Crypted Hearts: Exposing the HeartCrypt Packer-as-a-Service Operation

    Tuesday, December 17, 2024 In: Threat Research Print

    Date: 12/17/2024

    Severity: Medium

    Summary

    "Crypted Hearts: Exposing the HeartCrypt Packer-as-a-Service Operation" explores a new malware protection service called HeartCrypt, which has been in development since July 2023 and started offering its services in February 2024. HeartCrypt allows cybercriminals to pack malware into legitimate files, making it harder to detect. The service is advertised on underground forums and Telegram, charging $20 per file for packing Windows x86 and .NET payloads. HeartCrypt is primarily used by operators of malware families like LummaStealer, Remcos, and Rhadamanthys, but also by a range of other crimeware groups. Analysis of HeartCrypt samples reveals payloads containing configuration data, helping to identify and track various malicious campaigns across different industries and regions.

    Indicators of Compromise (IOC) List

    Hash

    000d7d9f98d3040f2e366febd8f5c58a3335038982290ae333907890fe699e72

001212590d5c2fd2fb18dc4366d526051dfafad2e655b909db30496673441e31

00611bc2d5471b2c967ab91ca75a58070c5ddf1a2a18b0cb9988cd447c1e9fd0

007a98a9dac8ccc34d6fb4ee6cf34188dc6c0bae0fc507115e64b19518b72e50

01568de8658e767ee3669e2f5550bec292f1251ca82d20f550c7cf971b483f7a

01672add57d9e53c782996fb0b64de8ff3646e8f1928a8cf6cb8d0447a8e75d4

01c43d621ea272c9838753ac6bda61b3aa466298c024d7c7335a0207f9004928

01fb6cd536cfadcb15f5a4b13de2d5605382db36d2b2bb6434b455f0d80fe0d4

02207bd351797f35a127b08d3efd6ef7f1335888fa3a3a22d21f9b8b10b41700

02badfbfd5bc33379b2661689e5b7bd6914a971ed9d41e65be062c01f6e6b3f2

03d2efb0706bab18e7b594b985f20bd316d9e074dc3906ebefe7ab4baffe5722

0513a96a4f549212ad24a7ee47bf22018e6b3c097cca871138bdc7e4d05cee6c

0520a17e3d8e51c452f6a306e87bd11747f54061b550323aaa3effdcbc976ae3

0537aa42d49f4582426dcac92368b7c61410f264f98ac92077356f609053f6b7

054b1c2a6511ab68ace708daa654ce41faa2d96319887e7f2d662d7afed77228

05ae5ba43084943a2366f64d6ea6495a18cbf52738a6109de317e09629723783

05f459b6b4d24a6da05e1281d8eb3b66d0daec3a8f5a1c50ca17e9b82b9a5f4b

05f77810972591f88192833e3b3b8015584fb97c407ebc677d0dbd975cebea3e

060d6f9c0505a7709281567b10bbc91256a073ecd4fef23e3de47f5ff7aa40de

07177a2cc9ea981ef0d694eb9ef15516a9da72efa4a2f18cad65532fd4d1e190

083be5f3ca7305f6a0f6a769483a48ba6098984b7192db9079839c3c90469d18

0848e727bba3960a0fbbdb403a4a8503658b872e621234b6999b14ff9eb855eb

085a5ea0e085c1ec078df7771d6d4796a0d595b1c88d104568a37544c5bf4652

08b302febb6fee2f577bb42cc0dc2683bec71ce5e58a17587fa19e09692de5c1

0949ae633b8214009cb1c52d1bb2ea9f5066e90c0c285fcaf3844b0580e2f587

0965f85212e3c5fc2cd3e14499fd65b90c5aac7029a3d0afd61525284c5dc88f

391c15890e7db90a5ab7dbcd1d9d8050bb54584c3283232c9a3d6c299a8d0ef7

b19f406be8e31b70012e2256b375c5062181effcbae63c3b6021ea31eabecc0d

45dd5da0789b46e5a62749b0afb186191d5c2183cdabc8c58bb0ca036da735b6

0c04b6c3410b09724edb5f3ce6e8502ceeaa000475e7880bd255f3642decb890

356b236fe8d554369f76d635745d8ee5915bec76d07bf280460548cfd8b2da6d

41a98844ffcee16144b7d48961cb6573bfad86ebeccb5f231af5882e199774cc

87cb3e505b91088da96b2a66f717804140932581255d0a195f0df2ede2258e49

04e8b67bfbcc576c64439bb6c6e7ae2a767cfe71a120f148f9c738982577873e

099de377cdc27b701145d1ab34c71f5c63fe4511e3b3e74c0c4813a7e64c0f97

0a0dcf40a73e7f7a00a488367b7b0cadc4ff3ac7818cf22a46cd3e24ff5cf6e3

0a4cd27916c51f83563939c4a44771e3aadd0186b7b367f2b8b2268fdc602311

0ac7b4738db9ba0bf36fd8b0a26b03c0e6bbc705de0aac02f427b62fd8858d4a

0acb1809427093979ddae8bec5e6436a88c2b472cfb483e4f539ab8e2ca7f672

0bfb5c9035c5bccea26456a7a873e7f682055c5621a3c2ada16f7db9e4b49a39

0d9ee9b2c72c983eb0c90851a353b5ca9f2a66e70453c822916c3c4464aeaab8

0daceeced78525806e2221ef5857a345077e118c853797c17c85023c6d8e4cb8

0dc2e4861267051eb2e3dfe8c57ad10a7fbe8d20c55429b15ca64014f2c50eca

0dd890ccee2823c77b7b8417e1eadcf77e47177812ad715b59531386738c79ab

0f90f094b3feeb87fe79416f42d583a8cf7d37c32e715856333846f9313b89f6

0f9188163350f4562a4a2a86f490f99d593ef0940f0642ae7464c84677a00028

10308a0e1aa49e815a747b0d9f9fd2d4e95ba594028b2550494f8ec6ee63abbb

10373926f6d4868e6970e5d1025bfe92e394dd7a6bcc576162e3397f5139ba90

11892dbe32cebd618deb6dc36477829ef9fb8181d7ec887408f44c08bb5f675b

12f358f3b4480d911ff61225acc745510816fe1fd21a4d80f2d8ccc68b0482b9

15dc5d3ff1b6a02a897f1ab58f1aa6411f79479e7b04fc8b96f12db2c6c69d43

161f73e22cadcc877a39104f32b3bc9042363c11cd490a9ee8681714148c22f3

164beea0736231f25917cc0458e0ae9775504982256b3b51dfd209067c7c2e19

1707eac4efc2ea46c2364b3f3332d75eb414915586c3d199c904240be23c9354

170a237345e5767cd4dd4d84b5b777eec2a466982007389a3b0014ea9f631e46

186b3429bd91f133613c78caacfcde2702503adf2a0fee22af7cfe75561bb11e

187cd18caa83a2a938e801288eeb95f2475f9efe97ab62a42314d7cdfc88b33d

18c2df2f2634643072361ced86bd12d503a3f9617a506e7fd01efadf1d095c81

18c8d79ba3dca33b41b716eca938c61b3bcfa1aa9d524f2646f268f1db7f6a71

18d82eb444dd427953ad3bf5dcb5aeb8913d785320009891dd0e71500a07626e

19a00488730bc7785390df8887b925f58aa649defbeed9b4ed27a66d5f8b3359

1a73070f4f7da75fe1c3c39f76d00f341838db6ab067d9f58326eb4b19472eb7

1cd4ceb10f9445353969b740ae36c2471f68a40489f4c5402679480590d5b2e0

1d40e7daa7a2fc748c85d3bf233649204163fc179f71d3ff2b3c7f426b0499ae

1ded4207f46c167de383235dd94de12f4d144ed4e38b5131dad2fe0cad56fe84

1e716acec0f8c78445db489b74b7c3ff027181e332377773f11530a7669f9693

1e7785fad31758029e909c287e5f1798639ec48d4431a45a12b6701cd6e33270

1e92a017cb91cf900d15f868988a96c02ca483097137da1478a98953ca6db6a3

1e9426c5ad1d49235ac06d0c3e7d9d8e08fac6569c0946d569ab713fb3a7f20e

1eb665c42fe205decfb70e4f2f72508acde642075ab4ad0d2f929f97b4e0661a

1f98d9d0535d73965dac132490686e26e29a89eca7001fd7fb9a1bc82e5c9a93

1f9f707123e3bb6988741a85e436d229f4c390af717949f7ef1f5257cb993e55

1fd2972d72dfbc8b2b0c6bc7c43e3389e67d2bad651cca2583f4f4c7fa443fd1

20007eeee7714925edf27094d9109025fdebaac26e1dbf97d51e8917276b6d3a

20144b7fe9b7b3900c8240c1cee5003c0d2647eea6d98f310a71304600def8ea

235be22a82cb8890d91c8cd29992fd044a3c802cc0bc55ee293e14ae54700cfb

23b0b54d1383b9ac94376ea8bbaf0b300cefab64ee61053b50c8553a4a7ad93d

24c8911a23d4397065614ea4d408b3a67226b8a27f8b08ede937d70ddf98cb98

26e5f26a50b29efd559c1fe469831e7c31409351e922b386db911d8320f303f2

270c0ba7e8fac9c92c6a94d03dfda65aef468d0d3a56eedf23ede0d2c3d4de95

2832eac061fdbdf5431c134f2a22c5006964fab899bd21c918f6bb010cce32d9

28a0366a432fda9d8ce5580ad76bdbf7b194b58e11a1330b415cb74ed856c6fd

28cd723b82855c9010ddf9a5b23938a4e4aa247d8634c2726a57b450a30d4273

2a4a5dd292f61bc749a25978da5db1f25a1b399a6d739305a5625c9c3c430918

2b1b8be71aeb2a4b42444bc53bf660c76a5d4ccaaaffb92b602cc6ab0366202d

2b74c2685d3bc1504f20bb93af1a0bf3fb3ec2090b3298b8f025be4550789859

2be849154e91a1aa43a1914c7253f08f0029854d309ab4e3d0e264a7424ee8cc

2c9b999f3cb82c127bd9bad395dc73304bbddc1015de617cae367dc749e24703

2f06e10b7dbdad33adbdbad7411c1fb31924d183ae29d7a5e1eb9bba256edcc8

2f35dcd0ee4728492a3917d42b10893a8d44f71e774b058e99aca87de8fd76a3

304eedf0c5b7d5fab844104a704741e6c9d4ebcb8515d19e85db979668bc3cb8

310d4ec3b694aa3503a8d5a5adddbe1c0d87935b0fa01e640b0df602c1505234

311934efae99b694091136c03c7277823018818578c5993e77ddbedd3ae1a166

3301f2b58611f44949aa360520806090aeabd3eb88cfbddce254579ff7966e04

337a0dff907453cd0d54ac5ecf32647e65862a3022c214ddbca0403975536b02

337ea5023b686cef1161d504abcd0e313eac5bfb586738a7a99d005f3899db77

34889881131cb905767fea3314047acf036c05dd2c5a199ecec0de4a5230c1d5

34c10230a2a1c5a92f3a3aee064fe14f653703719f9ab479fc57c853cb388190

366effe5cdcdb1a27d7ded62d1bad9e75ec4be18e6315134208c076b5e73df32

368e1391adb5f1c558033a5eb1436fc16661924e7016b56d94dc19defc21d9e3

37a5b1ebe01fca754b6878ae5040d7ebe179eaa7701fbe937888f5be1248e83d

37f4db3ec19120703cdfc716656e2af547088802c264bcaa34806cb4b2612d19

3878a0e50206a6d660b7234483c9d79c8db99c23d2fc281f09435bee25edd577

39a55348da6772b444792bb09282c7450010850442d6c00b7a8f04a9eaf96226

3a45d80180a157ec0aa70298d5eef0cbc13740fcf6323f705bfc10525cb217a8

3c5859206c81aaf8e9ae611f380aea0185dc67746410589b0ea77bc991c1d265

3cdb3d9f4ea6e815270433385d7f8a1a4432aa18f11411cf7719fa58671f26ed

3d47f583cdcd3a9e04a33f93333dd38b382fd3b7c82cfc7e09cb8dad5beecfe7

3d7c57fd5e035b159d4f1460989924756a725db772787cf8ad67d543c510fe54

3e6642f7100bb72137d68b5aa34a2d1f1a75722ab7d2b15987bbdeb84bc3265e

3e6f8a670eb5507fb32d99c8e2ee8ac3dd3a03312793a3ce2c1cbb6eb69e3fd6

3e9dc00f7570354ba5099d43f1df7e6c6703632f24e57d8a58c5d0bbe1f61e4d

3ed1506c27dc92c44fd3b21fdcbd4c196e6190c4de6ec68a5ad2cfedca36e5ce

406ef6e503a9b005af95d6813f239803535eb7d9dab5cac2516b6ae9e3848cce

4103fed41f19837a4ac6f6d5c82e82f43c3bf141247e7cac410c4cd93847f969

4237fb3fe85bf5f0c3c19c45ae85f76d0c527cb5d531736a1430f6f8eb10e54a

42a098586b632e65c8b350bab9846eb0943c54ffc6f81c44b18f5d8e772fe36b

42c18f233d6e89be69298fecfc935b14a0d69447a22e2a3195e50131261b038e

438173fc774f8e827a861804a9af18e328f72363aad164e1d4213b302f7bc904

43ab8d538551ee2d920b1780bced4a7e97a3e9cf8d6f47b6634219120c1ca3de

43eacfea81d9b80b7ff71ea949b4ef0f9267f833e7b8b3542c82407fdf9f0a3f

4404ab406750312cdabb565b04500d9b94be2e80894d9b5b869e45daf994acfd

44e79edd7a2f9d5f9140db1b213091322d0629de1c3f02a8c42e029890503cda

4534f19c76fcfcd817365b67e0feb22c2c59b00c43bc7ab5b6ac04975da21cc6

45980fb785c9c2ccd9f1b84b2906453edcf5700a59d5561b5d7bb0f8da71da2a

45ce39ce5eef5afd148e6bda2802b60f8bc388d279c1c2bb03d3795b207d4523

470d98bde49951ecc819033f47492bbfc87be5767c5820e9f3190a4b8151c5a5

479807c1f3eb9d9fab9b6ab2853604bcc97d9f090ae4fb14d66747fd66e5993e

47e3b3c0e9633dbba588060bbd946d13658d2a49678d0ed0f4e21cc9d8370058

48cff22bae20cb599fcdcec8b4fb41e4785ba5c19123a728fc4f8244f7a900f4

48e1b13ffa233c40c0a24026d2c7236796b8fce6956235f29246a4717728ec42

495897a0e9d55bbd06884df8b9b7c15d9c398e825538d7a235cbfb7d75d4b99e

49735d3992131f165199287d0b5997dfa8e035a10177ea556e957d3cac7a1cb4

4a9e11f3a1b5b7543f00f4f662b4602c5449c78f7181a139af3b804aa7316006

4af6877b9e52c8ce27aadf8d95429dc5fbcbbe663a3bff94367aafabea6327a8

4b42ed6bfed1bd64fbcc07e4ef108ae715802d54f2d7b1268aeab39d8a2966e8

4ca542b8871a292cc4d4c1aa0e3b8b4517a27ba227ff822eb870b5bb4b8a71d1

4cd7c54d51ada797e7e762ffac350136a63af9bdc09ee752b471db33958f002a

4cfa85c4c0f8f87d50db5aad247599d099816582e67bdff21877af254f3e52de

4d37f7aea76ccb788710e7d3a8d2553964142a835115a9f0768f33b286400352

4d7c1d874dc735c24586b32d080ad58a7c3559330b022746fb6fc1179a1ad522

4e4e85c783e001bc88e531428589550291cfde824a12368765dd7cca701f904a

508d8872ec6b59c7583991947baafc80cc0788fad7d0215874360bb48523559e

50918cfa5bb81e63c0e6fbcd744f371e5146fa5ed4e9c2bfa05eff7b6b4af2de

516f23acc3b9eb0c1e2fa79c2a4d8a33a07141b486e6b0cb4ed93dcae966478a

5287ce4a9e8c523486887ca8da6134aec32d3a6cf6e77a0617b3ae1dd3193162

5288fb718ebc59210f968c247ea263159bb14c8b1e336dae9ddf17d85edaa418

5299590e69d031fa7b4118551f59a41091fe97aa3513494c910f9a6011a6e6fe

54595cdde8ac9332adc78143051b3cebd29e564b3f3ba7a390847dd6a30ac9b0

55f3a969a56a2abde560a4d6997575a957527a8f4c1993bc2607162282e5265f

586e3716114e7ad01d36785d3560c2c0ff95e79d123298a027de9a92b45a0af0

599fe4c40cd392efc6becccecdb65ad61e18ad89c98a586ebda05f597b54111c

59fe7e6e026da28b275c1fa65ac6f2bb0712793903fe1b77cbe148c15df0c927

5aa1dc189fcbf09a77f1926e0a2d1c17d9b66e8bbbae1c1751622f544a67ee62

5ab8a17246063f43e04f124c842427a9413d086796c1fd5e9d46917b308f5e74

5aec1bdb65d91129f58844c126bd3e3f324b1db33b400a875497c10fd08f031d

5c6118287d6b3c0a58b87bf6c4572bd132d96f713d31c7061f790871674430ac

5cafbeb084f248690fa9d04c395055acad30ff67bbad09dc1ba8f9d5b4cfbfe3

5cbf6d0a1f9a8ad1b482c9b7371249b91b1ac1041e9e08701ded8fb6503b00ad

5ccdc48357a287efbf61754f092e9ef24718b9d1099883eda90b2b93f6d94ebc

5cf2e959a847aec8f88ae72498de80f943385f2a82f06cf7bb71d12c5b49d2b9

5d9d8bfd620209757123efaad61ffd8a48598ba8cbf5c5d795c9b35fd8618277

5da1b29f6b0ce6127341d90ecdcf572963cb8d27a5f4ba1b072f58614404976c

5e3bd1cef78452981fee2e74cba2fdc46c6ebac15d9a19d85f53ee4812b1fcec

5ed664e59239f2bc96b4ac1a07cf1af18834d467b1868c79d960d3122e0c9547

5eeb62aa52a36d263ab636ca89ff9d2b208c49aa7da6f2d9053364fa7e970f96

5f3cc281a34872f7732d1174eca50fb85364927cca8dc70ac31623ff38c20a00

5fb8926926dc18f997e3bbce351518fcca0ffd382099e59154402e2da3a3858c

606d23a8f451eeeb802261b8c279da0185d061d971e01139da4435f75eab56e4

60837ecb4271e7348591ab1d8ee69dabf9071677694fb024493497af43855f25

6083df167c2c313759ad4885919f556172343bc787f28780429e7272ff7a05da

60ee569d82800e734e8202fb63118174d7ef7cdf75c078f0ceb19d5d80975f56

612cdcd8164c3820950dcc5276dd1a41782ffe424ace86e065de964de21f6871

61b0a39405d071a95d7a8302b308cbf65ce4db0df029efea1af8a24ae9a94ca4

6272c72c830630f76aac92c2ad13e3f601aa7752e13d8713e150511754097eaa

62919dc688726421395003025abf1bbcd405048fb5b7c544139a538e5bdc45b0

62afa3a8d6a4c924491c2897acc4ba6fa053108ecc54d8c97503ed2aaa58e2c0

62b3b8180936fd37593dca45af592225ca18bb410a45cdc79fa15726ca7efcf2

62cb60775d9215595457d37fd5a8ecc52d0c8474948a3e20acf5e1b01594e239

6322d14ec5869367ae5b64fa81eb5958371640fdaa0dac6d5dcdfea35925cf94

65d074caa3e234445ad29db1ed6977855f4952c2d025c109f8190631dd6487c6

675fc1d5e9a46f083a088ba32815eb191464ee29ecedc4b50b7ab577597844aa

67a6c50a05b7eabf847559671c95f011a534395e4c84eb9e3b1ad3a7cf072187

688530cee5f95e2040e9d0b5198cb0f530cbccd0160df3827882905f7002879e

68c75ba3fb131fa8d015169c3dd717f1b79cf2688fe87c87695ba9e04df87695

69569b6a988642b3bc36370470f71e2471df37b1b441c54f53c8e30b940d79bb

696a181467746f96cf98cb52d83460fa08ce6baa44d2ddb809a95c6807fb35fe

6b143ed5a1c3865302656c7efa3b4f4806ae208fd995167617bcc49677601d13

6b6e6a393ad1b3ab46c39b82fefdc51ab0fbfe639ee1d4df3a379ffb74480cdb

6bb9fcba87faf95868f5480586f55e97c3734019503aa9bdd6972cf93bb4d102

6be338592a07efe9cedccbeeb21c9b06bb32587fd8ab7d280e2e2d8dc84c17a1

6c5b19853d6cec2a3f41aac0e437e1ef8241c97925c5154917c92382ae7c7b8f

6c86bdd53a414f6522501d54738ca618f8dfccb4c31ad80618aad4934f1aecc5

6dd66394b84e9e5696fe0b6c72825ecddb40d24707784c6d499398dee18cb50d

6e6c7b6870291847bb97423e17c9eee895d10f44ed6ab7093ee578d8d86fd606

6e9fa11b15e70c30b55369e69a64e96283d47476a0ff6f59c1daf079208b9401

6f18b851eb475096072b9a3eefd392cb2f9f6f2f8f7f7ba90606ebda1a6a3f36

6f4774324d33fab7b2ed9ddd09d417a2a4a44f65510c8504307810d63a3e1078

707d9cf7b6c65e87d3b3d656f9643371b5ff629db8bac714a252c41988b83306

7167bf5b03b02439900fe494f21ecaa00127e039e5f43c2814882c9b543b61fd

71fc81dacb3b48b07278fb1b7eb71fbb7526354cc784b9ffa76b626a4d50a11d

74554ddbee138be6723c9e2808d22525cfbcdb4450e712935073ef29dcf426a3

745bb1bf24225162b5d44873f99807f1f9a90ee34d71e2af0104e6accd6b2d8e

749e45ffd6abdd0c7e9217242d20c486c84527759548420cbe66f9ad0445e9fa

76d79d6ed1c7aacb7c6fce4136a67d3495c99bfca3f2eb03678c277263dba74c

777892a4b1b38fb5895f899e08b10c32ffb55cda03615d8e1844b22c002da446

77ffb29827c2e94dd69821c3cd1eb74866b597a530fdff94c0a88cbbe7bc6642

794c5c420ebee929b7815025fff40b48d7f8981fadaa578dc522f95f30144e61

7a07116fe66c2288abd5511f09b30da56b11a2fff49bc9c2efe793b6b8342ff5

7aa4e2b65495e6e77069a6c211fab7a64db0373ff2c6492fa0177f5edce43389

7ce13f8eff2d3bc5aedbb0b624b9aef6ae0e0391414d5c345b0d2db139290787

7d2f6124a32252c6dd8b98e100d57a04d13624efc68bb55a5ff31c4587eceb45

7d597bb449c2f24194319179e51fcaf3cdcbb0464319c113e233a7b9eda3e57a

7d5c2be07e27f1ee25850b537337e520f823b1cddc2acbf22c4fe01f3a94b8df

7e3015b04d355414d86c2a2124380d31d5f11b7b5996acb081b6f8a8fca0ee45

7f23b1ad84caae1102f06614550b1911691445ed7ffd1790208984fc5c37d441

7f68acaaa1fde023747d47b2e66515a3ed9408a80e3ec1596d8a76aec0a9437f

7fd1c60a9db98539700314f893c6b8408ee83fe4655b70f040b61a853821f99c

7fefc8a574e655e534f74b031a23616d1a72b876ee3daad9ffd24fe49a3847ec

809204d2979b2018756ca18a0d6a33812c96c3b6cfeff4788f705fb976c5b026

813cbee9920207ad9683a367b90ccd92821ac761453e3a2e18bb68af74c457dd

816276f8a28efd4134c8bba50f2a4271ddda713706f9e805701f3b15a1318e77

818f21b679e26ea67dbe65df1deb5c728214c9007793ac18cb9ecd139dc9aa88

82c0608d335a64c32af8041ec8212df46d742fffbdb89bfffd58fa34a90ae654

82dc456673c70d3e2b6e7b8b2a6c06488dd2bffe2f3320f6ee54352514a316b1

82f9a9e5d6837b58bed5f8f8571afc31b570a5d2db6befe3459b09f161114e37

84702a49d1fecf7a4267701c105a714d34250e3c31ec2495660edeac53f54ceb

85ff8d9d2f577cedd1ebee022dfbc8192fdb5ee16e39dc9f03743739b6d5c4e7

87f954a96ff46df18d7103c05102f23441838d3c0f157380466764dfac2079e2

8a4b53fd2a5246edb67124673b2c324db27b443f856c7193d8c5417d793835b1

8a9d1cf4089c57e19bbeb819b57cd3a458d067d65dc03d39c25dcc35cc9ce229

8dc7fbdfac755d60ce05b1c223c174ba13abd78eb01aa538b37c0b812ece3aa5

8dca20407ba9cecc0a6d87adafbcccebc37d865caedee29af0e54f718f150966

8de2fd12c142b386f6465f4fe39ab08bed03823e0a01fd0ea2794b2c21710e62

8e042392a04fc5aa858ba8f96ebdae676e2b959217e2d5c43252632337144da6

8e521953f01b56f163a5d7ca777cdbef86f1d9291bf994d3ba35cb0e89729da0

8e6c2886d27ae580561350564d94625f0151ad0ae5b64c0a58ffce8ffeb01ffa

8e761990bd71d47cdb207f1492a9e4ade71ad95c1eaed69a3826e9ee5b74306a

8f959c31ab0f7560c0ceaccb3ed44abe8c531eacf9d6689c1b0bb9cf7cc1446b

8fa717459c332d72e379363eecdcf23790244c589055d69e984acdc56875a05e

91d7d28c0897e0c33e2229133f9ebe6b15255c8a7bbbf6c7c3f0bd1438ae58c3

91e3a3d0cb48bbc343badd86994ebf1858671fd1a9408534e60bbca47198c45e

93769b51b829c4aa014a10179e40ff91492dbb70986d2b0af8b86901a4fae25c

93b533bc390adceda0347abfd1c1c65682b20a22c19483a1ebd30918acbbfd96

9423522a796f3190f1e434382e3760294527dae11844bd9aece3ee70899a74c6

967516fbdc5dfb43e1f3ab8f5a6713e226b4b0d1a556c1933381086587a5b2db

97175f477ed70cb8ab8e64165325586111a3946433bbae9e03b8273ac0602e3e

9793a21d1a2074106d2123fdf40c23a57aab35f7f0afe2eb254d888fc5abe5f9

97dc03d1700efcffed27aad93ec05b36a404a6919f93f6c60e95e5c4a9d65cd9

9910510ef16cd791eacb868d63f33db54c7ca6343a470b97bbda3ab53a0af1e1

9a3a26bd98c511627d2b384bce4c46c538a67f24c66459acd0af467fca4bdd08

9a42637e8c5229a0b84c28892e030c5b9d07cd32ccb5bdc0cc6f0633113c8fe2

9af467c9392af012bf687f347c0192296d131791b4c7cb74d1dac1622db8f8cb

9bd724fbb3e9c42122711c756c27fd8ceaf01f48e5d59a8935f4b67fb8246b3c

9c843456235244f095b5e021ca82e4805cd94ac732ae8b7a35a021f18117637c

9d96d963705e996e6618f11bc32894e0ce5bc1410db62f43ed79ea546e93d743

9e0258a3894bd522fe9e21b89074c24014605e9ffb767121180f3d75db12f8ef

9ef95f67e220bb2c21e564af32614ba616871a79e96e0d50a441470f3605345b

9f529e7032cf9d504aff60de83a033584462d40bb50988b83702b1f63ec7ca07

a2da8a89a8ecc2651f242c68c2e332a1391f4aa535fb1336123898d8cc6050dc

a306e433e72c97ac9016f9f260f882362d7dfa8735f86384ee70046304430e25

a3a4b56daac71b1ce0b62f548c200323e603555438c7fb1452268bca37c8e94f

a3d2ef71d5d8a5f7b1e489f15836d7f4bafcfcdccad2d9dfbfa14fb34e65fd17

a555018ed03a0b191f64f625b75cebd9f62c194c7b1c1a66b91266f2f1c1b6c4

a5a396bad1ea1b656780b72200bb7ec8fec12cb0694be2b8943ac40e138cf09a

a71beab2c962f82db197b85a490c8f7ab82d8bb1a861b85f95635cca10223fcc

a9aa8684fd492083ee04b150344411dea5d3560e87d4dafe7cca03889789689f

aa8e104dcdc6c58d726bd32d3ac32b3eae96ae2ffa591d9c9303f57f3d046e35

aab1bf3a2a549c076a55b67c11c3af04813380b87c1a2d45cdddf52d25c15bd5

abcdcdd4493167cbb3ba78c04424355d069c930b4f56a3386af8e9b45c40ed16

acbb983043b2caf0a96657216843a985a11622ce7480c3e508c7c86f5bbf5f3c

ad29812f5ff0e101c8ca1a48a8a0194d7a032e8b890374fc0041b4ae2a1e9a21

ad74615b5d256862ab5a39e0f2de098697720477f131c9d23e0feb84eb5fd2cf

ae531e01c4b447d0c359f1f560e1385ca9eaf0f8b9e2e401e460138d3862b693

ae8af3e049e812d26f5001815de7cf20d74c21fcb013b7b1ea7bac95ea0c71d4

af5d3982301079392cdbc9a49380bee3263bf4d2880764663b1ee5282fe1f268

b0507186720c3648901c7d0fdb6e6a2c49d26e337de269e297a218405972db87

b18834f77db73c92a2b1eac771b7c61b37e2f76d6145cdafbfd340a4db085961

b1a7d59539e789763e967266520191c1c5e76671d3955caf69eb8491952b14d9

b2a4a9e9cd0fbce0d8bb0e6d7bd34aacca346ad20e0835064366a557bba2e20b

b3c82c1dbbcdf802412c2ff189b8116324aaa10605be260c648ccc641e69a181

b42cdcccb051d01c545545fd81495973fdd758c7d5b7faa5d7dd3fa98f31c173

b51ebd58f411ad5fa6724005ab27bb23b4c4d7c15d4d54e066fd55055ef87a9f

b55b384d5879073363a91c85a9b723cc98f6281c46087ccc41a94f77940c81fd

b59c2e678091c29d38b16d7558f6d06bb0f7b926d3aee1c38582dbfb78edd97a

b60f40dba25031b65c2ee81748340738b7607179792b0f0ab2c383b822f4bffa

b61015f0bd80498627928ee270e0a0e604b52998ff943254072241748c708c39

b66667a5aa484226944052ab945d3dc99a7a67dfb5a2942dc9d84371ce752438

b7dc735524a606b0ee3ccab89eb43be79329dc994026501a3f5ae809597f3f45

b939904d34dee658462a3963eab58ea198b07f42fad912b8c73f53fc2f7de559

b992553008a95ff9feefbfb4522b54569e8b1d0f035a0f06e87e9b4d2f4cf120

b9c4d2230791ed768840805975a2513ac67ef59e05af75a85230b467afc377d3

ba23ee91a54d3da0e2142a90def9ea6ead953621fdbb2c9a568ab68247993b90

ba4e57be7998467a7fb5471ea6e6d5ee9d6233de96bf2699efe9e8c45b21b039

bb37d80cb884d9499e52e498fdc6e234e0cc972ab16cb5e5859287a02f6e01c5

bd25e7c40ce4856973e988f5e86804ad945191ecce1c095b3ac354101870e5e5

be1bd8d34829f7087209c8ef55d3f8c87a048519e859a89bc92de6f9680aff0d

bf8b480cdeeac23e87309d65c95d6528607011796a9b3ad48c4ae29325dd2c93

bfa0cd295ca0f66b7a1a1d30b7e9923d8de1bd2191dfe73b16b7a31d6e737165

c04095e017a0f3911c40181c5175e5f50f5aff5e3ece9287a4df7a699599db6c

c0ed712baa4ff2bcdb8df1f7d52328bc10c629f0ee6d314d816cf6bd4ed59350

c1669b870d0530d4d74f1f5afe58b2954670be9c1f047558f0d0d24809bbf0a7

c1bafafaa114d62fc3140b1147dd5e5afc6b003581810306ce9e15621f2bd7eb

c2337180084757ac67238cea6bb477ec84210742355d4a02bec52a7fbf3d8511

c3d4945052a644bbf7ce41cbb910d2510c85cdee783922441ce0aa627eb7c233

c4e122367f23ca841666dac54c6a42a937e0b8255f7594ded6f4d150fce18538

c65cf347f560bdefdaea56eaeddbe94ef8ff32da132939d9cf5c40c4fd173908

c68b80b60bd6648b1fe8092a911fbbdb376b8fbbd6b884875fb13ad87c7c7ac1

c691c7260a144c141abb520099b6d406e87ef75d16bd74c5f1cea900223cdb9f

c6c5b09801e1b072f9fc1c0ae1bda204137be1d194eb6187f5f1948543dced4a

c721fa91cec61b7b29078a1c68ff58d90f2f321c882bd60e3823d57ab470277a

c731334671b5c7da8410569e200d24a71d9db395adf6051440e661125e482888

c7862bcc809a9effd31035b7e92fe57fd368318894874b8239198ee4e0dcbf74

c7969e2249fc0180887315b88855ce017d4377b6550a2631b3c821f226e9e861

c7d0fae10223094c6d09aefac6207fe632b55405f57671e0de06276876f67e32

c8d0bbcfda19f38c51dd772e5457b60ff59eb028799dca1fe4ce5d72b281b452

cb4aa6105938c53f9f2b2f8e6f5f36bfe96419c56e73cdee53d48f4c393379f4

cbf2ceb3c5ebc6f1d8c09f3098176ded9503800cba77cfefa25ea9e0a8085ae3

cc00a259ec4ebde015fe0fad59f369ae23def081caa787ad0652f7d6b2fe6de0

cc261a096421b7d33dc306496e1a8f4ab37f84188c3d05514ee68b5dfe860252

ccf57b07f8ba315a9b94342e0ec76d38e0095249e38b2e2b4a005fc199d12181

ce8901205463e35b57a5429767515611490c65aad8499cadd3e75f08fc420e61

cf367483090fca26a20295f8696bb2b78952bb340d54cf146009a3bef4a0adee

d07178c88eeeef7cfd9db6b2405574e16a85ee9b8973d2603b22b3a7feb9464e

d08285f3f36f0c79df6d4cb82b9b045859d25c96a223c16702b6043ea8950f6e

d26905886a1f3e12a5af7e473ef805a346b8c89f68a2855128745b26212f78d6

d2b4c65b6c4d7085f6362ccdde01c0e5801393ccfd27d3ee1883b23e61d49921

d3231042d20e7e02069279a9470ede4daddf70137cf1122550e4bdc354ba1473

d41f8ae0df709b0243db420707a5d87d45eec903ad2fda40a03963b958f83a18

d4e07d9cc1eaa08e84d2679f89829a4e8dec000b6ad1c793c3500df77f746b69

d51c29ad01d4f7a479b2e8797ff8a086ddd461de33d3e2ba39f5cd226d5c267c

d56a6d41ab8dd698a4ed4290f7bc49e49cef37704bcc947104e5c7dc33db8c13

d5c70041e09a2304f4b9fe55ff804d72947e3bfa22b200312d2eae1ca60423bf

d622b2d8d7d33bcc427ced8f3dc2f0458c60131190d401070bc3de8fb3bc5786

d6362028ce8ee6c56bc74d2d0192d511d5d18f8ade96a70ee40000c26c0c3455

d7530b4cea5801c7bf84d8769dc3e6433d9fc807ae492ca39bd008ea365f16f8

d754c23ac2b3c2fc55c6debcb9ce7245a36ba569b1a676274f6c90e1492cc497

d78e3e77e039c6206c59d8de22d5bc897af8eed615e13bd0af33f067e14b8b07

d7cc9dcc8ae28fc65fe7ca41441231501c455dd6e6f2311ffbc8ca6d134f5ac7

d825098c3ec079b7b309155ed35e1e6e59c6bf1ef2144f6ef2a553033a204a54

d84490b501877d621d3bb83299b2b5c3cc49414d6cdb685f0f30d08face21afe

da3a95d70153f65481b2ddaf4555ca680183db970a042181af023ad6b11544d0

dada501a3ecd363542202cb3897f0d0152f1481f8f63436ace881031651f8640

dae577c72041d51f181eeb6f2006c96a426ef2814b73252d089d7826c3ae4812

daf3764587bb8a9fe64c03699faf852107df6e9abc840b30be4fee77eddd7da7

dba94a0f18f503848c9e2fc452b8bbb5684c49b97e05b83fc159602ef3c970e7

dbc2d8f4e0808059c5e5481ae74393598e5265167e708b267d907874bd7381c6

dc204e1b625a80b71bdabdb6bc9904cda994e6ad2b669efbfbc245c2f9044f23

dc6439f061339d1addbce55511e88e41081ef6b36c9611e3939d9914bf211e61

dcf90d69b4a83839e6b741986745c373a2c386a1a5518cab19133fda1f7f6e16

de36e0af9cd7e32d781be2ab937a7dca33a9f93dcbecd06ff944641e5196c51f

de643e52474149e2302a1101341bc8b659d2caa60221d8f2d554491fc99566e4

df58d81c1f9e99e829b04af328c72cce4fbc6ee848b0c7df150113d9e52c0d49

df8049f5d37d2099ecf39ede46f5d3a9d96b17dd2b0b3819ec9e6762bc1127bc

dfe9ac9d0d6304a92daaaff1b65178ed1e62cbac44583b773cb1292051c21cfb

e0bff837ffc9cdaeadec0987da697923356ff7134ddef075325fedfe0f4c910c

e0d1f8817a29fcd6e49c38a59b3828bfc9a76a49167e545307b79bfb387d0ec5

e0dce2c77838ca85988193df3fdf60a9e8d3124564700a5daaa466cdaf5392fb

e0f8597fbde807a20dd853711c5cfda779eb18d389277c4a2db63948202723f7

e11a0afc8d50c55f0c879bd0c9e5a0e3fe218fd47a30fd4128f4cbf5f817dd65

e1431911ef43d4af90f89b0adfdccea150bbcd0fd0eb57907878ec5c4573038c

e2f48a73e05008fdc0391d8f982cfb44c3b8eca591377179bb53059879fd1430

e3f51122f1c4ce17d243e0262e948cf4ee991f3f49e44cb8d276decacf14f3dd

e4348ea6b4e98e96760105b7b9c9612370ac3a338bdca989e98fff87612c4d3d

e5c752c17a8553d77b0751b49ecdcde62e10978185c9f3cdd7b253a92096b09c

e5f6b05e58adcca40c37a12ebd6b930d50d99d6e913fdfa46dc852318940c2b4

e6fe3b4fadb70e524e14f05582fbcf5109a1c9e77160a89078d4d6eb09a8a667

e75b1a0848b1250d747c6ab6ba1c1fdd13cc7a3b1aafca9638a2ba1d3b958e8f

e8470ee5c32ee353798a80f6d0d5257ea7b872bd446c520c0e2aac90fef87b7e

e891320afc71746992cafbe3899c54999838519170e2ba3f1cc57ef5994b085d

e8b934b5f4eb3c40b83521360f41d8950875b71607ba38cb72a9562fadff4473

e9b07ed4490fea74cf5b0bb98bbe1f3d0262f68f3df3bf32ab2df978a1005969

ea9d43358580e77ba214782691e1d2a4a258efc5c22a9e9dd526aa0649419ba0

eaa103a6a63dad21dc2baf4bd6b4d74fc589f4a1371c81899edce25c27f62268

eada4d07fcd5f9254873d857f9fd658a160e3b04f3568a295901c0337004622d

eb287ca6bc137141d82775a34ad1cd2f2aa10a22defae90c113a74ed38dda208

ebe7bff77210dc2a0abbfd66b0d177199196a7f1b07701ebd4bef9a04bbbc411

ec8344a4125b21078498e0eece9384d98601f07f2a5b59d063dad7688102fd1d

eccb22533708e9915223c46a48b932ca1707c04e4b47a4371d2f8b1acac3bd2f

ed5e523acba44de27161183c6d947d65f73a11fabf39524a9b23b25fef951cfe

edd192a65b9a5d7df1076294077e896a872bf8c6c1ab8799415f1ddaf32e0144

ede149b1de958af88945f4744c1d95584615686a6db9d914069c0c7227ebe56b

ee11fbe9cc5f57380f27c7fb2b17e5b4e7b0ec6cd1449d3860a5e8902c13ac2c

ee231cb499908ddca8cba88cd674f9e30931457363eec6100734363772005548

ee4e7f4fbfe7fee56f16b21eb0e33833e67f53ce020d0f8b6d0d58b646afd78f

eef8019c1e981db0f30d2ab1f2981582dd4e3d95844cb08d4961d7628fcab434

ef136083843810fb5fbb2fdb4ae38aa5403c765535ee77c4d2169442ac1e1ebc

ef7dab4a3cca0dd55feffc2796a652a08434419da50f3678b7ee59b88f26eb04

efd4e822643307b72a269f9ea51936254e89a608dbf0434aff36dc244def73b7

efdc724800be5d9872770cb1dd346815b4feb534a256b44d43dfc8b72488f05d

f092b7606233d1512530c5680b4e4ea17212f24024374bfd96061cd7260a0ffa

f2002467bcfe1a5425461a16eac5e65844615f5ac03a9460f58a7afe470340cd

f263cbd36fdf367fc9ef32bd9f80f0f459a0a09a5aff4a8f387e771ae20d31b0

f30f6678ae4d09c772c58422885ccb19993e5b3a60829fda5d2952f6ad1bc146

f3c880591e06396f588d5b45c599ba6aef1aae4065d0d55b3560e3547242b697

f45120409a844d92a030ebd460309bf48e0ba3deeb8fb341b155554be4b03c3a

f5022957c6f40fc599a45019a635847b229ad94f5c9e636602f5952f3bb662a7

f5a1ebc9c77a22d4907d6ccbf9be2eeba994d35882cbe79955309863c93d8cb9

f5a5e69528ddadb7b7345238884a622eb259728d9c5c1ac69476e5b7af2c545a

f5fa9ef14b3deaafb1eb040bac64eb4945bae4795723bdfef6a43a04339f70ba

f63faeb1bc31fd54621fb2fbcf5430682af5a97e17ae97b4363c42643072b8b0

f6af00a58dfd72806fcf6b9549cd9c871c127410e7b84d92acb734c16054bc73

f6e8f0e1d7b6336e3759600448fcaff0fd24163e3cd0ef4e9469b5ae6b178b3e

f85e2a0cf2bf6c8f5c7657fbcd3fff12a72385d2b1382994f75853566812b0a3

f8650a0f5e6f8dcaa40fec55f5ae8e3a299f7a085557fea4eafa44ce6bbda06b

fa21fa9b327cab8e4d615ab196b9da0156e5ebadf9fa7f7af2da83dbed1067fc

fa244cc3fa7784bd21fc95a6e7a311686b6875ba0b770a1e6383481edc95973a

fa371ec6989dfd58743662bd5ef22639b7cd476f9640d9c398d97c4099b4a1bd

fa401a2b2a81beb78852587e2c717cf8a7f623b8ac2f55bc399609428f6237b6

fa40bc120367a0035e72eccef07576cb16ff36b08dd051e751a481de1f2dbf9f

fb26dcd89930afef0012125087704a3564d8ef0a37c3c6c021b42071ad273ceb

fb93b35a327f72fbda95a1f785e658a938fe86086f232b3781333551742e1641

fbcaf5798179ba00092f98c6edb5bb86414970c61e059cfdf5ab3ac8d3fc16a5

fc25ed1a9b3d16798d3a105e22dd484693a5452c1419f94a58e22a5388891504

fca010ff672c62a6c92f94a12b78fa1e019f37cc0dfc622e29813991e6875ca7

fcc5d7800d4b249f6f3b3a083c4ae1d626a7e97b0364afcb499064e882b66b28

fd65a36e69c42ab79d3511669560c83de0aad638a178029363aff56afe144911

fe810f2f7406764ede9dbed620a2c029755bc3459d2712f6b2e45030edb8aa43

ff4a8be4e90fd047718103a1527a2d0a452f76fdbd2c18de9d98d7c2ab4926c6

ff6afa0a84c58aa0d8a64df82680040ab58bf50e1cd2a8eb3e317f7f47843ecd

    Gurucul Threat Detection and Incident Response (TDIR) Queries for Detection

    Detection Query 1

    sha256hash IN ("b18834f77db73c92a2b1eac771b7c61b37e2f76d6145cdafbfd340a4db085961","3cdb3d9f4ea6e815270433385d7f8a1a4432aa18f11411cf7719fa58671f26ed","b9c4d2230791ed768840805975a2513ac67ef59e05af75a85230b467afc377d3","1d40e7daa7a2fc748c85d3bf233649204163fc179f71d3ff2b3c7f426b0499ae","438173fc774f8e827a861804a9af18e328f72363aad164e1d4213b302f7bc904","745bb1bf24225162b5d44873f99807f1f9a90ee34d71e2af0104e6accd6b2d8e","61b0a39405d071a95d7a8302b308cbf65ce4db0df029efea1af8a24ae9a94ca4","8e042392a04fc5aa858ba8f96ebdae676e2b959217e2d5c43252632337144da6","aa8e104dcdc6c58d726bd32d3ac32b3eae96ae2ffa591d9c9303f57f3d046e35","c7d0fae10223094c6d09aefac6207fe632b55405f57671e0de06276876f67e32","3e9dc00f7570354ba5099d43f1df7e6c6703632f24e57d8a58c5d0bbe1f61e4d","7d597bb449c2f24194319179e51fcaf3cdcbb0464319c113e233a7b9eda3e57a","187cd18caa83a2a938e801288eeb95f2475f9efe97ab62a42314d7cdfc88b33d","7f68acaaa1fde023747d47b2e66515a3ed9408a80e3ec1596d8a76aec0a9437f","f092b7606233d1512530c5680b4e4ea17212f24024374bfd96061cd7260a0ffa","62cb60775d9215595457d37fd5a8ecc52d0c8474948a3e20acf5e1b01594e239","e0f8597fbde807a20dd853711c5cfda779eb18d389277c4a2db63948202723f7","5e3bd1cef78452981fee2e74cba2fdc46c6ebac15d9a19d85f53ee4812b1fcec","59fe7e6e026da28b275c1fa65ac6f2bb0712793903fe1b77cbe148c15df0c927","37a5b1ebe01fca754b6878ae5040d7ebe179eaa7701fbe937888f5be1248e83d","bb37d80cb884d9499e52e498fdc6e234e0cc972ab16cb5e5859287a02f6e01c5","0520a17e3d8e51c452f6a306e87bd11747f54061b550323aaa3effdcbc976ae3","c0ed712baa4ff2bcdb8df1f7d52328bc10c629f0ee6d314d816cf6bd4ed59350","48e1b13ffa233c40c0a24026d2c7236796b8fce6956235f29246a4717728ec42","1ded4207f46c167de383235dd94de12f4d144ed4e38b5131dad2fe0cad56fe84","2f35dcd0ee4728492a3917d42b10893a8d44f71e774b058e99aca87de8fd76a3","d84490b501877d621d3bb83299b2b5c3cc49414d6cdb685f0f30d08face21afe","4ca542b8871a292cc4d4c1aa0e3b8b4517a27ba227ff822eb870b5bb4b8a71d1","c4e122367f23ca841666dac54c6a42a937e0b8255f7594ded6f4d150fce18538","5aa1dc189fcbf09a77f1926e0a2d1c17d9b66e8bbbae1c1751622f544a67ee62","de643e52474149e2302a1101341bc8b659d2caa60221d8f2d554491fc99566e4","42a098586b632e65c8b350bab9846eb0943c54ffc6f81c44b18f5d8e772fe36b","8fa717459c332d72e379363eecdcf23790244c589055d69e984acdc56875a05e","5f3cc281a34872f7732d1174eca50fb85364927cca8dc70ac31623ff38c20a00","6c5b19853d6cec2a3f41aac0e437e1ef8241c97925c5154917c92382ae7c7b8f","ae531e01c4b447d0c359f1f560e1385ca9eaf0f8b9e2e401e460138d3862b693","270c0ba7e8fac9c92c6a94d03dfda65aef468d0d3a56eedf23ede0d2c3d4de95","586e3716114e7ad01d36785d3560c2c0ff95e79d123298a027de9a92b45a0af0","ad74615b5d256862ab5a39e0f2de098697720477f131c9d23e0feb84eb5fd2cf","dc204e1b625a80b71bdabdb6bc9904cda994e6ad2b669efbfbc245c2f9044f23","b1a7d59539e789763e967266520191c1c5e76671d3955caf69eb8491952b14d9","e0dce2c77838ca85988193df3fdf60a9e8d3124564700a5daaa466cdaf5392fb","4e4e85c783e001bc88e531428589550291cfde824a12368765dd7cca701f904a","0513a96a4f549212ad24a7ee47bf22018e6b3c097cca871138bdc7e4d05cee6c","68c75ba3fb131fa8d015169c3dd717f1b79cf2688fe87c87695ba9e04df87695","6f4774324d33fab7b2ed9ddd09d417a2a4a44f65510c8504307810d63a3e1078","fbcaf5798179ba00092f98c6edb5bb86414970c61e059cfdf5ab3ac8d3fc16a5","fe810f2f7406764ede9dbed620a2c029755bc3459d2712f6b2e45030edb8aa43","1fd2972d72dfbc8b2b0c6bc7c43e3389e67d2bad651cca2583f4f4c7fa443fd1","6be338592a07efe9cedccbeeb21c9b06bb32587fd8ab7d280e2e2d8dc84c17a1","d56a6d41ab8dd698a4ed4290f7bc49e49cef37704bcc947104e5c7dc33db8c13","b59c2e678091c29d38b16d7558f6d06bb0f7b926d3aee1c38582dbfb78edd97a","9a42637e8c5229a0b84c28892e030c5b9d07cd32ccb5bdc0cc6f0633113c8fe2","dbc2d8f4e0808059c5e5481ae74393598e5265167e708b267d907874bd7381c6","688530cee5f95e2040e9d0b5198cb0f530cbccd0160df3827882905f7002879e","ed5e523acba44de27161183c6d947d65f73a11fabf39524a9b23b25fef951cfe","f2002467bcfe1a5425461a16eac5e65844615f5ac03a9460f58a7afe470340cd","8e521953f01b56f163a5d7ca777cdbef86f1d9291bf994d3ba35cb0e89729da0","82c0608d335a64c32af8041ec8212df46d742fffbdb89bfffd58fa34a90ae654","235be22a82cb8890d91c8cd29992fd044a3c802cc0bc55ee293e14ae54700cfb","26e5f26a50b29efd559c1fe469831e7c31409351e922b386db911d8320f303f2","20144b7fe9b7b3900c8240c1cee5003c0d2647eea6d98f310a71304600def8ea","5da1b29f6b0ce6127341d90ecdcf572963cb8d27a5f4ba1b072f58614404976c","818f21b679e26ea67dbe65df1deb5c728214c9007793ac18cb9ecd139dc9aa88","6272c72c830630f76aac92c2ad13e3f601aa7752e13d8713e150511754097eaa","87f954a96ff46df18d7103c05102f23441838d3c0f157380466764dfac2079e2","f5a1ebc9c77a22d4907d6ccbf9be2eeba994d35882cbe79955309863c93d8cb9","f85e2a0cf2bf6c8f5c7657fbcd3fff12a72385d2b1382994f75853566812b0a3","d26905886a1f3e12a5af7e473ef805a346b8c89f68a2855128745b26212f78d6","c7862bcc809a9effd31035b7e92fe57fd368318894874b8239198ee4e0dcbf74","97175f477ed70cb8ab8e64165325586111a3946433bbae9e03b8273ac0602e3e","c68b80b60bd6648b1fe8092a911fbbdb376b8fbbd6b884875fb13ad87c7c7ac1","f6af00a58dfd72806fcf6b9549cd9c871c127410e7b84d92acb734c16054bc73","3d47f583cdcd3a9e04a33f93333dd38b382fd3b7c82cfc7e09cb8dad5beecfe7","7fd1c60a9db98539700314f893c6b8408ee83fe4655b70f040b61a853821f99c","be1bd8d34829f7087209c8ef55d3f8c87a048519e859a89bc92de6f9680aff0d","ef7dab4a3cca0dd55feffc2796a652a08434419da50f3678b7ee59b88f26eb04","10373926f6d4868e6970e5d1025bfe92e394dd7a6bcc576162e3397f5139ba90")

    Detection Query 2

    sha256hash IN ("a3a4b56daac71b1ce0b62f548c200323e603555438c7fb1452268bca37c8e94f","ccf57b07f8ba315a9b94342e0ec76d38e0095249e38b2e2b4a005fc199d12181","d6362028ce8ee6c56bc74d2d0192d511d5d18f8ade96a70ee40000c26c0c3455","34c10230a2a1c5a92f3a3aee064fe14f653703719f9ab479fc57c853cb388190","7d2f6124a32252c6dd8b98e100d57a04d13624efc68bb55a5ff31c4587eceb45","c2337180084757ac67238cea6bb477ec84210742355d4a02bec52a7fbf3d8511","4534f19c76fcfcd817365b67e0feb22c2c59b00c43bc7ab5b6ac04975da21cc6","794c5c420ebee929b7815025fff40b48d7f8981fadaa578dc522f95f30144e61","eaa103a6a63dad21dc2baf4bd6b4d74fc589f4a1371c81899edce25c27f62268","0f9188163350f4562a4a2a86f490f99d593ef0940f0642ae7464c84677a00028","b992553008a95ff9feefbfb4522b54569e8b1d0f035a0f06e87e9b4d2f4cf120","fcc5d7800d4b249f6f3b3a083c4ae1d626a7e97b0364afcb499064e882b66b28","71fc81dacb3b48b07278fb1b7eb71fbb7526354cc784b9ffa76b626a4d50a11d","eef8019c1e981db0f30d2ab1f2981582dd4e3d95844cb08d4961d7628fcab434","08b302febb6fee2f577bb42cc0dc2683bec71ce5e58a17587fa19e09692de5c1","1a73070f4f7da75fe1c3c39f76d00f341838db6ab067d9f58326eb4b19472eb7","43ab8d538551ee2d920b1780bced4a7e97a3e9cf8d6f47b6634219120c1ca3de","4d37f7aea76ccb788710e7d3a8d2553964142a835115a9f0768f33b286400352","42c18f233d6e89be69298fecfc935b14a0d69447a22e2a3195e50131261b038e","e5c752c17a8553d77b0751b49ecdcde62e10978185c9f3cdd7b253a92096b09c","f30f6678ae4d09c772c58422885ccb19993e5b3a60829fda5d2952f6ad1bc146","337a0dff907453cd0d54ac5ecf32647e65862a3022c214ddbca0403975536b02","da3a95d70153f65481b2ddaf4555ca680183db970a042181af023ad6b11544d0","28a0366a432fda9d8ce5580ad76bdbf7b194b58e11a1330b415cb74ed856c6fd","d4e07d9cc1eaa08e84d2679f89829a4e8dec000b6ad1c793c3500df77f746b69","6f18b851eb475096072b9a3eefd392cb2f9f6f2f8f7f7ba90606ebda1a6a3f36","e75b1a0848b1250d747c6ab6ba1c1fdd13cc7a3b1aafca9638a2ba1d3b958e8f","b60f40dba25031b65c2ee81748340738b7607179792b0f0ab2c383b822f4bffa","ebe7bff77210dc2a0abbfd66b0d177199196a7f1b07701ebd4bef9a04bbbc411","c7969e2249fc0180887315b88855ce017d4377b6550a2631b3c821f226e9e861","3c5859206c81aaf8e9ae611f380aea0185dc67746410589b0ea77bc991c1d265","cf367483090fca26a20295f8696bb2b78952bb340d54cf146009a3bef4a0adee","e891320afc71746992cafbe3899c54999838519170e2ba3f1cc57ef5994b085d","fa40bc120367a0035e72eccef07576cb16ff36b08dd051e751a481de1f2dbf9f","4d7c1d874dc735c24586b32d080ad58a7c3559330b022746fb6fc1179a1ad522","d825098c3ec079b7b309155ed35e1e6e59c6bf1ef2144f6ef2a553033a204a54","d78e3e77e039c6206c59d8de22d5bc897af8eed615e13bd0af33f067e14b8b07","fa401a2b2a81beb78852587e2c717cf8a7f623b8ac2f55bc399609428f6237b6","ff4a8be4e90fd047718103a1527a2d0a452f76fdbd2c18de9d98d7c2ab4926c6","62b3b8180936fd37593dca45af592225ca18bb410a45cdc79fa15726ca7efcf2","1eb665c42fe205decfb70e4f2f72508acde642075ab4ad0d2f929f97b4e0661a","2a4a5dd292f61bc749a25978da5db1f25a1b399a6d739305a5625c9c3c430918","8dca20407ba9cecc0a6d87adafbcccebc37d865caedee29af0e54f718f150966","91e3a3d0cb48bbc343badd86994ebf1858671fd1a9408534e60bbca47198c45e","a555018ed03a0b191f64f625b75cebd9f62c194c7b1c1a66b91266f2f1c1b6c4","04e8b67bfbcc576c64439bb6c6e7ae2a767cfe71a120f148f9c738982577873e","44e79edd7a2f9d5f9140db1b213091322d0629de1c3f02a8c42e029890503cda","01672add57d9e53c782996fb0b64de8ff3646e8f1928a8cf6cb8d0447a8e75d4","5cafbeb084f248690fa9d04c395055acad30ff67bbad09dc1ba8f9d5b4cfbfe3","777892a4b1b38fb5895f899e08b10c32ffb55cda03615d8e1844b22c002da446","c65cf347f560bdefdaea56eaeddbe94ef8ff32da132939d9cf5c40c4fd173908","eb287ca6bc137141d82775a34ad1cd2f2aa10a22defae90c113a74ed38dda208","ee4e7f4fbfe7fee56f16b21eb0e33833e67f53ce020d0f8b6d0d58b646afd78f","5aec1bdb65d91129f58844c126bd3e3f324b1db33b400a875497c10fd08f031d","164beea0736231f25917cc0458e0ae9775504982256b3b51dfd209067c7c2e19","abcdcdd4493167cbb3ba78c04424355d069c930b4f56a3386af8e9b45c40ed16","f6e8f0e1d7b6336e3759600448fcaff0fd24163e3cd0ef4e9469b5ae6b178b3e","0bfb5c9035c5bccea26456a7a873e7f682055c5621a3c2ada16f7db9e4b49a39","304eedf0c5b7d5fab844104a704741e6c9d4ebcb8515d19e85db979668bc3cb8","356b236fe8d554369f76d635745d8ee5915bec76d07bf280460548cfd8b2da6d","01c43d621ea272c9838753ac6bda61b3aa466298c024d7c7335a0207f9004928","d754c23ac2b3c2fc55c6debcb9ce7245a36ba569b1a676274f6c90e1492cc497","df8049f5d37d2099ecf39ede46f5d3a9d96b17dd2b0b3819ec9e6762bc1127bc","186b3429bd91f133613c78caacfcde2702503adf2a0fee22af7cfe75561bb11e","05f77810972591f88192833e3b3b8015584fb97c407ebc677d0dbd975cebea3e","dada501a3ecd363542202cb3897f0d0152f1481f8f63436ace881031651f8640","ad29812f5ff0e101c8ca1a48a8a0194d7a032e8b890374fc0041b4ae2a1e9a21","45ce39ce5eef5afd148e6bda2802b60f8bc388d279c1c2bb03d3795b207d4523","5288fb718ebc59210f968c247ea263159bb14c8b1e336dae9ddf17d85edaa418","62919dc688726421395003025abf1bbcd405048fb5b7c544139a538e5bdc45b0","7fefc8a574e655e534f74b031a23616d1a72b876ee3daad9ffd24fe49a3847ec")

    Detection Query 3

    sha256hash IN ("816276f8a28efd4134c8bba50f2a4271ddda713706f9e805701f3b15a1318e77","dfe9ac9d0d6304a92daaaff1b65178ed1e62cbac44583b773cb1292051c21cfb","df58d81c1f9e99e829b04af328c72cce4fbc6ee848b0c7df150113d9e52c0d49","6322d14ec5869367ae5b64fa81eb5958371640fdaa0dac6d5dcdfea35925cf94","e5f6b05e58adcca40c37a12ebd6b930d50d99d6e913fdfa46dc852318940c2b4","34889881131cb905767fea3314047acf036c05dd2c5a199ecec0de4a5230c1d5","ede149b1de958af88945f4744c1d95584615686a6db9d914069c0c7227ebe56b","4103fed41f19837a4ac6f6d5c82e82f43c3bf141247e7cac410c4cd93847f969","5299590e69d031fa7b4118551f59a41091fe97aa3513494c910f9a6011a6e6fe","bf8b480cdeeac23e87309d65c95d6528607011796a9b3ad48c4ae29325dd2c93","37f4db3ec19120703cdfc716656e2af547088802c264bcaa34806cb4b2612d19","7ce13f8eff2d3bc5aedbb0b624b9aef6ae0e0391414d5c345b0d2db139290787","8a9d1cf4089c57e19bbeb819b57cd3a458d067d65dc03d39c25dcc35cc9ce229","3ed1506c27dc92c44fd3b21fdcbd4c196e6190c4de6ec68a5ad2cfedca36e5ce","48cff22bae20cb599fcdcec8b4fb41e4785ba5c19123a728fc4f8244f7a900f4","4a9e11f3a1b5b7543f00f4f662b4602c5449c78f7181a139af3b804aa7316006","47e3b3c0e9633dbba588060bbd946d13658d2a49678d0ed0f4e21cc9d8370058","2be849154e91a1aa43a1914c7253f08f0029854d309ab4e3d0e264a7424ee8cc","18c8d79ba3dca33b41b716eca938c61b3bcfa1aa9d524f2646f268f1db7f6a71","39a55348da6772b444792bb09282c7450010850442d6c00b7a8f04a9eaf96226","516f23acc3b9eb0c1e2fa79c2a4d8a33a07141b486e6b0cb4ed93dcae966478a","9ef95f67e220bb2c21e564af32614ba616871a79e96e0d50a441470f3605345b","d07178c88eeeef7cfd9db6b2405574e16a85ee9b8973d2603b22b3a7feb9464e","8de2fd12c142b386f6465f4fe39ab08bed03823e0a01fd0ea2794b2c21710e62","dba94a0f18f503848c9e2fc452b8bbb5684c49b97e05b83fc159602ef3c970e7","c691c7260a144c141abb520099b6d406e87ef75d16bd74c5f1cea900223cdb9f","e3f51122f1c4ce17d243e0262e948cf4ee991f3f49e44cb8d276decacf14f3dd","ff6afa0a84c58aa0d8a64df82680040ab58bf50e1cd2a8eb3e317f7f47843ecd","3878a0e50206a6d660b7234483c9d79c8db99c23d2fc281f09435bee25edd577","6b6e6a393ad1b3ab46c39b82fefdc51ab0fbfe639ee1d4df3a379ffb74480cdb","0537aa42d49f4582426dcac92368b7c61410f264f98ac92077356f609053f6b7","dc6439f061339d1addbce55511e88e41081ef6b36c9611e3939d9914bf211e61","b55b384d5879073363a91c85a9b723cc98f6281c46087ccc41a94f77940c81fd","0daceeced78525806e2221ef5857a345077e118c853797c17c85023c6d8e4cb8","2b1b8be71aeb2a4b42444bc53bf660c76a5d4ccaaaffb92b602cc6ab0366202d","612cdcd8164c3820950dcc5276dd1a41782ffe424ace86e065de964de21f6871","07177a2cc9ea981ef0d694eb9ef15516a9da72efa4a2f18cad65532fd4d1e190","6bb9fcba87faf95868f5480586f55e97c3734019503aa9bdd6972cf93bb4d102","60837ecb4271e7348591ab1d8ee69dabf9071677694fb024493497af43855f25","eccb22533708e9915223c46a48b932ca1707c04e4b47a4371d2f8b1acac3bd2f","20007eeee7714925edf27094d9109025fdebaac26e1dbf97d51e8917276b6d3a","a9aa8684fd492083ee04b150344411dea5d3560e87d4dafe7cca03889789689f","f263cbd36fdf367fc9ef32bd9f80f0f459a0a09a5aff4a8f387e771ae20d31b0","7a07116fe66c2288abd5511f09b30da56b11a2fff49bc9c2efe793b6b8342ff5","82dc456673c70d3e2b6e7b8b2a6c06488dd2bffe2f3320f6ee54352514a316b1","e4348ea6b4e98e96760105b7b9c9612370ac3a338bdca989e98fff87612c4d3d","9e0258a3894bd522fe9e21b89074c24014605e9ffb767121180f3d75db12f8ef","9a3a26bd98c511627d2b384bce4c46c538a67f24c66459acd0af467fca4bdd08","310d4ec3b694aa3503a8d5a5adddbe1c0d87935b0fa01e640b0df602c1505234","fa371ec6989dfd58743662bd5ef22639b7cd476f9640d9c398d97c4099b4a1bd","6e6c7b6870291847bb97423e17c9eee895d10f44ed6ab7093ee578d8d86fd606","85ff8d9d2f577cedd1ebee022dfbc8192fdb5ee16e39dc9f03743739b6d5c4e7","8f959c31ab0f7560c0ceaccb3ed44abe8c531eacf9d6689c1b0bb9cf7cc1446b","41a98844ffcee16144b7d48961cb6573bfad86ebeccb5f231af5882e199774cc","337ea5023b686cef1161d504abcd0e313eac5bfb586738a7a99d005f3899db77","479807c1f3eb9d9fab9b6ab2853604bcc97d9f090ae4fb14d66747fd66e5993e","9af467c9392af012bf687f347c0192296d131791b4c7cb74d1dac1622db8f8cb","a306e433e72c97ac9016f9f260f882362d7dfa8735f86384ee70046304430e25","161f73e22cadcc877a39104f32b3bc9042363c11cd490a9ee8681714148c22f3","060d6f9c0505a7709281567b10bbc91256a073ecd4fef23e3de47f5ff7aa40de","b3c82c1dbbcdf802412c2ff189b8116324aaa10605be260c648ccc641e69a181","e8b934b5f4eb3c40b83521360f41d8950875b71607ba38cb72a9562fadff4473","2b74c2685d3bc1504f20bb93af1a0bf3fb3ec2090b3298b8f025be4550789859","ef136083843810fb5fbb2fdb4ae38aa5403c765535ee77c4d2169442ac1e1ebc","f8650a0f5e6f8dcaa40fec55f5ae8e3a299f7a085557fea4eafa44ce6bbda06b","4af6877b9e52c8ce27aadf8d95429dc5fbcbbe663a3bff94367aafabea6327a8","5fb8926926dc18f997e3bbce351518fcca0ffd382099e59154402e2da3a3858c","4b42ed6bfed1bd64fbcc07e4ef108ae715802d54f2d7b1268aeab39d8a2966e8","809204d2979b2018756ca18a0d6a33812c96c3b6cfeff4788f705fb976c5b026","7167bf5b03b02439900fe494f21ecaa00127e039e5f43c2814882c9b543b61fd","cc261a096421b7d33dc306496e1a8f4ab37f84188c3d05514ee68b5dfe860252")

    Detection Query 4

    sha256hash IN 

("406ef6e503a9b005af95d6813f239803535eb7d9dab5cac2516b6ae9e3848cce","0949ae633b8214009cb1c52d1bb2ea9f5066e90c0c285fcaf3844b0580e2f587","1cd4ceb10f9445353969b740ae36c2471f68a40489f4c5402679480590d5b2e0","696a181467746f96cf98cb52d83460fa08ce6baa44d2ddb809a95c6807fb35fe","93b533bc390adceda0347abfd1c1c65682b20a22c19483a1ebd30918acbbfd96","1e9426c5ad1d49235ac06d0c3e7d9d8e08fac6569c0946d569ab713fb3a7f20e","9d96d963705e996e6618f11bc32894e0ce5bc1410db62f43ed79ea546e93d743","967516fbdc5dfb43e1f3ab8f5a6713e226b4b0d1a556c1933381086587a5b2db","d08285f3f36f0c79df6d4cb82b9b045859d25c96a223c16702b6043ea8950f6e","d41f8ae0df709b0243db420707a5d87d45eec903ad2fda40a03963b958f83a18","45dd5da0789b46e5a62749b0afb186191d5c2183cdabc8c58bb0ca036da735b6","d51c29ad01d4f7a479b2e8797ff8a086ddd461de33d3e2ba39f5cd226d5c267c","fca010ff672c62a6c92f94a12b78fa1e019f37cc0dfc622e29813991e6875ca7","0d9ee9b2c72c983eb0c90851a353b5ca9f2a66e70453c822916c3c4464aeaab8","e8470ee5c32ee353798a80f6d0d5257ea7b872bd446c520c0e2aac90fef87b7e","599fe4c40cd392efc6becccecdb65ad61e18ad89c98a586ebda05f597b54111c","15dc5d3ff1b6a02a897f1ab58f1aa6411f79479e7b04fc8b96f12db2c6c69d43","606d23a8f451eeeb802261b8c279da0185d061d971e01139da4435f75eab56e4","311934efae99b694091136c03c7277823018818578c5993e77ddbedd3ae1a166","2832eac061fdbdf5431c134f2a22c5006964fab899bd21c918f6bb010cce32d9","91d7d28c0897e0c33e2229133f9ebe6b15255c8a7bbbf6c7c3f0bd1438ae58c3","edd192a65b9a5d7df1076294077e896a872bf8c6c1ab8799415f1ddaf32e0144","0c04b6c3410b09724edb5f3ce6e8502ceeaa000475e7880bd255f3642decb890","aab1bf3a2a549c076a55b67c11c3af04813380b87c1a2d45cdddf52d25c15bd5","099de377cdc27b701145d1ab34c71f5c63fe4511e3b3e74c0c4813a7e64c0f97","74554ddbee138be6723c9e2808d22525cfbcdb4450e712935073ef29dcf426a3","000d7d9f98d3040f2e366febd8f5c58a3335038982290ae333907890fe699e72","10308a0e1aa49e815a747b0d9f9fd2d4e95ba594028b2550494f8ec6ee63abbb","3d7c57fd5e035b159d4f1460989924756a725db772787cf8ad67d543c510fe54","f5022957c6f40fc599a45019a635847b229ad94f5c9e636602f5952f3bb662a7","0f90f094b3feeb87fe79416f42d583a8cf7d37c32e715856333846f9313b89f6","8a4b53fd2a5246edb67124673b2c324db27b443f856c7193d8c5417d793835b1","c1669b870d0530d4d74f1f5afe58b2954670be9c1f047558f0d0d24809bbf0a7","007a98a9dac8ccc34d6fb4ee6cf34188dc6c0bae0fc507115e64b19518b72e50","00611bc2d5471b2c967ab91ca75a58070c5ddf1a2a18b0cb9988cd447c1e9fd0","085a5ea0e085c1ec078df7771d6d4796a0d595b1c88d104568a37544c5bf4652","01fb6cd536cfadcb15f5a4b13de2d5605382db36d2b2bb6434b455f0d80fe0d4","508d8872ec6b59c7583991947baafc80cc0788fad7d0215874360bb48523559e","054b1c2a6511ab68ace708daa654ce41faa2d96319887e7f2d662d7afed77228","65d074caa3e234445ad29db1ed6977855f4952c2d025c109f8190631dd6487c6","69569b6a988642b3bc36370470f71e2471df37b1b441c54f53c8e30b940d79bb","d7530b4cea5801c7bf84d8769dc3e6433d9fc807ae492ca39bd008ea365f16f8","fc25ed1a9b3d16798d3a105e22dd484693a5452c1419f94a58e22a5388891504","02207bd351797f35a127b08d3efd6ef7f1335888fa3a3a22d21f9b8b10b41700","6e9fa11b15e70c30b55369e69a64e96283d47476a0ff6f59c1daf079208b9401","0dc2e4861267051eb2e3dfe8c57ad10a7fbe8d20c55429b15ca64014f2c50eca","7d5c2be07e27f1ee25850b537337e520f823b1cddc2acbf22c4fe01f3a94b8df","a3d2ef71d5d8a5f7b1e489f15836d7f4bafcfcdccad2d9dfbfa14fb34e65fd17","b51ebd58f411ad5fa6724005ab27bb23b4c4d7c15d4d54e066fd55055ef87a9f","f5a5e69528ddadb7b7345238884a622eb259728d9c5c1ac69476e5b7af2c545a","f45120409a844d92a030ebd460309bf48e0ba3deeb8fb341b155554be4b03c3a","45980fb785c9c2ccd9f1b84b2906453edcf5700a59d5561b5d7bb0f8da71da2a","cbf2ceb3c5ebc6f1d8c09f3098176ded9503800cba77cfefa25ea9e0a8085ae3","18c2df2f2634643072361ced86bd12d503a3f9617a506e7fd01efadf1d095c81","e0d1f8817a29fcd6e49c38a59b3828bfc9a76a49167e545307b79bfb387d0ec5","77ffb29827c2e94dd69821c3cd1eb74866b597a530fdff94c0a88cbbe7bc6642","b7dc735524a606b0ee3ccab89eb43be79329dc994026501a3f5ae809597f3f45","5cbf6d0a1f9a8ad1b482c9b7371249b91b1ac1041e9e08701ded8fb6503b00ad","9f529e7032cf9d504aff60de83a033584462d40bb50988b83702b1f63ec7ca07","e11a0afc8d50c55f0c879bd0c9e5a0e3fe218fd47a30fd4128f4cbf5f817dd65","1707eac4efc2ea46c2364b3f3332d75eb414915586c3d199c904240be23c9354","c1bafafaa114d62fc3140b1147dd5e5afc6b003581810306ce9e15621f2bd7eb","0965f85212e3c5fc2cd3e14499fd65b90c5aac7029a3d0afd61525284c5dc88f","5ed664e59239f2bc96b4ac1a07cf1af18834d467b1868c79d960d3122e0c9547","5c6118287d6b3c0a58b87bf6c4572bd132d96f713d31c7061f790871674430ac","b2a4a9e9cd0fbce0d8bb0e6d7bd34aacca346ad20e0835064366a557bba2e20b","9910510ef16cd791eacb868d63f33db54c7ca6343a470b97bbda3ab53a0af1e1","b939904d34dee658462a3963eab58ea198b07f42fad912b8c73f53fc2f7de559","0a4cd27916c51f83563939c4a44771e3aadd0186b7b367f2b8b2268fdc602311","5d9d8bfd620209757123efaad61ffd8a48598ba8cbf5c5d795c9b35fd8618277","cc00a259ec4ebde015fe0fad59f369ae23def081caa787ad0652f7d6b2fe6de0")

    Detection Query 5

    sha256hash IN 

("5287ce4a9e8c523486887ca8da6134aec32d3a6cf6e77a0617b3ae1dd3193162","9423522a796f3190f1e434382e3760294527dae11844bd9aece3ee70899a74c6","c731334671b5c7da8410569e200d24a71d9db395adf6051440e661125e482888","001212590d5c2fd2fb18dc4366d526051dfafad2e655b909db30496673441e31","083be5f3ca7305f6a0f6a769483a48ba6098984b7192db9079839c3c90469d18","0a0dcf40a73e7f7a00a488367b7b0cadc4ff3ac7818cf22a46cd3e24ff5cf6e3","1f98d9d0535d73965dac132490686e26e29a89eca7001fd7fb9a1bc82e5c9a93","fa244cc3fa7784bd21fc95a6e7a311686b6875ba0b770a1e6383481edc95973a","ae8af3e049e812d26f5001815de7cf20d74c21fcb013b7b1ea7bac95ea0c71d4","1e92a017cb91cf900d15f868988a96c02ca483097137da1478a98953ca6db6a3","01568de8658e767ee3669e2f5550bec292f1251ca82d20f550c7cf971b483f7a","02badfbfd5bc33379b2661689e5b7bd6914a971ed9d41e65be062c01f6e6b3f2","03d2efb0706bab18e7b594b985f20bd316d9e074dc3906ebefe7ab4baffe5722","05ae5ba43084943a2366f64d6ea6495a18cbf52738a6109de317e09629723783","05f459b6b4d24a6da05e1281d8eb3b66d0daec3a8f5a1c50ca17e9b82b9a5f4b","0848e727bba3960a0fbbdb403a4a8503658b872e621234b6999b14ff9eb855eb","391c15890e7db90a5ab7dbcd1d9d8050bb54584c3283232c9a3d6c299a8d0ef7","b19f406be8e31b70012e2256b375c5062181effcbae63c3b6021ea31eabecc0d","87cb3e505b91088da96b2a66f717804140932581255d0a195f0df2ede2258e49","0ac7b4738db9ba0bf36fd8b0a26b03c0e6bbc705de0aac02f427b62fd8858d4a","0acb1809427093979ddae8bec5e6436a88c2b472cfb483e4f539ab8e2ca7f672","0dd890ccee2823c77b7b8417e1eadcf77e47177812ad715b59531386738c79ab","11892dbe32cebd618deb6dc36477829ef9fb8181d7ec887408f44c08bb5f675b","12f358f3b4480d911ff61225acc745510816fe1fd21a4d80f2d8ccc68b0482b9","170a237345e5767cd4dd4d84b5b777eec2a466982007389a3b0014ea9f631e46","18d82eb444dd427953ad3bf5dcb5aeb8913d785320009891dd0e71500a07626e","19a00488730bc7785390df8887b925f58aa649defbeed9b4ed27a66d5f8b3359","1e716acec0f8c78445db489b74b7c3ff027181e332377773f11530a7669f9693","1e7785fad31758029e909c287e5f1798639ec48d4431a45a12b6701cd6e33270","1f9f707123e3bb6988741a85e436d229f4c390af717949f7ef1f5257cb993e55","1fd2972d72dfbc8b2b0c6bc7c43e3389e67d2bad651cca2583f4f4c7fa443fd1","23b0b54d1383b9ac94376ea8bbaf0b300cefab64ee61053b50c8553a4a7ad93d","24c8911a23d4397065614ea4d408b3a67226b8a27f8b08ede937d70ddf98cb98","28cd723b82855c9010ddf9a5b23938a4e4aa247d8634c2726a57b450a30d4273","2c9b999f3cb82c127bd9bad395dc73304bbddc1015de617cae367dc749e24703","2f06e10b7dbdad33adbdbad7411c1fb31924d183ae29d7a5e1eb9bba256edcc8","3301f2b58611f44949aa360520806090aeabd3eb88cfbddce254579ff7966e04","366effe5cdcdb1a27d7ded62d1bad9e75ec4be18e6315134208c076b5e73df32","368e1391adb5f1c558033a5eb1436fc16661924e7016b56d94dc19defc21d9e3","3a45d80180a157ec0aa70298d5eef0cbc13740fcf6323f705bfc10525cb217a8","3e6642f7100bb72137d68b5aa34a2d1f1a75722ab7d2b15987bbdeb84bc3265e","3e6f8a670eb5507fb32d99c8e2ee8ac3dd3a03312793a3ce2c1cbb6eb69e3fd6","4237fb3fe85bf5f0c3c19c45ae85f76d0c527cb5d531736a1430f6f8eb10e54a","43eacfea81d9b80b7ff71ea949b4ef0f9267f833e7b8b3542c82407fdf9f0a3f","4404ab406750312cdabb565b04500d9b94be2e80894d9b5b869e45daf994acfd","470d98bde49951ecc819033f47492bbfc87be5767c5820e9f3190a4b8151c5a5","495897a0e9d55bbd06884df8b9b7c15d9c398e825538d7a235cbfb7d75d4b99e","49735d3992131f165199287d0b5997dfa8e035a10177ea556e957d3cac7a1cb4","4cd7c54d51ada797e7e762ffac350136a63af9bdc09ee752b471db33958f002a","4cfa85c4c0f8f87d50db5aad247599d099816582e67bdff21877af254f3e52de","50918cfa5bb81e63c0e6fbcd744f371e5146fa5ed4e9c2bfa05eff7b6b4af2de","54595cdde8ac9332adc78143051b3cebd29e564b3f3ba7a390847dd6a30ac9b0","55f3a969a56a2abde560a4d6997575a957527a8f4c1993bc2607162282e5265f","5ab8a17246063f43e04f124c842427a9413d086796c1fd5e9d46917b308f5e74","5ccdc48357a287efbf61754f092e9ef24718b9d1099883eda90b2b93f6d94ebc","5cf2e959a847aec8f88ae72498de80f943385f2a82f06cf7bb71d12c5b49d2b9","5eeb62aa52a36d263ab636ca89ff9d2b208c49aa7da6f2d9053364fa7e970f96","6083df167c2c313759ad4885919f556172343bc787f28780429e7272ff7a05da","60ee569d82800e734e8202fb63118174d7ef7cdf75c078f0ceb19d5d80975f56","62afa3a8d6a4c924491c2897acc4ba6fa053108ecc54d8c97503ed2aaa58e2c0","675fc1d5e9a46f083a088ba32815eb191464ee29ecedc4b50b7ab577597844aa","67a6c50a05b7eabf847559671c95f011a534395e4c84eb9e3b1ad3a7cf072187","6b143ed5a1c3865302656c7efa3b4f4806ae208fd995167617bcc49677601d13","6c86bdd53a414f6522501d54738ca618f8dfccb4c31ad80618aad4934f1aecc5","6dd66394b84e9e5696fe0b6c72825ecddb40d24707784c6d499398dee18cb50d","707d9cf7b6c65e87d3b3d656f9643371b5ff629db8bac714a252c41988b83306","749e45ffd6abdd0c7e9217242d20c486c84527759548420cbe66f9ad0445e9fa","76d79d6ed1c7aacb7c6fce4136a67d3495c99bfca3f2eb03678c277263dba74c","7aa4e2b65495e6e77069a6c211fab7a64db0373ff2c6492fa0177f5edce43389","7e3015b04d355414d86c2a2124380d31d5f11b7b5996acb081b6f8a8fca0ee45","7f23b1ad84caae1102f06614550b1911691445ed7ffd1790208984fc5c37d441")

    Detection Query 6

    sha256hash IN 

("813cbee9920207ad9683a367b90ccd92821ac761453e3a2e18bb68af74c457dd","82f9a9e5d6837b58bed5f8f8571afc31b570a5d2db6befe3459b09f161114e37","84702a49d1fecf7a4267701c105a714d34250e3c31ec2495660edeac53f54ceb","8dc7fbdfac755d60ce05b1c223c174ba13abd78eb01aa538b37c0b812ece3aa5","8e6c2886d27ae580561350564d94625f0151ad0ae5b64c0a58ffce8ffeb01ffa","8e761990bd71d47cdb207f1492a9e4ade71ad95c1eaed69a3826e9ee5b74306a","93769b51b829c4aa014a10179e40ff91492dbb70986d2b0af8b86901a4fae25c","9793a21d1a2074106d2123fdf40c23a57aab35f7f0afe2eb254d888fc5abe5f9","97dc03d1700efcffed27aad93ec05b36a404a6919f93f6c60e95e5c4a9d65cd9","9bd724fbb3e9c42122711c756c27fd8ceaf01f48e5d59a8935f4b67fb8246b3c","9c843456235244f095b5e021ca82e4805cd94ac732ae8b7a35a021f18117637c","a2da8a89a8ecc2651f242c68c2e332a1391f4aa535fb1336123898d8cc6050dc","a5a396bad1ea1b656780b72200bb7ec8fec12cb0694be2b8943ac40e138cf09a","a71beab2c962f82db197b85a490c8f7ab82d8bb1a861b85f95635cca10223fcc","acbb983043b2caf0a96657216843a985a11622ce7480c3e508c7c86f5bbf5f3c","af5d3982301079392cdbc9a49380bee3263bf4d2880764663b1ee5282fe1f268","b0507186720c3648901c7d0fdb6e6a2c49d26e337de269e297a218405972db87","b42cdcccb051d01c545545fd81495973fdd758c7d5b7faa5d7dd3fa98f31c173","b61015f0bd80498627928ee270e0a0e604b52998ff943254072241748c708c39","b66667a5aa484226944052ab945d3dc99a7a67dfb5a2942dc9d84371ce752438","ba23ee91a54d3da0e2142a90def9ea6ead953621fdbb2c9a568ab68247993b90","ba4e57be7998467a7fb5471ea6e6d5ee9d6233de96bf2699efe9e8c45b21b039","bd25e7c40ce4856973e988f5e86804ad945191ecce1c095b3ac354101870e5e5","bfa0cd295ca0f66b7a1a1d30b7e9923d8de1bd2191dfe73b16b7a31d6e737165","c04095e017a0f3911c40181c5175e5f50f5aff5e3ece9287a4df7a699599db6c","c3d4945052a644bbf7ce41cbb910d2510c85cdee783922441ce0aa627eb7c233","c6c5b09801e1b072f9fc1c0ae1bda204137be1d194eb6187f5f1948543dced4a","c721fa91cec61b7b29078a1c68ff58d90f2f321c882bd60e3823d57ab470277a","c8d0bbcfda19f38c51dd772e5457b60ff59eb028799dca1fe4ce5d72b281b452","cb4aa6105938c53f9f2b2f8e6f5f36bfe96419c56e73cdee53d48f4c393379f4","ce8901205463e35b57a5429767515611490c65aad8499cadd3e75f08fc420e61","d2b4c65b6c4d7085f6362ccdde01c0e5801393ccfd27d3ee1883b23e61d49921","d3231042d20e7e02069279a9470ede4daddf70137cf1122550e4bdc354ba1473","d5c70041e09a2304f4b9fe55ff804d72947e3bfa22b200312d2eae1ca60423bf","d622b2d8d7d33bcc427ced8f3dc2f0458c60131190d401070bc3de8fb3bc5786","d7cc9dcc8ae28fc65fe7ca41441231501c455dd6e6f2311ffbc8ca6d134f5ac7","dae577c72041d51f181eeb6f2006c96a426ef2814b73252d089d7826c3ae4812","daf3764587bb8a9fe64c03699faf852107df6e9abc840b30be4fee77eddd7da7","dcf90d69b4a83839e6b741986745c373a2c386a1a5518cab19133fda1f7f6e16","de36e0af9cd7e32d781be2ab937a7dca33a9f93dcbecd06ff944641e5196c51f","e0bff837ffc9cdaeadec0987da697923356ff7134ddef075325fedfe0f4c910c","e1431911ef43d4af90f89b0adfdccea150bbcd0fd0eb57907878ec5c4573038c","e2f48a73e05008fdc0391d8f982cfb44c3b8eca591377179bb53059879fd1430","e6fe3b4fadb70e524e14f05582fbcf5109a1c9e77160a89078d4d6eb09a8a667","e9b07ed4490fea74cf5b0bb98bbe1f3d0262f68f3df3bf32ab2df978a1005969","ea9d43358580e77ba214782691e1d2a4a258efc5c22a9e9dd526aa0649419ba0","ec8344a4125b21078498e0eece9384d98601f07f2a5b59d063dad7688102fd1d","ee11fbe9cc5f57380f27c7fb2b17e5b4e7b0ec6cd1449d3860a5e8902c13ac2c","ee231cb499908ddca8cba88cd674f9e30931457363eec6100734363772005548","efd4e822643307b72a269f9ea51936254e89a608dbf0434aff36dc244def73b7","efdc724800be5d9872770cb1dd346815b4feb534a256b44d43dfc8b72488f05d","f3c880591e06396f588d5b45c599ba6aef1aae4065d0d55b3560e3547242b697","f5fa9ef14b3deaafb1eb040bac64eb4945bae4795723bdfef6a43a04339f70ba","f63faeb1bc31fd54621fb2fbcf5430682af5a97e17ae97b4363c42643072b8b0","fa21fa9b327cab8e4d615ab196b9da0156e5ebadf9fa7f7af2da83dbed1067fc","fb26dcd89930afef0012125087704a3564d8ef0a37c3c6c021b42071ad273ceb","fb93b35a327f72fbda95a1f785e658a938fe86086f232b3781333551742e1641","fd65a36e69c42ab79d3511669560c83de0aad638a178029363aff56afe144911")

    Reference: 

    https://unit42.paloaltonetworks.com/packer-as-a-service-heartcrypt-malware/     


    Tags

    MalwareHeartCrypt.NET PayloadsPaaS

    « Previous ArticleNext Article »

    Comments

    No records to display

    Looking for Something?
    Threat Research Categories:
    Tags

    Privacy & Security StatementTerms & Conditions
    Copyright © 2024 by Gurucul - All rights reserved.