{"Doc.Dropper.Stratos-6724145-0": {"category": "Dropper", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": true, "Threat Grid": true, "Umbrella": true, "WSA": true}, "description": "This is an obfuscated Microsoft Office macro downloader that attempts to download a malicious payload executable. The sample was unable to download the next stage, so no further analysis is available.", "hashes": ["00d3e76c7614df1533cbb40d0b3977cfce6e5f01b8cc0aa6ea858891ef104715", "16079ba3e75ebbc34e3ef692277332d41ee0d1aa248a24c7f5ba74d88f28d01b", "1ded830b66a15ef7288f088b3b4b1a84fa55bf0700538953614f5e2369128fdc", "217d2260555214d8e6e72dd5dd7ade95b206efebdd948ad05a1dd88e4e39730e", "33a99f39eb8a1d9fe223b4ca61d21fe8086b2a908e00954959b971868424e46b", "35a24d5a55e3d33b0a4d183141758c409b639fcd077cfcd062dc53cb8d03d378", "3927bc5e8064ab1fedd6e0b9826aef4fda01e6be3b218b9b482d4ae60d929d67", "402a1bd3bd18102d3955b0e5dcab8b76b8c1025fb828d410c1fa93a872a2f1f9", "42c74a8a4e195017753e917153702bbd4d6812576cd94f0fc0035bed6aa1ce1f", "42ff1fdd87f84e321a4348a5b113ba72634fade79646df750ec72f907d787db9", "523de9a89e6d2f5713fcc4b7e3ea1d27fa27d13e5d17a0f08aab6d86d9e2a9b6", "55953f034bc3edf5248b9c978916a2eb45bbf641892baffd7744ce0027cdaa2c", "5ed8c51ce0a7706599d5f7bbe843fbdb8fed579591012146fb2fbd92bfece4f8", "616d166cd0fc20ce5e583b9c0c306833fc4a371214bc9a3b5f9d33deac385c68", "781c06eeafa87a7a27b573fde822faae4ac0ebd7a19ad7400ac8595e1a89fcaa", "83245b8849c886659767d6227051ea8b48ead681cbe62c12a4557cf8c3a2b61d", "934a7d7edf49198d685569e2f5e40e225f90e407a87478243379ef71d7f4f6c2", "9653288c0ca91e1b968a39e2f8b2e7c7b5b881e064c0bf2d234ea0b0619911ce", "b15f383006ceff832ef575057a0a75cba726822864d37aef5feabc43ca316971", "b41b3a7b83f22af9892cc69801086343924d8ee23f5bf8062cc2748c9301f1a8", "c08ea9800cdb66012a4adfc3a5bba200f7f1db8cc37f50c133201f5ce46660c3", "d182a022ed754bb7c963540d0a8d9cd7579b458d4c2057d5f72caeb11566b2b9", "d3a40ec14f52e1e7e1494ee7e04ad651e38618e29284d3205ec21cef6e9699f2", "da9f374901e55c225f03ec68dadc672e13e9f0dc36508fe416cec8faf87795af", "e8c4870bb9d6e7cb597a86c97f2a64c71734aecbd9c72f7302b730dcdeffabe0", "f3d077d1637f17358dc8f8f3d8a75496f8861021750257467746c1677681b022", "f8e636f793411bafac0d7ca580763efed6dd8d9121bbfb43e68f6f675109e59a"], "iocs": {"domain": [{"host": "www[.]kum[.]net"}], "file": [{"path": "%UserProfile%\\Documents\\20181025"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\kdinwwrgg\\ONSEXGA\\PowerShellTrace.format.ps1xml"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\kdinwwrgg\\ONSEXGA\\QsheHY.exe (copy)"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\kdinwwrgg\\ONSEXGA\\Registry.format.ps1xml"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\kdinwwrgg\\ONSEXGA\\System.Management.Automation.dll-Help.xml"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\kdinwwrgg\\ONSEXGA\\WSMan.format.ps1xml"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\kdinwwrgg\\ONSEXGA\\about_execution_policies.help.txt"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\kdinwwrgg\\ONSEXGA\\powershell.exe"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\kdinwwrgg\\ONSEXGA\\powershell.exe.mui"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\kdinwwrgg\\ONSEXGA\\powershell_ise.exe"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\kdinwwrgg\\ONSEXGA\\powershell_ise.resources.dll"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\kdinwwrgg\\ONSEXGA\\pspluginwkr.dll"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\kdinwwrgg\\ONSEXGA\\pwrshsip.dll"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\kdinwwrgg\\ONSEXGA\\types.ps1xml"}, {"path": "%TEMP%orary Internet Files\\Content.Word\\~WRS{68695D36-6967-4FDB-A2FF-84784E101F5C}.tmp"}, {"path": "%SystemDrive%\\~$4900185.doc"}, {"path": "%LocalAppData%\\Temp\\kdinwwrgg\\ONSEXGA\\powershell.exe"}, {"path": "\\TEMP\\~$a24d5a55e3d33b0a4d183141758c409b639fcd077cfcd062dc53cb8d03d378.doc"}, {"path": "%LocalAppData%\\Temp\\onexzlc.exe"}, {"path": "%LocalAppData%\\Temp\\kdinwwrgg\\ONSEXGA\\QsheHY.exe"}, {"path": "%LocalAppData%\\Temp\\onexzlc.exe"}], "ip": [{"ip": "88[.]217[.]189[.]35"}], "mutex": [], "registry": []}}, "Doc.Malware.00536d-6731394-0": {"category": "Malware", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": true, "Threat Grid": true, "Umbrella": true, "WSA": true}, "description": "Doc.Malware.00536d-6731394-0 is a malicious Word document that drops malware. It attempts to download and run a second-stage executable from a number of known malicious domains and IP addresses.", "hashes": ["4e6c2a6715fd91a76a06321eebd22430fa47e1a298a12e6d5134327e62215c07", "57b3f97cf7f8d8bfc4aef53f82cc1b1e154d7fcad2302048192e44afd47cf07b", "6ca1773b14b136dd7b3e7906f73d0d05f21d00e1f829303ac9167454f1b22bee", "7ca67da6488d5e5acf74919348ebfe4a780a7f70cc3b49455d0f588a2150ad8e", "88fe8fc07008bdbd6a87f96184cc3ced3e2df8a1678d7d145ef6affb62683cbb", "a3c3656b7c7471d26a98acc02233ef906cb3bc20f4225c81fd3ff07111498ce5", "a72f70f2b0ea6638b3da69ed3807059ec98bc258deeb17fe3fdfa392b3c606a8", "c9aade2865566b50d1827c45b070f32c1db891101ed4783fcb471f43fa043958", "ca9b78bb32da00431081f4385ac85ee341e7e668aa934dbea8f5ab44b9621179", "ce31ffafe8ea619a703e04f7b16559999530f89ddb8fc78545bcee8f4e3c45ec", "f6feed4b063c2e25fdaf7af79954d78fbd6db361916f512a8e73f6665f8fb3e4"], "iocs": {"domain": [{"host": "tt[.]zicino[.]at"}, {"host": "doom[.]matr[.]at"}, {"host": "ovellonist[.]com"}, {"host": "ut[.]ritpur[.]at"}, {"host": "app[.]xenope[.]at"}, {"host": "u2[.]tip5top[.]at"}], "file": [{"path": "%LocalAppData%\\Temp\\~DFA1AFEB97E8C0B1FD.TMP"}, {"path": "%LocalAppData%\\Temp\\~DFFFF0E8FCA29DD7E1.TMP"}, {"path": "%AppData%\\20938.exe"}, {"path": "%AppData%\\Microsoft\\Office\\Recent\\346748415.doc.LNK"}, {"path": "%LocalAppData%\\Temp\\n3j5vfst.vvc.psm1"}, {"path": "%AppData%\\99fc8a68.exe"}, {"path": "%LocalAppData%\\Temp\\1fxpdoag.uzv.ps1"}], "ip": [{"ip": "204[.]79[.]197[.]200"}, {"ip": "144[.]217[.]0[.]194"}, {"ip": "54[.]39[.]74[.]124"}, {"ip": "8[.]208[.]9[.]98"}], "mutex": [{"name": null}, {"name": null}, {"name": null}, {"name": null}, {"name": null}, {"name": null}, {"name": null}, {"name": null}, {"name": null}], "registry": []}}, "Win.Downloader.Upatre-6726679-0": {"category": "Downloader", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": true, "Threat Grid": true, "Umbrella": true, "WSA": true}, "description": "Upatre is a malicious downloader often used by exploit kits and phishing campaigns. Upatre downloads and executes malicious executables, such as banking malware.", "hashes": ["02c04966bbd775626d1738bf454148543e8cc4564ff9f1ba3110395f96b05ab9", "031edbb534d9bf394bebf4cc7f64338d7212b05a7a7bf2a75f5348feaeabb9c5", "11e046d9a88238806a7458c5f17dfec74c1038dcacb7a345f492f5d9b285255f", "1273cdf1e5440ec05d61930132df0152be89eff4e28ac59de8e653022f664579", "184e4171672a8eba20a357aabd274a454ed1c71a0aed1efbb028b9676c53ccd3", "2556e8e75d5c1cb3f6fd2e716242c991dc9af8138561483993ce179c3d50e48b", "2eb229efaa5a043263e6546583c811738d5695a8afbb035f3c76fe80929c18eb", "32867f896bd20600c6712759889c031984e933ef1b0b4dfa9e061bfa0b6e994a", "4b8d61f0af68f03e586773b1226e635df5f6b2a417c88131885aa4201ad96c6b", "4caf12084718881f7d0fee2c4655b7afb8c27803f0c1bbeceb4c48a9532cb3c8", "4e07e7190e98511ba11637eeff341227aaed60ca58e96bbd69fd5659f808b56c", "6d8fabfefcb131b3535940fab547c10e5de430a079113671d2d09cf0c9582ed1", "826a5879182924c1f00f72885583baddcb8cd3ce9596a5bdab44abeea5f02ab9", "9c7e51d51513e337bba8b4fcb88264203986e387a8b9d820b9d6a0f2cfca26ef", "c71f83b153fb1e488930375d7a62eb77c34493f617b415447cd6b6e7cefb68e3", "f1a99a424971247e557d9f2d6c90e1e27f1c3407ced0913701f5f6bd40cdc4bb"], "iocs": {"domain": [{"host": "cardiffpower[.]com"}], "file": [{"path": "%LocalAppData%\\Temp\\kgfdfjdk.exe"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\kgfdfjdk.exe"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\lrtsdnn.exe"}], "ip": [{"ip": "83[.]136[.]254[.]57"}], "mutex": [], "registry": []}}, "Win.Malware.Cerber-6725830-0": {"category": "Malware", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": true, "Threat Grid": true, "Umbrella": true, "WSA": true}, "description": "Cerber is ransomware that encrypts documents, photos, databases and other important files using the file extension \".cerber.\"", "hashes": ["0015a572f00b8ec6f68bb6a3683f7741a1a35d436c868ef545e016a279c7740d", "00200aac1922a420afc4390974ad1f099bf86eb6294e757ab22004628f2be226", "00528962871098906eb33d0422c1a9b7bdd0cbe481af1bc058d1c2a09793f055", "01ef8b829770bea681075ea9b9ad648c5cf8c9db42aba719d921c6841d0ffa6f", "04eb627d86eeff6c9314fac423f535d798ed95d3384df9e0944447af7898ab0a", "05506752a964566bc3ec936db6da6e577bf3e1c04d2dadb1143cd137ff66e715", "059eced85a1c189ec1eceb9cb642e801db20cc61d40782afd7fc479169e0a799", "0655f2a8831b5aaece1fe2af39583c6261564a13fffec7354857ae440c824786", "065c909c3c855be6646202eaaaad38e47c234be5927f8b635b9e9a0482c99965", "06f20532a0285a7e01634e319a78db15d3eb08e39c72ee92412c161be3c87d33", "072114ad12468fb6610c20c9912bd40b5e25e0183dab9edff8b93aff79cfa846", "078d4a7287160344439bd701f2fbf027c76dbc85e2d9ae98a586d69ebdca712f", "07bbda40f1bfd84bc619fdaa05ac029251d919b8bd100f724905400fb107beb7", "07d09bac351855dd383ed882657241b3db150d1a24019af08233b1b73795cdb6", "081f9d0b1bd3ea8e7b69d0ff6c93c27e9e76c29124cdb539141a439bdb2bf8ab", "08b4cd3370515fe4936d3126b12c738b2acd704ce24830119b1d69faef6c7291", "08c0234c26c9b8576d428b2fc177ca4e9140ddfae8c213369a86bb4ae2fc4b06", "097db35097f7ef2d8b91a517980e399c92e9938208110846561581d2bf5bb96f", "09abc80ec4c160755e133f356e909219b2939f78ebb7896973094c78de55f42b", "0b07fbacc4450198d6f430bff653791c43417af9e6d11f46b6ac75711e89c2a1", "0b4123bc026cc6ac0282295c5d7bd9271514cdc771c9a84e359f3ee5858bf811", "0b62139f8be2e7640c17e4c6ddc5c4c7812fd061480ea112718ac5e12ea70838", "0bf510cbc1ee26748f285b6dd9f5e8d96b26ba5d732e6f9b1ad4e6b1695292ed", "0c90601d82e2725a11bba65b9eb98c2154d6e2b27aa813936e75e7f740128971", "0cdc982e7c0fe5c5d9100ff621c424af79ec3dd49e718a454af3a14f9add4c54", "0ecf00907b18659f5aadf60c7fba2cbf5fc23c16ae0a28d393c3c499d3902a8f", "0fd3dc9b9d887023489dc8db1c16aae8eb068ae1c9f9d2dd89c3ab687ccbeab4", "10420f3a99b4f978df18c3c3aad2257906222b8f66cf20cba5bd4d5d5b8dd3f6", "1095ced85b47ec1ef6c7b50d47888e6e2af8a72171b166b96dac3194293d13f1", "10dbc740f96e24e81582cbcd80b12af6d9f2904096859661eb82ea7693308688", "113c2da6e8552a17c33226eb8d0421b7b3a5bdd06e398b5abbd68b63650116a4", "115662529a0f229e528d742fa5977a3507b2d8ee1e17899b15790ecfbd19c9b5", "11c55acafb6d7249ec5fc9ffa3851c231642cfd4f98a30a7f5dbc49fe60b6152", "11c9ee827970596a17abb193ffd0e25fdbbdda308f238ba181b4b5c55426fd55", "11cb2433eb9332af90207abdf8abc3f8b4b8ed54d973683e24f3f8866a189556", "12dcdf9eadf0325cb515c78878c6a6c4c61610e90ce527743f6d1ea0dbc54692", "131ee27dd11fccacb2ea5826635abef10be6029132bbac2bd6c5d9c969d79bf9", "139aaafadb5737013e404601a1971989c71ea786bd97c398d1ef17d9cfadb9af", "14b63c93d1b0681f2d65fa95570096f734d1b5a7fee34d4cf4fed60964892bb4", "14e811d2098c5bc2f4fdb5b974fbd02c56f2fdbda731bc3175cba262a26c728e", "153f7812fd2dc6b2c013ebc7a9dbc97e2415872337b2fb189012ffa8222527ac", "15b25100c112124a30fb4a85feb3ef0278719f0f270e7d6bc81d2f3361a93673", "164d4451c14dd6edaf31768ee6eb03caa43ce2a388bc2f8ba28a83d3da2b0052", "16b9067fcbe3bfaa3667bd34979e89763a8f330f3540c9c1dd7a88502200a3b7", "170ac273ea265768db451baff0e13623643374a3cec06b6bdbe78993273b8f11", "18053b2c37a31d6b4ada195ee61dca17aa1f700554de89986c0a067be114520e", "18072dc9ace3169402a3b6be511f6f49efa7ebc74fb5034405d1dd2fa5f34a93", "182511ca6c31cfa794ae2d1fb72ec34acc1bee618287398e23224e01440b24a8", "184e9c1547d896b6691ff11ce07bf19a5e91e5a8cfe85bbd62e0805085add1e8", "1861dd0d61e060af8c148825a737c01d6b3d1e32ca5dc92d2b57e7d9b7e2bfa3", "193f7aeae8dd8d75fed443451199ad64d582f87da93ae8dd6b5d1b13d6cd8618", "1a4233da6898dda95517d2f9c343fdc753bbf994d132c9ea0915491d8860ef25", "1a8d20deac9ff46bfdf3002cee31db5916b2ae6f177ee3f1a382077536d7a1c2", "1aa1c9f5754f26a54b4885306d5ce53f310dce2cd936f53bfc3aa6438c89a958", "1b7a2f9836366dc8a94069546561dbaf5cd428ff4084d773c6239640fbbeeb84", "1c2ade5d55e933efc5c994b94de53e4c706b1b17bdfd86484fc7b2a0784e5c9d", "1c668a4e4e76f2ecfc679f6a9bb347d4be71eadc7f26387d510dc8ac0a9bd66a", "1cd41b55f39c7f32ae5ef018919bd041552d8e73315064b3a1849a19866fde2a", "1d1fa11527c485dad268e2f30f88e602bf7e155f9113e7d5ef30bc461b0f5ed8", "1d9520ebe84f5d996c660902015a90714e84e7e27c718462b15c8ef4f8287ba8", "1ecab82323f835761f29e5392fc0339129bd72dff0245d3a679d876a0d97ab01", "1ed02df2a5eb4000cfe53136730319415dacfed9f1439cd8c443df5cfb821977", "1ee350248b7cd4492aa357b5d9d16ae3638d9767bd6015fd6372976c5be08f96", "1f233cf1b6588eb3c1f0fcc00a9283c765c39f1fcaaf655cc24d47bc365f6355", "1f3af198c41fe4fdc8bee6c5fd77c9edd9e14868113bbe8c18dc0b22adbb0608", "1fc6eadacdc567b97aec511c91443948ef76b363cd78379753cdadb1f13a511d", "1ffd674b00ef58f9acb0deebd4bf6623e9105c37bb3c61c23ae51dc3b3952ed2", "20015179a9da951c64d5267a8e7ea91f871efa9e2d6ec201a87fad13b30561c0", "207c6647c647d69d879a3441513e2501408a951d49afd78a9ab5b981efe5054d", "216bc3f90c8dccd284d21cd4cfe060a63379103ab25fca08410c21e0dbbbd48a", "21cf4e295a85ee4a7210924594a386ee84b04a4aa1bffbff72eebbcacc3c1085", "224a7b2a6826c0b9f156306216806fc380a0863f1c5eef0d98740d056445aa19", "23021ad63e2267f41f19655eeaaa29bea40165342dfa03a22d58fbe9b5ae2819", "23767b98887ed01e83b395a195ba5a199163082624116cd059fdc190b5d97724", "23dcf5f3e7ea718146fac7b1fece283d1136cfa3ad3e74fe32314e1deffff39c", "2454408c16b37b499dec648a35c3f5f505276da85af8581fd0d2823a469a1e1a", "246d099da87dba73618f1ff2d5ec6ad198882ce22e4546f9dbf9ed91f540bf76", "25bc994f635d3b7265403d39774812fdaa7b003316887b18c79433a67b4fed81", "261442d003c5eadc9dc336a5203910795f41ae8cc4856d69f27fde884cc2035a", "2696ab9f034f49d4fb26d724fe74eea75a06e0af689c41eb85146e2dec6cd3eb", "26d6cc6bd92d986ca3e1499ba250a718127fd622f614641562c2a50de68db845", "27bbbdfccb0e60ff38dec0b47959117f1f1244c92532d244e1ead7b66823ebfc", "27cfe36bab1bef8fdc2ec853a3e3b596d0f078651d9760e032f93b6a50e0bdb5", "27d56f94bd8ee55dea0ca4a00e4e7e2e0433f0983fac87bcf5a2700d92e2bc2b", "2887f0db4493910c2d1b722b4e7169d6e7f17d9f282dba65ef3fbf6fabd68174", "29054500d99aa386c85f9f74e9a950d7bfdf19911ec2efadb0128a6355fe6d04", "290ffa6a4bcd65ad2fe358afd950f6dbc05545e52c26f9ea9500c6771d4d0343", "29d27845d5304f168ad0ecb17647cbd5d8cc383af71cf318fa5df268b154474d", "2a59a6cfbff68c58eaf45463a4caf2bc7131af6da05f784dfb7e70ffc2274241", "2aa6613aa4605b8b64789eb67b079d1f3f0e6fe90a29e9f791e5fe69cedb0b34", "2aa97d4a2248a969860121bd6dd2b3ff47a578b639849335aa5ba8d0abaf0c11", "2b7633233ce312175f38c80d3792f380aa09c577004f3a3c846d168a06806bef", "2c1e6ea02d7157283575c2acec8831ae55b368aba035f4aea3a48342e4887038", "2cf3ffb73e7493e9a2d64025cfdc19cc87dbfa2bd763e47674a74e3dabb5f0d9", "2d3afda53c67e8533081452359292207a1de039f2a12351648432b7c780498ac", "2d510688358a84ed1ba20e0018162917900e2b9a215e9072444e864d659673fe", "2d5c6301e82d0c1b896c9ca41f2dae64a3f3732bb636c1ddd183413875bf5b1b", "2daa9bb348e663f53036a03269a803e60dfb0838eff3e637cfd33773fbdbbfd7", "2dd5ce1f7aaaf17173bea878bb38bd2db6851462d9008144beef02f63ae58bf0", "2e260c06846cb55d583f49524481f0851449afdf43816e587102b8cd2a497d0c", "2e55b49bd25b2b84909372a67370098b41b782627b346d3a8b551cd96b713d2c", "2f2a2ab9eebf0128785b2df4a8d949dd31489e4c90b5b88119992f915be8a1c6", "2fea9de2716f314458093fe31f5be829ec9d1c5bb2b1317fda38d6a77fd5138d", "3115142ccbf713381aa652aa96a8fc146ddfe29213f2644b7cdcd9781a1f5936", "3205bf3d0d443f3c1819e7c0e07c05e3e4c41841c97086c311d70c17e2220460", "32a7179b508c65df2b55d6e1b72f9c47c7d4a85576f4ee6ff6c42d444a8b2532", "338368a51de24ea3ff7f6661da722162b204fee2ef7f806f2148bc443093b5c0", "33e78b126c06be14e1a60792b6d52023483fd8a43c49f5c979a8f97e9b80f1f9", "3403a97f954e00a82387cefa41cf444620d9bd2be6741208c1913f3d5ce10c58", "34440085fc02ee9016c5c27923a3703d0a10f8c87ff2f939c92574d3e349a5d2", "3474fa686112f4a9b173338e0bd7c277512245b95d59a2b9069a7a36afdc81de", "3487582ee5e1a382e67b69ab515d377601c76b094ed950dbaabdad0a161307c2", "35090eb053f6f652fbff7f2c586d0d010921ef42d9d59de95af8ef38372752a3", "356e648e1ee8603851533e744d4ae8b3c9bcf99ff4a5c579992887dab017d2d6", "358c58033aadff05c627f00e3db938b800adb6a6f6a51fd34f444375eabc83cc", "358fafdfbffaa33ba688b8aa87d7c239dcb50d6f68c5701bb0b72e0e4993efa1", "359e360ab13e02cea328762dc07368031b4381b8c6a0e92883c1b895df6ebb55", "35c933211c18d9a81a44cc4553ab0b7d5f046c1dae5c615ba5c5253dda219ca7", "3623479ba5159ffc8d497f3cd592d1cd1eb6971763b30765ebd80aa0bff7a8e6", "367531a5cc1ad7657bc386bc624dfe5fdeec9968c5eed6b1566b5b3bbe173b9c", "3723ee20d3dcc6e3cd756018644080f9a0d7528183c2303b85df4802943b9580", "372a2dd504e740c95fe10bb93aa8afe2e2a2d5581e1e6c9dcfeb02ccdfcef465", "3927716827f5e52a7880426e83de3ae8b0fac00c4f32a41bd814640eddc38dd5", "39849272050b79db79cd67607f3303bbe5a7a43e462fdeedc2deae515585fd7a", "39e218c1b81591c59c7038477a7caf753cbda928eea7b7ce4ad43970316a7482", "3a9542b6a1799296f2639aa76a9bbe0714abab550dc21067462329240dc02077", "3b72146a836ae639839cec1cb7ecebfac78098bb10c2403795b7fcfc518bc2f7", "3bdc6241b6769162e898c3a3eeae220ec5ed306691f38bca0f0cebfd35b9cfaf", "3bfad047f6422eec7f1fa3dfac0f1a37de47c829f559801b0adfbcb165fbaad8", "3c248978c62c0f9f42564e966584741e13c0b11cbf1bc056fef247287242ce44", "3c82f366ae736cdccad78979fb5b99bc9e7ba396580ae386eaa9b6918645cd81", "3d1a0d6e61a26d51edd16566d19f07803c40c9a8ced1a0ca3f502136356c4b23", "3d1a4597af300b89006fa2fefefe808f2acc1f0eda8444d3e1a94252dafc1e18", "3d789ac33e0e98938e287d4c76abd7a4605e6a555aae610ed4bec1adb06f3449", "3de9257025b92606f01335177dc10b3f82d4d7b9d94308bd2b8a971df2a93c3b", "3e69cdb882c0a1cacffe90bfdbf1e62b42b82b8adb734997335d4bfedc30a1dc", "3e88c800918fc1e788c8c234a329fb59ce8c92cd413d3c77bf919c30a6ba5b7d", "3ea51c919f7f894aede0444a4263a2658a9c4d44006b5e94911ac4d9ede56151", "3eea4cfff2705851ad81ab17bf6004d9b4dcced78997683d287243d5bf64b3bf", "3f21f4d598435574f514be6fe136a9bead4f6e8784d39d51ca4bb9554c5b1433", "3f293119a273579aaf48ce30ed2803a30c285d99cb768e605b2a3a267c1aa433", "3f38cab69e063095b4303caa7f13e303dd7b5b893e0bc28913ae44c600e77b4f", "4076b171245de81bc75beb51773d1beda16c5b6e551730fbc41ee0da4fa9f7f3", "408634d615f472b5b9cc9ae3ee726cc62ff0586451e5096060c1486b4906a64a", "40d8471aac078dbff3665f8d207b9918c9fae19750808e802bcc662a22804e86", "418db441634544cd1cc1b077c792093a49556ce4d61e58bef61930301da74629", "41cba0280f98ed1e0abd2c33177ce4c3fc3e569ba708315d1ac8e7a5b7ff369b", "439782ed4b11a7c0a90a3aea4a6159ccdf29bef880e2f07614f6bbe1f9b293e4", "43de7a7c979b458280f0e17acf8f9c37ecbde32ee21c0d3a748435f9f6152202", "44b3f86f4e4ed069342579f2df3286b78ce34d71698be113d1b59ba298ca4bcd", "451155bc0a0b52a1ae8ac58d9ea438a890b3032fc39cbaeb3cd9a5f49f723ef4", "456d8cf9f506886116635107c0391f63883a97cb131aaaafd102711544d1c873", "4590d9d896b5305f6100bcc4c976c2e59193a8042c305628d7da1e842648aaa4", "46f920f83cb0329e76ec58a941aa47928f4ce62f6a5d7a3c6d226d4d7199c835", "474986b3a31f97ff8ce3568ba511eb82ff033443e0f48da40da50f021f6a2853", "4787ca0334877b0827c93ef5bf8135caf2829d4649ff0c068c8bd984f8d01045", "4847dba7488dd8b3e9bafc6d354c3f6dcf665785f3fe5899babd90b3a7f4c51b", "498d60c18b2278ca1e5a009a349b78c507ba492dce72eda9ba0b0da4951da14c", "49ff3eb12ddd6e94dbc28b33a6dfd769f50dd2eee48dd60854a36e0b5d81c94e", "4a01fa34c815d044c4875522b54a3210ed8d8a60169b789f50f6a202cd3fbed4", "4a47309cec2b83bf3b92797701bd75f200b596642c266708c4a9cc4028d5768c", "4acdb15065cc311345ae69ed5418ebae1131d5684ab4fb97c4303dc30087a40e", "4c1ff9541078bb33ad4dce6af092a32bbbb97af66e37e61fda0dc355b6753832", "4d8395f63e472a142a4855976221afe1948396236fea3c944b73b5a9d237bc19", "4d95b1bdb3363d67a03d726fa431c567cf3709889c92f213af183d32355c694a", "4e432a7049dba9838695ff25b1e2b2f44500c53ed74776aa3301135acbc9cbcf", "4e71118beb40a3e0c26b10c19422082b3a50d3bcd2e93f9c16c948277eb5e4a8", "4ec36fdb41197db460b28214a187c1349ff6c66347fe11cb88798a3ae2323b57", "500d990482cc2790e7e3c98d984b90a86ab204936f10b70ac50e0657c4a92d3f", "502070b8f1fb7041c34d5c5d9288b8d9b72cb268216783a7071c29e92b313bdb", "50a2e9511c7bfb0940c5953f0f07a275386ce4b8edb921dce4bf8b034419a624", "50bdfde59a7665ea103bb30c2fe134f19dda9c8d8dfe3904d4257f2e21286451", "51bfba5765f77df4b7dd6967432deec5db23cd3c8e11b044e5f767dd204f8be6", "5325a8314135516e0c2e15649cf9f45df7bdaa37bf9555ecb4f5721614f4b78d", "53580a395f49467bd8e2ee3b411fca5376a3f491af683daa7a59f96f2012b999", "54e515ab4eb5655797c73cf52dcde1b45f74e6760b34c9f72e80e74c7cea5913", "55ec596500425ec7dab8c21eaaed74747150413a9d097be7e4157a22bbefcc86", "5639a2ef67885498a96fb9dfb9d5c0335143f1aa6119f9a599abb1ffe5b6b7c5", "56c3ad98916271b379d7397fdb07e4d42f77117b68b1e1d2dd21afa78d11e685", "571e0a48384767f942f63bcd73bd92a7c7054260c34850c74dcbf7b8aa0283c1", "57222fdc2b01daca1946f9f422da10260163989eb4fa90839433acbd1d6b15a0", "57c74e6fe03ab1d5cefb7ae60e38d277b10d0a47d88078599ed0270d165b3191", "57d5c83d7a2331f9888297f261c7b026e211b0c7b245b25453bff7348bc78ef6", "585082b257d32ee0b0342122acc5d5048d0c616b88d812f98c90fb0d7b52d7bd", "58a1be17e45b0ab7c043316c814171a35a974b77fecb4978344b6df1e3060ebb", "595dde9a4772c48190921e01a22f5b12ec58fd1e3f13e8ffcf030295c25f0b34", "59a1e549458c0f072eb86661a2f57ed8238538576ee58051785fdf2f9f3c5b52", "5a043e5e312f9240a21cffdfadcfbaf587164142a35441fa6f842381634c0fd4", "5b20e63d60e964c5cb4db3d36ad17cf2727ed0c65ac8554669bc364e67949a50", "5b8fc7e6739b951174e6050a9d21417815bd0e97ae902557753454a129560959", "5b927fedd2150745ea36ecd6628ce4c5f1fb7d0e1815f4a4191606a8944433e9", "5c0f581e4f3ee6494d55184454362a5d6ef1599948a4eee56557ff6f7e0e5f11", "5c8c638fd7a822dd27033d5334bed653a8b3b26d34fa8015c89a65751af73705", "5e0bc8488c8c9810e2f3307570972625174062c8d534286d80fa3a7d87343d4e", "5facd5722caef5d4fd807a89a1c052de1e2a2ed18a0dafb245043fb8f9d9c8a2", "611299feb2d605cbc36e758eeab9f68f2184bc65b24da6c6f9c85b9fdf551d3f", "616ba93d17549d7bdae1cffe16e4b90d740e2408960baf4adaf314e04f4c7645", "61898968c8f8535ea13daccac92bef71fbfaf2ea5fadb24c682fbfa75ff910be", "618bf021d2008213be51b459c5f20a0e00cc9969c32fc8d97cce5b173814ce4d", "61f20f4793e6fb90b9dc4a1c0eb854262fd8f65ac06efbb8ca540f262b98feba", "62b0b23b2cfcafaf7da01c7097090db89ed15ba75c52fd30052223d9a27733ec", "649bc8223b56e9930afaba26d6278ae5e0b7a9512139fd159600366a9d7953f5", "65a64882d898d57c7c5f1865b59f1c6eb60adc07956bcb8aa9a33894a11ce234", "65f9a857d297de2c3cf67e75b3fd27722fb0f0fec14919a32d3f13649a009483", "66f82f87d4937a4ecd37d40f9a9058768b9b3458d18890bb0c74603fc36a894f", "671bcfe1de07811d220b069849085206e78fef19732faf2bb08ece8562b6ff10", "67692f82114a58d76f23fed36d7318a5d9f7c0d855d1eb0022f4f3aa034a0ef5", "67987bce5d29f14ce79b08e5b717f40523d2241c643f69af0f0e1cdc5206ce52", "67c8357698183a3c71592bfed4e0707ad0ef5f6bcf01a602daf1435e3f468e85", "6b24c44d64760cba22c1f8672269999faa648798ce7e2042d2cc4ef7f612ca07", "6c56ebee0a218e908575190a657a868a14db1ef6716b5934dfba1372a718fe34", "6cf90a472418a5894382be3fa079d55ad5d44d1228f92ecbd8183817cde2bb61", "6dcbe8267949432321fb0c51f842d38f02990f13040e2a2bd97cc8d74ee287a3", "6de82686640abac34fb01826b2be54500cd508d04f4101c081f48d7debacbdc0", "6dfe5f627824a6d02cf3d79fd6762160cf1db8295fa399c690e93141a18e95e1", "6e40bb613affd9004774fc33f307b1e4c5afc1c07fe721b8917ebdef421c2d25", "6e81d6fa7caa0dc05b1d1eb22c0f6fb1b2efac552dedec596eb3b9c46f37ce23", "6eb9e9934d39dd142538593e693fc3027a18900e09e3d8bfd90e86c13dfc32d4", "6f96c8f65f677196939d4bdb4daa082a347c198dcc85b16091eddfe54d65ed10", "7064113a47cb61d6f1c7606d979e7c80035b47ae3d8c9a2076f9c77d63acc73e", "723ad013fcc6e6e55f58667b68ac819d63f99b24d334cf85b0a4a3e615f99d37", "72a6ce089bbc04a32e2bdb2530968c4427e25d3f73eca7d4295418c7f9302280", "72b73aa787d97bfed1f26aa870a4420e0eb6ee6b515625936371bc57ec36761f", "735b1b7486561ce3c544cabe455b1b8c6bab382f0621a9a1098c881970271fd9", "737fefd34853da39ab648a9f345533f8949e340132a79a31f5fb2d7e6a45db54", "765602ae8c134fb87d72813bf6680c8258cf6614fbb0a0e780a3acc47859ced7", "765ed35ab5621ec58b5a9d780ccd9a2e4419ff946e645bc9e8ba00d8d2b4e321", "767b0f7092f21230590afdbaef0293ec258fdabde38573aeb9e318b6318f9ee7", "773ef7b25ae2fb3210801d5ce335e8ca994a7608213b1cc4b5fc958614e73620", "77c611be225832448d8af1e3db2799e253cbef584770e5c143f5018a8cc1a2bc", "78405a198842f04c08380f0ed21cad6263d55f39e45c790ff7cf8f6b3741f823", "78e5f04d52171b2a81be1a0f2bba5d8430b8e86f341339a9a799b0f8cb53c961", "7981936ad5bd97e35e5c589215ec52f290dc36a0417025a177f4a4fade0a4205", "7aeb9850d4e243d2613907204a0a0b5ae09659a03135989d4d0c51d8641d66d5", "7b18cbda721a4981b0bbaaddf2b05bfe73eaf6640578d76c1442fe5c32266201", "7b7c260173b3cefddd9b730330789343a2471f326c907cc7590bf2f3750c0151", "7bbff4f8ad13b191862123d0a7f868988a03ac186445bc5f17ba190d37071e7f", "7c1f2cc2dc9ec57dbe560c897f7bc06ac99f29148db41c017efe2bb0b44fb20f", "7c3755e92ce9537267a962425ee526840ffcebff05f39422be7805036b7463ee", "7c6e433798d283ebdc81adc16acd7ba671a132ddda8711542b233ba3c8411983", "7c900bc8d4f539cfb121b07b4d54fd17d9dbdd423e7aceb279026fa76e69fb11", "7cd6ddb8537ea1204d4c9e6446f969e9c12e2a3d4bd988623509cd7a1ad61e03", "7d9943d334c98274fe3cdc219821e952e2d3ba2a23b304c41b01036cc9854620", "7db313f080621f3680a4ab22dc7d0c50a36dcef582eaadae8fc451288376b50e", "7eab3d8e6bf2425fddfd9d672df3507d891cc5cca320ee2a08d6d34d2bfbca1f", "7f23c4f164d88a4f36d29eabc7177dba9ed7982113c0558216ce14532ba33424", "7f49b367aa7faf5ce3e2494b7e9ddecfa7dcd51cd788c391fe0a6de0d6784b38", "8012f0c2e6361be2d40b6dececb669d12a360c6320c47a32f915508265844e58", "801409b5d4d702b1d33cfda3497805b8cd7c96ad9a273adf0ee4f9b48c358396", "81fd311a9a25ab8566f2d336cb5c34df1f3b5828cb01801e1aa211f6ca6a2809", "82b8625a90f6b28a98ab586dce74f014edbde4ae1b28420ad7d5c5e2647c547e", "834328bd6a85a7bc8f94f4ec1b5639efcd46cb09d2e49137e83102c67415bb94", "8376b53c01bb05b7819a061d69277842f693984872766c3fdd7f0100be996701", "849581041c94b6c6ea8b9ed6e382fc85186f23e64bec6ad4c5344b4b040537f9", "84a91c0be6137e71e59663401e74291e18055836fa232c79d2aea33ed33f777f", "852d1fc8eede6067c36de62e837b31de2f29ac43ed71d9640913e10d0fa4b68c", "85e8b6ace8eba18a54745c991adbdc327b19b28bae2965d3fcc62ad50c2c6137", "86b15addb2e60a171a5a9059f6a046ab5df42b7786bc6357c4787e6eb8628b72", "87777d2d831db3ec8747646d24b202ceb4fb0e9df65c8140fb94cb98f809f260", "879ebd66e6a619a08bf2950c0b78ac362e798766b257bc32ea199935b18a447d", "87a1699a0e28ddc63186128ee6302b92ce57b111b050983b318b8a2e401bb29e", "885908ecbf58d2383f5d067ca68e7903af5a6a92e93fb0c2f06715d03e31c478", "889e0aabcfa17afdeab889e1a4917f438eb4f1458d5440c5c88139b406c501d9", "88d64c2425e7da5069092c24ec8bfe57cd53f2b241273e197dbcb2af434d26df", "89df4aa70c2143920d701f485d492f6ed3bab3c9c75b782f3f61a0ea641329db", "8a1b5e830b03f73fe840e019aac293bdf12ba42c1c4d754e62a135e177c8e4ec", "8a7018cf97e144f8a7653809bf2a88f75c86a7a2103e310dedccde1b3e53d104", "8af958330bd6ece66440f8b45fd37ee692d1b21dab5581cb97219b273a5403f7", "8c05d86a14ed27419b9a2039414f28456505efadd4693d348751477a467f6f99", "8d3cb45b5e5b939b91a3510dee483ba98dc695547e8f384e43b874e819f3d0e5", "8daf3f9e1f07e1c700647b048c8938b189bc5f3a2cb3041232cf5bbd9b4a42be", "8dd00c7459a66401076d96f5517b514ac14e0aaa2cbf05ea39df70494bc82d81", "8e47d4e20da5d3411b5f511ab36c3e8c034c7938454ca3d579aec17603af3e3d", "8f02c8c7eaac25ef49fd8f4fff59e495b5fb41f39cd80ad566593704ff78f228", "8f7c06d366e39b2e437fe3da56d550f71cd307e4cf5003ef60d132de02976075", "8f9feac6c88937def87c90f3bfd733d83af132b15687d5aee47a64bdca83035d", "90c9045f36b5aeffa24f1471ae246b4c7f2320d7d35ceed1f44716618cd23430", "9110934ae240d081b6d3e73c13f238064d429ce014b6d27b0365007fd14fbd1f", "91dee960418ac503cb6ef04437fc9771b0a1ce2fa75a1525a427e19f8af9d906", "921e901f1dfe64c9d6926d98d25fd786bcb4f0e85598e07303b5c106fb405463", "9271a434560bd9180c8aefc0c5130afe51812cc4330c8b54a0bc68bc4737c79a", "9352aa20e2a2e804403c93f4708a9e1991324895b0322058f6a63ca040a3b530", "935f17da7e4453e1c75b85a416527179dcedc796fd268677690720f3b8e55a4b", "93b4ea798ad387b6f9e4c235b74463bcfd9e9d2d527e5fa00ff3f1016c64cb80", "93d36f90f4da0ca8c959219926a891e824aac6ce0348a9aec24728e7b3352f34", "94675c48110abe0ab81f05d7cae181e4fe07c10c2886546c08756a3fac3fc1f3", "94b68935a4692f50cb704bd8174902c77fb818405d9878f1fac6393dc26d06fd", "9537b487377ec5b81c9bd7c93ba9ae7b4609cbad7aae469dce839fced97b8a0c", "95a60b95f0638a47447f0f2725e665a0158e9105279f15618e4bf680bb39006b", "95b7dbf374be30e84d07e698a6744f323f9d7079a5434768a53fe2a93300f054", "964d7dbe01ab64881f636b41e71ee85f5a6863e52ce9b4b0abf36638907383dd", "97519331022f45647b39c90c9e3a5e2e820caa0cdb92ec55b4055453857bc083", "97bfd50655659b8517151f24b5b3ecb2fb84f44a82aa39a523ed8ba7c5b39107", "98326dd8d36150746d71cba651f11472e4ee3627791ab90b1a959edcd2825c09", "98b1ff46a0171f5b25602dff92ddd9da6c1f1b59b6594bef2fe8f54feae3cb11", "9a2a56edbff4674b1432fc0565315290f912a8c5afe7ad132c1f4f9502c07f7d", "9a45ab4cd749a8877d863083385fa8b406028a01dc191072e5aa0958fd8a897f", "9a66ac3539be2ee3972da9bf3750d58c73e5288198d048373e41642033ab84ab", "9a8411bccad5a88ec28a429f4af93b40ffcc6d1f665e398f5800600afbc505ed", "9ad069fbc86217fe27ad659c09941fc9505949cc930eb7f533e593695740de34", "9b66d7e0276c95004a58c9508b5640379dc3d50087cf58fa99b909703b4d1359", "9baebdbf148635cc20edab49503e02e1472b647ef53e488f9e0e039c6427ec1a", "9bd8a1f45dc35f2d523f92153209add05c3d704adb7673ae613e42965ac166df", "9c7c49b736feeefb18aa09cb9b0e9bd9bf094710ef0f6112970a3b4d8f94b300", "9d1ccfb1a5cae726615c5f6a3d2ec125e0acd8566b600a57ebf9349085460b93", "9d44dba8be058c164d02463973cda98c67cccd51d337f1d0c4166f6b08ecc267", "9d9a15074b57b589a1dac888d33ad64cc51a26052f97ebfb34be1e095a50534b", "9e1c5c5ec8d3cdd20b210cfdbf83bf73610fbe14c23e6b7f8a2a3cc2ed9d3904", "9ea7c986bfe75edcdf643cfb402c82899c2c8c0e1ca532873190875ea7ac3ff9", "a081aeed12565292a2189b730dbf1e5368786801acbb177bc12bc99022381b49", "a133c1cecb2ded42f5173aacbc8d6c4724ad76684e3e42732f8a81c2b28add53", "a15a72e5cd44f7001f1f59ea948d806c8e00ee20b44c9c0a02213fa2328b9bd7", "a2134710f8f1d2e95f16ddb6aade952c53482d1b22f6757ecd6283796af9aa24", "a2599b65dd8d9aa877e27e148822a062bfdf2a576846932747e67a5dd0b86faf", "a27bb64ea008a4ceec44ea3eada769c47e10ca90f1ba06d49526570ead942b03", "a287b9c4d84b202e91fac2c99b134b6eac8ad8b91548ce243c13d0bef05118a7", "a4657b22122735bc0600ffd9e228c6b156fc300282d83f36837b9b9e92ccd097", "a484f7002c8307a2d5849ab699c215af209eec86764470b7b34362e557b32a31", "a5ab0811a685effb405766edf6ddd48b385e070a773d0f8a9375edc15f1c9a41", "a5fed34dabbf530ee90f8b621832f996091a6bc4bcc63671d41086d63cf17616", "a6957b9d789b9ca344ecda55618d8d83ad65447f985e5099f89940dc3f66ba6f", "a6e9c664603caaad94ce11bf90493e0a076257243568b89b88b82ef031f6b4b0", "a70cc2b1ad5d32475f05b773fb98d8398d3c550efcd585cfde0f9b5f312cc19d", "a7d58a6ed433bb8be7a9f7a338734b381fb15260b1866abbab44b9642b90f648", "a7e6a74b1d9c4181eb9c71049e4676a1b0ab45e3213e722d8c87cb1b1599a2bf", "a81027867f29241a20ddbd53aefbcdd6c3a9233e31ad5736d8dabdbe76f6b45d", "a810a154684eb8c5f02a147a41064b82022e6c5f43624d6d3d9c48567b162341", "a828e4bc76a28f272516998d348779bca69aa0b1b92edff4c0e055d8a4abf0c9", "a844c55141e76d65fc423769c4b6541e8f5c21d92d1d802686618b2da3f4dfe2", "a95db5e040cd8a8a21f02f469be11ba47b365e2e7c4abab127f79dffb6dca062", "aa0f0d427f70d23cf2d81dcb5b4bb77d737329984074a95e725afd5d054386c9", "aade672635ccfd1d9c40c0dfc0f2ba29c4cddce56efe953bb52abca068187d58", "ab102ef8697e16e5e2fcbf1da886473c2b93d17b7769e1b34e87089d993e9b3f", "ab1fb672522299dfcebd6b8a2378e4007bdc4bcc45bf57847c2fff1fb6331d8f", "ab5521a127f2e9e4f9c4251e35505f22941bc499f961fc33ba44397e689e96a4", "aba6d6c1b18beaedf31e89250e24a0757af55d1e69916bc4d76f76d8737748b4", "abd61c6c6d7548ca61ed09bdb7add86623acd4ef9b46b361db80bd8a3b5f9b08", "ac0ecbbc8eda0d192ed23bd45eaddb27219ef20c5c41d65fa13ff4a10c174cb7", "af0720d04528a19d61bdf015e94d60b10770ce5a9b0a488a9e3beb90937b7058", "afac2f9d0702b64f7d739d7c83060381de0ff049b536e87e6a124560260e17ad", "b03f7746a9864859932882dc2327a6b561539ae60df1768ce5f2869d8ac22864", "b04cf57deceb2e3c886227efd7e449cbba4b1d6d72f11e5eab024a8a674be3f6", "b102a94d2852e2d6c1e67011a4ab02d1ac629c34f936bccbf21d73ab3bb4205f", "b126f75dbb5cd76413ba5196f225bedfd976a5cbaddc7cd705ecce76383438c2", "b2c36dc4731eaf6ea9f5084aacb24bd9278fe99817b132aabd387708fcee23bc", "b31deaff2e929adf2fe0c3794090446db3e52c6642981657246ca7f7406763f1", "b385fd3b87f87d272cc622f7f8ec698980b9127b899d14ffb4759d0b2e86b153", "b402cc6e70afd248ceec40d022258cb8283fd6650e1233f690679190ab0a3847", "b45cf7c9f3849c8fa22b55a27da216090b1bc46acebe8bf0b95f5afccb962a2a", "b47c0b63cceabcdfb42e187b780c2f94e3fdd34e0bb6b4dd004868b8e1d67cb4", "b4d924deb261a7accfba4df1d450419e9dbe05673e093f8ec56a3070d46d4cfc", "b4f92627f3d63dd79934284ee06807fdcb30814b5ff5458c717664082eab8436", "b506c533cec78ed3f33eccb03b346976bf5c553e93a7996563224bcded80c061", "b57ea0c1f5f498891ef00dbc7cc737cb7ae13183c1df8a0e2be352cc618a82c1", "b5863736148dbf9e383126546904638920d3a58c2f1a8dd6e9508034afab2f06", "b5ff4267700d817e737cb5eca2efe326485149090c2ac098caf93a56e0ec731d", "b6d7aded6d9870ce7a9ab397c5ff733bb75fe85e1139513d0da53c2fdf6774b6", "b7aacec028a9fe0acfc52fbe8feb62a1bc28770dd94a9463ceea009345b21d15", "b8170c8b9f12699140b1a1ebef5d178802ebf8eddedfce47c76c7482a53515dc", "b8f2af0b88fc2395b1cc8ac107ef3b2c4065273b017e773e968a28d1b5bfa41e", "b9145a1dd165f52162d55e452f21f198fe35349fab35d95eac1873679bd9eb33", "b94e8e74a5e36034a09422d03cfbe0344ef2daea2a152fd8707708ba3966e6bb", "b94fb8c70ccbd7ecec099a7686670fa290ba3339f2a4bfb7544a2eadceea1a62", "b9858b98fdf643614c4331a21b4e21e3f71d844a818b9fb7b5258e1750bce5af", "b98c9f640d5719d6f42ba960688a11300b78f1b4ff571ec66a034f2207e84715", "baf0d809132c2801e3685963b9deb0272920ec1822760990777e9f14ffd5a7ef", "bb721879b5aed7307c77e69fd7268a93b48ef3cb3e18bb6f6b52e8ef8f2c8dc8", "bc68d7eba18f57ced6ace9f347e778debbea96c4d2bb2831181e8a40b9f21a00", "be2d49526d1d78aedebc1c12ed944d3bba05f6662554cb3adf607fea1885e434", "be3e36953743685245a52009b3efd498c76d8261731507e61686bd2477d18c34", "bf480514a6747849dafa716950c32139e77c38e38887dbb3593ecc3d2eb9c229", "c04126c107a60f9f71457268bc52d518d4be365e6fe8547ed0eba2dacb61f845", "c062bd9dad34f286ae32e58ceb99f149a53f8e6d26232e4f8627cb23e9e79c60", "c09633c4195ef7ffef28ccc6472160e886a98a1ef5bb2bc4be1f44a76fa34ca4", "c0e137eff0a20a136f8a6cd4d63066a806d8da771579699b5b99c055b1c41090", "c11c2a1557b3565b8599b69479f562cb868efce2322c23ae3e45f4e83194da22", "c1676fddc72ea6e1118f0be6167f40346ad2bcaf22654972d97c9ac348b9b4e6", "c17541e62c191865230495aac880df5c1bd54d84c99860d201b1d197f433be43", "c1c2d6798abb9e49338f7746d09916e6409b28930e0f680811bb9a8df816e411", "c2084a4bdc44bbe76c7368ca10cdc2f76f9939c56e61d6fcce375f675fb3146d", "c23104bee36d60d6bb6ff921d8e9ec4366a8440805208d5f9d26c643e35f93c8", "c23dc2a307355892e4053062745a7fa5c54ff80f02b56c7ad25a9f5e2fb04035", "c28054a76f046245fec2712e34ed963055c89d1817eaf240eb95d7e315fbc523", "c2f2a9a9e8c13051b99a873d1898079806f6b6b92a924e7be866bffdc0a33d73", "c35bb4697bbe0567ca6f2ad381eacb19203802f4830eb0a0aed125bd19ee6e9c", "c40be142a14024baac5bbbf4c36f8a3b9a5fbd3926d6cd66c57567310d51b170", "c4782814979ef5ff90617ab976e3fe522f7d1dc2013a44549393b5d246cb2226", "c4c3e660d8fa6c4e11913f467bf3abcc3addc75cf537ba5b781c70fe9000edf2", "c537415368874f5f172b32b0d5ab10ccf0a8fb5dfdf4d7ff99a80dcc8b6ca5f7", "c5f158ef74bea8cf652ddb21430e1acfbe91a0b84860bdd7095506050fd34530", "c6352d8414b26452d52e3f684c2bfddb7dc622d9d175159a14dd32f6ca550bfb", "c637bd4df7f5ddb7fc8bb3218870091a5d4d06ab5c035fa123f0c76a831d4d85", "c6ea58f7e5b7aa330ff6ad6e185589c8502527dec63078bfb9fe32642b777427", "c7648ef695e5bba69675b8da037f2f1e2ca9e1aaa525f011e26294a00f8f7557", "c86ad29d6ba6fc491f991bae9cd6b3e5f27ed4828c416263205a8f64f1f00bbd", "c907a8ef42698e0a86b9b2dd8e24cafd9fde1d8c2af0e5048ee3c615febd9b31", "c93d28fd77450fe2f546f3505d0eea4d87514fc946ad89035f4e87c35c92727b", "c9b3d9d923827e8f4fd78c440bddbb09369231c5ef28b9b8a38fd0c60ce9ba95", "c9f27daf6d1f7d42b461eb6a32d03bf0c8d8991ba91a52d834bf81264fe8ad00", "ca56b8adf4582527eb24d7fbd56ad68c7ff16927735c30cc524c964e1a879fa5", "cb2493d368ccc26f5736817e83c4330a6aa5d37c261305c9e7fd9a527d2e6bbc", "cc1c83d254557501588f91a3fd368b0cd3add9f075fb42f95a0d6c64a69a434d", "ccc66d0f20ffe081ec2f77f53f7e68ef7a9f34132dfe6f5630607f00b6806322", "ccd27eb38bb1babf3578a253eb1d63d7b9c59cfbc06b05392b0d8e85accf63a6", "cd85c898ac23f305c1e6e5eaf92e41ac509e8e3c7f3e236bc7583b3ca5e419d4", "cdd85bbf38146db8a9e7b39954adca85d343f5b596de1cdfa3fcc8ac37c8daf3", "ceecf391f732c6cc55755f56cb0b6a30f6c76810480f8c4bb6be2bea12441e81", "cf0f3037d36fc6a4c1752757b9986014adc4082b5c9f10fc0b27cac97b9846a0", "d01ad9d15ce0ca7946eafb1862113866091584c755617cefcc2bb700a2d4c6ea", "d0fcaee9178229de75b56356f8d920b9ffff756bb3a3208c4c3a33a771fc3747", "d16eff220f48ce4315a24d605b8bf6075e3182baaaaedd608f044dac475d780c", "d1eedba22741816f3ed0f2a0f0926f0d29721e8ee1c8fe1cb8a240d17cf10001", "d20571267d6f9280f71883d361ba47266f40bdf5be8096ca1be4c5e196f547c8", "d2176d85d7b82f4f33604646c03ed0ec441db00d5c196ba3ce942bfd83ac75fd", "d2d3eb9d309cefc95f6daa16f416f39c802ae98d05399f201bd2e1fe379df8e4", "d2e1708485e70ada20eaebc01bf2bfbb517319c16db90e6850c4c35816a50501", "d2eeb93f2f50fe31e4c0e0df7fa884ecddf544aa524b546ba93eb56325a11363", "d34a695bbf334b332e2de791b4608e8e8517a0cd1ed3dcecf014cab4fce1bed1", "d42d00b767dc32ff4075ee9219826d81a514390c8e65cc57e7898b928d07278a", "d44fe5fd5b4b3e428778bc012262ff08a7b1ff42ff88ec0ec15ff06e1525f28c", "d4c355593800b0c59703ffff8672ac1e91fe604d4515b108a4e36a035503e385", "d5dc5029611839589bd210c813714316d83061f985ce6d84a3533e699835068d", "d61efa7d0840133c8908de39e3455313e64137de617c757eaa695a9f5635d6fd", "d63bae54d005e98b54e3fe7d537c34d134c163d5384577487f2714845d518df2", "d724b27b7c87b280c1f5f61e6cd71d1e7a5434796206f486cdcd20e8952d76d2", "d8912065b25446cfb234936c6ea4a69e50588b87e9919a717742e6c26513ffef", "d8a4e5ddb8cc0cca40e616b37e75d78812e4f7580ccb40e20a6d66d5ec627055", "d8c39dede94f712b1e0066889cdd5efee9cb9e8a59a94ce49bf47cb7a69eb4cb", "d8cd9546af16ec452f2f17ae388ef3eab4bdc4c5f3458764d7db571c9a50d7d9", "d9267af54c09c1a850c4f40275e9f532ab1f061856042468e8f30621aa5030b6", "d94c9c73a95b036ea0e22d91fcc051afdeda03dbcad90c1d3529a8396c406b32", "da40db787a42b54f859c48bf1f85a3f460e103e5a5023227fff6cd064fb0bc90", "db5b3301f7fb464de716af53773c22c9a5253507f4d2911bf14e336d5ce2dd73", "dc4c6db1e8c19ae19921d685227b95087a2b12dd05001922e3577dc6bfde5df0", "dd1ee4d3cec3907ffdff609d02cdbc4ae7da997e8e8672d4bb7671d19b2a70ae", "dd740404948a522b7f26fcf7e3ba476a15d1d6eb2ef4414aa02faac48bbb8f86", "de5b7661c3dc4cc1c439b34c2f1eb5865fcbe291d0829c78578222684efce473", "de8b45fcf509cbd4d698109952cf39a438390d36dc8e38ff4252195b8ada9c2a", "defaf6c7c98c0588ff0e0568e1bbb76400c6516bdadfdd92cd02f22e144eea5f", "dfe196eb544055837516d44e2e82ae9c0dceaa06da1142395e4c858bd050b20a", "e0c1f9beaf55aabe36ea6b3390f524044093b8e23b01bd65a708b5547e9c7566", "e169e58508da25cd791bc61d1e1b4711d74c151093efc082dc1fe2cdac1a3b8b", "e36a9275673c1639523cc9d0f73b36351d80a791cd546de5f92eb4e52605825a", "e3a3fd367b0738721cc9f6df4e49905feb9c22dcc38c93e86e7035279580c474", "e3df7ec1164c6cdaebf09f4755a5d09c083fbb0fd01241581cfb15b350eccb3e", "e586df189177e634077641c60702d72b3bb240eac6914bc3e0ee76be06925493", "e6129a3817cac9d87e2f67798e0d8a40df61e10a264343828eccf0d71dc68a7b", "e65bef4155435287b501713baa848ad43244d6fa8218b3663746b2447ccb69c5", "e6aeda4509290b85ad58941a1ec18ef017a27f236d9792fd76bbe8b547623fd7", "e74872faa4bfeb31c22deb75952de9bdb2b8a9438a6f12c824f4359bb2a0d8c0", "e76b37e832500670fa7a4ca2d392f2ac8e645cd27a709c320b09f94353efda11", "e78c81cbcf01f0959580b080d5c8f0657dde23e46f4547b29d919b2cb2f3078a", "e8e1f6c5621266a70fec904dc630fd75741cb1d8284fbedcf5fa380b139895fb", "ec34fea05921a5f862b2158f38ffc26487201faf94072231b6985c754813de59", "ec771f108574cd261d056781c301a6a48ff540d316e7876954b0644c3e1dbb68", "ed6a3a6d93b9ad19bc3a7183f0638fcdccc7b3798c28e5336c86fdc2cfae21df", "ed7a2833ec9844c09bdd9e1e9290911edb92187a37679d7f3af8e66004927f6f", "ed996925f5ad6612e19d080590aa9d47ea56d31d594a95d71e56b7ddfa1dd7f8", "ee1941b52fbfe0dd38b1dd6780c5c3317ac7b4a08efb5eccbd9522e95076e301", "eea60843059fa2cf09c6af5acbae7613797c91e75573219a0562f8314f6cba4f", "eedea2e718554592df6240ede8f2305b9f2836816490158f609fc0c0154ecf32", "ef22f20e3da36e073ba4ae65483f64dad475d1be4303ac9d6ca505c613338133", "f0076b707f85e0dd87ed3e7be3faa91974cb16c56626761ff428bae6d79d1e0b", "f2068a67937ee1afb2027f6268a2a88e3a6a8bb7456d8b18fa5956a36bf63120", "f211439106b76e3972af4ecb7cb5aec5eb5e89f35de2ce67b26d6979a4573d81", "f2a4b946ab8f555bb8e8d331e1c02a0a71d020677b9f685352eafb13423247df", "f32955a3961467908886753b5ec798de65ebca986010999243704704c1d988c3", "f345bde81743cce172bd5b9284b072370717962eec32c53da73b43363741dc16", "f522cbc7f1faca2146adc96ebd0acce36b28b92383be51bfdca8b75fe9cb4e51", "f555f22af37a559641ccdb1b264361865322b54bd4a93e7fda41340ef18b0743", "f6321efef6217eea9bdaa1ee79f5d1bab1a1abf6b35c0dee805fde02eb9c9084", "f6547902515b26b0c4938cfbb12abf410c05857223b22c10027e4897e160d07e", "f671b214fab1fbab6209502d3a670f39d6ee11281299ed5cb4da7b68d6e95a92", "f6b97a739c0763995ed6ebd7878497b89679662bc1b17a2017e5b244e20f2ce6", "f75f558990bb3094d81d323b7423c1cf629b5015b1288c99b597d329b27218ef", "f7fc359b10448a714417527e42be02c49f2258627062a9969d8cb386e6ffd08c", "f86ddac52205a1e92a21674d7da64592e11f014a92d58d8a1fcde0c9a4cd1ee5", "f8a24f9e918ae9fbad9bc5d886df5f8f58e44eaabea973b5a5c20147cbe99f5f", "f9304a10a80f03e91d274f88f12f098b4bc0a8d7c421c1c8e37b1acd6aaad5cb", "f9d461c2a6f6122091321cd297374917b87c8dea4cd1b25a8405450ab967770d", "fa2fe03c549ca98eda2f4924ee912becb2e20cbd3c10a3a6610b5357dde654a6", "fa5be961fd6073d1aeaa6633ef62117e23b32af25bf46a5e1f5ead1e2676067f", "fa758d811a1653d5d64a27560e83d743d905392de59d7aaf01e5a90c07a509bb", "fa93c89878057bbc5d4c63ff4fff5d6b30da6ac6d8f94bd9ffde6004aee87120", "fb81eb5082823c61019ed01725cb965b43662348c17877513e4e00bd682997e0", "fbfe8aff71ea194797fb680af33c0fb2105fa3985922a3cc56fc2f585d476149", "fc47ab1b975c6431526668d3563054edf36854d32e97eaad1ce5b478ebc97097", "fca124f6fcd09c8f5e8e83228db3a4dee0dc754a2ead4fbc2a3dde7341321c56", "fe74ec78ad6ca5045fec53b1dda335c29c83683fc0450b6244146ecaec986ebd"], "iocs": {"domain": [{"host": "ip-api[.]com"}, {"host": "ipinfo[.]io"}, {"host": "freegeoip[.]net"}], "file": [{"path": "%SystemDrive%\\Temp\\HncDownload\\# DECRYPT MY FILES #.html"}, {"path": "%SystemDrive%\\Temp\\HncDownload\\# DECRYPT MY FILES #.txt"}, {"path": "%SystemDrive%\\Temp\\HncDownload\\# DECRYPT MY FILES #.url"}, {"path": "%SystemDrive%\\Temp\\HncDownload\\# DECRYPT MY FILES #.vbs"}, {"path": "%SystemDrive%\\Temp\\HncDownload\\Update.log"}, {"path": "%SystemDrive%\\Temp\\HncDownload\\Rmp7-WGqEy.cerber (copy)"}], "ip": [], "mutex": [], "registry": []}}, "Win.Malware.Nymaim-6726894-0": {"category": "Malware", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": true, "Threat Grid": true, "Umbrella": true, "WSA": true}, "description": "Nymaim is malware that can be used to deliver ransomware and other malicious payloads. It uses a domain generation algorithm to generate potential command and control (C2) domains to connect to additional payloads.", "hashes": ["00570d9bd558b25ac628d4de140897954e3cc1ed3dae8818e3ef580544626e8f", "006e51c87642cb26a7d6fb534d37c1d4c4d015934e67284e8e35053b0da8971c", "007b40dab88434b29a0c3b92cca04cb13d9f1ddb29202770a2f657becfc939d2", "01e202a72e6bf3954e98acf6c4cd8fe660de710e129cd9de425e1e5dcc876232", "01fc65a13f2f8f6033e55f860b835361442dfd0ec1443c134b2a6558964a2a2d", "0340d472ea1bf41f75e1cf94fc499ca3960518d5dc9fe8cc85f6f56a955ad702", "03d97452886804d0bc32e0723b4024d91cc1a64357a74b529452ca007f1b07d4", "0491517063ca33e47b325ba2c304f4c8fc3b45956b1bfdff0555936a3bb3678f", "064173410c2ca5781a785fccc9457fdd59b25ba2c14aca5bee71f83f136c279d", "0679f7d954654a74c02dca0754cffacdce6d4c7887f4976c85b6148033b9942d", "06f001ddf5d2c3827b6f28936b2939f16df62745699551a155572433827ec381", "07814f096bd2a889317ac70e66cadfe443df1ad96ed2b6452d4252d11d60c8b3", "088dce2464cfa134fd0317a2e75f0057de8d60b547d72e66fc1926e9ad355074", "08b4430a48bdebc89092cb4f90ad407e51002098a0eeb08574f92a8327e5a140", "09007a9eedbb6b7116add49671499f238301ccd3fa763904512517d003cd3625", "0d42e7f0984ea9b0be200420bd7221a92c76466c85ded7321cb69a8386db17ff", "0de3ad246b5c52c96135f5804ae1118f7df1af1c6f937740d598334214fc1943", "0e5b9ae6ee3041d89eefb88c6c868a1c9931391e91068de26720008c6b0c0bf2", "0f59a622eb9998369364b47ddae969698a7975b877ce025b1214ccff8b59e7a7", "0f724bbd47c80a2feb1f376d282ed84f39306293522656241abbf19532154928", "0fa66bd126cb02a367d8ad392b6c446cc8f50922930804526d245784be001c51", "0fff0dad13446c46cd2ff79c4fcc6e545df3e6e269917892d3d22bcbdbb7b741", "140aa25448483a45722b1c874fbed44f70e2dd8ea9fe9ce1fb479de397c8a95e", "1532bc5fd39a7f0a35d9f94bcbf0be36d5f04acfb46829d4163b00abb3c5eb04", "15c03875c741546f5eb5d843c7515b1b10201ad5f9495b2f1eb91de5473602f1", "16b4175f6a68cff229b35916e8856e476eff7ea2549a29853f4522d48da2b69f", "1794e50e0b75704832db4c2549a877ddb080f0f1337fda9b9eb3ee9822a5aec0", "18c9dce8a294f91f9ebd92cb1658aff2be3e3f9ff66e8ea2c29351228ad5ca83", "194b4b9104230ba974eff702ef0b48d7ccb7035b3794a3b442cfd53f2ddadf1e", "198fd19efa75f8c60969c4cbc2817abc64516eb68584f9da1ba72fcb3ae92961", "199ed381aaa5433bcd4fb5e21f15b6512c25c0849218eba31bd7eceb7e326e98", "1b32eac4394092381df968e39753f5fd6fc2c4d4cca8a4cc3f32884107292334", "1c5fc33b8b1540f56278cec6447aff803f2e05d971ddcee656f8639b6d237166", "2088ac19111749fe293c214feadbd13b14dd8d8dca6b04e5d9789a96d78238ec", "20aaaf5519286c613811053298b2433653c1d8f02b089aea5c3646389820b9ea", "21010d8a0a12ee99f166b933a744c4e9af2c7eb2af938d6ee7881810140eb50d", "218ce698ec0352001ec332805958e4b00b8644e5f198b0fbfd88ba705bb6230e", "219685b4a31511479f8d317e990e7f2c9a441385b1cc3e77ceb41439a193e17d", "21ad8a79b9af60fbaf92033f67e2b07be4aedd89788e5a947a8ce880978c6310", "2392673e01e4e835384d25e1cfd51a51110ae4fbca9cc708c8bf1d7387b208bc", "23e99239f4d81b839ea4ca7c4bf177901789b52cbfc46ee2da4306a881c7ed27", "256b6ae6d4f0e57a2b46b4176f71f692b4b4bc65c0cca7191177ec33b4669839", "25a1ac163eeca33689fd4d879def9a275e845a2e893652bccc88dde43fcf804c", "25cafaafa6851534748e8ea2e5bb7bd95e95ce86c23feecac491964da25821d3", "27947efcf71bc5029cd7646e2262e4768f34ab1516fb1d9f70b816e3b2b447ed", "27fe12a5a0f0c198b2c7ac436a0d7df393fa85840d1efd632d4363480abfb055", "287364f61324e1ef07bc01d9507a968c0c6873950e92388de52359ae26be6115", "28ee0b04928d13a6a20d3c0f30f87e014c946dc4699cae2a96910382e0f955a0", "2a660c5169e8160e37c260c7ff38b75ac770035071d87390deeaafdab69f8b22", "2b71f4bd53bdf11556aed5371e8594dd1b64ad4d621b79464745bb8d9971db0a", "2c3aa7a9791021c6b6673e3dffb72ea7ae1554704e3d5a51bc000bb70ad338dc", "2d4fcf126a9013355042b4eab61a84cb4c734097e9a775fa5f0498c2ab689f6f", "2f667f80167a94dff5334954041328f634847309182ddc0291c3940fbea5f272", "30e3edc669199e37c72932cc79b3c1c3822dbdd9eb306b9ae08f0a93bc7560cb", "32731cf42fd590c597c6dd97c25b029c64c9fc4c46a04b11e46df902b8b70b33", "350388b2da7c3699fa5415fff3190860be0b8435bb9d2c646934585c8f8b5c09", "3655e0ecc3fd22287697c777d10d40b0af672259008a0ac22476cdafe01274ed", "3729f6b08890a2a3ba1a4726b9f3dee9036814d83df61f3a5d278114efb61123", "374379539fb785e8dff8ae2f43169634904607d8b456029a2c39a016b7f3fb7b", "399345b806de6a756904073c2d461eaf8feffd6e16fdcdf2bfe983f78e4ac2f4", "39d7bd531c897f829e17f02ad9293b1e74d30b7f866e5b1a4daf6a415fabd892", "3ac45e3ef915a6ec1afaa78b5d65cc6eb8c018bb9ab3aca79129a34cb6b839bd", "3adcdc65eaf55b1f7dc4feb7b32aa35e35064b2324aafa8cdd62e8f37907827b", "3b44cffd4f377c7919f4fc395437ae0a53342ab361dd6e69504bbc011bd12c88", "3b607231c7d7ee20e23e1be50739b8e9238b210243a099b4942d9821302a61a9", "3b67bd239e85f4945d8a3379d2f82fc3f841539a1da267cdc1fd8853f1411736", "3c2624bb535062bca76f52c6529f73c476837019fa7dfeeca276cb8ff3535cf0", "3c40ffb19757d2063678df63a3f9fefd65bc978e642d994f9183d17dc8487eb9", "3c76df5331dff5f3b26788c313efbaf71a05de04e4be081454309f5f7cbc7951", "40ee3829557f27d66ba93695bb96a79780a01699312af06f529f560642816318", "44cff102e4eb7f7c1bb15d06623710abd77ae7b947b3f7f89bef335beed44cbe", "473fcf242b7add3695622c9a7254f73a6d588011b6fa9db5539c76b02c04d68c", "47554314c1ffcbe88b0be2020108b6cc34fc668fda9d84e96e7983701633a5e4", "47859fee8634f6b7a6300aaddce7c4defa5c06a914bad2c366517d28c9941e1c", "4926c37b6a524c15096041cb1750bb6b3b000a843fc35f177e2c6cbe8f224a12", "499af1b9715965a0387185dfb6937dc70aca190ea28cf64a0d70502aa4e2e822", "49cf8066c5b675ecc4b6422c55617fce1d261cede768824d27501982f1afbca3", "4c36fb54c264962170bbd007eb9f4e868a608ecc24672acc541d61573b930bf6", "4caeba5e07baa2428591fbf174b6c20060839e372eec865c2a654c8c55d93655", "4d01ed2b08184870b97edf837b9a73482c3b5328585994170600f720262414e0", "4e18d82390909449a138210bf1f674389aae62a588c06c565a1e6a57951e11fb", "4e1f8a0bf3a7c32050e515a4589da9279e1db9a3bc9cca4b6b943bd089ccc4fc", "4ef4f31a54ff64a7ebc5d971326d4d3f007a4831b4b36358c24cd634a3cf72eb", "513829bfd2698366b12d66c37661ae515d0738c6344ef400c2c04d2c70c2a3a6", "517af95cb05227716ca9bce85f75ad367577c8b4250b7d2c84628a8a598c31e9", "5354e7d7d4f98d623da0a94c85a470cc7fa9cc20a39d0fee4e5672ae244b2a3e", "539e5d9bfdcb60ffdde3da70839041fa7ecde60536dc0ce31636052d1fa52473", "53fc602d20df64ffa87b53f62c6f45f4ade5764d09d14ce9d32f982a12c2e35d", "5596f3800d41aea9b0fc90a34173103ec371bdd6547033296394446f3888c0b0", "560f8bee0d45b39f982d2248a2a78bc55f838e2af97f0857a5b4b9271a1bf037", "5717885ca83fc034f31d9cbd050b4434bade5f80e50f7f853d4fc9bda7a259d5", "574f63ea1f347241e4ccb936be7bce063fa56d6a350091515fbae14c6b94f074", "579aeaaaba8481db85ef14c58cd4659f3456cbb7e40bdeea67ce8da6c72ccb7d", "57c951b7a5e4fd4fc01dfe19a0e0d71bbe353754348810ec02e4909f394ea937", "57d5923fab8bace29b517643dce88b38e4cbd587249210e9062f2f667bdc1729", "595d4399c39f1bbc642244598f29148fcfb7e01feb1649513b64c859a14b4509", "5b0da982ca39ff5d10a33e56a5ae54bb15393bfacd8434f5156e7b104e0af88c", "5bc2b538f6513f1f24795c6db1cf594f6b4a5606f880311d117a6683d4d364ac", "5d35d08e646c811b0944be45960bb82d3f1c4ac50f1dd7db2e18349078e0c8c0", "5e7843e56863d5972f48fea918ee226698586bb80e3135da19d5719fd0e79133", "5ee3bef31f9e8e4bc3a79a243732bb07c11291f0885396ea99b2c85f4e303e2e", "6242a298891b37d7e24664008e80bc0e6b1393ed181e4f4a7353128eaf027594", "62d143110f4c7a6f08c5a41f9fee24095bccbabe8de03d04bb81993b6db7d4c4", "648b1167294df0cbe9a5a3d37bb415f56a522b9c4200d52c0c87827738c1eaf1", "6510ee3ade9b77031eec179f84f1be0f1b0ad8af679095eb7f4468352f74e7f7", "6646549921a5825b14394bf5f1db8f3cef74bc2c5c7d72c06552db550d337160", "68095c4a18d57a06883a929ed289308272ee5dd044f08721de16b274799cd997", "685c0530596c6fe84d023ba2052213bedb328a85c1d42e3bf0499e692fd59890", "689b1c9d8f8af4ccf2877102a842654f47b788ed9319bc8b2e07ad5697eb12c5", "68a03a87602722128910a9d68695091bbec26b808a98487ec37ba1767f97390a", "6ae0a2bc8d83fd8966b4e162e4283b887fec4fbde032d9fd8ae855b5ea35e9c6", "6b346974f14b97a6186470e82255d2252ddd75bb0ac96b0000bb135f47edc5aa", "6cf9d13776868107961367a856a61bb1d773e6209371244fd42f9faada517237", "6f5bd2105a33e78b067a8d9aaca50d439d7619936c19c6102f9d839f9afab528", "700970b3e4a3a269ba8b678d28e57205ba8115dae9eda1cb4d0a6c20c426e894", "708a264e1b34dd318c7f0bbf4c6ef68db26392315883dd326ff253a99d1233cd", "71e9493aa5c00573f1ceb06bb00ec89a5c783494246d7df4a1e65e0627ce78ac", "73b2e7fc1f3588966e75d68c7cda8adcd681ff0b7dac04aac751ed695e005d23", "73d53940e023c0985648a862a620207e9b62bb0a881667d635c76994569aed04", "74d8ec40d00915665a8fd7736acb8d4fcdf93037dd9055291657d07b8b15fa9a", "7579d719aab96b6e27df4d81025354ef879de90b583c34caaf4c170ff0e597b4", "76117d3170e3f289bfab47c24bf175fd19461c77d18bd204d8f2983651fac524", "765c55eee78b014525e71ae7a143f5f4b14af03b6bf75e10f95b3a5709fb83a5", "7697c32cc479c6edf54da8b63da336332897297e67fc0ed8ff086324a031dccb", "774d39e821a32e6bb466263e722cc3e54814a1bdd53f35419484a8371f7eb6fc", "775108ec912cf36fd271653c7e8910d2ee71936da71e38fa17ed9940fab80a5b", "7925395ba4de46f7a77bcfbd904e848d0db878d28362d37428169534da8183ca", "7a724a05bfb933dba6b25f468fdf6e38cdf0c9d9c61c9367dd5eecc3ed9df191", "7aaa153a1c1317273d34878dcfe82846678222465172b3a59ee1674e9bed3e7c", "7cc0aeb743ab42df0b14f85f4696252ab9df8647f5869546f2bf0d58656c838f", "7db380a9e11be267ed63aeca8f92c9f2fddaa34d72f2b6318cfa1cd367168dcd", "7e0ac13297d4f1c460dbe89a55c1d5fe3dd8a812e94d2658cc994df09a01bbdd", "817daa9d76d0dc834cd63c905703412f3c749c91f4e79945427bc713a18cc5cb", "82bbcfbc718de47906138ad46b0b3a9524d301365ba9c1537417c2f1506e6a81", "835fc703595c632cb99915ad1e1a5ccfc501fe30dbe26c9d017540ada44e259a", "83ce8e01db1cc309561d135deeb37b404daa6d5bf05166c2796b639028715865", "840a0f905673e237646ebe7d6f0f417eda89b1950fcfa1e9ed631aa7b73a1b27", "8732713a4289acdd6adb28a8d0a6ea06fef1da6dc6e1066d591eea004dd4318d", "8811c605d19ce4737f268b2090ef0d6604534393d0a08bdc5b5e8fce590ec837", "88ab9de6f8f80662af2a27caf6b29629f0bd9fbc513cba358080a1bfce2497d8", "8a3e4e0ab47a65a10140c69052d97c51920f9dbb7396f177a07e64708e346cf6", "8a4bdcaaaf355b955122e07a8fa45b35d914e850d0ea9ccc2fa8718503100f57", "8b2fa64057fc798cad83a82c77cb9a5a56ddb4e77cf1dd344a524169ac6eea8d", "8b82ed7a85697f2df34e28f2e19876ff8c455d5f55db28eae07dd6f219576958", "903df2fad788b3f969cf8ee026dc8747a207c8b782901677e0d8cbb6f3c61b98", "90a87dbf7bfdea90dbd18fa3b6eb8edd93c2cef10844f3e3a00d16e8903478f9", "90b1833c68ac9c1f14970c74d7aba1f5ee7185edf5155e58d9bf977a72e267f8", "919f12f26ab0a3b05a77648df6a87c8114d6f02de298299018ee30e8593e0c19", "91d6bd4ed801c4070358df45540290e5e422324f3b3c8f662a04c2100fe8f826", "9201963a4d588736ef6611169cc6fe2392d880463bb4342d51a25d9a0ba2f9ff", "925da8d2cb125620d9e370cfc61af24b41fa8982f814fd76d3aca744ea5c50d3", "936a12d400cd952034af249b46d0db9623ac8a136a398ceb85a2779958799209", "937ddb8ef8ce958b8acf7b2c81b6aed05f1f7a1420703083b9eac0c789fcaa01", "9645204bf532974c375111b5ba88df2bae84647499b2ac52c69293407455e4e7", "966d90c1067663f484139e9ae287be9d5c14401e87894b62d137d67ad83e63c4", "969a6a015cbdec3c2b23ad82b952012d703d4d4a43d536d3e1916675ca9529c7", "976b6e2a728d4d918990aa555528b72c9a0f2338198aec89b67ea6cb70ec3111", "9c6700be14b290b9cfd01cf213ef0c2bdf48fce249e843c70d7f7be95b098d24", "9db9a9fa2e8585e521f18227704d33a084ba31047522acef40af43d01e98b374", "9e13d9590337a08e158f432ee69e28b6bd8c4368fe57a142252c9a11d25b926d", "9e97522b65a08336580a622a59f9742af44c5914de7605d7a83b9d7c1c8526ab", "9e9772f793f77347e1052d4734bbf9659e59c0a13476a2617b11d5c6d7ee718f", "a031680594c8a0bf09e089adbf9b3f93f52b8273649854eb9d83826cccc6dcca", "a152d5b679afa43f37f846522c1f872baacfd94d5e0ec08b6c7bdde740b0730f", "a327355867e575a4e0c9fab68a313be2cd58eb679b51bf43d60afc1e1ed16a3e", "a4ccfa786b41900140e0c0fad986889d2defc6616b438397c3782fffe9d8467d", "a9726c0aca1e4fb2a8676c1c33e6083fa2cdde3f4e5a5e13d471b049cb0b7310", "aa0c0b3d2921ea93e671b08eef4a51db3da64e7846ceb8dca30cf683f50cbc56", "aa0dae968a668f9f99c66e9215735a7e103ce0353327236f8170e5e147c9df5a", "ab66123d0462ff83d69c3eca53f5a9d47a3967bc4064ad951b1af744b9d5071d", "ab6a3c7c636ac6e8a826189ce70bc00f862c04f8a8ad38b44224ffe49edab3f0", "b01a950f6f075946a2875087d69116c3080406a4a2b3772be1d2f053b44126d4", "b0e020e4303141b895dca11641b66b056780daf0235758395734ed36a9eb3a21", "b1b8658634170ad870380956fa736343a20b7d26223ee5c765299ed2f7119c86", "b35ed04be6296699230b5962415ff4a29236bcc9e4caef4b1c8604a1fa86482a", "b586adf0867572352fc50cc2d474504a9933c97b97091449498a697630991639", "b7bb092dadbbd03048b5d343b638d024f2011da32c4bdb5a0e7ae9c28d57c9da", "b7c76950b2335f450fb31e43510b3d5e5904f5f7e62482d47ac59966ef519dc5", "b88cab87467ec244bc1d82ce5642355916a4801c37906f1178d04b3c3f7fadff", "b88cebf34fb256e5552990c868606b00a80df80ea918d7a1b330e93c7f8cd35b", "bafa762b751409e3b0f506d879a70ed6db48ba161db2a394072a307080a34c87", "bd28f9f68288488b9177071496b8d231107df62435e6e6b28b075ad27fb41313", "bf6aa7d385842c1281b982055a6d4c23fb4b869199796dfcef4a0b60db4bcb77", "c01b0fbd3426ea91c031cc45fd5a0bdb2e1a56c843d46281948cc4bc2dd04a2c", "c022e8594808bd9d0cd974828c0d5d24b7cb6462a22bfb10f1e7ea9352decd3e", "c2549a935332ccd61cf830f2b8bb1b8ff6c45b57c88a3e441f7198c0dc7a990d", "c4297405bb6ea64651ebac659a679339ae37609c8b047976d52b3bd86156891c", "c545ab2a035fb623cca83b2c7b959f431136c04d05f3595cb6e2355332cb5a7b", "c5b1bfa613ed7927e07e7fe54d90482a67ab84232484575ca671476a4ba63b9f", "c5e899b3e787a418f198ef55051afe503e00cf42b32ec275ff07e641790fe39d", "c725ee97130eeb3d55ed4ecacce99d9924cfd9a1c8e6ef5ca7ee62020fe5a4f6", "c798b9d54f451916f20ce71a733cd6fdcc40e9f748b1cdf25b4268753fe5f73b", "ca28cfc76a020128b2ed8a035f9fa6e80740bdb735a17ffd0e8aae32c5c1928c", "cd0ebadc43e70c77b3b5e120b364345f188c40b70da20aa7ffd07ba0acfb4d21", "cd3973a4bd030be960c8e002fb424991c2bf4aa2304c969ea9bc80505a289bdc", "cd4ec6a29da97283f79edbffb7666a17704e9fa8c536be915b2946e166fe63ef", "ce53555f6017f7eb94fa9807e0f7e1e5cf6c69eaa342ce2bd8ac3ad4adfd189f", "d0a46e56eac5a24b332e868936a0477ee9911bb461f4714e8f4758b846436118", "d2875d7826ddaf3823871e5063e4f0ada78ed7a9744c509d6a28c00e2f9b90cb", "d4f02686288c4e5e9c15d6de112dbab2aac34ea8673783d7dda64b769ff429f7", "d5de98921e8de1e492c8dfc2c2e905a14f8aeda6c072ee831b3861e9ee7340c6", "db3e24fc84a9f5d269373b1ffcd795019a8ee69ec754e76091bd84446e31018e", "dcc838d1c73df8fda91614aaa4a2d4034963dc86922665475457f4f4ebf3e299", "dd33d523c9634eb1e9751132981b0656226c427f2a19b20e68d4c65dc935d013", "dd5a069480bbbf00ab2472b6fe59938b8dc08b94ff4aba4f5dab2203a6d317f6", "ddf2c221ff3195ab1417702982d0a986090290b55bb828cb8149b43eaaa08818", "dfad448323e65f64eb561ff43e8718225d9352bf1c7c65a374ce61902c0aad34", "dfbdb98b0d6c4ff80764a86b1fb5266ddfeb30c4178990d883c1ac841bd63ac7", "dfd3567367fe41e32a40c733004e270f90b86fe25913f7e4a105a9366fc1502c", "e08564ee1931a452525d677fc4516a5dc793a2093cd5c20d5517e1155d3c1244", "e0ec588a7e45c4c2d9e1415c70090d90bb4599352bedcb0f4117d1d1dbe5c1d6", "e3103b3f708b85c4709be1aa42b5070cd37475633fedf9748a5084a933d648ef", "e405febfee76857e33d16b532dc6444d14da1e81fe94777a2c05e9f409b47d11", "e6adfa39503778363fe745a83f5c2446f20c613a713f1b7a8e331228c8d88335", "eae77456ec111f98c877cf8dff582adbc668dc088580db0eeaaaae1d542b0812", "eb4fdcbe0a92f67b743a3f04629b0dc6ddcd47698d94dd5f165962f701a7fb73", "ebfcb61b0971fc1e7798791168fffe7c552362301f0ca24ae66a918f7ef7bd72", "f10c929840cb009932fcb1bf99a5751a2c40f09e45ace18a6c0b357f838dea54", "f219b7972367d860f7f28ac9bfd73cbf904a70a35239a7415c7caa2445db3236", "f379864e9d37054e5215182c91a26056ed9740fbb2566e1dc123179e2fde6ea5", "f4ec56b7a8ff2f5c9c94980e3aede34adaca01e681b6fdcbad70ea2f2bcdf506", "f5b29410459cbcb2cdc4ffc2fa9bedf300c1732f9819b2f3f272eeb78fe35de1", "f9793e17d160d1b1026a306a681cb986434ec73e85bd6b99dc796066228d4130", "f9b6c3d1ea62147c0fab6f32e63acbaf573c1d32fef0779fa59e458f4062c98a", "faa87dcc375e25da75b6b6390d50bc6d81a7e3ed33badd489f1c448cedffe7ac", "fb0503cdffbcaf832dd6bc8dfaeeff21ec94acfa4e853cf7e1b4d72fc57c277f", "fcaf3f141ae0969c8003c3a0fc439c323d3555bb6c9c1feae8dc0c0cf3faf819", "fcb26befdbabdbe9794ceea44d13974e515babd30c39b0fc3b19ec324b42931c", "fdbefac86576e57aacf32743bbd940cbf9ca8730bc946427dbc554e1dea9c5a0", "ff98a88889b161d4e4fc5801e1e7c91c37cbeede11c1da087092acc7f92dfa3e"], "iocs": {"domain": [{"host": "IOCXRQNM[.]COM"}, {"host": "ZJGGMKGGA[.]COM"}, {"host": "YEFHBEVI[.]PW"}, {"host": "DCORFRLWW[.]NET"}, {"host": "kercnnlwtg[.]in"}, {"host": "JYWVEW[.]PW"}, {"host": "ZQQSUQRPEJK[.]IN"}, {"host": "xhphblba[.]pw"}, {"host": "FSHAJK[.]COM"}, {"host": "maffuwnln[.]net"}, {"host": "RQMNLOKS[.]COM"}, {"host": "MRHNDJI[.]IN"}, {"host": "hbdfmtj[.]pw"}, {"host": "GZKISDVBZQFE[.]IN"}, {"host": "efntvrhq[.]net"}, {"host": "QGWKUGNMSJF[.]PW"}, {"host": "MAFFUWNLN[.]NET"}, {"host": "dcorfrlww[.]net"}, {"host": "NWAFZV[.]IN"}, {"host": "usrhd[.]com"}, {"host": "HBDFMTJ[.]PW"}, {"host": "fshajk[.]com"}, {"host": "QCNRQ[.]NET"}, {"host": "iocxrqnm[.]com"}, {"host": "firohrakais[.]in"}, {"host": "nizrjl[.]in"}, {"host": "vnouya[.]in"}, {"host": "EFNTVRHQ[.]NET"}, {"host": "zqqsuqrpejk[.]in"}, {"host": "srdhfsdiju[.]com"}, {"host": "gzkisdvbzqfe[.]in"}, {"host": "OHMAQTXG[.]IN"}, {"host": "jywvew[.]pw"}, {"host": "jpltxxpcojo[.]in"}, {"host": "MNEZKYAK[.]NET"}, {"host": "euqsvd[.]net"}, {"host": "jtcesxohkgm[.]net"}, {"host": "JPLTXXPCOJO[.]IN"}, {"host": "QMNMG[.]NET"}, {"host": "swvpzwktpdxs[.]net"}, {"host": "dzwuczn[.]net"}, {"host": "bsedcx[.]pw"}, {"host": "KERCNNLWTG[.]IN"}, {"host": "FIROHRAKAIS[.]IN"}, {"host": "myxnowb[.]com"}, {"host": "jhfahntxtnus[.]in"}, {"host": "JTCESXOHKGM[.]NET"}, {"host": "XHPHBLBA[.]PW"}, {"host": "zjggmkgga[.]com"}, {"host": "iknvjbze[.]in"}, {"host": "QGMBJF[.]IN"}, {"host": "EUQSVD[.]NET"}, {"host": "NIZRJL[.]IN"}, {"host": "rwxryhij[.]net"}, {"host": "qmnmg[.]net"}, {"host": "nwafzv[.]in"}, {"host": "USRHD[.]COM"}, {"host": "mrhndji[.]in"}, {"host": "IKNVJBZE[.]IN"}, {"host": "ohmaqtxg[.]in"}, {"host": "cprdqjxpp[.]net"}, {"host": "SRDHFSDIJU[.]COM"}, {"host": "yefhbevi[.]pw"}, {"host": "VNOUYA[.]IN"}, {"host": "LNTBF[.]COM"}, {"host": "DZWUCZN[.]NET"}, {"host": "cmmwoqknklxn[.]com"}, {"host": "rqmnloks[.]com"}, {"host": "mnezkyak[.]net"}, {"host": "BSEDCX[.]PW"}, {"host": "MYXNOWB[.]COM"}, {"host": "qgwkugnmsjf[.]pw"}, {"host": "RWXRYHIJ[.]NET"}, {"host": "qcnrq[.]net"}, {"host": "CPRDQJXPP[.]NET"}, {"host": "qgmbjf[.]in"}, {"host": "lntbf[.]com"}, {"host": "JHFAHNTXTNUS[.]IN"}], "file": [{"path": "%AllUsersProfile%\\ph"}, {"path": "%AllUsersProfile%\\ph\\eqdw.dbc"}, {"path": "%LocalAppData%\\Temp\\gocf.ksv"}, {"path": "%LocalAppData%\\Temp\\kpqlnn.iuy"}, {"path": "%AllUsersProfile%\\ph\\fktiipx.ftf"}, {"path": "%LocalAppData%\\Temp\\gocf.ksv"}], "ip": [], "mutex": [], "registry": [{"key": "\\LOCAL SETTINGS\\MUICACHE\\3E\\52C64B7E", "value_name": "LanguageList"}, {"key": "\\Software\\Microsoft\\GOCFK", "value_name": null}, {"key": "\\Software\\Microsoft\\KPQL", "value_name": null}]}}, "Win.Malware.Xcnfe-6725509-0": {"category": "Malware", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": true, "Threat Grid": true, "Umbrella": true, "WSA": true}, "description": "This cluster provides generic detection for the Dridex banking trojan that's downloaded onto a target's machine.", "hashes": ["0462beb83c7410501f0fe309335b63bdb2197c828d8b3cac860329613fb92f18", "07f0c7d1726aa998261db29451ea668364bd226080caf6ebc1e7cd1f65de1864", "0eddfc2b11eabf9cf0186363f4727270cdc5ed3619cf8318caaeaf7370da5e10", "1748dd5f70ed569ec358f707587718e8a980871e076aa1b1f344f84b7eee0587", "255c3d259351d43392c8b01db2a830f50515e0c2672f5421934ade0433cbd6c3", "3ea74553c24024b94412137d0337f1b22226af398579bb7f44e674649c18b480", "55ddbadda5fe5c7f86a8f8ea7c9405413682686f8057e2b5369adee284e2ace2", "68b35209e61e6558069706af6cfda39cbe24366c28e68d36279ce314f922d9b4", "6af842bca80ca04a5c65e6fa9fbf85a3c7bf34a49b580397cc5955a0b9aa1134", "6c75d30fa43d15ca9f2632e6a794d26de4fc35fcc1ba9fc250afea06f27ad653", "719e40a705ffe31bff643a5254f52ca051d0657b59ee920f4b3e75fc83e3fe0c", "77b11d472658825617c8520bc75e5084fa3a26a85f90b845270615ddff6622f4", "8689c50f5e4cd1fd590a9c5eebc28ba81b5f0a1b52e357811975ac0f59d278db", "95e82e623d7f1b34725c1c11026f8149741a4c506379954c6c9d171791302df6", "9a624de996ba6e99eb59b50b2631e86057feb3bee9c54d1282705c4486530fbf", "c556d0c97ae7b7be22f685e829394652401971a0e468eb0824b5ba5537928b96", "f392f2e34534ef1e74cb911124ebfb531dbd045e4b6e20afc30e878674459131", "ffc643e3c595c64053e50e0a1ccc2dace32134c3892fbb1a60e215410cdaf428"], "iocs": {"domain": [{"host": "www[.]brmbyczdra[.]com"}, {"host": "www[.]pn8mtahzna[.]com"}, {"host": "www[.]tqttwzog79[.]com"}, {"host": "www[.]ril14w0qvn[.]com"}, {"host": "www[.]mvbkhpmqux[.]com"}, {"host": "www[.]uyrhnkdozb[.]com"}, {"host": "www[.]nutatq5wla[.]com"}, {"host": "www[.]tpu9fiuayd[.]com"}, {"host": "www[.]5bc5xh1p5p[.]com"}, {"host": "www[.]we3jnll0va[.]com"}, {"host": "www[.]hrwzs9ake4[.]com"}, {"host": "www[.]knx3hbiwyu[.]com"}, {"host": "www[.]txovxotdxc[.]com"}, {"host": "www[.]ean1heykxa[.]com"}, {"host": "www[.]qjfvz6swvg[.]com"}, {"host": "www[.]stq1ji6cas[.]com"}, {"host": "www[.]xoiejztmpo[.]com"}, {"host": "www[.]cldhtlfyhs[.]com"}, {"host": "www[.]zhya3boggv[.]com"}, {"host": "www[.]qvchgu0aax[.]com"}, {"host": "www[.]brh6bbhql8[.]com"}, {"host": "www[.]dirmuszaet[.]com"}], "file": [{"path": "%SystemDrive%\\345791583.exe"}, {"path": "%SystemDrive%\\old_345791583.exe (copy)"}, {"path": "%SystemDrive%\\TEMP\\55ddbadda5fe5c7f86a8f8ea7c9405413682686f8057e2b5369adee284e2ace2.exe"}, {"path": "\\TEMP\\old_55ddbadda5fe5c7f86a8f8ea7c9405413682686f8057e2b5369adee284e2ace2.exe"}], "ip": [], "mutex": [{"name": null}, {"name": null}, {"name": null}, {"name": null}, {"name": null}, {"name": null}, {"name": null}, {"name": null}, {"name": null}, {"name": null}, {"name": null}, {"name": null}, {"name": null}, {"name": null}, {"name": null}], "registry": []}}, "Win.Virus.Sality-6727001-0": {"category": "Virus", "coverage": {"AMP": true, "CWS": true, "Cloudlock": false, "Email Security": true, "Network Security": true, "Threat Grid": true, "Umbrella": true, "WSA": true}, "description": "Sality is a file infector that establishes a peer-to-peer botnet. Although it's been prevalent for more than a decade, we continue to see new samples that require marginal attention in order to remain consistent with detection. Once a Sality client bypasses perimeter security, its goal is to execute a downloader component capable of executing additional malware.", "hashes": ["007474f524c04bcfef7bff656f7d673e22496caff0490a111596b5c1a60b61ef", "0abf15a831537bd86b7e16ae5032a4813c6e9e9df4f1da7c074c4daa3672c3dd", "0e82ae0199228f54e8308755024fa78e0a568f1423cec3cf21d9341a7c99dcb9", "18a859dee990feefdcc6196052c1d2becba64fb43d07623e1e573b0f39e63095", "18bce4611a9668a2660b0471459cd070361c85d71a4989c1bc967fe04bc54795", "2642e382a6a216b518471ac182891b6973a4f4eb569ad4d13cb02b8a840d3f07", "5b4c4e796a0e1c9344c3165af210d2b9edd2980de25bfec656bc918809b0be4c", "689bdd8a91c2bfaa00de235933b38ca9477ea9aa2eaa880cba50235641376add", "865e10fa2439380d7048a0ec2eebdef487f706239e464c47dadf930b22028b11", "905e701032eaaa944ccb70d3db97a200d85befefe7faf99d525c9767e5c5d615", "a2ca43843f5c03adbdb03b91e4cafc162781d8c7e707c7bc161b03f4163218e2", "ad68745733f455935188c0100aaf057bf1d3454a24e0be0ffff262d2318f6265", "b535ea6cc31dd9f8a66fbbedb61ed021520ff74f5b42f815eb84022cfb3e4435", "c38b955f4a4eee3cca1c1bf1ae0f915f75080772c4ae597c2ed76649a056a5dc", "c40d8c58cc63dc606a9fa854f1774d7f17546170fdfc2679c3b8f6387fa4be6d", "c5fb97f7e577795bdc7a6076efca8f09e83bd4fb9e68c40916c6784040dbb485", "d0381f5c52b605b7b43c8b9dce2341b622ed2528df6bd65d527104f3fc1f2f16", "da77ddf6e01c4cb2694f055a5c69f48bf6546b6831f145297a5cfbb5f64c5563", "f001f25a35fb04298750c58f37ca4158085c454d784778f9a9c601d9bbbf6b40", "f0d47851346c738dd836fb6f43005a57305f04e078d07af3a6d84ee586dfdfc0"], "iocs": {"domain": [{"host": "dewpoint-eg[.]com"}, {"host": "suewyllie[.]com"}, {"host": "724hizmetgrup[.]com"}, {"host": "www[.]ceylanogullari[.]com"}, {"host": "cevatpasa[.]com"}], "file": [{"path": "%SystemDrive%\\autorun.inf"}, {"path": "%System16%.ini"}, {"path": "%LocalAppData%\\Temp\\ose00000.exe"}, {"path": "%SystemDrive%\\Documents and Settings\\Administrator\\Cookies\\administrator@dewpoint-eg[1].txt"}, {"path": "%SystemDrive%\\Documents and Settings\\Administrator\\Cookies\\administrator@dewpoint-eg[2].txt"}, {"path": "%SystemDrive%\\Documents and Settings\\Administrator\\Cookies\\administrator@www.ceylanogullari[1].txt"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\kokfo.exe"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\ogtfa.exe"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\plkvrx.exe"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\qwet.exe"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\vfhqbt.exe"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\wdieh.exe"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\winauey.exe"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\winbmfbc.exe"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\winehogdk.exe"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\wineplbg.exe"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\winfeas.exe"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\wingwtgg.exe"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\winhsgjxg.exe"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\winiiff.exe"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\winlamr.exe"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\winmucoe.exe"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\winoyjfrn.exe"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\winqvpnb.exe"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\winskeoqt.exe"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\wintilmn.exe"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\winwlbet.exe"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\winwnwhq.exe"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\winybmal.exe"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\wooydt.exe"}, {"path": "%LocalAppData%\\Temp\\jlwdt.exe"}, {"path": "%LocalAppData%\\Temp\\ssink.exe"}, {"path": "%LocalAppData%\\Temp\\ukpvl.exe"}, {"path": "%LocalAppData%\\Temp\\winlobd.exe"}, {"path": "%LocalAppData%\\Temp\\winmjeu.exe"}, {"path": "%LocalAppData%\\Temp\\wintqpup.exe"}, {"path": "%AppData%\\Microsoft\\Windows\\Cookies\\XTNNC6UJ.txt"}, {"path": "%LocalAppData%\\Temp\\winlobd.exe"}, {"path": "\\sgfdr.pif"}, {"path": "\\vqwf.exe"}], "ip": [{"ip": "206[.]189[.]61[.]126"}, {"ip": "195[.]38[.]137[.]100"}, {"ip": "213[.]202[.]229[.]103"}, {"ip": "217[.]74[.]65[.]23"}, {"ip": "199[.]59[.]242[.]151"}], "mutex": [{"name": null}, {"name": null}], "registry": []}}, "info": {"origin": "Cisco Talos Intelligence Group", "publication_date": "2018-10-26T11:55:59+00:00", "version": "1.0", "warning": "As a reminder, the information provided for the following threatsin this post is non-exhaustive and current as of the date ofpublication. Additionally, please keep in mind that IOC searchingis only one part of threat hunting. Spotting a single IOC does notnecessarily indicate maliciousness. Detection and coverage for thefollowing threats is subject to updates, pending additional threator vulnerability analysis. For the most current information, pleaserefer to your Firepower Management Center, Snort.org, or ClamAV.net."}, "signatures": ["Win.Virus.Sality-6727001-0", "Win.Malware.Nymaim-6726894-0", "Win.Malware.Xcnfe-6725509-0", "Doc.Dropper.Stratos-6724145-0", "Win.Downloader.Upatre-6726679-0", "Win.Malware.Cerber-6725830-0", "Doc.Malware.00536d-6731394-0"]}