{"Win.Dropper.Cerber-7777966-0": {"bis": [{"bi": "memory-execute-readwrite", "hashes": ["503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "f6ed688552feaf715791d416620d98165338df46e906443499a92129ee3dd0c4", "97b154ff0390490b11098facc517dbd3a12567a069d6e02b14ffb9f6105221be", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "b5e9152ee47449245f47636e63f904cc823aa811982414715c87f9b72c994828", "9350c01f8ab3d6b8970d908d66169f6f78cb491b77e2c6f9cffd61f2128ccdc4", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe", "32760a2bc2027aad6753ac794466f5a1e7ce11c18572ddffc519bea0c49b2102", "ace5a39502e7d9a6a1b3f5159778432021ef7faa7c3bb883721d7193d65a3ad7", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "a396f993d0f91e05b5ec09b1b507ac0dac36e33092bf5fd878bcaecde40ea716", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "e09769260a9383a8ab9e91afb296a0a333bf8cdc64953355a3f9e5d42d9f7c93", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "af24aa4f0e9e7d9fec478f947416cbd9c2d59edf1328751c6fec455ffc19922f", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "a931c4362fad2ef89d007907998e3ef81942a10145dcf03202b4419555510c96", "be5b564ddfeda87835d7d31097aa38074c55e1a818013fb06705d8c8ddd4a8c4", "bec55860390620b090a2457b70c2cc2f49cfeb441768ac83cc927a8b4222c227", "a18e8c0e01970e4cdf576876b0f60fe1bdcc2f76c22e5a2c2b03446715361856", "030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "dc80131c12afcd22ab85fe19fbde17cc4f106110c663dc4a502d4d5d7417ffd4", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "77c051db85560463ac492207d40c9aa759d0c7fc94163ab7229404867faf8602", "6ccf58ab83888b010a8f76241e3f5bac40bf054adadfce715286ea586ba07732", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "75810a8bdfd2dbaca933ac6905c97fb3fd92105f8b9b45e50a6814a6a56bad57", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "a90f5060ac0d35cf6b5cb767cac6368b97b73ec86fc12bf00ca65f827d5b791a", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "f0b2245ab889d21657da457f953f243c382d4329c773a12ecc23899a3c15e10c", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055", "T1181"]}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "f6ed688552feaf715791d416620d98165338df46e906443499a92129ee3dd0c4", "97b154ff0390490b11098facc517dbd3a12567a069d6e02b14ffb9f6105221be", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "b5e9152ee47449245f47636e63f904cc823aa811982414715c87f9b72c994828", "9350c01f8ab3d6b8970d908d66169f6f78cb491b77e2c6f9cffd61f2128ccdc4", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe", "32760a2bc2027aad6753ac794466f5a1e7ce11c18572ddffc519bea0c49b2102", "ace5a39502e7d9a6a1b3f5159778432021ef7faa7c3bb883721d7193d65a3ad7", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "a396f993d0f91e05b5ec09b1b507ac0dac36e33092bf5fd878bcaecde40ea716", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "e09769260a9383a8ab9e91afb296a0a333bf8cdc64953355a3f9e5d42d9f7c93", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "af24aa4f0e9e7d9fec478f947416cbd9c2d59edf1328751c6fec455ffc19922f", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "a931c4362fad2ef89d007907998e3ef81942a10145dcf03202b4419555510c96", "be5b564ddfeda87835d7d31097aa38074c55e1a818013fb06705d8c8ddd4a8c4", "bec55860390620b090a2457b70c2cc2f49cfeb441768ac83cc927a8b4222c227", "a18e8c0e01970e4cdf576876b0f60fe1bdcc2f76c22e5a2c2b03446715361856", "030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "dc80131c12afcd22ab85fe19fbde17cc4f106110c663dc4a502d4d5d7417ffd4", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "77c051db85560463ac492207d40c9aa759d0c7fc94163ab7229404867faf8602", "6ccf58ab83888b010a8f76241e3f5bac40bf054adadfce715286ea586ba07732", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "75810a8bdfd2dbaca933ac6905c97fb3fd92105f8b9b45e50a6814a6a56bad57", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "a90f5060ac0d35cf6b5cb767cac6368b97b73ec86fc12bf00ca65f827d5b791a", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "f0b2245ab889d21657da457f953f243c382d4329c773a12ecc23899a3c15e10c", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2"], "mitre_attack_tags": []}, {"bi": "cta-static-analyzer-malicious", "hashes": ["503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "f6ed688552feaf715791d416620d98165338df46e906443499a92129ee3dd0c4", "97b154ff0390490b11098facc517dbd3a12567a069d6e02b14ffb9f6105221be", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "b5e9152ee47449245f47636e63f904cc823aa811982414715c87f9b72c994828", "9350c01f8ab3d6b8970d908d66169f6f78cb491b77e2c6f9cffd61f2128ccdc4", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe", "32760a2bc2027aad6753ac794466f5a1e7ce11c18572ddffc519bea0c49b2102", "ace5a39502e7d9a6a1b3f5159778432021ef7faa7c3bb883721d7193d65a3ad7", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "a396f993d0f91e05b5ec09b1b507ac0dac36e33092bf5fd878bcaecde40ea716", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "e09769260a9383a8ab9e91afb296a0a333bf8cdc64953355a3f9e5d42d9f7c93", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "af24aa4f0e9e7d9fec478f947416cbd9c2d59edf1328751c6fec455ffc19922f", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "a931c4362fad2ef89d007907998e3ef81942a10145dcf03202b4419555510c96", "be5b564ddfeda87835d7d31097aa38074c55e1a818013fb06705d8c8ddd4a8c4", "bec55860390620b090a2457b70c2cc2f49cfeb441768ac83cc927a8b4222c227", "a18e8c0e01970e4cdf576876b0f60fe1bdcc2f76c22e5a2c2b03446715361856", "030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "dc80131c12afcd22ab85fe19fbde17cc4f106110c663dc4a502d4d5d7417ffd4", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "77c051db85560463ac492207d40c9aa759d0c7fc94163ab7229404867faf8602", "6ccf58ab83888b010a8f76241e3f5bac40bf054adadfce715286ea586ba07732", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "75810a8bdfd2dbaca933ac6905c97fb3fd92105f8b9b45e50a6814a6a56bad57", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "a90f5060ac0d35cf6b5cb767cac6368b97b73ec86fc12bf00ca65f827d5b791a", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "f0b2245ab889d21657da457f953f243c382d4329c773a12ecc23899a3c15e10c", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2"], "mitre_attack_tags": []}, {"bi": "artifact-flagged-anomaly", "hashes": ["503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "f6ed688552feaf715791d416620d98165338df46e906443499a92129ee3dd0c4", "97b154ff0390490b11098facc517dbd3a12567a069d6e02b14ffb9f6105221be", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "b5e9152ee47449245f47636e63f904cc823aa811982414715c87f9b72c994828", "9350c01f8ab3d6b8970d908d66169f6f78cb491b77e2c6f9cffd61f2128ccdc4", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe", "32760a2bc2027aad6753ac794466f5a1e7ce11c18572ddffc519bea0c49b2102", "ace5a39502e7d9a6a1b3f5159778432021ef7faa7c3bb883721d7193d65a3ad7", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "a396f993d0f91e05b5ec09b1b507ac0dac36e33092bf5fd878bcaecde40ea716", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "e09769260a9383a8ab9e91afb296a0a333bf8cdc64953355a3f9e5d42d9f7c93", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "af24aa4f0e9e7d9fec478f947416cbd9c2d59edf1328751c6fec455ffc19922f", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "a931c4362fad2ef89d007907998e3ef81942a10145dcf03202b4419555510c96", "be5b564ddfeda87835d7d31097aa38074c55e1a818013fb06705d8c8ddd4a8c4", "bec55860390620b090a2457b70c2cc2f49cfeb441768ac83cc927a8b4222c227", "a18e8c0e01970e4cdf576876b0f60fe1bdcc2f76c22e5a2c2b03446715361856", "030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "dc80131c12afcd22ab85fe19fbde17cc4f106110c663dc4a502d4d5d7417ffd4", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "77c051db85560463ac492207d40c9aa759d0c7fc94163ab7229404867faf8602", "6ccf58ab83888b010a8f76241e3f5bac40bf054adadfce715286ea586ba07732", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "75810a8bdfd2dbaca933ac6905c97fb3fd92105f8b9b45e50a6814a6a56bad57", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "a90f5060ac0d35cf6b5cb767cac6368b97b73ec86fc12bf00ca65f827d5b791a", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "f0b2245ab889d21657da457f953f243c382d4329c773a12ecc23899a3c15e10c", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "pe-section-execute-writable", "hashes": ["503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "f6ed688552feaf715791d416620d98165338df46e906443499a92129ee3dd0c4", "97b154ff0390490b11098facc517dbd3a12567a069d6e02b14ffb9f6105221be", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "b5e9152ee47449245f47636e63f904cc823aa811982414715c87f9b72c994828", "9350c01f8ab3d6b8970d908d66169f6f78cb491b77e2c6f9cffd61f2128ccdc4", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe", "32760a2bc2027aad6753ac794466f5a1e7ce11c18572ddffc519bea0c49b2102", "ace5a39502e7d9a6a1b3f5159778432021ef7faa7c3bb883721d7193d65a3ad7", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "a396f993d0f91e05b5ec09b1b507ac0dac36e33092bf5fd878bcaecde40ea716", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "e09769260a9383a8ab9e91afb296a0a333bf8cdc64953355a3f9e5d42d9f7c93", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "af24aa4f0e9e7d9fec478f947416cbd9c2d59edf1328751c6fec455ffc19922f", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "a931c4362fad2ef89d007907998e3ef81942a10145dcf03202b4419555510c96", "be5b564ddfeda87835d7d31097aa38074c55e1a818013fb06705d8c8ddd4a8c4", "bec55860390620b090a2457b70c2cc2f49cfeb441768ac83cc927a8b4222c227", "a18e8c0e01970e4cdf576876b0f60fe1bdcc2f76c22e5a2c2b03446715361856", "030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "dc80131c12afcd22ab85fe19fbde17cc4f106110c663dc4a502d4d5d7417ffd4", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "77c051db85560463ac492207d40c9aa759d0c7fc94163ab7229404867faf8602", "6ccf58ab83888b010a8f76241e3f5bac40bf054adadfce715286ea586ba07732", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "75810a8bdfd2dbaca933ac6905c97fb3fd92105f8b9b45e50a6814a6a56bad57", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "a90f5060ac0d35cf6b5cb767cac6368b97b73ec86fc12bf00ca65f827d5b791a", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "f0b2245ab889d21657da457f953f243c382d4329c773a12ecc23899a3c15e10c", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "pe-packed-upx", "hashes": ["503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "f6ed688552feaf715791d416620d98165338df46e906443499a92129ee3dd0c4", "97b154ff0390490b11098facc517dbd3a12567a069d6e02b14ffb9f6105221be", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "b5e9152ee47449245f47636e63f904cc823aa811982414715c87f9b72c994828", "9350c01f8ab3d6b8970d908d66169f6f78cb491b77e2c6f9cffd61f2128ccdc4", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe", "32760a2bc2027aad6753ac794466f5a1e7ce11c18572ddffc519bea0c49b2102", "ace5a39502e7d9a6a1b3f5159778432021ef7faa7c3bb883721d7193d65a3ad7", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "a396f993d0f91e05b5ec09b1b507ac0dac36e33092bf5fd878bcaecde40ea716", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "e09769260a9383a8ab9e91afb296a0a333bf8cdc64953355a3f9e5d42d9f7c93", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "af24aa4f0e9e7d9fec478f947416cbd9c2d59edf1328751c6fec455ffc19922f", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "a931c4362fad2ef89d007907998e3ef81942a10145dcf03202b4419555510c96", "be5b564ddfeda87835d7d31097aa38074c55e1a818013fb06705d8c8ddd4a8c4", "bec55860390620b090a2457b70c2cc2f49cfeb441768ac83cc927a8b4222c227", "a18e8c0e01970e4cdf576876b0f60fe1bdcc2f76c22e5a2c2b03446715361856", "030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "dc80131c12afcd22ab85fe19fbde17cc4f106110c663dc4a502d4d5d7417ffd4", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "77c051db85560463ac492207d40c9aa759d0c7fc94163ab7229404867faf8602", "6ccf58ab83888b010a8f76241e3f5bac40bf054adadfce715286ea586ba07732", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "75810a8bdfd2dbaca933ac6905c97fb3fd92105f8b9b45e50a6814a6a56bad57", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "a90f5060ac0d35cf6b5cb767cac6368b97b73ec86fc12bf00ca65f827d5b791a", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "f0b2245ab889d21657da457f953f243c382d4329c773a12ecc23899a3c15e10c", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "imports-IsDebuggerPresent", "hashes": ["503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "f6ed688552feaf715791d416620d98165338df46e906443499a92129ee3dd0c4", "97b154ff0390490b11098facc517dbd3a12567a069d6e02b14ffb9f6105221be", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "b5e9152ee47449245f47636e63f904cc823aa811982414715c87f9b72c994828", "9350c01f8ab3d6b8970d908d66169f6f78cb491b77e2c6f9cffd61f2128ccdc4", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe", "32760a2bc2027aad6753ac794466f5a1e7ce11c18572ddffc519bea0c49b2102", "ace5a39502e7d9a6a1b3f5159778432021ef7faa7c3bb883721d7193d65a3ad7", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "a396f993d0f91e05b5ec09b1b507ac0dac36e33092bf5fd878bcaecde40ea716", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "e09769260a9383a8ab9e91afb296a0a333bf8cdc64953355a3f9e5d42d9f7c93", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "af24aa4f0e9e7d9fec478f947416cbd9c2d59edf1328751c6fec455ffc19922f", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "a931c4362fad2ef89d007907998e3ef81942a10145dcf03202b4419555510c96", "be5b564ddfeda87835d7d31097aa38074c55e1a818013fb06705d8c8ddd4a8c4", "bec55860390620b090a2457b70c2cc2f49cfeb441768ac83cc927a8b4222c227", "a18e8c0e01970e4cdf576876b0f60fe1bdcc2f76c22e5a2c2b03446715361856", "030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "dc80131c12afcd22ab85fe19fbde17cc4f106110c663dc4a502d4d5d7417ffd4", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "77c051db85560463ac492207d40c9aa759d0c7fc94163ab7229404867faf8602", "6ccf58ab83888b010a8f76241e3f5bac40bf054adadfce715286ea586ba07732", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "75810a8bdfd2dbaca933ac6905c97fb3fd92105f8b9b45e50a6814a6a56bad57", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "a90f5060ac0d35cf6b5cb767cac6368b97b73ec86fc12bf00ca65f827d5b791a", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "f0b2245ab889d21657da457f953f243c382d4329c773a12ecc23899a3c15e10c", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2"], "mitre_attack_tags": []}, {"bi": "modified-file-in-user-dir", "hashes": ["503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "f6ed688552feaf715791d416620d98165338df46e906443499a92129ee3dd0c4", "97b154ff0390490b11098facc517dbd3a12567a069d6e02b14ffb9f6105221be", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "9350c01f8ab3d6b8970d908d66169f6f78cb491b77e2c6f9cffd61f2128ccdc4", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe", "32760a2bc2027aad6753ac794466f5a1e7ce11c18572ddffc519bea0c49b2102", "ace5a39502e7d9a6a1b3f5159778432021ef7faa7c3bb883721d7193d65a3ad7", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "a396f993d0f91e05b5ec09b1b507ac0dac36e33092bf5fd878bcaecde40ea716", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "e09769260a9383a8ab9e91afb296a0a333bf8cdc64953355a3f9e5d42d9f7c93", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "af24aa4f0e9e7d9fec478f947416cbd9c2d59edf1328751c6fec455ffc19922f", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "a931c4362fad2ef89d007907998e3ef81942a10145dcf03202b4419555510c96", "be5b564ddfeda87835d7d31097aa38074c55e1a818013fb06705d8c8ddd4a8c4", "bec55860390620b090a2457b70c2cc2f49cfeb441768ac83cc927a8b4222c227", "a18e8c0e01970e4cdf576876b0f60fe1bdcc2f76c22e5a2c2b03446715361856", "030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "dc80131c12afcd22ab85fe19fbde17cc4f106110c663dc4a502d4d5d7417ffd4", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "77c051db85560463ac492207d40c9aa759d0c7fc94163ab7229404867faf8602", "6ccf58ab83888b010a8f76241e3f5bac40bf054adadfce715286ea586ba07732", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "75810a8bdfd2dbaca933ac6905c97fb3fd92105f8b9b45e50a6814a6a56bad57", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "a90f5060ac0d35cf6b5cb767cac6368b97b73ec86fc12bf00ca65f827d5b791a", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "f0b2245ab889d21657da457f953f243c382d4329c773a12ecc23899a3c15e10c", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2"], "mitre_attack_tags": []}, {"bi": "excessive-foreign-memory-modification", "hashes": ["503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "f6ed688552feaf715791d416620d98165338df46e906443499a92129ee3dd0c4", "97b154ff0390490b11098facc517dbd3a12567a069d6e02b14ffb9f6105221be", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "b5e9152ee47449245f47636e63f904cc823aa811982414715c87f9b72c994828", "9350c01f8ab3d6b8970d908d66169f6f78cb491b77e2c6f9cffd61f2128ccdc4", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe", "ace5a39502e7d9a6a1b3f5159778432021ef7faa7c3bb883721d7193d65a3ad7", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "a396f993d0f91e05b5ec09b1b507ac0dac36e33092bf5fd878bcaecde40ea716", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "e09769260a9383a8ab9e91afb296a0a333bf8cdc64953355a3f9e5d42d9f7c93", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "af24aa4f0e9e7d9fec478f947416cbd9c2d59edf1328751c6fec455ffc19922f", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "a931c4362fad2ef89d007907998e3ef81942a10145dcf03202b4419555510c96", "be5b564ddfeda87835d7d31097aa38074c55e1a818013fb06705d8c8ddd4a8c4", "bec55860390620b090a2457b70c2cc2f49cfeb441768ac83cc927a8b4222c227", "a18e8c0e01970e4cdf576876b0f60fe1bdcc2f76c22e5a2c2b03446715361856", "030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "dc80131c12afcd22ab85fe19fbde17cc4f106110c663dc4a502d4d5d7417ffd4", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "77c051db85560463ac492207d40c9aa759d0c7fc94163ab7229404867faf8602", "6ccf58ab83888b010a8f76241e3f5bac40bf054adadfce715286ea586ba07732", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "75810a8bdfd2dbaca933ac6905c97fb3fd92105f8b9b45e50a6814a6a56bad57", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "a90f5060ac0d35cf6b5cb767cac6368b97b73ec86fc12bf00ca65f827d5b791a", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "f0b2245ab889d21657da457f953f243c382d4329c773a12ecc23899a3c15e10c", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2"], "mitre_attack_tags": ["TA0005", "T1055"]}, {"bi": "network-fast-flux-domain", "hashes": ["503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "f6ed688552feaf715791d416620d98165338df46e906443499a92129ee3dd0c4", "97b154ff0390490b11098facc517dbd3a12567a069d6e02b14ffb9f6105221be", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "9350c01f8ab3d6b8970d908d66169f6f78cb491b77e2c6f9cffd61f2128ccdc4", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe", "ace5a39502e7d9a6a1b3f5159778432021ef7faa7c3bb883721d7193d65a3ad7", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "a396f993d0f91e05b5ec09b1b507ac0dac36e33092bf5fd878bcaecde40ea716", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "e09769260a9383a8ab9e91afb296a0a333bf8cdc64953355a3f9e5d42d9f7c93", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "af24aa4f0e9e7d9fec478f947416cbd9c2d59edf1328751c6fec455ffc19922f", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "a931c4362fad2ef89d007907998e3ef81942a10145dcf03202b4419555510c96", "be5b564ddfeda87835d7d31097aa38074c55e1a818013fb06705d8c8ddd4a8c4", "bec55860390620b090a2457b70c2cc2f49cfeb441768ac83cc927a8b4222c227", "a18e8c0e01970e4cdf576876b0f60fe1bdcc2f76c22e5a2c2b03446715361856", "030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "dc80131c12afcd22ab85fe19fbde17cc4f106110c663dc4a502d4d5d7417ffd4", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "77c051db85560463ac492207d40c9aa759d0c7fc94163ab7229404867faf8602", "6ccf58ab83888b010a8f76241e3f5bac40bf054adadfce715286ea586ba07732", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "75810a8bdfd2dbaca933ac6905c97fb3fd92105f8b9b45e50a6814a6a56bad57", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "a90f5060ac0d35cf6b5cb767cac6368b97b73ec86fc12bf00ca65f827d5b791a", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "f0b2245ab889d21657da457f953f243c382d4329c773a12ecc23899a3c15e10c", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2"], "mitre_attack_tags": []}, {"bi": "network-communications-http-get", "hashes": ["503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "f6ed688552feaf715791d416620d98165338df46e906443499a92129ee3dd0c4", "97b154ff0390490b11098facc517dbd3a12567a069d6e02b14ffb9f6105221be", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "9350c01f8ab3d6b8970d908d66169f6f78cb491b77e2c6f9cffd61f2128ccdc4", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe", "ace5a39502e7d9a6a1b3f5159778432021ef7faa7c3bb883721d7193d65a3ad7", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "a396f993d0f91e05b5ec09b1b507ac0dac36e33092bf5fd878bcaecde40ea716", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "e09769260a9383a8ab9e91afb296a0a333bf8cdc64953355a3f9e5d42d9f7c93", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "af24aa4f0e9e7d9fec478f947416cbd9c2d59edf1328751c6fec455ffc19922f", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "a931c4362fad2ef89d007907998e3ef81942a10145dcf03202b4419555510c96", "be5b564ddfeda87835d7d31097aa38074c55e1a818013fb06705d8c8ddd4a8c4", "bec55860390620b090a2457b70c2cc2f49cfeb441768ac83cc927a8b4222c227", "a18e8c0e01970e4cdf576876b0f60fe1bdcc2f76c22e5a2c2b03446715361856", "030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "dc80131c12afcd22ab85fe19fbde17cc4f106110c663dc4a502d4d5d7417ffd4", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "77c051db85560463ac492207d40c9aa759d0c7fc94163ab7229404867faf8602", "6ccf58ab83888b010a8f76241e3f5bac40bf054adadfce715286ea586ba07732", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "75810a8bdfd2dbaca933ac6905c97fb3fd92105f8b9b45e50a6814a6a56bad57", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "a90f5060ac0d35cf6b5cb767cac6368b97b73ec86fc12bf00ca65f827d5b791a", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "f0b2245ab889d21657da457f953f243c382d4329c773a12ecc23899a3c15e10c", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2"], "mitre_attack_tags": ["TA0011", "TA0010", "T1105", "T1043"]}, {"bi": "network-only-safe-domains-contacted", "hashes": ["503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "f6ed688552feaf715791d416620d98165338df46e906443499a92129ee3dd0c4", "97b154ff0390490b11098facc517dbd3a12567a069d6e02b14ffb9f6105221be", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "9350c01f8ab3d6b8970d908d66169f6f78cb491b77e2c6f9cffd61f2128ccdc4", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe", "ace5a39502e7d9a6a1b3f5159778432021ef7faa7c3bb883721d7193d65a3ad7", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "a396f993d0f91e05b5ec09b1b507ac0dac36e33092bf5fd878bcaecde40ea716", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "e09769260a9383a8ab9e91afb296a0a333bf8cdc64953355a3f9e5d42d9f7c93", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "af24aa4f0e9e7d9fec478f947416cbd9c2d59edf1328751c6fec455ffc19922f", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "a931c4362fad2ef89d007907998e3ef81942a10145dcf03202b4419555510c96", "be5b564ddfeda87835d7d31097aa38074c55e1a818013fb06705d8c8ddd4a8c4", "bec55860390620b090a2457b70c2cc2f49cfeb441768ac83cc927a8b4222c227", "a18e8c0e01970e4cdf576876b0f60fe1bdcc2f76c22e5a2c2b03446715361856", "030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "dc80131c12afcd22ab85fe19fbde17cc4f106110c663dc4a502d4d5d7417ffd4", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "77c051db85560463ac492207d40c9aa759d0c7fc94163ab7229404867faf8602", "6ccf58ab83888b010a8f76241e3f5bac40bf054adadfce715286ea586ba07732", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "75810a8bdfd2dbaca933ac6905c97fb3fd92105f8b9b45e50a6814a6a56bad57", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "a90f5060ac0d35cf6b5cb767cac6368b97b73ec86fc12bf00ca65f827d5b791a", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "f0b2245ab889d21657da457f953f243c382d4329c773a12ecc23899a3c15e10c", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2"], "mitre_attack_tags": []}, {"bi": "feed-domain-antivirus-service", "hashes": ["503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "f6ed688552feaf715791d416620d98165338df46e906443499a92129ee3dd0c4", "97b154ff0390490b11098facc517dbd3a12567a069d6e02b14ffb9f6105221be", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "9350c01f8ab3d6b8970d908d66169f6f78cb491b77e2c6f9cffd61f2128ccdc4", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe", "ace5a39502e7d9a6a1b3f5159778432021ef7faa7c3bb883721d7193d65a3ad7", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "a396f993d0f91e05b5ec09b1b507ac0dac36e33092bf5fd878bcaecde40ea716", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "e09769260a9383a8ab9e91afb296a0a333bf8cdc64953355a3f9e5d42d9f7c93", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "af24aa4f0e9e7d9fec478f947416cbd9c2d59edf1328751c6fec455ffc19922f", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "a931c4362fad2ef89d007907998e3ef81942a10145dcf03202b4419555510c96", "be5b564ddfeda87835d7d31097aa38074c55e1a818013fb06705d8c8ddd4a8c4", "bec55860390620b090a2457b70c2cc2f49cfeb441768ac83cc927a8b4222c227", "a18e8c0e01970e4cdf576876b0f60fe1bdcc2f76c22e5a2c2b03446715361856", "030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "dc80131c12afcd22ab85fe19fbde17cc4f106110c663dc4a502d4d5d7417ffd4", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "77c051db85560463ac492207d40c9aa759d0c7fc94163ab7229404867faf8602", "6ccf58ab83888b010a8f76241e3f5bac40bf054adadfce715286ea586ba07732", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "75810a8bdfd2dbaca933ac6905c97fb3fd92105f8b9b45e50a6814a6a56bad57", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "a90f5060ac0d35cf6b5cb767cac6368b97b73ec86fc12bf00ca65f827d5b791a", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "f0b2245ab889d21657da457f953f243c382d4329c773a12ecc23899a3c15e10c", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2"], "mitre_attack_tags": []}, {"bi": "sample-launched-copy-of-self", "hashes": ["503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "f6ed688552feaf715791d416620d98165338df46e906443499a92129ee3dd0c4", "97b154ff0390490b11098facc517dbd3a12567a069d6e02b14ffb9f6105221be", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "9350c01f8ab3d6b8970d908d66169f6f78cb491b77e2c6f9cffd61f2128ccdc4", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe", "ace5a39502e7d9a6a1b3f5159778432021ef7faa7c3bb883721d7193d65a3ad7", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "a396f993d0f91e05b5ec09b1b507ac0dac36e33092bf5fd878bcaecde40ea716", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "e09769260a9383a8ab9e91afb296a0a333bf8cdc64953355a3f9e5d42d9f7c93", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "af24aa4f0e9e7d9fec478f947416cbd9c2d59edf1328751c6fec455ffc19922f", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "a931c4362fad2ef89d007907998e3ef81942a10145dcf03202b4419555510c96", "be5b564ddfeda87835d7d31097aa38074c55e1a818013fb06705d8c8ddd4a8c4", "bec55860390620b090a2457b70c2cc2f49cfeb441768ac83cc927a8b4222c227", "a18e8c0e01970e4cdf576876b0f60fe1bdcc2f76c22e5a2c2b03446715361856", "030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "dc80131c12afcd22ab85fe19fbde17cc4f106110c663dc4a502d4d5d7417ffd4", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "77c051db85560463ac492207d40c9aa759d0c7fc94163ab7229404867faf8602", "6ccf58ab83888b010a8f76241e3f5bac40bf054adadfce715286ea586ba07732", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "75810a8bdfd2dbaca933ac6905c97fb3fd92105f8b9b45e50a6814a6a56bad57", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "a90f5060ac0d35cf6b5cb767cac6368b97b73ec86fc12bf00ca65f827d5b791a", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "f0b2245ab889d21657da457f953f243c382d4329c773a12ecc23899a3c15e10c", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2"], "mitre_attack_tags": ["TA0005", "T1202"]}, {"bi": "excessive-udp-connections", "hashes": ["503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "f6ed688552feaf715791d416620d98165338df46e906443499a92129ee3dd0c4", "97b154ff0390490b11098facc517dbd3a12567a069d6e02b14ffb9f6105221be", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "9350c01f8ab3d6b8970d908d66169f6f78cb491b77e2c6f9cffd61f2128ccdc4", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe", "ace5a39502e7d9a6a1b3f5159778432021ef7faa7c3bb883721d7193d65a3ad7", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "a396f993d0f91e05b5ec09b1b507ac0dac36e33092bf5fd878bcaecde40ea716", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "e09769260a9383a8ab9e91afb296a0a333bf8cdc64953355a3f9e5d42d9f7c93", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "af24aa4f0e9e7d9fec478f947416cbd9c2d59edf1328751c6fec455ffc19922f", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "a931c4362fad2ef89d007907998e3ef81942a10145dcf03202b4419555510c96", "be5b564ddfeda87835d7d31097aa38074c55e1a818013fb06705d8c8ddd4a8c4", "bec55860390620b090a2457b70c2cc2f49cfeb441768ac83cc927a8b4222c227", "a18e8c0e01970e4cdf576876b0f60fe1bdcc2f76c22e5a2c2b03446715361856", "030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "dc80131c12afcd22ab85fe19fbde17cc4f106110c663dc4a502d4d5d7417ffd4", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "77c051db85560463ac492207d40c9aa759d0c7fc94163ab7229404867faf8602", "6ccf58ab83888b010a8f76241e3f5bac40bf054adadfce715286ea586ba07732", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "75810a8bdfd2dbaca933ac6905c97fb3fd92105f8b9b45e50a6814a6a56bad57", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "a90f5060ac0d35cf6b5cb767cac6368b97b73ec86fc12bf00ca65f827d5b791a", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "f0b2245ab889d21657da457f953f243c382d4329c773a12ecc23899a3c15e10c", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2"], "mitre_attack_tags": ["TA0011", "T1095", "T1008"]}, {"bi": "document-decoy-dropped", "hashes": ["503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "f6ed688552feaf715791d416620d98165338df46e906443499a92129ee3dd0c4", "97b154ff0390490b11098facc517dbd3a12567a069d6e02b14ffb9f6105221be", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "9350c01f8ab3d6b8970d908d66169f6f78cb491b77e2c6f9cffd61f2128ccdc4", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe", "ace5a39502e7d9a6a1b3f5159778432021ef7faa7c3bb883721d7193d65a3ad7", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "a396f993d0f91e05b5ec09b1b507ac0dac36e33092bf5fd878bcaecde40ea716", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "e09769260a9383a8ab9e91afb296a0a333bf8cdc64953355a3f9e5d42d9f7c93", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "af24aa4f0e9e7d9fec478f947416cbd9c2d59edf1328751c6fec455ffc19922f", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "a931c4362fad2ef89d007907998e3ef81942a10145dcf03202b4419555510c96", "be5b564ddfeda87835d7d31097aa38074c55e1a818013fb06705d8c8ddd4a8c4", "bec55860390620b090a2457b70c2cc2f49cfeb441768ac83cc927a8b4222c227", "a18e8c0e01970e4cdf576876b0f60fe1bdcc2f76c22e5a2c2b03446715361856", "030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "dc80131c12afcd22ab85fe19fbde17cc4f106110c663dc4a502d4d5d7417ffd4", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "77c051db85560463ac492207d40c9aa759d0c7fc94163ab7229404867faf8602", "6ccf58ab83888b010a8f76241e3f5bac40bf054adadfce715286ea586ba07732", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "75810a8bdfd2dbaca933ac6905c97fb3fd92105f8b9b45e50a6814a6a56bad57", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "a90f5060ac0d35cf6b5cb767cac6368b97b73ec86fc12bf00ca65f827d5b791a", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "f0b2245ab889d21657da457f953f243c382d4329c773a12ecc23899a3c15e10c", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2"], "mitre_attack_tags": []}, {"bi": "malware-ransomware-cerber", "hashes": ["503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "f6ed688552feaf715791d416620d98165338df46e906443499a92129ee3dd0c4", "97b154ff0390490b11098facc517dbd3a12567a069d6e02b14ffb9f6105221be", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "9350c01f8ab3d6b8970d908d66169f6f78cb491b77e2c6f9cffd61f2128ccdc4", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe", "ace5a39502e7d9a6a1b3f5159778432021ef7faa7c3bb883721d7193d65a3ad7", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "a396f993d0f91e05b5ec09b1b507ac0dac36e33092bf5fd878bcaecde40ea716", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "e09769260a9383a8ab9e91afb296a0a333bf8cdc64953355a3f9e5d42d9f7c93", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "af24aa4f0e9e7d9fec478f947416cbd9c2d59edf1328751c6fec455ffc19922f", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "a931c4362fad2ef89d007907998e3ef81942a10145dcf03202b4419555510c96", "be5b564ddfeda87835d7d31097aa38074c55e1a818013fb06705d8c8ddd4a8c4", "bec55860390620b090a2457b70c2cc2f49cfeb441768ac83cc927a8b4222c227", "a18e8c0e01970e4cdf576876b0f60fe1bdcc2f76c22e5a2c2b03446715361856", "030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "dc80131c12afcd22ab85fe19fbde17cc4f106110c663dc4a502d4d5d7417ffd4", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "77c051db85560463ac492207d40c9aa759d0c7fc94163ab7229404867faf8602", "6ccf58ab83888b010a8f76241e3f5bac40bf054adadfce715286ea586ba07732", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "75810a8bdfd2dbaca933ac6905c97fb3fd92105f8b9b45e50a6814a6a56bad57", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "a90f5060ac0d35cf6b5cb767cac6368b97b73ec86fc12bf00ca65f827d5b791a", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "f0b2245ab889d21657da457f953f243c382d4329c773a12ecc23899a3c15e10c", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2"], "mitre_attack_tags": ["TA0040", "T1486"]}, {"bi": "feed-domain-ransomware", "hashes": ["503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "f6ed688552feaf715791d416620d98165338df46e906443499a92129ee3dd0c4", "97b154ff0390490b11098facc517dbd3a12567a069d6e02b14ffb9f6105221be", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "9350c01f8ab3d6b8970d908d66169f6f78cb491b77e2c6f9cffd61f2128ccdc4", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe", "ace5a39502e7d9a6a1b3f5159778432021ef7faa7c3bb883721d7193d65a3ad7", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "a396f993d0f91e05b5ec09b1b507ac0dac36e33092bf5fd878bcaecde40ea716", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "e09769260a9383a8ab9e91afb296a0a333bf8cdc64953355a3f9e5d42d9f7c93", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "af24aa4f0e9e7d9fec478f947416cbd9c2d59edf1328751c6fec455ffc19922f", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "a931c4362fad2ef89d007907998e3ef81942a10145dcf03202b4419555510c96", "be5b564ddfeda87835d7d31097aa38074c55e1a818013fb06705d8c8ddd4a8c4", "bec55860390620b090a2457b70c2cc2f49cfeb441768ac83cc927a8b4222c227", "a18e8c0e01970e4cdf576876b0f60fe1bdcc2f76c22e5a2c2b03446715361856", "030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "dc80131c12afcd22ab85fe19fbde17cc4f106110c663dc4a502d4d5d7417ffd4", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "77c051db85560463ac492207d40c9aa759d0c7fc94163ab7229404867faf8602", "6ccf58ab83888b010a8f76241e3f5bac40bf054adadfce715286ea586ba07732", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "75810a8bdfd2dbaca933ac6905c97fb3fd92105f8b9b45e50a6814a6a56bad57", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "a90f5060ac0d35cf6b5cb767cac6368b97b73ec86fc12bf00ca65f827d5b791a", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "f0b2245ab889d21657da457f953f243c382d4329c773a12ecc23899a3c15e10c", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2"], "mitre_attack_tags": []}, {"bi": "decoy-wpfv", "hashes": ["503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "f6ed688552feaf715791d416620d98165338df46e906443499a92129ee3dd0c4", "97b154ff0390490b11098facc517dbd3a12567a069d6e02b14ffb9f6105221be", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "9350c01f8ab3d6b8970d908d66169f6f78cb491b77e2c6f9cffd61f2128ccdc4", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe", "ace5a39502e7d9a6a1b3f5159778432021ef7faa7c3bb883721d7193d65a3ad7", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "a396f993d0f91e05b5ec09b1b507ac0dac36e33092bf5fd878bcaecde40ea716", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "e09769260a9383a8ab9e91afb296a0a333bf8cdc64953355a3f9e5d42d9f7c93", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "af24aa4f0e9e7d9fec478f947416cbd9c2d59edf1328751c6fec455ffc19922f", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "a931c4362fad2ef89d007907998e3ef81942a10145dcf03202b4419555510c96", "be5b564ddfeda87835d7d31097aa38074c55e1a818013fb06705d8c8ddd4a8c4", "bec55860390620b090a2457b70c2cc2f49cfeb441768ac83cc927a8b4222c227", "a18e8c0e01970e4cdf576876b0f60fe1bdcc2f76c22e5a2c2b03446715361856", "030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "dc80131c12afcd22ab85fe19fbde17cc4f106110c663dc4a502d4d5d7417ffd4", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "77c051db85560463ac492207d40c9aa759d0c7fc94163ab7229404867faf8602", "6ccf58ab83888b010a8f76241e3f5bac40bf054adadfce715286ea586ba07732", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "75810a8bdfd2dbaca933ac6905c97fb3fd92105f8b9b45e50a6814a6a56bad57", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "a90f5060ac0d35cf6b5cb767cac6368b97b73ec86fc12bf00ca65f827d5b791a", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "f0b2245ab889d21657da457f953f243c382d4329c773a12ecc23899a3c15e10c", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2"], "mitre_attack_tags": ["TA0001", "T1193"]}, {"bi": "microsoft-block-rule-list-app-executed", "hashes": ["503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "f6ed688552feaf715791d416620d98165338df46e906443499a92129ee3dd0c4", "97b154ff0390490b11098facc517dbd3a12567a069d6e02b14ffb9f6105221be", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "9350c01f8ab3d6b8970d908d66169f6f78cb491b77e2c6f9cffd61f2128ccdc4", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe", "ace5a39502e7d9a6a1b3f5159778432021ef7faa7c3bb883721d7193d65a3ad7", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "a396f993d0f91e05b5ec09b1b507ac0dac36e33092bf5fd878bcaecde40ea716", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "e09769260a9383a8ab9e91afb296a0a333bf8cdc64953355a3f9e5d42d9f7c93", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "af24aa4f0e9e7d9fec478f947416cbd9c2d59edf1328751c6fec455ffc19922f", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "a931c4362fad2ef89d007907998e3ef81942a10145dcf03202b4419555510c96", "be5b564ddfeda87835d7d31097aa38074c55e1a818013fb06705d8c8ddd4a8c4", "bec55860390620b090a2457b70c2cc2f49cfeb441768ac83cc927a8b4222c227", "a18e8c0e01970e4cdf576876b0f60fe1bdcc2f76c22e5a2c2b03446715361856", "030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "dc80131c12afcd22ab85fe19fbde17cc4f106110c663dc4a502d4d5d7417ffd4", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "77c051db85560463ac492207d40c9aa759d0c7fc94163ab7229404867faf8602", "6ccf58ab83888b010a8f76241e3f5bac40bf054adadfce715286ea586ba07732", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "75810a8bdfd2dbaca933ac6905c97fb3fd92105f8b9b45e50a6814a6a56bad57", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "a90f5060ac0d35cf6b5cb767cac6368b97b73ec86fc12bf00ca65f827d5b791a", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "f0b2245ab889d21657da457f953f243c382d4329c773a12ecc23899a3c15e10c", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2"], "mitre_attack_tags": ["TA0005", "T1089"]}, {"bi": "windows-speech-api", "hashes": ["503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "f6ed688552feaf715791d416620d98165338df46e906443499a92129ee3dd0c4", "97b154ff0390490b11098facc517dbd3a12567a069d6e02b14ffb9f6105221be", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "9350c01f8ab3d6b8970d908d66169f6f78cb491b77e2c6f9cffd61f2128ccdc4", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe", "ace5a39502e7d9a6a1b3f5159778432021ef7faa7c3bb883721d7193d65a3ad7", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "a396f993d0f91e05b5ec09b1b507ac0dac36e33092bf5fd878bcaecde40ea716", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "e09769260a9383a8ab9e91afb296a0a333bf8cdc64953355a3f9e5d42d9f7c93", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "af24aa4f0e9e7d9fec478f947416cbd9c2d59edf1328751c6fec455ffc19922f", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "a931c4362fad2ef89d007907998e3ef81942a10145dcf03202b4419555510c96", "be5b564ddfeda87835d7d31097aa38074c55e1a818013fb06705d8c8ddd4a8c4", "bec55860390620b090a2457b70c2cc2f49cfeb441768ac83cc927a8b4222c227", "a18e8c0e01970e4cdf576876b0f60fe1bdcc2f76c22e5a2c2b03446715361856", "030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "dc80131c12afcd22ab85fe19fbde17cc4f106110c663dc4a502d4d5d7417ffd4", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "77c051db85560463ac492207d40c9aa759d0c7fc94163ab7229404867faf8602", "6ccf58ab83888b010a8f76241e3f5bac40bf054adadfce715286ea586ba07732", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "75810a8bdfd2dbaca933ac6905c97fb3fd92105f8b9b45e50a6814a6a56bad57", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "a90f5060ac0d35cf6b5cb767cac6368b97b73ec86fc12bf00ca65f827d5b791a", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "f0b2245ab889d21657da457f953f243c382d4329c773a12ecc23899a3c15e10c", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2"], "mitre_attack_tags": ["TA0040", "T1491"]}, {"bi": "process-deletes-many-files", "hashes": ["503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "f6ed688552feaf715791d416620d98165338df46e906443499a92129ee3dd0c4", "97b154ff0390490b11098facc517dbd3a12567a069d6e02b14ffb9f6105221be", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "9350c01f8ab3d6b8970d908d66169f6f78cb491b77e2c6f9cffd61f2128ccdc4", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe", "ace5a39502e7d9a6a1b3f5159778432021ef7faa7c3bb883721d7193d65a3ad7", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "a396f993d0f91e05b5ec09b1b507ac0dac36e33092bf5fd878bcaecde40ea716", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "e09769260a9383a8ab9e91afb296a0a333bf8cdc64953355a3f9e5d42d9f7c93", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "af24aa4f0e9e7d9fec478f947416cbd9c2d59edf1328751c6fec455ffc19922f", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "a931c4362fad2ef89d007907998e3ef81942a10145dcf03202b4419555510c96", "be5b564ddfeda87835d7d31097aa38074c55e1a818013fb06705d8c8ddd4a8c4", "bec55860390620b090a2457b70c2cc2f49cfeb441768ac83cc927a8b4222c227", "a18e8c0e01970e4cdf576876b0f60fe1bdcc2f76c22e5a2c2b03446715361856", "030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "dc80131c12afcd22ab85fe19fbde17cc4f106110c663dc4a502d4d5d7417ffd4", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "77c051db85560463ac492207d40c9aa759d0c7fc94163ab7229404867faf8602", "6ccf58ab83888b010a8f76241e3f5bac40bf054adadfce715286ea586ba07732", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "75810a8bdfd2dbaca933ac6905c97fb3fd92105f8b9b45e50a6814a6a56bad57", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "a90f5060ac0d35cf6b5cb767cac6368b97b73ec86fc12bf00ca65f827d5b791a", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "f0b2245ab889d21657da457f953f243c382d4329c773a12ecc23899a3c15e10c", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2"], "mitre_attack_tags": []}, {"bi": "randomly-named-files", "hashes": ["503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "f6ed688552feaf715791d416620d98165338df46e906443499a92129ee3dd0c4", "97b154ff0390490b11098facc517dbd3a12567a069d6e02b14ffb9f6105221be", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "9350c01f8ab3d6b8970d908d66169f6f78cb491b77e2c6f9cffd61f2128ccdc4", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe", "ace5a39502e7d9a6a1b3f5159778432021ef7faa7c3bb883721d7193d65a3ad7", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "a396f993d0f91e05b5ec09b1b507ac0dac36e33092bf5fd878bcaecde40ea716", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "e09769260a9383a8ab9e91afb296a0a333bf8cdc64953355a3f9e5d42d9f7c93", "af24aa4f0e9e7d9fec478f947416cbd9c2d59edf1328751c6fec455ffc19922f", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "a931c4362fad2ef89d007907998e3ef81942a10145dcf03202b4419555510c96", "be5b564ddfeda87835d7d31097aa38074c55e1a818013fb06705d8c8ddd4a8c4", "bec55860390620b090a2457b70c2cc2f49cfeb441768ac83cc927a8b4222c227", "a18e8c0e01970e4cdf576876b0f60fe1bdcc2f76c22e5a2c2b03446715361856", "030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "77c051db85560463ac492207d40c9aa759d0c7fc94163ab7229404867faf8602", "6ccf58ab83888b010a8f76241e3f5bac40bf054adadfce715286ea586ba07732", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "75810a8bdfd2dbaca933ac6905c97fb3fd92105f8b9b45e50a6814a6a56bad57", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "a90f5060ac0d35cf6b5cb767cac6368b97b73ec86fc12bf00ca65f827d5b791a", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "f0b2245ab889d21657da457f953f243c382d4329c773a12ecc23899a3c15e10c", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "network-file-downloaded-to-disk", "hashes": ["503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "f6ed688552feaf715791d416620d98165338df46e906443499a92129ee3dd0c4", "97b154ff0390490b11098facc517dbd3a12567a069d6e02b14ffb9f6105221be", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "9350c01f8ab3d6b8970d908d66169f6f78cb491b77e2c6f9cffd61f2128ccdc4", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe", "ace5a39502e7d9a6a1b3f5159778432021ef7faa7c3bb883721d7193d65a3ad7", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "a396f993d0f91e05b5ec09b1b507ac0dac36e33092bf5fd878bcaecde40ea716", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "e09769260a9383a8ab9e91afb296a0a333bf8cdc64953355a3f9e5d42d9f7c93", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "a931c4362fad2ef89d007907998e3ef81942a10145dcf03202b4419555510c96", "bec55860390620b090a2457b70c2cc2f49cfeb441768ac83cc927a8b4222c227", "a18e8c0e01970e4cdf576876b0f60fe1bdcc2f76c22e5a2c2b03446715361856", "030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "77c051db85560463ac492207d40c9aa759d0c7fc94163ab7229404867faf8602", "6ccf58ab83888b010a8f76241e3f5bac40bf054adadfce715286ea586ba07732", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "75810a8bdfd2dbaca933ac6905c97fb3fd92105f8b9b45e50a6814a6a56bad57", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "a90f5060ac0d35cf6b5cb767cac6368b97b73ec86fc12bf00ca65f827d5b791a", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "f0b2245ab889d21657da457f953f243c382d4329c773a12ecc23899a3c15e10c", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2"], "mitre_attack_tags": []}, {"bi": "dns-query-nxdomain", "hashes": ["503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "f6ed688552feaf715791d416620d98165338df46e906443499a92129ee3dd0c4", "97b154ff0390490b11098facc517dbd3a12567a069d6e02b14ffb9f6105221be", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "9350c01f8ab3d6b8970d908d66169f6f78cb491b77e2c6f9cffd61f2128ccdc4", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe", "ace5a39502e7d9a6a1b3f5159778432021ef7faa7c3bb883721d7193d65a3ad7", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "a396f993d0f91e05b5ec09b1b507ac0dac36e33092bf5fd878bcaecde40ea716", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "e09769260a9383a8ab9e91afb296a0a333bf8cdc64953355a3f9e5d42d9f7c93", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "a931c4362fad2ef89d007907998e3ef81942a10145dcf03202b4419555510c96", "bec55860390620b090a2457b70c2cc2f49cfeb441768ac83cc927a8b4222c227", "a18e8c0e01970e4cdf576876b0f60fe1bdcc2f76c22e5a2c2b03446715361856", "030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "dc80131c12afcd22ab85fe19fbde17cc4f106110c663dc4a502d4d5d7417ffd4", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "77c051db85560463ac492207d40c9aa759d0c7fc94163ab7229404867faf8602", "6ccf58ab83888b010a8f76241e3f5bac40bf054adadfce715286ea586ba07732", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "75810a8bdfd2dbaca933ac6905c97fb3fd92105f8b9b45e50a6814a6a56bad57", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "a90f5060ac0d35cf6b5cb767cac6368b97b73ec86fc12bf00ca65f827d5b791a", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2"], "mitre_attack_tags": []}, {"bi": "network-snort-indicator-compromise", "hashes": ["503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "f6ed688552feaf715791d416620d98165338df46e906443499a92129ee3dd0c4", "97b154ff0390490b11098facc517dbd3a12567a069d6e02b14ffb9f6105221be", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "9350c01f8ab3d6b8970d908d66169f6f78cb491b77e2c6f9cffd61f2128ccdc4", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe", "ace5a39502e7d9a6a1b3f5159778432021ef7faa7c3bb883721d7193d65a3ad7", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "a396f993d0f91e05b5ec09b1b507ac0dac36e33092bf5fd878bcaecde40ea716", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "e09769260a9383a8ab9e91afb296a0a333bf8cdc64953355a3f9e5d42d9f7c93", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "a931c4362fad2ef89d007907998e3ef81942a10145dcf03202b4419555510c96", "bec55860390620b090a2457b70c2cc2f49cfeb441768ac83cc927a8b4222c227", "a18e8c0e01970e4cdf576876b0f60fe1bdcc2f76c22e5a2c2b03446715361856", "030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "dc80131c12afcd22ab85fe19fbde17cc4f106110c663dc4a502d4d5d7417ffd4", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "77c051db85560463ac492207d40c9aa759d0c7fc94163ab7229404867faf8602", "6ccf58ab83888b010a8f76241e3f5bac40bf054adadfce715286ea586ba07732", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "75810a8bdfd2dbaca933ac6905c97fb3fd92105f8b9b45e50a6814a6a56bad57", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "a90f5060ac0d35cf6b5cb767cac6368b97b73ec86fc12bf00ca65f827d5b791a", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2"], "mitre_attack_tags": []}, {"bi": "process-requested-named-pipe", "hashes": ["503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "77c051db85560463ac492207d40c9aa759d0c7fc94163ab7229404867faf8602", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2"], "mitre_attack_tags": ["TA0004", "TA0005"]}, {"bi": "deleted-submitted-file", "hashes": ["503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2"], "mitre_attack_tags": ["TA0005", "T1107"]}, {"bi": "file-pending-delete", "hashes": ["503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2"], "mitre_attack_tags": ["TA0005", "T1107"]}, {"bi": "process-taskkill", "hashes": ["503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2"], "mitre_attack_tags": ["TA0005", "T1089"]}, {"bi": "process-ping", "hashes": ["503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2"], "mitre_attack_tags": ["TA0011", "TA0007", "T1049"]}, {"bi": "process-ping-localhost", "hashes": ["503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2"], "mitre_attack_tags": ["TA0011", "TA0007", "T1016"]}, {"bi": "process-uses-localhost-traffic", "hashes": ["503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2"], "mitre_attack_tags": ["TA0005"]}, {"bi": "network-fast-flux-nameserver", "hashes": ["40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685"], "mitre_attack_tags": []}, {"bi": "process-hollowing-detected", "hashes": ["f6ed688552feaf715791d416620d98165338df46e906443499a92129ee3dd0c4", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610"], "mitre_attack_tags": ["TA0005", "T1093"]}, {"bi": "netbios-query", "hashes": ["af24aa4f0e9e7d9fec478f947416cbd9c2d59edf1328751c6fec455ffc19922f", "be5b564ddfeda87835d7d31097aa38074c55e1a818013fb06705d8c8ddd4a8c4", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "f0b2245ab889d21657da457f953f243c382d4329c773a12ecc23899a3c15e10c"], "mitre_attack_tags": []}, {"bi": "http-response-client-error", "hashes": ["af24aa4f0e9e7d9fec478f947416cbd9c2d59edf1328751c6fec455ffc19922f", "be5b564ddfeda87835d7d31097aa38074c55e1a818013fb06705d8c8ddd4a8c4", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "f0b2245ab889d21657da457f953f243c382d4329c773a12ecc23899a3c15e10c"], "mitre_attack_tags": []}, {"bi": "excessive-process-creates", "hashes": ["b5e9152ee47449245f47636e63f904cc823aa811982414715c87f9b72c994828"], "mitre_attack_tags": ["TA0002", "T1064"]}, {"bi": "windows-crash-tool-execution-detected", "hashes": ["32760a2bc2027aad6753ac794466f5a1e7ce11c18572ddffc519bea0c49b2102"], "mitre_attack_tags": []}, {"bi": "crash-dump-file-created", "hashes": ["32760a2bc2027aad6753ac794466f5a1e7ce11c18572ddffc519bea0c49b2102"], "mitre_attack_tags": []}, {"bi": "fault-report-file-created", "hashes": ["32760a2bc2027aad6753ac794466f5a1e7ce11c18572ddffc519bea0c49b2102"], "mitre_attack_tags": []}, {"bi": "potential-registry-persistence", "hashes": ["692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df"], "mitre_attack_tags": []}, {"bi": "network-snort-malware", "hashes": ["be5b564ddfeda87835d7d31097aa38074c55e1a818013fb06705d8c8ddd4a8c4"], "mitre_attack_tags": []}, {"bi": "network-snort-protocol", "hashes": ["d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae"], "mitre_attack_tags": []}, {"bi": "http-response-redirect", "hashes": ["f0b2245ab889d21657da457f953f243c382d4329c773a12ecc23899a3c15e10c"], "mitre_attack_tags": []}], "category": "Dropper", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": true, "Threat Grid": true, "Umbrella": false, "WSA": false}, "description": "Cerber is ransomware that encrypts documents, photos, databases and other important files. Historically, this malware would replace files with encrypted versions and add the file extension \".cerber,\" although in more recent campaigns, other file extensions are used.", "hashes": ["030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "32760a2bc2027aad6753ac794466f5a1e7ce11c18572ddffc519bea0c49b2102", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "6ccf58ab83888b010a8f76241e3f5bac40bf054adadfce715286ea586ba07732", "75810a8bdfd2dbaca933ac6905c97fb3fd92105f8b9b45e50a6814a6a56bad57", "77c051db85560463ac492207d40c9aa759d0c7fc94163ab7229404867faf8602", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "9350c01f8ab3d6b8970d908d66169f6f78cb491b77e2c6f9cffd61f2128ccdc4", "97b154ff0390490b11098facc517dbd3a12567a069d6e02b14ffb9f6105221be", "a18e8c0e01970e4cdf576876b0f60fe1bdcc2f76c22e5a2c2b03446715361856", "a396f993d0f91e05b5ec09b1b507ac0dac36e33092bf5fd878bcaecde40ea716", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "a90f5060ac0d35cf6b5cb767cac6368b97b73ec86fc12bf00ca65f827d5b791a", "a931c4362fad2ef89d007907998e3ef81942a10145dcf03202b4419555510c96", "ace5a39502e7d9a6a1b3f5159778432021ef7faa7c3bb883721d7193d65a3ad7", "af24aa4f0e9e7d9fec478f947416cbd9c2d59edf1328751c6fec455ffc19922f", "af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "b5e9152ee47449245f47636e63f904cc823aa811982414715c87f9b72c994828", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "be5b564ddfeda87835d7d31097aa38074c55e1a818013fb06705d8c8ddd4a8c4", "bec55860390620b090a2457b70c2cc2f49cfeb441768ac83cc927a8b4222c227", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "dc80131c12afcd22ab85fe19fbde17cc4f106110c663dc4a502d4d5d7417ffd4", "e09769260a9383a8ab9e91afb296a0a333bf8cdc64953355a3f9e5d42d9f7c93", "f0b2245ab889d21657da457f953f243c382d4329c773a12ecc23899a3c15e10c", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "f6ed688552feaf715791d416620d98165338df46e906443499a92129ee3dd0c4", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe"], "iocs": {"domain": [{"hashes": ["030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "6ccf58ab83888b010a8f76241e3f5bac40bf054adadfce715286ea586ba07732", "75810a8bdfd2dbaca933ac6905c97fb3fd92105f8b9b45e50a6814a6a56bad57", "77c051db85560463ac492207d40c9aa759d0c7fc94163ab7229404867faf8602", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "9350c01f8ab3d6b8970d908d66169f6f78cb491b77e2c6f9cffd61f2128ccdc4", "97b154ff0390490b11098facc517dbd3a12567a069d6e02b14ffb9f6105221be", "a18e8c0e01970e4cdf576876b0f60fe1bdcc2f76c22e5a2c2b03446715361856", "a396f993d0f91e05b5ec09b1b507ac0dac36e33092bf5fd878bcaecde40ea716", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "a90f5060ac0d35cf6b5cb767cac6368b97b73ec86fc12bf00ca65f827d5b791a", "a931c4362fad2ef89d007907998e3ef81942a10145dcf03202b4419555510c96", "ace5a39502e7d9a6a1b3f5159778432021ef7faa7c3bb883721d7193d65a3ad7", "af24aa4f0e9e7d9fec478f947416cbd9c2d59edf1328751c6fec455ffc19922f", "af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "be5b564ddfeda87835d7d31097aa38074c55e1a818013fb06705d8c8ddd4a8c4", "bec55860390620b090a2457b70c2cc2f49cfeb441768ac83cc927a8b4222c227", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "dc80131c12afcd22ab85fe19fbde17cc4f106110c663dc4a502d4d5d7417ffd4", "e09769260a9383a8ab9e91afb296a0a333bf8cdc64953355a3f9e5d42d9f7c93", "f0b2245ab889d21657da457f953f243c382d4329c773a12ecc23899a3c15e10c", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "f6ed688552feaf715791d416620d98165338df46e906443499a92129ee3dd0c4", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe"], "host": "api[.]blockcypher[.]com"}, {"hashes": ["030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "6ccf58ab83888b010a8f76241e3f5bac40bf054adadfce715286ea586ba07732", "75810a8bdfd2dbaca933ac6905c97fb3fd92105f8b9b45e50a6814a6a56bad57", "77c051db85560463ac492207d40c9aa759d0c7fc94163ab7229404867faf8602", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "9350c01f8ab3d6b8970d908d66169f6f78cb491b77e2c6f9cffd61f2128ccdc4", "97b154ff0390490b11098facc517dbd3a12567a069d6e02b14ffb9f6105221be", "a18e8c0e01970e4cdf576876b0f60fe1bdcc2f76c22e5a2c2b03446715361856", "a396f993d0f91e05b5ec09b1b507ac0dac36e33092bf5fd878bcaecde40ea716", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "a90f5060ac0d35cf6b5cb767cac6368b97b73ec86fc12bf00ca65f827d5b791a", "a931c4362fad2ef89d007907998e3ef81942a10145dcf03202b4419555510c96", "ace5a39502e7d9a6a1b3f5159778432021ef7faa7c3bb883721d7193d65a3ad7", "af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "bec55860390620b090a2457b70c2cc2f49cfeb441768ac83cc927a8b4222c227", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "dc80131c12afcd22ab85fe19fbde17cc4f106110c663dc4a502d4d5d7417ffd4", "e09769260a9383a8ab9e91afb296a0a333bf8cdc64953355a3f9e5d42d9f7c93", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "f6ed688552feaf715791d416620d98165338df46e906443499a92129ee3dd0c4", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe"], "host": "hjhqmbxyinislkkt[.]1j9r76[.]top"}, {"hashes": ["08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2"], "host": "bitaps[.]com"}, {"hashes": ["08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2"], "host": "btc[.]blockr[.]io"}, {"hashes": ["08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610"], "host": "chain[.]so"}], "file": [{"hashes": ["030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "6ccf58ab83888b010a8f76241e3f5bac40bf054adadfce715286ea586ba07732", "75810a8bdfd2dbaca933ac6905c97fb3fd92105f8b9b45e50a6814a6a56bad57", "77c051db85560463ac492207d40c9aa759d0c7fc94163ab7229404867faf8602", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "9350c01f8ab3d6b8970d908d66169f6f78cb491b77e2c6f9cffd61f2128ccdc4", "97b154ff0390490b11098facc517dbd3a12567a069d6e02b14ffb9f6105221be", "a18e8c0e01970e4cdf576876b0f60fe1bdcc2f76c22e5a2c2b03446715361856", "a396f993d0f91e05b5ec09b1b507ac0dac36e33092bf5fd878bcaecde40ea716", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "a90f5060ac0d35cf6b5cb767cac6368b97b73ec86fc12bf00ca65f827d5b791a", "a931c4362fad2ef89d007907998e3ef81942a10145dcf03202b4419555510c96", "ace5a39502e7d9a6a1b3f5159778432021ef7faa7c3bb883721d7193d65a3ad7", "af24aa4f0e9e7d9fec478f947416cbd9c2d59edf1328751c6fec455ffc19922f", "af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "be5b564ddfeda87835d7d31097aa38074c55e1a818013fb06705d8c8ddd4a8c4", "bec55860390620b090a2457b70c2cc2f49cfeb441768ac83cc927a8b4222c227", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "dc80131c12afcd22ab85fe19fbde17cc4f106110c663dc4a502d4d5d7417ffd4", "e09769260a9383a8ab9e91afb296a0a333bf8cdc64953355a3f9e5d42d9f7c93", "f0b2245ab889d21657da457f953f243c382d4329c773a12ecc23899a3c15e10c", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "f6ed688552feaf715791d416620d98165338df46e906443499a92129ee3dd0c4", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe"], "path": "%TEMP%\\~PI<random, matching [A-F0-9]{2,4}>.tmp"}, {"hashes": ["030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "6ccf58ab83888b010a8f76241e3f5bac40bf054adadfce715286ea586ba07732", "75810a8bdfd2dbaca933ac6905c97fb3fd92105f8b9b45e50a6814a6a56bad57", "77c051db85560463ac492207d40c9aa759d0c7fc94163ab7229404867faf8602", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "9350c01f8ab3d6b8970d908d66169f6f78cb491b77e2c6f9cffd61f2128ccdc4", "97b154ff0390490b11098facc517dbd3a12567a069d6e02b14ffb9f6105221be", "a18e8c0e01970e4cdf576876b0f60fe1bdcc2f76c22e5a2c2b03446715361856", "a396f993d0f91e05b5ec09b1b507ac0dac36e33092bf5fd878bcaecde40ea716", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "a90f5060ac0d35cf6b5cb767cac6368b97b73ec86fc12bf00ca65f827d5b791a", "a931c4362fad2ef89d007907998e3ef81942a10145dcf03202b4419555510c96", "ace5a39502e7d9a6a1b3f5159778432021ef7faa7c3bb883721d7193d65a3ad7", "af24aa4f0e9e7d9fec478f947416cbd9c2d59edf1328751c6fec455ffc19922f", "af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "be5b564ddfeda87835d7d31097aa38074c55e1a818013fb06705d8c8ddd4a8c4", "bec55860390620b090a2457b70c2cc2f49cfeb441768ac83cc927a8b4222c227", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "dc80131c12afcd22ab85fe19fbde17cc4f106110c663dc4a502d4d5d7417ffd4", "e09769260a9383a8ab9e91afb296a0a333bf8cdc64953355a3f9e5d42d9f7c93", "f0b2245ab889d21657da457f953f243c382d4329c773a12ecc23899a3c15e10c", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "f6ed688552feaf715791d416620d98165338df46e906443499a92129ee3dd0c4", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe"], "path": "%TEMP%\\tmp<random, matching [A-F0-9]{1,4}>.tmp"}, {"hashes": ["030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "6ccf58ab83888b010a8f76241e3f5bac40bf054adadfce715286ea586ba07732", "75810a8bdfd2dbaca933ac6905c97fb3fd92105f8b9b45e50a6814a6a56bad57", "77c051db85560463ac492207d40c9aa759d0c7fc94163ab7229404867faf8602", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "9350c01f8ab3d6b8970d908d66169f6f78cb491b77e2c6f9cffd61f2128ccdc4", "97b154ff0390490b11098facc517dbd3a12567a069d6e02b14ffb9f6105221be", "a18e8c0e01970e4cdf576876b0f60fe1bdcc2f76c22e5a2c2b03446715361856", "a396f993d0f91e05b5ec09b1b507ac0dac36e33092bf5fd878bcaecde40ea716", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "a90f5060ac0d35cf6b5cb767cac6368b97b73ec86fc12bf00ca65f827d5b791a", "a931c4362fad2ef89d007907998e3ef81942a10145dcf03202b4419555510c96", "ace5a39502e7d9a6a1b3f5159778432021ef7faa7c3bb883721d7193d65a3ad7", "af24aa4f0e9e7d9fec478f947416cbd9c2d59edf1328751c6fec455ffc19922f", "af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "be5b564ddfeda87835d7d31097aa38074c55e1a818013fb06705d8c8ddd4a8c4", "bec55860390620b090a2457b70c2cc2f49cfeb441768ac83cc927a8b4222c227", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "dc80131c12afcd22ab85fe19fbde17cc4f106110c663dc4a502d4d5d7417ffd4", "e09769260a9383a8ab9e91afb296a0a333bf8cdc64953355a3f9e5d42d9f7c93", "f0b2245ab889d21657da457f953f243c382d4329c773a12ecc23899a3c15e10c", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "f6ed688552feaf715791d416620d98165338df46e906443499a92129ee3dd0c4", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe"], "path": "%TEMP%\\tmp<random, matching [A-F0-9]{1,4}>.bmp"}, {"hashes": ["030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df"], "path": "%TEMP%\\tmp1.bmp"}, {"hashes": ["030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df"], "path": "<dir>\\<random, matching [A-Z0-9\\-]{10}.[A-F0-9]{4}> (copy)"}, {"hashes": ["af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536"], "path": "%HOMEPATH%\\documents\\onenote notebooks\\personal\\_HELP_HELP_HELP_SNPKDBK_.png"}, {"hashes": ["af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536"], "path": "%HOMEPATH%\\documents\\onenote notebooks\\personal\\_HELP_HELP_HELP_SYYVWGS_.hta"}, {"hashes": ["af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536"], "path": "%HOMEPATH%\\documents\\outlook files\\_HELP_HELP_HELP_J9S2I2U_.hta"}, {"hashes": ["af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536"], "path": "%HOMEPATH%\\documents\\outlook files\\_HELP_HELP_HELP_SIZO8YZ_.png"}], "ip": [{"hashes": ["030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "6ccf58ab83888b010a8f76241e3f5bac40bf054adadfce715286ea586ba07732", "75810a8bdfd2dbaca933ac6905c97fb3fd92105f8b9b45e50a6814a6a56bad57", "77c051db85560463ac492207d40c9aa759d0c7fc94163ab7229404867faf8602", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "9350c01f8ab3d6b8970d908d66169f6f78cb491b77e2c6f9cffd61f2128ccdc4", "97b154ff0390490b11098facc517dbd3a12567a069d6e02b14ffb9f6105221be", "a18e8c0e01970e4cdf576876b0f60fe1bdcc2f76c22e5a2c2b03446715361856", "a396f993d0f91e05b5ec09b1b507ac0dac36e33092bf5fd878bcaecde40ea716", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "a90f5060ac0d35cf6b5cb767cac6368b97b73ec86fc12bf00ca65f827d5b791a", "a931c4362fad2ef89d007907998e3ef81942a10145dcf03202b4419555510c96", "ace5a39502e7d9a6a1b3f5159778432021ef7faa7c3bb883721d7193d65a3ad7", "af24aa4f0e9e7d9fec478f947416cbd9c2d59edf1328751c6fec455ffc19922f", "af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "be5b564ddfeda87835d7d31097aa38074c55e1a818013fb06705d8c8ddd4a8c4", "bec55860390620b090a2457b70c2cc2f49cfeb441768ac83cc927a8b4222c227", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "dc80131c12afcd22ab85fe19fbde17cc4f106110c663dc4a502d4d5d7417ffd4", "e09769260a9383a8ab9e91afb296a0a333bf8cdc64953355a3f9e5d42d9f7c93", "f0b2245ab889d21657da457f953f243c382d4329c773a12ecc23899a3c15e10c", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "f6ed688552feaf715791d416620d98165338df46e906443499a92129ee3dd0c4", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe"], "ip": "91[.]119[.]216[.]0/27"}, {"hashes": ["030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "6ccf58ab83888b010a8f76241e3f5bac40bf054adadfce715286ea586ba07732", "75810a8bdfd2dbaca933ac6905c97fb3fd92105f8b9b45e50a6814a6a56bad57", "77c051db85560463ac492207d40c9aa759d0c7fc94163ab7229404867faf8602", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "9350c01f8ab3d6b8970d908d66169f6f78cb491b77e2c6f9cffd61f2128ccdc4", "97b154ff0390490b11098facc517dbd3a12567a069d6e02b14ffb9f6105221be", "a18e8c0e01970e4cdf576876b0f60fe1bdcc2f76c22e5a2c2b03446715361856", "a396f993d0f91e05b5ec09b1b507ac0dac36e33092bf5fd878bcaecde40ea716", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "a90f5060ac0d35cf6b5cb767cac6368b97b73ec86fc12bf00ca65f827d5b791a", "a931c4362fad2ef89d007907998e3ef81942a10145dcf03202b4419555510c96", "ace5a39502e7d9a6a1b3f5159778432021ef7faa7c3bb883721d7193d65a3ad7", "af24aa4f0e9e7d9fec478f947416cbd9c2d59edf1328751c6fec455ffc19922f", "af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "be5b564ddfeda87835d7d31097aa38074c55e1a818013fb06705d8c8ddd4a8c4", "bec55860390620b090a2457b70c2cc2f49cfeb441768ac83cc927a8b4222c227", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "dc80131c12afcd22ab85fe19fbde17cc4f106110c663dc4a502d4d5d7417ffd4", "e09769260a9383a8ab9e91afb296a0a333bf8cdc64953355a3f9e5d42d9f7c93", "f0b2245ab889d21657da457f953f243c382d4329c773a12ecc23899a3c15e10c", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "f6ed688552feaf715791d416620d98165338df46e906443499a92129ee3dd0c4", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe"], "ip": "91[.]120[.]216[.]0/27"}, {"hashes": ["030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "6ccf58ab83888b010a8f76241e3f5bac40bf054adadfce715286ea586ba07732", "75810a8bdfd2dbaca933ac6905c97fb3fd92105f8b9b45e50a6814a6a56bad57", "77c051db85560463ac492207d40c9aa759d0c7fc94163ab7229404867faf8602", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "9350c01f8ab3d6b8970d908d66169f6f78cb491b77e2c6f9cffd61f2128ccdc4", "97b154ff0390490b11098facc517dbd3a12567a069d6e02b14ffb9f6105221be", "a18e8c0e01970e4cdf576876b0f60fe1bdcc2f76c22e5a2c2b03446715361856", "a396f993d0f91e05b5ec09b1b507ac0dac36e33092bf5fd878bcaecde40ea716", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "a90f5060ac0d35cf6b5cb767cac6368b97b73ec86fc12bf00ca65f827d5b791a", "a931c4362fad2ef89d007907998e3ef81942a10145dcf03202b4419555510c96", "ace5a39502e7d9a6a1b3f5159778432021ef7faa7c3bb883721d7193d65a3ad7", "af24aa4f0e9e7d9fec478f947416cbd9c2d59edf1328751c6fec455ffc19922f", "af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "be5b564ddfeda87835d7d31097aa38074c55e1a818013fb06705d8c8ddd4a8c4", "bec55860390620b090a2457b70c2cc2f49cfeb441768ac83cc927a8b4222c227", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "dc80131c12afcd22ab85fe19fbde17cc4f106110c663dc4a502d4d5d7417ffd4", "e09769260a9383a8ab9e91afb296a0a333bf8cdc64953355a3f9e5d42d9f7c93", "f0b2245ab889d21657da457f953f243c382d4329c773a12ecc23899a3c15e10c", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "f6ed688552feaf715791d416620d98165338df46e906443499a92129ee3dd0c4", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe"], "ip": "91[.]121[.]216[.]0/25"}, {"hashes": ["030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "75810a8bdfd2dbaca933ac6905c97fb3fd92105f8b9b45e50a6814a6a56bad57", "97b154ff0390490b11098facc517dbd3a12567a069d6e02b14ffb9f6105221be", "a18e8c0e01970e4cdf576876b0f60fe1bdcc2f76c22e5a2c2b03446715361856", "a90f5060ac0d35cf6b5cb767cac6368b97b73ec86fc12bf00ca65f827d5b791a", "a931c4362fad2ef89d007907998e3ef81942a10145dcf03202b4419555510c96", "af24aa4f0e9e7d9fec478f947416cbd9c2d59edf1328751c6fec455ffc19922f", "af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "be5b564ddfeda87835d7d31097aa38074c55e1a818013fb06705d8c8ddd4a8c4", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "dc80131c12afcd22ab85fe19fbde17cc4f106110c663dc4a502d4d5d7417ffd4", "e09769260a9383a8ab9e91afb296a0a333bf8cdc64953355a3f9e5d42d9f7c93", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "f6ed688552feaf715791d416620d98165338df46e906443499a92129ee3dd0c4"], "ip": "104[.]20[.]20[.]251"}, {"hashes": ["08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df"], "ip": "104[.]20[.]21[.]251"}, {"hashes": ["08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2"], "ip": "178[.]128[.]255[.]179"}, {"hashes": ["08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610"], "ip": "104[.]24[.]104[.]254"}, {"hashes": ["08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8"], "ip": "104[.]24[.]105[.]254"}], "mutex": [{"hashes": ["030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "6ccf58ab83888b010a8f76241e3f5bac40bf054adadfce715286ea586ba07732", "75810a8bdfd2dbaca933ac6905c97fb3fd92105f8b9b45e50a6814a6a56bad57", "77c051db85560463ac492207d40c9aa759d0c7fc94163ab7229404867faf8602", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "9350c01f8ab3d6b8970d908d66169f6f78cb491b77e2c6f9cffd61f2128ccdc4", "97b154ff0390490b11098facc517dbd3a12567a069d6e02b14ffb9f6105221be", "a18e8c0e01970e4cdf576876b0f60fe1bdcc2f76c22e5a2c2b03446715361856", "a396f993d0f91e05b5ec09b1b507ac0dac36e33092bf5fd878bcaecde40ea716", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "a90f5060ac0d35cf6b5cb767cac6368b97b73ec86fc12bf00ca65f827d5b791a", "a931c4362fad2ef89d007907998e3ef81942a10145dcf03202b4419555510c96", "ace5a39502e7d9a6a1b3f5159778432021ef7faa7c3bb883721d7193d65a3ad7", "af24aa4f0e9e7d9fec478f947416cbd9c2d59edf1328751c6fec455ffc19922f", "af6155f305e6b2e33ed9248fa7e49ee3c7732193bf9db09605f253e69bbf6536", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "be5b564ddfeda87835d7d31097aa38074c55e1a818013fb06705d8c8ddd4a8c4", "bec55860390620b090a2457b70c2cc2f49cfeb441768ac83cc927a8b4222c227", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "dc80131c12afcd22ab85fe19fbde17cc4f106110c663dc4a502d4d5d7417ffd4", "e09769260a9383a8ab9e91afb296a0a333bf8cdc64953355a3f9e5d42d9f7c93", "f0b2245ab889d21657da457f953f243c382d4329c773a12ecc23899a3c15e10c", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "f6ed688552feaf715791d416620d98165338df46e906443499a92129ee3dd0c4", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe"], "name": "shell.{381828AA-8B28-3374-1B67-35680555C5EF}"}, {"hashes": ["030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "0c2d5a70bfe45e1e6aac52d34bbf70a9cb6153fb99b818f8ef61a3ff5387ecb5", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "19d24c768b69400dce41a0a7327300bfb75623c7964402c489076d8883f407a9", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "3a158403189764706be588d574e49e56cfeafbf74565c437fff8b969e3082971", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "47d8710e3d8099696c30244a5eca7038535880f6507f8c51e08925d6eecb133b", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df"], "name": "shell.{<random GUID>}"}, {"hashes": ["32760a2bc2027aad6753ac794466f5a1e7ce11c18572ddffc519bea0c49b2102"], "name": "Global\\6b815c81-9212-11ea-a007-00501e3ae7b5"}], "registry": [{"hashes": ["030da94697aaf3e2a6d6d2641d13f7b904d3d7d4632193fcf6419f0001555056", "08c4a7479a7d4e5ca2e332dae67cd6c1c63674a7db8c189f796f3fa305861c9e", "10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "10c16ff5cf45caa2763721045177178065e86eafdcbba917c56521c05d787b0e", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "335224a87e53a3c62dc603b9401cb96b5fce3e3cd7e9914ad0f9453141efb610", "338a6d6cc52102fecc98b13a9ffee862dcdc443756280c91cd60f6970a343499", "3492f403598de11042702d7ca31aeec24227482a7fd9d6e6cb6ff203ca56ff86", "3cf34622d9a34f1a3d05913cdc4b9112712e8320bbccf7f54c425385f6404cd0", "40cb9de3324e1da1d8a1924bb7b0c48eae3539af8a2dfbc121fec7920602724c", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "4c3e6d79944e0d472c377778ff330ee917f737030e3a5e8ae76abe4440da02b9", "503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "52b5e477b0869b7cfe8fa990c4596fea66eec0a33266773e49b4c18cd6f0128d", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2", "692a47e02184c9f4da058612bed40bcfa3db2e3eb6f3e27622ef8682a59676df", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\CONTROL\\SESSION MANAGER", "value_name": null}, {"hashes": ["10a97b9851f0b96bc79d6cb78002073dd8e4c7a2a3a78807ed0c65a2033bea4c", "1684b5d1e5bfdd4a8ce68bb29f9129b35f6fcf5795968ce229a0fbdc1fd853c6", "1e51e458a28dff7fdd9e558d48d5119273ffab1c840a6ae199b9358b6047daef", "21ec7062346070b04e5cce8d75d0aa4596660cc9dc12310433a595668e1278ef", "3155982b06aa4f5c63cb6fd26c0ee20fba89731799d2e7419bfd89fad18851f8", "44dbb11614fbd98c67f0e2ded85df9b207876632b6f29bfb2805928a0eba2a00", "503dd04d9b09ffc5082e0235f17395e8abaaebc7ecfd83ac3dff1342bafbcff1", "5e986617480d5d3bb290446a69536aa30b1bf67fc61e6c0ea51c50d389cc8685", "62c6c40194bc92bfc179047c1dce07e95e3885825049362337b27c86f1e9e0b2", "7b3466b2719ef3a9f9f0ca8fb80c0adc1c03bff6bd421a205d1b5aa2ef181040", "8bafd19dc590995226cc1766416a04dc9b7924e3977ea7a48b3ac8cc54ff1262", "a82909405a97943dbf7c0f34821aae3da8d54f4dc1fb9c609d3e30cf07711c33", "b106200d29203c3254d99da47e15d8812655b0f7254d8c7690959d2a60064af9", "b814e1f742aac254a3ed254dc91d6177de1398b0ebfdd58bd3d38e13f75f424e", "bfbdad546de20a03d94cc8c065351316ce0f72d632e6831384acb8aa0deb2534", "c7eef1b4f15f565159cd3bd45142ccb6f8076304a12c5b5894f82118d7d31b8d", "d027dcc0d6c0a1fd1553b35be9934d0ea4dacc6b7e0ff304ba1231a0d7b416ae", "d50f8b94e3302bc5eff04d4688e729d17f494b4e6a16267b0017a97a2340f1ae", "d6441a79c5e05ef259fc6e71d6b987e6e9d851bcdae1350a170a535539b11b68", "da6852fc8e8d68649c4b2175cdc5accb52f388884e97da2ec024e164017a0feb", "f0b70591ff31fbf68a9512e590efc792385925bda954351fca230e04eccd3437", "fd10431dc8bc60ca5a0ce7701679f1de14145c363f005cfd3f318dd2fb01a8fe"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\CONTROL\\SESSION MANAGER", "value_name": "PendingFileRenameOperations"}]}, "reports_count": 57}, "Win.Dropper.NetWire-7780725-0": {"bis": [{"bi": "antivirus-flagged-artifact", "hashes": ["896adbf9a4018128b1295faa207516bc475a6cdad2b7fa585cbbac253fd0deb0", "279445da8550fc340c331a0b89cf9f3ead448fe314924756530705e40d2a3513", "0c160ffe91806918208577a7d1b067fee75cb3e4c970f8a909ed1aa002c2aebd", "38b94bc25a46ecdc84963f75e03f9ba7808ba426d441f171ddc1e6dddfd5e1d5", "5015d8750e859583ba4c3d6aa355284f6b44ec7505f3ab7201f9df5c4814bf38", "782c64520ae22eabd8e0ef08455b5d4c9c5b7903e9de019c5cee47e1a1c16078", "2a799f1af67ebaf500f6d8d19c5489c915f7a4941dd8ee23abb59f1267cb2cac", "a43399c374e22eede9bca6e264b831992d5ffef4173d0b77d69f0c43490ebbe3", "bdf245b157a86482c078d31e9534aeaf13f66b2f12a39d48d2c0ddee0daa48e1", "47918cc8704b6e78e2a923e5caece4d91cc023d3f1e21a435c01403b46437439", "f9f9e5754be1c15cd0e5f704126dbcebdb3b23750b9f71917a609cb8809ea66d", "95279e78094878be2c6743008e9faca5bba8a525173f1dfaa96c07aa6d2efb4e", "0a8dcb1a894f3fcc59b6fb97092d894df9d74f0ad2421ff97f02f6933390c007", "2b21ce5da9858140838cc3a5fc8c514e4120aa12ddc3c772e3d81b5fa5c8ca92"], "mitre_attack_tags": []}, {"bi": "memory-execute-readwrite", "hashes": ["896adbf9a4018128b1295faa207516bc475a6cdad2b7fa585cbbac253fd0deb0", "279445da8550fc340c331a0b89cf9f3ead448fe314924756530705e40d2a3513", "0c160ffe91806918208577a7d1b067fee75cb3e4c970f8a909ed1aa002c2aebd", "38b94bc25a46ecdc84963f75e03f9ba7808ba426d441f171ddc1e6dddfd5e1d5", "5015d8750e859583ba4c3d6aa355284f6b44ec7505f3ab7201f9df5c4814bf38", "782c64520ae22eabd8e0ef08455b5d4c9c5b7903e9de019c5cee47e1a1c16078", "2a799f1af67ebaf500f6d8d19c5489c915f7a4941dd8ee23abb59f1267cb2cac", "a43399c374e22eede9bca6e264b831992d5ffef4173d0b77d69f0c43490ebbe3", "bdf245b157a86482c078d31e9534aeaf13f66b2f12a39d48d2c0ddee0daa48e1", "47918cc8704b6e78e2a923e5caece4d91cc023d3f1e21a435c01403b46437439", "f9f9e5754be1c15cd0e5f704126dbcebdb3b23750b9f71917a609cb8809ea66d", "95279e78094878be2c6743008e9faca5bba8a525173f1dfaa96c07aa6d2efb4e", "0a8dcb1a894f3fcc59b6fb97092d894df9d74f0ad2421ff97f02f6933390c007", "2b21ce5da9858140838cc3a5fc8c514e4120aa12ddc3c772e3d81b5fa5c8ca92"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055", "T1181"]}, {"bi": "modified-executable", "hashes": ["896adbf9a4018128b1295faa207516bc475a6cdad2b7fa585cbbac253fd0deb0", "279445da8550fc340c331a0b89cf9f3ead448fe314924756530705e40d2a3513", "0c160ffe91806918208577a7d1b067fee75cb3e4c970f8a909ed1aa002c2aebd", "38b94bc25a46ecdc84963f75e03f9ba7808ba426d441f171ddc1e6dddfd5e1d5", "5015d8750e859583ba4c3d6aa355284f6b44ec7505f3ab7201f9df5c4814bf38", "782c64520ae22eabd8e0ef08455b5d4c9c5b7903e9de019c5cee47e1a1c16078", "2a799f1af67ebaf500f6d8d19c5489c915f7a4941dd8ee23abb59f1267cb2cac", "a43399c374e22eede9bca6e264b831992d5ffef4173d0b77d69f0c43490ebbe3", "bdf245b157a86482c078d31e9534aeaf13f66b2f12a39d48d2c0ddee0daa48e1", "47918cc8704b6e78e2a923e5caece4d91cc023d3f1e21a435c01403b46437439", "f9f9e5754be1c15cd0e5f704126dbcebdb3b23750b9f71917a609cb8809ea66d", "95279e78094878be2c6743008e9faca5bba8a525173f1dfaa96c07aa6d2efb4e", "0a8dcb1a894f3fcc59b6fb97092d894df9d74f0ad2421ff97f02f6933390c007", "2b21ce5da9858140838cc3a5fc8c514e4120aa12ddc3c772e3d81b5fa5c8ca92"], "mitre_attack_tags": []}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["896adbf9a4018128b1295faa207516bc475a6cdad2b7fa585cbbac253fd0deb0", "279445da8550fc340c331a0b89cf9f3ead448fe314924756530705e40d2a3513", "0c160ffe91806918208577a7d1b067fee75cb3e4c970f8a909ed1aa002c2aebd", "38b94bc25a46ecdc84963f75e03f9ba7808ba426d441f171ddc1e6dddfd5e1d5", "5015d8750e859583ba4c3d6aa355284f6b44ec7505f3ab7201f9df5c4814bf38", "782c64520ae22eabd8e0ef08455b5d4c9c5b7903e9de019c5cee47e1a1c16078", "2a799f1af67ebaf500f6d8d19c5489c915f7a4941dd8ee23abb59f1267cb2cac", "a43399c374e22eede9bca6e264b831992d5ffef4173d0b77d69f0c43490ebbe3", "bdf245b157a86482c078d31e9534aeaf13f66b2f12a39d48d2c0ddee0daa48e1", "47918cc8704b6e78e2a923e5caece4d91cc023d3f1e21a435c01403b46437439", "f9f9e5754be1c15cd0e5f704126dbcebdb3b23750b9f71917a609cb8809ea66d", "95279e78094878be2c6743008e9faca5bba8a525173f1dfaa96c07aa6d2efb4e", "0a8dcb1a894f3fcc59b6fb97092d894df9d74f0ad2421ff97f02f6933390c007", "2b21ce5da9858140838cc3a5fc8c514e4120aa12ddc3c772e3d81b5fa5c8ca92"], "mitre_attack_tags": []}, {"bi": "pe-invalid-checksum", "hashes": ["896adbf9a4018128b1295faa207516bc475a6cdad2b7fa585cbbac253fd0deb0", "279445da8550fc340c331a0b89cf9f3ead448fe314924756530705e40d2a3513", "0c160ffe91806918208577a7d1b067fee75cb3e4c970f8a909ed1aa002c2aebd", "38b94bc25a46ecdc84963f75e03f9ba7808ba426d441f171ddc1e6dddfd5e1d5", "5015d8750e859583ba4c3d6aa355284f6b44ec7505f3ab7201f9df5c4814bf38", "782c64520ae22eabd8e0ef08455b5d4c9c5b7903e9de019c5cee47e1a1c16078", "2a799f1af67ebaf500f6d8d19c5489c915f7a4941dd8ee23abb59f1267cb2cac", "a43399c374e22eede9bca6e264b831992d5ffef4173d0b77d69f0c43490ebbe3", "bdf245b157a86482c078d31e9534aeaf13f66b2f12a39d48d2c0ddee0daa48e1", "47918cc8704b6e78e2a923e5caece4d91cc023d3f1e21a435c01403b46437439", "f9f9e5754be1c15cd0e5f704126dbcebdb3b23750b9f71917a609cb8809ea66d", "95279e78094878be2c6743008e9faca5bba8a525173f1dfaa96c07aa6d2efb4e", "0a8dcb1a894f3fcc59b6fb97092d894df9d74f0ad2421ff97f02f6933390c007", "2b21ce5da9858140838cc3a5fc8c514e4120aa12ddc3c772e3d81b5fa5c8ca92"], "mitre_attack_tags": []}, {"bi": "cta-static-analyzer-malicious", "hashes": ["896adbf9a4018128b1295faa207516bc475a6cdad2b7fa585cbbac253fd0deb0", "279445da8550fc340c331a0b89cf9f3ead448fe314924756530705e40d2a3513", "0c160ffe91806918208577a7d1b067fee75cb3e4c970f8a909ed1aa002c2aebd", "38b94bc25a46ecdc84963f75e03f9ba7808ba426d441f171ddc1e6dddfd5e1d5", "5015d8750e859583ba4c3d6aa355284f6b44ec7505f3ab7201f9df5c4814bf38", "782c64520ae22eabd8e0ef08455b5d4c9c5b7903e9de019c5cee47e1a1c16078", "2a799f1af67ebaf500f6d8d19c5489c915f7a4941dd8ee23abb59f1267cb2cac", "a43399c374e22eede9bca6e264b831992d5ffef4173d0b77d69f0c43490ebbe3", "bdf245b157a86482c078d31e9534aeaf13f66b2f12a39d48d2c0ddee0daa48e1", "47918cc8704b6e78e2a923e5caece4d91cc023d3f1e21a435c01403b46437439", "f9f9e5754be1c15cd0e5f704126dbcebdb3b23750b9f71917a609cb8809ea66d", "95279e78094878be2c6743008e9faca5bba8a525173f1dfaa96c07aa6d2efb4e", "0a8dcb1a894f3fcc59b6fb97092d894df9d74f0ad2421ff97f02f6933390c007", "2b21ce5da9858140838cc3a5fc8c514e4120aa12ddc3c772e3d81b5fa5c8ca92"], "mitre_attack_tags": []}, {"bi": "pe-filename-mismatch", "hashes": ["896adbf9a4018128b1295faa207516bc475a6cdad2b7fa585cbbac253fd0deb0", "279445da8550fc340c331a0b89cf9f3ead448fe314924756530705e40d2a3513", "0c160ffe91806918208577a7d1b067fee75cb3e4c970f8a909ed1aa002c2aebd", "38b94bc25a46ecdc84963f75e03f9ba7808ba426d441f171ddc1e6dddfd5e1d5", "5015d8750e859583ba4c3d6aa355284f6b44ec7505f3ab7201f9df5c4814bf38", "782c64520ae22eabd8e0ef08455b5d4c9c5b7903e9de019c5cee47e1a1c16078", "2a799f1af67ebaf500f6d8d19c5489c915f7a4941dd8ee23abb59f1267cb2cac", "a43399c374e22eede9bca6e264b831992d5ffef4173d0b77d69f0c43490ebbe3", "bdf245b157a86482c078d31e9534aeaf13f66b2f12a39d48d2c0ddee0daa48e1", "47918cc8704b6e78e2a923e5caece4d91cc023d3f1e21a435c01403b46437439", "f9f9e5754be1c15cd0e5f704126dbcebdb3b23750b9f71917a609cb8809ea66d", "95279e78094878be2c6743008e9faca5bba8a525173f1dfaa96c07aa6d2efb4e", "0a8dcb1a894f3fcc59b6fb97092d894df9d74f0ad2421ff97f02f6933390c007", "2b21ce5da9858140838cc3a5fc8c514e4120aa12ddc3c772e3d81b5fa5c8ca92"], "mitre_attack_tags": []}, {"bi": "process-long-cmdline", "hashes": ["896adbf9a4018128b1295faa207516bc475a6cdad2b7fa585cbbac253fd0deb0", "279445da8550fc340c331a0b89cf9f3ead448fe314924756530705e40d2a3513", "0c160ffe91806918208577a7d1b067fee75cb3e4c970f8a909ed1aa002c2aebd", "38b94bc25a46ecdc84963f75e03f9ba7808ba426d441f171ddc1e6dddfd5e1d5", "5015d8750e859583ba4c3d6aa355284f6b44ec7505f3ab7201f9df5c4814bf38", "782c64520ae22eabd8e0ef08455b5d4c9c5b7903e9de019c5cee47e1a1c16078", "2a799f1af67ebaf500f6d8d19c5489c915f7a4941dd8ee23abb59f1267cb2cac", "a43399c374e22eede9bca6e264b831992d5ffef4173d0b77d69f0c43490ebbe3", "bdf245b157a86482c078d31e9534aeaf13f66b2f12a39d48d2c0ddee0daa48e1", "47918cc8704b6e78e2a923e5caece4d91cc023d3f1e21a435c01403b46437439", "f9f9e5754be1c15cd0e5f704126dbcebdb3b23750b9f71917a609cb8809ea66d", "95279e78094878be2c6743008e9faca5bba8a525173f1dfaa96c07aa6d2efb4e", "0a8dcb1a894f3fcc59b6fb97092d894df9d74f0ad2421ff97f02f6933390c007", "2b21ce5da9858140838cc3a5fc8c514e4120aa12ddc3c772e3d81b5fa5c8ca92"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "pe-uses-visual-basic", "hashes": ["896adbf9a4018128b1295faa207516bc475a6cdad2b7fa585cbbac253fd0deb0", "279445da8550fc340c331a0b89cf9f3ead448fe314924756530705e40d2a3513", "0c160ffe91806918208577a7d1b067fee75cb3e4c970f8a909ed1aa002c2aebd", "38b94bc25a46ecdc84963f75e03f9ba7808ba426d441f171ddc1e6dddfd5e1d5", "5015d8750e859583ba4c3d6aa355284f6b44ec7505f3ab7201f9df5c4814bf38", "782c64520ae22eabd8e0ef08455b5d4c9c5b7903e9de019c5cee47e1a1c16078", "2a799f1af67ebaf500f6d8d19c5489c915f7a4941dd8ee23abb59f1267cb2cac", "a43399c374e22eede9bca6e264b831992d5ffef4173d0b77d69f0c43490ebbe3", "bdf245b157a86482c078d31e9534aeaf13f66b2f12a39d48d2c0ddee0daa48e1", "47918cc8704b6e78e2a923e5caece4d91cc023d3f1e21a435c01403b46437439", "f9f9e5754be1c15cd0e5f704126dbcebdb3b23750b9f71917a609cb8809ea66d", "95279e78094878be2c6743008e9faca5bba8a525173f1dfaa96c07aa6d2efb4e", "0a8dcb1a894f3fcc59b6fb97092d894df9d74f0ad2421ff97f02f6933390c007", "2b21ce5da9858140838cc3a5fc8c514e4120aa12ddc3c772e3d81b5fa5c8ca92"], "mitre_attack_tags": []}, {"bi": "artifact-windows-task", "hashes": ["896adbf9a4018128b1295faa207516bc475a6cdad2b7fa585cbbac253fd0deb0", "279445da8550fc340c331a0b89cf9f3ead448fe314924756530705e40d2a3513", "0c160ffe91806918208577a7d1b067fee75cb3e4c970f8a909ed1aa002c2aebd", "38b94bc25a46ecdc84963f75e03f9ba7808ba426d441f171ddc1e6dddfd5e1d5", "5015d8750e859583ba4c3d6aa355284f6b44ec7505f3ab7201f9df5c4814bf38", "782c64520ae22eabd8e0ef08455b5d4c9c5b7903e9de019c5cee47e1a1c16078", "2a799f1af67ebaf500f6d8d19c5489c915f7a4941dd8ee23abb59f1267cb2cac", "a43399c374e22eede9bca6e264b831992d5ffef4173d0b77d69f0c43490ebbe3", "bdf245b157a86482c078d31e9534aeaf13f66b2f12a39d48d2c0ddee0daa48e1", "47918cc8704b6e78e2a923e5caece4d91cc023d3f1e21a435c01403b46437439", "f9f9e5754be1c15cd0e5f704126dbcebdb3b23750b9f71917a609cb8809ea66d", "95279e78094878be2c6743008e9faca5bba8a525173f1dfaa96c07aa6d2efb4e", "0a8dcb1a894f3fcc59b6fb97092d894df9d74f0ad2421ff97f02f6933390c007", "2b21ce5da9858140838cc3a5fc8c514e4120aa12ddc3c772e3d81b5fa5c8ca92"], "mitre_attack_tags": ["TA0002", "TA0003", "T1053"]}, {"bi": "registry-autorun-key-modified", "hashes": ["896adbf9a4018128b1295faa207516bc475a6cdad2b7fa585cbbac253fd0deb0", "279445da8550fc340c331a0b89cf9f3ead448fe314924756530705e40d2a3513", "0c160ffe91806918208577a7d1b067fee75cb3e4c970f8a909ed1aa002c2aebd", "38b94bc25a46ecdc84963f75e03f9ba7808ba426d441f171ddc1e6dddfd5e1d5", "5015d8750e859583ba4c3d6aa355284f6b44ec7505f3ab7201f9df5c4814bf38", "782c64520ae22eabd8e0ef08455b5d4c9c5b7903e9de019c5cee47e1a1c16078", "2a799f1af67ebaf500f6d8d19c5489c915f7a4941dd8ee23abb59f1267cb2cac", "a43399c374e22eede9bca6e264b831992d5ffef4173d0b77d69f0c43490ebbe3", "bdf245b157a86482c078d31e9534aeaf13f66b2f12a39d48d2c0ddee0daa48e1", "47918cc8704b6e78e2a923e5caece4d91cc023d3f1e21a435c01403b46437439", "f9f9e5754be1c15cd0e5f704126dbcebdb3b23750b9f71917a609cb8809ea66d", "95279e78094878be2c6743008e9faca5bba8a525173f1dfaa96c07aa6d2efb4e", "0a8dcb1a894f3fcc59b6fb97092d894df9d74f0ad2421ff97f02f6933390c007", "2b21ce5da9858140838cc3a5fc8c514e4120aa12ddc3c772e3d81b5fa5c8ca92"], "mitre_attack_tags": ["TA0003", "T1060"]}, {"bi": "windows-util-schtask", "hashes": ["896adbf9a4018128b1295faa207516bc475a6cdad2b7fa585cbbac253fd0deb0", "279445da8550fc340c331a0b89cf9f3ead448fe314924756530705e40d2a3513", "0c160ffe91806918208577a7d1b067fee75cb3e4c970f8a909ed1aa002c2aebd", "38b94bc25a46ecdc84963f75e03f9ba7808ba426d441f171ddc1e6dddfd5e1d5", "5015d8750e859583ba4c3d6aa355284f6b44ec7505f3ab7201f9df5c4814bf38", "782c64520ae22eabd8e0ef08455b5d4c9c5b7903e9de019c5cee47e1a1c16078", "2a799f1af67ebaf500f6d8d19c5489c915f7a4941dd8ee23abb59f1267cb2cac", "a43399c374e22eede9bca6e264b831992d5ffef4173d0b77d69f0c43490ebbe3", "bdf245b157a86482c078d31e9534aeaf13f66b2f12a39d48d2c0ddee0daa48e1", "47918cc8704b6e78e2a923e5caece4d91cc023d3f1e21a435c01403b46437439", "f9f9e5754be1c15cd0e5f704126dbcebdb3b23750b9f71917a609cb8809ea66d", "95279e78094878be2c6743008e9faca5bba8a525173f1dfaa96c07aa6d2efb4e", "0a8dcb1a894f3fcc59b6fb97092d894df9d74f0ad2421ff97f02f6933390c007", "2b21ce5da9858140838cc3a5fc8c514e4120aa12ddc3c772e3d81b5fa5c8ca92"], "mitre_attack_tags": ["TA0003", "T1053"]}, {"bi": "windows-util-schtask-generic", "hashes": ["896adbf9a4018128b1295faa207516bc475a6cdad2b7fa585cbbac253fd0deb0", "279445da8550fc340c331a0b89cf9f3ead448fe314924756530705e40d2a3513", "0c160ffe91806918208577a7d1b067fee75cb3e4c970f8a909ed1aa002c2aebd", "38b94bc25a46ecdc84963f75e03f9ba7808ba426d441f171ddc1e6dddfd5e1d5", "5015d8750e859583ba4c3d6aa355284f6b44ec7505f3ab7201f9df5c4814bf38", "782c64520ae22eabd8e0ef08455b5d4c9c5b7903e9de019c5cee47e1a1c16078", "2a799f1af67ebaf500f6d8d19c5489c915f7a4941dd8ee23abb59f1267cb2cac", "a43399c374e22eede9bca6e264b831992d5ffef4173d0b77d69f0c43490ebbe3", "bdf245b157a86482c078d31e9534aeaf13f66b2f12a39d48d2c0ddee0daa48e1", "47918cc8704b6e78e2a923e5caece4d91cc023d3f1e21a435c01403b46437439", "f9f9e5754be1c15cd0e5f704126dbcebdb3b23750b9f71917a609cb8809ea66d", "95279e78094878be2c6743008e9faca5bba8a525173f1dfaa96c07aa6d2efb4e", "0a8dcb1a894f3fcc59b6fb97092d894df9d74f0ad2421ff97f02f6933390c007", "2b21ce5da9858140838cc3a5fc8c514e4120aa12ddc3c772e3d81b5fa5c8ca92"], "mitre_attack_tags": ["TA0003", "T1053"]}, {"bi": "potential-registry-persistence", "hashes": ["896adbf9a4018128b1295faa207516bc475a6cdad2b7fa585cbbac253fd0deb0", "279445da8550fc340c331a0b89cf9f3ead448fe314924756530705e40d2a3513", "0c160ffe91806918208577a7d1b067fee75cb3e4c970f8a909ed1aa002c2aebd", "38b94bc25a46ecdc84963f75e03f9ba7808ba426d441f171ddc1e6dddfd5e1d5", "5015d8750e859583ba4c3d6aa355284f6b44ec7505f3ab7201f9df5c4814bf38", "782c64520ae22eabd8e0ef08455b5d4c9c5b7903e9de019c5cee47e1a1c16078", "2a799f1af67ebaf500f6d8d19c5489c915f7a4941dd8ee23abb59f1267cb2cac", "a43399c374e22eede9bca6e264b831992d5ffef4173d0b77d69f0c43490ebbe3", "bdf245b157a86482c078d31e9534aeaf13f66b2f12a39d48d2c0ddee0daa48e1", "47918cc8704b6e78e2a923e5caece4d91cc023d3f1e21a435c01403b46437439", "f9f9e5754be1c15cd0e5f704126dbcebdb3b23750b9f71917a609cb8809ea66d", "95279e78094878be2c6743008e9faca5bba8a525173f1dfaa96c07aa6d2efb4e", "0a8dcb1a894f3fcc59b6fb97092d894df9d74f0ad2421ff97f02f6933390c007", "2b21ce5da9858140838cc3a5fc8c514e4120aa12ddc3c772e3d81b5fa5c8ca92"], "mitre_attack_tags": []}, {"bi": "registry-modification-reg", "hashes": ["896adbf9a4018128b1295faa207516bc475a6cdad2b7fa585cbbac253fd0deb0", "279445da8550fc340c331a0b89cf9f3ead448fe314924756530705e40d2a3513", "0c160ffe91806918208577a7d1b067fee75cb3e4c970f8a909ed1aa002c2aebd", "38b94bc25a46ecdc84963f75e03f9ba7808ba426d441f171ddc1e6dddfd5e1d5", "5015d8750e859583ba4c3d6aa355284f6b44ec7505f3ab7201f9df5c4814bf38", "782c64520ae22eabd8e0ef08455b5d4c9c5b7903e9de019c5cee47e1a1c16078", "2a799f1af67ebaf500f6d8d19c5489c915f7a4941dd8ee23abb59f1267cb2cac", "a43399c374e22eede9bca6e264b831992d5ffef4173d0b77d69f0c43490ebbe3", "bdf245b157a86482c078d31e9534aeaf13f66b2f12a39d48d2c0ddee0daa48e1", "47918cc8704b6e78e2a923e5caece4d91cc023d3f1e21a435c01403b46437439", "f9f9e5754be1c15cd0e5f704126dbcebdb3b23750b9f71917a609cb8809ea66d", "95279e78094878be2c6743008e9faca5bba8a525173f1dfaa96c07aa6d2efb4e", "0a8dcb1a894f3fcc59b6fb97092d894df9d74f0ad2421ff97f02f6933390c007", "2b21ce5da9858140838cc3a5fc8c514e4120aa12ddc3c772e3d81b5fa5c8ca92"], "mitre_attack_tags": []}, {"bi": "sample-pe-modified-on-disk", "hashes": ["896adbf9a4018128b1295faa207516bc475a6cdad2b7fa585cbbac253fd0deb0", "279445da8550fc340c331a0b89cf9f3ead448fe314924756530705e40d2a3513", "0c160ffe91806918208577a7d1b067fee75cb3e4c970f8a909ed1aa002c2aebd", "38b94bc25a46ecdc84963f75e03f9ba7808ba426d441f171ddc1e6dddfd5e1d5", "5015d8750e859583ba4c3d6aa355284f6b44ec7505f3ab7201f9df5c4814bf38", "782c64520ae22eabd8e0ef08455b5d4c9c5b7903e9de019c5cee47e1a1c16078", "2a799f1af67ebaf500f6d8d19c5489c915f7a4941dd8ee23abb59f1267cb2cac", "a43399c374e22eede9bca6e264b831992d5ffef4173d0b77d69f0c43490ebbe3", "bdf245b157a86482c078d31e9534aeaf13f66b2f12a39d48d2c0ddee0daa48e1", "47918cc8704b6e78e2a923e5caece4d91cc023d3f1e21a435c01403b46437439", "f9f9e5754be1c15cd0e5f704126dbcebdb3b23750b9f71917a609cb8809ea66d", "95279e78094878be2c6743008e9faca5bba8a525173f1dfaa96c07aa6d2efb4e", "0a8dcb1a894f3fcc59b6fb97092d894df9d74f0ad2421ff97f02f6933390c007", "2b21ce5da9858140838cc3a5fc8c514e4120aa12ddc3c772e3d81b5fa5c8ca92"], "mitre_attack_tags": ["TA0005", "T1202"]}, {"bi": "malware-compound-cta-activity", "hashes": ["896adbf9a4018128b1295faa207516bc475a6cdad2b7fa585cbbac253fd0deb0", "279445da8550fc340c331a0b89cf9f3ead448fe314924756530705e40d2a3513", "0c160ffe91806918208577a7d1b067fee75cb3e4c970f8a909ed1aa002c2aebd", "38b94bc25a46ecdc84963f75e03f9ba7808ba426d441f171ddc1e6dddfd5e1d5", "5015d8750e859583ba4c3d6aa355284f6b44ec7505f3ab7201f9df5c4814bf38", "782c64520ae22eabd8e0ef08455b5d4c9c5b7903e9de019c5cee47e1a1c16078", "2a799f1af67ebaf500f6d8d19c5489c915f7a4941dd8ee23abb59f1267cb2cac", "a43399c374e22eede9bca6e264b831992d5ffef4173d0b77d69f0c43490ebbe3", "bdf245b157a86482c078d31e9534aeaf13f66b2f12a39d48d2c0ddee0daa48e1", "47918cc8704b6e78e2a923e5caece4d91cc023d3f1e21a435c01403b46437439", "f9f9e5754be1c15cd0e5f704126dbcebdb3b23750b9f71917a609cb8809ea66d", "95279e78094878be2c6743008e9faca5bba8a525173f1dfaa96c07aa6d2efb4e", "0a8dcb1a894f3fcc59b6fb97092d894df9d74f0ad2421ff97f02f6933390c007", "2b21ce5da9858140838cc3a5fc8c514e4120aa12ddc3c772e3d81b5fa5c8ca92"], "mitre_attack_tags": []}], "category": "Dropper", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": false, "Threat Grid": true, "Umbrella": false, "WSA": false}, "description": "NetWire is a remote access trojan (RAT) that allows attackers to execute commands on the infected host, log keystrokes, interact with a webcam, remote desktop and read data from connected USB devices. NetWire is commonly delivered through Microsoft Office documents with macros, sent as attachments on malicious emails.", "hashes": ["0a8dcb1a894f3fcc59b6fb97092d894df9d74f0ad2421ff97f02f6933390c007", "0c160ffe91806918208577a7d1b067fee75cb3e4c970f8a909ed1aa002c2aebd", "279445da8550fc340c331a0b89cf9f3ead448fe314924756530705e40d2a3513", "2a799f1af67ebaf500f6d8d19c5489c915f7a4941dd8ee23abb59f1267cb2cac", "2b21ce5da9858140838cc3a5fc8c514e4120aa12ddc3c772e3d81b5fa5c8ca92", "38b94bc25a46ecdc84963f75e03f9ba7808ba426d441f171ddc1e6dddfd5e1d5", "47918cc8704b6e78e2a923e5caece4d91cc023d3f1e21a435c01403b46437439", "5015d8750e859583ba4c3d6aa355284f6b44ec7505f3ab7201f9df5c4814bf38", "782c64520ae22eabd8e0ef08455b5d4c9c5b7903e9de019c5cee47e1a1c16078", "896adbf9a4018128b1295faa207516bc475a6cdad2b7fa585cbbac253fd0deb0", "95279e78094878be2c6743008e9faca5bba8a525173f1dfaa96c07aa6d2efb4e", "a43399c374e22eede9bca6e264b831992d5ffef4173d0b77d69f0c43490ebbe3", "bdf245b157a86482c078d31e9534aeaf13f66b2f12a39d48d2c0ddee0daa48e1", "f9f9e5754be1c15cd0e5f704126dbcebdb3b23750b9f71917a609cb8809ea66d"], "iocs": {"domain": [{"hashes": ["0a8dcb1a894f3fcc59b6fb97092d894df9d74f0ad2421ff97f02f6933390c007", "0c160ffe91806918208577a7d1b067fee75cb3e4c970f8a909ed1aa002c2aebd", "2a799f1af67ebaf500f6d8d19c5489c915f7a4941dd8ee23abb59f1267cb2cac", "38b94bc25a46ecdc84963f75e03f9ba7808ba426d441f171ddc1e6dddfd5e1d5", "bdf245b157a86482c078d31e9534aeaf13f66b2f12a39d48d2c0ddee0daa48e1", "f9f9e5754be1c15cd0e5f704126dbcebdb3b23750b9f71917a609cb8809ea66d"], "host": "www[.]setdop[.]com"}, {"hashes": ["0a8dcb1a894f3fcc59b6fb97092d894df9d74f0ad2421ff97f02f6933390c007", "47918cc8704b6e78e2a923e5caece4d91cc023d3f1e21a435c01403b46437439", "f9f9e5754be1c15cd0e5f704126dbcebdb3b23750b9f71917a609cb8809ea66d"], "host": "www[.]ostrichinator[.]net"}, {"hashes": ["0a8dcb1a894f3fcc59b6fb97092d894df9d74f0ad2421ff97f02f6933390c007", "279445da8550fc340c331a0b89cf9f3ead448fe314924756530705e40d2a3513", "bdf245b157a86482c078d31e9534aeaf13f66b2f12a39d48d2c0ddee0daa48e1"], "host": "www[.]jihesdk[.]info"}, {"hashes": ["279445da8550fc340c331a0b89cf9f3ead448fe314924756530705e40d2a3513", "2b21ce5da9858140838cc3a5fc8c514e4120aa12ddc3c772e3d81b5fa5c8ca92", "95279e78094878be2c6743008e9faca5bba8a525173f1dfaa96c07aa6d2efb4e"], "host": "www[.]whitetigerdata[.]com"}, {"hashes": ["2a799f1af67ebaf500f6d8d19c5489c915f7a4941dd8ee23abb59f1267cb2cac", "38b94bc25a46ecdc84963f75e03f9ba7808ba426d441f171ddc1e6dddfd5e1d5", "f9f9e5754be1c15cd0e5f704126dbcebdb3b23750b9f71917a609cb8809ea66d"], "host": "www[.]sejqr[.]com"}, {"hashes": ["0a8dcb1a894f3fcc59b6fb97092d894df9d74f0ad2421ff97f02f6933390c007", "5015d8750e859583ba4c3d6aa355284f6b44ec7505f3ab7201f9df5c4814bf38"], "host": "etimasthe[.]com"}, {"hashes": ["0a8dcb1a894f3fcc59b6fb97092d894df9d74f0ad2421ff97f02f6933390c007", "5015d8750e859583ba4c3d6aa355284f6b44ec7505f3ab7201f9df5c4814bf38"], "host": "www[.]etimasthe[.]com"}, {"hashes": ["0c160ffe91806918208577a7d1b067fee75cb3e4c970f8a909ed1aa002c2aebd", "bdf245b157a86482c078d31e9534aeaf13f66b2f12a39d48d2c0ddee0daa48e1"], "host": "susan0to60[.]com"}, {"hashes": ["0c160ffe91806918208577a7d1b067fee75cb3e4c970f8a909ed1aa002c2aebd", "bdf245b157a86482c078d31e9534aeaf13f66b2f12a39d48d2c0ddee0daa48e1"], "host": "www[.]susan0to60[.]com"}, {"hashes": ["279445da8550fc340c331a0b89cf9f3ead448fe314924756530705e40d2a3513", "2b21ce5da9858140838cc3a5fc8c514e4120aa12ddc3c772e3d81b5fa5c8ca92"], "host": "www[.]kedirun[.]com"}, {"hashes": ["2a799f1af67ebaf500f6d8d19c5489c915f7a4941dd8ee23abb59f1267cb2cac", "f9f9e5754be1c15cd0e5f704126dbcebdb3b23750b9f71917a609cb8809ea66d"], "host": "briartekinternal[.]com"}, {"hashes": ["2a799f1af67ebaf500f6d8d19c5489c915f7a4941dd8ee23abb59f1267cb2cac", "38b94bc25a46ecdc84963f75e03f9ba7808ba426d441f171ddc1e6dddfd5e1d5"], "host": "www[.]xn--nlsw5fi3knmheq3c[.]com"}, {"hashes": ["2a799f1af67ebaf500f6d8d19c5489c915f7a4941dd8ee23abb59f1267cb2cac", "f9f9e5754be1c15cd0e5f704126dbcebdb3b23750b9f71917a609cb8809ea66d"], "host": "www[.]briartekinternal[.]com"}, {"hashes": ["2a799f1af67ebaf500f6d8d19c5489c915f7a4941dd8ee23abb59f1267cb2cac", "47918cc8704b6e78e2a923e5caece4d91cc023d3f1e21a435c01403b46437439"], "host": "www[.]moringabrothers[.]com"}, {"hashes": ["5015d8750e859583ba4c3d6aa355284f6b44ec7505f3ab7201f9df5c4814bf38", "95279e78094878be2c6743008e9faca5bba8a525173f1dfaa96c07aa6d2efb4e"], "host": "www[.]lohasnomori[.]net"}, {"hashes": ["5015d8750e859583ba4c3d6aa355284f6b44ec7505f3ab7201f9df5c4814bf38", "bdf245b157a86482c078d31e9534aeaf13f66b2f12a39d48d2c0ddee0daa48e1"], "host": "www[.]lifeinterval[.]com"}, {"hashes": ["782c64520ae22eabd8e0ef08455b5d4c9c5b7903e9de019c5cee47e1a1c16078", "a43399c374e22eede9bca6e264b831992d5ffef4173d0b77d69f0c43490ebbe3"], "host": "facepainterseattle[.]com"}, {"hashes": ["782c64520ae22eabd8e0ef08455b5d4c9c5b7903e9de019c5cee47e1a1c16078", "896adbf9a4018128b1295faa207516bc475a6cdad2b7fa585cbbac253fd0deb0"], "host": "www[.]rewonchina[.]com"}, {"hashes": ["782c64520ae22eabd8e0ef08455b5d4c9c5b7903e9de019c5cee47e1a1c16078", "a43399c374e22eede9bca6e264b831992d5ffef4173d0b77d69f0c43490ebbe3"], "host": "www[.]facepainterseattle[.]com"}, {"hashes": ["782c64520ae22eabd8e0ef08455b5d4c9c5b7903e9de019c5cee47e1a1c16078", "95279e78094878be2c6743008e9faca5bba8a525173f1dfaa96c07aa6d2efb4e"], "host": "www[.]icager[.]com"}, {"hashes": ["896adbf9a4018128b1295faa207516bc475a6cdad2b7fa585cbbac253fd0deb0", "a43399c374e22eede9bca6e264b831992d5ffef4173d0b77d69f0c43490ebbe3"], "host": "www[.]chancestars[.]com"}, {"hashes": ["896adbf9a4018128b1295faa207516bc475a6cdad2b7fa585cbbac253fd0deb0", "a43399c374e22eede9bca6e264b831992d5ffef4173d0b77d69f0c43490ebbe3"], "host": "www[.]lrgnw[.]com"}, {"hashes": ["95279e78094878be2c6743008e9faca5bba8a525173f1dfaa96c07aa6d2efb4e", "a43399c374e22eede9bca6e264b831992d5ffef4173d0b77d69f0c43490ebbe3"], "host": "www[.]vialegiuliocesare[.]com"}, {"hashes": ["0c160ffe91806918208577a7d1b067fee75cb3e4c970f8a909ed1aa002c2aebd"], "host": "www[.]get-religion[.]com"}, {"hashes": ["0c160ffe91806918208577a7d1b067fee75cb3e4c970f8a909ed1aa002c2aebd"], "host": "www[.]tekkes[.]com"}, {"hashes": ["0c160ffe91806918208577a7d1b067fee75cb3e4c970f8a909ed1aa002c2aebd"], "host": "www[.]ass-eat[.]com"}, {"hashes": ["279445da8550fc340c331a0b89cf9f3ead448fe314924756530705e40d2a3513"], "host": "www[.]okskyn[.]com"}, {"hashes": ["279445da8550fc340c331a0b89cf9f3ead448fe314924756530705e40d2a3513"], "host": "www[.]avtopidbir[.]com"}, {"hashes": ["2b21ce5da9858140838cc3a5fc8c514e4120aa12ddc3c772e3d81b5fa5c8ca92"], "host": "www[.]serverover[.]com"}, {"hashes": ["2b21ce5da9858140838cc3a5fc8c514e4120aa12ddc3c772e3d81b5fa5c8ca92"], "host": "www[.]nmwjek[.]com"}, {"hashes": ["2b21ce5da9858140838cc3a5fc8c514e4120aa12ddc3c772e3d81b5fa5c8ca92"], "host": "www[.]takebetternotes[.]com"}, {"hashes": ["38b94bc25a46ecdc84963f75e03f9ba7808ba426d441f171ddc1e6dddfd5e1d5"], "host": "www[.]christopher-cloos[.]com"}, {"hashes": ["38b94bc25a46ecdc84963f75e03f9ba7808ba426d441f171ddc1e6dddfd5e1d5"], "host": "www[.]jsnpnl[.]info"}, {"hashes": ["47918cc8704b6e78e2a923e5caece4d91cc023d3f1e21a435c01403b46437439"], "host": "www[.]tuhqni[.]com"}, {"hashes": ["47918cc8704b6e78e2a923e5caece4d91cc023d3f1e21a435c01403b46437439"], "host": "www[.]jazzdesigns[.]net"}, {"hashes": ["47918cc8704b6e78e2a923e5caece4d91cc023d3f1e21a435c01403b46437439"], "host": "www[.]mjcxtd[.]com"}, {"hashes": ["5015d8750e859583ba4c3d6aa355284f6b44ec7505f3ab7201f9df5c4814bf38"], "host": "aa150[.]f999[.]xyz"}, {"hashes": ["5015d8750e859583ba4c3d6aa355284f6b44ec7505f3ab7201f9df5c4814bf38"], "host": "www[.]archerywarsmn[.]com[.]cdn[.]cloudflare[.]net"}, {"hashes": ["5015d8750e859583ba4c3d6aa355284f6b44ec7505f3ab7201f9df5c4814bf38"], "host": "www[.]jl299[.]com"}, {"hashes": ["5015d8750e859583ba4c3d6aa355284f6b44ec7505f3ab7201f9df5c4814bf38"], "host": "www[.]archerywarsmn[.]com"}, {"hashes": ["782c64520ae22eabd8e0ef08455b5d4c9c5b7903e9de019c5cee47e1a1c16078"], "host": "www[.]duberryproperties[.]com"}, {"hashes": ["782c64520ae22eabd8e0ef08455b5d4c9c5b7903e9de019c5cee47e1a1c16078"], "host": "www[.]5b1four[.]loan"}, {"hashes": ["896adbf9a4018128b1295faa207516bc475a6cdad2b7fa585cbbac253fd0deb0"], "host": "www[.]poetchain[.]com"}, {"hashes": ["896adbf9a4018128b1295faa207516bc475a6cdad2b7fa585cbbac253fd0deb0"], "host": "www[.]yuedige[.]com"}, {"hashes": ["95279e78094878be2c6743008e9faca5bba8a525173f1dfaa96c07aa6d2efb4e"], "host": "zhongcaiwangweb2[.]baiying01[.]com"}, {"hashes": ["95279e78094878be2c6743008e9faca5bba8a525173f1dfaa96c07aa6d2efb4e"], "host": "www[.]9922228[.]com"}, {"hashes": ["a43399c374e22eede9bca6e264b831992d5ffef4173d0b77d69f0c43490ebbe3"], "host": "www[.]18776061993[.]com"}, {"hashes": ["bdf245b157a86482c078d31e9534aeaf13f66b2f12a39d48d2c0ddee0daa48e1"], "host": "xn--facebok-f1a[.]com"}, {"hashes": ["bdf245b157a86482c078d31e9534aeaf13f66b2f12a39d48d2c0ddee0daa48e1"], "host": "www[.]xn--facebok-f1a[.]com"}, {"hashes": ["f9f9e5754be1c15cd0e5f704126dbcebdb3b23750b9f71917a609cb8809ea66d"], "host": "www[.]guidingair[.]com"}], "file": [{"hashes": ["0a8dcb1a894f3fcc59b6fb97092d894df9d74f0ad2421ff97f02f6933390c007", "0c160ffe91806918208577a7d1b067fee75cb3e4c970f8a909ed1aa002c2aebd", "279445da8550fc340c331a0b89cf9f3ead448fe314924756530705e40d2a3513", "2a799f1af67ebaf500f6d8d19c5489c915f7a4941dd8ee23abb59f1267cb2cac", "2b21ce5da9858140838cc3a5fc8c514e4120aa12ddc3c772e3d81b5fa5c8ca92", "38b94bc25a46ecdc84963f75e03f9ba7808ba426d441f171ddc1e6dddfd5e1d5", "47918cc8704b6e78e2a923e5caece4d91cc023d3f1e21a435c01403b46437439", "5015d8750e859583ba4c3d6aa355284f6b44ec7505f3ab7201f9df5c4814bf38", "782c64520ae22eabd8e0ef08455b5d4c9c5b7903e9de019c5cee47e1a1c16078", "896adbf9a4018128b1295faa207516bc475a6cdad2b7fa585cbbac253fd0deb0", "95279e78094878be2c6743008e9faca5bba8a525173f1dfaa96c07aa6d2efb4e", "a43399c374e22eede9bca6e264b831992d5ffef4173d0b77d69f0c43490ebbe3", "bdf245b157a86482c078d31e9534aeaf13f66b2f12a39d48d2c0ddee0daa48e1", "f9f9e5754be1c15cd0e5f704126dbcebdb3b23750b9f71917a609cb8809ea66d"], "path": "%System32%\\Tasks\\Maryan"}, {"hashes": ["0a8dcb1a894f3fcc59b6fb97092d894df9d74f0ad2421ff97f02f6933390c007", "0c160ffe91806918208577a7d1b067fee75cb3e4c970f8a909ed1aa002c2aebd", "279445da8550fc340c331a0b89cf9f3ead448fe314924756530705e40d2a3513", "2a799f1af67ebaf500f6d8d19c5489c915f7a4941dd8ee23abb59f1267cb2cac", "2b21ce5da9858140838cc3a5fc8c514e4120aa12ddc3c772e3d81b5fa5c8ca92", "38b94bc25a46ecdc84963f75e03f9ba7808ba426d441f171ddc1e6dddfd5e1d5", "47918cc8704b6e78e2a923e5caece4d91cc023d3f1e21a435c01403b46437439", "5015d8750e859583ba4c3d6aa355284f6b44ec7505f3ab7201f9df5c4814bf38", "782c64520ae22eabd8e0ef08455b5d4c9c5b7903e9de019c5cee47e1a1c16078", "896adbf9a4018128b1295faa207516bc475a6cdad2b7fa585cbbac253fd0deb0", "95279e78094878be2c6743008e9faca5bba8a525173f1dfaa96c07aa6d2efb4e", "a43399c374e22eede9bca6e264b831992d5ffef4173d0b77d69f0c43490ebbe3", "bdf245b157a86482c078d31e9534aeaf13f66b2f12a39d48d2c0ddee0daa48e1", "f9f9e5754be1c15cd0e5f704126dbcebdb3b23750b9f71917a609cb8809ea66d"], "path": "%ProgramData%\\Preabdomen.exe"}, {"hashes": ["0a8dcb1a894f3fcc59b6fb97092d894df9d74f0ad2421ff97f02f6933390c007", "0c160ffe91806918208577a7d1b067fee75cb3e4c970f8a909ed1aa002c2aebd", "279445da8550fc340c331a0b89cf9f3ead448fe314924756530705e40d2a3513", "2a799f1af67ebaf500f6d8d19c5489c915f7a4941dd8ee23abb59f1267cb2cac", "2b21ce5da9858140838cc3a5fc8c514e4120aa12ddc3c772e3d81b5fa5c8ca92", "38b94bc25a46ecdc84963f75e03f9ba7808ba426d441f171ddc1e6dddfd5e1d5", "47918cc8704b6e78e2a923e5caece4d91cc023d3f1e21a435c01403b46437439", "5015d8750e859583ba4c3d6aa355284f6b44ec7505f3ab7201f9df5c4814bf38", "782c64520ae22eabd8e0ef08455b5d4c9c5b7903e9de019c5cee47e1a1c16078", "896adbf9a4018128b1295faa207516bc475a6cdad2b7fa585cbbac253fd0deb0", "95279e78094878be2c6743008e9faca5bba8a525173f1dfaa96c07aa6d2efb4e", "a43399c374e22eede9bca6e264b831992d5ffef4173d0b77d69f0c43490ebbe3", "bdf245b157a86482c078d31e9534aeaf13f66b2f12a39d48d2c0ddee0daa48e1", "f9f9e5754be1c15cd0e5f704126dbcebdb3b23750b9f71917a609cb8809ea66d"], "path": "\\Documents and Settings\\All Users\\Preabdomen.exe"}, {"hashes": ["0a8dcb1a894f3fcc59b6fb97092d894df9d74f0ad2421ff97f02f6933390c007", "0c160ffe91806918208577a7d1b067fee75cb3e4c970f8a909ed1aa002c2aebd", "279445da8550fc340c331a0b89cf9f3ead448fe314924756530705e40d2a3513", "2a799f1af67ebaf500f6d8d19c5489c915f7a4941dd8ee23abb59f1267cb2cac", "2b21ce5da9858140838cc3a5fc8c514e4120aa12ddc3c772e3d81b5fa5c8ca92", "38b94bc25a46ecdc84963f75e03f9ba7808ba426d441f171ddc1e6dddfd5e1d5", "47918cc8704b6e78e2a923e5caece4d91cc023d3f1e21a435c01403b46437439", "5015d8750e859583ba4c3d6aa355284f6b44ec7505f3ab7201f9df5c4814bf38", "782c64520ae22eabd8e0ef08455b5d4c9c5b7903e9de019c5cee47e1a1c16078", "896adbf9a4018128b1295faa207516bc475a6cdad2b7fa585cbbac253fd0deb0", "95279e78094878be2c6743008e9faca5bba8a525173f1dfaa96c07aa6d2efb4e", "a43399c374e22eede9bca6e264b831992d5ffef4173d0b77d69f0c43490ebbe3", "bdf245b157a86482c078d31e9534aeaf13f66b2f12a39d48d2c0ddee0daa48e1", "f9f9e5754be1c15cd0e5f704126dbcebdb3b23750b9f71917a609cb8809ea66d"], "path": "%SystemRoot%\\Tasks\\Maryan.job"}, {"hashes": ["0a8dcb1a894f3fcc59b6fb97092d894df9d74f0ad2421ff97f02f6933390c007", "0c160ffe91806918208577a7d1b067fee75cb3e4c970f8a909ed1aa002c2aebd", "2a799f1af67ebaf500f6d8d19c5489c915f7a4941dd8ee23abb59f1267cb2cac", "2b21ce5da9858140838cc3a5fc8c514e4120aa12ddc3c772e3d81b5fa5c8ca92", "38b94bc25a46ecdc84963f75e03f9ba7808ba426d441f171ddc1e6dddfd5e1d5", "47918cc8704b6e78e2a923e5caece4d91cc023d3f1e21a435c01403b46437439", "5015d8750e859583ba4c3d6aa355284f6b44ec7505f3ab7201f9df5c4814bf38", "782c64520ae22eabd8e0ef08455b5d4c9c5b7903e9de019c5cee47e1a1c16078", "896adbf9a4018128b1295faa207516bc475a6cdad2b7fa585cbbac253fd0deb0", "95279e78094878be2c6743008e9faca5bba8a525173f1dfaa96c07aa6d2efb4e", "a43399c374e22eede9bca6e264b831992d5ffef4173d0b77d69f0c43490ebbe3", "bdf245b157a86482c078d31e9534aeaf13f66b2f12a39d48d2c0ddee0daa48e1", "f9f9e5754be1c15cd0e5f704126dbcebdb3b23750b9f71917a609cb8809ea66d"], "path": "%APPDATA%\\4NM6TR21\\4NMlogim.jpeg"}, {"hashes": ["0a8dcb1a894f3fcc59b6fb97092d894df9d74f0ad2421ff97f02f6933390c007", "0c160ffe91806918208577a7d1b067fee75cb3e4c970f8a909ed1aa002c2aebd", "2a799f1af67ebaf500f6d8d19c5489c915f7a4941dd8ee23abb59f1267cb2cac", "2b21ce5da9858140838cc3a5fc8c514e4120aa12ddc3c772e3d81b5fa5c8ca92", "38b94bc25a46ecdc84963f75e03f9ba7808ba426d441f171ddc1e6dddfd5e1d5", "47918cc8704b6e78e2a923e5caece4d91cc023d3f1e21a435c01403b46437439", "5015d8750e859583ba4c3d6aa355284f6b44ec7505f3ab7201f9df5c4814bf38", "782c64520ae22eabd8e0ef08455b5d4c9c5b7903e9de019c5cee47e1a1c16078", "896adbf9a4018128b1295faa207516bc475a6cdad2b7fa585cbbac253fd0deb0", "95279e78094878be2c6743008e9faca5bba8a525173f1dfaa96c07aa6d2efb4e", "a43399c374e22eede9bca6e264b831992d5ffef4173d0b77d69f0c43490ebbe3", "bdf245b157a86482c078d31e9534aeaf13f66b2f12a39d48d2c0ddee0daa48e1", "f9f9e5754be1c15cd0e5f704126dbcebdb3b23750b9f71917a609cb8809ea66d"], "path": "%APPDATA%\\4NM6TR21\\4NMlogrc.ini"}, {"hashes": ["0a8dcb1a894f3fcc59b6fb97092d894df9d74f0ad2421ff97f02f6933390c007", "0c160ffe91806918208577a7d1b067fee75cb3e4c970f8a909ed1aa002c2aebd", "2a799f1af67ebaf500f6d8d19c5489c915f7a4941dd8ee23abb59f1267cb2cac", "2b21ce5da9858140838cc3a5fc8c514e4120aa12ddc3c772e3d81b5fa5c8ca92", "38b94bc25a46ecdc84963f75e03f9ba7808ba426d441f171ddc1e6dddfd5e1d5", "47918cc8704b6e78e2a923e5caece4d91cc023d3f1e21a435c01403b46437439", "5015d8750e859583ba4c3d6aa355284f6b44ec7505f3ab7201f9df5c4814bf38", "782c64520ae22eabd8e0ef08455b5d4c9c5b7903e9de019c5cee47e1a1c16078", "896adbf9a4018128b1295faa207516bc475a6cdad2b7fa585cbbac253fd0deb0", "95279e78094878be2c6743008e9faca5bba8a525173f1dfaa96c07aa6d2efb4e", "a43399c374e22eede9bca6e264b831992d5ffef4173d0b77d69f0c43490ebbe3", "bdf245b157a86482c078d31e9534aeaf13f66b2f12a39d48d2c0ddee0daa48e1", "f9f9e5754be1c15cd0e5f704126dbcebdb3b23750b9f71917a609cb8809ea66d"], "path": "%APPDATA%\\4NM6TR21\\4NMlogri.ini"}], "ip": [{"hashes": ["2a799f1af67ebaf500f6d8d19c5489c915f7a4941dd8ee23abb59f1267cb2cac", "f9f9e5754be1c15cd0e5f704126dbcebdb3b23750b9f71917a609cb8809ea66d"], "ip": "192[.]0[.]78[.]24/31"}, {"hashes": ["0a8dcb1a894f3fcc59b6fb97092d894df9d74f0ad2421ff97f02f6933390c007", "5015d8750e859583ba4c3d6aa355284f6b44ec7505f3ab7201f9df5c4814bf38"], "ip": "192[.]124[.]249[.]54"}, {"hashes": ["0c160ffe91806918208577a7d1b067fee75cb3e4c970f8a909ed1aa002c2aebd", "bdf245b157a86482c078d31e9534aeaf13f66b2f12a39d48d2c0ddee0daa48e1"], "ip": "163[.]197[.]71[.]19"}, {"hashes": ["5015d8750e859583ba4c3d6aa355284f6b44ec7505f3ab7201f9df5c4814bf38", "95279e78094878be2c6743008e9faca5bba8a525173f1dfaa96c07aa6d2efb4e"], "ip": "202[.]254[.]234[.]133"}, {"hashes": ["782c64520ae22eabd8e0ef08455b5d4c9c5b7903e9de019c5cee47e1a1c16078", "a43399c374e22eede9bca6e264b831992d5ffef4173d0b77d69f0c43490ebbe3"], "ip": "162[.]241[.]225[.]234"}, {"hashes": ["782c64520ae22eabd8e0ef08455b5d4c9c5b7903e9de019c5cee47e1a1c16078", "896adbf9a4018128b1295faa207516bc475a6cdad2b7fa585cbbac253fd0deb0"], "ip": "39[.]108[.]116[.]125"}, {"hashes": ["95279e78094878be2c6743008e9faca5bba8a525173f1dfaa96c07aa6d2efb4e", "a43399c374e22eede9bca6e264b831992d5ffef4173d0b77d69f0c43490ebbe3"], "ip": "89[.]46[.]106[.]38"}, {"hashes": ["0a8dcb1a894f3fcc59b6fb97092d894df9d74f0ad2421ff97f02f6933390c007"], "ip": "203[.]170[.]80[.]250"}, {"hashes": ["896adbf9a4018128b1295faa207516bc475a6cdad2b7fa585cbbac253fd0deb0"], "ip": "23[.]20[.]239[.]12"}, {"hashes": ["bdf245b157a86482c078d31e9534aeaf13f66b2f12a39d48d2c0ddee0daa48e1"], "ip": "184[.]168[.]131[.]241"}, {"hashes": ["38b94bc25a46ecdc84963f75e03f9ba7808ba426d441f171ddc1e6dddfd5e1d5"], "ip": "23[.]227[.]38[.]64"}, {"hashes": ["0c160ffe91806918208577a7d1b067fee75cb3e4c970f8a909ed1aa002c2aebd"], "ip": "162[.]241[.]244[.]55"}, {"hashes": ["2b21ce5da9858140838cc3a5fc8c514e4120aa12ddc3c772e3d81b5fa5c8ca92"], "ip": "104[.]27[.]152[.]62"}, {"hashes": ["47918cc8704b6e78e2a923e5caece4d91cc023d3f1e21a435c01403b46437439"], "ip": "156[.]226[.]105[.]135"}, {"hashes": ["5015d8750e859583ba4c3d6aa355284f6b44ec7505f3ab7201f9df5c4814bf38"], "ip": "104[.]27[.]161[.]4"}, {"hashes": ["5015d8750e859583ba4c3d6aa355284f6b44ec7505f3ab7201f9df5c4814bf38"], "ip": "104[.]151[.]182[.]151"}, {"hashes": ["782c64520ae22eabd8e0ef08455b5d4c9c5b7903e9de019c5cee47e1a1c16078"], "ip": "52[.]40[.]240[.]30"}, {"hashes": ["95279e78094878be2c6743008e9faca5bba8a525173f1dfaa96c07aa6d2efb4e"], "ip": "182[.]16[.]79[.]146"}], "mutex": [], "registry": [{"hashes": ["0a8dcb1a894f3fcc59b6fb97092d894df9d74f0ad2421ff97f02f6933390c007", "0c160ffe91806918208577a7d1b067fee75cb3e4c970f8a909ed1aa002c2aebd", "279445da8550fc340c331a0b89cf9f3ead448fe314924756530705e40d2a3513", "2a799f1af67ebaf500f6d8d19c5489c915f7a4941dd8ee23abb59f1267cb2cac", "2b21ce5da9858140838cc3a5fc8c514e4120aa12ddc3c772e3d81b5fa5c8ca92", "38b94bc25a46ecdc84963f75e03f9ba7808ba426d441f171ddc1e6dddfd5e1d5", "47918cc8704b6e78e2a923e5caece4d91cc023d3f1e21a435c01403b46437439", "5015d8750e859583ba4c3d6aa355284f6b44ec7505f3ab7201f9df5c4814bf38", "782c64520ae22eabd8e0ef08455b5d4c9c5b7903e9de019c5cee47e1a1c16078", "896adbf9a4018128b1295faa207516bc475a6cdad2b7fa585cbbac253fd0deb0", "95279e78094878be2c6743008e9faca5bba8a525173f1dfaa96c07aa6d2efb4e", "a43399c374e22eede9bca6e264b831992d5ffef4173d0b77d69f0c43490ebbe3", "bdf245b157a86482c078d31e9534aeaf13f66b2f12a39d48d2c0ddee0daa48e1", "f9f9e5754be1c15cd0e5f704126dbcebdb3b23750b9f71917a609cb8809ea66d"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUNONCE", "value_name": "Maryan"}]}, "reports_count": 14}, "Win.Dropper.Qakbot-7784291-0": {"bis": [{"bi": "pe-encrypted-section", "hashes": ["55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "83e8c8671385e51ce9b52b9929ff89998338975427e7b4fa9bff708f9c83d882", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "76e60f27969b704b2629b03c998092ae56c32e7863bab52f8bda4c86aa9a1c20", "3e3445b365b8e6d13b586016322d76abf7576fe3b76503ee7b662e490465f0a9", "24b414b57f5124e5baa33924826bd1605f96539d1dad6a9dd1be7990dccc1a0c", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "0861cdb6614d615e00b109a946749671327b59f99dcf9812fabc37432ac67e97", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "memory-execute-readwrite", "hashes": ["55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "83e8c8671385e51ce9b52b9929ff89998338975427e7b4fa9bff708f9c83d882", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "76e60f27969b704b2629b03c998092ae56c32e7863bab52f8bda4c86aa9a1c20", "3e3445b365b8e6d13b586016322d76abf7576fe3b76503ee7b662e490465f0a9", "24b414b57f5124e5baa33924826bd1605f96539d1dad6a9dd1be7990dccc1a0c", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "0861cdb6614d615e00b109a946749671327b59f99dcf9812fabc37432ac67e97", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055", "T1181"]}, {"bi": "modified-executable", "hashes": ["55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "83e8c8671385e51ce9b52b9929ff89998338975427e7b4fa9bff708f9c83d882", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "76e60f27969b704b2629b03c998092ae56c32e7863bab52f8bda4c86aa9a1c20", "3e3445b365b8e6d13b586016322d76abf7576fe3b76503ee7b662e490465f0a9", "24b414b57f5124e5baa33924826bd1605f96539d1dad6a9dd1be7990dccc1a0c", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "0861cdb6614d615e00b109a946749671327b59f99dcf9812fabc37432ac67e97", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292"], "mitre_attack_tags": []}, {"bi": "created-executable-in-user-dir", "hashes": ["55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "83e8c8671385e51ce9b52b9929ff89998338975427e7b4fa9bff708f9c83d882", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "76e60f27969b704b2629b03c998092ae56c32e7863bab52f8bda4c86aa9a1c20", "3e3445b365b8e6d13b586016322d76abf7576fe3b76503ee7b662e490465f0a9", "24b414b57f5124e5baa33924826bd1605f96539d1dad6a9dd1be7990dccc1a0c", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "0861cdb6614d615e00b109a946749671327b59f99dcf9812fabc37432ac67e97", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292"], "mitre_attack_tags": []}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "83e8c8671385e51ce9b52b9929ff89998338975427e7b4fa9bff708f9c83d882", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "76e60f27969b704b2629b03c998092ae56c32e7863bab52f8bda4c86aa9a1c20", "3e3445b365b8e6d13b586016322d76abf7576fe3b76503ee7b662e490465f0a9", "24b414b57f5124e5baa33924826bd1605f96539d1dad6a9dd1be7990dccc1a0c", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "0861cdb6614d615e00b109a946749671327b59f99dcf9812fabc37432ac67e97", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292"], "mitre_attack_tags": []}, {"bi": "modified-file-in-user-dir", "hashes": ["55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "83e8c8671385e51ce9b52b9929ff89998338975427e7b4fa9bff708f9c83d882", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "76e60f27969b704b2629b03c998092ae56c32e7863bab52f8bda4c86aa9a1c20", "3e3445b365b8e6d13b586016322d76abf7576fe3b76503ee7b662e490465f0a9", "24b414b57f5124e5baa33924826bd1605f96539d1dad6a9dd1be7990dccc1a0c", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "0861cdb6614d615e00b109a946749671327b59f99dcf9812fabc37432ac67e97", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292"], "mitre_attack_tags": []}, {"bi": "cta-static-analyzer-malicious", "hashes": ["55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "83e8c8671385e51ce9b52b9929ff89998338975427e7b4fa9bff708f9c83d882", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "76e60f27969b704b2629b03c998092ae56c32e7863bab52f8bda4c86aa9a1c20", "3e3445b365b8e6d13b586016322d76abf7576fe3b76503ee7b662e490465f0a9", "24b414b57f5124e5baa33924826bd1605f96539d1dad6a9dd1be7990dccc1a0c", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "0861cdb6614d615e00b109a946749671327b59f99dcf9812fabc37432ac67e97", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292"], "mitre_attack_tags": []}, {"bi": "sample-launched-copy-of-self", "hashes": ["55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "83e8c8671385e51ce9b52b9929ff89998338975427e7b4fa9bff708f9c83d882", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "76e60f27969b704b2629b03c998092ae56c32e7863bab52f8bda4c86aa9a1c20", "3e3445b365b8e6d13b586016322d76abf7576fe3b76503ee7b662e490465f0a9", "24b414b57f5124e5baa33924826bd1605f96539d1dad6a9dd1be7990dccc1a0c", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "0861cdb6614d615e00b109a946749671327b59f99dcf9812fabc37432ac67e97", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292"], "mitre_attack_tags": ["TA0005", "T1202"]}, {"bi": "windows-crash-tool-execution-detected", "hashes": ["55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "83e8c8671385e51ce9b52b9929ff89998338975427e7b4fa9bff708f9c83d882", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "76e60f27969b704b2629b03c998092ae56c32e7863bab52f8bda4c86aa9a1c20", "3e3445b365b8e6d13b586016322d76abf7576fe3b76503ee7b662e490465f0a9", "24b414b57f5124e5baa33924826bd1605f96539d1dad6a9dd1be7990dccc1a0c", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "0861cdb6614d615e00b109a946749671327b59f99dcf9812fabc37432ac67e97", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292"], "mitre_attack_tags": []}, {"bi": "crash-dump-file-created", "hashes": ["55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "83e8c8671385e51ce9b52b9929ff89998338975427e7b4fa9bff708f9c83d882", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "76e60f27969b704b2629b03c998092ae56c32e7863bab52f8bda4c86aa9a1c20", "3e3445b365b8e6d13b586016322d76abf7576fe3b76503ee7b662e490465f0a9", "24b414b57f5124e5baa33924826bd1605f96539d1dad6a9dd1be7990dccc1a0c", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "0861cdb6614d615e00b109a946749671327b59f99dcf9812fabc37432ac67e97", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292"], "mitre_attack_tags": []}, {"bi": "process-explorer-suspicious-launch", "hashes": ["55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "83e8c8671385e51ce9b52b9929ff89998338975427e7b4fa9bff708f9c83d882", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "76e60f27969b704b2629b03c998092ae56c32e7863bab52f8bda4c86aa9a1c20", "3e3445b365b8e6d13b586016322d76abf7576fe3b76503ee7b662e490465f0a9", "24b414b57f5124e5baa33924826bd1605f96539d1dad6a9dd1be7990dccc1a0c", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "0861cdb6614d615e00b109a946749671327b59f99dcf9812fabc37432ac67e97", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292"], "mitre_attack_tags": ["TA0005", "T1055"]}, {"bi": "fault-report-file-created", "hashes": ["55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "83e8c8671385e51ce9b52b9929ff89998338975427e7b4fa9bff708f9c83d882", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "76e60f27969b704b2629b03c998092ae56c32e7863bab52f8bda4c86aa9a1c20", "3e3445b365b8e6d13b586016322d76abf7576fe3b76503ee7b662e490465f0a9", "24b414b57f5124e5baa33924826bd1605f96539d1dad6a9dd1be7990dccc1a0c", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "0861cdb6614d615e00b109a946749671327b59f99dcf9812fabc37432ac67e97", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292"], "mitre_attack_tags": []}, {"bi": "unsigned-roaming-execution", "hashes": ["55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "83e8c8671385e51ce9b52b9929ff89998338975427e7b4fa9bff708f9c83d882", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "76e60f27969b704b2629b03c998092ae56c32e7863bab52f8bda4c86aa9a1c20", "3e3445b365b8e6d13b586016322d76abf7576fe3b76503ee7b662e490465f0a9", "24b414b57f5124e5baa33924826bd1605f96539d1dad6a9dd1be7990dccc1a0c", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "0861cdb6614d615e00b109a946749671327b59f99dcf9812fabc37432ac67e97", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292"], "mitre_attack_tags": ["TA0005"]}, {"bi": "malware-qakbot-mutex-detected", "hashes": ["55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "83e8c8671385e51ce9b52b9929ff89998338975427e7b4fa9bff708f9c83d882", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "76e60f27969b704b2629b03c998092ae56c32e7863bab52f8bda4c86aa9a1c20", "3e3445b365b8e6d13b586016322d76abf7576fe3b76503ee7b662e490465f0a9", "24b414b57f5124e5baa33924826bd1605f96539d1dad6a9dd1be7990dccc1a0c", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "0861cdb6614d615e00b109a946749671327b59f99dcf9812fabc37432ac67e97", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292"], "mitre_attack_tags": []}], "category": "Dropper", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": true, "Threat Grid": true, "Umbrella": true, "WSA": true}, "description": "Qakbot, aka Qbot, has been around since at least 2008. Qbot primarily targets sensitive information like banking credentials but can also steal FTP credentials and spread across a network using SMB.", "hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "0861cdb6614d615e00b109a946749671327b59f99dcf9812fabc37432ac67e97", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "24b414b57f5124e5baa33924826bd1605f96539d1dad6a9dd1be7990dccc1a0c", "260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "3e3445b365b8e6d13b586016322d76abf7576fe3b76503ee7b662e490465f0a9", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "76e60f27969b704b2629b03c998092ae56c32e7863bab52f8bda4c86aa9a1c20", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5", "83e8c8671385e51ce9b52b9929ff89998338975427e7b4fa9bff708f9c83d882", "87c60075bf2b72651cfd4c93e510943fc12d3d0553d518ee48826697bbde8374", "8b73c0a590ff6fb955b93c6d5ec29b02058081e784b9e6529a14295989ab5710", "8e7e3c2c3ee9a4f4a012152af5a9f030efbf4e372ce08d90cdd85187a01bc469", "b09d84c4ba9d6ff9748ef179b9d0c07df1e564fdb09208b3bffa8cbf4ea5012e", "b19ff5bc5de2f07838874e5d967dd6f306ae7ac1c6cc7a81778232c992650956", "c0791ffae3e34ef414306901a255092a89258aa3257bf7bda01b373eac23baeb", "da0f1f404b1cc4036a790c96f93ab39844325bb57ec12bf58364700ec6025b97", "ef36b7c3f633b24b3bc194c6885ab5fd9d8efd0625f46879d987aa410dd2a9ac", "ef4554845b6f8ad4acf7e3af245a438418d509611bf58a37fa0c666b94365898"], "iocs": {"domain": [{"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5"], "host": "www[.]ip-adress[.]com"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5"], "host": "stc-hstn-03[.]sys[.]comcast[.]net"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5"], "host": "boston[.]speedtest[.]comcast[.]net"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5"], "host": "houston[.]speedtest[.]comcast[.]net"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5"], "host": "sanjose[.]speedtest[.]comcast[.]net"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5"], "host": "jacksonville[.]speedtest[.]comcast[.]net"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d"], "host": "forumity[.]com"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d"], "host": "www[.]forumity[.]com"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d"], "host": "aqtttolo[.]info"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d"], "host": "ajtjiykkbxtgchyzxuhht[.]org"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d"], "host": "olmhvbqsmptqsjlmsrf[.]org"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d"], "host": "ylgylcdzxmupgikszdpehfe[.]org"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d"], "host": "piizzckhkjudtqunqbhqunwu[.]org"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d"], "host": "khkhvekcfmgigyvbve[.]info"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d"], "host": "yduvduwyxbq[.]info"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d"], "host": "fsoatphootorb[.]biz"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d"], "host": "mgzejdnlxmwm[.]info"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d"], "host": "hxqngimmhgtvky[.]org"}, {"hashes": ["273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d"], "host": "ndregojpwfqotlsszipxzfsi[.]net"}, {"hashes": ["129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c"], "host": "sjstgfplvxpgywjpwfqhyjq[.]org"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d"], "host": "qwwrxkjjwsbxb[.]org"}, {"hashes": ["260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5"], "host": "jacksonville-a[.]speedtest[.]comcast[.]net"}, {"hashes": ["260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5"], "host": "stc-sjos-01[.]sys[.]comcast[.]net"}, {"hashes": ["260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5"], "host": "stc-fxbo-01[.]sys[.]comcast[.]net"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e"], "host": "efucmopmbiccdne[.]biz"}, {"hashes": ["245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d"], "host": "aflqqffllgbsagimipib[.]org"}, {"hashes": ["3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5"], "host": "egopdbdsdtqvhvcws[.]net"}, {"hashes": ["260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0"], "host": "81[.]151[.]167[.]12[.]in-addr[.]arpa"}, {"hashes": ["2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c"], "host": "85[.]151[.]167[.]12[.]in-addr[.]arpa"}, {"hashes": ["55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9"], "host": "qodpafdnvbinhly[.]net"}, {"hashes": ["55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9"], "host": "htergpvawkbmm[.]org"}, {"hashes": ["55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9"], "host": "rrkfzynduh[.]biz"}, {"hashes": ["55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9"], "host": "vvreqzzvuv[.]biz"}, {"hashes": ["55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9"], "host": "ranyjxmjvhenbsrjzfwji[.]org"}, {"hashes": ["55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9"], "host": "mkeonmklbllvb[.]biz"}, {"hashes": ["55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9"], "host": "kvlqgmcwtjgpkjzqcledkluhf[.]com"}, {"hashes": ["55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9"], "host": "irvfzrfbnwumm[.]com"}, {"hashes": ["55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9"], "host": "egktgyvsbrp[.]net"}, {"hashes": ["55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9"], "host": "dolhtzxkvrmb[.]org"}, {"hashes": ["78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c"], "host": "khkhvekcfmgigyvbve[.]info[.]example[.]org"}, {"hashes": ["78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c"], "host": "fsoatphootorb[.]biz[.]example[.]org"}, {"hashes": ["78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c"], "host": "ndregojpwfqotlsszipxzfsi[.]net[.]example[.]org"}, {"hashes": ["78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c"], "host": "mgzejdnlxmwm[.]info[.]example[.]org"}, {"hashes": ["78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c"], "host": "ajtjiykkbxtgchyzxuhht[.]org[.]example[.]org"}, {"hashes": ["78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c"], "host": "hxqngimmhgtvky[.]org[.]example[.]org"}, {"hashes": ["78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c"], "host": "yduvduwyxbq[.]info[.]example[.]org"}, {"hashes": ["78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c"], "host": "olmhvbqsmptqsjlmsrf[.]org[.]example[.]org"}, {"hashes": ["78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c"], "host": "piizzckhkjudtqunqbhqunwu[.]org[.]example[.]org"}, {"hashes": ["78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c"], "host": "sjstgfplvxpgywjpwfqhyjq[.]org[.]example[.]org"}, {"hashes": ["78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c"], "host": "ylgylcdzxmupgikszdpehfe[.]org[.]example[.]org"}], "file": [{"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "0861cdb6614d615e00b109a946749671327b59f99dcf9812fabc37432ac67e97", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "24b414b57f5124e5baa33924826bd1605f96539d1dad6a9dd1be7990dccc1a0c", "260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "3e3445b365b8e6d13b586016322d76abf7576fe3b76503ee7b662e490465f0a9", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "76e60f27969b704b2629b03c998092ae56c32e7863bab52f8bda4c86aa9a1c20", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5", "83e8c8671385e51ce9b52b9929ff89998338975427e7b4fa9bff708f9c83d882"], "path": "%APPDATA%\\Microsoft\\Eqfikq"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "0861cdb6614d615e00b109a946749671327b59f99dcf9812fabc37432ac67e97", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "24b414b57f5124e5baa33924826bd1605f96539d1dad6a9dd1be7990dccc1a0c", "260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "3e3445b365b8e6d13b586016322d76abf7576fe3b76503ee7b662e490465f0a9", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "76e60f27969b704b2629b03c998092ae56c32e7863bab52f8bda4c86aa9a1c20", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5", "83e8c8671385e51ce9b52b9929ff89998338975427e7b4fa9bff708f9c83d882"], "path": "%APPDATA%\\Microsoft\\Eqfikq\\eqfi.dll"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "0861cdb6614d615e00b109a946749671327b59f99dcf9812fabc37432ac67e97", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "24b414b57f5124e5baa33924826bd1605f96539d1dad6a9dd1be7990dccc1a0c", "260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "3e3445b365b8e6d13b586016322d76abf7576fe3b76503ee7b662e490465f0a9", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "76e60f27969b704b2629b03c998092ae56c32e7863bab52f8bda4c86aa9a1c20", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5", "83e8c8671385e51ce9b52b9929ff89998338975427e7b4fa9bff708f9c83d882"], "path": "%APPDATA%\\Microsoft\\Eqfikq\\eqfik.exe"}, {"hashes": ["3e3445b365b8e6d13b586016322d76abf7576fe3b76503ee7b662e490465f0a9", "55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9"], "path": "%APPDATA%\\Microsoft\\Ejfoidj\\ejfoi.dll"}, {"hashes": ["3e3445b365b8e6d13b586016322d76abf7576fe3b76503ee7b662e490465f0a9", "55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9"], "path": "%APPDATA%\\Microsoft\\Ejfoidj\\ejfoid.exe"}, {"hashes": ["73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e"], "path": "%APPDATA%\\Microsoft\\Roirwavo\\roirwa.dll"}, {"hashes": ["73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e"], "path": "%APPDATA%\\Microsoft\\Roirwavo\\roirwav.exe"}, {"hashes": ["0861cdb6614d615e00b109a946749671327b59f99dcf9812fabc37432ac67e97", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7"], "path": "%APPDATA%\\Microsoft\\Azwagrmz\\azwagr.dll"}, {"hashes": ["0861cdb6614d615e00b109a946749671327b59f99dcf9812fabc37432ac67e97", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7"], "path": "%APPDATA%\\Microsoft\\Azwagrmz\\azwagrm.exe"}, {"hashes": ["3e3445b365b8e6d13b586016322d76abf7576fe3b76503ee7b662e490465f0a9", "55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9"], "path": "%APPDATA%\\Microsoft\\Ejfoidj\\cejfoid32.dll"}, {"hashes": ["3e3445b365b8e6d13b586016322d76abf7576fe3b76503ee7b662e490465f0a9", "55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9"], "path": "%APPDATA%\\Microsoft\\Ejfoidj\\ejfoid32.dll"}, {"hashes": ["0861cdb6614d615e00b109a946749671327b59f99dcf9812fabc37432ac67e97", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7"], "path": "%APPDATA%\\Microsoft\\Azwagrmz\\azwagrm32.dll"}, {"hashes": ["0861cdb6614d615e00b109a946749671327b59f99dcf9812fabc37432ac67e97", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7"], "path": "%APPDATA%\\Microsoft\\Azwagrmz\\cazwagrm32.dll"}, {"hashes": ["73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e"], "path": "%APPDATA%\\Microsoft\\Roirwavo\\croirwav32.dll"}, {"hashes": ["73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e"], "path": "%APPDATA%\\Microsoft\\Roirwavo\\roirwav32.dll"}, {"hashes": ["3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0"], "path": "%APPDATA%\\Microsoft\\Skywnak\\skywna.exe"}, {"hashes": ["3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0"], "path": "%APPDATA%\\Microsoft\\Skywnak\\skywna32.dll"}, {"hashes": ["3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0"], "path": "%APPDATA%\\Microsoft\\Skywnak\\u\\skywna.exe"}, {"hashes": ["46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c"], "path": "%APPDATA%\\Microsoft\\Aygfxray\\aygfxr.dll"}, {"hashes": ["46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c"], "path": "%APPDATA%\\Microsoft\\Aygfxray\\aygfxra.exe"}, {"hashes": ["46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c"], "path": "%APPDATA%\\Microsoft\\Aygfxray\\aygfxra32.dll"}, {"hashes": ["46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c"], "path": "%APPDATA%\\Microsoft\\Tmbfmvcm\\ctmbfmvc32.dll"}, {"hashes": ["46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c"], "path": "%APPDATA%\\Microsoft\\Tmbfmvcm\\tmbfmv.dll"}, {"hashes": ["46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c"], "path": "%APPDATA%\\Microsoft\\Tmbfmvcm\\tmbfmvc.exe"}, {"hashes": ["46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c"], "path": "%APPDATA%\\Microsoft\\Tmbfmvcm\\tmbfmvc32.dll"}, {"hashes": ["46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c"], "path": "%APPDATA%\\Microsoft\\Tmbfmvcm\\u\\tmbfmvc.exe"}, {"hashes": ["46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c"], "path": "\\DELLXP3-FF65BF9\\C$\\niayllogz.exe"}, {"hashes": ["7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5"], "path": "%APPDATA%\\Microsoft\\Xtatft\\cxtatf32.dll"}, {"hashes": ["7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5"], "path": "%APPDATA%\\Microsoft\\Xtatft\\u\\xtatf.exe"}, {"hashes": ["7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5"], "path": "%APPDATA%\\Microsoft\\Xtatft\\xtat.dll"}, {"hashes": ["7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5"], "path": "%APPDATA%\\Microsoft\\Xtatft\\xtatf.exe"}, {"hashes": ["7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5"], "path": "%APPDATA%\\Microsoft\\Xtatft\\xtatf32.dll"}, {"hashes": ["129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292"], "path": "%APPDATA%\\Microsoft\\Iukpydou\\ciukpydo32.dll"}, {"hashes": ["129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292"], "path": "%APPDATA%\\Microsoft\\Iukpydou\\iukpydo32.dll"}, {"hashes": ["2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369"], "path": "%APPDATA%\\Microsoft\\Acumjcujc\\acumjcu.dll"}, {"hashes": ["2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369"], "path": "%APPDATA%\\Microsoft\\Acumjcujc\\acumjcuj.exe"}, {"hashes": ["2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369"], "path": "%APPDATA%\\Microsoft\\Acumjcujc\\acumjcuj32.dll"}, {"hashes": ["2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369"], "path": "%APPDATA%\\Microsoft\\Acumjcujc\\cacumjcuj32.dll"}, {"hashes": ["245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa"], "path": "%APPDATA%\\Microsoft\\Ocqqac\\cocqqa32.dll"}, {"hashes": ["245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa"], "path": "%APPDATA%\\Microsoft\\Ocqqac\\ocqqa32.dll"}, {"hashes": ["24b414b57f5124e5baa33924826bd1605f96539d1dad6a9dd1be7990dccc1a0c"], "path": "%APPDATA%\\Microsoft\\Ezcweuuz\\cezcweuu32.dll"}, {"hashes": ["24b414b57f5124e5baa33924826bd1605f96539d1dad6a9dd1be7990dccc1a0c"], "path": "%APPDATA%\\Microsoft\\Ezcweuuz\\ezcweuu32.dll"}, {"hashes": ["273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25"], "path": "%APPDATA%\\Microsoft\\Wqvjshhvq\\cwqvjshhv32.dll"}, {"hashes": ["273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25"], "path": "%APPDATA%\\Microsoft\\Wqvjshhvq\\wqvjshh.dll"}, {"hashes": ["273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25"], "path": "%APPDATA%\\Microsoft\\Wqvjshhvq\\wqvjshhv.exe"}, {"hashes": ["273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25"], "path": "%APPDATA%\\Microsoft\\Wqvjshhvq\\wqvjshhv32.dll"}, {"hashes": ["331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777"], "path": "%APPDATA%\\Microsoft\\Xygpiy\\cxygpi32.dll"}, {"hashes": ["331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777"], "path": "%APPDATA%\\Microsoft\\Xygpiy\\xygpi32.dll"}, {"hashes": ["72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063"], "path": "%APPDATA%\\Microsoft\\Urllar\\curlla32.dll"}, {"hashes": ["72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063"], "path": "%APPDATA%\\Microsoft\\Urllar\\urlla32.dll"}], "ip": [{"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5"], "ip": "69[.]241[.]80[.]162"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5"], "ip": "85[.]25[.]210[.]196"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d"], "ip": "68[.]87[.]56[.]130"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d"], "ip": "65[.]182[.]187[.]52"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d"], "ip": "85[.]202[.]175[.]200"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d"], "ip": "208[.]100[.]26[.]245"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d"], "ip": "172[.]217[.]2[.]110"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c"], "ip": "181[.]224[.]138[.]240"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5"], "ip": "162[.]144[.]12[.]241"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5"], "ip": "66[.]96[.]134[.]31"}, {"hashes": ["129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d"], "ip": "66[.]7[.]210[.]190"}, {"hashes": ["2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d"], "ip": "207[.]38[.]89[.]115"}, {"hashes": ["260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5"], "ip": "69[.]241[.]74[.]170"}, {"hashes": ["260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5"], "ip": "69[.]241[.]108[.]58"}, {"hashes": ["260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5"], "ip": "69[.]64[.]56[.]244"}, {"hashes": ["260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5"], "ip": "69[.]241[.]106[.]102"}, {"hashes": ["260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e"], "ip": "216[.]58[.]217[.]142"}, {"hashes": ["129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa"], "ip": "209[.]126[.]124[.]166"}, {"hashes": ["2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c"], "ip": "12[.]167[.]151[.]85"}, {"hashes": ["260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0"], "ip": "12[.]167[.]151[.]81"}, {"hashes": ["3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5"], "ip": "136[.]243[.]124[.]143"}, {"hashes": ["55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9"], "ip": "208[.]100[.]26[.]251"}, {"hashes": ["2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e"], "ip": "208[.]100[.]26[.]234"}, {"hashes": ["46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c"], "ip": "216[.]58[.]218[.]238"}, {"hashes": ["3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0"], "ip": "216[.]58[.]217[.]78"}, {"hashes": ["2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e"], "ip": "195[.]22[.]28[.]222"}, {"hashes": ["2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e"], "ip": "195[.]22[.]28[.]194"}, {"hashes": ["55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9"], "ip": "172[.]217[.]13[.]238"}, {"hashes": ["7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5"], "ip": "12[.]167[.]151[.]89"}, {"hashes": ["7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5"], "ip": "172[.]217[.]1[.]14"}, {"hashes": ["260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d"], "ip": "181[.]215[.]115[.]202"}, {"hashes": ["46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c"], "ip": "104[.]223[.]125[.]163"}], "mutex": [{"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "0861cdb6614d615e00b109a946749671327b59f99dcf9812fabc37432ac67e97", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "24b414b57f5124e5baa33924826bd1605f96539d1dad6a9dd1be7990dccc1a0c", "260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "3e3445b365b8e6d13b586016322d76abf7576fe3b76503ee7b662e490465f0a9", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "76e60f27969b704b2629b03c998092ae56c32e7863bab52f8bda4c86aa9a1c20", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5", "83e8c8671385e51ce9b52b9929ff89998338975427e7b4fa9bff708f9c83d882"], "name": "Global\\eqfik"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "0861cdb6614d615e00b109a946749671327b59f99dcf9812fabc37432ac67e97", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "24b414b57f5124e5baa33924826bd1605f96539d1dad6a9dd1be7990dccc1a0c", "260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "3e3445b365b8e6d13b586016322d76abf7576fe3b76503ee7b662e490465f0a9", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "76e60f27969b704b2629b03c998092ae56c32e7863bab52f8bda4c86aa9a1c20", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5", "83e8c8671385e51ce9b52b9929ff89998338975427e7b4fa9bff708f9c83d882"], "name": "llzeou"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "0861cdb6614d615e00b109a946749671327b59f99dcf9812fabc37432ac67e97", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "24b414b57f5124e5baa33924826bd1605f96539d1dad6a9dd1be7990dccc1a0c", "260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "3e3445b365b8e6d13b586016322d76abf7576fe3b76503ee7b662e490465f0a9", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "76e60f27969b704b2629b03c998092ae56c32e7863bab52f8bda4c86aa9a1c20", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5", "83e8c8671385e51ce9b52b9929ff89998338975427e7b4fa9bff708f9c83d882"], "name": "eqfika"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "0861cdb6614d615e00b109a946749671327b59f99dcf9812fabc37432ac67e97", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "24b414b57f5124e5baa33924826bd1605f96539d1dad6a9dd1be7990dccc1a0c", "260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "3e3445b365b8e6d13b586016322d76abf7576fe3b76503ee7b662e490465f0a9", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "76e60f27969b704b2629b03c998092ae56c32e7863bab52f8bda4c86aa9a1c20", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5", "83e8c8671385e51ce9b52b9929ff89998338975427e7b4fa9bff708f9c83d882"], "name": "Global\\epieuxzk"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "0861cdb6614d615e00b109a946749671327b59f99dcf9812fabc37432ac67e97", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "24b414b57f5124e5baa33924826bd1605f96539d1dad6a9dd1be7990dccc1a0c", "260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "3e3445b365b8e6d13b586016322d76abf7576fe3b76503ee7b662e490465f0a9", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "76e60f27969b704b2629b03c998092ae56c32e7863bab52f8bda4c86aa9a1c20", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5", "83e8c8671385e51ce9b52b9929ff89998338975427e7b4fa9bff708f9c83d882"], "name": "Global\\ulnahjoi"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "0861cdb6614d615e00b109a946749671327b59f99dcf9812fabc37432ac67e97", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "24b414b57f5124e5baa33924826bd1605f96539d1dad6a9dd1be7990dccc1a0c", "260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "3e3445b365b8e6d13b586016322d76abf7576fe3b76503ee7b662e490465f0a9", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "76e60f27969b704b2629b03c998092ae56c32e7863bab52f8bda4c86aa9a1c20", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5", "83e8c8671385e51ce9b52b9929ff89998338975427e7b4fa9bff708f9c83d882"], "name": "Global\\utjvfi"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "0861cdb6614d615e00b109a946749671327b59f99dcf9812fabc37432ac67e97", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "24b414b57f5124e5baa33924826bd1605f96539d1dad6a9dd1be7990dccc1a0c", "260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "3e3445b365b8e6d13b586016322d76abf7576fe3b76503ee7b662e490465f0a9", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "76e60f27969b704b2629b03c998092ae56c32e7863bab52f8bda4c86aa9a1c20", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5", "83e8c8671385e51ce9b52b9929ff89998338975427e7b4fa9bff708f9c83d882"], "name": "Global\\<random guid>"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "0861cdb6614d615e00b109a946749671327b59f99dcf9812fabc37432ac67e97", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "24b414b57f5124e5baa33924826bd1605f96539d1dad6a9dd1be7990dccc1a0c", "260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "3e3445b365b8e6d13b586016322d76abf7576fe3b76503ee7b662e490465f0a9", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5", "83e8c8671385e51ce9b52b9929ff89998338975427e7b4fa9bff708f9c83d882"], "name": "<random, matching [a-zA-Z0-9]{5,9}>"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "0861cdb6614d615e00b109a946749671327b59f99dcf9812fabc37432ac67e97", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "24b414b57f5124e5baa33924826bd1605f96539d1dad6a9dd1be7990dccc1a0c", "260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "3e3445b365b8e6d13b586016322d76abf7576fe3b76503ee7b662e490465f0a9", "46011a910b4ce61158f0a7887a4b4e0bd71f90a071ba580b7a2caf5d4ba6d40c", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063", "73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "78c6b3c52e9898ac08614c50b467420d1c92a4debc8bdc6e991f54fc0096ab8c", "79eaf0d9b56744ffbdb9a22c0e8125489982fb643443e1d133b9f813a1df9f8d", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5", "83e8c8671385e51ce9b52b9929ff89998338975427e7b4fa9bff708f9c83d882"], "name": "<random, matching [a-fA-F0-9]{10}>"}, {"hashes": ["0289e0bed96f42709e5280b614e1d3d7e6f250f28e58ce6e9fea4a2aa76da2a4", "129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292", "245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa", "260a4f0837b10cf9eb3850ef0909a498a66f78941fd49a0bd77255d434dbf26d", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "38ec6db55a026581307defde287712991ac3b8dc5cc7e4e17b7fa2c42ade64dc", "55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9", "6a79a598c933dd9df1e8f2826e5f37352f0305d1cb039f404acf3d64569b83e0", "73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e", "7a7fd8b7d3927b463845244f90fad10e5d41b78076034a903c482ab74a7bfaf5", "83e8c8671385e51ce9b52b9929ff89998338975427e7b4fa9bff708f9c83d882"], "name": "<32 random hex characters>"}, {"hashes": ["2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369", "273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25", "2e8887d6d114d577be5ea311bb00fb9c5012818ee9db5fc0318f34f88f51b55e", "331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777", "3453da96ed422677b616d1c76fe9d81a59d5ef4e1e422a44146b348f22285bc0", "72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063"], "name": "<random, matching '[A-Z0-9]{14}'>"}, {"hashes": ["3e3445b365b8e6d13b586016322d76abf7576fe3b76503ee7b662e490465f0a9", "55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9"], "name": "Global\\ejfoid"}, {"hashes": ["73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e"], "name": "Global\\roirwav"}, {"hashes": ["0861cdb6614d615e00b109a946749671327b59f99dcf9812fabc37432ac67e97", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7"], "name": "Global\\azwagrm"}, {"hashes": ["3e3445b365b8e6d13b586016322d76abf7576fe3b76503ee7b662e490465f0a9", "55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9"], "name": "coasyadnmef"}, {"hashes": ["3e3445b365b8e6d13b586016322d76abf7576fe3b76503ee7b662e490465f0a9", "55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9"], "name": "Global\\hxheux"}, {"hashes": ["3e3445b365b8e6d13b586016322d76abf7576fe3b76503ee7b662e490465f0a9", "55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9"], "name": "Global\\rdiveva"}, {"hashes": ["3e3445b365b8e6d13b586016322d76abf7576fe3b76503ee7b662e490465f0a9", "55a4a50034f3084b17180ac76f86635e85369dc7ce22a7795f0d4ef7482655c9"], "name": "Global\\gzshgqu"}, {"hashes": ["0861cdb6614d615e00b109a946749671327b59f99dcf9812fabc37432ac67e97", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7"], "name": "Global\\grnsvn"}, {"hashes": ["0861cdb6614d615e00b109a946749671327b59f99dcf9812fabc37432ac67e97", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7"], "name": "Global\\gwlkdhgp"}, {"hashes": ["0861cdb6614d615e00b109a946749671327b59f99dcf9812fabc37432ac67e97", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7"], "name": "Global\\mabto"}, {"hashes": ["0861cdb6614d615e00b109a946749671327b59f99dcf9812fabc37432ac67e97", "607bf064217e78031c37d9b0117e5e95614e30ac2e9c1bae71bb1fca8b83a2b7"], "name": "wyacxpveqm"}, {"hashes": ["73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e"], "name": "hvavqpxwtc"}, {"hashes": ["73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e"], "name": "Global\\erihco"}, {"hashes": ["73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e"], "name": "Global\\luxarsa"}, {"hashes": ["73bcbdcf15931a6a2c0484649351c73c7ab7399224c3ec3ca1e94fac3782aef4", "74b261309a692f5675b9c9eec4296f057edaeffbecd5a23dd3b2e578e9b3159e"], "name": "Global\\jtkejddu"}, {"hashes": ["129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292"], "name": "Global\\emksuuu"}, {"hashes": ["129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292"], "name": "Global\\aewuk"}, {"hashes": ["129764c283221c4585bd9acdd405cd24c726849037c751af170bfb330ec53292"], "name": "fwixixwqskdighg"}, {"hashes": ["2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369"], "name": "Global\\acumjcuj"}, {"hashes": ["2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369"], "name": "Global\\inwacepw"}, {"hashes": ["2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369"], "name": "Global\\sdcwwbwo"}, {"hashes": ["2198e1875abafc8a496f5eaf447a2030867c59534095fc0cc7e86b030518f369"], "name": "Global\\cexinegh"}, {"hashes": ["245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa"], "name": "Global\\yeqhi"}, {"hashes": ["245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa"], "name": "Global\\hyioi"}, {"hashes": ["245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa"], "name": "jxyuwlgnnqfh"}, {"hashes": ["245949c11812bfe1b039f569378050e2f999183fb9bd23aa9386e6da867786aa"], "name": "Global\\sjuqe"}, {"hashes": ["24b414b57f5124e5baa33924826bd1605f96539d1dad6a9dd1be7990dccc1a0c"], "name": "Global\\iogxnue"}, {"hashes": ["24b414b57f5124e5baa33924826bd1605f96539d1dad6a9dd1be7990dccc1a0c"], "name": "Global\\luoui"}, {"hashes": ["24b414b57f5124e5baa33924826bd1605f96539d1dad6a9dd1be7990dccc1a0c"], "name": "fnjmgiuyfxrkebx"}, {"hashes": ["24b414b57f5124e5baa33924826bd1605f96539d1dad6a9dd1be7990dccc1a0c"], "name": "Global\\szbvd"}, {"hashes": ["273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25"], "name": "Global\\tepgodxo"}, {"hashes": ["273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25"], "name": "Global\\kdichrde"}, {"hashes": ["273cba3fa9ecf4514223f55ec3f530c48f5a6634ba8c0182e067338d13befc25"], "name": "Global\\vuqoqo"}, {"hashes": ["331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777"], "name": "Global\\anwdzhwn"}, {"hashes": ["331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777"], "name": "Global\\eogom"}, {"hashes": ["331af7cf195ada1e8e136ee076f0e4a37797fb14b0f50ce2a4fb412a8fe27777"], "name": "Global\\zddkqoy"}, {"hashes": ["72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063"], "name": "Global\\wpourh"}, {"hashes": ["72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063"], "name": "Global\\rdtbfn"}, {"hashes": ["72b0f17ea79c881b9d2374f2ff9805e81ff81d9cfa63b2b70fd95118bd120063"], "name": "Global\\lmheir"}], "registry": []}, "reports_count": 25}, "Win.Dropper.Remcos-7771461-0": {"bis": [{"bi": "memory-execute-readwrite", "hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "619b1c946e494b94a4c62c3a3f9b02324f4ebbf60e573b9e648a7905f57e8bce", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055", "T1181"]}, {"bi": "modified-file-in-user-dir", "hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "619b1c946e494b94a4c62c3a3f9b02324f4ebbf60e573b9e648a7905f57e8bce", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548"], "mitre_attack_tags": []}, {"bi": "cta-static-analyzer-malicious", "hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "619b1c946e494b94a4c62c3a3f9b02324f4ebbf60e573b9e648a7905f57e8bce", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548"], "mitre_attack_tags": []}, {"bi": "hook-installed", "hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "619b1c946e494b94a4c62c3a3f9b02324f4ebbf60e573b9e648a7905f57e8bce", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548"], "mitre_attack_tags": ["TA0006", "TA0003", "TA0004", "T1056", "T1179"]}, {"bi": "pe-tls-callback", "hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "619b1c946e494b94a4c62c3a3f9b02324f4ebbf60e573b9e648a7905f57e8bce", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "pe-header-timestamp-prior", "hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "619b1c946e494b94a4c62c3a3f9b02324f4ebbf60e573b9e648a7905f57e8bce", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548"], "mitre_attack_tags": []}, {"bi": "pe-section-shared", "hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "619b1c946e494b94a4c62c3a3f9b02324f4ebbf60e573b9e648a7905f57e8bce", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "modified-executable", "hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548"], "mitre_attack_tags": []}, {"bi": "created-executable-in-user-dir", "hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548"], "mitre_attack_tags": []}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "619b1c946e494b94a4c62c3a3f9b02324f4ebbf60e573b9e648a7905f57e8bce", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548"], "mitre_attack_tags": []}, {"bi": "network-fast-flux-domain", "hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548"], "mitre_attack_tags": []}, {"bi": "registry-autorun-key-modified", "hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548"], "mitre_attack_tags": ["TA0003", "T1060"]}, {"bi": "artifact-flagged-anomaly", "hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "network-only-safe-domains-contacted", "hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548"], "mitre_attack_tags": []}, {"bi": "feed-domain-antivirus-service", "hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548"], "mitre_attack_tags": []}, {"bi": "excessive-foreign-memory-modification", "hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548"], "mitre_attack_tags": ["TA0005", "T1055"]}, {"bi": "network-dns-category-file-storage", "hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548"], "mitre_attack_tags": []}, {"bi": "registry-modified-rootcerts", "hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548"], "mitre_attack_tags": ["TA0011", "TA0006", "TA0005", "T1130"]}, {"bi": "windows-util-schtask-generic", "hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548"], "mitre_attack_tags": ["TA0003", "T1053"]}, {"bi": "files-deleted-used-batch", "hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548"], "mitre_attack_tags": ["TA0005", "T1107"]}, {"bi": "cmd-exe-file-execution", "hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548"], "mitre_attack_tags": ["TA0002", "T1059"]}, {"bi": "registry-modification-reg", "hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548"], "mitre_attack_tags": []}, {"bi": "pe-header-timestamp-future", "hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548"], "mitre_attack_tags": []}, {"bi": "files-deleted-used-vbs", "hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548"], "mitre_attack_tags": ["TA0005", "T1107"]}, {"bi": "fake-windows-directory-file-creation", "hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548"], "mitre_attack_tags": ["TA0005", "TA0002", "T1036", "T1151"]}, {"bi": "malware-gelup-artifact-detected", "hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548"], "mitre_attack_tags": []}, {"bi": "feed-domain-rat", "hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548"], "mitre_attack_tags": []}, {"bi": "malware-remcos-mutex", "hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548"], "mitre_attack_tags": []}, {"bi": "malware-remcos-registry", "hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548"], "mitre_attack_tags": []}, {"bi": "network-snort-protocol", "hashes": ["fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548"], "mitre_attack_tags": []}, {"bi": "network-dns-category-dynamic", "hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22"], "mitre_attack_tags": []}, {"bi": "network-communications-http-get", "hashes": ["fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "mitre_attack_tags": ["TA0011", "TA0010", "T1105", "T1043"]}, {"bi": "network-file-downloaded-to-disk", "hashes": ["fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed"], "mitre_attack_tags": []}, {"bi": "network-opendns-malicious", "hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548"], "mitre_attack_tags": []}, {"bi": "url-forced-download-prompt", "hashes": ["fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed"], "mitre_attack_tags": ["TA0005", "T1105"]}, {"bi": "malware-remcos-path", "hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed"], "mitre_attack_tags": []}, {"bi": "network-fast-flux-nameserver", "hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4"], "mitre_attack_tags": []}, {"bi": "network-snort-malware", "hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4"], "mitre_attack_tags": []}, {"bi": "network-http-numeric-ip", "hashes": ["d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "mitre_attack_tags": ["TA0011", "TA0005", "T1071"]}, {"bi": "file-ini-read", "hashes": ["d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "mitre_attack_tags": []}, {"bi": "windows-vault-api", "hashes": ["d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "mitre_attack_tags": ["TA0006", "T1003"]}, {"bi": "audio-video-mutex-detected", "hashes": ["d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "mitre_attack_tags": ["TA0009", "T1123", "T1125"]}, {"bi": "firefox-password-manager-local-database-access", "hashes": ["d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6"], "mitre_attack_tags": ["TA0006", "T1003"]}, {"bi": "enumeration-browser-information", "hashes": ["d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6"], "mitre_attack_tags": ["TA0007", "TA0006", "T1003", "T1217"]}, {"bi": "antivirus-service-flagged-artifact-mid", "hashes": ["d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6"], "mitre_attack_tags": []}, {"bi": "windows-crash-tool-execution-detected", "hashes": ["619b1c946e494b94a4c62c3a3f9b02324f4ebbf60e573b9e648a7905f57e8bce"], "mitre_attack_tags": []}, {"bi": "crash-dump-file-created", "hashes": ["619b1c946e494b94a4c62c3a3f9b02324f4ebbf60e573b9e648a7905f57e8bce"], "mitre_attack_tags": []}, {"bi": "fault-report-file-created", "hashes": ["619b1c946e494b94a4c62c3a3f9b02324f4ebbf60e573b9e648a7905f57e8bce"], "mitre_attack_tags": []}, {"bi": "process-requested-named-pipe", "hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "mitre_attack_tags": ["TA0004", "TA0005"]}, {"bi": "http-response-client-error", "hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "mitre_attack_tags": []}, {"bi": "potential-registry-persistence", "hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "mitre_attack_tags": []}, {"bi": "modified-file-in-program-dir", "hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "mitre_attack_tags": []}, {"bi": "registry-login-info-modified", "hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "mitre_attack_tags": ["TA0005", "TA0003", "TA0004", "T1112", "T1098"]}, {"bi": "imports-IsDebuggerPresent", "hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "mitre_attack_tags": []}, {"bi": "pe-imports-toolhelp", "hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "mitre_attack_tags": ["TA0007", "T1057"]}, {"bi": "file-ini-modified", "hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "mitre_attack_tags": ["TA0003"]}, {"bi": "pe-subtype-svc", "hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "mitre_attack_tags": []}, {"bi": "registry-created-user", "hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "mitre_attack_tags": ["TA0005", "TA0003", "TA0004", "T1112", "T1098"]}], "category": "Dropper", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": true, "Threat Grid": true, "Umbrella": true, "WSA": true}, "description": "Remcos is a remote access trojan (RAT) that allows attackers to execute commands on the infected host, log keystrokes, interact with a webcam, and capture screenshots. This malware is commonly delivered through Microsoft Office documents with macros, sent as attachments on malicious emails.", "hashes": ["198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "619b1c946e494b94a4c62c3a3f9b02324f4ebbf60e573b9e648a7905f57e8bce", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548", "caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be"], "iocs": {"domain": [{"hashes": ["8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be"], "host": "goddywin[.]freedynamicdns[.]net"}, {"hashes": ["4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df"], "host": "rex2018[.]hopto[.]org"}, {"hashes": ["4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df"], "host": "rex2020[.]myddns[.]me"}, {"hashes": ["4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df"], "host": "rex2018[.]myddns[.]me"}, {"hashes": ["198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc"], "host": "nagod[.]ddns[.]net"}, {"hashes": ["d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22"], "host": "godsfavoured[.]ddns[.]net"}, {"hashes": ["4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df"], "host": "myb50[.]myddns[.]me"}, {"hashes": ["4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df"], "host": "johnhoff2[.]hopto[.]org"}, {"hashes": ["d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22"], "host": "doc-04-54-docs[.]googleusercontent[.]com"}, {"hashes": ["8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8"], "host": "doc-10-54-docs[.]googleusercontent[.]com"}, {"hashes": ["4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df"], "host": "jbcbeads[.]myddns[.]rocks"}, {"hashes": ["198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc"], "host": "doc-0o-54-docs[.]googleusercontent[.]com"}, {"hashes": ["573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e"], "host": "doc-0k-54-docs[.]googleusercontent[.]com"}, {"hashes": ["4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4"], "host": "doc-0k-ak-docs[.]googleusercontent[.]com"}, {"hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df"], "host": "doc-08-ak-docs[.]googleusercontent[.]com"}, {"hashes": ["36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed"], "host": "u863495[.]awsmppl[.]com"}, {"hashes": ["36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed"], "host": "doc-04-8o-docs[.]googleusercontent[.]com"}, {"hashes": ["36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed"], "host": "lakeside007[.]awsmppl[.]com"}, {"hashes": ["fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be"], "host": "doc-14-54-docs[.]googleusercontent[.]com"}, {"hashes": ["f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8"], "host": "dolxxrem[.]hopto[.]org"}, {"hashes": ["573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558"], "host": "experience2477[.]ddns[.]net"}, {"hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "host": "doc-14-30-docs[.]googleusercontent[.]com"}, {"hashes": ["d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6"], "host": "xxxxza[.]dynamic-dns[.]net"}], "file": [{"hashes": ["198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "619b1c946e494b94a4c62c3a3f9b02324f4ebbf60e573b9e648a7905f57e8bce", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548", "caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be"], "path": "%TEMP%\\<random, matching '[a-f0-9]{3,5}'>_appcompat.txt"}, {"hashes": ["198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548", "caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be"], "path": "%LOCALAPPDATA%\\<random, matching '[a-z0-9]{3,7}'>"}, {"hashes": ["198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "619b1c946e494b94a4c62c3a3f9b02324f4ebbf60e573b9e648a7905f57e8bce", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548", "caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be"], "path": "%TEMP%\\<random, matching '[A-F0-9]{4,5}'>.dmp"}, {"hashes": ["198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548", "caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be"], "path": "%System32%\\winevt\\Logs\\Microsoft-Windows-CodeIntegrity%4Operational.evtx"}, {"hashes": ["198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548", "caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be"], "path": "%PUBLIC%\\Natso.bat"}, {"hashes": ["198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548", "caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be"], "path": "%PUBLIC%\\Runex.bat"}, {"hashes": ["198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548", "caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be"], "path": "%PUBLIC%\\fodhelper.exe"}, {"hashes": ["198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548", "caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be"], "path": "%PUBLIC%\\propsys.dll"}, {"hashes": ["198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548", "caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be"], "path": "%PUBLIC%\\x.bat"}, {"hashes": ["198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548", "caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be"], "path": "%SystemRoot% "}, {"hashes": ["198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548", "caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be"], "path": "%SystemRoot% \\System32"}, {"hashes": ["198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548", "caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be"], "path": "%SystemRoot% \\System32\\fodhelper.exe"}, {"hashes": ["198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548", "caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be"], "path": "%SystemRoot% \\System32\\propsys.dll"}, {"hashes": ["198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548", "caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be"], "path": "%PUBLIC%\\cde.bat"}, {"hashes": ["198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548", "caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be"], "path": "%PUBLIC%\\x.vbs"}, {"hashes": ["36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8"], "path": "%APPDATA%\\remcos"}, {"hashes": ["36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8"], "path": "%APPDATA%\\remcos\\logs.dat"}, {"hashes": ["198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc"], "path": "%LOCALAPPDATA%\\Nqwe\\Fuck"}, {"hashes": ["198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc"], "path": "%LOCALAPPDATA%\\Nqwe\\Nqwe.hta"}, {"hashes": ["198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc"], "path": "%LOCALAPPDATA%\\Nqwe\\Nqweset.exe"}, {"hashes": ["d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22"], "path": "%LOCALAPPDATA%\\Ehhs\\Ehhs.hta"}, {"hashes": ["d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22"], "path": "%LOCALAPPDATA%\\Ehhs\\Ehhsset.exe"}, {"hashes": ["d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22"], "path": "%LOCALAPPDATA%\\Ehhs\\Fuck"}, {"hashes": ["36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed"], "path": "%LOCALAPPDATA%\\Szkj\\Fuck"}, {"hashes": ["36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed"], "path": "%LOCALAPPDATA%\\Szkj\\Szkj.hta"}, {"hashes": ["36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed"], "path": "%LOCALAPPDATA%\\Szkj\\Szkjset.exe"}, {"hashes": ["4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4"], "path": "%LOCALAPPDATA%\\Acnd\\Acnd.hta"}, {"hashes": ["4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4"], "path": "%LOCALAPPDATA%\\Acnd\\Acndset.exe"}, {"hashes": ["4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4"], "path": "%LOCALAPPDATA%\\Acnd\\Fuck"}, {"hashes": ["573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558"], "path": "%LOCALAPPDATA%\\Zbcv\\Fuck"}, {"hashes": ["573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558"], "path": "%LOCALAPPDATA%\\Zbcv\\Zbcv.hta"}, {"hashes": ["573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558"], "path": "%LOCALAPPDATA%\\Zbcv\\Zbcvset.exe"}, {"hashes": ["8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548"], "path": "%LOCALAPPDATA%\\Vykg\\Fuck"}, {"hashes": ["8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548"], "path": "%LOCALAPPDATA%\\Vykg\\Vykg.hta"}, {"hashes": ["8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548"], "path": "%LOCALAPPDATA%\\Vykg\\Vykgset.exe"}, {"hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df"], "path": "%LOCALAPPDATA%\\Aind\\Aind.hta"}, {"hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df"], "path": "%LOCALAPPDATA%\\Aind\\Aindset.exe"}, {"hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df"], "path": "%LOCALAPPDATA%\\Aind\\Fuck"}, {"hashes": ["d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6"], "path": "%LOCALAPPDATA%\\Raod\\Fuck"}, {"hashes": ["d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6"], "path": "%LOCALAPPDATA%\\Raod\\Raod.hta"}, {"hashes": ["d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6"], "path": "%LOCALAPPDATA%\\Raod\\Raodset.exe"}, {"hashes": ["de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e"], "path": "%LOCALAPPDATA%\\Kmjz\\Fuck"}, {"hashes": ["de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e"], "path": "%LOCALAPPDATA%\\Kmjz\\Kmjz.hta"}, {"hashes": ["de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e"], "path": "%LOCALAPPDATA%\\Kmjz\\Kmjzset.exe"}, {"hashes": ["f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8"], "path": "%LOCALAPPDATA%\\Jmfy\\Fuck"}, {"hashes": ["f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8"], "path": "%LOCALAPPDATA%\\Jmfy\\Jmfy.hta"}, {"hashes": ["f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8"], "path": "%LOCALAPPDATA%\\Jmfy\\Jmfyset.exe"}, {"hashes": ["fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be"], "path": "%LOCALAPPDATA%\\Svuf\\Fuck"}, {"hashes": ["fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be"], "path": "%LOCALAPPDATA%\\Svuf\\Svuf.hta"}, {"hashes": ["fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be"], "path": "%LOCALAPPDATA%\\Svuf\\Svufset.exe"}], "ip": [{"hashes": ["198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548", "caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be"], "ip": "172[.]217[.]5[.]238"}, {"hashes": ["198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be"], "ip": "172[.]217[.]15[.]97"}, {"hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22"], "ip": "172[.]217[.]15[.]110"}, {"hashes": ["36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22"], "ip": "172[.]217[.]9[.]193"}, {"hashes": ["8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be"], "ip": "185[.]165[.]153[.]17"}, {"hashes": ["4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df"], "ip": "79[.]134[.]225[.]107"}, {"hashes": ["d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22"], "ip": "194[.]5[.]99[.]12"}, {"hashes": ["198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc"], "ip": "216[.]38[.]7[.]231"}, {"hashes": ["f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8"], "ip": "79[.]134[.]225[.]11"}, {"hashes": ["36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed"], "ip": "185[.]140[.]53[.]106"}, {"hashes": ["f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8"], "ip": "172[.]217[.]2[.]110"}, {"hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "ip": "45[.]95[.]168[.]62"}, {"hashes": ["d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6"], "ip": "142[.]44[.]252[.]23"}, {"hashes": ["573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558"], "ip": "185[.]165[.]153[.]30"}, {"hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "ip": "51[.]75[.]209[.]242"}, {"hashes": ["d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6"], "ip": "172[.]93[.]161[.]84"}], "mutex": [{"hashes": ["198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548", "caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be"], "name": "Remcos_Mutex_Inj"}, {"hashes": ["198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548", "caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be"], "name": "Remcos-<random, matching [A-Z0-9]{6}>"}, {"hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "name": "TSLicensingLock"}, {"hashes": ["619b1c946e494b94a4c62c3a3f9b02324f4ebbf60e573b9e648a7905f57e8bce"], "name": "Global\\03ee9c71-9089-11ea-a007-00501e3ae7b5"}], "registry": [{"hashes": ["198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548", "caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\SYSTEMCERTIFICATES\\AUTHROOT\\CERTIFICATES\\75E0ABB6138512271C04F85FDDDE38E4B7242EFE", "value_name": "Blob"}, {"hashes": ["198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548", "caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be"], "key": "<HKCU>\\ENVIRONMENT", "value_name": "windir"}, {"hashes": ["198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548", "caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be"], "key": "<HKCU>\\Software\\Remcos-<random, matching '[A-Z0-9]{6}'>", "value_name": null}, {"hashes": ["198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548", "caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be"], "key": "<HKCU>\\Software\\Remcos-<random, matching '[A-Z0-9]{6}'>", "value_name": "licence"}, {"hashes": ["198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc", "4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4", "573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558", "8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548", "d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22", "f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8", "fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be"], "key": "<HKCU>\\Software\\Remcos-<random, matching '[A-Z0-9]{6}'>", "value_name": "exepath"}, {"hashes": ["198d33e5bfc5e7dc3231b5eb5a74cc34f5f45be7e995bd6fad1cb4e354919140", "46985bd8314106f48fed547ca64a5318f934790b0447f08e01cc8c985163cadc"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "Nqwe"}, {"hashes": ["d5f9342c8f4a65f81ee8ac62a3e8d8a3dc700d7ef8d9b5f587dd8101f36627b4", "f226704cc2b29f130bad32166bb437507521f2c1d87105667cf7eafc0ab84c22"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "Ehhs"}, {"hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\SYSTEMCERTIFICATES\\REMOTE DESKTOP\\CTLS", "value_name": null}, {"hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\CONTROL\\TERMINAL SERVER\\RCM\\SECRETS", "value_name": null}, {"hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\EXPLORER\\YPTEV3IJTX", "value_name": null}, {"hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINLOGON\\SPECIALACCOUNTS\\USERLIST", "value_name": "Fpdqk.k"}, {"hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\EXPLORER\\YPTEV3IJTX", "value_name": "rudp"}, {"hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\EXPLORER\\YPTEV3IJTX", "value_name": "rpdp"}, {"hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\SYSTEMCERTIFICATES\\REMOTE DESKTOP\\CERTIFICATES\\E5B4F4A638B350BE4F85E6A114B0D3F6A784B862", "value_name": null}, {"hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\SYSTEMCERTIFICATES\\REMOTE DESKTOP\\CERTIFICATES", "value_name": "E5B4F4A638B350BE4F85E6A114B0D3F6A784B862"}, {"hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\SYSTEMCERTIFICATES\\REMOTE DESKTOP\\CERTIFICATES\\E5B4F4A638B350BE4F85E6A114B0D3F6A784B862", "value_name": "Blob"}, {"hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\CONTROL\\TERMINAL SERVER\\WINSTATIONS", "value_name": "SelfSignedCertificate"}, {"hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "Lgie"}, {"hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "key": "<HKLM>\\SAM\\SAM\\DOMAINS\\ACCOUNT\\USERS\\NAMES\\FPDQK.K", "value_name": null}, {"hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "key": "<HKLM>\\SAM\\SAM\\DOMAINS\\ACCOUNT\\USERS\\000003EE", "value_name": "F"}, {"hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "key": "<HKLM>\\SAM\\SAM\\DOMAINS\\ACCOUNT\\USERS\\000003EE", "value_name": "V"}, {"hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\NETWORKLIST\\PROFILES\\{5E90B044-34E3-4A29-9441-B40DA68890A3}", "value_name": null}, {"hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\NETWORKLIST\\SIGNATURES\\UNMANAGED\\010103000F0000F0080000000F0000F019FA4C9094023081FB8D83143C006BEDB0E0DBE03497F7F7F6079D6172C0F198", "value_name": null}, {"hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\NETWORKLIST\\PROFILES\\{5E90B044-34E3-4A29-9441-B40DA68890A3}", "value_name": "ProfileName"}, {"hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\NETWORKLIST\\PROFILES\\{5E90B044-34E3-4A29-9441-B40DA68890A3}", "value_name": "Description"}, {"hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\NETWORKLIST\\PROFILES\\{5E90B044-34E3-4A29-9441-B40DA68890A3}", "value_name": "Managed"}, {"hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\NETWORKLIST\\PROFILES\\{5E90B044-34E3-4A29-9441-B40DA68890A3}", "value_name": "Category"}, {"hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\NETWORKLIST\\PROFILES\\{5E90B044-34E3-4A29-9441-B40DA68890A3}", "value_name": "DateCreated"}, {"hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\NETWORKLIST\\PROFILES\\{5E90B044-34E3-4A29-9441-B40DA68890A3}", "value_name": "NameType"}, {"hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\NETWORKLIST\\SIGNATURES\\UNMANAGED\\010103000F0000F0080000000F0000F019FA4C9094023081FB8D83143C006BEDB0E0DBE03497F7F7F6079D6172C0F198", "value_name": "ProfileGuid"}, {"hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\NETWORKLIST\\SIGNATURES\\UNMANAGED\\010103000F0000F0080000000F0000F019FA4C9094023081FB8D83143C006BEDB0E0DBE03497F7F7F6079D6172C0F198", "value_name": "Description"}, {"hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\NETWORKLIST\\SIGNATURES\\UNMANAGED\\010103000F0000F0080000000F0000F019FA4C9094023081FB8D83143C006BEDB0E0DBE03497F7F7F6079D6172C0F198", "value_name": "Source"}, {"hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\NETWORKLIST\\SIGNATURES\\UNMANAGED\\010103000F0000F0080000000F0000F019FA4C9094023081FB8D83143C006BEDB0E0DBE03497F7F7F6079D6172C0F198", "value_name": "DnsSuffix"}, {"hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\NETWORKLIST\\SIGNATURES\\UNMANAGED\\010103000F0000F0080000000F0000F019FA4C9094023081FB8D83143C006BEDB0E0DBE03497F7F7F6079D6172C0F198", "value_name": "FirstNetwork"}, {"hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\NETWORKLIST\\SIGNATURES\\UNMANAGED\\010103000F0000F0080000000F0000F019FA4C9094023081FB8D83143C006BEDB0E0DBE03497F7F7F6079D6172C0F198", "value_name": "DefaultGatewayMac"}, {"hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\NETWORKLIST\\PROFILES\\{5E90B044-34E3-4A29-9441-B40DA68890A3}", "value_name": "DateLastConnected"}, {"hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\NETWORKLIST\\NLA\\CACHE\\INTRANET", "value_name": "{9EB90D23-C5F9-4104-85A8-47DD7F6C4070}"}, {"hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\CONTROL\\TERMINAL SERVER\\RCM\\SECRETS", "value_name": "L$HYDRAENCKEY_28ada6da-d622-11d1-9cb9-00c04fb16e75"}, {"hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\CONTROL\\TERMINAL SERVER\\RCM\\SECRETS", "value_name": "L$HYDRAENCKEY_52d1ad03-4565-44f3-8bfd-bbb0591f4b9d"}, {"hashes": ["2fc862064af24043c831b69eebd92288845d0846340e4240da5851df09af62af"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\CONTROL\\TERMINAL SERVER\\RCM", "value_name": "CertificateOld"}, {"hashes": ["36aea2537d904b125b9a8344f348934337638c80c780aef3893cca1002134eed"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "Szkj"}, {"hashes": ["4b9cc5611bd7c63e2a02e77d2a2f8e46d239d125717adc24afece7b9e9141fc4"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "Acnd"}, {"hashes": ["573f598b9ba15d82ad0eb3de3c988587d407f17bad6d0e859984bf266a965558"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "Zbcv"}, {"hashes": ["8df5f41e7fe8875353c9774a50aa1516925fddbff352421b104ace404ffb5548"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "Vykg"}, {"hashes": ["caf6c2e0ab8c32f2438ff08a7a9c519c041807ce08626af98f8388be64fa30df"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "Aind"}, {"hashes": ["d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\EXPLORER\\UZM8UYAU7V", "value_name": null}, {"hashes": ["d669b7b138cd85fc5b7efb7f9cbaf0f64f4c1c29def420b4c98dc7f41e596af6"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "Raod"}, {"hashes": ["de51b15d446a6185d47318bb3545824048a6e3204a590355bb8eaa8e13a5276e"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "Kmjz"}, {"hashes": ["f676bb147213f1d6de105f1db19301dda642704d6f1d1c63b3ed5a756c48bfa8"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "Jmfy"}, {"hashes": ["fe6601f3a2b98b9886d09319f1cac8cfe1b5940c41487f1c98c7735e31cd15be"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "Svuf"}]}, "reports_count": 15}, "Win.Dropper.Ursnif-7772130-0": {"bis": [{"bi": "pe-encrypted-section", "hashes": ["430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "memory-execute-readwrite", "hashes": ["430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055", "T1181"]}, {"bi": "modified-executable", "hashes": ["430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361"], "mitre_attack_tags": []}, {"bi": "created-executable-in-user-dir", "hashes": ["430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361"], "mitre_attack_tags": []}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361"], "mitre_attack_tags": []}, {"bi": "modified-file-in-user-dir", "hashes": ["430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361"], "mitre_attack_tags": []}, {"bi": "cta-static-analyzer-malicious", "hashes": ["430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361"], "mitre_attack_tags": []}, {"bi": "process-long-cmdline", "hashes": ["430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "excessive-foreign-memory-modification", "hashes": ["430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361"], "mitre_attack_tags": ["TA0005", "T1055"]}, {"bi": "process-svchost-suspicious-launch", "hashes": ["430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361"], "mitre_attack_tags": ["TA0005"]}, {"bi": "registry-autorun-key-data-dir", "hashes": ["430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361"], "mitre_attack_tags": ["TA0003", "T1060"]}, {"bi": "registry-autorun-key-modified", "hashes": ["430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361"], "mitre_attack_tags": ["TA0003", "T1060"]}, {"bi": "files-deleted-used-batch", "hashes": ["430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361"], "mitre_attack_tags": ["TA0005", "T1107"]}, {"bi": "cmd-exe-file-execution", "hashes": ["430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361"], "mitre_attack_tags": ["TA0002", "T1059"]}, {"bi": "malware-compound-cta-activity", "hashes": ["430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361"], "mitre_attack_tags": []}, {"bi": "malware-ursnif-detected", "hashes": ["430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361"], "mitre_attack_tags": []}, {"bi": "network-opendns-malicious", "hashes": ["430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361"], "mitre_attack_tags": []}, {"bi": "network-fast-flux-domain", "hashes": ["430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361"], "mitre_attack_tags": []}, {"bi": "network-communications-http-get", "hashes": ["430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361"], "mitre_attack_tags": ["TA0011", "TA0010", "T1105", "T1043"]}, {"bi": "network-only-safe-domains-contacted", "hashes": ["430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361"], "mitre_attack_tags": []}, {"bi": "http-response-redirect", "hashes": ["430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361"], "mitre_attack_tags": []}, {"bi": "script-contains-url", "hashes": ["430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361"], "mitre_attack_tags": []}, {"bi": "network-explorer-process", "hashes": ["430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361"], "mitre_attack_tags": ["TA0011", "TA0005", "T1055"]}, {"bi": "firefox-prefs-modified", "hashes": ["430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361"], "mitre_attack_tags": ["TA0009"]}, {"bi": "process-hollowing-detected", "hashes": ["430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d"], "mitre_attack_tags": ["TA0005", "T1093"]}, {"bi": "network-dns-category-new", "hashes": ["430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361"], "mitre_attack_tags": []}, {"bi": "process-requested-named-pipe", "hashes": ["3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682"], "mitre_attack_tags": ["TA0004", "TA0005"]}, {"bi": "windows-crash-tool-execution-detected", "hashes": ["3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682"], "mitre_attack_tags": []}, {"bi": "crash-dump-file-created", "hashes": ["3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682"], "mitre_attack_tags": []}, {"bi": "process-explorer-suspicious-launch", "hashes": ["3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682"], "mitre_attack_tags": ["TA0005", "T1055"]}, {"bi": "fault-report-file-created", "hashes": ["3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682"], "mitre_attack_tags": []}], "category": "Dropper", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": true, "Threat Grid": true, "Umbrella": true, "WSA": true}, "description": "Ursnif is used to steal sensitive information from an infected host and can also act as a malware downloader. It is commonly spread through malicious emails or exploit kits.", "hashes": ["068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee"], "iocs": {"domain": [{"hashes": ["068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee"], "host": "nssdc[.]gsfc[.]nasa[.]gov"}, {"hashes": ["068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee"], "host": "bplaplanetsurface[.]com"}, {"hashes": ["3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102"], "host": "nssdc[.]sci[.]gsfc[.]nasa[.]gov"}], "file": [{"hashes": ["068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee"], "path": "%APPDATA%\\ds32mapi"}, {"hashes": ["068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee"], "path": "%APPDATA%\\ds32mapi\\dhcpxva2.exe"}, {"hashes": ["068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee"], "path": "%TEMP%\\<random, matching [A-F0-9]{3,4}>"}, {"hashes": ["068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee"], "path": "\\{4BC230AC-2EB3-B560-90AF-42B9C45396FD}"}, {"hashes": ["068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee"], "path": "%TEMP%\\<random, matching [A-F0-9]{3,4}\\[A-F0-9]{2,4}>.bat"}, {"hashes": ["068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102"], "path": "\\{CE10F1BD-D5E1-3049-CFE2-D96473361DD8}"}, {"hashes": ["068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102"], "path": "%APPDATA%\\kbdidtat\\iassdusx.exe"}, {"hashes": ["bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361"], "path": "%TEMP%\\9CFA.bin"}], "ip": [{"hashes": ["068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee"], "ip": "169[.]154[.]128[.]124"}], "mutex": [{"hashes": ["068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee"], "name": "{A7AAF118-DA27-71D5-1CCB-AE35102FC239}"}, {"hashes": ["068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee"], "name": "{<random GUID>}"}, {"hashes": ["068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee"], "name": "Local\\{57025AD2-CABB-A1F8-8C7B-9E6580DFB269}"}, {"hashes": ["068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee"], "name": "Local\\{7FD07DA6-D223-0971-D423-264D4807BAD1}"}, {"hashes": ["068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee"], "name": "Local\\{B1443895-5CF6-0B1E-EE75-506F02798413}"}, {"hashes": ["068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102"], "name": "Local\\{FCAA51DD-2B0A-8E99-95F0-8FA2992433F6}"}, {"hashes": ["068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102"], "name": "Local\\{6AE7CB31-C1EF-2C06-9B3E-8520FF528954}"}, {"hashes": ["068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102"], "name": "Local\\{72534A3F-299C-7437-43C6-6DE8275AF19C}"}], "registry": [{"hashes": ["068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "appmmgmt"}, {"hashes": ["068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee"], "key": "<HKCU>\\SOFTWARE\\APPDATALOW\\SOFTWARE\\MICROSOFT\\D31CC7AF-167C-7D04-B8B7-AA016CDB7EC5", "value_name": "Install"}, {"hashes": ["068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee"], "key": "<HKCU>\\SOFTWARE\\APPDATALOW\\SOFTWARE\\MICROSOFT\\D31CC7AF-167C-7D04-B8B7-AA016CDB7EC5", "value_name": null}, {"hashes": ["068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee"], "key": "<HKCU>\\SOFTWARE\\APPDATALOW\\SOFTWARE\\MICROSOFT\\D31CC7AF-167C-7D04-B8B7-AA016CDB7EC5", "value_name": "Client"}, {"hashes": ["068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee"], "key": "<HKCU>\\SOFTWARE\\APPDATALOW\\SOFTWARE\\MICROSOFT\\D31CC7AF-167C-7D04-B8B7-AA016CDB7EC5", "value_name": "{F50EA47E-D053-EF14-82F9-0493D63D7877}"}, {"hashes": ["068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee"], "key": "<HKCU>\\SOFTWARE\\APPDATALOW\\SOFTWARE\\MICROSOFT\\D31CC7AF-167C-7D04-B8B7-AA016CDB7EC5", "value_name": "Temp"}, {"hashes": ["068dfbabc248dcca2e7cc2a07b18273011bcd1947063bb8921e8e6bcfcb60e01", "0e3a34d9a6b0aa98749e4f68d884e4505a90903cacf8304fa564c157ce4248a3", "0f5cc32fcbc5d31844a78f58ecb211a09cb69182c62c0b56c90f9d94c81d6253", "15e1332c3ac244e7c09e820f003573fff04ed54bb0021b8d73d44b4a636e527d", "173da40af77d0deddd506ec66b2a7778d022a122dd9f8076b44278d280ee7cdc", "1a382a9bf84dd2e96f5615695a853c3cfb3ed694d6415b4ce9093fe1bebebbb5", "1a53723a8fbfb9ece108c45efd84b23a1dbe2a0f0ecf6728c791b7b5fa939413", "1d8b4afc94f47a4e9c954e223638c93c7b5b2fb4abba046e145659c10ee352d2", "218b62390f8708fe6654156e47172e53e5be5be64e43041d9856db412a27d17b", "21b60db5b083bfa0af60f42c2c20bd3c23ad346c40568bb884e6f6b65e14e98a", "272dc2b9cc34def79f039d2f59e7cc8137c4b7939ccabad948d669120afbb16b", "279364985941589b015b00eec53699efcacbd5a9ca58744133cad5794a361474", "2de6464cde20486a62005d1f4615fd32976f65cf67a77ad30b4bd0192286c286", "2fdccdad56bb7fd37d6819f226bb824adde2f566c7c728112e7093145f8331a0", "427e5215661b791697a9fb1fb9bf89a796154f325998b2fa6334300ca406e959", "430b3c1fe1438d841d5e498df701046cb50fc14faa33ce93ba9c0af32fa0770b", "5c7e7a5538946aa026e400dcbdef071c68ee4e24ca43c21ad562b135de9eda82", "5e9cda663f03651f76365e7a2622df7eba55c8465fa721bcdcb36649512da83d", "61c11b72859592bda7b9d7e0a236ec79125323cee89d27e5c07777630fa6c60c", "668c0db173a85f144b62a25f5407f7865f315a68e74174e774bc2de2297a8e12", "675f48d2f995b6e891dcd524378be6829992d4a01619c5c541bcaea6752588c2", "686f4daaf9be5c7c6e96646ecff903870b4fd8febcc612923fd9b3f8d784be1b", "6c0c2a92e0e205cc3a12bf1c26a1e6822f20248c2c95c5927e20ec8c12305102", "6dd2b1908c5ad9eada3f9b9c9c31727bccd4f34c292a8abcee8aad964fe5aed1", "80a8340da414a03ffdca95be082fb38a8e9b6daa79cd1879b7648a936ac8782c", "84f47d59e83961edc919719603cbea9e701e114f1b9356ddb2b856ee291c8d0d", "88093d26bd903dfa896599f0ac27b0d7350e42fc4fef96dd0d1958db2ad81528", "897ff5c0230bd5a0b4ad164f37b8612a3e38826dae402d434c92df60659170a6", "952be7fcaf5a7e5a8f3bbf6947cd21ed0955d7a79d6d8966f7a98cf5f9f61888", "96e2bf23fe1091e01a11642cb33fa0e00ef834acf8f434e8ab0818c2fd7149e4", "9937e7488f145567b2bc3f185f83585e9ed894eeaa47a44f12c34d0fe841d6d9", "a2fcef13869fcceacc284cdf386491f3c369510b9ce91f437597d8e327979b42", "a4d1959aaf26008302425684c5b9b5d5936f30ab756e4362bfa22afa793908d5", "adc70f2eb60c1c85c21fe3d0f579b149569ecd8b65c187aa60249a1dc57f2538", "bd5e7d7226a0d73ec194cfe9551d7a8562adf1182c82abef174ea080fe0a3361", "bddb211e3c04af168bf200e7fe73403408898989c9a8c5391cef66726cfd8a8b", "c4523ca869998caf0501de86ba428b830d367856f283c6c692d9a0f4be6fa3e6", "c941984aa3cc4d1d8151b4078e0cbe55ede30412aa1d2fb96ebb74194c28c34b", "cdfe3c6f9747f58c0a4431513dad3cac40f3f0a506023c26f5a14533b0374f23", "d73ab21bc58cdd4498c1a2b264da24f3f76e5e49fe570717dcc2b4b759c4420b", "dfc095b68c493c499faa7522d94500d72411df2de57e77d71e64f969209ab381", "e059463de179c4ed16164bf68c5bed623094ad74e94bc78deb47b7553bc826ec", "e15d96edcac7ef67b4c9896b2196f4a422b2f39c1e297e6c1eb7204d19627088", "f0f2d739a5b3268d9123906a53365afaf3c9e8e42477fd5a61081c2d5f3ff2de", "f17e05b7334c8456ac340ab49c5e6d70b42f34ab8327878c9c57343f879052be", "f5948fa738765ed114623c729842b9883f3f3eae417a65e986ec6d5dd46388b3", "fbe94c46c76e6fbf59608a1edb3a8acbcb48e42deafb644ae13cf5e4ae38fcf3", "fc3cf5cb991fee2611ec5add2c3ff75edc422add1e2722c32e9cd7f6a71e63ee"], "key": "<HKCU>\\SOFTWARE\\APPDATALOW\\SOFTWARE\\MICROSOFT\\D31CC7AF-167C-7D04-B8B7-AA016CDB7EC5", "value_name": "{6A4DAFE8-C11D-2C5C-9B3E-8520FF528954}"}, {"hashes": ["3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\INTERNET EXPLORER\\TOOLBAR", "value_name": "Locked"}, {"hashes": ["3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\EXPLORER", "value_name": "CleanShutdown"}, {"hashes": ["3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\APPLETS\\SYSTRAY", "value_name": "Services"}, {"hashes": ["3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\NLASVC\\PARAMETERS\\INTERNET\\MANUALPROXIES", "value_name": ""}, {"hashes": ["3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\EXPLORER\\CD BURNING\\DRIVES\\VOLUME{509D0DCA-5840-11E6-A51E-806E6F6E6963}", "value_name": "Drive Type"}, {"hashes": ["3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\EXPLORER\\CD BURNING\\DRIVES\\VOLUME{509D0DCA-5840-11E6-A51E-806E6F6E6963}", "value_name": "IsImapiDataBurnSupported"}, {"hashes": ["3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\EXPLORER\\CD BURNING", "value_name": "CD Recorder Drive"}, {"hashes": ["3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\ACTION CENTER\\CHECKS\\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.CHECK.100", "value_name": "CheckSetting"}, {"hashes": ["3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\ACTION CENTER\\CHECKS\\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.CHECK.101", "value_name": "CheckSetting"}, {"hashes": ["3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\ACTION CENTER\\CHECKS\\{E8433B72-5842-4D43-8645-BC2C35960837}.CHECK.106", "value_name": "CheckSetting"}, {"hashes": ["3ec1aad53bc9441005ccc7f7975010c893dcf1daa2b60e5289aff28cc34cc169", "5f99a85bbe9725d56404ca523e92932ff32bc2d9b24c766fac02bc88c9f06682"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\ACTION CENTER\\CHECKS\\{01979C6A-42FA-414C-B8AA-EEE2C8202018}.CHECK.100", "value_name": "CheckSetting"}]}, "reports_count": 50}, "Win.Malware.7ev3n-7779525-1": {"bis": [{"bi": "antivirus-flagged-artifact", "hashes": ["5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef", "0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597"], "mitre_attack_tags": []}, {"bi": "pe-encrypted-section", "hashes": ["5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef", "0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "memory-execute-readwrite", "hashes": ["5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef", "0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055", "T1181"]}, {"bi": "modified-executable", "hashes": ["5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef", "0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597"], "mitre_attack_tags": []}, {"bi": "created-executable-in-user-dir", "hashes": ["5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef", "0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597"], "mitre_attack_tags": []}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef", "0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597"], "mitre_attack_tags": []}, {"bi": "modified-file-in-user-dir", "hashes": ["5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef", "0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597"], "mitre_attack_tags": []}, {"bi": "cta-static-analyzer-malicious", "hashes": ["5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef", "0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597"], "mitre_attack_tags": []}, {"bi": "process-long-cmdline", "hashes": ["5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef", "0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "network-fast-flux-domain", "hashes": ["5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef", "0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597"], "mitre_attack_tags": []}, {"bi": "network-communications-http-get", "hashes": ["5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef", "0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597"], "mitre_attack_tags": ["TA0011", "TA0010", "T1105", "T1043"]}, {"bi": "pe-uses-armadillo", "hashes": ["5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef", "0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "network-only-safe-domains-contacted", "hashes": ["5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef", "0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597"], "mitre_attack_tags": []}, {"bi": "excessive-foreign-memory-modification", "hashes": ["5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef", "0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597"], "mitre_attack_tags": ["TA0005", "T1055"]}, {"bi": "deleted-submitted-file", "hashes": ["5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef", "0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597"], "mitre_attack_tags": ["TA0005", "T1107"]}, {"bi": "registry-autorun-key-data-dir", "hashes": ["5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef", "0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597"], "mitre_attack_tags": ["TA0003", "T1060"]}, {"bi": "registry-autorun-key-modified", "hashes": ["5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef", "0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597"], "mitre_attack_tags": ["TA0003", "T1060"]}, {"bi": "files-deleted-used-batch", "hashes": ["5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef", "0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597"], "mitre_attack_tags": ["TA0005", "T1107"]}, {"bi": "cmd-exe-file-execution", "hashes": ["5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef", "0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597"], "mitre_attack_tags": ["TA0002", "T1059"]}, {"bi": "imports-IsDebuggerPresent", "hashes": ["5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef", "0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597"], "mitre_attack_tags": []}, {"bi": "pe-resource-lang-russian", "hashes": ["5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef", "0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597"], "mitre_attack_tags": []}, {"bi": "registry-modification-reg", "hashes": ["5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef", "0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597"], "mitre_attack_tags": []}, {"bi": "process-hollowing-detected", "hashes": ["5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef", "0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597"], "mitre_attack_tags": ["TA0005", "T1093"]}, {"bi": "malware-appwizard-packer-detected", "hashes": ["5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef", "0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597"], "mitre_attack_tags": []}, {"bi": "csidl-packer-detected", "hashes": ["5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef", "0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597"], "mitre_attack_tags": []}, {"bi": "process-deletes-many-files", "hashes": ["5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef", "0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597"], "mitre_attack_tags": []}, {"bi": "malware-ransomware-7ev3n", "hashes": ["5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef", "0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597"], "mitre_attack_tags": ["TA0040", "T1486"]}, {"bi": "network-file-downloaded-to-disk", "hashes": ["5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336"], "mitre_attack_tags": []}, {"bi": "http-response-server-error", "hashes": ["64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597"], "mitre_attack_tags": []}, {"bi": "network-snort-protocol", "hashes": ["64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1"], "mitre_attack_tags": []}], "category": "Malware", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": true, "Threat Grid": true, "Umbrella": false, "WSA": false}, "description": "7ev3n is ransomware that demands payment in Bitcoin in exchange for the decryption key.  It is know to use the .R5A file extension when encrypting files.", "hashes": ["0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef"], "iocs": {"domain": [{"hashes": ["0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef"], "host": "blockchain[.]info"}], "file": [{"hashes": ["0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef"], "path": "\\c2d124b8466cec6b3e47c4\\%PROCESSOR_ARCHITECTURE%\\msxpsinc.gpd"}, {"hashes": ["0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef"], "path": "\\c2d124b8466cec6b3e47c4\\i386\\msxpsinc.gpd"}, {"hashes": ["0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef"], "path": "%HOMEPATH%\\My Documents\\Downloads\\CCData.txt"}, {"hashes": ["0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef"], "path": "%HOMEPATH%\\My Documents\\My Pictures\\Background.png"}, {"hashes": ["0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef"], "path": "%APPDATA%\\system.exe"}, {"hashes": ["0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef"], "path": "%LOCALAPPDATA%\\files"}, {"hashes": ["0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef"], "path": "%LOCALAPPDATA%\\testdecrypt"}, {"hashes": ["0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef"], "path": "%LOCALAPPDATA%\\time.e"}, {"hashes": ["0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef"], "path": "%LOCALAPPDATA%\\del.bat"}, {"hashes": ["0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef"], "path": "%LOCALAPPDATA%\\system.exe"}, {"hashes": ["0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef"], "path": "%APPDATA%\\del.bat"}, {"hashes": ["0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef"], "path": "%APPDATA%\\files"}, {"hashes": ["0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef"], "path": "%APPDATA%\\time.e"}, {"hashes": ["0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef"], "path": "%HOMEPATH%\\My Documents\\Downloads\\0.R5A (copy)"}, {"hashes": ["0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef"], "path": "%HOMEPATH%\\My Documents\\My Pictures\\0.R5A (copy)"}, {"hashes": ["0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef"], "path": "\\c2d124b8466cec6b3e47c4\\%PROCESSOR_ARCHITECTURE%\\0.R5A (copy)"}, {"hashes": ["0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef"], "path": "\\c2d124b8466cec6b3e47c4\\i386\\0.R5A (copy)"}], "ip": [{"hashes": ["0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef"], "ip": "212[.]56[.]214[.]153"}, {"hashes": ["0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef"], "ip": "104[.]16[.]55[.]3"}, {"hashes": ["3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9"], "ip": "104[.]16[.]54[.]3"}], "mutex": [{"hashes": ["0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef"], "name": "qazwsxedc"}, {"hashes": ["0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef"], "name": "program"}], "registry": [{"hashes": ["0a1d87d6182cfd5bd8229dc4acaf809ec37c413a66905632384678f948f419cc", "3262aefb27d67eec8928848101c9dcbd3decfb5fe276752615f55188ec879b8b", "5a62513bce575b207a7c649c6bcecb9e4138009923d95bf01cd8f7162c5cb00d", "64ba5e95f2009f05daedb7b208c1ec40cd3d9917c97dab108b110aeecd963cd2", "8b7a37ba9b4438fb3d8188dc1f573738b932f4aea8e721390bb0acf51e5878d7", "982d3e981a409f492cb132e74cc84831781bcce970c4a4580830a8822d6b2597", "9d950dd3a8139ad8e9cfdd330c5d205ff68058a736508d886997e5b994b5c336", "d5dd8422578c97821b2b6bf959802f992e8f3d699a720325e9ce84f7ade97ab5", "e42c6eaec338732b4338cbd9fdac3e06e29de4a77ae786013d4c25c4b0d559f1", "e83a0150094e2610928cfe8119cedc88fd134cfddbacedeb2138d5071a9706af", "ede8168db8aadc06d680db9dc58595055353c6dfe858014b8d662eabf395d5e9", "ff601f1b781c1affbc0a04e1266df7fc9877338e7eebfd24e3770699bf038aef"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "allkeeper"}]}, "reports_count": 12}, "Win.Packed.ZeroAccess-7770509-0": {"bis": [{"bi": "antivirus-service-flagged-artifact", "hashes": ["91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4", "273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "5d11449991027575e2120638a849d26969c8926db654139bb7f810eb027e2567", "ec5736668f769cce8a8757fff5a6aeddd5f226a2650de05d32a3428d81ff2d29", "9f8156b1e9c890d4171e7134cbd9155b034085b2b791d6e012249ba5f5b143d7", "382b68dcf07ed4f6614c126072aab217f621b9b8c7dcd6dffda8b26246780c5e", "bc49e55d306fad534e8e8d787f3696e53f778f94f1a295d532daed6a99bc7e40", "d9dc71e3ec64b6e5ba960cb6fafbae891f4cdb4305fe8a46a0751842021392b2", "38c2611a12e3f731bf77a841a62cc729e7350b8739a5563734ce4293be2604bd", "3976996e28319f1ccfd61371905b6b4843a1e7667430c499ffc3b8b3477f00c5", "4e23bd3066439f8101dde9a201362b78b6d18aefc790b4409d8597bda2411a7d", "538f6179e9d94b8bfacec1043f572c2d8359005bbce121809e20f8b59ee2cdbd", "ef6e1731df820be6d07e363692fc0d89350eb9e8eec2e998e46a9f3502eb21de", "4ba62e3a7a639565c232d757563585c9774b1998b31f820b1edbfeddecba3aeb"], "mitre_attack_tags": []}, {"bi": "cta-static-analyzer-malicious", "hashes": ["91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4", "273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "5d11449991027575e2120638a849d26969c8926db654139bb7f810eb027e2567", "ec5736668f769cce8a8757fff5a6aeddd5f226a2650de05d32a3428d81ff2d29", "9f8156b1e9c890d4171e7134cbd9155b034085b2b791d6e012249ba5f5b143d7", "382b68dcf07ed4f6614c126072aab217f621b9b8c7dcd6dffda8b26246780c5e", "bc49e55d306fad534e8e8d787f3696e53f778f94f1a295d532daed6a99bc7e40", "d9dc71e3ec64b6e5ba960cb6fafbae891f4cdb4305fe8a46a0751842021392b2", "38c2611a12e3f731bf77a841a62cc729e7350b8739a5563734ce4293be2604bd", "3976996e28319f1ccfd61371905b6b4843a1e7667430c499ffc3b8b3477f00c5", "4e23bd3066439f8101dde9a201362b78b6d18aefc790b4409d8597bda2411a7d", "538f6179e9d94b8bfacec1043f572c2d8359005bbce121809e20f8b59ee2cdbd", "ef6e1731df820be6d07e363692fc0d89350eb9e8eec2e998e46a9f3502eb21de", "4ba62e3a7a639565c232d757563585c9774b1998b31f820b1edbfeddecba3aeb"], "mitre_attack_tags": []}, {"bi": "pe-resource-lang-russian", "hashes": ["91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4", "273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "5d11449991027575e2120638a849d26969c8926db654139bb7f810eb027e2567", "ec5736668f769cce8a8757fff5a6aeddd5f226a2650de05d32a3428d81ff2d29", "9f8156b1e9c890d4171e7134cbd9155b034085b2b791d6e012249ba5f5b143d7", "382b68dcf07ed4f6614c126072aab217f621b9b8c7dcd6dffda8b26246780c5e", "bc49e55d306fad534e8e8d787f3696e53f778f94f1a295d532daed6a99bc7e40", "d9dc71e3ec64b6e5ba960cb6fafbae891f4cdb4305fe8a46a0751842021392b2", "38c2611a12e3f731bf77a841a62cc729e7350b8739a5563734ce4293be2604bd", "3976996e28319f1ccfd61371905b6b4843a1e7667430c499ffc3b8b3477f00c5", "4e23bd3066439f8101dde9a201362b78b6d18aefc790b4409d8597bda2411a7d", "538f6179e9d94b8bfacec1043f572c2d8359005bbce121809e20f8b59ee2cdbd", "ef6e1731df820be6d07e363692fc0d89350eb9e8eec2e998e46a9f3502eb21de", "4ba62e3a7a639565c232d757563585c9774b1998b31f820b1edbfeddecba3aeb"], "mitre_attack_tags": []}, {"bi": "memory-execute-readwrite", "hashes": ["91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4", "273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055", "T1181"]}, {"bi": "dns-query-nxdomain", "hashes": ["91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4", "273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de"], "mitre_attack_tags": []}, {"bi": "feed-domain-rat", "hashes": ["91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4", "273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de"], "mitre_attack_tags": []}, {"bi": "feed-domain-antivirus-service", "hashes": ["91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4", "273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de"], "mitre_attack_tags": []}, {"bi": "excessive-foreign-memory-modification", "hashes": ["91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4", "273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de"], "mitre_attack_tags": ["TA0005", "T1055"]}, {"bi": "network-snort-malware", "hashes": ["91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4", "273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de"], "mitre_attack_tags": []}, {"bi": "listening-port-opened", "hashes": ["91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4", "273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de"], "mitre_attack_tags": ["TA0011", "T1219"]}, {"bi": "registry-autorun-key-modified", "hashes": ["91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4", "273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de"], "mitre_attack_tags": ["TA0003", "T1060"]}, {"bi": "dns-public-server-contacted", "hashes": ["91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4", "273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de"], "mitre_attack_tags": ["TA0011", "TA0005"]}, {"bi": "registry-service-autostart-disabled", "hashes": ["91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4", "273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de"], "mitre_attack_tags": ["TA0003", "T1112", "T1489", "T1058"]}, {"bi": "registered-com-server", "hashes": ["91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4", "273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de"], "mitre_attack_tags": ["TA0002", "T1106"]}, {"bi": "excessive-udp-connections", "hashes": ["91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4", "273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de"], "mitre_attack_tags": ["TA0011", "T1095", "T1008"]}, {"bi": "artifact-exec-extension-obfuscation", "hashes": ["91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4", "273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "file-alternate-data-stream-modification", "hashes": ["91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4", "273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de"], "mitre_attack_tags": ["TA0005"]}, {"bi": "file-alternate-data-stream-creation", "hashes": ["91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4", "273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de"], "mitre_attack_tags": ["TA0005", "T1096"]}, {"bi": "network-dns-safe-categories", "hashes": ["91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4", "273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de"], "mitre_attack_tags": []}, {"bi": "registry-service-type-modified", "hashes": ["91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4", "273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de"], "mitre_attack_tags": ["TA0003", "T1112", "T1058"]}, {"bi": "recycler-exe-artifact", "hashes": ["91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4", "273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "registry-service-delete-flag-set", "hashes": ["91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4", "273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de"], "mitre_attack_tags": ["TA0003", "T1112", "T1489", "T1058"]}, {"bi": "file-alternate-data-stream-zero-data", "hashes": ["91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4", "273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de"], "mitre_attack_tags": ["TA0005"]}, {"bi": "geoip-ip-address-location-attempt", "hashes": ["91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4", "273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de"], "mitre_attack_tags": ["TA0007", "T1082", "T1016"]}, {"bi": "malware-zeroaccess-v2-variant-detected", "hashes": ["91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4", "273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de"], "mitre_attack_tags": []}, {"bi": "network-protocol-mismatch-dns", "hashes": ["b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de"], "mitre_attack_tags": ["TA0011", "TA0005", "T1094"]}, {"bi": "network-fast-flux-nameserver", "hashes": ["5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349"], "mitre_attack_tags": []}], "category": "Packed", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": true, "Threat Grid": true, "Umbrella": false, "WSA": false}, "description": "ZeroAccess is a trojan that infects Windows systems, installing a rootkit to hide its presence on the affected machine and serves as a platform for conducting click-fraud campaigns.", "hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "382b68dcf07ed4f6614c126072aab217f621b9b8c7dcd6dffda8b26246780c5e", "38c2611a12e3f731bf77a841a62cc729e7350b8739a5563734ce4293be2604bd", "3976996e28319f1ccfd61371905b6b4843a1e7667430c499ffc3b8b3477f00c5", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "4ba62e3a7a639565c232d757563585c9774b1998b31f820b1edbfeddecba3aeb", "4e23bd3066439f8101dde9a201362b78b6d18aefc790b4409d8597bda2411a7d", "538f6179e9d94b8bfacec1043f572c2d8359005bbce121809e20f8b59ee2cdbd", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "5d11449991027575e2120638a849d26969c8926db654139bb7f810eb027e2567", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "9f8156b1e9c890d4171e7134cbd9155b034085b2b791d6e012249ba5f5b143d7", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "bc49e55d306fad534e8e8d787f3696e53f778f94f1a295d532daed6a99bc7e40", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "d9dc71e3ec64b6e5ba960cb6fafbae891f4cdb4305fe8a46a0751842021392b2", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4", "ec5736668f769cce8a8757fff5a6aeddd5f226a2650de05d32a3428d81ff2d29", "ef6e1731df820be6d07e363692fc0d89350eb9e8eec2e998e46a9f3502eb21de", "ef97cead89286477f81d54af844f82b81376b622ba09641168d3a9f675c56eed"], "iocs": {"domain": [{"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "host": "j[.]maxmind[.]com"}], "file": [{"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "path": "%System32%\\LogFiles\\Scm\\e22a8667-f75b-4ba9-ba46-067ed4429de8"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "path": "\\RECYCLER\\S-1-5-18\\$ad714f5b8798518b3ccb73fd900fd2ba\\@"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "path": "\\RECYCLER\\S-1-5-21-1258710499-2222286471-4214075941-500\\$ad714f5b8798518b3ccb73fd900fd2ba\\@"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "path": "\\$Recycle.Bin\\S-1-5-18"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "path": "\\$Recycle.Bin\\S-1-5-18\\$0f210b532df043a6b654d5b43088f74f"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "path": "\\$Recycle.Bin\\S-1-5-18\\$0f210b532df043a6b654d5b43088f74f\\@"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "path": "\\$Recycle.Bin\\S-1-5-18\\$0f210b532df043a6b654d5b43088f74f\\L"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "path": "\\$Recycle.Bin\\S-1-5-18\\$0f210b532df043a6b654d5b43088f74f\\U"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "path": "\\$Recycle.Bin\\S-1-5-21-2580483871-590521980-3826313501-500\\$0f210b532df043a6b654d5b43088f74f"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "path": "\\$Recycle.Bin\\S-1-5-21-2580483871-590521980-3826313501-500\\$0f210b532df043a6b654d5b43088f74f\\@"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "path": "\\$Recycle.Bin\\S-1-5-21-2580483871-590521980-3826313501-500\\$0f210b532df043a6b654d5b43088f74f\\L"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "path": "\\$Recycle.Bin\\S-1-5-21-2580483871-590521980-3826313501-500\\$0f210b532df043a6b654d5b43088f74f\\U"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "path": "%ProgramFiles%\\Windows Defender\\MSASCui.exe:!"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "path": "%ProgramFiles%\\Windows Defender\\MpAsDesc.dll:!"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "path": "%ProgramFiles%\\Windows Defender\\MpClient.dll:!"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "path": "%ProgramFiles%\\Windows Defender\\MpCmdRun.exe:!"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "path": "%ProgramFiles%\\Windows Defender\\MpCommu.dll:!"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "path": "%ProgramFiles%\\Windows Defender\\MpEvMsg.dll:!"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "path": "%ProgramFiles%\\Windows Defender\\MpOAV.dll:!"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "path": "%ProgramFiles%\\Windows Defender\\MpRTP.dll:!"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "path": "%ProgramFiles%\\Windows Defender\\MpSvc.dll:!"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "path": "%ProgramFiles%\\Windows Defender\\MsMpCom.dll:!"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "path": "%ProgramFiles%\\Windows Defender\\MsMpLics.dll:!"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "path": "%ProgramFiles%\\Windows Defender\\MsMpRes.dll:!"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "path": "%ProgramFiles%\\Windows Defender\\en-US:!"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "path": "\\$Recycle.Bin\\S-1-5-18\\$0f210b532df043a6b654d5b43088f74f\\@\\:@"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "path": "\\$Recycle.Bin\\S-1-5-18\\$0f210b532df043a6b654d5b43088f74f\\o"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "path": "\\$Recycle.Bin\\S-1-5-21-2580483871-590521980-3826313501-500\\$0f210b532df043a6b654d5b43088f74f\\o"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "path": "\\RECYCLER\\S-1-5-18\\$ad714f5b8798518b3ccb73fd900fd2ba\\o"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "path": "\\RECYCLER\\S-1-5-21-1258710499-2222286471-4214075941-500\\$ad714f5b8798518b3ccb73fd900fd2ba\\o"}, {"hashes": ["91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19"], "path": "\\$Recycle.Bin\\S-1-5-21-2580483871-590521980-3826313501-500\\$I1A751D8F"}, {"hashes": ["5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349"], "path": "\\$Recycle.Bin\\S-1-5-21-2580483871-590521980-3826313501-500\\$ID6848273"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c"], "path": "\\$Recycle.Bin\\S-1-5-21-2580483871-590521980-3826313501-500\\$I1A9119BF"}, {"hashes": ["324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de"], "path": "\\$Recycle.Bin\\S-1-5-21-2580483871-590521980-3826313501-500\\$I4BC3223A"}, {"hashes": ["542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265"], "path": "\\$Recycle.Bin\\S-1-5-21-2580483871-590521980-3826313501-500\\$I88DADE0A"}, {"hashes": ["40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204"], "path": "\\$Recycle.Bin\\S-1-5-21-2580483871-590521980-3826313501-500\\$IDEC6B7F0"}, {"hashes": ["2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2"], "path": "\\$Recycle.Bin\\S-1-5-21-2580483871-590521980-3826313501-500\\$I8E89F945"}, {"hashes": ["ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2"], "path": "\\$Recycle.Bin\\S-1-5-21-2580483871-590521980-3826313501-500\\$ICEC4DE56"}, {"hashes": ["b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd"], "path": "\\$Recycle.Bin\\S-1-5-21-2580483871-590521980-3826313501-500\\$I5B37138E"}, {"hashes": ["c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878"], "path": "\\$Recycle.Bin\\S-1-5-21-2580483871-590521980-3826313501-500\\$I61B68EBF"}, {"hashes": ["b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e"], "path": "\\$Recycle.Bin\\S-1-5-21-2580483871-590521980-3826313501-500\\$IEFAB1800"}, {"hashes": ["ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a"], "path": "\\$Recycle.Bin\\S-1-5-21-2580483871-590521980-3826313501-500\\$IB0DFFA6C"}, {"hashes": ["ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "path": "\\$Recycle.Bin\\S-1-5-21-2580483871-590521980-3826313501-500\\$IEB5CEDA1"}, {"hashes": ["91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19"], "path": "\\RECYCLER\\S-1-5-21-1258710499-2222286471-4214075941-500\\$I75E46A53"}, {"hashes": ["b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e"], "path": "\\RECYCLER\\S-1-5-21-1258710499-2222286471-4214075941-500\\$IC08A2C1F"}, {"hashes": ["b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd"], "path": "\\RECYCLER\\S-1-5-21-1258710499-2222286471-4214075941-500\\$I6B8515D6"}, {"hashes": ["c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878"], "path": "\\RECYCLER\\S-1-5-21-1258710499-2222286471-4214075941-500\\$I3C5DDCD0"}, {"hashes": ["ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2"], "path": "\\RECYCLER\\S-1-5-21-1258710499-2222286471-4214075941-500\\$IE2839A20"}, {"hashes": ["ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a"], "path": "\\RECYCLER\\S-1-5-21-1258710499-2222286471-4214075941-500\\$IA3AAE516"}, {"hashes": ["ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "path": "\\RECYCLER\\S-1-5-21-1258710499-2222286471-4214075941-500\\$IF5E184D7"}], "ip": [{"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "180[.]254[.]253[.]254"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "166[.]254[.]253[.]254"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "135[.]254[.]253[.]254"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "117[.]254[.]253[.]254"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "119[.]254[.]253[.]254"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "134[.]254[.]253[.]254"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "206[.]254[.]253[.]254"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "222[.]254[.]253[.]254"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "182[.]254[.]253[.]254"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "190[.]254[.]253[.]254"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "184[.]254[.]253[.]254"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "197[.]254[.]253[.]254"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "183[.]254[.]253[.]254"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "158[.]254[.]253[.]254"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "204[.]254[.]253[.]254"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "209[.]68[.]32[.]176"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "189[.]102[.]19[.]2"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "93[.]103[.]65[.]17"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "109[.]98[.]104[.]40"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "95[.]248[.]64[.]19"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "24[.]162[.]158[.]248"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "76[.]28[.]167[.]15"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "80[.]164[.]97[.]146"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "37[.]203[.]94[.]205"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "84[.]253[.]247[.]9"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "151[.]76[.]225[.]161"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "120[.]151[.]99[.]84"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "177[.]35[.]138[.]1"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "46[.]160[.]101[.]109"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "87[.]20[.]57[.]22"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "24[.]22[.]89[.]96"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "200[.]93[.]84[.]249"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "219[.]194[.]40[.]2"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "68[.]187[.]148[.]71"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "78[.]128[.]66[.]136"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "190[.]75[.]72[.]150"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "67[.]61[.]175[.]183"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "80[.]186[.]146[.]234"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "24[.]167[.]160[.]242"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "37[.]0[.]21[.]22"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "70[.]180[.]112[.]18"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "187[.]184[.]2[.]33"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "87[.]2[.]215[.]132"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "114[.]40[.]253[.]51"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "201[.]243[.]145[.]38"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "190[.]100[.]66[.]71"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "5[.]13[.]139[.]0"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "85[.]87[.]9[.]244"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "78[.]185[.]223[.]119"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "ip": "97[.]93[.]64[.]8"}], "mutex": [], "registry": [{"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\WSCSVC", "value_name": "Start"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\SHAREDACCESS", "value_name": "Start"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\MPSSVC", "value_name": "Start"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\IPHLPSVC", "value_name": "Start"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\SHAREDACCESS", "value_name": "DeleteFlag"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\MPSSVC", "value_name": "DeleteFlag"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\WSCSVC", "value_name": "DeleteFlag"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\BROWSER", "value_name": "Start"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "key": "<HKCR>\\CLSID\\{FBEB8A05-BEEE-4442-804E-409D6C4515E9}\\INPROCSERVER32", "value_name": "ThreadingModel"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "Windows Defender"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\SHAREDACCESS", "value_name": "Type"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\SHAREDACCESS", "value_name": "ErrorControl"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\IPHLPSVC", "value_name": "Type"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\IPHLPSVC", "value_name": "ErrorControl"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\IPHLPSVC", "value_name": "DeleteFlag"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\WSCSVC", "value_name": "Type"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\WSCSVC", "value_name": "ErrorControl"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\MPSSVC", "value_name": "Type"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\MPSSVC", "value_name": "ErrorControl"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\BFE", "value_name": "Type"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\BFE", "value_name": "Start"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\BFE", "value_name": "ErrorControl"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\BFE", "value_name": "DeleteFlag"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\POLICYAGENT", "value_name": "Start"}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\SHAREDACCESS\\EPOCH", "value_name": null}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "key": "<HKCR>\\CLSID\\{FBEB8A05-BEEE-4442-804E-409D6C4515E9}", "value_name": null}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "key": "<HKCR>\\CLSID\\{FBEB8A05-BEEE-4442-804E-409D6C4515E9}\\INPROCSERVER32", "value_name": null}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "key": "<HKCR>\\CLSID\\{FBEB8A05-BEEE-4442-804E-409D6C4515E9}\\INPROCSERVER32", "value_name": ""}, {"hashes": ["273980bca4f636674f0c28b0ecbf3319514b7ba662921a8599ffbd346e7ee22c", "2ca88c540bb34a6adb32c7e6f8c36656a51fa8a30995658cc79030e110404bd2", "324aa329d58e8033b2a7ed153d8ade943d0e677ad485ff9e83b025968254e1de", "40209cc52c7598ebe431b7042078fbceb0f15a443b41df001900b10baf5fc204", "542dcc86251effe9cbca72fb2c722af39f988dd65ee0fd12f55a54e2afbf8265", "5618b67884c454a331ba22a095d84c8292cd5d8ec1b4129f8f8a56791b902349", "91de2fb060c0821031af6c00ac4d1884b1ebc951b8519c89b641f9ecc9145a19", "b1b556f48626afae30de0f10722529fdd4262fb4890501686c28aafd1f355b6e", "b60540c18ec83e068adef9b8d15a3604ce1290d2fce9827daa5661e3523c77dd", "c4427b8c3013f324ed41fc73b060dceaea32ed208fab9ef78cf6e1bf56afa878", "ce478bd4c91492c4096196e2a4f9936a3cbb373b6a40c9b817994a97a05ecab2", "ce62952f3e9ccd824b16b0995b6dd58d6553f62e8b39eafa71d2f3a10b3bf78a", "ec52b6eeda02e3aee872c5381dd764003c16059c0beaa1bbc23f8fd67cc277b4"], "key": "<HKLM>\\SOFTWARE\\CLASSES\\CLSID\\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\\INPROCSERVER32", "value_name": ""}]}, "reports_count": 25}, "Win.Packed.njRAT-7782285-1": {"bis": [{"bi": "memory-execute-readwrite", "hashes": ["45207b8c32562bfa2b1793333c65488c1a5bb2445de5b58d2e1b69518b01426a", "c14b179284581a1ba8a5f4a4e5ecf25990cd063d301ac2698562def93981e977", "935ff1e239e8d73219f916d7292157f4eeb1ade26f2f5d5641b1ebf32cb45c22", "3f3cf021fac08cf239ceef07cc750bf55e5aa0222faf77e791691fbff6e23f6b", "8d8eeecad481ae6d9209783a46471480c8b6ab7ffb58a4389f5f998f18b5a766", "2e6e762ed36e4c658103589677c9ba57ea9cab12fbebb4f5ab31b6dfc84422e7", "72d144718b637df5aa2e3ffd2a53cfbb1c1c66747a91c31ff2f4c5acb04665c0", "94b2f9894c28871877ea5a718351c0f49b658870e5ecdb3d7dd769c217a13262", "1951ca222c904e1a0d5785c10ce55aaceb7704a361887c0163460a0a0d85da10", "efa928f9aad2277f8f57dbbd55b794662d812b34eceb212a42b5dcaed1d09bd7", "402cc9bcd9b0e38c90c255c5494fc0ac7bbb8499c11fde1f5c8ef86ec88d4804", "955fb96a5f2f17107c7cf8e653b1897a164c07fd888fa4fbf531fe6740141ca4", "d988e37695bb220b194c9fb65ef556ceb31383d3593650ab14fd8e4ddcc4ef92", "5c0c829fd692286d22b86e328d803757e7c73ff327be059be671deddaff17ce2", "73bdb28a6ec7c46e6433ee7dc4f5db607d8cedeaa5c6477f02c4cb3adb7ab6bd", "a87daab5d6f0108314cc1d111a203f2f42d4c31fe53d5691293e0533ea76ec7d", "8f40656c7cc25c7e71c88ea0371c7e8eaee81e690fa820478d7ffa80c7d1ec51", "763fcd1c9c5d5c3ab04f7b24fd93e097e51f2d5f28bd318c2f3a51780ad74098", "dbbfbd1923e3fa44a0c0df81a24c52c87dff0a02de9b27f40782cc0e5fb622d3", "85840ebfca28e815ab0e8128f5b0148131b3ba738d7fe877e101fcb7ad720818", "e32ceee1ee02c1a188e37107116aa9e5ce43ef9470475d6d385481a0aa1d4939"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055", "T1181"]}, {"bi": "modified-executable", "hashes": ["45207b8c32562bfa2b1793333c65488c1a5bb2445de5b58d2e1b69518b01426a", "c14b179284581a1ba8a5f4a4e5ecf25990cd063d301ac2698562def93981e977", "935ff1e239e8d73219f916d7292157f4eeb1ade26f2f5d5641b1ebf32cb45c22", "3f3cf021fac08cf239ceef07cc750bf55e5aa0222faf77e791691fbff6e23f6b", "8d8eeecad481ae6d9209783a46471480c8b6ab7ffb58a4389f5f998f18b5a766", "2e6e762ed36e4c658103589677c9ba57ea9cab12fbebb4f5ab31b6dfc84422e7", "72d144718b637df5aa2e3ffd2a53cfbb1c1c66747a91c31ff2f4c5acb04665c0", "94b2f9894c28871877ea5a718351c0f49b658870e5ecdb3d7dd769c217a13262", "1951ca222c904e1a0d5785c10ce55aaceb7704a361887c0163460a0a0d85da10", "efa928f9aad2277f8f57dbbd55b794662d812b34eceb212a42b5dcaed1d09bd7", "402cc9bcd9b0e38c90c255c5494fc0ac7bbb8499c11fde1f5c8ef86ec88d4804", "955fb96a5f2f17107c7cf8e653b1897a164c07fd888fa4fbf531fe6740141ca4", "d988e37695bb220b194c9fb65ef556ceb31383d3593650ab14fd8e4ddcc4ef92", "5c0c829fd692286d22b86e328d803757e7c73ff327be059be671deddaff17ce2", "73bdb28a6ec7c46e6433ee7dc4f5db607d8cedeaa5c6477f02c4cb3adb7ab6bd", "a87daab5d6f0108314cc1d111a203f2f42d4c31fe53d5691293e0533ea76ec7d", "8f40656c7cc25c7e71c88ea0371c7e8eaee81e690fa820478d7ffa80c7d1ec51", "763fcd1c9c5d5c3ab04f7b24fd93e097e51f2d5f28bd318c2f3a51780ad74098", "dbbfbd1923e3fa44a0c0df81a24c52c87dff0a02de9b27f40782cc0e5fb622d3", "85840ebfca28e815ab0e8128f5b0148131b3ba738d7fe877e101fcb7ad720818", "e32ceee1ee02c1a188e37107116aa9e5ce43ef9470475d6d385481a0aa1d4939"], "mitre_attack_tags": []}, {"bi": "created-executable-in-user-dir", "hashes": ["45207b8c32562bfa2b1793333c65488c1a5bb2445de5b58d2e1b69518b01426a", "c14b179284581a1ba8a5f4a4e5ecf25990cd063d301ac2698562def93981e977", "935ff1e239e8d73219f916d7292157f4eeb1ade26f2f5d5641b1ebf32cb45c22", "3f3cf021fac08cf239ceef07cc750bf55e5aa0222faf77e791691fbff6e23f6b", "8d8eeecad481ae6d9209783a46471480c8b6ab7ffb58a4389f5f998f18b5a766", "2e6e762ed36e4c658103589677c9ba57ea9cab12fbebb4f5ab31b6dfc84422e7", "72d144718b637df5aa2e3ffd2a53cfbb1c1c66747a91c31ff2f4c5acb04665c0", "94b2f9894c28871877ea5a718351c0f49b658870e5ecdb3d7dd769c217a13262", "1951ca222c904e1a0d5785c10ce55aaceb7704a361887c0163460a0a0d85da10", "efa928f9aad2277f8f57dbbd55b794662d812b34eceb212a42b5dcaed1d09bd7", "402cc9bcd9b0e38c90c255c5494fc0ac7bbb8499c11fde1f5c8ef86ec88d4804", "955fb96a5f2f17107c7cf8e653b1897a164c07fd888fa4fbf531fe6740141ca4", "d988e37695bb220b194c9fb65ef556ceb31383d3593650ab14fd8e4ddcc4ef92", "5c0c829fd692286d22b86e328d803757e7c73ff327be059be671deddaff17ce2", "73bdb28a6ec7c46e6433ee7dc4f5db607d8cedeaa5c6477f02c4cb3adb7ab6bd", "a87daab5d6f0108314cc1d111a203f2f42d4c31fe53d5691293e0533ea76ec7d", "8f40656c7cc25c7e71c88ea0371c7e8eaee81e690fa820478d7ffa80c7d1ec51", "763fcd1c9c5d5c3ab04f7b24fd93e097e51f2d5f28bd318c2f3a51780ad74098", "dbbfbd1923e3fa44a0c0df81a24c52c87dff0a02de9b27f40782cc0e5fb622d3", "85840ebfca28e815ab0e8128f5b0148131b3ba738d7fe877e101fcb7ad720818", "e32ceee1ee02c1a188e37107116aa9e5ce43ef9470475d6d385481a0aa1d4939"], "mitre_attack_tags": []}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["45207b8c32562bfa2b1793333c65488c1a5bb2445de5b58d2e1b69518b01426a", "c14b179284581a1ba8a5f4a4e5ecf25990cd063d301ac2698562def93981e977", "935ff1e239e8d73219f916d7292157f4eeb1ade26f2f5d5641b1ebf32cb45c22", "3f3cf021fac08cf239ceef07cc750bf55e5aa0222faf77e791691fbff6e23f6b", "8d8eeecad481ae6d9209783a46471480c8b6ab7ffb58a4389f5f998f18b5a766", "2e6e762ed36e4c658103589677c9ba57ea9cab12fbebb4f5ab31b6dfc84422e7", "72d144718b637df5aa2e3ffd2a53cfbb1c1c66747a91c31ff2f4c5acb04665c0", "94b2f9894c28871877ea5a718351c0f49b658870e5ecdb3d7dd769c217a13262", "1951ca222c904e1a0d5785c10ce55aaceb7704a361887c0163460a0a0d85da10", "efa928f9aad2277f8f57dbbd55b794662d812b34eceb212a42b5dcaed1d09bd7", "402cc9bcd9b0e38c90c255c5494fc0ac7bbb8499c11fde1f5c8ef86ec88d4804", "955fb96a5f2f17107c7cf8e653b1897a164c07fd888fa4fbf531fe6740141ca4", "d988e37695bb220b194c9fb65ef556ceb31383d3593650ab14fd8e4ddcc4ef92", "5c0c829fd692286d22b86e328d803757e7c73ff327be059be671deddaff17ce2", "73bdb28a6ec7c46e6433ee7dc4f5db607d8cedeaa5c6477f02c4cb3adb7ab6bd", "a87daab5d6f0108314cc1d111a203f2f42d4c31fe53d5691293e0533ea76ec7d", "8f40656c7cc25c7e71c88ea0371c7e8eaee81e690fa820478d7ffa80c7d1ec51", "763fcd1c9c5d5c3ab04f7b24fd93e097e51f2d5f28bd318c2f3a51780ad74098", "dbbfbd1923e3fa44a0c0df81a24c52c87dff0a02de9b27f40782cc0e5fb622d3", "85840ebfca28e815ab0e8128f5b0148131b3ba738d7fe877e101fcb7ad720818", "e32ceee1ee02c1a188e37107116aa9e5ce43ef9470475d6d385481a0aa1d4939"], "mitre_attack_tags": []}, {"bi": "modified-file-in-user-dir", "hashes": ["45207b8c32562bfa2b1793333c65488c1a5bb2445de5b58d2e1b69518b01426a", "c14b179284581a1ba8a5f4a4e5ecf25990cd063d301ac2698562def93981e977", "935ff1e239e8d73219f916d7292157f4eeb1ade26f2f5d5641b1ebf32cb45c22", "3f3cf021fac08cf239ceef07cc750bf55e5aa0222faf77e791691fbff6e23f6b", "8d8eeecad481ae6d9209783a46471480c8b6ab7ffb58a4389f5f998f18b5a766", "2e6e762ed36e4c658103589677c9ba57ea9cab12fbebb4f5ab31b6dfc84422e7", "72d144718b637df5aa2e3ffd2a53cfbb1c1c66747a91c31ff2f4c5acb04665c0", "94b2f9894c28871877ea5a718351c0f49b658870e5ecdb3d7dd769c217a13262", "1951ca222c904e1a0d5785c10ce55aaceb7704a361887c0163460a0a0d85da10", "efa928f9aad2277f8f57dbbd55b794662d812b34eceb212a42b5dcaed1d09bd7", "402cc9bcd9b0e38c90c255c5494fc0ac7bbb8499c11fde1f5c8ef86ec88d4804", "955fb96a5f2f17107c7cf8e653b1897a164c07fd888fa4fbf531fe6740141ca4", "d988e37695bb220b194c9fb65ef556ceb31383d3593650ab14fd8e4ddcc4ef92", "5c0c829fd692286d22b86e328d803757e7c73ff327be059be671deddaff17ce2", "73bdb28a6ec7c46e6433ee7dc4f5db607d8cedeaa5c6477f02c4cb3adb7ab6bd", "a87daab5d6f0108314cc1d111a203f2f42d4c31fe53d5691293e0533ea76ec7d", "8f40656c7cc25c7e71c88ea0371c7e8eaee81e690fa820478d7ffa80c7d1ec51", "763fcd1c9c5d5c3ab04f7b24fd93e097e51f2d5f28bd318c2f3a51780ad74098", "dbbfbd1923e3fa44a0c0df81a24c52c87dff0a02de9b27f40782cc0e5fb622d3", "85840ebfca28e815ab0e8128f5b0148131b3ba738d7fe877e101fcb7ad720818", "e32ceee1ee02c1a188e37107116aa9e5ce43ef9470475d6d385481a0aa1d4939"], "mitre_attack_tags": []}, {"bi": "cta-static-analyzer-malicious", "hashes": ["45207b8c32562bfa2b1793333c65488c1a5bb2445de5b58d2e1b69518b01426a", "c14b179284581a1ba8a5f4a4e5ecf25990cd063d301ac2698562def93981e977", "935ff1e239e8d73219f916d7292157f4eeb1ade26f2f5d5641b1ebf32cb45c22", "3f3cf021fac08cf239ceef07cc750bf55e5aa0222faf77e791691fbff6e23f6b", "8d8eeecad481ae6d9209783a46471480c8b6ab7ffb58a4389f5f998f18b5a766", "2e6e762ed36e4c658103589677c9ba57ea9cab12fbebb4f5ab31b6dfc84422e7", "72d144718b637df5aa2e3ffd2a53cfbb1c1c66747a91c31ff2f4c5acb04665c0", "94b2f9894c28871877ea5a718351c0f49b658870e5ecdb3d7dd769c217a13262", "1951ca222c904e1a0d5785c10ce55aaceb7704a361887c0163460a0a0d85da10", "efa928f9aad2277f8f57dbbd55b794662d812b34eceb212a42b5dcaed1d09bd7", "402cc9bcd9b0e38c90c255c5494fc0ac7bbb8499c11fde1f5c8ef86ec88d4804", "955fb96a5f2f17107c7cf8e653b1897a164c07fd888fa4fbf531fe6740141ca4", "d988e37695bb220b194c9fb65ef556ceb31383d3593650ab14fd8e4ddcc4ef92", "5c0c829fd692286d22b86e328d803757e7c73ff327be059be671deddaff17ce2", "73bdb28a6ec7c46e6433ee7dc4f5db607d8cedeaa5c6477f02c4cb3adb7ab6bd", "a87daab5d6f0108314cc1d111a203f2f42d4c31fe53d5691293e0533ea76ec7d", "8f40656c7cc25c7e71c88ea0371c7e8eaee81e690fa820478d7ffa80c7d1ec51", "763fcd1c9c5d5c3ab04f7b24fd93e097e51f2d5f28bd318c2f3a51780ad74098", "dbbfbd1923e3fa44a0c0df81a24c52c87dff0a02de9b27f40782cc0e5fb622d3", "85840ebfca28e815ab0e8128f5b0148131b3ba738d7fe877e101fcb7ad720818", "e32ceee1ee02c1a188e37107116aa9e5ce43ef9470475d6d385481a0aa1d4939"], "mitre_attack_tags": []}, {"bi": "dns-query-nxdomain", "hashes": ["45207b8c32562bfa2b1793333c65488c1a5bb2445de5b58d2e1b69518b01426a", "c14b179284581a1ba8a5f4a4e5ecf25990cd063d301ac2698562def93981e977", "935ff1e239e8d73219f916d7292157f4eeb1ade26f2f5d5641b1ebf32cb45c22", "3f3cf021fac08cf239ceef07cc750bf55e5aa0222faf77e791691fbff6e23f6b", "8d8eeecad481ae6d9209783a46471480c8b6ab7ffb58a4389f5f998f18b5a766", "2e6e762ed36e4c658103589677c9ba57ea9cab12fbebb4f5ab31b6dfc84422e7", "72d144718b637df5aa2e3ffd2a53cfbb1c1c66747a91c31ff2f4c5acb04665c0", "94b2f9894c28871877ea5a718351c0f49b658870e5ecdb3d7dd769c217a13262", "1951ca222c904e1a0d5785c10ce55aaceb7704a361887c0163460a0a0d85da10", "efa928f9aad2277f8f57dbbd55b794662d812b34eceb212a42b5dcaed1d09bd7", "402cc9bcd9b0e38c90c255c5494fc0ac7bbb8499c11fde1f5c8ef86ec88d4804", "955fb96a5f2f17107c7cf8e653b1897a164c07fd888fa4fbf531fe6740141ca4", "d988e37695bb220b194c9fb65ef556ceb31383d3593650ab14fd8e4ddcc4ef92", "5c0c829fd692286d22b86e328d803757e7c73ff327be059be671deddaff17ce2", "73bdb28a6ec7c46e6433ee7dc4f5db607d8cedeaa5c6477f02c4cb3adb7ab6bd", "a87daab5d6f0108314cc1d111a203f2f42d4c31fe53d5691293e0533ea76ec7d", "8f40656c7cc25c7e71c88ea0371c7e8eaee81e690fa820478d7ffa80c7d1ec51", "763fcd1c9c5d5c3ab04f7b24fd93e097e51f2d5f28bd318c2f3a51780ad74098", "dbbfbd1923e3fa44a0c0df81a24c52c87dff0a02de9b27f40782cc0e5fb622d3", "85840ebfca28e815ab0e8128f5b0148131b3ba738d7fe877e101fcb7ad720818", "e32ceee1ee02c1a188e37107116aa9e5ce43ef9470475d6d385481a0aa1d4939"], "mitre_attack_tags": []}, {"bi": "netbios-query", "hashes": ["45207b8c32562bfa2b1793333c65488c1a5bb2445de5b58d2e1b69518b01426a", "c14b179284581a1ba8a5f4a4e5ecf25990cd063d301ac2698562def93981e977", "935ff1e239e8d73219f916d7292157f4eeb1ade26f2f5d5641b1ebf32cb45c22", "3f3cf021fac08cf239ceef07cc750bf55e5aa0222faf77e791691fbff6e23f6b", "8d8eeecad481ae6d9209783a46471480c8b6ab7ffb58a4389f5f998f18b5a766", "2e6e762ed36e4c658103589677c9ba57ea9cab12fbebb4f5ab31b6dfc84422e7", "72d144718b637df5aa2e3ffd2a53cfbb1c1c66747a91c31ff2f4c5acb04665c0", "94b2f9894c28871877ea5a718351c0f49b658870e5ecdb3d7dd769c217a13262", "1951ca222c904e1a0d5785c10ce55aaceb7704a361887c0163460a0a0d85da10", "efa928f9aad2277f8f57dbbd55b794662d812b34eceb212a42b5dcaed1d09bd7", "402cc9bcd9b0e38c90c255c5494fc0ac7bbb8499c11fde1f5c8ef86ec88d4804", "955fb96a5f2f17107c7cf8e653b1897a164c07fd888fa4fbf531fe6740141ca4", "d988e37695bb220b194c9fb65ef556ceb31383d3593650ab14fd8e4ddcc4ef92", "5c0c829fd692286d22b86e328d803757e7c73ff327be059be671deddaff17ce2", "73bdb28a6ec7c46e6433ee7dc4f5db607d8cedeaa5c6477f02c4cb3adb7ab6bd", "a87daab5d6f0108314cc1d111a203f2f42d4c31fe53d5691293e0533ea76ec7d", "8f40656c7cc25c7e71c88ea0371c7e8eaee81e690fa820478d7ffa80c7d1ec51", "763fcd1c9c5d5c3ab04f7b24fd93e097e51f2d5f28bd318c2f3a51780ad74098", "dbbfbd1923e3fa44a0c0df81a24c52c87dff0a02de9b27f40782cc0e5fb622d3", "85840ebfca28e815ab0e8128f5b0148131b3ba738d7fe877e101fcb7ad720818", "e32ceee1ee02c1a188e37107116aa9e5ce43ef9470475d6d385481a0aa1d4939"], "mitre_attack_tags": []}, {"bi": "feed-domain-rat", "hashes": ["45207b8c32562bfa2b1793333c65488c1a5bb2445de5b58d2e1b69518b01426a", "c14b179284581a1ba8a5f4a4e5ecf25990cd063d301ac2698562def93981e977", "935ff1e239e8d73219f916d7292157f4eeb1ade26f2f5d5641b1ebf32cb45c22", "3f3cf021fac08cf239ceef07cc750bf55e5aa0222faf77e791691fbff6e23f6b", "8d8eeecad481ae6d9209783a46471480c8b6ab7ffb58a4389f5f998f18b5a766", "2e6e762ed36e4c658103589677c9ba57ea9cab12fbebb4f5ab31b6dfc84422e7", "72d144718b637df5aa2e3ffd2a53cfbb1c1c66747a91c31ff2f4c5acb04665c0", "94b2f9894c28871877ea5a718351c0f49b658870e5ecdb3d7dd769c217a13262", "1951ca222c904e1a0d5785c10ce55aaceb7704a361887c0163460a0a0d85da10", "efa928f9aad2277f8f57dbbd55b794662d812b34eceb212a42b5dcaed1d09bd7", "402cc9bcd9b0e38c90c255c5494fc0ac7bbb8499c11fde1f5c8ef86ec88d4804", "955fb96a5f2f17107c7cf8e653b1897a164c07fd888fa4fbf531fe6740141ca4", "d988e37695bb220b194c9fb65ef556ceb31383d3593650ab14fd8e4ddcc4ef92", "5c0c829fd692286d22b86e328d803757e7c73ff327be059be671deddaff17ce2", "73bdb28a6ec7c46e6433ee7dc4f5db607d8cedeaa5c6477f02c4cb3adb7ab6bd", "a87daab5d6f0108314cc1d111a203f2f42d4c31fe53d5691293e0533ea76ec7d", "8f40656c7cc25c7e71c88ea0371c7e8eaee81e690fa820478d7ffa80c7d1ec51", "763fcd1c9c5d5c3ab04f7b24fd93e097e51f2d5f28bd318c2f3a51780ad74098", "dbbfbd1923e3fa44a0c0df81a24c52c87dff0a02de9b27f40782cc0e5fb622d3", "85840ebfca28e815ab0e8128f5b0148131b3ba738d7fe877e101fcb7ad720818", "e32ceee1ee02c1a188e37107116aa9e5ce43ef9470475d6d385481a0aa1d4939"], "mitre_attack_tags": []}, {"bi": "feed-domain-antivirus-service", "hashes": ["45207b8c32562bfa2b1793333c65488c1a5bb2445de5b58d2e1b69518b01426a", "c14b179284581a1ba8a5f4a4e5ecf25990cd063d301ac2698562def93981e977", "935ff1e239e8d73219f916d7292157f4eeb1ade26f2f5d5641b1ebf32cb45c22", "3f3cf021fac08cf239ceef07cc750bf55e5aa0222faf77e791691fbff6e23f6b", "8d8eeecad481ae6d9209783a46471480c8b6ab7ffb58a4389f5f998f18b5a766", "2e6e762ed36e4c658103589677c9ba57ea9cab12fbebb4f5ab31b6dfc84422e7", "72d144718b637df5aa2e3ffd2a53cfbb1c1c66747a91c31ff2f4c5acb04665c0", "94b2f9894c28871877ea5a718351c0f49b658870e5ecdb3d7dd769c217a13262", "1951ca222c904e1a0d5785c10ce55aaceb7704a361887c0163460a0a0d85da10", "efa928f9aad2277f8f57dbbd55b794662d812b34eceb212a42b5dcaed1d09bd7", "402cc9bcd9b0e38c90c255c5494fc0ac7bbb8499c11fde1f5c8ef86ec88d4804", "955fb96a5f2f17107c7cf8e653b1897a164c07fd888fa4fbf531fe6740141ca4", "d988e37695bb220b194c9fb65ef556ceb31383d3593650ab14fd8e4ddcc4ef92", "5c0c829fd692286d22b86e328d803757e7c73ff327be059be671deddaff17ce2", "73bdb28a6ec7c46e6433ee7dc4f5db607d8cedeaa5c6477f02c4cb3adb7ab6bd", "a87daab5d6f0108314cc1d111a203f2f42d4c31fe53d5691293e0533ea76ec7d", "8f40656c7cc25c7e71c88ea0371c7e8eaee81e690fa820478d7ffa80c7d1ec51", "763fcd1c9c5d5c3ab04f7b24fd93e097e51f2d5f28bd318c2f3a51780ad74098", "dbbfbd1923e3fa44a0c0df81a24c52c87dff0a02de9b27f40782cc0e5fb622d3", "85840ebfca28e815ab0e8128f5b0148131b3ba738d7fe877e101fcb7ad720818", "e32ceee1ee02c1a188e37107116aa9e5ce43ef9470475d6d385481a0aa1d4939"], "mitre_attack_tags": []}, {"bi": "network-dns-category-dynamic", "hashes": ["45207b8c32562bfa2b1793333c65488c1a5bb2445de5b58d2e1b69518b01426a", "c14b179284581a1ba8a5f4a4e5ecf25990cd063d301ac2698562def93981e977", "935ff1e239e8d73219f916d7292157f4eeb1ade26f2f5d5641b1ebf32cb45c22", "3f3cf021fac08cf239ceef07cc750bf55e5aa0222faf77e791691fbff6e23f6b", "8d8eeecad481ae6d9209783a46471480c8b6ab7ffb58a4389f5f998f18b5a766", "2e6e762ed36e4c658103589677c9ba57ea9cab12fbebb4f5ab31b6dfc84422e7", "72d144718b637df5aa2e3ffd2a53cfbb1c1c66747a91c31ff2f4c5acb04665c0", "94b2f9894c28871877ea5a718351c0f49b658870e5ecdb3d7dd769c217a13262", "1951ca222c904e1a0d5785c10ce55aaceb7704a361887c0163460a0a0d85da10", "efa928f9aad2277f8f57dbbd55b794662d812b34eceb212a42b5dcaed1d09bd7", "402cc9bcd9b0e38c90c255c5494fc0ac7bbb8499c11fde1f5c8ef86ec88d4804", "955fb96a5f2f17107c7cf8e653b1897a164c07fd888fa4fbf531fe6740141ca4", "d988e37695bb220b194c9fb65ef556ceb31383d3593650ab14fd8e4ddcc4ef92", "5c0c829fd692286d22b86e328d803757e7c73ff327be059be671deddaff17ce2", "73bdb28a6ec7c46e6433ee7dc4f5db607d8cedeaa5c6477f02c4cb3adb7ab6bd", "a87daab5d6f0108314cc1d111a203f2f42d4c31fe53d5691293e0533ea76ec7d", "8f40656c7cc25c7e71c88ea0371c7e8eaee81e690fa820478d7ffa80c7d1ec51", "763fcd1c9c5d5c3ab04f7b24fd93e097e51f2d5f28bd318c2f3a51780ad74098", "dbbfbd1923e3fa44a0c0df81a24c52c87dff0a02de9b27f40782cc0e5fb622d3", "85840ebfca28e815ab0e8128f5b0148131b3ba738d7fe877e101fcb7ad720818", "e32ceee1ee02c1a188e37107116aa9e5ce43ef9470475d6d385481a0aa1d4939"], "mitre_attack_tags": []}, {"bi": "sample-launched-copy-of-self", "hashes": ["45207b8c32562bfa2b1793333c65488c1a5bb2445de5b58d2e1b69518b01426a", "c14b179284581a1ba8a5f4a4e5ecf25990cd063d301ac2698562def93981e977", "935ff1e239e8d73219f916d7292157f4eeb1ade26f2f5d5641b1ebf32cb45c22", "3f3cf021fac08cf239ceef07cc750bf55e5aa0222faf77e791691fbff6e23f6b", "8d8eeecad481ae6d9209783a46471480c8b6ab7ffb58a4389f5f998f18b5a766", "2e6e762ed36e4c658103589677c9ba57ea9cab12fbebb4f5ab31b6dfc84422e7", "72d144718b637df5aa2e3ffd2a53cfbb1c1c66747a91c31ff2f4c5acb04665c0", "94b2f9894c28871877ea5a718351c0f49b658870e5ecdb3d7dd769c217a13262", "1951ca222c904e1a0d5785c10ce55aaceb7704a361887c0163460a0a0d85da10", "efa928f9aad2277f8f57dbbd55b794662d812b34eceb212a42b5dcaed1d09bd7", "402cc9bcd9b0e38c90c255c5494fc0ac7bbb8499c11fde1f5c8ef86ec88d4804", "955fb96a5f2f17107c7cf8e653b1897a164c07fd888fa4fbf531fe6740141ca4", "d988e37695bb220b194c9fb65ef556ceb31383d3593650ab14fd8e4ddcc4ef92", "5c0c829fd692286d22b86e328d803757e7c73ff327be059be671deddaff17ce2", "73bdb28a6ec7c46e6433ee7dc4f5db607d8cedeaa5c6477f02c4cb3adb7ab6bd", "a87daab5d6f0108314cc1d111a203f2f42d4c31fe53d5691293e0533ea76ec7d", "8f40656c7cc25c7e71c88ea0371c7e8eaee81e690fa820478d7ffa80c7d1ec51", "763fcd1c9c5d5c3ab04f7b24fd93e097e51f2d5f28bd318c2f3a51780ad74098", "dbbfbd1923e3fa44a0c0df81a24c52c87dff0a02de9b27f40782cc0e5fb622d3", "85840ebfca28e815ab0e8128f5b0148131b3ba738d7fe877e101fcb7ad720818", "e32ceee1ee02c1a188e37107116aa9e5ce43ef9470475d6d385481a0aa1d4939"], "mitre_attack_tags": ["TA0005", "T1202"]}, {"bi": "pe-uses-dot-net", "hashes": ["45207b8c32562bfa2b1793333c65488c1a5bb2445de5b58d2e1b69518b01426a", "c14b179284581a1ba8a5f4a4e5ecf25990cd063d301ac2698562def93981e977", "935ff1e239e8d73219f916d7292157f4eeb1ade26f2f5d5641b1ebf32cb45c22", "3f3cf021fac08cf239ceef07cc750bf55e5aa0222faf77e791691fbff6e23f6b", "8d8eeecad481ae6d9209783a46471480c8b6ab7ffb58a4389f5f998f18b5a766", "2e6e762ed36e4c658103589677c9ba57ea9cab12fbebb4f5ab31b6dfc84422e7", "72d144718b637df5aa2e3ffd2a53cfbb1c1c66747a91c31ff2f4c5acb04665c0", "94b2f9894c28871877ea5a718351c0f49b658870e5ecdb3d7dd769c217a13262", "1951ca222c904e1a0d5785c10ce55aaceb7704a361887c0163460a0a0d85da10", "efa928f9aad2277f8f57dbbd55b794662d812b34eceb212a42b5dcaed1d09bd7", "402cc9bcd9b0e38c90c255c5494fc0ac7bbb8499c11fde1f5c8ef86ec88d4804", "955fb96a5f2f17107c7cf8e653b1897a164c07fd888fa4fbf531fe6740141ca4", "d988e37695bb220b194c9fb65ef556ceb31383d3593650ab14fd8e4ddcc4ef92", "5c0c829fd692286d22b86e328d803757e7c73ff327be059be671deddaff17ce2", "73bdb28a6ec7c46e6433ee7dc4f5db607d8cedeaa5c6477f02c4cb3adb7ab6bd", "a87daab5d6f0108314cc1d111a203f2f42d4c31fe53d5691293e0533ea76ec7d", "8f40656c7cc25c7e71c88ea0371c7e8eaee81e690fa820478d7ffa80c7d1ec51", "763fcd1c9c5d5c3ab04f7b24fd93e097e51f2d5f28bd318c2f3a51780ad74098", "dbbfbd1923e3fa44a0c0df81a24c52c87dff0a02de9b27f40782cc0e5fb622d3", "85840ebfca28e815ab0e8128f5b0148131b3ba738d7fe877e101fcb7ad720818", "e32ceee1ee02c1a188e37107116aa9e5ce43ef9470475d6d385481a0aa1d4939"], "mitre_attack_tags": []}, {"bi": "registry-autorun-key-modified", "hashes": ["45207b8c32562bfa2b1793333c65488c1a5bb2445de5b58d2e1b69518b01426a", "c14b179284581a1ba8a5f4a4e5ecf25990cd063d301ac2698562def93981e977", "935ff1e239e8d73219f916d7292157f4eeb1ade26f2f5d5641b1ebf32cb45c22", "3f3cf021fac08cf239ceef07cc750bf55e5aa0222faf77e791691fbff6e23f6b", "8d8eeecad481ae6d9209783a46471480c8b6ab7ffb58a4389f5f998f18b5a766", "2e6e762ed36e4c658103589677c9ba57ea9cab12fbebb4f5ab31b6dfc84422e7", "72d144718b637df5aa2e3ffd2a53cfbb1c1c66747a91c31ff2f4c5acb04665c0", "94b2f9894c28871877ea5a718351c0f49b658870e5ecdb3d7dd769c217a13262", "1951ca222c904e1a0d5785c10ce55aaceb7704a361887c0163460a0a0d85da10", "efa928f9aad2277f8f57dbbd55b794662d812b34eceb212a42b5dcaed1d09bd7", "402cc9bcd9b0e38c90c255c5494fc0ac7bbb8499c11fde1f5c8ef86ec88d4804", "955fb96a5f2f17107c7cf8e653b1897a164c07fd888fa4fbf531fe6740141ca4", "d988e37695bb220b194c9fb65ef556ceb31383d3593650ab14fd8e4ddcc4ef92", "5c0c829fd692286d22b86e328d803757e7c73ff327be059be671deddaff17ce2", "73bdb28a6ec7c46e6433ee7dc4f5db607d8cedeaa5c6477f02c4cb3adb7ab6bd", "a87daab5d6f0108314cc1d111a203f2f42d4c31fe53d5691293e0533ea76ec7d", "8f40656c7cc25c7e71c88ea0371c7e8eaee81e690fa820478d7ffa80c7d1ec51", "763fcd1c9c5d5c3ab04f7b24fd93e097e51f2d5f28bd318c2f3a51780ad74098", "dbbfbd1923e3fa44a0c0df81a24c52c87dff0a02de9b27f40782cc0e5fb622d3", "85840ebfca28e815ab0e8128f5b0148131b3ba738d7fe877e101fcb7ad720818", "e32ceee1ee02c1a188e37107116aa9e5ce43ef9470475d6d385481a0aa1d4939"], "mitre_attack_tags": ["TA0003", "T1060"]}, {"bi": "startup-folder-modification", "hashes": ["45207b8c32562bfa2b1793333c65488c1a5bb2445de5b58d2e1b69518b01426a", "c14b179284581a1ba8a5f4a4e5ecf25990cd063d301ac2698562def93981e977", "935ff1e239e8d73219f916d7292157f4eeb1ade26f2f5d5641b1ebf32cb45c22", "3f3cf021fac08cf239ceef07cc750bf55e5aa0222faf77e791691fbff6e23f6b", "8d8eeecad481ae6d9209783a46471480c8b6ab7ffb58a4389f5f998f18b5a766", "2e6e762ed36e4c658103589677c9ba57ea9cab12fbebb4f5ab31b6dfc84422e7", "72d144718b637df5aa2e3ffd2a53cfbb1c1c66747a91c31ff2f4c5acb04665c0", "94b2f9894c28871877ea5a718351c0f49b658870e5ecdb3d7dd769c217a13262", "1951ca222c904e1a0d5785c10ce55aaceb7704a361887c0163460a0a0d85da10", "efa928f9aad2277f8f57dbbd55b794662d812b34eceb212a42b5dcaed1d09bd7", "402cc9bcd9b0e38c90c255c5494fc0ac7bbb8499c11fde1f5c8ef86ec88d4804", "955fb96a5f2f17107c7cf8e653b1897a164c07fd888fa4fbf531fe6740141ca4", "d988e37695bb220b194c9fb65ef556ceb31383d3593650ab14fd8e4ddcc4ef92", "5c0c829fd692286d22b86e328d803757e7c73ff327be059be671deddaff17ce2", "73bdb28a6ec7c46e6433ee7dc4f5db607d8cedeaa5c6477f02c4cb3adb7ab6bd", "a87daab5d6f0108314cc1d111a203f2f42d4c31fe53d5691293e0533ea76ec7d", "8f40656c7cc25c7e71c88ea0371c7e8eaee81e690fa820478d7ffa80c7d1ec51", "763fcd1c9c5d5c3ab04f7b24fd93e097e51f2d5f28bd318c2f3a51780ad74098", "dbbfbd1923e3fa44a0c0df81a24c52c87dff0a02de9b27f40782cc0e5fb622d3", "85840ebfca28e815ab0e8128f5b0148131b3ba738d7fe877e101fcb7ad720818", "e32ceee1ee02c1a188e37107116aa9e5ce43ef9470475d6d385481a0aa1d4939"], "mitre_attack_tags": ["TA0003", "T1060"]}, {"bi": "netsh-firewall-generic", "hashes": ["45207b8c32562bfa2b1793333c65488c1a5bb2445de5b58d2e1b69518b01426a", "c14b179284581a1ba8a5f4a4e5ecf25990cd063d301ac2698562def93981e977", "935ff1e239e8d73219f916d7292157f4eeb1ade26f2f5d5641b1ebf32cb45c22", "3f3cf021fac08cf239ceef07cc750bf55e5aa0222faf77e791691fbff6e23f6b", "8d8eeecad481ae6d9209783a46471480c8b6ab7ffb58a4389f5f998f18b5a766", "2e6e762ed36e4c658103589677c9ba57ea9cab12fbebb4f5ab31b6dfc84422e7", "72d144718b637df5aa2e3ffd2a53cfbb1c1c66747a91c31ff2f4c5acb04665c0", "94b2f9894c28871877ea5a718351c0f49b658870e5ecdb3d7dd769c217a13262", "1951ca222c904e1a0d5785c10ce55aaceb7704a361887c0163460a0a0d85da10", "efa928f9aad2277f8f57dbbd55b794662d812b34eceb212a42b5dcaed1d09bd7", "402cc9bcd9b0e38c90c255c5494fc0ac7bbb8499c11fde1f5c8ef86ec88d4804", "955fb96a5f2f17107c7cf8e653b1897a164c07fd888fa4fbf531fe6740141ca4", "d988e37695bb220b194c9fb65ef556ceb31383d3593650ab14fd8e4ddcc4ef92", "5c0c829fd692286d22b86e328d803757e7c73ff327be059be671deddaff17ce2", "73bdb28a6ec7c46e6433ee7dc4f5db607d8cedeaa5c6477f02c4cb3adb7ab6bd", "a87daab5d6f0108314cc1d111a203f2f42d4c31fe53d5691293e0533ea76ec7d", "8f40656c7cc25c7e71c88ea0371c7e8eaee81e690fa820478d7ffa80c7d1ec51", "763fcd1c9c5d5c3ab04f7b24fd93e097e51f2d5f28bd318c2f3a51780ad74098", "dbbfbd1923e3fa44a0c0df81a24c52c87dff0a02de9b27f40782cc0e5fb622d3", "85840ebfca28e815ab0e8128f5b0148131b3ba738d7fe877e101fcb7ad720818", "e32ceee1ee02c1a188e37107116aa9e5ce43ef9470475d6d385481a0aa1d4939"], "mitre_attack_tags": ["TA0005", "T1016", "T1089"]}, {"bi": "netsh-firewall-add", "hashes": ["45207b8c32562bfa2b1793333c65488c1a5bb2445de5b58d2e1b69518b01426a", "c14b179284581a1ba8a5f4a4e5ecf25990cd063d301ac2698562def93981e977", "935ff1e239e8d73219f916d7292157f4eeb1ade26f2f5d5641b1ebf32cb45c22", "3f3cf021fac08cf239ceef07cc750bf55e5aa0222faf77e791691fbff6e23f6b", "8d8eeecad481ae6d9209783a46471480c8b6ab7ffb58a4389f5f998f18b5a766", "2e6e762ed36e4c658103589677c9ba57ea9cab12fbebb4f5ab31b6dfc84422e7", "72d144718b637df5aa2e3ffd2a53cfbb1c1c66747a91c31ff2f4c5acb04665c0", "94b2f9894c28871877ea5a718351c0f49b658870e5ecdb3d7dd769c217a13262", "1951ca222c904e1a0d5785c10ce55aaceb7704a361887c0163460a0a0d85da10", "efa928f9aad2277f8f57dbbd55b794662d812b34eceb212a42b5dcaed1d09bd7", "402cc9bcd9b0e38c90c255c5494fc0ac7bbb8499c11fde1f5c8ef86ec88d4804", "955fb96a5f2f17107c7cf8e653b1897a164c07fd888fa4fbf531fe6740141ca4", "d988e37695bb220b194c9fb65ef556ceb31383d3593650ab14fd8e4ddcc4ef92", "5c0c829fd692286d22b86e328d803757e7c73ff327be059be671deddaff17ce2", "73bdb28a6ec7c46e6433ee7dc4f5db607d8cedeaa5c6477f02c4cb3adb7ab6bd", "a87daab5d6f0108314cc1d111a203f2f42d4c31fe53d5691293e0533ea76ec7d", "8f40656c7cc25c7e71c88ea0371c7e8eaee81e690fa820478d7ffa80c7d1ec51", "763fcd1c9c5d5c3ab04f7b24fd93e097e51f2d5f28bd318c2f3a51780ad74098", "dbbfbd1923e3fa44a0c0df81a24c52c87dff0a02de9b27f40782cc0e5fb622d3", "85840ebfca28e815ab0e8128f5b0148131b3ba738d7fe877e101fcb7ad720818", "e32ceee1ee02c1a188e37107116aa9e5ce43ef9470475d6d385481a0aa1d4939"], "mitre_attack_tags": ["TA0011", "TA0005", "T1089"]}, {"bi": "malware-trojan-njrat-detected", "hashes": ["45207b8c32562bfa2b1793333c65488c1a5bb2445de5b58d2e1b69518b01426a", "c14b179284581a1ba8a5f4a4e5ecf25990cd063d301ac2698562def93981e977", "935ff1e239e8d73219f916d7292157f4eeb1ade26f2f5d5641b1ebf32cb45c22", "3f3cf021fac08cf239ceef07cc750bf55e5aa0222faf77e791691fbff6e23f6b", "8d8eeecad481ae6d9209783a46471480c8b6ab7ffb58a4389f5f998f18b5a766", "2e6e762ed36e4c658103589677c9ba57ea9cab12fbebb4f5ab31b6dfc84422e7", "72d144718b637df5aa2e3ffd2a53cfbb1c1c66747a91c31ff2f4c5acb04665c0", "94b2f9894c28871877ea5a718351c0f49b658870e5ecdb3d7dd769c217a13262", "1951ca222c904e1a0d5785c10ce55aaceb7704a361887c0163460a0a0d85da10", "efa928f9aad2277f8f57dbbd55b794662d812b34eceb212a42b5dcaed1d09bd7", "402cc9bcd9b0e38c90c255c5494fc0ac7bbb8499c11fde1f5c8ef86ec88d4804", "955fb96a5f2f17107c7cf8e653b1897a164c07fd888fa4fbf531fe6740141ca4", "d988e37695bb220b194c9fb65ef556ceb31383d3593650ab14fd8e4ddcc4ef92", "5c0c829fd692286d22b86e328d803757e7c73ff327be059be671deddaff17ce2", "73bdb28a6ec7c46e6433ee7dc4f5db607d8cedeaa5c6477f02c4cb3adb7ab6bd", "a87daab5d6f0108314cc1d111a203f2f42d4c31fe53d5691293e0533ea76ec7d", "8f40656c7cc25c7e71c88ea0371c7e8eaee81e690fa820478d7ffa80c7d1ec51", "763fcd1c9c5d5c3ab04f7b24fd93e097e51f2d5f28bd318c2f3a51780ad74098", "dbbfbd1923e3fa44a0c0df81a24c52c87dff0a02de9b27f40782cc0e5fb622d3", "85840ebfca28e815ab0e8128f5b0148131b3ba738d7fe877e101fcb7ad720818", "e32ceee1ee02c1a188e37107116aa9e5ce43ef9470475d6d385481a0aa1d4939"], "mitre_attack_tags": []}, {"bi": "registry-autorun-key-temp-dir", "hashes": ["45207b8c32562bfa2b1793333c65488c1a5bb2445de5b58d2e1b69518b01426a", "c14b179284581a1ba8a5f4a4e5ecf25990cd063d301ac2698562def93981e977", "935ff1e239e8d73219f916d7292157f4eeb1ade26f2f5d5641b1ebf32cb45c22", "3f3cf021fac08cf239ceef07cc750bf55e5aa0222faf77e791691fbff6e23f6b", "8d8eeecad481ae6d9209783a46471480c8b6ab7ffb58a4389f5f998f18b5a766", "2e6e762ed36e4c658103589677c9ba57ea9cab12fbebb4f5ab31b6dfc84422e7", "72d144718b637df5aa2e3ffd2a53cfbb1c1c66747a91c31ff2f4c5acb04665c0", "94b2f9894c28871877ea5a718351c0f49b658870e5ecdb3d7dd769c217a13262", "1951ca222c904e1a0d5785c10ce55aaceb7704a361887c0163460a0a0d85da10", "efa928f9aad2277f8f57dbbd55b794662d812b34eceb212a42b5dcaed1d09bd7", "402cc9bcd9b0e38c90c255c5494fc0ac7bbb8499c11fde1f5c8ef86ec88d4804", "955fb96a5f2f17107c7cf8e653b1897a164c07fd888fa4fbf531fe6740141ca4", "d988e37695bb220b194c9fb65ef556ceb31383d3593650ab14fd8e4ddcc4ef92", "5c0c829fd692286d22b86e328d803757e7c73ff327be059be671deddaff17ce2", "73bdb28a6ec7c46e6433ee7dc4f5db607d8cedeaa5c6477f02c4cb3adb7ab6bd", "a87daab5d6f0108314cc1d111a203f2f42d4c31fe53d5691293e0533ea76ec7d", "8f40656c7cc25c7e71c88ea0371c7e8eaee81e690fa820478d7ffa80c7d1ec51", "763fcd1c9c5d5c3ab04f7b24fd93e097e51f2d5f28bd318c2f3a51780ad74098", "dbbfbd1923e3fa44a0c0df81a24c52c87dff0a02de9b27f40782cc0e5fb622d3", "85840ebfca28e815ab0e8128f5b0148131b3ba738d7fe877e101fcb7ad720818", "e32ceee1ee02c1a188e37107116aa9e5ce43ef9470475d6d385481a0aa1d4939"], "mitre_attack_tags": ["TA0003", "T1060"]}, {"bi": "registry-disable-open-file-security-warning", "hashes": ["45207b8c32562bfa2b1793333c65488c1a5bb2445de5b58d2e1b69518b01426a", "c14b179284581a1ba8a5f4a4e5ecf25990cd063d301ac2698562def93981e977", "935ff1e239e8d73219f916d7292157f4eeb1ade26f2f5d5641b1ebf32cb45c22", "3f3cf021fac08cf239ceef07cc750bf55e5aa0222faf77e791691fbff6e23f6b", "8d8eeecad481ae6d9209783a46471480c8b6ab7ffb58a4389f5f998f18b5a766", "2e6e762ed36e4c658103589677c9ba57ea9cab12fbebb4f5ab31b6dfc84422e7", "72d144718b637df5aa2e3ffd2a53cfbb1c1c66747a91c31ff2f4c5acb04665c0", "94b2f9894c28871877ea5a718351c0f49b658870e5ecdb3d7dd769c217a13262", "1951ca222c904e1a0d5785c10ce55aaceb7704a361887c0163460a0a0d85da10", "efa928f9aad2277f8f57dbbd55b794662d812b34eceb212a42b5dcaed1d09bd7", "402cc9bcd9b0e38c90c255c5494fc0ac7bbb8499c11fde1f5c8ef86ec88d4804", "955fb96a5f2f17107c7cf8e653b1897a164c07fd888fa4fbf531fe6740141ca4", "d988e37695bb220b194c9fb65ef556ceb31383d3593650ab14fd8e4ddcc4ef92", "5c0c829fd692286d22b86e328d803757e7c73ff327be059be671deddaff17ce2", "73bdb28a6ec7c46e6433ee7dc4f5db607d8cedeaa5c6477f02c4cb3adb7ab6bd", "a87daab5d6f0108314cc1d111a203f2f42d4c31fe53d5691293e0533ea76ec7d", "8f40656c7cc25c7e71c88ea0371c7e8eaee81e690fa820478d7ffa80c7d1ec51", "763fcd1c9c5d5c3ab04f7b24fd93e097e51f2d5f28bd318c2f3a51780ad74098", "dbbfbd1923e3fa44a0c0df81a24c52c87dff0a02de9b27f40782cc0e5fb622d3", "85840ebfca28e815ab0e8128f5b0148131b3ba738d7fe877e101fcb7ad720818", "e32ceee1ee02c1a188e37107116aa9e5ce43ef9470475d6d385481a0aa1d4939"], "mitre_attack_tags": ["TA0005", "T1112", "T1089"]}, {"bi": "registry-parseautoexec", "hashes": ["45207b8c32562bfa2b1793333c65488c1a5bb2445de5b58d2e1b69518b01426a", "c14b179284581a1ba8a5f4a4e5ecf25990cd063d301ac2698562def93981e977", "935ff1e239e8d73219f916d7292157f4eeb1ade26f2f5d5641b1ebf32cb45c22", "3f3cf021fac08cf239ceef07cc750bf55e5aa0222faf77e791691fbff6e23f6b", "8d8eeecad481ae6d9209783a46471480c8b6ab7ffb58a4389f5f998f18b5a766", "2e6e762ed36e4c658103589677c9ba57ea9cab12fbebb4f5ab31b6dfc84422e7", "72d144718b637df5aa2e3ffd2a53cfbb1c1c66747a91c31ff2f4c5acb04665c0", "94b2f9894c28871877ea5a718351c0f49b658870e5ecdb3d7dd769c217a13262", "1951ca222c904e1a0d5785c10ce55aaceb7704a361887c0163460a0a0d85da10", "efa928f9aad2277f8f57dbbd55b794662d812b34eceb212a42b5dcaed1d09bd7", "402cc9bcd9b0e38c90c255c5494fc0ac7bbb8499c11fde1f5c8ef86ec88d4804", "955fb96a5f2f17107c7cf8e653b1897a164c07fd888fa4fbf531fe6740141ca4", "d988e37695bb220b194c9fb65ef556ceb31383d3593650ab14fd8e4ddcc4ef92", "5c0c829fd692286d22b86e328d803757e7c73ff327be059be671deddaff17ce2", "73bdb28a6ec7c46e6433ee7dc4f5db607d8cedeaa5c6477f02c4cb3adb7ab6bd", "a87daab5d6f0108314cc1d111a203f2f42d4c31fe53d5691293e0533ea76ec7d", "8f40656c7cc25c7e71c88ea0371c7e8eaee81e690fa820478d7ffa80c7d1ec51", "763fcd1c9c5d5c3ab04f7b24fd93e097e51f2d5f28bd318c2f3a51780ad74098", "dbbfbd1923e3fa44a0c0df81a24c52c87dff0a02de9b27f40782cc0e5fb622d3", "85840ebfca28e815ab0e8128f5b0148131b3ba738d7fe877e101fcb7ad720818", "e32ceee1ee02c1a188e37107116aa9e5ce43ef9470475d6d385481a0aa1d4939"], "mitre_attack_tags": ["TA0003", "T1112"]}, {"bi": "malware-generic-dotnet-trojan-uses-random-guid-mutex", "hashes": ["45207b8c32562bfa2b1793333c65488c1a5bb2445de5b58d2e1b69518b01426a", "c14b179284581a1ba8a5f4a4e5ecf25990cd063d301ac2698562def93981e977", "935ff1e239e8d73219f916d7292157f4eeb1ade26f2f5d5641b1ebf32cb45c22", "3f3cf021fac08cf239ceef07cc750bf55e5aa0222faf77e791691fbff6e23f6b", "8d8eeecad481ae6d9209783a46471480c8b6ab7ffb58a4389f5f998f18b5a766", "2e6e762ed36e4c658103589677c9ba57ea9cab12fbebb4f5ab31b6dfc84422e7", "72d144718b637df5aa2e3ffd2a53cfbb1c1c66747a91c31ff2f4c5acb04665c0", "94b2f9894c28871877ea5a718351c0f49b658870e5ecdb3d7dd769c217a13262", "1951ca222c904e1a0d5785c10ce55aaceb7704a361887c0163460a0a0d85da10", "efa928f9aad2277f8f57dbbd55b794662d812b34eceb212a42b5dcaed1d09bd7", "402cc9bcd9b0e38c90c255c5494fc0ac7bbb8499c11fde1f5c8ef86ec88d4804", "955fb96a5f2f17107c7cf8e653b1897a164c07fd888fa4fbf531fe6740141ca4", "d988e37695bb220b194c9fb65ef556ceb31383d3593650ab14fd8e4ddcc4ef92", "5c0c829fd692286d22b86e328d803757e7c73ff327be059be671deddaff17ce2", "73bdb28a6ec7c46e6433ee7dc4f5db607d8cedeaa5c6477f02c4cb3adb7ab6bd", "a87daab5d6f0108314cc1d111a203f2f42d4c31fe53d5691293e0533ea76ec7d", "8f40656c7cc25c7e71c88ea0371c7e8eaee81e690fa820478d7ffa80c7d1ec51", "763fcd1c9c5d5c3ab04f7b24fd93e097e51f2d5f28bd318c2f3a51780ad74098", "dbbfbd1923e3fa44a0c0df81a24c52c87dff0a02de9b27f40782cc0e5fb622d3", "85840ebfca28e815ab0e8128f5b0148131b3ba738d7fe877e101fcb7ad720818", "e32ceee1ee02c1a188e37107116aa9e5ce43ef9470475d6d385481a0aa1d4939"], "mitre_attack_tags": []}, {"bi": "firewall-exception-user-dir", "hashes": ["45207b8c32562bfa2b1793333c65488c1a5bb2445de5b58d2e1b69518b01426a", "c14b179284581a1ba8a5f4a4e5ecf25990cd063d301ac2698562def93981e977", "935ff1e239e8d73219f916d7292157f4eeb1ade26f2f5d5641b1ebf32cb45c22", "3f3cf021fac08cf239ceef07cc750bf55e5aa0222faf77e791691fbff6e23f6b", "8d8eeecad481ae6d9209783a46471480c8b6ab7ffb58a4389f5f998f18b5a766", "2e6e762ed36e4c658103589677c9ba57ea9cab12fbebb4f5ab31b6dfc84422e7", "72d144718b637df5aa2e3ffd2a53cfbb1c1c66747a91c31ff2f4c5acb04665c0", "94b2f9894c28871877ea5a718351c0f49b658870e5ecdb3d7dd769c217a13262", "1951ca222c904e1a0d5785c10ce55aaceb7704a361887c0163460a0a0d85da10", "efa928f9aad2277f8f57dbbd55b794662d812b34eceb212a42b5dcaed1d09bd7", "402cc9bcd9b0e38c90c255c5494fc0ac7bbb8499c11fde1f5c8ef86ec88d4804", "955fb96a5f2f17107c7cf8e653b1897a164c07fd888fa4fbf531fe6740141ca4", "d988e37695bb220b194c9fb65ef556ceb31383d3593650ab14fd8e4ddcc4ef92", "5c0c829fd692286d22b86e328d803757e7c73ff327be059be671deddaff17ce2", "73bdb28a6ec7c46e6433ee7dc4f5db607d8cedeaa5c6477f02c4cb3adb7ab6bd", "a87daab5d6f0108314cc1d111a203f2f42d4c31fe53d5691293e0533ea76ec7d", "8f40656c7cc25c7e71c88ea0371c7e8eaee81e690fa820478d7ffa80c7d1ec51", "763fcd1c9c5d5c3ab04f7b24fd93e097e51f2d5f28bd318c2f3a51780ad74098", "dbbfbd1923e3fa44a0c0df81a24c52c87dff0a02de9b27f40782cc0e5fb622d3", "85840ebfca28e815ab0e8128f5b0148131b3ba738d7fe877e101fcb7ad720818", "e32ceee1ee02c1a188e37107116aa9e5ce43ef9470475d6d385481a0aa1d4939"], "mitre_attack_tags": ["TA0011", "TA0005", "T1089"]}], "category": "Packed", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": false, "Threat Grid": true, "Umbrella": false, "WSA": false}, "description": "njRAT, also known as Bladabindi, is a remote access trojan (RAT) that allows attackers to execute commands on the infected host, log keystrokes and remotely turn on the victim's webcam and microphone. njRAT was developed by the Sparclyheason group. Some of the largest attacks using this malware date back to 2014.", "hashes": ["1951ca222c904e1a0d5785c10ce55aaceb7704a361887c0163460a0a0d85da10", "2e6e762ed36e4c658103589677c9ba57ea9cab12fbebb4f5ab31b6dfc84422e7", "3f3cf021fac08cf239ceef07cc750bf55e5aa0222faf77e791691fbff6e23f6b", "402cc9bcd9b0e38c90c255c5494fc0ac7bbb8499c11fde1f5c8ef86ec88d4804", "45207b8c32562bfa2b1793333c65488c1a5bb2445de5b58d2e1b69518b01426a", "5c0c829fd692286d22b86e328d803757e7c73ff327be059be671deddaff17ce2", "72d144718b637df5aa2e3ffd2a53cfbb1c1c66747a91c31ff2f4c5acb04665c0", "73bdb28a6ec7c46e6433ee7dc4f5db607d8cedeaa5c6477f02c4cb3adb7ab6bd", "763fcd1c9c5d5c3ab04f7b24fd93e097e51f2d5f28bd318c2f3a51780ad74098", "85840ebfca28e815ab0e8128f5b0148131b3ba738d7fe877e101fcb7ad720818", "8d8eeecad481ae6d9209783a46471480c8b6ab7ffb58a4389f5f998f18b5a766", "8f40656c7cc25c7e71c88ea0371c7e8eaee81e690fa820478d7ffa80c7d1ec51", "935ff1e239e8d73219f916d7292157f4eeb1ade26f2f5d5641b1ebf32cb45c22", "94b2f9894c28871877ea5a718351c0f49b658870e5ecdb3d7dd769c217a13262", "955fb96a5f2f17107c7cf8e653b1897a164c07fd888fa4fbf531fe6740141ca4", "a87daab5d6f0108314cc1d111a203f2f42d4c31fe53d5691293e0533ea76ec7d", "c14b179284581a1ba8a5f4a4e5ecf25990cd063d301ac2698562def93981e977", "d988e37695bb220b194c9fb65ef556ceb31383d3593650ab14fd8e4ddcc4ef92", "dbbfbd1923e3fa44a0c0df81a24c52c87dff0a02de9b27f40782cc0e5fb622d3", "e32ceee1ee02c1a188e37107116aa9e5ce43ef9470475d6d385481a0aa1d4939", "efa928f9aad2277f8f57dbbd55b794662d812b34eceb212a42b5dcaed1d09bd7"], "iocs": {"domain": [{"hashes": ["1951ca222c904e1a0d5785c10ce55aaceb7704a361887c0163460a0a0d85da10", "2e6e762ed36e4c658103589677c9ba57ea9cab12fbebb4f5ab31b6dfc84422e7", "3f3cf021fac08cf239ceef07cc750bf55e5aa0222faf77e791691fbff6e23f6b", "402cc9bcd9b0e38c90c255c5494fc0ac7bbb8499c11fde1f5c8ef86ec88d4804", "45207b8c32562bfa2b1793333c65488c1a5bb2445de5b58d2e1b69518b01426a", "5c0c829fd692286d22b86e328d803757e7c73ff327be059be671deddaff17ce2", "72d144718b637df5aa2e3ffd2a53cfbb1c1c66747a91c31ff2f4c5acb04665c0", "73bdb28a6ec7c46e6433ee7dc4f5db607d8cedeaa5c6477f02c4cb3adb7ab6bd", "763fcd1c9c5d5c3ab04f7b24fd93e097e51f2d5f28bd318c2f3a51780ad74098", "85840ebfca28e815ab0e8128f5b0148131b3ba738d7fe877e101fcb7ad720818", "8d8eeecad481ae6d9209783a46471480c8b6ab7ffb58a4389f5f998f18b5a766", "8f40656c7cc25c7e71c88ea0371c7e8eaee81e690fa820478d7ffa80c7d1ec51", "935ff1e239e8d73219f916d7292157f4eeb1ade26f2f5d5641b1ebf32cb45c22", "94b2f9894c28871877ea5a718351c0f49b658870e5ecdb3d7dd769c217a13262", "955fb96a5f2f17107c7cf8e653b1897a164c07fd888fa4fbf531fe6740141ca4", "a87daab5d6f0108314cc1d111a203f2f42d4c31fe53d5691293e0533ea76ec7d", "c14b179284581a1ba8a5f4a4e5ecf25990cd063d301ac2698562def93981e977", "d988e37695bb220b194c9fb65ef556ceb31383d3593650ab14fd8e4ddcc4ef92", "dbbfbd1923e3fa44a0c0df81a24c52c87dff0a02de9b27f40782cc0e5fb622d3", "e32ceee1ee02c1a188e37107116aa9e5ce43ef9470475d6d385481a0aa1d4939", "efa928f9aad2277f8f57dbbd55b794662d812b34eceb212a42b5dcaed1d09bd7"], "host": "hostsn[.]ddns[.]net"}], "file": [{"hashes": ["1951ca222c904e1a0d5785c10ce55aaceb7704a361887c0163460a0a0d85da10", "2e6e762ed36e4c658103589677c9ba57ea9cab12fbebb4f5ab31b6dfc84422e7", "3f3cf021fac08cf239ceef07cc750bf55e5aa0222faf77e791691fbff6e23f6b", "402cc9bcd9b0e38c90c255c5494fc0ac7bbb8499c11fde1f5c8ef86ec88d4804", "45207b8c32562bfa2b1793333c65488c1a5bb2445de5b58d2e1b69518b01426a", "5c0c829fd692286d22b86e328d803757e7c73ff327be059be671deddaff17ce2", "72d144718b637df5aa2e3ffd2a53cfbb1c1c66747a91c31ff2f4c5acb04665c0", "73bdb28a6ec7c46e6433ee7dc4f5db607d8cedeaa5c6477f02c4cb3adb7ab6bd", "763fcd1c9c5d5c3ab04f7b24fd93e097e51f2d5f28bd318c2f3a51780ad74098", "85840ebfca28e815ab0e8128f5b0148131b3ba738d7fe877e101fcb7ad720818", "8d8eeecad481ae6d9209783a46471480c8b6ab7ffb58a4389f5f998f18b5a766", "8f40656c7cc25c7e71c88ea0371c7e8eaee81e690fa820478d7ffa80c7d1ec51", "935ff1e239e8d73219f916d7292157f4eeb1ade26f2f5d5641b1ebf32cb45c22", "94b2f9894c28871877ea5a718351c0f49b658870e5ecdb3d7dd769c217a13262", "955fb96a5f2f17107c7cf8e653b1897a164c07fd888fa4fbf531fe6740141ca4", "a87daab5d6f0108314cc1d111a203f2f42d4c31fe53d5691293e0533ea76ec7d", "c14b179284581a1ba8a5f4a4e5ecf25990cd063d301ac2698562def93981e977", "d988e37695bb220b194c9fb65ef556ceb31383d3593650ab14fd8e4ddcc4ef92", "dbbfbd1923e3fa44a0c0df81a24c52c87dff0a02de9b27f40782cc0e5fb622d3", "e32ceee1ee02c1a188e37107116aa9e5ce43ef9470475d6d385481a0aa1d4939", "efa928f9aad2277f8f57dbbd55b794662d812b34eceb212a42b5dcaed1d09bd7"], "path": "%TEMP%\\server.exe"}, {"hashes": ["1951ca222c904e1a0d5785c10ce55aaceb7704a361887c0163460a0a0d85da10", "2e6e762ed36e4c658103589677c9ba57ea9cab12fbebb4f5ab31b6dfc84422e7", "3f3cf021fac08cf239ceef07cc750bf55e5aa0222faf77e791691fbff6e23f6b", "402cc9bcd9b0e38c90c255c5494fc0ac7bbb8499c11fde1f5c8ef86ec88d4804", "45207b8c32562bfa2b1793333c65488c1a5bb2445de5b58d2e1b69518b01426a", "5c0c829fd692286d22b86e328d803757e7c73ff327be059be671deddaff17ce2", "72d144718b637df5aa2e3ffd2a53cfbb1c1c66747a91c31ff2f4c5acb04665c0", "73bdb28a6ec7c46e6433ee7dc4f5db607d8cedeaa5c6477f02c4cb3adb7ab6bd", "763fcd1c9c5d5c3ab04f7b24fd93e097e51f2d5f28bd318c2f3a51780ad74098", "85840ebfca28e815ab0e8128f5b0148131b3ba738d7fe877e101fcb7ad720818", "8d8eeecad481ae6d9209783a46471480c8b6ab7ffb58a4389f5f998f18b5a766", "8f40656c7cc25c7e71c88ea0371c7e8eaee81e690fa820478d7ffa80c7d1ec51", "935ff1e239e8d73219f916d7292157f4eeb1ade26f2f5d5641b1ebf32cb45c22", "94b2f9894c28871877ea5a718351c0f49b658870e5ecdb3d7dd769c217a13262", "955fb96a5f2f17107c7cf8e653b1897a164c07fd888fa4fbf531fe6740141ca4", "a87daab5d6f0108314cc1d111a203f2f42d4c31fe53d5691293e0533ea76ec7d", "c14b179284581a1ba8a5f4a4e5ecf25990cd063d301ac2698562def93981e977", "d988e37695bb220b194c9fb65ef556ceb31383d3593650ab14fd8e4ddcc4ef92", "dbbfbd1923e3fa44a0c0df81a24c52c87dff0a02de9b27f40782cc0e5fb622d3", "e32ceee1ee02c1a188e37107116aa9e5ce43ef9470475d6d385481a0aa1d4939", "efa928f9aad2277f8f57dbbd55b794662d812b34eceb212a42b5dcaed1d09bd7"], "path": "%APPDATA%\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\a98230fc57000ffb40a201c3aab2a245.exe"}, {"hashes": ["1951ca222c904e1a0d5785c10ce55aaceb7704a361887c0163460a0a0d85da10", "2e6e762ed36e4c658103589677c9ba57ea9cab12fbebb4f5ab31b6dfc84422e7", "3f3cf021fac08cf239ceef07cc750bf55e5aa0222faf77e791691fbff6e23f6b", "402cc9bcd9b0e38c90c255c5494fc0ac7bbb8499c11fde1f5c8ef86ec88d4804", "45207b8c32562bfa2b1793333c65488c1a5bb2445de5b58d2e1b69518b01426a", "5c0c829fd692286d22b86e328d803757e7c73ff327be059be671deddaff17ce2", "72d144718b637df5aa2e3ffd2a53cfbb1c1c66747a91c31ff2f4c5acb04665c0", "73bdb28a6ec7c46e6433ee7dc4f5db607d8cedeaa5c6477f02c4cb3adb7ab6bd", "763fcd1c9c5d5c3ab04f7b24fd93e097e51f2d5f28bd318c2f3a51780ad74098", "85840ebfca28e815ab0e8128f5b0148131b3ba738d7fe877e101fcb7ad720818", "8d8eeecad481ae6d9209783a46471480c8b6ab7ffb58a4389f5f998f18b5a766", "8f40656c7cc25c7e71c88ea0371c7e8eaee81e690fa820478d7ffa80c7d1ec51", "935ff1e239e8d73219f916d7292157f4eeb1ade26f2f5d5641b1ebf32cb45c22", "94b2f9894c28871877ea5a718351c0f49b658870e5ecdb3d7dd769c217a13262", "955fb96a5f2f17107c7cf8e653b1897a164c07fd888fa4fbf531fe6740141ca4", "a87daab5d6f0108314cc1d111a203f2f42d4c31fe53d5691293e0533ea76ec7d", "c14b179284581a1ba8a5f4a4e5ecf25990cd063d301ac2698562def93981e977", "d988e37695bb220b194c9fb65ef556ceb31383d3593650ab14fd8e4ddcc4ef92", "dbbfbd1923e3fa44a0c0df81a24c52c87dff0a02de9b27f40782cc0e5fb622d3", "e32ceee1ee02c1a188e37107116aa9e5ce43ef9470475d6d385481a0aa1d4939", "efa928f9aad2277f8f57dbbd55b794662d812b34eceb212a42b5dcaed1d09bd7"], "path": "%HOMEPATH%\\Start Menu\\Programs\\Startup\\a98230fc57000ffb40a201c3aab2a245.exe"}], "ip": [], "mutex": [{"hashes": ["1951ca222c904e1a0d5785c10ce55aaceb7704a361887c0163460a0a0d85da10", "2e6e762ed36e4c658103589677c9ba57ea9cab12fbebb4f5ab31b6dfc84422e7", "3f3cf021fac08cf239ceef07cc750bf55e5aa0222faf77e791691fbff6e23f6b", "402cc9bcd9b0e38c90c255c5494fc0ac7bbb8499c11fde1f5c8ef86ec88d4804", "45207b8c32562bfa2b1793333c65488c1a5bb2445de5b58d2e1b69518b01426a", "5c0c829fd692286d22b86e328d803757e7c73ff327be059be671deddaff17ce2", "72d144718b637df5aa2e3ffd2a53cfbb1c1c66747a91c31ff2f4c5acb04665c0", "73bdb28a6ec7c46e6433ee7dc4f5db607d8cedeaa5c6477f02c4cb3adb7ab6bd", "763fcd1c9c5d5c3ab04f7b24fd93e097e51f2d5f28bd318c2f3a51780ad74098", "85840ebfca28e815ab0e8128f5b0148131b3ba738d7fe877e101fcb7ad720818", "8d8eeecad481ae6d9209783a46471480c8b6ab7ffb58a4389f5f998f18b5a766", "8f40656c7cc25c7e71c88ea0371c7e8eaee81e690fa820478d7ffa80c7d1ec51", "935ff1e239e8d73219f916d7292157f4eeb1ade26f2f5d5641b1ebf32cb45c22", "94b2f9894c28871877ea5a718351c0f49b658870e5ecdb3d7dd769c217a13262", "955fb96a5f2f17107c7cf8e653b1897a164c07fd888fa4fbf531fe6740141ca4", "a87daab5d6f0108314cc1d111a203f2f42d4c31fe53d5691293e0533ea76ec7d", "c14b179284581a1ba8a5f4a4e5ecf25990cd063d301ac2698562def93981e977", "d988e37695bb220b194c9fb65ef556ceb31383d3593650ab14fd8e4ddcc4ef92", "dbbfbd1923e3fa44a0c0df81a24c52c87dff0a02de9b27f40782cc0e5fb622d3", "e32ceee1ee02c1a188e37107116aa9e5ce43ef9470475d6d385481a0aa1d4939", "efa928f9aad2277f8f57dbbd55b794662d812b34eceb212a42b5dcaed1d09bd7"], "name": "a98230fc57000ffb40a201c3aab2a245"}], "registry": [{"hashes": ["1951ca222c904e1a0d5785c10ce55aaceb7704a361887c0163460a0a0d85da10", "2e6e762ed36e4c658103589677c9ba57ea9cab12fbebb4f5ab31b6dfc84422e7", "3f3cf021fac08cf239ceef07cc750bf55e5aa0222faf77e791691fbff6e23f6b", "402cc9bcd9b0e38c90c255c5494fc0ac7bbb8499c11fde1f5c8ef86ec88d4804", "45207b8c32562bfa2b1793333c65488c1a5bb2445de5b58d2e1b69518b01426a", "5c0c829fd692286d22b86e328d803757e7c73ff327be059be671deddaff17ce2", "72d144718b637df5aa2e3ffd2a53cfbb1c1c66747a91c31ff2f4c5acb04665c0", "73bdb28a6ec7c46e6433ee7dc4f5db607d8cedeaa5c6477f02c4cb3adb7ab6bd", "763fcd1c9c5d5c3ab04f7b24fd93e097e51f2d5f28bd318c2f3a51780ad74098", "85840ebfca28e815ab0e8128f5b0148131b3ba738d7fe877e101fcb7ad720818", "8d8eeecad481ae6d9209783a46471480c8b6ab7ffb58a4389f5f998f18b5a766", "8f40656c7cc25c7e71c88ea0371c7e8eaee81e690fa820478d7ffa80c7d1ec51", "935ff1e239e8d73219f916d7292157f4eeb1ade26f2f5d5641b1ebf32cb45c22", "94b2f9894c28871877ea5a718351c0f49b658870e5ecdb3d7dd769c217a13262", "955fb96a5f2f17107c7cf8e653b1897a164c07fd888fa4fbf531fe6740141ca4", "a87daab5d6f0108314cc1d111a203f2f42d4c31fe53d5691293e0533ea76ec7d", "c14b179284581a1ba8a5f4a4e5ecf25990cd063d301ac2698562def93981e977", "d988e37695bb220b194c9fb65ef556ceb31383d3593650ab14fd8e4ddcc4ef92", "dbbfbd1923e3fa44a0c0df81a24c52c87dff0a02de9b27f40782cc0e5fb622d3", "e32ceee1ee02c1a188e37107116aa9e5ce43ef9470475d6d385481a0aa1d4939", "efa928f9aad2277f8f57dbbd55b794662d812b34eceb212a42b5dcaed1d09bd7"], "key": "<HKU>\\S-1-5-21-2580483871-590521980-3826313501-500", "value_name": "di"}, {"hashes": ["1951ca222c904e1a0d5785c10ce55aaceb7704a361887c0163460a0a0d85da10", "2e6e762ed36e4c658103589677c9ba57ea9cab12fbebb4f5ab31b6dfc84422e7", "3f3cf021fac08cf239ceef07cc750bf55e5aa0222faf77e791691fbff6e23f6b", "402cc9bcd9b0e38c90c255c5494fc0ac7bbb8499c11fde1f5c8ef86ec88d4804", "45207b8c32562bfa2b1793333c65488c1a5bb2445de5b58d2e1b69518b01426a", "5c0c829fd692286d22b86e328d803757e7c73ff327be059be671deddaff17ce2", "72d144718b637df5aa2e3ffd2a53cfbb1c1c66747a91c31ff2f4c5acb04665c0", "73bdb28a6ec7c46e6433ee7dc4f5db607d8cedeaa5c6477f02c4cb3adb7ab6bd", "763fcd1c9c5d5c3ab04f7b24fd93e097e51f2d5f28bd318c2f3a51780ad74098", "85840ebfca28e815ab0e8128f5b0148131b3ba738d7fe877e101fcb7ad720818", "8d8eeecad481ae6d9209783a46471480c8b6ab7ffb58a4389f5f998f18b5a766", "8f40656c7cc25c7e71c88ea0371c7e8eaee81e690fa820478d7ffa80c7d1ec51", "935ff1e239e8d73219f916d7292157f4eeb1ade26f2f5d5641b1ebf32cb45c22", "94b2f9894c28871877ea5a718351c0f49b658870e5ecdb3d7dd769c217a13262", "955fb96a5f2f17107c7cf8e653b1897a164c07fd888fa4fbf531fe6740141ca4", "a87daab5d6f0108314cc1d111a203f2f42d4c31fe53d5691293e0533ea76ec7d", "c14b179284581a1ba8a5f4a4e5ecf25990cd063d301ac2698562def93981e977", "d988e37695bb220b194c9fb65ef556ceb31383d3593650ab14fd8e4ddcc4ef92", "dbbfbd1923e3fa44a0c0df81a24c52c87dff0a02de9b27f40782cc0e5fb622d3", "e32ceee1ee02c1a188e37107116aa9e5ce43ef9470475d6d385481a0aa1d4939", "efa928f9aad2277f8f57dbbd55b794662d812b34eceb212a42b5dcaed1d09bd7"], "key": "<HKCU>\\ENVIRONMENT", "value_name": "SEE_MASK_NOZONECHECKS"}, {"hashes": ["1951ca222c904e1a0d5785c10ce55aaceb7704a361887c0163460a0a0d85da10", "2e6e762ed36e4c658103589677c9ba57ea9cab12fbebb4f5ab31b6dfc84422e7", "3f3cf021fac08cf239ceef07cc750bf55e5aa0222faf77e791691fbff6e23f6b", "402cc9bcd9b0e38c90c255c5494fc0ac7bbb8499c11fde1f5c8ef86ec88d4804", "45207b8c32562bfa2b1793333c65488c1a5bb2445de5b58d2e1b69518b01426a", "5c0c829fd692286d22b86e328d803757e7c73ff327be059be671deddaff17ce2", "72d144718b637df5aa2e3ffd2a53cfbb1c1c66747a91c31ff2f4c5acb04665c0", "73bdb28a6ec7c46e6433ee7dc4f5db607d8cedeaa5c6477f02c4cb3adb7ab6bd", "763fcd1c9c5d5c3ab04f7b24fd93e097e51f2d5f28bd318c2f3a51780ad74098", "85840ebfca28e815ab0e8128f5b0148131b3ba738d7fe877e101fcb7ad720818", "8d8eeecad481ae6d9209783a46471480c8b6ab7ffb58a4389f5f998f18b5a766", "8f40656c7cc25c7e71c88ea0371c7e8eaee81e690fa820478d7ffa80c7d1ec51", "935ff1e239e8d73219f916d7292157f4eeb1ade26f2f5d5641b1ebf32cb45c22", "94b2f9894c28871877ea5a718351c0f49b658870e5ecdb3d7dd769c217a13262", "955fb96a5f2f17107c7cf8e653b1897a164c07fd888fa4fbf531fe6740141ca4", "a87daab5d6f0108314cc1d111a203f2f42d4c31fe53d5691293e0533ea76ec7d", "c14b179284581a1ba8a5f4a4e5ecf25990cd063d301ac2698562def93981e977", "d988e37695bb220b194c9fb65ef556ceb31383d3593650ab14fd8e4ddcc4ef92", "dbbfbd1923e3fa44a0c0df81a24c52c87dff0a02de9b27f40782cc0e5fb622d3", "e32ceee1ee02c1a188e37107116aa9e5ce43ef9470475d6d385481a0aa1d4939", "efa928f9aad2277f8f57dbbd55b794662d812b34eceb212a42b5dcaed1d09bd7"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINLOGON", "value_name": "ParseAutoexec"}, {"hashes": ["1951ca222c904e1a0d5785c10ce55aaceb7704a361887c0163460a0a0d85da10", "2e6e762ed36e4c658103589677c9ba57ea9cab12fbebb4f5ab31b6dfc84422e7", "3f3cf021fac08cf239ceef07cc750bf55e5aa0222faf77e791691fbff6e23f6b", "402cc9bcd9b0e38c90c255c5494fc0ac7bbb8499c11fde1f5c8ef86ec88d4804", "45207b8c32562bfa2b1793333c65488c1a5bb2445de5b58d2e1b69518b01426a", "5c0c829fd692286d22b86e328d803757e7c73ff327be059be671deddaff17ce2", "72d144718b637df5aa2e3ffd2a53cfbb1c1c66747a91c31ff2f4c5acb04665c0", "73bdb28a6ec7c46e6433ee7dc4f5db607d8cedeaa5c6477f02c4cb3adb7ab6bd", "763fcd1c9c5d5c3ab04f7b24fd93e097e51f2d5f28bd318c2f3a51780ad74098", "85840ebfca28e815ab0e8128f5b0148131b3ba738d7fe877e101fcb7ad720818", "8d8eeecad481ae6d9209783a46471480c8b6ab7ffb58a4389f5f998f18b5a766", "8f40656c7cc25c7e71c88ea0371c7e8eaee81e690fa820478d7ffa80c7d1ec51", "935ff1e239e8d73219f916d7292157f4eeb1ade26f2f5d5641b1ebf32cb45c22", "94b2f9894c28871877ea5a718351c0f49b658870e5ecdb3d7dd769c217a13262", "955fb96a5f2f17107c7cf8e653b1897a164c07fd888fa4fbf531fe6740141ca4", "a87daab5d6f0108314cc1d111a203f2f42d4c31fe53d5691293e0533ea76ec7d", "c14b179284581a1ba8a5f4a4e5ecf25990cd063d301ac2698562def93981e977", "d988e37695bb220b194c9fb65ef556ceb31383d3593650ab14fd8e4ddcc4ef92", "dbbfbd1923e3fa44a0c0df81a24c52c87dff0a02de9b27f40782cc0e5fb622d3", "e32ceee1ee02c1a188e37107116aa9e5ce43ef9470475d6d385481a0aa1d4939", "efa928f9aad2277f8f57dbbd55b794662d812b34eceb212a42b5dcaed1d09bd7"], "key": "<HKCU>\\SOFTWARE\\A98230FC57000FFB40A201C3AAB2A245", "value_name": null}, {"hashes": ["1951ca222c904e1a0d5785c10ce55aaceb7704a361887c0163460a0a0d85da10", "2e6e762ed36e4c658103589677c9ba57ea9cab12fbebb4f5ab31b6dfc84422e7", "3f3cf021fac08cf239ceef07cc750bf55e5aa0222faf77e791691fbff6e23f6b", "402cc9bcd9b0e38c90c255c5494fc0ac7bbb8499c11fde1f5c8ef86ec88d4804", "45207b8c32562bfa2b1793333c65488c1a5bb2445de5b58d2e1b69518b01426a", "5c0c829fd692286d22b86e328d803757e7c73ff327be059be671deddaff17ce2", "72d144718b637df5aa2e3ffd2a53cfbb1c1c66747a91c31ff2f4c5acb04665c0", "73bdb28a6ec7c46e6433ee7dc4f5db607d8cedeaa5c6477f02c4cb3adb7ab6bd", "763fcd1c9c5d5c3ab04f7b24fd93e097e51f2d5f28bd318c2f3a51780ad74098", "85840ebfca28e815ab0e8128f5b0148131b3ba738d7fe877e101fcb7ad720818", "8d8eeecad481ae6d9209783a46471480c8b6ab7ffb58a4389f5f998f18b5a766", "8f40656c7cc25c7e71c88ea0371c7e8eaee81e690fa820478d7ffa80c7d1ec51", "935ff1e239e8d73219f916d7292157f4eeb1ade26f2f5d5641b1ebf32cb45c22", "94b2f9894c28871877ea5a718351c0f49b658870e5ecdb3d7dd769c217a13262", "955fb96a5f2f17107c7cf8e653b1897a164c07fd888fa4fbf531fe6740141ca4", "a87daab5d6f0108314cc1d111a203f2f42d4c31fe53d5691293e0533ea76ec7d", "c14b179284581a1ba8a5f4a4e5ecf25990cd063d301ac2698562def93981e977", "d988e37695bb220b194c9fb65ef556ceb31383d3593650ab14fd8e4ddcc4ef92", "dbbfbd1923e3fa44a0c0df81a24c52c87dff0a02de9b27f40782cc0e5fb622d3", "e32ceee1ee02c1a188e37107116aa9e5ce43ef9470475d6d385481a0aa1d4939", "efa928f9aad2277f8f57dbbd55b794662d812b34eceb212a42b5dcaed1d09bd7"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "a98230fc57000ffb40a201c3aab2a245"}, {"hashes": ["1951ca222c904e1a0d5785c10ce55aaceb7704a361887c0163460a0a0d85da10", "2e6e762ed36e4c658103589677c9ba57ea9cab12fbebb4f5ab31b6dfc84422e7", "3f3cf021fac08cf239ceef07cc750bf55e5aa0222faf77e791691fbff6e23f6b", "402cc9bcd9b0e38c90c255c5494fc0ac7bbb8499c11fde1f5c8ef86ec88d4804", "45207b8c32562bfa2b1793333c65488c1a5bb2445de5b58d2e1b69518b01426a", "5c0c829fd692286d22b86e328d803757e7c73ff327be059be671deddaff17ce2", "72d144718b637df5aa2e3ffd2a53cfbb1c1c66747a91c31ff2f4c5acb04665c0", "73bdb28a6ec7c46e6433ee7dc4f5db607d8cedeaa5c6477f02c4cb3adb7ab6bd", "763fcd1c9c5d5c3ab04f7b24fd93e097e51f2d5f28bd318c2f3a51780ad74098", "85840ebfca28e815ab0e8128f5b0148131b3ba738d7fe877e101fcb7ad720818", "8d8eeecad481ae6d9209783a46471480c8b6ab7ffb58a4389f5f998f18b5a766", "8f40656c7cc25c7e71c88ea0371c7e8eaee81e690fa820478d7ffa80c7d1ec51", "935ff1e239e8d73219f916d7292157f4eeb1ade26f2f5d5641b1ebf32cb45c22", "94b2f9894c28871877ea5a718351c0f49b658870e5ecdb3d7dd769c217a13262", "955fb96a5f2f17107c7cf8e653b1897a164c07fd888fa4fbf531fe6740141ca4", "a87daab5d6f0108314cc1d111a203f2f42d4c31fe53d5691293e0533ea76ec7d", "c14b179284581a1ba8a5f4a4e5ecf25990cd063d301ac2698562def93981e977", "d988e37695bb220b194c9fb65ef556ceb31383d3593650ab14fd8e4ddcc4ef92", "dbbfbd1923e3fa44a0c0df81a24c52c87dff0a02de9b27f40782cc0e5fb622d3", "e32ceee1ee02c1a188e37107116aa9e5ce43ef9470475d6d385481a0aa1d4939", "efa928f9aad2277f8f57dbbd55b794662d812b34eceb212a42b5dcaed1d09bd7"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "a98230fc57000ffb40a201c3aab2a245"}, {"hashes": ["1951ca222c904e1a0d5785c10ce55aaceb7704a361887c0163460a0a0d85da10", "2e6e762ed36e4c658103589677c9ba57ea9cab12fbebb4f5ab31b6dfc84422e7", "3f3cf021fac08cf239ceef07cc750bf55e5aa0222faf77e791691fbff6e23f6b", "402cc9bcd9b0e38c90c255c5494fc0ac7bbb8499c11fde1f5c8ef86ec88d4804", "45207b8c32562bfa2b1793333c65488c1a5bb2445de5b58d2e1b69518b01426a", "5c0c829fd692286d22b86e328d803757e7c73ff327be059be671deddaff17ce2", "72d144718b637df5aa2e3ffd2a53cfbb1c1c66747a91c31ff2f4c5acb04665c0", "73bdb28a6ec7c46e6433ee7dc4f5db607d8cedeaa5c6477f02c4cb3adb7ab6bd", "763fcd1c9c5d5c3ab04f7b24fd93e097e51f2d5f28bd318c2f3a51780ad74098", "85840ebfca28e815ab0e8128f5b0148131b3ba738d7fe877e101fcb7ad720818", "8d8eeecad481ae6d9209783a46471480c8b6ab7ffb58a4389f5f998f18b5a766", "8f40656c7cc25c7e71c88ea0371c7e8eaee81e690fa820478d7ffa80c7d1ec51", "935ff1e239e8d73219f916d7292157f4eeb1ade26f2f5d5641b1ebf32cb45c22", "94b2f9894c28871877ea5a718351c0f49b658870e5ecdb3d7dd769c217a13262", "955fb96a5f2f17107c7cf8e653b1897a164c07fd888fa4fbf531fe6740141ca4", "a87daab5d6f0108314cc1d111a203f2f42d4c31fe53d5691293e0533ea76ec7d", "c14b179284581a1ba8a5f4a4e5ecf25990cd063d301ac2698562def93981e977", "d988e37695bb220b194c9fb65ef556ceb31383d3593650ab14fd8e4ddcc4ef92", "dbbfbd1923e3fa44a0c0df81a24c52c87dff0a02de9b27f40782cc0e5fb622d3", "e32ceee1ee02c1a188e37107116aa9e5ce43ef9470475d6d385481a0aa1d4939", "efa928f9aad2277f8f57dbbd55b794662d812b34eceb212a42b5dcaed1d09bd7"], "key": "<HKCU>\\SOFTWARE\\A98230FC57000FFB40A201C3AAB2A245", "value_name": "[kl]"}]}, "reports_count": 21}, "Win.Trojan.Chthonic-7770498-0": {"bis": [{"bi": "memory-execute-readwrite", "hashes": ["934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055", "T1181"]}, {"bi": "modified-executable", "hashes": ["934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3"], "mitre_attack_tags": []}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3"], "mitre_attack_tags": []}, {"bi": "cta-static-analyzer-malicious", "hashes": ["934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3"], "mitre_attack_tags": []}, {"bi": "network-file-uploaded", "hashes": ["934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3"], "mitre_attack_tags": ["TA0010", "T1011"]}, {"bi": "nginx-webserver-detected", "hashes": ["934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3"], "mitre_attack_tags": []}, {"bi": "network-fast-flux-domain", "hashes": ["934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3"], "mitre_attack_tags": []}, {"bi": "network-communications-http-post", "hashes": ["934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3"], "mitre_attack_tags": ["TA0011", "TA0010", "T1048"]}, {"bi": "dns-query-nxdomain", "hashes": ["934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3"], "mitre_attack_tags": []}, {"bi": "netbios-query", "hashes": ["934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3"], "mitre_attack_tags": []}, {"bi": "dns-excessive-domain-queries", "hashes": ["934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3"], "mitre_attack_tags": ["TA0011", "T1008"]}, {"bi": "network-only-safe-domains-contacted", "hashes": ["934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3"], "mitre_attack_tags": []}, {"bi": "feed-domain-rat", "hashes": ["934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3"], "mitre_attack_tags": []}, {"bi": "feed-domain-banking", "hashes": ["934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3"], "mitre_attack_tags": []}, {"bi": "feed-domain-antivirus-service", "hashes": ["934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3"], "mitre_attack_tags": []}, {"bi": "http-response-client-error", "hashes": ["934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3"], "mitre_attack_tags": []}, {"bi": "deleted-submitted-file", "hashes": ["934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3"], "mitre_attack_tags": ["TA0005", "T1107"]}, {"bi": "registry-autorun-key-modified", "hashes": ["934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3"], "mitre_attack_tags": ["TA0003", "T1060"]}, {"bi": "dns-public-server-contacted", "hashes": ["934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3"], "mitre_attack_tags": ["TA0011", "TA0005"]}, {"bi": "url-not-found", "hashes": ["934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3"], "mitre_attack_tags": []}, {"bi": "registry-hide-files", "hashes": ["934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3"], "mitre_attack_tags": ["TA0005", "T1158"]}, {"bi": "imports-IsDebuggerPresent", "hashes": ["934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3"], "mitre_attack_tags": []}, {"bi": "registry-autorun-key-modified-nt", "hashes": ["934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3"], "mitre_attack_tags": ["TA0003", "T1060"]}, {"bi": "registry-service-autostart-disabled", "hashes": ["934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3"], "mitre_attack_tags": ["TA0003", "T1112", "T1489", "T1058"]}, {"bi": "registry-disablesuac", "hashes": ["934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3"], "mitre_attack_tags": ["TA0005", "TA0002", "TA0004", "T1088", "T1089"]}, {"bi": "registry-action-center-disabled", "hashes": ["934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3"], "mitre_attack_tags": ["TA0005", "T1089"]}, {"bi": "malware-chthonic-rat-detected", "hashes": ["934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3"], "mitre_attack_tags": []}, {"bi": "network-fast-flux-nameserver", "hashes": ["934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3"], "mitre_attack_tags": []}, {"bi": "network-snort-protocol", "hashes": ["f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74"], "mitre_attack_tags": []}], "category": "Trojan", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": true, "Threat Grid": true, "Umbrella": false, "WSA": true}, "description": "Chthonic is a banking trojan derived from the Zeus family of banking malware. It is typically spread via phishing emails and attempts to steal sensitive information from an infected machine. Chthonic has also been observed downloading follow-on malware such as Azorult, another information stealer.", "hashes": ["0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74"], "iocs": {"domain": [{"hashes": ["0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74"], "host": "europe[.]pool[.]ntp[.]org"}, {"hashes": ["0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74"], "host": "outsphere[.]com"}, {"hashes": ["0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74"], "host": "benezramarketing[.]com"}, {"hashes": ["0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74"], "host": "karaokeboom[.]ru"}, {"hashes": ["0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74"], "host": "www[.]tangchenbeijianhealth[.]com"}, {"hashes": ["0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74"], "host": "baidishenko111[.]in"}, {"hashes": ["0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46"], "host": "www[.]update[.]microsoft[.]com[.]nsatc[.]net"}], "file": [{"hashes": ["0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74"], "path": "%ProgramData%\\msodtyzm.exe"}, {"hashes": ["0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74"], "path": "\\Documents and Settings\\All Users\\mslkrru.exe"}, {"hashes": ["934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c"], "path": "%ProgramData%\\1811953457"}, {"hashes": ["2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11"], "path": "%ProgramData%\\1832762024"}, {"hashes": ["26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864"], "path": "%ProgramData%\\1832752539"}, {"hashes": ["13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b"], "path": "%ProgramData%\\1832743507"}, {"hashes": ["0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10"], "path": "%ProgramData%\\1832753179"}, {"hashes": ["30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3"], "path": "%ProgramData%\\1832772929"}, {"hashes": ["8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac"], "path": "%ProgramData%\\1832809230"}, {"hashes": ["38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6"], "path": "%ProgramData%\\1832780807"}, {"hashes": ["5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d"], "path": "%ProgramData%\\1832779387"}, {"hashes": ["b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e"], "path": "%ProgramData%\\1832832708"}, {"hashes": ["677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4"], "path": "%ProgramData%\\1832796953"}, {"hashes": ["653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772"], "path": "%ProgramData%\\1832787406"}, {"hashes": ["ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96"], "path": "%ProgramData%\\1832815985"}, {"hashes": ["e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69"], "path": "%ProgramData%\\1832881349"}, {"hashes": ["ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214"], "path": "%ProgramData%\\1832879680"}, {"hashes": ["bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff"], "path": "%ProgramData%\\1832832786"}, {"hashes": ["bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2"], "path": "%ProgramData%\\1832842724"}, {"hashes": ["ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7"], "path": "%ProgramData%\\1832888026"}, {"hashes": ["cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069"], "path": "%ProgramData%\\1832871334"}, {"hashes": ["c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170"], "path": "%ProgramData%\\1832853191"}, {"hashes": ["f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46"], "path": "%ProgramData%\\1832897823"}, {"hashes": ["f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74"], "path": "%ProgramData%\\1832914968"}], "ip": [{"hashes": ["0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74"], "ip": "184[.]105[.]192[.]2"}, {"hashes": ["0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74"], "ip": "23[.]236[.]62[.]147"}, {"hashes": ["0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74"], "ip": "40[.]112[.]72[.]205"}, {"hashes": ["0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74"], "ip": "104[.]215[.]148[.]63"}, {"hashes": ["2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46"], "ip": "40[.]113[.]200[.]201"}, {"hashes": ["0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74"], "ip": "40[.]76[.]4[.]15"}, {"hashes": ["5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069"], "ip": "40[.]91[.]124[.]111"}, {"hashes": ["ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7"], "ip": "193[.]30[.]35[.]11"}, {"hashes": ["0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e"], "ip": "147[.]156[.]7[.]26"}, {"hashes": ["30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6"], "ip": "129[.]70[.]132[.]37"}, {"hashes": ["cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214"], "ip": "144[.]76[.]96[.]7"}, {"hashes": ["f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46"], "ip": "20[.]45[.]1[.]107"}, {"hashes": ["13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b"], "ip": "40[.]90[.]247[.]210"}, {"hashes": ["8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac"], "ip": "185[.]122[.]238[.]196"}, {"hashes": ["2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11"], "ip": "130[.]208[.]87[.]149"}, {"hashes": ["bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff"], "ip": "213[.]5[.]39[.]34"}, {"hashes": ["934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c"], "ip": "37[.]187[.]5[.]167"}, {"hashes": ["26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864"], "ip": "176[.]9[.]102[.]215"}, {"hashes": ["13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b"], "ip": "212[.]92[.]16[.]193"}, {"hashes": ["5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d"], "ip": "5[.]103[.]128[.]88"}, {"hashes": ["677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4"], "ip": "62[.]12[.]167[.]109"}, {"hashes": ["653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772"], "ip": "163[.]172[.]61[.]210"}, {"hashes": ["e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69"], "ip": "131[.]188[.]3[.]222"}, {"hashes": ["bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2"], "ip": "37[.]187[.]20[.]28"}, {"hashes": ["c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170"], "ip": "185[.]209[.]85[.]222"}, {"hashes": ["f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46"], "ip": "89[.]221[.]214[.]130"}, {"hashes": ["f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74"], "ip": "185[.]120[.]34[.]123"}], "mutex": [], "registry": [{"hashes": ["0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\EXPLORER\\ADVANCED", "value_name": "Hidden"}, {"hashes": ["0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\POLICIES\\SYSTEM", "value_name": "EnableLUA"}, {"hashes": ["0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\WSCSVC", "value_name": "Start"}, {"hashes": ["0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\WINDEFEND", "value_name": "Start"}, {"hashes": ["0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\EXPLORER\\ADVANCED", "value_name": "ShowSuperHidden"}, {"hashes": ["0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\MPSSVC", "value_name": "Start"}, {"hashes": ["0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\POLICIES\\EXPLORER", "value_name": "HideSCAHealth"}, {"hashes": ["0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\POLICIES\\EXPLORER", "value_name": "HideSCAHealth"}, {"hashes": ["0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74"], "key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\WUAUSERV", "value_name": "Start"}, {"hashes": ["0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\POLICIES\\EXPLORER", "value_name": "TaskbarNoNotification"}, {"hashes": ["0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\POLICIES\\EXPLORER", "value_name": "TaskbarNoNotification"}, {"hashes": ["0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS", "value_name": "Load"}, {"hashes": ["0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74"], "key": "<HKCU>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "1081297374"}, {"hashes": ["0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\POLICIES\\EXPLORER\\RUN", "value_name": "1081297374"}, {"hashes": ["0ccd01f62801d741d387ec9ed02b95068749f57375cf7158e146112756843d10", "13d37bb9f02c836f805b90d4a53b3b1db97b5b919f3e26d72d12736e58c07b4b", "26c8e12b8970ff4e7af0678c975f56220affe4ac4a0d04d9d90eae12aa731864", "2f66ded6ef7996170c47e2a5caa56f2d95fd827ffbbe51779813d37ff5576a11", "30c6ce7fd9c4989e13aebc38740cf99adb7676944af141c599aba8de10c2a2f3", "38a5a5891670c4d8ac5c4f74bc4634ea192ab74b573e799e884d5226340c34f6", "5c5bb52a1b400926943e391b0b86089bdef44dcb9f472d444d9891daebe5ec0d", "653b05bfdd2699bdc31a143f6497bc48da8b4158942d46c0ad24c570a7740772", "677bfc6bc34007326eacc1917194a57c60cd02573419fc6ca4d3955aed307ed4", "8306e22d5c6dee5ab07455cc53ff595e5b2b6d9564f70fc5f649fad1480955ac", "934a0f75e8d9f66d25087f067927c5dfb9cdbc860acce2320932b3ea6e54883c", "ac4b05b77f030f730cb7101e30a2b4ca86851007202ca05f41775c5a4324ed96", "b97f98a6a63ecd9a9ef954ea60554e6f4f2b5cf93639ec57573951a17251eb9e", "bb089100d669bb3d3c40450edc2102b9d28699063f3701cfd3fa5f728152bdff", "bf80b6a0cffb01ff4bdb38c0da69d9a107dbf1ca792ed89a80b090e07e8011a2", "c905892b7da3602f5e76c79f332d6eeeeafe86156ac95c00420a3d5706c99170", "cd017ddd49ee62be83c1746798e563ef1457a699c529cfa5b9263d9436c40069", "e3ca32338016576492e9355b0fa8713ce743a89d1c97c53087dd9e0f6e7a5c69", "ebcff0b451de2bdd8a5b10f2401b4b7f778dd11d16b7c5b86da53ee01dba3214", "ee74f9d992cfc53869afc70436c0a8a4f23fed17c58fa72d4afb2020534078e7", "f37dabe603a26656be570a5fd128ab27acf0d78e2471556fcc829a979e3e7f46", "f8251982a9bf3ebac894ec96481ce2a727528df6b7b83d55a1efa9d53f3cfb74"], "key": "<HKLM>\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\POLICIES\\EXPLORER\\RUN", "value_name": null}]}, "reports_count": 22}, "exprev": {}, "info": {"origin": "Cisco Talos Intelligence Group", "publication_date": "2020-05-15T12:09:38+00:00", "version": "2.1", "warning": "As a reminder, the information provided for the following threatsin this post is non-exhaustive and current as of the date ofpublication. Additionally, please keep in mind that IOC searchingis only one part of threat hunting. Spotting a single IOC does notnecessarily indicate maliciousness. Detection and coverage for thefollowing threats is subject to updates, pending additional threator vulnerability analysis. For the most current information, pleaserefer to your Firepower Management Center, Snort.org, or ClamAV.net."}, "signatures": ["Win.Packed.njRAT-7782285-1", "Win.Malware.7ev3n-7779525-1", "Win.Dropper.Remcos-7771461-0", "Win.Dropper.Ursnif-7772130-0", "Win.Dropper.Cerber-7777966-0", "Win.Dropper.Qakbot-7784291-0", "Win.Dropper.NetWire-7780725-0", "Win.Trojan.Chthonic-7770498-0", "Win.Packed.ZeroAccess-7770509-0"]}