VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load
VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

cf984db16d21a622244e57ecac2f8f24    Hybrid analysis report

Basic Information

file name: cf984db16d21a622244e57ecac2f8f24
file size: 50676
file type: MS-DOS executable, MZ for MS-DOS
Submission time: 2019-09-07 08:40:32
MD5: cf984db16d21a622244e57ecac2f8f24
sha1: d49ad9600205071aadb35f66ab3083cb74e48686
sha256: e379f72fb9d000eef3209ab1bc60348bb7f10a5fb838f51b8a407bf78c731f3d
enviorment_description: Windows 7 32 bit (HWP Support)
total_processes: 0
total_signatures: 0
file_analysis: 0
mitre_attcks: 0

Document analysis report

uuid: java:java.util.UUID
xmlns: http://www.misp-project.org/
Event
id: 1753998a-cbbf-4455-8339-a3b3f380376c
date: 2019-09-07
info: Falcon Sandbox auto-generated for \"e379f72fb9d000eef3209ab1bc60348bb7f10a5fb838f51b8a407bf78c731f3d\"
analysis: 2
distribution: 1
published: 1
Attribute
category: External analysis
type: link
value: https://www.hybrid-analysis.com/search?query=e379f72fb9d000eef3209ab1bc60348bb7f10a5fb838f51b8a407bf78c731f3d
distribution: 1
category: External analysis
type: comment
value: Falcon Sandbox v8.30 Copyright 2019 Hybrid Analysis GmbH, All Rights Reserved, www.payload-security.com
distribution: 1
category: Payload delivery
type: filename|md5
value: e379f72fb9d000eef3209ab1bc60348bb7f10a5fb838f51b8a407bf78c731f3d|cf984db16d21a622244e57ecac2f8f24
distribution: 1
category: Payload delivery
type: filename|sha1
value: e379f72fb9d000eef3209ab1bc60348bb7f10a5fb838f51b8a407bf78c731f3d|d49ad9600205071aadb35f66ab3083cb74e48686
distribution: 1
category: Payload delivery
type: filename|sha256
value: e379f72fb9d000eef3209ab1bc60348bb7f10a5fb838f51b8a407bf78c731f3d|e379f72fb9d000eef3209ab1bc60348bb7f10a5fb838f51b8a407bf78c731f3d
distribution: 1
category: Payload delivery
type: filename|sha512
value: e379f72fb9d000eef3209ab1bc60348bb7f10a5fb838f51b8a407bf78c731f3d|978d167008a7e3b8c983a100ddc80491d0eac9a5d2b9586cfb538beadd7a4c3c866f753149eedb20873251b6f2375c729f69594b24db61b3e91d6535431a8440
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\SHELL|4500780070006C006F007200650072002E006500780065002000730049005200430034002E006500780065000000
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\sIRC4
distribution: 1
category: Artifacts dropped
type: mutex
value: sIRC4
distribution: 1
category: Payload installation
type: filename|md5
value: %WINDIR%\System32\DC++ Share\AcroTextExtractor.exe|cf984db16d21a622244e57ecac2f8f24
distribution: 1
category: Payload installation
type: filename|sha1
value: %WINDIR%\System32\DC++ Share\AcroTextExtractor.exe|d49ad9600205071aadb35f66ab3083cb74e48686
distribution: 1
category: Payload installation
type: filename|sha256
value: %WINDIR%\System32\DC++ Share\AcroTextExtractor.exe|e379f72fb9d000eef3209ab1bc60348bb7f10a5fb838f51b8a407bf78c731f3d
distribution: 1
category: Payload installation
type: filename|sha512
value: %WINDIR%\System32\DC++ Share\AcroTextExtractor.exe|978d167008a7e3b8c983a100ddc80491d0eac9a5d2b9586cfb538beadd7a4c3c866f753149eedb20873251b6f2375c729f69594b24db61b3e91d6535431a8440
distribution: 1
category: Payload installation
type: filename|md5
value: SETUP01.exe|d40def26a8fc3c2f82f277ae5a811469
distribution: 1
category: Payload installation
type: filename|sha1
value: SETUP01.exe|daaf8d034c4f95c8c4ac0472e4d0d82dbb7cabed
distribution: 1
category: Payload installation
type: filename|sha256
value: SETUP01.exe|ef39e1f1e6382e3b2824595653633284e012de74c61b634bf09b8cf75c85b993
distribution: 1
category: Payload installation
type: filename|sha512
value: SETUP01.exe|54a2101fc4bb34386c6125c43e171a83a34d357b6f626461ccf92baa82a0086d65038a4a26acca49432e9842a175871428fd1c0b5d8a17664b8a5b6355b515b8
distribution: 1
category: Payload installation
type: filename|md5
value: %WINDIR%\System32\xdccPrograms\7zFM.exe|a71776eef6650b594a30e042364a6345
distribution: 1
category: Payload installation
type: filename|sha1
value: %WINDIR%\System32\xdccPrograms\7zFM.exe|95ad6e32aeca674b60549e14f7a641f4a99a7e05
distribution: 1
category: Payload installation
type: filename|sha256
value: %WINDIR%\System32\xdccPrograms\7zFM.exe|336f7e16b7faee505740549167371bff5df5774ec0afbec6eaf8fd4924a8a010
distribution: 1
category: Payload installation
type: filename|sha512
value: %WINDIR%\System32\xdccPrograms\7zFM.exe|90adc2a7d3582980d9eb6bd470e613ab5a4aed519e8a90f1fb65e1657fd74f2b7e007821aef4457b77c331dba006e010437d5bb6d5924dcd07244b6801b8b29f
distribution: 1
category: Payload installation
type: filename|md5
value: %WINDIR%\System32\DC++ Share\AdobeCollabSync.exe|c9c1f8942c0b38cce65e760c4ba8b55a
distribution: 1
category: Payload installation
type: filename|sha1
value: %WINDIR%\System32\DC++ Share\AdobeCollabSync.exe|73ab0a746b208d487acfdb8caf4deacc14a4ce90
distribution: 1
category: Payload installation
type: filename|sha256
value: %WINDIR%\System32\DC++ Share\AdobeCollabSync.exe|b799839612bff955148f3c806e2f9211bf64404213001e06d5b61114a7a62d5a
distribution: 1
category: Payload installation
type: filename|sha512
value: %WINDIR%\System32\DC++ Share\AdobeCollabSync.exe|3c39fa4dd5e26b9744e3c2fdf2aa74d7e655c4182c264c604f3114b3a959851356fb5a192d5d56335c298ab049470c18be59c94dc2a1fdfd5a5ef4d28cac5aa3
distribution: 1
category: Payload installation
type: filename|md5
value: SETUP02.exe|4fa419ee4568e7b443a4cf264cdaf6ca
distribution: 1
category: Payload installation
type: filename|sha1
value: SETUP02.exe|23fad880bb4eb3147dd018de3aae91c072ac8a5e
distribution: 1
category: Payload installation
type: filename|sha256
value: SETUP02.exe|a2e756116a9680a9b9dde5f8bad953d778576e364c4a054ee2b22f83861ae141
distribution: 1
category: Payload installation
type: filename|sha512
value: SETUP02.exe|8545202d169f549b4dc740b4f3094561d78a14599e073d12eda6105d5e7117b64f835f59394e936d0d3a29fd1d65db5229c93b68501d56557a6f0316fc8b0cd8
distribution: 1
category: Payload installation
type: filename|md5
value: %WINDIR%\System32\xdccPrograms\7z.exe|1ab50b02d2189891221d986272caee3a
distribution: 1
category: Payload installation
type: filename|sha1
value: %WINDIR%\System32\xdccPrograms\7z.exe|9eaaacc861b0430133c3459f15d59f8f1e609cc2
distribution: 1
category: Payload installation
type: filename|sha256
value: %WINDIR%\System32\xdccPrograms\7z.exe|2252bab33396beb59d3fb7ec4f165a36c2ad2ceb9016e991c95774f4dfc4a8d9
distribution: 1
category: Payload installation
type: filename|sha512
value: %WINDIR%\System32\xdccPrograms\7z.exe|4d8e1bcdd8046a59125f0c7507f3b6a4040e3232ae08009ec6d73ea5b3e5d05cb33954198e982f2012db12fa85ce4538d7a815a7371d90f4e2660ced2144427b
distribution: 1
category: Payload installation
type: filename|md5
value: %WINDIR%\System32\xdccPrograms\cf984db16d21a622244e57ecac2f8f24.exe|12cb50c5af7c023cc9ac877e64920e04
distribution: 1
category: Payload installation
type: filename|sha1
value: %WINDIR%\System32\xdccPrograms\cf984db16d21a622244e57ecac2f8f24.exe|90323bd9953a35ec16c780b3d80b03b8ade96a1c
distribution: 1
category: Payload installation
type: filename|sha256
value: %WINDIR%\System32\xdccPrograms\cf984db16d21a622244e57ecac2f8f24.exe|329803e972f5b8cb1db1236c7aca88a38565582d6684d6119cc89516b3f55bb6
distribution: 1
category: Payload installation
type: filename|sha512
value: %WINDIR%\System32\xdccPrograms\cf984db16d21a622244e57ecac2f8f24.exe|0088b3f76d2d26b61efa6c3965b322a108ed019285bd37fe5f046c6c8fffad80585d0748c033bd7222b73c5a6c0a6da5111a58f24a077fa7b91814c8fd34f19a
distribution: 1
category: Payload installation
type: filename|md5
value: %WINDIR%\System32\DC++ Share\ADelRCP.exe|b8f20075133ce1784b84197d84ca0907
distribution: 1
category: Payload installation
type: filename|sha1
value: %WINDIR%\System32\DC++ Share\ADelRCP.exe|6280888c2a8b14cc96db6c3340ba2d517c720f7e
distribution: 1
category: Payload installation
type: filename|sha256
value: %WINDIR%\System32\DC++ Share\ADelRCP.exe|a1f214f96971a2c1c8c427533fe5adcedc7d04d2e513f25b7a0a234ca214afd9
distribution: 1
category: Payload installation
type: filename|sha512
value: %WINDIR%\System32\DC++ Share\ADelRCP.exe|ef40724b40c50e01cda552da38e50b7eac02452ac737c614b9ca87df71c20904d320e6d65c9c63860e1aeb4279ca083663f2993aaeb41d57f1d76b5c78a3ec79
distribution: 1
category: Payload installation
type: filename|md5
value: SETUP05.exe|b59d7602b533bc874ae67425ea545e45
distribution: 1
category: Payload installation
type: filename|sha1
value: SETUP05.exe|4d67b9355d227bc3e3085c0f817ed400268f7248
distribution: 1
category: Payload installation
type: filename|sha256
value: SETUP05.exe|e186f491f6cad8e99ddaf69ffa6b1ec0e8aadb02d104d6ca8381d87d37d5906d
distribution: 1
category: Payload installation
type: filename|sha512
value: SETUP05.exe|23f54d8a9a0d5706b8a2356ab3088ca12c18ed06901fbb602393dee98b7a2b6ef80f768392eaa60e49d0dac529d4264c2402766148c2ffb9a18825898317e625
distribution: 1
category: Payload installation
type: filename|md5
value: %WINDIR%\System32\DC++ Share\Eula.exe|cf984db16d21a622244e57ecac2f8f24
distribution: 1
category: Payload installation
type: filename|sha1
value: %WINDIR%\System32\DC++ Share\Eula.exe|d49ad9600205071aadb35f66ab3083cb74e48686
distribution: 1
category: Payload installation
type: filename|sha256
value: %WINDIR%\System32\DC++ Share\Eula.exe|e379f72fb9d000eef3209ab1bc60348bb7f10a5fb838f51b8a407bf78c731f3d
distribution: 1
category: Payload installation
type: filename|sha512
value: %WINDIR%\System32\DC++ Share\Eula.exe|978d167008a7e3b8c983a100ddc80491d0eac9a5d2b9586cfb538beadd7a4c3c866f753149eedb20873251b6f2375c729f69594b24db61b3e91d6535431a8440
distribution: 1
category: Payload installation
type: filename|md5
value: SETUP06.exe|6207c8c89a40928355b2bd6028fcac7a
distribution: 1
category: Payload installation
type: filename|sha1
value: SETUP06.exe|f294f44447ae8179987760e1cefa32efea356599
distribution: 1
category: Payload installation
type: filename|sha256
value: SETUP06.exe|73be2ac6dd60a3d8760115d7af6e1d6f8025d8c278cb2db65f64aadeab41f2fd
distribution: 1
category: Payload installation
type: filename|sha512
value: SETUP06.exe|cf4883692a23cae4963e4d4cfacd1627a9a6cc301e72b5e49b476512eeeedea4dfb3aae283d23e2092c910c4e8244584d929de07294e262c26efe21a09579579
distribution: 1
category: Payload installation
type: filename|md5
value: %WINDIR%\System32\DC++ Share\AcroRd32Info.exe|9d8cc9a4711fa88cdcc537338961692e
distribution: 1
category: Payload installation
type: filename|sha1
value: %WINDIR%\System32\DC++ Share\AcroRd32Info.exe|441202748c395544a17a46b45a8f21a2f21735ab
distribution: 1
category: Payload installation
type: filename|sha256
value: %WINDIR%\System32\DC++ Share\AcroRd32Info.exe|387cd50ff70df1ac6f07d908b408b7debea937fa9ed43462019cd4d257e2f15a
distribution: 1
category: Payload installation
type: filename|sha512
value: %WINDIR%\System32\DC++ Share\AcroRd32Info.exe|efc25e444e9881d2052009c227d62e624e3dcff298b02cea7ba5ff7222ace3aca93ba984baca0aa92295c894d0c27409a7ab669f3a00f27a7a5d88033446b4aa
distribution: 1
category: Payload installation
type: filename|md5
value: Au3Info_x64.exe|7bb9eb79fa9d4a2ae8e3236865e0e3c0
distribution: 1
category: Payload installation
type: filename|sha1
value: Au3Info_x64.exe|fec125e3e0661c679c1621698bc15a3372bf6e4b
distribution: 1
category: Payload installation
type: filename|sha256
value: Au3Info_x64.exe|cb772d71f60ba22f52dbb4815c6241bbda58a3906f0661ea48ef8519214e51cd
distribution: 1
category: Payload installation
type: filename|sha512
value: Au3Info_x64.exe|710c9dd13ad8f4c9d187c25a9c14fcd725a6e3d8e8a51d366d893904380bf567a3937dfc949d786a00181fa4decc9f9187c0fb749b1666c8fa81cfc82fc4e109
distribution: 1
category: Payload installation
type: filename|md5
value: AutoIt3Help.exe|066d0b527ebf87adbccddb57a818e224
distribution: 1
category: Payload installation
type: filename|sha1
value: AutoIt3Help.exe|023fcda7ac023ce9324a60727eb159bb674d4890
distribution: 1
category: Payload installation
type: filename|sha256
value: AutoIt3Help.exe|4b81b5d120431f2488e50e6871c2b4241e212175a2ef91b2d6e6e980f096fa99
distribution: 1
category: Payload installation
type: filename|sha512
value: AutoIt3Help.exe|f669edadc11776340efdc9dd8d5bae83847166e12b3db78c7250cd0436b17d03fbba9c2492b8083322df0b03f92e4d3e88533149c72012c41a62f310a027eade
distribution: 1
category: Payload installation
type: filename|md5
value: SETUP09.exe|1371ff2f55ff1bf9e5194646db475c5b
distribution: 1
category: Payload installation
type: filename|sha1
value: SETUP09.exe|39752eace530195d5213031ba731123f47dad127
distribution: 1
category: Payload installation
type: filename|sha256
value: SETUP09.exe|e0cba364b26c1e94bebc849a804207f099770e3db6eb76773360bc38a76a4c0f
distribution: 1
category: Payload installation
type: filename|sha512
value: SETUP09.exe|543b369992134511f8837cf11111449d290b8c4b28f836dabc8968f7d4e8ce5771ed92696d57d11c3d794bc378df40e316c012f30e5300d618c760790af500fd
distribution: 1
category: Payload installation
type: filename|md5
value: Aut2exe_x64.exe|23f44b74e852ad4b15c240689ea309dc
distribution: 1
category: Payload installation
type: filename|sha1
value: Aut2exe_x64.exe|d58ccaa6d005234c5bc9b3336150709899847cf6
distribution: 1
category: Payload installation
type: filename|sha256
value: Aut2exe_x64.exe|a47110c6b7c95d3eee9390000b6cf3402181830521588add13cd3970415acb0a
distribution: 1
category: Payload installation
type: filename|sha512
value: Aut2exe_x64.exe|783125a9a78a5f38fc3b7f11b74f64a0c0c4dde0c6a43a71704c0c875be4782856f48cd70aeb38fdf7a76215a65e6806318f21d668eaa86f8abe3728deb4926d
distribution: 1
category: Payload installation
type: filename|md5
value: SETUP04.exe|cdfdecc563a3d9cd22b7e416fd56b6e7
distribution: 1
category: Payload installation
type: filename|sha1
value: SETUP04.exe|1c0504e24fbb22eb71e8fc7d311c5a1364db6853
distribution: 1
category: Payload installation
type: filename|sha256
value: SETUP04.exe|5a6d40e7410cc886cace21f67a0f23ec1fea878e3109697ecb72167124ebdcf5
distribution: 1
category: Payload installation
type: filename|sha512
value: SETUP04.exe|7f77d59f928a08a5a249715cc2fd20a0bba7611c82ab29a730c8358c4f56041b10f8225e823e8347eb2a64a37aabf984b968b55de8c68c23aec4ad012ca73088
distribution: 1
category: Payload installation
type: filename|md5
value: %WINDIR%\System32\xdccPrograms\Uninstall.exe|cf984db16d21a622244e57ecac2f8f24
distribution: 1
category: Payload installation
type: filename|sha1
value: %WINDIR%\System32\xdccPrograms\Uninstall.exe|d49ad9600205071aadb35f66ab3083cb74e48686
distribution: 1
category: Payload installation
type: filename|sha256
value: %WINDIR%\System32\xdccPrograms\Uninstall.exe|e379f72fb9d000eef3209ab1bc60348bb7f10a5fb838f51b8a407bf78c731f3d
distribution: 1
category: Payload installation
type: filename|sha512
value: %WINDIR%\System32\xdccPrograms\Uninstall.exe|978d167008a7e3b8c983a100ddc80491d0eac9a5d2b9586cfb538beadd7a4c3c866f753149eedb20873251b6f2375c729f69594b24db61b3e91d6535431a8440
distribution: 1
category: Payload installation
type: filename|md5
value: wow_helper.exe|2aeb69556a57adf517ea792614f4feea
distribution: 1
category: Payload installation
type: filename|sha1
value: wow_helper.exe|ebcd02814d5a0dde4728c4dcdb37a26706bcc5c0
distribution: 1
category: Payload installation
type: filename|sha256
value: wow_helper.exe|7efa4e686cefde4f1a600a2ad031b40efde91014a3a20b13bad5c1040f69b7b6
distribution: 1
category: Payload installation
type: filename|sha512
value: wow_helper.exe|547ee5f3753107f6e4c0f07eba36cf981485a531ee0d14380aa4982b2f6561eb75e60dad2b827762d4cb210f67bc1ad1fa2cefbcfca5888254178103032d05ae
distribution: 1
category: Payload installation
type: filename|md5
value: AutoIt3_x64.exe|ab0f4e910de28c3c37d1c3743741eba9
distribution: 1
category: Payload installation
type: filename|sha1
value: AutoIt3_x64.exe|e0c4e3cfb912a24da6ba47edd29849487f3590c3
distribution: 1
category: Payload installation
type: filename|sha256
value: AutoIt3_x64.exe|dda5b8663301697b6c32505a9a0272d00239efff75ccddd9cc85c1b36660bb52
distribution: 1
category: Payload installation
type: filename|sha512
value: AutoIt3_x64.exe|052ffcc7f334068419c7749655aaa071902da5bff28b8bb5deb44bea585401f7250653079108979fa7bc16f7711ebf19827fe0edc77c89d2aafc6537434a2c58
distribution: 1
category: Payload installation
type: filename|md5
value: SETUP08.exe|b7783c139ea5094ba3882ad6915d55d9
distribution: 1
category: Payload installation
type: filename|sha1
value: SETUP08.exe|cb4ea3abd9a33e56c8fdb8f3fdb591eed7f54372
distribution: 1
category: Payload installation
type: filename|sha256
value: SETUP08.exe|c2430af90556cf1731bd7ffd07372e9cf963e18148832a6a38d94f52cd77a012
distribution: 1
category: Payload installation
type: filename|sha512
value: SETUP08.exe|38926518b9f23667822bf8d1966a71f69fefdf394f9692d427924b22f3fb40ea4025c71c927f696bdc8065c5b19e3525e14808950fa0501ab2261dd064f502f7
distribution: 1
category: Payload installation
type: filename|md5
value: %WINDIR%\System32\DC++ Share\arh.exe|bd7ec04b3770888017664e353977bb0d
distribution: 1
category: Payload installation
type: filename|sha1
value: %WINDIR%\System32\DC++ Share\arh.exe|e65790b5ea502a43e402db3927fbe784618c9d9c
distribution: 1
category: Payload installation
type: filename|sha256
value: %WINDIR%\System32\DC++ Share\arh.exe|e90a9e55c81a6d7d03b7d5e25680e14deb56ec770586506f7638b04aa249d05c
distribution: 1
category: Payload installation
type: filename|sha512
value: %WINDIR%\System32\DC++ Share\arh.exe|a3cd080268cc37d97066c717ab5397d8f40761896fae58a560b8da8be38a7ce43e5c292091b90e322ea9241186760a5477d9b1e047f9f582f9504eeaf0d8b9e3
distribution: 1
category: Payload installation
type: filename|md5
value: %WINDIR%\System32\DC++ Share\32BitMAPIBroker.exe|506ea65a6d048952985560e433403483
distribution: 1
category: Payload installation
type: filename|sha1
value: %WINDIR%\System32\DC++ Share\32BitMAPIBroker.exe|cf499cd6f07a35c10183d47c9de0e8a9bfe11dd5
distribution: 1
category: Payload installation
type: filename|sha256
value: %WINDIR%\System32\DC++ Share\32BitMAPIBroker.exe|d14a39031c746c581e95443c2dd61b7dd86a2d940856c26a153481195b9bb72b
distribution: 1
category: Payload installation
type: filename|sha512
value: %WINDIR%\System32\DC++ Share\32BitMAPIBroker.exe|21a1d561c5ec5e7a114c5ebeffc04bcc7f31429ad679b44b707abd832c276367c30027a56b96e8f61257f7a8e48eab059e449e846d95a6109f7181e998bd3ac2
distribution: 1
category: Payload installation
type: filename|md5
value: AutoIt3.exe|8d1e01e496e367b35b515614b1c55966
distribution: 1
category: Payload installation
type: filename|sha1
value: AutoIt3.exe|55b9d8f3c060ffe157116bdb71f6206a90f2dabf
distribution: 1
category: Payload installation
type: filename|sha256
value: AutoIt3.exe|eaee427e2961015dd09f9eb915fb81c01b7bd0541bb7e36cc30b71f328609bfe
distribution: 1
category: Payload installation
type: filename|sha512
value: AutoIt3.exe|c29b62d4acab4287ee934aa0706a49d166cab8a10e6b0fc7719c77798193853d29c6ca76de02c17ecf6d1dfd1794cdcc92820139961bdc630124d2059830ee55
distribution: 1
category: Payload installation
type: filename|md5
value: SETUP03.exe|d4ecd9686c047cd75b5f7b8f703b72e7
distribution: 1
category: Payload installation
type: filename|sha1
value: SETUP03.exe|4d8fda52887ae1bafa743a834d3eec3714dace0d
distribution: 1
category: Payload installation
type: filename|sha256
value: SETUP03.exe|29aba3b705a4823126c7a044219503fb674399dcd47c700fb3bc76b30a4fe83c
distribution: 1
category: Payload installation
type: filename|sha512
value: SETUP03.exe|902745b70b256bab9ae726f35ffee9a38cc7ebc123fe688e899cd487f3f46cbcba7835e8908ee939b5123e197d3eb8768ca4f906a44fa52f602e4365cbb8d4a5
distribution: 1
category: Payload installation
type: filename|md5
value: SETUP11.exe|489137d44321e4e8a09fb2f16d284a64
distribution: 1
category: Payload installation
type: filename|sha1
value: SETUP11.exe|c6f4b933be69d921833d61cce499e77b0080e4da
distribution: 1
category: Payload installation
type: filename|sha256
value: SETUP11.exe|889cd4359af4587fe3ea2ee280e08e7f3fe3ef540205ac4270b56b480626c133
distribution: 1
category: Payload installation
type: filename|sha512
value: SETUP11.exe|510d1ce3033b6055188812e5f04af79ed0360f4e988820ca74e412015aef510a265d3f6acdca23ebdcb8493e3ad0539cb0ffcae0b8e780bd32f7a9c326f7c9e1
distribution: 1
category: Payload installation
type: filename|md5
value: SETUP07.exe|e910d9d13bb3de7921db8707d433f2e9
distribution: 1
category: Payload installation
type: filename|sha1
value: SETUP07.exe|d170764c5af8934a2dd39a6f429c4e94247967a6
distribution: 1
category: Payload installation
type: filename|sha256
value: SETUP07.exe|3a2c3a6ea312b4b5bcb6e7262ebfe855ad9b780b04b5d4526b341d3583710bd7
distribution: 1
category: Payload installation
type: filename|sha512
value: SETUP07.exe|7559e6302c522497682ee54f01b1199afdda2748ec4ee5514f1ef479a60784bc551ebd29a78bc00270c0bfa2154e5a1dbe287b4b5393f0fd8a50645076bfa72f
distribution: 1
category: Payload installation
type: filename|md5
value: %WINDIR%\System32\xdccPrograms\RdrCEF.exe|1d3ed9fa8bbea8eda6348e529b70a709
distribution: 1
category: Payload installation
type: filename|sha1
value: %WINDIR%\System32\xdccPrograms\RdrCEF.exe|4fff962b339f6eb57b0884f863241683f6dccae1
distribution: 1
category: Payload installation
type: filename|sha256
value: %WINDIR%\System32\xdccPrograms\RdrCEF.exe|2cbf147cb075f33382c01dab61241c3578c688c39a7fb5cd237a91d2ebe2557b
distribution: 1
category: Payload installation
type: filename|sha512
value: %WINDIR%\System32\xdccPrograms\RdrCEF.exe|0416254c52e5b7f427da2dc4f73d5c586170320d048e1211aef3101a2bea6216319881a2caf802e7a41de486008745451381cf99519eee8495144529c7ce1070
distribution: 1
category: Payload installation
type: filename|md5
value: %WINDIR%\System32\xdccPrograms\RdrServicesUpdater.exe|5d152bee4b8782c087a375239a933fa9
distribution: 1
category: Payload installation
type: filename|sha1
value: %WINDIR%\System32\xdccPrograms\RdrServicesUpdater.exe|84cb18f3e7827328605a9a87be80536742463a70
distribution: 1
category: Payload installation
type: filename|sha256
value: %WINDIR%\System32\xdccPrograms\RdrServicesUpdater.exe|0a3f8355880390548fa1f19b121af99b59efb3a9c6736acea5f024853c0da61f
distribution: 1
category: Payload installation
type: filename|sha512
value: %WINDIR%\System32\xdccPrograms\RdrServicesUpdater.exe|b6bfb3bc910c54d2e7cd2d783b70ef7f4dbd97cbf75fb501cbfbf0c5482aafa8ab1d2e76c427b27cde23f6e978ce8bd229fc7f4178427b6636aa13c14ec93828
distribution: 1
category: Payload installation
type: filename|md5
value: %WINDIR%\System32\xdccPrograms\AcroBroker.exe|98516f0eb8b464ff1a8a08cca8ad4c76
distribution: 1
category: Payload installation
type: filename|sha1
value: %WINDIR%\System32\xdccPrograms\AcroBroker.exe|797295a13822d9846ce08b73778576380a472ab8
distribution: 1
category: Payload installation
type: filename|sha256
value: %WINDIR%\System32\xdccPrograms\AcroBroker.exe|5029bb26a274de5dd3ea67ab5b5bbf7441599b08e6f0d3ae145d561dd4ab2b3f
distribution: 1
category: Payload installation
type: filename|sha512
value: %WINDIR%\System32\xdccPrograms\AcroBroker.exe|c7ce82ec00b45b80a556c00fd421807539bf3144755689adb2c25738b95f310a919b2d613f0ffd7e16899f0eae5ebbf292fb82047755f3245366c620aaadb7e9
distribution: 1
category: Payload installation
type: filename|md5
value: MyProg.exe|b6de39b29aaea8936a2e33fe27decccc
distribution: 1
category: Payload installation
type: filename|sha1
value: MyProg.exe|f69546f9511ba4a7e58a51cabf548ae03b2af2e5
distribution: 1
category: Payload installation
type: filename|sha256
value: MyProg.exe|eeebb212f83cef36b5ffdbdbf99fce8fe79739c34b78e1c6b35b339b5b87f0fb
distribution: 1
category: Payload installation
type: filename|sha512
value: MyProg.exe|1f07c6df9e7e94281d1af99c5df404d9e6a7cad2bdeed23b20b7b4041a17e37930ed23384087885f7139781e78484684794fcaf0849824e56b9085ed37b60c79
distribution: 1
category: Payload installation
type: filename|md5
value: %WINDIR%\System32\xdccPrograms\7zG.exe|cf984db16d21a622244e57ecac2f8f24
distribution: 1
category: Payload installation
type: filename|sha1
value: %WINDIR%\System32\xdccPrograms\7zG.exe|d49ad9600205071aadb35f66ab3083cb74e48686
distribution: 1
category: Payload installation
type: filename|sha256
value: %WINDIR%\System32\xdccPrograms\7zG.exe|e379f72fb9d000eef3209ab1bc60348bb7f10a5fb838f51b8a407bf78c731f3d
distribution: 1
category: Payload installation
type: filename|sha512
value: %WINDIR%\System32\xdccPrograms\7zG.exe|978d167008a7e3b8c983a100ddc80491d0eac9a5d2b9586cfb538beadd7a4c3c866f753149eedb20873251b6f2375c729f69594b24db61b3e91d6535431a8440
distribution: 1
category: Payload installation
type: filename|md5
value: %WINDIR%\System32\DC++ Share\LogTransport2.exe|cf984db16d21a622244e57ecac2f8f24
distribution: 1
category: Payload installation
type: filename|sha1
value: %WINDIR%\System32\DC++ Share\LogTransport2.exe|d49ad9600205071aadb35f66ab3083cb74e48686
distribution: 1
category: Payload installation
type: filename|sha256
value: %WINDIR%\System32\DC++ Share\LogTransport2.exe|e379f72fb9d000eef3209ab1bc60348bb7f10a5fb838f51b8a407bf78c731f3d
distribution: 1
category: Payload installation
type: filename|sha512
value: %WINDIR%\System32\DC++ Share\LogTransport2.exe|978d167008a7e3b8c983a100ddc80491d0eac9a5d2b9586cfb538beadd7a4c3c866f753149eedb20873251b6f2375c729f69594b24db61b3e91d6535431a8440
distribution: 1
category: Payload installation
type: filename|md5
value: %WINDIR%\System32\sIRC4.exe|cf984db16d21a622244e57ecac2f8f24
distribution: 1
category: Payload installation
type: filename|sha1
value: %WINDIR%\System32\sIRC4.exe|d49ad9600205071aadb35f66ab3083cb74e48686
distribution: 1
category: Payload installation
type: filename|sha256
value: %WINDIR%\System32\sIRC4.exe|e379f72fb9d000eef3209ab1bc60348bb7f10a5fb838f51b8a407bf78c731f3d
distribution: 1
category: Payload installation
type: filename|sha512
value: %WINDIR%\System32\sIRC4.exe|978d167008a7e3b8c983a100ddc80491d0eac9a5d2b9586cfb538beadd7a4c3c866f753149eedb20873251b6f2375c729f69594b24db61b3e91d6535431a8440
distribution: 1
category: Payload installation
type: filename|md5
value: airappinstaller.exe|189451851d7cb5cf6c0514ebd9a81e9f
distribution: 1
category: Payload installation
type: filename|sha1
value: airappinstaller.exe|d699d903ff6dadabae61140634bccb9b997f7b22
distribution: 1
category: Payload installation
type: filename|sha256
value: airappinstaller.exe|3b77b27413c4940c31a4e5ea16da3524e63dc4835ba32210728efa64925f02fe
distribution: 1
category: Payload installation
type: filename|sha512
value: airappinstaller.exe|954129b040ebe606b6779c460653d7d6509a667875aebaf161398fc795771931a537ef03ce2e8c71014ee7d68a8710e0f3ffdbf4736f748c9c02c0f34efcccb1
distribution: 1
category: Payload installation
type: filename|md5
value: Aut2exe.exe|2b57e959ed2f68c9acc50cd235bde2e4
distribution: 1
category: Payload installation
type: filename|sha1
value: Aut2exe.exe|47e066aa060f9fd566219893d797358b9b94e3b6
distribution: 1
category: Payload installation
type: filename|sha256
value: Aut2exe.exe|e9998b051db802d39f2cb51449450c53955999fd08c9728da7edf66b27c7355b
distribution: 1
category: Payload installation
type: filename|sha512
value: Aut2exe.exe|2cc5c9b93b94f5c0ea7770e4d804c05fd810b93a7b8e88f5ad6acf884837d2bce8ca9ea8ffbab2ecc8f182f4ec25dd1c86145f169344d5dd278a439208b88742
distribution: 1
category: Payload installation
type: filename|md5
value: %WINDIR%\System32\DC++ Share\reader_sl.exe|8e0145d39239db54adbffb17d291a205
distribution: 1
category: Payload installation
type: filename|sha1
value: %WINDIR%\System32\DC++ Share\reader_sl.exe|ea8690068049f71c55d6e922046404001dcc7e61
distribution: 1
category: Payload installation
type: filename|sha256
value: %WINDIR%\System32\DC++ Share\reader_sl.exe|72660e5d734a5a6d322508c61e15fde2033e3890a1f3cfff8f85104bbb6948d8
distribution: 1
category: Payload installation
type: filename|sha512
value: %WINDIR%\System32\DC++ Share\reader_sl.exe|40d7e135a4862396d1699233bd6d93b92cf38120146f14bf32000f09f587cdb3a0004a7dfbcfb91a992501079ee924f0b4cf864e929e4d26c0b4c70f83b7e367
distribution: 1
category: Payload installation
type: filename|md5
value: SETUP12.exe|c9807b373a5c9c0c3a9f891692885bbb
distribution: 1
category: Payload installation
type: filename|sha1
value: SETUP12.exe|8383aab54b85e38363d62d8ed634c7480bae7b83
distribution: 1
category: Payload installation
type: filename|sha256
value: SETUP12.exe|089c7fd06155d25a9eda87fe7fc6bd051cd82e0d8895253cddb94129619b71ce
distribution: 1
category: Payload installation
type: filename|sha512
value: SETUP12.exe|d930819efb0e5f5f9e24ec0378f48d59f1c87fddee00c1de0d614d762be230d9c44957548d55dfa09ffd7604c559a855feb3827b94b18bd4c185fc8ba8dfe505
distribution: 1
category: Payload installation
type: filename|md5
value: Au3Check.exe|576ab8f0fdcb799c2d3bf475beb4897f
distribution: 1
category: Payload installation
type: filename|sha1
value: Au3Check.exe|6e46980a529d7e13222822ff6b5829c226ab85a0
distribution: 1
category: Payload installation
type: filename|sha256
value: Au3Check.exe|6cef8dd295e16b93d209e2e4972df8ddb16600c7763aca4868b473e30b0bd07d
distribution: 1
category: Payload installation
type: filename|sha512
value: Au3Check.exe|499bd7e5bf99e1f5b5367ed92d4825716c1504e1f6dbce75fa564241858348af2230c3f9bc5eb0b56c4cfaa05a32388d0b463189a985731dcb3e3d38d13f0804
distribution: 1
category: Payload installation
type: filename|md5
value: %WINDIR%\System32\xdccPrograms\autoexec.exe|0b7a57064381eff93af0e71dcadb6d06
distribution: 1
category: Payload installation
type: filename|sha1
value: %WINDIR%\System32\xdccPrograms\autoexec.exe|a209a24ee119c4ce7d1f0402494c801bcd2d7148
distribution: 1
category: Payload installation
type: filename|sha256
value: %WINDIR%\System32\xdccPrograms\autoexec.exe|c0b83202951a6032009f9b27b546444c32765793932fbfdd260c0e4b2d4716e6
distribution: 1
category: Payload installation
type: filename|sha512
value: %WINDIR%\System32\xdccPrograms\autoexec.exe|92c31995fd4ce2d53a10e933e7db70c5c4dbf8e0dcd65926cac61b37594f2742f2b6802e7bfb0dd3c1e6aafab4419f5a29868b2cbcd42e345afb36f12884907c
distribution: 1
category: Payload installation
type: filename|md5
value: SETUP10.exe|78e93466da089865d76d1b1a17a7d9b9
distribution: 1
category: Payload installation
type: filename|sha1
value: SETUP10.exe|7b441f082c7a5777ebad63ceda798b9234e427f0
distribution: 1
category: Payload installation
type: filename|sha256
value: SETUP10.exe|65f753c62d7260c6977395987488b1b84c1418b3951fc5ae642baefbe1412a89
distribution: 1
category: Payload installation
type: filename|sha512
value: SETUP10.exe|e78b2f686b17ebb8591256f4be992f1dc2af60b173939dc27f6b963dc21b6ec5363a4d1ad298415936c6c22edb7462e9b5bc7fffe543d9fb25c6b08b7785ec30
distribution: 1
category: Payload installation
type: filename|md5
value: upx.exe|3bea0005fbda4ba51c41470f3993e548
distribution: 1
category: Payload installation
type: filename|sha1
value: upx.exe|9688396b6724db472bd1cee5f9ea033e09fce135
distribution: 1
category: Payload installation
type: filename|sha256
value: upx.exe|92b86280de1fd4d4dea4ff5f4099fe69c7fffc5ab468f8806ef660c90bae5bce
distribution: 1
category: Payload installation
type: filename|sha512
value: upx.exe|d420604f771e33f24ece9f2f1e55aa7503225b3707f466a666e2ea7e938efc5e08c7f5e26d980e6f4e23fe3a734b9364fc93f7e539c2d327de9ac3ad571f463d
distribution: 1
category: Payload installation
type: filename|md5
value: %WINDIR%\System32\DC++ Share\WCChromeNativeMessagingHost.exe|f87c92c5bc6578e2227a60b6530b6c65
distribution: 1
category: Payload installation
type: filename|sha1
value: %WINDIR%\System32\DC++ Share\WCChromeNativeMessagingHost.exe|29a2ba13edf0318daee321f17b6f561f8ca83c6e
distribution: 1
category: Payload installation
type: filename|sha256
value: %WINDIR%\System32\DC++ Share\WCChromeNativeMessagingHost.exe|4dc0a2704fe9bdade6d320839897bd2a0a74e49b56da707616b5c83673d88dcb
distribution: 1
category: Payload installation
type: filename|sha512
value: %WINDIR%\System32\DC++ Share\WCChromeNativeMessagingHost.exe|2715fc2ef67aab2ff80e78f52204ef0f291d1cb5d425a9cce3445c266c8d916e3566f2a4b7cae1ac83fc78c3994f2ff84f48dca287c6ad5acb771c197015199a
distribution: 1
category: Payload installation
type: filename|md5
value: Au3Info.exe|f69377b3296943062ca8be1c04cf736d
distribution: 1
category: Payload installation
type: filename|sha1
value: Au3Info.exe|69d66b250cf085bdc0a0b2adfc391c31ba907519
distribution: 1
category: Payload installation
type: filename|sha256
value: Au3Info.exe|4689ddc18710489ccf7efa1b43b04920c58dd400fc80765ca812d4a6734076f4
distribution: 1
category: Payload installation
type: filename|sha512
value: Au3Info.exe|710607035c85ec53c7701705f6d905ff9ad0602c1e6a5c8dacadef80c68a5c6b3fdebddfcf4de2011493b48a063bf784f8e80e9d2992d292c295f0bde4110fe2
distribution: 1
category: Payload installation
type: filename|md5
value: %WINDIR%\System32\DC++ Share\AcroRd32.exe|913fd4b862ef8bb3e963158fddd1af1b
distribution: 1
category: Payload installation
type: filename|sha1
value: %WINDIR%\System32\DC++ Share\AcroRd32.exe|badc62bd61bfa10317a941824e29376dbaec06ae
distribution: 1
category: Payload installation
type: filename|sha256
value: %WINDIR%\System32\DC++ Share\AcroRd32.exe|697b2c8cd32f80729bac7e7e135ca5fd1c33fb72e0213aac41a23c2e57c95a0a
distribution: 1
category: Payload installation
type: filename|sha512
value: %WINDIR%\System32\DC++ Share\AcroRd32.exe|31e76962947171a9d5e1902a19e8423fcc467544f3670207557678c09cca0e26fa58daa8f5fb4c52ad7a749bcff806eb907b7c0e02b430d79125e47bbfc43e58
distribution: 1
category: Payload installation
type: filename|md5
value: RCXD8F0.tmp|c626d9448d0d28d35d7f117eed0b164b
distribution: 1
category: Payload installation
type: filename|sha1
value: RCXD8F0.tmp|68e6420521b5f92fdf77d18286b882b9f9556305
distribution: 1
category: Payload installation
type: filename|sha256
value: RCXD8F0.tmp|860c44d8b8308fe046841b84c277cbd6709249ef13eb38a2a003dbd3aeae36ec
distribution: 1
category: Payload installation
type: filename|sha512
value: RCXD8F0.tmp|811829fd822e213b61928d1971d4ea4295b57d9e3dad0a5eb95ee8999efedcc133f62b62927d38e6773614447662df7a7f0b0a325d14c477f937a9ce3f83a9fc
distribution: 1
category: Payload installation
type: filename|md5
value: RCXE287.tmp|41396e8b0825a4fe7f1167c48c2c0b74
distribution: 1
category: Payload installation
type: filename|sha1
value: RCXE287.tmp|e37e299ecfb39270865fd610e46be20f3b0438d5
distribution: 1
category: Payload installation
type: filename|sha256
value: RCXE287.tmp|c76900d8312d406c315480bd870b4a6a1cf79b09d23d789a8a8c518dc769abba
distribution: 1
category: Payload installation
type: filename|sha512
value: RCXE287.tmp|16d636eb32134d0e232e424ba6d16241dcb65d1324883d87f17922013666e3c8fbf2b77f4f8e6d2bfca03ce59c8cbda1daf5d37c5605305a40369bb91b6cd981
distribution: 1
category: Payload installation
type: filename|md5
value: RCXD717.tmp|60fb744e75821d649455cb58caa1d664
distribution: 1
category: Payload installation
type: filename|sha1
value: RCXD717.tmp|cd9a87a8fccb83091c3e53196775a66397dea2da
distribution: 1
category: Payload installation
type: filename|sha256
value: RCXD717.tmp|228db4cce4f750bfd776162312aecb78b8ce4551f2cb34e90857934e7866bf2f
distribution: 1
category: Payload installation
type: filename|sha512
value: RCXD717.tmp|67b135d0d38fbcc54f7165491c8d57b361f3818cfda0eb7ca78fff89a4230c34c56effeeadf6a9bea613fbdfa5ba71c12f45cf90e0bc073df05b2211b403f4e8
distribution: 1
category: Payload installation
type: filename|md5
value: RCXD776.tmp|af91418fdf2e7f17a78e24f2d5970b58
distribution: 1
category: Payload installation
type: filename|sha1
value: RCXD776.tmp|8acb5745afc07bb7d9ecb0f0cceacb7fcb4cc4ff
distribution: 1
category: Payload installation
type: filename|sha256
value: RCXD776.tmp|f99a1b95e4d395d00987b4b38bfd1a4f29334076d181a61da0129dabaf0d9876
distribution: 1
category: Payload installation
type: filename|sha512
value: RCXD776.tmp|19e515ae7803f29fb59fb281799b564c195fec4277a5c5f30cf9465bd6d8c1ff01ff18faffc62118b84a93d7f989da7d02683586fbb252714cbaeaf5eb55475a
distribution: 1
category: Payload installation
type: filename|md5
value: RCXD94F.tmp|41396e8b0825a4fe7f1167c48c2c0b74
distribution: 1
category: Payload installation
type: filename|sha1
value: RCXD94F.tmp|e37e299ecfb39270865fd610e46be20f3b0438d5
distribution: 1
category: Payload installation
type: filename|sha256
value: RCXD94F.tmp|c76900d8312d406c315480bd870b4a6a1cf79b09d23d789a8a8c518dc769abba
distribution: 1
category: Payload installation
type: filename|sha512
value: RCXD94F.tmp|16d636eb32134d0e232e424ba6d16241dcb65d1324883d87f17922013666e3c8fbf2b77f4f8e6d2bfca03ce59c8cbda1daf5d37c5605305a40369bb91b6cd981
distribution: 1
category: Payload installation
type: filename|md5
value: RCXBB02.tmp|8f00d23bfbdf608cb0e0c651335f69e7
distribution: 1
category: Payload installation
type: filename|sha1
value: RCXBB02.tmp|0b3c2dfd3e970944868dd2083f4533f655b583c4
distribution: 1
category: Payload installation
type: filename|sha256
value: RCXBB02.tmp|707fec2809284080bebe3619ffd06f9973e29d4d4cd2454d9cac51fc947afc81
distribution: 1
category: Payload installation
type: filename|sha512
value: RCXBB02.tmp|dc564b74c3444d24377850062d1bbac34149d0d0bf678d4c3776a5df51aeec488c298b618c51d3669e45c7fabf39232fda9ab36bdf8c63de23e90181a3f2eeca
distribution: 1
category: Payload installation
type: filename|md5
value: RCXD7F4.tmp|fc18638c106e6827e9938ed39d7fe3a6
distribution: 1
category: Payload installation
type: filename|sha1
value: RCXD7F4.tmp|148fe79fd4c54f594094599cc29aff79ce855f09
distribution: 1
category: Payload installation
type: filename|sha256
value: RCXD7F4.tmp|e3ec3971ea0516039d91102944f0b414d3ec18904365e4bf05bfa803a52aa144
distribution: 1
category: Payload installation
type: filename|sha512
value: RCXD7F4.tmp|1b831d633aeecbb3a23faab5c42ae81c2f50fd79fa110e992d5f1bf9afdad000a891831fd41ba5daa5855e868315240368b7039fe48bd5f0ad9a0227fd62cc4e
distribution: 1
category: Payload installation
type: filename|md5
value: RCXD503.tmp|603de6127f4e1f0aa71ff8c8a18af600
distribution: 1
category: Payload installation
type: filename|sha1
value: RCXD503.tmp|9ba792e3ef065c96c3994a8e76fc725fdefd06e6
distribution: 1
category: Payload installation
type: filename|sha256
value: RCXD503.tmp|62d3bcd15176d68b48455ef78c70d49f06a3782f00bca82ba059212429a2d9a3
distribution: 1
category: Payload installation
type: filename|sha512
value: RCXD503.tmp|46d5fd7ad6d32ca0639aef580eb31b8c159c73b9e96205ea56cc82ef21b1d897509fd67258083e74cdb925970f81c77ce9ea3c5f3aa15c6019698581b8b1ad2d
distribution: 1
category: Payload installation
type: filename|md5
value: RCXD824.tmp|8e64bddd671750ffc86844dc6ca29cce
distribution: 1
category: Payload installation
type: filename|sha1
value: RCXD824.tmp|0307dd5b45efac8031ba23959eef59be42b7e8ee
distribution: 1
category: Payload installation
type: filename|sha256
value: RCXD824.tmp|1f5af12a5f191336ff16b8d239acd0f79fb7c884991ea80e7f2e8d2d9da265d8
distribution: 1
category: Payload installation
type: filename|sha512
value: RCXD824.tmp|18d1c33b902de9db685c7ddcb4c85c8b6ce1360533edcba8dda4548ed1d6e9a6f64e0975700419b2b82850f7d4b588fbd80e4a368d8fc48674181e1e4d596bbd
distribution: 1
category: Payload installation
type: filename|md5
value: RCXE799.tmp|61c81f26eec58e13bf5547ed4401cde7
distribution: 1
category: Payload installation
type: filename|sha1
value: RCXE799.tmp|87f77cf7c5a21f3a5ce064f300b4918737a9bf71
distribution: 1
category: Payload installation
type: filename|sha256
value: RCXE799.tmp|0ea936b7eaeab0eec71f83fa481cda655bf70640c4f3efb06c06f7c93d07a22b
distribution: 1
category: Payload installation
type: filename|sha512
value: RCXE799.tmp|69af40171d82089273720ec0c0edcfdeb0aed41be3b65da97cef3fab8f90ef311713bb2c5cf7287ef887172e23eb6afc15a3e72fc393689e8880c6eb89a9a247
distribution: 1
category: Payload installation
type: filename|md5
value: C:\marijuana.txt|c0214c7723fe7bde6bc2834742bcc506
distribution: 1
category: Payload installation
type: filename|sha1
value: C:\marijuana.txt|f3d8e78975bf169fc1ed3ae95ad41d84ff6a36c3
distribution: 1
category: Payload installation
type: filename|sha256
value: C:\marijuana.txt|a1e88659a4ad4f4fd55f246ab076dee048881fcac3ea8a300e2fe8cdffd88b73
distribution: 1
category: Payload installation
type: filename|sha512
value: C:\marijuana.txt|669cb6d3e10327d63f36d28187771bd30cf6fcdc7faa21b336c001a224b7ed4fbeabf426cf8fa7a1c18918ef88cf800232cf9c0ad6c0c776bf9042dafc3c0347
distribution: 1
category: Artifacts dropped
type: yara
value: C:\marijuana.txtsIRC4
distribution: 1
category: Artifacts dropped
type: yara
value: C:\marijuana.txtsIRC4
distribution: 1