Trojan.MSIL.Agent.VTS
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Popularity Rank: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Popularity Rank: | 5,700 |
| Threat Level: | 80 % (High) |
| Infected Computers: | 651 |
| First Seen: | August 15, 2024 |
| Last Seen: | April 6, 2026 |
| OS(es) Affected: | Windows |
Table of Contents
Analysis Report
General information
| Family Name: | Trojan.MSIL.Agent.VTS |
|---|---|
| Signature status: | No Signature |
Known Samples
Known Samples
This section lists other file samples believed to be associated with this family.|
MD5:
0174b1c4f9962a943dfa818eb4e829c3
SHA1:
d2d7771876c0bd7aab6d304ef26b193ef0b09aa0
File Size:
278.53 KB, 278528 bytes
|
|
MD5:
3b63acce9e250d33a6f9e2b7bdbaddbf
SHA1:
844264c7f44342ce05db91e56df02f7e5e3bba1e
File Size:
157.18 KB, 157184 bytes
|
|
MD5:
4a9090e32d924084304811a1bcdf7fc1
SHA1:
05650a6b13cdf5ba0e7d6a49a79d6152ce65fc44
SHA256:
9595D6324DFCF2096D17EA63B2DC26428D72C4B54A20ED817275E8F0838842D1
File Size:
242.18 KB, 242176 bytes
|
|
MD5:
90491c01f090149e10b673503d1aef1e
SHA1:
61918a98e867c521bf79d207faf783c682590d24
SHA256:
FFC6FE71E2CAA83581F4107495641681C59221D15C9F8DC29BD3484787294908
File Size:
196.10 KB, 196096 bytes
|
|
MD5:
d48d0d6484273abcfdfca0ac7430f685
SHA1:
70fc1f38665764df9e114599515504cdebb7df08
SHA256:
735E576DEAC68C3D1CDE289B181AB869D4C9D1273B9AECC4646337FFF70B2128
File Size:
299.01 KB, 299008 bytes
|
Show More
|
MD5:
264f4d1f8d5d64481e8060cb46410f3c
SHA1:
03b4b96285238ddec3fd26c6ff8d7ab59d5e42f1
SHA256:
2E75B8923CBC74049C413E85838C09E16517F219CE45F3F7849EF55616053A79
File Size:
142.34 KB, 142336 bytes
|
|
MD5:
22039e10f23f2d86a81baa4dcd589c5c
SHA1:
4ba7eb3806bbba54c05035be3885aaeb3962cb20
SHA256:
120A2C86E40251123764DBAF62DBA0149AB82717EA8A257D7497474DE60EFBC7
File Size:
150.53 KB, 150528 bytes
|
|
MD5:
ca5db4d4c76b0f84b6221459d9007f39
SHA1:
fbad94c89643f0f32ece686bff36b51c9523f331
SHA256:
4ACE1E40305FD98FD6E87AD52BCD01D9634291CD1C31625B2AA434E8F96D6700
File Size:
299.01 KB, 299008 bytes
|
|
MD5:
28f845680e329433ab9ffb8e7d187971
SHA1:
55d3526a4cdacdb37c6859028880a983805d2b10
SHA256:
3A52206748483BC5054D5980530AD8A51E5193E72B58B554861B879A77879F25
File Size:
140.80 KB, 140800 bytes
|
|
MD5:
607e8058e85773951654fffbc45cdf17
SHA1:
1bf061ec58aff623a86f17b5e0e05eb2fd1eb243
SHA256:
8512EFC421CD92051B8DD1321008534F371C20745D1AA2F18556B980B63D7BBF
File Size:
173.57 KB, 173568 bytes
|
|
MD5:
95805514694bec477909374af8052bf5
SHA1:
743d72470cd70ace8461db7dcd902ecef364065d
SHA256:
1AFAE735692144C7D085304CB6C4F078160D4489D308062E8E5525C01B08CDD6
File Size:
140.29 KB, 140288 bytes
|
|
MD5:
6e0e8e925eb9a3258c94d52c39ac46b3
SHA1:
152461bd650e82b0453afb127be45918ca49881c
SHA256:
54E07CC610F7D964BFEBFB8BACA849BA7B144484E61A256DEA29451DDCACD6AF
File Size:
153.60 KB, 153600 bytes
|
|
MD5:
c14fff31bf2c63a2f6d7d96098299dab
SHA1:
c86fb5260aa9598c3e0110c280a56d02629e7b6d
SHA256:
0ACAB765807845647AD34E5FA2DF5A79FEB5D59308D698196F9FD3EF88F8D880
File Size:
147.46 KB, 147456 bytes
|
|
MD5:
709567a01eacb651360d7b9efcbdd77f
SHA1:
5608a469395b5ce4e0a6e47f73b3547de8ca79d2
SHA256:
833BAC17C7687AFC1C6527D9E16F52D5F8DC611AC8DB583DB28F90AFD24683BA
File Size:
161.28 KB, 161280 bytes
|
|
MD5:
30410dd0c1b03573ccbcba7d9471ca1b
SHA1:
f7f9cc7aaa01bd206dcee1edb889216c63f86ac6
SHA256:
DF7886DA1C30573ED1FF11EDA167A60C72255726AEA4B8DB19FAA41823B82405
File Size:
139.78 KB, 139776 bytes
|
|
MD5:
97f11ef3b939f0d176033db937bcfffd
SHA1:
798bb79668704b6063c5340962af827b71958ebb
SHA256:
8F714C6E4C4734BEB8250B3AD39F7E0300F8823B462A4029640314405468516C
File Size:
266.24 KB, 266240 bytes
|
|
MD5:
bcdd0a5c0a3f3961d08cc05bad23d37c
SHA1:
125f84764cc1fe3dc3f6f3ddc2567da3bc766ab6
SHA256:
8130E6D70E59CD6F63A999683B782B393D4E83C9C8102BB3752831C21A34D862
File Size:
165.89 KB, 165888 bytes
|
|
MD5:
c893f5d726b9779c3b8a0309c4b2d1c0
SHA1:
1b218a0cf49c2a2593fc3d1f1b28934a066db48e
SHA256:
CA2978F4BEEED2A1502C773D68E7A7D3837968D6F8DAFA3600B31118738A4484
File Size:
123.39 KB, 123392 bytes
|
|
MD5:
810009e0130d6a8d470a4ba115982c40
SHA1:
56cedcd6cc3da3b136da081a8834176f5f0ec1a2
SHA256:
8EA8C0064904FF456BE25B1F233B1E6C9EA5FE3BEEDF3B1217FF871B36F38627
File Size:
155.65 KB, 155648 bytes
|
|
MD5:
ba1ff6309538cfa0f1891ce19fb49d9e
SHA1:
939853e93a8d007918bb3bae407f2040fa8aaf78
SHA256:
1C3705B352C441BFFAFEF58C2564B4655B13B0DD0D3054931B6D51E9F25E6D5C
File Size:
208.90 KB, 208896 bytes
|
|
MD5:
cebf3714294e44fb916dc40c6454e91e
SHA1:
a9ccb65e80d1fedf2db375a67cab83e064f0b962
SHA256:
5EA8DBDA64423BC12AE08DC8946630777277B8CDF7CFD27EBFD1F9CA689F743E
File Size:
200.70 KB, 200704 bytes
|
|
MD5:
19f2fdba1d0e4f0c1c3e1e56f551f1ad
SHA1:
b197326416faf20e082c7205cc44a3645afb4753
SHA256:
C67D4412F165A13BC3D3626898F1A908DB43C51C9293D92C6814BB64E7F36FCD
File Size:
159.74 KB, 159744 bytes
|
|
MD5:
fa8d8a7b65a1b9919252120ef926cf7f
SHA1:
80083273b24d5d01df9e6630d79d6001b9816992
SHA256:
AF69C39AF05D4CBCEF6B7F9FE29B1279EA72DF69660F74CDCF4A39F2E00D270A
File Size:
162.82 KB, 162816 bytes
|
|
MD5:
07cd5b4d30a7f63f112be728ff52f081
SHA1:
0f6bbc21ba63bf0900512bd4c2d513ef90e0136d
SHA256:
40A4CC24E13195A29F475C26374B8B0FD4E3E4D298161BAE76FB0F62B7CA50B0
File Size:
151.55 KB, 151552 bytes
|
|
MD5:
b76a878a660ffbdc5a80819c36d4058e
SHA1:
f36350e2c1e99f9bc3d5fd6e5f44ad61802bd8c1
SHA256:
36FA07F9DED031038D4389E4E0B942342C7E2AC7A7F42E3FE923F002E95B56FB
File Size:
151.55 KB, 151552 bytes
|
|
MD5:
62f722aa70bfd30b950c9fef2c13f953
SHA1:
b3c4f72a2cbddd453df9ae686525c1d29a8990a3
SHA256:
55FEB46E96E529A95D458931E9CD65BB891E17C07D3ABC75763F181CC75137B0
File Size:
290.82 KB, 290816 bytes
|
|
MD5:
8c93ecdc4addf7818cce332e167840b2
SHA1:
07feed99c75ded4f511f3b83449f6fb93fc756e2
SHA256:
AB846F59638B183D42AB65662077152CBCAC5B71910757961AD4BC7B3D5B7FFC
File Size:
274.43 KB, 274432 bytes
|
|
MD5:
2a1402bd8153c3ee040f25e3fd9aab2b
SHA1:
178d01ea3474788abe07d5cff0a3d9b913ab0b72
SHA256:
6F7B2ACE085667B9D2409017AEF328CF24AA22612411E5C4B91A479E912933A9
File Size:
174.59 KB, 174592 bytes
|
|
MD5:
7a65b1367269cf60ed5b5d96b7b69327
SHA1:
6dae111ad8b732750008f8ddc187e690e49433e2
SHA256:
CEDBC649E855941098A53F803D211A0984CA3BE00EE7ED0B8599CC0585A3F0B9
File Size:
160.26 KB, 160256 bytes
|
|
MD5:
cc4d34ffef66b673ea398c98e2c864d7
SHA1:
7461ce1df86e0cbc04edcb94d29245f9283eec71
SHA256:
85E269122658EE0BA724B989953CB6D64AA8D03F43FCEDED47F8A0147D679D49
File Size:
254.46 KB, 254464 bytes
|
|
MD5:
f65e20568dec36493e524b4d42c9b033
SHA1:
082a2772c413db8a7caec887c525e9051cd0bf0a
SHA256:
3DCA051594B57E2FFF68FDD030360C364A4B247085D682756CA24565953F3F03
File Size:
208.90 KB, 208896 bytes
|
|
MD5:
12301c9f2b33c8f70f51ed29460f42e6
SHA1:
70c4c75aec4233c804ed969e1040121689b04829
SHA256:
288EF26662A3BA2C55B0A00ACC1452881864E6E51319035353FBC8DFCE946719
File Size:
137.73 KB, 137728 bytes
|
|
MD5:
6c96224c99c9c52781dcef8bd7941500
SHA1:
cab233c89ca2522edb0733d5c60f0b80976eaca9
SHA256:
D061B3A755B2699ACC9167EFE2D360B4D74DF6D757AB80887A977530C8695B38
File Size:
147.46 KB, 147456 bytes
|
|
MD5:
c529c9ba071d2454f395519701d7b37e
SHA1:
031df9d28f888094d6df66b260104ede3fd05d36
SHA256:
D4187C1C7365B216D9132FBB2377BF77E49B50E915F4388145571AEFBAC97B13
File Size:
146.94 KB, 146944 bytes
|
|
MD5:
25719c1ef3e2c3b2fc4123b0375823cf
SHA1:
782dceb94704992253e3fbde4504f6dba544fc0b
SHA256:
F6AE146BED3C71EF4EEB772EA080D0ADEEDCF7A3A35D8AD90879DB3784AD4DC9
File Size:
163.33 KB, 163328 bytes
|
|
MD5:
0aa34f68a98552565dd7f2b6fda29de1
SHA1:
1d4b9de409e6be332d6aa7da6b65e395c9e76b83
SHA256:
5DA9A1053A08D518D8F37AA7C9791AEBAEEAAAD2408F8C001E86903B083ECC69
File Size:
144.38 KB, 144384 bytes
|
|
MD5:
cf3796703d56788d85bfccab50a8340a
SHA1:
2c5278bdd3d1f9ba98d77dea4e78a00c97d5ab21
SHA256:
F72501006FD0223EB23A8F68A2189AB1CEBEC6B53CFA4254D3EAE192E4452F57
File Size:
152.58 KB, 152576 bytes
|
|
MD5:
c390d7147b46fb9403159315ac49a162
SHA1:
5518482adb2ad49d1f2ded7b806e19ca901df95d
SHA256:
9370E5436E64467774724D87814465861C19B46375486C603DBF2AFECEA5D675
File Size:
278.02 KB, 278016 bytes
|
|
MD5:
78961964294ca5501b89b3d96886ba00
SHA1:
86d6335bc7830120ab52eaae507378e133bbede6
SHA256:
B4BB7DE6F5E2DF6A05D15EC2F6056C12E5B6793E63D7D55F4866CE9D52F9E371
File Size:
136.70 KB, 136704 bytes
|
|
MD5:
55bbe1f5a62b4868bfec1b80be0073d6
SHA1:
628888bd8dc89d52bbf211154d4ea4d0a80e8afb
SHA256:
9545ACAC25F17654208C1DBBEEDFE128E64B19EF280A6E42D66764AE458F6CC2
File Size:
225.79 KB, 225792 bytes
|
|
MD5:
c5a6717559c5ef1eb17faf6119c55ae8
SHA1:
25de83ec4738998a34fcb81c3b52c23e86389436
SHA256:
F9E8D81BB8427EFC97B2AE1DC626793C71FB94B36D2EC26C15F6F59762362784
File Size:
266.75 KB, 266752 bytes
|
|
MD5:
c4b35d6572ecf979ba2c48ff26022dd8
SHA1:
36932ed95c05ed8aa779dd108deb5fea8111c800
SHA256:
DFA337D420D2E3603D21F60EE3236A778EB6379FB467E0247E32B87F154F0D76
File Size:
140.80 KB, 140800 bytes
|
|
MD5:
879b3ee6031898e35abf6f468783bd88
SHA1:
9abe37791d25e7fd55ef217b623e55c832121fd9
SHA256:
79953BBB9DEC70F6BF77A2A1D5F9017B50D2E9F65D4DACE5946FF1B87323892B
File Size:
266.24 KB, 266240 bytes
|
|
MD5:
54806357b22a7e8d5b43b417f7b81c19
SHA1:
ed046b2e7b058bcbb0654d697d029acf765db7a3
SHA256:
E83FC16F9EC4AEEB0057BE016A693459F5CEBA7EE9392892FF58ED98D1C4EDBA
File Size:
150.53 KB, 150528 bytes
|
|
MD5:
be65c66251aa90fc1f2920b22228b1da
SHA1:
d543c5c4c7bc94ce9658977e3896ccbcf6190bf7
SHA256:
534CD0A33334CF802306AFEC45DD464243211044D4416967E81713DBA39FE9FA
File Size:
232.45 KB, 232448 bytes
|
|
MD5:
ef127bbc3afd81b23a0be034e2badf21
SHA1:
8489119f62df8da23446bfbe9d998ce75a3682ed
SHA256:
CF6C1258363B106B5C9E5752F38482E2CE84EFB5E8A21BAAA7960FB3F9F3266E
File Size:
147.46 KB, 147456 bytes
|
|
MD5:
f537a4dbd9aa7c98aa87283b401e6872
SHA1:
09089451680f3d32a5b39d428f89ff17d04e3c96
SHA256:
C23FD068834EB803D8B83961B4510218FC92213BA7098E662E7439F0A00153F9
File Size:
245.76 KB, 245760 bytes
|
|
MD5:
2266b0b54a3f1d10020925a0c761cb26
SHA1:
f3285f316c8904f907d7b765710dcc3c64383a19
SHA256:
F8FF347D9FB6A829E176C5B187A26C86C000A9C619A63C9173B1C439BEBECDFB
File Size:
145.92 KB, 145920 bytes
|
|
MD5:
5a54e1a86264b766d7006924d14d32b1
SHA1:
a46b2a435e778190800d845296220282620bf736
SHA256:
627FD06C6620688C0BA6A36EF705444F98E8A645F244DB3207EAF7190069E101
File Size:
144.38 KB, 144384 bytes
|
|
MD5:
7d17281039d1c12e6e5504c8e044f1e9
SHA1:
72b7a40cc2d34fb6b607fae6564b039123b188dd
SHA256:
B0B04FC29AD3DD1B5FC48B04E1394BAC1AAD01996FBF75F51974911D4DD20D37
File Size:
157.18 KB, 157184 bytes
|
|
MD5:
b13142c89e2fbb855d425d18ce8a3fa8
SHA1:
a926c671d6c7231d7139f3b9eac154b27855e3e8
SHA256:
B9C98C203802804C36D545C6843DD9595BF75111783E8242790204E5A7DB5EA0
File Size:
146.43 KB, 146432 bytes
|
|
MD5:
7e22c4b3f47c8ee50e35b1c0f8266155
SHA1:
0ce1e0acdcfa6da00f678fb8198787049cf9b95a
SHA256:
0600396D5D1B736B4B9E3D4E0849F3816C2AE19873A14F1AB090659BB21670E7
File Size:
147.97 KB, 147968 bytes
|
|
MD5:
8c5fc3d7a4cd4cafd4cf2adf53ee7249
SHA1:
7b26c4d0b68416ec030f698f9820d803e6c27465
SHA256:
91A91FC4874D4BA9A1B0DC2F01C81DAB6E27AB9AEAD5197D345BD7AF3A48AA0F
File Size:
139.78 KB, 139776 bytes
|
|
MD5:
172b8c835e3ae95bb9b1631227f62115
SHA1:
fe4965f10c0b4d189888772685d5b6636d825fc6
SHA256:
896D938C9583A87271B25B931A96F5B993DF9B489BF0EF942F149B41ACC74899
File Size:
243.71 KB, 243712 bytes
|
|
MD5:
767253e07464ce9e9daa722bb4b949e4
SHA1:
cad41b426a4101c880b4df8cd0d79c5d57f82304
SHA256:
D550BEDC3DE953D37DA4444F51D319F0E8468A73AEC8936D3061E406458F09EC
File Size:
155.65 KB, 155648 bytes
|
|
MD5:
825b7ca8eec4f91b46e532821a556b78
SHA1:
4d2a139de2bf8984d157b02b3cd930c29a3fd7b4
SHA256:
4C54CBC1A50B39E90BF33A99CCC4B2A22DDA5C221C181FEF793B16E968618BA0
File Size:
207.87 KB, 207872 bytes
|
|
MD5:
7a4e63f80e72d3468c9802578f2a64a8
SHA1:
72d1653357775506d868f332c9b95d23b4da08d3
SHA256:
45CE2E070B311764B8457C4F210001194140ACA916C6D94A991CA61E344489BC
File Size:
249.86 KB, 249856 bytes
|
|
MD5:
93ca97d38a5f497a5209b1b7ae81cfa5
SHA1:
454c64ed729b8e6eab413f5606a8b8d6ab86ae70
SHA256:
270BC01D4C473BFD6A3D7A59DBFB84299662465ACA704DD08C96BE95394081BD
File Size:
267.78 KB, 267776 bytes
|
|
MD5:
1b95fb290aa377e2c805f0025687e4f5
SHA1:
9702d96ec7e1f9509ebdcdd12dfc72c57a403cf6
SHA256:
D1FA44705B87B94235C4594E1152950572C1C4CDD2E910F5A87E8F854B258386
File Size:
144.38 KB, 144384 bytes
|
|
MD5:
395460bd093624c198eb7328ac80aaee
SHA1:
8192e26d16766d19433df3817a02e10e5a83bb0c
SHA256:
59601D08F1485697FF656617840813AEB17EAFDAA1BF8E115CA889A747C3B713
File Size:
159.74 KB, 159744 bytes
|
|
MD5:
a820ef40fbe8789838c563d376051bd7
SHA1:
01de0c074321ab2653aca9298a6541cf7aa9579f
SHA256:
F4F0A7ECD47DDB3657E6BF92B95E0C9AAB0FADCE48D45F4793A02D668BE36F50
File Size:
138.24 KB, 138240 bytes
|
|
MD5:
14d67cc924d9296edffa93adb2e3681c
SHA1:
9a72f73e27a88035a39f3bdb1f88273f4ffb1d99
SHA256:
18EB856D1774D1DA4D1433C6643C30ABA51A7C394C0C7633904F16AC3D6E1404
File Size:
253.44 KB, 253440 bytes
|
|
MD5:
af935ee7fb946aa314e7593d162557b0
SHA1:
46993a29852eceb8aa12c5f68ffd1835d979a253
SHA256:
0D466A9B28E032D9431C4BD67BF5396B4FC2859A1BD402752B47BC168AA2DBD9
File Size:
166.40 KB, 166400 bytes
|
|
MD5:
ee3048ceba30f4aa20b84686c931890e
SHA1:
32f5f5ebf12a86ca8467104379c6f817cd955413
SHA256:
0F3DEEB7EAB7278DF69E3744D35D4E25846AD8D6B344C84AFAD90D1A6F6C4C82
File Size:
252.42 KB, 252416 bytes
|
|
MD5:
9a58e230499361ae47eaec495679a04a
SHA1:
a2eda13239e73228077382bc6727a8f2e7a33ed2
SHA256:
79743DA2B50E1A34123D03F2CCDA9C3273076CA4D55EF437723C5C30C1975C8C
File Size:
154.11 KB, 154112 bytes
|
|
MD5:
20c77c6b523f42654935b57e561cedc2
SHA1:
e7f5ec117d2ffa68f3e84cc9658457cb2220f5e4
SHA256:
B0802C1FA294AF9EA921B00FBA78AC2D7DBF14823807BA99A44D90E96A5AA6AC
File Size:
134.66 KB, 134656 bytes
|
|
MD5:
057546e6514357276b03c6de6b6ae6bf
SHA1:
2bb7da93ceb08bbc18eca7bc57ac706c38919ef1
SHA256:
B7C85AC892BD8EFBCABD2926A1EEFAB530A49CD636219A87741AD6FFA9A00979
File Size:
241.66 KB, 241664 bytes
|
|
MD5:
9a2983c4417c4c3b1bb6bcae2723b8ef
SHA1:
50301fab04c293a8f71ca23426b02e713630f8a0
SHA256:
E5BD3858F8BBE0A79F3D59B6C0670128E21D4101270EA963882BE81355501279
File Size:
148.99 KB, 148992 bytes
|
|
MD5:
897aa4e37cc189abd7ae67632598ef2f
SHA1:
736d55530d7acdc511cfb3722cda46c68ed82e2d
SHA256:
3D9044DC48F7C673F6D9A388DBDC3ED89D33EF20104626E458BB3AF532653BDD
File Size:
282.62 KB, 282624 bytes
|
|
MD5:
6c9ec24407ade6cb9c17a1d03cc5d743
SHA1:
4771dd8ab81dfc41b6a8648d916d8531d3435b53
SHA256:
CF71598131A794FEA08CF020C4F652760E010141A7B6C0BBCA1DBEC97E7BFF66
File Size:
206.34 KB, 206336 bytes
|
|
MD5:
f66aa56caae6ae1e5ce691f421a11838
SHA1:
be1d0525a2f1b328cb8602aed2de3fe62c64f3c4
SHA256:
025CE33C2B6380E2B04610B58FFD6C243E6AF3C822EC5CC76BC4B4C52EDD86A1
File Size:
163.84 KB, 163840 bytes
|
|
MD5:
2ed771ea1b871f5e1a2a5fd6bee01292
SHA1:
05779519f2f908036fc1b9848e142f5f5081f49c
SHA256:
BDC44DFAB197DBEECDDA94D332E649702B830BD101B624354665C414B2E3C14F
File Size:
141.82 KB, 141824 bytes
|
|
MD5:
c091c39c19e84a49b5be44480cfb6703
SHA1:
826a8e9a83eceeb80b6ee34fdf2de342183040a4
SHA256:
12BF3375CA1BB13442A4A7FA96D7A8DFA7C2A184438977DD3E0A12944E6D553B
File Size:
192.51 KB, 192512 bytes
|
|
MD5:
fe932bf23891b7cf0ac4b23bb5687860
SHA1:
8148a04d192eb04066913ec125f667425347b755
SHA256:
9AE105AB151ABF5B9D08D9FFF996960501A14020FA99812C3B3172180DC583F5
File Size:
258.05 KB, 258048 bytes
|
|
MD5:
9f8967e44143217052ca41e0e542767b
SHA1:
a87c1a4803fa5a2995dd18f98109d14169b359a6
SHA256:
47AD47952DAD355748475323DCA9AD38F4357E3EC8EE949D964B0E34A478BAE3
File Size:
153.60 KB, 153600 bytes
|
|
MD5:
47f625497d65bc7429d62b4bbfe136f2
SHA1:
88963f23092b03dfa67ed63a141d1a621c471b9e
SHA256:
831D435C32BCD960CECC4F40D7F1D73F665FE5F951806C437C0E5BFCA9EB9BBA
File Size:
139.26 KB, 139264 bytes
|
|
MD5:
7480849b96e663b9c3187dbdb6589b96
SHA1:
c8fa81b0c9f216d671611f410bf8478b5f53a1fa
SHA256:
F5BD7FBF27478EF8C27DE837879FF21A46B147C2B123693C33C835018BD9B06B
File Size:
263.68 KB, 263680 bytes
|
Windows Portable Executable Attributes
- File doesn't have "Rich" header
- File doesn't have debug information
- File doesn't have exports table
- File doesn't have security information
- File has exports table
- File is .NET application
- File is 32-bit executable
- File is console application (IMAGE_SUBSYSTEM_WINDOWS_CUI)
- File is either console or GUI application
- File is not packed
Show More
- IMAGE_FILE_DLL is not set inside PE header (Executable)
- IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)
Windows PE Version Information
Windows PE Version Information
This section displays values and attributes that have been set in the Windows file version information data structure for samples within this family. To mislead users, malware actors often add fake version information mimicking legitimate software.| Name | Value |
|---|---|
| Assembly Version | 0.0.0.0 |
| File Version | 0.0.0.0 |
| Internal Name |
Show More
|
| Original Filename |
Show More
|
| Product Version | 0.0.0.0 |
File Traits
- .NET
- dll
- x86
Block Information
Block Information
During analysis, EnigmaSoft breaks file samples into logical blocks for classification and comparison with other samples. Blocks can be used to generate malware detection rules and to group file samples into families based on shared source code, functionality and other distinguishing attributes and characteristics. This section lists a summary of this block data, as well as its classification by EnigmaSoft. A visual representation of the block data is also displayed, where available.| Total Blocks: | 40 |
|---|---|
| Potentially Malicious Blocks: | 20 |
| Whitelisted Blocks: | 0 |
| Unknown Blocks: | 20 |
Visual Map
?
?
x
x
?
x
?
?
?
x
x
x
x
x
?
?
x
?
x
?
?
?
?
?
x
x
?
x
x
x
x
x
x
?
x
?
?
x
?
?
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block
? - Unknown Block
x - Potentially Malicious Block
Windows API Usage
Windows API Usage
This section lists Windows API calls that are used by the samples in this family. Windows API usage analysis is a valuable tool that can help identify malicious activity, such as keylogging, security privilege escalation, data encryption, data exfiltration, interference with antivirus software, and network request manipulation.| Category | API |
|---|---|
| Syscall Use |
Show More
|
| Process Shell Execute |
|
| Anti Debug |
|
| Process Manipulation Evasion |
|
Shell Command Execution
Shell Command Execution
This section lists Windows shell commands that are run by the samples in this family. Windows Shell commands are often leveraged by malware for nefarious purposes and can be used to elevate security privileges, download and launch other malware, exploit vulnerabilities, collect and exfiltrate data, and hide malicious activity.
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\d2d7771876c0bd7aab6d304ef26b193ef0b09aa0_0000278528.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\844264c7f44342ce05db91e56df02f7e5e3bba1e_0000157184.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\05650a6b13cdf5ba0e7d6a49a79d6152ce65fc44_0000242176.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\61918a98e867c521bf79d207faf783c682590d24_0000196096.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\70fc1f38665764df9e114599515504cdebb7df08_0000299008.,LiQMAxHB
|
Show More
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\03b4b96285238ddec3fd26c6ff8d7ab59d5e42f1_0000142336.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\4ba7eb3806bbba54c05035be3885aaeb3962cb20_0000150528.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\fbad94c89643f0f32ece686bff36b51c9523f331_0000299008.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\55d3526a4cdacdb37c6859028880a983805d2b10_0000140800.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\1bf061ec58aff623a86f17b5e0e05eb2fd1eb243_0000173568.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\743d72470cd70ace8461db7dcd902ecef364065d_0000140288.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\152461bd650e82b0453afb127be45918ca49881c_0000153600.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\c86fb5260aa9598c3e0110c280a56d02629e7b6d_0000147456.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\5608a469395b5ce4e0a6e47f73b3547de8ca79d2_0000161280.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\f7f9cc7aaa01bd206dcee1edb889216c63f86ac6_0000139776.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\798bb79668704b6063c5340962af827b71958ebb_0000266240.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\125f84764cc1fe3dc3f6f3ddc2567da3bc766ab6_0000165888.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\1b218a0cf49c2a2593fc3d1f1b28934a066db48e_0000123392.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\56cedcd6cc3da3b136da081a8834176f5f0ec1a2_0000155648.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\939853e93a8d007918bb3bae407f2040fa8aaf78_0000208896.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\a9ccb65e80d1fedf2db375a67cab83e064f0b962_0000200704.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\b197326416faf20e082c7205cc44a3645afb4753_0000159744.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\80083273b24d5d01df9e6630d79d6001b9816992_0000162816.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\0f6bbc21ba63bf0900512bd4c2d513ef90e0136d_0000151552.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\f36350e2c1e99f9bc3d5fd6e5f44ad61802bd8c1_0000151552.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\b3c4f72a2cbddd453df9ae686525c1d29a8990a3_0000290816.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\07feed99c75ded4f511f3b83449f6fb93fc756e2_0000274432.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\178d01ea3474788abe07d5cff0a3d9b913ab0b72_0000174592.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\6dae111ad8b732750008f8ddc187e690e49433e2_0000160256.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\7461ce1df86e0cbc04edcb94d29245f9283eec71_0000254464.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\082a2772c413db8a7caec887c525e9051cd0bf0a_0000208896.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\70c4c75aec4233c804ed969e1040121689b04829_0000137728.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\cab233c89ca2522edb0733d5c60f0b80976eaca9_0000147456.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\031df9d28f888094d6df66b260104ede3fd05d36_0000146944.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\782dceb94704992253e3fbde4504f6dba544fc0b_0000163328.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\1d4b9de409e6be332d6aa7da6b65e395c9e76b83_0000144384.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\2c5278bdd3d1f9ba98d77dea4e78a00c97d5ab21_0000152576.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\5518482adb2ad49d1f2ded7b806e19ca901df95d_0000278016.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\86d6335bc7830120ab52eaae507378e133bbede6_0000136704.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\628888bd8dc89d52bbf211154d4ea4d0a80e8afb_0000225792.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\25de83ec4738998a34fcb81c3b52c23e86389436_0000266752.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\36932ed95c05ed8aa779dd108deb5fea8111c800_0000140800.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\9abe37791d25e7fd55ef217b623e55c832121fd9_0000266240.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\ed046b2e7b058bcbb0654d697d029acf765db7a3_0000150528.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\d543c5c4c7bc94ce9658977e3896ccbcf6190bf7_0000232448.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\8489119f62df8da23446bfbe9d998ce75a3682ed_0000147456.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\09089451680f3d32a5b39d428f89ff17d04e3c96_0000245760.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\f3285f316c8904f907d7b765710dcc3c64383a19_0000145920.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\a46b2a435e778190800d845296220282620bf736_0000144384.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\72b7a40cc2d34fb6b607fae6564b039123b188dd_0000157184.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\a926c671d6c7231d7139f3b9eac154b27855e3e8_0000146432.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\0ce1e0acdcfa6da00f678fb8198787049cf9b95a_0000147968.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\7b26c4d0b68416ec030f698f9820d803e6c27465_0000139776.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\fe4965f10c0b4d189888772685d5b6636d825fc6_0000243712.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\cad41b426a4101c880b4df8cd0d79c5d57f82304_0000155648.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\4d2a139de2bf8984d157b02b3cd930c29a3fd7b4_0000207872.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\72d1653357775506d868f332c9b95d23b4da08d3_0000249856.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\454c64ed729b8e6eab413f5606a8b8d6ab86ae70_0000267776.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\9702d96ec7e1f9509ebdcdd12dfc72c57a403cf6_0000144384.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\8192e26d16766d19433df3817a02e10e5a83bb0c_0000159744.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\01de0c074321ab2653aca9298a6541cf7aa9579f_0000138240.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\9a72f73e27a88035a39f3bdb1f88273f4ffb1d99_0000253440.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\46993a29852eceb8aa12c5f68ffd1835d979a253_0000166400.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\32f5f5ebf12a86ca8467104379c6f817cd955413_0000252416.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\a2eda13239e73228077382bc6727a8f2e7a33ed2_0000154112.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\e7f5ec117d2ffa68f3e84cc9658457cb2220f5e4_0000134656.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\2bb7da93ceb08bbc18eca7bc57ac706c38919ef1_0000241664.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\50301fab04c293a8f71ca23426b02e713630f8a0_0000148992.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\736d55530d7acdc511cfb3722cda46c68ed82e2d_0000282624.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\4771dd8ab81dfc41b6a8648d916d8531d3435b53_0000206336.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\be1d0525a2f1b328cb8602aed2de3fe62c64f3c4_0000163840.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\05779519f2f908036fc1b9848e142f5f5081f49c_0000141824.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\826a8e9a83eceeb80b6ee34fdf2de342183040a4_0000192512.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\8148a04d192eb04066913ec125f667425347b755_0000258048.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\a87c1a4803fa5a2995dd18f98109d14169b359a6_0000153600.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\88963f23092b03dfa67ed63a141d1a621c471b9e_0000139264.,LiQMAxHB
|
C:\WINDOWS\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe c:\users\user\downloads\c8fa81b0c9f216d671611f410bf8478b5f53a1fa_0000263680.,LiQMAxHB
|
