Trojan.Agent.LGR
Table of Contents
Analysis Report
General information
| Family Name: | Trojan.Agent.LGR |
|---|---|
| Signature status: | Self Signed |
Known Samples
Known Samples
This section lists other file samples believed to be associated with this family.|
MD5:
dfd97f5ad03c740dc766753be26b8c4f
SHA1:
64078c4d68268a061075c4864527c239f972e729
SHA256:
BCD43BBBB3F246E03CD3C2962AB32D9D6F3E44E700AA5597E1FA76FF2F1A3FF5
File Size:
83.31 KB, 83312 bytes
|
|
MD5:
2967cc7b1ed8edc036486e21d0e8408f
SHA1:
4e5afe54116ee0ddca3976807339e4d33bc657f6
SHA256:
A42C8E3B1899954B002FC6CD31B4FB6F4000B84C20BA6CCFA77B32A0D1527C28
File Size:
83.46 KB, 83464 bytes
|
|
MD5:
9e1e63ea19662525ab13aff24e840d80
SHA1:
74456cbf45122efb4abf05a9a18b7d7db984c2b2
SHA256:
969D3BCDB671094D6C8DC65FD0A52110BB85C3D335F1869CFEE5FFFEC343847D
File Size:
83.33 KB, 83328 bytes
|
|
MD5:
d9ef74b7c3a31a44d11930e81902f52e
SHA1:
c997597960d521fed29a417764cb6f21ed9c2d37
SHA256:
2D00317D0B38B63C8E0829C878745E93612E7CF326B38D612F98F6E7B7AE5DE0
File Size:
83.43 KB, 83432 bytes
|
|
MD5:
50341dabf3941d5a8773b46c6edf7015
SHA1:
7f5b0febaa754aececdc22860f835227e89bc0f0
SHA256:
67F5FAABEC80E2D2A3879535DFC690D6C5F8F387BE9B113C7F730A8CE48A1DC9
File Size:
83.38 KB, 83376 bytes
|
Show More
|
MD5:
3f6a58de5fe1fa080a750bd166ce97d1
SHA1:
e21974cae52500c55e55ef3c8493be9b98dcd516
SHA256:
8104A4C7E05C4FBA8F2AC1EF032EA7179CBA21B8A6062126576F51010A1A5E0D
File Size:
83.42 KB, 83416 bytes
|
|
MD5:
d4c2ef47ce313c9f9b43ad77dbd5214e
SHA1:
21ee5773f5ed34cc871c5777d9207dcd469c4d81
SHA256:
96C2C8D6314B2714369F5A30E6DC555B4FC357B63771AC995A382FCF49E5D003
File Size:
83.40 KB, 83400 bytes
|
|
MD5:
03e6f3c7fd92f8009ad2de01ca857f6d
SHA1:
fb3e74a459fb5222a80e3c3dc68ee29ad990d135
SHA256:
3119D429BDE99D82084AE7FE80DA8B8EF909751DF5C6DB6FF73F87FA8E88686F
File Size:
84.34 KB, 84344 bytes
|
|
MD5:
f7a9f0f37c99b44c2c1f1f931ecff746
SHA1:
d63996fc86c8c7dcec2af5f38be7c43c7f90337b
SHA256:
1BFEABF99599C8AA18EC07071B332670B9E53F6048EDE4204C6289D799DCB08F
File Size:
83.32 KB, 83320 bytes
|
|
MD5:
9abaa87bea799415c778a009a6cfd189
SHA1:
ffb6342a72bb4ace1f14cd2eb34f82591a46da83
SHA256:
AF35D3EC1C5EF02E65DD005706559AE17A72A8676B340B8E7807B38EC2012107
File Size:
83.34 KB, 83344 bytes
|
|
MD5:
4b31d1b7b8db3f4c84bbf975f95dfca0
SHA1:
873b8033cdc36f08ad026d31a92058fe1724faf1
SHA256:
17A3AFC10FA28F4A3A2508C19393E6B5F1DBB43CCE2BC50ED741A0C338AE8A63
File Size:
84.43 KB, 84432 bytes
|
|
MD5:
41f13352f3afbea77359b32a965a0944
SHA1:
9244e104414eb5a00fd64d7c9c42c7d2c11190e3
SHA256:
749530AB577370754AD13A6733E3E05649FDFD62B7A6A5691679CCEC0B4EE882
File Size:
83.35 KB, 83352 bytes
|
|
MD5:
4f3b5094318cfc5b974f6ed24a722a0c
SHA1:
19f5f317fe591064be83fbf550c294049de08965
SHA256:
190C30210DE423A0E3FF3FC42F00E1E9283D853AAE8FA8FDD420AD082F8FC033
File Size:
84.43 KB, 84432 bytes
|
|
MD5:
033511ae787bc3f19a4a1d7017994d2c
SHA1:
de633c7d5d45ef0bdb56efbacded11f010650a32
SHA256:
0D892291627A68846D71DCD765C8077B2007D962D010F396E5159FCD1C9BFB1B
File Size:
83.43 KB, 83432 bytes
|
|
MD5:
9d3e7d2eee044e478255b204b16cb909
SHA1:
3a5d2072a164875340a4ffa6635d536cc63da6b6
SHA256:
508E76D842A335F9676650CE10A81093715B11D907B1732BE33F0B9B2E1CAA1C
File Size:
83.51 KB, 83512 bytes
|
|
MD5:
0b497115e13b0632ed92bceb7abb3ef2
SHA1:
6fe1aeefa5b84f6128d6ca7d4b4b31d8fa6cdcda
SHA256:
41B3AB8E4AFEEBAE50F4B9B445CBA82AC967678350DA8D44EB8384CFDC325C1E
File Size:
83.43 KB, 83432 bytes
|
|
MD5:
cfdc49836b638bf6c445cfe36a4f7736
SHA1:
4c71fdbd5d6749619a8eba2a44be74d074898eaa
SHA256:
D4C66D0C5A5E76060473729F43E31B96CC4A9CDB34E66EB1C746775F2172BD99
File Size:
84.43 KB, 84432 bytes
|
|
MD5:
76cce325c1d75faecc83bbdc76e107d1
SHA1:
be988dee9f4ebb6f6649cc25314b7a5f230c5398
SHA256:
1A8CA03422F12EA27540010566A9F63505AB620C847C25D5A57AB8684D29EF6F
File Size:
83.33 KB, 83328 bytes
|
|
MD5:
fd86ed99122a361acd2c75dcd52dcdf9
SHA1:
ab8ef4c6e83e47fb7b9c3ab2fdf4b830edee7af6
SHA256:
26C466EEF83C60FCD911E909AB882FC134DFEFF2E4C2635489B904B24CC08FA7
File Size:
83.35 KB, 83352 bytes
|
|
MD5:
86ac06a31daeba68a4d732bbeec9641d
SHA1:
f4c9fca81742f61c6ee0f4b386737ee2209f910d
SHA256:
14B47D341E51A9876F69BCC90485552B536D542665D70A9A7E3C610890C1E61D
File Size:
84.45 KB, 84448 bytes
|
|
MD5:
39d69edac2db0d336b5d20049c947c72
SHA1:
31703013100df623c4ce260888f9fad3cde5811b
SHA256:
AECBC6E0D75BCED993E6878E08C3DF5A198DF472ED304B0775A3CFA318CB0994
File Size:
83.42 KB, 83424 bytes
|
|
MD5:
78d66b76f82a85811189aec31332c08c
SHA1:
7ab7abf67c18a3e621403bead87e1cd80e8688a1
SHA256:
92413687E8657CF8F83EF25B69548DFEC96564B7B891EDAED422D13C73AAE767
File Size:
84.44 KB, 84440 bytes
|
|
MD5:
04f706e0c136c1b8906a06db255a5395
SHA1:
b6a2529cedef461ce29b9d1cffd85246c0b42e88
SHA256:
837C5B6B45B681C172093113B3B81983E8E7CA108C83C2A7BB6BE9738694403E
File Size:
83.41 KB, 83408 bytes
|
|
MD5:
7b42de0aa5d4e92e2c37911d510fe0c9
SHA1:
111461512ee57392df838cd323ed508d258ef12a
SHA256:
68611B7284469AF5FF19090CE6F591A47FBCB278C292805992A5EA5C234C9B94
File Size:
83.40 KB, 83400 bytes
|
|
MD5:
46632cfc325544114cd47f93616c67f9
SHA1:
102d69f642b674b6a66ca3dbc6ef5d9483bd7ea3
SHA256:
B54856C20A24B1EF5F25D3D158E2431E2F47FFABE192FA2ACD4EE834078C528C
File Size:
84.37 KB, 84368 bytes
|
|
MD5:
4f0be748f30859bf9a02e37159269b12
SHA1:
3a0512657de7eef163f11f48dc1f84e89211d2f0
SHA256:
36F046F76FD5F8FECD0BD3B3E100E958D0B96C0D2B56E56072D24106CE2E9D1C
File Size:
83.37 KB, 83368 bytes
|
|
MD5:
8702f2e4e520e50646806dc6aabdfbe5
SHA1:
e16b3056d88165e388f38b90faa1548297d04040
SHA256:
A607F2BCDBE4FB2ED6965AE76884D978A1FA66C500345E4F46DC099E3ED5562D
File Size:
83.35 KB, 83352 bytes
|
|
MD5:
6858c5fcebe1b4bdf12f6a9223438968
SHA1:
c5a75b71adc364269e09b600fe570500f08626fa
SHA256:
8B5BB96159488BBAC6873DE1C71F25F7E1E032EBAEF838D32F56E25CBAC1234A
File Size:
84.35 KB, 84352 bytes
|
|
MD5:
b038609b214a1cf87b2550110f6acb2c
SHA1:
a87cf313527debe1d2c2f37b2c98555699283ac7
SHA256:
12D6D1A892B2517B9B525F1D99D7C5FC3936F14A8EC4090A2965027ED831F216
File Size:
84.38 KB, 84376 bytes
|
|
MD5:
29379cb890d16dc93eb486926b48f7ae
SHA1:
b25cedba7157e3c2210d504281fc75e59fee2798
SHA256:
0851AE8B733D87C742EB75F50F955B22E0FB0EBF8BBA37FC948BF7BE400EC1E0
File Size:
83.41 KB, 83408 bytes
|
|
MD5:
a299384b4688bfcda4e83553bf8e0910
SHA1:
7c3ca9f239f7dd6b7291e8c2ecada9f1bf96156f
SHA256:
AC51DCFE25FD54A87E22BBC851723D9C3987C7C9FC52FAD15FEC1E1071781BE0
File Size:
83.32 KB, 83320 bytes
|
|
MD5:
cb0c2057eb4d9537a79cea0aeb06282e
SHA1:
896606d908ee0be2cd4309302f44b3f76339858c
SHA256:
FBCDCC8C150123B510E4841D1C44AEFC433F5D797CD23CC00C7A68CDB6631878
File Size:
84.47 KB, 84472 bytes
|
|
MD5:
035c00ba090f417cc75dcfdfe729d69b
SHA1:
dbc93dfeacc44c3fcec3e4a931532fe310b35ca2
SHA256:
5BD432DD7A620D65259ACEE34A28B2A7FDB37BC94E1184B7F11E8736A77CD3F3
File Size:
83.42 KB, 83416 bytes
|
|
MD5:
a5513a285ebcc35dde494d95585c30fa
SHA1:
527205a88b3778b225703d0936b5df665a2a944f
SHA256:
AC588D854C4AACE207A89A69D730E1C7DD4E393980BF57452783B8D847390843
File Size:
84.41 KB, 84408 bytes
|
|
MD5:
8f060d62fde480a9c6a633df208e16e8
SHA1:
e16ef9ff656f031a001ae72b878984c247cbc125
SHA256:
A507E06B695E92897537CF2C40F0BABFE6F33CE78BEF0AF09281013EC0946683
File Size:
83.38 KB, 83384 bytes
|
|
MD5:
bd3be75b78d9180c9e4388ffe92a1889
SHA1:
3d70c02740d748ddee39590ba8a7e2608bb60e88
SHA256:
2DC7711E05532939DDA2784C88BF3BD1411DC952610FEF41A5BB7524A5F103B0
File Size:
83.44 KB, 83440 bytes
|
|
MD5:
afc65c84f8f66f3f2dd0dd1b7a47d8ed
SHA1:
c0b282ddd556d43e926f65c57e829bda07a02605
SHA256:
E2435BD9E6AD9EEFDE45D3D51F5BB938FC7DDD404FE1488CCD7852A0B0C96700
File Size:
83.37 KB, 83368 bytes
|
|
MD5:
0fd981e524e927f75a8c4339a75e6be4
SHA1:
a56d1f22f8987a1a5afe8e27b4a1bfa3835bc22e
SHA256:
81C114D2EE9DD5F5972C5DDFE24D647810DF45DCD765493CBBE8D0C054EB5443
File Size:
83.42 KB, 83424 bytes
|
|
MD5:
d3e9aab022c4963d5b4e07ca5c387e90
SHA1:
538a7d4c071e07f6c6388654dc4cb7ca94ec7402
SHA256:
5971C8C402FA50A8C2CBA5B7C4866E53026B2B0109A91CCAF79E8AF83A6AF51A
File Size:
84.41 KB, 84408 bytes
|
|
MD5:
b3a1b6272026d3dde01c7e1d2ea22c2e
SHA1:
6a6f6bdd73e26f0c8a994bdf2bbfb9182f425591
SHA256:
99C2548169F9BD12FB92597D3700209A7D5A4012599F71785460EBB35FC49B2D
File Size:
83.35 KB, 83352 bytes
|
|
MD5:
64f6601602f81836737cde8892ff962e
SHA1:
f41a65e4a1e9f0d1f72dd1e1b881599fe5a4e595
SHA256:
26407877F559B4DA274C76AFF1006A731AE9C2B4DE26121563CD37BF623C4DCA
File Size:
1.40 MB, 1395318 bytes
|
|
MD5:
c242afde4678f268e14d1bfa3e8982e8
SHA1:
70864dcb9e171c9d382fff6c0a2379d414c1f6aa
SHA256:
82B0DAFFB4B62594CA3B429D4B5BA29576661F1A5F0D808D5209E70E60A46274
File Size:
83.43 KB, 83432 bytes
|
|
MD5:
358e0f52a7309a092eb679c028618a36
SHA1:
ab4b1e1970a8761cbeaedffaa4fc2f68180ee3ae
SHA256:
BEC7BEC58067DD72226D4E88815E317696976B2512CDCF4E72E4A712BC564758
File Size:
83.30 KB, 83304 bytes
|
|
MD5:
89e529a7997abece85f00e39a3d977e4
SHA1:
6dfdde38238fb5807f7b25444f16dff0ac8b552b
SHA256:
C9FD26F7A62AC9B8C7427D5D3C15DF0548CAE028D40314A970AE8B35CFC3B0A9
File Size:
83.42 KB, 83424 bytes
|
|
MD5:
23a34ceefeed39d3b7d3207ecff85b49
SHA1:
c5f315491291d7150e83d724f52e5d28a25d756e
SHA256:
61846409555A95D8E024F625631EB5CF7B6513F68473BE1A2E2837800FDD4F28
File Size:
83.42 KB, 83424 bytes
|
|
MD5:
5b14740dfbc5e63b8b1a38a0f5978054
SHA1:
773027e03dfb3a6b102933588744b96b531fe530
SHA256:
829E103617DBC9C284160701B688BDCB81C8C1ECF1677DC41CBC3463B50249FB
File Size:
83.43 KB, 83432 bytes
|
|
MD5:
dfa13aa03ad01c2cd495efa9dc519f43
SHA1:
a8297c2400b5df6dd941374a1edea1304afd7b71
SHA256:
6CFCFFBED49DA8ABE124272F8B89382C1E08F33AC744145CFEC9F13418BA5B67
File Size:
83.39 KB, 83392 bytes
|
|
MD5:
4faf24cd5f69f6c5471b084440b72938
SHA1:
bffc6043cd01ec6d9c4b13bfa6847fb5b97b6b27
SHA256:
E1F7400615A737208AC631337717E9F5F0B51DFFDD6C20ECA9BE305E6955F9F3
File Size:
83.43 KB, 83432 bytes
|
|
MD5:
f432f87ee44f2025fe06c5ce2ecd063e
SHA1:
a1e55de7eca052c7c338b064ba11e89b3bba44f9
SHA256:
D7F1B1278D2930C0C16E8508B3C4F8916BA5A232179D78DBA63B6EB42D8A77FD
File Size:
83.44 KB, 83440 bytes
|
|
MD5:
9dfa69da04ce2ba1c7c94bbdf2b4f3cf
SHA1:
0b62317afbf55b693155776e24bc59e394346e63
SHA256:
A6C802839C29B15792BA2F9A3B160BFC83A8E75E27870E416CF84C33EFBA9251
File Size:
83.38 KB, 83384 bytes
|
|
MD5:
db3564df1f23072e129de5ece7f31d96
SHA1:
d196db4b179e4d96eae4f52b99c3ed946cb7d04c
SHA256:
A8E463065B0E46EF5C763CAED8DF534686452193BF7E17367D1BD03C37D9EAA6
File Size:
83.39 KB, 83392 bytes
|
|
MD5:
ee64f99b107a6d270ac173b7363dc8dc
SHA1:
b5cd3d8ab061a6b8e1ff5e0581d7d609fe397572
SHA256:
B790DC844F6DF036A1E6A8C68566C76C7DEAE1747DAD4F926DD223F2A24FAC9B
File Size:
83.42 KB, 83416 bytes
|
|
MD5:
67daad48912a885263fb8b7740af4fb5
SHA1:
6aa73b79491dba622a1362e1042518026c851420
SHA256:
D99FE46D902D7CFBAA176F8910044CD1ABD273DA08C78723400EFEF8CA99174D
File Size:
83.42 KB, 83416 bytes
|
|
MD5:
6dbe4da0e4e18ecb558941012b1ee111
SHA1:
222666b3d32a30bfbb576557ef1aedbafeedb9e2
SHA256:
5EBC72E8C90FE44E777EA24998FA5164DACAE5729DFF77FDAC4E7E0D2CDA7BD2
File Size:
83.43 KB, 83432 bytes
|
|
MD5:
d2fb5ba4553104c270fbab7088c12dbf
SHA1:
0cc6bf32f9ba9c32135b50a895705081a40363e5
SHA256:
460BF587C9FC52568C98167DB515BCB99C8DA58B5F62570A441B95FD9B7DDC25
File Size:
83.38 KB, 83376 bytes
|
|
MD5:
cf70c11848cd254c6095075f7e83f11e
SHA1:
f09852100892351c5d451782de01a5e3761c6cda
SHA256:
9C5E023603F04FFBCC1E8D922F34D238A2D3FCE9D7FBB33321896B6DA7002051
File Size:
84.43 KB, 84432 bytes
|
|
MD5:
9b75b1445e8d6f30365c614ee8540f00
SHA1:
5a799fd537e609de2c54a6e2ac3751dafc8c06e8
SHA256:
2B06A8F7869666A3BA478B5B6501FD1DD8AB1F7A9498E7430750A4D566F02AED
File Size:
83.42 KB, 83424 bytes
|
|
MD5:
56ff778f8d8e8d8dd0a144863a58ee06
SHA1:
4ac2d5d4c6c267319add76acc4ed3ba05b0d9ca6
SHA256:
ABA914C071D4E5440E24C7160607F555FB2AFBB0AC729E93E1BDCC54329CDCD3
File Size:
83.42 KB, 83416 bytes
|
|
MD5:
5e02bf4e30ebe92a85561e3b7137fc5d
SHA1:
e1723fbaf1b78b0726f79004c8a0c7f660399258
SHA256:
61B14C29230C4FADE3DBD4870063183B384D9F2BAD078ADBEBD937D96079E44A
File Size:
83.43 KB, 83432 bytes
|
|
MD5:
b670e067306ae2385c564675142fb0a8
SHA1:
3653bf0b99df0e3e62645929d1ae93c8f6745aae
SHA256:
0204C8131765ABE2DFFC390FEB8FB373901C9AA7FEC6A5DA58B59F0D876D7ECD
File Size:
83.41 KB, 83408 bytes
|
|
MD5:
2f4729b1abcd0db11e0906e8fa76f6c4
SHA1:
c026a63ae8c37b5193afac074969191f146b6f70
SHA256:
D7F2A0A154AF75F463EDEC3DC3507C4BE58285EB6089EECDF43AC3AA02B2EC51
File Size:
83.38 KB, 83384 bytes
|
|
MD5:
a9916e98f914c21b7a8d054e37173b6a
SHA1:
a1ebfcbdad1bf7bc9238d21ffaaa2a113e3e37c6
SHA256:
FFA1A1FB37E007BEBBCE016E990B083D6BA71AF57BF497E458561E2B83E994F1
File Size:
84.44 KB, 84440 bytes
|
|
MD5:
2ec901b3a980a3a8b1beeebf729799f4
SHA1:
c751f9205db490aeac8f478a63a9d5cb7120c3c3
SHA256:
B9E4BACA1CAE3E37FB93973231A96237553275174D9E586869ADFC376B19BD60
File Size:
84.44 KB, 84440 bytes
|
|
MD5:
f6f73ff570db84b1d1a759db83d7e7c6
SHA1:
edf0449f67b0a4d4d2bd58a380349808867626fd
SHA256:
0204855201B9D94D014198F1C2682A8D6D7DC024F1FC53D50EDFB7D2ECDA6794
File Size:
84.43 KB, 84432 bytes
|
|
MD5:
bc5d7c138bfaa57bcbd836b6453d27ed
SHA1:
e5f57ee45fac8d1f48fa34d35031c82a02d4ee29
SHA256:
072C118AFEEA4A8C579786DCDFF61D88CDC816E0CE65D067A2EFED9960532E8A
File Size:
83.34 KB, 83344 bytes
|
|
MD5:
de23b557401af45ccda990d638c2ef39
SHA1:
36f4bcf421810b024e1e6c84b8cf7a96d24f0e99
SHA256:
F8F84EF5B8AA0BEA24D079384019BFFD82BEE7BEE13FCCBC000D7AA223B231A5
File Size:
83.43 KB, 83432 bytes
|
|
MD5:
a2c6f694a24be5654e2782a6155fed75
SHA1:
7655557621a9da68cb15f02c7832c268fe1c509a
SHA256:
A93C249D39C708A0CB92C06DD68BD817BB7ADD71DC0C590B435442421BB25934
File Size:
83.43 KB, 83432 bytes
|
|
MD5:
75d63434531a2c940b098ed26a26a6ea
SHA1:
496af0577750b29c504276f8081b822cb47f3192
SHA256:
6BC66F53E17023513210C8375722BBEA8DBC6030524B3FDC9E92DFA364F09C99
File Size:
83.38 KB, 83384 bytes
|
|
MD5:
0379c6fa4853593c85d981603a201a14
SHA1:
2d9b095b2cf822bf84014ef4bef6add44ed60c26
SHA256:
0E488E1AEB5972C0E2426045FE3075E2EFBC9C6E2C02FCA7DFFB32BBE3B6F4EB
File Size:
83.43 KB, 83432 bytes
|
|
MD5:
f1d049a64d6853496a1b0b49df5e195d
SHA1:
d64990b430aa60c8660a543d80a4bf0dcf8cb822
SHA256:
81D3F4678E0546D8AAA99EDD4951199E2CB1830CED88B53CBE8A675142822E6E
File Size:
84.36 KB, 84360 bytes
|
|
MD5:
58f467dd0507d6513e6909ac849d0b34
SHA1:
b35cc85084d3342c91b9e8e1120c87a3150ade79
SHA256:
CF7D22C5909078B7612DA75A3C1F5A2C4F0E4AA1C781B3BFA3992A2C5F6A0F6D
File Size:
83.40 KB, 83400 bytes
|
|
MD5:
f314780ab624db29c714dc31158b6fe0
SHA1:
e9703873fd8185616efe09d276b9474e8ccebf70
SHA256:
4F5DCDFFF7EA6DEB91A2EC1FAA23F6460D44E68754B80FC675A661A16846F8E7
File Size:
83.42 KB, 83424 bytes
|
|
MD5:
8c5df6e9c3fd7868133125b1842ebc26
SHA1:
b58b7c0bcc4825d3b626cd3fc585f36257c15263
SHA256:
BFCD6D9BDF5C5967CD6B68863BBAC8E833D0DCC727C6C4BC3091E7ED6B2B342F
File Size:
84.44 KB, 84440 bytes
|
|
MD5:
c2f0bb5db1b4b9b196fd855789bb83e9
SHA1:
f7ba3662738069c3ac3bef8fe17fe59c5423ad6d
SHA256:
F71E5FAE906E93F2B5642C11D0AE59EEEF71433C1BE23641C4CDE48F83F66344
File Size:
84.40 KB, 84400 bytes
|
|
MD5:
bb091144d7b9391b7028e748944c276b
SHA1:
f674d36cb77e9634c531c0351675fca98211cd76
SHA256:
763C7E0FA1F7F4BEBCFA47D04762DD0868CA30A27C054364DE7592B91A51AE39
File Size:
83.37 KB, 83368 bytes
|
|
MD5:
b6555ec2fca353fd94f273b79f3367b7
SHA1:
8f5aa8aff1ce4b38fbd36be79394dd0edb6bd6f6
SHA256:
3126C26468E56D1E50483C468380FB358F14AEDC1F662603C0591CC9CED3D140
File Size:
84.38 KB, 84384 bytes
|
|
MD5:
2a8cc8c069bc46f39a10c81943cdd7ca
SHA1:
919e3368a204242ade664e82638c6892e40b50b8
SHA256:
034848F87E388AB1A10E117E66187D9FA0B9213EDED06C1351ABF0D4940986DF
File Size:
83.34 KB, 83336 bytes
|
|
MD5:
996f1dc86c5f74f69484abe420da3d9e
SHA1:
1fb5a36f31821fa310692bdba476c92fcc7e4cc7
SHA256:
2CBE23B03002C427BBEC59441917A825A785DD5BA6AF735AFB279B069F26B665
File Size:
83.42 KB, 83424 bytes
|
|
MD5:
3578db688e9b8d749985813f392d1b21
SHA1:
d9e646edfa0420cc1cb0b5392fa6be6aacc932bd
SHA256:
A7A7CF8295BDB6377F6B6514CE938D4035559FF5034E7F140724EFB033ABB85F
File Size:
83.43 KB, 83432 bytes
|
|
MD5:
20a2b149928f2645521f2a3f0cc1e8f6
SHA1:
87c9a8e5d7f6c38e5b1e5116b0d2cb066fa0f6f3
SHA256:
99DAA524981C0709924C6004A90B70242A79E37D830B7C981B55E014A0061ED8
File Size:
83.41 KB, 83408 bytes
|
|
MD5:
44b4c1096334511b7df3eec6c0281bdb
SHA1:
23457797d4df37258a223ee4d6b289f695adf10f
SHA256:
C9E01C733B2C8B77383F7FFC65700BF9F973C9EC214F1BC50C15C4D0EC93FB6C
File Size:
83.38 KB, 83384 bytes
|
|
MD5:
b5a9ce477dd476fcabf7f1c27258589d
SHA1:
422840a74525532af0e623b3c0c97c7ae319c340
SHA256:
D50238ADCEABAA9470798445D38992BA7D1A899C08448F7A3B5FFEF339338410
File Size:
84.45 KB, 84448 bytes
|
|
MD5:
485038701ec690811f81bb41cdd25f75
SHA1:
bacbc207224b63acfc5a0c55401c223dd21948d9
SHA256:
5CE6BD41A7D2ABFC4B35ED2E599A378A7A7E2E6965CFA5C340F0190A6BAE273B
File Size:
83.43 KB, 83432 bytes
|
|
MD5:
6fcae7a56ea92ccbedd9e2c18333a8c8
SHA1:
6524de82d4c98ceed6d77388fe74dc54026c0a2b
SHA256:
6B9613F61B55492F6711B61D6DF55219C4CEE019EE4014DB81563D345CCD7092
File Size:
83.42 KB, 83424 bytes
|
|
MD5:
380f1c231561dd5bcba4426535bdb118
SHA1:
4f759628d0f9d0eb2822fdbad9320777a20e8530
SHA256:
AC72BFAB7FAA2E144F0354ED29C5D3296B74540316AEB382BB84CF8A8403683E
File Size:
83.41 KB, 83408 bytes
|
|
MD5:
9841490756deab6f3aa64a947156a952
SHA1:
c645d82a1d929151a9963366bbbacad5691f47dd
SHA256:
186E050F440C2D49975374116196C512239D397F52F5C0064230E5D6CFE727D0
File Size:
83.41 KB, 83408 bytes
|
|
MD5:
5ac2616fe7959d54a3029ac44bdcd936
SHA1:
447205c286ce0ab575f13ea8f3042ac27be3c3e8
SHA256:
9093A5DC841C8AA0A7764A145DE175E87A8EBF96B8266C1BD912C4AB5B34869E
File Size:
83.41 KB, 83408 bytes
|
|
MD5:
7bb759f2618c63f7ffc4f816bb8759ef
SHA1:
06376a51481db333337d0d4b27d365b787348c07
SHA256:
CB2C0AF7A55D347A5AACD883F97463FD01C95CCA8D6622051BC31C5BB8FC34B5
File Size:
83.30 KB, 83304 bytes
|
|
MD5:
8bbc07d569bf8ec110b6c8cb49b8fcb3
SHA1:
8f48618d14af344111896e3783afb595ae5fd13b
SHA256:
78A08B85F1F9FE317A4D0BB1C49B4F431CBEED9C07AB0557A7386B17EDE67BB9
File Size:
84.40 KB, 84400 bytes
|
|
MD5:
927f10d40ce810dad6078821b7f883f0
SHA1:
8bbaaa5724d8620e3027403574c03b88b478d39f
SHA256:
69EA38BA74B003DDD5C2F675E582AC2AB5CDBC168448CFFB650FCEE5A08524FA
File Size:
83.32 KB, 83320 bytes
|
|
MD5:
b86e708768e6a6fa8f768e7e182de00a
SHA1:
78aef9b1d925d005d375372ffd53daf9c7a40aa4
SHA256:
AFD6DA599CE92ACC67D0D45886254711A30D3D77E0ED2489AC25814C556A716C
File Size:
83.42 KB, 83416 bytes
|
|
MD5:
d784bf83ecf97e3afc3d41a0e41a40ec
SHA1:
2b09a1a220b874e306a9e94809c073cd70378584
SHA256:
C0953514C978D0C68AE91CD03F03181FEDF2B04C1281289473E613D2632597AA
File Size:
83.34 KB, 83344 bytes
|
|
MD5:
a12a06f281e0cc68606b08dc49a211b6
SHA1:
55652cb65ddaaf847d6087f1feb47951a508d2e8
SHA256:
7FC89A8467F6519F2FAA1EE18EE0D5408E280EA440E12465B28B8F80F643B62B
File Size:
84.44 KB, 84440 bytes
|
|
MD5:
34f0398c1db559bf8091aa33b7bed94a
SHA1:
7e0539278907aa4646b286931c6b4bda8a06ff6f
SHA256:
A06B039F6F90D90BD1B86D20B5A332CFC28528995E72015647761858BB152A4F
File Size:
83.40 KB, 83400 bytes
|
|
MD5:
f3dfa740868ecd576cf5a369e5b0bb9c
SHA1:
62df1cebbad39a847bfcdb6fb1ce52fb60130db1
SHA256:
BDBFA321BB72C446298C17C5F924BF31D20FA59CE129EBC7E30C53CB3E42BF80
File Size:
83.42 KB, 83416 bytes
|
|
MD5:
5685076c0ee35bbbb8036ba6218f140e
SHA1:
1e4cb4b45816faffe786b411416796d1dde0b47b
SHA256:
377DE1E67F159186C358AD8768EAF3C878E1B5BA5C1CD791BE61EB6DA162DA46
File Size:
83.40 KB, 83400 bytes
|
|
MD5:
5229e59d357bc595610b2513d34476a3
SHA1:
6b58bf4fd7e9b6d0c545a35672dbadcaeba71571
SHA256:
C83C6A6042AEE27813FEAB991BA7C618968830334F4428FE3EB61A58C2FF7E3C
File Size:
83.46 KB, 83456 bytes
|
|
MD5:
93db6b2c2c9845b4875e3770baaa5e90
SHA1:
8744bc5858656304a87e580ef1426b22da0babbf
SHA256:
9187378E4EABBCAE0BB2EB5C98B4C7FDE494D34598E9CFCBEDCD2A4692AB44A9
File Size:
83.43 KB, 83432 bytes
|
|
MD5:
e0ad3906c4292116aa7a5a71ed759e25
SHA1:
f01f7772f8a6ab91b34525219464e29f4956c994
SHA256:
012565E5FB8DF7DF7FBE18CA6E9689F1B1188B2354D46F41F97D1F8DF87C0EFE
File Size:
83.42 KB, 83424 bytes
|
|
MD5:
f756f93034dbbb5c09444b9d1fde9e97
SHA1:
1ff4682c93504cdbd1df0cd63bbff9c1a3ed8579
SHA256:
A61835EA6ACFF3CEC8DCF3A24DD6D29219D4F1595CA7C96501705A373DD9C340
File Size:
83.42 KB, 83416 bytes
|
|
MD5:
752fb1bbdcaf49e2019af6c183709049
SHA1:
84db97fdbddb11a65d495952d0a769943ea58b38
SHA256:
71EB046BE80297F855C71D7E259F53EFB981C9C654FB65FC4E60E2A65F60B939
File Size:
83.42 KB, 83424 bytes
|
|
MD5:
2fdcf4df2accf68cd45d5974945f09fc
SHA1:
b824ae9f0bbfd198b43cabe9dd761b1217132377
SHA256:
C73EF5ED4DD6F9B209CB4CF15CBEB0774ECB2E9DAF5BCC9DB844142F0D7197BE
File Size:
83.33 KB, 83328 bytes
|
|
MD5:
7978e6dbac6c38b2b6517ea13caaac58
SHA1:
8099713ed6e4f5eb331db9f51abeaa98e7a7e6f1
SHA256:
90F5565A1A24F56F2C5BFD64C04AFECE92887297B0EF43F7D547C96D454BA824
File Size:
83.41 KB, 83408 bytes
|
|
MD5:
2ca96b47ff252ade7f02346e9736dfab
SHA1:
93e73788d435f1cebcae3a8ca572ee886aac83a1
SHA256:
24C6349CF61048C9476E63CF7CB0E5A650EED4751847B66F4B5B0495982A4003
File Size:
83.42 KB, 83424 bytes
|
|
MD5:
963b3108af365e5484a229b375797c45
SHA1:
c74b4d44a2d224129c39307762e695070eabf4fd
SHA256:
F5AAF4163344A786EF746669BE8F8F09D1F1D4B83745BEF1743EB28F2E2FB2AA
File Size:
84.43 KB, 84432 bytes
|
|
MD5:
fe38301d5d00f7cefb6b6a12305c105a
SHA1:
f18d622c358ab7c4cb5db18c678a12ac3f1e4338
SHA256:
0D7D049670F033AAC24C9E3FF8883723769E92D8355CEEACE173C3C47D1E28C5
File Size:
84.46 KB, 84464 bytes
|
|
MD5:
f9b4a29a2cdd010300e93056236e9173
SHA1:
e49936c9a54a48617f675fc0c3291823aa1b0c71
SHA256:
1B3712B16756C96B10491C425D92A2EB3FEAD5C8129358E66DDD5E1751CBE847
File Size:
83.42 KB, 83416 bytes
|
|
MD5:
e730556083a1a3bd6506e74d3e01fc0e
SHA1:
e9c5575813e9df37196a72e9c939db50032b13f2
SHA256:
B57464FD21ED59BD7482AA5F1D7F9F578A855C72E2FA2F937E370F99749B28A9
File Size:
83.42 KB, 83416 bytes
|
|
MD5:
8844e73aa4d5df73eb9a8879ab018345
SHA1:
8aeffc2a01144f503444fd44ec210d27381af397
SHA256:
BBECDFBCD610347A8D290EA08C8158127238F9A8FEFAD6248223DF8181B8B328
File Size:
84.34 KB, 84344 bytes
|
|
MD5:
c533bb1945d99facc1120b0667ae7950
SHA1:
61d42545e20e0acc3e3977d015f772b38f9c0fb0
SHA256:
3742C7E0FB22E1D4D84855A1127DA4F9573FAFD45E4F63B6DDD0F6BA30A4BFEB
File Size:
83.40 KB, 83400 bytes
|
|
MD5:
d012f7c3f706929a553b850b0e0dc246
SHA1:
2e5f907806fcbeccb58f8bd34e959b5ddc872e98
SHA256:
CCD6A8588F735FFF3DDB4EBED4DFBE6DD0ABBAFF3E1B2EEF42CEDA5DAD8827C5
File Size:
83.41 KB, 83408 bytes
|
|
MD5:
4dab430a2758aa79997936d61384806c
SHA1:
9b206bee60d1189f765f2309f98fb5bd29c98051
SHA256:
67A4B111E120B0D1A7A8FBD9F9B74B3FB305E9A0625EE2EAA531673606DA1DAB
File Size:
83.42 KB, 83424 bytes
|
|
MD5:
450c78cccbcb2aaec63e424fda7467e4
SHA1:
f469976081c0f2c062a2c141123281f0e9512284
SHA256:
97F3F7E4C59AA4C0055A68A32052340084D010B824B676FE477101585BEEA213
File Size:
83.42 KB, 83416 bytes
|
|
MD5:
7d0caac5c81ccf327659594442d55a6e
SHA1:
448dcdd7daf2b3b7200c9d8cd4ce3044288a48ac
SHA256:
37E7BC3F835E6367A5E5ED5C40080A31C80CCA4E8F951937A629258443313F62
File Size:
84.43 KB, 84432 bytes
|
|
MD5:
ab9a300591298c69782beb3d8144a2db
SHA1:
a470ff6128332fadd3ece51260ec947aba219f8e
SHA256:
81377CD086F4CBC804C8BA80309157DAAEE27B3C3B2963AF7BE95EBCAC4D4D0F
File Size:
83.40 KB, 83400 bytes
|
Windows Portable Executable Attributes
- File doesn't have "Rich" header
- File doesn't have debug information
- File doesn't have exports table
- File doesn't have relocations information
- File doesn't have security information
- File is 32-bit executable
- File is either console or GUI application
- File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
- File is Native application (NOT .NET application)
- File is not packed
Show More
- IMAGE_FILE_DLL is not set inside PE header (Executable)
- IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)
File Icons
File Icons
This section displays icon resources found within family samples. Malware often replicates icons commonly associated with legitimate software to mislead users into believing the malware is safe.
Windows PE Version Information
Windows PE Version Information
This section displays values and attributes that have been set in the Windows file version information data structure for samples within this family. To mislead users, malware actors often add fake version information mimicking legitimate software.| Name | Value |
|---|---|
| File Version | 1.00 |
| Internal Name | TJprojMain |
| Original Filename | TJprojMain.exe |
| Product Name | Project1 |
| Product Version | 1.00 |
Digital Signatures
Digital Signatures
This section lists digital signatures that are attached to samples within this family. When analyzing and verifying digital signatures, it is important to confirm that the signature’s root authority is a well-known and trustworthy entity and that the status of the signature is good. Malware is often signed with non-trustworthy “Self Signed” digital signatures (which can be easily created by a malware author with no verification). Malware may also be signed by legitimate signatures that have an invalid status, and by signatures from questionable root authorities with fake or misleading “Signer” names.| Signer | Root | Status |
|---|---|---|
| Connectwise, LLC | DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1 | Self Signed |
File Traits
- No Version Info
- x86
Block Information
Block Information
During analysis, EnigmaSoft breaks file samples into logical blocks for classification and comparison with other samples. Blocks can be used to generate malware detection rules and to group file samples into families based on shared source code, functionality and other distinguishing attributes and characteristics. This section lists a summary of this block data, as well as its classification by EnigmaSoft. A visual representation of the block data is also displayed, where available.| Total Blocks: | 333 |
|---|---|
| Potentially Malicious Blocks: | 1 |
| Whitelisted Blocks: | 332 |
| Unknown Blocks: | 0 |
Visual Map
x
2
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2
3
0
0
0
0
0
0
0
0
0
0
1
1
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
2
0
0
0
0
0
0
0
0
0
0
0
0
0
1
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
1
0
0
0
0
0
0
0
0
0
2
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2
2
0
1
1
1
2
0
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block
? - Unknown Block
x - Potentially Malicious Block
Similar Families
Similar Families
This section lists other families that share similarities with this family, based on EnigmaSoft’s analysis. Many malware families are created from the same malware toolkits and use the same packing and encryption techniques but uniquely extend functionality. Similar families may also share source code, attributes, icons, subcomponents, compromised and/or invalid digital signatures, and network characteristics. Researchers leverage these similarities to rapidly and effectively triage file samples and extend malware detection rules.- Agent.LGR
- Agent.XCO
- BadJoke.AI
- BadJoke.JA
- BadJoke.XA
Show More
- Chapak.HC
- Chapak.HCG
- Chapak.HCH
- Dropper.Agent.O
- KillMBR.XB
- KillMBR.XE
- Korplug.X
- Kryptik.AHCA
- Kryptik.HP
- Kryptik.VCAD
- Kryptik.VI
- Trojan.Agent.Gen.GS
Windows API Usage
Windows API Usage
This section lists Windows API calls that are used by the samples in this family. Windows API usage analysis is a valuable tool that can help identify malicious activity, such as keylogging, security privilege escalation, data encryption, data exfiltration, interference with antivirus software, and network request manipulation.| Category | API |
|---|---|
| Cert Store Read |
|
| Cert Store Write |
|
| Process Shell Execute |
|
| Other Suspicious |
|
| User Data Access |
|
| Process Manipulation Evasion |
|
| Syscall Use |
Show More
|
| Encryption Used |
|
Shell Command Execution
Shell Command Execution
This section lists Windows shell commands that are run by the samples in this family. Windows Shell commands are often leveraged by malware for nefarious purposes and can be used to elevate security privileges, download and launch other malware, exploit vulnerabilities, collect and exfiltrate data, and hide malicious activity.
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe (NULL)
|
