- 扫描 ID:
- eef5bc44-e3c4-4291-a372-8f291b7dc505已完成
- 提交的 URL:
- https://tria.ge/240622-axczpascnm
- 报告完成时间:
链接 · 找到 19 个
从页面中识别出的传出链接
链接 | 文本 |
---|---|
https://attack.mitre.org/versions/v15/tactics/TA0043 | Reconnaissance |
https://attack.mitre.org/versions/v15/tactics/TA0042 | Resource Development |
https://attack.mitre.org/versions/v15/tactics/TA0001 | Initial Access |
https://attack.mitre.org/versions/v15/tactics/TA0002 | Execution |
https://attack.mitre.org/versions/v15/tactics/TA0003 | Persistence |
https://attack.mitre.org/versions/v15/techniques/T1546 | Event Triggered Execution1T1546 |
https://attack.mitre.org/versions/v15/techniques/T1546/012 | Image File Execution Options Injection1T1546.012 |
https://attack.mitre.org/versions/v15/tactics/TA0004 | Privilege Escalation |
https://attack.mitre.org/versions/v15/tactics/TA0005 | Defense Evasion |
https://attack.mitre.org/versions/v15/tactics/TA0006 | Credential Access |
JavaScript 变量 · 找到 13 个
在页面窗口对象上加载的全局 JavaScript 变量是在函数外部声明的变量,可以从当前范围内的代码中的任何位置访问
名称 | 类型 |
---|---|
onbeforetoggle | object |
documentPictureInPicture | object |
onscrollend | object |
ttp_lookup | object |
page_data | object |
user | object |
csrf_token | string |
darkmode | boolean |
permissions | object |
isPrivate | boolean |
控制台日志消息 · 找到 0 条
记录到 Web 控制台的消息
HTML
页面的原始 HTML 正文
<!DOCTYPE html><html lang="en-US"><head>
<meta charset="utf-8">
<meta name="msapplication-TileColor" content="#da532c">
<link rel="stylesheet" type="text/css" href="/static/css/common.css?c=8ce3b8b">
<link rel="stylesheet" type="text/css" href="/static/css/report.css?c=8ce3b8b">
<link rel="stylesheet" type="text/css" href="/static/css/report_overview.css?c=8ce3b8b">
<link rel="apple-touch-icon" href="static/icons/apple-touch-icon.png">
<meta name="viewport" content="width=device-width, initial-scale=1">
<script nonce="">
document.addEventListener("DOMContentLoaded", () => {
if (!document.getElementById("end-mark")) {
const d = document.createElement('div');
d.setAttribute('style', 'background: white; color: black; font-size: 14pt; padding: 1em');
d.textContent = 'Template failed to render.';
document.body.prepend(d);
}
});
</script>
<link rel="icon" href="/static/icons/favicon_triage.ico" type="image/x-icon"><meta name="description" content="Check this report malware sample
73f5eee95f0d5250f5d2f7a29702700537ebe6c08861d4ddfefc09d485f0f65e, with a score of 9 out of 10.">
<meta name="keywords" content="triage, malware, analysis, report, reported, analysis, analyze, sandbox, malware">
<meta name="og:title" content=" 73f5eee95f0d5250f5d2f7a29702700537ebe6c08861d4ddfefc09d485f0f65e | Triage">
<meta name="og:type" content="page">
<meta name="og:description" content="Check this report malware sample
73f5eee95f0d5250f5d2f7a29702700537ebe6c08861d4ddfefc09d485f0f65e, with a score of 9 out of 10.">
<title> 73f5eee95f0d5250f5d2f7a29702700537ebe6c08861d4ddfefc09d485f0f65e | Triage </title>
</head>
<body id="overview" data-theme="light">
<main class="app app__container">
<header class="app__header"><nav class="main-nav">
<a class="main-nav__logo-holder" href="/">
<svg aria-label="Recorded Future Triage - Malware Analysis Sandbox" width="128" height="46" viewBox="0 0 128 46" fill="none" xmlns="http://www.w3.org/2000/svg">
<path d="M0.130859 2.88062H4.77317C7.61404 2.88062 9.13805 4.48448 9.13805 6.8596C9.13805 8.54709 8.23548 9.54695 6.77805 10.1361L9.59118 15.3212H7.08877L4.31449 10.1361H2.37248V15.3212H0.130859V2.88062ZM4.44025 8.27018C6.10483 8.27018 6.84464 7.80185 6.84464 6.5195C6.84464 5.44159 6.09558 4.76882 4.42176 4.76882H2.37248V8.2646L4.44025 8.27018Z" fill="var(--default-text, #000)"></path>
<path d="M18.9644 10.5095C18.9644 7.66046 20.6807 5.68677 23.4032 5.68677C25.6689 5.68677 27.241 7.01557 27.3926 9.03201H25.299C25.1307 8.13251 24.4833 7.45231 23.431 7.45231C22.0827 7.45231 21.1819 8.58226 21.1819 10.4649C21.1819 12.3475 22.0642 13.5202 23.431 13.5202C24.3927 13.5202 25.1122 12.9441 25.299 11.9424H27.3908C27.2336 13.9217 25.7466 15.3136 23.4125 15.3136C20.6382 15.3211 18.9644 13.3344 18.9644 10.5095Z" fill="var(--default-text, #000)"></path>
<path d="M27.94 10.5095C27.94 7.61772 29.6693 5.68677 32.3899 5.68677C35.1106 5.68677 36.8399 7.61958 36.8399 10.5095C36.8399 13.3994 35.1106 15.3211 32.3899 15.3211C29.6693 15.3211 27.94 13.3938 27.94 10.5095ZM34.6204 10.5095C34.6204 8.80156 33.8806 7.43559 32.401 7.43559C30.9214 7.43559 30.1575 8.80156 30.1575 10.5095C30.1575 12.2174 30.8973 13.5667 32.4029 13.5667C33.9084 13.5667 34.6204 12.21 34.6204 10.5039V10.5095Z" fill="var(--default-text, #000)"></path>
<path d="M37.4688 5.98981H39.5902V7.54535H39.6863C39.8276 7.04855 40.1292 6.61302 40.5437 6.30722C40.9582 6.00143 41.462 5.8427 41.9761 5.856C42.2392 5.85626 42.502 5.87676 42.7621 5.91733V7.93934C42.4299 7.85632 42.089 7.81389 41.7467 7.81297C40.5445 7.81297 39.6549 8.65114 39.6549 9.83498V15.3212H37.4688V5.98981Z" fill="var(--default-text, #000)"></path>
<path d="M42.9732 10.6676C42.9732 7.55655 44.6599 5.86906 46.8054 5.86906C48.444 5.86906 49.1265 6.85963 49.4594 7.54168H49.5593V2.89551H51.7528V15.3212H49.5926V13.8512H49.4594C49.1154 14.5314 48.4015 15.3212 46.8054 15.3212C44.6174 15.3212 42.9732 13.7415 42.9732 10.6676ZM49.5926 10.6546C49.5926 8.84447 48.8177 7.68107 47.4102 7.68107C45.9527 7.68107 45.2037 8.9281 45.2037 10.6546C45.2037 12.3811 45.9657 13.6802 47.4102 13.6802C48.8066 13.6802 49.5926 12.4648 49.5926 10.6546Z" fill="var(--default-text, #000)"></path>
<path d="M62.0913 10.6676C62.0913 7.55655 63.7762 5.86906 65.9235 5.86906C67.5622 5.86906 68.2447 6.85963 68.5776 7.54168H68.6682V2.89551H70.8618V15.3212H68.7108V13.8512H68.5776C68.2317 14.5314 67.5123 15.3119 65.918 15.3119C63.7282 15.3119 62.0913 13.7415 62.0913 10.6676ZM68.7108 10.6546C68.7108 8.84447 67.9358 7.68107 66.5283 7.68107C65.0709 7.68107 64.3218 8.9281 64.3218 10.6546C64.3218 12.3811 65.082 13.6802 66.5283 13.6802C67.9247 13.6802 68.7108 12.4648 68.7108 10.6546Z" fill="var(--default-text, #000)"></path>
<path d="M75.8223 2.88062H83.7549V4.76882H78.0639V8.24788H83.2074V10.1361H78.0639V15.3212H75.8223V2.88062Z" fill="var(--default-text, #000)"></path>
<path d="M90.1803 5.98971H92.3683V15.3211H90.2487V13.6615H90.1526C89.729 14.7059 88.7488 15.3211 87.3579 15.3211C85.5325 15.3211 84.2637 14.1726 84.2637 11.9312V5.98413H86.4517V11.5911C86.4517 12.775 87.1526 13.5221 88.205 13.5221C89.1723 13.5221 90.1822 12.8177 90.1822 11.396L90.1803 5.98971Z" fill="var(--default-text, #000)"></path>
<path d="M98.4032 7.69019H96.5722V12.5222C96.5722 13.4087 97.0124 13.602 97.5636 13.602C97.7791 13.5966 97.9932 13.5661 98.2016 13.5109L98.5716 15.2393C98.1531 15.3758 97.7168 15.4491 97.2769 15.4567C95.6327 15.5051 94.3639 14.6427 94.375 12.8883V7.69019H93.0581V5.98969H94.375V3.75952H96.5648V5.98969H98.3958L98.4032 7.69019Z" fill="var(--default-text, #000)"></path>
<path d="M105.302 5.98971H107.49V15.3211H105.368V13.6615H105.272C104.849 14.7059 103.87 15.3211 102.479 15.3211C100.654 15.3211 99.3838 14.1726 99.3838 11.9312V5.98413H101.571V11.5911C101.571 12.775 102.274 13.5221 103.325 13.5221C104.292 13.5221 105.302 12.8177 105.302 11.396V5.98971Z" fill="var(--default-text, #000)"></path>
<path d="M108.886 5.98985H111.009V7.54539H111.105C111.247 7.04828 111.548 6.61252 111.963 6.30669C112.378 6.00086 112.882 5.84233 113.397 5.85605C113.66 5.85631 113.923 5.87681 114.183 5.91737V7.93939C113.851 7.85649 113.51 7.81406 113.167 7.81301C111.963 7.81301 111.076 8.65118 111.076 9.83503V15.3212H108.886V5.98985Z" fill="var(--default-text, #000)"></path>
<path d="M122.887 4.76682C122.887 4.35779 123.008 3.95805 123.235 3.61814C123.461 3.27822 123.783 3.01339 124.159 2.85712C124.535 2.70084 124.949 2.66015 125.348 2.74017C125.747 2.82019 126.114 3.01734 126.401 3.3067C126.689 3.59605 126.885 3.96462 126.964 4.36582C127.044 4.76701 127.003 5.18282 126.847 5.56067C126.691 5.93853 126.427 6.26147 126.089 6.48868C125.75 6.71588 125.352 6.83715 124.945 6.83715C124.675 6.83715 124.407 6.78359 124.157 6.67952C123.907 6.57545 123.68 6.42292 123.489 6.23065C123.298 6.03838 123.146 5.81013 123.043 5.55896C122.94 5.30778 122.886 5.03861 122.887 4.76682ZM126.621 4.76682C126.621 4.4338 126.523 4.10826 126.339 3.83136C126.154 3.55447 125.893 3.33865 125.587 3.21121C125.28 3.08377 124.943 3.05043 124.618 3.11539C124.293 3.18036 123.995 3.34073 123.76 3.57621C123.526 3.81169 123.366 4.11171 123.302 4.43833C123.237 4.76495 123.27 5.1035 123.397 5.41117C123.524 5.71884 123.739 5.98181 124.014 6.16682C124.29 6.35184 124.614 6.45059 124.945 6.45059C125.165 6.45083 125.383 6.40745 125.587 6.32292C125.79 6.23839 125.975 6.11437 126.131 5.95797C126.286 5.80157 126.41 5.61585 126.494 5.41146C126.578 5.20706 126.621 4.988 126.621 4.76682ZM124.248 3.78926H125.16C125.238 3.78799 125.316 3.80263 125.389 3.8323C125.461 3.86197 125.527 3.90607 125.582 3.96194C125.638 4.01782 125.681 4.08432 125.71 4.15748C125.739 4.23063 125.753 4.30893 125.752 4.38769C125.754 4.50209 125.725 4.615 125.667 4.71356C125.61 4.81213 125.525 4.89239 125.424 4.94523L125.829 5.70348H125.459L125.102 5.01771H124.581V5.70348H124.248V3.78926ZM125.053 4.75195C125.1 4.75215 125.146 4.74243 125.19 4.72339C125.233 4.70436 125.272 4.67644 125.304 4.64144C125.336 4.60643 125.36 4.56511 125.375 4.52013C125.39 4.47514 125.395 4.4275 125.391 4.38025C125.395 4.33549 125.388 4.29048 125.373 4.24829C125.358 4.20611 125.334 4.16774 125.302 4.13581C125.271 4.10388 125.233 4.07914 125.191 4.06327C125.149 4.0474 125.104 4.04079 125.06 4.04387H124.581V4.74451L125.053 4.75195Z" fill="var(--default-text, #000)"></path>
<path d="M114.187 10.7102C114.187 7.82958 115.923 5.8689 118.583 5.8689C120.867 5.8689 122.826 7.30735 122.826 10.582V11.2566H116.352C116.371 12.8549 117.307 13.6076 118.722 13.6076C119.665 13.6076 120.386 13.3771 120.686 12.5873H122.82C122.434 14.2079 121.021 15.3211 118.692 15.3211C115.897 15.3211 114.187 13.6373 114.187 10.7102ZM120.728 9.78098C120.717 8.51164 119.87 7.58798 118.612 7.58798C117.307 7.58798 116.43 8.59156 116.363 9.78098H120.728Z" fill="var(--default-text, #000)"></path>
<path d="M52.6885 10.7102C52.6885 7.82958 54.4233 5.8689 57.083 5.8689C59.369 5.8689 61.3276 7.30735 61.3276 10.582V11.2566H54.8543C54.8728 12.8549 55.8105 13.6076 57.2235 13.6076C58.1668 13.6076 58.8881 13.3771 59.1896 12.5873H61.3239C60.9355 14.2079 59.5243 15.3211 57.1939 15.3211C54.3993 15.3211 52.6885 13.6373 52.6885 10.7102ZM59.2284 9.78098C59.2173 8.51164 58.3702 7.58798 57.1125 7.58798C55.8068 7.58798 54.9301 8.59156 54.8635 9.78098H59.2284Z" fill="var(--default-text, #000)"></path>
<path d="M9.73535 10.7102C9.73535 7.82958 11.4702 5.8689 14.1298 5.8689C16.4158 5.8689 18.3745 7.30735 18.3745 10.582V11.2566H11.9012C11.9197 12.8549 12.8574 13.6076 14.2723 13.6076C15.2155 13.6076 15.9368 13.3771 16.2364 12.5873H18.3708C17.9842 14.2079 16.5712 15.3211 14.2408 15.3211C11.4462 15.3211 9.73535 13.6373 9.73535 10.7102ZM16.2771 9.78098C16.2642 8.51164 15.4171 7.58798 14.1613 7.58798C12.8555 7.58798 11.9788 8.59156 11.9123 9.78098H16.2771Z" fill="var(--default-text, #000)"></path>
<path fill-rule="evenodd" clip-rule="evenodd" d="M102.824 22.3281V40.3071L112.009 31.2412L121.112 22.3281H102.824Z" fill="#FC493E"></path>
<path fill-rule="evenodd" clip-rule="evenodd" d="M77.7979 22.3281L86.9008 31.2412L96.0864 40.3071V22.3281H77.7979Z" fill="#FC493E"></path>
<path d="M0 24.9876V21.8182H14.9325V24.9876H9.36612V40.0001H5.56641V24.9876H0Z" fill="var(--default-text, #000)"></path>
<path d="M15.9043 40.0001V26.3637H19.5708V28.743H19.7128C19.9614 27.8966 20.3787 27.2574 20.9646 26.8254C21.5506 26.3874 22.2253 26.1684 22.9888 26.1684C23.1782 26.1684 23.3824 26.1802 23.6013 26.2039C23.8203 26.2276 24.0127 26.2601 24.1784 26.3016V29.6574C24.0008 29.6041 23.7552 29.5568 23.4415 29.5153C23.1279 29.4739 22.8408 29.4532 22.5804 29.4532C22.024 29.4532 21.5269 29.5745 21.0889 29.8172C20.6569 30.0539 20.3136 30.3854 20.0591 30.8115C19.8105 31.2376 19.6862 31.7289 19.6862 32.2852V40.0001H15.9043Z" fill="var(--default-text, #000)"></path>
<path d="M26.1342 40.0001V26.3637H29.9162V40.0001H26.1342ZM28.0341 24.6059C27.4718 24.6059 26.9895 24.4195 26.587 24.0466C26.1905 23.6678 25.9922 23.215 25.9922 22.6883C25.9922 22.1674 26.1905 21.7206 26.587 21.3477C26.9895 20.9689 27.4718 20.7795 28.0341 20.7795C28.5964 20.7795 29.0758 20.9689 29.4723 21.3477C29.8748 21.7206 30.076 22.1674 30.076 22.6883C30.076 23.215 29.8748 23.6678 29.4723 24.0466C29.0758 24.4195 28.5964 24.6059 28.0341 24.6059Z" fill="var(--default-text, #000)"></path>
<path d="M36.8343 40.2575C35.9642 40.2575 35.1889 40.1066 34.5083 39.8048C33.8276 39.497 33.289 39.0442 32.8925 38.4464C32.5019 37.8428 32.3066 37.0911 32.3066 36.1915C32.3066 35.4339 32.4457 34.7977 32.7238 34.2827C33.002 33.7678 33.3808 33.3535 33.8602 33.0398C34.3396 32.7262 34.8841 32.4894 35.4937 32.3296C36.1092 32.1698 36.7544 32.0574 37.4291 31.9923C38.2222 31.9094 38.8614 31.8325 39.3467 31.7614C39.832 31.6845 40.1842 31.572 40.4032 31.4241C40.6221 31.2761 40.7316 31.0571 40.7316 30.7671V30.7138C40.7316 30.1516 40.5541 29.7166 40.199 29.4088C39.8498 29.101 39.3526 28.9472 38.7075 28.9472C38.0269 28.9472 37.4853 29.0981 37.0828 29.3999C36.6804 29.6959 36.414 30.0687 36.2838 30.5185L32.786 30.2344C32.9635 29.4058 33.3127 28.6897 33.8336 28.086C34.3544 27.4764 35.0261 27.0088 35.8488 26.6833C36.6774 26.3519 37.6362 26.1861 38.7252 26.1861C39.4828 26.1861 40.2078 26.2749 40.9003 26.4525C41.5987 26.63 42.2172 26.9053 42.7558 27.2781C43.3003 27.651 43.7294 28.1304 44.0431 28.7163C44.3568 29.2964 44.5136 29.9918 44.5136 30.8026V40.0001H40.9269V38.1091H40.8204C40.6014 38.5352 40.3085 38.9111 39.9415 39.2366C39.5746 39.5562 39.1336 39.8077 38.6187 39.9912C38.1038 40.1687 37.509 40.2575 36.8343 40.2575ZM37.9174 37.6474C38.4737 37.6474 38.9649 37.5379 39.3911 37.319C39.8172 37.0941 40.1516 36.7922 40.3943 36.4134C40.6369 36.0346 40.7583 35.6055 40.7583 35.1261V33.679C40.6399 33.756 40.4771 33.827 40.27 33.8921C40.0688 33.9513 39.8409 34.0075 39.5864 34.0608C39.3319 34.1081 39.0774 34.1525 38.8229 34.194C38.5684 34.2295 38.3376 34.262 38.1304 34.2916C37.6865 34.3567 37.2989 34.4603 36.9674 34.6023C36.636 34.7444 36.3785 34.9367 36.1951 35.1794C36.0116 35.4161 35.9198 35.7121 35.9198 36.0672C35.9198 36.5821 36.1063 36.9757 36.4791 37.2479C36.8579 37.5143 37.3373 37.6474 37.9174 37.6474Z" fill="var(--default-text, #000)"></path>
<path d="M53.5909 45.3978C52.3657 45.3978 51.3152 45.2291 50.4393 44.8918C49.5692 44.5603 48.8768 44.1075 48.3618 43.5334C47.8469 42.9593 47.5125 42.3142 47.3586 41.5981L50.8565 41.1276C50.963 41.3998 51.1317 41.6543 51.3626 41.891C51.5934 42.1278 51.8982 42.3172 52.277 42.4592C52.6617 42.6072 53.1292 42.6812 53.6797 42.6812C54.5023 42.6812 55.18 42.4799 55.7127 42.0775C56.2513 41.6809 56.5206 41.0151 56.5206 40.08V37.5853H56.3608C56.1951 37.9641 55.9465 38.3222 55.615 38.6595C55.2836 38.9969 54.8575 39.2721 54.3366 39.4852C53.8158 39.6982 53.1943 39.8048 52.4723 39.8048C51.4484 39.8048 50.5162 39.568 49.6758 39.0945C48.8412 38.6151 48.1754 37.8842 47.6782 36.9017C47.187 35.9133 46.9414 34.6645 46.9414 33.1553C46.9414 31.6105 47.1929 30.3203 47.696 29.2845C48.1991 28.2488 48.8679 27.4734 49.7024 26.9585C50.5428 26.4436 51.4632 26.1861 52.4634 26.1861C53.2269 26.1861 53.8661 26.3164 54.381 26.5768C54.8959 26.8313 55.3102 27.1509 55.6239 27.5356C55.9435 27.9144 56.1891 28.2872 56.3608 28.6542H56.5028V26.3637H60.2581V40.1332C60.2581 41.2933 59.9741 42.2639 59.4059 43.0452C58.8377 43.8264 58.0505 44.4124 57.0444 44.803C56.0441 45.1995 54.893 45.3978 53.5909 45.3978ZM53.6708 36.9638C54.2804 36.9638 54.7953 36.8129 55.2155 36.5111C55.6417 36.2033 55.9672 35.7653 56.1921 35.1972C56.4229 34.6231 56.5383 33.9365 56.5383 33.1375C56.5383 32.3385 56.4259 31.646 56.201 31.0601C55.9761 30.4682 55.6505 30.0095 55.2244 29.684C54.7983 29.3585 54.2804 29.1957 53.6708 29.1957C53.0493 29.1957 52.5255 29.3644 52.0994 29.7018C51.6733 30.0332 51.3507 30.4949 51.1317 31.0867C50.9127 31.6786 50.8032 32.3622 50.8032 33.1375C50.8032 33.9247 50.9127 34.6053 51.1317 35.1794C51.3566 35.7476 51.6792 36.1885 52.0994 36.5022C52.5255 36.81 53.0493 36.9638 53.6708 36.9638Z" fill="var(--default-text, #000)"></path>
<path d="M69.4827 40.2664C68.08 40.2664 66.8726 39.9823 65.8606 39.4141C64.8544 38.84 64.0791 38.0292 63.5346 36.9816C62.9901 35.9281 62.7178 34.6822 62.7178 33.244C62.7178 31.8413 62.9901 30.6103 63.5346 29.5508C64.0791 28.4914 64.8455 27.6658 65.8339 27.0739C66.8282 26.4821 67.9942 26.1861 69.3318 26.1861C70.2314 26.1861 71.0689 26.3312 71.8442 26.6212C72.6255 26.9053 73.3061 27.3343 73.8861 27.9084C74.4721 28.4825 74.9278 29.2046 75.2533 30.0746C75.5788 30.9388 75.7416 31.9508 75.7416 33.1109V34.1496H64.227V31.8058H72.1816C72.1816 31.2613 72.0632 30.7789 71.8265 30.3587C71.5897 29.9385 71.2612 29.61 70.841 29.3733C70.4267 29.1306 69.9444 29.0093 69.3939 29.0093C68.8198 29.0093 68.3108 29.1425 67.867 29.4088C67.429 29.6692 67.0857 30.0214 66.8371 30.4653C66.5885 30.9032 66.4613 31.3915 66.4554 31.9301V34.1584C66.4554 34.8332 66.5797 35.4161 66.8282 35.9074C67.0827 36.3986 67.4408 36.7774 67.9025 37.0437C68.3641 37.3101 68.9116 37.4432 69.5449 37.4432C69.9651 37.4432 70.3498 37.3841 70.699 37.2657C71.0482 37.1473 71.3471 36.9698 71.5956 36.733C71.8442 36.4963 72.0336 36.2063 72.1638 35.863L75.6617 36.0938C75.4841 36.9343 75.1201 37.6682 74.5697 38.2955C74.0252 38.917 73.3209 39.4023 72.4568 39.7515C71.5986 40.0948 70.6072 40.2664 69.4827 40.2664Z" fill="var(--default-text, #000)"></path>
</svg>
<script type="module" async="" src="/static/js/ui.version.js?c=8ce3b8b"></script>
</a>
<button id="toggle_menu" class="button primary small">
<span></span>
<span></span>
<span></span>
</button>
<ul class="main-nav__main"><li><a href="/submit">Submit</a></li>
<li><a href="/reports">Reports</a></li></ul>
<div class="flex"></div>
<ul class="main-nav__secondary"><li>
<a href="/docs/" target="_blank" data-tooltip="Docs" data-position="bottom">
<div class="ma-icon default"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M21 5c-1.11-.35-2.33-.5-3.5-.5-1.95 0-4.05.4-5.5 1.5-1.45-1.1-3.55-1.5-5.5-1.5S2.45 4.9 1 6v14.65c0 .25.25.5.5.5.1 0 .15-.05.25-.05C3.1 20.45 5.05 20 6.5 20c1.95 0 4.05.4 5.5 1.5 1.35-.85 3.8-1.5 5.5-1.5 1.65 0 3.35.3 4.75 1.05.1.05.15.05.25.05.25 0 .5-.25.5-.5V6c-.6-.45-1.25-.75-2-1zm0 13.5c-1.1-.35-2.3-.5-3.5-.5-1.7 0-4.15.65-5.5 1.5V8c1.35-.85 3.8-1.5 5.5-1.5 1.2 0 2.4.15 3.5.5v11.5z"></path><path d="M17.5 10.5c.88 0 1.73.09 2.5.26V9.24c-.79-.15-1.64-.24-2.5-.24-1.7 0-3.24.29-4.5.83v1.66c1.13-.64 2.7-.99 4.5-.99zM13 12.49v1.66c1.13-.64 2.7-.99 4.5-.99.88 0 1.73.09 2.5.26V11.9c-.79-.15-1.64-.24-2.5-.24-1.7 0-3.24.3-4.5.83zm4.5 1.84c-1.7 0-3.24.29-4.5.83v1.66c1.13-.64 2.7-.99 4.5-.99.88 0 1.73.09 2.5.26v-1.52c-.79-.16-1.64-.24-2.5-.24z"></path></svg></div>
</a>
</li></ul></nav>
<div id="toasts">
</div>
<section class="app__header--secondary">
<div class="tab-view skip-arrows left">
<div class="tab-view__bar overflown">
<a href="/240622-axczpascnm" title="overview" class="tab-button button__black active ">
<p class="name">Overview</p>
<p class="target">overview</p><span class="score alert">9</span></a><a href="/240622-axczpascnm/static1" class="tab-button button__black " data-tab-id="static1"><p class="name">Static</p>
<p class="target">static</p><span class="score normal">3</span></a><a href="/240622-axczpascnm/behavioral1" class="tab-button button__black " data-tab-id="behavioral1"><p class="name">patch.exe</p>
<p class="target">windows7-x64</p><span class="score alert">
<div class="ma-icon default"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M1 21h22L12 2 1 21zm12-3h-2v-2h2v2zm0-4h-2v-4h2v4z"></path></svg></div>
</span></a><a href="/240622-axczpascnm/behavioral2" class="tab-button button__black " data-tab-id="behavioral2"><p class="name">patch.exe</p>
<p class="target">windows10-2004-x64</p><span class="score alert">
<div class="ma-icon default"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M1 21h22L12 2 1 21zm12-3h-2v-2h2v2zm0-4h-2v-4h2v4z"></path></svg></div>
</span></a>
</div>
</div>
</section>
</header>
<div class="app__view">
<div class="layout-toolbar" id="report">
<div>
<div class="tile button-bar vertical"><button id="download_sample" class="button primary">Download Sample</button><button id="feedback" class="button primary" title="Have an issue or suggestion? Let us know.">Feedback</button><button data-print-url="/240622-axczpascnm/pdf-report.html?c=8ce3b8b" class="print-to-pdf button primary" title="Print the current report to PDF">Print to PDF</button></div>
<div class="tile button-bar vertical">
<h2>Sharing</h2>
<div class="clipboard">
<a class="button primary stretch" type="button" name="button" data-clipboard="https://tria.ge/240622-axczpascnm">
Copy URL
</a>
</div>
<a class="button primary stretch" type="button" name="button" target="_blank" href="https://twitter.com/intent/tweet?text=Check%20out%20this%20analysis%20on%20tria.ge%20malware%20sandbox%3A%0Ahttps%3a%2f%2ftria.ge%2f240622-axczpascnm">
Twitter
</a>
<a class="button primary stretch" type="button" name="button" target="_blank" href="mailto:%20?subject=Check%20out%20this%20analysis%20on%20tria.ge%20malware%20sandbox%21&body=https%3a%2f%2ftria.ge%2f240622-axczpascnm">
E-mail
</a>
</div>
</div>
<section class="report">
<div class="tile article" data-section="" id="general">
<h2>
<div class="ma-icon large"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M19 3H4.99C3.89 3 3 3.9 3 5l.01 14c0 1.1.89 2 1.99 2h10l6-6V5c0-1.1-.9-2-2-2zM7 8h10v2H7V8zm5 6H7v-2h5v2zm2 5.5V14h5.5L14 19.5z"></path></svg></div>
General
</h2>
<div class="hbox">
<ul class="list flex">
<li class="nano">
<p><b>Target</b></p>
<div class="clipboard">
<p>patch.exe</p>
<button class="button primary icon" data-clipboard="patch.exe">
<div class="ma-icon small"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M19 2h-4.18C14.4.84 13.3 0 12 0c-1.3 0-2.4.84-2.82 2H5c-1.1 0-2 .9-2 2v16c0 1.1.9 2 2 2h14c1.1 0 2-.9 2-2V4c0-1.1-.9-2-2-2zm-7 0c.55 0 1 .45 1 1s-.45 1-1 1-1-.45-1-1 .45-1 1-1zm7 18H5V4h2v3h10V4h2v16z"></path></svg></div>
</button>
</div>
</li>
<li class="nano">
<p><b>Size</b></p>
<div class="clipboard">
<p>4.6MB</p>
<button class="button primary icon" data-clipboard="4.6MB">
<div class="ma-icon small"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M19 2h-4.18C14.4.84 13.3 0 12 0c-1.3 0-2.4.84-2.82 2H5c-1.1 0-2 .9-2 2v16c0 1.1.9 2 2 2h14c1.1 0 2-.9 2-2V4c0-1.1-.9-2-2-2zm-7 0c.55 0 1 .45 1 1s-.45 1-1 1-1-.45-1-1 .45-1 1-1zm7 18H5V4h2v3h10V4h2v16z"></path></svg></div>
</button>
</div>
</li>
<li class="nano">
<p><b>Sample</b></p>
<div class="clipboard">
<p>240622-axczpascnm</p>
<button class="button primary icon" data-clipboard="240622-axczpascnm">
<div class="ma-icon small"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M19 2h-4.18C14.4.84 13.3 0 12 0c-1.3 0-2.4.84-2.82 2H5c-1.1 0-2 .9-2 2v16c0 1.1.9 2 2 2h14c1.1 0 2-.9 2-2V4c0-1.1-.9-2-2-2zm-7 0c.55 0 1 .45 1 1s-.45 1-1 1-1-.45-1-1 .45-1 1-1zm7 18H5V4h2v3h10V4h2v16z"></path></svg></div>
</button>
</div>
</li>
<li class="nano">
<p><b>MD5</b></p>
<div class="clipboard">
<p>4a027f5b895f161a0d0e26f8ec6f31a7</p>
<button class="button primary icon" data-clipboard="4a027f5b895f161a0d0e26f8ec6f31a7">
<div class="ma-icon small"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M19 2h-4.18C14.4.84 13.3 0 12 0c-1.3 0-2.4.84-2.82 2H5c-1.1 0-2 .9-2 2v16c0 1.1.9 2 2 2h14c1.1 0 2-.9 2-2V4c0-1.1-.9-2-2-2zm-7 0c.55 0 1 .45 1 1s-.45 1-1 1-1-.45-1-1 .45-1 1-1zm7 18H5V4h2v3h10V4h2v16z"></path></svg></div>
</button>
</div>
</li>
<li class="nano">
<p><b>SHA1</b></p>
<div class="clipboard">
<p>2d8aa07828c92d4d9d85fc62ba82f0fe0bb5a789</p>
<button class="button primary icon" data-clipboard="2d8aa07828c92d4d9d85fc62ba82f0fe0bb5a789">
<div class="ma-icon small"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M19 2h-4.18C14.4.84 13.3 0 12 0c-1.3 0-2.4.84-2.82 2H5c-1.1 0-2 .9-2 2v16c0 1.1.9 2 2 2h14c1.1 0 2-.9 2-2V4c0-1.1-.9-2-2-2zm-7 0c.55 0 1 .45 1 1s-.45 1-1 1-1-.45-1-1 .45-1 1-1zm7 18H5V4h2v3h10V4h2v16z"></path></svg></div>
</button>
</div>
</li>
<li class="nano">
<p><b>SHA256</b></p>
<div class="clipboard">
<p>73f5eee95f0d5250f5d2f7a29702700537ebe6c08861d4ddfefc09d485f0f65e</p>
<button class="button primary icon" data-clipboard="73f5eee95f0d5250f5d2f7a29702700537ebe6c08861d4ddfefc09d485f0f65e">
<div class="ma-icon small"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M19 2h-4.18C14.4.84 13.3 0 12 0c-1.3 0-2.4.84-2.82 2H5c-1.1 0-2 .9-2 2v16c0 1.1.9 2 2 2h14c1.1 0 2-.9 2-2V4c0-1.1-.9-2-2-2zm-7 0c.55 0 1 .45 1 1s-.45 1-1 1-1-.45-1-1 .45-1 1-1zm7 18H5V4h2v3h10V4h2v16z"></path></svg></div>
</button>
</div>
</li>
<li class="nano">
<p><b>SHA512</b></p>
<div class="clipboard">
<p>9b12840d6f2f9a277e7edded5830daf70713ea3f90ddf324bece98616d716400dc0247a47dc9d016fb02f9803fb0a2e2853f4a56e752b13a704132d4acfa23cb</p>
<button class="button primary icon" data-clipboard="9b12840d6f2f9a277e7edded5830daf70713ea3f90ddf324bece98616d716400dc0247a47dc9d016fb02f9803fb0a2e2853f4a56e752b13a704132d4acfa23cb">
<div class="ma-icon small"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M19 2h-4.18C14.4.84 13.3 0 12 0c-1.3 0-2.4.84-2.82 2H5c-1.1 0-2 .9-2 2v16c0 1.1.9 2 2 2h14c1.1 0 2-.9 2-2V4c0-1.1-.9-2-2-2zm-7 0c.55 0 1 .45 1 1s-.45 1-1 1-1-.45-1-1 .45-1 1-1zm7 18H5V4h2v3h10V4h2v16z"></path></svg></div>
</button>
</div>
</li>
<li class="nano">
<p><b>SSDEEP</b></p>
<div class="clipboard">
<p>98304:0kLEAGg00ojGjm4EC/qQb4zldELsSqr7jkie3t:DEzg7AGUqqXHPjze3t</p>
<button class="button primary icon" data-clipboard="98304:0kLEAGg00ojGjm4EC/qQb4zldELsSqr7jkie3t:DEzg7AGUqqXHPjze3t">
<div class="ma-icon small"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M19 2h-4.18C14.4.84 13.3 0 12 0c-1.3 0-2.4.84-2.82 2H5c-1.1 0-2 .9-2 2v16c0 1.1.9 2 2 2h14c1.1 0 2-.9 2-2V4c0-1.1-.9-2-2-2zm-7 0c.55 0 1 .45 1 1s-.45 1-1 1-1-.45-1-1 .45-1 1-1zm7 18H5V4h2v3h10V4h2v16z"></path></svg></div>
</button>
</div>
</li>
</ul>
<div class="flex vbox centered">
<div class="score-block">
<div class="score-block-description">Score</div>
<div class="score-block-text flex-center">
<span id="task-score" data-file-score="" class="alert">9</span><sup>/10</sup></div>
<div class="score-block-bar-holder">
<div id="task-score-bar" class="score-block-bar alert" style="width:90%">
</div>
</div>
</div>
<div class="tags">
<a href="/s?q=tags:persistence" class="">persistence</a>
</div>
</div>
</div>
</div>
<div class="task-center"><div class="task-center__item hidden" data-task-id="static1">
<div class="task-center__item-content"><p class="label">
Static task</p>
<p><b>static1</b></p></div>
<div class="tags"></div>
<div class="task-center__item-meta"><div class="task-center__item-meta-block">
<i class="fa-solid fa-file-signature"></i>
<span>1 signatures</span>
</div>
</div></div><div class="task-center__item hidden" data-task-id="behavioral1">
<div class="task-center__item-content"><p class="label">
Behavioral task</p>
<p><b>behavioral1</b></p><p class="label">Sample</p>
<p><b>patch.exe</b></p><p class="label">Resource</p>
<p><b>win7-20240508-en</b></p></div>
<div class="tags"><a href="/s?q=tags:persistence" class="">persistence</a></div>
<div class="task-center__item-meta">
<div class="task-center__item-meta-block">
<img src="/static/svg/platforms/windows7.svg" alt="">
<span>windows7-x64</span>
</div><div class="task-center__item-meta-block">
<i class="fa-solid fa-file-signature"></i>
<span>9 signatures</span>
</div>
<div class="task-center__item-meta-block">
<i class="fa-solid fa-timer"></i>
<span>150 seconds</span>
</div></div></div><div class="task-center__item hidden" data-task-id="behavioral2">
<div class="task-center__item-content"><p class="label">
Behavioral task</p>
<p><b>behavioral2</b></p><p class="label">Sample</p>
<p><b>patch.exe</b></p><p class="label">Resource</p>
<p><b>win10v2004-20240508-en</b></p></div>
<div class="tags"><a href="/s?q=tags:persistence" class="">persistence</a></div>
<div class="task-center__item-meta">
<div class="task-center__item-meta-block">
<img src="/static/svg/platforms/windows10.svg" alt="">
<span>windows10-2004-x64</span>
</div><div class="task-center__item-meta-block">
<i class="fa-solid fa-file-signature"></i>
<span>11 signatures</span>
</div>
<div class="task-center__item-meta-block">
<i class="fa-solid fa-timer"></i>
<span>150 seconds</span>
</div></div></div></div>
<div id="malware-config-container" class="tile article" data-section="disabled">
<h2 class="closed disabled">
<div class="ma-icon large"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M12 10c-1.1 0-2 .9-2 2s.9 2 2 2 2-.9 2-2-.9-2-2-2zm7-7H5a2 2 0 0 0-2 2v14a2 2 0 0 0 2 2h14a2 2 0 0 0 2-2V5a2 2 0 0 0-2-2zm-1.75 9c0 .23-.02.46-.05.68l1.48 1.16c.13.11.17.3.08.45l-1.4 2.42c-.09.15-.27.21-.43.15l-1.74-.7c-.36.28-.76.51-1.18.69l-.26 1.85c-.03.17-.18.3-.35.3h-2.8c-.17 0-.32-.13-.35-.29l-.26-1.85c-.43-.18-.82-.41-1.18-.69l-1.74.7c-.16.06-.34 0-.43-.15l-1.4-2.42a.353.353 0 0 1 .08-.45l1.48-1.16c-.03-.23-.05-.46-.05-.69 0-.23.02-.46.05-.68l-1.48-1.16a.353.353 0 0 1-.08-.45l1.4-2.42c.09-.15.27-.21.43-.15l1.74.7c.36-.28.76-.51 1.18-.69l.26-1.85c.03-.17.18-.3.35-.3h2.8c.17 0 .32.13.35.29l.26 1.85c.43.18.82.41 1.18.69l1.74-.7c.16-.06.34 0 .43.15l1.4 2.42c.09.15.05.34-.08.45l-1.48 1.16c.03.23.05.46.05.69z"></path></svg></div>
Malware Config
</h2>
<div id="malware-config"></div>
</div>
<div class="tile article" data-section="">
<h2>
<div class="ma-icon large"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M12 2C6.49 2 2 6.49 2 12s4.49 10 10 10 10-4.49 10-10S17.51 2 12 2zm0 18c-4.41 0-8-3.59-8-8s3.59-8 8-8 8 3.59 8 8-3.59 8-8 8zm3-8c0 1.66-1.34 3-3 3s-3-1.34-3-3 1.34-3 3-3 3 1.34 3 3z"></path></svg></div>
Targets
</h2>
<div id="general">
<ul class="list target-list"><li>
<div class="hbox">
<ul class="list flex">
<li class="nano">
<p><b>Target</b></p>
<div class="clipboard">
<p>patch.exe</p>
<button class="button primary icon" data-clipboard="patch.exe">
<div class="ma-icon small"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M19 2h-4.18C14.4.84 13.3 0 12 0c-1.3 0-2.4.84-2.82 2H5c-1.1 0-2 .9-2 2v16c0 1.1.9 2 2 2h14c1.1 0 2-.9 2-2V4c0-1.1-.9-2-2-2zm-7 0c.55 0 1 .45 1 1s-.45 1-1 1-1-.45-1-1 .45-1 1-1zm7 18H5V4h2v3h10V4h2v16z"></path></svg></div>
</button>
</div>
</li>
<li class="nano">
<p><b>Size</b></p>
<div class="clipboard">
<p>4.6MB</p>
<button class="button primary icon" data-clipboard="4.6MB">
<div class="ma-icon small"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M19 2h-4.18C14.4.84 13.3 0 12 0c-1.3 0-2.4.84-2.82 2H5c-1.1 0-2 .9-2 2v16c0 1.1.9 2 2 2h14c1.1 0 2-.9 2-2V4c0-1.1-.9-2-2-2zm-7 0c.55 0 1 .45 1 1s-.45 1-1 1-1-.45-1-1 .45-1 1-1zm7 18H5V4h2v3h10V4h2v16z"></path></svg></div>
</button>
</div>
</li>
<li class="nano">
<p><b>MD5</b></p>
<div class="clipboard">
<p>4a027f5b895f161a0d0e26f8ec6f31a7</p>
<button class="button primary icon" data-clipboard="4a027f5b895f161a0d0e26f8ec6f31a7">
<div class="ma-icon small"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M19 2h-4.18C14.4.84 13.3 0 12 0c-1.3 0-2.4.84-2.82 2H5c-1.1 0-2 .9-2 2v16c0 1.1.9 2 2 2h14c1.1 0 2-.9 2-2V4c0-1.1-.9-2-2-2zm-7 0c.55 0 1 .45 1 1s-.45 1-1 1-1-.45-1-1 .45-1 1-1zm7 18H5V4h2v3h10V4h2v16z"></path></svg></div>
</button>
</div>
</li>
<li class="nano">
<p><b>SHA1</b></p>
<div class="clipboard">
<p>2d8aa07828c92d4d9d85fc62ba82f0fe0bb5a789</p>
<button class="button primary icon" data-clipboard="2d8aa07828c92d4d9d85fc62ba82f0fe0bb5a789">
<div class="ma-icon small"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M19 2h-4.18C14.4.84 13.3 0 12 0c-1.3 0-2.4.84-2.82 2H5c-1.1 0-2 .9-2 2v16c0 1.1.9 2 2 2h14c1.1 0 2-.9 2-2V4c0-1.1-.9-2-2-2zm-7 0c.55 0 1 .45 1 1s-.45 1-1 1-1-.45-1-1 .45-1 1-1zm7 18H5V4h2v3h10V4h2v16z"></path></svg></div>
</button>
</div>
</li>
<li class="nano">
<p><b>SHA256</b></p>
<div class="clipboard">
<p>73f5eee95f0d5250f5d2f7a29702700537ebe6c08861d4ddfefc09d485f0f65e</p>
<button class="button primary icon" data-clipboard="73f5eee95f0d5250f5d2f7a29702700537ebe6c08861d4ddfefc09d485f0f65e">
<div class="ma-icon small"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M19 2h-4.18C14.4.84 13.3 0 12 0c-1.3 0-2.4.84-2.82 2H5c-1.1 0-2 .9-2 2v16c0 1.1.9 2 2 2h14c1.1 0 2-.9 2-2V4c0-1.1-.9-2-2-2zm-7 0c.55 0 1 .45 1 1s-.45 1-1 1-1-.45-1-1 .45-1 1-1zm7 18H5V4h2v3h10V4h2v16z"></path></svg></div>
</button>
</div>
</li>
<li class="nano">
<p><b>SHA512</b></p>
<div class="clipboard">
<p>9b12840d6f2f9a277e7edded5830daf70713ea3f90ddf324bece98616d716400dc0247a47dc9d016fb02f9803fb0a2e2853f4a56e752b13a704132d4acfa23cb</p>
<button class="button primary icon" data-clipboard="9b12840d6f2f9a277e7edded5830daf70713ea3f90ddf324bece98616d716400dc0247a47dc9d016fb02f9803fb0a2e2853f4a56e752b13a704132d4acfa23cb">
<div class="ma-icon small"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M19 2h-4.18C14.4.84 13.3 0 12 0c-1.3 0-2.4.84-2.82 2H5c-1.1 0-2 .9-2 2v16c0 1.1.9 2 2 2h14c1.1 0 2-.9 2-2V4c0-1.1-.9-2-2-2zm-7 0c.55 0 1 .45 1 1s-.45 1-1 1-1-.45-1-1 .45-1 1-1zm7 18H5V4h2v3h10V4h2v16z"></path></svg></div>
</button>
</div>
</li>
<li class="nano">
<p><b>SSDEEP</b></p>
<div class="clipboard">
<p>98304:0kLEAGg00ojGjm4EC/qQb4zldELsSqr7jkie3t:DEzg7AGUqqXHPjze3t</p>
<button class="button primary icon" data-clipboard="98304:0kLEAGg00ojGjm4EC/qQb4zldELsSqr7jkie3t:DEzg7AGUqqXHPjze3t">
<div class="ma-icon small"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M19 2h-4.18C14.4.84 13.3 0 12 0c-1.3 0-2.4.84-2.82 2H5c-1.1 0-2 .9-2 2v16c0 1.1.9 2 2 2h14c1.1 0 2-.9 2-2V4c0-1.1-.9-2-2-2zm-7 0c.55 0 1 .45 1 1s-.45 1-1 1-1-.45-1-1 .45-1 1-1zm7 18H5V4h2v3h10V4h2v16z"></path></svg></div>
</button>
</div>
</li>
</ul>
<div class="flex vbox centered">
<div class="score-block">
<div class="score-block-description">Score</div>
<div class="score-block-text flex-center">
<span id="task-score" data-file-score="" class="alert">9</span><sup>/10</sup></div>
<div class="score-block-bar-holder">
<div id="task-score-bar" class="score-block-bar alert" style="width:90%">
</div>
</div>
</div>
<div class="tags"><a href="/s?q=tags:persistence" class="">persistence</a></div>
</div>
</div><ul class="risk-rules"><li class="alert">
<div class="title">
<h3>Nirsoft</h3></div>
</li><li class="alert">
<div class="title">
<h3>Event Triggered Execution: Image File Execution Options Injection</h3><div class="tags small"><a href="/s?q=tags:persistence" class="">persistence</a></div></div>
</li><li class="warning">
<div class="title">
<h3>Executes dropped EXE</h3></div>
</li><li class="warning">
<div class="title">
<h3>Loads dropped DLL</h3></div>
</li></ul>
<div class="button-bar"><a class="button primary small" href="/240622-axczpascnm/behavioral1">behavioral1</a><a class="button primary small" href="/240622-axczpascnm/behavioral2">behavioral2</a></div></li></ul>
</div>
</div>
<script nonce="">window.ttp_lookup ={"T1546":{"id":"T1546","name":"Event Triggered Execution","reference":"https://attack.mitre.org/versions/v15/techniques/T1546","framework":"Enterprise","version":"15","parent":"","tactics":[{"id":"TA0003","name":"Persistence","reference":"","framework":"","version":""},{"id":"TA0004","name":"Privilege Escalation","reference":"","framework":"","version":""}],"Uses":1,"HighestScore":8},"T1546.012":{"id":"T1546.012","name":"Image File Execution Options Injection","reference":"https://attack.mitre.org/versions/v15/techniques/T1546/012","framework":"Enterprise","version":"15","parent":"T1546","tactics":[{"id":"TA0003","name":"Persistence","reference":"","framework":"","version":""},{"id":"TA0004","name":"Privilege Escalation","reference":"","framework":"","version":""}],"Uses":1,"HighestScore":8}};</script><div id="mitre" class="tile article" data-section="close">
<h2><div class="ma-icon large"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M10 10.02h5V21h-5zM17 21h3c1.1 0 2-.9 2-2v-9h-5v11zm3-18H5c-1.1 0-2 .9-2 2v3h19V5c0-1.1-.9-2-2-2zM3 19c0 1.1.9 2 2 2h3V10H3v9z"></path></svg></div>MITRE ATT&CK Enterprise
<span class="sub">v15</span>
</h2>
<div>
<div class="mitre"><div class="row">
<a class="category" href="https://attack.mitre.org/versions/v15/tactics/TA0043" target="_blank">
<p>Reconnaissance</p><div class="ma-icon small"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M19 19H5V5h7V3H5a2 2 0 0 0-2 2v14a2 2 0 0 0 2 2h14c1.1 0 2-.9 2-2v-7h-2v7zM14 3v2h3.59l-9.83 9.83 1.41 1.41L19 6.41V10h2V3h-7z"></path></svg></div>
</a></div><div class="row">
<a class="category" href="https://attack.mitre.org/versions/v15/tactics/TA0042" target="_blank">
<p>Resource Development</p><div class="ma-icon small"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M19 19H5V5h7V3H5a2 2 0 0 0-2 2v14a2 2 0 0 0 2 2h14c1.1 0 2-.9 2-2v-7h-2v7zM14 3v2h3.59l-9.83 9.83 1.41 1.41L19 6.41V10h2V3h-7z"></path></svg></div>
</a></div><div class="row">
<a class="category" href="https://attack.mitre.org/versions/v15/tactics/TA0001" target="_blank">
<p>Initial Access</p><div class="ma-icon small"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M19 19H5V5h7V3H5a2 2 0 0 0-2 2v14a2 2 0 0 0 2 2h14c1.1 0 2-.9 2-2v-7h-2v7zM14 3v2h3.59l-9.83 9.83 1.41 1.41L19 6.41V10h2V3h-7z"></path></svg></div>
</a></div><div class="row">
<a class="category" href="https://attack.mitre.org/versions/v15/tactics/TA0002" target="_blank">
<p>Execution</p><div class="ma-icon small"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M19 19H5V5h7V3H5a2 2 0 0 0-2 2v14a2 2 0 0 0 2 2h14c1.1 0 2-.9 2-2v-7h-2v7zM14 3v2h3.59l-9.83 9.83 1.41 1.41L19 6.41V10h2V3h-7z"></path></svg></div>
</a></div><div class="row">
<a class="category" href="https://attack.mitre.org/versions/v15/tactics/TA0003" target="_blank">
<p>Persistence</p><div class="ma-icon small"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M19 19H5V5h7V3H5a2 2 0 0 0-2 2v14a2 2 0 0 0 2 2h14c1.1 0 2-.9 2-2v-7h-2v7zM14 3v2h3.59l-9.83 9.83 1.41 1.41L19 6.41V10h2V3h-7z"></path></svg></div>
</a><a class="alert" data-modal-ttp="T1546" href="https://attack.mitre.org/versions/v15/techniques/T1546" target="_blank" title="Event Triggered Execution">
<div class="hbox"><p>Event Triggered Execution</p><div class="flex"></div><span>1</span></div>
<span>T1546</span>
</a>
<a class="alert indent" data-modal-ttp="T1546.012" href="https://attack.mitre.org/versions/v15/techniques/T1546/012" target="_blank" title="Image File Execution Options Injection">
<div class="hbox"><p>Image File Execution Options Injection</p><div class="flex"></div><span>1</span></div>
<span>T1546.012</span>
</a></div><div class="row">
<a class="category" href="https://attack.mitre.org/versions/v15/tactics/TA0004" target="_blank">
<p>Privilege Escalation</p><div class="ma-icon small"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M19 19H5V5h7V3H5a2 2 0 0 0-2 2v14a2 2 0 0 0 2 2h14c1.1 0 2-.9 2-2v-7h-2v7zM14 3v2h3.59l-9.83 9.83 1.41 1.41L19 6.41V10h2V3h-7z"></path></svg></div>
</a><a class="alert" data-modal-ttp="T1546" href="https://attack.mitre.org/versions/v15/techniques/T1546" target="_blank" title="Event Triggered Execution">
<div class="hbox"><p>Event Triggered Execution</p><div class="flex"></div><span>1</span></div>
<span>T1546</span>
</a>
<a class="alert indent" data-modal-ttp="T1546.012" href="https://attack.mitre.org/versions/v15/techniques/T1546/012" target="_blank" title="Image File Execution Options Injection">
<div class="hbox"><p>Image File Execution Options Injection</p><div class="flex"></div><span>1</span></div>
<span>T1546.012</span>
</a></div><div class="row">
<a class="category" href="https://attack.mitre.org/versions/v15/tactics/TA0005" target="_blank">
<p>Defense Evasion</p><div class="ma-icon small"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M19 19H5V5h7V3H5a2 2 0 0 0-2 2v14a2 2 0 0 0 2 2h14c1.1 0 2-.9 2-2v-7h-2v7zM14 3v2h3.59l-9.83 9.83 1.41 1.41L19 6.41V10h2V3h-7z"></path></svg></div>
</a></div><div class="row">
<a class="category" href="https://attack.mitre.org/versions/v15/tactics/TA0006" target="_blank">
<p>Credential Access</p><div class="ma-icon small"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M19 19H5V5h7V3H5a2 2 0 0 0-2 2v14a2 2 0 0 0 2 2h14c1.1 0 2-.9 2-2v-7h-2v7zM14 3v2h3.59l-9.83 9.83 1.41 1.41L19 6.41V10h2V3h-7z"></path></svg></div>
</a></div><div class="row">
<a class="category" href="https://attack.mitre.org/versions/v15/tactics/TA0007" target="_blank">
<p>Discovery</p><div class="ma-icon small"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M19 19H5V5h7V3H5a2 2 0 0 0-2 2v14a2 2 0 0 0 2 2h14c1.1 0 2-.9 2-2v-7h-2v7zM14 3v2h3.59l-9.83 9.83 1.41 1.41L19 6.41V10h2V3h-7z"></path></svg></div>
</a></div><div class="row">
<a class="category" href="https://attack.mitre.org/versions/v15/tactics/TA0008" target="_blank">
<p>Lateral Movement</p><div class="ma-icon small"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M19 19H5V5h7V3H5a2 2 0 0 0-2 2v14a2 2 0 0 0 2 2h14c1.1 0 2-.9 2-2v-7h-2v7zM14 3v2h3.59l-9.83 9.83 1.41 1.41L19 6.41V10h2V3h-7z"></path></svg></div>
</a></div><div class="row">
<a class="category" href="https://attack.mitre.org/versions/v15/tactics/TA0009" target="_blank">
<p>Collection</p><div class="ma-icon small"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M19 19H5V5h7V3H5a2 2 0 0 0-2 2v14a2 2 0 0 0 2 2h14c1.1 0 2-.9 2-2v-7h-2v7zM14 3v2h3.59l-9.83 9.83 1.41 1.41L19 6.41V10h2V3h-7z"></path></svg></div>
</a></div><div class="row">
<a class="category" href="https://attack.mitre.org/versions/v15/tactics/TA0011" target="_blank">
<p>Command and Control</p><div class="ma-icon small"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M19 19H5V5h7V3H5a2 2 0 0 0-2 2v14a2 2 0 0 0 2 2h14c1.1 0 2-.9 2-2v-7h-2v7zM14 3v2h3.59l-9.83 9.83 1.41 1.41L19 6.41V10h2V3h-7z"></path></svg></div>
</a></div><div class="row">
<a class="category" href="https://attack.mitre.org/versions/v15/tactics/TA0010" target="_blank">
<p>Exfiltration</p><div class="ma-icon small"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M19 19H5V5h7V3H5a2 2 0 0 0-2 2v14a2 2 0 0 0 2 2h14c1.1 0 2-.9 2-2v-7h-2v7zM14 3v2h3.59l-9.83 9.83 1.41 1.41L19 6.41V10h2V3h-7z"></path></svg></div>
</a></div><div class="row">
<a class="category" href="https://attack.mitre.org/versions/v15/tactics/TA0040" target="_blank">
<p>Impact</p><div class="ma-icon small"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M19 19H5V5h7V3H5a2 2 0 0 0-2 2v14a2 2 0 0 0 2 2h14c1.1 0 2-.9 2-2v-7h-2v7zM14 3v2h3.59l-9.83 9.83 1.41 1.41L19 6.41V10h2V3h-7z"></path></svg></div>
</a></div></div>
</div>
</div>
<div id="overview-tasks" class="tile article" data-section="">
<h2>
<div class="ma-icon large"><svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M14 2H6c-1.1 0-1.99.9-1.99 2L4 20c0 1.1.89 2 1.99 2H18c1.1 0 2-.9 2-2V8l-6-6zm-3.06 16L7.4 14.46l1.41-1.41 2.12 2.12 4.24-4.24 1.41 1.41L10.94 18zM13 9V3.5L18.5 9H13z"></path></svg></div>
Tasks
</h2>
<div>
<div><a href="/240622-axczpascnm/static1" class="hbox">
<h4>static1</h4>
<div class="tags flex small"></div>
<div class="small-score">
<div class="score-block">
<div class="score-block-description">Score</div>
<div class="score-block-text flex-center">
<span id="task-score" data-file-score="" class="normal">3</span><sup>/10</sup></div>
<div class="score-block-bar-holder">
<div id="task-score-bar" class="score-block-bar normal" style="width:30%">
</div>
</div>
</div>
</div>
</a><a href="/240622-axczpascnm/behavioral1" class="hbox">
<h4>behavioral1</h4>
<div class="tags flex small"><span class="">persistence</span></div>
<div class="small-score">
<div class="score-block">
<div class="score-block-description">Score</div>
<div class="score-block-text flex-center">
<span id="task-score" data-file-score="" class="alert">9</span><sup>/10</sup></div>
<div class="score-block-bar-holder">
<div id="task-score-bar" class="score-block-bar alert" style="width:90%">
</div>
</div>
</div>
</div>
</a><a href="/240622-axczpascnm/behavioral2" class="hbox">
<h4>behavioral2</h4>
<div class="tags flex small"><span class="">persistence</span></div>
<div class="small-score">
<div class="score-block">
<div class="score-block-description">Score</div>
<div class="score-block-text flex-center">
<span id="task-score" data-file-score="" class="alert">9</span><sup>/10</sup></div>
<div class="score-block-bar-holder">
<div id="task-score-bar" class="score-block-bar alert" style="width:90%">
</div>
</div>
</div>
</div>
</a></div>
</div>
</div>
</section>
</div>
</div>
<div id="notification-center"></div>
<div class="app__footer--push"></div>
</main><footer class="app__footer creditorial">
<div class="app__footer-content">
<a href="https://www.recordedfuture.com"><svg aria-label="Recorded Future" width="601px" height="73px" viewBox="0 0 601 73" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
<g id="Page-1" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd">
<g id="Artboard" transform="translate(-577.000000, -1825.000000)" fill="var(--default-text)" fill-rule="nonzero">
<g id="rf-white" transform="translate(577.000000, 1825.000000)">
<path d="M90.8,11.7 L109.4,11.7 C120.9,11.7 127,18.1 127,27.6 C127,34.4 123.4,38.4 117.5,40.8 L128.8,61.4 L118.7,61.4 L107.5,40.8 L99.7,40.8 L99.7,61.4 L90.7,61.4 C90.8,61.4 90.8,11.7 90.8,11.7 Z M108.1,33.1 C114.7,33.1 117.7,31.2 117.7,26.2 C117.7,21.8 114.7,19.3 107.9,19.3 L99.6,19.3 L99.6,33.3 L108.1,33.1 Z M166.5,42.1 C166.5,30.8 173.4,22.8 184.3,22.8 C193.4,22.8 199.7,28 200.4,36.2 L191.9,36.2 C191.4,32.5 188.2,29.8 184.5,29.9 C179.1,29.9 175.5,34.5 175.5,41.9 C175.5,49.3 179.1,54.1 184.5,54.1 C188.2,54.3 191.4,51.6 191.9,47.8 L200.4,47.8 C199.7,55.8 193.8,61.3 184.5,61.3 C173.1,61.4 166.5,53.4 166.5,42.1 Z M202.5,42.1 C202.5,30.6 209.4,22.8 220.4,22.8 C231.4,22.8 238.3,30.6 238.3,42.1 C238.3,53.6 231.4,61.4 220.4,61.4 C209.4,61.4 202.5,53.6 202.5,42.1 Z M229.2,42.1 C229.2,35.3 226.2,29.8 220.2,29.8 C214.3,29.8 211.2,35.2 211.2,42.1 C211.2,49 214.1,54.3 220.2,54.3 C226.3,54.3 229.2,49.1 229.2,42.1 Z M240.7,24 L249.2,24 L249.2,30.3 L249.5,30.3 C250.7,26.2 254.4,23.4 258.6,23.5 C259.6,23.5 260.6,23.7 261.8,23.7 L261.8,31.8 C260.4,31.5 259.1,31.3 257.7,31.3 C253.3,31 249.6,34.3 249.2,38.7 C249.2,38.9 249.2,39 249.2,39.4 L249.2,61.4 L240.4,61.4 L240.7,24 Z M262.7,42.8 C262.7,30.3 269.5,23.7 278.1,23.7 C282.7,23.5 286.9,26.1 288.8,30.3 L289.1,30.3 L289.1,11.7 L297.9,11.7 L297.9,61.4 L289.3,61.4 L289.3,55.5 L288.8,55.5 C287.4,58.2 284.6,61.4 278.1,61.4 C269.5,61.4 262.7,55.1 262.7,42.8 Z M289.4,42.8 C289.4,35.5 286.4,31 280.6,31 C274.8,31 271.8,35.9 271.8,42.8 C271.8,49.7 274.8,55 280.6,55 C286.4,55 289.4,50.1 289.4,42.8 Z M339.5,42.8 C339.5,30.3 346.3,23.7 354.9,23.7 C359.5,23.5 363.7,26.1 365.6,30.3 L365.9,30.3 L365.9,11.7 L374.7,11.7 L374.7,61.4 L366.1,61.4 L366.1,55.5 L365.6,55.5 C364.2,58.2 361.4,61.4 354.9,61.4 C346.1,61.4 339.5,55.1 339.5,42.8 Z M366.1,42.8 C366.1,35.5 363.1,31 357.3,31 C351.5,31 348.5,35.9 348.5,42.8 C348.5,49.7 351.5,55 357.3,55 C363,55 366.1,50.1 366.1,42.8 Z M394.7,11.7 L426.7,11.7 L426.7,19.3 L403.9,19.3 L403.9,33.2 L424.5,33.2 L424.5,40.8 L403.7,40.8 L403.7,61.4 L394.7,61.4 L394.7,11.7 Z M452.3,24 L461.1,24 L461.1,61.2 L452.6,61.2 L452.6,54.6 L452.3,54.6 C450.6,58.8 446.7,61.2 441.1,61.2 C433.8,61.2 428.6,56.6 428.6,47.7 L428.6,24 L437.4,24 L437.4,46.3 C437.4,51 440.3,54.1 444.5,54.1 C448.9,54.1 452.5,50.5 452.5,46.1 C452.5,45.9 452.5,45.8 452.5,45.6 L452.3,24 Z M485.3,31 L477.9,31 L477.9,50.3 C477.9,53.9 479.6,54.7 482,54.7 C482.8,54.7 483.7,54.5 484.5,54.4 L486,61.3 C484.3,61.8 482.6,62.1 480.8,62.1 C474.2,62.3 469.1,58.9 469.1,51.8 L469.1,31 L463.9,31 L463.9,24.2 L469.1,24.2 L469.1,15.2 L477.9,15.2 L477.9,24.2 L485.3,24.2 L485.3,31 Z M513.1,24 L521.9,24 L521.9,61.2 L513.4,61.2 L513.4,54.6 L512.9,54.6 C511.2,58.8 507.3,61.2 501.7,61.2 C494.4,61.2 489.4,56.6 489.4,47.7 L489.4,24 L498.2,24 L498.2,46.3 C498.2,51 501.1,54.1 505.3,54.1 C509.7,54.1 513.3,50.5 513.3,46.1 C513.3,45.9 513.3,45.8 513.3,45.6 L513.1,24 Z M527.4,24 L535.9,24 L535.9,30.3 L536.2,30.3 C537.4,26.2 541.1,23.4 545.3,23.5 C546.3,23.5 547.5,23.7 548.5,23.7 L548.5,31.8 C547.1,31.5 545.8,31.3 544.4,31.3 C540,31 536.3,34.3 535.9,38.7 C535.9,38.9 535.9,39 535.9,39.4 L535.9,61.4 L527.1,61.4 L527.4,24 Z M583.8,19.3 C583.8,14.7 587.5,11 592.1,11 C596.7,11 600.4,14.7 600.4,19.3 C600.4,23.9 596.7,27.6 592.1,27.6 C587.3,27.6 583.8,23.8 583.8,19.3 Z M598.7,19.3 C598.7,15.6 595.7,12.5 591.9,12.5 C588.2,12.5 585.1,15.5 585.1,19.3 C585.1,23 588.1,26.1 591.9,26.1 C595.6,26 598.7,23 598.7,19.3 Z M589.2,15.4 L592.9,15.4 C594.3,15.4 595.3,16.4 595.3,17.8 C595.3,18.6 594.8,19.7 593.9,20 L595.6,23 L594.1,23 L592.7,20.3 L590.7,20.3 L590.7,23 L589.3,23 L589.2,15.4 Z M592.4,19.1 C593.1,19.1 593.8,18.4 593.8,17.7 C593.8,17.7 593.8,17.7 593.8,17.5 C593.8,16.8 593.3,16.1 592.6,16.1 L592.4,16.1 L590.5,16.1 L590.5,18.8 L592.4,18.8 L592.4,19.1 Z M548.8,43 C548.8,31.5 555.7,23.7 566.4,23.7 C575.5,23.7 583.5,29.5 583.5,42.5 L583.5,45.2 L557.4,45.2 C557.4,51.6 561.3,54.7 566.9,54.7 C570.6,54.7 573.7,53.9 574.9,50.6 L583.5,50.6 C582,57 576.2,61.6 566.9,61.6 C555.7,61.4 548.8,54.6 548.8,43 Z M575,39.2 C575.2,34.6 571.8,30.7 567.2,30.4 C567,30.4 566.9,30.4 566.5,30.4 C561.6,30.4 557.5,34.3 557.5,39.2 C557.6,39.2 575,39.2 575,39.2 Z M301.8,43 C301.8,31.5 308.7,23.7 319.4,23.7 C328.5,23.7 336.5,29.5 336.5,42.5 L336.5,45.2 L310.4,45.2 C310.4,51.6 314.3,54.7 319.9,54.7 C323.6,54.7 326.7,53.9 327.9,50.6 L336.5,50.6 C335,57 329.2,61.6 319.9,61.6 C308.7,61.4 301.8,54.6 301.8,43 Z M328,39.2 C328.2,34.6 324.8,30.7 320.2,30.4 C320,30.4 319.9,30.4 319.5,30.4 C314.6,30.4 310.5,34.3 310.5,39.2 C310.6,39.2 328,39.2 328,39.2 Z M129.2,43 C129.2,31.5 136.1,23.7 146.8,23.7 C155.9,23.7 163.9,29.5 163.9,42.5 L163.9,45.2 L138,45.2 C138,51.6 141.9,54.7 147.5,54.7 C151.2,54.7 154.3,53.9 155.5,50.6 L164.1,50.6 C162.6,57 156.8,61.6 147.5,61.6 C136.2,61.4 129.2,54.6 129.2,43 Z M155.6,39.2 C155.8,34.6 152.4,30.7 147.8,30.4 C147.6,30.4 147.5,30.4 147.1,30.4 C142.2,30.4 138.1,34.3 138.1,39.2 C138.2,39.2 155.6,39.2 155.6,39.2 Z M39.3,31.3 C36.3,31.3 33.7,33.8 33.7,36.9 C33.7,40 36.2,42.5 39.3,42.5 C42.4,42.5 44.9,40 44.9,36.9 C44.8,33.8 42.3,31.3 39.3,31.3 Z M72.2,31.3 C69.2,31.3 66.6,33.8 66.6,36.9 C66.6,40 69.1,42.5 72.2,42.5 C75.2,42.5 77.8,40 77.8,36.9 C77.8,33.8 75.3,31.3 72.2,31.3 Z M5.9,31.3 C2.9,31.3 0.3,33.8 0.3,36.9 C0.3,40 2.8,42.5 5.9,42.5 C9,42.5 11.5,40 11.5,36.9 C11.5,33.8 9,31.3 5.9,31.3 Z M34.5,68.2 L34.5,51.8 C34.5,49.3 36.5,47.2 39.1,47.2 C41.7,47.2 43.7,49.2 43.7,51.8 L43.7,68.2 C43.7,70.7 41.7,72.8 39.1,72.8 C36.5,72.9 34.5,70.9 34.5,68.2 Z M51.1,59.9 L51.1,13.9 C50.9,11.4 53,9.2 55.5,9 C58,8.8 60.2,10.9 60.4,13.4 C60.4,13.6 60.4,13.7 60.4,13.9 L60.4,59.7 L60.4,59.9 C60.2,62.4 58,64.3 55.5,64.3 C53.1,64.1 51.3,62.2 51.1,59.9 Z M17.9,59.9 L17.9,13.9 C17.9,11.4 19.9,9.3 22.5,9.3 C25,9.3 27.1,11.3 27.1,13.9 L27.1,59.7 L27.1,59.9 C27.1,62.4 25.1,64.5 22.5,64.5 C20,64.4 17.9,62.4 17.9,59.9 Z M34.5,21.1 L34.5,4.7 C34.5,2.2 36.5,0.1 39.1,0.1 C41.7,0.1 43.7,2.1 43.7,4.7 L43.7,21.1 L43.7,21.3 C43.7,23.8 41.7,25.9 39.1,25.9 C36.5,25.9 34.5,23.8 34.5,21.1 Z" id="Shape"></path>
</g>
</g>
</g>
</svg>
</a>
<p>© 2018-2024</p>
<div class="">
<a href="https://www.recordedfuture.com/terms-of-use" target="_blank">Terms</a> | <a target="_blank" href="http://www.recordedfuture.com/privacy-policy/">Privacy</a>
</div>
</div>
</footer>
<script nonce="" type="text/javascript">
window.page_data = {
magic_token: null ,
magic_user: false ,
overview: {
signatures: [{"indicators":[{"resource":"behavioral1/files/0x0006000000015682-23.dat","yara_rule":"Nirsoft"},{"resource":"behavioral2/files/0x0007000000023423-24.dat","yara_rule":"Nirsoft"}],"name":"Nirsoft","score":9},{"label":"modifies_execution_options_registry","name":"Event Triggered Execution: Image File Execution Options Injection","score":8,"tags":["persistence"],"ttp":["T1546.012"]},{"name":"Executes dropped EXE","score":7},{"name":"Loads dropped DLL","score":7},{"label":"fw_programfiles","name":"Drops file in Program Files directory","score":4},{"desc":"Checks for missing Authenticode signature.","label":"unsigned_pe","name":"Unsigned PE","score":3},{"label":"reg_hku_write","name":"Modifies data under HKEY_USERS"},{"name":"Suspicious behavior: EnumeratesProcesses"},{"name":"Suspicious use of AdjustPrivilegeToken"},{"name":"Suspicious use of FindShellTrayWindow"},{"name":"Suspicious use of SetWindowsHookEx"},{"name":"Suspicious use of WriteProcessMemory"}]
},
sample: {
id: "240622-axczpascnm",
state: "reported"
}
}
</script>
<script nonce="">
window.user = null ;
window.csrf_token = "tzBKmefNpCG7ZLsvC0wzDu6R1CdQxO6e2VSXin2Aj592dFWsMxWF0Bc3eWWuKhsEMYEcOmKpBFxLEZez9zMcnw==";
window.darkmode = false ;
window.permissions = ["view_samples:public"];
window.isPrivate = false ;
window.isPublic = true ;
window.nonce = "lU1849Awy/dmu2zyfdGzlw";
</script>
<script type="module" src="/static/js/ui.common.js?c=8ce3b8b"></script>
<script type="module" src="/static/js/ui.report_overview.js?c=8ce3b8b"></script>
<template id="end-mark"></template>
<div class="toast info cookie-banner article up">
<h3>We care about your privacy.</h3>
<p>This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our <a href="/policy" target="_blank">Privacy Policy</a>.</p>
<div class="button-bar">
<button class="button primary">Accept</button>
</div>
</div></body></html>