{"Doc.Downloader.Emotet-6861668-0": {"category": "Downloader", "coverage": {"AMP": true, "CWS": false, "Cloudlock": false, "Email Security": true, "Network Security": true, "Threat Grid": true, "Umbrella": true, "WSA": false}, "description": "Emotet is one of the most widely distributed and active malware families today. It is a highly modular threat that can deliver a wide variety of payloads. Emotet is commonly delivered via Microsoft Office documents with macros, sent as attachments on malicious emails.", "hashes": ["0349453748c3c3fe4631e5c17665a702f7ca1ba8cc2c7508a91d686e17d41098", "069185a0da074e0ece155c5cda364e5092b2573131fdc2c95002b18c44937a1d", "0946a30abd52ef463b6a390efba6595d2a7917df95d3739df77e3ca57d1ecc8b", "0966f1271c4cdd0f66bca3520ffe406d4ba14aaa06a7b14aa505c78958fead20", "09fe30dd8b953d25af163fc4db119afd7387cc4b5109f331e1651927bf61cc63", "0a091593757cd2d16b4ca2ed1806b73f1222f4367d6d78e0df8ee98c247ef1f6", "0b6003563af9034d9a22f96adb0559f04b3753d0d4d9e6e76dd49504a427317e", "0f25037f951fd8f0f1c2f4b94ec84d3aa8daa3f7d5774056136769ecb800dc6e", "106b4d87576a07cc74f8ba9519d9730b50dc7309e69d0e7764822af981d98e61", "1328ac0cb151437871e7f39f72b20c13fb9fc292adb78054f30a8f958404e4c6", "1caa72377c62835653e1c1b062e418c62b689f8b6e600b739201a1300bae1bf5", "265a6869c2a2f0b3f35b316eda5e78492ae2a574530c39a1673845245a342d67", "27b0bd35f9ee7752e45d40707a3a777d20c8563e7067007101ec8de9d1c271da", "2a1ca1f2eb72dd935b9ae4594eb332d9ee7363b70f1fa40e6b3a1a4dbdb44e1f", "2cc2fbcac3c4262c49e3ad49903d4e9ebc5fbaaf9a2ad65ff53f808380b70a12", "2dda30d522c1b72d38f8609a3bde18de25aa57ad7ba7d90cffdfc0db5cf6e977", "327c64ca7348a0e2e4651a332776d10216cd77f77761766a12094cabe446ca4d", "335b40ff58a6cf92f16ad95349e2cb9dc42d71654cebaff642fbbc168749bf26", "380111d3408eed7a855ef759d4304570286eb4478d35b0ad1f35cb17b853b353", "4392d56f6bda858b04d0a4cfe1112fba4a80c56bd916618b804e02b703465dea", "4a5fe09fd3f776a86ecdbfdd0c6fe9abfd962a16444ec8bdd2dd03704fbdac6d", "4bc0ebf4e04816770e0176a8f1ba04404a6d8b09150d21bcfaf3387ffed06606", "4be4a46ef25e71de87371345da22d043385a72a479adf2ed56326cd69b2d500d", "4db8c7a64afa55409a39042cd1ba8561230da23185f0b62a6e2243ad3efef4be", "52a1a1863cc969cd93d48371e9d24e59cb691a8442477a4d8b1c25c51e71eb13", "553ee2ce6d47e651311ef3474dd28614352e96299a05e960920bf5d33de1c0ca", "55a56fe6c486efccba6fbbdfdd5df7f30ffd0a64b4a0482a40b17c62ffcc1ee2", "5e57068ebeefd8c1055d6796243e4a092631428ef6836f1051ff667b6115aa3e", "6f52cc28f5b7d356b6a0876f2d4c2fc0696030a17be6d57be4e7e3fba07cd9d3", "7279c31b5e13aee7d9e0240495ab1ea5bc7b141ea5fbc3c1db3ef13e6968bc4e", "7701b8f968a514855a7d5fc3cfc808b10740a52ef3eb50cab1d63d242f17eeab", "798de37142e18c06bb76958382e3708505a2e47fecd2679851f4b0b1e8c687a3", "7c6a02a0103d4e4c2f129ba65123d40f740e71160eaefda43e83ce5e9d5ae6a9", "7e7d214153af23923f9b130a044a9134f0168005495d59354f5179b5336846ef", "7e99837960820dcc7b4951c6aacd3f9ab692744a3eb2302992cea8908bf0702d", "8534f2b175d35171ec2b01b22f001808e2781980de552ecc830b1cc21fdd0890", "88863e1d3d557ee78bf2b3463bbb321241c85dc98dab599f15f7ea138ce88eb3", "89d61e33ab819e39299ed9c566756456c0b41453709ebcfc0cef19b42017b644", "8ceb370bc8c3894aaffdfbdfbc5fe8a9153692a603121c7804c7c50aae3de8c9", "90f5d092f30f719f7b9043adf3f7512668c0c2c35d1cc20783dd758a2850dc8b", "915328625c1a42adeb1bd8c6305d4b93a2a3f652fc635f31f21555aa5d003a17", "91dca635727dd1e0ddb5ac65c13c6febaba75ef30cc5dafb804eabf13a12cd38", "923895d1e2d057846792929ae2ff2e9925b91b2c908693347308e8423c48e642", "95752e532069069044d9698b009ed535e76e5cbff27c97eae8900401c356972b", "9d9220fc117afe407cf46164624a275f181cac8f4601abb44b6491ee2bb8e87a", "9fe817eb63df61efdbb8c94488f81ac251643dc4209c07356b353f86eac7a16b", "a27a49dcf93b29865290b7e3301bec0cd3210158dc8f1521c6ab7c370c1b7e5a", "a2c1f7aae555ab418f17ae41731c9d31d90e39c9f8a5432f0c571b7115eb4800", "a4741706670901de260e6c1f921c83859ae93ee2dbda4973799d6ace8a2dd4e1", "a669d932abcd7f26520d30e00454181a843f5508e589b92b5b3ca482d39b518c", "a7ce8b9bba9d84d7de6962015db1570c899c6992eb6de6ce21ccd17ea7fb0751", "a8828feed177a0befa7ece8b0117a4353ecbcedeabb956b64d440c3722e1b314", "ad850a4f112e44061a48f9dbf4a3eb1e9862e15c1707157f6f235a3a37b56977", "ae93a9504c927d519d64ce6863ea63a9fe1b6d6c89f195c8076b3f4a003e5c3f", "b64b748acd4e8f68f52265b45208deb68082482d538e73c2feb9bcf3245e0531", "b93c3fb02d9c19f6713e50182b4314e9ba58335471692d895400967146ad7f62", "bcfdfdd35de7480138580a5682fad18d187988e7950acb9d9e8ed4597a88938b", "c0bf04a6c64c8f49e02154e39d8955df3f31753d29448e74524dc59be5da0027", "c3fadecfd5653fc05a791e6c9062a3a59329e33a48e77a5cc735364d01724485", "c535ec10efe8d02a81a11b74ad99db24757eccb6dd6754f6740989bcab3c5e95", "c70695255812827df20d94628798e650dfd13d97423b85eebdf401ac1f4de20d", "c8e3d3f791f1d149f60e5a68fe1b1e01f45ba9f9b2085fcee7541d625e2a5d18", "cf567994cb7b1ff5df6cd35d4d14b6eaa91510494d3c84890d92502c7b77d3f4", "d7d25612960118eb311c2c86193e3c4f41d1924640a6458fd7d24b84e1884be6", "dd5dfce28a80c5539d96c685ab3457f8dacd40cd4eb616268914861242ead8ab", "e6c61d411dabfb3a2abd81ea36cd40138c8c48a18b832580ac6d5d60c2366a82", "ea023e24f29e18264371462259890bd180aa09750a269a88bbc63d3da9afbf06", "ead6c49ec05dba34fa1c58c16a3dcb0e9c3e88691484e2342f08d4e771067299", "eb8e9b76e8fe6bb08c7d519f059d3e581347ba4966d153520d6b7338b6770aa5", "ecb3d2f8fbf5ca7a38e9dd018c3004c734ace8863bca8daf0a902fb249fa376f", "ecdd3d89feb4d8293e35ce74751f13b477410bef9f1187a2c1141e2a41d8aeaa", "ee1ff0182bc19d430e12a8c88b8a9216e9dc41c8bd055f8d633e4cca8910dff0", "ef630241e2ae54cd95e605ee352385172ba6b8955a662f0364ae0dab16ac7db3", "f39200b358da45b38abf8ac8928393bd15e2aa98f597e969401515a299e6473a", "f3e133df34ebcb32429c401201a0a110bfb4d3f1da67c5b673b396f000e9cfe4", "f4fe9493460e5392b666177032780d2cbfe9f0b9a8547c9805a02b2f24f1fd9d", "fc35dac8265fee007fc1ee7006d322c8d35922133235641a5f45afb43b2ac123", "fd9c717c8349d58257717d05a764b81b81de8c6d475267a1659b065d74bc8e57", "fe38b34fcf9a39f3f5e382c53148a210c63f45d5185f6f353390f9d21bb12d8b"], "iocs": {"domain": [{"host": "bazee365[.]com"}, {"host": "serhatevren[.]godohosting[.]com"}, {"host": "mediarox[.]com"}], "file": [{"path": "%UserProfile%\\405.exe"}, {"path": "%WinDir%\\SysWOW64\\E7LYsu6obSo.exe"}, {"path": "%LocalAppData%\\Temp\\kfcdv0jf.wos.psm1"}, {"path": "%LocalAppData%\\Temp\\lu4nllxj.0of.ps1"}, {"path": "%UserProfile%\\Documents\\20190218\\PowerShell_transcript.PC.gVgu3PJN.20190218204843.txt"}], "ip": [{"ip": "189[.]236[.]235[.]73"}, {"ip": "70[.]184[.]86[.]103"}, {"ip": "76[.]113[.]130[.]72"}, {"ip": "117[.]52[.]20[.]53"}, {"ip": "66[.]216[.]234[.]131"}], "mutex": [{"name": null}], "registry": []}}, "Win.Malware.Bublik-6860562-0": {"category": "Malware", "coverage": {"AMP": true, "CWS": false, "Cloudlock": false, "Email Security": true, "Network Security": false, "Threat Grid": true, "Umbrella": false, "WSA": false}, "description": "Bublik is a downloader that targets Windows hosts. Although it's primarily used as malware to distribute various banking trojans, it's also capable of extracting and exfiltrating sensitive information from the host.", "hashes": ["0077f54220e81d1351a81a51f7089e1e0344b0e0c7e1db2baed69fc42d212eef", "02f3a6dd7ec83508d644551b34f082a47597d91b70befc75662fa7afd2c1a4b8", "0f155a227bf791b43ee66c51e5c3d6ff7edb46a70476239e7e3eac2af083b942", "253c1e82213e8075144aaa722abe1786110d36c845f3ab62a67383ac53d33298", "2565901fbf675dc8bf6bcff213ddde8f274a96f016dad4ed8d6bb04131fe2ae3", "2623f7ef229170bed9265f02b4570b272b2913154800d42a493404d8fb412500", "267298bf98507e02c999c1d38407d3f295d86f48f40e98fd33e8735861886011", "3244e9cc8b1d9d3cc7d5073544bfa675876d423e57edadbcb033b949a8c811c0", "327ffee4d88231c1b3efed3baed72a736fe7e1a3cacd02a83059774dca35e9e2", "34e85051b9718edc52253faccd1a85e09ccdb118ae289a24c5b3eb660abd4b63", "39854854e613965c6cf22e0380163f187867e6d1e25b8b85890c62fab1cf0224", "3ab69a728aafea29c3a1de3a419efd93b889aafc7eacaeb3a3f9d7c632dfa8c1", "3ee8339543fd72e79f03c5878520e9d0058e11ee49765e9ca73a7236e9c7b8ce", "4342cc9cb045b6c87fb822345e7dee6d9e46bec385de4ae7be1ff6ce6061572f", "444dd5b17528c2dbd05d8afb1bf633b4cde0855deb0338a52a17df67e7efcf06", "4c56d62c2af1fda0af9be1f377ad7d737e7db306e7dc684df5a7c0163f10ebf2", "4de35a78adab9e0f79a88a1452916719f42641155de80f6c90e5a152561cdaa3", "4f011f91715575b91312eb8a29509d9c2aa4950127efc98e88d44d08ce143efc", "52a6cbca15c3805effa45b474a732f9b74d38d35a78e3763380735cc6a685f63", "5a73cda9b407ce518c1d5a9c4965d6287e2e2b4193e8fa702542c684c050c130", "6fd9000a376b03dac177252a2e2879aa70c3f3365fff351d637f7b36aa2df385", "7081050e0504735e2f48c098f5758a5a01c8972011478b6c5b2fcc5e33ea4932", "8265acaed3a210ec5999474da742f447a23b407d5a0bc9ce1c42a48f609e6b61", "852d1d4ee1c4a04fc7ea5b849d6c663725fa89ae6358e251325c636e81a47a5b", "895e9a298dce50a19cd158de7f8a504d07948713a042e356d4207d6650815fd0", "9016c2e123ea5abc297d7e15c28f3631669f185461974d0b20e76b0323e83460", "9faac729c3f3806a63dc57568361fde4ca9a319f6a086917784db105dfff9f4e", "ad7e564c304cdb83ef5ddd30273e5d7e786259a77f73fd16ee6d7a40287c7d1c", "b0d8e96cb3dbfdb5213e9c6d2b86977073237a8da873281d42678e9be20e998e", "b2ccf5a18cfcd33697c2a33d13115ad8a751c9c209818bb924e85d312d136459", "b40bf28cc656c152c09c9a3d0212d4de3648349664535484d8f1e84ddcbf9468", "bc6cdbd98041d50428fc886ed24445226dede26b8a31a509980b028b722c7235", "bf27ea7db81a40edd5d5f4bf04282e622b0084c678aaebda7a4df8f4154a086f", "bf59f36589505acba1c89cce7bc8a17f61c9fcc565a1bafd42bc2ebf05457600", "d850cb06473a43e968c502bb784658d7899c4ef1bddcc8501a5df611abca5f1f", "dc4c2618eaa13a4c4788dd45266d0b6b50b1d2e02a9b5363c91c7aca29fdfa0d", "de6259192d9c08a02c323213ac67472d13260f2107064538fcdf1b0eb94e25c7", "e7bfb67011152d43f1b6c688c280da1fb0091e8f00c0645083465fe4699fb512", "ea830c7e56f9f96553a9d4948c3dcc8a23fadee570500fa30fa9701953b7a391", "ec04044c23d8c993563691f227b815852510b35c101dbf15e074fc2809656557", "ec99c7f79f6158b3b67d4b8e394283f185e760362b9cc929b87b900b830ea441", "f1da8fe4233e0f51eb217094eaa7eb9e947f70e02f866498852f7c49b367b263", "f49615e7f20928b15f7777d9bd7c8ca34cf4f9509c1a646cbb8d2f257fff73e9", "f4beb98db76314367c7e9b0b48cb1bfc43b2a925562a6b95574eea334f482b91", "f78c4f17bfd1896ee510f1934f11a9711f2a3f4653225c14259ca31246e950f1", "fb001baf0c6591a075c57ea114907dde470ef40eda8ec126777a672f2aa8495b", "fb804b3916a6c00c902bb94de4d411f2980b13bb199d17c162c21a55444d300e"], "iocs": {"domain": [], "file": [{"path": "%LocalAppData%\\CrashDumps"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\7A9E.dmp"}, {"path": "%SystemDrive%\\DOCUME~1\\ADMINI~1\\LOCALS~1\\Temp\\7e9a_appcompat.txt"}], "ip": [], "mutex": [{"name": null}], "registry": [{"key": "<A>\\{32DE27EC-AB30-11E8-A007-00501E3AE7B5}\\DEFAULTOBJECTSTORE\\IndexTable", "value_name": null}, {"key": "<A>\\{32DE27EC-AB30-11E8-A007-00501E3AE7B5}\\DEFAULTOBJECTSTORE\\LruList", "value_name": null}, {"key": "<A>\\{32DE27EC-AB30-11E8-A007-00501E3AE7B5}\\DEFAULTOBJECTSTORE\\LRULIST\\00000000000029D3", "value_name": null}]}}, "Win.Malware.Icloader-6860563-0": {"category": "Malware", "coverage": {"AMP": true, "CWS": false, "Cloudlock": false, "Email Security": true, "Network Security": false, "Threat Grid": true, "Umbrella": false, "WSA": false}, "description": "Icloader is a generic malware that largely behaves like adware. The samples are packed and have evasive checks to hinder the analysis and conceal the real activities. This family can inject code in the address space of other processes and upload files to a remote server.", "hashes": ["01d804f3bb30a0082396eaecdcdd0e9e329ea3ee585b8e0fa4f24210be9b644e", "02f50ce46cb615461dbf0edf1b795f76a0cd8e9126ef8938a6a02266a98ecbbc", "0827b4fed47eb0605a345f1e733b3b1937756c28254913fc8a36d4ba28b83541", "0d572da25a4bc1db88843cc8610fe56e4a336dbe322c26248b594f7622113cf5", "0e3a72fdb86ff31b61661a473db0863143c0f7c8e8aa659b7cf318ec6756e1ab", "0ef73d5cc5afb4c6ad73cfd27724af99b562e0dab76485aa73414bd25fa0eac0", "106b0659bddd2b26246fc00b929e8004dffe15fb9389fc7bae7cc1bec7f76a62", "164966f0b65f4c0816a6b2af88f4846f15e92b0c2f4b76dee98baf875e4deede", "20b1446c4d8190ecd749d995113c5bc6ce8375da14c73f7ee3c8f717e6d42e07", "288a80d10c4d1a42eef45f92c1fd786009c10f8a54b1cebdf6790c6f1d0b06b8", "29fb858feaf6614d5e5eccf68f7fe3446b11fcac0067b2bd1e24a53a23f2b9cc", "2d7bda9823c838009d950022e78b9abf49246be6dd25c72c32eae10f43276c3b", "2fa1d8b8719ea8528bde7c3ecd421d79a1e5ecf63612ec52b4c8cedfb5f6e1ed", "2feec8571fb27548f20dc65efa838283c0f7be39dd8502bacd7472148f1f32b1", "30361d76097bc679434e488157c98625d6961a936340947894f7f105c3d406b0", "338d97248b5ff7489157822d0b0c413d550a46ce6da712e2fb838290bf7697a5", "34099d3b62bb8baefde01a72f6921063d81dcd33c2512df3755aedd5524f19cf", "349c06fedb963107c3dc825075c9517eb05df25091bcbb9d6407843b745409da", "36064556c3b25426b42b43e8ebdd7b9ca3b6d02a54f0eb20ccbce62e4818a6da", "39afaf2f57b8a1c6ed2ebe4072d0e81832d94d31e1c1f3a016cd65b500e14d62", "3c603d3673c795fc13f7440c38908ea9cc4283a3d79e9f03bf2bb775162e0a8d", "465fa07297f1aefff4acdc99cdc1e17583f57d29a0437f21e94c967ee2b6e838", "4c4807efed90553e868ef794b9d7218ab7a635c1d95f6e56c45b8c0e6ecb1bee", "4ca27d52b58f33e8a99d68509cb9487417844ea5501056177ebac910eb329c1f", "4eb6179bff74cbc8625448c010aeabadf5bb7ee1fe1329e80f54f062f67af426", "54e1bb35579827f7c0a9649ee304059c6a5317ad3fb59a532132e90755258434", "555e3e37c2b03b7fba22af8c903f5ecb8d1f6167da30e872e1c814b23623a2de", "564a6f7946d4f603eda6f055356a3fa7af4da17028a2e9d9fdc8f9e973d21740", "5703584bdde5f3080887a3e988087dc6e41d07e9c98c18ea7639ee824f05991c", "5735c9435155092e2227de938140b74ed34687143e6f31568028e91aa94db3cb", "57d115984d7fe96ddb1c8f97ed91816c9d1090fad613f5e74f8298ba8d4435f4", "5c7aca79e7fc86f0957703c698bcc98072c2c92702382613dc4dc53f430effbf", "5c874dc97df2eef64d5b4a6abffac752836b3ed0aa75d892f3df7e7806776878", "5f563aaad16ebd13d48dc807b635f6ae444f330a46dcbbb64737157e91aafa9a", "672036256a811d3fb24c2f6f0f3a81027200ca04ea28d3b4215e58163dd9089c", "69d608fb901f72ecb98ce7099964cfdf770972abf0f5e1161c61b04a9d58f9bb", "6adfb71564949b524a5db15b05235920c98f55c5ff951cf2fa3dd24a9569b3cb", "6e7812c2913d98a1cd4c5df261cbdaf04b6a5d4ad9f02dbf8c8bb7f4a6795204", "75e6b4bb28f7739b7adb69f3a55bfc12c0574d841acfe690de0ddb9b49f9a95d", "77a8bf01fcfec82c08dee5781cd383418bd212298e3a256bff54b393b1decf2b", "876d14341e13f6e582d87074a127d8c99883ba9421e8fe126e9306b15bc27d09", "8bd532f3bac5a48a0c3ad6d710da2470a213f01e9649fd404f45c97a7497e53f", "90419943387d9d35a51e32c6fca837b3e517124c1a150795bba8837a8d628892", "91523cd699f3389519bd404e0085d5bb18607b2ab2cade563f56b299c339a7f2", "9570686ff5f5b34eda52178b4faa54f37319a1e69189579f6cf38cba703b8745", "98719dcc110aa2e69d9e6e3dd09b70da4972641a4794d1cb15da5959ac4bab90", "a640dac2a59b8bbdf7b0c9a60713fae0f067448f74f586771c525d5ca5de87eb", "aa428a710433efadcc3036f9651ca659582acee925f650e431643bc961093043", "abd2b079f5072c1471c1ac8b091144a852b5eab1889ed275210ae7bd5425f524", "ac5422660a4264f02828a36e570b40d59250a348c616c40303d21820778e5581", "b0d4c7e1fea2e117933135963c12580d44fcaedde27cce9d13b4f12d53d71d22", "b1a7701399a1a7f407b60553d23dc6e13cd2ba7fe2df3165ebc5719e8ef93e14", "b62dcf4bb89149519f31b2efe1953313c4975f95efc5900c76262595c91462e5", "b7cc08592e4fb808b5be48a913fd97864cc13fe7deeccc3188c6ac35c4f855df", "c1af00d65ec875b5a17c224d22a6e838643be5ffc45a943b42506f2be3547d4f", "c29ef5e6203c7f8d71859b52584e75b8500c92cbb8a4be0c784a2ceea3603ee2", "c38d60ea89153f2bf19d6bb51378179868ea6cee700ae0760095431d8fe0339e", "c3d4dcda8d6c8676483869f54f1c0b716fddc0916317fd1c4b0d1bbc8ee738c2", "c66718791d3d000adebc623c1af2dcc00bb5a51fb5adc00b3cfd6992fcfa5d60", "c7c6e7ad0cc0143cac463bbfd15af759725058c0c1f9c80907557ded24261d71", "d1aff4d4d5a7d235ed437d33a86e33f3d390097aa6fe947a09989c1379d0f9ff", "d1e1c91af81830ef758bc3ddbe8908588b5866aab89ec87e305ad2a09559c2d8", "d3506b80e31ab4ad57d8ba9f0df8924860803ccfd6cb1601019e04fa8903923f", "d3d2ad31bb8cfe0b2f0942bb8b40124756e413b00a7a709b33ae2321664e910e", "dc7e98e3426c99b42f6ce418a49b37ea5f371c5ab9167dadf29f557e4b4cee6d", "dd98dbe8738e0cd5437cc5eebc282ad330c2780c30c5f95133698026f39923e0", "e0129f662d4c3ff4644688268ce61923b14704560130da1cc7a9b9025ff52fd7", "e31cf43866e4e701f19604f9cb072bbb1cafd5028b510e03001eb8c727b1bf54", "f085676686da94110c693c2fa7fe92203e46dbe7d0669291ce4c896589464bb4", "f2f93e25e17a66f3e45105bc0b18c0349fab7ad9f17883739c7d81cc2aa44462", "f3737025cf777079b5247390ad3778390595b1ed86fc21b446be56f70d7b5dd8", "f5eeefa7abdfc094fb7deeb7611544ec5430fe2a67f605b7a5208dc5861109b6", "f9bf14b9df78ecf8cc55d46f4227340173d7aae411d6179310f5186c94d12712", "ff0813cf4eefa25a7e442723910001f8f36dbb0733eed8a324819aaeb1987f61", "ff6044433b573b5b6e148468737572d88d68d8a64ac4b904a6a8397373b34a11"], "iocs": {"domain": [], "file": [{"path": "%AllUsersProfile%\\localNETService\\localNETService.exe"}, {"path": "%LocalAppData%\\Temp\\tsc131118.dat"}], "ip": [], "mutex": [], "registry": [{"key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\localNETService", "value_name": null}]}}, "Win.Packed.Nymaim-6860565-0": {"category": "Packed", "coverage": {"AMP": true, "CWS": false, "Cloudlock": false, "Email Security": true, "Network Security": true, "Threat Grid": true, "Umbrella": true, "WSA": false}, "description": "Nymaim is malware that can be used to deliver ransomware and other malicious payloads. It uses a domain generation algorithm to generate potential command and control (C2) domains to connect to additional payloads.", "hashes": ["016fcb5281374301a886e62512c80bace5093baa28317392fa47b41c3fc9c209", "04f643c92239dd1c24928a3da8a7ffc6974223fdce4c64f74ed16f77e606d1a9", "06fa8ba73421f80a6b6a872832bc5fd37dd045280dfbab48d18af291c4f3a0b6", "086685fc1ad9812ad986639b77db52cf570c63fef36b6220dfae184a4da20aa9", "0e37a6e0bc2078eb99991da03dd81d85a169b0646637b8d16240887e8fb50f57", "0fd6c83045db3b972b5329f11e6160251b53d1cbbf61f8b065421b8231982f2c", "0ff32246d64c9529c01cd62b5ce2474ba77f11422d4aa14becf0b34ebc1d9b40", "139572026f38ccfb8fb615a0a202d9b315cca46bb0ae31870e60aaa1b7db1d23", "1655c03b41b2a5ac72829eb3b4867de87c3643f2e7cdaefb9e88392f8dff916d", "175398f6a76bfb59c31c9c46c2d7c452be9f146451197042c5e0ef39a42f07b8", "179c96674980e6ed485fe00d82141c3729274b5d6e13129801d445c981264e23", "1a47d3a4951a6955fee9f29e0e6629b6e29dd4db58378e7ffa8aca948688175e", "1b6d29d704243956e14ea5a259398b9e0b52544bc8ba3b6ca1c172273416517b", "1cb1a09aec8926e8df8dd7edb1ccc63ea7192330ee36704ae3b2b706a6630cb8", "1d99c9bfce431b2422370607430efd5b155b76ad58dc615d79076b8e0f2a7e6a", "1e07e0277acf86c37ef6753ba1a2532e933044c7656ecc063c236c585b83c26f", "1e5d95ea42bfc038d4513fa688336cd73622ed707ed188d66aed4cf6ac1086a1", "1eec7c86d30be19611b16bd5e17fd747da9df96fa2907ca23acf1801b6c383c9", "20d599362a7f80b9964569df6e07d2f18e434be47fc01dafa7e7d73831677a42", "216a5552de53349bbaee2f121538c7b66783f1752a3d190f5b978fae27a77ed0", "21c85e5768071487832d29e9661f68033e9f7baa30597535ded88439cb67796b", "231d98cb92d4affea6db88d42b31f8b0d001a933c97ce2e670423fc1d185d6fe", "2361248d5291c923b8763530dd5c551accda742d6e7d15660534ab56aff11ffe", "23e28028a5392440dc99a040a0043cb3de50bdd678ed26777b72437819657d14", "2472ef7f75de9881f4c6269de9093721147918a3ae94fed19e8078d9f42695ce", "26ae043ff28786513b454cee1d803c5f1cd05d84b0de16a6c062f91bcdbf37ba", "2a5a3a6ddb81e395cb3e43a5ca0417e51aaa688f0e26d6f0a1f2cc275f45e63c", "2e3c2ea93f1863b1679db4ba3e3d0139ebafff0983eac44b39997c2876a94520", "3c7671a19cd655acd5b6154d68cc6f5bc558e0c88d26359642cc8b386f20b8d9", "3f60896559c1594e291f81b6d003212c125a11657adb71bcece0c4d6140826b0", "42fd808a779b8ac3a41a86bb4650db1c79bb282c98a6911d82064b0e89f4fdf4", "45dc4b81e0c8f6f197c5cfe9a35fb70430b798272f3425566fcccd35643dcff7", "470dedf205204152fbf95bf3aef122c8f671337c4c09aa74871fc2beac4b1ad9", "4968d5d24f2d5103c2bf6423c66b94d04ac1db8d1413cfe72a713006d483cd47", "49e160f7c40254298e9128a882d9207a181b86cc6e001e2644dfdbfbb3b6b8ba", "4b22e93dc32ec011cbe71d15b023356dcf3f0715c0a055fa84ae54e7e7d6e7e1", "4b34ff950428ed3be39413911b7b30e9e63e80971d8919c177bb0891b7c1bd03", "4c01ccfb010fa509fffaa6495cb86c74e5f98a89be9c0deab4852045883dd25d", "4c6eb34c76678afdfbe8f74ca764f6b0145efe9eed627bb94e3865025640e46e", "4da5bc8218ecd2ff33b91b13d28bdca3d1fe582d176ba9a46d046ef6966116a2", "4e5ce0ac5d3709595e8db344376dece4cd1852fd08dade51c6fd100201071e7a", "4f5e5c7c94c7e5ed0ba81c09e79b8fb0f1c4a71d8280a7fc865d52fe4dd74615", "500cc65dfd96d6737397414ce95b04c735c8bcfceafd73517f9bd8f57a645293", "53077e86b836be7a804ff01df82261c2da212836bc3e4eb86fc2f35ae269c424", "5470e22e1c2039469d55bf89bef905509099b94bacd5ff374bd24e4b34bd7273", "549b88a428c72030420aff0808b1ff8ea0bac32bec8be69f5eeb7ac8f094a4d2", "55e288dc4f9006317ac4f17279404e951ffe9ed9ecf8f89a4e3b713e09957f91", "55f7a2c7aab2da2988380107ae671c4491b490475307d4b7cadc9d5e4ed09b72", "57521d8bf8f76d375f28e35d21466c42671112fabe88050121f8d2fd5d6b8605", "57be875a84feb03929625d49bc5442946ee987bfb7c96fe7986c06719f9a5f31", "59ccb5ed888b31c1dd09a22cdae99c92bf93d2e6b6e8b19adf2774ab5f764ff0", "5bd62912061b7dbccd0bb8301d20455b82159ed12022b526544a92c23ab55d71", "5c22f19ba602dfd0d9d257073ef341eb0f9fa7b609a3797592968b2d86c3ea68", "5c3c255e1749a0a94df7804aa78a8a426173d095d81c89ca8b67d6f5bc3a1a9d", "5c4eb46388ae07f98b81cbed1d51b5fed015b9cd2955fbd0a0ff379dc2bc9dd5", "5c9463af54771356c6d1c0c170130d9f7acb9470ffac9a53a2c6b6fe9180e131", "5e84caefd961bfbf8c5b537af6bcde78c80f7940d3750a93546b92c79bbbee47", "5f38bc518adfc423ab6e43fc044107ad4c869a3d0f7ee68e9f07eb1cf545fcb5", "5f5f10ffac2abef8b17074c297dbfc11d42905a146feee8ed65ff7f1a92c4916", "5ff0718b1c2c09cd3a51b43149341ee7a04835b6273c68a2105459cf1ec1c7c6", "5ffeb86d07583d3e392e997bab8c97e5996d1b5f7e45ee31d14e5ee66a939ef2", "60e86b5bc21c190408839699d79a9e3a2bf32f28bdb3e148ebdcdd3bb5605ed1", "6206c9084c80ab8a1b195ee45ec536246de08df89944d212a564f17813761da7", "6503179c9bfb199e6ba2776509b9a450757341c78bf0681dcdb0f25476230f3a", "6be510e838b76b97e231d43357a0ac1973ed58ef71f66f94e8629f02e860b9f1", "78706038d5476cc2fadb79b80242c3299d1f6d67406d4669ab8e50cfe194f748", "78af394488db7e6da4e67f1732bc38b7f2f0945519ed2b8fe21c819e1468249b", "7938b4e4fd89e3868095c9e10eb11dbc0ae4cceb51f0179e250243e730387661", "7a24b8f8402ce1a5f1a413aa87a5b7ed0a3396ac73961eb1fba881b2b42d1c27", "7a7a3e01ea2941af3a8aac1a45f0c7578d7baef6108d971966b030e596b740c8", "7ac9e237b020d56bb7c5135eb0f45939c19903059c39df9326b50e2f093eeb00", "7d17369bcf21f97cedf58d85ef42d706e727048c2766361d67363c634b54c203", "7eb2bb5bda310a764a6fc2f482303b705a7d5c8c109e3f87390e38ef64c5c73f", "7f7e47a611f61d2a84d7c989825ae7a7f8e31e5b68d1d4dcbb22049517316ae4", "8442f4c20b855d71eeb4008964c056dfd59ec3e05fb09bd6a9ba49face3459a2", "84caafebdf154db4ff5ef21f46b47b9e5ae2a140ed32eaaead0a1fe1add7e6be", "84e7ac85b5498242741c4040a4128e87a4f4ef6bf047132bb520eafd9da8a6f7", "84ed5cdc757c36b1ca7a3b512a2f394f3693f98e3ff4c28cff48b8c288237fb0", "894d242609e232a5557215914b6a47ceda141715396e754b822656d277021dd7", "897359317d49c59b9fb3834880212a12512918e3ce5e0f06bec0b89f785760c4", "90f5a72f76ea68b8101d6f8d97a8799dbaf056864ea09360990b8077fc9200b7", "91c1c86a75e3e75d57a830b4c7b344870d3a52e46ed7c70699d344042f0ecd06", "938aacd8065276fc1fe7daa21f4f28ba52600308d00fc90e915790258ff9a960", "96e9c2424e668f8e4c229e3c780dcb3e753130b8c861ba7a540e4e121d4cdd52", "96f6ab77a7d561855fe7cee5df580156022f1905d5634e465f65466d59ed4c3b", "9bb2e07e589a01497d8826724f59f3c68340c112d3de70581345b73ac2053ed7", "9d0603b97644f88391d627db5bcaaa29ca7220dde0e6c634706d5c996eec57fe", "9db9cb1813d1ddf2626d4c1e20fa08ca3991354e1bd392f83bb7b50494808f72", "9e4d3a3d010333eb90d9b34ee9b06d26284cc47810851e4ffcfa58a3264d756f", "9ef31e940fc615b7fe27e7b19fb9f4ec2cd6d112ff7a63906477cbf481f12683", "9f8b7e82b56169e4d2efca185c0d8e7a74952d89d4ef70ffbf307ca7933b155c", "a066f0007647006fd0d19c398d7efbd7005236bd9b9419be98603a4a7327035d", "a2dfa25bced7112f86ec2b582779314387ed15853fe5c8eb94f5d629c2c76f9b", "a6d5b4914e96178dafd0f93996d5fc4c2f5030f7cb5ffcbfc6ae85546d750ecc", "a7add2750d1275ec62fe995e69631acd225abfaa4940c9336f8e75e861edaace", "aa43f71609c78f71e21a702fb9af0129a9c5943252f03065b6576ed4d26b28df", "ac72f32a880f1d1f2e9db918fea24d34fe36443f7ca86b95f9e0c64e1384d12a", "acde41b81c5a9084a7dee2c93ae56bd901d6fa02aeb014f6fa69c8921376ee4b", "ad8ee6e0b09d659b4e8b4c68cffa4f62517b3f87e9e56e9f65d9421faaf5a841", "af6ac523b208c1673b05280ed69f7bff385bddfb011c17e9069d4732ac75253e", "b04fb51a6e87e19c2d12e37b70489cfb1733e7f4ba8675d1373967190437cd26", "b39543b535cb946640b12b9d5b1f18d9ef958d265cedf89e98f284dad5dafa05", "b4003c91ae41d7e0db49a114e8f3b07850f8a03b889380111bd05cb0bf21f509", "b689f1be5f0b86ab1de31fe24bbcddfafb59f995ca2cab2b6176953bac0abe27", "b85381872880850e2a1c98f2d54251e528e4f15f9fd3188108e1543f58e285ab", "bb42bcf40f107dafdbb84696f3bbbc3a2890f71b6726494cebcfa94a089f00aa", "bb5344db010362acf45d584964f749a78668cccb8c671666f8374c5cecf6e0de", "bc26fe652be17a3fb9d18c4b165066882a15037fe5f65debd37cf8b590e0a1d4", "bd256bd4ac3009de3a17de5d7b3157ee6baf243c84e2dead929f6626e194215e", "bdc9b177df890defc8df5a3ca4ca731a112937b78baa655c6bf8c87c88c9fc5a", "bf52452bdc6427de446efe176af2a5ea330381eda8dc445dac638577db26034f", "bf5757dd70e40e8abaab6ba8ddc9ff8027c99527ef263d418ccccc21d79f0933", "c09f8b25b674f686d5bf738fe5ae06eb15c48e1e75c03ca74d45dc3cdb772192", "c4c256a6dd266ecdce7af029123cb8b3f2dced0d26f57149eedba4b29256b488", "c5fe971350f7a91386f840a7da9ed1c06f1d400960b9d774900537faa4b4975d", "c740e497e06326d1f1f901ebbe933396e0098b7299be38cd7ad28ca452cd9d28", "c8128dc3a067900528554396deab4222b8100fdfccb26e3a7a94f508fdcbe53f", "c81763c2de221e83997b3fef0e63e971688a3c6e39e9653a449e860e324b952e", "cc0bfcd742ac6a6b010e16b424c8fd304c167baf7ae4a9970ade71904b640401", "ccc92da7cb41d51b8721f15ea3c5a2aafc769aeb51ab049dc5cffe6a254f7f51", "cfec11e4171d2895013bc61271558ea7354ee8572e6e274227b5b3857d2d9a60", "d381fe424941748b70f0cd9c1acc91f9b93312337a327f9fc83152631d4015ff", "d7c7bf1bbadd39957f209545b9da111ede662738058efcfbd8093d43511393d8", "d9afd11ca9793f89d82efef633bcc06405eaf59a8c708db7fd8016af7e88046f", "da721959ddf8d457a934255b732aada3248482644d24b6f4fb8a5181deb01471", "dc269357819db613ef217b82d87673cd4b804c6c33e7508abfd4051f456820cb", "e017eab2f93366f86ee6d408a23ae0da47290fb3937252f2af0bb8365048b17f", "e4278f21800092fc527dcdfad91872f331a62409eb2b9121b9ff147bd0cddd63", "e69893009f842fecdc107718490602e919e26b3488050dadf62c3853e1cf5ded", "e7059dd31bcfd6824599904839e9f80cc2a24aa469a0d3d8aa8780c219889dc6", "e89fb84303e158399e576e4c10862614bb00042895d4c86e683b525d023bfa6e", "e8d3a18e6b39fdc6ea76e0ca83959f99565b15132385e7bb937a212101864825", "e99fd892e2ce809be85be87886b358f5e4092ae0e241e2fd854d3b8e4930d5ec", "eb246769f1b1df2beaae1e2f01126fef89d2d1f25f42b7a284a6f317eb8c3b0f", "ec42eea1ae4e0a854d86a5f44c595dce5ad4b762a49cb53be7bd6805ae41d2b9", "ed5a160beddaa9f96fa40206a0b8428e8bc6b22a51eb2301faef5bd3279fbea9", "ee71ba12ab38310d230b2f309943835716ffe09dfb82103b1bf63009c28d512e", "ef70bdc14b73fb239c68b29c91ae74958a4b23992c2959adab3c24a731c1a19b", "f033ff63310247567e1d6f93facb5b5fb80753c652a78232b4f9f8160aa0497b", "f04e1abb1cf7293a984c70cf578529cff6ff919ded032c3f6b44dc37e340549f", "f510717cd4b60bbe0ee4535d15d9dbdd868abc85834a104d0f85231886bfc634", "f63619e8097e44ccf8621c190da7c64a3bc9dcb4acc8477c31897d86ecbece7a", "f671426db0d10baacfdd60581be0ddb49350c5815404c1cb827ea861237fe692", "f748ca553de5cfac14a8bafc19e54fa5b7b5ebf72a4b6d122efeb66b459d61a4", "f8206fbbc0f65f3c7f531e9addccabe860cff579d3fc3cc1a1f92fd5aa1d1065", "fa30e2394ab6a8d503de6a4aa83499b871a928025c250a2186fe927920e4e35e", "fa9b18b8918e7772880ebf57f0b6f10c0ad8c4af8463480c53a4f387e9768be1", "fb513969e8c01c261a9c5fa3172b2d09f63740990eb3148367a3008da66f12f3", "fbe366cc1806143b0ee5d479f3352bee0d6fa8f09fbb5b562e75e37fbb2bd8ac", "fc1beb994f2434bfe0362bd0b0fdb6cad3639284c4c3cb5e1020df104481c4c7"], "iocs": {"domain": [{"host": "wmmjykpublbk[.]com"}, {"host": "yvnnzvdcqs[.]com"}, {"host": "yugejra[.]in"}, {"host": "xriuhkmec[.]pw"}, {"host": "zhvar[.]net"}], "file": [{"path": "%AllUsersProfile%\\ph"}, {"path": "%AllUsersProfile%\\ph\\eqdw.dbc"}, {"path": "%AllUsersProfile%\\ph\\fktiipx.ftf"}, {"path": "%LocalAppData%\\Temp\\gocf.ksv"}, {"path": "%LocalAppData%\\Temp\\kpqlnn.iuy"}], "ip": [], "mutex": [], "registry": []}}, "Win.Ransomware.Razy-6860532-0": {"category": "Ransomware", "coverage": {"AMP": true, "CWS": false, "Cloudlock": false, "Email Security": true, "Network Security": true, "Threat Grid": true, "Umbrella": true, "WSA": false}, "description": "Razy is oftentimes a generic detection name for a Windows trojan. They collect sensitive information from the infected host, format and encrypt the data, and send it to a C2 server. In this case, some of the samples in certain identified clusters can be attributed as Cerber samples, although the detection remains the same.", "hashes": ["00cd7c1116f489b0cb66d67b3fde935928f891ae96656b6cba08563e3bc37e36", "00d74b27e8660696a3e9f23585fd484e01c96c6ce6fed3a06082adffea90423c", "01b9a1ab489f0499eeb7e8d67d75b42faad1c6fe6f4a1e4353f2e79c5d92f5cd", "02b7190116a9bb98467f28d92495c1bee74c60af05fb58fff8199909260bacd9", "04331cdca654e951f24f524d5d624f7137a197c99ab63aa9aafab67b56fec248", "05863f8c9b9608169db2678d0cae1bce91a80819c091b9b762dd05cab2dac6ce", "05c0678a044fab83eb77232a298f9114df78b1084b709a2dae59fded201919e4", "071e548c39279c6ca7fed247213cd877ddf2fa106e5b8892a85cad4d2605ade0", "07a40a71471037198a9e8c5c5a4e45e52115f772f598a2db0eb8bb187c914c40", "07ce564ba06045026ce86faa30ff216f21398427e300131f202896441fbdf1fb", "07d6477d260ce2bc3477902ece2c2bb6e290f1b36f04594c40292b049d42c6fb", "08b07947fdf606f894e94678574056641da5db8f4db7f5774449fd21bebad29d", "09fffb50fd033e16a63834d62e2ab5b3227abc57252e87509398cf6ad8b06458", "0ae803d152f2cb6bb68e10c0c9244b4aac63a11a43153f2285c2b674fe9fc657", "0b77399249b1ce25a8e408de81e3e46951a5eed52043069d1e48a407c0a05a47", "0bd766bfedd04e188ee3885d523f6cd170d0c36bc159bb82d3772b51d8a36022", "0c26799f75d7d16b8ebdf13ec6940cf3182af53e9cd451540901769380de6079", "0d5d73215146991e0b32224281c6b8bc01248674f993d5d9fc90f5bed45d0d2e", "0e23f0c0cab7a1e82a2909ee3abce4f88dbd7c54b7a748bd7966b9b1997ed09b", "0f5d5c8840b06cf60283ad399e55b6bbe7f20edcfb26d332fa72c4103e155e68", "1360e01b934cbc6ba2db60091ee38fd23efc5321a5aaf17563dc61a7824cad96", "144506736eac91ec05d88315c8b74f2582a5238e48b41a716d55190b5942befc", "16256930f1ee4e254193804f4741a81b427537e666aced7ff823ed582359ce2d", "165010fd8c29e7947144e776dbe81a84816a322c29c72ac21dbf6d436648e382", "17304b3bfb5ab40bc65b53ec39294bdbaa8e032dff44f2032a0b5a7c0b96879f", "1736ba5a58ad64c0ef9c878d3724ff82a526d0c142cabcc9f67494cbd027653e", "1826f557a56e1d7d685ff15ef6762f88ca913e930c179498a0fc04541f6bdd98", "18b35884b78e5fd33ea0e272e24e98fc3ee2db04bcb1f3ac4fbe714a7387ed67", "196f11f108728d06bbf8a56da3d54027017766728ce218e6ac7d1a43703eaced", "1ba713bfbd85c23129dee0d34d6015a7bc9609b7e95fc92d510c5a3eb0601d79", "1cabc206eccdb87a6f43a69e072e9f865a77d9c34e09dcddc8a23c418f6e6cf2", "1e3d834f6967d76944875c77ea54a15702f3a4eca1c5c02a42e2daf1556da576", "1f53ada74af5fec85eae373dca9bef5788f759e63a587b021b4d6c3314ebe548", "1f575c00e58c1c54d0ac6eafaf0b579d2452d34628c67a5b4d493e00c9046d2b", "200b53da4322affd55d37cc8068a9b52f38ececeae8b72e0caa9be069621cf2c", "2138462851c91966e7175ab6a87f7e5596f9ea6cc32341857270f1e0bd151fc2", "21f0b235d53eeb928b156a4256248ee566dfae76aa4e928e1b96d6ecf9e78eea", "220aa90aa33fb998fbae57dd94b86d98915066935f4a43aab714edfa6ddecc05", "222a4cdd622438e7da57d65331699fb489e3dda48819e8ee0a87bb61d14714f4", "23e93bd3bc8b8aae55041e0c15e746954144b939360cef111d23f0bd5c647b41", "26a58c041a642594f603455d2bcfb9bbd75e0ac12b17a7c9ab8d373950a36f10", "27c10167f43845da624b36619d15f3395a4299cfb812b9a70f7c865d1290bb97", "291118f048f85b83f0dcaa6e02c00c1cfe98b61afe0558df670567fda73c4283", "2ac4f84154e758cf49f8f6dcd939e1be6826d0da321ea95d55aede25a62d4c0f", "2d688e6145c43a67b2bf585f50cf15e1de3a6c21553371b4e4c2a179415c6633", "30ab20431841226ee98e5cfc3572f0b5de936d6a3d14a27374fa81c450b39b1a", "31136e482aa3ef861b627dde1343b4fe5e8d664e968454dedc162db37964ae14", "3284592393fc66446efc73d6a4f06028539dbe2f484cf15b347adeda58e5f161", "3335de768967ce8cc6f47c24315311ad7d041687d77cfcd6ab612f7001258cc3", "361c212ecf702e85ee4f204b6f5e4aae050f5728fc63d2d8bdeeda3408e751d1", "363511ef696641a1c95e75dd30270874b0f43747309d5d840abfd42ce8d002ba", "36ca38dfc55745df78a50be543e47119f8ee2a2f246db3f0d03dd6045d0cec85", "36ccc7be5316ff67864e9f7fc5d7f3a0f8a7194d47fe3c72487f168659065411", "37c5abd232e82eab021a92e0eb15b5881ca1a67c78dc5799df3a16d4a0bb2d18", "37e271a25820bc1f0b6555c8e90911a7b56287e1dd1735d77cf1896c5ae9ad7d", "396878438ef781bc7a87e19cad28699e7f2a247e257a54d3991e408b6d29b44d", "39d05110d9de7fae4199e734fcb925bca9ef1a9ebb4e8e132b36f24b35dced20", "3ae8e8f9632c1ceaa2eeaf66da9411b6ea997bccd19c3845dd33702666a436e2", "3b320a13791a0679f33307af05f1320e729b5313c03ce16506aa943abc2c578c", "3c21d571dffc4c6578c5a2d028beba1ac7aaa9c726de9b833237102d47885e86", "3ccf0b9cfbc33c5661b2a3a8edff86160a07511a6ca86825c093468ed53f8800", "3df66070749cfb23240d883021fd7e6c14a96cf7f5ce0e99e14a57041eb27eba", "3e802daef4fe5ed76aa0dca1663184769e8fc3a3fee3621d4092987a41ea311a", "3fc636625f6ac6a7ab327f483c89916dcb0cb8590a1c191df215d2c34273f027", "40908b420141b440970f8eb1a322de14dbecb319b69e223be5dc05dec6dc69b6", "4101417967429d0d8667c52b27530498ea4b2fa04f44b8f53519811d725e81d9", "42363244bd728180ed15620e9cf8704166ee40e80b0901a737a60da2dc5353d4", "4249e4a05b8a36485ccfe59441d994fd5564f2e2228cf209d12471a7096c3ff7", "446b13965439e9eed113b6dfa77c882d645cea623d50d0449e143f7899e68deb", "44cebf860bbc0d21f6f8525abeb2856e946afeb9390cf18948706777715c1405", "45feacde83a7dbf8974bcb8200b065141228690a90fc6f9c3d173761006ab7f1", "482c50f81bec7134fe702fa05c432dbe5c8de29c3f2dac179254df1665ccf262", "48dced6a5f7792500c9a6b8e714c3fa67f832bf2cbf8a447edb0724f3c5f781c", "490b09ec09f1753bc3b4d7b361e6189e3fbeea7b2e9c0fb5b4b83985dab6c1a6", "495b09f2e52916e382d0c3888e5f8448c88111746314854e12934d0802dece52", "4a002de49e77680e03439370435ac2b694e4356c63b24d8b94cda019ebfc9e4a", "4e7b225ffca11ec0a7df4a1b5e345839c4f4972ce098736863c46b4111f1c795", "4ea6bd6a542705a3c384fff255d13b56103ffd28daca120c988e56aac2e377ca", "4ed8f1e18ab1b8dd746bb662491ccbb7075fa488514a13bb93e332730824515b", "4f11eb0971d83f8dfb343ff46796cd49468a451feebfb9532a673fd4cc7b4014", "4f1f3bdbbc63f7e14c1504beb08b37e611e19fe26ce4c5f701e23b051a733b15", "5039d717628d45212843cfa20ec5a22f5d179411a1db7843fd04a8db09bfe000", "515fd019bcc0d72438d6a55404da815049b74dc49974e5e7dde5ab8089f12b00", "51d35be14494346b236c1eb25b0b965f4cc6722987eacf4902762a227ad9c549", "53d34be7d175b6ad619f9953cb5ac4bd557b1fe8d9de67438d5338e168dec7be", "5513e67900270510dca0f914487c93ee45b17d2ae373cf7fd55ffb6a8be4b508", "5591e33a4b8a45686b9030d02d02b5f1aa04070d78f9547fba0f6d365303a3ad", "57a2d94bd7d0eb143a513c1a807c7cbf87cd3f37157722ce6273ed38903affd4", "57cbfe24e90f4c8445afcb786c975a24ac7a976b2de61894252db392806ed658", "57fc18dd881a0a4b7e29c62af60f3444619dabf47e22fc6a8366a59eabc6f20c", "5a05c249268d3e45c92aa215bc2466dca8358004d684f0730f8694342aa26984", "5a5c9383dfc0c64a06b65150cf85c7d7741ddac7f343917fc9fbaa2cabd474b2", "5b195200be3a3fae0d29457ffb04edd158ce6a2f672246353b415bd6781f217c", "5b4e28a8e406f1612b24444b2a1f3d9e94b603d28529be3e8111a1dc3854a163", "5c7dcd8b899b1f26ca45c74e5a49648cc42d84bf5c8cb7322152151e570004f9", "5c908f1dd9b8b908f2da6606804c3480d2df7ff42e2a9f36228eb8550b10f34d", "5ccf189e2e20c224c05f8709333db86e871b5c43742608eaed8a60afc0b90267", "5cf19a94bd713a2f6e9d5cba63e0ed379a4436a51f0f1498d91687e9cba1079e", "5e3d50f3655b7918626f16102936820a249b4bfd51f4b3967ac7ba78b92f9d00", "5ffc63a620be11cad88a0f42772a03cbf11da295dab5f88075d09b7d80dde116", "6006d02bc223f001f18c628009d77b9b9b7b4d9bc312a8d6872c84ed52ba249e", "611d1ee879c542ece20b417ed7ce2a56aa031d966cadc8b7e9432f8b2478737c", "6336739de00fc38d7ad831a7905fffe4df295a71e44abfb54118668386bdd86a", "6355dc9e042d08363a7294c120445f80f56889c640bf4f44455e07ecd7287035", "66025e28cc25aa5fa867a4d5e7ee25baebddc64dd719650c8a11ca451a8149ea", "67dac48ef2d5f1baca31610c6e06a33750776d82a6fc784a93ac7f1a31708529", "692a45287c87bc588c61a7c403ce04209063775460d32ae748a2fb9bdf63b630", "6cbd7675a7e09991679c64ecf46ab3cdfd49691da1d5afe6d1879514f0c5005a", "6d2bc43c1139198108d9dc713c1ef7408e25fc9105bb162d4e0f7ada2d021cc3", "6ecb8fbba5c526894c8c4ec54a3b10844c0a744fc3933204b98ba10be9d3217a", "6ef154de7d2ca2eec13530e1a48b5a17f490eceef8211acc18aa183dd43495a7", "6f18d8e01c8cfbc52e6f8d1d9d5b2f4c68e09b15e521bb15ec76504519ff1fe7", "6f4b7ed886c9d0914280d82284f38beea798ab99946d52550879f05d9ae89729", "74e79f68da3a10e4a0b4223aa4d68bf3ce178619aef7ca88baf3f870f1830101", "75fbb9140807b3a379f9b964fe6718f791da2aa3685a770428a6520607a248a9", "7720ee399bb278c25baf898b6c6d039d13356b9299c467b4f0fe314be12d6ef3", "7dcc7f8d1f91ddc49558d452a8a39d07bd00b47dac8b5ffc90636ca93cda0537", "7e2b2abd62b7d82bc9eb33d0dce7b9bfaef5a24e261c9fc519f661f875db9656", "7e60fe10b1583a5ea15e00dfea3ed617b16c5bd85832c5465732bd2fd07b979e", "82c4bb5d8fb1e148bf802ff81de09eaeed57d895d1a1a125f4b3f98e30f7b840", "83c12069411782e81a1c2d6751883405599333df6a57f49367eca97c739b3e62", "85e413656478ae79bc46449ba3ddf7922706e9360b22e850d3ff9fd3f467b44d", "877d7f20c4d416a305ac3a72077ea196ef00a8876e7495ea426e0ce95e2a0cae", "87a78e96d0e02e1a014cc5e70232ccfac3672ff682138c32ad528209db5b4d5c", "88ef42c5f3ab98d589acafb5fecdabfe6d200d35ea5ab98af41208c0e7c960c9", "897bf83e8355dd2d7aeb541f8f03fc0745ad05330bb7278dee5d11e859358cbe", "8b85ec27b9f7b0baa996fe0057cca90151b9b5dd368ec0f137286e00111542c8", "8c8b368f07e3295dda6d932dc69ade925cdbcda6970a698262ce470586f53912", "8fd5acdc91a00d22e79031a2775c0164d9719dad16e19dd0c7751cdbaf829b43", "90401498b51b6473cee1e5aa5c93367cb866ca61f27f5e410fc678808a35ce8b", "9082c43fa13f6438e6ef9efbd9f3ed76e93be74ee4dddf58cd7f4700db4385c7", "91b7d4f4ff7367759f1b0937c535ee35d6dd01020a90cab77cbb881dc200b464", "91d003ab7913a919a0d63e71ddd05c59e16d40aeb54a1006410a6721951f870c", "93cf16900743bbad70ed5ed6415582a036fcfa1cf2bc029d907577fe818f6504", "94ea12bce25656edd3a4dac239fee54a47e4cacf71e0513f6c25dc5d992fb2f7", "97149488ee78f28563df79afea03a9fdb3c3209795eb30a1eb4508dc4e146f5a", "977190876013908416b6009a859f1cae91489555d5911e9e3c4a99326b53afb6", "9796a9765adc8f383f07a1723a0a10c9aa1587d6d6133ff6f819f3e65397c802", "99b1dbacf65d5593d9cecb5b0706986dea3e5eadf06d28d5fd253d0eaf95824a", "9a6c7a3545061bfac74523333b5f620cc052c6a3162f052b729fc1b5292f1735", "9a813703efa4eb0e22ed1175304e2324299eb00675e9187d8d4e87551182e5d1", "9afc26db0e8e7ad8d78085c10602e76b26c0e4ba95626090a5ce029e30989df5", "9b7a924ffcaae21c5abc6a0cdb125b45a5582a46cf64f93aac90486d6bbbdde5", "9cbcde055cc7d59c77d3c98ad6e9d235d138d6138dda57556036ec6e38cc1936", "9cd173939b001aa72adafb4294248735be46674789354e930418978f7dfba6a0", "9dbd1abbfdf5e13f824f2cdc085095898d84c6332327fd71726f36469f92a066", "9f6c5eba6eb7596d6ea7e8f645360e7a04a4f19163fd72f46d3169f9f94ee529", "a03a9a54fb0c642687232d839bec34659d0aec199cb2466a33f5ff05f8facf5b", "a0dd76f4923a73a71b471b99d078438684e773878771ab08e0b15fa3b33db8ca", "a1b26acef931e0d50bcc85d2509683e8ab49eaf9db72e6dc294c168f432e482f", "a270a836fd6ae448f4830ed816d318099c3a99b5268bfdb6ccd44b0606827156", "a37ca4fc84657c4d346633d683699ee36aacc832d59b273ac9959763c5203d0f", "a7cd81b982befa2b9199e2a1b20825fe2e7e98e5ffb190b5847069fcfcfea771", "a8cf3579a49eaba642ddb0387e51c6ff002ed64870e5cca82125177075d7ba1a", "accf62314dae832bbda444740718330825900a2511b01fa588fb576a9e66926b", "ad546bf0dffbd7e8f7ada268d164db5ca54e46f34b6025bc464c0d542ed5dcac", "b03ee6abff8042cf1c1218753956a537b1eebb7c4042fd23f2e377a17a67f9a5", "b0b41559f4a5b93b6842893d81787e3ef0af951631bc188b12f0ea63c2b39f20", "b1cc921090619a2bae49ad62e9c7dcb5527d9a41aa7cc041eb8dcb37f8834c7b", "b1ee712f98a2c7b2f72c69996d0b91e21274d231a9bf06620a836114d85bec64", "b377cb73fef7e24e1a4021d57c7e1e4af9981a666059e95224d2856e40f7d40a", "b3c0bc930d0435576fcdd18b9179289418f05606838dac530945f2906545e333", "b7c438b669a79610d24f06f4ebd29e009b14117147c49c2f2d41a3852059925a", "bb282d0481afd9d014487331034ddc0e185ae7ff94184675e092d95116cff696", "bb526667eb3996cf530c13e4fb02a82208614985631e8a8a584500413ed2e054", "bcc2dc15984541b82fac008229a0f498ed9f44c4ef62f6a99f0f69b12c99618f", "bd3f49a6fa8ca977cfa8d4de812f8b7e87803cc6b7019c3ecfc9bc5abe129efb", "befce355cac9a95bb3cba957a9b34134226e6031479f825d04c685395f2d469f", "bf421877d9e9a607aff1a0b5e8fbbdbbcb78cf71fe2b15f7e79591d9494f5278", "bf5800882d4a045e0883d1d105439f8e7c80b4840483beca648d23b736369e16", "c0d29be5dc0fb8f7bdc1030f03722eba01eb2de711a9a6f4d4c88edbdd662c42", "c2c310c16a66470bc42872fc000370614c860c3a9b3461a5073154ab654371bc", "c6fcb3a8cb9b1959a61f0705bd43e9d4d5c0130c4e0451bc789ae1d280273b92", "c82a56c14c024034bae73ddd29df15082d319dd69d4cf6cf19ca3c755468e02c", "ca8d9b7e256d45e43ab127b384f14beb9bc064de22b5be983691633fc4d26063", "cd4c18fa286d9931fa1b3dc0b025b4f73b376a2988c128d8f68581594d0f9824", "ce516bb192a36bcee6970c1d8ce20a9e8f04c5d6e001945662c803ffe0f93205", "cf735d397da682a69fb63c6bd3d48e5b65087fa7b4e0ec28130803534ac0e96e", "d7f2474a426a5190dce80262bf4da06cb5ae5eac427e0e149b739fee704d71b5", "d8d70980658bc48114b374d1361139db75233817c4d035ce32fd96ffe6b2cdbe", "da3e840f19414d77eb1d23dec6faa3285ecf1cb44a54f590203416ad5bc619c5", "da771dc23e71469c1bfe27175ed12311a0fbaaacf968ff4e12c9fab699e637d9", "dbfb85ae62f3dc5685a277e9586bfec2d541619df88468a969753a63cecd1cbc", "dc47ed6ef9cd98b545f9ee03d70c11e7d209c61836c71094153bb8ecf41b94c2", "ddf6edc02cd37ca1c3c0ed8eb4a3ab72c33b026e5b80588c10168a81ad3626f6", "df5f0cad21970e640270c8e489dc6d2b987d0ac523c2d6e7f502dcf8b645ad0e", "e2c133f3f381d3d6c22fd1953751c32fe4a6b97435588039957aa54d4a4d12bb", "e3b63e60b38a260a64225b7d40a79b3a1803956b892e6144c9e089898423849d", "e40c14a3466e30c2f7d9652069aca91a549b1dde35d43774246ebf3fe13ad5e8", "e5dbeaee4b7b24a05c33211c07fa351e39aacd5cd2056bd218fc44b9a4983812", "e8204db43fe5d1bfb3ca16c9e5328147c53b8207a9fe690ef4d2da1a1477e978", "ea7c5ecd568ff3f8c99091bfd09aa229964f62d9528524dee8ede447c53c3c49", "eb8b5a5c09bd8b37557427615d2f1a41491625df8e9e934f5b9ae21f928dd519", "ed91c029ca3c40ac11d913ecada0bae28b5d84607e20cca507269906267adf68", "f2ce69767835048e333e0f0f3b79e3cb96660a109c253da23badb54b59df195d", "f3655ee88860fda64155ecd63f08f09df2300ab34eb8d7bedb1ab7d5f627224a", "f4691fa312c0fb4376f7a8d89fdd79167e40c366dac3b576219be0651c613110", "f531c81228e90b2a69d227827d50678d136c00dd8678929968b581cbd4d04cf1", "f7b8cb270cf2c15f165a892ae71e1ccbcffc735ee162f6f802a2ebf1a9e6b1e0", "f8c328f6a565835bc5197ed3063793b2eb26dc91b58bc5342cf7bffe7e6f6583", "f8d00301280344011f9ca66ad7e63aa73ba394200a92f336ea796713e6d9ad0b", "f98f49a0b2ce099797462cc8ad431aa724af2d523835533cd71839cf511b0849", "f9dd889db95a5a4d59f4be065771fe80d77d40ee1b47da7d3ec7fac0d8ed91c8", "f9df38c508834fbf0260fb1852a8bb6e47283672af7167ca94ddd62a124153c1", "faf568999042d7f858f6161a04fa930a8de46373e4331edecf4458b41c30c4f7", "fbbbe4a0d4ad135b03ee2b09d18ff07eee5cd0c638345a72d6f99b8aab513823", "fe91c51bb69b6ac611272355cf586c8e9e0bbf2c837f726e853443890f4f4200", "ffa0d15b7c603469d5f3e433070329195873c453187ba570f761e070b985d117", "ffa72db39b81f16fca676cd5a040c5b26610f8bbb1617d45eac7be3e05c9fd46"], "iocs": {"domain": [{"host": "hjhqmbxyinislkkt[.]1j9r76[.]top"}, {"host": "hjhqmbxyinislkkt[.]1bxzyr[.]top"}], "file": [{"path": "%UserProfile%\\documents\\_R_E_A_D___T_H_I_S___9FWW7OX_.txt"}, {"path": "%UserProfile%\\documents\\_R_E_A_D___T_H_I_S___MHSXUD0_.hta"}], "ip": [{"ip": "178[.]33[.]163[.]80"}], "mutex": [{"name": null}, {"name": null}], "registry": [{"key": "<HKLM>\\SYSTEM\\CONTROLSET001\\SERVICES\\NAPAGENT\\LOCALCONFIG\\Enroll\\HcsGroups", "value_name": null}]}}, "Win.Worm.Vobfus-6860533-0": {"category": "Worm", "coverage": {"AMP": true, "CWS": false, "Cloudlock": false, "Email Security": true, "Network Security": false, "Threat Grid": true, "Umbrella": false, "WSA": false}, "description": "Vobfus is a worm that copies itself to external drives and attempts to gain automatic code execution via autorun.inf files. It also modifies the registry so that it will launch when the system is booted. Once installed, it attempts to download follow-on malware from its command and control (C2) servers.", "hashes": ["002c51db9009f2207dd0398defbc9a9f391f327f07105b19ea5c7c9c69ffd674", "0096449116e4ebcd77a9e7c43723e793765974813475ed99aac513bc3d71b5b5", "012ce7db1325159874f9b8925e524ce18b2c62dd230f1b2a674543bd74856137", "0133c6d934996d6ea32ef17d0a6df96dc86a4b45d9e51e702230b167d87a9ed7", "02b3e2b1723573274b6e91e53cd973ed8d5e242f3ddb44369deac8cfb2368778", "06ef151d2aab329341ce68ce7a8b2e7c3b463ca940f47cdd6ce51a864af3266d", "075e36642d1e37cc11c500a2cd2f3ad3fb2af73bce45a1b6e905078f00adac18", "098cee9f87724372cad66c0d7797c8f3cc6832aded95235513799aa8f6061d2c", "0b7af27bf47a48843e14aae81cd6f8c99e82da02c352f34d50d0fb2cca03b66f", "11ef099b691e051efb1eca27aa5d8606157b0e7f0eb83216733e48f82c52ffc1", "139c385377c85ac709c77857adfbed6ac46e0e5f57e4b947d730ab871cea6154", "1b456b78b84fcc6137bc85f0203e29e558c3888c74d610a0ecce19c9008197d4", "1da4ccd179876bcc378ebc4b1f3597e393e3b976cd0f0a7c24c51b9855d3fa91", "21cc803b77f7413c781bcc21a7681470ad926289c28f6d126efb899aac482988", "21ecefddb6898cc39ae277c119f47a84869afa5a798e70dcb58059dcb75c87bb", "25fd3bf11d2ab30e74ccb67cc0ba7563ccbd0a1502b077da80d13239c9ea3b02", "269f9b6e264729a3ff2c71abcb320e07d4ff4e76acf6be1b294c6a4b687beebd", "27d60e838ac4e142d5799628e95138a959bdc9358af047937f1d42f45ab093ca", "27e3fb1689f0fb0ab76d217909cd52a78dd290ce12a13ffe234542c675769eeb", "283293ffdb4838e037561e8ac0df74cdd9181ef046ffb3e5ae0ae2d3614f4b27", "2d2fab79f6d87e2994a60e3a982804fb8d05aa75dc13e9b4bdc9705a9db6247a", "2d60ca16f74ffe613981c2c27d40992f3d309cbe7b4a693f1fb632590f06e278", "2f3f0fabb06ce1a8d3c5bc6c120473a2f597f4050fd4b92747c766ac3af07881", "30755cf5b6934d725fd87dc667fe82b3fd4964d6c55cfdcb327a29e95dd3435d", "313fbcc0ce24e2c0d2c5c6870842feac4f1f2722101037f0c421ac0a9185ea16", "32835471f155e437622a666cddcac14c50af97b4da31866525b635a1b3a15bf5", "363782853887bda771d5767a5c33875cc010dc67c66a0d44aa494f8198d1532e", "4441f98caa7e950ac101d315f2638f01a1a4e3398bc3019798a37c4ac2ae9a9c", "46945420b555c7e8fb4ddd8a8b90281f0d64d3880c578fc982775d1beb6d8487", "474e9b3efccf1138ea865f3bfb9e924c6149a5d8345429cea2474f4a82c4776b", "4a884731898e1efef764a006194e576db9b493f801a4ac869bf77bb9aaec9371", "4aad0ba88ad16f65d5bcc437bad7eeee5aacdfc0bc63347fba42fc6b90a331a6", "4f21198bf92c0b6d992480005f6f85e52c0deb8d7be10491571d46c23c2cf69d", "515324d38a59c9b63ddbb8928a8eb787e77a4b734d274588befd493b38125683", "5409c0b47c77f41792a4d2e8b077e889fb766f8deaeb56112415cdb629883c39", "551d11862aeaf5e94bbcf40146ea79baecd8aca5d48313388ed24b2f5b755a30", "5580bed954824ac68fd0a89ed5e7d038fb49577a39535ab98a5c274578b5e345", "55d503073e6e3ee59a9c15b3f0127ecc77f8d8675052967f11a4ed0b24cc05f4", "5813206ee9ee11f7f57e8fceed131d75947ba2552416e4a94a6e7ad7b0b5ea89", "58a53452349a9c94e3d1aeecf7cc10fa59dfb73f4450917d889a6b4706919ab9", "590a690ac93d2b97bacfafb440faf2f1a1c26aebb35de8ddaff7b2681d96a57a", "5a2371c7c6a3e3922ab2236acf3e3c6b02c9168f842d5de03a0299a23c8e6a05", "5b47bdd421a4678dc56f2f7340f693dba08809ef0c1590b45bf7e1a453d5248e", "5d032419995e9181588fb8e0c541bba49c34a408894f545979372fd0a416e703", "66f9e0f0ac756bfe758f03c946b17438a37dbe0a88fbf9d1ef0191ced5a334ae", "68669f3939900503e4ee4146388bd9c09dde776812bc28d1a28156e1166e9d7e", "6868f29d59fc7802d5f0ef1ef452f97002dbbccba2042bb74a4385866ab57f8b", "68822d55b16c9916e82a63a969de4b361f7452f9cc0565048f8e41d3ffa87750", "694940d22b330d626276d29d1f650591ab31140733bc9ce18e7fb5b434842379", "697eef3c63db8f39f2f3e9a15109fce8508282f589aa597ba3914d185fdf995b", "6cfbd2bfdffc57a93e781352554bd4495a3881952e684a90fd363ce779c72d94", "6cfd8cbeb823ac9872c64b4d15bcec50608a093eef66e8bb890225d1310e690e", "715081a5c80cf225308a69504349d33f82d6dfc118224f06adf118026ea41c51", "757fb4a1f73c18cb73843757a472b67c958d93ce8f576b8881b2849fb2178b42", "76d5f6e6ba613fbd33e5bb04e07a05e61a9732145af2a54fcca47baba4aa515d", "7a4e185787b6328697912abc890f0e4bfd6c7d7f71f0f69fb39962c524be756f", "7b0e972ccb1e71876d9e79908e8442e040384eacf712932598ce0f2b930360a2", "7df1e3484c3ae3e5abfbd1001394281323f245421fef6ca4f6a4a89ef63ea54b", "82529846dc5391a21ec212555769f6fab4a5895bc2fe890c230034ecd041697d", "86bf35ddd3e52882db3e852fcacaa3735443d7647dc325860f75198a785edab5", "884845032ef79cf2c3e8dd3d8ae0e2e7b1d482a9f4e76552dcb8a2d6f2e79e15", "8d791beb2a56ea12b9d170686e06e7129d21387e2dadfb6e55943ce162be6b65", "916fb432e14be848d03f3c46289bd8732d4c6a6d8ad844abf8efef92a7c0c23e", "931749232c3a9d9e604b3c54d85c80da68dd2ecc6bb765cc0b14c57edbd1b3e5", "9464952a96ab36312b689da5a89253661f98f16bf0fc9772d49352ad62574ef5", "993253b14778e8dcfa17835041b572597c369cb658e423cbed71dc071f93aa2d", "99ad9ab08d498e7a99f25895ae7b7fb4feb3b50e9e2b825d8ffa524329efcc15", "9d08c386a4bcecfd62d97b047eb31b710ffaeea5ae56aa3f63588695aa757216", "9d6f3c01f23ae5d83150ba605625b3576c4d009713abbf9ecbef87563d4752d3", "9df4e170b62c7f08839c035f7d93f9b2fddffeeec4da97d05f9cf4e905f7fff4", "a16b5f31f3675a2ec82c2082b4def478b2bb80ce6946926490d9d3758ee31beb", "a1942e1d579fe5c6f4451c206fba1de0b31d3740287dfce2551d6162e6d12bfb", "a1c3a6a2ee4e353449a6991bb5f17ed437877dc71316334f2c05de0101bafd58", "a3bd66efa3d70a93ae2c029bab4e639c73c162fc1521877e225a0ff06401d035", "a512deed7aa3ad105f6ba1ec06c8d7f545258bdc91ac88d9b344119d2dcda461", "a5c4c113942b2f95c318a9cfa2eeb22f47fd7f5b93e4a6571a83e72c031d87c4", "a7ceb14ed6be475e8eb895621eced51ff28bffbeb996cf8bc60c6eadfe70b8bd", "a881880aa074f6b88db224211eb83f6efa30c58ae1b5ec53b9e0c2857868d2f0", "ab75ae647dde4ccd54089b574b96500f3f31422f3e35b945360cd1005c0a4aac", "ad2a72d0f333ff0c1c81e19487d53ad35d3f948251a9722c0ccd5d72fc21dbe5", "ae042dc5740b052a0286aa4e6610b61780c3271e2c5b6878fb40e5008f7b6c29", "b24c19393b51041aa3fd53fd579973edfd7634dd50967c85deea13297eb45cef", "b428190bc9559c8af81b8935b80e74bcbd89f56d65551063e1056bf874357129", "b78eb9aae5cc41479d71af3cc59c2300eb8da012cc4423e929eba5801cb5329d", "b8415e0d00ebaa46bc4c64909068cd7acda92c156d419a8c026d1c67b9919c91", "b8e3b49b7bec03c06dfbfd4c7d21406ac77e8dfa0007090625703bc0c15dcdf1", "bb8b6394b8ec9b0a86a42f9418e2c29c8410e5efd9cac9e2c660aad35482374e", "c2227ef57dd63951ddbfc447c08928c4d9beda4db7df231a3ce66f5c6086083b", "c3ed36b86cb100b77acb349479718207c46bf46545e847995064d662b9b79b0b", "c558eadb6551147355b443a120d372994e2eb2d16b4b4fa92197d39bb0e82fba", "c6c863fc9215526ef5c6a93f56e9e833b0f286406acbdd205300ee5674f39674", "c82a523e81b4f61a76003316b3c810bf9f7a8a64970523a82836db015bb28994", "ca9c91a76156134eff2d656cd26900355208e27656f8a03779887b8c3215ec0e", "cab6be8c6f401ebd5512427aa58b9fcee15e57a54f33e9219fa5df4b3a121af9", "cfcf9ea4d6f5311d298561197258c9e2090bcb81964f7b1b665752a658ade0cb", "d3fea1f5f89394bbac974f77accbeddea8b0baca9152250ac9619c4389ca1234", "da50e1d9026647dbc418ec806ad550fb4f338baebe5b1ed9d7b9621bf95c2578", "dce4ff8c768784c57a4a3e112443d7b8ae8017f7c3c1a62b9ad547d9e6d8db8e", "e0c59a291beae575c7c248530d84791bc1259b6d2ca0c550abb5f1bc1fd903e1", "e2f672f8bc3be40b5b6ef9491eec921c8e66e8027301dfe6e140097fa329401d", "e3df897566256e3eb56fae8eb7d07749b0958773acd6959f78bc7e43886e7ea8", "e798c82e09c8c7d7a37161517ff2750dc3780ebc052366af52ffa6f0eb90cd18", "ea040edd0a0ed6dedb7d4e928cbbc7dea0ef04bb0b20dc41a2fe8257a2465c90", "eb6be259603f284590ebc6722845a0128bfb5c827dec04daa4ec6eccbd209b71", "ebe994eb7e6cf6ff2b8cda0c6a8ad054a50f5db881138a3ab00ef7850ffed1c5", "ee4fd2de0df7bfc75164e9747a72015d878f178887ea3eea148b0841e132772e", "f0adeb49d1475b2ca8b41c1a99d9060c9aff83cda780bbb22e501d5740d6827b", "f11bb7942e8a46790d6a317b4a2bf1b08dc321f45520750e7cf9bc5935a3d259", "f2c8418f5ea001082e7a8dbf8734116204af9ace1f03376463e3c7503786c367", "f3103aef26a97dc667d827793288b7a3fc7de5496c4c3a7c253dcbb9c0654d95", "fbf1c966d6d2c81339507dac3517ebc06f5025932f0bda866cb9f42ffbb99089", "fc2b9a75bab5a29591fafe6c2ae0b8bfc5a1ee71a813a738eba61b9977768a36", "fef120c40c0d0df34cebf5b6491a05d791235e78695b16e357bef57bbc9db52e", "ff11e4741c2e2ff24356089f0a3598e117ac6d75b017565cd32b57329c2d9834", "ffc2f5bb007a46318cf6a62768e88b3111d87a1b989c585b526dadf517573ec5"], "iocs": {"domain": [{"host": "49161[.]dnst2[.]net"}, {"host": "49161[.]DNST2[.]NET"}, {"host": "88818[.]dnst2[.]net"}], "file": [], "ip": [], "mutex": [{"name": null}], "registry": []}}, "info": {"origin": "Cisco Talos Intelligence Group", "publication_date": "2019-02-22T11:00:00+00:00", "version": "1.0", "warning": "As a reminder, the information provided for the following threatsin this post is non-exhaustive and current as of the date ofpublication. Additionally, please keep in mind that IOC searchingis only one part of threat hunting. Spotting a single IOC does notnecessarily indicate maliciousness. Detection and coverage for thefollowing threats is subject to updates, pending additional threator vulnerability analysis. For the most current information, pleaserefer to your Firepower Management Center, Snort.org, or ClamAV.net."}, "signatures": ["Doc.Downloader.Emotet-6861668-0", "Win.Packed.Nymaim-6860565-0", "Win.Malware.Icloader-6860563-0", "Win.Malware.Bublik-6860562-0", "Win.Ransomware.Razy-6860532-0", "Win.Worm.Vobfus-6860533-0"]}