96acd4923657cd354c69e496b8ddd23745bfd64d470950d000e03da2cae6", "52bbe49e87f71bfd676b58f299deecbd0cfb722322bb4f6e2d42b7fd6a9f2ee5", "544c58a5760133154cbb93b468a1dc1a211b12c4709f6f505d37ee10cfde1037", "54c02bb16bfd6665d29e47c64b39dc5c64f241d71ca6fbbea7e75c473e00878a", "563ca26d49fe96cc6b222442bb2856309a5cbb3897c8f363a16f990fe6f103fb", "566f398796b06d95b14832eee1da5725f65f98efe82e232d03b2bdf965ad3bb0", "576d320e9b0280f4424927e2aa09a28e808d0ac83f320ff9fb562c5a64cdf9e5", "578d79c4254fd4113d5f7808e73251df78ee35a668dd05f198f140726ed3580d", "57b9df6cb0feedb29b39b948016a72359923e4bec6c771c959cc6020869c4766", "5925643b372324631554a08399a1c73a80593d387cd72a966a8b9172882e1b4e", "5a045d352cb58fff702cbc60c6da0753ebaea815cdcbda9765824118daacc8e9", "5a39cab6a25f81e370381b9a7a3959edc5af740dfa6492ddfd3b8b7a2602f5bd", "5ac5943b06fd1a4c34f25d6cb7c4e652a43628998b43c35e8e007107d67fe01f", "5b1587681ce9b1e9fc96a76336e8fce20d8ab67c578e843b04180cc3df79e9bb", "5b430825b43af02b20fc0788d5355b74d6bfc346df1ad6da18ddd46fda5b6766", "5c3a66f160b371f0729c087f3267ce453d2989ff5c737c950d8713c732507db3", "5eaedd5236b0e3683f8d9c1076bf57b1c5d1a289f420299942e0d563d5986f38", "5f147949ece693d3312e612a23cf1f97bba86b270f481c8b299d7ab8c67b3165", "5f2143c4fa6cf6f75fa53b301d2f9bc2d7592b79921b24e937d9f857fe225fa5", "5ffeaad4e86372a27676a48dcc0001b519581b180e65ee5b88735e9869f9d375", "607c136ee551a3ac911028154658c6465c2bf8f965e72a3a96a3e9442afedc8c", "60d8821085704f2449170f1faa0a736609b0893fb9242997ef21a6a47f7addbf", "614cd92b2601656df17ae0d0d3dd965c8434bb753a4754b1f30efc9c03433262", "619c9e99c52bba9c286e31914c9276c1778a6866b7f8cd57decb5aa3befcbe5a", "642f1f687831f32c4fdc9e6ec7694e5e8768b016f57815f4bb3534b3964ff697", "67a56716ccb9331716b11b18474ec72f187903c17413ebef38d962827bb8e7e9", "68aeb89ed6d8fe5e0fce969bc349f15dbc9292fc815bdb99e5ff7ab9fc7ef202", "69dd47f011a3e583344e848d16b5568cedb6336fc3269fce30ac789bd3b8ce92", "6ad36df1819b8995c4fdb94d99d1da409951235d8ddeb6a7b944547b63d067fb", "6b9e06ec07963923151f50d3f22f6cd3f213ee3bf198bf1a56111638039bd559", "6cf6a40540f195bf152c961749e439a1da876e0ff98dc346126967fa3ee157a7", "6d03609c91cf0e0edeaba3bf8a2158ce0b325e667545fb9f40155a695ce44b07", "6d22a967c7fa2e6cac26322c03c32b6308447d0951c5e11f49fafde10ddb9cf6", "6d5a47ae0557549ae34ba9e86edae4265e92d13c39c53a5b8b05b6bf5d0729cc", "6dae0dd02bb60418d8728c358e59d1a6880dc3612ed5dd5cddb80799c982d02b", "6f59b1eb4ab64e086c4dbf633d3d52ac0bdbbcdf73936421a41970e25b99cf9c", "705e79b1823c9d165e21adaedd07286136265305424e5a3f809792e8d19b502d", "706fe073eb58eeed3fd167a20173cf2cec07d7ad4e19cb278eb5d0a57c0f04cd", "723cd74555b0c625a705d976fdc2e0d39dd30c36988235b8a80fa5e032925cae", "7442d8091a9125230c79c1e20c7537387a515db534a7c3625bd9885ac7f04b32", "762c51648b204f4c626ea99c4c92b368875079892b3a20d109570c085449c6ac", "766cd21013e285ad68a53d730d9802688a94dd650386b65b25a98998f3f47539", "77a7eca55118fabda0212739198911c550f74e90311661b15b8677b267faeb5e", "793074a6fd5e74a732c47057ed29ee755d45429fc09127db49cc97de7e08d733", "798603704ac14a52eb113bdce65a50a4e90624206b10507fa31f614ab32330a0", "7a5a983b3bc8fbaff9019d20f3d78716331bb615371ef5f1e6504cf7d82c01c3", "7aeac92c9b86fa0faf26ea521319e90ba809fc064a3fa4b57abdfa22a30eba61", "7b76196492cad99e9da6c4184b3c6b6b4e08f0441db65a345394a8c142a73c4f", "7cc23aea19ff046ecaca8f326a6e51011a789ed3fcf8ea3e844a45e0b0a23d3a", "7f0abe1e97cb8739a81cab546fc0f07222dacf36ee3c3c44d0df09fc172aafb8", "8001edf16aced4a90c36122b378824f2a95660d16752a256db51097dbec3f3c2", "812b90ee0ffeef3a04902d18dce4ff5629c744229ae88c706139176666a0deff", "8252041cbdf7048ffa8593337d985693dea92de627ceaecbfb5f3961702c7a56", "825f1f7d9ef166aa125ae1e3cf65fc2bc2d3ee82bc1eef602c79848f83216ae2", "827cc20b2aea265b27c7b8b9149cb3709fe19d9a199be994f5d8b1a25041b024", "82d8fe654631be648aacd1eb9f9c6fd7276c21488e38a0f8647e5e053afb47e5", "8359f177511995d6ea51318a2b7c17b9c7e492abaafb8c273483156f48facbb1", "83c039f175a4fbd9f2e377868ed3266a6bf777cd8fbc556742d0b1b0a8f290eb", "83e3d36ef50ee960ffc56f4858eeffb563fb930ccddc18cd2e57cc05044f7e90", "84741918908f5baa954352ca823a33635f2193f614eb82a9750ff21304b73bb7", "84edde4a5cf6dc9509eb00a1b73d786a47409902f088165d6a9023eaeb439192", "88320179309e4eea5920792092542d43d3410cb0643be308663d5e9ead628124", "883540af01f26c89616dd5c4c1ad212f3abc03c8178542b0ec3d8c8ec975dfa1", "889396620fb66f07488ec3742e8f388564b82898fa95107d5a0fd82e4a4bfd8a", "8901fba73b547041afdde558d10d25a752316c86af398920eddb2e3cf3f4017a", "892b564697110247799358ac50998e9a73d0753134b88575fff6b6cab911c394", "892bf26ef3311f8b6928cdddbd894dc2fa39a129c4cfe065ba5ba4efef1cc1e0", "89966300afd1faa07b9e45bbfd249ccbfbf8c5da3fe7801c3651fecbd1b434b5", "89a17776aba2c2d2c2d7070fe13281fda51e671b730f47ec51459d58e3f67e60", "89bb2be41f066dc410eb623a7b955ae722e9f03dd0e3b62a9b2bed8ae110625a", "8a0b25d456490994e8ace3cea1a35217075af89d7fff405b657ab61a7ba925a4", "8ace05b394309fe0203b3f61f4a4cc035fc91114799e1f645d3ca8f5581c667e", "8afc019596fdb9ab0d4652930dbcf4a8895b592bfbaceb7cd924985e00372ad8", "8fa64a39bfe7072e644f978072472fe59897c94e64e2f0106a6c334c799af164", "8fb715bfaf194380d7f8f29220a3b17f9fc0728729fc3597f0f28d4626c6dd3a", "900d018bd3ae9e5f473df5323961ed7ba4d1e1b12759ad436dba908a8578a3eb", "91bb77119678b138641d1c1c6d7813e8d2fb5e5dec8f9afc20aaa1d64c778789", "9226a264242af416027438a4381d3c727c478a1d7ab60a8756995bf171225e62", "9422fe784c3ce05dc5da6f846fb45a91721265460ecd45d5c224bf1fdf85270f", "948ec8280987a17d9b36335c0d512d8057f0d0b5bb8b0fb571d4ad4534688272", "954eff45eb7b33dac62f2521f421c5fc838adb04953f1ba0cdee5ea192caa73b", "96a409a055e2d3ccf73ca40dd28ef8dd8547b4367ea99d432a960112208dd5d0", "9719b521ff031c6ed0cae66b43f54dfea5658e8b5781cb4f6178ba46849eb0a5", "9778c2460829b81dbf6d85803697bc6c8380a433f87a4dc55995726dcabea80d", "99980647b27d5f165122218de62293a74e453e1a389e287d443f70488c6330e7", "9a02776e39f836ed0ed3bbacf58e5e8608b51474ea7f8a96773170fdb4a53dac", "9bdb516a39240b33a9ea42bef996c77c2a309aabd80cccf8d065e1da693ce523", "9c84189ee45da9b562e4fa6ee7db145fcd425c4e5f39f84b2d9895e6b444e452", "9cb3af10f0da5ab2337d9214add2b74841684a8c0e1e7c7bc96811c4c4fcd711", "9d2e1ff7f5583eb64776b06e9bb2cc08a2766fcbcb5b659b0244ed800f8d1cea", "9db17d1227428fa09f580b625f136f0c73998b2c8b51099b0d99b279e2e896f6", "9f358571744bc39f2e18e5c1f48da37acf2005196199416b00a0ea2f43c20347", "a04ab5abf6de646db23f84c75a225d2c1316e56476e07d4b4139c16881745c10", "a0e1d6d6d9f899483a10df078f4a438394cdef9b6b6b9fb32b611c3fb4e6ad3f", "a1481de087c0e302e2803354ce44eb7ae3f6931c2062a9f2a576e79d9d9e3da8", "a31135ab2819132257c9078423e2c84eb1ac5e042693e34459dc8e5eaa81ebc1", "a388f13642828e548c9c5d3bd0574af368643bb9fae872dff53aadfbdcd77948", "a3c23013e2b69055b29b61a7fc5805b2dea12147580a9060eb8045b20e04cffc", "a45a7283a67a4dd94cc36e6647e9ee4ea0e158f3abe008aac1606495d2c955a7", "a4b37327a32e92c231c8fb1fed06dbbc4d8e5b6082082f13acade5f792f23afd", "a586e999f87623a971ad6e73f36b541300d483f1f9de229d12c1d923b30b19a1", "a5e81215f10ef7c714612532cba97dc126353578c8aa1d7f5b6893fbbbc45707", "a6c1875af60b4fe47c17ca654ba0bc785242aa1c2185bd232da1710c273f3531", "a74083a68c1ad47018577ea04cd67dd02175f5c133700871028580ce3e879563", "a89378ae6a25caeec869b54629e70063b339790fc4503ce8f28621c07281970d", "a9054f288c2996e0ccf783da773886406bcf30ee0cf03a569160b73c2d552669", "a911de138d59887b881ae551e5ab3d1d02a6d0053f74588d769d84defa7bab39", "aa0f00ba9bd5c48985c2c233d05648b75bbd06a413fd56ae9551ef9e693445e1", "ab6371a2baa7ccc4f1183c672c745611ae5e4dcc4c7b75d3bc72bfdd21784e4d", "ac67938c9fce4649006833e96667a074bded3804bbca18a60aec35064b91af7d", "ac9773630804e19ec8915009e8540a07a85e25765527751f87a7ffdd5169331a", "ad5ce9248c25d45fdea2023420ecb16506d26cbf02335181fb74652f62a64d5e", "adbf8347a6444de1f55dab16995624fa51a3b5c9330f8e0d0a1a3cbbf734ccbe", "ae61e5e11edb1cfcf4f53b5cff54665beba5f136cd1b261b497775e95e83e0a1", "aec880a12c1ce96b5c80d6ac88193c363a522b53b94fbe019c88cc5e7ccc596d", "af212e466d8d84b8596db7b356710aec22060cb7399ba47eb2010f7ab99843a2", "af36115e1e3331286b26bbf0f28de72d8073b3eb1ad84d7728661a11037f5a91", "b008b4bbcb1afdc419ea30e086ec76abf6776b24792b08754700707983da940e", "b1ed77d383b683ddf4b0e015f5f8e2e7355b9566b307183951cad2993ab2075b", "b287e7a198f3999e8dc503c8122436763e1322b1dca200c83c143e6001851562", "b2a6da83c56ba0e1f8052bccfc60e7c083e2a510bfd647dccd2e61974329951a", "b4432bf00380674ccaa7b6fd4bddf47c79220e43c675f167c153173f2a079bfd", "b4ad533323b4f6bae67fb72e1b44a90e7c3fff0a16c90717721beb6d8d7a19d3", "b54a5dbb651236740e40a0bbff2091fff546fda4dc0df8c8d957c9852c5ecde8", "b6302d8e2502820381a79ffa92f7cabd7fce111e6f5e3dd3702d2fd8bf0226f7", "b64de92b245ed70b03d24bcbd4f5e560c35a7c9fb75ad4c3aaec4ad4371c810d", "b6c5d569da31e07b326384efde804fffa8512ceab1325ab092d8647a6b6e4658", "b75ad00bed17858700ed9a8f736d8d7c641febf288fa7fdd23b8a1b6306fcc0d", "b7c12f11a24d83e1c5983beb4cb4dcb0b16e03d8cd30387f051302cfeaa50ef4", "b7df40f0ba0b479eb5d8ae2b640f43f5e67bd20a46c6fd8dadc75adb696ad297", "b80a7fee1adb301882b7daf5b28a235db313c71092d3c0c804417b4bb151699c", "b854e2ae09aadd9cacf3fe61c0855655b8883dc81d04484f22cf6aea89d14a9f", "b883443cd6e4775ac51f8ada46f9f9d4868e5e31049014de0499c6267fa8bc4b", "ba12ec2e7e8ad415154f5cb8483e5d1def86dfb1211f50b99c1596b0c46aed38", "bad03879a27af9c23e4c22cef996a129bf2424cd9cff872976f82351646293f4", "bb2edf6b1a9be5490267a7f4c080d0f4c685d39be28c4fe5371ccf09735d5861", "bc00790e5cf8e44841a6ab3ff7cc633e3790cd2bcd525f682c2f72d4214155ff", "bd72c79a1a3919693b11b08e5b5b648a9ad9e7173d0b4f57e964a61f957f3cb8", "bde65f6d8374c1896a9087860d6b9e2cce669f00a30968e89d21b9439ff460f2", "bf47935d5abfcd2379da6b157c2d6bd9eb346d0e0b61f2fb5656ec40d1bd1dec", "bf7219b06a4be0833eda6b1a8e337666958dacb48d86a302381fc47a572caff4", "c2304d9cbfb9d31e7ea59d12dc750df649759822082f4be89c4feb618138f6d2", "c3cacca311a7a9d0bbd1a5a98919297e3ff1f8a990751ac4126b910513eae22e", "c441ee3e2c694ae1b8cd529570d0eba7ff60c1fe5437d034a7246df12f6ceb4a", "c5fe5d7baef7f4bae8aada7814edc5aa56f550cd7bb8555a9f54882718afc76f", "c68d1a90e27f2bb21c896a9d394ace7334eba8e614d3b541d3b484078abd4200", "c91716d65c5061db1d5f8e00aa694820792eef515311401ccbb8af91e2e8b4c2", "ca3da3be080e266512d3778b3370f8b747de14a64887b6c3663684660d05bf7b", "cac8c46df3a499a37f4a47e3d0175e64f5f7b40720169e51dbc7a771a166abb1", "cc2e43e225526b98716e58f9c9af35013937c76cca96f4a3381b40017a4c8fcd", "cc3793a2a9a480811c254bb563b5266f348f76b6ffb2076a9f581c4c67466b75", "cc761cb3a42393440d66e34c1bf9ccad9006bf8ed93b5bde855a79d05e9574a2", "cca82fa93718d516e183e64e0e2ec1c77119016e057bdd3073c6ea3f402fa0c7", "cf55860d32982fbb0f2cb98fc425ad624b02feefffa72b003a30c766273f786d", "d044e233ba8354f02e3ede1ffa23e08ffd1e8d6056d875c447b5e140e57ef9f3", "d11f46aec856775044a97298dfae158d113cb0a9afaa65f9cb343a74abe4bc7a", "d176db75b58dcc859bc6c0d53392a73c36b58ba1db5141a4ab1230c6ddd8c8aa", "d19d2a8ff5a6f75b3c5cc494cb04b886f97a43083b8ce9d6cf8cd941e3c660b9", "d1cef81d11242f265f3b55d9ddda64c5d510284f7f67f2863410073edcd32d89", "d1dabcd229d01f104fb3724725d48abc6e88d22ae6aeb5ad6aeacde1ff14e902", "d2a6d1baafec953e8918716537b197dd4d99325df98d75b9fc6887e83f60d01b", "d3368bbeecc4d7b98e872ddcd69404c891c65a96b576548e564df90dd58a09a9", "d389bc87acafd330359c9edba9f34ff61984b1f4cea33200af206534c9be169c", "d4a5b1f4a8c09e6b04f53ed195e04d021eca1cab7b4a136608eaac960506ba23", "d4f7d9ba3a3b2eca60b11dbd4570cb8f7bfea4dedd4772e48376c9a6561b3792", "d5e0f681e68c95f96927ef615e46a492fd72ddf7bef48c587df2f01cf4aa0845", "d66dcee9ea350d3b8e37a173bb32ebbf5dee2398d3bf10b225ca056a87dbfddb", "d7a2530b77e4d3df32f810fab08a2d807e6178da7dbdacf324479864033b86d4", "d904c08f338c069b2231aa7960938f0b6b8f021c805fd8163b0220493fd78345", "db11c55766b301154e13a3a0442bc289b7c11c5ccde8f4fb48ebf64ada2903cd", "db4ee3ad7db7f84731f2f669c8c01d858635925f8e89c40f8877b4e40d89a8d0", "db6abd611844d0987ccff79b22988454045c83e104ceb9abad2e31eb24ca6fea", "db72878459b0f2f001427fb779c025caa0d87160ad73820f4c09b6791fed232b", "dddf49abc2db241bad39682c43a9f54c745d98f2fddc44d6c3d2a088a17101f2", "de88f42454f2a9364b67f4a616ed9edba4dda98ece12d9eec1cb27b96549ed36", "e09a4d92a38b7deac7ea7944e304849cf0cca2aaea8c86ab315801881a596386", "e0cd69c1758ffc9f9b5cf07abde3d9045ed62913dc0c6bce32ecd3e08915f6cd", "e150e545b8878d0dcd0163f94b6377254aad6c4295473ea869b3298de5f3618c", "e191e466b3f0e9b7425d745fa7f97bd85ad247f1c99d734725d37483c3220e33", "e26dcbbd47f6e50f5dde1739dff098ae7983e7485d99c4ea8779c4517479deb6", "e27cc258325a10c78ad6bdd3939117468c54d7cbe0b1d6a2eb144ab5af17b6c4", "e287a924d1b33193174e87ea7c5d791e058bdbe681ff429a4f5238d4bf2b796d", "e38e32e789911e7745e82602304fbcbe8da341d41f40a40927b5728f7b115216", "e395659f750ebb4ee32424b565b35684375a384bfd486d740fb3265b22d17bc8", "e40aff7878b88ea01a1ef32ff5bc49317869c9243b64890262c55d2f7d75deec", "e47c9ad60080c7096c532a9e74646bc89b598b000fac03bb7c84aa951b5e1b68", "e72c35fd074aba481e3b9bcea2a6ae7b11864658c57f1a47cef6f9ec81cdfd61", "e7a3f4ae491038798589e29dd963b8eaa7826a7a2b9f17dd22440ab6b3e488bb", "e7f10ce5441f1df5a960aa13a0892e65a82120556fa7ded859ec1221f6190481", "e859a6fe570c8123514846b4417d07684d66adbd1185d6072dc7c50dace718e4", "e95b210525d374b18c8ac52b31f15df5212e3bc4845f63ca1bbe6bbe08930edc", "ebeb549cc2ac1835d7cf576cead6ac90813dd0c6ce1f9da474ec99f37ef2d2ff", "ed2d1f2de9b1ffbb04e011f469c65bcc1d37cbc06b86ddc9174ed42cf7e79e78", "edf8c887e540fefddae2cc33030281131326cc34141aee91e835c501fb73350d", "ee717bba48e70ec28ec91725a6cf32ef40876135560603fefa4e1d6e25d1c50e", "f09f85d3e1ec8922a52470d8df179bb0b7da1422e62f96fa8805b887a2698435", "f125158e2ed9d08affcb288c283d7ec7fcdf6796a42a304458ccc8bb668893dc", "f32f3178eecd5befdf3f00b974a6e42ad8f3adbe698e26b88c7cfb3b7f3ee748", "f3b76d297e1202df8413e6620a91463ac24717c19c6b2ee900a9e108a7b663b8", "f4304eaf5e712186329d9a21c34b4aa9aa60beeb33b94339f67e35928a914ab8", "f4b9b5cbabeecf91c38747b474b7f111c70dd9adc3df6cd41c270c8af6691f73", "f523602911b4954f76c126eabb32fc20529569ad4b581efb30b86fd37fe56058", "f55fabefd0b7987d6dd40b3ebee09a32bd31747ad6b479b3d0fa2063154e46c4", "f5db78f399fd6e5df79d48b1708558e1eaeb03bd0df67ca76d3856b304f0ac94", "f63b1048c09150e84f4f5bf211012cd64e8587f537c938727ce8759b572bd56c", "f6ca134ba6fc867fef2b2a84c6a35d1278e3a3bd47189d6e5a844b3e1798feee", "f6e9bce96ce75561d59f66ba237f51e7bea75cec77114f084daae99a5abdda98", "f7283e06bab37929bb4aebf14481c84dbfe4b14a0b82da8d52eafabec36c4210", "f858ec8f993003d86e29545060f00b964cc128f0f232b7c26745f74ba6127310", "fa0237685d80c73e1b8c524772f3f058fd379437cdccdafa296e5a2f893ba962", "fa2a1a334be7387174eccf1ab627b8b6658607bb22fc8d7b3a36ba085c09a8b5"], "iocs": {"domain": [{"hashes": ["008272d4b93a5cefd6943952d63388198b67a34e06a93dca0e9698c0639f4f02", "017c9042d7cfab02d6444805d617bfda04a590d8ee0131f0dcbb73d9f422264e", "01d019832f6f09a0eab7ffcb294466825148ef642519b37f225cea25fd8ccd82", "05878e434aefab9098e57e734d21ba96eb2731dc2022e7619ff42e6c283ac1c5", "07f8041820745c7de03ab380cdbc33fad9da6c9e87243ce4d6af1664ab2e5cae", "08de6b552e704a0bb100dcd244c0950ffb90d7d021d042f3bad4b66eab1c633b", "09e30d34ef79c10fd0f431ba287a8e89ea08c7919501a42e95ddf0b02b7a54dd", "0d970e4dca39e6ac5d389f25ba528eac251bff7df4c15aa85e96d3c680dea37a", "1078763c2070758f2d7af2a32cfeac195b1b19af9d7f83433451469a6456d69a", "116eb648e4098b4994e20822ae2dea5f9a05bf280774e96e7f17537eeea128c1", "127769bcc6688cc1c682313689d4c0ce7915a8295797a90f4586fb379694c3fe", "12d38c601be82a710b29744fa9856add702bba2c1cfc9d8f36726df449fa90ea", "146acf9b7a358237258cebeaa0870b7500c470d65855832a79ad1858de485ba4", "15c9b7a21edfd29a057d881d7f4a98405dd530122b29c7d5ab15042b9f25536c", "163a3b460ddcdb4561169c9466d48ded8d4535e34e4d51fee2713f6f2006f472", "173272cf5e8e9349b8d4ff45e6f9378fbfcd437bfaa10fc5c7b7d8adabdd998d", "17e0b0e3be6ebbf026d4b7ff6da60925516f6b29e2b5f5bfd33f49544659d031", "1895e011ecb8c5efa5610c55e27a8f32dd6d4e2e24aad0f7375c6b22b13a3673", "18b0fe90a4749d21a70e7775e456f3b258638de1b10dc7c8dfad2c87bb4b4150", "193de0289b48eec0d8da266d3f1ff3e5a265fa72cff2db27b45a96f58f8f3c60", "195c1acc646ec1f37bba891e6b6448734361ce77b79e99cb7f3d6a54e5265da1", "1961cf9e8b78d5a638cf76bdaa2144a559056acbb97c7658cd3e3338016ff1f8", "1ae225224fdb2f8a7ecd7420c3b5f85600b87445e6ac9810978e8f21fcb8de3d", "1b16fc65b34fb4cb5de9a4660bc53f3c4f27ef2d69d88f82e150eca94495471a", "1b21be6f06de9138a7131f2c037d1cf3aafb0cbc7e05f9e7111649593cb3f736", "1b3573f9efa0a3c401e74a54737c2cb64661136df79aa1616139fa8b05a19aa5", "1c530345b2e47ebe50da93b2464af6cde8960e5db5f008421399d7c682e169fb", "1e53f4e81771eebb343e345524fffe8effea4c4938c27dc174dc970ee7ef5974", "1f0e53ca67d28fbae4e2cf3986df26ae1524c2655352d0d0caccfe05b09321ca", "205733419c0e9fbcef100248b323f524d83c4bc4fb530459d6e924ff0685b566", "20aaa30897fbd51594befc4dde90df6ea6b30ff734b0c36bf27b8112f4ef679c", "21e41bdd78b229b35c9abbd43770e83b3b69ab2643f6d91271c84d25d0c5cf29", "2772b6534102d78753197e88a5df9bc5cc23a267519779bbe6396943ecb9e306", "2addb535adeb2b99b20aea8053e632f35a77d4673461ebe472d694d93f61d0ec", "2c4a04d837485631f9ee1fd683028030d354325a76f089d4fa61571e050aef6a", "2fb5e4c5d73bfebf5e01d40dca08bb935cf8b4e4674317a7ffadb4507aa2276f", "3381319dacb0900a6af41c5d06843bebbe35012a6a7fcf4b781579bffe5a25ac", "3417c9c325d8811267feb035627295a669ce243b60045e6e8be4a2db5f55fb30", "34d59e60efd9cec0fd907a3175f17d5f60711bb80e7ec5ece678868c76b03aef", "352de18adbc914f4fad09aae28026ce72f31d5f4381b593f56421c9b3ad7dbc1", "35b61225ab6230c6ae23dbe0163e06320f7c1121e976afb4c2dede91fe3bd29c", "39cb9111fb5d6341c644cc82e1d06c36bb8c0e18c9592d3e591005b899660bda", "3b6bbc1b0f465795696b5063e07926898838032487f612a325edf68d88903e85", "3cadbc2ab3b57b93057e9bfa54187bbbdc6c22506ada94cf3a57b1bc0e14f30e", "3e472853f993af211f9535b89abba89fd9e04bf867d381784964ec122350d1be", "3e6bae1d5811f70c58ecb368d035c918cec0784ea1e5a64c699b4b38ab951a46", "3fe1355f18b8f7d4919a716ab5ce485f94d9021bc7bf6aad2bf3a45e3d84bed6", "40c4e14bf1aca54e16724bd697952b8a1a48162f5ca46717890f85fd94228887", "4194744fa810423e5c9a277034f822e5b561d534ed57cdd75eb2a3523ef69ca7", "41d3843050bfefb2eb013220db2c045dca05e7c8c19b301d1bdda202eb54d010", "424cfa4d684e1763451c2ae7bebe189cbdcff4338458ed779d86bdf9074e0e32", "42bf7e179e1bc3e118e22537d4ffef7ff82c14ceabe7c54a20747e9a1abdb68a", "4704600085e453a34b69b6c99281ee65b902548f8347f10e6b4f26b585409d29", "47a8d55ed5c7998c9a565ba98cde2e370d8f04b481211740988448aff6418d12", "47e242bb38c4dbbcf5e9ccc6e218ab8d9b03e9369f66710c483068e0aeacb422", "4da95d7c973efee80b4f4f1eda718a049b8a39d0e74e505a659883113974c081", "4de4eb2b53e3205faaaf53ee527d40b4c8e405e2a4300ba1ef80ae33a6d5c4c4", "502870abfa3b834b5072013d290429e9f35473dda57c9299c9ef6769f5479514", "5076629901250c7cbb92c63ae4437d57ca1a3315176c6f711292f24cf26e634f", "50f777a8486df699ffaf3aa24da23a5975117e865adb500c9ca6b57b12c673cb", "54c02bb16bfd6665d29e47c64b39dc5c64f241d71ca6fbbea7e75c473e00878a", "563ca26d49fe96cc6b222442bb2856309a5cbb3897c8f363a16f990fe6f103fb", "5a39cab6a25f81e370381b9a7a3959edc5af740dfa6492ddfd3b8b7a2602f5bd", "5c3a66f160b371f0729c087f3267ce453d2989ff5c737c950d8713c732507db3", "5f147949ece693d3312e612a23cf1f97bba86b270f481c8b299d7ab8c67b3165", "60d8821085704f2449170f1faa0a736609b0893fb9242997ef21a6a47f7addbf", "642f1f687831f32c4fdc9e6ec7694e5e8768b016f57815f4bb3534b3964ff697", "67a56716ccb9331716b11b18474ec72f187903c17413ebef38d962827bb8e7e9", "69dd47f011a3e583344e848d16b5568cedb6336fc3269fce30ac789bd3b8ce92", "6cf6a40540f195bf152c961749e439a1da876e0ff98dc346126967fa3ee157a7", "705e79b1823c9d165e21adaedd07286136265305424e5a3f809792e8d19b502d", "706fe073eb58eeed3fd167a20173cf2cec07d7ad4e19cb278eb5d0a57c0f04cd", "7aeac92c9b86fa0faf26ea521319e90ba809fc064a3fa4b57abdfa22a30eba61", "7b76196492cad99e9da6c4184b3c6b6b4e08f0441db65a345394a8c142a73c4f", "8252041cbdf7048ffa8593337d985693dea92de627ceaecbfb5f3961702c7a56", "825f1f7d9ef166aa125ae1e3cf65fc2bc2d3ee82bc1eef602c79848f83216ae2", "8359f177511995d6ea51318a2b7c17b9c7e492abaafb8c273483156f48facbb1", "83c039f175a4fbd9f2e377868ed3266a6bf777cd8fbc556742d0b1b0a8f290eb", "84741918908f5baa954352ca823a33635f2193f614eb82a9750ff21304b73bb7", "84edde4a5cf6dc9509eb00a1b73d786a47409902f088165d6a9023eaeb439192", "889396620fb66f07488ec3742e8f388564b82898fa95107d5a0fd82e4a4bfd8a", "892b564697110247799358ac50998e9a73d0753134b88575fff6b6cab911c394", "8afc019596fdb9ab0d4652930dbcf4a8895b592bfbaceb7cd924985e00372ad8", "9422fe784c3ce05dc5da6f846fb45a91721265460ecd45d5c224bf1fdf85270f", "99980647b27d5f165122218de62293a74e453e1a389e287d443f70488c6330e7", "9bdb516a39240b33a9ea42bef996c77c2a309aabd80cccf8d065e1da693ce523", "9cb3af10f0da5ab2337d9214add2b74841684a8c0e1e7c7bc96811c4c4fcd711", "9db17d1227428fa09f580b625f136f0c73998b2c8b51099b0d99b279e2e896f6", "a04ab5abf6de646db23f84c75a225d2c1316e56476e07d4b4139c16881745c10", "a45a7283a67a4dd94cc36e6647e9ee4ea0e158f3abe008aac1606495d2c955a7", "a5e81215f10ef7c714612532cba97dc126353578c8aa1d7f5b6893fbbbc45707", "a9054f288c2996e0ccf783da773886406bcf30ee0cf03a569160b73c2d552669", "aa0f00ba9bd5c48985c2c233d05648b75bbd06a413fd56ae9551ef9e693445e1", "ab6371a2baa7ccc4f1183c672c745611ae5e4dcc4c7b75d3bc72bfdd21784e4d", "ac9773630804e19ec8915009e8540a07a85e25765527751f87a7ffdd5169331a", "aec880a12c1ce96b5c80d6ac88193c363a522b53b94fbe019c88cc5e7ccc596d", "b287e7a198f3999e8dc503c8122436763e1322b1dca200c83c143e6001851562", "b4432bf00380674ccaa7b6fd4bddf47c79220e43c675f167c153173f2a079bfd", "b54a5dbb651236740e40a0bbff2091fff546fda4dc0df8c8d957c9852c5ecde8", "b6302d8e2502820381a79ffa92f7cabd7fce111e6f5e3dd3702d2fd8bf0226f7", "b854e2ae09aadd9cacf3fe61c0855655b8883dc81d04484f22cf6aea89d14a9f", "bb2edf6b1a9be5490267a7f4c080d0f4c685d39be28c4fe5371ccf09735d5861", "bde65f6d8374c1896a9087860d6b9e2cce669f00a30968e89d21b9439ff460f2", "bf47935d5abfcd2379da6b157c2d6bd9eb346d0e0b61f2fb5656ec40d1bd1dec", "bf7219b06a4be0833eda6b1a8e337666958dacb48d86a302381fc47a572caff4", "cac8c46df3a499a37f4a47e3d0175e64f5f7b40720169e51dbc7a771a166abb1", "cc2e43e225526b98716e58f9c9af35013937c76cca96f4a3381b40017a4c8fcd", "d1cef81d11242f265f3b55d9ddda64c5d510284f7f67f2863410073edcd32d89", "d1dabcd229d01f104fb3724725d48abc6e88d22ae6aeb5ad6aeacde1ff14e902", "d7a2530b77e4d3df32f810fab08a2d807e6178da7dbdacf324479864033b86d4", "db11c55766b301154e13a3a0442bc289b7c11c5ccde8f4fb48ebf64ada2903cd", "dddf49abc2db241bad39682c43a9f54c745d98f2fddc44d6c3d2a088a17101f2", "de88f42454f2a9364b67f4a616ed9edba4dda98ece12d9eec1cb27b96549ed36", "e09a4d92a38b7deac7ea7944e304849cf0cca2aaea8c86ab315801881a596386", "edf8c887e540fefddae2cc33030281131326cc34141aee91e835c501fb73350d", "f09f85d3e1ec8922a52470d8df179bb0b7da1422e62f96fa8805b887a2698435", "f5db78f399fd6e5df79d48b1708558e1eaeb03bd0df67ca76d3856b304f0ac94", "f6ca134ba6fc867fef2b2a84c6a35d1278e3a3bd47189d6e5a844b3e1798feee"], "host": "double-six[.]com"}, {"hashes": ["008272d4b93a5cefd6943952d63388198b67a34e06a93dca0e9698c0639f4f02", "017c9042d7cfab02d6444805d617bfda04a590d8ee0131f0dcbb73d9f422264e", "01d019832f6f09a0eab7ffcb294466825148ef642519b37f225cea25fd8ccd82", "05878e434aefab9098e57e734d21ba96eb2731dc2022e7619ff42e6c283ac1c5", "07f8041820745c7de03ab380cdbc33fad9da6c9e87243ce4d6af1664ab2e5cae", "08de6b552e704a0bb100dcd244c0950ffb90d7d021d042f3bad4b66eab1c633b", "09e30d34ef79c10fd0f431ba287a8e89ea08c7919501a42e95ddf0b02b7a54dd", "0d970e4dca39e6ac5d389f25ba528eac251bff7df4c15aa85e96d3c680dea37a", "1078763c2070758f2d7af2a32cfeac195b1b19af9d7f83433451469a6456d69a", "116eb648e4098b4994e20822ae2dea5f9a05bf280774e96e7f17537eeea128c1", "127769bcc6688cc1c682313689d4c0ce7915a8295797a90f4586fb379694c3fe", "12d38c601be82a710b29744fa9856add702bba2c1cfc9d8f36726df449fa90ea", "146acf9b7a358237258cebeaa0870b7500c470d65855832a79ad1858de485ba4", "15c9b7a21edfd29a057d881d7f4a98405dd530122b29c7d5ab15042b9f25536c", "163a3b460ddcdb4561169c9466d48ded8d4535e34e4d51fee2713f6f2006f472", "173272cf5e8e9349b8d4ff45e6f9378fbfcd437bfaa10fc5c7b7d8adabdd998d", "17e0b0e3be6ebbf026d4b7ff6da60925516f6b29e2b5f5bfd33f49544659d031", "1895e011ecb8c5efa5610c55e27a8f32dd6d4e2e24aad0f7375c6b22b13a3673", "18b0fe90a4749d21a70e7775e456f3b258638de1b10dc7c8dfad2c87bb4b4150", "193de0289b48eec0d8da266d3f1ff3e5a265fa72cff2db27b45a96f58f8f3c60", "195c1acc646ec1f37bba891e6b6448734361ce77b79e99cb7f3d6a54e5265da1", "1961cf9e8b78d5a638cf76bdaa2144a559056acbb97c7658cd3e3338016ff1f8", "1ae225224fdb2f8a7ecd7420c3b5f85600b87445e6ac9810978e8f21fcb8de3d", "1b16fc65b34fb4cb5de9a4660bc53f3c4f27ef2d69d88f82e150eca94495471a", "1b21be6f06de9138a7131f2c037d1cf3aafb0cbc7e05f9e7111649593cb3f736", "1b3573f9efa0a3c401e74a54737c2cb64661136df79aa1616139fa8b05a19aa5", "1c530345b2e47ebe50da93b2464af6cde8960e5db5f008421399d7c682e169fb", "1e53f4e81771eebb343e345524fffe8effea4c4938c27dc174dc970ee7ef5974", "1f0e53ca67d28fbae4e2cf3986df26ae1524c2655352d0d0caccfe05b09321ca", "205733419c0e9fbcef100248b323f524d83c4bc4fb530459d6e924ff0685b566", "20aaa30897fbd51594befc4dde90df6ea6b30ff734b0c36bf27b8112f4ef679c", "21e41bdd78b229b35c9abbd43770e83b3b69ab2643f6d91271c84d25d0c5cf29", "2772b6534102d78753197e88a5df9bc5cc23a267519779bbe6396943ecb9e306", "2addb535adeb2b99b20aea8053e632f35a77d4673461ebe472d694d93f61d0ec", "2c4a04d837485631f9ee1fd683028030d354325a76f089d4fa61571e050aef6a", "2fb5e4c5d73bfebf5e01d40dca08bb935cf8b4e4674317a7ffadb4507aa2276f", "3381319dacb0900a6af41c5d06843bebbe35012a6a7fcf4b781579bffe5a25ac", "3417c9c325d8811267feb035627295a669ce243b60045e6e8be4a2db5f55fb30", "34d59e60efd9cec0fd907a3175f17d5f60711bb80e7ec5ece678868c76b03aef", "352de18adbc914f4fad09aae28026ce72f31d5f4381b593f56421c9b3ad7dbc1", "35b61225ab6230c6ae23dbe0163e06320f7c1121e976afb4c2dede91fe3bd29c", "39cb9111fb5d6341c644cc82e1d06c36bb8c0e18c9592d3e591005b899660bda", "3b6bbc1b0f465795696b5063e07926898838032487f612a325edf68d88903e85", "3cadbc2ab3b57b93057e9bfa54187bbbdc6c22506ada94cf3a57b1bc0e14f30e", "3e472853f993af211f9535b89abba89fd9e04bf867d381784964ec122350d1be", "3e6bae1d5811f70c58ecb368d035c918cec0784ea1e5a64c699b4b38ab951a46", "3fe1355f18b8f7d4919a716ab5ce485f94d9021bc7bf6aad2bf3a45e3d84bed6", "40c4e14bf1aca54e16724bd697952b8a1a48162f5ca46717890f85fd94228887", "4194744fa810423e5c9a277034f822e5b561d534ed57cdd75eb2a3523ef69ca7", "41d3843050bfefb2eb013220db2c045dca05e7c8c19b301d1bdda202eb54d010", "424cfa4d684e1763451c2ae7bebe189cbdcff4338458ed779d86bdf9074e0e32", "42bf7e179e1bc3e118e22537d4ffef7ff82c14ceabe7c54a20747e9a1abdb68a", "4704600085e453a34b69b6c99281ee65b902548f8347f10e6b4f26b585409d29", "47a8d55ed5c7998c9a565ba98cde2e370d8f04b481211740988448aff6418d12", "47e242bb38c4dbbcf5e9ccc6e218ab8d9b03e9369f66710c483068e0aeacb422", "4da95d7c973efee80b4f4f1eda718a049b8a39d0e74e505a659883113974c081", "4de4eb2b53e3205faaaf53ee527d40b4c8e405e2a4300ba1ef80ae33a6d5c4c4", "502870abfa3b834b5072013d290429e9f35473dda57c9299c9ef6769f5479514", "5076629901250c7cbb92c63ae4437d57ca1a3315176c6f711292f24cf26e634f", "50f777a8486df699ffaf3aa24da23a5975117e865adb500c9ca6b57b12c673cb", "54c02bb16bfd6665d29e47c64b39dc5c64f241d71ca6fbbea7e75c473e00878a", "563ca26d49fe96cc6b222442bb2856309a5cbb3897c8f363a16f990fe6f103fb", "5a39cab6a25f81e370381b9a7a3959edc5af740dfa6492ddfd3b8b7a2602f5bd", "5c3a66f160b371f0729c087f3267ce453d2989ff5c737c950d8713c732507db3", "5f147949ece693d3312e612a23cf1f97bba86b270f481c8b299d7ab8c67b3165", "60d8821085704f2449170f1faa0a736609b0893fb9242997ef21a6a47f7addbf", "642f1f687831f32c4fdc9e6ec7694e5e8768b016f57815f4bb3534b3964ff697", "67a56716ccb9331716b11b18474ec72f187903c17413ebef38d962827bb8e7e9", "69dd47f011a3e583344e848d16b5568cedb6336fc3269fce30ac789bd3b8ce92", "6cf6a40540f195bf152c961749e439a1da876e0ff98dc346126967fa3ee157a7", "705e79b1823c9d165e21adaedd07286136265305424e5a3f809792e8d19b502d", "706fe073eb58eeed3fd167a20173cf2cec07d7ad4e19cb278eb5d0a57c0f04cd", "7aeac92c9b86fa0faf26ea521319e90ba809fc064a3fa4b57abdfa22a30eba61", "7b76196492cad99e9da6c4184b3c6b6b4e08f0441db65a345394a8c142a73c4f", "8252041cbdf7048ffa8593337d985693dea92de627ceaecbfb5f3961702c7a56", "825f1f7d9ef166aa125ae1e3cf65fc2bc2d3ee82bc1eef602c79848f83216ae2", "8359f177511995d6ea51318a2b7c17b9c7e492abaafb8c273483156f48facbb1", "83c039f175a4fbd9f2e377868ed3266a6bf777cd8fbc556742d0b1b0a8f290eb", "84741918908f5baa954352ca823a33635f2193f614eb82a9750ff21304b73bb7", "84edde4a5cf6dc9509eb00a1b73d786a47409902f088165d6a9023eaeb439192", "889396620fb66f07488ec3742e8f388564b82898fa95107d5a0fd82e4a4bfd8a", "892b564697110247799358ac50998e9a73d0753134b88575fff6b6cab911c394", "8afc019596fdb9ab0d4652930dbcf4a8895b592bfbaceb7cd924985e00372ad8", "9422fe784c3ce05dc5da6f846fb45a91721265460ecd45d5c224bf1fdf85270f", "99980647b27d5f165122218de62293a74e453e1a389e287d443f70488c6330e7", "9bdb516a39240b33a9ea42bef996c77c2a309aabd80cccf8d065e1da693ce523", "9cb3af10f0da5ab2337d9214add2b74841684a8c0e1e7c7bc96811c4c4fcd711", "9db17d1227428fa09f580b625f136f0c73998b2c8b51099b0d99b279e2e896f6", "a04ab5abf6de646db23f84c75a225d2c1316e56476e07d4b4139c16881745c10", "a45a7283a67a4dd94cc36e6647e9ee4ea0e158f3abe008aac1606495d2c955a7", "a5e81215f10ef7c714612532cba97dc126353578c8aa1d7f5b6893fbbbc45707", "a9054f288c2996e0ccf783da773886406bcf30ee0cf03a569160b73c2d552669", "aa0f00ba9bd5c48985c2c233d05648b75bbd06a413fd56ae9551ef9e693445e1", "ab6371a2baa7ccc4f1183c672c745611ae5e4dcc4c7b75d3bc72bfdd21784e4d", "ac9773630804e19ec8915009e8540a07a85e25765527751f87a7ffdd5169331a", "aec880a12c1ce96b5c80d6ac88193c363a522b53b94fbe019c88cc5e7ccc596d", "b287e7a198f3999e8dc503c8122436763e1322b1dca200c83c143e6001851562", "b4432bf00380674ccaa7b6fd4bddf47c79220e43c675f167c153173f2a079bfd", "b54a5dbb651236740e40a0bbff2091fff546fda4dc0df8c8d957c9852c5ecde8", "b6302d8e2502820381a79ffa92f7cabd7fce111e6f5e3dd3702d2fd8bf0226f7", "b854e2ae09aadd9cacf3fe61c0855655b8883dc81d04484f22cf6aea89d14a9f", "bb2edf6b1a9be5490267a7f4c080d0f4c685d39be28c4fe5371ccf09735d5861", "bde65f6d8374c1896a9087860d6b9e2cce669f00a30968e89d21b9439ff460f2", "bf47935d5abfcd2379da6b157c2d6bd9eb346d0e0b61f2fb5656ec40d1bd1dec", "bf7219b06a4be0833eda6b1a8e337666958dacb48d86a302381fc47a572caff4", "cac8c46df3a499a37f4a47e3d0175e64f5f7b40720169e51dbc7a771a166abb1", "cc2e43e225526b98716e58f9c9af35013937c76cca96f4a3381b40017a4c8fcd", "d1cef81d11242f265f3b55d9ddda64c5d510284f7f67f2863410073edcd32d89", "d1dabcd229d01f104fb3724725d48abc6e88d22ae6aeb5ad6aeacde1ff14e902", "d7a2530b77e4d3df32f810fab08a2d807e6178da7dbdacf324479864033b86d4", "db11c55766b301154e13a3a0442bc289b7c11c5ccde8f4fb48ebf64ada2903cd", "dddf49abc2db241bad39682c43a9f54c745d98f2fddc44d6c3d2a088a17101f2", "de88f42454f2a9364b67f4a616ed9edba4dda98ece12d9eec1cb27b96549ed36", "e09a4d92a38b7deac7ea7944e304849cf0cca2aaea8c86ab315801881a596386", "edf8c887e540fefddae2cc33030281131326cc34141aee91e835c501fb73350d", "f09f85d3e1ec8922a52470d8df179bb0b7da1422e62f96fa8805b887a2698435", "f5db78f399fd6e5df79d48b1708558e1eaeb03bd0df67ca76d3856b304f0ac94", "f6ca134ba6fc867fef2b2a84c6a35d1278e3a3bd47189d6e5a844b3e1798feee"], "host": "cocoon-beach[.]com"}], "file": [{"hashes": ["008272d4b93a5cefd6943952d63388198b67a34e06a93dca0e9698c0639f4f02", "017c9042d7cfab02d6444805d617bfda04a590d8ee0131f0dcbb73d9f422264e", "01d019832f6f09a0eab7ffcb294466825148ef642519b37f225cea25fd8ccd82", "05878e434aefab9098e57e734d21ba96eb2731dc2022e7619ff42e6c283ac1c5", "07f8041820745c7de03ab380cdbc33fad9da6c9e87243ce4d6af1664ab2e5cae", "08de6b552e704a0bb100dcd244c0950ffb90d7d021d042f3bad4b66eab1c633b", "09e30d34ef79c10fd0f431ba287a8e89ea08c7919501a42e95ddf0b02b7a54dd", "0d970e4dca39e6ac5d389f25ba528eac251bff7df4c15aa85e96d3c680dea37a", "1078763c2070758f2d7af2a32cfeac195b1b19af9d7f83433451469a6456d69a", "116eb648e4098b4994e20822ae2dea5f9a05bf280774e96e7f17537eeea128c1", "127769bcc6688cc1c682313689d4c0ce7915a8295797a90f4586fb379694c3fe", "12d38c601be82a710b29744fa9856add702bba2c1cfc9d8f36726df449fa90ea", "146acf9b7a358237258cebeaa0870b7500c470d65855832a79ad1858de485ba4", "15c9b7a21edfd29a057d881d7f4a98405dd530122b29c7d5ab15042b9f25536c", "163a3b460ddcdb4561169c9466d48ded8d4535e34e4d51fee2713f6f2006f472", "173272cf5e8e9349b8d4ff45e6f9378fbfcd437bfaa10fc5c7b7d8adabdd998d", "17e0b0e3be6ebbf026d4b7ff6da60925516f6b29e2b5f5bfd33f49544659d031", "1895e011ecb8c5efa5610c55e27a8f32dd6d4e2e24aad0f7375c6b22b13a3673", "18b0fe90a4749d21a70e7775e456f3b258638de1b10dc7c8dfad2c87bb4b4150", "193de0289b48eec0d8da266d3f1ff3e5a265fa72cff2db27b45a96f58f8f3c60", "195c1acc646ec1f37bba891e6b6448734361ce77b79e99cb7f3d6a54e5265da1", "1961cf9e8b78d5a638cf76bdaa2144a559056acbb97c7658cd3e3338016ff1f8", "1ae225224fdb2f8a7ecd7420c3b5f85600b87445e6ac9810978e8f21fcb8de3d", "1b16fc65b34fb4cb5de9a4660bc53f3c4f27ef2d69d88f82e150eca94495471a", "1b21be6f06de9138a7131f2c037d1cf3aafb0cbc7e05f9e7111649593cb3f736", "1b3573f9efa0a3c401e74a54737c2cb64661136df79aa1616139fa8b05a19aa5", "1c530345b2e47ebe50da93b2464af6cde8960e5db5f008421399d7c682e169fb", "1e53f4e81771eebb343e345524fffe8effea4c4938c27dc174dc970ee7ef5974", "1f0e53ca67d28fbae4e2cf3986df26ae1524c2655352d0d0caccfe05b09321ca", "205733419c0e9fbcef100248b323f524d83c4bc4fb530459d6e924ff0685b566", "20aaa30897fbd51594befc4dde90df6ea6b30ff734b0c36bf27b8112f4ef679c", "21e41bdd78b229b35c9abbd43770e83b3b69ab2643f6d91271c84d25d0c5cf29", "2772b6534102d78753197e88a5df9bc5cc23a267519779bbe6396943ecb9e306", "2addb535adeb2b99b20aea8053e632f35a77d4673461ebe472d694d93f61d0ec", "2c4a04d837485631f9ee1fd683028030d354325a76f089d4fa61571e050aef6a", "2fb5e4c5d73bfebf5e01d40dca08bb935cf8b4e4674317a7ffadb4507aa2276f", "3381319dacb0900a6af41c5d06843bebbe35012a6a7fcf4b781579bffe5a25ac", "3417c9c325d8811267feb035627295a669ce243b60045e6e8be4a2db5f55fb30", "34d59e60efd9cec0fd907a3175f17d5f60711bb80e7ec5ece678868c76b03aef", "352de18adbc914f4fad09aae28026ce72f31d5f4381b593f56421c9b3ad7dbc1", "35b61225ab6230c6ae23dbe0163e06320f7c1121e976afb4c2dede91fe3bd29c", "39cb9111fb5d6341c644cc82e1d06c36bb8c0e18c9592d3e591005b899660bda", "3b6bbc1b0f465795696b5063e07926898838032487f612a325edf68d88903e85", "3cadbc2ab3b57b93057e9bfa54187bbbdc6c22506ada94cf3a57b1bc0e14f30e", "3e472853f993af211f9535b89abba89fd9e04bf867d381784964ec122350d1be", "3e6bae1d5811f70c58ecb368d035c918cec0784ea1e5a64c699b4b38ab951a46", "3fe1355f18b8f7d4919a716ab5ce485f94d9021bc7bf6aad2bf3a45e3d84bed6", "40c4e14bf1aca54e16724bd697952b8a1a48162f5ca46717890f85fd94228887", "4194744fa810423e5c9a277034f822e5b561d534ed57cdd75eb2a3523ef69ca7", "41d3843050bfefb2eb013220db2c045dca05e7c8c19b301d1bdda202eb54d010", "424cfa4d684e1763451c2ae7bebe189cbdcff4338458ed779d86bdf9074e0e32", "42bf7e179e1bc3e118e22537d4ffef7ff82c14ceabe7c54a20747e9a1abdb68a", "4704600085e453a34b69b6c99281ee65b902548f8347f10e6b4f26b585409d29", "47a8d55ed5c7998c9a565ba98cde2e370d8f04b481211740988448aff6418d12", "47e242bb38c4dbbcf5e9ccc6e218ab8d9b03e9369f66710c483068e0aeacb422", "4da95d7c973efee80b4f4f1eda718a049b8a39d0e74e505a659883113974c081", "4de4eb2b53e3205faaaf53ee527d40b4c8e405e2a4300ba1ef80ae33a6d5c4c4", "502870abfa3b834b5072013d290429e9f35473dda57c9299c9ef6769f5479514", "5076629901250c7cbb92c63ae4437d57ca1a3315176c6f711292f24cf26e634f", "50f777a8486df699ffaf3aa24da23a5975117e865adb500c9ca6b57b12c673cb", "54c02bb16bfd6665d29e47c64b39dc5c64f241d71ca6fbbea7e75c473e00878a", "563ca26d49fe96cc6b222442bb2856309a5cbb3897c8f363a16f990fe6f103fb", "5a39cab6a25f81e370381b9a7a3959edc5af740dfa6492ddfd3b8b7a2602f5bd", "5c3a66f160b371f0729c087f3267ce453d2989ff5c737c950d8713c732507db3", "5f147949ece693d3312e612a23cf1f97bba86b270f481c8b299d7ab8c67b3165", "60d8821085704f2449170f1faa0a736609b0893fb9242997ef21a6a47f7addbf", "642f1f687831f32c4fdc9e6ec7694e5e8768b016f57815f4bb3534b3964ff697", "67a56716ccb9331716b11b18474ec72f187903c17413ebef38d962827bb8e7e9", "69dd47f011a3e583344e848d16b5568cedb6336fc3269fce30ac789bd3b8ce92", "6cf6a40540f195bf152c961749e439a1da876e0ff98dc346126967fa3ee157a7", "705e79b1823c9d165e21adaedd07286136265305424e5a3f809792e8d19b502d", "706fe073eb58eeed3fd167a20173cf2cec07d7ad4e19cb278eb5d0a57c0f04cd", "7aeac92c9b86fa0faf26ea521319e90ba809fc064a3fa4b57abdfa22a30eba61", "7b76196492cad99e9da6c4184b3c6b6b4e08f0441db65a345394a8c142a73c4f", "8252041cbdf7048ffa8593337d985693dea92de627ceaecbfb5f3961702c7a56", "825f1f7d9ef166aa125ae1e3cf65fc2bc2d3ee82bc1eef602c79848f83216ae2", "8359f177511995d6ea51318a2b7c17b9c7e492abaafb8c273483156f48facbb1", "83c039f175a4fbd9f2e377868ed3266a6bf777cd8fbc556742d0b1b0a8f290eb", "84741918908f5baa954352ca823a33635f2193f614eb82a9750ff21304b73bb7", "84edde4a5cf6dc9509eb00a1b73d786a47409902f088165d6a9023eaeb439192", "889396620fb66f07488ec3742e8f388564b82898fa95107d5a0fd82e4a4bfd8a", "892b564697110247799358ac50998e9a73d0753134b88575fff6b6cab911c394", "8afc019596fdb9ab0d4652930dbcf4a8895b592bfbaceb7cd924985e00372ad8", "9422fe784c3ce05dc5da6f846fb45a91721265460ecd45d5c224bf1fdf85270f", "99980647b27d5f165122218de62293a74e453e1a389e287d443f70488c6330e7", "9bdb516a39240b33a9ea42bef996c77c2a309aabd80cccf8d065e1da693ce523", "9cb3af10f0da5ab2337d9214add2b74841684a8c0e1e7c7bc96811c4c4fcd711", "9db17d1227428fa09f580b625f136f0c73998b2c8b51099b0d99b279e2e896f6", "a04ab5abf6de646db23f84c75a225d2c1316e56476e07d4b4139c16881745c10", "a45a7283a67a4dd94cc36e6647e9ee4ea0e158f3abe008aac1606495d2c955a7", "a5e81215f10ef7c714612532cba97dc126353578c8aa1d7f5b6893fbbbc45707", "a9054f288c2996e0ccf783da773886406bcf30ee0cf03a569160b73c2d552669", "aa0f00ba9bd5c48985c2c233d05648b75bbd06a413fd56ae9551ef9e693445e1", "ab6371a2baa7ccc4f1183c672c745611ae5e4dcc4c7b75d3bc72bfdd21784e4d", "ac9773630804e19ec8915009e8540a07a85e25765527751f87a7ffdd5169331a", "aec880a12c1ce96b5c80d6ac88193c363a522b53b94fbe019c88cc5e7ccc596d", "b287e7a198f3999e8dc503c8122436763e1322b1dca200c83c143e6001851562", "b4432bf00380674ccaa7b6fd4bddf47c79220e43c675f167c153173f2a079bfd", "b54a5dbb651236740e40a0bbff2091fff546fda4dc0df8c8d957c9852c5ecde8", "b6302d8e2502820381a79ffa92f7cabd7fce111e6f5e3dd3702d2fd8bf0226f7", "b854e2ae09aadd9cacf3fe61c0855655b8883dc81d04484f22cf6aea89d14a9f", "bb2edf6b1a9be5490267a7f4c080d0f4c685d39be28c4fe5371ccf09735d5861", "bde65f6d8374c1896a9087860d6b9e2cce669f00a30968e89d21b9439ff460f2", "bf47935d5abfcd2379da6b157c2d6bd9eb346d0e0b61f2fb5656ec40d1bd1dec", "bf7219b06a4be0833eda6b1a8e337666958dacb48d86a302381fc47a572caff4", "cac8c46df3a499a37f4a47e3d0175e64f5f7b40720169e51dbc7a771a166abb1", "cc2e43e225526b98716e58f9c9af35013937c76cca96f4a3381b40017a4c8fcd", "d1cef81d11242f265f3b55d9ddda64c5d510284f7f67f2863410073edcd32d89", "d1dabcd229d01f104fb3724725d48abc6e88d22ae6aeb5ad6aeacde1ff14e902", "d7a2530b77e4d3df32f810fab08a2d807e6178da7dbdacf324479864033b86d4", "db11c55766b301154e13a3a0442bc289b7c11c5ccde8f4fb48ebf64ada2903cd", "dddf49abc2db241bad39682c43a9f54c745d98f2fddc44d6c3d2a088a17101f2", "de88f42454f2a9364b67f4a616ed9edba4dda98ece12d9eec1cb27b96549ed36", "e09a4d92a38b7deac7ea7944e304849cf0cca2aaea8c86ab315801881a596386", "edf8c887e540fefddae2cc33030281131326cc34141aee91e835c501fb73350d", "f09f85d3e1ec8922a52470d8df179bb0b7da1422e62f96fa8805b887a2698435", "f5db78f399fd6e5df79d48b1708558e1eaeb03bd0df67ca76d3856b304f0ac94", "f6ca134ba6fc867fef2b2a84c6a35d1278e3a3bd47189d6e5a844b3e1798feee"], "path": "%TEMP%\\gike.exe"}], "ip": [{"hashes": ["008272d4b93a5cefd6943952d63388198b67a34e06a93dca0e9698c0639f4f02", "017c9042d7cfab02d6444805d617bfda04a590d8ee0131f0dcbb73d9f422264e", "01d019832f6f09a0eab7ffcb294466825148ef642519b37f225cea25fd8ccd82", "05878e434aefab9098e57e734d21ba96eb2731dc2022e7619ff42e6c283ac1c5", "07f8041820745c7de03ab380cdbc33fad9da6c9e87243ce4d6af1664ab2e5cae", "08de6b552e704a0bb100dcd244c0950ffb90d7d021d042f3bad4b66eab1c633b", "09e30d34ef79c10fd0f431ba287a8e89ea08c7919501a42e95ddf0b02b7a54dd", "0d970e4dca39e6ac5d389f25ba528eac251bff7df4c15aa85e96d3c680dea37a", "1078763c2070758f2d7af2a32cfeac195b1b19af9d7f83433451469a6456d69a", "116eb648e4098b4994e20822ae2dea5f9a05bf280774e96e7f17537eeea128c1", "127769bcc6688cc1c682313689d4c0ce7915a8295797a90f4586fb379694c3fe", "12d38c601be82a710b29744fa9856add702bba2c1cfc9d8f36726df449fa90ea", "146acf9b7a358237258cebeaa0870b7500c470d65855832a79ad1858de485ba4", "15c9b7a21edfd29a057d881d7f4a98405dd530122b29c7d5ab15042b9f25536c", "163a3b460ddcdb4561169c9466d48ded8d4535e34e4d51fee2713f6f2006f472", "173272cf5e8e9349b8d4ff45e6f9378fbfcd437bfaa10fc5c7b7d8adabdd998d", "17e0b0e3be6ebbf026d4b7ff6da60925516f6b29e2b5f5bfd33f49544659d031", "1895e011ecb8c5efa5610c55e27a8f32dd6d4e2e24aad0f7375c6b22b13a3673", "18b0fe90a4749d21a70e7775e456f3b258638de1b10dc7c8dfad2c87bb4b4150", "193de0289b48eec0d8da266d3f1ff3e5a265fa72cff2db27b45a96f58f8f3c60", "195c1acc646ec1f37bba891e6b6448734361ce77b79e99cb7f3d6a54e5265da1", "1961cf9e8b78d5a638cf76bdaa2144a559056acbb97c7658cd3e3338016ff1f8", "1ae225224fdb2f8a7ecd7420c3b5f85600b87445e6ac9810978e8f21fcb8de3d", "1b16fc65b34fb4cb5de9a4660bc53f3c4f27ef2d69d88f82e150eca94495471a", "1b21be6f06de9138a7131f2c037d1cf3aafb0cbc7e05f9e7111649593cb3f736", "1b3573f9efa0a3c401e74a54737c2cb64661136df79aa1616139fa8b05a19aa5", "1c530345b2e47ebe50da93b2464af6cde8960e5db5f008421399d7c682e169fb", "1e53f4e81771eebb343e345524fffe8effea4c4938c27dc174dc970ee7ef5974", "1f0e53ca67d28fbae4e2cf3986df26ae1524c2655352d0d0caccfe05b09321ca", "205733419c0e9fbcef100248b323f524d83c4bc4fb530459d6e924ff0685b566", "20aaa30897fbd51594befc4dde90df6ea6b30ff734b0c36bf27b8112f4ef679c", "21e41bdd78b229b35c9abbd43770e83b3b69ab2643f6d91271c84d25d0c5cf29", "2772b6534102d78753197e88a5df9bc5cc23a267519779bbe6396943ecb9e306", "2addb535adeb2b99b20aea8053e632f35a77d4673461ebe472d694d93f61d0ec", "2c4a04d837485631f9ee1fd683028030d354325a76f089d4fa61571e050aef6a", "2fb5e4c5d73bfebf5e01d40dca08bb935cf8b4e4674317a7ffadb4507aa2276f", "3381319dacb0900a6af41c5d06843bebbe35012a6a7fcf4b781579bffe5a25ac", "3417c9c325d8811267feb035627295a669ce243b60045e6e8be4a2db5f55fb30", "34d59e60efd9cec0fd907a3175f17d5f60711bb80e7ec5ece678868c76b03aef", "352de18adbc914f4fad09aae28026ce72f31d5f4381b593f56421c9b3ad7dbc1", "35b61225ab6230c6ae23dbe0163e06320f7c1121e976afb4c2dede91fe3bd29c", "39cb9111fb5d6341c644cc82e1d06c36bb8c0e18c9592d3e591005b899660bda", "3b6bbc1b0f465795696b5063e07926898838032487f612a325edf68d88903e85", "3cadbc2ab3b57b93057e9bfa54187bbbdc6c22506ada94cf3a57b1bc0e14f30e", "3e472853f993af211f9535b89abba89fd9e04bf867d381784964ec122350d1be", "3e6bae1d5811f70c58ecb368d035c918cec0784ea1e5a64c699b4b38ab951a46", "3fe1355f18b8f7d4919a716ab5ce485f94d9021bc7bf6aad2bf3a45e3d84bed6", "40c4e14bf1aca54e16724bd697952b8a1a48162f5ca46717890f85fd94228887", "4194744fa810423e5c9a277034f822e5b561d534ed57cdd75eb2a3523ef69ca7", "41d3843050bfefb2eb013220db2c045dca05e7c8c19b301d1bdda202eb54d010", "424cfa4d684e1763451c2ae7bebe189cbdcff4338458ed779d86bdf9074e0e32", "42bf7e179e1bc3e118e22537d4ffef7ff82c14ceabe7c54a20747e9a1abdb68a", "4704600085e453a34b69b6c99281ee65b902548f8347f10e6b4f26b585409d29", "47a8d55ed5c7998c9a565ba98cde2e370d8f04b481211740988448aff6418d12", "47e242bb38c4dbbcf5e9ccc6e218ab8d9b03e9369f66710c483068e0aeacb422", "4da95d7c973efee80b4f4f1eda718a049b8a39d0e74e505a659883113974c081", "4de4eb2b53e3205faaaf53ee527d40b4c8e405e2a4300ba1ef80ae33a6d5c4c4", "502870abfa3b834b5072013d290429e9f35473dda57c9299c9ef6769f5479514", "5076629901250c7cbb92c63ae4437d57ca1a3315176c6f711292f24cf26e634f", "50f777a8486df699ffaf3aa24da23a5975117e865adb500c9ca6b57b12c673cb", "54c02bb16bfd6665d29e47c64b39dc5c64f241d71ca6fbbea7e75c473e00878a", "563ca26d49fe96cc6b222442bb2856309a5cbb3897c8f363a16f990fe6f103fb", "5a39cab6a25f81e370381b9a7a3959edc5af740dfa6492ddfd3b8b7a2602f5bd", "5c3a66f160b371f0729c087f3267ce453d2989ff5c737c950d8713c732507db3", "5f147949ece693d3312e612a23cf1f97bba86b270f481c8b299d7ab8c67b3165", "60d8821085704f2449170f1faa0a736609b0893fb9242997ef21a6a47f7addbf", "642f1f687831f32c4fdc9e6ec7694e5e8768b016f57815f4bb3534b3964ff697", "67a56716ccb9331716b11b18474ec72f187903c17413ebef38d962827bb8e7e9", "69dd47f011a3e583344e848d16b5568cedb6336fc3269fce30ac789bd3b8ce92", "6cf6a40540f195bf152c961749e439a1da876e0ff98dc346126967fa3ee157a7", "705e79b1823c9d165e21adaedd07286136265305424e5a3f809792e8d19b502d", "706fe073eb58eeed3fd167a20173cf2cec07d7ad4e19cb278eb5d0a57c0f04cd", "7aeac92c9b86fa0faf26ea521319e90ba809fc064a3fa4b57abdfa22a30eba61", "7b76196492cad99e9da6c4184b3c6b6b4e08f0441db65a345394a8c142a73c4f", "8252041cbdf7048ffa8593337d985693dea92de627ceaecbfb5f3961702c7a56", "825f1f7d9ef166aa125ae1e3cf65fc2bc2d3ee82bc1eef602c79848f83216ae2", "8359f177511995d6ea51318a2b7c17b9c7e492abaafb8c273483156f48facbb1", "83c039f175a4fbd9f2e377868ed3266a6bf777cd8fbc556742d0b1b0a8f290eb", "84741918908f5baa954352ca823a33635f2193f614eb82a9750ff21304b73bb7", "84edde4a5cf6dc9509eb00a1b73d786a47409902f088165d6a9023eaeb439192", "889396620fb66f07488ec3742e8f388564b82898fa95107d5a0fd82e4a4bfd8a", "892b564697110247799358ac50998e9a73d0753134b88575fff6b6cab911c394", "8afc019596fdb9ab0d4652930dbcf4a8895b592bfbaceb7cd924985e00372ad8", "9422fe784c3ce05dc5da6f846fb45a91721265460ecd45d5c224bf1fdf85270f", "99980647b27d5f165122218de62293a74e453e1a389e287d443f70488c6330e7", "9bdb516a39240b33a9ea42bef996c77c2a309aabd80cccf8d065e1da693ce523", "9cb3af10f0da5ab2337d9214add2b74841684a8c0e1e7c7bc96811c4c4fcd711", "9db17d1227428fa09f580b625f136f0c73998b2c8b51099b0d99b279e2e896f6", "a04ab5abf6de646db23f84c75a225d2c1316e56476e07d4b4139c16881745c10", "a45a7283a67a4dd94cc36e6647e9ee4ea0e158f3abe008aac1606495d2c955a7", "a5e81215f10ef7c714612532cba97dc126353578c8aa1d7f5b6893fbbbc45707", "a9054f288c2996e0ccf783da773886406bcf30ee0cf03a569160b73c2d552669", "aa0f00ba9bd5c48985c2c233d05648b75bbd06a413fd56ae9551ef9e693445e1", "ab6371a2baa7ccc4f1183c672c745611ae5e4dcc4c7b75d3bc72bfdd21784e4d", "ac9773630804e19ec8915009e8540a07a85e25765527751f87a7ffdd5169331a", "aec880a12c1ce96b5c80d6ac88193c363a522b53b94fbe019c88cc5e7ccc596d", "b287e7a198f3999e8dc503c8122436763e1322b1dca200c83c143e6001851562", "b4432bf00380674ccaa7b6fd4bddf47c79220e43c675f167c153173f2a079bfd", "b54a5dbb651236740e40a0bbff2091fff546fda4dc0df8c8d957c9852c5ecde8", "b6302d8e2502820381a79ffa92f7cabd7fce111e6f5e3dd3702d2fd8bf0226f7", "b854e2ae09aadd9cacf3fe61c0855655b8883dc81d04484f22cf6aea89d14a9f", "bb2edf6b1a9be5490267a7f4c080d0f4c685d39be28c4fe5371ccf09735d5861", "bde65f6d8374c1896a9087860d6b9e2cce669f00a30968e89d21b9439ff460f2", "bf47935d5abfcd2379da6b157c2d6bd9eb346d0e0b61f2fb5656ec40d1bd1dec", "bf7219b06a4be0833eda6b1a8e337666958dacb48d86a302381fc47a572caff4", "cac8c46df3a499a37f4a47e3d0175e64f5f7b40720169e51dbc7a771a166abb1", "cc2e43e225526b98716e58f9c9af35013937c76cca96f4a3381b40017a4c8fcd", "d1cef81d11242f265f3b55d9ddda64c5d510284f7f67f2863410073edcd32d89", "d1dabcd229d01f104fb3724725d48abc6e88d22ae6aeb5ad6aeacde1ff14e902", "d7a2530b77e4d3df32f810fab08a2d807e6178da7dbdacf324479864033b86d4", "db11c55766b301154e13a3a0442bc289b7c11c5ccde8f4fb48ebf64ada2903cd", "dddf49abc2db241bad39682c43a9f54c745d98f2fddc44d6c3d2a088a17101f2", "de88f42454f2a9364b67f4a616ed9edba4dda98ece12d9eec1cb27b96549ed36", "e09a4d92a38b7deac7ea7944e304849cf0cca2aaea8c86ab315801881a596386", "edf8c887e540fefddae2cc33030281131326cc34141aee91e835c501fb73350d", "f09f85d3e1ec8922a52470d8df179bb0b7da1422e62f96fa8805b887a2698435", "f5db78f399fd6e5df79d48b1708558e1eaeb03bd0df67ca76d3856b304f0ac94", "f6ca134ba6fc867fef2b2a84c6a35d1278e3a3bd47189d6e5a844b3e1798feee"], "ip": "69[.]10[.]32[.]149"}, {"hashes": ["008272d4b93a5cefd6943952d63388198b67a34e06a93dca0e9698c0639f4f02", "017c9042d7cfab02d6444805d617bfda04a590d8ee0131f0dcbb73d9f422264e", "01d019832f6f09a0eab7ffcb294466825148ef642519b37f225cea25fd8ccd82", "05878e434aefab9098e57e734d21ba96eb2731dc2022e7619ff42e6c283ac1c5", "07f8041820745c7de03ab380cdbc33fad9da6c9e87243ce4d6af1664ab2e5cae", "08de6b552e704a0bb100dcd244c0950ffb90d7d021d042f3bad4b66eab1c633b", "09e30d34ef79c10fd0f431ba287a8e89ea08c7919501a42e95ddf0b02b7a54dd", "0d970e4dca39e6ac5d389f25ba528eac251bff7df4c15aa85e96d3c680dea37a", "1078763c2070758f2d7af2a32cfeac195b1b19af9d7f83433451469a6456d69a", "116eb648e4098b4994e20822ae2dea5f9a05bf280774e96e7f17537eeea128c1", "127769bcc6688cc1c682313689d4c0ce7915a8295797a90f4586fb379694c3fe", "12d38c601be82a710b29744fa9856add702bba2c1cfc9d8f36726df449fa90ea", "146acf9b7a358237258cebeaa0870b7500c470d65855832a79ad1858de485ba4", "15c9b7a21edfd29a057d881d7f4a98405dd530122b29c7d5ab15042b9f25536c", "163a3b460ddcdb4561169c9466d48ded8d4535e34e4d51fee2713f6f2006f472", "173272cf5e8e9349b8d4ff45e6f9378fbfcd437bfaa10fc5c7b7d8adabdd998d", "17e0b0e3be6ebbf026d4b7ff6da60925516f6b29e2b5f5bfd33f49544659d031", "1895e011ecb8c5efa5610c55e27a8f32dd6d4e2e24aad0f7375c6b22b13a3673", "18b0fe90a4749d21a70e7775e456f3b258638de1b10dc7c8dfad2c87bb4b4150", "193de0289b48eec0d8da266d3f1ff3e5a265fa72cff2db27b45a96f58f8f3c60", "195c1acc646ec1f37bba891e6b6448734361ce77b79e99cb7f3d6a54e5265da1", "1961cf9e8b78d5a638cf76bdaa2144a559056acbb97c7658cd3e3338016ff1f8", "1ae225224fdb2f8a7ecd7420c3b5f85600b87445e6ac9810978e8f21fcb8de3d", "1b16fc65b34fb4cb5de9a4660bc53f3c4f27ef2d69d88f82e150eca94495471a", "1b21be6f06de9138a7131f2c037d1cf3aafb0cbc7e05f9e7111649593cb3f736", "1b3573f9efa0a3c401e74a54737c2cb64661136df79aa1616139fa8b05a19aa5", "1c530345b2e47ebe50da93b2464af6cde8960e5db5f008421399d7c682e169fb", "1e53f4e81771eebb343e345524fffe8effea4c4938c27dc174dc970ee7ef5974", "1f0e53ca67d28fbae4e2cf3986df26ae1524c2655352d0d0caccfe05b09321ca", "205733419c0e9fbcef100248b323f524d83c4bc4fb530459d6e924ff0685b566", "20aaa30897fbd51594befc4dde90df6ea6b30ff734b0c36bf27b8112f4ef679c", "21e41bdd78b229b35c9abbd43770e83b3b69ab2643f6d91271c84d25d0c5cf29", "2772b6534102d78753197e88a5df9bc5cc23a267519779bbe6396943ecb9e306", "2addb535adeb2b99b20aea8053e632f35a77d4673461ebe472d694d93f61d0ec", "2c4a04d837485631f9ee1fd683028030d354325a76f089d4fa61571e050aef6a", "2fb5e4c5d73bfebf5e01d40dca08bb935cf8b4e4674317a7ffadb4507aa2276f", "3381319dacb0900a6af41c5d06843bebbe35012a6a7fcf4b781579bffe5a25ac", "3417c9c325d8811267feb035627295a669ce243b60045e6e8be4a2db5f55fb30", "34d59e60efd9cec0fd907a3175f17d5f60711bb80e7ec5ece678868c76b03aef", "352de18adbc914f4fad09aae28026ce72f31d5f4381b593f56421c9b3ad7dbc1", "35b61225ab6230c6ae23dbe0163e06320f7c1121e976afb4c2dede91fe3bd29c", "39cb9111fb5d6341c644cc82e1d06c36bb8c0e18c9592d3e591005b899660bda", "3b6bbc1b0f465795696b5063e07926898838032487f612a325edf68d88903e85", "3cadbc2ab3b57b93057e9bfa54187bbbdc6c22506ada94cf3a57b1bc0e14f30e", "3e472853f993af211f9535b89abba89fd9e04bf867d381784964ec122350d1be", "3e6bae1d5811f70c58ecb368d035c918cec0784ea1e5a64c699b4b38ab951a46", "3fe1355f18b8f7d4919a716ab5ce485f94d9021bc7bf6aad2bf3a45e3d84bed6", "40c4e14bf1aca54e16724bd697952b8a1a48162f5ca46717890f85fd94228887", "4194744fa810423e5c9a277034f822e5b561d534ed57cdd75eb2a3523ef69ca7", "41d3843050bfefb2eb013220db2c045dca05e7c8c19b301d1bdda202eb54d010", "424cfa4d684e1763451c2ae7bebe189cbdcff4338458ed779d86bdf9074e0e32", "42bf7e179e1bc3e118e22537d4ffef7ff82c14ceabe7c54a20747e9a1abdb68a", "4704600085e453a34b69b6c99281ee65b902548f8347f10e6b4f26b585409d29", "47a8d55ed5c7998c9a565ba98cde2e370d8f04b481211740988448aff6418d12", "47e242bb38c4dbbcf5e9ccc6e218ab8d9b03e9369f66710c483068e0aeacb422", "4da95d7c973efee80b4f4f1eda718a049b8a39d0e74e505a659883113974c081", "4de4eb2b53e3205faaaf53ee527d40b4c8e405e2a4300ba1ef80ae33a6d5c4c4", "502870abfa3b834b5072013d290429e9f35473dda57c9299c9ef6769f5479514", "5076629901250c7cbb92c63ae4437d57ca1a3315176c6f711292f24cf26e634f", "50f777a8486df699ffaf3aa24da23a5975117e865adb500c9ca6b57b12c673cb", "54c02bb16bfd6665d29e47c64b39dc5c64f241d71ca6fbbea7e75c473e00878a", "563ca26d49fe96cc6b222442bb2856309a5cbb3897c8f363a16f990fe6f103fb", "5a39cab6a25f81e370381b9a7a3959edc5af740dfa6492ddfd3b8b7a2602f5bd", "5c3a66f160b371f0729c087f3267ce453d2989ff5c737c950d8713c732507db3", "5f147949ece693d3312e612a23cf1f97bba86b270f481c8b299d7ab8c67b3165", "60d8821085704f2449170f1faa0a736609b0893fb9242997ef21a6a47f7addbf", "642f1f687831f32c4fdc9e6ec7694e5e8768b016f57815f4bb3534b3964ff697", "67a56716ccb9331716b11b18474ec72f187903c17413ebef38d962827bb8e7e9", "69dd47f011a3e583344e848d16b5568cedb6336fc3269fce30ac789bd3b8ce92", "6cf6a40540f195bf152c961749e439a1da876e0ff98dc346126967fa3ee157a7", "705e79b1823c9d165e21adaedd07286136265305424e5a3f809792e8d19b502d", "706fe073eb58eeed3fd167a20173cf2cec07d7ad4e19cb278eb5d0a57c0f04cd", "7aeac92c9b86fa0faf26ea521319e90ba809fc064a3fa4b57abdfa22a30eba61", "7b76196492cad99e9da6c4184b3c6b6b4e08f0441db65a345394a8c142a73c4f", "8252041cbdf7048ffa8593337d985693dea92de627ceaecbfb5f3961702c7a56", "825f1f7d9ef166aa125ae1e3cf65fc2bc2d3ee82bc1eef602c79848f83216ae2", "8359f177511995d6ea51318a2b7c17b9c7e492abaafb8c273483156f48facbb1", "83c039f175a4fbd9f2e377868ed3266a6bf777cd8fbc556742d0b1b0a8f290eb", "84741918908f5baa954352ca823a33635f2193f614eb82a9750ff21304b73bb7", "84edde4a5cf6dc9509eb00a1b73d786a47409902f088165d6a9023eaeb439192", "889396620fb66f07488ec3742e8f388564b82898fa95107d5a0fd82e4a4bfd8a", "892b564697110247799358ac50998e9a73d0753134b88575fff6b6cab911c394", "8afc019596fdb9ab0d4652930dbcf4a8895b592bfbaceb7cd924985e00372ad8", "9422fe784c3ce05dc5da6f846fb45a91721265460ecd45d5c224bf1fdf85270f", "99980647b27d5f165122218de62293a74e453e1a389e287d443f70488c6330e7", "9bdb516a39240b33a9ea42bef996c77c2a309aabd80cccf8d065e1da693ce523", "9cb3af10f0da5ab2337d9214add2b74841684a8c0e1e7c7bc96811c4c4fcd711", "9db17d1227428fa09f580b625f136f0c73998b2c8b51099b0d99b279e2e896f6", "a04ab5abf6de646db23f84c75a225d2c1316e56476e07d4b4139c16881745c10", "a45a7283a67a4dd94cc36e6647e9ee4ea0e158f3abe008aac1606495d2c955a7", "a5e81215f10ef7c714612532cba97dc126353578c8aa1d7f5b6893fbbbc45707", "a9054f288c2996e0ccf783da773886406bcf30ee0cf03a569160b73c2d552669", "aa0f00ba9bd5c48985c2c233d05648b75bbd06a413fd56ae9551ef9e693445e1", "ab6371a2baa7ccc4f1183c672c745611ae5e4dcc4c7b75d3bc72bfdd21784e4d", "ac9773630804e19ec8915009e8540a07a85e25765527751f87a7ffdd5169331a", "aec880a12c1ce96b5c80d6ac88193c363a522b53b94fbe019c88cc5e7ccc596d", "b287e7a198f3999e8dc503c8122436763e1322b1dca200c83c143e6001851562", "b4432bf00380674ccaa7b6fd4bddf47c79220e43c675f167c153173f2a079bfd", "b54a5dbb651236740e40a0bbff2091fff546fda4dc0df8c8d957c9852c5ecde8", "b6302d8e2502820381a79ffa92f7cabd7fce111e6f5e3dd3702d2fd8bf0226f7", "b854e2ae09aadd9cacf3fe61c0855655b8883dc81d04484f22cf6aea89d14a9f", "bb2edf6b1a9be5490267a7f4c080d0f4c685d39be28c4fe5371ccf09735d5861", "bde65f6d8374c1896a9087860d6b9e2cce669f00a30968e89d21b9439ff460f2", "bf47935d5abfcd2379da6b157c2d6bd9eb346d0e0b61f2fb5656ec40d1bd1dec", "bf7219b06a4be0833eda6b1a8e337666958dacb48d86a302381fc47a572caff4", "cac8c46df3a499a37f4a47e3d0175e64f5f7b40720169e51dbc7a771a166abb1", "cc2e43e225526b98716e58f9c9af35013937c76cca96f4a3381b40017a4c8fcd", "d1cef81d11242f265f3b55d9ddda64c5d510284f7f67f2863410073edcd32d89", "d1dabcd229d01f104fb3724725d48abc6e88d22ae6aeb5ad6aeacde1ff14e902", "d7a2530b77e4d3df32f810fab08a2d807e6178da7dbdacf324479864033b86d4", "db11c55766b301154e13a3a0442bc289b7c11c5ccde8f4fb48ebf64ada2903cd", "dddf49abc2db241bad39682c43a9f54c745d98f2fddc44d6c3d2a088a17101f2", "de88f42454f2a9364b67f4a616ed9edba4dda98ece12d9eec1cb27b96549ed36", "e09a4d92a38b7deac7ea7944e304849cf0cca2aaea8c86ab315801881a596386", "edf8c887e540fefddae2cc33030281131326cc34141aee91e835c501fb73350d", "f09f85d3e1ec8922a52470d8df179bb0b7da1422e62f96fa8805b887a2698435", "f5db78f399fd6e5df79d48b1708558e1eaeb03bd0df67ca76d3856b304f0ac94", "f6ca134ba6fc867fef2b2a84c6a35d1278e3a3bd47189d6e5a844b3e1798feee"], "ip": "66[.]23[.]234[.]229"}], "mutex": [], "registry": []}, "reports_count": 118}, "Win.Packed.Upatre-10004837-0": {"bis": [{"bi": "pe-encrypted-section", "hashes": ["0c6905dfc5d219d7405783ceba466330985ff038ce77c1448622b6ead9a8fedd", "0dcf26c0fdad8837add51b5268b5f3cf02ec9e3d8936f166bb164f2610f92ce8", "0b6f1f1b68e8352e642d12009ce48934e763ca1ee263ebf822670835937cb6e4", "10dc3db45b5ad14d8bb58ebfe38d87f316a82f625145a6940ed6d2cffc3d3413", "10dd94a660c56eef86d3c4cb9ff8b1311e22e758a1d0b79c70fa23d3dec6fc44", "04c3de6445aefd13b88212d29589db04d7f6412bfee3e80d66513d259555d2fe", "5655b51d2eb28226ed7fe72684921840913f09bafee669b95adc259a44419266", "0688967894c414690f2b7de3dcf6c63036c5ce61e8bb4c6db3f3e691cfdefc34", "125266dc5e9a92d17d4469fed2cd60d0c76e3c90a469aed67a24308fa0b9f3e5", "150c6538ad632823036986338622382a62fe871cb2e99aa45a6e94b64f4c485f", "0b727beadc2a3f3afcd9d682932a9c6f392ba2a8c635de8290aaa671344e6e13", "1201d6a2e6658cc9d6bbd03b22d4a8197a6aa7f3b550782c1c59b8015b26e190", "0584d6cbafdec4ddaaba676ee9930af23dcdbb5e181d2203d936bfe78533022d", "07ad32619621f1ce3c9329e64cb51c24b23971fc9caffd27891e7cacb781381c", "1db13bbbe5da803bad25cef3241af377e04b66bee57653c1804903587663ff67", "009bd2bdbfa4169b22ffd51316b4d6d971e9133928899af2208c72408eb095ac", "1ea6fc867b76d2f596f5e139fb3288e07525075bc116605c399995aef7d3d843", "1e343f2293fa3247342f1b831cabd98115fd0f282e2c5693736359c70cf44706", "125fd5f9590f0212ce2a55458ae5100d9296443b6b7cebbf17c577becb2c4150", "024f0326c797d429a4dcecc5f1662a9cbb969bc5b0129c78c4c90dcbdd4069bc", "1c2e0a6d68ae602e91db7269d692b746d38724cc46511716253d35c4a77b9918", "1b66181c20015201e6216f8151dd6d83f3becf83f47d4a16ab894e497804ed8e", "0cd2f46a6d76025030ba0516e6ef5d935dee87aa1128fb9029810481604007ea", "0c39e82c2b7da1d44e2686b0721616cbb04a26dcda7c896249426b1349546f72", "11ea59d574a39a7b2c60867451384e7cc9d33ae88c645bf641e861463d587e8e", "079f9fdb7e1ae7c9547460b35cee345b3659e206752462a7f51a0fe31ef758c8"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "memory-execute-readwrite", "hashes": ["0c6905dfc5d219d7405783ceba466330985ff038ce77c1448622b6ead9a8fedd", "0dcf26c0fdad8837add51b5268b5f3cf02ec9e3d8936f166bb164f2610f92ce8", "0b6f1f1b68e8352e642d12009ce48934e763ca1ee263ebf822670835937cb6e4", "10dc3db45b5ad14d8bb58ebfe38d87f316a82f625145a6940ed6d2cffc3d3413", "10dd94a660c56eef86d3c4cb9ff8b1311e22e758a1d0b79c70fa23d3dec6fc44", "04c3de6445aefd13b88212d29589db04d7f6412bfee3e80d66513d259555d2fe", "5655b51d2eb28226ed7fe72684921840913f09bafee669b95adc259a44419266", "0688967894c414690f2b7de3dcf6c63036c5ce61e8bb4c6db3f3e691cfdefc34", "125266dc5e9a92d17d4469fed2cd60d0c76e3c90a469aed67a24308fa0b9f3e5", "150c6538ad632823036986338622382a62fe871cb2e99aa45a6e94b64f4c485f", "0b727beadc2a3f3afcd9d682932a9c6f392ba2a8c635de8290aaa671344e6e13", "1201d6a2e6658cc9d6bbd03b22d4a8197a6aa7f3b550782c1c59b8015b26e190", "0584d6cbafdec4ddaaba676ee9930af23dcdbb5e181d2203d936bfe78533022d", "07ad32619621f1ce3c9329e64cb51c24b23971fc9caffd27891e7cacb781381c", "1db13bbbe5da803bad25cef3241af377e04b66bee57653c1804903587663ff67", "009bd2bdbfa4169b22ffd51316b4d6d971e9133928899af2208c72408eb095ac", "1ea6fc867b76d2f596f5e139fb3288e07525075bc116605c399995aef7d3d843", "1e343f2293fa3247342f1b831cabd98115fd0f282e2c5693736359c70cf44706", "125fd5f9590f0212ce2a55458ae5100d9296443b6b7cebbf17c577becb2c4150", "024f0326c797d429a4dcecc5f1662a9cbb969bc5b0129c78c4c90dcbdd4069bc", "1c2e0a6d68ae602e91db7269d692b746d38724cc46511716253d35c4a77b9918", "1b66181c20015201e6216f8151dd6d83f3becf83f47d4a16ab894e497804ed8e", "0cd2f46a6d76025030ba0516e6ef5d935dee87aa1128fb9029810481604007ea", "0c39e82c2b7da1d44e2686b0721616cbb04a26dcda7c896249426b1349546f72", "11ea59d574a39a7b2c60867451384e7cc9d33ae88c645bf641e861463d587e8e", "079f9fdb7e1ae7c9547460b35cee345b3659e206752462a7f51a0fe31ef758c8"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "modified-executable", "hashes": ["0c6905dfc5d219d7405783ceba466330985ff038ce77c1448622b6ead9a8fedd", "0dcf26c0fdad8837add51b5268b5f3cf02ec9e3d8936f166bb164f2610f92ce8", "0b6f1f1b68e8352e642d12009ce48934e763ca1ee263ebf822670835937cb6e4", "10dc3db45b5ad14d8bb58ebfe38d87f316a82f625145a6940ed6d2cffc3d3413", "10dd94a660c56eef86d3c4cb9ff8b1311e22e758a1d0b79c70fa23d3dec6fc44", "04c3de6445aefd13b88212d29589db04d7f6412bfee3e80d66513d259555d2fe", "5655b51d2eb28226ed7fe72684921840913f09bafee669b95adc259a44419266", "0688967894c414690f2b7de3dcf6c63036c5ce61e8bb4c6db3f3e691cfdefc34", "125266dc5e9a92d17d4469fed2cd60d0c76e3c90a469aed67a24308fa0b9f3e5", "150c6538ad632823036986338622382a62fe871cb2e99aa45a6e94b64f4c485f", "0b727beadc2a3f3afcd9d682932a9c6f392ba2a8c635de8290aaa671344e6e13", "1201d6a2e6658cc9d6bbd03b22d4a8197a6aa7f3b550782c1c59b8015b26e190", "0584d6cbafdec4ddaaba676ee9930af23dcdbb5e181d2203d936bfe78533022d", "07ad32619621f1ce3c9329e64cb51c24b23971fc9caffd27891e7cacb781381c", "1db13bbbe5da803bad25cef3241af377e04b66bee57653c1804903587663ff67", "009bd2bdbfa4169b22ffd51316b4d6d971e9133928899af2208c72408eb095ac", "1ea6fc867b76d2f596f5e139fb3288e07525075bc116605c399995aef7d3d843", "1e343f2293fa3247342f1b831cabd98115fd0f282e2c5693736359c70cf44706", "125fd5f9590f0212ce2a55458ae5100d9296443b6b7cebbf17c577becb2c4150", "024f0326c797d429a4dcecc5f1662a9cbb969bc5b0129c78c4c90dcbdd4069bc", "1c2e0a6d68ae602e91db7269d692b746d38724cc46511716253d35c4a77b9918", "1b66181c20015201e6216f8151dd6d83f3becf83f47d4a16ab894e497804ed8e", "0cd2f46a6d76025030ba0516e6ef5d935dee87aa1128fb9029810481604007ea", "0c39e82c2b7da1d44e2686b0721616cbb04a26dcda7c896249426b1349546f72", "11ea59d574a39a7b2c60867451384e7cc9d33ae88c645bf641e861463d587e8e", "079f9fdb7e1ae7c9547460b35cee345b3659e206752462a7f51a0fe31ef758c8"], "mitre_attack_tags": []}, {"bi": "created-executable-in-user-dir", "hashes": ["0c6905dfc5d219d7405783ceba466330985ff038ce77c1448622b6ead9a8fedd", "0dcf26c0fdad8837add51b5268b5f3cf02ec9e3d8936f166bb164f2610f92ce8", "0b6f1f1b68e8352e642d12009ce48934e763ca1ee263ebf822670835937cb6e4", "10dc3db45b5ad14d8bb58ebfe38d87f316a82f625145a6940ed6d2cffc3d3413", "10dd94a660c56eef86d3c4cb9ff8b1311e22e758a1d0b79c70fa23d3dec6fc44", "04c3de6445aefd13b88212d29589db04d7f6412bfee3e80d66513d259555d2fe", "5655b51d2eb28226ed7fe72684921840913f09bafee669b95adc259a44419266", "0688967894c414690f2b7de3dcf6c63036c5ce61e8bb4c6db3f3e691cfdefc34", "125266dc5e9a92d17d4469fed2cd60d0c76e3c90a469aed67a24308fa0b9f3e5", "150c6538ad632823036986338622382a62fe871cb2e99aa45a6e94b64f4c485f", "0b727beadc2a3f3afcd9d682932a9c6f392ba2a8c635de8290aaa671344e6e13", "1201d6a2e6658cc9d6bbd03b22d4a8197a6aa7f3b550782c1c59b8015b26e190", "0584d6cbafdec4ddaaba676ee9930af23dcdbb5e181d2203d936bfe78533022d", "07ad32619621f1ce3c9329e64cb51c24b23971fc9caffd27891e7cacb781381c", "1db13bbbe5da803bad25cef3241af377e04b66bee57653c1804903587663ff67", "009bd2bdbfa4169b22ffd51316b4d6d971e9133928899af2208c72408eb095ac", "1ea6fc867b76d2f596f5e139fb3288e07525075bc116605c399995aef7d3d843", "1e343f2293fa3247342f1b831cabd98115fd0f282e2c5693736359c70cf44706", "125fd5f9590f0212ce2a55458ae5100d9296443b6b7cebbf17c577becb2c4150", "024f0326c797d429a4dcecc5f1662a9cbb969bc5b0129c78c4c90dcbdd4069bc", "1c2e0a6d68ae602e91db7269d692b746d38724cc46511716253d35c4a77b9918", "1b66181c20015201e6216f8151dd6d83f3becf83f47d4a16ab894e497804ed8e", "0cd2f46a6d76025030ba0516e6ef5d935dee87aa1128fb9029810481604007ea", "0c39e82c2b7da1d44e2686b0721616cbb04a26dcda7c896249426b1349546f72", "11ea59d574a39a7b2c60867451384e7cc9d33ae88c645bf641e861463d587e8e", "079f9fdb7e1ae7c9547460b35cee345b3659e206752462a7f51a0fe31ef758c8"], "mitre_attack_tags": []}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["0c6905dfc5d219d7405783ceba466330985ff038ce77c1448622b6ead9a8fedd", "0dcf26c0fdad8837add51b5268b5f3cf02ec9e3d8936f166bb164f2610f92ce8", "0b6f1f1b68e8352e642d12009ce48934e763ca1ee263ebf822670835937cb6e4", "10dc3db45b5ad14d8bb58ebfe38d87f316a82f625145a6940ed6d2cffc3d3413", "10dd94a660c56eef86d3c4cb9ff8b1311e22e758a1d0b79c70fa23d3dec6fc44", "04c3de6445aefd13b88212d29589db04d7f6412bfee3e80d66513d259555d2fe", "5655b51d2eb28226ed7fe72684921840913f09bafee669b95adc259a44419266", "0688967894c414690f2b7de3dcf6c63036c5ce61e8bb4c6db3f3e691cfdefc34", "125266dc5e9a92d17d4469fed2cd60d0c76e3c90a469aed67a24308fa0b9f3e5", "150c6538ad632823036986338622382a62fe871cb2e99aa45a6e94b64f4c485f", "0b727beadc2a3f3afcd9d682932a9c6f392ba2a8c635de8290aaa671344e6e13", "1201d6a2e6658cc9d6bbd03b22d4a8197a6aa7f3b550782c1c59b8015b26e190", "0584d6cbafdec4ddaaba676ee9930af23dcdbb5e181d2203d936bfe78533022d", "07ad32619621f1ce3c9329e64cb51c24b23971fc9caffd27891e7cacb781381c", "1db13bbbe5da803bad25cef3241af377e04b66bee57653c1804903587663ff67", "009bd2bdbfa4169b22ffd51316b4d6d971e9133928899af2208c72408eb095ac", "1ea6fc867b76d2f596f5e139fb3288e07525075bc116605c399995aef7d3d843", "1e343f2293fa3247342f1b831cabd98115fd0f282e2c5693736359c70cf44706", "125fd5f9590f0212ce2a55458ae5100d9296443b6b7cebbf17c577becb2c4150", "024f0326c797d429a4dcecc5f1662a9cbb969bc5b0129c78c4c90dcbdd4069bc", "1c2e0a6d68ae602e91db7269d692b746d38724cc46511716253d35c4a77b9918", "1b66181c20015201e6216f8151dd6d83f3becf83f47d4a16ab894e497804ed8e", "0cd2f46a6d76025030ba0516e6ef5d935dee87aa1128fb9029810481604007ea", "0c39e82c2b7da1d44e2686b0721616cbb04a26dcda7c896249426b1349546f72", "11ea59d574a39a7b2c60867451384e7cc9d33ae88c645bf641e861463d587e8e", "079f9fdb7e1ae7c9547460b35cee345b3659e206752462a7f51a0fe31ef758c8"], "mitre_attack_tags": []}, {"bi": "modified-file-in-user-dir", "hashes": ["0c6905dfc5d219d7405783ceba466330985ff038ce77c1448622b6ead9a8fedd", "0dcf26c0fdad8837add51b5268b5f3cf02ec9e3d8936f166bb164f2610f92ce8", "0b6f1f1b68e8352e642d12009ce48934e763ca1ee263ebf822670835937cb6e4", "10dc3db45b5ad14d8bb58ebfe38d87f316a82f625145a6940ed6d2cffc3d3413", "10dd94a660c56eef86d3c4cb9ff8b1311e22e758a1d0b79c70fa23d3dec6fc44", "04c3de6445aefd13b88212d29589db04d7f6412bfee3e80d66513d259555d2fe", "5655b51d2eb28226ed7fe72684921840913f09bafee669b95adc259a44419266", "0688967894c414690f2b7de3dcf6c63036c5ce61e8bb4c6db3f3e691cfdefc34", "125266dc5e9a92d17d4469fed2cd60d0c76e3c90a469aed67a24308fa0b9f3e5", "150c6538ad632823036986338622382a62fe871cb2e99aa45a6e94b64f4c485f", "0b727beadc2a3f3afcd9d682932a9c6f392ba2a8c635de8290aaa671344e6e13", "1201d6a2e6658cc9d6bbd03b22d4a8197a6aa7f3b550782c1c59b8015b26e190", "0584d6cbafdec4ddaaba676ee9930af23dcdbb5e181d2203d936bfe78533022d", "07ad32619621f1ce3c9329e64cb51c24b23971fc9caffd27891e7cacb781381c", "1db13bbbe5da803bad25cef3241af377e04b66bee57653c1804903587663ff67", "009bd2bdbfa4169b22ffd51316b4d6d971e9133928899af2208c72408eb095ac", "1ea6fc867b76d2f596f5e139fb3288e07525075bc116605c399995aef7d3d843", "1e343f2293fa3247342f1b831cabd98115fd0f282e2c5693736359c70cf44706", "125fd5f9590f0212ce2a55458ae5100d9296443b6b7cebbf17c577becb2c4150", "024f0326c797d429a4dcecc5f1662a9cbb969bc5b0129c78c4c90dcbdd4069bc", "1c2e0a6d68ae602e91db7269d692b746d38724cc46511716253d35c4a77b9918", "1b66181c20015201e6216f8151dd6d83f3becf83f47d4a16ab894e497804ed8e", "0cd2f46a6d76025030ba0516e6ef5d935dee87aa1128fb9029810481604007ea", "0c39e82c2b7da1d44e2686b0721616cbb04a26dcda7c896249426b1349546f72", "11ea59d574a39a7b2c60867451384e7cc9d33ae88c645bf641e861463d587e8e", "079f9fdb7e1ae7c9547460b35cee345b3659e206752462a7f51a0fe31ef758c8"], "mitre_attack_tags": []}, {"bi": "pe-section-execute-writable", "hashes": ["0c6905dfc5d219d7405783ceba466330985ff038ce77c1448622b6ead9a8fedd", "0dcf26c0fdad8837add51b5268b5f3cf02ec9e3d8936f166bb164f2610f92ce8", "0b6f1f1b68e8352e642d12009ce48934e763ca1ee263ebf822670835937cb6e4", "10dc3db45b5ad14d8bb58ebfe38d87f316a82f625145a6940ed6d2cffc3d3413", "10dd94a660c56eef86d3c4cb9ff8b1311e22e758a1d0b79c70fa23d3dec6fc44", "04c3de6445aefd13b88212d29589db04d7f6412bfee3e80d66513d259555d2fe", "5655b51d2eb28226ed7fe72684921840913f09bafee669b95adc259a44419266", "0688967894c414690f2b7de3dcf6c63036c5ce61e8bb4c6db3f3e691cfdefc34", "125266dc5e9a92d17d4469fed2cd60d0c76e3c90a469aed67a24308fa0b9f3e5", "150c6538ad632823036986338622382a62fe871cb2e99aa45a6e94b64f4c485f", "0b727beadc2a3f3afcd9d682932a9c6f392ba2a8c635de8290aaa671344e6e13", "1201d6a2e6658cc9d6bbd03b22d4a8197a6aa7f3b550782c1c59b8015b26e190", "0584d6cbafdec4ddaaba676ee9930af23dcdbb5e181d2203d936bfe78533022d", "07ad32619621f1ce3c9329e64cb51c24b23971fc9caffd27891e7cacb781381c", "1db13bbbe5da803bad25cef3241af377e04b66bee57653c1804903587663ff67", "009bd2bdbfa4169b22ffd51316b4d6d971e9133928899af2208c72408eb095ac", "1ea6fc867b76d2f596f5e139fb3288e07525075bc116605c399995aef7d3d843", "1e343f2293fa3247342f1b831cabd98115fd0f282e2c5693736359c70cf44706", "125fd5f9590f0212ce2a55458ae5100d9296443b6b7cebbf17c577becb2c4150", "024f0326c797d429a4dcecc5f1662a9cbb969bc5b0129c78c4c90dcbdd4069bc", "1c2e0a6d68ae602e91db7269d692b746d38724cc46511716253d35c4a77b9918", "1b66181c20015201e6216f8151dd6d83f3becf83f47d4a16ab894e497804ed8e", "0cd2f46a6d76025030ba0516e6ef5d935dee87aa1128fb9029810481604007ea", "0c39e82c2b7da1d44e2686b0721616cbb04a26dcda7c896249426b1349546f72", "11ea59d574a39a7b2c60867451384e7cc9d33ae88c645bf641e861463d587e8e", "079f9fdb7e1ae7c9547460b35cee345b3659e206752462a7f51a0fe31ef758c8"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "pe-packed-upx", "hashes": ["0c6905dfc5d219d7405783ceba466330985ff038ce77c1448622b6ead9a8fedd", "0dcf26c0fdad8837add51b5268b5f3cf02ec9e3d8936f166bb164f2610f92ce8", "0b6f1f1b68e8352e642d12009ce48934e763ca1ee263ebf822670835937cb6e4", "10dc3db45b5ad14d8bb58ebfe38d87f316a82f625145a6940ed6d2cffc3d3413", "10dd94a660c56eef86d3c4cb9ff8b1311e22e758a1d0b79c70fa23d3dec6fc44", "04c3de6445aefd13b88212d29589db04d7f6412bfee3e80d66513d259555d2fe", "5655b51d2eb28226ed7fe72684921840913f09bafee669b95adc259a44419266", "0688967894c414690f2b7de3dcf6c63036c5ce61e8bb4c6db3f3e691cfdefc34", "125266dc5e9a92d17d4469fed2cd60d0c76e3c90a469aed67a24308fa0b9f3e5", "150c6538ad632823036986338622382a62fe871cb2e99aa45a6e94b64f4c485f", "0b727beadc2a3f3afcd9d682932a9c6f392ba2a8c635de8290aaa671344e6e13", "1201d6a2e6658cc9d6bbd03b22d4a8197a6aa7f3b550782c1c59b8015b26e190", "0584d6cbafdec4ddaaba676ee9930af23dcdbb5e181d2203d936bfe78533022d", "07ad32619621f1ce3c9329e64cb51c24b23971fc9caffd27891e7cacb781381c", "1db13bbbe5da803bad25cef3241af377e04b66bee57653c1804903587663ff67", "009bd2bdbfa4169b22ffd51316b4d6d971e9133928899af2208c72408eb095ac", "1ea6fc867b76d2f596f5e139fb3288e07525075bc116605c399995aef7d3d843", "1e343f2293fa3247342f1b831cabd98115fd0f282e2c5693736359c70cf44706", "125fd5f9590f0212ce2a55458ae5100d9296443b6b7cebbf17c577becb2c4150", "024f0326c797d429a4dcecc5f1662a9cbb969bc5b0129c78c4c90dcbdd4069bc", "1c2e0a6d68ae602e91db7269d692b746d38724cc46511716253d35c4a77b9918", "1b66181c20015201e6216f8151dd6d83f3becf83f47d4a16ab894e497804ed8e", "0cd2f46a6d76025030ba0516e6ef5d935dee87aa1128fb9029810481604007ea", "0c39e82c2b7da1d44e2686b0721616cbb04a26dcda7c896249426b1349546f72", "11ea59d574a39a7b2c60867451384e7cc9d33ae88c645bf641e861463d587e8e", "079f9fdb7e1ae7c9547460b35cee345b3659e206752462a7f51a0fe31ef758c8"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "network-fast-flux-domain", "hashes": ["0c6905dfc5d219d7405783ceba466330985ff038ce77c1448622b6ead9a8fedd", "0dcf26c0fdad8837add51b5268b5f3cf02ec9e3d8936f166bb164f2610f92ce8", "0b6f1f1b68e8352e642d12009ce48934e763ca1ee263ebf822670835937cb6e4", "10dc3db45b5ad14d8bb58ebfe38d87f316a82f625145a6940ed6d2cffc3d3413", "10dd94a660c56eef86d3c4cb9ff8b1311e22e758a1d0b79c70fa23d3dec6fc44", "04c3de6445aefd13b88212d29589db04d7f6412bfee3e80d66513d259555d2fe", "5655b51d2eb28226ed7fe72684921840913f09bafee669b95adc259a44419266", "0688967894c414690f2b7de3dcf6c63036c5ce61e8bb4c6db3f3e691cfdefc34", "125266dc5e9a92d17d4469fed2cd60d0c76e3c90a469aed67a24308fa0b9f3e5", "150c6538ad632823036986338622382a62fe871cb2e99aa45a6e94b64f4c485f", "0b727beadc2a3f3afcd9d682932a9c6f392ba2a8c635de8290aaa671344e6e13", "1201d6a2e6658cc9d6bbd03b22d4a8197a6aa7f3b550782c1c59b8015b26e190", "0584d6cbafdec4ddaaba676ee9930af23dcdbb5e181d2203d936bfe78533022d", "07ad32619621f1ce3c9329e64cb51c24b23971fc9caffd27891e7cacb781381c", "1db13bbbe5da803bad25cef3241af377e04b66bee57653c1804903587663ff67", "009bd2bdbfa4169b22ffd51316b4d6d971e9133928899af2208c72408eb095ac", "1ea6fc867b76d2f596f5e139fb3288e07525075bc116605c399995aef7d3d843", "1e343f2293fa3247342f1b831cabd98115fd0f282e2c5693736359c70cf44706", "125fd5f9590f0212ce2a55458ae5100d9296443b6b7cebbf17c577becb2c4150", "024f0326c797d429a4dcecc5f1662a9cbb969bc5b0129c78c4c90dcbdd4069bc", "1c2e0a6d68ae602e91db7269d692b746d38724cc46511716253d35c4a77b9918", "1b66181c20015201e6216f8151dd6d83f3becf83f47d4a16ab894e497804ed8e", "0cd2f46a6d76025030ba0516e6ef5d935dee87aa1128fb9029810481604007ea", "0c39e82c2b7da1d44e2686b0721616cbb04a26dcda7c896249426b1349546f72", "11ea59d574a39a7b2c60867451384e7cc9d33ae88c645bf641e861463d587e8e", "079f9fdb7e1ae7c9547460b35cee345b3659e206752462a7f51a0fe31ef758c8"], "mitre_attack_tags": []}, {"bi": "network-communications-http-get", "hashes": ["0c6905dfc5d219d7405783ceba466330985ff038ce77c1448622b6ead9a8fedd", "0dcf26c0fdad8837add51b5268b5f3cf02ec9e3d8936f166bb164f2610f92ce8", "0b6f1f1b68e8352e642d12009ce48934e763ca1ee263ebf822670835937cb6e4", "10dc3db45b5ad14d8bb58ebfe38d87f316a82f625145a6940ed6d2cffc3d3413", "10dd94a660c56eef86d3c4cb9ff8b1311e22e758a1d0b79c70fa23d3dec6fc44", "04c3de6445aefd13b88212d29589db04d7f6412bfee3e80d66513d259555d2fe", "5655b51d2eb28226ed7fe72684921840913f09bafee669b95adc259a44419266", "0688967894c414690f2b7de3dcf6c63036c5ce61e8bb4c6db3f3e691cfdefc34", "125266dc5e9a92d17d4469fed2cd60d0c76e3c90a469aed67a24308fa0b9f3e5", "150c6538ad632823036986338622382a62fe871cb2e99aa45a6e94b64f4c485f", "0b727beadc2a3f3afcd9d682932a9c6f392ba2a8c635de8290aaa671344e6e13", "1201d6a2e6658cc9d6bbd03b22d4a8197a6aa7f3b550782c1c59b8015b26e190", "0584d6cbafdec4ddaaba676ee9930af23dcdbb5e181d2203d936bfe78533022d", "07ad32619621f1ce3c9329e64cb51c24b23971fc9caffd27891e7cacb781381c", "1db13bbbe5da803bad25cef3241af377e04b66bee57653c1804903587663ff67", "009bd2bdbfa4169b22ffd51316b4d6d971e9133928899af2208c72408eb095ac", "1ea6fc867b76d2f596f5e139fb3288e07525075bc116605c399995aef7d3d843", "1e343f2293fa3247342f1b831cabd98115fd0f282e2c5693736359c70cf44706", "125fd5f9590f0212ce2a55458ae5100d9296443b6b7cebbf17c577becb2c4150", "024f0326c797d429a4dcecc5f1662a9cbb969bc5b0129c78c4c90dcbdd4069bc", "1c2e0a6d68ae602e91db7269d692b746d38724cc46511716253d35c4a77b9918", "1b66181c20015201e6216f8151dd6d83f3becf83f47d4a16ab894e497804ed8e", "0cd2f46a6d76025030ba0516e6ef5d935dee87aa1128fb9029810481604007ea", "0c39e82c2b7da1d44e2686b0721616cbb04a26dcda7c896249426b1349546f72", "11ea59d574a39a7b2c60867451384e7cc9d33ae88c645bf641e861463d587e8e", "079f9fdb7e1ae7c9547460b35cee345b3659e206752462a7f51a0fe31ef758c8"], "mitre_attack_tags": ["TA0011", "T1105"]}, {"bi": "dns-query-nxdomain", "hashes": ["0c6905dfc5d219d7405783ceba466330985ff038ce77c1448622b6ead9a8fedd", "0dcf26c0fdad8837add51b5268b5f3cf02ec9e3d8936f166bb164f2610f92ce8", "0b6f1f1b68e8352e642d12009ce48934e763ca1ee263ebf822670835937cb6e4", "10dc3db45b5ad14d8bb58ebfe38d87f316a82f625145a6940ed6d2cffc3d3413", "10dd94a660c56eef86d3c4cb9ff8b1311e22e758a1d0b79c70fa23d3dec6fc44", "04c3de6445aefd13b88212d29589db04d7f6412bfee3e80d66513d259555d2fe", "5655b51d2eb28226ed7fe72684921840913f09bafee669b95adc259a44419266", "0688967894c414690f2b7de3dcf6c63036c5ce61e8bb4c6db3f3e691cfdefc34", "125266dc5e9a92d17d4469fed2cd60d0c76e3c90a469aed67a24308fa0b9f3e5", "150c6538ad632823036986338622382a62fe871cb2e99aa45a6e94b64f4c485f", "0b727beadc2a3f3afcd9d682932a9c6f392ba2a8c635de8290aaa671344e6e13", "1201d6a2e6658cc9d6bbd03b22d4a8197a6aa7f3b550782c1c59b8015b26e190", "0584d6cbafdec4ddaaba676ee9930af23dcdbb5e181d2203d936bfe78533022d", "07ad32619621f1ce3c9329e64cb51c24b23971fc9caffd27891e7cacb781381c", "1db13bbbe5da803bad25cef3241af377e04b66bee57653c1804903587663ff67", "009bd2bdbfa4169b22ffd51316b4d6d971e9133928899af2208c72408eb095ac", "1ea6fc867b76d2f596f5e139fb3288e07525075bc116605c399995aef7d3d843", "1e343f2293fa3247342f1b831cabd98115fd0f282e2c5693736359c70cf44706", "125fd5f9590f0212ce2a55458ae5100d9296443b6b7cebbf17c577becb2c4150", "024f0326c797d429a4dcecc5f1662a9cbb969bc5b0129c78c4c90dcbdd4069bc", "1c2e0a6d68ae602e91db7269d692b746d38724cc46511716253d35c4a77b9918", "1b66181c20015201e6216f8151dd6d83f3becf83f47d4a16ab894e497804ed8e", "0cd2f46a6d76025030ba0516e6ef5d935dee87aa1128fb9029810481604007ea", "0c39e82c2b7da1d44e2686b0721616cbb04a26dcda7c896249426b1349546f72", "11ea59d574a39a7b2c60867451384e7cc9d33ae88c645bf641e861463d587e8e", "079f9fdb7e1ae7c9547460b35cee345b3659e206752462a7f51a0fe31ef758c8"], "mitre_attack_tags": []}, {"bi": "network-only-safe-domains-contacted", "hashes": ["0c6905dfc5d219d7405783ceba466330985ff038ce77c1448622b6ead9a8fedd", "0dcf26c0fdad8837add51b5268b5f3cf02ec9e3d8936f166bb164f2610f92ce8", "0b6f1f1b68e8352e642d12009ce48934e763ca1ee263ebf822670835937cb6e4", "10dc3db45b5ad14d8bb58ebfe38d87f316a82f625145a6940ed6d2cffc3d3413", "10dd94a660c56eef86d3c4cb9ff8b1311e22e758a1d0b79c70fa23d3dec6fc44", "04c3de6445aefd13b88212d29589db04d7f6412bfee3e80d66513d259555d2fe", "5655b51d2eb28226ed7fe72684921840913f09bafee669b95adc259a44419266", "0688967894c414690f2b7de3dcf6c63036c5ce61e8bb4c6db3f3e691cfdefc34", "125266dc5e9a92d17d4469fed2cd60d0c76e3c90a469aed67a24308fa0b9f3e5", "150c6538ad632823036986338622382a62fe871cb2e99aa45a6e94b64f4c485f", "0b727beadc2a3f3afcd9d682932a9c6f392ba2a8c635de8290aaa671344e6e13", "1201d6a2e6658cc9d6bbd03b22d4a8197a6aa7f3b550782c1c59b8015b26e190", "0584d6cbafdec4ddaaba676ee9930af23dcdbb5e181d2203d936bfe78533022d", "07ad32619621f1ce3c9329e64cb51c24b23971fc9caffd27891e7cacb781381c", "1db13bbbe5da803bad25cef3241af377e04b66bee57653c1804903587663ff67", "009bd2bdbfa4169b22ffd51316b4d6d971e9133928899af2208c72408eb095ac", "1ea6fc867b76d2f596f5e139fb3288e07525075bc116605c399995aef7d3d843", "1e343f2293fa3247342f1b831cabd98115fd0f282e2c5693736359c70cf44706", "125fd5f9590f0212ce2a55458ae5100d9296443b6b7cebbf17c577becb2c4150", "024f0326c797d429a4dcecc5f1662a9cbb969bc5b0129c78c4c90dcbdd4069bc", "1c2e0a6d68ae602e91db7269d692b746d38724cc46511716253d35c4a77b9918", "1b66181c20015201e6216f8151dd6d83f3becf83f47d4a16ab894e497804ed8e", "0cd2f46a6d76025030ba0516e6ef5d935dee87aa1128fb9029810481604007ea", "0c39e82c2b7da1d44e2686b0721616cbb04a26dcda7c896249426b1349546f72", "11ea59d574a39a7b2c60867451384e7cc9d33ae88c645bf641e861463d587e8e", "079f9fdb7e1ae7c9547460b35cee345b3659e206752462a7f51a0fe31ef758c8"], "mitre_attack_tags": []}, {"bi": "network-file-downloaded-to-disk", "hashes": ["0c6905dfc5d219d7405783ceba466330985ff038ce77c1448622b6ead9a8fedd", "0dcf26c0fdad8837add51b5268b5f3cf02ec9e3d8936f166bb164f2610f92ce8", "0b6f1f1b68e8352e642d12009ce48934e763ca1ee263ebf822670835937cb6e4", "10dc3db45b5ad14d8bb58ebfe38d87f316a82f625145a6940ed6d2cffc3d3413", "10dd94a660c56eef86d3c4cb9ff8b1311e22e758a1d0b79c70fa23d3dec6fc44", "04c3de6445aefd13b88212d29589db04d7f6412bfee3e80d66513d259555d2fe", "5655b51d2eb28226ed7fe72684921840913f09bafee669b95adc259a44419266", "0688967894c414690f2b7de3dcf6c63036c5ce61e8bb4c6db3f3e691cfdefc34", "125266dc5e9a92d17d4469fed2cd60d0c76e3c90a469aed67a24308fa0b9f3e5", "150c6538ad632823036986338622382a62fe871cb2e99aa45a6e94b64f4c485f", "0b727beadc2a3f3afcd9d682932a9c6f392ba2a8c635de8290aaa671344e6e13", "1201d6a2e6658cc9d6bbd03b22d4a8197a6aa7f3b550782c1c59b8015b26e190", "0584d6cbafdec4ddaaba676ee9930af23dcdbb5e181d2203d936bfe78533022d", "07ad32619621f1ce3c9329e64cb51c24b23971fc9caffd27891e7cacb781381c", "1db13bbbe5da803bad25cef3241af377e04b66bee57653c1804903587663ff67", "009bd2bdbfa4169b22ffd51316b4d6d971e9133928899af2208c72408eb095ac", "1ea6fc867b76d2f596f5e139fb3288e07525075bc116605c399995aef7d3d843", "1e343f2293fa3247342f1b831cabd98115fd0f282e2c5693736359c70cf44706", "125fd5f9590f0212ce2a55458ae5100d9296443b6b7cebbf17c577becb2c4150", "024f0326c797d429a4dcecc5f1662a9cbb969bc5b0129c78c4c90dcbdd4069bc", "1c2e0a6d68ae602e91db7269d692b746d38724cc46511716253d35c4a77b9918", "1b66181c20015201e6216f8151dd6d83f3becf83f47d4a16ab894e497804ed8e", "0cd2f46a6d76025030ba0516e6ef5d935dee87aa1128fb9029810481604007ea", "0c39e82c2b7da1d44e2686b0721616cbb04a26dcda7c896249426b1349546f72", "11ea59d574a39a7b2c60867451384e7cc9d33ae88c645bf641e861463d587e8e", "079f9fdb7e1ae7c9547460b35cee345b3659e206752462a7f51a0fe31ef758c8"], "mitre_attack_tags": []}, {"bi": "feed-domain-antivirus-service", "hashes": ["0c6905dfc5d219d7405783ceba466330985ff038ce77c1448622b6ead9a8fedd", "0dcf26c0fdad8837add51b5268b5f3cf02ec9e3d8936f166bb164f2610f92ce8", "0b6f1f1b68e8352e642d12009ce48934e763ca1ee263ebf822670835937cb6e4", "10dc3db45b5ad14d8bb58ebfe38d87f316a82f625145a6940ed6d2cffc3d3413", "10dd94a660c56eef86d3c4cb9ff8b1311e22e758a1d0b79c70fa23d3dec6fc44", "04c3de6445aefd13b88212d29589db04d7f6412bfee3e80d66513d259555d2fe", "5655b51d2eb28226ed7fe72684921840913f09bafee669b95adc259a44419266", "0688967894c414690f2b7de3dcf6c63036c5ce61e8bb4c6db3f3e691cfdefc34", "125266dc5e9a92d17d4469fed2cd60d0c76e3c90a469aed67a24308fa0b9f3e5", "150c6538ad632823036986338622382a62fe871cb2e99aa45a6e94b64f4c485f", "0b727beadc2a3f3afcd9d682932a9c6f392ba2a8c635de8290aaa671344e6e13", "1201d6a2e6658cc9d6bbd03b22d4a8197a6aa7f3b550782c1c59b8015b26e190", "0584d6cbafdec4ddaaba676ee9930af23dcdbb5e181d2203d936bfe78533022d", "07ad32619621f1ce3c9329e64cb51c24b23971fc9caffd27891e7cacb781381c", "1db13bbbe5da803bad25cef3241af377e04b66bee57653c1804903587663ff67", "009bd2bdbfa4169b22ffd51316b4d6d971e9133928899af2208c72408eb095ac", "1ea6fc867b76d2f596f5e139fb3288e07525075bc116605c399995aef7d3d843", "1e343f2293fa3247342f1b831cabd98115fd0f282e2c5693736359c70cf44706", "125fd5f9590f0212ce2a55458ae5100d9296443b6b7cebbf17c577becb2c4150", "024f0326c797d429a4dcecc5f1662a9cbb969bc5b0129c78c4c90dcbdd4069bc", "1c2e0a6d68ae602e91db7269d692b746d38724cc46511716253d35c4a77b9918", "1b66181c20015201e6216f8151dd6d83f3becf83f47d4a16ab894e497804ed8e", "0cd2f46a6d76025030ba0516e6ef5d935dee87aa1128fb9029810481604007ea", "0c39e82c2b7da1d44e2686b0721616cbb04a26dcda7c896249426b1349546f72", "11ea59d574a39a7b2c60867451384e7cc9d33ae88c645bf641e861463d587e8e", "079f9fdb7e1ae7c9547460b35cee345b3659e206752462a7f51a0fe31ef758c8"], "mitre_attack_tags": []}], "category": "Packed", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": false, "Threat Grid": true, "Umbrella": false, "WSA": false}, "description": "Upatre is a malicious downloader often used by exploit kits and phishing campaigns. Upatre downloads and executes malicious executables, such as banking malware.", "hashes": ["009bd2bdbfa4169b22ffd51316b4d6d971e9133928899af2208c72408eb095ac", "024f0326c797d429a4dcecc5f1662a9cbb969bc5b0129c78c4c90dcbdd4069bc", "04c3de6445aefd13b88212d29589db04d7f6412bfee3e80d66513d259555d2fe", "0584d6cbafdec4ddaaba676ee9930af23dcdbb5e181d2203d936bfe78533022d", "0688967894c414690f2b7de3dcf6c63036c5ce61e8bb4c6db3f3e691cfdefc34", "079f9fdb7e1ae7c9547460b35cee345b3659e206752462a7f51a0fe31ef758c8", "07ad32619621f1ce3c9329e64cb51c24b23971fc9caffd27891e7cacb781381c", "0b6f1f1b68e8352e642d12009ce48934e763ca1ee263ebf822670835937cb6e4", "0b727beadc2a3f3afcd9d682932a9c6f392ba2a8c635de8290aaa671344e6e13", "0c39e82c2b7da1d44e2686b0721616cbb04a26dcda7c896249426b1349546f72", "0c6905dfc5d219d7405783ceba466330985ff038ce77c1448622b6ead9a8fedd", "0cd2f46a6d76025030ba0516e6ef5d935dee87aa1128fb9029810481604007ea", "0dcf26c0fdad8837add51b5268b5f3cf02ec9e3d8936f166bb164f2610f92ce8", "10dc3db45b5ad14d8bb58ebfe38d87f316a82f625145a6940ed6d2cffc3d3413", "10dd94a660c56eef86d3c4cb9ff8b1311e22e758a1d0b79c70fa23d3dec6fc44", "11ea59d574a39a7b2c60867451384e7cc9d33ae88c645bf641e861463d587e8e", "1201d6a2e6658cc9d6bbd03b22d4a8197a6aa7f3b550782c1c59b8015b26e190", "125266dc5e9a92d17d4469fed2cd60d0c76e3c90a469aed67a24308fa0b9f3e5", "125fd5f9590f0212ce2a55458ae5100d9296443b6b7cebbf17c577becb2c4150", "150c6538ad632823036986338622382a62fe871cb2e99aa45a6e94b64f4c485f", "1b66181c20015201e6216f8151dd6d83f3becf83f47d4a16ab894e497804ed8e", "1c2e0a6d68ae602e91db7269d692b746d38724cc46511716253d35c4a77b9918", "1db13bbbe5da803bad25cef3241af377e04b66bee57653c1804903587663ff67", "1e343f2293fa3247342f1b831cabd98115fd0f282e2c5693736359c70cf44706", "1ea6fc867b76d2f596f5e139fb3288e07525075bc116605c399995aef7d3d843", "23139a0e83541bf946354337668a91fd1dbf0f0e95bb8bcf50d5e43b4e35a32c", "233ddb124dff81927a34743afdf249537a8b97f00ffaebfc2861ad96502b9e17", "2380a02590911628e4a68d82db0c0b86a69f9c2a183ca24b6f31f4095ddf7939", "2464f54d682db9e0820b314ec81648cb3560c0be3de20dca3cbc42a5074c56f5", "24c16d62537e88724e787f1df251f366529b0d0fe3b6917e57717239cc5e83c2", "253afe4bf3e11c60d082ffdadb228b8cb652fa0b32a6d31e0016882e65af1876", "265ccaa4da2c96d859a15d46cc87f3d1b4a653981a40ea568fbccccb34638a0d", "26a796a4b26157d69867b5ae694b9e2c2e99617cb6dc68983663ccce4b8effba", "283daaeaa3721b414fd8aadb0cb3a5092ad953f2c390b92de932875c909577b3", "29b36a7837f7d8c0048cf9a5cb5cf5c387e9a0dadc90da7619176a4a7d979329", "29c6491a96947175a73e53487d44a57274e8fd5f036d325272034201db47a63f", "2b9aa159498d895ed2c71a688215b2115ab5b4e7ac90eeab7d55e02fd79993c0", "2d646b06f59e191095c2cfc58a3fdb3ad33cd6deedd1ecfbf1f835635db9e7ae", "2e4ab3e9ee4ab1a11a469a2f60ee49cf76d77b172fe27df6f6d334657b124af8", "2f1527ed9dd0668df1f5850cd0caf731f5c7e758a81d6d61b8064c0a58583c30", "31dfc543c760f619d24cb95ec0aa50c06755b62f2d869d4988946d70775937fe", "32757d59832a94842f0dd57f093e7fefedf8d4cb0045fcb4dcc0e2f7b6c8b821", "332ad5efbc09be11787afcc33734fe351b611d85ff67b9972588d70d7ddff112", "36196be28a39a8459c8b9e5288828a7c6c064cf9ec07369bcefbd31e570d0358", "369ca8b8f700cad09e13e423dacdc11aa2feba46b15ef6b530832e47734afb2e", "3733c7f10f649341bc1f506aba0c50042ad1edf63fe9b8730eb82bbc2a3df596", "38f4827d626230cda78dac7a8274e2e9fade1b387ee408bae2d5dadb7762a16b", "3af12d69f6467109a67364ad34f41ace4ef4ceac02e3a9cc5a7fc29098e4358c", "3b5aad59b351dc8c469fbfd20b6c2094c6fff28a43ce66e0163dc63df194c8d4", "3b81d5dd51c87018defebd84ae8291747ae2c98e9d69f8a2e5b13c961e08919b", "3c300cbec9ba843ee19480b5b0060de0b57d6548feb22f7ef28beaaf8343ba19", "3cc49736f0366b43310f56df91575ef41bea8ad2eeedae32792fb09ae7e31ae7", "3d1a73fe3be9001df159235f22cc55c7734d9a5b323428bb30935ddc41812240", "3d39629eec9348809848a5382dd63754e2077f0cafd35797ff046d9fc47adfbe", "3eca933a8e14e4422cd4da62f6e7985626663813a06bd20819741362e0dcf188", "3fc1a28a31c06fe2c37f694809bb1ad427af7e5e90c90e750827f267307794ae", "403cad3375d60425abffd84e2ddb05f27f9668e7d2118f7143494ea670d5e0f8", "419a73f425a854baa126252d0c37aec16c5aa17fb3ca7017ec1c7580f0b36f01", "426d3944419174dbb0bab0cb87782e532e75b1a1b6d24f1ddeb7464ca6213dbd", "429bd02d15f73b395b0077cc60226758ab3eb0a4f5b9dd1c03b90ee11dfeff6f", "43b4a8d7c7de4f85ad04b1496d48526172e438316dfc5a28410105e88c364378", "45dde1f263c32dce4b3de74c13295c7dfc73fa1d6a67b275d4b1b192992837cf", "4838480e18bdeb8d1e27a2b6f687294630c4cd23ad0fa6fad8e6daff46fe7f8d", "4ef8ff3634fef52af00d2209d5c4b6df6806bc8435c56e9358cecfb196939428", "4f7f64e79ba258eb90396e88947902f7aad9b7a6d18f2bc71e03337482df5b75", "4f85469ad6cccda166cabfccbc6e79d1d208963b776c0ad672899dd900cc7dfc", "504bca97eca49f4e24f76d072d3a377081d59158d29402824f25f8f14cadd936", "518d1bb4475cfad96b9803091a77df902d4f2fa5304c54e4e00d5b2d2ddae3e4", "51a9c174f91f49cd4a6a5d8da48985688112abf52d6daada6c75133049427612", "527c77eb5e1e02a434fb14898e9033ccbad1fc8b8d4914eaf57069047afef872", "532e57f0de93b228fe0f7b265ba4284d66e213680bcc10ff7c87d74fcc1fa864", "534098bd4885a433f27c2fb31edf6aa03dbcaceb8a30986babe2e6dd8b89102d", "56123cc5516efa3639d1c13fb012a30d9977201a472920202022db659a45295f", "5655b51d2eb28226ed7fe72684921840913f09bafee669b95adc259a44419266", "575e5b98ff6cba3e61608198a89dd9ffe35cfda37785e42ea060f7f9ea2a21d8", "579dc35a1125bf02f087fdc5f3723553bb766f6eb029a9ac6b8dfef64e255459", "57f0920b6c126ee3e5db7beee475c626fe5fe138cfcce9ef5588467d9896075e", "588a6de3eb965b1538e0241e2fe31dab25664037d03f0439b1013d78447bcaa4", "5922803c81b174eb0db295d6700071ce28422c4c9de1bd6e2e57f84c44e7ef71", "592d7157949ee4b110b260a42157128c492c1b0bb703d89c08d2d4cab83434fc", "59c60eefd5fcc85e5978c5a84b34e1a5794bb72261854cc49237f78c35f6ccc8", "59d24b0ee61963187d9b42b42ad9f190dde07ccedf435698c4875c5847b1be06", "5baf5505d1b283421d52b7c6ace1500628c1bbff0aeb90cc2f718d80c9b0eadb", "5bdce5d37e2700a7334fae9ef679e81076de4ed7aa8486a3a63bb65cef8d2e99", "5c46faca0b86fff029648fe2d2761ed8a72a3df0d9c96d110222e22cb137ca6c", "5cbd4d7954577cc723c791a17fdbcbf92165a0537e34054c2156a1e5f80f0e53", "5dba0d4fc9d9b7ddaa646bb5847a714a93a33f538ab27af2f843b515ded93dca", "5dd558a8d2e45d6a73ff31fda97430b136e72d66abf1d27d9629fec1dd9d999e", "625f0f8eabdc168f4a9743ba9fb9fc97ebceb62c9662162e3fdbf15e92396043", "6304f6805825fe65e7598a9b07099c2b4858921cba47609f021e122a96edbdef", "63792f0e073d0a57de2ba8eb6c946020afc6ac317e58469f9108cdc7a4a1fec1", "650a9bdd450e171e7de2e6b397e7c513aa4998a683340ef1f2892a82bd367182", "685db9cdfa9374d765b354e35b4521b70d99272894eecaf281aedaa53d726fa0", "6d76d825a6cd9b21e0d8fd62d976f7c11afbd5ab1caef765a284a94185d006dc", "6dd9b6404ec8f7375fe0d0160098ff7692ebf234021a3162733e860cf80ec896", "6e166abbbd8bb1b370012874bc97594d1e6f3841acdc93550958972b4eb10efa", "6ff1a94fa21e3afe18152e5143c295d1e25b0bf0369e3a83ae93b8549cd5ef54", "705cbbb399f2955eef1c9529b416ed334ca2486b8d469e6ff12e19d208c42ccc", "717d1ac2367f5966789cce070c5641afe99c0909084a2d4aa44c0097bef49c75", "73a1540ab7511305817f156470ce5db48fc6c91f81d47dacee5afdbc36cd6cea", "748ab0fb1596c7ef638ea0837e2e3a132828f25b675b3711b3534a3fc496f260", "76208222dff43d38357f666e1fd9ed5b72872663f5336c8b7caf1531b0bcd8da", "782455948a24ee6b904f557283c224721fe7fb6f8e5d322cf341994d6056a6c0", "7914a5fa65a41377277abe765f4449d62658a8d0a763f826ce10a80a3594af6c", "795c8e80c0f5e262eb05556d511e314ef9a6706468fa5a5aec3acad6820b9d7c", "7b2e1873c7e8c4df0259aa11a9494ef614b9d992888434ba11f149eaaf1c876a", "7b7b80341eb753269c8cdc2cd1a4b05ae870a12c301c17fa59e1752a6e729324", "8035375fd1272280c865723677ccaf46d33d93965bf0b1fcb1ad18ff12ad2f8e", "81ae07b2a7d7bf1430a5771bf70dad0be2a81db27942876347e3371b44c52263", "83c92b1a9873325b8c23ff13823d413abb2fb4db18ccf4a72ac17c6de0688b41", "840663d24f5bcdb1b8c177861663e9cf6d2a3ed0d5fefac000cff65e0cd0e689", "85d13b96b49bdc436f0b2294389825c6060844f8d92661c2fe7ae7a2e422304e", "860863c81d38e0d40521da0e7c2c8bbad7eee4e1020d96724aaa86383f443848", "8620bdce74d8525aa3acb6451fa5293424f72aad460b2b3fa9f8c11952033787", "8770ad18fc5f53e9b47888c895c07472ba2abcf9212745a3a07a94cfbdc75142", "896ce433ff0a080a118110ae039e51cbdf21d2a65b26c5981143e3413716e64f", "8b1088d32f43b538a16b1601ece25afb43dd6db991fcc3543b0b263016b62b7c", "8b150950d4017874b1788c9f2f447d76a7a466adde26060ad20c6fbd36695afc", "8b35cba1674a93744d59ec68b4926c68ca73625b22638809cbdd415dfc433559", "906c74fea73f717ceaef1b0b7a1b13e2a3e6cf8394b5ad02d8071aa0a0e9f7ea", "92b1baef65146e718d72b82c714b9afe4f433f02f99d7068237714f7b87944c2", "93e20c6d3c97e927b124ed463ef73de90a59d4f206673f53d5a7ccc4c431814a", "93f225e0e528977d4eed42cd4f55c19ea6849049db55a2511d762c704aab0fad", "9637990590b843a2f2cf227c1cc65a1154c0a353baf74f5786d12b25f60a69a7", "9be25a61c03c18070214d0fbaf2eb9456e557a30bd38b73978bf69fdeca36f5f", "9dc2496f2e3db891c023e1fb7f33a5ce7e7734316d8d1349b71b6a24aba59f58", "9f679bc35ac635b9551b6fc81182ce05ea412f7e8099bee84642601f8dd3f0ac", "a146d78bba01ef6cf5f15a0f073e8d3f2d594796a4302a7397cd284e19c982a4", "a18cd20b45fb45481f677db926450a00624969698a8d6b81208e092fd1828608", "a1e287ff20d0349dac19f9c3380a1c3acbdcdc36456f32eb4cc804c042a73424", "a1ea75934712fd8d6831f3bd2fb1b7fb13ab55b05de9b7d1e970e15396f38eed", "a22b1995f282a7e3e74a2b63ae17a8c56772fd5c143fccd7cff7f2a317a38838", "a3176e4ec45f192e3b9a84c26f22e79e1953e8a019954057af0e96a4480b6988", "a4910a5f9d273e02400259f93f64def7bf1313ef96ab66fd1c97af739566d6d8", "a6b32a7e61c62b5ca054bf22cc61fad0fb5f1031aa51bd047f90a47dca266e8c", "a6e55ef41ea527921ce6a463a65ae22e45ea3ad678a5edca6859a808342104ed", "a8e8172e28aaf27fd8206523b46d10c2b18210d7a8e8b34323f87533b1d0b712", "aa814bdef05476a7ca9526f1409b0d50a1388aa2288a8776958a2a49e09de9aa", "ad1e57dbc0c1b91074a097b5bf98a6997d141ddb5218590afdedcfb6ba98888b", "adee565b24b6891ca1281655e21b965464f2eb8c8d456188cdf69a783eeec8c2", "aeffae1c0e614619a92465bdddcc307c9e1975fbc36e36dbcef8a49b9fdb629f", "af9fe0a6e86a10893498bbcd3cd1103d6ee4381991a442e5bc7b606fea6bd3c3", "b1089912e6d9198003035b288f5474b153ecc959cf9072b4633a7518fc78dd12", "b461c85c5fe7d660a44ee6f2ce1f445c6a9a85f75989c3fc410c6248687378fd", "b55867bde1aaa9309a6633e777bf5cde8be05380ce5ae0ad151c8b796ee03deb", "b610824c79147f68aa879bc27557ce590b71f23ea6d4caabcd6277c67e70b0cb", "b72f5a33382765040f144770f5ce1a8069cea8ebe551bbf658be2b576f02ad60", "b8fa1387927076bbaf206196f30612a1d48f0c212ebb17b0a6f0b7f673525819", "ba050b327c7484e3fbc402eebccecbad8f7d45e5a2310e5551c6c50d7b800650", "bcc53c44b09e54e77642999720148cba8af2653d08f75ed10849c8a7e7af2a21", "bd398baa58e2cb4e792641732759a1c5165de3d4159b0932cc1d27b33206fad8", "c2b31a7f8d78ab5313d159d69adee5187b5e6b55bc985d782fb5d9a7beda57fc", "c379be81d81a6896e4e5d67433ccc2cf324fa64d264b7e321bb8c2b094cf4616", "c3d39da18624aa1a352bebc2587f2f7afd306aaece35367b4370400bfe182323", "c4d4563e0d4e69c672da8a4ad21c80de73110745d8b186d985a2bdb64aff167c", "c68387c21e8ed0497881d96ee7b1771a928245e710f1727d1b5ac5cd044c768d", "c68b4f863d45ff68490a759986d36cb56ad00811a45cc5262770be13715ef6db", "c816c1e24671a92ddafcdaf209fdc2ae8a6ee7024280802739e55d05e41ffa92", "c89525301f316d64a479ad9517cba3c6976f48163d9b80c274fd345b47f5ded9", "ca43d7d20c7e2fe42e7a3965b21f574a124257b4e306acb41283fa228b8aa87e", "cc3cd71a8dfeef51087ef162d01af253d0f1272d4e3bafcef0348b22ad192edb", "cc9b2177db257508817b7b8da3f5e04d090d1468ad17b49c681fd37f11eb5ee2", "d082591f89b50d6051d6d0109060e837004ac32da433ff335111de8e32355d63", "d1673c6747b67b5e52d09d9d1413b21fa8e58d1324b6e6e4dcd48eae338f8704", "d30631b462047b1fe5ccfa35cf4ffbda38929b26916b7aa88b86088648f29392", "d38297aa92efecd326a583663211d7e72526e5445f2615674a1c0ba7f4db29db", "d5c4a42c907c41df156f8b534ca5f822dc7098133e4c17fda1edf717659de542", "d645ea559776d53712c43028ea086c68d2b10694c0b979486f3981a0cdc31251", "d772c986d554926de393c90a691b4b7f6a932f33a15c684d6eedaa83ba750a10", "d937fe77cbe79f24e65fab2ec513283cc6d8f7270e6c7e341e893b7c62cd7d00", "db0b24f81adf83c2d1ce55a3b34bb0a656a0a4749adf01f704d6720e41c90d95", "dc24a203aa38d747b2f7d5c416f496fa84f3d493d36a1e1ba09fa7742de4296b", "dedcb5b1f2abb0f1646f58c46a1ad9a5355157ec729bd8e3c69b828acb570f6f", "dfa41d4726d60201ec72f1d2f6e95d4a497058f9eaf0de1431ebe41c1a3fe897", "dfca889591a844a4dbce0e9cbb2f90f80cb26dc8982bea046c171562bfb4d63b", "e061637cb3ce3d4830a2988c31967c0669d9ca8d1e0f6592d324a10ac75529ca", "e10338f907a68c91282dcfcea46640df5530cb348c0ee41cf5a2d296d55c2425", "e1f29c6438c51e02657a416d44e2dbd127c72fd658759bd8fd1d5235a2084e2e", "e5ad8c0405a3b98f987c054ec0d98d5472d59e5a283fd7f5d540d7b119cbeaad", "e60dd158e96981b30a0bb242c1bd2010f4b3c0fe0f778162a021946c7e2d536f", "e87a3fb646adcbe5184bf45184d2d7995b6d10ef88492eb9d7e1076893d76fb7", "f05b09b8a3889b7a17057c953bd577a0bfa310cf0e3a0fc215165227d70c72ff", "f0f5910675aac5fb38d7d4900f93bd258e0aa6f8a455d16f4a0cacba499e6e58", "f17f00221bd2d4deea2081d8555e3a92a787e378933c7b82a3580b60616502ec", "f219495be7583fbd190915be3d407fc0099f3cb18462e31af057472561465c28", "f364077362196a1da1f0c31c83e991017fbe4c30f7ac6bfe5b2a65850115d945", "f581e93fce770a1aec21391c70e9482c98f1c029a7a723f62f0b359143d21e60", "f7b504dea37ed230abfc89643aa972294fae2a64b55ddffc72176ba029fcd722", "f7cab1e4031771feefd84f7687c5562185360870c13df18b7b087ff4a637fc74", "f825404388144e6fd5c25628e94371e3fae84eb94765561db5ae4150a3144cd5", "faa438520cf887bd1651a3a0ebf18c61f73c14326025881f620282862062948b", "feb85bae6abcece426945bcee824dd944c0a2157d05694d90ebb282bb00441ab", "ffa53a8dcd7db0861e5135b7d82bbc2c90cf59ebe2b53d14253aeb5e3a373a2d"], "iocs": {"domain": [{"hashes": ["009bd2bdbfa4169b22ffd51316b4d6d971e9133928899af2208c72408eb095ac", "024f0326c797d429a4dcecc5f1662a9cbb969bc5b0129c78c4c90dcbdd4069bc", "04c3de6445aefd13b88212d29589db04d7f6412bfee3e80d66513d259555d2fe", "0584d6cbafdec4ddaaba676ee9930af23dcdbb5e181d2203d936bfe78533022d", "0688967894c414690f2b7de3dcf6c63036c5ce61e8bb4c6db3f3e691cfdefc34", "079f9fdb7e1ae7c9547460b35cee345b3659e206752462a7f51a0fe31ef758c8", "07ad32619621f1ce3c9329e64cb51c24b23971fc9caffd27891e7cacb781381c", "0b6f1f1b68e8352e642d12009ce48934e763ca1ee263ebf822670835937cb6e4", "0b727beadc2a3f3afcd9d682932a9c6f392ba2a8c635de8290aaa671344e6e13", "0c39e82c2b7da1d44e2686b0721616cbb04a26dcda7c896249426b1349546f72", "0c6905dfc5d219d7405783ceba466330985ff038ce77c1448622b6ead9a8fedd", "0cd2f46a6d76025030ba0516e6ef5d935dee87aa1128fb9029810481604007ea", "0dcf26c0fdad8837add51b5268b5f3cf02ec9e3d8936f166bb164f2610f92ce8", "10dc3db45b5ad14d8bb58ebfe38d87f316a82f625145a6940ed6d2cffc3d3413", "10dd94a660c56eef86d3c4cb9ff8b1311e22e758a1d0b79c70fa23d3dec6fc44", "11ea59d574a39a7b2c60867451384e7cc9d33ae88c645bf641e861463d587e8e", "1201d6a2e6658cc9d6bbd03b22d4a8197a6aa7f3b550782c1c59b8015b26e190", "125266dc5e9a92d17d4469fed2cd60d0c76e3c90a469aed67a24308fa0b9f3e5", "125fd5f9590f0212ce2a55458ae5100d9296443b6b7cebbf17c577becb2c4150", "150c6538ad632823036986338622382a62fe871cb2e99aa45a6e94b64f4c485f", "1b66181c20015201e6216f8151dd6d83f3becf83f47d4a16ab894e497804ed8e", "1c2e0a6d68ae602e91db7269d692b746d38724cc46511716253d35c4a77b9918", "1db13bbbe5da803bad25cef3241af377e04b66bee57653c1804903587663ff67", "1e343f2293fa3247342f1b831cabd98115fd0f282e2c5693736359c70cf44706", "1ea6fc867b76d2f596f5e139fb3288e07525075bc116605c399995aef7d3d843", "5655b51d2eb28226ed7fe72684921840913f09bafee669b95adc259a44419266"], "host": "apps[.]identrust[.]com"}, {"hashes": ["009bd2bdbfa4169b22ffd51316b4d6d971e9133928899af2208c72408eb095ac", "024f0326c797d429a4dcecc5f1662a9cbb969bc5b0129c78c4c90dcbdd4069bc", "04c3de6445aefd13b88212d29589db04d7f6412bfee3e80d66513d259555d2fe", "0584d6cbafdec4ddaaba676ee9930af23dcdbb5e181d2203d936bfe78533022d", "0688967894c414690f2b7de3dcf6c63036c5ce61e8bb4c6db3f3e691cfdefc34", "079f9fdb7e1ae7c9547460b35cee345b3659e206752462a7f51a0fe31ef758c8", "07ad32619621f1ce3c9329e64cb51c24b23971fc9caffd27891e7cacb781381c", "0b6f1f1b68e8352e642d12009ce48934e763ca1ee263ebf822670835937cb6e4", "0b727beadc2a3f3afcd9d682932a9c6f392ba2a8c635de8290aaa671344e6e13", "0c39e82c2b7da1d44e2686b0721616cbb04a26dcda7c896249426b1349546f72", "0c6905dfc5d219d7405783ceba466330985ff038ce77c1448622b6ead9a8fedd", "0cd2f46a6d76025030ba0516e6ef5d935dee87aa1128fb9029810481604007ea", "0dcf26c0fdad8837add51b5268b5f3cf02ec9e3d8936f166bb164f2610f92ce8", "10dc3db45b5ad14d8bb58ebfe38d87f316a82f625145a6940ed6d2cffc3d3413", "10dd94a660c56eef86d3c4cb9ff8b1311e22e758a1d0b79c70fa23d3dec6fc44", "11ea59d574a39a7b2c60867451384e7cc9d33ae88c645bf641e861463d587e8e", "1201d6a2e6658cc9d6bbd03b22d4a8197a6aa7f3b550782c1c59b8015b26e190", "125266dc5e9a92d17d4469fed2cd60d0c76e3c90a469aed67a24308fa0b9f3e5", "125fd5f9590f0212ce2a55458ae5100d9296443b6b7cebbf17c577becb2c4150", "150c6538ad632823036986338622382a62fe871cb2e99aa45a6e94b64f4c485f", "1b66181c20015201e6216f8151dd6d83f3becf83f47d4a16ab894e497804ed8e", "1c2e0a6d68ae602e91db7269d692b746d38724cc46511716253d35c4a77b9918", "1db13bbbe5da803bad25cef3241af377e04b66bee57653c1804903587663ff67", "1e343f2293fa3247342f1b831cabd98115fd0f282e2c5693736359c70cf44706", "1ea6fc867b76d2f596f5e139fb3288e07525075bc116605c399995aef7d3d843", "5655b51d2eb28226ed7fe72684921840913f09bafee669b95adc259a44419266"], "host": "benefitanswers[.]co[.]uk"}, {"hashes": ["009bd2bdbfa4169b22ffd51316b4d6d971e9133928899af2208c72408eb095ac", "024f0326c797d429a4dcecc5f1662a9cbb969bc5b0129c78c4c90dcbdd4069bc", "04c3de6445aefd13b88212d29589db04d7f6412bfee3e80d66513d259555d2fe", "0584d6cbafdec4ddaaba676ee9930af23dcdbb5e181d2203d936bfe78533022d", "0688967894c414690f2b7de3dcf6c63036c5ce61e8bb4c6db3f3e691cfdefc34", "079f9fdb7e1ae7c9547460b35cee345b3659e206752462a7f51a0fe31ef758c8", "07ad32619621f1ce3c9329e64cb51c24b23971fc9caffd27891e7cacb781381c", "0b6f1f1b68e8352e642d12009ce48934e763ca1ee263ebf822670835937cb6e4", "0b727beadc2a3f3afcd9d682932a9c6f392ba2a8c635de8290aaa671344e6e13", "0c39e82c2b7da1d44e2686b0721616cbb04a26dcda7c896249426b1349546f72", "0c6905dfc5d219d7405783ceba466330985ff038ce77c1448622b6ead9a8fedd", "0cd2f46a6d76025030ba0516e6ef5d935dee87aa1128fb9029810481604007ea", "0dcf26c0fdad8837add51b5268b5f3cf02ec9e3d8936f166bb164f2610f92ce8", "10dc3db45b5ad14d8bb58ebfe38d87f316a82f625145a6940ed6d2cffc3d3413", "10dd94a660c56eef86d3c4cb9ff8b1311e22e758a1d0b79c70fa23d3dec6fc44", "11ea59d574a39a7b2c60867451384e7cc9d33ae88c645bf641e861463d587e8e", "1201d6a2e6658cc9d6bbd03b22d4a8197a6aa7f3b550782c1c59b8015b26e190", "125266dc5e9a92d17d4469fed2cd60d0c76e3c90a469aed67a24308fa0b9f3e5", "125fd5f9590f0212ce2a55458ae5100d9296443b6b7cebbf17c577becb2c4150", "150c6538ad632823036986338622382a62fe871cb2e99aa45a6e94b64f4c485f", "1b66181c20015201e6216f8151dd6d83f3becf83f47d4a16ab894e497804ed8e", "1c2e0a6d68ae602e91db7269d692b746d38724cc46511716253d35c4a77b9918", "1db13bbbe5da803bad25cef3241af377e04b66bee57653c1804903587663ff67", "1e343f2293fa3247342f1b831cabd98115fd0f282e2c5693736359c70cf44706", "1ea6fc867b76d2f596f5e139fb3288e07525075bc116605c399995aef7d3d843", "5655b51d2eb28226ed7fe72684921840913f09bafee669b95adc259a44419266"], "host": "turnaliinsaat[.]com"}], "file": [{"hashes": ["009bd2bdbfa4169b22ffd51316b4d6d971e9133928899af2208c72408eb095ac", "024f0326c797d429a4dcecc5f1662a9cbb969bc5b0129c78c4c90dcbdd4069bc", "04c3de6445aefd13b88212d29589db04d7f6412bfee3e80d66513d259555d2fe", "0584d6cbafdec4ddaaba676ee9930af23dcdbb5e181d2203d936bfe78533022d", "0688967894c414690f2b7de3dcf6c63036c5ce61e8bb4c6db3f3e691cfdefc34", "079f9fdb7e1ae7c9547460b35cee345b3659e206752462a7f51a0fe31ef758c8", "07ad32619621f1ce3c9329e64cb51c24b23971fc9caffd27891e7cacb781381c", "0b6f1f1b68e8352e642d12009ce48934e763ca1ee263ebf822670835937cb6e4", "0b727beadc2a3f3afcd9d682932a9c6f392ba2a8c635de8290aaa671344e6e13", "0c39e82c2b7da1d44e2686b0721616cbb04a26dcda7c896249426b1349546f72", "0c6905dfc5d219d7405783ceba466330985ff038ce77c1448622b6ead9a8fedd", "0cd2f46a6d76025030ba0516e6ef5d935dee87aa1128fb9029810481604007ea", "0dcf26c0fdad8837add51b5268b5f3cf02ec9e3d8936f166bb164f2610f92ce8", "10dc3db45b5ad14d8bb58ebfe38d87f316a82f625145a6940ed6d2cffc3d3413", "10dd94a660c56eef86d3c4cb9ff8b1311e22e758a1d0b79c70fa23d3dec6fc44", "11ea59d574a39a7b2c60867451384e7cc9d33ae88c645bf641e861463d587e8e", "1201d6a2e6658cc9d6bbd03b22d4a8197a6aa7f3b550782c1c59b8015b26e190", "125266dc5e9a92d17d4469fed2cd60d0c76e3c90a469aed67a24308fa0b9f3e5", "125fd5f9590f0212ce2a55458ae5100d9296443b6b7cebbf17c577becb2c4150", "150c6538ad632823036986338622382a62fe871cb2e99aa45a6e94b64f4c485f", "1b66181c20015201e6216f8151dd6d83f3becf83f47d4a16ab894e497804ed8e", "1c2e0a6d68ae602e91db7269d692b746d38724cc46511716253d35c4a77b9918", "1db13bbbe5da803bad25cef3241af377e04b66bee57653c1804903587663ff67", "1e343f2293fa3247342f1b831cabd98115fd0f282e2c5693736359c70cf44706", "1ea6fc867b76d2f596f5e139fb3288e07525075bc116605c399995aef7d3d843", "5655b51d2eb28226ed7fe72684921840913f09bafee669b95adc259a44419266"], "path": "%TEMP%\\updtool.exe"}], "ip": [{"hashes": ["009bd2bdbfa4169b22ffd51316b4d6d971e9133928899af2208c72408eb095ac", "024f0326c797d429a4dcecc5f1662a9cbb969bc5b0129c78c4c90dcbdd4069bc", "04c3de6445aefd13b88212d29589db04d7f6412bfee3e80d66513d259555d2fe", "0584d6cbafdec4ddaaba676ee9930af23dcdbb5e181d2203d936bfe78533022d", "0688967894c414690f2b7de3dcf6c63036c5ce61e8bb4c6db3f3e691cfdefc34", "079f9fdb7e1ae7c9547460b35cee345b3659e206752462a7f51a0fe31ef758c8", "07ad32619621f1ce3c9329e64cb51c24b23971fc9caffd27891e7cacb781381c", "0b6f1f1b68e8352e642d12009ce48934e763ca1ee263ebf822670835937cb6e4", "0b727beadc2a3f3afcd9d682932a9c6f392ba2a8c635de8290aaa671344e6e13", "0c39e82c2b7da1d44e2686b0721616cbb04a26dcda7c896249426b1349546f72", "0c6905dfc5d219d7405783ceba466330985ff038ce77c1448622b6ead9a8fedd", "0cd2f46a6d76025030ba0516e6ef5d935dee87aa1128fb9029810481604007ea", "0dcf26c0fdad8837add51b5268b5f3cf02ec9e3d8936f166bb164f2610f92ce8", "10dc3db45b5ad14d8bb58ebfe38d87f316a82f625145a6940ed6d2cffc3d3413", "10dd94a660c56eef86d3c4cb9ff8b1311e22e758a1d0b79c70fa23d3dec6fc44", "11ea59d574a39a7b2c60867451384e7cc9d33ae88c645bf641e861463d587e8e", "1201d6a2e6658cc9d6bbd03b22d4a8197a6aa7f3b550782c1c59b8015b26e190", "125266dc5e9a92d17d4469fed2cd60d0c76e3c90a469aed67a24308fa0b9f3e5", "125fd5f9590f0212ce2a55458ae5100d9296443b6b7cebbf17c577becb2c4150", "150c6538ad632823036986338622382a62fe871cb2e99aa45a6e94b64f4c485f", "1b66181c20015201e6216f8151dd6d83f3becf83f47d4a16ab894e497804ed8e", "1c2e0a6d68ae602e91db7269d692b746d38724cc46511716253d35c4a77b9918", "1db13bbbe5da803bad25cef3241af377e04b66bee57653c1804903587663ff67", "1e343f2293fa3247342f1b831cabd98115fd0f282e2c5693736359c70cf44706", "1ea6fc867b76d2f596f5e139fb3288e07525075bc116605c399995aef7d3d843", "5655b51d2eb28226ed7fe72684921840913f09bafee669b95adc259a44419266"], "ip": "77[.]68[.]74[.]189"}, {"hashes": ["024f0326c797d429a4dcecc5f1662a9cbb969bc5b0129c78c4c90dcbdd4069bc", "04c3de6445aefd13b88212d29589db04d7f6412bfee3e80d66513d259555d2fe", "0584d6cbafdec4ddaaba676ee9930af23dcdbb5e181d2203d936bfe78533022d", "079f9fdb7e1ae7c9547460b35cee345b3659e206752462a7f51a0fe31ef758c8", "07ad32619621f1ce3c9329e64cb51c24b23971fc9caffd27891e7cacb781381c", "0b727beadc2a3f3afcd9d682932a9c6f392ba2a8c635de8290aaa671344e6e13", "0c6905dfc5d219d7405783ceba466330985ff038ce77c1448622b6ead9a8fedd", "0cd2f46a6d76025030ba0516e6ef5d935dee87aa1128fb9029810481604007ea", "10dc3db45b5ad14d8bb58ebfe38d87f316a82f625145a6940ed6d2cffc3d3413", "10dd94a660c56eef86d3c4cb9ff8b1311e22e758a1d0b79c70fa23d3dec6fc44", "1201d6a2e6658cc9d6bbd03b22d4a8197a6aa7f3b550782c1c59b8015b26e190", "125266dc5e9a92d17d4469fed2cd60d0c76e3c90a469aed67a24308fa0b9f3e5", "1db13bbbe5da803bad25cef3241af377e04b66bee57653c1804903587663ff67", "1e343f2293fa3247342f1b831cabd98115fd0f282e2c5693736359c70cf44706"], "ip": "23[.]221[.]227[.]174"}, {"hashes": ["009bd2bdbfa4169b22ffd51316b4d6d971e9133928899af2208c72408eb095ac", "0688967894c414690f2b7de3dcf6c63036c5ce61e8bb4c6db3f3e691cfdefc34", "0b6f1f1b68e8352e642d12009ce48934e763ca1ee263ebf822670835937cb6e4", "0c39e82c2b7da1d44e2686b0721616cbb04a26dcda7c896249426b1349546f72", "0dcf26c0fdad8837add51b5268b5f3cf02ec9e3d8936f166bb164f2610f92ce8", "11ea59d574a39a7b2c60867451384e7cc9d33ae88c645bf641e861463d587e8e", "125fd5f9590f0212ce2a55458ae5100d9296443b6b7cebbf17c577becb2c4150", "150c6538ad632823036986338622382a62fe871cb2e99aa45a6e94b64f4c485f", "1b66181c20015201e6216f8151dd6d83f3becf83f47d4a16ab894e497804ed8e", "1c2e0a6d68ae602e91db7269d692b746d38724cc46511716253d35c4a77b9918", "1ea6fc867b76d2f596f5e139fb3288e07525075bc116605c399995aef7d3d843"], "ip": "23[.]221[.]227[.]176"}, {"hashes": ["5655b51d2eb28226ed7fe72684921840913f09bafee669b95adc259a44419266"], "ip": "23[.]193[.]194[.]138"}], "mutex": [], "registry": []}, "reports_count": 26}, "Win.Trojan.RevengeRAT-10004611-1": {"bis": [{"bi": "memory-execute-readwrite", "hashes": ["0309ad59c21006514055ef9354e2dae635c26d3c2d990559615526a9fe72ff54", "049b5956595ccc11469be36bb2486c84491ff6caf63480a9f5e41dcda29d2e6a", "07827334bbbbd7bb30a4a0b18eedfad4cedb9a95165e74203ddc57af84036007", "1248073a0c941d199fb86632cd612d42f7ea6c7000c66162eac5e254298b6c0b", "16659f71c91f7a0bf4dfb354dc3222d128159d8862febd0810564c606d4d4b26", "123fb6d0a6007cfc3bfc66afbd4bf783c3c2a178a61052363a9bc4a1a6dbbe9e", "062a17b83b98fb2fe0263a1a24c4ebd04545a7503fbeba00bac6abe24905b790", "1615738e28738e78deed28921851783adc75a45e5f7258be1802e98d8f889f5a", "0ae3a8fe5d4d198339a6e0ac66db05aac82c3fabca4c94e5073b5fcc9adc33d6", "08e942f92597380308bdf60888cf976732fe581d73b06bcce1414acf72ff23e9", "12bfae2e5e4d8a4e8966677ff4235a56fca5fbfeb5abd71b8d4b469358db7558", "032ec8facc409ce44eb692039a972d305213033060b16c0b74a4e8c4612b15d3", "1533454353df127eb59613f0adbcdf7f2f5278b97cf59bcf815e0bd675edc5a0", "0e41b57c5d12757477f5a55a6ef4249382cb00b9647d16b4088020c77d9d4bf0", "0117e5f0ed99601ec0c14007fe47f9595c1c8eeb1e02ddec403051d930fd75e9", "133b506e59475c536601b8121c75b5060c3de8a12f7d94e5980903af85fc6f6a", "01ad4793cc16f1a08ea244cbfa95f140591d34069a2195816afe15648a7c505d", "127bd3b50ba83a61fa6d2e578ae65a7bf35582f9e3c91aaa26e346feb8d4a8fd", "096c931004be830b3447cbd1e311c5b5040d06aa37e5b15e2a03a67f87e5c5d2", "05fc5d966f35135922a80ea79a61bdfdbde06ac33a8f02f8fc8928831208b03c", "1425ef0c15d0d2d9a791c5cbf94ced34972ba6f6f44490a4cb5a82bcfd2f8ded", "107375aeb10e843e51c1f58395d0d116f866564b225d41acd0ba673ffaa521f3", "0e0866a83d3f643b698ddd1110014afd436509d6e43282f8a95b9b29c876f4fd", "042d6522cbe511cb76ba9e2541765697c444e149461fc5f16d0f836fc837d934", "015bb3bb231fcc3c3d713891ab7f6e38aaf58df3b071c013a0a7b6c45eed7368"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "modified-executable", "hashes": ["0309ad59c21006514055ef9354e2dae635c26d3c2d990559615526a9fe72ff54", "049b5956595ccc11469be36bb2486c84491ff6caf63480a9f5e41dcda29d2e6a", "07827334bbbbd7bb30a4a0b18eedfad4cedb9a95165e74203ddc57af84036007", "1248073a0c941d199fb86632cd612d42f7ea6c7000c66162eac5e254298b6c0b", "16659f71c91f7a0bf4dfb354dc3222d128159d8862febd0810564c606d4d4b26", "123fb6d0a6007cfc3bfc66afbd4bf783c3c2a178a61052363a9bc4a1a6dbbe9e", "062a17b83b98fb2fe0263a1a24c4ebd04545a7503fbeba00bac6abe24905b790", "1615738e28738e78deed28921851783adc75a45e5f7258be1802e98d8f889f5a", "0ae3a8fe5d4d198339a6e0ac66db05aac82c3fabca4c94e5073b5fcc9adc33d6", "08e942f92597380308bdf60888cf976732fe581d73b06bcce1414acf72ff23e9", "12bfae2e5e4d8a4e8966677ff4235a56fca5fbfeb5abd71b8d4b469358db7558", "032ec8facc409ce44eb692039a972d305213033060b16c0b74a4e8c4612b15d3", "1533454353df127eb59613f0adbcdf7f2f5278b97cf59bcf815e0bd675edc5a0", "0e41b57c5d12757477f5a55a6ef4249382cb00b9647d16b4088020c77d9d4bf0", "0117e5f0ed99601ec0c14007fe47f9595c1c8eeb1e02ddec403051d930fd75e9", "133b506e59475c536601b8121c75b5060c3de8a12f7d94e5980903af85fc6f6a", "01ad4793cc16f1a08ea244cbfa95f140591d34069a2195816afe15648a7c505d", "127bd3b50ba83a61fa6d2e578ae65a7bf35582f9e3c91aaa26e346feb8d4a8fd", "096c931004be830b3447cbd1e311c5b5040d06aa37e5b15e2a03a67f87e5c5d2", "05fc5d966f35135922a80ea79a61bdfdbde06ac33a8f02f8fc8928831208b03c", "1425ef0c15d0d2d9a791c5cbf94ced34972ba6f6f44490a4cb5a82bcfd2f8ded", "107375aeb10e843e51c1f58395d0d116f866564b225d41acd0ba673ffaa521f3", "0e0866a83d3f643b698ddd1110014afd436509d6e43282f8a95b9b29c876f4fd", "042d6522cbe511cb76ba9e2541765697c444e149461fc5f16d0f836fc837d934", "015bb3bb231fcc3c3d713891ab7f6e38aaf58df3b071c013a0a7b6c45eed7368"], "mitre_attack_tags": []}, {"bi": "created-executable-in-user-dir", "hashes": ["0309ad59c21006514055ef9354e2dae635c26d3c2d990559615526a9fe72ff54", "049b5956595ccc11469be36bb2486c84491ff6caf63480a9f5e41dcda29d2e6a", "07827334bbbbd7bb30a4a0b18eedfad4cedb9a95165e74203ddc57af84036007", "1248073a0c941d199fb86632cd612d42f7ea6c7000c66162eac5e254298b6c0b", "16659f71c91f7a0bf4dfb354dc3222d128159d8862febd0810564c606d4d4b26", "123fb6d0a6007cfc3bfc66afbd4bf783c3c2a178a61052363a9bc4a1a6dbbe9e", "062a17b83b98fb2fe0263a1a24c4ebd04545a7503fbeba00bac6abe24905b790", "1615738e28738e78deed28921851783adc75a45e5f7258be1802e98d8f889f5a", "0ae3a8fe5d4d198339a6e0ac66db05aac82c3fabca4c94e5073b5fcc9adc33d6", "08e942f92597380308bdf60888cf976732fe581d73b06bcce1414acf72ff23e9", "12bfae2e5e4d8a4e8966677ff4235a56fca5fbfeb5abd71b8d4b469358db7558", "032ec8facc409ce44eb692039a972d305213033060b16c0b74a4e8c4612b15d3", "1533454353df127eb59613f0adbcdf7f2f5278b97cf59bcf815e0bd675edc5a0", "0e41b57c5d12757477f5a55a6ef4249382cb00b9647d16b4088020c77d9d4bf0", "0117e5f0ed99601ec0c14007fe47f9595c1c8eeb1e02ddec403051d930fd75e9", "133b506e59475c536601b8121c75b5060c3de8a12f7d94e5980903af85fc6f6a", "01ad4793cc16f1a08ea244cbfa95f140591d34069a2195816afe15648a7c505d", "127bd3b50ba83a61fa6d2e578ae65a7bf35582f9e3c91aaa26e346feb8d4a8fd", "096c931004be830b3447cbd1e311c5b5040d06aa37e5b15e2a03a67f87e5c5d2", "05fc5d966f35135922a80ea79a61bdfdbde06ac33a8f02f8fc8928831208b03c", "1425ef0c15d0d2d9a791c5cbf94ced34972ba6f6f44490a4cb5a82bcfd2f8ded", "107375aeb10e843e51c1f58395d0d116f866564b225d41acd0ba673ffaa521f3", "0e0866a83d3f643b698ddd1110014afd436509d6e43282f8a95b9b29c876f4fd", "042d6522cbe511cb76ba9e2541765697c444e149461fc5f16d0f836fc837d934", "015bb3bb231fcc3c3d713891ab7f6e38aaf58df3b071c013a0a7b6c45eed7368"], "mitre_attack_tags": []}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["0309ad59c21006514055ef9354e2dae635c26d3c2d990559615526a9fe72ff54", "049b5956595ccc11469be36bb2486c84491ff6caf63480a9f5e41dcda29d2e6a", "07827334bbbbd7bb30a4a0b18eedfad4cedb9a95165e74203ddc57af84036007", "1248073a0c941d199fb86632cd612d42f7ea6c7000c66162eac5e254298b6c0b", "16659f71c91f7a0bf4dfb354dc3222d128159d8862febd0810564c606d4d4b26", "123fb6d0a6007cfc3bfc66afbd4bf783c3c2a178a61052363a9bc4a1a6dbbe9e", "062a17b83b98fb2fe0263a1a24c4ebd04545a7503fbeba00bac6abe24905b790", "1615738e28738e78deed28921851783adc75a45e5f7258be1802e98d8f889f5a", "0ae3a8fe5d4d198339a6e0ac66db05aac82c3fabca4c94e5073b5fcc9adc33d6", "08e942f92597380308bdf60888cf976732fe581d73b06bcce1414acf72ff23e9", "12bfae2e5e4d8a4e8966677ff4235a56fca5fbfeb5abd71b8d4b469358db7558", "032ec8facc409ce44eb692039a972d305213033060b16c0b74a4e8c4612b15d3", "1533454353df127eb59613f0adbcdf7f2f5278b97cf59bcf815e0bd675edc5a0", "0e41b57c5d12757477f5a55a6ef4249382cb00b9647d16b4088020c77d9d4bf0", "0117e5f0ed99601ec0c14007fe47f9595c1c8eeb1e02ddec403051d930fd75e9", "133b506e59475c536601b8121c75b5060c3de8a12f7d94e5980903af85fc6f6a", "01ad4793cc16f1a08ea244cbfa95f140591d34069a2195816afe15648a7c505d", "127bd3b50ba83a61fa6d2e578ae65a7bf35582f9e3c91aaa26e346feb8d4a8fd", "096c931004be830b3447cbd1e311c5b5040d06aa37e5b15e2a03a67f87e5c5d2", "05fc5d966f35135922a80ea79a61bdfdbde06ac33a8f02f8fc8928831208b03c", "1425ef0c15d0d2d9a791c5cbf94ced34972ba6f6f44490a4cb5a82bcfd2f8ded", "107375aeb10e843e51c1f58395d0d116f866564b225d41acd0ba673ffaa521f3", "0e0866a83d3f643b698ddd1110014afd436509d6e43282f8a95b9b29c876f4fd", "042d6522cbe511cb76ba9e2541765697c444e149461fc5f16d0f836fc837d934", "015bb3bb231fcc3c3d713891ab7f6e38aaf58df3b071c013a0a7b6c45eed7368"], "mitre_attack_tags": []}, {"bi": "modified-file-in-user-dir", "hashes": ["0309ad59c21006514055ef9354e2dae635c26d3c2d990559615526a9fe72ff54", "049b5956595ccc11469be36bb2486c84491ff6caf63480a9f5e41dcda29d2e6a", "07827334bbbbd7bb30a4a0b18eedfad4cedb9a95165e74203ddc57af84036007", "1248073a0c941d199fb86632cd612d42f7ea6c7000c66162eac5e254298b6c0b", "16659f71c91f7a0bf4dfb354dc3222d128159d8862febd0810564c606d4d4b26", "123fb6d0a6007cfc3bfc66afbd4bf783c3c2a178a61052363a9bc4a1a6dbbe9e", "062a17b83b98fb2fe0263a1a24c4ebd04545a7503fbeba00bac6abe24905b790", "1615738e28738e78deed28921851783adc75a45e5f7258be1802e98d8f889f5a", "0ae3a8fe5d4d198339a6e0ac66db05aac82c3fabca4c94e5073b5fcc9adc33d6", "08e942f92597380308bdf60888cf976732fe581d73b06bcce1414acf72ff23e9", "12bfae2e5e4d8a4e8966677ff4235a56fca5fbfeb5abd71b8d4b469358db7558", "032ec8facc409ce44eb692039a972d305213033060b16c0b74a4e8c4612b15d3", "1533454353df127eb59613f0adbcdf7f2f5278b97cf59bcf815e0bd675edc5a0", "0e41b57c5d12757477f5a55a6ef4249382cb00b9647d16b4088020c77d9d4bf0", "0117e5f0ed99601ec0c14007fe47f9595c1c8eeb1e02ddec403051d930fd75e9", "133b506e59475c536601b8121c75b5060c3de8a12f7d94e5980903af85fc6f6a", "01ad4793cc16f1a08ea244cbfa95f140591d34069a2195816afe15648a7c505d", "127bd3b50ba83a61fa6d2e578ae65a7bf35582f9e3c91aaa26e346feb8d4a8fd", "096c931004be830b3447cbd1e311c5b5040d06aa37e5b15e2a03a67f87e5c5d2", "05fc5d966f35135922a80ea79a61bdfdbde06ac33a8f02f8fc8928831208b03c", "1425ef0c15d0d2d9a791c5cbf94ced34972ba6f6f44490a4cb5a82bcfd2f8ded", "107375aeb10e843e51c1f58395d0d116f866564b225d41acd0ba673ffaa521f3", "0e0866a83d3f643b698ddd1110014afd436509d6e43282f8a95b9b29c876f4fd", "042d6522cbe511cb76ba9e2541765697c444e149461fc5f16d0f836fc837d934", "015bb3bb231fcc3c3d713891ab7f6e38aaf58df3b071c013a0a7b6c45eed7368"], "mitre_attack_tags": []}, {"bi": "pe-invalid-checksum", "hashes": ["0309ad59c21006514055ef9354e2dae635c26d3c2d990559615526a9fe72ff54", "049b5956595ccc11469be36bb2486c84491ff6caf63480a9f5e41dcda29d2e6a", "07827334bbbbd7bb30a4a0b18eedfad4cedb9a95165e74203ddc57af84036007", "1248073a0c941d199fb86632cd612d42f7ea6c7000c66162eac5e254298b6c0b", "16659f71c91f7a0bf4dfb354dc3222d128159d8862febd0810564c606d4d4b26", "123fb6d0a6007cfc3bfc66afbd4bf783c3c2a178a61052363a9bc4a1a6dbbe9e", "062a17b83b98fb2fe0263a1a24c4ebd04545a7503fbeba00bac6abe24905b790", "1615738e28738e78deed28921851783adc75a45e5f7258be1802e98d8f889f5a", "0ae3a8fe5d4d198339a6e0ac66db05aac82c3fabca4c94e5073b5fcc9adc33d6", "08e942f92597380308bdf60888cf976732fe581d73b06bcce1414acf72ff23e9", "12bfae2e5e4d8a4e8966677ff4235a56fca5fbfeb5abd71b8d4b469358db7558", "032ec8facc409ce44eb692039a972d305213033060b16c0b74a4e8c4612b15d3", "1533454353df127eb59613f0adbcdf7f2f5278b97cf59bcf815e0bd675edc5a0", "0e41b57c5d12757477f5a55a6ef4249382cb00b9647d16b4088020c77d9d4bf0", "0117e5f0ed99601ec0c14007fe47f9595c1c8eeb1e02ddec403051d930fd75e9", "133b506e59475c536601b8121c75b5060c3de8a12f7d94e5980903af85fc6f6a", "01ad4793cc16f1a08ea244cbfa95f140591d34069a2195816afe15648a7c505d", "127bd3b50ba83a61fa6d2e578ae65a7bf35582f9e3c91aaa26e346feb8d4a8fd", "096c931004be830b3447cbd1e311c5b5040d06aa37e5b15e2a03a67f87e5c5d2", "05fc5d966f35135922a80ea79a61bdfdbde06ac33a8f02f8fc8928831208b03c", "1425ef0c15d0d2d9a791c5cbf94ced34972ba6f6f44490a4cb5a82bcfd2f8ded", "107375aeb10e843e51c1f58395d0d116f866564b225d41acd0ba673ffaa521f3", "0e0866a83d3f643b698ddd1110014afd436509d6e43282f8a95b9b29c876f4fd", "042d6522cbe511cb76ba9e2541765697c444e149461fc5f16d0f836fc837d934", "015bb3bb231fcc3c3d713891ab7f6e38aaf58df3b071c013a0a7b6c45eed7368"], "mitre_attack_tags": []}, {"bi": "artifact-flagged-anomaly", "hashes": ["0309ad59c21006514055ef9354e2dae635c26d3c2d990559615526a9fe72ff54", "049b5956595ccc11469be36bb2486c84491ff6caf63480a9f5e41dcda29d2e6a", "07827334bbbbd7bb30a4a0b18eedfad4cedb9a95165e74203ddc57af84036007", "1248073a0c941d199fb86632cd612d42f7ea6c7000c66162eac5e254298b6c0b", "16659f71c91f7a0bf4dfb354dc3222d128159d8862febd0810564c606d4d4b26", "123fb6d0a6007cfc3bfc66afbd4bf783c3c2a178a61052363a9bc4a1a6dbbe9e", "062a17b83b98fb2fe0263a1a24c4ebd04545a7503fbeba00bac6abe24905b790", "1615738e28738e78deed28921851783adc75a45e5f7258be1802e98d8f889f5a", "0ae3a8fe5d4d198339a6e0ac66db05aac82c3fabca4c94e5073b5fcc9adc33d6", "08e942f92597380308bdf60888cf976732fe581d73b06bcce1414acf72ff23e9", "12bfae2e5e4d8a4e8966677ff4235a56fca5fbfeb5abd71b8d4b469358db7558", "032ec8facc409ce44eb692039a972d305213033060b16c0b74a4e8c4612b15d3", "1533454353df127eb59613f0adbcdf7f2f5278b97cf59bcf815e0bd675edc5a0", "0e41b57c5d12757477f5a55a6ef4249382cb00b9647d16b4088020c77d9d4bf0", "0117e5f0ed99601ec0c14007fe47f9595c1c8eeb1e02ddec403051d930fd75e9", "133b506e59475c536601b8121c75b5060c3de8a12f7d94e5980903af85fc6f6a", "01ad4793cc16f1a08ea244cbfa95f140591d34069a2195816afe15648a7c505d", "127bd3b50ba83a61fa6d2e578ae65a7bf35582f9e3c91aaa26e346feb8d4a8fd", "096c931004be830b3447cbd1e311c5b5040d06aa37e5b15e2a03a67f87e5c5d2", "05fc5d966f35135922a80ea79a61bdfdbde06ac33a8f02f8fc8928831208b03c", "1425ef0c15d0d2d9a791c5cbf94ced34972ba6f6f44490a4cb5a82bcfd2f8ded", "107375aeb10e843e51c1f58395d0d116f866564b225d41acd0ba673ffaa521f3", "0e0866a83d3f643b698ddd1110014afd436509d6e43282f8a95b9b29c876f4fd", "042d6522cbe511cb76ba9e2541765697c444e149461fc5f16d0f836fc837d934", "015bb3bb231fcc3c3d713891ab7f6e38aaf58df3b071c013a0a7b6c45eed7368"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "pe-filename-mismatch", "hashes": ["0309ad59c21006514055ef9354e2dae635c26d3c2d990559615526a9fe72ff54", "049b5956595ccc11469be36bb2486c84491ff6caf63480a9f5e41dcda29d2e6a", "07827334bbbbd7bb30a4a0b18eedfad4cedb9a95165e74203ddc57af84036007", "1248073a0c941d199fb86632cd612d42f7ea6c7000c66162eac5e254298b6c0b", "16659f71c91f7a0bf4dfb354dc3222d128159d8862febd0810564c606d4d4b26", "123fb6d0a6007cfc3bfc66afbd4bf783c3c2a178a61052363a9bc4a1a6dbbe9e", "062a17b83b98fb2fe0263a1a24c4ebd04545a7503fbeba00bac6abe24905b790", "1615738e28738e78deed28921851783adc75a45e5f7258be1802e98d8f889f5a", "0ae3a8fe5d4d198339a6e0ac66db05aac82c3fabca4c94e5073b5fcc9adc33d6", "08e942f92597380308bdf60888cf976732fe581d73b06bcce1414acf72ff23e9", "12bfae2e5e4d8a4e8966677ff4235a56fca5fbfeb5abd71b8d4b469358db7558", "032ec8facc409ce44eb692039a972d305213033060b16c0b74a4e8c4612b15d3", "1533454353df127eb59613f0adbcdf7f2f5278b97cf59bcf815e0bd675edc5a0", "0e41b57c5d12757477f5a55a6ef4249382cb00b9647d16b4088020c77d9d4bf0", "0117e5f0ed99601ec0c14007fe47f9595c1c8eeb1e02ddec403051d930fd75e9", "133b506e59475c536601b8121c75b5060c3de8a12f7d94e5980903af85fc6f6a", "01ad4793cc16f1a08ea244cbfa95f140591d34069a2195816afe15648a7c505d", "127bd3b50ba83a61fa6d2e578ae65a7bf35582f9e3c91aaa26e346feb8d4a8fd", "096c931004be830b3447cbd1e311c5b5040d06aa37e5b15e2a03a67f87e5c5d2", "05fc5d966f35135922a80ea79a61bdfdbde06ac33a8f02f8fc8928831208b03c", "1425ef0c15d0d2d9a791c5cbf94ced34972ba6f6f44490a4cb5a82bcfd2f8ded", "107375aeb10e843e51c1f58395d0d116f866564b225d41acd0ba673ffaa521f3", "0e0866a83d3f643b698ddd1110014afd436509d6e43282f8a95b9b29c876f4fd", "042d6522cbe511cb76ba9e2541765697c444e149461fc5f16d0f836fc837d934", "015bb3bb231fcc3c3d713891ab7f6e38aaf58df3b071c013a0a7b6c45eed7368"], "mitre_attack_tags": []}, {"bi": "network-fast-flux-domain", "hashes": ["0309ad59c21006514055ef9354e2dae635c26d3c2d990559615526a9fe72ff54", "049b5956595ccc11469be36bb2486c84491ff6caf63480a9f5e41dcda29d2e6a", "07827334bbbbd7bb30a4a0b18eedfad4cedb9a95165e74203ddc57af84036007", "1248073a0c941d199fb86632cd612d42f7ea6c7000c66162eac5e254298b6c0b", "16659f71c91f7a0bf4dfb354dc3222d128159d8862febd0810564c606d4d4b26", "123fb6d0a6007cfc3bfc66afbd4bf783c3c2a178a61052363a9bc4a1a6dbbe9e", "062a17b83b98fb2fe0263a1a24c4ebd04545a7503fbeba00bac6abe24905b790", "1615738e28738e78deed28921851783adc75a45e5f7258be1802e98d8f889f5a", "0ae3a8fe5d4d198339a6e0ac66db05aac82c3fabca4c94e5073b5fcc9adc33d6", "08e942f92597380308bdf60888cf976732fe581d73b06bcce1414acf72ff23e9", "12bfae2e5e4d8a4e8966677ff4235a56fca5fbfeb5abd71b8d4b469358db7558", "032ec8facc409ce44eb692039a972d305213033060b16c0b74a4e8c4612b15d3", "1533454353df127eb59613f0adbcdf7f2f5278b97cf59bcf815e0bd675edc5a0", "0e41b57c5d12757477f5a55a6ef4249382cb00b9647d16b4088020c77d9d4bf0", "0117e5f0ed99601ec0c14007fe47f9595c1c8eeb1e02ddec403051d930fd75e9", "133b506e59475c536601b8121c75b5060c3de8a12f7d94e5980903af85fc6f6a", "01ad4793cc16f1a08ea244cbfa95f140591d34069a2195816afe15648a7c505d", "127bd3b50ba83a61fa6d2e578ae65a7bf35582f9e3c91aaa26e346feb8d4a8fd", "096c931004be830b3447cbd1e311c5b5040d06aa37e5b15e2a03a67f87e5c5d2", "05fc5d966f35135922a80ea79a61bdfdbde06ac33a8f02f8fc8928831208b03c", "1425ef0c15d0d2d9a791c5cbf94ced34972ba6f6f44490a4cb5a82bcfd2f8ded", "107375aeb10e843e51c1f58395d0d116f866564b225d41acd0ba673ffaa521f3", "0e0866a83d3f643b698ddd1110014afd436509d6e43282f8a95b9b29c876f4fd", "042d6522cbe511cb76ba9e2541765697c444e149461fc5f16d0f836fc837d934", "015bb3bb231fcc3c3d713891ab7f6e38aaf58df3b071c013a0a7b6c45eed7368"], "mitre_attack_tags": []}, {"bi": "feed-domain-rat", "hashes": ["0309ad59c21006514055ef9354e2dae635c26d3c2d990559615526a9fe72ff54", "049b5956595ccc11469be36bb2486c84491ff6caf63480a9f5e41dcda29d2e6a", "07827334bbbbd7bb30a4a0b18eedfad4cedb9a95165e74203ddc57af84036007", "1248073a0c941d199fb86632cd612d42f7ea6c7000c66162eac5e254298b6c0b", "16659f71c91f7a0bf4dfb354dc3222d128159d8862febd0810564c606d4d4b26", "123fb6d0a6007cfc3bfc66afbd4bf783c3c2a178a61052363a9bc4a1a6dbbe9e", "062a17b83b98fb2fe0263a1a24c4ebd04545a7503fbeba00bac6abe24905b790", "1615738e28738e78deed28921851783adc75a45e5f7258be1802e98d8f889f5a", "0ae3a8fe5d4d198339a6e0ac66db05aac82c3fabca4c94e5073b5fcc9adc33d6", "08e942f92597380308bdf60888cf976732fe581d73b06bcce1414acf72ff23e9", "12bfae2e5e4d8a4e8966677ff4235a56fca5fbfeb5abd71b8d4b469358db7558", "032ec8facc409ce44eb692039a972d305213033060b16c0b74a4e8c4612b15d3", "1533454353df127eb59613f0adbcdf7f2f5278b97cf59bcf815e0bd675edc5a0", "0e41b57c5d12757477f5a55a6ef4249382cb00b9647d16b4088020c77d9d4bf0", "0117e5f0ed99601ec0c14007fe47f9595c1c8eeb1e02ddec403051d930fd75e9", "133b506e59475c536601b8121c75b5060c3de8a12f7d94e5980903af85fc6f6a", "01ad4793cc16f1a08ea244cbfa95f140591d34069a2195816afe15648a7c505d", "127bd3b50ba83a61fa6d2e578ae65a7bf35582f9e3c91aaa26e346feb8d4a8fd", "096c931004be830b3447cbd1e311c5b5040d06aa37e5b15e2a03a67f87e5c5d2", "05fc5d966f35135922a80ea79a61bdfdbde06ac33a8f02f8fc8928831208b03c", "1425ef0c15d0d2d9a791c5cbf94ced34972ba6f6f44490a4cb5a82bcfd2f8ded", "107375aeb10e843e51c1f58395d0d116f866564b225d41acd0ba673ffaa521f3", "0e0866a83d3f643b698ddd1110014afd436509d6e43282f8a95b9b29c876f4fd", "042d6522cbe511cb76ba9e2541765697c444e149461fc5f16d0f836fc837d934", "015bb3bb231fcc3c3d713891ab7f6e38aaf58df3b071c013a0a7b6c45eed7368"], "mitre_attack_tags": []}, {"bi": "feed-domain-antivirus-service", "hashes": ["0309ad59c21006514055ef9354e2dae635c26d3c2d990559615526a9fe72ff54", "049b5956595ccc11469be36bb2486c84491ff6caf63480a9f5e41dcda29d2e6a", "07827334bbbbd7bb30a4a0b18eedfad4cedb9a95165e74203ddc57af84036007", "1248073a0c941d199fb86632cd612d42f7ea6c7000c66162eac5e254298b6c0b", "16659f71c91f7a0bf4dfb354dc3222d128159d8862febd0810564c606d4d4b26", "123fb6d0a6007cfc3bfc66afbd4bf783c3c2a178a61052363a9bc4a1a6dbbe9e", "062a17b83b98fb2fe0263a1a24c4ebd04545a7503fbeba00bac6abe24905b790", "1615738e28738e78deed28921851783adc75a45e5f7258be1802e98d8f889f5a", "0ae3a8fe5d4d198339a6e0ac66db05aac82c3fabca4c94e5073b5fcc9adc33d6", "08e942f92597380308bdf60888cf976732fe581d73b06bcce1414acf72ff23e9", "12bfae2e5e4d8a4e8966677ff4235a56fca5fbfeb5abd71b8d4b469358db7558", "032ec8facc409ce44eb692039a972d305213033060b16c0b74a4e8c4612b15d3", "1533454353df127eb59613f0adbcdf7f2f5278b97cf59bcf815e0bd675edc5a0", "0e41b57c5d12757477f5a55a6ef4249382cb00b9647d16b4088020c77d9d4bf0", "0117e5f0ed99601ec0c14007fe47f9595c1c8eeb1e02ddec403051d930fd75e9", "133b506e59475c536601b8121c75b5060c3de8a12f7d94e5980903af85fc6f6a", "01ad4793cc16f1a08ea244cbfa95f140591d34069a2195816afe15648a7c505d", "127bd3b50ba83a61fa6d2e578ae65a7bf35582f9e3c91aaa26e346feb8d4a8fd", "096c931004be830b3447cbd1e311c5b5040d06aa37e5b15e2a03a67f87e5c5d2", "05fc5d966f35135922a80ea79a61bdfdbde06ac33a8f02f8fc8928831208b03c", "1425ef0c15d0d2d9a791c5cbf94ced34972ba6f6f44490a4cb5a82bcfd2f8ded", "107375aeb10e843e51c1f58395d0d116f866564b225d41acd0ba673ffaa521f3", "0e0866a83d3f643b698ddd1110014afd436509d6e43282f8a95b9b29c876f4fd", "042d6522cbe511cb76ba9e2541765697c444e149461fc5f16d0f836fc837d934", "015bb3bb231fcc3c3d713891ab7f6e38aaf58df3b071c013a0a7b6c45eed7368"], "mitre_attack_tags": []}, {"bi": "network-dns-category-dynamic", "hashes": ["0309ad59c21006514055ef9354e2dae635c26d3c2d990559615526a9fe72ff54", "049b5956595ccc11469be36bb2486c84491ff6caf63480a9f5e41dcda29d2e6a", "07827334bbbbd7bb30a4a0b18eedfad4cedb9a95165e74203ddc57af84036007", "1248073a0c941d199fb86632cd612d42f7ea6c7000c66162eac5e254298b6c0b", "16659f71c91f7a0bf4dfb354dc3222d128159d8862febd0810564c606d4d4b26", "123fb6d0a6007cfc3bfc66afbd4bf783c3c2a178a61052363a9bc4a1a6dbbe9e", "062a17b83b98fb2fe0263a1a24c4ebd04545a7503fbeba00bac6abe24905b790", "1615738e28738e78deed28921851783adc75a45e5f7258be1802e98d8f889f5a", "0ae3a8fe5d4d198339a6e0ac66db05aac82c3fabca4c94e5073b5fcc9adc33d6", "08e942f92597380308bdf60888cf976732fe581d73b06bcce1414acf72ff23e9", "12bfae2e5e4d8a4e8966677ff4235a56fca5fbfeb5abd71b8d4b469358db7558", "032ec8facc409ce44eb692039a972d305213033060b16c0b74a4e8c4612b15d3", "1533454353df127eb59613f0adbcdf7f2f5278b97cf59bcf815e0bd675edc5a0", "0e41b57c5d12757477f5a55a6ef4249382cb00b9647d16b4088020c77d9d4bf0", "0117e5f0ed99601ec0c14007fe47f9595c1c8eeb1e02ddec403051d930fd75e9", "133b506e59475c536601b8121c75b5060c3de8a12f7d94e5980903af85fc6f6a", "01ad4793cc16f1a08ea244cbfa95f140591d34069a2195816afe15648a7c505d", "127bd3b50ba83a61fa6d2e578ae65a7bf35582f9e3c91aaa26e346feb8d4a8fd", "096c931004be830b3447cbd1e311c5b5040d06aa37e5b15e2a03a67f87e5c5d2", "05fc5d966f35135922a80ea79a61bdfdbde06ac33a8f02f8fc8928831208b03c", "1425ef0c15d0d2d9a791c5cbf94ced34972ba6f6f44490a4cb5a82bcfd2f8ded", "107375aeb10e843e51c1f58395d0d116f866564b225d41acd0ba673ffaa521f3", "0e0866a83d3f643b698ddd1110014afd436509d6e43282f8a95b9b29c876f4fd", "042d6522cbe511cb76ba9e2541765697c444e149461fc5f16d0f836fc837d934", "015bb3bb231fcc3c3d713891ab7f6e38aaf58df3b071c013a0a7b6c45eed7368"], "mitre_attack_tags": []}, {"bi": "excessive-foreign-memory-modification", "hashes": ["0309ad59c21006514055ef9354e2dae635c26d3c2d990559615526a9fe72ff54", "049b5956595ccc11469be36bb2486c84491ff6caf63480a9f5e41dcda29d2e6a", "07827334bbbbd7bb30a4a0b18eedfad4cedb9a95165e74203ddc57af84036007", "1248073a0c941d199fb86632cd612d42f7ea6c7000c66162eac5e254298b6c0b", "16659f71c91f7a0bf4dfb354dc3222d128159d8862febd0810564c606d4d4b26", "123fb6d0a6007cfc3bfc66afbd4bf783c3c2a178a61052363a9bc4a1a6dbbe9e", "062a17b83b98fb2fe0263a1a24c4ebd04545a7503fbeba00bac6abe24905b790", "1615738e28738e78deed28921851783adc75a45e5f7258be1802e98d8f889f5a", "0ae3a8fe5d4d198339a6e0ac66db05aac82c3fabca4c94e5073b5fcc9adc33d6", "08e942f92597380308bdf60888cf976732fe581d73b06bcce1414acf72ff23e9", "12bfae2e5e4d8a4e8966677ff4235a56fca5fbfeb5abd71b8d4b469358db7558", "032ec8facc409ce44eb692039a972d305213033060b16c0b74a4e8c4612b15d3", "1533454353df127eb59613f0adbcdf7f2f5278b97cf59bcf815e0bd675edc5a0", "0e41b57c5d12757477f5a55a6ef4249382cb00b9647d16b4088020c77d9d4bf0", "0117e5f0ed99601ec0c14007fe47f9595c1c8eeb1e02ddec403051d930fd75e9", "133b506e59475c536601b8121c75b5060c3de8a12f7d94e5980903af85fc6f6a", "01ad4793cc16f1a08ea244cbfa95f140591d34069a2195816afe15648a7c505d", "127bd3b50ba83a61fa6d2e578ae65a7bf35582f9e3c91aaa26e346feb8d4a8fd", "096c931004be830b3447cbd1e311c5b5040d06aa37e5b15e2a03a67f87e5c5d2", "05fc5d966f35135922a80ea79a61bdfdbde06ac33a8f02f8fc8928831208b03c", "1425ef0c15d0d2d9a791c5cbf94ced34972ba6f6f44490a4cb5a82bcfd2f8ded", "107375aeb10e843e51c1f58395d0d116f866564b225d41acd0ba673ffaa521f3", "0e0866a83d3f643b698ddd1110014afd436509d6e43282f8a95b9b29c876f4fd", "042d6522cbe511cb76ba9e2541765697c444e149461fc5f16d0f836fc837d934", "015bb3bb231fcc3c3d713891ab7f6e38aaf58df3b071c013a0a7b6c45eed7368"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "files-created-vbs", "hashes": ["0309ad59c21006514055ef9354e2dae635c26d3c2d990559615526a9fe72ff54", "049b5956595ccc11469be36bb2486c84491ff6caf63480a9f5e41dcda29d2e6a", "07827334bbbbd7bb30a4a0b18eedfad4cedb9a95165e74203ddc57af84036007", "1248073a0c941d199fb86632cd612d42f7ea6c7000c66162eac5e254298b6c0b", "16659f71c91f7a0bf4dfb354dc3222d128159d8862febd0810564c606d4d4b26", "123fb6d0a6007cfc3bfc66afbd4bf783c3c2a178a61052363a9bc4a1a6dbbe9e", "062a17b83b98fb2fe0263a1a24c4ebd04545a7503fbeba00bac6abe24905b790", "1615738e28738e78deed28921851783adc75a45e5f7258be1802e98d8f889f5a", "0ae3a8fe5d4d198339a6e0ac66db05aac82c3fabca4c94e5073b5fcc9adc33d6", "08e942f92597380308bdf60888cf976732fe581d73b06bcce1414acf72ff23e9", "12bfae2e5e4d8a4e8966677ff4235a56fca5fbfeb5abd71b8d4b469358db7558", "032ec8facc409ce44eb692039a972d305213033060b16c0b74a4e8c4612b15d3", "1533454353df127eb59613f0adbcdf7f2f5278b97cf59bcf815e0bd675edc5a0", "0e41b57c5d12757477f5a55a6ef4249382cb00b9647d16b4088020c77d9d4bf0", "0117e5f0ed99601ec0c14007fe47f9595c1c8eeb1e02ddec403051d930fd75e9", "133b506e59475c536601b8121c75b5060c3de8a12f7d94e5980903af85fc6f6a", "01ad4793cc16f1a08ea244cbfa95f140591d34069a2195816afe15648a7c505d", "127bd3b50ba83a61fa6d2e578ae65a7bf35582f9e3c91aaa26e346feb8d4a8fd", "096c931004be830b3447cbd1e311c5b5040d06aa37e5b15e2a03a67f87e5c5d2", "05fc5d966f35135922a80ea79a61bdfdbde06ac33a8f02f8fc8928831208b03c", "1425ef0c15d0d2d9a791c5cbf94ced34972ba6f6f44490a4cb5a82bcfd2f8ded", "107375aeb10e843e51c1f58395d0d116f866564b225d41acd0ba673ffaa521f3", "0e0866a83d3f643b698ddd1110014afd436509d6e43282f8a95b9b29c876f4fd", "042d6522cbe511cb76ba9e2541765697c444e149461fc5f16d0f836fc837d934", "015bb3bb231fcc3c3d713891ab7f6e38aaf58df3b071c013a0a7b6c45eed7368"], "mitre_attack_tags": ["TA0002", "T1059"]}, {"bi": "vbs-calls-shell", "hashes": ["0309ad59c21006514055ef9354e2dae635c26d3c2d990559615526a9fe72ff54", "049b5956595ccc11469be36bb2486c84491ff6caf63480a9f5e41dcda29d2e6a", "07827334bbbbd7bb30a4a0b18eedfad4cedb9a95165e74203ddc57af84036007", "1248073a0c941d199fb86632cd612d42f7ea6c7000c66162eac5e254298b6c0b", "16659f71c91f7a0bf4dfb354dc3222d128159d8862febd0810564c606d4d4b26", "123fb6d0a6007cfc3bfc66afbd4bf783c3c2a178a61052363a9bc4a1a6dbbe9e", "062a17b83b98fb2fe0263a1a24c4ebd04545a7503fbeba00bac6abe24905b790", "1615738e28738e78deed28921851783adc75a45e5f7258be1802e98d8f889f5a", "0ae3a8fe5d4d198339a6e0ac66db05aac82c3fabca4c94e5073b5fcc9adc33d6", "08e942f92597380308bdf60888cf976732fe581d73b06bcce1414acf72ff23e9", "12bfae2e5e4d8a4e8966677ff4235a56fca5fbfeb5abd71b8d4b469358db7558", "032ec8facc409ce44eb692039a972d305213033060b16c0b74a4e8c4612b15d3", "1533454353df127eb59613f0adbcdf7f2f5278b97cf59bcf815e0bd675edc5a0", "0e41b57c5d12757477f5a55a6ef4249382cb00b9647d16b4088020c77d9d4bf0", "0117e5f0ed99601ec0c14007fe47f9595c1c8eeb1e02ddec403051d930fd75e9", "133b506e59475c536601b8121c75b5060c3de8a12f7d94e5980903af85fc6f6a", "01ad4793cc16f1a08ea244cbfa95f140591d34069a2195816afe15648a7c505d", "127bd3b50ba83a61fa6d2e578ae65a7bf35582f9e3c91aaa26e346feb8d4a8fd", "096c931004be830b3447cbd1e311c5b5040d06aa37e5b15e2a03a67f87e5c5d2", "05fc5d966f35135922a80ea79a61bdfdbde06ac33a8f02f8fc8928831208b03c", "1425ef0c15d0d2d9a791c5cbf94ced34972ba6f6f44490a4cb5a82bcfd2f8ded", "107375aeb10e843e51c1f58395d0d116f866564b225d41acd0ba673ffaa521f3", "0e0866a83d3f643b698ddd1110014afd436509d6e43282f8a95b9b29c876f4fd", "042d6522cbe511cb76ba9e2541765697c444e149461fc5f16d0f836fc837d934", "015bb3bb231fcc3c3d713891ab7f6e38aaf58df3b071c013a0a7b6c45eed7368"], "mitre_attack_tags": ["TA0005", "T1202"]}, {"bi": "imports-IsDebuggerPresent", "hashes": ["0309ad59c21006514055ef9354e2dae635c26d3c2d990559615526a9fe72ff54", "049b5956595ccc11469be36bb2486c84491ff6caf63480a9f5e41dcda29d2e6a", "07827334bbbbd7bb30a4a0b18eedfad4cedb9a95165e74203ddc57af84036007", "1248073a0c941d199fb86632cd612d42f7ea6c7000c66162eac5e254298b6c0b", "16659f71c91f7a0bf4dfb354dc3222d128159d8862febd0810564c606d4d4b26", "123fb6d0a6007cfc3bfc66afbd4bf783c3c2a178a61052363a9bc4a1a6dbbe9e", "062a17b83b98fb2fe0263a1a24c4ebd04545a7503fbeba00bac6abe24905b790", "1615738e28738e78deed28921851783adc75a45e5f7258be1802e98d8f889f5a", "0ae3a8fe5d4d198339a6e0ac66db05aac82c3fabca4c94e5073b5fcc9adc33d6", "08e942f92597380308bdf60888cf976732fe581d73b06bcce1414acf72ff23e9", "12bfae2e5e4d8a4e8966677ff4235a56fca5fbfeb5abd71b8d4b469358db7558", "032ec8facc409ce44eb692039a972d305213033060b16c0b74a4e8c4612b15d3", "1533454353df127eb59613f0adbcdf7f2f5278b97cf59bcf815e0bd675edc5a0", "0e41b57c5d12757477f5a55a6ef4249382cb00b9647d16b4088020c77d9d4bf0", "0117e5f0ed99601ec0c14007fe47f9595c1c8eeb1e02ddec403051d930fd75e9", "133b506e59475c536601b8121c75b5060c3de8a12f7d94e5980903af85fc6f6a", "01ad4793cc16f1a08ea244cbfa95f140591d34069a2195816afe15648a7c505d", "127bd3b50ba83a61fa6d2e578ae65a7bf35582f9e3c91aaa26e346feb8d4a8fd", "096c931004be830b3447cbd1e311c5b5040d06aa37e5b15e2a03a67f87e5c5d2", "05fc5d966f35135922a80ea79a61bdfdbde06ac33a8f02f8fc8928831208b03c", "1425ef0c15d0d2d9a791c5cbf94ced34972ba6f6f44490a4cb5a82bcfd2f8ded", "107375aeb10e843e51c1f58395d0d116f866564b225d41acd0ba673ffaa521f3", "0e0866a83d3f643b698ddd1110014afd436509d6e43282f8a95b9b29c876f4fd", "042d6522cbe511cb76ba9e2541765697c444e149461fc5f16d0f836fc837d934", "015bb3bb231fcc3c3d713891ab7f6e38aaf58df3b071c013a0a7b6c45eed7368"], "mitre_attack_tags": ["TA0005", "TA0007"]}, {"bi": "pe-imports-psapi-dll", "hashes": ["0309ad59c21006514055ef9354e2dae635c26d3c2d990559615526a9fe72ff54", "049b5956595ccc11469be36bb2486c84491ff6caf63480a9f5e41dcda29d2e6a", "07827334bbbbd7bb30a4a0b18eedfad4cedb9a95165e74203ddc57af84036007", "1248073a0c941d199fb86632cd612d42f7ea6c7000c66162eac5e254298b6c0b", "16659f71c91f7a0bf4dfb354dc3222d128159d8862febd0810564c606d4d4b26", "123fb6d0a6007cfc3bfc66afbd4bf783c3c2a178a61052363a9bc4a1a6dbbe9e", "062a17b83b98fb2fe0263a1a24c4ebd04545a7503fbeba00bac6abe24905b790", "1615738e28738e78deed28921851783adc75a45e5f7258be1802e98d8f889f5a", "0ae3a8fe5d4d198339a6e0ac66db05aac82c3fabca4c94e5073b5fcc9adc33d6", "08e942f92597380308bdf60888cf976732fe581d73b06bcce1414acf72ff23e9", "12bfae2e5e4d8a4e8966677ff4235a56fca5fbfeb5abd71b8d4b469358db7558", "032ec8facc409ce44eb692039a972d305213033060b16c0b74a4e8c4612b15d3", "1533454353df127eb59613f0adbcdf7f2f5278b97cf59bcf815e0bd675edc5a0", "0e41b57c5d12757477f5a55a6ef4249382cb00b9647d16b4088020c77d9d4bf0", "0117e5f0ed99601ec0c14007fe47f9595c1c8eeb1e02ddec403051d930fd75e9", "133b506e59475c536601b8121c75b5060c3de8a12f7d94e5980903af85fc6f6a", "01ad4793cc16f1a08ea244cbfa95f140591d34069a2195816afe15648a7c505d", "127bd3b50ba83a61fa6d2e578ae65a7bf35582f9e3c91aaa26e346feb8d4a8fd", "096c931004be830b3447cbd1e311c5b5040d06aa37e5b15e2a03a67f87e5c5d2", "05fc5d966f35135922a80ea79a61bdfdbde06ac33a8f02f8fc8928831208b03c", "1425ef0c15d0d2d9a791c5cbf94ced34972ba6f6f44490a4cb5a82bcfd2f8ded", "107375aeb10e843e51c1f58395d0d116f866564b225d41acd0ba673ffaa521f3", "0e0866a83d3f643b698ddd1110014afd436509d6e43282f8a95b9b29c876f4fd", "042d6522cbe511cb76ba9e2541765697c444e149461fc5f16d0f836fc837d934", "015bb3bb231fcc3c3d713891ab7f6e38aaf58df3b071c013a0a7b6c45eed7368"], "mitre_attack_tags": ["TA0007", "T1057"]}, {"bi": "process-hollowing-detected", "hashes": ["0309ad59c21006514055ef9354e2dae635c26d3c2d990559615526a9fe72ff54", "049b5956595ccc11469be36bb2486c84491ff6caf63480a9f5e41dcda29d2e6a", "07827334bbbbd7bb30a4a0b18eedfad4cedb9a95165e74203ddc57af84036007", "1248073a0c941d199fb86632cd612d42f7ea6c7000c66162eac5e254298b6c0b", "16659f71c91f7a0bf4dfb354dc3222d128159d8862febd0810564c606d4d4b26", "123fb6d0a6007cfc3bfc66afbd4bf783c3c2a178a61052363a9bc4a1a6dbbe9e", "062a17b83b98fb2fe0263a1a24c4ebd04545a7503fbeba00bac6abe24905b790", "1615738e28738e78deed28921851783adc75a45e5f7258be1802e98d8f889f5a", "0ae3a8fe5d4d198339a6e0ac66db05aac82c3fabca4c94e5073b5fcc9adc33d6", "08e942f92597380308bdf60888cf976732fe581d73b06bcce1414acf72ff23e9", "12bfae2e5e4d8a4e8966677ff4235a56fca5fbfeb5abd71b8d4b469358db7558", "032ec8facc409ce44eb692039a972d305213033060b16c0b74a4e8c4612b15d3", "1533454353df127eb59613f0adbcdf7f2f5278b97cf59bcf815e0bd675edc5a0", "0e41b57c5d12757477f5a55a6ef4249382cb00b9647d16b4088020c77d9d4bf0", "0117e5f0ed99601ec0c14007fe47f9595c1c8eeb1e02ddec403051d930fd75e9", "133b506e59475c536601b8121c75b5060c3de8a12f7d94e5980903af85fc6f6a", "01ad4793cc16f1a08ea244cbfa95f140591d34069a2195816afe15648a7c505d", "127bd3b50ba83a61fa6d2e578ae65a7bf35582f9e3c91aaa26e346feb8d4a8fd", "096c931004be830b3447cbd1e311c5b5040d06aa37e5b15e2a03a67f87e5c5d2", "05fc5d966f35135922a80ea79a61bdfdbde06ac33a8f02f8fc8928831208b03c", "1425ef0c15d0d2d9a791c5cbf94ced34972ba6f6f44490a4cb5a82bcfd2f8ded", "107375aeb10e843e51c1f58395d0d116f866564b225d41acd0ba673ffaa521f3", "0e0866a83d3f643b698ddd1110014afd436509d6e43282f8a95b9b29c876f4fd", "042d6522cbe511cb76ba9e2541765697c444e149461fc5f16d0f836fc837d934", "015bb3bb231fcc3c3d713891ab7f6e38aaf58df3b071c013a0a7b6c45eed7368"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "pe-imports-toolhelp", "hashes": ["0309ad59c21006514055ef9354e2dae635c26d3c2d990559615526a9fe72ff54", "049b5956595ccc11469be36bb2486c84491ff6caf63480a9f5e41dcda29d2e6a", "07827334bbbbd7bb30a4a0b18eedfad4cedb9a95165e74203ddc57af84036007", "1248073a0c941d199fb86632cd612d42f7ea6c7000c66162eac5e254298b6c0b", "16659f71c91f7a0bf4dfb354dc3222d128159d8862febd0810564c606d4d4b26", "123fb6d0a6007cfc3bfc66afbd4bf783c3c2a178a61052363a9bc4a1a6dbbe9e", "062a17b83b98fb2fe0263a1a24c4ebd04545a7503fbeba00bac6abe24905b790", "1615738e28738e78deed28921851783adc75a45e5f7258be1802e98d8f889f5a", "0ae3a8fe5d4d198339a6e0ac66db05aac82c3fabca4c94e5073b5fcc9adc33d6", "08e942f92597380308bdf60888cf976732fe581d73b06bcce1414acf72ff23e9", "12bfae2e5e4d8a4e8966677ff4235a56fca5fbfeb5abd71b8d4b469358db7558", "032ec8facc409ce44eb692039a972d305213033060b16c0b74a4e8c4612b15d3", "1533454353df127eb59613f0adbcdf7f2f5278b97cf59bcf815e0bd675edc5a0", "0e41b57c5d12757477f5a55a6ef4249382cb00b9647d16b4088020c77d9d4bf0", "0117e5f0ed99601ec0c14007fe47f9595c1c8eeb1e02ddec403051d930fd75e9", "133b506e59475c536601b8121c75b5060c3de8a12f7d94e5980903af85fc6f6a", "01ad4793cc16f1a08ea244cbfa95f140591d34069a2195816afe15648a7c505d", "127bd3b50ba83a61fa6d2e578ae65a7bf35582f9e3c91aaa26e346feb8d4a8fd", "096c931004be830b3447cbd1e311c5b5040d06aa37e5b15e2a03a67f87e5c5d2", "05fc5d966f35135922a80ea79a61bdfdbde06ac33a8f02f8fc8928831208b03c", "1425ef0c15d0d2d9a791c5cbf94ced34972ba6f6f44490a4cb5a82bcfd2f8ded", "107375aeb10e843e51c1f58395d0d116f866564b225d41acd0ba673ffaa521f3", "0e0866a83d3f643b698ddd1110014afd436509d6e43282f8a95b9b29c876f4fd", "042d6522cbe511cb76ba9e2541765697c444e149461fc5f16d0f836fc837d934", "015bb3bb231fcc3c3d713891ab7f6e38aaf58df3b071c013a0a7b6c45eed7368"], "mitre_attack_tags": ["TA0007", "T1057"]}, {"bi": "startup-folder-modification", "hashes": ["0309ad59c21006514055ef9354e2dae635c26d3c2d990559615526a9fe72ff54", "049b5956595ccc11469be36bb2486c84491ff6caf63480a9f5e41dcda29d2e6a", "07827334bbbbd7bb30a4a0b18eedfad4cedb9a95165e74203ddc57af84036007", "1248073a0c941d199fb86632cd612d42f7ea6c7000c66162eac5e254298b6c0b", "16659f71c91f7a0bf4dfb354dc3222d128159d8862febd0810564c606d4d4b26", "123fb6d0a6007cfc3bfc66afbd4bf783c3c2a178a61052363a9bc4a1a6dbbe9e", "062a17b83b98fb2fe0263a1a24c4ebd04545a7503fbeba00bac6abe24905b790", "1615738e28738e78deed28921851783adc75a45e5f7258be1802e98d8f889f5a", "0ae3a8fe5d4d198339a6e0ac66db05aac82c3fabca4c94e5073b5fcc9adc33d6", "08e942f92597380308bdf60888cf976732fe581d73b06bcce1414acf72ff23e9", "12bfae2e5e4d8a4e8966677ff4235a56fca5fbfeb5abd71b8d4b469358db7558", "032ec8facc409ce44eb692039a972d305213033060b16c0b74a4e8c4612b15d3", "1533454353df127eb59613f0adbcdf7f2f5278b97cf59bcf815e0bd675edc5a0", "0e41b57c5d12757477f5a55a6ef4249382cb00b9647d16b4088020c77d9d4bf0", "0117e5f0ed99601ec0c14007fe47f9595c1c8eeb1e02ddec403051d930fd75e9", "133b506e59475c536601b8121c75b5060c3de8a12f7d94e5980903af85fc6f6a", "01ad4793cc16f1a08ea244cbfa95f140591d34069a2195816afe15648a7c505d", "127bd3b50ba83a61fa6d2e578ae65a7bf35582f9e3c91aaa26e346feb8d4a8fd", "096c931004be830b3447cbd1e311c5b5040d06aa37e5b15e2a03a67f87e5c5d2", "05fc5d966f35135922a80ea79a61bdfdbde06ac33a8f02f8fc8928831208b03c", "1425ef0c15d0d2d9a791c5cbf94ced34972ba6f6f44490a4cb5a82bcfd2f8ded", "107375aeb10e843e51c1f58395d0d116f866564b225d41acd0ba673ffaa521f3", "0e0866a83d3f643b698ddd1110014afd436509d6e43282f8a95b9b29c876f4fd", "042d6522cbe511cb76ba9e2541765697c444e149461fc5f16d0f836fc837d934", "015bb3bb231fcc3c3d713891ab7f6e38aaf58df3b071c013a0a7b6c45eed7368"], "mitre_attack_tags": ["TA0003", "TA0004", "T1547"]}, {"bi": "dot-net-process-hollowing-detected", "hashes": ["0309ad59c21006514055ef9354e2dae635c26d3c2d990559615526a9fe72ff54", "049b5956595ccc11469be36bb2486c84491ff6caf63480a9f5e41dcda29d2e6a", "07827334bbbbd7bb30a4a0b18eedfad4cedb9a95165e74203ddc57af84036007", "1248073a0c941d199fb86632cd612d42f7ea6c7000c66162eac5e254298b6c0b", "16659f71c91f7a0bf4dfb354dc3222d128159d8862febd0810564c606d4d4b26", "123fb6d0a6007cfc3bfc66afbd4bf783c3c2a178a61052363a9bc4a1a6dbbe9e", "062a17b83b98fb2fe0263a1a24c4ebd04545a7503fbeba00bac6abe24905b790", "1615738e28738e78deed28921851783adc75a45e5f7258be1802e98d8f889f5a", "0ae3a8fe5d4d198339a6e0ac66db05aac82c3fabca4c94e5073b5fcc9adc33d6", "08e942f92597380308bdf60888cf976732fe581d73b06bcce1414acf72ff23e9", "12bfae2e5e4d8a4e8966677ff4235a56fca5fbfeb5abd71b8d4b469358db7558", "032ec8facc409ce44eb692039a972d305213033060b16c0b74a4e8c4612b15d3", "1533454353df127eb59613f0adbcdf7f2f5278b97cf59bcf815e0bd675edc5a0", "0e41b57c5d12757477f5a55a6ef4249382cb00b9647d16b4088020c77d9d4bf0", "0117e5f0ed99601ec0c14007fe47f9595c1c8eeb1e02ddec403051d930fd75e9", "133b506e59475c536601b8121c75b5060c3de8a12f7d94e5980903af85fc6f6a", "01ad4793cc16f1a08ea244cbfa95f140591d34069a2195816afe15648a7c505d", "127bd3b50ba83a61fa6d2e578ae65a7bf35582f9e3c91aaa26e346feb8d4a8fd", "096c931004be830b3447cbd1e311c5b5040d06aa37e5b15e2a03a67f87e5c5d2", "05fc5d966f35135922a80ea79a61bdfdbde06ac33a8f02f8fc8928831208b03c", "1425ef0c15d0d2d9a791c5cbf94ced34972ba6f6f44490a4cb5a82bcfd2f8ded", "107375aeb10e843e51c1f58395d0d116f866564b225d41acd0ba673ffaa521f3", "0e0866a83d3f643b698ddd1110014afd436509d6e43282f8a95b9b29c876f4fd", "042d6522cbe511cb76ba9e2541765697c444e149461fc5f16d0f836fc837d934", "015bb3bb231fcc3c3d713891ab7f6e38aaf58df3b071c013a0a7b6c45eed7368"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055"]}, {"bi": "malware-trojan-revengerat-mutex-detected", "hashes": ["0309ad59c21006514055ef9354e2dae635c26d3c2d990559615526a9fe72ff54", "049b5956595ccc11469be36bb2486c84491ff6caf63480a9f5e41dcda29d2e6a", "07827334bbbbd7bb30a4a0b18eedfad4cedb9a95165e74203ddc57af84036007", "1248073a0c941d199fb86632cd612d42f7ea6c7000c66162eac5e254298b6c0b", "16659f71c91f7a0bf4dfb354dc3222d128159d8862febd0810564c606d4d4b26", "123fb6d0a6007cfc3bfc66afbd4bf783c3c2a178a61052363a9bc4a1a6dbbe9e", "062a17b83b98fb2fe0263a1a24c4ebd04545a7503fbeba00bac6abe24905b790", "1615738e28738e78deed28921851783adc75a45e5f7258be1802e98d8f889f5a", "0ae3a8fe5d4d198339a6e0ac66db05aac82c3fabca4c94e5073b5fcc9adc33d6", "08e942f92597380308bdf60888cf976732fe581d73b06bcce1414acf72ff23e9", "12bfae2e5e4d8a4e8966677ff4235a56fca5fbfeb5abd71b8d4b469358db7558", "032ec8facc409ce44eb692039a972d305213033060b16c0b74a4e8c4612b15d3", "1533454353df127eb59613f0adbcdf7f2f5278b97cf59bcf815e0bd675edc5a0", "0e41b57c5d12757477f5a55a6ef4249382cb00b9647d16b4088020c77d9d4bf0", "0117e5f0ed99601ec0c14007fe47f9595c1c8eeb1e02ddec403051d930fd75e9", "133b506e59475c536601b8121c75b5060c3de8a12f7d94e5980903af85fc6f6a", "01ad4793cc16f1a08ea244cbfa95f140591d34069a2195816afe15648a7c505d", "127bd3b50ba83a61fa6d2e578ae65a7bf35582f9e3c91aaa26e346feb8d4a8fd", "096c931004be830b3447cbd1e311c5b5040d06aa37e5b15e2a03a67f87e5c5d2", "05fc5d966f35135922a80ea79a61bdfdbde06ac33a8f02f8fc8928831208b03c", "1425ef0c15d0d2d9a791c5cbf94ced34972ba6f6f44490a4cb5a82bcfd2f8ded", "107375aeb10e843e51c1f58395d0d116f866564b225d41acd0ba673ffaa521f3", "0e0866a83d3f643b698ddd1110014afd436509d6e43282f8a95b9b29c876f4fd", "042d6522cbe511cb76ba9e2541765697c444e149461fc5f16d0f836fc837d934", "015bb3bb231fcc3c3d713891ab7f6e38aaf58df3b071c013a0a7b6c45eed7368"], "mitre_attack_tags": []}, {"bi": "pe-resource-lang-spanish", "hashes": ["0309ad59c21006514055ef9354e2dae635c26d3c2d990559615526a9fe72ff54", "049b5956595ccc11469be36bb2486c84491ff6caf63480a9f5e41dcda29d2e6a", "07827334bbbbd7bb30a4a0b18eedfad4cedb9a95165e74203ddc57af84036007", "1248073a0c941d199fb86632cd612d42f7ea6c7000c66162eac5e254298b6c0b", "16659f71c91f7a0bf4dfb354dc3222d128159d8862febd0810564c606d4d4b26", "123fb6d0a6007cfc3bfc66afbd4bf783c3c2a178a61052363a9bc4a1a6dbbe9e", "062a17b83b98fb2fe0263a1a24c4ebd04545a7503fbeba00bac6abe24905b790", "1615738e28738e78deed28921851783adc75a45e5f7258be1802e98d8f889f5a", "0ae3a8fe5d4d198339a6e0ac66db05aac82c3fabca4c94e5073b5fcc9adc33d6", "08e942f92597380308bdf60888cf976732fe581d73b06bcce1414acf72ff23e9", "12bfae2e5e4d8a4e8966677ff4235a56fca5fbfeb5abd71b8d4b469358db7558", "032ec8facc409ce44eb692039a972d305213033060b16c0b74a4e8c4612b15d3", "1533454353df127eb59613f0adbcdf7f2f5278b97cf59bcf815e0bd675edc5a0", "0e41b57c5d12757477f5a55a6ef4249382cb00b9647d16b4088020c77d9d4bf0", "0117e5f0ed99601ec0c14007fe47f9595c1c8eeb1e02ddec403051d930fd75e9", "133b506e59475c536601b8121c75b5060c3de8a12f7d94e5980903af85fc6f6a", "01ad4793cc16f1a08ea244cbfa95f140591d34069a2195816afe15648a7c505d", "127bd3b50ba83a61fa6d2e578ae65a7bf35582f9e3c91aaa26e346feb8d4a8fd", "096c931004be830b3447cbd1e311c5b5040d06aa37e5b15e2a03a67f87e5c5d2", "05fc5d966f35135922a80ea79a61bdfdbde06ac33a8f02f8fc8928831208b03c", "1425ef0c15d0d2d9a791c5cbf94ced34972ba6f6f44490a4cb5a82bcfd2f8ded", "107375aeb10e843e51c1f58395d0d116f866564b225d41acd0ba673ffaa521f3", "0e0866a83d3f643b698ddd1110014afd436509d6e43282f8a95b9b29c876f4fd", "042d6522cbe511cb76ba9e2541765697c444e149461fc5f16d0f836fc837d934", "015bb3bb231fcc3c3d713891ab7f6e38aaf58df3b071c013a0a7b6c45eed7368"], "mitre_attack_tags": []}, {"bi": "pe-uses-autoit", "hashes": ["0309ad59c21006514055ef9354e2dae635c26d3c2d990559615526a9fe72ff54", "049b5956595ccc11469be36bb2486c84491ff6caf63480a9f5e41dcda29d2e6a", "07827334bbbbd7bb30a4a0b18eedfad4cedb9a95165e74203ddc57af84036007", "1248073a0c941d199fb86632cd612d42f7ea6c7000c66162eac5e254298b6c0b", "16659f71c91f7a0bf4dfb354dc3222d128159d8862febd0810564c606d4d4b26", "123fb6d0a6007cfc3bfc66afbd4bf783c3c2a178a61052363a9bc4a1a6dbbe9e", "062a17b83b98fb2fe0263a1a24c4ebd04545a7503fbeba00bac6abe24905b790", "1615738e28738e78deed28921851783adc75a45e5f7258be1802e98d8f889f5a", "0ae3a8fe5d4d198339a6e0ac66db05aac82c3fabca4c94e5073b5fcc9adc33d6", "08e942f92597380308bdf60888cf976732fe581d73b06bcce1414acf72ff23e9", "12bfae2e5e4d8a4e8966677ff4235a56fca5fbfeb5abd71b8d4b469358db7558", "032ec8facc409ce44eb692039a972d305213033060b16c0b74a4e8c4612b15d3", "1533454353df127eb59613f0adbcdf7f2f5278b97cf59bcf815e0bd675edc5a0", "0e41b57c5d12757477f5a55a6ef4249382cb00b9647d16b4088020c77d9d4bf0", "0117e5f0ed99601ec0c14007fe47f9595c1c8eeb1e02ddec403051d930fd75e9", "133b506e59475c536601b8121c75b5060c3de8a12f7d94e5980903af85fc6f6a", "01ad4793cc16f1a08ea244cbfa95f140591d34069a2195816afe15648a7c505d", "127bd3b50ba83a61fa6d2e578ae65a7bf35582f9e3c91aaa26e346feb8d4a8fd", "096c931004be830b3447cbd1e311c5b5040d06aa37e5b15e2a03a67f87e5c5d2", "05fc5d966f35135922a80ea79a61bdfdbde06ac33a8f02f8fc8928831208b03c", "1425ef0c15d0d2d9a791c5cbf94ced34972ba6f6f44490a4cb5a82bcfd2f8ded", "107375aeb10e843e51c1f58395d0d116f866564b225d41acd0ba673ffaa521f3", "0e0866a83d3f643b698ddd1110014afd436509d6e43282f8a95b9b29c876f4fd", "042d6522cbe511cb76ba9e2541765697c444e149461fc5f16d0f836fc837d934", "015bb3bb231fcc3c3d713891ab7f6e38aaf58df3b071c013a0a7b6c45eed7368"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "artifact-flagged-suspicious-au3", "hashes": ["0309ad59c21006514055ef9354e2dae635c26d3c2d990559615526a9fe72ff54", "049b5956595ccc11469be36bb2486c84491ff6caf63480a9f5e41dcda29d2e6a", "07827334bbbbd7bb30a4a0b18eedfad4cedb9a95165e74203ddc57af84036007", "1248073a0c941d199fb86632cd612d42f7ea6c7000c66162eac5e254298b6c0b", "16659f71c91f7a0bf4dfb354dc3222d128159d8862febd0810564c606d4d4b26", "123fb6d0a6007cfc3bfc66afbd4bf783c3c2a178a61052363a9bc4a1a6dbbe9e", "062a17b83b98fb2fe0263a1a24c4ebd04545a7503fbeba00bac6abe24905b790", "1615738e28738e78deed28921851783adc75a45e5f7258be1802e98d8f889f5a", "0ae3a8fe5d4d198339a6e0ac66db05aac82c3fabca4c94e5073b5fcc9adc33d6", "08e942f92597380308bdf60888cf976732fe581d73b06bcce1414acf72ff23e9", "12bfae2e5e4d8a4e8966677ff4235a56fca5fbfeb5abd71b8d4b469358db7558", "032ec8facc409ce44eb692039a972d305213033060b16c0b74a4e8c4612b15d3", "1533454353df127eb59613f0adbcdf7f2f5278b97cf59bcf815e0bd675edc5a0", "0e41b57c5d12757477f5a55a6ef4249382cb00b9647d16b4088020c77d9d4bf0", "0117e5f0ed99601ec0c14007fe47f9595c1c8eeb1e02ddec403051d930fd75e9", "133b506e59475c536601b8121c75b5060c3de8a12f7d94e5980903af85fc6f6a", "01ad4793cc16f1a08ea244cbfa95f140591d34069a2195816afe15648a7c505d", "127bd3b50ba83a61fa6d2e578ae65a7bf35582f9e3c91aaa26e346feb8d4a8fd", "096c931004be830b3447cbd1e311c5b5040d06aa37e5b15e2a03a67f87e5c5d2", "05fc5d966f35135922a80ea79a61bdfdbde06ac33a8f02f8fc8928831208b03c", "1425ef0c15d0d2d9a791c5cbf94ced34972ba6f6f44490a4cb5a82bcfd2f8ded", "107375aeb10e843e51c1f58395d0d116f866564b225d41acd0ba673ffaa521f3", "0e0866a83d3f643b698ddd1110014afd436509d6e43282f8a95b9b29c876f4fd", "042d6522cbe511cb76ba9e2541765697c444e149461fc5f16d0f836fc837d934", "015bb3bb231fcc3c3d713891ab7f6e38aaf58df3b071c013a0a7b6c45eed7368"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "regasm-network-connection", "hashes": ["0309ad59c21006514055ef9354e2dae635c26d3c2d990559615526a9fe72ff54", "049b5956595ccc11469be36bb2486c84491ff6caf63480a9f5e41dcda29d2e6a", "07827334bbbbd7bb30a4a0b18eedfad4cedb9a95165e74203ddc57af84036007", "1248073a0c941d199fb86632cd612d42f7ea6c7000c66162eac5e254298b6c0b", "16659f71c91f7a0bf4dfb354dc3222d128159d8862febd0810564c606d4d4b26", "123fb6d0a6007cfc3bfc66afbd4bf783c3c2a178a61052363a9bc4a1a6dbbe9e", "062a17b83b98fb2fe0263a1a24c4ebd04545a7503fbeba00bac6abe24905b790", "1615738e28738e78deed28921851783adc75a45e5f7258be1802e98d8f889f5a", "0ae3a8fe5d4d198339a6e0ac66db05aac82c3fabca4c94e5073b5fcc9adc33d6", "08e942f92597380308bdf60888cf976732fe581d73b06bcce1414acf72ff23e9", "12bfae2e5e4d8a4e8966677ff4235a56fca5fbfeb5abd71b8d4b469358db7558", "032ec8facc409ce44eb692039a972d305213033060b16c0b74a4e8c4612b15d3", "1533454353df127eb59613f0adbcdf7f2f5278b97cf59bcf815e0bd675edc5a0", "0e41b57c5d12757477f5a55a6ef4249382cb00b9647d16b4088020c77d9d4bf0", "0117e5f0ed99601ec0c14007fe47f9595c1c8eeb1e02ddec403051d930fd75e9", "133b506e59475c536601b8121c75b5060c3de8a12f7d94e5980903af85fc6f6a", "01ad4793cc16f1a08ea244cbfa95f140591d34069a2195816afe15648a7c505d", "127bd3b50ba83a61fa6d2e578ae65a7bf35582f9e3c91aaa26e346feb8d4a8fd", "096c931004be830b3447cbd1e311c5b5040d06aa37e5b15e2a03a67f87e5c5d2", "05fc5d966f35135922a80ea79a61bdfdbde06ac33a8f02f8fc8928831208b03c", "1425ef0c15d0d2d9a791c5cbf94ced34972ba6f6f44490a4cb5a82bcfd2f8ded", "107375aeb10e843e51c1f58395d0d116f866564b225d41acd0ba673ffaa521f3", "0e0866a83d3f643b698ddd1110014afd436509d6e43282f8a95b9b29c876f4fd", "042d6522cbe511cb76ba9e2541765697c444e149461fc5f16d0f836fc837d934", "015bb3bb231fcc3c3d713891ab7f6e38aaf58df3b071c013a0a7b6c45eed7368"], "mitre_attack_tags": ["TA0005"]}], "category": "Trojan", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": true, "Threat Grid": true, "Umbrella": false, "WSA": false}, "description": "The RevengeRAT remote access tool allows the operator to perform a wide range of actions on the infected system, including eavesdropping on the user, exfiltrating data, and running additional malicious software.", "hashes": ["0117e5f0ed99601ec0c14007fe47f9595c1c8eeb1e02ddec403051d930fd75e9", "015bb3bb231fcc3c3d713891ab7f6e38aaf58df3b071c013a0a7b6c45eed7368", "01ad4793cc16f1a08ea244cbfa95f140591d34069a2195816afe15648a7c505d", "0309ad59c21006514055ef9354e2dae635c26d3c2d990559615526a9fe72ff54", "032ec8facc409ce44eb692039a972d305213033060b16c0b74a4e8c4612b15d3", "042d6522cbe511cb76ba9e2541765697c444e149461fc5f16d0f836fc837d934", "049b5956595ccc11469be36bb2486c84491ff6caf63480a9f5e41dcda29d2e6a", "05fc5d966f35135922a80ea79a61bdfdbde06ac33a8f02f8fc8928831208b03c", "062a17b83b98fb2fe0263a1a24c4ebd04545a7503fbeba00bac6abe24905b790", "07827334bbbbd7bb30a4a0b18eedfad4cedb9a95165e74203ddc57af84036007", "08e942f92597380308bdf60888cf976732fe581d73b06bcce1414acf72ff23e9", "096c931004be830b3447cbd1e311c5b5040d06aa37e5b15e2a03a67f87e5c5d2", "0ae3a8fe5d4d198339a6e0ac66db05aac82c3fabca4c94e5073b5fcc9adc33d6", "0e0866a83d3f643b698ddd1110014afd436509d6e43282f8a95b9b29c876f4fd", "0e41b57c5d12757477f5a55a6ef4249382cb00b9647d16b4088020c77d9d4bf0", "107375aeb10e843e51c1f58395d0d116f866564b225d41acd0ba673ffaa521f3", "123fb6d0a6007cfc3bfc66afbd4bf783c3c2a178a61052363a9bc4a1a6dbbe9e", "1248073a0c941d199fb86632cd612d42f7ea6c7000c66162eac5e254298b6c0b", "127bd3b50ba83a61fa6d2e578ae65a7bf35582f9e3c91aaa26e346feb8d4a8fd", "12bfae2e5e4d8a4e8966677ff4235a56fca5fbfeb5abd71b8d4b469358db7558", "133b506e59475c536601b8121c75b5060c3de8a12f7d94e5980903af85fc6f6a", "1425ef0c15d0d2d9a791c5cbf94ced34972ba6f6f44490a4cb5a82bcfd2f8ded", "1533454353df127eb59613f0adbcdf7f2f5278b97cf59bcf815e0bd675edc5a0", "1615738e28738e78deed28921851783adc75a45e5f7258be1802e98d8f889f5a", "16659f71c91f7a0bf4dfb354dc3222d128159d8862febd0810564c606d4d4b26", "16c3b11fa091d88dc6fcd7b1ca4bbbb79e0953ed8bc396e8bdd482d0c85ffa5b", "18023e8e0f60be29b6c88aca93df8b02582cdb45b1a730d02a2f282cbda5721a", "187edd6844e84487c72f8e325f2e5f094787bca696c737db4a6af28e61fe5641", "1b217fee074db51be6ec49c622f00951bd839ab9e737fce5654f9453b6858f32", "1b4bc4133c7b80fab1dc2eae29f6674d5a7e301b20985b8bfb19c7440bf885b2", "1b5fc2003508666d672c9ba6390c330158c3b6aebaa7c044d2177939b5037cda", "1cf07fbb4166ee8d2b1efce32e66543d6b58024de5ae93c745189a70bed7c281", "1db27a9e6d5a04a4b48e6f53fa3d8ebe1c3b2a6e673cf7d7fde72798963fe28e", "1ec8bee9050e82a03fb9eb62caa2bf2635a67418cdaf127d119d23aec0be883c", "20567943750582fe7b89967f9ed2582dbc5c34ca930d45307447158e03109781", "20640f1b7498859dbd7e2d1e17695c66f4d0511f8258848be75f6be59bba1691", "20d68aa263ca3a777870bf3614e39301e9c2dbec38c832f3b87e9eff53335bca", "20e25c1d94edfb6445273a0a3746986fbc86f72479277b581295a4622d0e1b43", "212bca443b57f7c4573d016ab84e5a5ea95a17da1a8b354d114d85ddd0ca9ee3", "21a03ad64a37ac3c0335d1ee24d8acaafe9b340a150e3efb448401a2188d828b", "21a523ec7e445077d7868dccfd8ffa03f270a9ba6c5a295945368ff7ab592301", "21e33d7544d0b4fdda403aff8b3d868e9af00607b49fdb87e026c1cfa70d91cb", "22a2f45bb907f2db3b36fdffc305776da0bd48663c15f6c36d5771d3fe6effef", "22a35108984da5e71f9812ff5ed741bb620d3f9d755496b55eff2478ce8b6228", "2321034893f4b462488eea2cc7c2e5c8bfde2684f1d53f1f9c9d7956140247c7", "240a6ff95363062bff3affb49f9f347440a8d739f89c2d69eb5e0778e4e33aa0", "24f7dea7b9504fc2f6d7fd63ae85a21b0cfa4b665d39d47419d9d4b7b0386dca", "24f84f976ccf1798cf08a3cad346c751509b8645a70966557773aa37ee049a2f", "2559b47340f7cfa19625f4f6e12816f79afef4287c32df129c93e63a948a668a", "27896813a01eacccdd42df22c08e23a58210a986aa443a247612c83868e95607", "28611fd8df2ea9359b3c81357e9dc0a0bc536d2c0701e91d9c53b9dbe0c40115", "286d29c645e5c53b247d0c2ca73d2f1409ecede6cf2e735b44d2d721afbdd11e", "29cd1253741c2cd32255a3f16ff8a0b949cb43876583fa6afdbe7f17b4e2b8f0", "2a7bc83caab1ef6ddebfb51416eb00095bee17771b69e943466ef45e9e48dc81", "2b155185f64f1675bdbe5abcce7a36bb1c9e3dd54396d9dee55e5f44832c7f0d", "2b1c1200db5003c483cf51264cbc0bbfb8edbe89ba8bfc35b852d4c07958ef16", "2b80925e171e06de692b8d646624dd63746111915f86783b34ba2c6f3086034f", "2bfab8e7933d4d75118204d1ca468d4c7264138b23543e2db37ba54b70d4257b", "2cb480ea1a1248c37450927cf55a4ea2197e4ba0bb2ed07d6b69e328b8238217", "2cc3ce3821225c8df8cb72de672ea9249fdb5affcd03c5dfd46af293e25beea0", "2cc71cc5007d1853453af1c1eae1ad53ce5e3bb581cb7943118228095d4392b0", "3019ce1922925e98b32df601076b0c0858a827193e02d3b8a074b1b9a3acbf78", "304f24c01e12f5535f627d70a948b273c4b985f9567f3b369cdcc898915fed18", "31ea3f2f31c9eb1f3c473293ace6b9ca96ad2eb9fd5f8ee7c7b77c126cd99848", "31f5ae3bc83cb3a455ed7dd3cf0122f5174776d648a402157ad2019011c987ed", "35465c798d9708b0f4bfa652e0ca34be7aa74cd17ee5ff803a5ccca5c5b62529", "35caa448e7f9bd379aa3be85820ae04baca43c799a9605ea386b1fa103740c2e", "3652f5ed50db9f465dd31474ec2e5ac20ae75223ee1e358a4f34fae6174c3c76", "376104c5295cba1281bef4a7e8bb47fa93d9e5523912a0d20fa880bf9fb33768", "3802d8214885ec8038cf6ee3e5e41d8e3cf538d0274e7b0ecdafcda9df0c8a22", "392cdc02fc8f2e7002b0c162d55f1d71f53423b2d9919191937f3b2796caf488", "394bd90999a91f9a534a741a5af53c0e35f12ca5213a25f39def770ad702c365", "39bea064da6af0f255dcd3df30ddca62540fb7572ded11a4490b6482c2cbcf40", "39ce8b49ab53b20f2a73cc7919f761fe59a0b6bba183053f12a90a45c1740801", "3ac245883a0f77fa5213975b3ecc6cc7ca132913e0583577c7b239d6f6f116f5", "3ca41ffb17d0f355eeb83dbc127d597c7a0677a64ddc0890877ac321bdd65050", "3d4bc19f29965b469866d4ad860b57ea5ed804b4476c19890b5be704f1a843a6", "3f68626ce8e804df171bf1dc06bb66448a12979b697186f295a0ed40f86ae5a5", "425572ba82b53e10d6e715558b784cc2ab38d49c9ef3cddbb5bb5c3fc3727357", "44e47242ef01cbbebcadf44faa6cd63fc100257a5310fa9912d6f4a96c47a813", "480e23bff6642b821f6a05a842d1ed8d7882010e64df4cd6a67bdd5d9aacff3b", "48e2abff68c8e69b3c0b05b2bccfa65905cade104c77e1cc96e1926b70f4ee51", "4909d5628220fd1c25180de5d4756398612ee6332003f9b715a6c4ba07c07525", "49db5d2f62c63b9003b4628dc9a12bfe58661e16547487bb93169f949572440a", "49f805c3e713d474e7e3a26748535fcb87344304e931cbf88fc0be3a0c0de869", "4bbdbd65162dd7209e0aa71f38bfa3994b29d57dd9145a88d3c1a61fb2b77e9f", "4c0ad6c3a23d12bc4458c571ac9ef0c2b277ee179e124a3c71c1d604e575a13f", "4c56a289d4f603f6e34617fe3e68ea9e394c5a7a28b7891f9ef24a789a0e25b9", "4d59d6b8e64d4d3be62819c0e138088ed6f6a9b46ff9ff105cb414f4a649faea", "4e1d09957cc9f557d31986e2c38fa1ed6192a37849249a6c5c00916f829273c9", "4f1fd40d6188fd40eb5e471019f642d873558d86d652e7e527395aa88e3abe42", "4fd6e6eeacec0b0e6285b2e357c923f1b7add08f3e90856ab989739f21ce8f60", "503821b5f635c720f032c5df7b45ad2b5bfb07d3094eddf5f6e004d08de0617f", "52502b105a24da9edbfbd62f8b626641bb806551abbbf113a617b85341535c01", "533cb489ad6c1b559e6da615f6d491e64e92939b9e62a0091860ec6b7908ccf1", "53b45f65465b201ca8805df11a1c7e83297d7e4215eafade4bbb3fee4cede3f7", "54871d9c59f9f2e4d8e29303bef1aecd250ad664fc4e0d80c4b7e74d88ddd050", "54969bb5b1848938c8b2bf89be20fdec3a5868d44dbdf4dace9d31c48032aae5", "54dc7d852181f96255d4b4be10b053d2749d028f512c497ef6e996457687fcb3", "5573e49f43d73b16a223a3bb89dfb61a363ed8149b9de5b7d14c602c98b0a29b", "57729317d8c64291376c16625e861eea941e85327b52a836cb0e98d005870878", "578cfa6ed3fc8735a6780757e3a0a3f60b8bba107a51438a0fec96696ec80ae2", "596a142231189ef8b64a92a209474477b2ce4202cabf67e42b885c22fc08df1c", "59b7a360e1b4336dc3119cf264ad76f247451609b04c30ad8f9382198762caa9", "59bc63809887da1cecec4c2b914fe33c785d39cf03d155e8a99daa2aa689c6e0", "5a36f8ed1a931fed9528a68a3493cbbbcee7557c5170f96b62fb08da99d9b5cf", "5b6da59f6140c0d08c25f69aaf94f18a8bbe942bf743f9a5dbb4a1707810387b", "5dab1be173a27f8e9c2fd9bb8955fe7eb87c2a87e767c554f581da2846ed2d05", "5dcc226908cc8062174362fda02c38a49a680d93e0bf6147774da783c964a806", "5df38dd9a5f78ac6022082b977f76309c7a2fbc9c3ed6f0a49c5e6ce88d8223d", "5f46899137b14f87e31ea349408cf53b9707a4aa33658aac414a3155c080693d", "5fbcc72861fd218f3061b9beda459f943a85517928ec1366273e1995713ffa5e", "6032d5abcebd02ac262b7003a25ba866ca5fca7da875b1af7b7fa5fc874d0d49", "61e4b40b93bd27c6cc935c50cc174f0a78e4865afb577816bf8514c58fb1a9f3", "63428cb59e0862fe697454e1c6ff70050141e17723df616d2acf9b2ac754a4b5", "6386ad1ac897efb88eccd3b905a9f0ae1df20090be522794ccb2514835b3aef4", "66000f59b17a8a01d926992a104843300e678e52c908dbc61eaa50164952c381", "665f45d5465503fb3f85727ab0f1e2c72f1858fdd87ea68e48dac2266b7148a0", "6795d09b24994fc119c0d320670b68320fe0c614266aa7e02fecb8e111faa873", "69aedaeb78e1a901b5f8f379dbec67dcd6d48c162f4580a7b29384d93af95ab8", "6ade82ad7846d145543932143d5a79a8a871a9c88fa4d412474378f4b03e4a2a", "6baebfec23a4be00ffbb07f0c50f2a0c4546a74766b0144f91570ba2f418f4d0", "6d795e9361d3ce3b94c774b5b5e3d8223b50e22b276450d397b1aae91adbcb1b", "6e10116444eb88da81c112225da926cf21801e47fd1791018d8c813f76022c73", "6e3660c6412e026eb2cbcf7afb192f310cbf64621c4a803fe00b39cec8dec691", "70bca8254d51a1cbebf96ccb37fdaf7e2cfbacb3f7195c1b3bf9c42e4711ca85", "71409ba46c87abf978f71068f62e166c9350fe382d05b76a0b73ef420b842162", "7256978e74ed2b339302cd9e7f3e353974f6beac5e5eb16c8b79ba2bd50be0a2", "72cb0df8c99a3e28be9d57827eec009db747e7146549bf39a80d89d23d71f3c9", "731b3aec89eb133476a505bce83b3fe284506c908a879412e48e5f9a55f59806", "7327fbe6b8750a3aa92b6bb825f65621665f41a92429ca036475a2412c19dfda", "7340b1b417be2619d0e53ae53fad22059f6cb5544aa5c325f70fd2d398e72793", "7411d07003c225e8769030a7fe498a9a67cdc08ac7dde81788b4813f61a34c90", "74ddf5a8ec7e73c3dd720aea26c2879beccc6c19efb03d824534f926f9c9d979", "754920c56d171c52282b267645b51186c6a1f3f6f58042a9b6f8814c2bcd3d02", "759bb54115ebfedf8fde4e0b9010f6d77a6325313975832170841db6953bce25", "75d9d275b820040848c0efcbe8b886915abca26f2813db39cb467a6954846abd", "761f5d34c97940eac089133fabe4863746100d857d42d218784c398b2effd9db", "7820c5a875e7d0784e0fe0d8e803a27d284a00e33dddfa77202fc251edfb5993", "782a2a756f95aab09a4136fa5c728680ebce11a3a5bef26fb67044f7f49d55ea", "7888e9b6fe0c880077bacf3b9b782a1a063963891e52750c3b752a84a1b4ba57", "79907cb8dd8a3bae55607407e16b3ccd3bc38561fb3f77c0273dc717694fac59", "79fa188ffdf3b3f0e4357de0a90b828df706ed32a57e801dd92cfb0be08da51f", "7a0b6493c74094a98524d4ef9006618d6a7968ce7bdc4e5b6e22c370b3301c0b", "7a3e0abcdd2da5f9b72d15a93e960cd0342c17d8816d9001c6c5f6d866414c58", "7b7eb8932a88afcdef49e0e892119f513a3d719b7c5b609ce04116fe625758ed", "7c065615a5709b090a50782be36e7e19c194016ab5db8d8be3e704f45a2eb60a", "7c913b6c89c4c414f5fa059c174bc0fa1d48b04f1e85d77d3ba05b8ce4a00188", "7d678dbdaeb66ac6f8ecb38902233e3f8dacef1135ad7d5cc44ab09d612278db", "7e5ce56585a06416289dbe3e2239ab7ad4862161813c78fa06d6668a91685754", "7e962f8ad73258f54100cda9d029cea4d769b3fe87b8b37c61fb796668832191", "7fb4d409957ed4e0b4d46f01ad3b87253580bdab0f18f9a97a0983952164dd60", "8156e25d3bc4601347b06505643223214df51a8731682eb381b303d6945de9b6", "8163681aaad8a977d3599cbb74ae01e66ba03bbb1d76ee3587c279e3f8305571", "82411e13e9f9af2a62e22e280958ab1b756fb6873d86f43a0cf3bda25ca16c98", "83f04751a5f33a83d8899aca695de8042c7687ed93fd571ae96edc3061c50259", "8522b9e5dbd43c50847dd4593dd2e77ab4fcf5caa43e0698f181fe39f59c6749", "8638518c837a7910d5676af308d8f5b3ddd8e81ecc912bbc1e58e65c29b4dadf", "864d4b76b430b4837bf56f6dabcf07cb415c02c8a5b89396b7b35d643c311576", "86e3ebe194bec071ad80354cfba78979693c699e7127997101e826a93bd06a26", "8803d0b75d42d5e78d0ff2c4e716ee77ef0f5a8dfadce0fa502df3de6125406c", "88ae97f98cdf31c6847f7d801098797913ab03889115b5073e45767b9c596cc0", "88cffbf2547efb40286c6a8c5038b3dd98e1b124a2b9d11f0cbaa4044a254b5d", "8ab5204b079ff9f7e69a57732a8d3072be7eef69d891b335c71fef7656d70e34", "8b52086c4a8ddd44f1bfa1aa77d6c1ab425140f33065bc8b8fa458c5222cd005", "8b80a4cefc2e12c2a437d0c5359cfe345390ec67a3d131e3dfdb1e1e7d3876bc", "8c2288000c3af2eb82e6071fc8430992fce92baddfb8950c595e88c136f7f5bb", "8d1036824fc3a0518c5fad2473c7e57dc065f4c719e22e3cbf45085aa059f270", "8d828916392454ca63a9e6c66c9c8a677ecc13b5d0267a9e7bc3c4a216dbb59f", "8dac8ef8930aa5dff44d8ccc75625179a33c90a957bdfd51f90dc7a6a7fd6d64", "8ea97891eff8b02d5beee0f9eb6a469f7d370c0e5f5d2807bfbe974288d599af", "8f73b5152d22ad3156968abbeb4a5719ffbdc364b1d9b2788ef82a95da05c7c9", "905a9c2c3227ff44ca8a3f418193ac687c09146f1f9d34f46e4d2a5b69678e96", "90755fb68f2cb9de581e455c1ee5f6a9a70b6c0a5721470981da4de6c3e7af8c", "90e065e96d5e6ff8457b8c1f2e6dd06ddc650906abf3d01b1410f45322e29894", "91ebd13e6390b2f3cb81baf6ed727d09f2497a5059bc49b373ff801943f4b7f1", "938bf0b044230c90ab693a11fd3c9ef0291ee2e80f8d9bcfeefa9da05f149d1b", "9602a17b04ad18e5e06f479671ce592d9c19b32381e0e6e8801dace8e1853234", "96785d14db42471311a395919abf95dbe001853fa29a745931abc822083c53b1", "96e4128e342cf55fba121cb7c19ae1fb5fc7d2a190c0d638496119ab03143a3e", "97a3f1c9f208ceef56acbb18d9a9264cfe1a8d2c9e22fbc92c2a141246246c59", "9874ab1884a37b2de88f973de54be26a2ed57955cb30c5137c2d2650dc813853", "990ec99fd3db3157e9499747fc8054de0503a1850590e66e5869b23dffa17004", "9a22474225fefae63a457fed087e07e7df977631a938bcc87a51fd24216a6459", "9bf43c129d0460216757c2c895e9243f052efa737069405c5f61e1079350a560", "9c9865c210f28712fa49c0825076b55bd860cc99bcbcd8374156957a62057ebd", "9d1a39f14b1da9d4a411220509de2fc788c6f1cf6b4eeee1274a130d591d0749", "9e517d76020fece78fcc15858b7b7a7077af6ef4a507b865ba7b4aaedd43040e", "9f5359add5dda48b18c5652b4590f546a55f9c2180cbca6c515bb630f88a153a", "9fe87c3ffb547b86172504f749838129f527e102d69cdc51ab476bb4a413bf93", "a02f2e30d33e40b9f841e0acf36fa51a6a840544ec7b216655590ee691f5ee2c", "a18e573f0702032ad4e215a81b6b7f5bd42a52723c7d0817164f49fa350276fd", "a276412ba11b4da70fd89fd2f89e81e60f0e101b213245466130817c2902a787", "a276730a07853892bd93bab0be2c11bfca2995f0baffeac351354ca20b6fe2a2", "a3fdd32258d8dd5d205f27de85adacb2af5337a4fdc0d40d02d054aa227aadfe", "a4be8328c34dff8314013aaeb4f6547b25dc65b5b17acd354a0ce13b92daeb06", "a6346d91057b0b5fc3e7216c9e08c01076996bea8dc3c6686a108d418f5b97fc", "a7e08a63d2a8b34dcf8bf2277249be26f7e947784d2f1ef93d3c733796b2f2e1", "a94b7ea0d01d89bb9cf6b19caa1ddb3681b6097915c1b5f8b00e604cecb7e18c", "a9c5ca9f99a14058dba33f74842424a67511d32265090dc20011d93f573f7eb0", "a9ced25df07f71d5a4dfd9bf70299594b44853684235210fd9d9dd21d0aafc2a", "ab59304b4846877b4de15f76171c92381591c64814d515cb43143c47d87c6367", "ac40d22a30869d79f9cd9ded819abd206b67d5ed719188372a137618c84ac375", "ae021b3d54e1442c1d4fd570928e815fc585e1c9c78f39bf7a810025bc2816a2", "b17be33359ceec5f14f8814d250bd04dbc3e92875297a7ec87919d6ec709e008", "b27cdc6a50872fe2c186c2498941c358749ee5743f4852eba7cb49a25533a3ab", "b34222a42a4eca97aedf671a71d1675ef02f7371d461c45838ab015727712a43", "b4324930991d66744d4b22abff906fcfa77b7b09a0b0be515548f2ac2bae4b5e", "b46e634f9ecf983240c844807d323d4772b127d32a2b1dafa8196d8961e32b8f", "b4e11cc0fc41db05c06caaf7b0b054b7651fc1092d23212861e0be5279cb3bcc", "b5c69e1108b07feb84e1980cf8a58e5e0791a8b4637c22573bb7a88adeca9d6c", "b727fe4d73fbdca30ca8c4ff62351f71dcd92fe88b823a030990383c0c4cfd58", "b736fe18f16bfb9bd39b9e82809c8926e2375deff71104a1b83bd4b2af89d836", "b7fb4a488856f76b06ee2bc2d0da292250f9a0569d35f0d2b0ff762d76bf35f2", "bb73576b2107aa4e72f179edd90af594adbe4e800ed88ac5b27f2cae7e1301e7", "bba96fcb2bdaedcc8fbcca5a01c756f4a8fee88caa7b5da635f5a2adc40a5cbe", "bbbcd1143a7c52fb4cd1628f39b98ee235788d188a43663239880310cd385ac7", "bbdce1e5f755f28ffb70f1f6d6526bccfef5e870bdd268e9a2167d9165a5bf4c", "bbefad401b9726e9ac131c4bba6222a1294f93ddfb72696169961cbfe76533f3", "bc0fa6dc8ae191b1afb1769d85824a693d368b419fa2dcd890f8acbd266ba3b8", "bca571ed3f3afa0054bebad0c410c0c0a82b7e9f054116d981833eb9e3568f39", "bcfdfef5e1bbf6c0bf90a99b66aba4d31b717f72609e812f4265fc9db3fc9db0", "bd5121091dc1587d5e4a8da97ec77d3ba2398311af7a8705e12627aefd71f04d", "bfdde41896e90df553413096040a84b50abf6a204d1cbc0e6fff26c04aefa8c6", "c07be743e8ac3f3813c1954f9d93059fef9a69e2dfafbbbdb9936a105540a37a", "c0dffd09d95bbe4448c8e2d3a17abb487f46bb295aadb7f3f2cf030013e68457", "c133a6d9eb3f4a52753244d2bc1cc3c9b715b69b8b5446de941ec9b9a0c35288", "c1469cc9fdb2aca30dcb08f4a4384a857bbc7303a566ea7577cb8fcf865ea3e5", "c2be5c934be39ee27c6521cc78627b699c0c404f3771bc704653432c4a800937", "c2dc845b8c31b08d3241ac88cc64294222a434707343298b1a15b4ecb3364a39", "c38e24099368c29169754161a827d49b9aabf6dd4b440968e8ed52047dfd98a1", "c77a8ad127e3ab6cca3eab3e8d721af6937ce3760ab998f5faa28b8cc53a22ca", "c81319c8edb5b300bf50be0656e769edd2705f212c8d2d9be57bf126f230178a", "c8251f3c56ab5b4db2fd59aa010941de25a1bc63ce304c9d4df46a060adecbe2", "cca1264c733940f0fb5ac7277685b27352701693bb2951c571516257403dac0a", "cd0e874bebb9b241ce9c0005dea706d6acb0dd939a376592849142578f9023cc", "cd253845f03d5e44a96c01a5a86a970c6575efce0834741f78c5782c571b456d", "cdf6f62ca9918e06c4dc9a8e58e86894866bd1d1113dfc71d6c0d34b8a9d84ef", "ce0bb62e097979f30a9c62f8ad043761e9edc45ebc40d6ac14d1592827003ae1", "ced14bbc9f032e037eac0de7aaa019459980b8cc829c959d872b2846df6e78c5", "ced776466c4cb9001765cc4477cc053aea281f2428f534bdea627fde07b42bf2", "cf566b6e9dc350c53f2790071757b826c70543bef4ecc40901a2a64e2e87e6ff", "cfbd039c57187e701f0228b545591fe723d6483577a46a9839be6c677dc12c6e", "cfd3df67ead39c3a60efa6f3b92c260d78f77278e45a93db31edfe5f3793c3fe", "d0c62c14b30c43a104c5fbe41c324c43272e767fc9339b3841b013afc923b532", "d15c9fe8c8e6384111ae11c540c12fdc41174b9bedd37fde6b92abaa458861a1", "d1fe51e8b705d7bec1e95836df7d5a21da519fbbdf6d76fb8268bc6a7febe01c", "d254aec1517ce1827e22556133629f0faabf91717fede35e1339cd4dda83801c", "d2ad808f6b9c9373f0c7016e43623b3cca295221f819d4b38ac1a8e3b9a3dd16", "d2ea1ff94a2eaf9044ff5362b0ac70f124ec660b2cc067b12177a31053ea40c0", "d3046476b82bb79d8d60040210bdd1efd6124c8b0a4b617123203174fe410afa", "d3a7597f0c166952126b4cf6aaa11788111507090639b5fc367853d785d14f31", "d4027099242d23412bf4d4a248c14dd23ec0bd438d42cbdafab8c8d336a88b67", "d424e1d899cf9f7e509e7b46df463cc967b21369fa5ff2ac35c878a71163cc07", "d431836a7a43047dc3f4393bab467816169188e1031ceae2b2249ffa88bd8875", "d4c2af78b6f2e93e6c1a6b148aa36a884751a1f94abe34cdb4e3a3d606937334", "d540e8f6be1cc6a1006c4ab6834dfe449867e4ee4b25731584827f6a3e73718f", "d5c1741f677c5299a640777135952c3a2fe2ffb221595e593df6cbfbf649ec97", "d64d61f8dccbf7487d0767d0032acc3052776d476b876804d9938acad403bc43", "d6e53718f03ec6b1b4d37ec1853cad31e5e6b5dd62478acd8aecd1e01af30d2d", "d8778b360a903d05b64007b478e305f35a424cfa674f4156874d1867d7aa4b3a", "d8d3ba155917df86bb8c4bc58397b3a43e513e8437dee08e2ece8032dfe22305", "d8d450d953eabe000377663aa901da70039516bcf31a80856bdc7221c18f1bb9", "d8fa855d0c510047be85f44acd28766ce45d06abba3e5c0a57eaceea3f9d18e8", "da4d863aa75a4fcf03b5a49d296a04fec43deb757a2dc191e3a7d17ac69d9ff1", "dc3c33a6aefbc713bcd1c4f71e2e6834f9b56028447e5078f93cbd76adaf72c6", "dc47b9b2741e38b901ec8c89c77670e490f6e8a02bca4ac488b57ebaa34aaf9b", "ddada672c659b038e61dc4544d7a9d5a53cfd2796a2d81b4c82d95330c1e9baf", "ddd73d649b53d0cf631047680321a60d21e901c2e8799b590e52639f5161f037", "def73213e8bc4fc0b25f73924878e8d4d4cbf6996b9e78490ad146ba7761c97e", "df9f4aba5d4bfad7482872c338b5b8856dfb4cb6493d55431eb3f71c4c830e81", "e004735d1f2889ae272bea91549fb785a0ecb2909f9eb29f8f8cadc1131f4c57", "e05f20b925bcbb7a793af868ae2a151cf47fa25cd8ff805add4a9a34db0b9e80", "e3966bbe183b3bac1168263f7c3292b1dd90ce21cf9919d1c88014192c7a22f1", "e3cd216e1ee4d08cc5b7f0cee9372d14274d652e16e0bc209b94b2e79f785eab", "e6a3e81ae40f12db75c9b3f10ec7e00c7ac93fb351a9492dc4e3e5ee1aefe816", "e94c47b44ea7d434192ccb4e1b715aff8bcbc6e847d378e658f919008c7f3ef7", "ea532f60fa177e070f4e1ef91a73d532c30234693c98beaaf269620f6f6c7224", "eae8338c85fb7b99969b0a89c4ebece97f86cc47843c44653ab5f5db625fc6e0", "eb52bf8873d2645e04ed27421c3f1981c85bb886a7778f483e2e14f75ede1c6c", "ef9a4ab0a338d81998d01f9ca1ed949fdb9506ffd2b4b60ca220ecd99d3455e8", "efacf3c462f1a357cfff456551e5c27589872a000292f85e2d4cf4a3a559d0f5", "efcc28c2f03f9818d152141f43be210dd005a92f0200ee116093fd381102b368", "f0520a3e2178fa52451492371700abcb00272cda923c0b46380ca3624498acdb", "f20be91098e67d89cb619c5339f17210cffbddf2a641b06d01ab5c7b35441704", "f20c433b3f3e11e8145fa714dd497c93edeaf9d2c779740f9fde33d3841ccb18", "f2e739067f467b421af490a9c8026f213867dc48570cd1b21c352e3bf9f281d9", "f32bac8a3a7219d4b5def3d914aab2c0d3e4bc662e0727e4552c5a4b1483fede", "f35d2edf2973b217901a2804a3c4bce707edc897e4753ea887eaf45b8351183e", "f360ae283112ab594dc887948271b723a7ca570d376b5100b459dc15f1203151", "f600ffd8e02be1b4c770f6eb3bf04499a7b2c096e91bd7c9c8c7fd2907f92f66", "f63dbc03eab0a99e493e9c610655d18e689eee1c115b6decb2964abb712ac925", "f65509df009f2c3fd860e187978e47e87c5171e587017624e962383e419e7dcc", "fb2bd6184fc4a08376fead2b4a241bc82004b32e2cb7114b2561098838da51c4", "fcf616ad58555240fe27032586e291d43196107cf4b3e8a0cd252b08ce8e72aa"], "iocs": {"domain": [{"hashes": ["0117e5f0ed99601ec0c14007fe47f9595c1c8eeb1e02ddec403051d930fd75e9", "015bb3bb231fcc3c3d713891ab7f6e38aaf58df3b071c013a0a7b6c45eed7368", "01ad4793cc16f1a08ea244cbfa95f140591d34069a2195816afe15648a7c505d", "0309ad59c21006514055ef9354e2dae635c26d3c2d990559615526a9fe72ff54", "032ec8facc409ce44eb692039a972d305213033060b16c0b74a4e8c4612b15d3", "042d6522cbe511cb76ba9e2541765697c444e149461fc5f16d0f836fc837d934", "049b5956595ccc11469be36bb2486c84491ff6caf63480a9f5e41dcda29d2e6a", "05fc5d966f35135922a80ea79a61bdfdbde06ac33a8f02f8fc8928831208b03c", "062a17b83b98fb2fe0263a1a24c4ebd04545a7503fbeba00bac6abe24905b790", "07827334bbbbd7bb30a4a0b18eedfad4cedb9a95165e74203ddc57af84036007", "08e942f92597380308bdf60888cf976732fe581d73b06bcce1414acf72ff23e9", "096c931004be830b3447cbd1e311c5b5040d06aa37e5b15e2a03a67f87e5c5d2", "0ae3a8fe5d4d198339a6e0ac66db05aac82c3fabca4c94e5073b5fcc9adc33d6", "0e0866a83d3f643b698ddd1110014afd436509d6e43282f8a95b9b29c876f4fd", "0e41b57c5d12757477f5a55a6ef4249382cb00b9647d16b4088020c77d9d4bf0", "107375aeb10e843e51c1f58395d0d116f866564b225d41acd0ba673ffaa521f3", "123fb6d0a6007cfc3bfc66afbd4bf783c3c2a178a61052363a9bc4a1a6dbbe9e", "1248073a0c941d199fb86632cd612d42f7ea6c7000c66162eac5e254298b6c0b", "127bd3b50ba83a61fa6d2e578ae65a7bf35582f9e3c91aaa26e346feb8d4a8fd", "12bfae2e5e4d8a4e8966677ff4235a56fca5fbfeb5abd71b8d4b469358db7558", "133b506e59475c536601b8121c75b5060c3de8a12f7d94e5980903af85fc6f6a", "1425ef0c15d0d2d9a791c5cbf94ced34972ba6f6f44490a4cb5a82bcfd2f8ded", "1533454353df127eb59613f0adbcdf7f2f5278b97cf59bcf815e0bd675edc5a0", "1615738e28738e78deed28921851783adc75a45e5f7258be1802e98d8f889f5a", "16659f71c91f7a0bf4dfb354dc3222d128159d8862febd0810564c606d4d4b26"], "host": "marzorevenger[.]duckdns[.]org"}], "file": [{"hashes": ["0117e5f0ed99601ec0c14007fe47f9595c1c8eeb1e02ddec403051d930fd75e9", "015bb3bb231fcc3c3d713891ab7f6e38aaf58df3b071c013a0a7b6c45eed7368", "01ad4793cc16f1a08ea244cbfa95f140591d34069a2195816afe15648a7c505d", "0309ad59c21006514055ef9354e2dae635c26d3c2d990559615526a9fe72ff54", "032ec8facc409ce44eb692039a972d305213033060b16c0b74a4e8c4612b15d3", "042d6522cbe511cb76ba9e2541765697c444e149461fc5f16d0f836fc837d934", "049b5956595ccc11469be36bb2486c84491ff6caf63480a9f5e41dcda29d2e6a", "05fc5d966f35135922a80ea79a61bdfdbde06ac33a8f02f8fc8928831208b03c", "062a17b83b98fb2fe0263a1a24c4ebd04545a7503fbeba00bac6abe24905b790", "07827334bbbbd7bb30a4a0b18eedfad4cedb9a95165e74203ddc57af84036007", "08e942f92597380308bdf60888cf976732fe581d73b06bcce1414acf72ff23e9", "096c931004be830b3447cbd1e311c5b5040d06aa37e5b15e2a03a67f87e5c5d2", "0ae3a8fe5d4d198339a6e0ac66db05aac82c3fabca4c94e5073b5fcc9adc33d6", "0e0866a83d3f643b698ddd1110014afd436509d6e43282f8a95b9b29c876f4fd", "0e41b57c5d12757477f5a55a6ef4249382cb00b9647d16b4088020c77d9d4bf0", "107375aeb10e843e51c1f58395d0d116f866564b225d41acd0ba673ffaa521f3", "123fb6d0a6007cfc3bfc66afbd4bf783c3c2a178a61052363a9bc4a1a6dbbe9e", "1248073a0c941d199fb86632cd612d42f7ea6c7000c66162eac5e254298b6c0b", "127bd3b50ba83a61fa6d2e578ae65a7bf35582f9e3c91aaa26e346feb8d4a8fd", "12bfae2e5e4d8a4e8966677ff4235a56fca5fbfeb5abd71b8d4b469358db7558", "133b506e59475c536601b8121c75b5060c3de8a12f7d94e5980903af85fc6f6a", "1425ef0c15d0d2d9a791c5cbf94ced34972ba6f6f44490a4cb5a82bcfd2f8ded", "1533454353df127eb59613f0adbcdf7f2f5278b97cf59bcf815e0bd675edc5a0", "1615738e28738e78deed28921851783adc75a45e5f7258be1802e98d8f889f5a", "16659f71c91f7a0bf4dfb354dc3222d128159d8862febd0810564c606d4d4b26"], "path": "%APPDATA%\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\AudioHandlers.url"}, {"hashes": ["0117e5f0ed99601ec0c14007fe47f9595c1c8eeb1e02ddec403051d930fd75e9", "015bb3bb231fcc3c3d713891ab7f6e38aaf58df3b071c013a0a7b6c45eed7368", "01ad4793cc16f1a08ea244cbfa95f140591d34069a2195816afe15648a7c505d", "0309ad59c21006514055ef9354e2dae635c26d3c2d990559615526a9fe72ff54", "032ec8facc409ce44eb692039a972d305213033060b16c0b74a4e8c4612b15d3", "042d6522cbe511cb76ba9e2541765697c444e149461fc5f16d0f836fc837d934", "049b5956595ccc11469be36bb2486c84491ff6caf63480a9f5e41dcda29d2e6a", "05fc5d966f35135922a80ea79a61bdfdbde06ac33a8f02f8fc8928831208b03c", "062a17b83b98fb2fe0263a1a24c4ebd04545a7503fbeba00bac6abe24905b790", "07827334bbbbd7bb30a4a0b18eedfad4cedb9a95165e74203ddc57af84036007", "08e942f92597380308bdf60888cf976732fe581d73b06bcce1414acf72ff23e9", "096c931004be830b3447cbd1e311c5b5040d06aa37e5b15e2a03a67f87e5c5d2", "0ae3a8fe5d4d198339a6e0ac66db05aac82c3fabca4c94e5073b5fcc9adc33d6", "0e0866a83d3f643b698ddd1110014afd436509d6e43282f8a95b9b29c876f4fd", "0e41b57c5d12757477f5a55a6ef4249382cb00b9647d16b4088020c77d9d4bf0", "107375aeb10e843e51c1f58395d0d116f866564b225d41acd0ba673ffaa521f3", "123fb6d0a6007cfc3bfc66afbd4bf783c3c2a178a61052363a9bc4a1a6dbbe9e", "1248073a0c941d199fb86632cd612d42f7ea6c7000c66162eac5e254298b6c0b", "127bd3b50ba83a61fa6d2e578ae65a7bf35582f9e3c91aaa26e346feb8d4a8fd", "12bfae2e5e4d8a4e8966677ff4235a56fca5fbfeb5abd71b8d4b469358db7558", "133b506e59475c536601b8121c75b5060c3de8a12f7d94e5980903af85fc6f6a", "1425ef0c15d0d2d9a791c5cbf94ced34972ba6f6f44490a4cb5a82bcfd2f8ded", "1533454353df127eb59613f0adbcdf7f2f5278b97cf59bcf815e0bd675edc5a0", "1615738e28738e78deed28921851783adc75a45e5f7258be1802e98d8f889f5a", "16659f71c91f7a0bf4dfb354dc3222d128159d8862febd0810564c606d4d4b26"], "path": "%APPDATA%\\at"}, {"hashes": ["0117e5f0ed99601ec0c14007fe47f9595c1c8eeb1e02ddec403051d930fd75e9", "015bb3bb231fcc3c3d713891ab7f6e38aaf58df3b071c013a0a7b6c45eed7368", "01ad4793cc16f1a08ea244cbfa95f140591d34069a2195816afe15648a7c505d", "0309ad59c21006514055ef9354e2dae635c26d3c2d990559615526a9fe72ff54", "032ec8facc409ce44eb692039a972d305213033060b16c0b74a4e8c4612b15d3", "042d6522cbe511cb76ba9e2541765697c444e149461fc5f16d0f836fc837d934", "049b5956595ccc11469be36bb2486c84491ff6caf63480a9f5e41dcda29d2e6a", "05fc5d966f35135922a80ea79a61bdfdbde06ac33a8f02f8fc8928831208b03c", "062a17b83b98fb2fe0263a1a24c4ebd04545a7503fbeba00bac6abe24905b790", "07827334bbbbd7bb30a4a0b18eedfad4cedb9a95165e74203ddc57af84036007", "08e942f92597380308bdf60888cf976732fe581d73b06bcce1414acf72ff23e9", "096c931004be830b3447cbd1e311c5b5040d06aa37e5b15e2a03a67f87e5c5d2", "0ae3a8fe5d4d198339a6e0ac66db05aac82c3fabca4c94e5073b5fcc9adc33d6", "0e0866a83d3f643b698ddd1110014afd436509d6e43282f8a95b9b29c876f4fd", "0e41b57c5d12757477f5a55a6ef4249382cb00b9647d16b4088020c77d9d4bf0", "107375aeb10e843e51c1f58395d0d116f866564b225d41acd0ba673ffaa521f3", "123fb6d0a6007cfc3bfc66afbd4bf783c3c2a178a61052363a9bc4a1a6dbbe9e", "1248073a0c941d199fb86632cd612d42f7ea6c7000c66162eac5e254298b6c0b", "127bd3b50ba83a61fa6d2e578ae65a7bf35582f9e3c91aaa26e346feb8d4a8fd", "12bfae2e5e4d8a4e8966677ff4235a56fca5fbfeb5abd71b8d4b469358db7558", "133b506e59475c536601b8121c75b5060c3de8a12f7d94e5980903af85fc6f6a", "1425ef0c15d0d2d9a791c5cbf94ced34972ba6f6f44490a4cb5a82bcfd2f8ded", "1533454353df127eb59613f0adbcdf7f2f5278b97cf59bcf815e0bd675edc5a0", "1615738e28738e78deed28921851783adc75a45e5f7258be1802e98d8f889f5a", "16659f71c91f7a0bf4dfb354dc3222d128159d8862febd0810564c606d4d4b26"], "path": "%APPDATA%\\at\\AudioHandlers.vbs"}, {"hashes": ["0117e5f0ed99601ec0c14007fe47f9595c1c8eeb1e02ddec403051d930fd75e9", "015bb3bb231fcc3c3d713891ab7f6e38aaf58df3b071c013a0a7b6c45eed7368", "01ad4793cc16f1a08ea244cbfa95f140591d34069a2195816afe15648a7c505d", "0309ad59c21006514055ef9354e2dae635c26d3c2d990559615526a9fe72ff54", "032ec8facc409ce44eb692039a972d305213033060b16c0b74a4e8c4612b15d3", "042d6522cbe511cb76ba9e2541765697c444e149461fc5f16d0f836fc837d934", "049b5956595ccc11469be36bb2486c84491ff6caf63480a9f5e41dcda29d2e6a", "05fc5d966f35135922a80ea79a61bdfdbde06ac33a8f02f8fc8928831208b03c", "062a17b83b98fb2fe0263a1a24c4ebd04545a7503fbeba00bac6abe24905b790", "07827334bbbbd7bb30a4a0b18eedfad4cedb9a95165e74203ddc57af84036007", "08e942f92597380308bdf60888cf976732fe581d73b06bcce1414acf72ff23e9", "096c931004be830b3447cbd1e311c5b5040d06aa37e5b15e2a03a67f87e5c5d2", "0ae3a8fe5d4d198339a6e0ac66db05aac82c3fabca4c94e5073b5fcc9adc33d6", "0e0866a83d3f643b698ddd1110014afd436509d6e43282f8a95b9b29c876f4fd", "0e41b57c5d12757477f5a55a6ef4249382cb00b9647d16b4088020c77d9d4bf0", "107375aeb10e843e51c1f58395d0d116f866564b225d41acd0ba673ffaa521f3", "123fb6d0a6007cfc3bfc66afbd4bf783c3c2a178a61052363a9bc4a1a6dbbe9e", "1248073a0c941d199fb86632cd612d42f7ea6c7000c66162eac5e254298b6c0b", "127bd3b50ba83a61fa6d2e578ae65a7bf35582f9e3c91aaa26e346feb8d4a8fd", "12bfae2e5e4d8a4e8966677ff4235a56fca5fbfeb5abd71b8d4b469358db7558", "133b506e59475c536601b8121c75b5060c3de8a12f7d94e5980903af85fc6f6a", "1425ef0c15d0d2d9a791c5cbf94ced34972ba6f6f44490a4cb5a82bcfd2f8ded", "1533454353df127eb59613f0adbcdf7f2f5278b97cf59bcf815e0bd675edc5a0", "1615738e28738e78deed28921851783adc75a45e5f7258be1802e98d8f889f5a", "16659f71c91f7a0bf4dfb354dc3222d128159d8862febd0810564c606d4d4b26"], "path": "%APPDATA%\\at\\MicrosoftEdgeCP.exe"}], "ip": [{"hashes": ["0117e5f0ed99601ec0c14007fe47f9595c1c8eeb1e02ddec403051d930fd75e9", "015bb3bb231fcc3c3d713891ab7f6e38aaf58df3b071c013a0a7b6c45eed7368", "01ad4793cc16f1a08ea244cbfa95f140591d34069a2195816afe15648a7c505d", "0309ad59c21006514055ef9354e2dae635c26d3c2d990559615526a9fe72ff54", "032ec8facc409ce44eb692039a972d305213033060b16c0b74a4e8c4612b15d3", "042d6522cbe511cb76ba9e2541765697c444e149461fc5f16d0f836fc837d934", "049b5956595ccc11469be36bb2486c84491ff6caf63480a9f5e41dcda29d2e6a", "05fc5d966f35135922a80ea79a61bdfdbde06ac33a8f02f8fc8928831208b03c", "062a17b83b98fb2fe0263a1a24c4ebd04545a7503fbeba00bac6abe24905b790", "07827334bbbbd7bb30a4a0b18eedfad4cedb9a95165e74203ddc57af84036007", "08e942f92597380308bdf60888cf976732fe581d73b06bcce1414acf72ff23e9", "096c931004be830b3447cbd1e311c5b5040d06aa37e5b15e2a03a67f87e5c5d2", "0ae3a8fe5d4d198339a6e0ac66db05aac82c3fabca4c94e5073b5fcc9adc33d6", "0e0866a83d3f643b698ddd1110014afd436509d6e43282f8a95b9b29c876f4fd", "0e41b57c5d12757477f5a55a6ef4249382cb00b9647d16b4088020c77d9d4bf0", "107375aeb10e843e51c1f58395d0d116f866564b225d41acd0ba673ffaa521f3", "123fb6d0a6007cfc3bfc66afbd4bf783c3c2a178a61052363a9bc4a1a6dbbe9e", "1248073a0c941d199fb86632cd612d42f7ea6c7000c66162eac5e254298b6c0b", "127bd3b50ba83a61fa6d2e578ae65a7bf35582f9e3c91aaa26e346feb8d4a8fd", "12bfae2e5e4d8a4e8966677ff4235a56fca5fbfeb5abd71b8d4b469358db7558", "133b506e59475c536601b8121c75b5060c3de8a12f7d94e5980903af85fc6f6a", "1425ef0c15d0d2d9a791c5cbf94ced34972ba6f6f44490a4cb5a82bcfd2f8ded", "1533454353df127eb59613f0adbcdf7f2f5278b97cf59bcf815e0bd675edc5a0", "1615738e28738e78deed28921851783adc75a45e5f7258be1802e98d8f889f5a", "16659f71c91f7a0bf4dfb354dc3222d128159d8862febd0810564c606d4d4b26"], "ip": "186[.]85[.]86[.]137"}], "mutex": [{"hashes": ["0117e5f0ed99601ec0c14007fe47f9595c1c8eeb1e02ddec403051d930fd75e9", "015bb3bb231fcc3c3d713891ab7f6e38aaf58df3b071c013a0a7b6c45eed7368", "01ad4793cc16f1a08ea244cbfa95f140591d34069a2195816afe15648a7c505d", "0309ad59c21006514055ef9354e2dae635c26d3c2d990559615526a9fe72ff54", "032ec8facc409ce44eb692039a972d305213033060b16c0b74a4e8c4612b15d3", "042d6522cbe511cb76ba9e2541765697c444e149461fc5f16d0f836fc837d934", "049b5956595ccc11469be36bb2486c84491ff6caf63480a9f5e41dcda29d2e6a", "05fc5d966f35135922a80ea79a61bdfdbde06ac33a8f02f8fc8928831208b03c", "062a17b83b98fb2fe0263a1a24c4ebd04545a7503fbeba00bac6abe24905b790", "07827334bbbbd7bb30a4a0b18eedfad4cedb9a95165e74203ddc57af84036007", "08e942f92597380308bdf60888cf976732fe581d73b06bcce1414acf72ff23e9", "096c931004be830b3447cbd1e311c5b5040d06aa37e5b15e2a03a67f87e5c5d2", "0ae3a8fe5d4d198339a6e0ac66db05aac82c3fabca4c94e5073b5fcc9adc33d6", "0e0866a83d3f643b698ddd1110014afd436509d6e43282f8a95b9b29c876f4fd", "0e41b57c5d12757477f5a55a6ef4249382cb00b9647d16b4088020c77d9d4bf0", "107375aeb10e843e51c1f58395d0d116f866564b225d41acd0ba673ffaa521f3", "123fb6d0a6007cfc3bfc66afbd4bf783c3c2a178a61052363a9bc4a1a6dbbe9e", "1248073a0c941d199fb86632cd612d42f7ea6c7000c66162eac5e254298b6c0b", "127bd3b50ba83a61fa6d2e578ae65a7bf35582f9e3c91aaa26e346feb8d4a8fd", "12bfae2e5e4d8a4e8966677ff4235a56fca5fbfeb5abd71b8d4b469358db7558", "133b506e59475c536601b8121c75b5060c3de8a12f7d94e5980903af85fc6f6a", "1425ef0c15d0d2d9a791c5cbf94ced34972ba6f6f44490a4cb5a82bcfd2f8ded", "1533454353df127eb59613f0adbcdf7f2f5278b97cf59bcf815e0bd675edc5a0", "1615738e28738e78deed28921851783adc75a45e5f7258be1802e98d8f889f5a", "16659f71c91f7a0bf4dfb354dc3222d128159d8862febd0810564c606d4d4b26"], "name": "RV_MUTEX-PiGGjjtnxDpn"}, {"hashes": ["0117e5f0ed99601ec0c14007fe47f9595c1c8eeb1e02ddec403051d930fd75e9", "015bb3bb231fcc3c3d713891ab7f6e38aaf58df3b071c013a0a7b6c45eed7368", "01ad4793cc16f1a08ea244cbfa95f140591d34069a2195816afe15648a7c505d", "0309ad59c21006514055ef9354e2dae635c26d3c2d990559615526a9fe72ff54", "032ec8facc409ce44eb692039a972d305213033060b16c0b74a4e8c4612b15d3", "042d6522cbe511cb76ba9e2541765697c444e149461fc5f16d0f836fc837d934", "049b5956595ccc11469be36bb2486c84491ff6caf63480a9f5e41dcda29d2e6a", "05fc5d966f35135922a80ea79a61bdfdbde06ac33a8f02f8fc8928831208b03c", "062a17b83b98fb2fe0263a1a24c4ebd04545a7503fbeba00bac6abe24905b790", "07827334bbbbd7bb30a4a0b18eedfad4cedb9a95165e74203ddc57af84036007", "08e942f92597380308bdf60888cf976732fe581d73b06bcce1414acf72ff23e9", "096c931004be830b3447cbd1e311c5b5040d06aa37e5b15e2a03a67f87e5c5d2", "0ae3a8fe5d4d198339a6e0ac66db05aac82c3fabca4c94e5073b5fcc9adc33d6", "0e0866a83d3f643b698ddd1110014afd436509d6e43282f8a95b9b29c876f4fd", "0e41b57c5d12757477f5a55a6ef4249382cb00b9647d16b4088020c77d9d4bf0", "107375aeb10e843e51c1f58395d0d116f866564b225d41acd0ba673ffaa521f3", "123fb6d0a6007cfc3bfc66afbd4bf783c3c2a178a61052363a9bc4a1a6dbbe9e", "1248073a0c941d199fb86632cd612d42f7ea6c7000c66162eac5e254298b6c0b", "127bd3b50ba83a61fa6d2e578ae65a7bf35582f9e3c91aaa26e346feb8d4a8fd", "12bfae2e5e4d8a4e8966677ff4235a56fca5fbfeb5abd71b8d4b469358db7558", "133b506e59475c536601b8121c75b5060c3de8a12f7d94e5980903af85fc6f6a", "1425ef0c15d0d2d9a791c5cbf94ced34972ba6f6f44490a4cb5a82bcfd2f8ded", "1533454353df127eb59613f0adbcdf7f2f5278b97cf59bcf815e0bd675edc5a0", "1615738e28738e78deed28921851783adc75a45e5f7258be1802e98d8f889f5a", "16659f71c91f7a0bf4dfb354dc3222d128159d8862febd0810564c606d4d4b26"], "name": "cacls"}], "registry": []}, "reports_count": 25}, "exprev": [], "info": {"origin": "Cisco Talos Intelligence Group", "publication_date": "2023-06-23T16:10:12+00:00", "version": "2.1", "warning": "As a reminder, the information provided for the following threatsin this post is non-exhaustive and current as of the date ofpublication. Additionally, please keep in mind that IOC searchingis only one part of threat hunting. Spotting a single IOC does notnecessarily indicate maliciousness. Detection and coverage for thefollowing threats is subject to updates, pending additional threator vulnerability analysis. For the most current information, pleaserefer to your Firepower Management Center, Snort.org, or ClamAV.net."}, "signatures": ["Win.Downloader.Zbot-10004448-0", "Win.Dropper.Kuluoz-10004513-0", "Doc.Downloader.Valyria-10004543-0", "Win.Dropper.Tofsee-10004548-0", "Win.Malware.Bublik-10004580-0", "Win.Trojan.RevengeRAT-10004611-1", "Win.Dropper.XtremeRAT-10004704-1", "Win.Packed.Upatre-10004837-0"]}