Overview
overview
10Static
static
3net6.0-windows.zip
windows10-2004-x64
10assets/fon...ug.zip
windows10-2004-x64
1assets/fonts/kust.ttf
windows10-2004-x64
7assets/fon...11.txt
windows10-2004-x64
1assets/fon...ks.ttf
windows10-2004-x64
7assets/fon...ot.otf
windows10-2004-x64
7assets/fon...85.ttf
windows10-2004-x64
7assets/fon...la.txt
windows10-2004-x64
1assets/mod...ra.mdl
windows10-2004-x64
3assets/mod...r.json
windows10-2004-x64
3assets/mod...t.json
windows10-2004-x64
3assets/mod...r.json
windows10-2004-x64
3assets/mod...r.json
windows10-2004-x64
3assets/mod...r.json
windows10-2004-x64
3assets/mod...t.json
windows10-2004-x64
3mfccpu.dll
windows10-2004-x64
1picker.dll
windows10-2004-x64
1ref/MagicO...r1.exe
windows10-2004-x64
1releases.exe
windows10-2004-x64
10skin/Color...er.png
windows10-2004-x64
3skin/Color...al.png
windows10-2004-x64
3skin/Color...er.png
windows10-2004-x64
3skin/Color...al.png
windows10-2004-x64
3skin/color...er.png
windows10-2004-x64
3skin/color...al.png
windows10-2004-x64
3skin/color...mbs.db
windows10-2004-x64
3skin/color...er.png
windows10-2004-x64
3skin/color...al.png
windows10-2004-x64
3skin/color...mbs.db
windows10-2004-x64
3skin/color...er.png
windows10-2004-x64
3skin/color...al.png
windows10-2004-x64
3yccV3.dll
windows10-2004-x64
8General
-
Target
net6.0-windows.zip
-
Size
46.3MB
-
Sample
240629-h2chqataqa
-
MD5
03f3b30a76ca86d2143e4640ab1adf09
-
SHA1
0c0b6e30e005617b478e664fe39c69510d334f4a
-
SHA256
c275fa76cd231b14bc455b8bca71054349e900cdd4708bd5aa5f5d83880f27e1
-
SHA512
9abe9fc81c6509c283f77d67db56c43d203419068fabfcf1557c4290166314d6adcf22865c5ca7228118badcd270509a6538458984107e9d21241b46725959fc
-
SSDEEP
786432:/VxVOki1pSRqDOjYPrhLzA1YhYjvallh2BUNdBGIhcQ46oP0SexXZCqBM:tOki1/FNwMYjSnlViQNoMSerCqa
Static task
static1
Behavioral task
behavioral1
Sample
net6.0-windows.zip
Resource
win10v2004-20240508-en
Behavioral task
behavioral2
Sample
assets/fonts/ac3plug/ac3plug.zip
Resource
win10v2004-20240611-en
Behavioral task
behavioral3
Sample
assets/fonts/kust.ttf
Resource
win10v2004-20240611-en
Behavioral task
behavioral4
Sample
assets/fonts/monof_tt-be11.txt
Resource
win10v2004-20240226-en
Behavioral task
behavioral5
Sample
assets/fonts/opensticks.ttf
Resource
win10v2004-20240508-en
Behavioral task
behavioral6
Sample
assets/fonts/spincycle_3d_ot.otf
Resource
win10v2004-20240611-en
Behavioral task
behavioral7
Sample
assets/fonts/summer85.ttf
Resource
win10v2004-20240611-en
Behavioral task
behavioral8
Sample
assets/fonts/twemojimozilla.txt
Resource
win10v2004-20240508-en
Behavioral task
behavioral9
Sample
assets/models/editor/camera/camera.mdl
Resource
win10v2004-20240611-en
Behavioral task
behavioral10
Sample
assets/models/util/composelayer.json
Resource
win10v2004-20240508-en
Behavioral task
behavioral11
Sample
assets/models/util/composelayer_depthtest.json
Resource
win10v2004-20240508-en
Behavioral task
behavioral12
Sample
assets/models/util/fullscreenlayer.json
Resource
win10v2004-20240611-en
Behavioral task
behavioral13
Sample
assets/models/util/projectlayer.json
Resource
win10v2004-20240611-en
Behavioral task
behavioral14
Sample
assets/models/util/solidlayer.json
Resource
win10v2004-20240611-en
Behavioral task
behavioral15
Sample
assets/models/util/solidlayer_depthtest.json
Resource
win10v2004-20240508-en
Behavioral task
behavioral16
Sample
mfccpu.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral17
Sample
picker.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral18
Sample
ref/MagicOrbwalker1.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral19
Sample
releases.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral20
Sample
skin/Color3/sz0/App_Hover.png
Resource
win10v2004-20240508-en
Behavioral task
behavioral21
Sample
skin/Color3/sz0/App_Normal.png
Resource
win10v2004-20240611-en
Behavioral task
behavioral22
Sample
skin/Color3/sz1/App_Hover.png
Resource
win10v2004-20240611-en
Behavioral task
behavioral23
Sample
skin/Color3/sz1/App_Normal.png
Resource
win10v2004-20240611-en
Behavioral task
behavioral24
Sample
skin/color0/sz0/App_Hover.png
Resource
win10v2004-20240611-en
Behavioral task
behavioral25
Sample
skin/color0/sz0/App_Normal.png
Resource
win10v2004-20240611-en
Behavioral task
behavioral26
Sample
skin/color0/sz0/Thumbs.db
Resource
win10v2004-20240508-en
Behavioral task
behavioral27
Sample
skin/color0/sz1/App_Hover.png
Resource
win10v2004-20240508-en
Behavioral task
behavioral28
Sample
skin/color0/sz1/App_Normal.png
Resource
win10v2004-20240508-en
Behavioral task
behavioral29
Sample
skin/color0/sz1/Thumbs.db
Resource
win10v2004-20240508-en
Behavioral task
behavioral30
Sample
skin/color1/sz0/App_Hover.png
Resource
win10v2004-20240226-en
Behavioral task
behavioral31
Sample
skin/color1/sz0/App_Normal.png
Resource
win10v2004-20240611-en
Behavioral task
behavioral32
Sample
yccV3.dll
Resource
win10v2004-20240508-en
Malware Config
Extracted
redline
@nmrzv88
94.228.166.68:80
Targets
-
-
Target
net6.0-windows.zip
-
Size
46.3MB
-
MD5
03f3b30a76ca86d2143e4640ab1adf09
-
SHA1
0c0b6e30e005617b478e664fe39c69510d334f4a
-
SHA256
c275fa76cd231b14bc455b8bca71054349e900cdd4708bd5aa5f5d83880f27e1
-
SHA512
9abe9fc81c6509c283f77d67db56c43d203419068fabfcf1557c4290166314d6adcf22865c5ca7228118badcd270509a6538458984107e9d21241b46725959fc
-
SSDEEP
786432:/VxVOki1pSRqDOjYPrhLzA1YhYjvallh2BUNdBGIhcQ46oP0SexXZCqBM:tOki1/FNwMYjSnlViQNoMSerCqa
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-
-
-
Target
assets/fonts/ac3plug/ac3plug.zip
-
Size
22B
-
MD5
76cdb2bad9582d23c1f6f4d868218d6c
-
SHA1
b04f3ee8f5e43fa3b162981b50bb72fe1acabb33
-
SHA256
8739c76e681f900923b900c9df0ef75cf421d39cabb54650c4b9ad19b6a76d85
-
SHA512
5e2f959f36b66df0580a94f384c5fc1ceeec4b2a3925f062d7b68f21758b86581ac2adcfdde73a171a28496e758ef1b23ca4951c05455cdae9357cc3b5a5825f
Score1/10 -
-
-
Target
assets/fonts/kust.ttf
-
Size
121KB
-
MD5
c5f051bb1fd55b929d98513d4d70d5d1
-
SHA1
c3b451906a76e2ddd90ac3795f4530275571443a
-
SHA256
98e3e3580fee8d7fa6d624ec95a255d1053ebd0ad23029fe77512a714e2653e1
-
SHA512
7a12f7c6d684d1b238ec30c9070e7596da39d6305432d6852afda8fc4801aa0a4b50c0f639affabc9eff37961998fe93a7a38da1851da501a4cb950df98596f5
-
SSDEEP
1536:5pNUfoqLk2ByKAF09k5G9pOlRWspOlRWiLk2ByKAF09k5GhyALEr/pc9w:mAqLk25KoLKRXKRVLk25KoFcaW
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
assets/fonts/monof_tt-be11.txt
-
Size
940B
-
MD5
be11a340cfdb7b60dfcf69e877266fc0
-
SHA1
906c804f4ccc1e4cc70008e272ffa36003c868af
-
SHA256
7bed9d8c12d073d6666427387b53fa27250031a04ae8087fbc36073830f27bfb
-
SHA512
5b793ded1a3325bcbd5083aa8f9688495efa63c317ad74019b8c60881f404f66d0ce9a60c59de251ceee169a8181684cd0d3ad1cb2c82b51573de94d28dfde28
Score1/10 -
-
-
Target
assets/fonts/opensticks.ttf
-
Size
246KB
-
MD5
d308c02f40e415178c037589ddb6e22c
-
SHA1
573710fbc8a44b84c4946e688d4979c31a0b627d
-
SHA256
e54b868c5171587d1905942d9fdc16453178717e27e53e14959de2ee251ee277
-
SHA512
a0d9c5928cf70a6c954b40efd7198d9887285645664c2567a51db4490bfac1e1efb3c0a043b23062f85ce21646772393dcb115f2d23e33173803a55fb2459ade
-
SSDEEP
3072:NUh/PxSRcHX8idGIOl8U4VUgRGhp+7gbOl8U4VUgRGhpc:QIRc3Yl8U6nbl8U6p
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
assets/fonts/spincycle_3d_ot.otf
-
Size
43KB
-
MD5
6d39015d8d8f82e2cbcffcafb6d7012d
-
SHA1
53ef85db53c2de6bbcd0b7f08df97c36ce0b61a9
-
SHA256
41a1e603f5befa0bb2d5c657a8858d8c9368bbb65d09c756bcaa49c2afcd48c8
-
SHA512
d946bc1181f1bc852f50cf80cd9c845ef31e074b217533b38aea47bd69b725b8f54ef35521bf6681c58220dfe0ff75ccd5a847bb86eb23b7aef393f5524bb157
-
SSDEEP
768:gXgl3AsWXwqr/3yekwLdZ80Rkp9NoJZ6fIIIIIO1vllHgjiKkvonYLzeS7slKjY7:gw3Agqr/3yeXdZ8jpT8YPejmYYRoBVko
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
assets/fonts/summer85.ttf
-
Size
62KB
-
MD5
2b51a821fae16b9b098ef3d0f57c572c
-
SHA1
f749a1d65bf3435bb865c00f058f6901e0cee710
-
SHA256
d1372b2549345f76cd5660679c2b805d20ad202c2ed33116470909a9437a2663
-
SHA512
de369ea9aeb9411c750ff9cf62ffccfae0595135155263de2087d1ac14a90b17ce41a0bfc3d6da8b5b71b53b162d1cb3da0c8b66f3ef7991e26f73550774d1fb
-
SSDEEP
1536:+KrD95MKqFIiRcf/4xctDa1EuRe77thEJBZz6:+Kb3f/VRa1pD8
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
assets/fonts/twemojimozilla.txt
-
Size
83B
-
MD5
c7fbff22d96600cd82e4f15010961bdd
-
SHA1
017c343816afc46653e9f6c6382bd1970065c46b
-
SHA256
81068ac107f049d215154e60adc57fd8501c45b6c68213c308b86127f768fa56
-
SHA512
e172624c35ae34b2f9149c0de5676d68418f0a637473b0efda80dea0e1765ab6137626f8c7c68ae25e62855e5b2167a38096629c96963f4ed6615bde39805d6d
Score1/10 -
-
-
Target
assets/models/editor/camera/camera.mdl
-
Size
35KB
-
MD5
7b6b04d824848b4e721727b996d13490
-
SHA1
6119921f3b315b882ba2bfff0d9547636bac77e3
-
SHA256
fe23dea9add22aca27e63f9f51726b283bf287cf7fd79925638a5849aafa0e91
-
SHA512
253417c14a9b88fbfb2e2e4fc9944d9739165ac219f746a852538929e561c2b7c9c52b23e86d43177c1ea6768b4fd6f40ad5c2f50257c0e7b69e64cd75fe883d
-
SSDEEP
768:CR4SvEHeWLFcth2BAaFaSDNla/1ZABMxg4fM+wbxIzk2Z:NHeCFcmq2aSDe8Bt4fcSY2Z
Score3/10 -
-
-
Target
assets/models/util/composelayer.json
-
Size
78B
-
MD5
96ce279f1d5424f5ba5e5380d7bfdcbc
-
SHA1
8160a9cf2e32314302e71daab486d8e00d0c4952
-
SHA256
46873426756c1d50aa41cf7241f9a37a3d1277597c13c6afbe943c1d721c3854
-
SHA512
438bd71f59a7a73a772ebff8367dd9e8452de44adb6fdc57f397c26660b57a38da4719cbd653c1d71c04c8ca61a32692f7952b29ce02246df88e609c03246c52
Score3/10 -
-
-
Target
assets/models/util/composelayer_depthtest.json
-
Size
88B
-
MD5
28a449eed1c020fb78712151e8aba8ac
-
SHA1
fd7b9b1b875cc6f23b1d40162121ceaabb54f9ef
-
SHA256
2e4c9a0d4aa4e4216103a2401910cc295774efd9d1cf196abe0411d95136c789
-
SHA512
1e53d87e29e489e4ee2da16409ee2593689a04e3793b8fc851a62d733b10dc15c720af51524d0e602ebb3419be4c43ad48c9400886ec47f38007023d51cc4e52
Score3/10 -
-
-
Target
assets/models/util/fullscreenlayer.json
-
Size
104B
-
MD5
8c2855e6b43a2e6290a79031665eda1e
-
SHA1
bd1f732b4bd1be8a0b3d4ecdab310077a4c83cb2
-
SHA256
4be60e2bbbe476a841cd3fddd9b0b1227e8604da6ba5fc99138f575c45730354
-
SHA512
97e0217ce9b9512510240ac34b0535585e201091c4f1411f18d47817d2e660068cfbe6188604f90f024e6df157af592cf812c9a09005dbafccfcbe6a80431a78
Score3/10 -
-
-
Target
assets/models/util/projectlayer.json
-
Size
124B
-
MD5
d6300e8f9f05b97b3b2c7ae761c2eec0
-
SHA1
1032f6d97d87e18caf26ffc5cb8ea0037a2f8f0d
-
SHA256
6aa7bb15369be0ff0454a96c50dcf4f676bfec95a0886233e80d5af53c46f666
-
SHA512
e1f35bd181ae90301ecf917b771eeb5603cf37710f595fe3071cce8b104fea7a99715099e4c24a0d68f3bf0eba32ae8cac54764262a4e3ecb92784b8b5810b69
Score3/10 -
-
-
Target
assets/models/util/solidlayer.json
-
Size
75B
-
MD5
fafef00e7e3b4f98ef01c13892c90edd
-
SHA1
da60859344bb6d3941883c9ca09ddeff3d0e821d
-
SHA256
a39818343c99fbff21b3a21b962871618c63c0a9257cf944dc09d20d54e3f5ea
-
SHA512
3ec9a6c47e81740a051d00387549f924cf975ba83793e63317a2dcd54058668f861521b872bd80903749289944de67e20059eb5329e7a72c6b4025aeeee609e3
Score3/10 -
-
-
Target
assets/models/util/solidlayer_depthtest.json
-
Size
85B
-
MD5
97ab3eab501dd57d08c925912f578720
-
SHA1
c44d398f1219c1c217c25378672cd886e4acb7e3
-
SHA256
db4f9c28b74b2aa076abab787302bd023e5979fbf3ec19d70f432c7a2fab38a1
-
SHA512
b42b33d91e2e1867644db9bdd54fed6b15568280c79f2cda1cd599b10d781c2e76c0ab8389630b093ad2923fb7bf806c3a6e6c9ecd39f1c9e024e5ef5ad032d8
Score3/10 -
-
-
Target
mfccpu.dll
-
Size
1.9MB
-
MD5
757f2348b8595b7d3ab7b1d5c7bad1e6
-
SHA1
9366ccaace2df7b4f106c6ca07a3eeb598cc6238
-
SHA256
524e0e13def0d43f4e2bd6fb87cc08473b2fd714d4e02b8467c6b5ebecd0e42f
-
SHA512
d885c33ffafae0795567dd68c2aaaf472cfbed80165863b0746d2d559258e90e76aa8dfe98de09c8819160b96c7110287bb9cb11fe2cef8f02a7408e3b915f73
-
SSDEEP
49152:2KzyRJbS5uuw7qv+WGTG0ut5uCK0JYxPWMJu+BvQncHszZ+x:2K+RJbSwuoqv5ud06F/uqvQncH
Score1/10 -
-
-
Target
picker.dll
-
Size
390KB
-
MD5
29880f0732bbad2c4645198c10c31b4c
-
SHA1
36dcf0b2b2e78ba327130cc5d0465a8e085aa2e2
-
SHA256
31978ad9ebbf270657d2443a57d9ad28b5fc7b107a9b626548fead80cd55c54e
-
SHA512
b00f4d4cd0e116cd9862399f053d01311b3a8f7422dfbc197c66d88b79d13603405951398098ae61711ab12691f52ae3741f4d015ac6747ec41a898f14c94de3
-
SSDEEP
12288:Z22CIVOkyOVOkyNmXLbVib19ibeCjwKdbs87:kz9vJUqC8Kdbs87
Score1/10 -
-
-
Target
ref/MagicOrbwalker1.dll
-
Size
19KB
-
MD5
bf431efad47ff61437829d6b5de4e214
-
SHA1
3d9f904970826baba3ce5cb66b07608d7c522d00
-
SHA256
8863e1a7b1a577f754cfe737abdb7d3e50a1b369944314bf7201ce4035c3ac9b
-
SHA512
42e80f2597439ee38068d211d5081e468980a22b5cb355e279f5ca4ec537f1188ad2bb21b0e71d2ce05985a3f366fb3eedf1ba5f4d1baa14e9e297d70909f1f3
-
SSDEEP
384:3400OF+77QqHOJUIb5NRI1eA1nlnRuRc/vE8NK9hYvmpaOWCP:3T0OF+wKvI3RYeA1nlfvwhGmpaON
Score1/10 -
-
-
Target
releases.exe
-
Size
512KB
-
MD5
c4010b8dd78ca0643c607a4a9bd0bb82
-
SHA1
ee37d859cec9893548969b3f02b9115281fccfb5
-
SHA256
20f0249d2de2c0a17a474447c89bf1cc48dd42e104d6bad4ef493967cedc2455
-
SHA512
db5561d04d5e7bbcac7b852921508ddac2aba51fb64d6b1219baa8998485a8ce0a425a9958fd2c7a7c438e97eefe07de6dfe4308bcb753cfc61a4d95784f7c7e
-
SSDEEP
12288:diFfKsLIh/4hpETEt9nsKRHqDgWMokw4:d0iP/ECTss2qDDM2
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-
-
-
Target
skin/Color3/sz0/App_Hover.png
-
Size
5KB
-
MD5
1c7cc1125e32cbcb90fc4b2f7a4429a0
-
SHA1
93ccd0f0d095dfc2c6c0c410df1077276610bb79
-
SHA256
d1c5090260e09f0ed725c24352743049cb9b19b6228c708704ced1b81b659c2e
-
SHA512
74d5fe9d14311c2412f2c1712dd1268b6bcda293a7f8ff8fa8b54d569804bb0662075ae3ac4f1f1f914137eb070747a923c8889b3b55d6ff623637a49f5f4413
-
SSDEEP
96:UllcHitlIxv9vk7C1+I4wWHLihk/xme2c74kRTq9J+vq5IGMeSkpr9buDGz2HXsS:PIIHUCD4wa0e2cU6GJ+y5LMGrs38OrJp
Score3/10 -
-
-
Target
skin/Color3/sz0/App_Normal.png
-
Size
5KB
-
MD5
54ddf9208f962d6d7115423236fab298
-
SHA1
3ef41dbfd2471fae834e7a861558e9e421bb7f0a
-
SHA256
5a0fdf22919847c98296ccd4fe7907ba2186ed683a76fa59f7bb7b6aa2d672b4
-
SHA512
ae99a5473701c89dd3b9da5979f39b4df01a405c427d48e20666d73363cf0748fcaaeccb525ad23399906381c4344bdaa0ddd6dc0fc26db724becf84ac034592
-
SSDEEP
96:UllcHitlIxv9vk7C1+I4wWHLihk/xlveKFMqfIygd1jQ9peCTHtPqeCNoi6TtYMX:PIIHUCD4waLeKyqfIJ/Q9peCrP3xJoS
Score3/10 -
-
-
Target
skin/Color3/sz1/App_Hover.png
-
Size
5KB
-
MD5
1c7cc1125e32cbcb90fc4b2f7a4429a0
-
SHA1
93ccd0f0d095dfc2c6c0c410df1077276610bb79
-
SHA256
d1c5090260e09f0ed725c24352743049cb9b19b6228c708704ced1b81b659c2e
-
SHA512
74d5fe9d14311c2412f2c1712dd1268b6bcda293a7f8ff8fa8b54d569804bb0662075ae3ac4f1f1f914137eb070747a923c8889b3b55d6ff623637a49f5f4413
-
SSDEEP
96:UllcHitlIxv9vk7C1+I4wWHLihk/xme2c74kRTq9J+vq5IGMeSkpr9buDGz2HXsS:PIIHUCD4wa0e2cU6GJ+y5LMGrs38OrJp
Score3/10 -
-
-
Target
skin/Color3/sz1/App_Normal.png
-
Size
5KB
-
MD5
54ddf9208f962d6d7115423236fab298
-
SHA1
3ef41dbfd2471fae834e7a861558e9e421bb7f0a
-
SHA256
5a0fdf22919847c98296ccd4fe7907ba2186ed683a76fa59f7bb7b6aa2d672b4
-
SHA512
ae99a5473701c89dd3b9da5979f39b4df01a405c427d48e20666d73363cf0748fcaaeccb525ad23399906381c4344bdaa0ddd6dc0fc26db724becf84ac034592
-
SSDEEP
96:UllcHitlIxv9vk7C1+I4wWHLihk/xlveKFMqfIygd1jQ9peCTHtPqeCNoi6TtYMX:PIIHUCD4waLeKyqfIJ/Q9peCrP3xJoS
Score3/10 -
-
-
Target
skin/color0/sz0/App_Hover.png
-
Size
5KB
-
MD5
99e9b8abea1db8e57a984557a94725c5
-
SHA1
4d84c7bccdaabc52b4366dba4625204a6670fe50
-
SHA256
422790eafe057ce4845fa80a4f5abe0604196df4fdd45d23859f5eb1c3994787
-
SHA512
ee376ed8a38ef7e2331f17a6bed0ad13ed5349f620db4bdece2003a0422b933d12c9905ba8292c7b80f85ee8689c4267223353558c8b12181f920d876c1a5508
-
SSDEEP
96:UllcHitlIxv9vk7C1+I4wWHLihk/xlflIVuC8JpjkG9udOz0ZhXvLyIbabz:PIIHUCD4wapIQC8JpgGFohjy6abz
Score3/10 -
-
-
Target
skin/color0/sz0/App_Normal.png
-
Size
5KB
-
MD5
54ddf9208f962d6d7115423236fab298
-
SHA1
3ef41dbfd2471fae834e7a861558e9e421bb7f0a
-
SHA256
5a0fdf22919847c98296ccd4fe7907ba2186ed683a76fa59f7bb7b6aa2d672b4
-
SHA512
ae99a5473701c89dd3b9da5979f39b4df01a405c427d48e20666d73363cf0748fcaaeccb525ad23399906381c4344bdaa0ddd6dc0fc26db724becf84ac034592
-
SSDEEP
96:UllcHitlIxv9vk7C1+I4wWHLihk/xlveKFMqfIygd1jQ9peCTHtPqeCNoi6TtYMX:PIIHUCD4waLeKyqfIJ/Q9peCrP3xJoS
Score3/10 -
-
-
Target
skin/color0/sz0/Thumbs.db
-
Size
6KB
-
MD5
a6657ec01ac8283bde329ee8e73b819b
-
SHA1
92b3c7fdc8fe4118a0f37096e45de1b1eb004f67
-
SHA256
a7a703f1001fa0d6674e6273db44ac6a21f7604560fe9e8665b4e13ccfccb766
-
SHA512
c6bcdb259544fcf967cd2d78fe060deff3d4358650574831e6bda7cb9113c47bfa21c05b46833a36daa71a484d0be6b37611b4f32cf1e152bcf617778fc0d985
-
SSDEEP
96:+385ExpgPNZXHq1hF4O5ECicWHp1bt49DbeF1ZHGX:ci58h/YcWJ1bm9fexHq
Score3/10 -
-
-
Target
skin/color0/sz1/App_Hover.png
-
Size
5KB
-
MD5
99e9b8abea1db8e57a984557a94725c5
-
SHA1
4d84c7bccdaabc52b4366dba4625204a6670fe50
-
SHA256
422790eafe057ce4845fa80a4f5abe0604196df4fdd45d23859f5eb1c3994787
-
SHA512
ee376ed8a38ef7e2331f17a6bed0ad13ed5349f620db4bdece2003a0422b933d12c9905ba8292c7b80f85ee8689c4267223353558c8b12181f920d876c1a5508
-
SSDEEP
96:UllcHitlIxv9vk7C1+I4wWHLihk/xlflIVuC8JpjkG9udOz0ZhXvLyIbabz:PIIHUCD4wapIQC8JpgGFohjy6abz
Score3/10 -
-
-
Target
skin/color0/sz1/App_Normal.png
-
Size
5KB
-
MD5
54ddf9208f962d6d7115423236fab298
-
SHA1
3ef41dbfd2471fae834e7a861558e9e421bb7f0a
-
SHA256
5a0fdf22919847c98296ccd4fe7907ba2186ed683a76fa59f7bb7b6aa2d672b4
-
SHA512
ae99a5473701c89dd3b9da5979f39b4df01a405c427d48e20666d73363cf0748fcaaeccb525ad23399906381c4344bdaa0ddd6dc0fc26db724becf84ac034592
-
SSDEEP
96:UllcHitlIxv9vk7C1+I4wWHLihk/xlveKFMqfIygd1jQ9peCTHtPqeCNoi6TtYMX:PIIHUCD4waLeKyqfIJ/Q9peCrP3xJoS
Score3/10 -
-
-
Target
skin/color0/sz1/Thumbs.db
-
Size
6KB
-
MD5
f501ea21896eca50dafb2a851267232e
-
SHA1
8b9fd4e0c994a7928a624a310418e50a64015b32
-
SHA256
5ce25e36541ef392d4fad1c72a408f94d08e89cad03407e179f3c63ac1f155cc
-
SHA512
03b4df9d84ddda420e6e25946541829817acda852466041cf663a25f143d82a9139f9a8fd96067c16d451180551fca667e01e8e4cbb6f0bc08162846fd46e34b
-
SSDEEP
96:T8xExpg3rrBhl+gxqHzrCgJXQcx1YKuPnsdRhmr:T6JzlvqHz+8xqrPny4r
Score3/10 -
-
-
Target
skin/color1/sz0/App_Hover.png
-
Size
5KB
-
MD5
f1333f386cb82ed1c11a6236903fb80c
-
SHA1
33c3d22f51ce7145ed02c542c6973878e2765fcd
-
SHA256
2fbbe4eb8ae3a2d6cd50927c42ff926f58bf9657a37610564014925d0fde944e
-
SHA512
f13ce2de8975a15c70e99b68cd421a794a866ff2c2cbda3f1270ce1e05f76e9116225788c2103a088922f930e9303f23a19586b29082256b20ac7b325e09b091
-
SSDEEP
96:UllcHitlIxv9vk7C1+I4wWHLihk/xlFwmSpyDC8Du72u0Ha2zuxXbOskdPeoX+:PIIHUCD4waOyy2t7zQbOsEC
Score3/10 -
-
-
Target
skin/color1/sz0/App_Normal.png
-
Size
5KB
-
MD5
54ddf9208f962d6d7115423236fab298
-
SHA1
3ef41dbfd2471fae834e7a861558e9e421bb7f0a
-
SHA256
5a0fdf22919847c98296ccd4fe7907ba2186ed683a76fa59f7bb7b6aa2d672b4
-
SHA512
ae99a5473701c89dd3b9da5979f39b4df01a405c427d48e20666d73363cf0748fcaaeccb525ad23399906381c4344bdaa0ddd6dc0fc26db724becf84ac034592
-
SSDEEP
96:UllcHitlIxv9vk7C1+I4wWHLihk/xlveKFMqfIygd1jQ9peCTHtPqeCNoi6TtYMX:PIIHUCD4waLeKyqfIJ/Q9peCrP3xJoS
Score3/10 -
-
-
Target
yccV3.dll
-
Size
231KB
-
MD5
101d63244d7ee78e902e1bebfafa5acb
-
SHA1
0d501d964237e3bb4c29ed893da8bc084d8b5cd0
-
SHA256
b644b78f3c0c949e454f13685790b9f91fea87715258adbc81c175c2794a09fb
-
SHA512
17969217a6045f401152c73c2edab2fc4017a721894759f6d8de5cf42c9c32f3a86ef3f62423d76351595896a367212e7a683b3c704879d379443c359a89ad69
-
SSDEEP
3072:TYhDJzq4xanmtqJqZRpXoKnH3nMwmFh9hAktZsuKuxNuDvP2m3Ofbj9E8DWuZHPM:QldXWthAktLHYafNLnZHZ5DM
Score8/10-
Drops file in Drivers directory
-