Sample File: MD5 hash: f967147bced6384ece805fcdbc5a6321 SHA1 hash: 1a9a2d7365666f1f4ba1a49ae3f1a596fb7c237c SHA256 hash: 3f83fd42af95185e19e537708dccdf1539dcab1ce73783c2741b4c1929dcc020 SSDEEP hash: 96:aRjrpEyc8JJTU6JjrrT8079yWYbM8GJe19z5LbTkJzNt:aRjrpEh8BVHTF9n8qe9L8r Filename(s): server.exe Filetype: Windows Exe (x86-32) Mutex IOCs: - None - Registry Key IOCs: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\AppContext HKEY_LOCAL_MACHINE Domain IOCs: - None - IP IOCs: - None - URL IOCs: - None - File IOCs: Filenames: C:\Users\FD1HVy\Desktop\2Hg5l.gif.gesd C:\Users\FD1HVy\Desktop\4x-aHVjSuhGt\0DMmlx9_Xue2bwnQn.mp4 C:\Users\FD1HVy\Desktop\4x-aHVjSuhGt\BauUvkVwffW\hlDtZz4UCp.mp4 C:\Users\FD1HVy\Desktop\eQq0M5fMwGq3zz4_\beYTvemo WHyub.gif C:\Users\FD1HVy\Desktop\eQq0M5fMwGq3zz4_\MWmNERoZILn0Ybcr4.mp4 C:\Users\FD1HVy\Desktop\ C:\Users\FD1HVy\Desktop\4x-aHVjSuhGt\0DMmlx9_Xue2bwnQn.mp4.gesd C:\Users\FD1HVy\Desktop\eQq0M5fMwGq3zz4_\MWmNERoZILn0Ybcr4.mp4.gesd C:\Users\FD1HVy\Desktop\DFjzzJpyhgWZUBvwACh.gif.gesd C:\Users\FD1HVy\Desktop\mvO-F_9WXmNrgc9I ZIF.gif.gesd C:\Users\FD1HVy\Desktop\4x-aHVjSuhGt\_uQQT\5wCk2jY-mhp 4kf.png C:\Users\FD1HVy\Desktop\READ THIS!!!!.txt C:\Users\FD1HVy\Desktop\DFjzzJpyhgWZUBvwACh.gif C:\Users\FD1HVy\Desktop\PotYY.avi C:\Users\FD1HVy\Desktop\qZTD6h5E.mp4.gesd C:\Users\FD1HVy\Desktop\3H9gaz7jvQxnR.mp4 C:\Users\FD1HVy\Desktop\server.exe C:\Users\FD1HVy\Desktop\4x-aHVjSuhGt\BauUvkVwffW\udDHWmLl.mp4.gesd C:\Users\FD1HVy\Desktop\4x-aHVjSuhGt\_uQQT\iAsPdh\eAS hfLZwYJsat.png C:\Users\FD1HVy\Desktop\4x-aHVjSuhGt\BauUvkVwffW\udDHWmLl.mp4 C:\Users\FD1HVy\Desktop\eQq0M5fMwGq3zz4_\eVui.docx C:\Users\FD1HVy\Desktop\qZTD6h5E.mp4 C:\Users\FD1HVy\Desktop\eQq0M5fMwGq3zz4_\eVui.docx.gesd C:\Users\FD1HVy\Desktop\2Hg5l.gif C:\Users\FD1HVy\Desktop\zP30mJFNxuSE8wXDofC.avi C:\Users\FD1HVy\Desktop\zP30mJFNxuSE8wXDofC.avi.gesd C:\Users\FD1HVy\Desktop\eQq0M5fMwGq3zz4_\beYTvemo WHyub.gif.gesd C:\Users\FD1HVy\Desktop\4x-aHVjSuhGt\_uQQT\iAsPdh\eAS hfLZwYJsat.png.gesd C:\Users\FD1HVy\Desktop\J3raR3n8dk7ENtsBj8F.png.gesd C:\Users\FD1HVy\Desktop\4x-aHVjSuhGt\BauUvkVwffW\hlDtZz4UCp.mp4.gesd C:\Users\FD1HVy\Desktop\mvO-F_9WXmNrgc9I ZIF.gif C:\Users\FD1HVy\Desktop\3H9gaz7jvQxnR.mp4.gesd C:\Users\FD1HVy\Desktop\J3raR3n8dk7ENtsBj8F.png C:\Users\FD1HVy\Desktop\4x-aHVjSuhGt\_uQQT\5wCk2jY-mhp 4kf.png.gesd MD5 hashes: 51a52a88cdb0c519aa32445d529d83be 26ebc994a912ebbd4667716803dd1781 4ebc35e6b30a84798439667cbab24f7e 19ee632ed772f0fd30503de7974aee1c e16b81682cbb9b598ada4c2878e09795 403ecb7d38f52234cfda02f3b638c33b b5454126506cb970d137c5d78897f7b7 a3a945ecd7a88b9dda9058518beab43e a3eb552c896b2ac78db8c3f9e0aa3b59 64e0d2fcaddbea4f82cd25156aa052b7 6d3d8643e6d71166a79a5943b7e6f53e b803e2e816a4e43015d732fdb4e65607 f9ff6dd7dbb09055a3b68f437eae22c1 4b2d7f1d29470a83f6d54741a1509ef0 8d2915ea193c636eb777aa5931de1e1b 4665fbb1f468308c14351906d6fddfaa f967147bced6384ece805fcdbc5a6321 SHA1 hashes: 946424d0ff244a6c3358f729a64f63ce3e6ea33a 7428a09239b81481a74cebf6cc8fb87d7accf920 3c70849af39a159291860b6b0cf1ab4b3fb718dd 04b929655911b2eae965d1bb70752615d5c1ff04 b88f61c46abd3d1b0d548f580813997634102811 d3b37239e3ad29be7b144999930f9905faf78404 d99805db1101631eab37d0f38a1a12987a3c718f f12e68fbc2c2d850fb7979a26cd9ed79879a7e0a 1a9a2d7365666f1f4ba1a49ae3f1a596fb7c237c 5984e7bf00b8a93cea5731ff82ece80bd712229d fdf09513a7456e35e1468941aa40cd216d255cf8 1dd1c00f40ee240f0337cd1c708bddb7fadd9551 a385b882b9d0efe95a054ed9f9b3685973050cce 6bf0bb64ec988f651752d39bd6e780078b06166d df61bbc620fe4351809251a7ef3f624b4da05561 bf4f4e51b60598f18825e30f1ca4ae958b15bdfa e2b9accb2a632e777f8138d305b81d5da449fffd SHA256 hashes: 4258d1d619323fcc2ead32892e678d2cb5040b7a6c67dcf0ac83d5be81724259 71785568d983922e402e35404f259cd06df5eecbb2fab3aa10c7c4e01aadde01 38758d3f027f8ca9aec215bdab48b5b673e9440fc7d5d5f6f10064545e50a7d9 f922f4ec1003efe1c7bf2e1fcf26e161961caf8b3659fe686a51d391f399d6f0 add232f1064dbd14661acee6e66b131bdca67bd59aaf3a3b7fc3d8c98579a525 296ca8ada4f3a91331e01e299b4ec15c3ac283d83fbe01e9e055a239855b72e3 38b9d64b85b506f72f4121c623838ed253e9d33a708862ed81525c7147e78c3f 37c86fb1ba5b26bd1c22c898a1f9712795ccead1b49c4fb00a806996ed0032f3 513636279a2606317047e3b0584c9ed1736ca5d9686dc37482f702f6b39ce3dc 3b76d2cbeb0a5bba9d08a29b200f82667fb249156de6c70d9d9fc15c6f257309 8bf5c0e0fd177c0cdbdb6f7dcc0f52e5f660da0c9daabde253cc426b7120afa0 54ea5540db19334d09617f859cfc6e0b9a50a78b12b33bca40192dbbe959e811 947f7203f8b94aa169cf983a673a26a3d02c2528a2d92117210f0a3043bffcfd 584a9917252d2c11124f312e76c6ec253223a0bb0da1fdfef4d0e8782f06d226 3f83fd42af95185e19e537708dccdf1539dcab1ce73783c2741b4c1929dcc020 504a605754d9355f3bb53ebe01f6adab77970f9cc95206e0910a3051b2d2a079 dd59ceaf2eeff363430e396d1ec3f45afbfed931ef6e17059ac0d9c53ea87746 SSDEEP hashes: 768:H8tX+qy3JrbBI3sIJgKU9h28NN6eHoPQMp/xaf8POrlazy658J5qd2iYCsVh:H8tPGPBI3pOKGh28NNnHooPOOrl+8JUa 1536:lPY1sfpsyFosRfmylZk/HOqwUs3/FrP5DDcUXr+4py6BKitp:l5fps2RL6/Fy3t9DcU06N3 384:QzqdEpaa1k1ZGWxaZRZi2zL4XBrEMX53LphdS+E1cX/b08xOH13M7Q:iH1k1ZGjZRZiy4XS+5vETm7Q 3:7dRisFE2Lmq9pW5axiJACJiG0AFKLQ4DXF84obv:/isFEsw47Cn5T6F84o 1536:aWM41jDpgt9ntGWVlY3jNbIA9/jqelC2r9t6TXYs+nN34y9rKNykIf4b1JZ9eFk5:aWMWt0ntVlY3jNbI0j315t6TMxv/GN9x 192:l64U1ph4RYS07kbxd4CTypnH+V8Q7zTT+QlkPUh7QUL9um/:wh4kkbD45pnHULzTT+QlkPUh7Mi 1536:UrUT4x+NCx7os6wZIFXMSZp3i8ibX1nYrRQHW1fmssltP0tZZw:qx+NCxFIFXPZpW6rqmfmnWw 768:4S5OreCT6hscT/30jCyoUfjLR+WNuowbKgkWBnDxlVrcRftm:4Jrb+SE/EF3gWMnKC 384:a04wyjBd+45trRgTirTKevI/2XxJbG+2k7npCyL:SwkBrrRgTMTKevI/2BYFk7pJL 1536:cxDGczV4+JmQRnR1Pdqv+ox/PY1TmclnUHfjstV6E5amEcaZVJAkvWGaC5:6ty+JB1m+o+1ScCYtIEs6QVJAUtaI 384:QyzCEBBcFUQptz3VDwjyH/2jX+GqIwGMDHGxF8fC+3f3HVgBsZExhfGjY69El:7CEBBMUQptzlsE/kkH5fCeCBsZE/OjYL 384:ExbtrWNvZ3dKltxmWQVUx99cWZZizM5MQ9PfzSVqL4x2ayqFrB7:ExbtIR3dKlurKx3XCg93zl4EaLFrZ 1536:UwpL5WiC8pFUZXYfpcr+rMYVgdqAaDGG09aCn21unGtzJmturQmjfR:1pYDZXYRcr3xf8CkkUEtuUifR 96:aRjrpEyc8JJTU6JjrrT8079yWYbM8GJe19z5LbTkJzNt:aRjrpEh8BVHTF9n8qe9L8r 1536:+hrqKTQERAra1xEPe543tN9bNZjhs4nditVh30jtGqquaru1VGAGZiHKxCVLE:SqKTQERB43H9bNwEMtP8pqlru+5Ziqx9 192:HTYS7kFFtgvfArIpaFNLQujxGclnw/o64QrLsVWT+:zYS7kLtcArIgNLQdclwnbMg+ 1536:3Y1olRJjoGXD27SpmhP7d2EVPR4qRqupk2:3wtGS7SQzUEVzRquk2