

DETECTION				SHA256

Trojan.MSIL.AVASCRYPT.SM		e075c4574272dae04ae9a2f2219a608520da2524822ad9c48234866c4db07400
Trojan.MSIL.TARGETCOMP.THIOEBB		b6e1ebc544797f316ad7207b934799cc8f5da198ddbe242250aa9592b2ce9fd3
HS_MIMIKATZLOG.SM			(NOT ACCESSIBLE)
HKTL_NETSHARE				c3bca3b74f6525e3cba9eb931ed649fabfc5f77e804904893bc700ab585402b6
PUA.Win32.GMER.YABBI			e8a3e804a96c716a3e9b69195db6ffb0d33e2433af871e4d4e1eab3097237173
HackTool.Win64.YDArkPass.A		81dded0aa5178bd4b3bd570fe6e354088adf1f7fd3fcd278a74e9031f9998ede
HackTool.Win64.YDArkPass.A		c00544768cf3acb3f17506383afa2f30fbe01876ded5612948150a9bfc24387f
TrojanSpy.Win32.LOKI.SMAD1.hp		16efbc896139552fd23ee2ea09b4c352d329b6b011fb5112f392bc64438d91f8
Trojan.MSIL.TARGETCOMP.THIOEBB		8fced7314814171b381613421e70f0f44f662d3d2ea00ff99b4502afa37e000d
Trojan.MSIL.TARGETCOMP.THIOEBB		dce8b37c878cbbb7247543693a9f3154d482c453c81d3661abb2174b594a2c76
Trojan.Win64.TARGETKILL.THIOEBB		225aee453b9568adc4ebb27ce98fd80feabf144356196aa1139f08f4fe10eadc
Ransom.MSIL.FARGO.YACH2			4f4ee2de8f18bf758d72ac288e61071e1be2ddc54a140cd512c97f5473461036
Trojan.PS1.DOWNLOADER.YXCCUTT		52c208f15dbe2f7e8e5bc1a12d4a579ecbdbaff0ca6134a31cfd4fa0f574c561V
Trojan.PS1.DOWNLOADER.YXCCUTT		dd662fc0cd4ec73f79520dd15c5d771fb5eed2f41c6fe4f24c8af186c7a8da03
Trojan.PS1.DOWNLOADER.YXCCUTT		4d15aa5d68b0e8b081c18d0ee5c06cc1758d17246a8d01b3c8ac48d1ef07610b
Trojan.PS1.DOWNLOADER.YXCCUTT		5e10d57402829425c50d2b7b0c7210433e337e6477e9d90626287cbc97f8df72
Trojan.PS1.DOWNLOADER.YXCCUTT		a96a3edd745708a6be84086feff906d72f7a2d7ce154037436cc236d1662b577
TrojanSpy.MSIL.NEGASTEAL.RJAHQDZ	cb9ad9670dcb82aa54a6526d35fee8ed1e63a1abbb29d2db2acb3f5e49b66aac
Ransom.MSIL.TARGETCOMPANY.YXCCUTT	76e7050683f047ad7807f0fe903bac27cb043cef2981028cadbc6adce4b3cea9
Ransom.MSIL.TARGETCOMPANY.YXCCUTT	937e8cf5c406f171696985b30f88d3e91f1d6c69e7489e2e4ea2609c641f7bd9
Ransom.MSIL.TARGETCOMPANY.YXCCPT	6d656133f5bac8282f31cc82ca0e3869692164a6907037aabc134736adc87b35
Ransom.MSIL.TARGETCOMPANY.YXCCPT	1cbaed19d1cea23187d6ac7a0d27af6f11ba84eda6e939c99250ed112cad3ff0
Ransom.MSIL.TARGETCOMP.YXCDLT		4efdb7795d40a6d561dea7b059291d78d0a9812d3957888e9997df0aac7b8afd
					6f2fe4cf0102edad960834050819e8842b29371380b993ce0d02fc6d85b11c50
					ad077b579a0f96411198788bdc9c26056cb6484b4843ad3cec507d3de0731699
					18d7fa5e19af651f0ad91eea15398110e031964ad759b3e3809fd0a0a71a2507
					7f8417f60910e5ff5f83169f833a3c5321b5ad64c4b2f8fd196d6d8fd53deb77
Trojan.BAT.KILLAV.YXCCUTT		2592c02f8ba88b44b465a5f5dceefd8ecbff7e948ee5338087064e75ca6f4cd3
HS_MALLOXNOTE.SMYPCCB			b99b7d7b692860a8a45d6929d6763d891ca35659bf20ed74111113420740bded
Ransom.MSIL.TARGETCOMP.YXCEJT		8820fe6c0f2d9f702a91f92a275a534de63e88de46f2baa05d50d4d7855bf319
Trojan.MSIL.AVASCRYPT.SM		ca0cb45269f4b45b22da052108d18724485d09165e69877f32a153563168fc8e
Trojan.MSIL.AVASCRYPT.SM		2952d5889bdb07148770453cb5f01fa6cc4deabf97290cc511b71d6e122cfc48
					409b2a0b79465b8ca7707187f30e1dc268b5bbb92080fb4b0d2b87b744e8ec66				Ransom.MSIL.TARGETCOMP.YXDDXT
					5fc82f62d7b78f5e958158d45b9aa45e52aa6cd0bb8fcc9f02abcce9c3d75967				Ransom.MSIL.TARGETCOMP.YXDDXT
					409b2a0b79465b8ca7707187f30e1dc268b5bbb92080fb4b0d2b87b744e8ec66				Ransom.MSIL.TARGETCOMP.YXDDXT
					160010289cc38de42f7b75fa817a6ef7931bfd8aa1370fb09559b2e035e05702				Ransom.Win32.TARGETCOMP.YXDEJZ
					9b833d5b4bdbc516e4773c489ced531b13028094ce610e96ebc30d3335458a97


URL

80[.]66[.]75[.]25/pl-Thjct_Rfxmtgam[.]bmp
80[.]66[.]75[.]25:80/kill$[.]exe
91[.]243[.]44[.]142
91[.]243[.]44[.]85
http[:]//91[.]243[.]44[.]101/Asbvww[.]png
http[:]//80[.]66[.]75[.]37/Fhfdecoxg[.]bmp
http[:]//80[.]66[.]75[.]37/a-Eslaod[.]dat