{"Doc.Malware.Emotet-9772039-0": {"bis": [{"bi": "antivirus-flagged-artifact", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": []}, {"bi": "memory-execute-readwrite", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055", "T1181"]}, {"bi": "modified-executable", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": []}, {"bi": "created-executable-in-user-dir", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": []}, {"bi": "modified-file-in-user-dir", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": []}, {"bi": "pe-invalid-checksum", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": []}, {"bi": "document-contains-vbforms", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": []}, {"bi": "document-single-page", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": []}, {"bi": "network-opendns-malicious", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": []}, {"bi": "wmi-process-create", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": ["TA0005", "TA0002", "T1218", "T1047"]}, {"bi": "powershell-encoded-buffer", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": ["TA0005", "TA0002", "T1086", "T1202"]}, {"bi": "registry-powershell-ras-dll-loaded", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": ["TA0011", "T1086"]}, {"bi": "document-direct-ip-traffic", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": ["TA0011", "TA0005"]}, {"bi": "network-snort-policy", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": []}, {"bi": "document-exe-dropped", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": ["TA0002", "T1173"]}, {"bi": "nginx-webserver-detected", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": []}, {"bi": "process-long-cmdline", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "network-http-numeric-ip", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": ["TA0011", "TA0005", "T1071"]}, {"bi": "malware-emotet-file-drop", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": []}, {"bi": "document-launch-powershell", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": ["TA0005", "T1202"]}, {"bi": "document-network-traffic", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": ["TA0011"]}, {"bi": "network-communications-http-post", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": ["TA0011", "TA0010", "T1048"]}, {"bi": "powershell-encoded-obfuscated-cmdline", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": []}, {"bi": "powershell-remote-code-execution", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": ["TA0011", "T1086"]}, {"bi": "document-wmi-process-create", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": ["TA0005", "T1218"]}, {"bi": "network-dns-doc-network-traffic", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": []}, {"bi": "feed-domain-document-network-traffic", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": []}, {"bi": "network-communications-http-get", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": ["TA0011", "TA0010", "T1105", "T1043"]}, {"bi": "hook-installed", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": ["TA0006", "TA0003", "TA0004", "T1056", "T1179"]}, {"bi": "windows-utility-downloaded-artifact", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": ["TA0011", "T1105"]}, {"bi": "url-forced-download-prompt", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": ["TA0005", "T1105"]}, {"bi": "network-downloaded-executable", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": ["TA0011", "T1105"]}, {"bi": "network-snort-file-exe", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": []}, {"bi": "network-dns-download-executable", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": []}, {"bi": "network-dns-malicious-snort", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": ["TA0011"]}, {"bi": "network-file-downloaded-to-disk", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": []}, {"bi": "malware-document-av", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": []}, {"bi": "network-downloaded-executed-from", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": ["TA0011", "T1105"]}, {"bi": "deleted-executable-in-system-dir", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": []}, {"bi": "imports-IsDebuggerPresent", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": []}, {"bi": "document-contains-high-wordcount", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": ["TA0005"]}, {"bi": "registry-service-with-autostart-created", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": ["TA0003", "T1112", "T1058"]}, {"bi": "currentcontrolset-service-added", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": ["TA0002", "TA0003", "T1035", "T1060"]}, {"bi": "network-downloaded-executable-service", "hashes": ["7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "mitre_attack_tags": []}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d"], "mitre_attack_tags": []}], "category": "Malware", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": true, "Threat Grid": true, "Umbrella": true, "WSA": true}, "description": "Emotet is one of the most widely distributed and active malware families today. It is a highly modular threat that can deliver a wide variety of payloads. Emotet is commonly delivered via Microsoft Office documents with macros, sent as attachments on malicious emails.", "hashes": ["0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2", "e21603dbeb2669c9052bb6b6059d96ebfc14b2bc0d2d006b355085875cddb6a4", "e454d7eb79e875caec8dc71e1648ed52d498223f5ac65a3b1961d2484b59a529", "e6487e2efc67722739c8d3308c8840f4893fb53863b90beadc551cfa30b3d51e"], "iocs": {"domain": [{"hashes": ["0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2"], "host": "reklamdasiniz[.]com"}, {"hashes": ["0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd"], "host": "e13678[.]dspb[.]akamaiedge[.]net"}], "file": [{"hashes": ["0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2"], "path": "%HOMEPATH%\\Kvo990W"}, {"hashes": ["0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2"], "path": "%HOMEPATH%\\Kvo990W\\yhW0S8e"}, {"hashes": ["0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2"], "path": "%HOMEPATH%\\Kvo990w\\Yhw0s8e\\N4kqup.exe"}, {"hashes": ["0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9"], "path": "%SystemRoot%\\SysWOW64\\"}, {"hashes": ["a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e"], "path": "%SystemRoot%\\SysWOW64\\kbd101"}, {"hashes": ["206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88"], "path": "%SystemRoot%\\SysWOW64\\Syncreg"}, {"hashes": ["1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce"], "path": "%SystemRoot%\\SysWOW64\\winsta"}, {"hashes": ["a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7"], "path": "%SystemRoot%\\SysWOW64\\dot3api"}, {"hashes": ["2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0"], "path": "%SystemRoot%\\SysWOW64\\dinput"}, {"hashes": ["b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346"], "path": "%SystemRoot%\\SysWOW64\\fthsvc"}, {"hashes": ["6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072"], "path": "%SystemRoot%\\SysWOW64\\dsquery"}, {"hashes": ["9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d"], "path": "%SystemRoot%\\SysWOW64\\npdeployJava1"}, {"hashes": ["dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2"], "path": "%SystemRoot%\\SysWOW64\\oleprn"}, {"hashes": ["758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1"], "path": "%SystemRoot%\\SysWOW64\\vpnikeapi"}, {"hashes": ["2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49"], "path": "%SystemRoot%\\SysWOW64\\dhcpcore6"}, {"hashes": ["4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd"], "path": "%SystemRoot%\\SysWOW64\\d3d8thk"}, {"hashes": ["762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7"], "path": "%SystemRoot%\\SysWOW64\\cmdl32"}, {"hashes": ["0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30"], "path": "%System32%\\APHostService\\wevtfwd.exe (copy)"}, {"hashes": ["b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126"], "path": "%SystemRoot%\\SysWOW64\\KBDLT"}, {"hashes": ["4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd"], "path": "%System32%\\els\\WMSPDMOE.exe (copy)"}, {"hashes": ["121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4"], "path": "%System32%\\Fondue\\WSClient.exe (copy)"}, {"hashes": ["5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed"], "path": "%SystemRoot%\\SysWOW64\\fdProxy"}, {"hashes": ["616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38"], "path": "%SystemRoot%\\SysWOW64\\unregmp2"}, {"hashes": ["2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc"], "path": "%System32%\\MsiCofire\\taskkill.exe (copy)"}, {"hashes": ["5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed"], "path": "%System32%\\Cortana.Persona\\PortableDeviceWiaCompat.exe (copy)"}], "ip": [{"hashes": ["0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2"], "ip": "91[.]227[.]6[.]25"}, {"hashes": ["0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2"], "ip": "82[.]76[.]111[.]249"}, {"hashes": ["0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2"], "ip": "202[.]22[.]141[.]45"}, {"hashes": ["0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2"], "ip": "37[.]187[.]161[.]206"}, {"hashes": ["0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2"], "ip": "202[.]29[.]239[.]162"}, {"hashes": ["0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2"], "ip": "80[.]87[.]201[.]221"}, {"hashes": ["0ea01c57af4d22f1d642786b3fe78a388596d5767f68a9b07cf27e8fd918fe30", "121ecb91f7826fd60085bb7714bfb8b5d105be4e4f668eec414de30e8cd270b4", "17b17925c3ee084d7e9fb525174f5b7d47a13877beb572de1dcf120b402ce8a4", "1c8aa4d000da009d0202d1bcc7f0599bfcca7851466553c73bc526d63ece26ce", "206999d227e0e50f4801c8401f3628dc56c8753feb40133d17983f9b3cdcfc88", "2933181c2f3b553d4293bed4db65fb3112542d4d0d84370d40402bb6f4153dc0", "2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "616f48f98250a6852000f85e5a053fc411470a3283bc35a09567c5458ed97f38", "68b775c77b26ff2bef9e30623e76ec0cc3128213aae2edf12a4e74597b992f75", "6a644949315e239f75d68341fcafa66bdba7d7d06c0caf8c9a52eae5a2e27072", "758cc00409af95532b76772f6578dfbc57079b4f4cfe18db983748e2bc71adc1", "762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7", "7e96d2ac54a4bcb0c8224ce5bb4949a1526c328162a88fb81ee85d50e6acffbe", "7f0cdca3765f3e20084311c71fe17ccd5ff74934aa53172d044dbc53ffc56bf7", "8db95976218242d3ab54392bd2e0df2a03ce965de61894e269d1d38676d51d10", "9762822ff4733ca51e04390ce36dc0db739af7f2e18bb4d10cef0defdbe794e9", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e", "a4f35491c2bb0141e74d5b72d0fad24c4c0263661baebb28b8eb06d14183efa7", "b0f9cbed98fe85679664b456ee034fd09af7c0652ea72eb28c1bc16d08923346", "b3abd74453332076f342cdffcf6eebd44704f41ffbbccb741dd8a2b53a1dd126", "dfee5a29ad34bfef0757f0fd0a68849a0d65fc1ce012fd1a0cdc0339015dfde2"], "ip": "216[.]47[.]196[.]104"}], "mutex": [], "registry": [{"hashes": ["2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\", "value_name": null}, {"hashes": ["2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\", "value_name": "Type"}, {"hashes": ["2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\", "value_name": "Start"}, {"hashes": ["2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\", "value_name": "ErrorControl"}, {"hashes": ["2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\", "value_name": "ImagePath"}, {"hashes": ["2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\", "value_name": "DisplayName"}, {"hashes": ["2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\", "value_name": "WOW64"}, {"hashes": ["2e0e591fded3770dfe0bf1d5d3dbdb04c8e66abe5ded5254d8116c2a18d7cb49", "2e8d279277d371edd72a5b60067aadd566b15fe259df41fbe7666ad9df4408bc", "4eb9021327cc94b31d089a88e3ad1be433ede04628958d0218bdcce6298b18fd", "5eece7ec830568a2194fbb5ebd83497febb679a42b9c38e7644649fff908baed", "9c6d95ee221c9de144628adf12d3396dc2cdebdd067c4a687e1f6ea770df525d", "a3022d8bff7c8b26e0a2d78cbff43d0fb7d41f954a0700000328da5849a0c48e"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\", "value_name": "ObjectName"}, {"hashes": ["762c95f652ae31bf2cf7677493c9d267621e38e4217964dceb302ec2865e9dc7"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\NLSLEXICONS004B", "value_name": "Description"}]}, "reports_count": 25}, "Win.Malware.Razy-9772501-0": {"bis": [{"bi": "memory-execute-readwrite", "hashes": ["c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "9974106900e2c53dbf813f5022139abe88ac57e01975939c59e7e1944bd14fd9"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055", "T1181"]}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "9974106900e2c53dbf813f5022139abe88ac57e01975939c59e7e1944bd14fd9"], "mitre_attack_tags": []}, {"bi": "modified-file-in-user-dir", "hashes": ["c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "9974106900e2c53dbf813f5022139abe88ac57e01975939c59e7e1944bd14fd9"], "mitre_attack_tags": []}, {"bi": "cta-static-analyzer-malicious", "hashes": ["c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "9974106900e2c53dbf813f5022139abe88ac57e01975939c59e7e1944bd14fd9"], "mitre_attack_tags": []}, {"bi": "artifact-flagged-anomaly", "hashes": ["c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "9974106900e2c53dbf813f5022139abe88ac57e01975939c59e7e1944bd14fd9"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "pe-uses-visual-basic", "hashes": ["c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "9974106900e2c53dbf813f5022139abe88ac57e01975939c59e7e1944bd14fd9"], "mitre_attack_tags": []}, {"bi": "modified-executable", "hashes": ["c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972"], "mitre_attack_tags": []}, {"bi": "created-executable-in-user-dir", "hashes": ["c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972"], "mitre_attack_tags": []}, {"bi": "nginx-webserver-detected", "hashes": ["c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972"], "mitre_attack_tags": []}, {"bi": "network-communications-http-get", "hashes": ["c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972"], "mitre_attack_tags": ["TA0011", "TA0010", "T1105", "T1043"]}, {"bi": "network-fast-flux-nameserver", "hashes": ["c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972"], "mitre_attack_tags": []}, {"bi": "network-only-safe-domains-contacted", "hashes": ["c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972"], "mitre_attack_tags": []}, {"bi": "feed-domain-antivirus-service", "hashes": ["c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972"], "mitre_attack_tags": []}, {"bi": "http-response-client-error", "hashes": ["c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972"], "mitre_attack_tags": []}, {"bi": "excessive-foreign-memory-modification", "hashes": ["c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972"], "mitre_attack_tags": ["TA0005", "T1055"]}, {"bi": "enumeration-browser-information", "hashes": ["c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972"], "mitre_attack_tags": ["TA0007", "TA0006", "TA0009", "T1083", "T1081", "T1005", "T1119", "T1217"]}, {"bi": "registry-autorun-key-modified", "hashes": ["c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972"], "mitre_attack_tags": ["TA0003", "T1060"]}, {"bi": "http-response-redirect", "hashes": ["c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972"], "mitre_attack_tags": []}, {"bi": "url-not-found", "hashes": ["c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972"], "mitre_attack_tags": []}, {"bi": "registry-disablesuac", "hashes": ["c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972"], "mitre_attack_tags": ["TA0005", "TA0002", "TA0004", "T1088", "T1089"]}, {"bi": "registry-large-data-entry", "hashes": ["c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972"], "mitre_attack_tags": ["TA0005", "T1112"]}, {"bi": "process-hollowing-detected", "hashes": ["c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972"], "mitre_attack_tags": ["TA0005", "T1093"]}, {"bi": "registry-autorun-key-temp-dir", "hashes": ["c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972"], "mitre_attack_tags": ["TA0003", "T1060"]}, {"bi": "audio-video-mutex-detected", "hashes": ["c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972"], "mitre_attack_tags": ["TA0009", "T1123", "T1125"]}, {"bi": "excessive-logical-drive-enumeration", "hashes": ["c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972"], "mitre_attack_tags": ["TA0007", "T1120", "T1025"]}, {"bi": "dns-query-nxdomain", "hashes": ["c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643"], "mitre_attack_tags": []}, {"bi": "pe-invalid-checksum", "hashes": ["9974106900e2c53dbf813f5022139abe88ac57e01975939c59e7e1944bd14fd9"], "mitre_attack_tags": []}, {"bi": "windows-crash-tool-execution-detected", "hashes": ["9974106900e2c53dbf813f5022139abe88ac57e01975939c59e7e1944bd14fd9"], "mitre_attack_tags": []}, {"bi": "crash-dump-file-created", "hashes": ["9974106900e2c53dbf813f5022139abe88ac57e01975939c59e7e1944bd14fd9"], "mitre_attack_tags": []}, {"bi": "fault-report-file-created", "hashes": ["9974106900e2c53dbf813f5022139abe88ac57e01975939c59e7e1944bd14fd9"], "mitre_attack_tags": []}], "category": "Malware", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": true, "Threat Grid": true, "Umbrella": false, "WSA": false}, "description": "Razy is oftentimes a generic detection name for a Windows trojan. It collects sensitive information from the infected host and encrypts the data, and sends it to a command and control (C2) server. Information collected might include screenshots. The samples modify auto-execute functionality by setting and creating a value in the registry for persistence.", "hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "9974106900e2c53dbf813f5022139abe88ac57e01975939c59e7e1944bd14fd9", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "iocs": {"domain": [{"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "host": "faserinstitut[.]com"}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "host": "jheus[.]websites[.]xs4all[.]nl"}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "host": "schule[.]csz-server[.]de"}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "host": "nopest[.]com[.]au"}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "host": "www[.]litespeedtech[.]com"}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "host": "www[.]jerrysbigworld[.]com"}, {"hashes": ["4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1"], "host": "a1670[.]g2[.]akamai[.]net"}], "file": [{"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "9974106900e2c53dbf813f5022139abe88ac57e01975939c59e7e1944bd14fd9", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "path": "%TEMP%\\m.avi"}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "9974106900e2c53dbf813f5022139abe88ac57e01975939c59e7e1944bd14fd9", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "path": "%TEMP%\\msnix32.exe"}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "path": "%TEMP%\\wmsetup.log"}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "path": "%SystemRoot%\\ServiceProfiles\\LocalService\\AppData\\Roaming\\Microsoft\\UPnP Device Host\\upnphost\\udhisapi.dll"}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "9974106900e2c53dbf813f5022139abe88ac57e01975939c59e7e1944bd14fd9", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "path": "%SystemRoot%\\SERVIC~2\\Local Settings\\AppData\\Local\\Temp\\MpCmdRun.log"}], "ip": [{"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "ip": "239[.]255[.]255[.]250"}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "ip": "85[.]13[.]133[.]99"}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "ip": "134[.]102[.]40[.]177"}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "ip": "103[.]9[.]171[.]241"}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "ip": "72[.]22[.]185[.]206"}, {"hashes": ["11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643"], "ip": "72[.]22[.]185[.]198"}, {"hashes": ["bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21"], "ip": "204[.]79[.]197[.]200"}, {"hashes": ["4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1"], "ip": "23[.]219[.]88[.]98"}, {"hashes": ["4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1"], "ip": "85[.]13[.]134[.]194"}], "mutex": [{"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "name": "WMSetup10RTM-UI"}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "name": "sduj3g"}, {"hashes": ["4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1"], "name": "Microsoft_WMP_70_CheckForOtherInstanceMutex"}, {"hashes": ["9974106900e2c53dbf813f5022139abe88ac57e01975939c59e7e1944bd14fd9"], "name": "Global\\85551e81-05f3-11eb-887e-00501e3ae7b6"}], "registry": [{"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "9974106900e2c53dbf813f5022139abe88ac57e01975939c59e7e1944bd14fd9", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "key": "\\SOFTWARE\\MICROSOFT\\MSFONTSX", "value_name": null}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "key": "\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\POLICIES\\SYSTEM", "value_name": "EnableLUA"}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "key": "\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\SECURITY CENTER", "value_name": "UACDisableNotify"}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "key": "\\SYSTEM\\CONTROLSET001\\ENUM\\PCI\\VEN_8086&DEV_100E&SUBSYS_11001AF4&REV_03\\3&2411E6FE&2&10", "value_name": "CustomPropertyHwIdKey"}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "key": "\\SYSTEM\\CONTROLSET001\\ENUM\\ACPI\\PNP0A08\\1", "value_name": "CustomPropertyHwIdKey"}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "key": "\\SYSTEM\\CONTROLSET001\\ENUM\\ACPI_HAL\\PNP0C08\\0", "value_name": "CustomPropertyHwIdKey"}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "key": "\\SYSTEM\\CONTROLSET001\\ENUM\\ROOT\\ACPI_HAL\\0000", "value_name": "CustomPropertyHwIdKey"}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "key": "\\SYSTEM\\CONTROLSET001\\ENUM\\HTREE\\ROOT\\0", "value_name": "CustomPropertyHwIdKey"}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "key": "\\SYSTEM\\CONTROLSET001\\ENUM\\ROOT\\*ISATAP\\0000", "value_name": "CustomPropertyHwIdKey"}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "key": "\\SYSTEM\\CONTROLSET001\\ENUM\\ROOT\\*TEREDO\\0000", "value_name": "CustomPropertyHwIdKey"}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "key": "\\SYSTEM\\CONTROLSET001\\ENUM\\ROOT\\MS_AGILEVPNMINIPORT\\0000", "value_name": "CustomPropertyHwIdKey"}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "key": "\\SYSTEM\\CONTROLSET001\\ENUM\\ROOT\\MS_L2TPMINIPORT\\0000", "value_name": "CustomPropertyHwIdKey"}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "key": "\\SYSTEM\\CONTROLSET001\\ENUM\\ROOT\\MS_NDISWANBH\\0000", "value_name": "CustomPropertyHwIdKey"}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "key": "\\SYSTEM\\CONTROLSET001\\ENUM\\ROOT\\MS_NDISWANIP\\0000", "value_name": "CustomPropertyHwIdKey"}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "key": "\\SYSTEM\\CONTROLSET001\\ENUM\\ROOT\\MS_NDISWANIPV6\\0000", "value_name": "CustomPropertyHwIdKey"}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "key": "\\SYSTEM\\CONTROLSET001\\ENUM\\ROOT\\MS_PPPOEMINIPORT\\0000", "value_name": "CustomPropertyHwIdKey"}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "key": "\\SYSTEM\\CONTROLSET001\\ENUM\\ROOT\\MS_PPTPMINIPORT\\0000", "value_name": "CustomPropertyHwIdKey"}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "key": "\\SYSTEM\\CONTROLSET001\\ENUM\\ROOT\\MS_SSTPMINIPORT\\0000", "value_name": "CustomPropertyHwIdKey"}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "key": "\\SYSTEM\\CONTROLSET001\\ENUM\\ROOT\\SYSTEM\\0000", "value_name": "CustomPropertyHwIdKey"}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "key": "\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\MEDIAPLAYER\\SETUP", "value_name": "Progress_MaxDialog"}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "key": "\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\MEDIAPLAYER\\SETUP", "value_name": "Progress_CurrentInstall"}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "key": "\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\MEDIAPLAYER\\SETUP", "value_name": "Progress_MaxInstall"}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "key": "\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\MEDIAPLAYER\\SETUP", "value_name": "Progress_CurrentDialog"}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "key": "\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\MEDIAPLAYER\\SERVICES", "value_name": "NoServices"}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "key": "\\SOFTWARE\\MICROSOFT\\UPNP DEVICE HOST\\HTTP SERVER\\VROOTS\\/UPNPHOST", "value_name": ""}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "key": "\\SOFTWARE\\MICROSOFT\\UPNP DEVICE HOST\\DESCRIPTION\\{97F619D7-4ED9-4517-97E9-3030E0E27732}\\UDN MAPPINGS\\UUID:EA2E2AFC-D1A2-4193-89CF-A9457AA5F489", "value_name": ""}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "key": "\\SOFTWARE\\MICROSOFT\\MEDIAPLAYER\\HEALTH\\{AB8B0441-0B85-4DC0-A8D4-47EBF71963F1}", "value_name": null}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "key": "\\SOFTWARE\\MICROSOFT\\MEDIAPLAYER\\PREFERENCES\\VIDEOSETTINGS", "value_name": null}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "key": "\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "MS Fonts"}, {"hashes": ["03b660882f75d0504b55c91ebe9d83290418cbddf61c0ce251dbb443081cbce4", "11fdec8a5e58816217d676a5d71b19fdf3644f82612a58cf895fe384ce29f897", "133d0442f0bd29752738989fa0646b80cac655a9c157556a59475c4015789a2d", "162584c1e00acfc33b1445bb67df51d8db8557742725eaa2507c65debe48ebdd", "2502a658291b8903f8dab1f5e0f674f834777e54005127203b0c1744c810320a", "2ef3de98ca0deeea109069ab951cc67ff15041b7643822a781ea7dc39652018b", "3015d663ede4ee9286c0910b29fa2d4bb9c231860b802bd27a06b0db70815d32", "4945a26a11d3fe9bd8db594f9f5800c0e4b2077939781a03ad4554fc29cc14e1", "4eae82cb707cf4d0d22aadb4d31b93ee2a6170214e8294460da47ecfda35e448", "5139b348a16e8d51e57a4776bb850bffd5d0107be2923a444fa3ed22c9082972", "558a7c0327ae7a2d5923830ad30d3a2e47e0176e6e23862b6d5852e56faf1678", "569dab99f8cf61c38b695f10e12c85c051867065ac645624bfaf09a26a534d65", "594d67e75abca313197cafd1e98643945809078c7f4c933fb189a03f1bc71ef7", "5faa0e4ef3e6fb4e583ae4948e6b81bd5532bf500e2b3a86edd9df5c7e74d019", "75062294d9fbe06f10099f867ab4d1439e10dc54c678049f782b58755782f0f4", "79fe814d6595fd4d900ff70a1dae8e191d6822d4bbcc619ab8a68111b719b643", "8da3fc23fa6983212d1aa98e14dc5196169a398e8a2c5d9377431bf26ff8ac42", "924af7e4910f74452e5166b89b3062f16fcce72eaeef9408b3a930c847100eb5", "aa779e1137b1f3f0448dbd5eeec3f5222a9092eea76d68b85defe0e1af7de1ea", "b7940778f91fb70e394ef3251b95e817c456f10d6a9b0e463088b033fde21297", "bf455b8e16515592dc6e019e87f1a2eda19fe46478acc871f44fed21d0762a21", "c5ad1651834bbccf09f02805b8ab6587a7df3d1cd7845c4a0727d83ec2676643", "c5d955ee80ae8ec678c0aced278d7a5279d4e3678d0ef04b84748d20d40519af", "e275499c7fe644b71847dcd1aa8d82915f2c2d764e56d54de80928e0dae8cead"], "key": "\\SOFTWARE\\MICROSOFT\\MSFONTSX", "value_name": "uid"}, {"hashes": ["9974106900e2c53dbf813f5022139abe88ac57e01975939c59e7e1944bd14fd9"], "key": "\\SOFTWARE\\MICROSOFT\\WINDOWS\\WINDOWS ERROR REPORTING\\DEBUG", "value_name": "StoreLocation"}, {"hashes": ["9974106900e2c53dbf813f5022139abe88ac57e01975939c59e7e1944bd14fd9"], "key": "\\SOFTWARE\\MICROSOFT\\WINDOWS\\WINDOWS ERROR REPORTING\\DEBUG", "value_name": "StoreLocation"}]}, "reports_count": 25}, "Win.Malware.Ursnif-9770757-2": {"bis": [{"bi": "pe-encrypted-section", "hashes": ["b3571fdfb17151d7c362fd223d6dd7c2196413674e44478ae7c361b9976623d4", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "a3ee74e64db675e110826e277017e8547202ab2cc450bc76af94206adfecbabb", "ef015203c761eab82b0db940209a9c5602dca16883b116b5dc8da380f489f924", "4928a22b4ebfd6e3b0e9e7d7b1bf72ad48de3ac71fb60a9995c73c0b4458d12c", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a", "e98d4eb2956d82eb27be7f87c8a26a598810a736771a79d1ac84d205669a6ee6"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "memory-execute-readwrite", "hashes": ["b3571fdfb17151d7c362fd223d6dd7c2196413674e44478ae7c361b9976623d4", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "a3ee74e64db675e110826e277017e8547202ab2cc450bc76af94206adfecbabb", "ef015203c761eab82b0db940209a9c5602dca16883b116b5dc8da380f489f924", "4928a22b4ebfd6e3b0e9e7d7b1bf72ad48de3ac71fb60a9995c73c0b4458d12c", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a", "e98d4eb2956d82eb27be7f87c8a26a598810a736771a79d1ac84d205669a6ee6"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055", "T1181"]}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["b3571fdfb17151d7c362fd223d6dd7c2196413674e44478ae7c361b9976623d4", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "a3ee74e64db675e110826e277017e8547202ab2cc450bc76af94206adfecbabb", "ef015203c761eab82b0db940209a9c5602dca16883b116b5dc8da380f489f924", "4928a22b4ebfd6e3b0e9e7d7b1bf72ad48de3ac71fb60a9995c73c0b4458d12c", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a", "e98d4eb2956d82eb27be7f87c8a26a598810a736771a79d1ac84d205669a6ee6"], "mitre_attack_tags": []}, {"bi": "cta-static-analyzer-malicious", "hashes": ["b3571fdfb17151d7c362fd223d6dd7c2196413674e44478ae7c361b9976623d4", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "a3ee74e64db675e110826e277017e8547202ab2cc450bc76af94206adfecbabb", "ef015203c761eab82b0db940209a9c5602dca16883b116b5dc8da380f489f924", "4928a22b4ebfd6e3b0e9e7d7b1bf72ad48de3ac71fb60a9995c73c0b4458d12c", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a", "e98d4eb2956d82eb27be7f87c8a26a598810a736771a79d1ac84d205669a6ee6"], "mitre_attack_tags": []}, {"bi": "modified-executable", "hashes": ["b3571fdfb17151d7c362fd223d6dd7c2196413674e44478ae7c361b9976623d4", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "ef015203c761eab82b0db940209a9c5602dca16883b116b5dc8da380f489f924", "4928a22b4ebfd6e3b0e9e7d7b1bf72ad48de3ac71fb60a9995c73c0b4458d12c", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a"], "mitre_attack_tags": []}, {"bi": "created-executable-in-user-dir", "hashes": ["b3571fdfb17151d7c362fd223d6dd7c2196413674e44478ae7c361b9976623d4", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "ef015203c761eab82b0db940209a9c5602dca16883b116b5dc8da380f489f924", "4928a22b4ebfd6e3b0e9e7d7b1bf72ad48de3ac71fb60a9995c73c0b4458d12c", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a"], "mitre_attack_tags": []}, {"bi": "modified-file-in-user-dir", "hashes": ["b3571fdfb17151d7c362fd223d6dd7c2196413674e44478ae7c361b9976623d4", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "ef015203c761eab82b0db940209a9c5602dca16883b116b5dc8da380f489f924", "4928a22b4ebfd6e3b0e9e7d7b1bf72ad48de3ac71fb60a9995c73c0b4458d12c", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a"], "mitre_attack_tags": []}, {"bi": "process-long-cmdline", "hashes": ["b3571fdfb17151d7c362fd223d6dd7c2196413674e44478ae7c361b9976623d4", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "ef015203c761eab82b0db940209a9c5602dca16883b116b5dc8da380f489f924", "4928a22b4ebfd6e3b0e9e7d7b1bf72ad48de3ac71fb60a9995c73c0b4458d12c", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "registry-autorun-key-data-dir", "hashes": ["b3571fdfb17151d7c362fd223d6dd7c2196413674e44478ae7c361b9976623d4", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "ef015203c761eab82b0db940209a9c5602dca16883b116b5dc8da380f489f924", "4928a22b4ebfd6e3b0e9e7d7b1bf72ad48de3ac71fb60a9995c73c0b4458d12c", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a"], "mitre_attack_tags": ["TA0003", "T1060"]}, {"bi": "registry-autorun-key-modified", "hashes": ["b3571fdfb17151d7c362fd223d6dd7c2196413674e44478ae7c361b9976623d4", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "ef015203c761eab82b0db940209a9c5602dca16883b116b5dc8da380f489f924", "4928a22b4ebfd6e3b0e9e7d7b1bf72ad48de3ac71fb60a9995c73c0b4458d12c", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a"], "mitre_attack_tags": ["TA0003", "T1060"]}, {"bi": "cmd-exe-file-execution", "hashes": ["b3571fdfb17151d7c362fd223d6dd7c2196413674e44478ae7c361b9976623d4", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "ef015203c761eab82b0db940209a9c5602dca16883b116b5dc8da380f489f924", "4928a22b4ebfd6e3b0e9e7d7b1bf72ad48de3ac71fb60a9995c73c0b4458d12c", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a"], "mitre_attack_tags": ["TA0002", "T1059"]}, {"bi": "artifact-flagged-anomaly", "hashes": ["a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "network-snort-policy", "hashes": ["a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a"], "mitre_attack_tags": []}, {"bi": "nginx-webserver-detected", "hashes": ["a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a"], "mitre_attack_tags": []}, {"bi": "network-fast-flux-domain", "hashes": ["a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a"], "mitre_attack_tags": []}, {"bi": "network-communications-http-get", "hashes": ["a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a"], "mitre_attack_tags": ["TA0011", "TA0010", "T1105", "T1043"]}, {"bi": "network-dns-category-parked-domain", "hashes": ["a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a"], "mitre_attack_tags": []}, {"bi": "http-response-client-error", "hashes": ["a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a"], "mitre_attack_tags": []}, {"bi": "excessive-foreign-memory-modification", "hashes": ["a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a"], "mitre_attack_tags": ["TA0005", "T1055"]}, {"bi": "enumeration-browser-information", "hashes": ["a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a"], "mitre_attack_tags": ["TA0007", "TA0006", "TA0009", "T1083", "T1081", "T1005", "T1119", "T1217"]}, {"bi": "process-svchost-suspicious-launch", "hashes": ["a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a"], "mitre_attack_tags": ["TA0005"]}, {"bi": "files-deleted-used-batch", "hashes": ["a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a"], "mitre_attack_tags": ["TA0005", "T1107"]}, {"bi": "http-response-redirect", "hashes": ["a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a"], "mitre_attack_tags": []}, {"bi": "malware-compound-cta-activity", "hashes": ["a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a"], "mitre_attack_tags": []}, {"bi": "network-explorer-process", "hashes": ["a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a"], "mitre_attack_tags": ["TA0011", "TA0005", "T1055"]}, {"bi": "firefox-prefs-modified", "hashes": ["a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a"], "mitre_attack_tags": ["TA0009"]}, {"bi": "malware-ursnif-detected", "hashes": ["a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a"], "mitre_attack_tags": []}, {"bi": "html-small-file-redirect", "hashes": ["a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a"], "mitre_attack_tags": []}, {"bi": "network-opendns-malicious", "hashes": ["a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68"], "mitre_attack_tags": []}, {"bi": "dns-query-nxdomain", "hashes": ["a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68"], "mitre_attack_tags": []}, {"bi": "netbios-query", "hashes": ["a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68"], "mitre_attack_tags": []}, {"bi": "feed-domain-banking", "hashes": ["a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68"], "mitre_attack_tags": []}, {"bi": "feed-domain-antivirus-service", "hashes": ["a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68"], "mitre_attack_tags": []}, {"bi": "network-dns-category-cnc", "hashes": ["a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68"], "mitre_attack_tags": ["TA0011"]}, {"bi": "script-contains-url", "hashes": ["a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a"], "mitre_attack_tags": []}, {"bi": "network-fast-flux-nameserver", "hashes": ["a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb"], "mitre_attack_tags": []}, {"bi": "public-ip-address-identification-attempt", "hashes": ["a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68"], "mitre_attack_tags": ["TA0007", "T1082", "T1016"]}, {"bi": "feed-public-ip-check-dns", "hashes": ["a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68"], "mitre_attack_tags": []}, {"bi": "registry-autorun-suspicious-public-ip", "hashes": ["a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68"], "mitre_attack_tags": []}, {"bi": "dns-public-server-contacted", "hashes": ["a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68"], "mitre_attack_tags": ["TA0011", "TA0005"]}, {"bi": "network-dns-safe-categories", "hashes": ["a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68"], "mitre_attack_tags": []}, {"bi": "windows-util-nslookup", "hashes": ["a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68"], "mitre_attack_tags": ["TA0007", "T1046"]}, {"bi": "enumeration-email-program-information", "hashes": ["a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68"], "mitre_attack_tags": ["TA0007", "TA0006", "TA0009", "T1083", "T1081", "T1005", "T1119", "T1114"]}, {"bi": "files-created-batch", "hashes": ["ef015203c761eab82b0db940209a9c5602dca16883b116b5dc8da380f489f924", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1"], "mitre_attack_tags": ["TA0002", "T1064"]}], "category": "Malware", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": true, "Threat Grid": true, "Umbrella": true, "WSA": true}, "description": "Ursnif is used to steal sensitive information from an infected host and can also act as a malware downloader. It is commonly spread through malicious emails or exploit kits.", "hashes": ["2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "4928a22b4ebfd6e3b0e9e7d7b1bf72ad48de3ac71fb60a9995c73c0b4458d12c", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "a3ee74e64db675e110826e277017e8547202ab2cc450bc76af94206adfecbabb", "b3571fdfb17151d7c362fd223d6dd7c2196413674e44478ae7c361b9976623d4", "e98d4eb2956d82eb27be7f87c8a26a598810a736771a79d1ac84d205669a6ee6", "ef015203c761eab82b0db940209a9c5602dca16883b116b5dc8da380f489f924", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1"], "iocs": {"domain": [{"hashes": ["2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1"], "host": "schema[.]org"}, {"hashes": ["2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1"], "host": "api[.]w[.]org"}, {"hashes": ["2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1"], "host": "gmpg[.]org"}, {"hashes": ["2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1"], "host": "maxcdn[.]bootstrapcdn[.]com"}, {"hashes": ["2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1"], "host": "ogp[.]me"}, {"hashes": ["2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1"], "host": "themeisle[.]com"}, {"hashes": ["2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1"], "host": "www[.]addthis[.]com"}, {"hashes": ["2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1"], "host": "atomi[.]org"}, {"hashes": ["2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1"], "host": "www[.]capoverso[.]info"}, {"hashes": ["2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1"], "host": "capoverso[.]info"}, {"hashes": ["2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1"], "host": "smashballoon[.]com"}, {"hashes": ["2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1"], "host": "www[.]azzurrabiagi[.]com"}, {"hashes": ["31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1"], "host": "cyberplay[.]at"}, {"hashes": ["31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3"], "host": "resolver1[.]opendns[.]com"}, {"hashes": ["31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3"], "host": "222[.]222[.]67[.]208[.]in-addr[.]arpa"}, {"hashes": ["31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3"], "host": "myip[.]opendns[.]com"}, {"hashes": ["31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3"], "host": "deepmoler[.]at"}, {"hashes": ["f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1"], "host": "cds[.]d2s7q6s2[.]hwcdn[.]net"}, {"hashes": ["f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1"], "host": "ctldl[.]windowsupdate[.]com"}], "file": [{"hashes": ["2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "4928a22b4ebfd6e3b0e9e7d7b1bf72ad48de3ac71fb60a9995c73c0b4458d12c", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "b3571fdfb17151d7c362fd223d6dd7c2196413674e44478ae7c361b9976623d4", "ef015203c761eab82b0db940209a9c5602dca16883b116b5dc8da380f489f924", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1"], "path": "%APPDATA%\\Microsoft\\Cicprov"}, {"hashes": ["2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "4928a22b4ebfd6e3b0e9e7d7b1bf72ad48de3ac71fb60a9995c73c0b4458d12c", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "b3571fdfb17151d7c362fd223d6dd7c2196413674e44478ae7c361b9976623d4", "ef015203c761eab82b0db940209a9c5602dca16883b116b5dc8da380f489f924", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1"], "path": "%APPDATA%\\Microsoft\\Cicprov\\api-draw.exe"}, {"hashes": ["2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "4928a22b4ebfd6e3b0e9e7d7b1bf72ad48de3ac71fb60a9995c73c0b4458d12c", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "b3571fdfb17151d7c362fd223d6dd7c2196413674e44478ae7c361b9976623d4", "ef015203c761eab82b0db940209a9c5602dca16883b116b5dc8da380f489f924", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1"], "path": "%TEMP%\\"}, {"hashes": ["2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "4928a22b4ebfd6e3b0e9e7d7b1bf72ad48de3ac71fb60a9995c73c0b4458d12c", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "b3571fdfb17151d7c362fd223d6dd7c2196413674e44478ae7c361b9976623d4", "ef015203c761eab82b0db940209a9c5602dca16883b116b5dc8da380f489f924", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1"], "path": "%TEMP%\\.bat"}, {"hashes": ["2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1"], "path": "%APPDATA%\\Mozilla\\Firefox\\Profiles\\.default\\prefs.js"}, {"hashes": ["31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3"], "path": "\\{5D9E0C27-180C-9720-0AE1-CCBBDEA5C01F}"}, {"hashes": ["4928a22b4ebfd6e3b0e9e7d7b1bf72ad48de3ac71fb60a9995c73c0b4458d12c"], "path": "%TEMP%\\EFE8\\F7F4.tmp"}, {"hashes": ["740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68"], "path": "%TEMP%\\2C5C\\162E.tmp"}, {"hashes": ["740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68"], "path": "%TEMP%\\B897.bi1"}, {"hashes": ["8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb"], "path": "%TEMP%\\5EF0\\2F78.tmp"}, {"hashes": ["8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb"], "path": "%TEMP%\\C515.bi1"}, {"hashes": ["31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e"], "path": "%TEMP%\\CAAC\\6556.tmp"}, {"hashes": ["a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3"], "path": "%TEMP%\\E0A0.bi1"}, {"hashes": ["a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3"], "path": "%TEMP%\\D844\\EC22.tmp"}, {"hashes": ["31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e"], "path": "%TEMP%\\F883.bi1"}, {"hashes": ["f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1"], "path": "%TEMP%\\9442\\CA21.tmp"}], "ip": [{"hashes": ["2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1"], "ip": "62[.]149[.]142[.]160"}, {"hashes": ["2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1"], "ip": "62[.]149[.]142[.]166"}, {"hashes": ["31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3"], "ip": "208[.]67[.]222[.]222"}, {"hashes": ["740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1"], "ip": "3[.]18[.]65[.]24"}, {"hashes": ["2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3"], "ip": "3[.]18[.]25[.]61"}, {"hashes": ["740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68"], "ip": "204[.]79[.]197[.]200"}, {"hashes": ["f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1"], "ip": "205[.]185[.]216[.]10"}], "mutex": [{"hashes": ["2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1"], "name": "Local\\{31F7CC8D-DC06-8BF4-6EF5-D0EF82F90493}"}, {"hashes": ["2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1"], "name": "Local\\{73A713E4-3646-1D08-D857-CAA18C7B9E65}"}, {"hashes": ["2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1"], "name": "Local\\{C955B29C-9464-E306-E60D-08C77A91BCEB}"}, {"hashes": ["2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1"], "name": "{3686B563-1D48-D82A-57CA-A18C7B9E6580}"}, {"hashes": ["31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3"], "name": "{3273ED2E-E9B8-342D-0386-2DA8E71AB15C}"}, {"hashes": ["2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1"], "name": "{722ADF9A-2987-7426-43C6-6DE8275AF19C}"}, {"hashes": ["4928a22b4ebfd6e3b0e9e7d7b1bf72ad48de3ac71fb60a9995c73c0b4458d12c"], "name": "setaajmytymsgnewe"}, {"hashes": ["8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb"], "name": "{4E42D13C-5565-B0F6-4F62-59E4F3B69D58}"}], "registry": [{"hashes": ["2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "4928a22b4ebfd6e3b0e9e7d7b1bf72ad48de3ac71fb60a9995c73c0b4458d12c", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "b3571fdfb17151d7c362fd223d6dd7c2196413674e44478ae7c361b9976623d4", "ef015203c761eab82b0db940209a9c5602dca16883b116b5dc8da380f489f924", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1"], "key": "\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "aclutxml"}, {"hashes": ["2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "4928a22b4ebfd6e3b0e9e7d7b1bf72ad48de3ac71fb60a9995c73c0b4458d12c", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "b3571fdfb17151d7c362fd223d6dd7c2196413674e44478ae7c361b9976623d4", "ef015203c761eab82b0db940209a9c5602dca16883b116b5dc8da380f489f924", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1"], "key": "\\SOFTWARE\\APPDATALOW\\SOFTWARE\\MICROSOFT\\02BAB7FD-7931-84AC-1356-BDF8F7EA41AC", "value_name": null}, {"hashes": ["2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1"], "key": "\\SOFTWARE\\APPDATALOW\\SOFTWARE\\MICROSOFT\\02BAB7FD-7931-84AC-1356-BDF8F7EA41AC", "value_name": "{D7908994-4AF8-210B-0CFB-1EE5005F32E9}"}, {"hashes": ["2472010f8a211d4f72f5f7a54eed173e18ba6917f399cfdb0b027470c596245a", "31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3", "f359049cfeec1982826bb7782147e57c42d6df1b142bb6c135bf2048f08152a1"], "key": "\\SOFTWARE\\APPDATALOW\\SOFTWARE\\MICROSOFT\\02BAB7FD-7931-84AC-1356-BDF8F7EA41AC", "value_name": "Client"}, {"hashes": ["31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3"], "key": "\\SOFTWARE\\MICROSOFT\\IAM", "value_name": "Server ID"}, {"hashes": ["31afe208c90bf9c7ac0b76e514a32b177e61364955e28aa55eca5cd1827a8c2e", "740f9355737182ffca17434bf2c2424dd9b848be7fff43d9a8bd28c2e136eb68", "8c78b6edb8eeb2ee1463c1f5f7201cd35160a00e4f69b2f8bc3e65d2dcbf82fb", "a3519f9118dedddd5dbda9fc892767e2f5c3409d7126f9c3b2bc215bfa6fe7c3"], "key": "\\SOFTWARE\\APPDATALOW\\SOFTWARE\\MICROSOFT\\02BAB7FD-7931-84AC-1356-BDF8F7EA41AC", "value_name": "{344BD002-037D-867E-2DA8-E71AB15C0BEE}"}]}, "reports_count": 11}, "Win.Packed.Banload-9773267-1": {"bis": [{"bi": "memory-execute-readwrite", "hashes": ["9b8cb4efa2192bc4d7c00745dfad7f48fd6d07776e5954ba389d7964a926e250", "f1206470e71f2fcae068f227e4d8e808dd9dc3a831256e169d9dc55f6eee8c85", "7043ae58cc86dc2bb0de76c6fa646bc03106a5b9f3db8c7d69171ffa70285dcf", "09997d67c3eb58e58b2a1d509da7e3cfeb24773a49884397c88f3775497f40f5", "e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "b54f344eb796e9cbc096d060ca33a3d5d77d9f24413141d4bf10976f83f5c6b3", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "016e2c164894ee27212080aea92541219fe60d39cf5dfe2b221d3823c35d4c47", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "f77118a0a142ad0906d23274de9029b4bc221f0d62e10b6a37b18aef15d4b239", "3bf5381fe72d52b8634c2588eb48b7952ba8ae30d34b4ed886d675eaf736e79e", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "50664191f7cf78fe91982d6a46ca335cd811a6f3a28e7f8c590f43d25702496e", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85", "664d66616ae849f99c997bfafd2a6f1691ab7a8efec5f4e8934b7ab97d62ffde"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055", "T1181"]}, {"bi": "cta-static-analyzer-malicious", "hashes": ["9b8cb4efa2192bc4d7c00745dfad7f48fd6d07776e5954ba389d7964a926e250", "f1206470e71f2fcae068f227e4d8e808dd9dc3a831256e169d9dc55f6eee8c85", "7043ae58cc86dc2bb0de76c6fa646bc03106a5b9f3db8c7d69171ffa70285dcf", "09997d67c3eb58e58b2a1d509da7e3cfeb24773a49884397c88f3775497f40f5", "e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "b54f344eb796e9cbc096d060ca33a3d5d77d9f24413141d4bf10976f83f5c6b3", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "016e2c164894ee27212080aea92541219fe60d39cf5dfe2b221d3823c35d4c47", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "f77118a0a142ad0906d23274de9029b4bc221f0d62e10b6a37b18aef15d4b239", "3bf5381fe72d52b8634c2588eb48b7952ba8ae30d34b4ed886d675eaf736e79e", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "50664191f7cf78fe91982d6a46ca335cd811a6f3a28e7f8c590f43d25702496e", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85", "664d66616ae849f99c997bfafd2a6f1691ab7a8efec5f4e8934b7ab97d62ffde"], "mitre_attack_tags": []}, {"bi": "pe-header-linker-minor", "hashes": ["9b8cb4efa2192bc4d7c00745dfad7f48fd6d07776e5954ba389d7964a926e250", "f1206470e71f2fcae068f227e4d8e808dd9dc3a831256e169d9dc55f6eee8c85", "7043ae58cc86dc2bb0de76c6fa646bc03106a5b9f3db8c7d69171ffa70285dcf", "09997d67c3eb58e58b2a1d509da7e3cfeb24773a49884397c88f3775497f40f5", "e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "b54f344eb796e9cbc096d060ca33a3d5d77d9f24413141d4bf10976f83f5c6b3", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "016e2c164894ee27212080aea92541219fe60d39cf5dfe2b221d3823c35d4c47", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "f77118a0a142ad0906d23274de9029b4bc221f0d62e10b6a37b18aef15d4b239", "3bf5381fe72d52b8634c2588eb48b7952ba8ae30d34b4ed886d675eaf736e79e", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "50664191f7cf78fe91982d6a46ca335cd811a6f3a28e7f8c590f43d25702496e", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85", "664d66616ae849f99c997bfafd2a6f1691ab7a8efec5f4e8934b7ab97d62ffde"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "pe-encrypted-section", "hashes": ["9b8cb4efa2192bc4d7c00745dfad7f48fd6d07776e5954ba389d7964a926e250", "7043ae58cc86dc2bb0de76c6fa646bc03106a5b9f3db8c7d69171ffa70285dcf", "09997d67c3eb58e58b2a1d509da7e3cfeb24773a49884397c88f3775497f40f5", "e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "b54f344eb796e9cbc096d060ca33a3d5d77d9f24413141d4bf10976f83f5c6b3", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "016e2c164894ee27212080aea92541219fe60d39cf5dfe2b221d3823c35d4c47", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "f77118a0a142ad0906d23274de9029b4bc221f0d62e10b6a37b18aef15d4b239", "3bf5381fe72d52b8634c2588eb48b7952ba8ae30d34b4ed886d675eaf736e79e", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "50664191f7cf78fe91982d6a46ca335cd811a6f3a28e7f8c590f43d25702496e", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85", "664d66616ae849f99c997bfafd2a6f1691ab7a8efec5f4e8934b7ab97d62ffde"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "modified-file-in-user-dir", "hashes": ["9b8cb4efa2192bc4d7c00745dfad7f48fd6d07776e5954ba389d7964a926e250", "f1206470e71f2fcae068f227e4d8e808dd9dc3a831256e169d9dc55f6eee8c85", "09997d67c3eb58e58b2a1d509da7e3cfeb24773a49884397c88f3775497f40f5", "e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "b54f344eb796e9cbc096d060ca33a3d5d77d9f24413141d4bf10976f83f5c6b3", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "016e2c164894ee27212080aea92541219fe60d39cf5dfe2b221d3823c35d4c47", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "f77118a0a142ad0906d23274de9029b4bc221f0d62e10b6a37b18aef15d4b239", "3bf5381fe72d52b8634c2588eb48b7952ba8ae30d34b4ed886d675eaf736e79e", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "50664191f7cf78fe91982d6a46ca335cd811a6f3a28e7f8c590f43d25702496e", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85", "664d66616ae849f99c997bfafd2a6f1691ab7a8efec5f4e8934b7ab97d62ffde"], "mitre_attack_tags": []}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["9b8cb4efa2192bc4d7c00745dfad7f48fd6d07776e5954ba389d7964a926e250", "f1206470e71f2fcae068f227e4d8e808dd9dc3a831256e169d9dc55f6eee8c85", "7043ae58cc86dc2bb0de76c6fa646bc03106a5b9f3db8c7d69171ffa70285dcf", "09997d67c3eb58e58b2a1d509da7e3cfeb24773a49884397c88f3775497f40f5", "e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "b54f344eb796e9cbc096d060ca33a3d5d77d9f24413141d4bf10976f83f5c6b3", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "f77118a0a142ad0906d23274de9029b4bc221f0d62e10b6a37b18aef15d4b239", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "50664191f7cf78fe91982d6a46ca335cd811a6f3a28e7f8c590f43d25702496e", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85", "664d66616ae849f99c997bfafd2a6f1691ab7a8efec5f4e8934b7ab97d62ffde"], "mitre_attack_tags": []}, {"bi": "pe-section-blank-name", "hashes": ["9b8cb4efa2192bc4d7c00745dfad7f48fd6d07776e5954ba389d7964a926e250", "7043ae58cc86dc2bb0de76c6fa646bc03106a5b9f3db8c7d69171ffa70285dcf", "09997d67c3eb58e58b2a1d509da7e3cfeb24773a49884397c88f3775497f40f5", "e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "b54f344eb796e9cbc096d060ca33a3d5d77d9f24413141d4bf10976f83f5c6b3", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "016e2c164894ee27212080aea92541219fe60d39cf5dfe2b221d3823c35d4c47", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "f77118a0a142ad0906d23274de9029b4bc221f0d62e10b6a37b18aef15d4b239", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "50664191f7cf78fe91982d6a46ca335cd811a6f3a28e7f8c590f43d25702496e", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85", "664d66616ae849f99c997bfafd2a6f1691ab7a8efec5f4e8934b7ab97d62ffde"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "windows-crash-tool-execution-detected", "hashes": ["f1206470e71f2fcae068f227e4d8e808dd9dc3a831256e169d9dc55f6eee8c85", "e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "016e2c164894ee27212080aea92541219fe60d39cf5dfe2b221d3823c35d4c47", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "f77118a0a142ad0906d23274de9029b4bc221f0d62e10b6a37b18aef15d4b239", "3bf5381fe72d52b8634c2588eb48b7952ba8ae30d34b4ed886d675eaf736e79e", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "50664191f7cf78fe91982d6a46ca335cd811a6f3a28e7f8c590f43d25702496e", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85", "664d66616ae849f99c997bfafd2a6f1691ab7a8efec5f4e8934b7ab97d62ffde"], "mitre_attack_tags": []}, {"bi": "crash-dump-file-created", "hashes": ["f1206470e71f2fcae068f227e4d8e808dd9dc3a831256e169d9dc55f6eee8c85", "e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "016e2c164894ee27212080aea92541219fe60d39cf5dfe2b221d3823c35d4c47", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "f77118a0a142ad0906d23274de9029b4bc221f0d62e10b6a37b18aef15d4b239", "3bf5381fe72d52b8634c2588eb48b7952ba8ae30d34b4ed886d675eaf736e79e", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "50664191f7cf78fe91982d6a46ca335cd811a6f3a28e7f8c590f43d25702496e", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85", "664d66616ae849f99c997bfafd2a6f1691ab7a8efec5f4e8934b7ab97d62ffde"], "mitre_attack_tags": []}, {"bi": "fault-report-file-created", "hashes": ["f1206470e71f2fcae068f227e4d8e808dd9dc3a831256e169d9dc55f6eee8c85", "e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "016e2c164894ee27212080aea92541219fe60d39cf5dfe2b221d3823c35d4c47", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "f77118a0a142ad0906d23274de9029b4bc221f0d62e10b6a37b18aef15d4b239", "3bf5381fe72d52b8634c2588eb48b7952ba8ae30d34b4ed886d675eaf736e79e", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "50664191f7cf78fe91982d6a46ca335cd811a6f3a28e7f8c590f43d25702496e", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85", "664d66616ae849f99c997bfafd2a6f1691ab7a8efec5f4e8934b7ab97d62ffde"], "mitre_attack_tags": []}, {"bi": "antivirus-flagged-artifact", "hashes": ["7043ae58cc86dc2bb0de76c6fa646bc03106a5b9f3db8c7d69171ffa70285dcf", "e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "b54f344eb796e9cbc096d060ca33a3d5d77d9f24413141d4bf10976f83f5c6b3", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "016e2c164894ee27212080aea92541219fe60d39cf5dfe2b221d3823c35d4c47", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "f77118a0a142ad0906d23274de9029b4bc221f0d62e10b6a37b18aef15d4b239", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "50664191f7cf78fe91982d6a46ca335cd811a6f3a28e7f8c590f43d25702496e", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85", "664d66616ae849f99c997bfafd2a6f1691ab7a8efec5f4e8934b7ab97d62ffde"], "mitre_attack_tags": []}, {"bi": "modified-executable", "hashes": ["e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "b54f344eb796e9cbc096d060ca33a3d5d77d9f24413141d4bf10976f83f5c6b3", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "016e2c164894ee27212080aea92541219fe60d39cf5dfe2b221d3823c35d4c47", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "f77118a0a142ad0906d23274de9029b4bc221f0d62e10b6a37b18aef15d4b239", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "50664191f7cf78fe91982d6a46ca335cd811a6f3a28e7f8c590f43d25702496e", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85", "664d66616ae849f99c997bfafd2a6f1691ab7a8efec5f4e8934b7ab97d62ffde"], "mitre_attack_tags": []}, {"bi": "created-executable-in-user-dir", "hashes": ["e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "b54f344eb796e9cbc096d060ca33a3d5d77d9f24413141d4bf10976f83f5c6b3", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "016e2c164894ee27212080aea92541219fe60d39cf5dfe2b221d3823c35d4c47", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "f77118a0a142ad0906d23274de9029b4bc221f0d62e10b6a37b18aef15d4b239", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "50664191f7cf78fe91982d6a46ca335cd811a6f3a28e7f8c590f43d25702496e", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85", "664d66616ae849f99c997bfafd2a6f1691ab7a8efec5f4e8934b7ab97d62ffde"], "mitre_attack_tags": []}, {"bi": "dns-query-nxdomain", "hashes": ["e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "b54f344eb796e9cbc096d060ca33a3d5d77d9f24413141d4bf10976f83f5c6b3", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "016e2c164894ee27212080aea92541219fe60d39cf5dfe2b221d3823c35d4c47", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "f77118a0a142ad0906d23274de9029b4bc221f0d62e10b6a37b18aef15d4b239", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "50664191f7cf78fe91982d6a46ca335cd811a6f3a28e7f8c590f43d25702496e", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85", "664d66616ae849f99c997bfafd2a6f1691ab7a8efec5f4e8934b7ab97d62ffde"], "mitre_attack_tags": []}, {"bi": "feed-domain-antivirus-service", "hashes": ["e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "b54f344eb796e9cbc096d060ca33a3d5d77d9f24413141d4bf10976f83f5c6b3", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "016e2c164894ee27212080aea92541219fe60d39cf5dfe2b221d3823c35d4c47", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "f77118a0a142ad0906d23274de9029b4bc221f0d62e10b6a37b18aef15d4b239", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "50664191f7cf78fe91982d6a46ca335cd811a6f3a28e7f8c590f43d25702496e", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85", "664d66616ae849f99c997bfafd2a6f1691ab7a8efec5f4e8934b7ab97d62ffde"], "mitre_attack_tags": []}, {"bi": "registry-autorun-key-data-dir", "hashes": ["e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "b54f344eb796e9cbc096d060ca33a3d5d77d9f24413141d4bf10976f83f5c6b3", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "016e2c164894ee27212080aea92541219fe60d39cf5dfe2b221d3823c35d4c47", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "f77118a0a142ad0906d23274de9029b4bc221f0d62e10b6a37b18aef15d4b239", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "50664191f7cf78fe91982d6a46ca335cd811a6f3a28e7f8c590f43d25702496e", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85", "664d66616ae849f99c997bfafd2a6f1691ab7a8efec5f4e8934b7ab97d62ffde"], "mitre_attack_tags": ["TA0003", "T1060"]}, {"bi": "registry-autorun-key-modified", "hashes": ["e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "b54f344eb796e9cbc096d060ca33a3d5d77d9f24413141d4bf10976f83f5c6b3", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "016e2c164894ee27212080aea92541219fe60d39cf5dfe2b221d3823c35d4c47", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "f77118a0a142ad0906d23274de9029b4bc221f0d62e10b6a37b18aef15d4b239", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "50664191f7cf78fe91982d6a46ca335cd811a6f3a28e7f8c590f43d25702496e", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85", "664d66616ae849f99c997bfafd2a6f1691ab7a8efec5f4e8934b7ab97d62ffde"], "mitre_attack_tags": ["TA0003", "T1060"]}, {"bi": "registry-service-with-autostart-created", "hashes": ["e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "b54f344eb796e9cbc096d060ca33a3d5d77d9f24413141d4bf10976f83f5c6b3", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85"], "mitre_attack_tags": ["TA0003", "T1112", "T1058"]}, {"bi": "currentcontrolset-service-added", "hashes": ["e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "b54f344eb796e9cbc096d060ca33a3d5d77d9f24413141d4bf10976f83f5c6b3", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85"], "mitre_attack_tags": ["TA0002", "TA0003", "T1035", "T1060"]}, {"bi": "embedded-pe-resource2", "hashes": ["e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "b54f344eb796e9cbc096d060ca33a3d5d77d9f24413141d4bf10976f83f5c6b3", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85"], "mitre_attack_tags": []}, {"bi": "artifact-flagged-anomaly", "hashes": ["e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "pe-section-execute-writable", "hashes": ["e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "modified-file-in-system-dir", "hashes": ["e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85"], "mitre_attack_tags": []}, {"bi": "pe-imports-exe", "hashes": ["e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85"], "mitre_attack_tags": []}, {"bi": "pe-header-writable", "hashes": ["e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "pe-packed-upx", "hashes": ["e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "netbios-query", "hashes": ["e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc"], "mitre_attack_tags": []}, {"bi": "feed-domain-rat", "hashes": ["e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc"], "mitre_attack_tags": []}, {"bi": "malware-known-trojan-av", "hashes": ["e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc"], "mitre_attack_tags": []}, {"bi": "potential-registry-persistence", "hashes": ["e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc"], "mitre_attack_tags": []}, {"bi": "files-deleted-used-batch", "hashes": ["e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc"], "mitre_attack_tags": ["TA0005", "T1107"]}, {"bi": "potential-registry-script-execution", "hashes": ["e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc"], "mitre_attack_tags": []}, {"bi": "pe-header-numofsymbols", "hashes": ["e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "network-fast-flux-nameserver", "hashes": ["084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "016e2c164894ee27212080aea92541219fe60d39cf5dfe2b221d3823c35d4c47", "f77118a0a142ad0906d23274de9029b4bc221f0d62e10b6a37b18aef15d4b239", "50664191f7cf78fe91982d6a46ca335cd811a6f3a28e7f8c590f43d25702496e", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85"], "mitre_attack_tags": []}, {"bi": "registry-disablesuac", "hashes": ["9b8cb4efa2192bc4d7c00745dfad7f48fd6d07776e5954ba389d7964a926e250", "09997d67c3eb58e58b2a1d509da7e3cfeb24773a49884397c88f3775497f40f5", "b54f344eb796e9cbc096d060ca33a3d5d77d9f24413141d4bf10976f83f5c6b3", "016e2c164894ee27212080aea92541219fe60d39cf5dfe2b221d3823c35d4c47", "f77118a0a142ad0906d23274de9029b4bc221f0d62e10b6a37b18aef15d4b239", "50664191f7cf78fe91982d6a46ca335cd811a6f3a28e7f8c590f43d25702496e", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85", "664d66616ae849f99c997bfafd2a6f1691ab7a8efec5f4e8934b7ab97d62ffde"], "mitre_attack_tags": ["TA0005", "TA0002", "TA0004", "T1088", "T1089"]}, {"bi": "process-long-cmdline", "hashes": ["016e2c164894ee27212080aea92541219fe60d39cf5dfe2b221d3823c35d4c47", "f77118a0a142ad0906d23274de9029b4bc221f0d62e10b6a37b18aef15d4b239", "50664191f7cf78fe91982d6a46ca335cd811a6f3a28e7f8c590f43d25702496e", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85", "664d66616ae849f99c997bfafd2a6f1691ab7a8efec5f4e8934b7ab97d62ffde"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "registry-modification-reg", "hashes": ["016e2c164894ee27212080aea92541219fe60d39cf5dfe2b221d3823c35d4c47", "f77118a0a142ad0906d23274de9029b4bc221f0d62e10b6a37b18aef15d4b239", "50664191f7cf78fe91982d6a46ca335cd811a6f3a28e7f8c590f43d25702496e", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85", "664d66616ae849f99c997bfafd2a6f1691ab7a8efec5f4e8934b7ab97d62ffde"], "mitre_attack_tags": []}, {"bi": "cmd-exe-substr", "hashes": ["016e2c164894ee27212080aea92541219fe60d39cf5dfe2b221d3823c35d4c47", "f77118a0a142ad0906d23274de9029b4bc221f0d62e10b6a37b18aef15d4b239", "50664191f7cf78fe91982d6a46ca335cd811a6f3a28e7f8c590f43d25702496e", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85", "664d66616ae849f99c997bfafd2a6f1691ab7a8efec5f4e8934b7ab97d62ffde"], "mitre_attack_tags": ["TA0005", "TA0002", "T1027", "T1059"]}, {"bi": "cmd-windows-env-vars-detected", "hashes": ["016e2c164894ee27212080aea92541219fe60d39cf5dfe2b221d3823c35d4c47", "f77118a0a142ad0906d23274de9029b4bc221f0d62e10b6a37b18aef15d4b239", "50664191f7cf78fe91982d6a46ca335cd811a6f3a28e7f8c590f43d25702496e", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85", "664d66616ae849f99c997bfafd2a6f1691ab7a8efec5f4e8934b7ab97d62ffde"], "mitre_attack_tags": ["TA0005", "TA0002", "T1027", "T1059"]}, {"bi": "network-communications-http-get", "hashes": ["9b8cb4efa2192bc4d7c00745dfad7f48fd6d07776e5954ba389d7964a926e250", "7043ae58cc86dc2bb0de76c6fa646bc03106a5b9f3db8c7d69171ffa70285dcf", "09997d67c3eb58e58b2a1d509da7e3cfeb24773a49884397c88f3775497f40f5"], "mitre_attack_tags": ["TA0011", "TA0010", "T1105", "T1043"]}, {"bi": "network-only-safe-domains-contacted", "hashes": ["9b8cb4efa2192bc4d7c00745dfad7f48fd6d07776e5954ba389d7964a926e250", "7043ae58cc86dc2bb0de76c6fa646bc03106a5b9f3db8c7d69171ffa70285dcf", "09997d67c3eb58e58b2a1d509da7e3cfeb24773a49884397c88f3775497f40f5"], "mitre_attack_tags": []}, {"bi": "modified-file-in-program-dir", "hashes": ["68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193"], "mitre_attack_tags": []}, {"bi": "network-fast-flux-domain", "hashes": ["9b8cb4efa2192bc4d7c00745dfad7f48fd6d07776e5954ba389d7964a926e250", "09997d67c3eb58e58b2a1d509da7e3cfeb24773a49884397c88f3775497f40f5"], "mitre_attack_tags": []}, {"bi": "network-file-downloaded-to-disk", "hashes": ["9b8cb4efa2192bc4d7c00745dfad7f48fd6d07776e5954ba389d7964a926e250", "09997d67c3eb58e58b2a1d509da7e3cfeb24773a49884397c88f3775497f40f5"], "mitre_attack_tags": []}, {"bi": "http-response-client-error", "hashes": ["9b8cb4efa2192bc4d7c00745dfad7f48fd6d07776e5954ba389d7964a926e250", "7043ae58cc86dc2bb0de76c6fa646bc03106a5b9f3db8c7d69171ffa70285dcf"], "mitre_attack_tags": []}, {"bi": "network-dns-category-file-storage", "hashes": ["9b8cb4efa2192bc4d7c00745dfad7f48fd6d07776e5954ba389d7964a926e250", "09997d67c3eb58e58b2a1d509da7e3cfeb24773a49884397c88f3775497f40f5"], "mitre_attack_tags": []}, {"bi": "registry-ie-zone-settings-modified", "hashes": ["9b8cb4efa2192bc4d7c00745dfad7f48fd6d07776e5954ba389d7964a926e250", "09997d67c3eb58e58b2a1d509da7e3cfeb24773a49884397c88f3775497f40f5"], "mitre_attack_tags": ["TA0005", "T1089"]}, {"bi": "deleted-executable-in-program-dir", "hashes": ["9b8cb4efa2192bc4d7c00745dfad7f48fd6d07776e5954ba389d7964a926e250", "09997d67c3eb58e58b2a1d509da7e3cfeb24773a49884397c88f3775497f40f5"], "mitre_attack_tags": []}, {"bi": "artifact-flagged-antianalysis", "hashes": ["bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "artifact-av-detect", "hashes": ["bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85"], "mitre_attack_tags": ["TA0005", "T1063"]}, {"bi": "url-dropbox-service", "hashes": ["9b8cb4efa2192bc4d7c00745dfad7f48fd6d07776e5954ba389d7964a926e250"], "mitre_attack_tags": ["TA0011", "TA0010", "T1102"]}, {"bi": "hook-installed", "hashes": ["b54f344eb796e9cbc096d060ca33a3d5d77d9f24413141d4bf10976f83f5c6b3"], "mitre_attack_tags": ["TA0006", "TA0003", "TA0004", "T1056", "T1179"]}, {"bi": "excessive-process-creates", "hashes": ["b54f344eb796e9cbc096d060ca33a3d5d77d9f24413141d4bf10976f83f5c6b3"], "mitre_attack_tags": ["TA0002", "T1064"]}, {"bi": "process-with-multiple-children", "hashes": ["b54f344eb796e9cbc096d060ca33a3d5d77d9f24413141d4bf10976f83f5c6b3"], "mitre_attack_tags": ["TA0005"]}, {"bi": "pe-tls-callback", "hashes": ["b54f344eb796e9cbc096d060ca33a3d5d77d9f24413141d4bf10976f83f5c6b3"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "pe-header-timestamp-prior", "hashes": ["b54f344eb796e9cbc096d060ca33a3d5d77d9f24413141d4bf10976f83f5c6b3"], "mitre_attack_tags": []}, {"bi": "pe-section-shared", "hashes": ["b54f344eb796e9cbc096d060ca33a3d5d77d9f24413141d4bf10976f83f5c6b3"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "windows-util-cacls-systemnone", "hashes": ["b54f344eb796e9cbc096d060ca33a3d5d77d9f24413141d4bf10976f83f5c6b3"], "mitre_attack_tags": ["TA0005", "T1222"]}, {"bi": "high-heuristic-score", "hashes": ["016e2c164894ee27212080aea92541219fe60d39cf5dfe2b221d3823c35d4c47"], "mitre_attack_tags": []}, {"bi": "antivirus-service-flagged-artifact-mid", "hashes": ["3bf5381fe72d52b8634c2588eb48b7952ba8ae30d34b4ed886d675eaf736e79e"], "mitre_attack_tags": []}], "category": "Packed", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": false, "Threat Grid": true, "Umbrella": false, "WSA": false}, "description": "Banload is a banking trojan believed to be developed by Brazilian cybercriminals and is used primarily to infect machines in Latin America. One notable aspect of Banload is its use of custom kernel drivers to evade detection.", "hashes": ["016e2c164894ee27212080aea92541219fe60d39cf5dfe2b221d3823c35d4c47", "05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "09997d67c3eb58e58b2a1d509da7e3cfeb24773a49884397c88f3775497f40f5", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "3bf5381fe72d52b8634c2588eb48b7952ba8ae30d34b4ed886d675eaf736e79e", "50664191f7cf78fe91982d6a46ca335cd811a6f3a28e7f8c590f43d25702496e", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "664d66616ae849f99c997bfafd2a6f1691ab7a8efec5f4e8934b7ab97d62ffde", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "7043ae58cc86dc2bb0de76c6fa646bc03106a5b9f3db8c7d69171ffa70285dcf", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "9b8cb4efa2192bc4d7c00745dfad7f48fd6d07776e5954ba389d7964a926e250", "b54f344eb796e9cbc096d060ca33a3d5d77d9f24413141d4bf10976f83f5c6b3", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85", "e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc", "f1206470e71f2fcae068f227e4d8e808dd9dc3a831256e169d9dc55f6eee8c85", "f77118a0a142ad0906d23274de9029b4bc221f0d62e10b6a37b18aef15d4b239"], "iocs": {"domain": [{"hashes": ["05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc"], "host": "srmvx[.]com[.]br"}, {"hashes": ["016e2c164894ee27212080aea92541219fe60d39cf5dfe2b221d3823c35d4c47", "50664191f7cf78fe91982d6a46ca335cd811a6f3a28e7f8c590f43d25702496e", "664d66616ae849f99c997bfafd2a6f1691ab7a8efec5f4e8934b7ab97d62ffde", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85", "f77118a0a142ad0906d23274de9029b4bc221f0d62e10b6a37b18aef15d4b239"], "host": "www[.]srmvx[.]com[.]br"}, {"hashes": ["09997d67c3eb58e58b2a1d509da7e3cfeb24773a49884397c88f3775497f40f5", "9b8cb4efa2192bc4d7c00745dfad7f48fd6d07776e5954ba389d7964a926e250"], "host": "dl[.]dropbox[.]com"}, {"hashes": ["09997d67c3eb58e58b2a1d509da7e3cfeb24773a49884397c88f3775497f40f5", "9b8cb4efa2192bc4d7c00745dfad7f48fd6d07776e5954ba389d7964a926e250"], "host": "geremias52[.]biz[.]ly"}, {"hashes": ["9b8cb4efa2192bc4d7c00745dfad7f48fd6d07776e5954ba389d7964a926e250"], "host": "www[.]dropbox[.]com"}, {"hashes": ["9b8cb4efa2192bc4d7c00745dfad7f48fd6d07776e5954ba389d7964a926e250"], "host": "cfl[.]dropboxstatic[.]com"}, {"hashes": ["b54f344eb796e9cbc096d060ca33a3d5d77d9f24413141d4bf10976f83f5c6b3"], "host": "www[.]arqueiroverde34[.]com[.]br"}, {"hashes": ["7043ae58cc86dc2bb0de76c6fa646bc03106a5b9f3db8c7d69171ffa70285dcf"], "host": "dropdr11[.]hospedagemdesites[.]ws"}], "file": [{"hashes": ["05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85", "e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc"], "path": "%SystemRoot%\\SysWOW64\\drivers\\trs.sys"}, {"hashes": ["05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc"], "path": "\\cleanup.bat"}, {"hashes": ["05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc"], "path": "\\cleanup.exe"}, {"hashes": ["05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc"], "path": "\\zip.exe"}, {"hashes": ["05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc"], "path": "\\TITI.EXE"}, {"hashes": ["05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc"], "path": "\\kill.txt"}, {"hashes": ["05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc"], "path": "%LOCALAPPDATA%\\wap.exe"}, {"hashes": ["016e2c164894ee27212080aea92541219fe60d39cf5dfe2b221d3823c35d4c47", "50664191f7cf78fe91982d6a46ca335cd811a6f3a28e7f8c590f43d25702496e", "664d66616ae849f99c997bfafd2a6f1691ab7a8efec5f4e8934b7ab97d62ffde", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85", "f77118a0a142ad0906d23274de9029b4bc221f0d62e10b6a37b18aef15d4b239"], "path": "%LOCALAPPDATA%\\ctfmonn.exe"}, {"hashes": ["09997d67c3eb58e58b2a1d509da7e3cfeb24773a49884397c88f3775497f40f5", "9b8cb4efa2192bc4d7c00745dfad7f48fd6d07776e5954ba389d7964a926e250"], "path": "%APPDATA%\\config.txt"}, {"hashes": ["05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753"], "path": "%SystemRoot%\\SysWOW64\\drivers\\peur.sys"}, {"hashes": ["05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753"], "path": "\\ulbcsnjr.txt"}, {"hashes": ["084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b"], "path": "%SystemRoot%\\SysWOW64\\drivers\\ammxllcr.sys"}, {"hashes": ["084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b"], "path": "\\wdjard.txt"}, {"hashes": ["5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35"], "path": "%SystemRoot%\\SysWOW64\\drivers\\luhfocak.sys"}, {"hashes": ["5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35"], "path": "\\kqtq.txt"}, {"hashes": ["3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a"], "path": "%SystemRoot%\\SysWOW64\\drivers\\bjauj.sys"}, {"hashes": ["3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a"], "path": "\\stkcket.txt"}, {"hashes": ["198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193"], "path": "%ProgramFiles(x86)%\\kvxjmh.txt"}, {"hashes": ["198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193"], "path": "%SystemRoot%\\SysWOW64\\drivers\\bzfcqa.sys"}, {"hashes": ["198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193"], "path": "%LOCALAPPDATA%\\ctmon.exe"}, {"hashes": ["6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800"], "path": "%SystemRoot%\\SysWOW64\\drivers\\khgvf.sys"}, {"hashes": ["6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800"], "path": "%SystemRoot%\\nney.txt"}, {"hashes": ["77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc"], "path": "%SystemRoot%\\SysWOW64\\drivers\\jtdlfdgf.sys"}, {"hashes": ["77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc"], "path": "\\rybnwhak.txt"}, {"hashes": ["e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc"], "path": "%SystemRoot%\\SysWOW64\\drivers\\njwyrd.sys"}, {"hashes": ["b54f344eb796e9cbc096d060ca33a3d5d77d9f24413141d4bf10976f83f5c6b3"], "path": "\\InstalService"}, {"hashes": ["b54f344eb796e9cbc096d060ca33a3d5d77d9f24413141d4bf10976f83f5c6b3"], "path": "\\ABLUTUE.exe"}, {"hashes": ["b54f344eb796e9cbc096d060ca33a3d5d77d9f24413141d4bf10976f83f5c6b3"], "path": "%LOCALAPPDATA%\\WindowsUpdate.exe"}, {"hashes": ["e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc"], "path": "%SystemRoot%\\SysWOW64\\upjz.txt"}, {"hashes": ["68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e"], "path": "%ProgramFiles(x86)%\\cevsdh.txt"}, {"hashes": ["67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517"], "path": "%ProgramFiles(x86)%\\nehlrlld.txt"}, {"hashes": ["67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517"], "path": "%SystemRoot%\\SysWOW64\\drivers\\cqslmwdq.sys"}, {"hashes": ["7043ae58cc86dc2bb0de76c6fa646bc03106a5b9f3db8c7d69171ffa70285dcf"], "path": "\\mothersday11-hp.exe"}, {"hashes": ["68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e"], "path": "%SystemRoot%\\SysWOW64\\drivers\\rdco.sys"}, {"hashes": ["7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69"], "path": "%SystemRoot%\\SysWOW64\\drivers\\jmwzn.sys"}, {"hashes": ["7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69"], "path": "%SystemRoot%\\SysWOW64\\vvcmipx.txt"}], "ip": [{"hashes": ["09997d67c3eb58e58b2a1d509da7e3cfeb24773a49884397c88f3775497f40f5", "9b8cb4efa2192bc4d7c00745dfad7f48fd6d07776e5954ba389d7964a926e250"], "ip": "162[.]125[.]8[.]15"}, {"hashes": ["09997d67c3eb58e58b2a1d509da7e3cfeb24773a49884397c88f3775497f40f5", "9b8cb4efa2192bc4d7c00745dfad7f48fd6d07776e5954ba389d7964a926e250"], "ip": "64[.]136[.]20[.]39"}, {"hashes": ["7043ae58cc86dc2bb0de76c6fa646bc03106a5b9f3db8c7d69171ffa70285dcf"], "ip": "186[.]202[.]95[.]69"}], "mutex": [{"hashes": ["016e2c164894ee27212080aea92541219fe60d39cf5dfe2b221d3823c35d4c47", "05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "3bf5381fe72d52b8634c2588eb48b7952ba8ae30d34b4ed886d675eaf736e79e", "50664191f7cf78fe91982d6a46ca335cd811a6f3a28e7f8c590f43d25702496e", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "664d66616ae849f99c997bfafd2a6f1691ab7a8efec5f4e8934b7ab97d62ffde", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85", "e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc", "f1206470e71f2fcae068f227e4d8e808dd9dc3a831256e169d9dc55f6eee8c85", "f77118a0a142ad0906d23274de9029b4bc221f0d62e10b6a37b18aef15d4b239"], "name": "Global\\"}], "registry": [{"hashes": ["016e2c164894ee27212080aea92541219fe60d39cf5dfe2b221d3823c35d4c47", "05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "50664191f7cf78fe91982d6a46ca335cd811a6f3a28e7f8c590f43d25702496e", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "664d66616ae849f99c997bfafd2a6f1691ab7a8efec5f4e8934b7ab97d62ffde", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85", "e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc", "f77118a0a142ad0906d23274de9029b4bc221f0d62e10b6a37b18aef15d4b239"], "key": "\\ENABLELUA", "value_name": null}, {"hashes": ["016e2c164894ee27212080aea92541219fe60d39cf5dfe2b221d3823c35d4c47", "05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "50664191f7cf78fe91982d6a46ca335cd811a6f3a28e7f8c590f43d25702496e", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "664d66616ae849f99c997bfafd2a6f1691ab7a8efec5f4e8934b7ab97d62ffde", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85", "e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc", "f77118a0a142ad0906d23274de9029b4bc221f0d62e10b6a37b18aef15d4b239"], "key": "\\ENABLELUA", "value_name": "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System"}, {"hashes": ["05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85", "e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\PELODLO", "value_name": null}, {"hashes": ["05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85", "e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\PELODLO", "value_name": "Type"}, {"hashes": ["05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85", "e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\PELODLO", "value_name": "Start"}, {"hashes": ["05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85", "e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\PELODLO", "value_name": "ErrorControl"}, {"hashes": ["05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85", "e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\PELODLO", "value_name": "DisplayName"}, {"hashes": ["05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85", "e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\PELODLO", "value_name": "WOW64"}, {"hashes": ["05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85", "e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\PELODLO", "value_name": "ImagePath"}, {"hashes": ["05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "198e4fc3f3f351618d28f34d346ba4984947371156c16bb16a778ed07bb5d193", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc"], "key": "\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUNONCE", "value_name": "Cleanup"}, {"hashes": ["05518ab2523991a133ff3e98fa6c070a5131debac3acd78b4f0f99881bf68753", "084066c4414c8d3dca285dad038c8b59f15dcd4c9fef396ed82d8696b006a66b", "3097fb5438618f6454ee7837b5dcbc8cad6558249fc697517ce1d1214bdfc36a", "5dbb562e194028be06f1babb86dc57f44e25d8cb367fed0682f865728e543e35", "6003533df1322c433eeedd1797bf2eadb819496f8a7eb3fd462219c90496b800", "67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517", "68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e", "77d12539c771bf7baf4916e76e6d138e45c11a2f6bd3c9cbd43b5062eb151cfc", "7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69", "e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc"], "key": "\\WAP", "value_name": null}, {"hashes": ["016e2c164894ee27212080aea92541219fe60d39cf5dfe2b221d3823c35d4c47", "09997d67c3eb58e58b2a1d509da7e3cfeb24773a49884397c88f3775497f40f5", "50664191f7cf78fe91982d6a46ca335cd811a6f3a28e7f8c590f43d25702496e", "664d66616ae849f99c997bfafd2a6f1691ab7a8efec5f4e8934b7ab97d62ffde", "9b8cb4efa2192bc4d7c00745dfad7f48fd6d07776e5954ba389d7964a926e250", "b54f344eb796e9cbc096d060ca33a3d5d77d9f24413141d4bf10976f83f5c6b3", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85", "f77118a0a142ad0906d23274de9029b4bc221f0d62e10b6a37b18aef15d4b239"], "key": "\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\POLICIES\\SYSTEM", "value_name": "EnableLUA"}, {"hashes": ["016e2c164894ee27212080aea92541219fe60d39cf5dfe2b221d3823c35d4c47", "50664191f7cf78fe91982d6a46ca335cd811a6f3a28e7f8c590f43d25702496e", "664d66616ae849f99c997bfafd2a6f1691ab7a8efec5f4e8934b7ab97d62ffde", "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad", "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85", "f77118a0a142ad0906d23274de9029b4bc221f0d62e10b6a37b18aef15d4b239"], "key": "\\CTFMONN", "value_name": null}, {"hashes": ["bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad"], "key": "\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "bbd53e391fcfb15ade714900bc64fe0a5f97a2b2e1d53229bfa181e9c8af4cad.exe"}, {"hashes": ["e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\RCADSPK", "value_name": "ImagePath"}, {"hashes": ["e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\RCADSPK", "value_name": "Start"}, {"hashes": ["e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\RCADSPK", "value_name": "Type"}, {"hashes": ["e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\RCADSPK", "value_name": "ErrorControl"}, {"hashes": ["e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\RCADSPK", "value_name": "mozmziz"}, {"hashes": ["c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85"], "key": "\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "c75d65fa755a87cf2b2fb5d74e1a7a09f2a22108eac3a4b22e09532b797b3a85.exe"}, {"hashes": ["e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\RCADSPK", "value_name": "iypxo"}, {"hashes": ["e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\RCADSPK", "value_name": "vyfuwkn"}, {"hashes": ["e94486573e4c00962986d4612d053601cd3cd11227fdccf1bd9fb761d91fa8dc"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\RCADSPK", "value_name": "Group"}, {"hashes": ["67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\OEOMKG", "value_name": null}, {"hashes": ["67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\OEOMKG", "value_name": "ImagePath"}, {"hashes": ["67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\OEOMKG", "value_name": "Start"}, {"hashes": ["67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\OEOMKG", "value_name": "Type"}, {"hashes": ["67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\OEOMKG", "value_name": "ErrorControl"}, {"hashes": ["67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\OEOMKG", "value_name": "hpqwuak"}, {"hashes": ["67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\OEOMKG", "value_name": "uireyl"}, {"hashes": ["67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\OEOMKG", "value_name": "twbrtwam"}, {"hashes": ["67bca4fee0fe2bc8c6e690d56115002a787ca652b6e7f5083b60afabe2550517"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\OEOMKG", "value_name": "Group"}, {"hashes": ["68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\JLQH", "value_name": null}, {"hashes": ["68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\JLQH", "value_name": "ImagePath"}, {"hashes": ["68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\JLQH", "value_name": "Start"}, {"hashes": ["68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\JLQH", "value_name": "Type"}, {"hashes": ["68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\JLQH", "value_name": "ErrorControl"}, {"hashes": ["68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\JLQH", "value_name": "woyi"}, {"hashes": ["68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\JLQH", "value_name": "wiwua"}, {"hashes": ["68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\JLQH", "value_name": "sovi"}, {"hashes": ["68394780ab2dd62ac2ba75f028f0a7f483e791b8645997a471e87df037e0ad1e"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\JLQH", "value_name": "Group"}, {"hashes": ["7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\QDSJNXS", "value_name": null}, {"hashes": ["7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\QDSJNXS", "value_name": "ImagePath"}, {"hashes": ["7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\QDSJNXS", "value_name": "Start"}, {"hashes": ["7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\QDSJNXS", "value_name": "Type"}, {"hashes": ["7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\QDSJNXS", "value_name": "ErrorControl"}, {"hashes": ["7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\QDSJNXS", "value_name": "ctay"}, {"hashes": ["7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\QDSJNXS", "value_name": "zxrsxmp"}, {"hashes": ["7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\QDSJNXS", "value_name": "quqq"}, {"hashes": ["7b1741f05850063ea6e54a221e192e1f49ecd3a7d7dac187c8c0520c49d77f69"], "key": "\\SYSTEM\\CONTROLSET001\\SERVICES\\QDSJNXS", "value_name": "Group"}]}, "reports_count": 23}, "Win.Packed.Kovter-9770937-1": {"bis": [{"bi": "memory-execute-readwrite", "hashes": ["5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055", "T1181"]}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8"], "mitre_attack_tags": []}, {"bi": "cta-static-analyzer-malicious", "hashes": ["5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8"], "mitre_attack_tags": []}, {"bi": "excessive-foreign-memory-modification", "hashes": ["5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8"], "mitre_attack_tags": ["TA0005", "T1055"]}, {"bi": "pe-uses-visual-basic", "hashes": ["5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8"], "mitre_attack_tags": []}, {"bi": "deleted-submitted-file", "hashes": ["5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8"], "mitre_attack_tags": ["TA0005", "T1107"]}, {"bi": "compound-vb-self-delete", "hashes": ["5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8"], "mitre_attack_tags": []}, {"bi": "registry-autorun-key-modified", "hashes": ["5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8"], "mitre_attack_tags": ["TA0003", "T1060"]}, {"bi": "excessive-tcp-connections", "hashes": ["5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8"], "mitre_attack_tags": ["TA0011", "T1095", "T1008"]}, {"bi": "process-explorer-suspicious-launch", "hashes": ["5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8"], "mitre_attack_tags": ["TA0005", "T1055"]}, {"bi": "potential-registry-script-execution", "hashes": ["5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8"], "mitre_attack_tags": []}, {"bi": "registry-large-data-entry", "hashes": ["5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8"], "mitre_attack_tags": ["TA0005", "T1112"]}, {"bi": "process-hollowing-detected", "hashes": ["5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8"], "mitre_attack_tags": ["TA0005", "T1093"]}, {"bi": "malware-kovter-registry", "hashes": ["5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8"], "mitre_attack_tags": []}, {"bi": "registry-script-detected", "hashes": ["5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8"], "mitre_attack_tags": ["TA0005", "TA0003", "T1112", "T1064"]}, {"bi": "registry-ie-zone-settings-modified", "hashes": ["5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8"], "mitre_attack_tags": ["TA0005", "T1089"]}, {"bi": "mshta-in-registry", "hashes": ["5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8"], "mitre_attack_tags": ["TA0005", "TA0003", "T1112", "T1170"]}, {"bi": "network-file-uploaded", "hashes": ["5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8"], "mitre_attack_tags": ["TA0010", "T1011"]}, {"bi": "network-http-numeric-ip", "hashes": ["5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8"], "mitre_attack_tags": ["TA0011", "TA0005", "T1071"]}, {"bi": "network-communications-http-post", "hashes": ["5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8"], "mitre_attack_tags": ["TA0011", "TA0010", "T1048"]}, {"bi": "network-private-ip-address", "hashes": ["dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8"], "mitre_attack_tags": ["TA0007", "T1016"]}, {"bi": "http-response-client-error", "hashes": ["5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e"], "mitre_attack_tags": []}, {"bi": "nginx-webserver-detected", "hashes": ["856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45"], "mitre_attack_tags": []}, {"bi": "http-response-redirect", "hashes": ["c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45"], "mitre_attack_tags": []}, {"bi": "artifact-flagged-anomaly", "hashes": ["1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "network-snort-policy", "hashes": ["1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5"], "mitre_attack_tags": []}, {"bi": "url-not-found", "hashes": ["c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7"], "mitre_attack_tags": []}, {"bi": "network-http-non-standard-port", "hashes": ["450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45"], "mitre_attack_tags": ["TA0011", "TA0005", "T1065"]}, {"bi": "network-communications-http-get", "hashes": ["450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45"], "mitre_attack_tags": ["TA0011", "TA0010", "T1105", "T1043"]}], "category": "Packed", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": true, "Threat Grid": true, "Umbrella": false, "WSA": false}, "description": "Kovter is known for its fileless persistence mechanism. This family of malware creates several malicious registry entries which store its malicious code. Kovter is capable of reinfecting a system, even if the file system has been cleaned of the infection. Kovter has been used in the past to spread ransomware and click-fraud malware.", "hashes": ["182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61"], "iocs": {"domain": [{"hashes": ["a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153"], "host": "cpanel[.]com"}, {"hashes": ["eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8"], "host": "httpd[.]apache[.]org"}, {"hashes": ["eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8"], "host": "bugs[.]launchpad[.]net"}, {"hashes": ["eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8"], "host": "manpages[.]debian[.]org"}, {"hashes": ["1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5"], "host": "artree[.]jp"}], "file": [], "ip": [{"hashes": ["dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b"], "ip": "6[.]172[.]110[.]228"}, {"hashes": ["dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b"], "ip": "201[.]215[.]167[.]131"}, {"hashes": ["dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b"], "ip": "97[.]235[.]190[.]241"}, {"hashes": ["dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b"], "ip": "40[.]71[.]137[.]232"}, {"hashes": ["dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b"], "ip": "124[.]111[.]188[.]126"}, {"hashes": ["dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b"], "ip": "90[.]138[.]227[.]164"}, {"hashes": ["dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b"], "ip": "202[.]115[.]161[.]126"}, {"hashes": ["dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b"], "ip": "181[.]81[.]151[.]50"}, {"hashes": ["dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b"], "ip": "201[.]23[.]14[.]143"}, {"hashes": ["dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b"], "ip": "170[.]168[.]155[.]208"}, {"hashes": ["dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b"], "ip": "141[.]210[.]47[.]144"}, {"hashes": ["dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b"], "ip": "89[.]233[.]158[.]94"}, {"hashes": ["dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b"], "ip": "138[.]77[.]169[.]108"}, {"hashes": ["dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b"], "ip": "209[.]73[.]195[.]196"}, {"hashes": ["dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b"], "ip": "153[.]210[.]7[.]202"}, {"hashes": ["95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5"], "ip": "18[.]194[.]29[.]180"}, {"hashes": ["95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5"], "ip": "79[.]185[.]132[.]120"}, {"hashes": ["95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5"], "ip": "165[.]186[.]14[.]97"}, {"hashes": ["95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5"], "ip": "144[.]101[.]81[.]211"}, {"hashes": ["95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5"], "ip": "12[.]141[.]6[.]226"}, {"hashes": ["95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5"], "ip": "194[.]76[.]104[.]40"}, {"hashes": ["95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5"], "ip": "192[.]17[.]197[.]43"}, {"hashes": ["95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5"], "ip": "217[.]86[.]10[.]90"}, {"hashes": ["95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5"], "ip": "91[.]219[.]84[.]240"}, {"hashes": ["95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5"], "ip": "162[.]77[.]163[.]121"}, {"hashes": ["95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5"], "ip": "73[.]209[.]208[.]29"}, {"hashes": ["95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5"], "ip": "24[.]44[.]118[.]20"}, {"hashes": ["95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5"], "ip": "121[.]133[.]167[.]202"}, {"hashes": ["95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5"], "ip": "223[.]155[.]193[.]218"}, {"hashes": ["95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5"], "ip": "185[.]10[.]118[.]32"}, {"hashes": ["95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5"], "ip": "153[.]27[.]136[.]251"}, {"hashes": ["95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5"], "ip": "13[.]12[.]214[.]111"}, {"hashes": ["95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5"], "ip": "76[.]185[.]179[.]66"}, {"hashes": ["95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5"], "ip": "78[.]72[.]1[.]186"}, {"hashes": ["95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5"], "ip": "65[.]106[.]88[.]180"}, {"hashes": ["95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5"], "ip": "147[.]44[.]29[.]249"}, {"hashes": ["95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5"], "ip": "66[.]58[.]9[.]198"}, {"hashes": ["95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5"], "ip": "70[.]91[.]200[.]13"}, {"hashes": ["95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5"], "ip": "189[.]67[.]13[.]148"}, {"hashes": ["95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5"], "ip": "81[.]52[.]220[.]216"}, {"hashes": ["95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5"], "ip": "130[.]104[.]156[.]211"}, {"hashes": ["95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5"], "ip": "205[.]4[.]1[.]196"}, {"hashes": ["95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5"], "ip": "209[.]221[.]105[.]126"}, {"hashes": ["95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5"], "ip": "56[.]12[.]205[.]103"}, {"hashes": ["95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5"], "ip": "35[.]150[.]137[.]47"}, {"hashes": ["95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5"], "ip": "194[.]136[.]143[.]85"}, {"hashes": ["95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5"], "ip": "93[.]27[.]52[.]147"}, {"hashes": ["95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5"], "ip": "61[.]182[.]6[.]209"}, {"hashes": ["95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5"], "ip": "87[.]28[.]49[.]215"}, {"hashes": ["95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5"], "ip": "70[.]197[.]191[.]243"}], "mutex": [{"hashes": ["182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61"], "name": "C77D0F25"}, {"hashes": ["182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61"], "name": "Global\\07771b47"}, {"hashes": ["182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61"], "name": "244F2418"}, {"hashes": ["182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61"], "name": "906A2669"}, {"hashes": ["95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5"], "name": "Global\\2c6cc948"}, {"hashes": ["95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5"], "name": ""}], "registry": [{"hashes": ["182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61"], "key": "\\SOFTWARE\\MICROSOFT\\INTERNET EXPLORER\\MAIN\\FEATURECONTROL\\FEATURE_BROWSER_EMULATION", "value_name": "svchost.exe"}, {"hashes": ["182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61"], "key": "\\SOFTWARE\\MICROSOFT\\INTERNET EXPLORER\\MAIN\\FEATURECONTROL\\FEATURE_BROWSER_EMULATION", "value_name": "explorer.exe"}, {"hashes": ["182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61"], "key": "\\SOFTWARE\\MICROSOFT\\INTERNET EXPLORER\\MAIN\\FEATURECONTROL\\FEATURE_BROWSER_EMULATION", "value_name": "iexplore.exe"}, {"hashes": ["182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61"], "key": "\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\INTERNET EXPLORER\\MAIN\\FEATURECONTROL\\FEATURE_BROWSER_EMULATION", "value_name": "svchost.exe"}, {"hashes": ["182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61"], "key": "\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\INTERNET EXPLORER\\MAIN\\FEATURECONTROL\\FEATURE_BROWSER_EMULATION", "value_name": "explorer.exe"}, {"hashes": ["182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61"], "key": "\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\INTERNET EXPLORER\\MAIN\\FEATURECONTROL\\FEATURE_BROWSER_EMULATION", "value_name": "iexplore.exe"}, {"hashes": ["182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61"], "key": "\\SOFTWARE\\WOW6432NODE\\07771B47", "value_name": "18f8f764"}, {"hashes": ["182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61"], "key": "\\SOFTWARE\\07771B47", "value_name": "18f8f764"}, {"hashes": ["182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61"], "key": "\\SOFTWARE\\WOW6432NODE\\07771B47", "value_name": "956299e5"}, {"hashes": ["182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61"], "key": "\\SOFTWARE\\07771B47", "value_name": "956299e5"}, {"hashes": ["182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61"], "key": "\\SOFTWARE\\WOW6432NODE\\07771B47", "value_name": "8de2c2e8"}, {"hashes": ["182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61"], "key": "\\SOFTWARE\\07771B47", "value_name": "8de2c2e8"}, {"hashes": ["182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61"], "key": "\\SOFTWARE\\WOW6432NODE\\07771B47", "value_name": null}, {"hashes": ["182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61"], "key": "\\SOFTWARE\\07771B47", "value_name": null}, {"hashes": ["182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61"], "key": "\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\POLICIES\\EXPLORER\\RUN", "value_name": null}, {"hashes": ["182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61"], "key": "\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\ACTION CENTER\\CHECKS\\{E8433B72-5842-4D43-8645-BC2C35960837}.CHECK.101", "value_name": "CheckSetting"}, {"hashes": ["182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61"], "key": "\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\ACTION CENTER\\CHECKS\\{E8433B72-5842-4D43-8645-BC2C35960837}.CHECK.103", "value_name": "CheckSetting"}, {"hashes": ["182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61"], "key": "\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\ACTION CENTER\\CHECKS\\{E8433B72-5842-4D43-8645-BC2C35960837}.CHECK.100", "value_name": "CheckSetting"}, {"hashes": ["182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61"], "key": "\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\ACTION CENTER\\CHECKS\\{E8433B72-5842-4D43-8645-BC2C35960837}.CHECK.102", "value_name": "CheckSetting"}, {"hashes": ["182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61"], "key": "\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\ACTION CENTER\\CHECKS\\{E8433B72-5842-4D43-8645-BC2C35960837}.CHECK.104", "value_name": "CheckSetting"}, {"hashes": ["182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61"], "key": "\\SOFTWARE\\WOW6432NODE\\07771B47", "value_name": "412841e8"}, {"hashes": ["182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61"], "key": "\\SOFTWARE\\07771B47", "value_name": "412841e8"}, {"hashes": ["182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61"], "key": "\\SOFTWARE\\07771B47", "value_name": "e1616c62"}, {"hashes": ["182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61"], "key": "\\SOFTWARE\\WOW6432NODE\\07771B47", "value_name": "e1616c62"}, {"hashes": ["182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61"], "key": "\\SOFTWARE\\07771B47", "value_name": "921a72e2"}, {"hashes": ["182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61"], "key": "\\SOFTWARE\\WOW6432NODE\\07771B47", "value_name": "921a72e2"}, {"hashes": ["182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61"], "key": "\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "\u0000d1746988"}, {"hashes": ["182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61"], "key": "\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\POLICIES\\EXPLORER\\RUN", "value_name": "\u0000cad608e3"}, {"hashes": ["182d5c7d5ce6de99976e71d209369b13fc50b39096cec58dc71ce1960f4d5a4d", "1ee19c580c7268d6285e0c82b645dca1e559d5e2185ea212ff5b9583ccf17bc5", "22fee6fcfc138e9da761ec0d4d18f992fc8c5fcb5ddf2c9eefdff527526cddd3", "23985f5f3941e691982bd1a4be39ea5ec99c7f20c2abc255a6a932de11667e8e", "3ba1f62c87662f1ed2b6a88665780ad3c59d5babe98a47f25a5a6d1f572d232a", "3be96d5845f57e8b05307bdf7701df977547a1d6369d0eba825acf97030e57ba", "450328b5a05f8ebc8d09b60d3d079594599c117eebc024bb07624138164baf45", "524f6f99b1f3298f80c013af319e3282e7897f734e580f352982cdd25e36a7e6", "59f1a4d7e0607d6f23ea81c0c6284b5f6702ed188ed258f00098444f0b38b482", "5ac5e4ddc7659e83b5d0ac2621a87d57a18c4176dffde9de8844f2ff9000ad84", "68334273995b82e16c118b761616d2593a24836e6f0ca5e6b02abbc1e0ed2284", "856cc73b1da6f52fa691541cab7eecdc5c6e3e85370514f649302729a8ba197f", "95a9df1c371dd97b2668ba4f0753523d2feb54d6e93e03cbbc9183ddc792f3f5", "a28ccd19535900d344ad05e5f1334b957813709437a71f5f92aede7316b98153", "c4299089028b3b078066fab390e5251859dd961c3df02a589a2cac79dbb8cef7", "dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "e094e02e50f22244134668a8a2b3646b6938761cf1601c234a5717247b4b66b9", "eeaac2487fcc673e3edefa4f8f51ac282dbce0156fe0c762390b1f72d08f02f8", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61"], "key": "\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "\u0000d1746988"}, {"hashes": ["dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61"], "key": "\\SOFTWARE\\WOW6432NODE\\07771B47", "value_name": "013c41ca"}, {"hashes": ["dfea664ec12d1ce9d22a17837eb0f13ad0bcee39eb868845d4affd08a49fa83b", "fc70b1fbba62129d3efc2ed265bf8a55eee2089773b92067f60a9533a8315a61"], "key": "\\SOFTWARE\\07771B47", "value_name": "013c41ca"}]}, "reports_count": 19}, "Win.Packed.Zbot-9773448-0": {"bis": [{"bi": "memory-execute-readwrite", "hashes": ["02a4466aa0e9b5a10f3b88a273f8292cd050fa87c3f78eecbb926afdcf4457a5", "7489606516c3267e6f1c992c02c0d1aad7a426f59e40e8eb770ea70c9370715b", "756be6f11288879a01dfdd182006bb6a51d3e136b36e19a2e16c091a1b99ea71", "1301d9f644984661fb6a88182c1e2ed251106a82bc98f2fcadc066214b45689b", "30ccbb09c68f28e73c7de516bddaa954efec7c6490c00e1fb5a346e584cf27f9", "2596da29a69f07f995dc4bdf4b42e5946921239b3bf5cc8ec99a606420f68371", "10091085a3324fe2baf7d664c0e010f5bd78e8df47d802c8eeebf580eba30069", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "4ab641fb7aaa4baa0d07c42407b8ba5191c783160673904b8113b81c86197638", "0ce617ffc98db4f6ec3fc671a8d2ebe0ee781e9751da3ab0ccc41e1d9e0035bc", "8acab3fc6f8805d9ff21064b11778cce65fbe26f922b4779a73cb088f5306e97", "016ec02d4b22262403e7fa831c23bf76741e73857bb1d2e7d589336c680dcab9", "020ac993b08805eb5b05176f48f719fbf88fd10ead008a65e6495247a2c4eb03", "5d934067282efe8a0ea3ae4e6a2445b69c5701ba439e94503abdb66ccd7b5cfd", "0a60b5294101e37b561fdc5ff3187f6b456a60349eefc656f58438cc97877e8b", "0b4de45348fa100db4260647472ef31e17a0ee8a1700522cc1bb2620528826c7", "0cf67747dac7654c589941e62881c3278c0f609a6681ba5ed75c0c80c1fbc56a", "020d4899e1540b265f7cf99b9a09a97ad74069a0c3c196c7dee2bbd5af7d15bf", "08824fa4518694a30ab8c336c6d3c3af2771b6a0b675d38bd1297d6ed200e451", "4378ffa05ee3624e8511c6c12b4c00fcbc22be63960143d5f209c61a095e9a41", "0f45fc933ac4f098c512ba5c8545c7ae043f2ae8282d3cc8d4ebe18d8610fcab", "70b23929beb28b3b6a2cd61efe8945ac20779dad6a4acacd2aa83d54a53930f1", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "858dbd62aec98475a57698f9d7f7b646e175c6d76005cd2198da8494cb813fb1", "a99556e097a42ee9beebe15f94dec597436eb857a053499469c5f577c809d574", "04c056e40bd76e3f9c9b933279131b8542e19a37193ec0f15d35e5d6b7655273", "046cd1724c9da747b3b2279a0ab9d54cc0550725adf8b8a057b7d4a517211cb7", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "58a06371f22076c76cfcf376ac72e7914a540008f8714ba66bba6dc2e261dfd3", "42234b8d36e98581deea5a4923c61ec0d5dc327b749a7488db0538936c0951c8", "04c1536ea51576559546670637eb66bfc1a7a12d508baa8467abb4369bac087d", "b51158a6e032cdf3a41f0c4556e8bedffb37c8b9d807f575ceed05eccc36e942", "75c0f76b40cfb0321950c2b102453bcd4686c6a84940febfeefa44af7aa925e3", "08572e1d511711d7ae14bb0f1f4e4217c93bc22bd63546259c817010c583f95f", "81732365cb773412f0ccd96a5f160fc56c0d113cfa18424bd74c9efba1b24de5", "587d034af05151c7f64336a603c0a087f5a654aa41fc9d7d63e2881e6c6a7213", "2edeb8a08e6cd13594ae6836d4d3c0b2a33b40a3adc43d4f0d1b3ff154057b77", "a5e32355889008018c76252dc09e128a9742b01805a31458634cd583cde74b2c", "927140fa94d633fdb7941339c20cfb8f68e58f56ff3545a3c7ad82e1fdef6060", "8f93a4c81245bb9e6b2afd709693c0009d6f3f4e6c0b411642e04cdbaa53884e", "8b24e662b5a62c1b9003a43b650b7ac9809ea7cd99a6665b61bc11eef286fd20", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b34b234b68efabd864652f6634b7683aa97ebd987fac10eb3837a0305dd5b58", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b", "0af82035e588f1c326336e7140b4af77ab4fddd18623e7ad0df162d813f02190"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055", "T1181"]}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["02a4466aa0e9b5a10f3b88a273f8292cd050fa87c3f78eecbb926afdcf4457a5", "7489606516c3267e6f1c992c02c0d1aad7a426f59e40e8eb770ea70c9370715b", "756be6f11288879a01dfdd182006bb6a51d3e136b36e19a2e16c091a1b99ea71", "1301d9f644984661fb6a88182c1e2ed251106a82bc98f2fcadc066214b45689b", "30ccbb09c68f28e73c7de516bddaa954efec7c6490c00e1fb5a346e584cf27f9", "2596da29a69f07f995dc4bdf4b42e5946921239b3bf5cc8ec99a606420f68371", "10091085a3324fe2baf7d664c0e010f5bd78e8df47d802c8eeebf580eba30069", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "4ab641fb7aaa4baa0d07c42407b8ba5191c783160673904b8113b81c86197638", "0ce617ffc98db4f6ec3fc671a8d2ebe0ee781e9751da3ab0ccc41e1d9e0035bc", "8acab3fc6f8805d9ff21064b11778cce65fbe26f922b4779a73cb088f5306e97", "016ec02d4b22262403e7fa831c23bf76741e73857bb1d2e7d589336c680dcab9", "020ac993b08805eb5b05176f48f719fbf88fd10ead008a65e6495247a2c4eb03", "5d934067282efe8a0ea3ae4e6a2445b69c5701ba439e94503abdb66ccd7b5cfd", "0a60b5294101e37b561fdc5ff3187f6b456a60349eefc656f58438cc97877e8b", "0b4de45348fa100db4260647472ef31e17a0ee8a1700522cc1bb2620528826c7", "0cf67747dac7654c589941e62881c3278c0f609a6681ba5ed75c0c80c1fbc56a", "020d4899e1540b265f7cf99b9a09a97ad74069a0c3c196c7dee2bbd5af7d15bf", "08824fa4518694a30ab8c336c6d3c3af2771b6a0b675d38bd1297d6ed200e451", "4378ffa05ee3624e8511c6c12b4c00fcbc22be63960143d5f209c61a095e9a41", "0f45fc933ac4f098c512ba5c8545c7ae043f2ae8282d3cc8d4ebe18d8610fcab", "70b23929beb28b3b6a2cd61efe8945ac20779dad6a4acacd2aa83d54a53930f1", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "858dbd62aec98475a57698f9d7f7b646e175c6d76005cd2198da8494cb813fb1", "a99556e097a42ee9beebe15f94dec597436eb857a053499469c5f577c809d574", "04c056e40bd76e3f9c9b933279131b8542e19a37193ec0f15d35e5d6b7655273", "046cd1724c9da747b3b2279a0ab9d54cc0550725adf8b8a057b7d4a517211cb7", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "58a06371f22076c76cfcf376ac72e7914a540008f8714ba66bba6dc2e261dfd3", "42234b8d36e98581deea5a4923c61ec0d5dc327b749a7488db0538936c0951c8", "04c1536ea51576559546670637eb66bfc1a7a12d508baa8467abb4369bac087d", "b51158a6e032cdf3a41f0c4556e8bedffb37c8b9d807f575ceed05eccc36e942", "75c0f76b40cfb0321950c2b102453bcd4686c6a84940febfeefa44af7aa925e3", "08572e1d511711d7ae14bb0f1f4e4217c93bc22bd63546259c817010c583f95f", "81732365cb773412f0ccd96a5f160fc56c0d113cfa18424bd74c9efba1b24de5", "587d034af05151c7f64336a603c0a087f5a654aa41fc9d7d63e2881e6c6a7213", "2edeb8a08e6cd13594ae6836d4d3c0b2a33b40a3adc43d4f0d1b3ff154057b77", "a5e32355889008018c76252dc09e128a9742b01805a31458634cd583cde74b2c", "927140fa94d633fdb7941339c20cfb8f68e58f56ff3545a3c7ad82e1fdef6060", "8f93a4c81245bb9e6b2afd709693c0009d6f3f4e6c0b411642e04cdbaa53884e", "8b24e662b5a62c1b9003a43b650b7ac9809ea7cd99a6665b61bc11eef286fd20", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b34b234b68efabd864652f6634b7683aa97ebd987fac10eb3837a0305dd5b58", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b", "0af82035e588f1c326336e7140b4af77ab4fddd18623e7ad0df162d813f02190"], "mitre_attack_tags": []}, {"bi": "pe-invalid-checksum", "hashes": ["02a4466aa0e9b5a10f3b88a273f8292cd050fa87c3f78eecbb926afdcf4457a5", "7489606516c3267e6f1c992c02c0d1aad7a426f59e40e8eb770ea70c9370715b", "756be6f11288879a01dfdd182006bb6a51d3e136b36e19a2e16c091a1b99ea71", "1301d9f644984661fb6a88182c1e2ed251106a82bc98f2fcadc066214b45689b", "30ccbb09c68f28e73c7de516bddaa954efec7c6490c00e1fb5a346e584cf27f9", "2596da29a69f07f995dc4bdf4b42e5946921239b3bf5cc8ec99a606420f68371", "10091085a3324fe2baf7d664c0e010f5bd78e8df47d802c8eeebf580eba30069", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "4ab641fb7aaa4baa0d07c42407b8ba5191c783160673904b8113b81c86197638", "0ce617ffc98db4f6ec3fc671a8d2ebe0ee781e9751da3ab0ccc41e1d9e0035bc", "8acab3fc6f8805d9ff21064b11778cce65fbe26f922b4779a73cb088f5306e97", "016ec02d4b22262403e7fa831c23bf76741e73857bb1d2e7d589336c680dcab9", "020ac993b08805eb5b05176f48f719fbf88fd10ead008a65e6495247a2c4eb03", "5d934067282efe8a0ea3ae4e6a2445b69c5701ba439e94503abdb66ccd7b5cfd", "0a60b5294101e37b561fdc5ff3187f6b456a60349eefc656f58438cc97877e8b", "0b4de45348fa100db4260647472ef31e17a0ee8a1700522cc1bb2620528826c7", "0cf67747dac7654c589941e62881c3278c0f609a6681ba5ed75c0c80c1fbc56a", "020d4899e1540b265f7cf99b9a09a97ad74069a0c3c196c7dee2bbd5af7d15bf", "08824fa4518694a30ab8c336c6d3c3af2771b6a0b675d38bd1297d6ed200e451", "4378ffa05ee3624e8511c6c12b4c00fcbc22be63960143d5f209c61a095e9a41", "0f45fc933ac4f098c512ba5c8545c7ae043f2ae8282d3cc8d4ebe18d8610fcab", "70b23929beb28b3b6a2cd61efe8945ac20779dad6a4acacd2aa83d54a53930f1", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "858dbd62aec98475a57698f9d7f7b646e175c6d76005cd2198da8494cb813fb1", "a99556e097a42ee9beebe15f94dec597436eb857a053499469c5f577c809d574", "04c056e40bd76e3f9c9b933279131b8542e19a37193ec0f15d35e5d6b7655273", "046cd1724c9da747b3b2279a0ab9d54cc0550725adf8b8a057b7d4a517211cb7", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "58a06371f22076c76cfcf376ac72e7914a540008f8714ba66bba6dc2e261dfd3", "42234b8d36e98581deea5a4923c61ec0d5dc327b749a7488db0538936c0951c8", "04c1536ea51576559546670637eb66bfc1a7a12d508baa8467abb4369bac087d", "b51158a6e032cdf3a41f0c4556e8bedffb37c8b9d807f575ceed05eccc36e942", "75c0f76b40cfb0321950c2b102453bcd4686c6a84940febfeefa44af7aa925e3", "08572e1d511711d7ae14bb0f1f4e4217c93bc22bd63546259c817010c583f95f", "81732365cb773412f0ccd96a5f160fc56c0d113cfa18424bd74c9efba1b24de5", "587d034af05151c7f64336a603c0a087f5a654aa41fc9d7d63e2881e6c6a7213", "2edeb8a08e6cd13594ae6836d4d3c0b2a33b40a3adc43d4f0d1b3ff154057b77", "a5e32355889008018c76252dc09e128a9742b01805a31458634cd583cde74b2c", "927140fa94d633fdb7941339c20cfb8f68e58f56ff3545a3c7ad82e1fdef6060", "8f93a4c81245bb9e6b2afd709693c0009d6f3f4e6c0b411642e04cdbaa53884e", "8b24e662b5a62c1b9003a43b650b7ac9809ea7cd99a6665b61bc11eef286fd20", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b34b234b68efabd864652f6634b7683aa97ebd987fac10eb3837a0305dd5b58", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b", "0af82035e588f1c326336e7140b4af77ab4fddd18623e7ad0df162d813f02190"], "mitre_attack_tags": []}, {"bi": "cta-static-analyzer-malicious", "hashes": ["02a4466aa0e9b5a10f3b88a273f8292cd050fa87c3f78eecbb926afdcf4457a5", "7489606516c3267e6f1c992c02c0d1aad7a426f59e40e8eb770ea70c9370715b", "756be6f11288879a01dfdd182006bb6a51d3e136b36e19a2e16c091a1b99ea71", "1301d9f644984661fb6a88182c1e2ed251106a82bc98f2fcadc066214b45689b", "30ccbb09c68f28e73c7de516bddaa954efec7c6490c00e1fb5a346e584cf27f9", "2596da29a69f07f995dc4bdf4b42e5946921239b3bf5cc8ec99a606420f68371", "10091085a3324fe2baf7d664c0e010f5bd78e8df47d802c8eeebf580eba30069", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "4ab641fb7aaa4baa0d07c42407b8ba5191c783160673904b8113b81c86197638", "0ce617ffc98db4f6ec3fc671a8d2ebe0ee781e9751da3ab0ccc41e1d9e0035bc", "8acab3fc6f8805d9ff21064b11778cce65fbe26f922b4779a73cb088f5306e97", "016ec02d4b22262403e7fa831c23bf76741e73857bb1d2e7d589336c680dcab9", "020ac993b08805eb5b05176f48f719fbf88fd10ead008a65e6495247a2c4eb03", "5d934067282efe8a0ea3ae4e6a2445b69c5701ba439e94503abdb66ccd7b5cfd", "0a60b5294101e37b561fdc5ff3187f6b456a60349eefc656f58438cc97877e8b", "0b4de45348fa100db4260647472ef31e17a0ee8a1700522cc1bb2620528826c7", "0cf67747dac7654c589941e62881c3278c0f609a6681ba5ed75c0c80c1fbc56a", "020d4899e1540b265f7cf99b9a09a97ad74069a0c3c196c7dee2bbd5af7d15bf", "08824fa4518694a30ab8c336c6d3c3af2771b6a0b675d38bd1297d6ed200e451", "4378ffa05ee3624e8511c6c12b4c00fcbc22be63960143d5f209c61a095e9a41", "0f45fc933ac4f098c512ba5c8545c7ae043f2ae8282d3cc8d4ebe18d8610fcab", "70b23929beb28b3b6a2cd61efe8945ac20779dad6a4acacd2aa83d54a53930f1", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "858dbd62aec98475a57698f9d7f7b646e175c6d76005cd2198da8494cb813fb1", "a99556e097a42ee9beebe15f94dec597436eb857a053499469c5f577c809d574", "04c056e40bd76e3f9c9b933279131b8542e19a37193ec0f15d35e5d6b7655273", "046cd1724c9da747b3b2279a0ab9d54cc0550725adf8b8a057b7d4a517211cb7", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "58a06371f22076c76cfcf376ac72e7914a540008f8714ba66bba6dc2e261dfd3", "42234b8d36e98581deea5a4923c61ec0d5dc327b749a7488db0538936c0951c8", "04c1536ea51576559546670637eb66bfc1a7a12d508baa8467abb4369bac087d", "b51158a6e032cdf3a41f0c4556e8bedffb37c8b9d807f575ceed05eccc36e942", "75c0f76b40cfb0321950c2b102453bcd4686c6a84940febfeefa44af7aa925e3", "08572e1d511711d7ae14bb0f1f4e4217c93bc22bd63546259c817010c583f95f", "81732365cb773412f0ccd96a5f160fc56c0d113cfa18424bd74c9efba1b24de5", "587d034af05151c7f64336a603c0a087f5a654aa41fc9d7d63e2881e6c6a7213", "2edeb8a08e6cd13594ae6836d4d3c0b2a33b40a3adc43d4f0d1b3ff154057b77", "a5e32355889008018c76252dc09e128a9742b01805a31458634cd583cde74b2c", "927140fa94d633fdb7941339c20cfb8f68e58f56ff3545a3c7ad82e1fdef6060", "8f93a4c81245bb9e6b2afd709693c0009d6f3f4e6c0b411642e04cdbaa53884e", "8b24e662b5a62c1b9003a43b650b7ac9809ea7cd99a6665b61bc11eef286fd20", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b34b234b68efabd864652f6634b7683aa97ebd987fac10eb3837a0305dd5b58", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b", "0af82035e588f1c326336e7140b4af77ab4fddd18623e7ad0df162d813f02190"], "mitre_attack_tags": []}, {"bi": "pe-certificate", "hashes": ["02a4466aa0e9b5a10f3b88a273f8292cd050fa87c3f78eecbb926afdcf4457a5", "7489606516c3267e6f1c992c02c0d1aad7a426f59e40e8eb770ea70c9370715b", "756be6f11288879a01dfdd182006bb6a51d3e136b36e19a2e16c091a1b99ea71", "1301d9f644984661fb6a88182c1e2ed251106a82bc98f2fcadc066214b45689b", "30ccbb09c68f28e73c7de516bddaa954efec7c6490c00e1fb5a346e584cf27f9", "2596da29a69f07f995dc4bdf4b42e5946921239b3bf5cc8ec99a606420f68371", "10091085a3324fe2baf7d664c0e010f5bd78e8df47d802c8eeebf580eba30069", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "4ab641fb7aaa4baa0d07c42407b8ba5191c783160673904b8113b81c86197638", "0ce617ffc98db4f6ec3fc671a8d2ebe0ee781e9751da3ab0ccc41e1d9e0035bc", "8acab3fc6f8805d9ff21064b11778cce65fbe26f922b4779a73cb088f5306e97", "016ec02d4b22262403e7fa831c23bf76741e73857bb1d2e7d589336c680dcab9", "020ac993b08805eb5b05176f48f719fbf88fd10ead008a65e6495247a2c4eb03", "5d934067282efe8a0ea3ae4e6a2445b69c5701ba439e94503abdb66ccd7b5cfd", "0a60b5294101e37b561fdc5ff3187f6b456a60349eefc656f58438cc97877e8b", "0b4de45348fa100db4260647472ef31e17a0ee8a1700522cc1bb2620528826c7", "0cf67747dac7654c589941e62881c3278c0f609a6681ba5ed75c0c80c1fbc56a", "020d4899e1540b265f7cf99b9a09a97ad74069a0c3c196c7dee2bbd5af7d15bf", "08824fa4518694a30ab8c336c6d3c3af2771b6a0b675d38bd1297d6ed200e451", "4378ffa05ee3624e8511c6c12b4c00fcbc22be63960143d5f209c61a095e9a41", "0f45fc933ac4f098c512ba5c8545c7ae043f2ae8282d3cc8d4ebe18d8610fcab", "70b23929beb28b3b6a2cd61efe8945ac20779dad6a4acacd2aa83d54a53930f1", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "858dbd62aec98475a57698f9d7f7b646e175c6d76005cd2198da8494cb813fb1", "a99556e097a42ee9beebe15f94dec597436eb857a053499469c5f577c809d574", "04c056e40bd76e3f9c9b933279131b8542e19a37193ec0f15d35e5d6b7655273", "046cd1724c9da747b3b2279a0ab9d54cc0550725adf8b8a057b7d4a517211cb7", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "58a06371f22076c76cfcf376ac72e7914a540008f8714ba66bba6dc2e261dfd3", "42234b8d36e98581deea5a4923c61ec0d5dc327b749a7488db0538936c0951c8", "04c1536ea51576559546670637eb66bfc1a7a12d508baa8467abb4369bac087d", "b51158a6e032cdf3a41f0c4556e8bedffb37c8b9d807f575ceed05eccc36e942", "75c0f76b40cfb0321950c2b102453bcd4686c6a84940febfeefa44af7aa925e3", "08572e1d511711d7ae14bb0f1f4e4217c93bc22bd63546259c817010c583f95f", "81732365cb773412f0ccd96a5f160fc56c0d113cfa18424bd74c9efba1b24de5", "587d034af05151c7f64336a603c0a087f5a654aa41fc9d7d63e2881e6c6a7213", "2edeb8a08e6cd13594ae6836d4d3c0b2a33b40a3adc43d4f0d1b3ff154057b77", "a5e32355889008018c76252dc09e128a9742b01805a31458634cd583cde74b2c", "927140fa94d633fdb7941339c20cfb8f68e58f56ff3545a3c7ad82e1fdef6060", "8f93a4c81245bb9e6b2afd709693c0009d6f3f4e6c0b411642e04cdbaa53884e", "8b24e662b5a62c1b9003a43b650b7ac9809ea7cd99a6665b61bc11eef286fd20", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b34b234b68efabd864652f6634b7683aa97ebd987fac10eb3837a0305dd5b58", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b", "0af82035e588f1c326336e7140b4af77ab4fddd18623e7ad0df162d813f02190"], "mitre_attack_tags": []}, {"bi": "pe-certificate-invalid-signing-date", "hashes": ["02a4466aa0e9b5a10f3b88a273f8292cd050fa87c3f78eecbb926afdcf4457a5", "7489606516c3267e6f1c992c02c0d1aad7a426f59e40e8eb770ea70c9370715b", "756be6f11288879a01dfdd182006bb6a51d3e136b36e19a2e16c091a1b99ea71", "1301d9f644984661fb6a88182c1e2ed251106a82bc98f2fcadc066214b45689b", "30ccbb09c68f28e73c7de516bddaa954efec7c6490c00e1fb5a346e584cf27f9", "2596da29a69f07f995dc4bdf4b42e5946921239b3bf5cc8ec99a606420f68371", "10091085a3324fe2baf7d664c0e010f5bd78e8df47d802c8eeebf580eba30069", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "4ab641fb7aaa4baa0d07c42407b8ba5191c783160673904b8113b81c86197638", "0ce617ffc98db4f6ec3fc671a8d2ebe0ee781e9751da3ab0ccc41e1d9e0035bc", "8acab3fc6f8805d9ff21064b11778cce65fbe26f922b4779a73cb088f5306e97", "016ec02d4b22262403e7fa831c23bf76741e73857bb1d2e7d589336c680dcab9", "020ac993b08805eb5b05176f48f719fbf88fd10ead008a65e6495247a2c4eb03", "5d934067282efe8a0ea3ae4e6a2445b69c5701ba439e94503abdb66ccd7b5cfd", "0a60b5294101e37b561fdc5ff3187f6b456a60349eefc656f58438cc97877e8b", "0b4de45348fa100db4260647472ef31e17a0ee8a1700522cc1bb2620528826c7", "0cf67747dac7654c589941e62881c3278c0f609a6681ba5ed75c0c80c1fbc56a", "020d4899e1540b265f7cf99b9a09a97ad74069a0c3c196c7dee2bbd5af7d15bf", "08824fa4518694a30ab8c336c6d3c3af2771b6a0b675d38bd1297d6ed200e451", "4378ffa05ee3624e8511c6c12b4c00fcbc22be63960143d5f209c61a095e9a41", "0f45fc933ac4f098c512ba5c8545c7ae043f2ae8282d3cc8d4ebe18d8610fcab", "70b23929beb28b3b6a2cd61efe8945ac20779dad6a4acacd2aa83d54a53930f1", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "858dbd62aec98475a57698f9d7f7b646e175c6d76005cd2198da8494cb813fb1", "a99556e097a42ee9beebe15f94dec597436eb857a053499469c5f577c809d574", "04c056e40bd76e3f9c9b933279131b8542e19a37193ec0f15d35e5d6b7655273", "046cd1724c9da747b3b2279a0ab9d54cc0550725adf8b8a057b7d4a517211cb7", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "58a06371f22076c76cfcf376ac72e7914a540008f8714ba66bba6dc2e261dfd3", "42234b8d36e98581deea5a4923c61ec0d5dc327b749a7488db0538936c0951c8", "04c1536ea51576559546670637eb66bfc1a7a12d508baa8467abb4369bac087d", "b51158a6e032cdf3a41f0c4556e8bedffb37c8b9d807f575ceed05eccc36e942", "75c0f76b40cfb0321950c2b102453bcd4686c6a84940febfeefa44af7aa925e3", "08572e1d511711d7ae14bb0f1f4e4217c93bc22bd63546259c817010c583f95f", "81732365cb773412f0ccd96a5f160fc56c0d113cfa18424bd74c9efba1b24de5", "587d034af05151c7f64336a603c0a087f5a654aa41fc9d7d63e2881e6c6a7213", "2edeb8a08e6cd13594ae6836d4d3c0b2a33b40a3adc43d4f0d1b3ff154057b77", "a5e32355889008018c76252dc09e128a9742b01805a31458634cd583cde74b2c", "927140fa94d633fdb7941339c20cfb8f68e58f56ff3545a3c7ad82e1fdef6060", "8f93a4c81245bb9e6b2afd709693c0009d6f3f4e6c0b411642e04cdbaa53884e", "8b24e662b5a62c1b9003a43b650b7ac9809ea7cd99a6665b61bc11eef286fd20", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b34b234b68efabd864652f6634b7683aa97ebd987fac10eb3837a0305dd5b58", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b", "0af82035e588f1c326336e7140b4af77ab4fddd18623e7ad0df162d813f02190"], "mitre_attack_tags": []}, {"bi": "pe-invalid-certificate-signature", "hashes": ["02a4466aa0e9b5a10f3b88a273f8292cd050fa87c3f78eecbb926afdcf4457a5", "7489606516c3267e6f1c992c02c0d1aad7a426f59e40e8eb770ea70c9370715b", "756be6f11288879a01dfdd182006bb6a51d3e136b36e19a2e16c091a1b99ea71", "1301d9f644984661fb6a88182c1e2ed251106a82bc98f2fcadc066214b45689b", "30ccbb09c68f28e73c7de516bddaa954efec7c6490c00e1fb5a346e584cf27f9", "2596da29a69f07f995dc4bdf4b42e5946921239b3bf5cc8ec99a606420f68371", "10091085a3324fe2baf7d664c0e010f5bd78e8df47d802c8eeebf580eba30069", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "4ab641fb7aaa4baa0d07c42407b8ba5191c783160673904b8113b81c86197638", "0ce617ffc98db4f6ec3fc671a8d2ebe0ee781e9751da3ab0ccc41e1d9e0035bc", "8acab3fc6f8805d9ff21064b11778cce65fbe26f922b4779a73cb088f5306e97", "016ec02d4b22262403e7fa831c23bf76741e73857bb1d2e7d589336c680dcab9", "020ac993b08805eb5b05176f48f719fbf88fd10ead008a65e6495247a2c4eb03", "5d934067282efe8a0ea3ae4e6a2445b69c5701ba439e94503abdb66ccd7b5cfd", "0a60b5294101e37b561fdc5ff3187f6b456a60349eefc656f58438cc97877e8b", "0b4de45348fa100db4260647472ef31e17a0ee8a1700522cc1bb2620528826c7", "0cf67747dac7654c589941e62881c3278c0f609a6681ba5ed75c0c80c1fbc56a", "020d4899e1540b265f7cf99b9a09a97ad74069a0c3c196c7dee2bbd5af7d15bf", "08824fa4518694a30ab8c336c6d3c3af2771b6a0b675d38bd1297d6ed200e451", "4378ffa05ee3624e8511c6c12b4c00fcbc22be63960143d5f209c61a095e9a41", "0f45fc933ac4f098c512ba5c8545c7ae043f2ae8282d3cc8d4ebe18d8610fcab", "70b23929beb28b3b6a2cd61efe8945ac20779dad6a4acacd2aa83d54a53930f1", "858dbd62aec98475a57698f9d7f7b646e175c6d76005cd2198da8494cb813fb1", "a99556e097a42ee9beebe15f94dec597436eb857a053499469c5f577c809d574", "04c056e40bd76e3f9c9b933279131b8542e19a37193ec0f15d35e5d6b7655273", "046cd1724c9da747b3b2279a0ab9d54cc0550725adf8b8a057b7d4a517211cb7", "58a06371f22076c76cfcf376ac72e7914a540008f8714ba66bba6dc2e261dfd3", "42234b8d36e98581deea5a4923c61ec0d5dc327b749a7488db0538936c0951c8", "04c1536ea51576559546670637eb66bfc1a7a12d508baa8467abb4369bac087d", "b51158a6e032cdf3a41f0c4556e8bedffb37c8b9d807f575ceed05eccc36e942", "75c0f76b40cfb0321950c2b102453bcd4686c6a84940febfeefa44af7aa925e3", "08572e1d511711d7ae14bb0f1f4e4217c93bc22bd63546259c817010c583f95f", "81732365cb773412f0ccd96a5f160fc56c0d113cfa18424bd74c9efba1b24de5", "587d034af05151c7f64336a603c0a087f5a654aa41fc9d7d63e2881e6c6a7213", "2edeb8a08e6cd13594ae6836d4d3c0b2a33b40a3adc43d4f0d1b3ff154057b77", "a5e32355889008018c76252dc09e128a9742b01805a31458634cd583cde74b2c", "927140fa94d633fdb7941339c20cfb8f68e58f56ff3545a3c7ad82e1fdef6060", "8f93a4c81245bb9e6b2afd709693c0009d6f3f4e6c0b411642e04cdbaa53884e", "8b24e662b5a62c1b9003a43b650b7ac9809ea7cd99a6665b61bc11eef286fd20", "0b34b234b68efabd864652f6634b7683aa97ebd987fac10eb3837a0305dd5b58", "0af82035e588f1c326336e7140b4af77ab4fddd18623e7ad0df162d813f02190"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "antivirus-flagged-artifact", "hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "mitre_attack_tags": []}, {"bi": "modified-executable", "hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "mitre_attack_tags": []}, {"bi": "created-executable-in-user-dir", "hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "mitre_attack_tags": []}, {"bi": "modified-file-in-user-dir", "hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "mitre_attack_tags": []}, {"bi": "artifact-flagged-anomaly", "hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "network-opendns-malicious", "hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "mitre_attack_tags": []}, {"bi": "network-communications-http-get", "hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "mitre_attack_tags": ["TA0011", "TA0010", "T1105", "T1043"]}, {"bi": "network-fast-flux-nameserver", "hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "mitre_attack_tags": []}, {"bi": "dns-query-nxdomain", "hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "mitre_attack_tags": []}, {"bi": "network-snort-protocol", "hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "mitre_attack_tags": []}, {"bi": "dns-excessive-domain-queries", "hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "mitre_attack_tags": ["TA0011", "T1008"]}, {"bi": "network-only-safe-domains-contacted", "hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "mitre_attack_tags": []}, {"bi": "feed-domain-rat", "hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "mitre_attack_tags": []}, {"bi": "feed-domain-antivirus-service", "hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "mitre_attack_tags": []}, {"bi": "network-snort-indicator-compromise", "hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "mitre_attack_tags": []}, {"bi": "excessive-foreign-memory-modification", "hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "mitre_attack_tags": ["TA0005", "T1055"]}, {"bi": "network-snort-malware", "hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "mitre_attack_tags": []}, {"bi": "registry-modified-rootcerts", "hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "mitre_attack_tags": ["TA0011", "TA0006", "TA0005", "T1130"]}, {"bi": "malware-known-trojan-av", "hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "mitre_attack_tags": []}, {"bi": "altered-sample-snort-flagged", "hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "mitre_attack_tags": ["TA0005", "T1102"]}, {"bi": "listening-port-opened", "hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "mitre_attack_tags": ["TA0011", "T1219"]}, {"bi": "altered-sample-dns-flagged", "hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "mitre_attack_tags": ["TA0005", "T1102"]}, {"bi": "registry-autorun-key-data-dir", "hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "mitre_attack_tags": ["TA0003", "T1060"]}, {"bi": "registry-autorun-key-modified", "hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "mitre_attack_tags": ["TA0003", "T1060"]}, {"bi": "files-deleted-used-batch", "hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "mitre_attack_tags": ["TA0005", "T1107"]}, {"bi": "cmd-exe-file-execution", "hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "mitre_attack_tags": ["TA0002", "T1059"]}, {"bi": "http-response-redirect", "hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "mitre_attack_tags": []}, {"bi": "unsigned-roaming-execution", "hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "mitre_attack_tags": ["TA0005"]}, {"bi": "network-dns-category-cnc", "hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "mitre_attack_tags": ["TA0011"]}, {"bi": "pe-imports-toolhelp", "hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "mitre_attack_tags": ["TA0007", "T1057"]}, {"bi": "sample-pe-modified-on-disk", "hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "mitre_attack_tags": ["TA0005", "T1202"]}, {"bi": "malware-compound-cta-activity", "hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "mitre_attack_tags": []}, {"bi": "possible-dga-communication", "hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "mitre_attack_tags": ["TA0011", "TA0005", "T1483"]}, {"bi": "registry-ie-zone-settings-modified", "hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "mitre_attack_tags": ["TA0005", "T1089"]}, {"bi": "js-in-html-calls-activex-object", "hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "mitre_attack_tags": ["TA0005", "T1202"]}, {"bi": "html-small-file-redirect", "hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "mitre_attack_tags": []}, {"bi": "html-unicode-obfuscation", "hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "mitre_attack_tags": ["TA0001", "T1189"]}, {"bi": "pe-artifact-invalid-certificate-signature", "hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "mitre_attack_tags": ["TA0005"]}, {"bi": "nginx-webserver-detected", "hashes": ["0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6"], "mitre_attack_tags": []}, {"bi": "network-fast-flux-domain", "hashes": ["0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6"], "mitre_attack_tags": []}, {"bi": "network-dns-malicious-snort", "hashes": ["0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6"], "mitre_attack_tags": ["TA0011"]}, {"bi": "http-response-client-error", "hashes": ["0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6"], "mitre_attack_tags": []}], "category": "Packed", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": true, "Threat Grid": true, "Umbrella": true, "WSA": true}, "description": "Zbot, also known as Zeus, is a trojan that steals information, such as banking credentials, using methods like key-logging and form-grabbing.", "hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "016ec02d4b22262403e7fa831c23bf76741e73857bb1d2e7d589336c680dcab9", "020ac993b08805eb5b05176f48f719fbf88fd10ead008a65e6495247a2c4eb03", "020d4899e1540b265f7cf99b9a09a97ad74069a0c3c196c7dee2bbd5af7d15bf", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "02a4466aa0e9b5a10f3b88a273f8292cd050fa87c3f78eecbb926afdcf4457a5", "046cd1724c9da747b3b2279a0ab9d54cc0550725adf8b8a057b7d4a517211cb7", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "04c056e40bd76e3f9c9b933279131b8542e19a37193ec0f15d35e5d6b7655273", "04c1536ea51576559546670637eb66bfc1a7a12d508baa8467abb4369bac087d", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "08572e1d511711d7ae14bb0f1f4e4217c93bc22bd63546259c817010c583f95f", "08824fa4518694a30ab8c336c6d3c3af2771b6a0b675d38bd1297d6ed200e451", "0a60b5294101e37b561fdc5ff3187f6b456a60349eefc656f58438cc97877e8b", "0af82035e588f1c326336e7140b4af77ab4fddd18623e7ad0df162d813f02190", "0b34b234b68efabd864652f6634b7683aa97ebd987fac10eb3837a0305dd5b58", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b", "0b4de45348fa100db4260647472ef31e17a0ee8a1700522cc1bb2620528826c7", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "0ce617ffc98db4f6ec3fc671a8d2ebe0ee781e9751da3ab0ccc41e1d9e0035bc", "0cf67747dac7654c589941e62881c3278c0f609a6681ba5ed75c0c80c1fbc56a", "0f45fc933ac4f098c512ba5c8545c7ae043f2ae8282d3cc8d4ebe18d8610fcab", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf", "10091085a3324fe2baf7d664c0e010f5bd78e8df47d802c8eeebf580eba30069", "1301d9f644984661fb6a88182c1e2ed251106a82bc98f2fcadc066214b45689b", "1325a1e10679003fd72a91bf99a89bc4b8b15c5ddae3348c53f57cf4d7abab2a", "1335834a8ae86130cc038dd5a49fe087a68ed0d1288abf5320259cf5908b0198", "134404a5501dff74b24557693b1cebfca4308e0f1960d4a6d5c7897bb9e3851e", "1348be261e8c64d43a2ccc5ea9d95ad8c1f28b39583ef97da84f99b200aff056", "13b25a3adfcd71cddf3d4399c46a3eb0cae1af5752b7b9a0f4682df641fd5870", "146adfaff16b7d8b935b4ebf5359cc818532f17b129c8954356d59f1c4e94e4f", "17ac88dda20c5f5ac650e6fe4b3aa4313eed63780cc8b25b26838ffe8689f10e", "1882a14c6553802cdfd38a2029c76651b6abf846fd6e75e11333552dff6584d2", "189f61e8e8389fd3502eb5dfbc63314e1c485cab1273d7ef8084a939e013cef8", "18b315ab5c43170756faf25bc3f38f77319a6881d86f3e1d7c36934e697946b2", "18dcca652be7a6d1918e615728dad36b141b00511434c9efbbebcc0ef05ba62e", "191586c3d8b3ac380d6ebab72c305d81070053645080c93fc4a2e0292847a614", "1920f7d2fcda90307456c18dcdc478e00ec644eb73e94b6f6a0bf75bf4fab37d", "1a8ab93adfa84770ce1737e8b00dd062c4eefe34246406b63f67d26cb657c875", "1b778cd177b6ba5236a305d138f8148d33a17c60b6b2716f82fe755a6b9745a1", "1b996095b01f06bdcccc36f573f19d435c9b3f500c8b6242bb8919a4f7617ea9", "1bb3aab86f26ef50aa9510ef07314b0e1208b02b5db0a3bd927f8f912faf78a7", "1be0f83735451bf25bb1ba24abf55a45894a119a3fb249380ea79f900d2ea4d5", "1ce68f7d574dcf357a1d5abc5135422632be3499cc24aa846873801d18263bc5", "1db62eac51dd6599aa78f763a94b03a72eb638fb0176f4725245c949a624f611", "1e0fd827a24ed2e6c1e2a50734d327a8c1c1502114864d515938e5b7c43ee33d", "1f4c04ec293507a6be334383904ac6da6e5070f3a16d7b61f808b5aabbc94dc9", "1f701c51e44679bbe53514f0e105ee14b833419012e0e89885c0a1dc83b801a0", "1fcbb85883f958f2b5c4027a083627f9a7f45624ffc35fd68bae37f7572a3033", "2006330ac6aed24eff0b2793d6be31e60bd01d914593590f1dae90529381e29d", "202003846bdeda4b96eaf0a0216cbb910c742d45d83aa6a89606b5c3d05c8832", "21c875d50f935b67003b7ff6c3ecc2feb73a6fd226a477e89c23554868ef9de4", "21d91c7db2193646934d06b51447f758fb740c12ef7217bdbb12b6974c0b3384", "2262260ce5308d8d46189f6b1d78bec22aa72f6e72cdfb622e2ec8ebd2745e09", "22cc042c1546c16984bd41b7f41abb7043d87ae61ba213e29723e1888869cc7d", "22f4de20433204e6d6989452f72fa54d86d10f3dbd913f1f679ff1a3c797d56a", "252aa750a46bb4ee50eb092439d1c93a3aa1f2fdcc0a2a2269c242af173ca047", "255b12442061264d0bbef2309f3c612ae8be9f00c07ef61caa5d22c7b658f922", "2596da29a69f07f995dc4bdf4b42e5946921239b3bf5cc8ec99a606420f68371", "25c6d3defd6c234b93c797b841ab3a6008c35ec8ee18571988859d830dfa4325", "261faf6fbf9eb820bf9bf6a26f6dfddbd9bf030be365c4f4f6d0eb2e19b7aa36", "268baacc91a5c4f0000dffe8a4f931d7ad5f5d3171795b18b1c8ecea730887af", "26eb20b9dac51f0c2ad7a915c7de9afe8a487c39a196f3204d1cb3b265e3e98e", "27364b3e96a65f88d17d41eb1b2ed82d24805a351e865ca4ec1e5821675daf82", "2741f008f587e257790e04989f3560bf4c34a54795385d2c874687f3670037e7", "276479709fbed9997e3904d9c87734a4450394cc76b3b23af8732353f1397376", "27bc4fbe4c9ed4fd533bdf6cf810fb844680369c0f9eb943bfc6a22358367e29", "27d110a9583560c3d6446fddabe1b1e910f78b4a6bc1fcaefe305a0e56d5a4e1", "27f55d6fda90773e44db91a01423ad79efaa15cdc40abb6a5fa2cb42bfff4f54", "29781b22fad0e8c316097d8f2fa2ddfe4fb1bf77a67f5f5297f36300caeef69d", "297c4497873c93f301b60c853ce15d236db32ab3d57d032531aba4db0d0a499a", "29f9bf1f40553f0a3b6a56e3a9aaa6a8c865733a0dd970d365dbfc7b38853a25", "2a0712d4209ac48523a7f9f615db98f22ead64ebc7f292c92f79f526120336b3", "2ae9d82d8d72b73ad36a16e4efa723ed22ae58ec6379e04ce1ae94aa36d4deb5", "2b7fd23e4b2fe779cf1d10354029a19abc65a448c80235c445a9c67fc0228ff7", "2c535ac3fcf30dd76b1dff5595396ce118802a68c0ca7e79a537ebb38c311cdd", "2c9f40c65f17142190837ad52c212989fd36f4c9153ae12a3daf586e4db47de0", "2cedac4ebd6a5b81ba0e0ec1c1f0e3b6196530f996d6ccd94861c0d473a0e15b", "2edeb8a08e6cd13594ae6836d4d3c0b2a33b40a3adc43d4f0d1b3ff154057b77", "2f1e19a60134304e80553486a487ae81eb387bd3644b204ba98128fd28e8e21d", "2f6f9f866854bb0a8de42fc4a4a955e53dc18485b063d07c62498d3c6ed481e4", "2fbf43f195a97e69b67d0df2bd1b501b010e0789afb8f62de78b2775394c0c05", "30ccbb09c68f28e73c7de516bddaa954efec7c6490c00e1fb5a346e584cf27f9", "315bf5f9d477113d1bf795a843035d8308e46f0411e79b9f7d0530d59cfed564", "31eabecfc3d75fe4586562fa48b75ee58d3bc1d81e0e07697c90c7c4096df9af", "336a54a721b9168b69ab50d830fce36b66d566eb5eefcca66506a0c39f577ba7", "359eae49d03b3f6f8608871dca0c439f1b80762d9fc189acd5ce293fc9e554e4", "35ec5623fc1d232d7e4445457d62a57a74a6b64a3f4c9ac0302a475c47ff340d", "3740bbcbae0fb6fb8048f9fcb118749f88735384ccce7f2d38d10d19ae15b5e3", "3a35f11b31cb0c962e2530a1a1236e3a4bd899304eaa15375b3d9fc00637fff1", "3b289fbefd6d5d9dc03b535540275b6a0d12dc607e279c091db7e78d898521e1", "3cc05211a9f28e333421b8053a35f75be56a96b3af2e231efe26c52e67589a8f", "3cf9f6d8383e7d0307853405ed370e56e1936da9f62d98324adbbe004d897ab7", "3d1efa35e65933ba90d717dace410a9dc86e3e779795f71e65b4450cd703453f", "3e0cbc504eb5cb89a8ebc6dcdfb31a5740c953527aea59a8602f01ef6cc21d2c", "3ef2b9d777cfb38aca624c5465c7099ad2893d9003e5d4b06296777cd0fa74b1", "3f515a74c768b1a11c3a1be8912e3545617b3d6c62e96800908be561ff2070b5", "3f66a893c7a941a5fe1502a7a8b931ea8d8bda46336c247d13697bae87b30202", "4081e409845a39617ad7dc0e08f4bec3123b4ef0548abbdf7adb60c9bf2fd8f1", "40c06b20cf478239403d7c9f81c720a80cf8b163318cb948d63f815ac38e7592", "40d7ecb47c8c2a6d4ed20799b35363ae778634d476eae4a72b8db1b14a164019", "41b6f65adc5b7cb56f3d15294efefb95573661bc305980fd2497da87d24c6b2c", "42234b8d36e98581deea5a4923c61ec0d5dc327b749a7488db0538936c0951c8", "42dc72624ca3df8ccfa22f735f7c1bff2308605d18f7e356470f89048c318173", "42fa0a9f9a0a1c7dbae6b132f925a2bb155db6d58395feea9e5ef5ebb999ccd6", "4378ffa05ee3624e8511c6c12b4c00fcbc22be63960143d5f209c61a095e9a41", "43a99e3cdd8904bb88ec0378341c0ce9f017975eb7df39e1fdeeba0b049ff989", "43cc4ec08048bb716e88d3cc150125317f8fc8f3a767d9decb8671149d6cff2e", "45263ece3723e7279239b88a0c118c4e5820bc22472b6979255c33032b4a91bd", "453e8e729e50e3789b478e3a295213a7a2f18a563ec49e350eb01a18523150dc", "487504315230adbf15b3b029bd24cc8d38d05e2bdf8ca5bb4c121ac300867276", "48bdf88542c2cc7302b3bbde1bfaa4064756ced991348758584946e4d2b2e651", "4917ce821d12c17116a7736376682bf2337737ad8c9c7819d5b0f32ccc877892", "4a5da70f644d842fad75340aa70110b8f35529cf9a979a77e68afb44bbccfd52", "4ab641fb7aaa4baa0d07c42407b8ba5191c783160673904b8113b81c86197638", "4c62c6e754d593f120e6189c76321feaf35a43d2d78e5d81136627b5c77547aa", "4c7a0d4f1d7235a2eac1aeb314a78835bd7616a18da05247a3357f9ab3201fa8", "4e75e81dd8506eaa7a40d4a94b0575a4b528daba7289cc415f1416bdbd849724", "4eac27a658955983b2e3db7aab73878981331851441ba31af4fa6f74b73e0ad5", "4eb35e893d4119ad22d7f6e44d29811408332f077c4d24ac42b29bff5d9391c9", "4f4f6bdda69e6e332bc8917094a989cf19f7e3e4be2ed4aaad1b073424e4c677", "51b0b652b4b109e95f9162aa3716b735f8af31a13dec466a4b86717249f582b0", "52190c0cdb5449b2b1adbb4d6de9e656584da16eaf4924bc7b68e9773e2bcac7", "521ec6724bad759c55b945aa06ba08561128c3f5631380519d4b3294acf58ca5", "527235370e5354d95b8350ba11090affb7a1d5d47c10de0ef1ac27827e4b51b6", "5296e58d427adeaad37542d36fb785d1cb63fd48fe9f7d6c31463eaabcc51ff1", "54e582093cab27952c326fa38a1597f71044a9a6d540f8ff6e1be251683dd9f3", "5780931c1b2395ad74d77b3b0cc55d024627f067866d6b3ae799423be1078fe8", "5785a0d037df2fe0999d57e65a5e61a12bfe84d59f1979400e7b54c8eab7f53d", "5813be9704cda15559c922e7babb42c5e31006b1cb8bc024a37b8bad9ee21f2a", "5819b53a2699a0f5287b3a00ddd71931e229118ff9601defd860f159efd3ed50", "581a08e8f777157ec54e493f5cc67a64603b3df73512835568da27b22550bc41", "584e5887e15e26c07508c1d29ea2dc2c5303beca095bae5272494aa143ba0848", "587d034af05151c7f64336a603c0a087f5a654aa41fc9d7d63e2881e6c6a7213", "58a06371f22076c76cfcf376ac72e7914a540008f8714ba66bba6dc2e261dfd3", "5b5fc599b9a7a90c663d2f6fdde5977e16f7bd0304a57bba7deec763bc12047d", "5cf34cfbd0994c264099f5be0f9c6d727aa07276adf1d08d413e2626b6fac1ec", "5d14f8cd9144075664b58b1a349ed0d13fdbbc803ed9cb5a2a28ee82c8e29fbf", "5d6259657531ff76167149dcb01ab8c3cb70be89f2f81b87c3bfb15efae84a78", "5d934067282efe8a0ea3ae4e6a2445b69c5701ba439e94503abdb66ccd7b5cfd", "5ddf65a6728eef7614a828e740db6cdc5649b4cff70cbcfe5fb193647d286538", "5fdfff54d844b9e33fa2b2f938321950b361bb43554e82202c7f0a5eae6db63a", "5fe3bc3eb82643ef2043fe17b7e7c45ca984e8cb3a765e316bda98438f765d4d", "5ffda704d6f3eb1061e139678aae078ad299b6c13b3374cd58d42c3213dd8e99", "601a47dc0907e430f948dc735ee5e4867f01d3d06e4b38ff73df2bbaa0d6cc0a", "616c51b56189641e4c3c3f54fa17f7ea380885ee7fbec09d9e63453bb007ff95", "623fec26198ee8eae945e74968e97f904ed4ae9d258d18d6e2610920315c1fb2", "62710eae04ee9fbd17f5329b19c428e6df9df686ee911499c0105519cbc0d0a2", "62b6635850247d56999d26bfdaa576d4a560714824f8beaaa5108378418ae695", "63095f978644b21d4a2fcf024233e8c3bb8970e0e6c03519f81ac2205677505d", "64022b154bc798e823f5b6f4bb9441f7644888316716ec074dec1da12b66cc97", "6459bde23a27eda2e6bd606497b2baf35f90109b85ed1c1547e28f043052a42a", "64604c3c5e48bffc74806c8cafc3fd387f1cd872d3ac065f084993724c5b3d8f", "65758ce557dc9abb3ec8f0d6b174090b1e4d62b2bdc918775bf3a146936991b0", "65fad0977232e38f7d750774c81c1f6a8981d141817b7831abdc0b0765ce1a75", "6661f916b92e387c9806502a70e215b51ebfcb227772d2c796f755fe93b070aa", "66904d249d4a56d1e629208ec03895fb8419ba49132b1b2f759ad9d7f6654e9d", "66fe24400452fc635de531efaddc12bba69b0dddc1a3498c4b91a3aa1042fe85", "673e5ff1cc84269f2171769eb880caa3d42a35be1c8937cdd9d973b7dfbdec1e", "67c145ceac0192a8d3168922c34d425a5ae75cb0703fd440804cf23b6528c90a", "6836b413889790b261d62acb8842452d3d45048f5cadea59154cc7fd456ba12a", "68c625e3baeba023f6ae5bc3e1aea04116d8f0143e938bc9e3e701ea9a56c642", "6a2952f47767a15c9e21bbb124fc69ca5459a4067826340deaf95c0ea4734e90", "6a34b3d6d68dc7e1aef888f661e361f1489820d527b93a5e9e4be96f34feb5bb", "6a77878f9b478d37cf060a3ba34e6b4277c7654965dfc32f16a89bb589a7141d", "6ab27dbf943c09e15bf891efe12d4422d94fa28e1f0e03b73fc6d82e8c8a3315", "6adb66d7867d03efae30702ced27a6250b804740b016422c0cb065db13831f2f", "6be4b72398722818a166b1018d8ac4436fa4e301579eaceb2814e2cc25e02633", "6c15ce6f07b580c13b48920ff79debda0a39b9a7f5e7e342c9d23419d3b3f9de", "6c8c5b22e06d42cb61e53ff5f8070d97fccd6ff61ff1c5940a642b6a064f6421", "6cf69a8963352478c872b4594f0cb67dfb2af6927ffa4b728fdd13bf9ae8d26b", "6e857573c0f979002c8131a606c32049e34138ddcd04f7133405046d4b9a5fc7", "6ef02ab092cd7494eaa6853d48aa2cc84da7492aff7598f8806a8e2a94c113fb", "70b23929beb28b3b6a2cd61efe8945ac20779dad6a4acacd2aa83d54a53930f1", "71da5f85dd2e1962913faac7709d08e90baa7f9acf428c05a8bcc9b96b3e6663", "728bfe7b3c437a7cd5af9c91aabad90b988b13c6d8a7cf3bf9a711ca5bcde74e", "72a4b6b8c3566bb7e09d88d5f021c038fcd6bad93f24af2b42ca90991b26881d", "72d91029f126b430c7c60ab6b32921a9c661562e1b85ccbdee2ee7377e9ad873", "72e83d5c92ede31c980c94f5e8238f7a507b8548bf1dfa7ee76225aefca65407", "72fd1b842d006e358e2018b99dd9451cd8df7da011034fb7e73beba8dbe13b59", "739b34541568f73344680d683c08b35641c183afde3b41f206048bb5e1549d2a", "7430e7b1744fc7070b7eeee944dabe173aab6cd72231ec9cebc21564262f9269", "748179042936e895887113f9bbdeae3d373b68cd2cde25cdff562848b361ee21", "7489606516c3267e6f1c992c02c0d1aad7a426f59e40e8eb770ea70c9370715b", "74a5aa8abd41a4ea9b266335ee3633a050839ac26748bf212ae39dc59ea3b0fe", "74b15612f1b968b9323c5fda58b7ad629028b2fe5553b30aa30a0e9cd1706b8e", "756be6f11288879a01dfdd182006bb6a51d3e136b36e19a2e16c091a1b99ea71", "75c0f76b40cfb0321950c2b102453bcd4686c6a84940febfeefa44af7aa925e3", "75d046baa73e55436bff2e530ebde4c8e6e5d62c1f3406dd8d16015410356513", "779d14d2aa7475836d85a8e6cf09252d5c2105da6bc21df7abdaa758a3924bc1", "7a5081e31e3215c9980fb38e5c4ec313f574c8e2b86df05bfb3b2927103826dd", "7a7cf0aaa68a3f71dce1e8a380a492097cd93f447d531c598aaf4e9848230b3a", "7d5e140c894776010d535cdf1ac176b425352e3ff95683bc1dc1df827c90377a", "7d941b983456a08e094e1a229cc227a2ab27cf5ea4c69ae851fb7a3ddab15e69", "7de10f7bf4c129aad54f8590937e5c73596d1a711c75176f24d6a402f4a98177", "7e98f6bb9bbdf2e1ac5f26b508aa625166537720e20c36db91989f1e661b1cbf", "7ff09062bca0e0863639e444a610b5ca2a3a8da0b61975284281e0228d8cd102", "8000c1db0ed46086570399afa274376e483ff19117812071cbbfae6a48b5c08f", "80786f56b24d672effb62163f8d42a58531d23ce98d4dc9c4c57dc630da834fa", "80b9625be6c71c00120812252f8bcce0b42a012f68593177ccaaacd0e99a66f6", "81732365cb773412f0ccd96a5f160fc56c0d113cfa18424bd74c9efba1b24de5", "817e095268a502ce1de8afb066c6b155a05ba9c7a2b5e33c026c466d84762874", "818858c8d9848106be1f1de18aa374eb361a97751c9c7bab21eb0c695963ee93", "820eb8fca7437a585859a759d2df0d289db1a7b5dbb2dbae50c77313dcef0617", "826f3c151b7bc02f699459cd8ca727d2925227a16a4f11216589532397694abf", "8381691d398d223740fa364ae8bdfb3fb8ad0b818d88a96e4f44d0d50489a20b", "83e2abca611aaf5509f4bbd5784fb4b2807187dff8c01e6a7a0b8d70fd7957c0", "8405a7deb00283d450638ec63f53025fef611cb7702df2cee1b48221ddba6cd9", "84076255d9cc4fbd0d67bae8eed146cd5d9ab6f9ddfd33359221ede902b9a8c0", "84643bb5476a0910e651b9013726e5499d60354f31b7cf3f74da3e31bb21ea29", "858dbd62aec98475a57698f9d7f7b646e175c6d76005cd2198da8494cb813fb1", "86e8284f8265e133a76475a8bbde1d035ada9869844c08d6fb4a21ec9fd7cfad", "8771dc00b3a914da8b9c1dceaa4e90a03f2d2f8371968c79af50accccf0f5782", "89c4146ca8d194bd8cee95d8d2c6897ad75742f560b12d53b2701dd2a50f2863", "8a75034733e7df5e19f5db6ec74062decd14807258bd0f559298cb3b20f9dfe3", "8ab1b9544cf349f8431590e19babbf61f23abb78b6bc8d8d2424f2329118fee2", "8acab3fc6f8805d9ff21064b11778cce65fbe26f922b4779a73cb088f5306e97", "8b24e662b5a62c1b9003a43b650b7ac9809ea7cd99a6665b61bc11eef286fd20", "8c5c30e135360512f7df4a678cb2d0817e649c33bf5545a2430add408d4e5f55", "8d64e179791ce94584a34f52043088528f59e38143e1f794a7af2facc7de8f86", "8d856f1663ef54ea6b918c94951e8b5496775bfb07a2110426ddcd0e6cee55ad", "8f93a4c81245bb9e6b2afd709693c0009d6f3f4e6c0b411642e04cdbaa53884e", "8fb0062500ac9bccd375af4d0f013f384320836e2499555aee4cb30e7e54aa28", "9000028c3aa2653864813fab74e7759abcae855ee55eaed74cda3774b8e000cf", "90cf933fad8efe16f2f92549b32ba0e68f3afea362431950058358bc6669a213", "927140fa94d633fdb7941339c20cfb8f68e58f56ff3545a3c7ad82e1fdef6060", "9307381c1d5c70c155e364f8b525fac4b637ca34d08f4182ead560f4d4c549e6", "93e05df198f62c3234078b79001e61bd2b8b6592d86a8b3eb65eeed22a2962ce", "9416469c6bc56f33955f330d2b82964746f1f8d3459dc2e9e13dcce93fd38e93", "9491ede265ac589b488feb46aef3c17609ec5ca87fb1402e858cc045d825481e", "950d369312770f7c9519d3a3c606f6bb1e24113a84bf3f3b1f75ddaf7e2b6111", "9558c8e4182b9fe51914b434d0a017ef9b341f19c9d80d43c1c0625f58c23647", "96cb6e69b4e11e2e617129166c73f07e675dccb2636a00f3eda2c7f5c508a1eb", "9a09b45cf05dd820fc4e981c2ef7aab4b0324a5e2eab789bb584b9fdb3e14f58", "9ba28227465f59ad07eef9c45f2c4e3905bcd72aa70fc73e3f7c4a1132dc1f46", "9d21bdb6b5e181abe4d3ffa3305019a0e3f6e1fa95ac1ff8211ea79b5a2cfacc", "9d6881cc2834d93afdf0f54a609dea55614aba85be73b80de91a4491e56462e7", "9e73b7ee4a080a48c79688e58cda4993cfe0a4112baf8a48c1ffdd715fa0bf66", "9e980ad1f94043ccbc7d6b09e5e532723afa113d5471069d5c2708443d55cc46", "9ee3f8712f1253f736c6996dbdaad07c1104e33e7244b07b2ff0700c907a55ca", "a19e262fe95f02108e72a1db7aaac9b66e02ab05e0afed5de287dd98b5d655b0", "a223605432bb99b8f5f8b3a50513f7f002be6712e3b645498d073340e6abff58", "a3293be4d51c5430dc1f0d57a71ce236e6b6d445fb53acb811077a5aa6ffb1a1", "a3739779aca3e45dbe545f362c104af8e5b768f2fab2af6b9347c8fe6e57f13c", "a3c5e02efb602a83794e1fc8abb79c449db2de1e91f0aa3a06f7ac9d3378a39d", "a3ca19f0ce6ccc0bacde2e15220e5b4d58f08a9973a7b7fcd8d79dfdfa96a38e", "a485d2b4a185928c270e5647028951eaf422671060b22ba6ea8137173d7436a4", "a499476c6ba607037437ea3f20248325f4a2c3440f97aa411fefe25f2600ed05", "a4fa93740e72954661d5f4669679064c864b38b44860d87e173c4450aa3262c7", "a5e32355889008018c76252dc09e128a9742b01805a31458634cd583cde74b2c", "a620e5b280127d77603731c105fa5ffbdc62fbe7a9733127dab4183a315186e8", "a6287b5110e931001509d7c982d29df956b0e7d13091a1bbc52b488d4de62470", "a63823ea11b490eae92f45816ae778c4c78ec6dc54276a67b57ef7fda874d4d2", "a7b01a2669bb8bb6ef01fed55fb4da710fedbf54d8c9e0c7235bcca977cf317c", "a7fc8faa6b111694ec2b22e291c228a4743f2314f0fe01f73e8636661736848c", "a88c0a5ebd2b1cff0c97cf7b8556d54f4c604b7ea2fbff50bef3377aabe43178", "a99556e097a42ee9beebe15f94dec597436eb857a053499469c5f577c809d574", "a9ce216fff1b95c03b0b7e984e4f8811df023e990fc65947a47e45e0875338a7", "aa7555a3246dc38af93b6ad6006d8440b2b202f7a24611d1986f9ae5a8df2b15", "abea02227a61d8923a3947bd913e15dab86160481173338cfefbcf6d9ea2d448", "ace8b9dc3c1724c08a522fd75eebc86c3bf0b68cfa3b0dd09f03b88d1ff9ea29", "adcb97a63932422ace597bf2419142db8b303debca161c54545aea84f8312101", "ae42c9bd1fbfb59577fb3df591d311a735dfa4ab2286a2835207750c632332ef", "aed6ac016722c7da446b11e22173be77ec0a1b7bceed79f1fd9cea62822b5fce", "af27ab33e97c2ffeb9db171905ad63d0fcd5e01e6f43d511bcfad46ff330a74a", "af2c8f6f20c2d1beadefbfe2235248dc76d47d2ebacdcbaaa1a13960197dc5fb", "b1bd0994e9abc2b6e0b7533f4381cebb56695ed45c98b82371ab443ec4179ad2", "b23d7b964a44af7017c5b98cfe81de5efd0dd24be88f918c65a866a9e97b787d", "b4110a40f9c9db8899f39a08d07b45123bf7c192d40d5445b7ed8023d6d1bdaf", "b51158a6e032cdf3a41f0c4556e8bedffb37c8b9d807f575ceed05eccc36e942", "b65ed85815e25dbe63ea42ef288f6fb8cde4e158dd994ef27bc2dbdfbb6d2fbf", "b6aa723943b5dbc1cc8f4a502fbdb88af6d661ca78f82ef6d151eb8f0555083d", "b8d8f2aa2a8e73dbe8f84dae5014cc125e20183b0f893bb67bece69f09d25dba", "bb4e55d750998245a0908257c70241c936b09e8c18ab520709f47b10f361fe68", "bb953f17f1e37c30db452b278221de60e94683fe47d2d9b4f1a61c2fdcac9743", "bbf3d229c2ccb00e70018ca0eabb2c886223b802c5f8b774de80f4cdf692718f", "bcc6a6866f48a6188b4c2a3f8b3b92c36cfe0d0b2c8bd1fd0e196a0480d24482", "bdccb161587a7e85c951bb9bed0cd017d225cb6f94169649e1bb015120324a7c", "be73301c9d0bc9f6d4bde8556b7ffe69cab8d835495282b9c28d56fe70bdbb41", "c0306188f45fffd0621561a8b36afb5b978bd36da3e6b73557f28d0a734da4eb", "c040702d24b3a23d8963dd395c95e6bfd293428b55820c9b39c7c1ac2ffd624d", "c06964acfd37b955aa90a5737e348bf755d80a00825d76698528b47e9d69f97c", "c1f298d55bd8c4d9a223683f99c8dd504d7f9e6f978987c26de0b7172d61c48a", "c2c6c2225c448120a25f494315b1381bec815470a62234299cac8023a638f21d", "c3f08bc7a0f4547f19850d08d10560b114b8809648b756a91611d49129d73dac", "c480d29ba97aa1d0b6b18f4d5794555e50db9387ed12cf2eeff0b619caa6aa7d", "c489da7445b75a5d5c54af54f5e2d56bbaa9ed99dbad3b4f59dbbff79dfca7d6", "c560d4e6fad3935003473675d00f05c260605a3e99e75999b456dc623ca42eb3", "c7d20bd64bc9f8fc41d54e62c5dc4f1cb932cd10bddf2bf8e60953d6f60b2974", "c7f0d7c2b538f794ad0dbf436739e526ff8dc1e21593b479a8295fb203e464a9", "c8711f771452d77d109bad75a9bf0357d50a60a7682f18491189df7f51b8b72d", "c8b314250031bc2566e33e615c2564ad55b3a841f8fc08134722581a31c016bc", "c8dcdc9ab022ef940e625664dea07cdc91414af3d69c26bf6a163989826004b5", "c9a99a7dfbad78a5f4dc0cfa32d6616dde3614162fcc5c81b1157ab743903144", "cb51d763c2d004f924d5bde7021791490b04ce2587f995bd92191a44f94f6864", "cb631267b428e2112bc8c2a9fd7942d26aa7a7c955f1e92b6359e6c23873f0ce", "cb71302d01364effe78e93a5cf5fac1dec56e94fabfcf9a852df49df397178ff", "cb9217b7bca9363788d38be98c9238b6fbd92013181a2ca83a06f7bdc1c73585", "cc20010d927eb7918c83895340b314b13d6cf9037d089e77680c8bb2ed0fbf91", "cccebf7cf5884a65027fd9e8bb6fcfea35e2690223463255db6538ff3eb8bf0c", "cdaae98da49b77e886b31e7e4dc8b046143bb1f15ac1cfb01d279a64ce3bf5ff", "ce2c16890965d4d90bf4aced31e1353ea936ba131c48e11032c8e5c2bb206354", "cecb910efb213410c041934fc4ba48430fd274ed0b1ec527ac857434cfbab07a", "d0de7b7a5d677ccb868fe3498d2bd2676544423c37e5ae2b5a190382082db841", "d11aaf347060099b7b941a81c1f497f8ee33a795131f21556361c955c8467a6e", "d131e07200de1865f4795c3e37a927238bdd37f7c7d8329992d9693361ef4ff7", "d1438e5ecf5ff2f8d7f83777a613136f51b79f20c799e07e952fe469ff9ba8f5", "d1c47017fa0ca445c9f8811a16b4bfa49455547325af82456c500a3d214ccec8", "d23ff359e5f467d1a37d5648ea49e52e96614112d4286212ac8ebeea240c2128", "d27f66b2c8363f35af5683d6e05bd3e9f7111fc78c8c15eec86fd431abf9f29d", "d2d69641052cb9515dd274437cfd00922e5aba748174730eff39fef71d7db05b", "d2f83359df93042342875f287f979c9b83e8f69dd2c1b8510d0139b6d9825447", "d319a5366e0ced5d92a6b379dadd8b8247ddbc2a88431a9759f43963d467461a", "d346302bd2265d305c90d05bfe8810168adc6ca5cc35012d4ef035633b3e3652", "d3d26a30bf1a1f4f4cb3d6dd55026d448b2eeaa5550d926e05970d7b4b0fc8e5", "d502b816ab8a61e8843a233c06991f2e423ffa22e0cffa15a7948fd6d74b83df", "d54686a7a2c36dcc75866d89bedf39370fd722f818b22f004f00180152039ae7", "d5949f85e42258cd0ed1318047b51d05dd90718d2e2c435b3b77bc8957834d1b", "d6319a5a358710092df5ba4052b2c20e33ae4a2f32ba5659fbe19961e29ee447", "d67cbe55b8aeb2da6c765092c19f5152139aa5856204467e234d56367bb11695", "d825f0f39db2e785e5fc8fc7cfa82b3e5600c79ae977b6c3e6bcf81690019918", "d82a64c52eb106f4ca9ac2bc2cea9ef6a5a7c65f0dbea0d95065c43a64edacc6", "d869a2597a0089528bf7d59a5728cbbc79811e4ca1490d3f1a6fd5aba1103ee3", "d89765d2c5b50aab464fc7d488511cedf57aa3973eddf9789cf20c3a0fe19997", "d94964f12a7dc3aded7bc2d0587aa272c79ca54b789797fff1439abbbabdf1d4", "da2e71f4739a37b0b3df68284dd142deadf4a7110f691b7d0a9d1f37dcac0f68", "da3a64f46300cf6bdd9c9971bea2e8330b7ef25bf33f7b3da533f6dd6831253c", "da7efeb33a038f6a189eb16f3c30f78c7249fdfcec4911dc183626585f999587", "dbd85cfaf2f13cc3cfbeb931a238407e8bb4b83dea56b7105f4f4031933c127b", "dc1e781e6d3f34847058b597bfd9243bfe499b473c73d042943e18f5b1038568", "dc44f52c6cf3f21ff888ad463483e8c39a4c2d84379ccffa1d5692bebfb0f3e0", "dcb21ef4a1d6f656304a1f9450b8469eb56971d677549ce8b60681578d522b2d", "ddd381a63033465ec9c78281be4e30c6768201ed46c568a86436f0de8409e707", "de51e7f022667962bb9893c08cec7e149b5959e9cda344c35a31ee3da44cdcd7", "de5271c8a17c773a2356986add030afbe111abcbf03445790ddc9724abcd221e", "dec39840443b65fd0b710adf5d434ab0038e94e7ab63cf4954aa17c656f3ecab", "dfc445404dc7623a767333d85282156df044d9a7b724907a149e1f6254d95feb", "e0209dec54ae37cd2011cf97fca6931628ab305af9fa77ba1dba2671e35ac2c5", "e20fc5518091bc23f24aedbda6df3e63540074b26053dd28a4e82c55246d1299", "e391268b727bd7695673b8dfa735ac0792ea3f25b73aa49e08f5d930cb18e0bf", "e3ec35e9909f95de5e9635a7b85eef230b81c5aae32dd0b1249eebb9a14d4b64", "e4c7fe5c90a76ec9430a4defb518e7ea840844409a82e3f51699a27981c290bc", "e53e16ac6cc2a92e9e0f3b0907a3a5ed876d3c591c3a9abafa9ca2225c2d325b", "e56f86b8086300f4894b5fbcfeb3ee18fad3a3230f46eca778ffc7508c339d37", "e62bc2b6bd6ba9473b7336d9e6cec8bdf4f19152d13a7b9dce6e30bc9258e46e", "e65e4ab50df18ba511a2499f541e0387f7ec3fa0c14ae931b0b3000ce819a3a0", "e681546892d8db3cd9883b67f1a4d785aeaf02036f1e0a7533e7cb42d1b640f3", "e6df5b75d216529f884172f1670adf042dd1ac1b8104dac732ed0ecf34676f08", "e75689ea2db6b07ed73f174f4aac3845f829c3449aa9cfb635d556ed84cd595a", "e80a66ef6c796148bd2af1b1542a2190995f78af4a8566ba007d87b0c7c2cc75", "e8c2e294d05db61ce2e19e5830f3be72273489e84f23a17b7965a4a48c948753", "e8d69c024a5ed6c0b343d945bc2b5b8bdef17c14afdbe117cfe72d0fdbee4160", "e9277c48c5ffd7fc413cd92195052b10f3f96eb2bfb43c1684927b04061dbe51", "e9e25723a4592d21b292ce4b0eabdfff7a7f0042d5367c374453cb1687647f5c", "e9e5f5f3c3ebb3037992b91727a06e73592509c9c25d22a824ee313ce1991d97", "eaa75b660aa051f1e54482ccf5e80f72eb4d2799ebd01738600542f0832f28ff", "eb5bf680e1e8c57d994fe15276dfd2b6891d91dbfdef59a52762973487aa4a3c", "ebc6955966ce743aa390ce337682ab646887405be9ed6035dcdad17889619fa9", "ec2e5df3da25fceabf666289444f1199bf4618075ddfa6fc98131469bb52039f", "ec4b09877c2135988e7561993cc07034f781658c051e0ee01b5c5920097cfbf4", "ed842071c54ef11c665e81c4dff2ed05a5e1289a4fd2ff0edef539a2aebd053f", "eddebd8de5aebe64236bf840d4f8a5d052c4dab8a121e7fd9b6d8220c581c479", "ee15e63e443b5c1aefebc738d5389086a7995ef85a1de35e5e7f6d4d7da33f96", "ef3f8a1f8f3b23b477778d628ae629b26061fd319e2234fa6878e527215a7fad", "f087c12ef9a54460a7463f64109e5f9472f6941bc7593d8e136a29dc679f545b", "f0e18ca13ade71cb36a4532a090ff0c1a7df96556f059ec5ce5b495b90a2f1b1", "f16fbf4d26cab206153f109811c1a1e2d19ed48ab84a2535af320c6fdd1d3c22", "f393066356eda113d95dc88dfa5845c6de5b59c2084b7c69e407abae3005bef6", "f3eeb14640d698660924c537353abad024cc4f07b6c4cc0c56649a8ade6c40b4", "f419bcd32b1a47b25bfe372f89d7886a36aa9b1aae9b1ae9f7bd315b7e97dc19", "f66e1c16d0f2c2d39fb0ad368545d6dd1f337397a35775f7fed9967655ad00d9", "f68bed8dcec52075c2cffb995245b1f4e536f3ab884a16c1696826178696667c", "f68dd212a0ac92c6778a697a9b50bfb37a11ba2e30b9dc512ad72ebdea14b69b", "f71142308ab70a9b4b2d7a1c1894a69c5dcecf7ee986529bde965d54371fdc02", "f72d54efa4d0022d6be4b6c148c5afc63a9c5c9232e38acc7824fb45f2cc8d77", "fa24c2c43a9ef07880f015643e6ba213f629aef01bb9ca827788ef5c36203839", "fabf5789c0d7d0e22552066ea5996d0e76c6e4ffea232decced50c4b7d15e2d7", "fae46ef8777574c010df9d53ea826d42443ea0fe9c111307888a005b3030260f", "fb0615e1e95ea7f59b5d154549a34a3f2a51fd41162f44b3bf0809d50d6c7c7a", "fbdea5119cdd280e24742f724622169870b47c22bfee382b9c3c9b0728d0ca97", "fc0be03ac6bc2e1a57cc5cdeb5dfda6e22d8be6aa72838db3c470f1dc915c52c", "fd1cf5064a45d8b01f638fbbd5e9f72e994cef34bf93748e6abc0e448ab0edc5", "fe29c6805942d7761cf32da605efcf01ae8f5c06419c3cede14a5fe53cb71680", "fe3ab5a5398c54a5387a8d96364a3e92e339a1f6d75e9cda178db9159ea37a18", "fe73e6c8cc39b71aa46432173474d93b0072ba9a1fe7669e4f6ae46d193244d5", "ff6a670367a2a55853fd63662fa7e33c862ab39f30f1347c2032fb1502901c72", "ff9051958fe2ed4761287714d4104a0bc16f3b9e4677c5682595dff7eb4faa45", "ffc7f9f834487b51655022599cdfacab0ded633460e0b99e95aa5abbbf6c528b"], "iocs": {"domain": [{"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "betneqxoxsgondrgtzdhxtif[.]com"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "bisqwdizeahjvlxoifhuwfud[.]info"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "cqjrjnqwjvgyzhabiobizrxoif[.]biz"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "hmpndhpdqgahvsceqypxgey[.]ru"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "hxdzdzxqokvijvkzxcaeuhukgmiz[.]biz"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "iraeivaecqovcurggyzpcqugkvnvga[.]net"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "ivivdbihycjnkjhifqocihnrxs[.]net"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "mrtkaqztpgudkjgelfdhnvdinj[.]com"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "nbrpnrlobinobduqceumzgayttc[.]info"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "onytsgmbeueifazhewcpztqsgmsw[.]com"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "pfapbtrszxbynqclzjfxelbeq[.]org"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "pmjqwmvdzdzttxkfhmfuobtl[.]com"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "pnrmjlxrkfasgusrohbyjrtsgm[.]ru"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "qshididaizdmnocmddhqgnvau[.]org"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "qsqwjbmzaepdpxazhwfalmr[.]info"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "rcvivmvoztgdyuwnfrwcmxwmrcqh[.]org"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "ukgiytxmnijpnsgyxcmfdaupt[.]biz"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "tklxkbqwfqdijvtkibyxwgpjr[.]ru"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "uglbqhercsgdzdszlfexbirkd[.]com"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "wgdxgrllxcpfgajzifhtkuc[.]ru"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "vkypzptwlrgycqmcqtkojeihaq[.]info"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "ayydtgoztdeobrnbswxyhivl[.]ru"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "beyhrshuguucxobxoylxsobalz[.]biz"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "bymfljnjjzeugullozlrnrwovifin[.]net"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "dqldugazhroylorhipjbubyqyti[.]org"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "fiovoifxjzkbptchcejfjxkdqob[.]biz"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "gmgivwzwgvssolnjkjbehmqcxgbior[.]net"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "idyfaqtwwcswjvxcozrxeq[.]com"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "ifgmdahygjnbispjlzfyfymnvqwh[.]com"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "ipjscnrpzlntizgecqyppvpzp[.]ru"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "kvxkqkydmrfenzmyhayaegyemugci[.]com"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "lfmonciequkhhukrcafdsoz[.]com"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "lmrwoqkhmlnqnjwolvaucaozrgp[.]info"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "mzwsusfyxsayddscvbued[.]net"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "qszlndilncaeovwgdyinxwei[.]com"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "tcinizhueyaurcrbxgjzkvvkon[.]biz"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "tvgfeofizypxjbcaescgeytqw[.]ru"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "xkdyonxxhhzxhzdufefa[.]biz"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "host": "xsprpbedtobtuodaamlmneitg[.]org"}, {"hashes": ["028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6"], "host": "vofnbdyxlwsqkcmvwnrpuoibi[.]ru"}, {"hashes": ["028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6"], "host": "ylgaxcaigqylgedizxduugaivcvc[.]com"}, {"hashes": ["028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f"], "host": "xotpbresgzdmzqolcwozpjb[.]net"}, {"hashes": ["0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6"], "host": "xwtypydmbpirnpnonivpovo[.]ru"}, {"hashes": ["028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f"], "host": "xrhehuvwrkbmlcyceyxvkpzlgmbm[.]org"}, {"hashes": ["0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6"], "host": "yhlrklzofofxutkxgorbqojpft[.]net"}, {"hashes": ["0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6"], "host": "ythexgfqxxsccmeyhvkuoschinkn[.]org"}, {"hashes": ["0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6"], "host": "ytltwtivaobtshylvnzmzqsyp[.]ru"}, {"hashes": ["028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f"], "host": "ylnzmreideqklnhajzbulbmnrooqs[.]com"}, {"hashes": ["028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f"], "host": "yxivhepfiremozrmnxxzhcqhubu[.]org"}, {"hashes": ["0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6"], "host": "zxrmbnjqsqaeypmjhqsfamfypwo[.]com"}], "file": [{"hashes": ["04c056e40bd76e3f9c9b933279131b8542e19a37193ec0f15d35e5d6b7655273", "0ce617ffc98db4f6ec3fc671a8d2ebe0ee781e9751da3ab0ccc41e1d9e0035bc", "1301d9f644984661fb6a88182c1e2ed251106a82bc98f2fcadc066214b45689b", "2596da29a69f07f995dc4bdf4b42e5946921239b3bf5cc8ec99a606420f68371", "2edeb8a08e6cd13594ae6836d4d3c0b2a33b40a3adc43d4f0d1b3ff154057b77", "30ccbb09c68f28e73c7de516bddaa954efec7c6490c00e1fb5a346e584cf27f9", "42234b8d36e98581deea5a4923c61ec0d5dc327b749a7488db0538936c0951c8", "4378ffa05ee3624e8511c6c12b4c00fcbc22be63960143d5f209c61a095e9a41", "4ab641fb7aaa4baa0d07c42407b8ba5191c783160673904b8113b81c86197638", "587d034af05151c7f64336a603c0a087f5a654aa41fc9d7d63e2881e6c6a7213", "58a06371f22076c76cfcf376ac72e7914a540008f8714ba66bba6dc2e261dfd3", "5d934067282efe8a0ea3ae4e6a2445b69c5701ba439e94503abdb66ccd7b5cfd", "70b23929beb28b3b6a2cd61efe8945ac20779dad6a4acacd2aa83d54a53930f1", "7489606516c3267e6f1c992c02c0d1aad7a426f59e40e8eb770ea70c9370715b", "756be6f11288879a01dfdd182006bb6a51d3e136b36e19a2e16c091a1b99ea71", "75c0f76b40cfb0321950c2b102453bcd4686c6a84940febfeefa44af7aa925e3", "81732365cb773412f0ccd96a5f160fc56c0d113cfa18424bd74c9efba1b24de5", "858dbd62aec98475a57698f9d7f7b646e175c6d76005cd2198da8494cb813fb1", "8acab3fc6f8805d9ff21064b11778cce65fbe26f922b4779a73cb088f5306e97", "8b24e662b5a62c1b9003a43b650b7ac9809ea7cd99a6665b61bc11eef286fd20", "8f93a4c81245bb9e6b2afd709693c0009d6f3f4e6c0b411642e04cdbaa53884e", "927140fa94d633fdb7941339c20cfb8f68e58f56ff3545a3c7ad82e1fdef6060", "a5e32355889008018c76252dc09e128a9742b01805a31458634cd583cde74b2c", "a99556e097a42ee9beebe15f94dec597436eb857a053499469c5f577c809d574", "b51158a6e032cdf3a41f0c4556e8bedffb37c8b9d807f575ceed05eccc36e942"], "path": "%TEMP%\\.tmp"}, {"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e"], "path": "%TEMP%\\tmpbedf3695.bat"}, {"hashes": ["028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f"], "path": "%TEMP%\\tmp067792e0.bat"}, {"hashes": ["0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6"], "path": "%TEMP%\\tmp29825de5.bat"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1"], "path": "%TEMP%\\tmp5386a2fe.bat"}, {"hashes": ["0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "path": "%TEMP%\\tmp579e8252.bat"}, {"hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "path": "%TEMP%\\tmp5bd33adf.bat"}, {"hashes": ["0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf"], "path": "%TEMP%\\tmp07452386.bat"}], "ip": [{"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf"], "ip": "172[.]217[.]6[.]196"}, {"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "ip": "173[.]14[.]200[.]1"}, {"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "ip": "24[.]87[.]40[.]226"}, {"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "ip": "66[.]26[.]229[.]73"}, {"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "ip": "184[.]58[.]195[.]152"}, {"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "ip": "50[.]84[.]160[.]82"}, {"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "ip": "74[.]254[.]232[.]66"}, {"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "ip": "24[.]252[.]35[.]28"}, {"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "ip": "96[.]8[.]224[.]44"}, {"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "ip": "74[.]142[.]175[.]10"}, {"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "ip": "69[.]158[.]169[.]23"}, {"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "ip": "81[.]248[.]45[.]65"}, {"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "ip": "108[.]22[.]230[.]25"}, {"hashes": ["028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf"], "ip": "204[.]79[.]197[.]200"}, {"hashes": ["0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "ip": "72[.]209[.]62[.]166"}, {"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1"], "ip": "174[.]51[.]6[.]110"}, {"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1"], "ip": "80[.]101[.]92[.]168"}, {"hashes": ["0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf"], "ip": "69[.]119[.]68[.]31"}, {"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1"], "ip": "89[.]103[.]204[.]29"}, {"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1"], "ip": "186[.]11[.]7[.]191"}, {"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1"], "ip": "65[.]48[.]29[.]60"}, {"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1"], "ip": "75[.]216[.]128[.]229"}, {"hashes": ["0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf"], "ip": "76[.]243[.]100[.]9"}, {"hashes": ["0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "ip": "72[.]10[.]131[.]45"}, {"hashes": ["0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "ip": "74[.]197[.]137[.]129"}, {"hashes": ["0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "ip": "177[.]40[.]127[.]97"}, {"hashes": ["0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf"], "ip": "69[.]199[.]53[.]82"}, {"hashes": ["0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf"], "ip": "184[.]174[.]139[.]215"}, {"hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "ip": "78[.]6[.]164[.]6"}, {"hashes": ["0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6"], "ip": "38[.]102[.]17[.]160"}, {"hashes": ["0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6"], "ip": "174[.]27[.]172[.]142"}, {"hashes": ["0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6"], "ip": "85[.]177[.]8[.]112"}, {"hashes": ["0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6"], "ip": "80[.]171[.]30[.]249"}, {"hashes": ["0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6"], "ip": "46[.]10[.]89[.]149"}, {"hashes": ["0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6"], "ip": "93[.]211[.]60[.]17"}, {"hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "ip": "75[.]179[.]135[.]34"}, {"hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "ip": "94[.]223[.]209[.]6"}, {"hashes": ["0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "ip": "212[.]159[.]29[.]173"}, {"hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "ip": "65[.]40[.]216[.]6"}, {"hashes": ["0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf"], "ip": "72[.]190[.]85[.]215"}, {"hashes": ["0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf"], "ip": "76[.]103[.]53[.]245"}, {"hashes": ["0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf"], "ip": "67[.]181[.]62[.]181"}, {"hashes": ["0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf"], "ip": "190[.]118[.]140[.]47"}, {"hashes": ["0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf"], "ip": "207[.]81[.]93[.]195"}, {"hashes": ["0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf"], "ip": "89[.]122[.]173[.]73"}, {"hashes": ["0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "ip": "89[.]122[.]198[.]112"}, {"hashes": ["0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf"], "ip": "99[.]34[.]123[.]74"}, {"hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "ip": "188[.]109[.]226[.]57"}, {"hashes": ["0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf"], "ip": "189[.]142[.]135[.]180"}], "mutex": [{"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf"], "name": "Global\\{C30C6CF2-932B-408E-55BA-04D54CAC27C8}"}, {"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf"], "name": "Global\\{73DE6ED9-9100-F05C-55BA-04D54CAC27C8}"}, {"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf"], "name": "Global\\{A9348FD8-7001-2AB6-55BA-04D54CAC27C8}"}, {"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf"], "name": "Global\\{A9348FDF-7006-2AB6-55BA-04D54CAC27C8}"}, {"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf"], "name": "Local\\{C8D239CA-C613-4B50-55BA-04D54CAC27C8}"}, {"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf"], "name": "Local\\{C8D239CB-C612-4B50-55BA-04D54CAC27C8}"}, {"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf"], "name": "GLOBAL\\{}"}, {"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf"], "name": "Local\\{}"}], "registry": [{"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf"], "key": "\\SOFTWARE\\MICROSOFT\\INTERNET EXPLORER\\PRIVACY", "value_name": "CleanCookies"}, {"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf"], "key": "\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\ACTION CENTER\\CHECKS\\{E8433B72-5842-4D43-8645-BC2C35960837}.CHECK.101", "value_name": "CheckSetting"}, {"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf"], "key": "\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\ACTION CENTER\\CHECKS\\{E8433B72-5842-4D43-8645-BC2C35960837}.CHECK.103", "value_name": "CheckSetting"}, {"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf"], "key": "\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\ACTION CENTER\\CHECKS\\{E8433B72-5842-4D43-8645-BC2C35960837}.CHECK.100", "value_name": "CheckSetting"}, {"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf"], "key": "\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\ACTION CENTER\\CHECKS\\{E8433B72-5842-4D43-8645-BC2C35960837}.CHECK.102", "value_name": "CheckSetting"}, {"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf"], "key": "\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\ACTION CENTER\\CHECKS\\{E8433B72-5842-4D43-8645-BC2C35960837}.CHECK.104", "value_name": "CheckSetting"}, {"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf"], "key": "\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "{2EC645E8-BA31-AD44-55BA-04D54CAC27C8}"}, {"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e", "028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f", "0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6", "06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1", "0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b", "0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade", "0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf"], "key": "\\Software\\Microsoft\\", "value_name": null}, {"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e"], "key": "\\SOFTWARE\\MICROSOFT\\IRKEQ", "value_name": "17e59651"}, {"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e"], "key": "\\SOFTWARE\\MICROSOFT\\IRKEQ", "value_name": "2e6fg30f"}, {"hashes": ["009b772a99c3a0c2a1a229fda80da8533b4eb537f313f4146e15ad0ad232835e"], "key": "\\SOFTWARE\\MICROSOFT\\IRKEQ", "value_name": "1c530fij"}, {"hashes": ["028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f"], "key": "\\SOFTWARE\\MICROSOFT\\DIOHL", "value_name": "1j037349"}, {"hashes": ["028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f"], "key": "\\SOFTWARE\\MICROSOFT\\DIOHL", "value_name": "d3915hf"}, {"hashes": ["028e7d817c109690ac9799ba17df60ac20c0f91be074626679b20203e3dbad4f"], "key": "\\SOFTWARE\\MICROSOFT\\DIOHL", "value_name": "1f51aa07"}, {"hashes": ["0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6"], "key": "\\SOFTWARE\\MICROSOFT\\SYFI", "value_name": "78i3a05"}, {"hashes": ["0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6"], "key": "\\SOFTWARE\\MICROSOFT\\SYFI", "value_name": "28i58667"}, {"hashes": ["0481f124d71427c56338955f58a91a260b1ba8636dd1dfb08fd693efe104d1a6"], "key": "\\SOFTWARE\\MICROSOFT\\SYFI", "value_name": "3heae23"}, {"hashes": ["0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "key": "\\SOFTWARE\\MICROSOFT\\JIDO", "value_name": "15aj5a2j"}, {"hashes": ["0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "key": "\\SOFTWARE\\MICROSOFT\\JIDO", "value_name": "2c60jjf5"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1"], "key": "\\SOFTWARE\\MICROSOFT\\CIIHWY", "value_name": "1d6h2idh"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1"], "key": "\\SOFTWARE\\MICROSOFT\\CIIHWY", "value_name": "2h1d068f"}, {"hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "key": "\\SOFTWARE\\MICROSOFT\\IWAXT", "value_name": "2j12gbfb"}, {"hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "key": "\\SOFTWARE\\MICROSOFT\\IWAXT", "value_name": "ig0e93h"}, {"hashes": ["06e1fcba5c68e19d5aa7ba8414762e155610baee4132899d9c16b26e9f6c11c1"], "key": "\\SOFTWARE\\MICROSOFT\\CIIHWY", "value_name": "18e3h87f"}, {"hashes": ["0b71228014e578dbdad91cfcd2f6a3ca46bd5d0b2efbd1d386fe1609c45a5ade"], "key": "\\SOFTWARE\\MICROSOFT\\IWAXT", "value_name": "33j42d95"}, {"hashes": ["0b4a62a0c6bf615ca890921114d3494e6d28193b831559f4d1ec5420b3ec9d5b"], "key": "\\SOFTWARE\\MICROSOFT\\JIDO", "value_name": "1a6hbf9h"}, {"hashes": ["0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf"], "key": "\\SOFTWARE\\MICROSOFT\\PIVOA", "value_name": "2ege51ed"}, {"hashes": ["0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf"], "key": "\\SOFTWARE\\MICROSOFT\\PIVOA", "value_name": "1b89d2bj"}, {"hashes": ["0fd683025548558877095f19ae8958f269ecc4c79f0bb3b6d7649350351815bf"], "key": "\\SOFTWARE\\MICROSOFT\\PIVOA", "value_name": "2b5b0ch7"}]}, "reports_count": 47}, "Win.Ransomware.Cerber-9774556-0": {"bis": [{"bi": "pe-encrypted-section", "hashes": ["43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "memory-execute-readwrite", "hashes": ["43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055", "T1181"]}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421"], "mitre_attack_tags": []}, {"bi": "modified-file-in-user-dir", "hashes": ["43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421"], "mitre_attack_tags": []}, {"bi": "cta-static-analyzer-malicious", "hashes": ["43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421"], "mitre_attack_tags": []}, {"bi": "artifact-flagged-anomaly", "hashes": ["43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "pe-section-execute-writable", "hashes": ["43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "network-fast-flux-domain", "hashes": ["43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421"], "mitre_attack_tags": []}, {"bi": "network-communications-http-get", "hashes": ["43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421"], "mitre_attack_tags": ["TA0011", "TA0010", "T1105", "T1043"]}, {"bi": "network-only-safe-domains-contacted", "hashes": ["43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421"], "mitre_attack_tags": []}, {"bi": "feed-domain-antivirus-service", "hashes": ["43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421"], "mitre_attack_tags": []}, {"bi": "process-requested-named-pipe", "hashes": ["43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421"], "mitre_attack_tags": ["TA0004", "TA0005"]}, {"bi": "deleted-submitted-file", "hashes": ["43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421"], "mitre_attack_tags": ["TA0005", "T1107"]}, {"bi": "excessive-udp-connections", "hashes": ["43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421"], "mitre_attack_tags": ["TA0011", "T1095", "T1008"]}, {"bi": "randomly-named-files", "hashes": ["43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "document-decoy-dropped", "hashes": ["43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421"], "mitre_attack_tags": []}, {"bi": "malware-ransomware-cerber", "hashes": ["43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421"], "mitre_attack_tags": ["TA0040", "T1486"]}, {"bi": "process-uses-localhost-traffic", "hashes": ["43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421"], "mitre_attack_tags": ["TA0005"]}, {"bi": "process-ping", "hashes": ["43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421"], "mitre_attack_tags": ["TA0011", "TA0007", "T1049"]}, {"bi": "process-ping-localhost", "hashes": ["43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421"], "mitre_attack_tags": ["TA0011", "TA0007", "T1016"]}, {"bi": "netsh-firewall-generic", "hashes": ["43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421"], "mitre_attack_tags": ["TA0005", "T1016", "T1089"]}, {"bi": "feed-domain-ransomware", "hashes": ["43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421"], "mitre_attack_tags": []}, {"bi": "file-pending-delete", "hashes": ["43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421"], "mitre_attack_tags": ["TA0005", "T1107"]}, {"bi": "microsoft-block-rule-list-app-executed", "hashes": ["43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421"], "mitre_attack_tags": ["TA0005", "T1089"]}, {"bi": "process-taskkill", "hashes": ["43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421"], "mitre_attack_tags": ["TA0005", "T1089"]}, {"bi": "pdf-password-protected", "hashes": ["43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "process-deletes-many-files", "hashes": ["43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421"], "mitre_attack_tags": []}, {"bi": "malware-generic-infostealer", "hashes": ["43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421"], "mitre_attack_tags": ["TA0007", "TA0006", "TA0009", "T1083", "T1081", "T1005", "T1119"]}, {"bi": "enumeration-cryptocurrency-information", "hashes": ["43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421"], "mitre_attack_tags": ["TA0007", "TA0006", "TA0009", "T1083", "T1081", "T1005", "T1119", "T1145"]}, {"bi": "enumeration-email-program-information", "hashes": ["43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421"], "mitre_attack_tags": ["TA0007", "TA0006", "TA0009", "T1083", "T1081", "T1005", "T1119", "T1114"]}, {"bi": "rtf-appended-data", "hashes": ["43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "rtf-high-entropy", "hashes": ["43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "network-snort-protocol", "hashes": ["099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1"], "mitre_attack_tags": []}, {"bi": "network-file-downloaded-to-disk", "hashes": ["099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421"], "mitre_attack_tags": []}, {"bi": "netbios-query", "hashes": ["43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421"], "mitre_attack_tags": []}, {"bi": "http-response-client-error", "hashes": ["43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421"], "mitre_attack_tags": []}, {"bi": "dns-query-nxdomain", "hashes": ["099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257"], "mitre_attack_tags": []}, {"bi": "network-snort-indicator-compromise", "hashes": ["099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257"], "mitre_attack_tags": []}, {"bi": "http-response-redirect", "hashes": ["f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0"], "mitre_attack_tags": []}, {"bi": "network-fast-flux-nameserver", "hashes": ["317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652"], "mitre_attack_tags": []}], "category": "Ransomware", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": true, "Threat Grid": true, "Umbrella": false, "WSA": false}, "description": "Cerber is a ransomware family that encrypts documents, photos, databases and other important files. Historically, this malware would replace files with encrypted versions and add the file extension \".cerber,\" although in more recent campaigns, other file extensions are used.", "hashes": ["0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9"], "iocs": {"domain": [{"hashes": ["0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9"], "host": "api[.]blockcypher[.]com"}, {"hashes": ["048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7"], "host": "bitaps[.]com"}, {"hashes": ["048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7"], "host": "chain[.]so"}, {"hashes": ["048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7"], "host": "btc[.]blockr[.]io"}, {"hashes": ["0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9"], "host": "hjhqmbxyinislkkt[.]1j9r76[.]top"}, {"hashes": ["099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7"], "host": "hjhqmbxyinislkkt[.]1bxzyr[.]top"}, {"hashes": ["08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7"], "host": "sochain[.]com"}, {"hashes": ["08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016"], "host": "p27dokhpz2n7nvgr[.]1j9r76[.]top"}], "file": [{"hashes": ["0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9"], "path": "%TEMP%\\d19ab989"}, {"hashes": ["0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9"], "path": "%TEMP%\\d19ab989\\4710.tmp"}, {"hashes": ["0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9"], "path": "%TEMP%\\d19ab989\\a35f.tmp"}, {"hashes": ["0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9"], "path": "%TEMP%\\tmp.tmp"}, {"hashes": ["0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9"], "path": "%TEMP%\\tmp.bmp"}, {"hashes": ["0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9"], "path": "\\_R_E_A_D___T_H_I_S____.txt"}, {"hashes": ["0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9"], "path": "\\_R_E_A_D___T_H_I_S____.hta"}, {"hashes": ["0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c"], "path": "%TEMP%\\24e2b309\\1719.tmp"}, {"hashes": ["0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c"], "path": "%TEMP%\\24e2b309\\4436.tmp"}, {"hashes": ["0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c"], "path": "\\ (copy)"}], "ip": [{"hashes": ["0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9"], "ip": "178[.]33[.]159[.]0/27"}, {"hashes": ["0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9"], "ip": "178[.]33[.]158[.]0/27"}, {"hashes": ["0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9"], "ip": "178[.]33[.]160[.]0/22"}, {"hashes": ["048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7"], "ip": "178[.]128[.]255[.]179"}, {"hashes": ["0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7"], "ip": "172[.]67[.]2[.]88"}, {"hashes": ["0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860"], "ip": "104[.]20[.]21[.]251"}, {"hashes": ["08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9"], "ip": "104[.]20[.]20[.]251"}, {"hashes": ["08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7"], "ip": "104[.]24[.]105[.]254"}, {"hashes": ["2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7"], "ip": "104[.]24[.]104[.]254"}, {"hashes": ["4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7"], "ip": "172[.]67[.]157[.]138"}, {"hashes": ["33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff"], "ip": "204[.]79[.]197[.]200"}, {"hashes": ["4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7"], "ip": "104[.]26[.]14[.]247"}, {"hashes": ["4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7"], "ip": "104[.]26[.]15[.]247"}, {"hashes": ["08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016"], "ip": "172[.]67[.]69[.]167"}], "mutex": [{"hashes": ["0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9"], "name": "shell.{381828AA-8B28-3374-1B67-35680555C5EF}"}, {"hashes": ["0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9"], "name": "\\x6d74\\x666f\\x626e\\x6962\\x686d\\x67\\x6768\\x6a71\\x706c\\x6e66\\x6e6c\\x706d\\x6f62\\x656c\\x63\\x7474\\x7364\\x636c\\x706d\\x6d71\\x62"}, {"hashes": ["0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c"], "name": "shell.{}"}], "registry": [{"hashes": ["0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9"], "key": "\\SYSTEM\\CONTROLSET001\\CONTROL\\SESSION MANAGER", "value_name": null}, {"hashes": ["0135b84fca1a4d14abc635531bc63309ea8439294d7e0e0f2ae3eddd87c7ebc6", "048be43f802127b08b250d125d1f9c57b1bdd081edd8619a8562ab7f7120833a", "08d712ea317009d92007691fe06040f6e0cbbef628c1255524dc85eb949de016", "099a237f43a93b2f0891f693484dd1e28e568a02ba75ff6a27acf649235d1f07", "0cd5957d933c9c654759cecfb9b6868219b3020b290887b993c006f24b75119a", "0e686ecb077ec1e60e3f1d92ddab2fc6554976ad377507178b80eca3c5d158f6", "19fb88bee4ee9b388b777617ecf16797d271a47cead0b097c94192ca626b976f", "1e9b524bb8151033d40edb940f8ac6f9e380de2345523d47f9087feaa4b038f1", "2ea10f1381dec68edfd7d5c3c315fe0b166761f63a4f555e4b4710e026beb5be", "2fc059e4e35082674b57f2cd8ecdc8f9ecf37c76cb665367c6357b17c321a84a", "317a22232e759217381a98fd2127b216b9d806d36315df4aa794081fc334e3e3", "32f02dd23c37d273724efe3944de1ba7427970b321878c82268b4272dc9f91a4", "33c81079a0356fe96ba9fbeb7351fdb024564cacab60501618a3e282b54c50ff", "33f4edf991981aa5a9336e9c0b4756197f88cddcda4ee5c885109532dbe53571", "3be7e6ff52d1d0c3c820e1706a1bfae2f197a4a22d884678e00d072d4437c5a1", "3f3f7ab6e06d3027226069aa2d3dab78aedc3597309e493010439e64b4a00f29", "43098ad74d48b32479ff339bfc30e8ec54fd9ddc171b1147c1940e5f735c0d43", "4943704a7c6185fa049b9f311414ef5ca30bc135c3b97c2502820a9a4f9f7add", "4bcde915519a78d346ab973f2f4023891d303d6ab9c16a01182cc9b5a47ab2f7", "4f81c067e505b3bb70ab0850649ada75f76dce32b43035c02b4688f9f8317c2a", "54997ae882b4a1f7fabded5abef965870b6dbc087c9ad9c6c62e14149eea67dd", "574bd68f728b68087076ddf1226df935432636a410fbe211d8d6d55a8fc51e80", "61c830397fe79e5d3d71147586f9e83a7c616785dc4557b9d0d8ede7957bcbd0", "7109d8d69805f69acd87b98404d2f6ec1e13f96d85357d46ccdb8abd886df6cf", "870e3f05458b50578e114899ce702e51d4a26575b0e17bafc4a67cbf76b49e1c", "90076baf31a3dcc726d978bc9cf185ec88a9ba41d8631ac063a51c341745942d", "9440d481f1da89551bde0abf042f5a90c4066688e27111791768b1a2aee8116d", "94e90bfebdf75de14c61e35505266e2c09c18ed7b0558d5936320373c40c9d77", "a801435b8f51e5ab15ead0c495d22e905ce5ecce4d8d66860fd758b417db62ca", "ad408f9990a95be6ad42c8f8f14f94f3a7f44cd242fb2c5249aaab067b619a14", "ae70e6d112634dbd6c755e804600415947f1cd4dbed4fbab8cfe0c0d99155793", "af73e28678fb96752e00a6f3ba25554276a2c4e1983c8e41e1b88097129e9cf7", "b16ecd976f3b29cd565d6cf7d5090bf211df17681b23403a26dabb5144630cdb", "b5dccdae38bea258d1d2e4322a5237eedc933831f4da975567472312a079f793", "b8184e6cbebcd2031624d100b345e27ddfbb56734029fc4b711d7e71e32cfe48", "b853e130c22510d5a2053a51969b42b57e3127881f3938855c0f8d00654197d0", "c30ee3f7af878ef8923fced8e459f44e2d3469f7818a9adeb80d47386b4ec421", "ca2f7b22fa351da320e5d79f7b5e1be7ecece371ac61add041b28d819eef69cb", "d062c223aabb5226cf003a9af82c4bebe2812424752fb3b42b97a807c459abdb", "d133949e67e125f9e20ddb59b1c485d1f1bdd962ef02c8ee387dd8cfdc7b2812", "d456757c14c2c2f18e87271390a95a9cd339d0f882270ee8b3550a0f60457e7d", "d78effc936b56749b7d73e9c726b5a224797e18b6c95dd2f7c0f2eca475dc172", "db054b0d4d7efed1df70325f1fd8f416bea7d8663e4c79022621ef8ab1bd6652", "dd3e0410c8590918328f0346df3d0e98f058658434506b96bc3d3d4f8c8a2dd7", "e297577b9e48ca16aa4fec2d51132f9eeaf4670d4d65025290e8971f7d4bd38b", "ec85c472f8f79b819901d136f7b48e45f72276b266f3748eb76a4cab3a9b65b1", "edb930cf376a43a9a0db8e0884e9813deb608e3b18a286cf64a70a70f9214257", "f3e1bdc440d907fae1b2af886e3795378a8fd2900fed818d4c13f92483d85989", "f500122c9c5dddb1ba000b25a9613797557f4a3ff09976bf1f5e3841da5f3860", "f6792080e3a9369141a535c1379233fc160ff8ac50c74c38dac4ba1faf8523f7", "f6e352df5c2eaaadb374a91183597ace942d097a402de6f1f7e40deec0fd01c9"], "key": "\\SYSTEM\\CONTROLSET001\\CONTROL\\SESSION MANAGER", "value_name": "PendingFileRenameOperations"}]}, "reports_count": 51}, "Win.Trojan.DarkComet-9772960-1": {"bis": [{"bi": "pe-encrypted-section", "hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "c73781692e32f6b27244ee7c2b927a4df71bf7a4e008a75f119cbb90abab02d5", "c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71", "3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f", "c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "memory-execute-readwrite", "hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "c73781692e32f6b27244ee7c2b927a4df71bf7a4e008a75f119cbb90abab02d5", "c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71", "3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f", "c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d"], "mitre_attack_tags": ["TA0005", "TA0004", "T1055", "T1181"]}, {"bi": "antivirus-service-flagged-artifact", "hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "c73781692e32f6b27244ee7c2b927a4df71bf7a4e008a75f119cbb90abab02d5", "c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71", "3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f", "c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d"], "mitre_attack_tags": []}, {"bi": "modified-file-in-user-dir", "hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "c73781692e32f6b27244ee7c2b927a4df71bf7a4e008a75f119cbb90abab02d5", "c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71", "3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f", "c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d"], "mitre_attack_tags": []}, {"bi": "cta-static-analyzer-malicious", "hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "c73781692e32f6b27244ee7c2b927a4df71bf7a4e008a75f119cbb90abab02d5", "c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71", "3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f", "c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d"], "mitre_attack_tags": []}, {"bi": "pe-section-execute-writable", "hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "c73781692e32f6b27244ee7c2b927a4df71bf7a4e008a75f119cbb90abab02d5", "c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71", "3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f", "c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "pe-packed-upx", "hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "c73781692e32f6b27244ee7c2b927a4df71bf7a4e008a75f119cbb90abab02d5", "c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71", "3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f", "c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "excessive-foreign-memory-modification", "hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "c73781692e32f6b27244ee7c2b927a4df71bf7a4e008a75f119cbb90abab02d5", "c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71", "3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f", "c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d"], "mitre_attack_tags": ["TA0005", "T1055"]}, {"bi": "sample-launched-copy-of-self", "hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "c73781692e32f6b27244ee7c2b927a4df71bf7a4e008a75f119cbb90abab02d5", "c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71", "3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f", "c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d"], "mitre_attack_tags": ["TA0005", "T1202"]}, {"bi": "pe-imports-psapi-dll", "hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "c73781692e32f6b27244ee7c2b927a4df71bf7a4e008a75f119cbb90abab02d5", "c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71", "3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f", "c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d"], "mitre_attack_tags": ["TA0007", "T1057"]}, {"bi": "process-hollowing-detected", "hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "c73781692e32f6b27244ee7c2b927a4df71bf7a4e008a75f119cbb90abab02d5", "c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71", "3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f", "c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d"], "mitre_attack_tags": ["TA0005", "T1093"]}, {"bi": "process-requested-softice", "hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "c73781692e32f6b27244ee7c2b927a4df71bf7a4e008a75f119cbb90abab02d5", "c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71", "3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f", "c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d"], "mitre_attack_tags": ["TA0007", "T1497"]}, {"bi": "pe-uses-autoit", "hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "c73781692e32f6b27244ee7c2b927a4df71bf7a4e008a75f119cbb90abab02d5", "c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71", "3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f", "c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d"], "mitre_attack_tags": ["TA0005", "T1027"]}, {"bi": "malware-darkcomet-mutex-detected", "hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "c73781692e32f6b27244ee7c2b927a4df71bf7a4e008a75f119cbb90abab02d5", "c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71", "3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f", "c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d"], "mitre_attack_tags": []}, {"bi": "modified-executable", "hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71", "3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f", "c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d"], "mitre_attack_tags": []}, {"bi": "registry-autorun-key-modified", "hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71", "3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f", "c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d"], "mitre_attack_tags": ["TA0003", "T1060"]}, {"bi": "modified-file-in-system-dir", "hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71", "3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f", "c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d"], "mitre_attack_tags": []}, {"bi": "process-explorer-suspicious-launch", "hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71", "3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f", "c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d"], "mitre_attack_tags": ["TA0005", "T1055"]}, {"bi": "registry-activesetup-key-modified", "hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71", "3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f", "c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d"], "mitre_attack_tags": ["TA0003", "T1060"]}, {"bi": "network-dns-safe-categories", "hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71", "3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f"], "mitre_attack_tags": []}, {"bi": "dns-dynamic-domain", "hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71", "3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e"], "mitre_attack_tags": ["TA0011", "TA0005"]}, {"bi": "registry-autorun-key-system-dir", "hashes": ["4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1", "3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d"], "mitre_attack_tags": ["TA0003", "T1060"]}, {"bi": "fake-explorer-process", "hashes": ["4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71", "3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f"], "mitre_attack_tags": ["TA0005", "T1036"]}, {"bi": "deleted-submitted-file", "hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f"], "mitre_attack_tags": ["TA0005", "T1107"]}, {"bi": "malware-cybergate-rat", "hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f"], "mitre_attack_tags": []}, {"bi": "malware-misspell-binary", "hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44"], "mitre_attack_tags": []}, {"bi": "network-fast-flux-nameserver", "hashes": ["c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1"], "mitre_attack_tags": []}, {"bi": "network-dns-category-dynamic", "hashes": ["d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f"], "mitre_attack_tags": []}, {"bi": "network-private-ip-address", "hashes": ["c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d"], "mitre_attack_tags": ["TA0007", "T1016"]}], "category": "Trojan", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": false, "Threat Grid": true, "Umbrella": false, "WSA": false}, "description": "DarkComet and related variants are a family of remote access trojans designed to provide an attacker with control over an infected system. Capabilities of this malware include the ability to download files from a user's machine, mechanisms for persistence and hiding, and the ability to send back usernames and passwords from the infected system.", "hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1", "c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d", "c73781692e32f6b27244ee7c2b927a4df71bf7a4e008a75f119cbb90abab02d5", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f"], "iocs": {"domain": [{"hashes": ["3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71"], "host": "counterstrikexxx[.]no-ip[.]biz"}, {"hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44"], "host": "zzzzzzzzzzz[.]no-ip[.]biz"}, {"hashes": ["c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1"], "host": "floripamilgrau[.]no-ip[.]biz"}, {"hashes": ["d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f"], "host": "john1991[.]no-ip[.]org"}], "file": [{"hashes": ["3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71", "c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d", "c73781692e32f6b27244ee7c2b927a4df71bf7a4e008a75f119cbb90abab02d5"], "path": "%TEMP%\\XX--XX--XX.txt"}, {"hashes": ["3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71", "c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d", "c73781692e32f6b27244ee7c2b927a4df71bf7a4e008a75f119cbb90abab02d5"], "path": "%TEMP%\\UuU.uUu"}, {"hashes": ["3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71", "c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d", "c73781692e32f6b27244ee7c2b927a4df71bf7a4e008a75f119cbb90abab02d5"], "path": "%TEMP%\\XxX.xXx"}, {"hashes": ["3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71", "c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d", "c73781692e32f6b27244ee7c2b927a4df71bf7a4e008a75f119cbb90abab02d5"], "path": "%APPDATA%\\logs.dat"}, {"hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f"], "path": "%TEMP%\\Administrator7"}, {"hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f"], "path": "%TEMP%\\Administrator8"}, {"hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f"], "path": "%TEMP%\\Administrator2.txt"}, {"hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f"], "path": "%APPDATA%\\98B68E3C"}, {"hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f"], "path": "%APPDATA%\\98B68E3C\\ak.tmp"}, {"hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f"], "path": "%APPDATA%\\Administrator-wchelper.dll"}, {"hashes": ["b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f"], "path": "\\default.html"}, {"hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f"], "path": "%SystemRoot%\\SysWOW64\\install"}, {"hashes": ["3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e"], "path": "%SystemRoot%\\explorer"}, {"hashes": ["3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e"], "path": "%SystemRoot%\\explorer\\explorer.exe"}, {"hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44"], "path": "%SystemRoot%\\SysWOW64\\install\\iexplorer.exe"}, {"hashes": ["c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1"], "path": "%SystemRoot%\\Win32"}, {"hashes": ["d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f"], "path": "%SystemRoot%\\SysWOW64\\install\\explorer.exe"}, {"hashes": ["5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71"], "path": "%SystemRoot%\\SysWOW64\\system"}, {"hashes": ["5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71"], "path": "%SystemRoot%\\SysWOW64\\system\\explorer.exe"}, {"hashes": ["c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1"], "path": "%SystemRoot%\\Win32\\windows.exe"}, {"hashes": ["c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d"], "path": "%SystemRoot%\\DASDASDA"}, {"hashes": ["c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d"], "path": "%SystemRoot%\\DASDASDA\\TYTYTYT.exe"}, {"hashes": ["d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f"], "path": "%APPDATA%\\098E95FF\\ak.tmp"}, {"hashes": ["d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f"], "path": "%System32%\\install\\explorer.exe"}], "ip": [], "mutex": [{"hashes": ["3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71", "c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d", "c73781692e32f6b27244ee7c2b927a4df71bf7a4e008a75f119cbb90abab02d5"], "name": "_x_X_BLOCKMOUSE_X_x_"}, {"hashes": ["3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71", "c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d", "c73781692e32f6b27244ee7c2b927a4df71bf7a4e008a75f119cbb90abab02d5"], "name": "_x_X_PASSWORDLIST_X_x_"}, {"hashes": ["3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71", "c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d", "c73781692e32f6b27244ee7c2b927a4df71bf7a4e008a75f119cbb90abab02d5"], "name": "_x_X_UPDATE_X_x_"}, {"hashes": ["3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71", "c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d", "c73781692e32f6b27244ee7c2b927a4df71bf7a4e008a75f119cbb90abab02d5"], "name": "***MUTEX***"}, {"hashes": ["3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71", "c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d", "c73781692e32f6b27244ee7c2b927a4df71bf7a4e008a75f119cbb90abab02d5"], "name": "***MUTEX***_SAIR"}, {"hashes": ["3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71", "c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d"], "name": "***MUTEX***_PERSIST"}, {"hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f"], "name": "Administrator5"}, {"hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f"], "name": "xXx_key_xXx"}, {"hashes": ["3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71"], "name": "{C20CD437-BA6D-4ebb-B190-70B43DE3B0F3}"}, {"hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f"], "name": ""}, {"hashes": ["c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1"], "name": "0H5O44L47G1435Administrator15"}, {"hashes": ["b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44"], "name": "KRU8D05D61LR75Administrator15"}, {"hashes": ["c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1"], "name": "0H5O44L47G1435_SAIR"}, {"hashes": ["c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1"], "name": "0H5O44L47G1435_RESTART"}, {"hashes": ["b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44"], "name": "KRU8D05D61LR75_SAIR"}, {"hashes": ["b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44"], "name": "KRU8D05D61LR75_RESTART"}, {"hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf"], "name": "H48IHQL3P3B8KSAdministrator15"}, {"hashes": ["d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f"], "name": "71D1NLMU3MUS37Administrator15"}, {"hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf"], "name": "H48IHQL3P3B8KS_SAIR"}, {"hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf"], "name": "H48IHQL3P3B8KS_RESTART"}, {"hashes": ["d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f"], "name": "71D1NLMU3MUS37_SAIR"}, {"hashes": ["d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f"], "name": "71D1NLMU3MUS37_RESTART"}], "registry": [{"hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1", "c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f"], "key": "\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\POLICIES\\EXPLORER\\RUN", "value_name": null}, {"hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "c2d03a5a544ee18cd17f05a05e3178d8aed779f0e2ad0adf34afa648555f79a1", "c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f"], "key": "\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\POLICIES\\EXPLORER\\RUN", "value_name": null}, {"hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f"], "key": "\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\POLICIES\\EXPLORER\\RUN", "value_name": "Policies"}, {"hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44", "c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d", "d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f"], "key": "\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\POLICIES\\EXPLORER\\RUN", "value_name": "Policies"}, {"hashes": ["3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71"], "key": "\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\EXPLORER\\TASKBAND", "value_name": "FavoritesRemovedChanges"}, {"hashes": ["3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71"], "key": "\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "Adobe Photoshop"}, {"hashes": ["3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e", "5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71"], "key": "\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "Adobe Photoshop"}, {"hashes": ["3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e"], "key": "\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\ACTIVE SETUP\\INSTALLED COMPONENTS\\{3208RF83-73JI-UAN5-O8ME-26UN30T71N27}", "value_name": null}, {"hashes": ["3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda", "4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0", "55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e"], "key": "\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\ACTIVE SETUP\\INSTALLED COMPONENTS\\{3208RF83-73JI-UAN5-O8ME-26UN30T71N27}", "value_name": "StubPath"}, {"hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44"], "key": "\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "iexplorer"}, {"hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf", "b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44"], "key": "\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "System32"}, {"hashes": ["b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44"], "key": "\\SOFTWARE\\-=NETFLIX=-", "value_name": "FirstExecution"}, {"hashes": ["b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44"], "key": "\\SOFTWARE\\-=NETFLIX=-", "value_name": "NewIdentification"}, {"hashes": ["b19bbecc27dcb938dc99d60991b5e4f2ff2fef0fb17626bdc2e43da882fc8a44"], "key": "\\SOFTWARE\\-=NETFLIX=-", "value_name": "NewGroup"}, {"hashes": ["4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0"], "key": "\\SOFTWARE\\OUTLAST-14-08", "value_name": null}, {"hashes": ["4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0"], "key": "\\SOFTWARE\\OUTLAST-14-08", "value_name": "FirstExecution"}, {"hashes": ["4f03bedea9cbc328544670030a5464db88cedda803a7729f912b104a7be5f6c0"], "key": "\\SOFTWARE\\OUTLAST-14-08", "value_name": "NewIdentification"}, {"hashes": ["5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71"], "key": "\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\ACTIVE SETUP\\INSTALLED COMPONENTS\\{8TGFG46H-1HA6-06D3-W4H2-11700U3B045B}", "value_name": null}, {"hashes": ["5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71"], "key": "\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\POLICIES\\EXPLORER\\RUN", "value_name": "AdobePhotoshop"}, {"hashes": ["5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71"], "key": "\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\POLICIES\\EXPLORER\\RUN", "value_name": "AdobePhotoshop"}, {"hashes": ["3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda"], "key": "\\SOFTWARE\\JOHN", "value_name": null}, {"hashes": ["3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda"], "key": "\\SOFTWARE\\JOHN", "value_name": "FirstExecution"}, {"hashes": ["3522e80335d2c7a3c3b52f6f1165a367076c0cc2aa3373693edeb32a78e85fda"], "key": "\\SOFTWARE\\JOHN", "value_name": "NewIdentification"}, {"hashes": ["5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71"], "key": "\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\ACTIVE SETUP\\INSTALLED COMPONENTS\\{8TGFG46H-1HA6-06D3-W4H2-11700U3B045B}", "value_name": "StubPath"}, {"hashes": ["5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71"], "key": "\\SOFTWARE\\17/08/2015", "value_name": null}, {"hashes": ["5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71"], "key": "\\SOFTWARE\\17/08/2015", "value_name": "FirstExecution"}, {"hashes": ["5b49001de0bfb4cf84659520cc2c98872a001fefbb6c127a024874cbd78b1d71"], "key": "\\SOFTWARE\\17/08/2015", "value_name": "NewIdentification"}, {"hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf"], "key": "\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\ACTIVE SETUP\\INSTALLED COMPONENTS\\{H67178IY-3J60-10D6-YC48-N21C63H3K7P1}", "value_name": null}, {"hashes": ["d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f"], "key": "\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\ACTIVE SETUP\\INSTALLED COMPONENTS\\{51DRQ1K0-WQRE-1OG2-U04V-7WJM7JQK12GI}", "value_name": null}, {"hashes": ["d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f"], "key": "\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "Minecraft"}, {"hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf"], "key": "\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\ACTIVE SETUP\\INSTALLED COMPONENTS\\{H67178IY-3J60-10D6-YC48-N21C63H3K7P1}", "value_name": "StubPath"}, {"hashes": ["d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f"], "key": "\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "Minecraft"}, {"hashes": ["d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f"], "key": "\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\ACTIVE SETUP\\INSTALLED COMPONENTS\\{51DRQ1K0-WQRE-1OG2-U04V-7WJM7JQK12GI}", "value_name": "StubPath"}, {"hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf"], "key": "\\SOFTWARE\\KEY8", "value_name": null}, {"hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf"], "key": "\\SOFTWARE\\KEY8", "value_name": "FirstExecution"}, {"hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf"], "key": "\\SOFTWARE\\KEY8", "value_name": "NewIdentification"}, {"hashes": ["007730b6a156a117e4f88a929b8c5f1b95869d7fb848edf3ba03bfb071fa75cf"], "key": "\\SOFTWARE\\KEY8", "value_name": "NewGroup"}, {"hashes": ["d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f"], "key": "\\SOFTWARE\\MINECRAFT", "value_name": null}, {"hashes": ["c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d"], "key": "\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\ACTIVE SETUP\\INSTALLED COMPONENTS\\{0BUO5JJ4-2YRJ-5H2C-R708-06D384C611F1}", "value_name": null}, {"hashes": ["55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e"], "key": "\\SOFTWARE\\ARES", "value_name": null}, {"hashes": ["d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f"], "key": "\\SOFTWARE\\MINECRAFT", "value_name": "FirstExecution"}, {"hashes": ["55dd70221585c371f9b88a6daa54c974c7e8c6d24ca334b5e484507a87db796e"], "key": "\\SOFTWARE\\ARES", "value_name": "FirstExecution"}, {"hashes": ["d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f"], "key": "\\SOFTWARE\\MINECRAFT", "value_name": "NewIdentification"}, {"hashes": ["d81946222b7d67e923744d0e84084fc072d6c848465da155631d03f925c0909f"], "key": "\\SOFTWARE\\MINECRAFT", "value_name": "NewGroup"}, {"hashes": ["c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d"], "key": "\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "HKLM"}, {"hashes": ["c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d"], "key": "\\SOFTWARE\\MICROSOFT\\WINDOWS\\CURRENTVERSION\\RUN", "value_name": "HKCU"}, {"hashes": ["c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d"], "key": "\\SOFTWARE\\WOW6432NODE\\MICROSOFT\\ACTIVE SETUP\\INSTALLED COMPONENTS\\{0BUO5JJ4-2YRJ-5H2C-R708-06D384C611F1}", "value_name": "StubPath"}, {"hashes": ["c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d"], "key": "\\SOFTWARE\\88 - 225", "value_name": null}, {"hashes": ["c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d"], "key": "\\SOFTWARE\\88 - 225", "value_name": "FirstExecution"}, {"hashes": ["c54c688ff66fc26c593b0715f946b2ea5a0ab4f612b6ea4c4ffdfa4b6be5ec8d"], "key": "\\SOFTWARE\\88 - 225", "value_name": "NewIdentification"}]}, "reports_count": 10}, "exprev": [{"count": 5216, "description": "DealPly is adware, which claims to improve your online shopping experience. It is often bundled into other legitimate installers and is difficult to uninstall. It creates pop-up advertisements and injects advertisements on webpages. Adware has also been known to download and install malware.", "name": "Dealply adware detected"}, {"count": 3808, "description": "Process hollowing is a technique used by some programs to avoid static analysis. In typical usage, a process is started and its obfuscated or encrypted contents are unpacked into memory. The parent then manually sets up the first stages of launching a child process, but before launching it, the memory is cleared and filled in with the memory from the parent instead.", "name": "Process hollowing detected"}, {"count": 1860, "description": "An attempt to exploit CVE-2019-0708 has been detected. The vulnerability, dubbed BlueKeep, is a heap memory corruption which can be triggered by sending a specially crafted Remote Desktop Protocol (RDP) request. Since this vulnerability can be triggered without authentication and allows remote code execution, it can be used by worms to spread automatically without human interaction.", "name": "CVE-2019-0708 detected"}, {"count": 1622, "description": "Install core is an installer which bundles legitimate applications with offers for additional third-party applications that may be unwanted. The unwanted applications are often adware that display advertising in the form of popups or by injecting into browsers and adding or altering advertisements on webpages. Adware is known to sometimes download and install malware.", "name": "Installcore adware detected"}, {"count": 1530, "description": "The certutil.exe utility has been detected downloading and executing a file. Upon execution, the downloaded file behaved suspiciously. The normal usage of certutil.exe involves retrieving certificate information. Attackers can use this utility to download additional malicious payloads.", "name": "Certutil.exe is downloading a file"}, {"count": 1255, "description": "Command line options indicating usage of XMRig Miner have been detected. Malware sometimes uses compromised hosts to mine for cryptocurrency on behalf of the attacker.", "name": "XMRig Miner Detected"}, {"count": 1067, "description": "A process was injected into, most likely by an existing Kovter infection. Kovter is a click fraud Trojan that can also act as an information stealer. Kovter is also file-less malware meaning the malicious DLL is stored inside Windows registry and injected directly into memory using PowerShell. It can detect and report the usage of monitoring software such as wireshark and sandboxes to its C2. It spreads through malicious advertising and spam campaigns.", "name": "Kovter injection detected"}, {"count": 682, "description": "An attempt to bypass application whitelisting via the \"Squiblydoo\" technique has been detected. This typically involves using regsvr32.exe to execute script content hosted on an attacker controlled server.", "name": "Squiblydoo application whitelist bypass attempt detected."}, {"count": 541, "description": "Crystalbit-Apple DLL double hijack was detected. During this attack, the adversary abuses two legitimate vendor applications, such as CrystalBit and Apple, as part of a dll double hijack attack chain that starts with a fraudulent software bundle and eventually leads to a persistent miner and in some cases spyware deployment.", "name": "Crystalbit-Apple DLL double hijack detected"}, {"count": 493, "description": "A PowerShell command with a very long command line argument that may indicate an obfuscated script has been detected. PowerShell is an extensible Windows scripting language present on all versions of Windows. Malware authors use PowerShell in an attempt to evade security software or other monitoring that is not tuned to detect PowerShell based threats.", "name": "Excessively long PowerShell command detected"}, {"count": 189, "description": "Gamarue is a family of malware that can download files and steal information from an infected system. Worm variants of the Gamarue family may spread by infecting USB drives or portable hard disks that have been plugged into a compromised system.", "name": "Gamarue malware detected"}, {"count": 94, "description": "Maze ransomware has been detected injecting into rundll32.exe or regsvr32.exe. Maze can encrypt files on the victim and demand a ransom. It can also exfiltrate data back to the attacker prior to encryption.", "name": "Maze ransomware detected"}, {"count": 83, "description": "A process associated with Microsoft Office, such as EXCEL.exe or WINWORD.exe, has started a Windows utility such as powershell.exe or cmd.exe. This is typical behavior of malicious documents executing additional scripts. This behavior is extremely suspicious and is associated with many malware different malware campaigns and families.", "name": "A Microsoft Office process has started a windows utility."}, {"count": 16, "description": "Trickbot is a banking Trojan which appeared in late 2016. Due to the similarities between Trickbot and Dyre, it is suspected some of the individuals responsible for Dyre are now responsible for Trickbot. Trickbot has been rapidly evolving over the months since it has appeared. However, Trickbot is still missing some of the capabilities Dyre possessed. Its current modules include DLL injection, system information gathering, and email searching.", "name": "Trickbot malware detected"}, {"count": 12, "description": "A process injection was detected that is most likely caused by an existing Qakbot infection. Qakbot is a worm that spreads through network shares and removable drives. It downloads additional files, steals information, and opens a back door on the compromised computer. The worm also contains rootkit functionality to allow it to hide its presence on a system.", "name": "Qakbot injection detected"}, {"count": 10, "description": "An exploit payload intended to connect back to an attacker controlled host using http has been detected.", "name": "Reverse http payload detected"}, {"count": 8, "description": "Fusion (or FusionPlayer) is an adware family that displays unwanted advertising in the form of popups or by injecting into browsers and altering advertisements on webpages. Adware is known to sometimes download and install malware.", "name": "Fusion adware detected"}, {"count": 7, "description": "Smoke Loader has been detected. Smokeloader is used mainly to execute other malicious software, like ransomware or cryptocurrency miners. Its initial infection vector is usually an email with a malicious Microsoft Word document or delivered through an exploit kit. Smokeloader uses various plugins designed to steal data from its victims, particularly credentials stored on the system or transfered over HTTP, HTTPS, FTP, SMTP, POP3 or IMAP.", "name": "Smoke Loader detected"}, {"count": 6, "description": "Palikan is a potentially unwanted application (PUA), browser hijacker, a type of malware that most of the time does not explicitly or completely state its function or purpose. When is present on the system, it may change the default homepage, change the search engine, redirect traffic to malicious sites, install add-ons, extensions, or plug-ins, open unwanted windows or show advertising. Palikan commonly arrives as a file dropped by other malware or as a file downloaded unknowingly from a malicious site. It has also been closely associated with DealPly.", "name": "Palikan browser hijacker detected"}, {"count": 5, "description": "Cobalt Strike is a tool used by both penetration testers and malicious actors. It has been observed being used to deliver Ryuk ransomware and other payloads.", "name": "Cobalt Strike activity detected"}], "info": {"origin": "Cisco Talos Intelligence Group", "publication_date": "2020-10-09T14:24:59+00:00", "version": "2.1", "warning": "As a reminder, the information provided for the following threatsin this post is non-exhaustive and current as of the date ofpublication. Additionally, please keep in mind that IOC searchingis only one part of threat hunting. Spotting a single IOC does notnecessarily indicate maliciousness. Detection and coverage for thefollowing threats is subject to updates, pending additional threator vulnerability analysis. For the most current information, pleaserefer to your Firepower Management Center, Snort.org, or ClamAV.net."}, "signatures": ["Win.Packed.Banload-9773267-1", "Doc.Malware.Emotet-9772039-0", "Win.Malware.Razy-9772501-0", "Win.Ransomware.Cerber-9774556-0", "Win.Malware.Ursnif-9770757-2", "Win.Packed.Zbot-9773448-0", "Win.Trojan.DarkComet-9772960-1", "Win.Packed.Kovter-9770937-1"]}