sublime_merge_build_2102_x64_setup.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
|
|
|
Filetype: |
PE32 executable (GUI) Intel 80386, for MS Windows
|
Entropy: |
7.9994657609749416
|
Filename: |
sublime_merge_build_2102_x64_setup.exe
|
Filesize: |
21157552
|
MD5: |
07a6a63881bbc088301557e1b15bf514
|
SHA1: |
e63de9996f0d5e5674231d430dac5571ee63fd8c
|
SHA256: |
c6709748daf2c11f7491aee8af9d480f853fc6c025c5ea99a3ecf7f7386b5d90
|
SHA512: |
4332d40bbcc7281c1f59bc238bfa2830b52a31a8700a86b459d2de4ad8815de427f31bece2b1f954db909708871e30db8a7ff8407e263fc426e78716b9ff2c32
|
SSDEEP: |
393216:/RbcLnWolxz6oIZVKAau9dFA9NQzcZya4mEUg68WemPrndpIX:NwhhIZVKu/FA8zcd4K8WJjnoX
|
Preview: |
MZP.....................@...............................................!..L.!..This program must be run under Win32..$7.......................................................................................................................................
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Sample file is different than original file name gathered from version info |
System Summary |
|
Uses 32bit PE files |
Compliance, System Summary |
|
Creates temporary files |
System Summary |
|
Disables application error messsages (SetErrorMode) |
Hooking and other Techniques for Hiding and Protection |
|
Parts of this applications are using Borland Delphi (Probably coded in Delphi) |
System Summary |
|
Reads software policies |
System Summary |
|
Sample might require command line arguments |
System Summary |
Command and Scripting Interpreter
|
Sample reads its own file content |
System Summary |
|
Tries to load missing DLLs |
System Summary |
|
Contains modern PE file flags such as dynamic base (ASLR) or NX |
Compliance, System Summary |
|
PE / OLE file has a valid certificate |
Compliance, System Summary |
|
Submission file is bigger than most known malware samples |
System Summary |
|
|
C:\Program Files\Sublime Merge\Git\LICENSE.txt (copy)
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\LICENSE.txt (copy)
|
Category: |
dropped
|
Dump: |
is-HBUNN.tmp.4.dr
|
ID: |
dr_456
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text, with CRLF line terminators
|
Entropy: |
4.742261954846451
|
Encrypted: |
false
|
Ssdeep: |
384:vhj2PmwERb6k/iAVX/dUY2ZpEGMOZ77o0UDqHZ:vh6un1iYWrTXo0UDqHZ
|
Size: |
19125
|
Whitelisted: |
true
|
Reputation: |
low
|
|
C:\Program Files\Sublime Merge\Git\cmd\git.exe (copy)
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\cmd\git.exe (copy)
|
Category: |
dropped
|
Dump: |
is-1PISR.tmp.4.dr
|
ID: |
dr_457
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
6.202318322434022
|
Encrypted: |
false
|
Ssdeep: |
768:j5M7jhFYZFkOOjh3rGjgWBM/T/uWTsYWNyiRZ:tM/haZFkO6h3q0/T/uWTsrNyi7
|
Size: |
45104
|
Whitelisted: |
false
|
Reputation: |
low
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\cmd\is-1PISR.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\cmd\is-1PISR.tmp
|
Category: |
dropped
|
Dump: |
is-1PISR.tmp.4.dr
|
ID: |
dr_321
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
6.202318322434022
|
Encrypted: |
false
|
Ssdeep: |
768:j5M7jhFYZFkOOjh3rGjgWBM/T/uWTsYWNyiRZ:tM/haZFkO6h3q0/T/uWTsrNyi7
|
Size: |
45104
|
Whitelisted: |
false
|
Reputation: |
low
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\cmd\is-438NM.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\cmd\is-438NM.tmp
|
Category: |
dropped
|
Dump: |
is-438NM.tmp.4.dr
|
ID: |
dr_322
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
6.202318322434022
|
Encrypted: |
false
|
Ssdeep: |
768:j5M7jhFYZFkOOjh3rGjgWBM/T/uWTsYWNyiRZ:tM/haZFkO6h3q0/T/uWTsrNyi7
|
Size: |
45104
|
Whitelisted: |
false
|
Reputation: |
low
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\cmd\scalar.exe (copy)
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\cmd\scalar.exe (copy)
|
Category: |
dropped
|
Dump: |
is-438NM.tmp.4.dr
|
ID: |
dr_458
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
6.202318322434022
|
Encrypted: |
false
|
Ssdeep: |
768:j5M7jhFYZFkOOjh3rGjgWBM/T/uWTsYWNyiRZ:tM/haZFkO6h3q0/T/uWTsrNyi7
|
Size: |
45104
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\etc\bash.bash_logout (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\etc\bash.bash_logout (copy)
|
Category: |
dropped
|
Dump: |
is-FA11N.tmp.4.dr
|
ID: |
dr_460
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.746276004025079
|
Encrypted: |
false
|
Ssdeep: |
12:lw96vezUztT4smO6cgZqTbVkvFCXYCNN86uTAR9IPcVO9tM2D6rl:Rve2tThmO7gZqTbV6MXYgC6m0OcVO9xQ
|
Size: |
623
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\etc\bash.bashrc (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\etc\bash.bashrc (copy)
|
Category: |
dropped
|
Dump: |
is-6OJ45.tmp.4.dr
|
ID: |
dr_459
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.157387782293846
|
Encrypted: |
false
|
Ssdeep: |
48:RTmQPYgNm0B0ALEj5ZcThCWOBHwIyoT8KiaO2l6SS1MN/7YdnlG5g:V910UMAT4WOdwIySlO8S16He
|
Size: |
2497
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\etc\fstab (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\etc\fstab (copy)
|
Category: |
dropped
|
Dump: |
is-FAGHN.tmp.4.dr
|
ID: |
dr_461
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.954661371672202
|
Encrypted: |
false
|
Ssdeep: |
6:SD94RxQGylH2f8wuquII2lrMCJMQYWHB/J+IW2cRI/IvHQ/J+Z:CeR2Gy948wuz12lMCJMleBorzIwHQoZ
|
Size: |
272
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\etc\gitattributes (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\etc\gitattributes (copy)
|
Category: |
dropped
|
Dump: |
is-3VNF0.tmp.4.dr
|
ID: |
dr_462
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.333310138494418
|
Encrypted: |
false
|
Ssdeep: |
6:ii78Ev78YEi78KNv78mi78E6z78RJDv78wi78Rsi78cY78RMwi78jeb7Zz7wY7mk:jY/bDxeADMC6OBPy
|
Size: |
515
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\etc\gitconfig (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\etc\gitconfig (copy)
|
Category: |
dropped
|
Dump: |
is-CT13K.tmp.4.dr
|
ID: |
dr_463
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.883029220253627
|
Encrypted: |
false
|
Ssdeep: |
12:GrEE/VK5SMiHxM94TkP6wdgGzoU0OpPFDqF+pFAMK5CsFBkPFeyYazgBoLA8eP33:GQE/U5SMiHYpKioU0mPF2FAF/K53/cFW
|
Size: |
614
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\etc\is-3VNF0.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\etc\is-3VNF0.tmp
|
Category: |
dropped
|
Dump: |
is-3VNF0.tmp.4.dr
|
ID: |
dr_326
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.333310138494418
|
Encrypted: |
false
|
Ssdeep: |
6:ii78Ev78YEi78KNv78mi78E6z78RJDv78wi78Rsi78cY78RMwi78jeb7Zz7wY7mk:jY/bDxeADMC6OBPy
|
Size: |
515
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\etc\is-47D1C.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\etc\is-47D1C.tmp
|
Category: |
dropped
|
Dump: |
is-47D1C.tmp.4.dr
|
ID: |
dr_352
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.37911097399695
|
Encrypted: |
false
|
Ssdeep: |
96:V91aD/UnG1RVw6ZzBhjXGQH9ck3PXGhdpJvL1tLt4rsBCOq7/z/+Wzf6YY0919/C:PUD/UkFDTmpztLtYMY5z/hV87Rd
|
Size: |
6638
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\etc\is-6OJ45.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\etc\is-6OJ45.tmp
|
Category: |
dropped
|
Dump: |
is-6OJ45.tmp.4.dr
|
ID: |
dr_323
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.157387782293846
|
Encrypted: |
false
|
Ssdeep: |
48:RTmQPYgNm0B0ALEj5ZcThCWOBHwIyoT8KiaO2l6SS1MN/7YdnlG5g:V910UMAT4WOdwIySlO8S16He
|
Size: |
2497
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\etc\is-CT13K.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\etc\is-CT13K.tmp
|
Category: |
dropped
|
Dump: |
is-CT13K.tmp.4.dr
|
ID: |
dr_347
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.883029220253627
|
Encrypted: |
false
|
Ssdeep: |
12:GrEE/VK5SMiHxM94TkP6wdgGzoU0OpPFDqF+pFAMK5CsFBkPFeyYazgBoLA8eP33:GQE/U5SMiHYpKioU0mPF2FAF/K53/cFW
|
Size: |
614
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\etc\is-DH7A7.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\etc\is-DH7A7.tmp
|
Category: |
dropped
|
Dump: |
is-DH7A7.tmp.4.dr
|
ID: |
dr_349
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.1451794540862075
|
Encrypted: |
false
|
Ssdeep: |
48:Ch7QasHuUBFSrNV/NrcKbrcKx/prcK8XfJR4r1/arKI:EQfOUBFSpVVxPheJaZCuI
|
Size: |
3167
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\etc\is-E988F.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\etc\is-E988F.tmp
|
Category: |
dropped
|
Dump: |
is-E988F.tmp.4.dr
|
ID: |
dr_350
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.471641091506821
|
Encrypted: |
false
|
Ssdeep: |
6:SM7SjNWzF2KA6FyX3qmK9F0SY/A1JS4wGNCLCSjn:dI2YkQqmeF09/AfwWCLp
|
Size: |
211
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\etc\is-EJFU3.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\etc\is-EJFU3.tmp
|
Category: |
dropped
|
Dump: |
is-EJFU3.tmp.4.dr
|
ID: |
dr_351
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.807606311258723
|
Encrypted: |
false
|
Ssdeep: |
24:J6G13wnjGqYwdfwjhfK+Q5bG9U0iQ3PnUGf7s:Jt6GqY8oNfKn49Qx2s
|
Size: |
1350
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\etc\is-EPSM0.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\etc\is-EPSM0.tmp
|
Category: |
dropped
|
Dump: |
is-EPSM0.tmp.4.dr
|
ID: |
dr_348
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.326203209708842
|
Encrypted: |
false
|
Ssdeep: |
6:OAAgsq3uAAl+dAuAA0QuAAR+6uAARWvIsuAA67e6uAAI6uAA0OuAA0EX0s:v/N6b/embmovxeYfYdEBe
|
Size: |
392
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\etc\is-FA11N.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\etc\is-FA11N.tmp
|
Category: |
dropped
|
Dump: |
is-FA11N.tmp.4.dr
|
ID: |
dr_324
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.746276004025079
|
Encrypted: |
false
|
Ssdeep: |
12:lw96vezUztT4smO6cgZqTbVkvFCXYCNN86uTAR9IPcVO9tM2D6rl:Rve2tThmO7gZqTbV6MXYgC6m0OcVO9xQ
|
Size: |
623
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\etc\is-FAGHN.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\etc\is-FAGHN.tmp
|
Category: |
dropped
|
Dump: |
is-FAGHN.tmp.4.dr
|
ID: |
dr_325
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.954661371672202
|
Encrypted: |
false
|
Ssdeep: |
6:SD94RxQGylH2f8wuquII2lrMCJMQYWHB/J+IW2cRI/IvHQ/J+Z:CeR2Gy948wuz12lMCJMleBorzIwHQoZ
|
Size: |
272
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\etc\libexec-moved.txt (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\etc\libexec-moved.txt (copy)
|
Category: |
dropped
|
Dump: |
is-EPSM0.tmp.4.dr
|
ID: |
dr_464
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.326203209708842
|
Encrypted: |
false
|
Ssdeep: |
6:OAAgsq3uAAl+dAuAA0QuAAR+6uAARWvIsuAA67e6uAAI6uAA0OuAA0EX0s:v/N6b/embmovxeYfYdEBe
|
Size: |
392
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\etc\msystem (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\etc\msystem (copy)
|
Category: |
dropped
|
Dump: |
is-DH7A7.tmp.4.dr
|
ID: |
dr_465
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.1451794540862075
|
Encrypted: |
false
|
Ssdeep: |
48:Ch7QasHuUBFSrNV/NrcKbrcKx/prcK8XfJR4r1/arKI:EQfOUBFSpVVxPheJaZCuI
|
Size: |
3167
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\etc\nsswitch.conf (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\etc\nsswitch.conf (copy)
|
Category: |
dropped
|
Dump: |
is-E988F.tmp.4.dr
|
ID: |
dr_466
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.471641091506821
|
Encrypted: |
false
|
Ssdeep: |
6:SM7SjNWzF2KA6FyX3qmK9F0SY/A1JS4wGNCLCSjn:dI2YkQqmeF09/AfwWCLp
|
Size: |
211
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\etc\package-versions.txt (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\etc\package-versions.txt (copy)
|
Category: |
dropped
|
Dump: |
is-EJFU3.tmp.4.dr
|
ID: |
dr_467
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.807606311258723
|
Encrypted: |
false
|
Ssdeep: |
24:J6G13wnjGqYwdfwjhfK+Q5bG9U0iQ3PnUGf7s:Jt6GqY8oNfKn49Qx2s
|
Size: |
1350
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\etc\post-install\99-post-install-cleanup.post (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\etc\post-install\99-post-install-cleanup.post (copy)
|
Category: |
dropped
|
Dump: |
is-MDO63.tmp.4.dr
|
ID: |
dr_469
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.597904822196561
|
Encrypted: |
false
|
Ssdeep: |
6:SH4b0IkQLeivXrTMx+3RgOXFVvr23h6ChtIGuMCn:X0ILeivrTMo3TXFVsE2tIR
|
Size: |
204
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\etc\post-install\is-MDO63.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\etc\post-install\is-MDO63.tmp
|
Category: |
dropped
|
Dump: |
is-MDO63.tmp.4.dr
|
ID: |
dr_353
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.597904822196561
|
Encrypted: |
false
|
Ssdeep: |
6:SH4b0IkQLeivXrTMx+3RgOXFVvr23h6ChtIGuMCn:X0ILeivrTMo3TXFVsE2tIR
|
Size: |
204
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\etc\profile (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\etc\profile (copy)
|
Category: |
dropped
|
Dump: |
is-47D1C.tmp.4.dr
|
ID: |
dr_468
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.37911097399695
|
Encrypted: |
false
|
Ssdeep: |
96:V91aD/UnG1RVw6ZzBhjXGQH9ck3PXGhdpJvL1tLt4rsBCOq7/z/+Wzf6YY0919/C:PUD/UkFDTmpztLtYMY5z/hV87Rd
|
Size: |
6638
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\etc\profile.d\bash_profile.sh (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\etc\profile.d\bash_profile.sh (copy)
|
Category: |
dropped
|
Dump: |
is-1NO2U.tmp.4.dr
|
ID: |
dr_470
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.938250518497746
|
Encrypted: |
false
|
Ssdeep: |
12:sx2KABJFuLcxKCxylJsEGoCSlf1SxSrS2W3CRQbpx6XkUYgmJxtjC+2rhvwAsf6:m2bBJFueKAuJsEjXmSrSiQW/YgmHZCzb
|
Size: |
515
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\etc\profile.d\is-1NO2U.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\etc\profile.d\is-1NO2U.tmp
|
Category: |
dropped
|
Dump: |
is-1NO2U.tmp.4.dr
|
ID: |
dr_354
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.938250518497746
|
Encrypted: |
false
|
Ssdeep: |
12:sx2KABJFuLcxKCxylJsEGoCSlf1SxSrS2W3CRQbpx6XkUYgmJxtjC+2rhvwAsf6:m2bBJFueKAuJsEjXmSrSiQW/YgmHZCzb
|
Size: |
515
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\etc\profile.d\is-DA8DB.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\etc\profile.d\is-DA8DB.tmp
|
Category: |
dropped
|
Dump: |
is-DA8DB.tmp.4.dr
|
ID: |
dr_355
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.889863916467565
|
Encrypted: |
false
|
Ssdeep: |
24:Rve2tThmO7gZqTbV6MXYgC6m0IUVbI/BZRC8T9nJ1LVOo5NxEv:RTmQPYgNm0Ja/pCOzX5NxEv
|
Size: |
828
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\etc\profile.d\lang.sh (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\etc\profile.d\lang.sh (copy)
|
Category: |
dropped
|
Dump: |
is-DA8DB.tmp.4.dr
|
ID: |
dr_471
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.889863916467565
|
Encrypted: |
false
|
Ssdeep: |
24:Rve2tThmO7gZqTbV6MXYgC6m0IUVbI/BZRC8T9nJ1LVOo5NxEv:RTmQPYgNm0Ja/pCOzX5NxEv
|
Size: |
828
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\etc\ssh\is-EMRH3.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\etc\ssh\is-EMRH3.tmp
|
Category: |
dropped
|
Dump: |
is-EMRH3.tmp.4.dr
|
ID: |
dr_368
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.97058812911328
|
Encrypted: |
false
|
Ssdeep: |
24:1wrRJvHwkROlnbUk6oPf2Gd16OEwOkkIL9ILe1LFLm+IUewLxMRkwOIwYRYoRqj4:1g/wkIJ6S16FwVk8zxuwLxmkZYft
|
Size: |
1746
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\etc\ssh\is-LBM4J.tmp
|
ASCII text, with very long lines (798)
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\etc\ssh\is-LBM4J.tmp
|
Category: |
dropped
|
Dump: |
is-LBM4J.tmp.4.dr
|
ID: |
dr_356
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text, with very long lines (798)
|
Entropy: |
4.031476270089709
|
Encrypted: |
false
|
Ssdeep: |
6144:z1LuP9Mw3K4x9sCnhwFnSzqVY4L64bV3+:A
|
Size: |
538380
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\etc\ssh\is-NMF94.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\etc\ssh\is-NMF94.tmp
|
Category: |
dropped
|
Dump: |
is-NMF94.tmp.4.dr
|
ID: |
dr_367
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.967777015396699
|
Encrypted: |
false
|
Ssdeep: |
48:jQhfhoGhsz5XixWEuab0IHUk2ROCWCJMJK2fgCIQdfoV3hkA6FDTz9UOqSD6U2i0:kmVg2RYOMJJfsefq3hjkXZbqSOubt9M
|
Size: |
3115
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\etc\ssh\moduli (copy)
|
ASCII text, with very long lines (798)
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\etc\ssh\moduli (copy)
|
Category: |
dropped
|
Dump: |
is-LBM4J.tmp.4.dr
|
ID: |
dr_472
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text, with very long lines (798)
|
Entropy: |
4.031476270089709
|
Encrypted: |
false
|
Ssdeep: |
6144:z1LuP9Mw3K4x9sCnhwFnSzqVY4L64bV3+:A
|
Size: |
538380
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\etc\ssh\ssh_config (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\etc\ssh\ssh_config (copy)
|
Category: |
dropped
|
Dump: |
is-EMRH3.tmp.4.dr
|
ID: |
dr_474
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.97058812911328
|
Encrypted: |
false
|
Ssdeep: |
24:1wrRJvHwkROlnbUk6oPf2Gd16OEwOkkIL9ILe1LFLm+IUewLxMRkwOIwYRYoRqj4:1g/wkIJ6S16FwVk8zxuwLxmkZYft
|
Size: |
1746
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\etc\ssh\sshd_config (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\etc\ssh\sshd_config (copy)
|
Category: |
dropped
|
Dump: |
is-NMF94.tmp.4.dr
|
ID: |
dr_473
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.967777015396699
|
Encrypted: |
false
|
Ssdeep: |
48:jQhfhoGhsz5XixWEuab0IHUk2ROCWCJMJK2fgCIQdfoV3hkA6FDTz9UOqSD6U2i0:kmVg2RYOMJJfsefq3hjkXZbqSOubt9M
|
Size: |
3115
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\is-HBUNN.tmp
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\is-HBUNN.tmp
|
Category: |
dropped
|
Dump: |
is-HBUNN.tmp.4.dr
|
ID: |
dr_320
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text, with CRLF line terminators
|
Entropy: |
4.742261954846451
|
Encrypted: |
false
|
Ssdeep: |
384:vhj2PmwERb6k/iAVX/dUY2ZpEGMOZ77o0UDqHZ:vh6un1iYWrTXo0UDqHZ
|
Size: |
19125
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\Atlassian.Bitbucket.UI.Shared.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\Atlassian.Bitbucket.UI.Shared.dll (copy)
|
Category: |
dropped
|
Dump: |
is-SIKPM.tmp.4.dr
|
ID: |
dr_478
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
6.489387654171536
|
Encrypted: |
false
|
Ssdeep: |
384:F/Qc8JcaNrchegrWW3kwpfPLQY5UDyPs7HRN7qkGER9z1p3k:F/QcYZY5UWPYq+9zLk
|
Size: |
22928
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\Atlassian.Bitbucket.UI.exe (copy)
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\Atlassian.Bitbucket.UI.exe (copy)
|
Category: |
dropped
|
Dump: |
is-KLAKC.tmp.4.dr
|
ID: |
dr_476
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
7.105392350830022
|
Encrypted: |
false
|
Ssdeep: |
768:IKuWRiylHCnslmD60v616iCr4zUBBFYqi+gUW9zJ:IKtiylHCnslG6V16iK4zUBBFYV+glzJ
|
Size: |
43408
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\Atlassian.Bitbucket.UI.exe.config (copy)
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\Atlassian.Bitbucket.UI.exe.config (copy)
|
Category: |
dropped
|
Dump: |
is-111R2.tmp.4.dr
|
ID: |
dr_477
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
XML 1.0 document, ASCII text, with CRLF line terminators
|
Entropy: |
5.068442854404258
|
Encrypted: |
false
|
Ssdeep: |
12:TMHdG3VOcrg9LNFF7ap+5r7qf/2/+tR8FicYo4xT:2dErSPF7NruH2/+m9y
|
Size: |
538
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\Atlassian.Bitbucket.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\Atlassian.Bitbucket.dll (copy)
|
Category: |
dropped
|
Dump: |
is-E69F3.tmp.4.dr
|
ID: |
dr_475
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
6.002109659247999
|
Encrypted: |
false
|
Ssdeep: |
1536:SSUBk7XSZ959k9z8BY9vF2wfnk3AKmPEkZNdjz1:I7fBY5M3AK3kZNh5
|
Size: |
71056
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\GitHub.UI.Shared.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\GitHub.UI.Shared.dll (copy)
|
Category: |
dropped
|
Dump: |
is-NP3PJ.tmp.4.dr
|
ID: |
dr_506
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
6.240798839344625
|
Encrypted: |
false
|
Ssdeep: |
768:UHl63sNnsJElwtuvaEsd2BuTY7zi50Zi9zuuy:yxsJElwYPtrzezu/
|
Size: |
30112
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\GitHub.UI.exe (copy)
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\GitHub.UI.exe (copy)
|
Category: |
dropped
|
Dump: |
is-U4AQ2.tmp.4.dr
|
ID: |
dr_504
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
6.417983838078476
|
Encrypted: |
false
|
Ssdeep: |
768:S4BHPVt8yryPTiKKfghd8gwVjWWVbFKtpD8iwIw//udK+mlUW9zJ:S4B9tPryPTiKKdjWWVbFKtpD85nH+ml7
|
Size: |
46992
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\GitHub.UI.exe.config (copy)
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\GitHub.UI.exe.config (copy)
|
Category: |
dropped
|
Dump: |
is-51TCE.tmp.4.dr
|
ID: |
dr_505
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
XML 1.0 document, ASCII text, with CRLF line terminators
|
Entropy: |
5.068442854404258
|
Encrypted: |
false
|
Ssdeep: |
12:TMHdG3VOcrg9LNFF7ap+5r7qf/2/+tR8FicYo4xT:2dErSPF7NruH2/+m9y
|
Size: |
538
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\GitHub.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\GitHub.dll (copy)
|
Category: |
dropped
|
Dump: |
is-26HCQ.tmp.4.dr
|
ID: |
dr_503
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
6.433825533346776
|
Encrypted: |
false
|
Ssdeep: |
1536:Nd96GDxg3Wzudk1nuSvxV/wLOSXLOSgvNQz2b:j9/xg3Wzudk1nuoxpwdKvaCb
|
Size: |
86416
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\GitLab.UI.Shared.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\GitLab.UI.Shared.dll (copy)
|
Category: |
dropped
|
Dump: |
is-OIQ8R.tmp.4.dr
|
ID: |
dr_510
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
6.381257257698264
|
Encrypted: |
false
|
Ssdeep: |
768:9bmOK9pEhKuqZHtmB+D4TwnU50Zi9zugI:ieKLSDwn8zuN
|
Size: |
24992
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\GitLab.UI.exe (copy)
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\GitLab.UI.exe (copy)
|
Category: |
dropped
|
Dump: |
is-JQGPF.tmp.4.dr
|
ID: |
dr_508
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
6.341050600172005
|
Encrypted: |
false
|
Ssdeep: |
768:NHQUnPPDbeyOxX9sNY28gqVnkzArF/2+w4wv/+tKGzO1X9z0U:NHQUfeyOxtsK28rkzArFOt33GzWz0U
|
Size: |
36752
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\GitLab.UI.exe.config (copy)
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\GitLab.UI.exe.config (copy)
|
Category: |
dropped
|
Dump: |
is-PERCF.tmp.4.dr
|
ID: |
dr_509
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
XML 1.0 document, ASCII text, with CRLF line terminators
|
Entropy: |
5.068442854404258
|
Encrypted: |
false
|
Ssdeep: |
12:TMHdG3VOcrg9LNFF7ap+5r7qf/2/+tR8FicYo4xT:2dErSPF7NruH2/+m9y
|
Size: |
538
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\GitLab.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\GitLab.dll (copy)
|
Category: |
dropped
|
Dump: |
is-KMRHN.tmp.4.dr
|
ID: |
dr_507
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
6.178683214999022
|
Encrypted: |
false
|
Ssdeep: |
768:L/38Dxi4W2FMHscm/LrWwzxOlauzzoWPMxQ+9zQ:L8D/W2FMHscmnWwzMv9UxNzQ
|
Size: |
40336
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\Microsoft.AzureRepos.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\Microsoft.AzureRepos.dll (copy)
|
Category: |
dropped
|
Dump: |
is-4D8BE.tmp.4.dr
|
ID: |
dr_528
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
5.957237156888996
|
Encrypted: |
false
|
Ssdeep: |
768:BlH1iQJmvSVJtl4FGME+uwMT+XSFJUmnPBFihuc0ZQm1xqNyIJcJ5iN3QSO+RYAy:BlH1i7S5l4LRMs8JzPmvMu6RJyVjzy
|
Size: |
62864
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\Microsoft.Identity.Client.Desktop.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\Microsoft.Identity.Client.Desktop.dll (copy)
|
Category: |
dropped
|
Dump: |
is-HCV5A.tmp.4.dr
|
ID: |
dr_529
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
6.028535757276779
|
Encrypted: |
false
|
Ssdeep: |
3072:jyAU2PqXYyxSOKt5wCRYNVcNj8ZYRaGtiL:eAU2PqJKt5zRYNVXl
|
Size: |
109456
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\Microsoft.Identity.Client.Extensions.Msal.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\Microsoft.Identity.Client.Extensions.Msal.dll (copy)
|
Category: |
dropped
|
Dump: |
is-1R73Q.tmp.4.dr
|
ID: |
dr_531
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
5.933424347612808
|
Encrypted: |
false
|
Ssdeep: |
1536:NWjQG6BbxGLtEJfODQ9ZKPplIR8d8zu6h:NWjAyL2JfODQ9Z+bIyavh
|
Size: |
63392
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\Microsoft.Identity.Client.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\Microsoft.Identity.Client.dll (copy)
|
Category: |
dropped
|
Dump: |
is-6AJ01.tmp.4.dr
|
ID: |
dr_530
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
5.843010413755538
|
Encrypted: |
false
|
Ssdeep: |
24576:Wkt3HKDRXng/KqDws15cXOIUcMPI6fMVknnoYOPMjvBindj8gD1PqqU:Wk8DR3e5MVkoYuMjvBindj8kQ
|
Size: |
1525136
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\Microsoft.Web.WebView2.Core.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\Microsoft.Web.WebView2.Core.dll (copy)
|
Category: |
dropped
|
Dump: |
is-T38E2.tmp.4.dr
|
ID: |
dr_532
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
5.7068427852569945
|
Encrypted: |
false
|
Ssdeep: |
6144:7BhgcA3PGtvqvTleY9pRFIEIECepM1SCpLzQs1hP1kIHZtW+6ZUqFWjf40adkwt6:7rgvu5wleY9pRFIEIECepM1SCpLzQs1v
|
Size: |
223136
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\Microsoft.Web.WebView2.WinForms.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\Microsoft.Web.WebView2.WinForms.dll (copy)
|
Category: |
dropped
|
Dump: |
is-5J6LF.tmp.4.dr
|
ID: |
dr_533
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
6.373710606746147
|
Encrypted: |
false
|
Ssdeep: |
768:ASBGtSyA9vDt4ZDgcUN5P4JVrsh2j3SvsuTv1JKa5/Zi/6LuifOzOv12WExCxNap:ASBGE9rt4ZDgcUN5P4JVrsa3Svsu71Jk
|
Size: |
33680
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\Microsoft.Web.WebView2.Wpf.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\Microsoft.Web.WebView2.Wpf.dll (copy)
|
Category: |
dropped
|
Dump: |
is-15RVN.tmp.4.dr
|
ID: |
dr_534
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
6.383780374578796
|
Encrypted: |
false
|
Ssdeep: |
768:6tGLItNnxekHaXK8YDPLryER0mBO4JVrWYh2j0AUE4kq7FKKa5/Bi/Wov4IigO/P:RcxepXK8YDPLryER0mBO4JVrWYa0AUEn
|
Size: |
37776
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\Newtonsoft.Json.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\Newtonsoft.Json.dll (copy)
|
Category: |
dropped
|
Dump: |
is-NV5DA.tmp.4.dr
|
ID: |
dr_535
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
5.94945157628604
|
Encrypted: |
false
|
Ssdeep: |
12288:N9BzaPm657wqehcZBLX+HK+kPJUQEKx07N0TCBGiBCjC0PDgM5j9FKjc3L:N8m657w6ZBLmkitKqBCjC0PDgM57
|
Size: |
704400
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\System.Buffers.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\System.Buffers.dll (copy)
|
Category: |
dropped
|
Dump: |
is-4ES5A.tmp.4.dr
|
ID: |
dr_539
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
6.548290131968704
|
Encrypted: |
false
|
Ssdeep: |
384:mrMdp9yXOfPfAxR5zwWvYW8aY7HRN7rnM8M8/fi/GR9zusw1yE:mrMcXP6/ZMufiC9zurP
|
Size: |
21920
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\System.CommandLine.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\System.CommandLine.dll (copy)
|
Category: |
dropped
|
Dump: |
is-GLVJH.tmp.4.dr
|
ID: |
dr_540
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
6.236648859044934
|
Encrypted: |
false
|
Ssdeep: |
6144:BiLsqw/3p6rmaj6M26KGm+ZeSv9CMaaheg:gLsLZ6rmaGMC8ekwMaxg
|
Size: |
216480
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\System.Memory.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\System.Memory.dll (copy)
|
Category: |
dropped
|
Dump: |
is-K106T.tmp.4.dr
|
ID: |
dr_541
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
6.140487458332229
|
Encrypted: |
false
|
Ssdeep: |
3072:nUGrszKKLBFa9DvrJGeesIf3afNs2AldfIr9:OBFd3/aFs2H
|
Size: |
142264
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\System.Numerics.Vectors.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\System.Numerics.Vectors.dll (copy)
|
Category: |
dropped
|
Dump: |
is-3HO4V.tmp.4.dr
|
ID: |
dr_542
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
5.48294913067712
|
Encrypted: |
false
|
Ssdeep: |
1536:fPOw0SUUKw+GbgjMV+fCY1UiiGZ6qetMXIAMZ2zstK/nIzN:fWw0SUUKBM8aOUiiGw7qa9tK/I
|
Size: |
110016
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\System.Runtime.CompilerServices.Unsafe.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\System.Runtime.CompilerServices.Unsafe.dll (copy)
|
Category: |
dropped
|
Dump: |
is-HB0DJ.tmp.4.dr
|
ID: |
dr_543
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
6.513074082336259
|
Encrypted: |
false
|
Ssdeep: |
384:MgGLROZAdWXYW8af7HRN79CxDNaiHR9zTBR3:MpLAV6o9CxNaix9zX3
|
Size: |
17808
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\WebView2Loader.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\WebView2Loader.dll (copy)
|
Category: |
dropped
|
Dump: |
is-TV4JT.tmp.4.dr
|
ID: |
dr_544
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
Entropy: |
6.491934097210258
|
Encrypted: |
false
|
Ssdeep: |
3072:9faNmI0CA8jgW7WXKn8uP7gst+/Nv2DqEtSinM381R:9acI0CSXK8uP7K/EtNnN1
|
Size: |
111552
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\blocked-file-util.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\blocked-file-util.exe (copy)
|
Category: |
dropped
|
Dump: |
is-B2M54.tmp.4.dr
|
ID: |
dr_479
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.8787941006975775
|
Encrypted: |
false
|
Ssdeep: |
768:f6k4K6Bk5ywAeNmbhGQcDg/UkJrGfdOeZrsmwQlAnbz3uMwv18QWfe9FKm4:H6BkkwAdNGQKg/zJrGfdOeBEnuP9Wf2K
|
Size: |
48442
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\brotli.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\brotli.exe (copy)
|
Category: |
dropped
|
Dump: |
is-45HPG.tmp.4.dr
|
ID: |
dr_480
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.015392053892209
|
Encrypted: |
false
|
Ssdeep: |
24576:vIx+o7srMsVHr53TUgLr+ceAmZfR2EAw3nTo3t:wsrMsVHr53T/rrGZ5To3t
|
Size: |
857752
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\gcmcore.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\gcmcore.dll (copy)
|
Category: |
dropped
|
Dump: |
is-OKC7K.tmp.4.dr
|
ID: |
dr_481
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
5.953619639852891
|
Encrypted: |
false
|
Ssdeep: |
6144:HTL3Urp47lmAOEDTjN9eumtASnzQMBUbVDeuy:z797lmAOEDTpTSnRuVeuy
|
Size: |
282016
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\gcmcoreui.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\gcmcoreui.dll (copy)
|
Category: |
dropped
|
Dump: |
is-EH9NG.tmp.4.dr
|
ID: |
dr_482
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
6.3783485065216174
|
Encrypted: |
false
|
Ssdeep: |
384:pP08GMIbYV7GduonEylbkQr3nBg5xgnSR+kNwtjatKmiEqyfMv7HRN7uE3X+R9zK:pPCbYJGdfvlMR9KmPrfMzNXi9zuLGo
|
Size: |
28064
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\gcmcoreuiwpf.dll (copy)
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\gcmcoreuiwpf.dll (copy)
|
Category: |
dropped
|
Dump: |
is-0H3L5.tmp.4.dr
|
ID: |
dr_483
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
6.471254862854224
|
Encrypted: |
false
|
Ssdeep: |
768:5dv0sPTKblW2AcneuHIGaIIYK43gB+E+9zJ:3v0sLKbU2ADuHIIHK4QB+xzJ
|
Size: |
38800
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\git-askpass.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\git-askpass.exe (copy)
|
Category: |
dropped
|
Dump: |
is-9IDGM.tmp.4.dr
|
ID: |
dr_484
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.875488972802848
|
Encrypted: |
false
|
Ssdeep: |
768:ckj+33kJRQhxHmeP7dR6UPQpaurLnFM2BmwzMU3DbwJinh5FWrnaFgm:li33kJRYmeP7/6UPQ8urLnDgorFWraFF
|
Size: |
46660
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\git-askyesno.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\git-askyesno.exe (copy)
|
Category: |
dropped
|
Dump: |
is-5JFUI.tmp.4.dr
|
ID: |
dr_485
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
4.9438185048193075
|
Encrypted: |
false
|
Ssdeep: |
384:trWUJXZwaJGn5SPrnkxdw3qW7bNCWkTaP:tj5e5Kzkxdw3q+0WkTaP
|
Size: |
19091
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\git-credential-helper-selector.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\git-credential-helper-selector.exe (copy)
|
Category: |
dropped
|
Dump: |
is-L9PP8.tmp.4.dr
|
ID: |
dr_486
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.816891923352627
|
Encrypted: |
false
|
Ssdeep: |
1536:Ek4OgqhykgKSq2H77WUPjrdrSLNkNnpjPOZ54mfSBN5:tLgKSq87aWqNkNwZ6pBN5
|
Size: |
63462
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\git-credential-manager-core.exe (copy)
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\git-credential-manager-core.exe (copy)
|
Category: |
dropped
|
Dump: |
is-SB78U.tmp.4.dr
|
ID: |
dr_487
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
5.644685814870386
|
Encrypted: |
false
|
Ssdeep: |
768:MpTwRRJIR6c9KX2aN6JetU9MjVQr1zO5peuEQ/lgZ5jy0W8H8280b4qiHlDn6K9d:Mp8S1aRNNJ7Ngjy0Lc2v4plDnXzA
|
Size: |
76704
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\git-credential-manager-core.exe.config (copy)
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\git-credential-manager-core.exe.config (copy)
|
Category: |
dropped
|
Dump: |
is-4U0AM.tmp.4.dr
|
ID: |
dr_488
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
XML 1.0 document, ASCII text, with CRLF line terminators
|
Entropy: |
5.068442854404258
|
Encrypted: |
false
|
Ssdeep: |
12:TMHdG3VOcrg9LNFF7ap+5r7qf/2/+tR8FicYo4xT:2dErSPF7NruH2/+m9y
|
Size: |
538
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\git-credential-manager-ui.exe (copy)
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\git-credential-manager-ui.exe (copy)
|
Category: |
dropped
|
Dump: |
is-7HHJL.tmp.4.dr
|
ID: |
dr_489
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
5.817922266167488
|
Encrypted: |
false
|
Ssdeep: |
768:Im22t2uBvIR6c9KXWaN6p+tU9MjVwr1zO5peuEQ/lpqZ5jy018HjW80bbh6it1XR:j22tvBw1axNNJbNpqjy0ODWvbsiVzb
|
Size: |
85392
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\git-credential-manager-ui.exe.config (copy)
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\git-credential-manager-ui.exe.config (copy)
|
Category: |
dropped
|
Dump: |
is-37K1N.tmp.4.dr
|
ID: |
dr_490
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
XML 1.0 document, ASCII text, with CRLF line terminators
|
Entropy: |
5.068442854404258
|
Encrypted: |
false
|
Ssdeep: |
12:TMHdG3VOcrg9LNFF7ap+5r7qf/2/+tR8FicYo4xT:2dErSPF7NruH2/+m9y
|
Size: |
538
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\git-credential-manager.exe (copy)
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\git-credential-manager.exe (copy)
|
Category: |
dropped
|
Dump: |
is-O54E9.tmp.4.dr
|
ID: |
dr_491
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
5.643500145394352
|
Encrypted: |
false
|
Ssdeep: |
768:gpTwRRJIR6c9KX2aN6JetU9MjVQr1zO5peuEQ/lgZ5jy0W8H8280b4qiHR91X9zy:gp8S1aRNNJ7Ngjy0Lc2v4pRlzy
|
Size: |
76688
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\git-credential-manager.exe.config (copy)
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\git-credential-manager.exe.config (copy)
|
Category: |
dropped
|
Dump: |
is-3IJC9.tmp.4.dr
|
ID: |
dr_492
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
XML 1.0 document, ASCII text, with CRLF line terminators
|
Entropy: |
5.068442854404258
|
Encrypted: |
false
|
Ssdeep: |
12:TMHdG3VOcrg9LNFF7ap+5r7qf/2/+tR8FicYo4xT:2dErSPF7NruH2/+m9y
|
Size: |
538
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\git-credential-wincred.exe (copy)
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\git-credential-wincred.exe (copy)
|
Category: |
dropped
|
Dump: |
is-QUMUK.tmp.4.dr
|
ID: |
dr_493
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
6.487555881052725
|
Encrypted: |
false
|
Ssdeep: |
1536:1ca/ZKtkw4YneVGj7f8mvrQlNi2edtqWRqsreyi4:1caKuwzeVGjoZNoRqsrtT
|
Size: |
58960
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\git-http-fetch.exe (copy)
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\git-http-fetch.exe (copy)
|
Category: |
dropped
|
Dump: |
is-0BD7K.tmp.4.dr
|
ID: |
dr_494
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
6.480577487265443
|
Encrypted: |
false
|
Ssdeep: |
49152:0H6ET+zrgg8R5Y7tXNNEdpjsuasE8+kCvX04dzfafdeNODv:8OzsHSpPEPesE8P5EN8
|
Size: |
2264112
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\git-http-push.exe (copy)
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\git-http-push.exe (copy)
|
Category: |
dropped
|
Dump: |
is-JGQMR.tmp.4.dr
|
ID: |
dr_495
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
6.4810928539674135
|
Encrypted: |
false
|
Ssdeep: |
49152:tECxs5JCbzsvRnFTpMeEyjZmvhtkImDUKqhwdectX8:CC8CbuNMeWvJKF7M
|
Size: |
2274864
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\git-receive-pack.exe (copy)
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\git-receive-pack.exe (copy)
|
Category: |
dropped
|
Dump: |
is-GJSE7.tmp.4.dr
|
ID: |
dr_496
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
6.203089470945605
|
Encrypted: |
false
|
Ssdeep: |
768:neK3cjV4skGOBK82DA0BM/T/uWvsYWCyiR8uF:eHKskG6KNq/T/uWvsrCyipF
|
Size: |
45104
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\git-remote-http.exe (copy)
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\git-remote-http.exe (copy)
|
Category: |
dropped
|
Dump: |
is-HU4R8.tmp.4.dr
|
ID: |
dr_497
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
6.203089470945605
|
Encrypted: |
false
|
Ssdeep: |
768:neK3cjV4skGOBK82DA0BM/T/uWvsYWCyiR8uF:eHKskG6KNq/T/uWvsrCyipF
|
Size: |
45104
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\git-remote-https.exe (copy)
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\git-remote-https.exe (copy)
|
Category: |
dropped
|
Dump: |
is-3OLLO.tmp.4.dr
|
ID: |
dr_498
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
6.479820362266911
|
Encrypted: |
false
|
Ssdeep: |
49152:/u368TtzZJOELHt77QM2l1x1GujmkCEnrgLsT/n+qd6D1vm:m3p7f0M2lLykIBqk1e
|
Size: |
2279472
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\git-sh-i18n--envsubst.exe (copy)
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\git-sh-i18n--envsubst.exe (copy)
|
Category: |
dropped
|
Dump: |
is-92JOF.tmp.4.dr
|
ID: |
dr_499
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
6.476091748227561
|
Encrypted: |
false
|
Ssdeep: |
49152:DhnUIqBPic/k7oYZ9sUyjuBwc193Pqias1K9ESPdvyv:DZUJZSPsUXwjSSs
|
Size: |
2224704
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\git-update-git-for-windows (copy)
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\git-update-git-for-windows (copy)
|
Category: |
dropped
|
Dump: |
is-CL3T7.tmp.4.dr
|
ID: |
dr_500
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
5.264997649409222
|
Encrypted: |
false
|
Ssdeep: |
192:rLZGGPz6qRK43Jyu6hz0DKyw34s84JiOfZvVIFetbYXNVS3Y+B9vbhu97FEvvEq4:rLZGGPz6qR1Jyu6RetC4s84LZuetbQHL
|
Size: |
10308
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\git-upload-pack.exe (copy)
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\git-upload-pack.exe (copy)
|
Category: |
dropped
|
Dump: |
is-GKT99.tmp.4.dr
|
ID: |
dr_501
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
6.203089470945605
|
Encrypted: |
false
|
Ssdeep: |
768:neK3cjV4skGOBK82DA0BM/T/uWvsYWCyiR8uF:eHKskG6KNq/T/uWvsrCyipF
|
Size: |
45104
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\git.exe (copy)
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\git.exe (copy)
|
Category: |
dropped
|
Dump: |
is-00FAQ.tmp.4.dr
|
ID: |
dr_502
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
6.441303572420613
|
Encrypted: |
false
|
Ssdeep: |
98304:v6btZaHr28rY551RaXWZzohl0z9IAjcJZAAL:x453ZzoExAZL
|
Size: |
3728944
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\headless-git.exe (copy)
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\headless-git.exe (copy)
|
Category: |
dropped
|
Dump: |
is-U3E8R.tmp.4.dr
|
ID: |
dr_511
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (GUI) x86-64, for MS Windows
|
Entropy: |
6.272333844155468
|
Encrypted: |
false
|
Ssdeep: |
384:wpezQmL6QhwjUoVP9gSyo1kl0ThTylqa/HR9CWTsYZswpwKNCQGmGovy8ZpHAdAF:WkL6PqSyIkl06p/uWTsYW4yiR7Mlw
|
Size: |
32816
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-00FAQ.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-00FAQ.tmp
|
Category: |
dropped
|
Dump: |
is-00FAQ.tmp.4.dr
|
ID: |
dr_97
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
6.441303572420613
|
Encrypted: |
false
|
Ssdeep: |
98304:v6btZaHr28rY551RaXWZzohl0z9IAjcJZAAL:x453ZzoExAZL
|
Size: |
3728944
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-0BD7K.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-0BD7K.tmp
|
Category: |
dropped
|
Dump: |
is-0BD7K.tmp.4.dr
|
ID: |
dr_74
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
6.480577487265443
|
Encrypted: |
false
|
Ssdeep: |
49152:0H6ET+zrgg8R5Y7tXNNEdpjsuasE8+kCvX04dzfafdeNODv:8OzsHSpPEPesE8P5EN8
|
Size: |
2264112
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-0H3L5.tmp
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-0H3L5.tmp
|
Category: |
dropped
|
Dump: |
is-0H3L5.tmp.4.dr
|
ID: |
dr_387
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
6.471254862854224
|
Encrypted: |
false
|
Ssdeep: |
768:5dv0sPTKblW2AcneuHIGaIIYK43gB+E+9zJ:3v0sLKbU2ADuHIIHK4QB+xzJ
|
Size: |
38800
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-0PDJ8.tmp
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-0PDJ8.tmp
|
Category: |
dropped
|
Dump: |
is-0PDJ8.tmp.4.dr
|
ID: |
dr_144
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
Entropy: |
6.723504356001426
|
Encrypted: |
false
|
Ssdeep: |
49152:XVwAsOWcbTwvg9Zbta7IU6ic+JzhIBJLK74j7uZGtlqg8jaKhCTMBftpU2Fr/p1G:Fcvsq0+c+FhIBJLKh88j4TMrpU2Fd1C9
|
Size: |
2795164
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-0RV8O.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-0RV8O.tmp
|
Category: |
dropped
|
Dump: |
is-0RV8O.tmp.4.dr
|
ID: |
dr_233
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.927102228931638
|
Encrypted: |
false
|
Ssdeep: |
768:RBiQoku0QYKxHmeP7dRlUDQZtjrMnvuicmwtBmytt2CuzHy7i5dWnTFIW:/iQoku0ngmeP7/lUDQrjrMnvbcttgvdu
|
Size: |
45526
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-111R2.tmp
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-111R2.tmp
|
Category: |
dropped
|
Dump: |
is-111R2.tmp.4.dr
|
ID: |
dr_371
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
XML 1.0 document, ASCII text, with CRLF line terminators
|
Entropy: |
5.068442854404258
|
Encrypted: |
false
|
Ssdeep: |
12:TMHdG3VOcrg9LNFF7ap+5r7qf/2/+tR8FicYo4xT:2dErSPF7NruH2/+m9y
|
Size: |
538
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-15RVN.tmp
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-15RVN.tmp
|
Category: |
dropped
|
Dump: |
is-15RVN.tmp.4.dr
|
ID: |
dr_224
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
6.383780374578796
|
Encrypted: |
false
|
Ssdeep: |
768:6tGLItNnxekHaXK8YDPLryER0mBO4JVrWYh2j0AUE4kq7FKKa5/Bi/Wov4IigO/P:RcxepXK8YDPLryER0mBO4JVrWYa0AUEn
|
Size: |
37776
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-1R73Q.tmp
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-1R73Q.tmp
|
Category: |
dropped
|
Dump: |
is-1R73Q.tmp.4.dr
|
ID: |
dr_205
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
5.933424347612808
|
Encrypted: |
false
|
Ssdeep: |
1536:NWjQG6BbxGLtEJfODQ9ZKPplIR8d8zu6h:NWjAyL2JfODQ9Z+bIyavh
|
Size: |
63392
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-26HCQ.tmp
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-26HCQ.tmp
|
Category: |
dropped
|
Dump: |
is-26HCQ.tmp.4.dr
|
ID: |
dr_101
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
6.433825533346776
|
Encrypted: |
false
|
Ssdeep: |
1536:Nd96GDxg3Wzudk1nuSvxV/wLOSXLOSgvNQz2b:j9/xg3Wzudk1nuoxpwdKvaCb
|
Size: |
86416
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-37K1N.tmp
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-37K1N.tmp
|
Category: |
dropped
|
Dump: |
is-37K1N.tmp.4.dr
|
ID: |
dr_394
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
XML 1.0 document, ASCII text, with CRLF line terminators
|
Entropy: |
5.068442854404258
|
Encrypted: |
false
|
Ssdeep: |
12:TMHdG3VOcrg9LNFF7ap+5r7qf/2/+tR8FicYo4xT:2dErSPF7NruH2/+m9y
|
Size: |
538
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-3HO4V.tmp
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-3HO4V.tmp
|
Category: |
dropped
|
Dump: |
is-3HO4V.tmp.4.dr
|
ID: |
dr_247
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
5.48294913067712
|
Encrypted: |
false
|
Ssdeep: |
1536:fPOw0SUUKw+GbgjMV+fCY1UiiGZ6qetMXIAMZ2zstK/nIzN:fWw0SUUKBM8aOUiiGw7qa9tK/I
|
Size: |
110016
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-3IJC9.tmp
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-3IJC9.tmp
|
Category: |
dropped
|
Dump: |
is-3IJC9.tmp.4.dr
|
ID: |
dr_396
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
XML 1.0 document, ASCII text, with CRLF line terminators
|
Entropy: |
5.068442854404258
|
Encrypted: |
false
|
Ssdeep: |
12:TMHdG3VOcrg9LNFF7ap+5r7qf/2/+tR8FicYo4xT:2dErSPF7NruH2/+m9y
|
Size: |
538
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-3OLLO.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-3OLLO.tmp
|
Category: |
dropped
|
Dump: |
is-3OLLO.tmp.4.dr
|
ID: |
dr_86
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
6.479820362266911
|
Encrypted: |
false
|
Ssdeep: |
49152:/u368TtzZJOELHt77QM2l1x1GujmkCEnrgLsT/n+qd6D1vm:m3p7f0M2lLykIBqk1e
|
Size: |
2279472
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-45HPG.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-45HPG.tmp
|
Category: |
dropped
|
Dump: |
is-45HPG.tmp.4.dr
|
ID: |
dr_374
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.015392053892209
|
Encrypted: |
false
|
Ssdeep: |
24576:vIx+o7srMsVHr53TUgLr+ceAmZfR2EAw3nTo3t:wsrMsVHr53T/rrGZ5To3t
|
Size: |
857752
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-4D8BE.tmp
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-4D8BE.tmp
|
Category: |
dropped
|
Dump: |
is-4D8BE.tmp.4.dr
|
ID: |
dr_196
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
5.957237156888996
|
Encrypted: |
false
|
Ssdeep: |
768:BlH1iQJmvSVJtl4FGME+uwMT+XSFJUmnPBFihuc0ZQm1xqNyIJcJ5iN3QSO+RYAy:BlH1i7S5l4LRMs8JzPmvMu6RJyVjzy
|
Size: |
62864
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-4ES5A.tmp
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-4ES5A.tmp
|
Category: |
dropped
|
Dump: |
is-4ES5A.tmp.4.dr
|
ID: |
dr_239
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
6.548290131968704
|
Encrypted: |
false
|
Ssdeep: |
384:mrMdp9yXOfPfAxR5zwWvYW8aY7HRN7rnM8M8/fi/GR9zusw1yE:mrMcXP6/ZMufiC9zurP
|
Size: |
21920
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-4U0AM.tmp
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-4U0AM.tmp
|
Category: |
dropped
|
Dump: |
is-4U0AM.tmp.4.dr
|
ID: |
dr_392
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
XML 1.0 document, ASCII text, with CRLF line terminators
|
Entropy: |
5.068442854404258
|
Encrypted: |
false
|
Ssdeep: |
12:TMHdG3VOcrg9LNFF7ap+5r7qf/2/+tR8FicYo4xT:2dErSPF7NruH2/+m9y
|
Size: |
538
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-51TCE.tmp
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-51TCE.tmp
|
Category: |
dropped
|
Dump: |
is-51TCE.tmp.4.dr
|
ID: |
dr_107
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
XML 1.0 document, ASCII text, with CRLF line terminators
|
Entropy: |
5.068442854404258
|
Encrypted: |
false
|
Ssdeep: |
12:TMHdG3VOcrg9LNFF7ap+5r7qf/2/+tR8FicYo4xT:2dErSPF7NruH2/+m9y
|
Size: |
538
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-5J6LF.tmp
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-5J6LF.tmp
|
Category: |
dropped
|
Dump: |
is-5J6LF.tmp.4.dr
|
ID: |
dr_221
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
6.373710606746147
|
Encrypted: |
false
|
Ssdeep: |
768:ASBGtSyA9vDt4ZDgcUN5P4JVrsh2j3SvsuTv1JKa5/Zi/6LuifOzOv12WExCxNap:ASBGE9rt4ZDgcUN5P4JVrsa3Svsu71Jk
|
Size: |
33680
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-5JFUI.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-5JFUI.tmp
|
Category: |
dropped
|
Dump: |
is-5JFUI.tmp.4.dr
|
ID: |
dr_389
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
4.9438185048193075
|
Encrypted: |
false
|
Ssdeep: |
384:trWUJXZwaJGn5SPrnkxdw3qW7bNCWkTaP:tj5e5Kzkxdw3q+0WkTaP
|
Size: |
19091
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-5TEV4.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-5TEV4.tmp
|
Category: |
dropped
|
Dump: |
is-5TEV4.tmp.4.dr
|
ID: |
dr_236
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
5.366538818885652
|
Encrypted: |
false
|
Ssdeep: |
98304:OiP9BW1ez86B8iDebZLg6eWhHA2AAfqp8ZFKyzjheDnnDDhd4n39cEGAwauIS:5yA6VHBA2ARCQy3t1g
|
Size: |
13846446
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-6AJ01.tmp
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-6AJ01.tmp
|
Category: |
dropped
|
Dump: |
is-6AJ01.tmp.4.dr
|
ID: |
dr_202
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
5.843010413755538
|
Encrypted: |
false
|
Ssdeep: |
24576:Wkt3HKDRXng/KqDws15cXOIUcMPI6fMVknnoYOPMjvBindj8gD1PqqU:Wk8DR3e5MVkoYuMjvBindj8kQ
|
Size: |
1525136
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-7BMKG.tmp
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-7BMKG.tmp
|
Category: |
dropped
|
Dump: |
is-7BMKG.tmp.4.dr
|
ID: |
dr_230
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
4.493845050033339
|
Encrypted: |
false
|
Ssdeep: |
48:IMP/MBMlops2hVUxzCMMK1iYujV2v30ndT5/W5dFjgQHT5/G5FFK/FgQY/FbF/Fy:IMP/MBMloK4V6QYK9d9/sHLH9/8/KhYU
|
Size: |
2177
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-7HHJL.tmp
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-7HHJL.tmp
|
Category: |
dropped
|
Dump: |
is-7HHJL.tmp.4.dr
|
ID: |
dr_393
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
5.817922266167488
|
Encrypted: |
false
|
Ssdeep: |
768:Im22t2uBvIR6c9KXWaN6p+tU9MjVwr1zO5peuEQ/lpqZ5jy018HjW80bbh6it1XR:j22tvBw1axNNJbNpqjy0ODWvbsiVzb
|
Size: |
85392
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-7PRM8.tmp
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-7PRM8.tmp
|
Category: |
dropped
|
Dump: |
is-7PRM8.tmp.4.dr
|
ID: |
dr_153
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
7.229364992322201
|
Encrypted: |
false
|
Ssdeep: |
24576:PhBAUZLY3wPKo6VbbTiZGavkg3NyeuQ6l9fH+f0Fu:JBAUZLYgio6EZGaXBuQQ9e0Fu
|
Size: |
1114369
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-80M8U.tmp
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-80M8U.tmp
|
Category: |
dropped
|
Dump: |
is-80M8U.tmp.4.dr
|
ID: |
dr_159
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.2766035287149
|
Encrypted: |
false
|
Ssdeep: |
3072:cyrRu01KtyCv7k44Z5ipH0lxbo92mF5A3dH48B:8IKtpvcopUlBpmFWh48B
|
Size: |
136724
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-92JOF.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-92JOF.tmp
|
Category: |
dropped
|
Dump: |
is-92JOF.tmp.4.dr
|
ID: |
dr_89
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
6.476091748227561
|
Encrypted: |
false
|
Ssdeep: |
49152:DhnUIqBPic/k7oYZ9sUyjuBwc193Pqias1K9ESPdvyv:DZUJZSPsUXwjSSs
|
Size: |
2224704
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-9A4L5.tmp
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-9A4L5.tmp
|
Category: |
dropped
|
Dump: |
is-9A4L5.tmp.4.dr
|
ID: |
dr_141
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.915106368099152
|
Encrypted: |
false
|
Ssdeep: |
768:3IOty3LkMXlYAech7IK7tTiwZbEueHasANNaReeEQ2uxqfcjKDldcj70qnkkazQs:zt6n+/cVIYr7sKveEK/Ulk70qnkT2F3A
|
Size: |
51852
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-9IDGM.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-9IDGM.tmp
|
Category: |
dropped
|
Dump: |
is-9IDGM.tmp.4.dr
|
ID: |
dr_388
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.875488972802848
|
Encrypted: |
false
|
Ssdeep: |
768:ckj+33kJRQhxHmeP7dR6UPQpaurLnFM2BmwzMU3DbwJinh5FWrnaFgm:li33kJRYmeP7/6UPQ8urLnDgorFWraFF
|
Size: |
46660
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-B2M54.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-B2M54.tmp
|
Category: |
dropped
|
Dump: |
is-B2M54.tmp.4.dr
|
ID: |
dr_373
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.8787941006975775
|
Encrypted: |
false
|
Ssdeep: |
768:f6k4K6Bk5ywAeNmbhGQcDg/UkJrGfdOeZrsmwQlAnbz3uMwv18QWfe9FKm4:H6BkkwAdNGQKg/zJrGfdOeBEnuP9Wf2K
|
Size: |
48442
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-CL3T7.tmp
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-CL3T7.tmp
|
Category: |
dropped
|
Dump: |
is-CL3T7.tmp.4.dr
|
ID: |
dr_92
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
5.264997649409222
|
Encrypted: |
false
|
Ssdeep: |
192:rLZGGPz6qRK43Jyu6hz0DKyw34s84JiOfZvVIFetbYXNVS3Y+B9vbhu97FEvvEq4:rLZGGPz6qR1Jyu6RetC4s84LZuetbQHL
|
Size: |
10308
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-DK7RN.tmp
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-DK7RN.tmp
|
Category: |
dropped
|
Dump: |
is-DK7RN.tmp.4.dr
|
ID: |
dr_267
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.443582172874923
|
Encrypted: |
false
|
Ssdeep: |
3072:KjBCKuGnm8SeXmxpABVQkGVGDyhkWh26fr7Zz2F3I:WtuAm8Se2xqTYeyzjfr9z2F3I
|
Size: |
120302
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-E532L.tmp
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-E532L.tmp
|
Category: |
dropped
|
Dump: |
is-E532L.tmp.4.dr
|
ID: |
dr_162
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.054830308920439
|
Encrypted: |
false
|
Ssdeep: |
6144:5WVsDUh7txaFHP5O2FX5pSQliLcK0MAMbF3S8:ID9tGw2dSQliLcK0MAMbF3S8
|
Size: |
213360
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-E69F3.tmp
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-E69F3.tmp
|
Category: |
dropped
|
Dump: |
is-E69F3.tmp.4.dr
|
ID: |
dr_369
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
6.002109659247999
|
Encrypted: |
false
|
Ssdeep: |
1536:SSUBk7XSZ959k9z8BY9vF2wfnk3AKmPEkZNdjz1:I7fBY5M3AK3kZNh5
|
Size: |
71056
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-EH9NG.tmp
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-EH9NG.tmp
|
Category: |
dropped
|
Dump: |
is-EH9NG.tmp.4.dr
|
ID: |
dr_376
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
6.3783485065216174
|
Encrypted: |
false
|
Ssdeep: |
384:pP08GMIbYV7GduonEylbkQr3nBg5xgnSR+kNwtjatKmiEqyfMv7HRN7uE3X+R9zK:pPCbYJGdfvlMR9KmPrfMzNXi9zuLGo
|
Size: |
28064
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-FNM3F.tmp
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-FNM3F.tmp
|
Category: |
dropped
|
Dump: |
is-FNM3F.tmp.4.dr
|
ID: |
dr_165
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.218991014610923
|
Encrypted: |
false
|
Ssdeep: |
12288:UZyie/yQqIfoql1ZN5TPkqPPzSYajFUw8:ayiGyifoqblPP2YajFUw8
|
Size: |
637058
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-GJSE7.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-GJSE7.tmp
|
Category: |
dropped
|
Dump: |
is-GJSE7.tmp.4.dr
|
ID: |
dr_80
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
6.203089470945605
|
Encrypted: |
false
|
Ssdeep: |
768:neK3cjV4skGOBK82DA0BM/T/uWvsYWCyiR8uF:eHKskG6KNq/T/uWvsrCyipF
|
Size: |
45104
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-GKT99.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-GKT99.tmp
|
Category: |
dropped
|
Dump: |
is-GKT99.tmp.4.dr
|
ID: |
dr_95
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
6.203089470945605
|
Encrypted: |
false
|
Ssdeep: |
768:neK3cjV4skGOBK82DA0BM/T/uWvsYWCyiR8uF:eHKskG6KNq/T/uWvsrCyipF
|
Size: |
45104
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-GLVJH.tmp
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-GLVJH.tmp
|
Category: |
dropped
|
Dump: |
is-GLVJH.tmp.4.dr
|
ID: |
dr_242
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
6.236648859044934
|
Encrypted: |
false
|
Ssdeep: |
6144:BiLsqw/3p6rmaj6M26KGm+ZeSv9CMaaheg:gLsLZ6rmaGMC8ekwMaxg
|
Size: |
216480
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-HB0DJ.tmp
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-HB0DJ.tmp
|
Category: |
dropped
|
Dump: |
is-HB0DJ.tmp.4.dr
|
ID: |
dr_261
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
6.513074082336259
|
Encrypted: |
false
|
Ssdeep: |
384:MgGLROZAdWXYW8af7HRN79CxDNaiHR9zTBR3:MpLAV6o9CxNaix9zX3
|
Size: |
17808
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-HCV5A.tmp
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-HCV5A.tmp
|
Category: |
dropped
|
Dump: |
is-HCV5A.tmp.4.dr
|
ID: |
dr_199
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
6.028535757276779
|
Encrypted: |
false
|
Ssdeep: |
3072:jyAU2PqXYyxSOKt5wCRYNVcNj8ZYRaGtiL:eAU2PqJKt5zRYNVXl
|
Size: |
109456
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-HU4R8.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-HU4R8.tmp
|
Category: |
dropped
|
Dump: |
is-HU4R8.tmp.4.dr
|
ID: |
dr_83
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
6.203089470945605
|
Encrypted: |
false
|
Ssdeep: |
768:neK3cjV4skGOBK82DA0BM/T/uWvsYWCyiR8uF:eHKskG6KNq/T/uWvsrCyipF
|
Size: |
45104
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-IQLN0.tmp
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-IQLN0.tmp
|
Category: |
dropped
|
Dump: |
is-IQLN0.tmp.4.dr
|
ID: |
dr_150
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.207979188103462
|
Encrypted: |
false
|
Ssdeep: |
3072:9ahRHDI3HDvY9vXI0Up8GV2TPxXhRtL4ZcARhTDDGSb1nKRAUX9F3W8:9aoD0fI0jdL4ZcAHPb9y9F3W8
|
Size: |
188397
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-JGQMR.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-JGQMR.tmp
|
Category: |
dropped
|
Dump: |
is-JGQMR.tmp.4.dr
|
ID: |
dr_77
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
6.4810928539674135
|
Encrypted: |
false
|
Ssdeep: |
49152:tECxs5JCbzsvRnFTpMeEyjZmvhtkImDUKqhwdectX8:CC8CbuNMeWvJKF7M
|
Size: |
2274864
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-JQGPF.tmp
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-JQGPF.tmp
|
Category: |
dropped
|
Dump: |
is-JQGPF.tmp.4.dr
|
ID: |
dr_116
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
6.341050600172005
|
Encrypted: |
false
|
Ssdeep: |
768:NHQUnPPDbeyOxX9sNY28gqVnkzArF/2+w4wv/+tKGzO1X9z0U:NHQUfeyOxtsK28rkzArFOt33GzWz0U
|
Size: |
36752
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-K106T.tmp
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-K106T.tmp
|
Category: |
dropped
|
Dump: |
is-K106T.tmp.4.dr
|
ID: |
dr_245
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
6.140487458332229
|
Encrypted: |
false
|
Ssdeep: |
3072:nUGrszKKLBFa9DvrJGeesIf3afNs2AldfIr9:OBFd3/aFs2H
|
Size: |
142264
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-KLAKC.tmp
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-KLAKC.tmp
|
Category: |
dropped
|
Dump: |
is-KLAKC.tmp.4.dr
|
ID: |
dr_370
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
7.105392350830022
|
Encrypted: |
false
|
Ssdeep: |
768:IKuWRiylHCnslmD60v616iCr4zUBBFYqi+gUW9zJ:IKtiylHCnslG6V16iK4zUBBFYV+glzJ
|
Size: |
43408
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-KMRHN.tmp
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-KMRHN.tmp
|
Category: |
dropped
|
Dump: |
is-KMRHN.tmp.4.dr
|
ID: |
dr_113
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
6.178683214999022
|
Encrypted: |
false
|
Ssdeep: |
768:L/38Dxi4W2FMHscm/LrWwzxOlauzzoWPMxQ+9zQ:L8D/W2FMHscmnWwzMv9UxNzQ
|
Size: |
40336
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-KNGB3.tmp
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-KNGB3.tmp
|
Category: |
dropped
|
Dump: |
is-KNGB3.tmp.4.dr
|
ID: |
dr_193
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.379930199558514
|
Encrypted: |
false
|
Ssdeep: |
24576:QVkgHmdmKFeSsx0QBnoN3REREGvyBMma9J5XHbvkL5F3N8:sBFKFe/x01REREfBMxJhbslF3N8
|
Size: |
830348
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-L9PP8.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-L9PP8.tmp
|
Category: |
dropped
|
Dump: |
is-L9PP8.tmp.4.dr
|
ID: |
dr_390
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.816891923352627
|
Encrypted: |
false
|
Ssdeep: |
1536:Ek4OgqhykgKSq2H77WUPjrdrSLNkNnpjPOZ54mfSBN5:tLgKSq87aWqNkNwZ6pBN5
|
Size: |
63462
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-NP3PJ.tmp
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-NP3PJ.tmp
|
Category: |
dropped
|
Dump: |
is-NP3PJ.tmp.4.dr
|
ID: |
dr_110
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
6.240798839344625
|
Encrypted: |
false
|
Ssdeep: |
768:UHl63sNnsJElwtuvaEsd2BuTY7zi50Zi9zuuy:yxsJElwYPtrzezu/
|
Size: |
30112
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-NQ7O0.tmp
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-NQ7O0.tmp
|
Category: |
dropped
|
Dump: |
is-NQ7O0.tmp.4.dr
|
ID: |
dr_147
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
Entropy: |
6.320233093569575
|
Encrypted: |
false
|
Ssdeep: |
12288:KsIeZsZfjgUWR+ze/s8oStyDILlVZUkYXakMldV9DUxyAZ2Od:K91ZlWRvsWtUglckY3qdV9YyDOd
|
Size: |
712860
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-NV5DA.tmp
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-NV5DA.tmp
|
Category: |
dropped
|
Dump: |
is-NV5DA.tmp.4.dr
|
ID: |
dr_227
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
5.94945157628604
|
Encrypted: |
false
|
Ssdeep: |
12288:N9BzaPm657wqehcZBLX+HK+kPJUQEKx07N0TCBGiBCjC0PDgM5j9FKjc3L:N8m657w6ZBLmkitKqBCjC0PDgM57
|
Size: |
704400
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-O54E9.tmp
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-O54E9.tmp
|
Category: |
dropped
|
Dump: |
is-O54E9.tmp.4.dr
|
ID: |
dr_395
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
5.643500145394352
|
Encrypted: |
false
|
Ssdeep: |
768:gpTwRRJIR6c9KX2aN6JetU9MjVQr1zO5peuEQ/lgZ5jy0W8H8280b4qiHR91X9zy:gp8S1aRNNJ7Ngjy0Lc2v4pRlzy
|
Size: |
76688
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-OIQ8R.tmp
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-OIQ8R.tmp
|
Category: |
dropped
|
Dump: |
is-OIQ8R.tmp.4.dr
|
ID: |
dr_122
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
6.381257257698264
|
Encrypted: |
false
|
Ssdeep: |
768:9bmOK9pEhKuqZHtmB+D4TwnU50Zi9zugI:ieKLSDwn8zuN
|
Size: |
24992
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-OKC7K.tmp
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-OKC7K.tmp
|
Category: |
dropped
|
Dump: |
is-OKC7K.tmp.4.dr
|
ID: |
dr_375
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
5.953619639852891
|
Encrypted: |
false
|
Ssdeep: |
6144:HTL3Urp47lmAOEDTjN9eumtASnzQMBUbVDeuy:z797lmAOEDTpTSnRuVeuy
|
Size: |
282016
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-PERCF.tmp
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-PERCF.tmp
|
Category: |
dropped
|
Dump: |
is-PERCF.tmp.4.dr
|
ID: |
dr_119
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
XML 1.0 document, ASCII text, with CRLF line terminators
|
Entropy: |
5.068442854404258
|
Encrypted: |
false
|
Ssdeep: |
12:TMHdG3VOcrg9LNFF7ap+5r7qf/2/+tR8FicYo4xT:2dErSPF7NruH2/+m9y
|
Size: |
538
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-QE69C.tmp
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-QE69C.tmp
|
Category: |
dropped
|
Dump: |
is-QE69C.tmp.4.dr
|
ID: |
dr_181
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.295886013004616
|
Encrypted: |
false
|
Ssdeep: |
6144:o2RaThetvV7e0Fs07o+7gCL5raWeyRzpEZZ42a1TPVzh:oUaTIH79Fs0737BraltiTPVzh
|
Size: |
270123
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-QUMUK.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-QUMUK.tmp
|
Category: |
dropped
|
Dump: |
is-QUMUK.tmp.4.dr
|
ID: |
dr_71
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
6.487555881052725
|
Encrypted: |
false
|
Ssdeep: |
1536:1ca/ZKtkw4YneVGj7f8mvrQlNi2edtqWRqsreyi4:1caKuwzeVGjoZNoRqsrtT
|
Size: |
58960
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-R0Q46.tmp
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-R0Q46.tmp
|
Category: |
dropped
|
Dump: |
is-R0Q46.tmp.4.dr
|
ID: |
dr_127
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.962329164826434
|
Encrypted: |
false
|
Ssdeep: |
3072:WzuNYL4lzbWhNbNL8DXGvVh73pbi0tdpvGJaoZB7PxBHt:y4AhdNorGvHdbi09GJT
|
Size: |
143397
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-S5QKI.tmp
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-S5QKI.tmp
|
Category: |
dropped
|
Dump: |
is-S5QKI.tmp.4.dr
|
ID: |
dr_187
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.079627824126209
|
Encrypted: |
false
|
Ssdeep: |
24576:hQhrF5/wy/Aa0EpQjjV1nIThCkCZhiplRBbafLrEtxV1a0on0yAhasRF3S8:hQD5Yy/A7OQjjV1IsTZwZsMtdySRF3S8
|
Size: |
1934495
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-SB78U.tmp
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-SB78U.tmp
|
Category: |
dropped
|
Dump: |
is-SB78U.tmp.4.dr
|
ID: |
dr_391
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
5.644685814870386
|
Encrypted: |
false
|
Ssdeep: |
768:MpTwRRJIR6c9KX2aN6JetU9MjVQr1zO5peuEQ/lgZ5jy0W8H8280b4qiHlDn6K9d:Mp8S1aRNNJ7Ngjy0Lc2v4plDnXzA
|
Size: |
76704
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-SIKPM.tmp
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-SIKPM.tmp
|
Category: |
dropped
|
Dump: |
is-SIKPM.tmp.4.dr
|
ID: |
dr_372
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
6.489387654171536
|
Encrypted: |
false
|
Ssdeep: |
384:F/Qc8JcaNrchegrWW3kwpfPLQY5UDyPs7HRN7qkGER9z1p3k:F/QcYZY5UWPYq+9zLk
|
Size: |
22928
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-T38E2.tmp
|
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-T38E2.tmp
|
Category: |
dropped
|
Dump: |
is-T38E2.tmp.4.dr
|
ID: |
dr_207
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
5.7068427852569945
|
Encrypted: |
false
|
Ssdeep: |
6144:7BhgcA3PGtvqvTleY9pRFIEIECepM1SCpLzQs1hP1kIHZtW+6ZUqFWjf40adkwt6:7rgvu5wleY9pRFIEIECepM1SCpLzQs1v
|
Size: |
223136
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-TBS8O.tmp
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-TBS8O.tmp
|
Category: |
dropped
|
Dump: |
is-TBS8O.tmp.4.dr
|
ID: |
dr_167
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.974633947370526
|
Encrypted: |
false
|
Ssdeep: |
1536:o3Rdj+7JgHPQmu6aCxCH2pFlYOrvArgnhrVXlnf9/VuDm+oiEoAo8JvBFeW:ohdm8NuTivpFlYOrvAWhrp1NVuil4p8N
|
Size: |
97342
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-TQOBS.tmp
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-TQOBS.tmp
|
Category: |
dropped
|
Dump: |
is-TQOBS.tmp.4.dr
|
ID: |
dr_184
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
Entropy: |
6.098741809384637
|
Encrypted: |
false
|
Ssdeep: |
6144:8OnKx4uqkHVal2OEog8fp9Bj4pv71eo+WMqb5U90g9ksCSeaxLtapAUcqmDrk1rj:8OKHxGYYp4pRKJ8aX7McqaQZdUFk71x9
|
Size: |
552604
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-TV4JT.tmp
|
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-TV4JT.tmp
|
Category: |
dropped
|
Dump: |
is-TV4JT.tmp.4.dr
|
ID: |
dr_264
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (DLL) (console) Intel 80386, for MS Windows
|
Entropy: |
6.491934097210258
|
Encrypted: |
false
|
Ssdeep: |
3072:9faNmI0CA8jgW7WXKn8uP7gst+/Nv2DqEtSinM381R:9acI0CSXK8uP7K/EtNnN1
|
Size: |
111552
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-U3E8R.tmp
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-U3E8R.tmp
|
Category: |
dropped
|
Dump: |
is-U3E8R.tmp.4.dr
|
ID: |
dr_125
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (GUI) x86-64, for MS Windows
|
Entropy: |
6.272333844155468
|
Encrypted: |
false
|
Ssdeep: |
384:wpezQmL6QhwjUoVP9gSyo1kl0ThTylqa/HR9CWTsYZswpwKNCQGmGovy8ZpHAdAF:WkL6PqSyIkl06p/uWTsYW4yiR7Mlw
|
Size: |
32816
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-U4AQ2.tmp
|
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-U4AQ2.tmp
|
Category: |
dropped
|
Dump: |
is-U4AQ2.tmp.4.dr
|
ID: |
dr_104
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
|
Entropy: |
6.417983838078476
|
Encrypted: |
false
|
Ssdeep: |
768:S4BHPVt8yryPTiKKfghd8gwVjWWVbFKtpD8iwIw//udK+mlUW9zJ:S4B9tPryPTiKKdjWWVbFKtpD85nH+ml7
|
Size: |
46992
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-UJ27L.tmp
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-UJ27L.tmp
|
Category: |
dropped
|
Dump: |
is-UJ27L.tmp.4.dr
|
ID: |
dr_156
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.114010384745205
|
Encrypted: |
false
|
Ssdeep: |
6144:kYvx/ZFbz/QoSFSQCL1m3g1KKZTkKYyBU+:XFbMYlLb4yBU+
|
Size: |
236166
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-UULD9.tmp
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\is-UULD9.tmp
|
Category: |
dropped
|
Dump: |
is-UULD9.tmp.4.dr
|
ID: |
dr_190
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.8307508438739895
|
Encrypted: |
false
|
Ssdeep: |
1536:6st7gXN5lNxMXLpwBIk6OvxjfRPm3Yjnu6aWQZo:6XcbG96OvZfRPm3Yq6aWQZo
|
Size: |
60356
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\libbrotlicommon.dll (copy)
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\libbrotlicommon.dll (copy)
|
Category: |
dropped
|
Dump: |
is-R0Q46.tmp.4.dr
|
ID: |
dr_512
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.962329164826434
|
Encrypted: |
false
|
Ssdeep: |
3072:WzuNYL4lzbWhNbNL8DXGvVh73pbi0tdpvGJaoZB7PxBHt:y4AhdNorGvHdbi09GJT
|
Size: |
143397
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\libbrotlidec.dll (copy)
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\libbrotlidec.dll (copy)
|
Category: |
dropped
|
Dump: |
is-9A4L5.tmp.4.dr
|
ID: |
dr_513
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.915106368099152
|
Encrypted: |
false
|
Ssdeep: |
768:3IOty3LkMXlYAech7IK7tTiwZbEueHasANNaReeEQ2uxqfcjKDldcj70qnkkazQs:zt6n+/cVIYr7sKveEK/Ulk70qnkT2F3A
|
Size: |
51852
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\libcrypto-1_1-x64.dll (copy)
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\libcrypto-1_1-x64.dll (copy)
|
Category: |
dropped
|
Dump: |
is-0PDJ8.tmp.4.dr
|
ID: |
dr_514
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
Entropy: |
6.723504356001426
|
Encrypted: |
false
|
Ssdeep: |
49152:XVwAsOWcbTwvg9Zbta7IU6ic+JzhIBJLK74j7uZGtlqg8jaKhCTMBftpU2Fr/p1G:Fcvsq0+c+FhIBJLKh88j4TMrpU2Fd1C9
|
Size: |
2795164
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\libcurl-4.dll (copy)
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\libcurl-4.dll (copy)
|
Category: |
dropped
|
Dump: |
is-NQ7O0.tmp.4.dr
|
ID: |
dr_515
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
Entropy: |
6.320233093569575
|
Encrypted: |
false
|
Ssdeep: |
12288:KsIeZsZfjgUWR+ze/s8oStyDILlVZUkYXakMldV9DUxyAZ2Od:K91ZlWRvsWtUglckY3qdV9YyDOd
|
Size: |
712860
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\libexpat-1.dll (copy)
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\libexpat-1.dll (copy)
|
Category: |
dropped
|
Dump: |
is-IQLN0.tmp.4.dr
|
ID: |
dr_516
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.207979188103462
|
Encrypted: |
false
|
Ssdeep: |
3072:9ahRHDI3HDvY9vXI0Up8GV2TPxXhRtL4ZcARhTDDGSb1nKRAUX9F3W8:9aoD0fI0jdL4ZcAHPb9y9F3W8
|
Size: |
188397
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\libiconv-2.dll (copy)
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\libiconv-2.dll (copy)
|
Category: |
dropped
|
Dump: |
is-7PRM8.tmp.4.dr
|
ID: |
dr_517
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
7.229364992322201
|
Encrypted: |
false
|
Ssdeep: |
24576:PhBAUZLY3wPKo6VbbTiZGavkg3NyeuQ6l9fH+f0Fu:JBAUZLYgio6EZGaXBuQQ9e0Fu
|
Size: |
1114369
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\libidn2-0.dll (copy)
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\libidn2-0.dll (copy)
|
Category: |
dropped
|
Dump: |
is-UJ27L.tmp.4.dr
|
ID: |
dr_518
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.114010384745205
|
Encrypted: |
false
|
Ssdeep: |
6144:kYvx/ZFbz/QoSFSQCL1m3g1KKZTkKYyBU+:XFbMYlLb4yBU+
|
Size: |
236166
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\libintl-8.dll (copy)
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\libintl-8.dll (copy)
|
Category: |
dropped
|
Dump: |
is-80M8U.tmp.4.dr
|
ID: |
dr_519
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.2766035287149
|
Encrypted: |
false
|
Ssdeep: |
3072:cyrRu01KtyCv7k44Z5ipH0lxbo92mF5A3dH48B:8IKtpvcopUlBpmFWh48B
|
Size: |
136724
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\libnghttp2-14.dll (copy)
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\libnghttp2-14.dll (copy)
|
Category: |
dropped
|
Dump: |
is-E532L.tmp.4.dr
|
ID: |
dr_520
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.054830308920439
|
Encrypted: |
false
|
Ssdeep: |
6144:5WVsDUh7txaFHP5O2FX5pSQliLcK0MAMbF3S8:ID9tGw2dSQliLcK0MAMbF3S8
|
Size: |
213360
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\libpcre2-8-0.dll (copy)
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\libpcre2-8-0.dll (copy)
|
Category: |
dropped
|
Dump: |
is-FNM3F.tmp.4.dr
|
ID: |
dr_521
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.218991014610923
|
Encrypted: |
false
|
Ssdeep: |
12288:UZyie/yQqIfoql1ZN5TPkqPPzSYajFUw8:ayiGyifoqblPP2YajFUw8
|
Size: |
637058
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\libpsl-5.dll (copy)
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\libpsl-5.dll (copy)
|
Category: |
dropped
|
Dump: |
is-TBS8O.tmp.4.dr
|
ID: |
dr_522
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.974633947370526
|
Encrypted: |
false
|
Ssdeep: |
1536:o3Rdj+7JgHPQmu6aCxCH2pFlYOrvArgnhrVXlnf9/VuDm+oiEoAo8JvBFeW:ohdm8NuTivpFlYOrvAWhrp1NVuil4p8N
|
Size: |
97342
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\libssh2-1.dll (copy)
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\libssh2-1.dll (copy)
|
Category: |
dropped
|
Dump: |
is-QE69C.tmp.4.dr
|
ID: |
dr_523
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.295886013004616
|
Encrypted: |
false
|
Ssdeep: |
6144:o2RaThetvV7e0Fs07o+7gCL5raWeyRzpEZZ42a1TPVzh:oUaTIH79Fs0737BraltiTPVzh
|
Size: |
270123
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\libssl-1_1-x64.dll (copy)
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\libssl-1_1-x64.dll (copy)
|
Category: |
dropped
|
Dump: |
is-TQOBS.tmp.4.dr
|
ID: |
dr_524
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
Entropy: |
6.098741809384637
|
Encrypted: |
false
|
Ssdeep: |
6144:8OnKx4uqkHVal2OEog8fp9Bj4pv71eo+WMqb5U90g9ksCSeaxLtapAUcqmDrk1rj:8OKHxGYYp4pRKJ8aX7McqaQZdUFk71x9
|
Size: |
552604
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\libunistring-2.dll (copy)
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\libunistring-2.dll (copy)
|
Category: |
dropped
|
Dump: |
is-S5QKI.tmp.4.dr
|
ID: |
dr_525
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.079627824126209
|
Encrypted: |
false
|
Ssdeep: |
24576:hQhrF5/wy/Aa0EpQjjV1nIThCkCZhiplRBbafLrEtxV1a0on0yAhasRF3S8:hQD5Yy/A7OQjjV1IsTZwZsMtdySRF3S8
|
Size: |
1934495
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\libwinpthread-1.dll (copy)
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\libwinpthread-1.dll (copy)
|
Category: |
dropped
|
Dump: |
is-UULD9.tmp.4.dr
|
ID: |
dr_526
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.8307508438739895
|
Encrypted: |
false
|
Ssdeep: |
1536:6st7gXN5lNxMXLpwBIk6OvxjfRPm3Yjnu6aWQZo:6XcbG96OvZfRPm3Yq6aWQZo
|
Size: |
60356
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\libzstd.dll (copy)
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\libzstd.dll (copy)
|
Category: |
dropped
|
Dump: |
is-KNGB3.tmp.4.dr
|
ID: |
dr_527
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.379930199558514
|
Encrypted: |
false
|
Ssdeep: |
24576:QVkgHmdmKFeSsx0QBnoN3REREGvyBMma9J5XHbvkL5F3N8:sBFKFe/x01REREfBMxJhbslF3N8
|
Size: |
830348
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\pcre2-config (copy)
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\pcre2-config (copy)
|
Category: |
dropped
|
Dump: |
is-7BMKG.tmp.4.dr
|
ID: |
dr_536
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
4.493845050033339
|
Encrypted: |
false
|
Ssdeep: |
48:IMP/MBMlops2hVUxzCMMK1iYujV2v30ndT5/W5dFjgQHT5/G5FFK/FgQY/FbF/Fy:IMP/MBMloK4V6QYK9d9/sHLH9/8/KhYU
|
Size: |
2177
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\proxy-lookup.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\proxy-lookup.exe (copy)
|
Category: |
dropped
|
Dump: |
is-0RV8O.tmp.4.dr
|
ID: |
dr_537
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.927102228931638
|
Encrypted: |
false
|
Ssdeep: |
768:RBiQoku0QYKxHmeP7dRlUDQZtjrMnvuicmwtBmytt2CuzHy7i5dWnTFIW:/iQoku0ngmeP7/lUDQrjrMnvbcttgvdu
|
Size: |
45526
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\scalar.exe (copy)
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\scalar.exe (copy)
|
Category: |
dropped
|
Dump: |
is-5TEV4.tmp.4.dr
|
ID: |
dr_538
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
5.366538818885652
|
Encrypted: |
false
|
Ssdeep: |
98304:OiP9BW1ez86B8iDebZLg6eWhHA2AAfqp8ZFKyzjheDnnDDhd4n39cEGAwauIS:5yA6VHBA2ARCQy3t1g
|
Size: |
13846446
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\bin\zlib1.dll (copy)
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\bin\zlib1.dll (copy)
|
Category: |
dropped
|
Dump: |
is-DK7RN.tmp.4.dr
|
ID: |
dr_545
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.443582172874923
|
Encrypted: |
false
|
Ssdeep: |
3072:KjBCKuGnm8SeXmxpABVQkGVGDyhkWh26fr7Zz2F3I:WtuAm8Se2xqTYeyzjfr9z2F3I
|
Size: |
120302
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\doc\git-credential-manager\LICENSE (copy)
|
Unicode text, UTF-8 text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\doc\git-credential-manager\LICENSE (copy)
|
Category: |
dropped
|
Dump: |
is-907C1.tmp.4.dr
|
ID: |
dr_546
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Unicode text, UTF-8 text
|
Entropy: |
5.078396806520291
|
Encrypted: |
false
|
Ssdeep: |
24:JBX1rmJHHH0yN3gtsHw1hC09QHOsUv4eOk4/+/m3oqLFt:JBX1aJHlxE3dQHOs5exm3ogFt
|
Size: |
1102
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\doc\git-credential-manager\NOTICE (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\doc\git-credential-manager\NOTICE (copy)
|
Category: |
dropped
|
Dump: |
is-VPPBS.tmp.4.dr
|
ID: |
dr_547
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.141222167440674
|
Encrypted: |
false
|
Ssdeep: |
48:YyUNDSJrlxEDdQHOs52TSaYF1/I9aJHlxE3dQHOs5exm3ogFh:NuJQHAmHuNQHToS
|
Size: |
2597
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\doc\git-credential-manager\README.md (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\doc\git-credential-manager\README.md (copy)
|
Category: |
dropped
|
Dump: |
is-U41IB.tmp.4.dr
|
ID: |
dr_548
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.179293080271855
|
Encrypted: |
false
|
Ssdeep: |
192:KOBKm1poCiLeVQprpOTRibgleZTNyofpBKDi7cQrCgX4b:xBKkYeVO8FC3CgA
|
Size: |
6379
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\doc\git-credential-manager\is-907C1.tmp
|
Unicode text, UTF-8 text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\doc\git-credential-manager\is-907C1.tmp
|
Category: |
dropped
|
Dump: |
is-907C1.tmp.4.dr
|
ID: |
dr_270
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Unicode text, UTF-8 text
|
Entropy: |
5.078396806520291
|
Encrypted: |
false
|
Ssdeep: |
24:JBX1rmJHHH0yN3gtsHw1hC09QHOsUv4eOk4/+/m3oqLFt:JBX1aJHlxE3dQHOs5exm3ogFt
|
Size: |
1102
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\doc\git-credential-manager\is-U41IB.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\doc\git-credential-manager\is-U41IB.tmp
|
Category: |
dropped
|
Dump: |
is-U41IB.tmp.4.dr
|
ID: |
dr_276
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.179293080271855
|
Encrypted: |
false
|
Ssdeep: |
192:KOBKm1poCiLeVQprpOTRibgleZTNyofpBKDi7cQrCgX4b:xBKkYeVO8FC3CgA
|
Size: |
6379
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\doc\git-credential-manager\is-VPPBS.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\doc\git-credential-manager\is-VPPBS.tmp
|
Category: |
dropped
|
Dump: |
is-VPPBS.tmp.4.dr
|
ID: |
dr_273
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.141222167440674
|
Encrypted: |
false
|
Ssdeep: |
48:YyUNDSJrlxEDdQHOs52TSaYF1/I9aJHlxE3dQHOs5exm3ogFh:NuJQHAmHuNQHToS
|
Size: |
2597
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\lib\engines-1_1\capi.dll (copy)
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\lib\engines-1_1\capi.dll (copy)
|
Category: |
dropped
|
Dump: |
is-SQPMU.tmp.4.dr
|
ID: |
dr_549
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
Entropy: |
5.592743449696299
|
Encrypted: |
false
|
Ssdeep: |
768:sinyXlhQoNnSRGErC2pS0mkmxEuF/5k5NNNNNNNNNNqNNNjohhKhUeQ:s8yXlRSRhS0mkm6SehhKhG
|
Size: |
41116
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\lib\engines-1_1\is-HA632.tmp
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\lib\engines-1_1\is-HA632.tmp
|
Category: |
dropped
|
Dump: |
is-HA632.tmp.4.dr
|
ID: |
dr_282
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
Entropy: |
5.500548814927492
|
Encrypted: |
false
|
Ssdeep: |
768:IaHygw1z7YffdPT7bWeksF5NNNNNNNNNNqNNNbr:dygm4ffxT7bWek1
|
Size: |
28316
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\lib\engines-1_1\is-SQPMU.tmp
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\lib\engines-1_1\is-SQPMU.tmp
|
Category: |
dropped
|
Dump: |
is-SQPMU.tmp.4.dr
|
ID: |
dr_279
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
Entropy: |
5.592743449696299
|
Encrypted: |
false
|
Ssdeep: |
768:sinyXlhQoNnSRGErC2pS0mkmxEuF/5k5NNNNNNNNNNqNNNjohhKhUeQ:s8yXlRSRhS0mkm6SehhKhG
|
Size: |
41116
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\lib\engines-1_1\padlock.dll (copy)
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\lib\engines-1_1\padlock.dll (copy)
|
Category: |
dropped
|
Dump: |
is-HA632.tmp.4.dr
|
ID: |
dr_550
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
Entropy: |
5.500548814927492
|
Encrypted: |
false
|
Ssdeep: |
768:IaHygw1z7YffdPT7bWeksF5NNNNNNNNNNqNNNbr:dygm4ffxT7bWek1
|
Size: |
28316
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\git-bisect (copy)
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\git-bisect (copy)
|
Category: |
dropped
|
Dump: |
is-R8E9U.tmp.4.dr
|
ID: |
dr_551
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
5.218435629395526
|
Encrypted: |
false
|
Ssdeep: |
24:InNtm1Q+7mrUbijIUx5iv4sHBJLlS/F5u6ndYyVZjZvFDrmQpWP49Mml7jidFeqE:mw197bAIUxa3n4/rYQ/vleOzf
|
Size: |
1625
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\git-filter-branch (copy)
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\git-filter-branch (copy)
|
Category: |
dropped
|
Dump: |
is-N8IVK.tmp.4.dr
|
ID: |
dr_552
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
5.330977468847797
|
Encrypted: |
false
|
Ssdeep: |
384:c6OMvg9zoxbHP2DMueD6D7RepqJU3PM01XanYb8M6U0DS4XDH:c6EzoxbHP2oueGMpqJU3PMKqnYbfKvXb
|
Size: |
15857
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\git-merge-octopus (copy)
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\git-merge-octopus (copy)
|
Category: |
dropped
|
Dump: |
is-PGSC8.tmp.4.dr
|
ID: |
dr_553
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
5.207636620947978
|
Encrypted: |
false
|
Ssdeep: |
48:0pMDG2m4nkyfi3u1EFr0f6XokWjGAYCNwY0IXD8L40rIaY0eMz3cV:0pM8wkP3zF0eokEGAZNwwz8L0aZzMV
|
Size: |
2477
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\git-merge-one-file (copy)
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\git-merge-one-file (copy)
|
Category: |
dropped
|
Dump: |
is-A8DCO.tmp.4.dr
|
ID: |
dr_554
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
5.155545885066052
|
Encrypted: |
false
|
Ssdeep: |
96:gpx4J8IibOWygMmyoQKgeGd+JMwbVKkmtJJfIit29gGRGDa:gIJgdytKjq+HbVKZtjf34OGRGu
|
Size: |
3695
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\git-merge-resolve (copy)
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\git-merge-resolve (copy)
|
Category: |
dropped
|
Dump: |
is-GDKLG.tmp.4.dr
|
ID: |
dr_555
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
4.897286551043382
|
Encrypted: |
false
|
Ssdeep: |
24:FP2UqCqsE9nMvKW6eJ+iNCMtd9Xslsw7OtnTd3QBIRbZFMJdOJIrD69nb:FP7EiyfiQMDG2e2Td3QBYAJd6L9nb
|
Size: |
1226
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\git-mergetool (copy)
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\git-mergetool (copy)
|
Category: |
dropped
|
Dump: |
is-83S0F.tmp.4.dr
|
ID: |
dr_556
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
5.2375098524848935
|
Encrypted: |
false
|
Ssdeep: |
192:3aBRP6ULrTMJ3qJXqW6iCqXgsezvxuoTvtiVANnL07B67zKe8h9xgOVU+hF9jZuX:3avP6ULrTW3DHjs0fnLv7zL8h9S0F9jA
|
Size: |
11564
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\git-mergetool--lib (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\git-mergetool--lib (copy)
|
Category: |
dropped
|
Dump: |
is-H6NJG.tmp.4.dr
|
ID: |
dr_557
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.078800025894399
|
Encrypted: |
false
|
Ssdeep: |
192:C+mbZ7MHI776AGv6YScL2Bc4lP+j56G6+WLOagKwuheb4s9T8tkUGgDdZJIv3moJ:GRMHO6CcaBxld+WLGvbIkUdDdZu3meO+
|
Size: |
9922
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\git-quiltimport (copy)
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\git-quiltimport (copy)
|
Category: |
dropped
|
Dump: |
is-IRRVU.tmp.4.dr
|
ID: |
dr_558
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
5.482327195784687
|
Encrypted: |
false
|
Ssdeep: |
48:xRFxunj1H6N1iLxTAP9vtPPVqXBhs3NMCd3mPjJuBij4SstP+lvE+laV/256DbcD:xJOjYXMxToJWBhseA2Pj7wmse0DbSQVU
|
Size: |
3693
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\git-request-pull (copy)
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\git-request-pull (copy)
|
Category: |
dropped
|
Dump: |
is-RSU0B.tmp.4.dr
|
ID: |
dr_559
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
5.168266842159047
|
Encrypted: |
false
|
Ssdeep: |
96:yNz11sQaRsCijp9Wn4yIwcFj2IQzAMjyrOo5p3f7U:yLnvCi1bZ2IMzjyrOo51f7U
|
Size: |
4130
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\git-sh-i18n (copy)
|
Unicode text, UTF-8 text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\git-sh-i18n (copy)
|
Category: |
dropped
|
Dump: |
is-V1CDK.tmp.4.dr
|
ID: |
dr_560
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Unicode text, UTF-8 text
|
Entropy: |
5.381202552902453
|
Encrypted: |
false
|
Ssdeep: |
48:5MBBioBmgqa1DNDQHD/sJ8Pad8WkZvErj6:YBioB9q0DRIDEJSsTavEy
|
Size: |
1709
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\git-sh-setup (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\git-sh-setup (copy)
|
Category: |
dropped
|
Dump: |
is-06I8C.tmp.4.dr
|
ID: |
dr_561
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.3261160679323165
|
Encrypted: |
false
|
Ssdeep: |
192:OYR4NTjzt0/EiGhpfEPvCZtF6XqzydyHIaPnBVWX95O/CC749NzBtbqG1G:Og4pnt0/ZmMCZtF2quYHf5YKaC74/9ta
|
Size: |
8822
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\git-submodule (copy)
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\git-submodule (copy)
|
Category: |
dropped
|
Dump: |
is-NBC7A.tmp.4.dr
|
ID: |
dr_562
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
5.104552782370794
|
Encrypted: |
false
|
Ssdeep: |
192:C91e8hxM6A12TQlqZrpE2IK5wQyO1+vwD9BBs/BxIBK0Z0phGONiyt8de:C91Ry6A1rqppxcQGwpBBs/BWJapBNnJ
|
Size: |
10475
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\git-subtree (copy)
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\git-subtree (copy)
|
Category: |
dropped
|
Dump: |
is-BR606.tmp.4.dr
|
ID: |
dr_563
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
5.141910739270855
|
Encrypted: |
false
|
Ssdeep: |
768:Y3D7i40rmaqx7I+Pb7RfCZq/JCgJvl75Uhltkaxi2VEpptq+WYtrV1acngzwCEUU:YC40rma2I+Pb9CZq/JrJv15Uhltkax3Q
|
Size: |
25019
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\git-update (copy)
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\git-update (copy)
|
Category: |
dropped
|
Dump: |
is-G76JS.tmp.4.dr
|
ID: |
dr_564
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
4.718369593751272
|
Encrypted: |
false
|
Ssdeep: |
6:hOHWEO2FBjkstLL+5Fk9Bv2HIbRF4M4pdKSLbwASCZpdKSEb:6JosGk9Buo1F4ZPKqbwAzPKvb
|
Size: |
218
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\git-web--browse (copy)
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\git-web--browse (copy)
|
Category: |
dropped
|
Dump: |
is-6JGAK.tmp.4.dr
|
ID: |
dr_565
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
5.236163862635797
|
Encrypted: |
false
|
Ssdeep: |
96:os9bAGnZc0unFqoCcYqAI8yIZoaR2rVtv2zXP2OBfz3xYThwGfpYwaKtSSikGTRY:o+nG0uFTYqAjyBwg+zf28uPpMSXGXvu
|
Size: |
4401
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\is-06I8C.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\is-06I8C.tmp
|
Category: |
dropped
|
Dump: |
is-06I8C.tmp.4.dr
|
ID: |
dr_314
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.3261160679323165
|
Encrypted: |
false
|
Ssdeep: |
192:OYR4NTjzt0/EiGhpfEPvCZtF6XqzydyHIaPnBVWX95O/CC749NzBtbqG1G:Og4pnt0/ZmMCZtF2quYHf5YKaC74/9ta
|
Size: |
8822
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\is-6JGAK.tmp
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\is-6JGAK.tmp
|
Category: |
dropped
|
Dump: |
is-6JGAK.tmp.4.dr
|
ID: |
dr_332
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
5.236163862635797
|
Encrypted: |
false
|
Ssdeep: |
96:os9bAGnZc0unFqoCcYqAI8yIZoaR2rVtv2zXP2OBfz3xYThwGfpYwaKtSSikGTRY:o+nG0uFTYqAjyBwg+zf28uPpMSXGXvu
|
Size: |
4401
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\is-83S0F.tmp
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\is-83S0F.tmp
|
Category: |
dropped
|
Dump: |
is-83S0F.tmp.4.dr
|
ID: |
dr_304
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
5.2375098524848935
|
Encrypted: |
false
|
Ssdeep: |
192:3aBRP6ULrTMJ3qJXqW6iCqXgsezvxuoTvtiVANnL07B67zKe8h9xgOVU+hF9jZuX:3avP6ULrTW3DHjs0fnLv7zL8h9S0F9jA
|
Size: |
11564
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\is-A8DCO.tmp
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\is-A8DCO.tmp
|
Category: |
dropped
|
Dump: |
is-A8DCO.tmp.4.dr
|
ID: |
dr_300
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
5.155545885066052
|
Encrypted: |
false
|
Ssdeep: |
96:gpx4J8IibOWygMmyoQKgeGd+JMwbVKkmtJJfIit29gGRGDa:gIJgdytKjq+HbVKZtjf34OGRGu
|
Size: |
3695
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\is-BR606.tmp
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\is-BR606.tmp
|
Category: |
dropped
|
Dump: |
is-BR606.tmp.4.dr
|
ID: |
dr_328
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
5.141910739270855
|
Encrypted: |
false
|
Ssdeep: |
768:Y3D7i40rmaqx7I+Pb7RfCZq/JCgJvl75Uhltkaxi2VEpptq+WYtrV1acngzwCEUU:YC40rma2I+Pb9CZq/JrJv15Uhltkax3Q
|
Size: |
25019
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\is-G76JS.tmp
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\is-G76JS.tmp
|
Category: |
dropped
|
Dump: |
is-G76JS.tmp.4.dr
|
ID: |
dr_330
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
4.718369593751272
|
Encrypted: |
false
|
Ssdeep: |
6:hOHWEO2FBjkstLL+5Fk9Bv2HIbRF4M4pdKSLbwASCZpdKSEb:6JosGk9Buo1F4ZPKqbwAzPKvb
|
Size: |
218
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\is-GDKLG.tmp
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\is-GDKLG.tmp
|
Category: |
dropped
|
Dump: |
is-GDKLG.tmp.4.dr
|
ID: |
dr_302
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
4.897286551043382
|
Encrypted: |
false
|
Ssdeep: |
24:FP2UqCqsE9nMvKW6eJ+iNCMtd9Xslsw7OtnTd3QBIRbZFMJdOJIrD69nb:FP7EiyfiQMDG2e2Td3QBYAJd6L9nb
|
Size: |
1226
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\is-H6NJG.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\is-H6NJG.tmp
|
Category: |
dropped
|
Dump: |
is-H6NJG.tmp.4.dr
|
ID: |
dr_306
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.078800025894399
|
Encrypted: |
false
|
Ssdeep: |
192:C+mbZ7MHI776AGv6YScL2Bc4lP+j56G6+WLOagKwuheb4s9T8tkUGgDdZJIv3moJ:GRMHO6CcaBxld+WLGvbIkUdDdZu3meO+
|
Size: |
9922
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\is-IRRVU.tmp
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\is-IRRVU.tmp
|
Category: |
dropped
|
Dump: |
is-IRRVU.tmp.4.dr
|
ID: |
dr_308
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
5.482327195784687
|
Encrypted: |
false
|
Ssdeep: |
48:xRFxunj1H6N1iLxTAP9vtPPVqXBhs3NMCd3mPjJuBij4SstP+lvE+laV/256DbcD:xJOjYXMxToJWBhseA2Pj7wmse0DbSQVU
|
Size: |
3693
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\is-N8IVK.tmp
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\is-N8IVK.tmp
|
Category: |
dropped
|
Dump: |
is-N8IVK.tmp.4.dr
|
ID: |
dr_286
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
5.330977468847797
|
Encrypted: |
false
|
Ssdeep: |
384:c6OMvg9zoxbHP2DMueD6D7RepqJU3PM01XanYb8M6U0DS4XDH:c6EzoxbHP2oueGMpqJU3PMKqnYbfKvXb
|
Size: |
15857
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\is-NBC7A.tmp
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\is-NBC7A.tmp
|
Category: |
dropped
|
Dump: |
is-NBC7A.tmp.4.dr
|
ID: |
dr_316
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
5.104552782370794
|
Encrypted: |
false
|
Ssdeep: |
192:C91e8hxM6A12TQlqZrpE2IK5wQyO1+vwD9BBs/BxIBK0Z0phGONiyt8de:C91Ry6A1rqppxcQGwpBBs/BWJapBNnJ
|
Size: |
10475
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\is-PGSC8.tmp
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\is-PGSC8.tmp
|
Category: |
dropped
|
Dump: |
is-PGSC8.tmp.4.dr
|
ID: |
dr_298
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
5.207636620947978
|
Encrypted: |
false
|
Ssdeep: |
48:0pMDG2m4nkyfi3u1EFr0f6XokWjGAYCNwY0IXD8L40rIaY0eMz3cV:0pM8wkP3zF0eokEGAZNwwz8L0aZzMV
|
Size: |
2477
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\is-R8E9U.tmp
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\is-R8E9U.tmp
|
Category: |
dropped
|
Dump: |
is-R8E9U.tmp.4.dr
|
ID: |
dr_284
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
5.218435629395526
|
Encrypted: |
false
|
Ssdeep: |
24:InNtm1Q+7mrUbijIUx5iv4sHBJLlS/F5u6ndYyVZjZvFDrmQpWP49Mml7jidFeqE:mw197bAIUxa3n4/rYQ/vleOzf
|
Size: |
1625
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\is-RSU0B.tmp
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\is-RSU0B.tmp
|
Category: |
dropped
|
Dump: |
is-RSU0B.tmp.4.dr
|
ID: |
dr_310
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
5.168266842159047
|
Encrypted: |
false
|
Ssdeep: |
96:yNz11sQaRsCijp9Wn4yIwcFj2IQzAMjyrOo5p3f7U:yLnvCi1bZ2IMzjyrOo51f7U
|
Size: |
4130
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\is-V1CDK.tmp
|
Unicode text, UTF-8 text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\is-V1CDK.tmp
|
Category: |
dropped
|
Dump: |
is-V1CDK.tmp.4.dr
|
ID: |
dr_312
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Unicode text, UTF-8 text
|
Entropy: |
5.381202552902453
|
Encrypted: |
false
|
Ssdeep: |
48:5MBBioBmgqa1DNDQHD/sJ8Pad8WkZvErj6:YBioB9q0DRIDEJSsTavEy
|
Size: |
1709
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\araxis (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\araxis (copy)
|
Category: |
dropped
|
Dump: |
is-NUA1K.tmp.4.dr
|
ID: |
dr_566
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.185371719109056
|
Encrypted: |
false
|
Ssdeep: |
6:tV9/aCbcnDBPY8I0xZ+V5hpHJ7nixW/SXc53gRaAcDksfW/kjRaAcDvYvApcY8IQ:tVz8Rv+vJCIgRaAcrjRaADvv+zC
|
Size: |
515
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\bc (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\bc (copy)
|
Category: |
dropped
|
Dump: |
is-O40EQ.tmp.4.dr
|
ID: |
dr_567
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.096486267120575
|
Encrypted: |
false
|
Ssdeep: |
12:tVkb0OfUpC+vJabUfjJbKfUpC+UqvCBu6KRwNVCn:/A0OfUpdMUfjdKfUpaI2NVCn
|
Size: |
584
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\codecompare (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\codecompare (copy)
|
Category: |
dropped
|
Dump: |
is-SH5JV.tmp.4.dr
|
ID: |
dr_568
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.059786037196863
|
Encrypted: |
false
|
Ssdeep: |
12:tVkb0O8C+vJHtkzQjo/8C+UWhZAdXRzmJy:/A0O8d9uQjo/8NCdXRzH
|
Size: |
510
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\deltawalker (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\deltawalker (copy)
|
Category: |
dropped
|
Dump: |
is-GHGU1.tmp.4.dr
|
ID: |
dr_569
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.203836139186393
|
Encrypted: |
false
|
Ssdeep: |
12:tVkb8Rbw4+vNjdG/0EKOEVc3zUCf7aU/KVcAbNNjJb0Jbw4+WA4p:/A8R071dNEJEOA+aUIcErjdE0LI
|
Size: |
818
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\diffmerge (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\diffmerge (copy)
|
Category: |
dropped
|
Dump: |
is-G491L.tmp.4.dr
|
ID: |
dr_570
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.122022236962505
|
Encrypted: |
false
|
Ssdeep: |
6:tV9/KbcnDBPY8bkZ+V5hpHJ7nixW/uaDQwhP0bR0w0sfW/uhhxCb0DApcY8bkZ+9:tVkb8Rby+vJeNR0sdxCb0rby+dJp
|
Size: |
460
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\diffuse (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\diffuse (copy)
|
Category: |
dropped
|
Dump: |
is-SG79U.tmp.4.dr
|
ID: |
dr_571
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.002524913211334
|
Encrypted: |
false
|
Ssdeep: |
6:tV9/Kb/tY8bDZ+V5hpHJ7nixW/ywbRdX0sfW/ywb/KApcY8bDZ+V5w:tVkbrbN+vJCwblrwbAbN+U
|
Size: |
395
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\ecmerge (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\ecmerge (copy)
|
Category: |
dropped
|
Dump: |
is-2H32K.tmp.4.dr
|
ID: |
dr_572
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.066723571675747
|
Encrypted: |
false
|
Ssdeep: |
6:tV9/sAtCb00Y8a2Z+V5hpHJ7nixW/mg1rixJH0sfW/Kb1rP50ApcY8a2Z+V5w:tVhCb0Oa8+vJWg0xjJb95ea8+U
|
Size: |
453
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\emerge (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\emerge (copy)
|
Category: |
dropped
|
Dump: |
is-H6CAB.tmp.4.dr
|
ID: |
dr_573
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.980495810750976
|
Encrypted: |
false
|
Ssdeep: |
6:tV9/WQyag00Y8xYpHJ7nixW/yaAZoc8rU8/K/0sfW/yaAZyWrg/KyApcY8xIFQ47:tVMag0OAJCaA2rUFraAMWrMQp
|
Size: |
535
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\examdiff (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\examdiff (copy)
|
Category: |
dropped
|
Dump: |
is-RPQE4.tmp.4.dr
|
ID: |
dr_574
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.090393597006929
|
Encrypted: |
false
|
Ssdeep: |
6:tV9/Kby5vg6Y8WZFFL+V5hpHJ7nixW/uVRyu1At0sfW/uOyu1QKApcY8WZFFL+Vz:tVkbgvgIW7h+vJMRRKj0RCIW7h+p
|
Size: |
493
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\guiffy (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\guiffy (copy)
|
Category: |
dropped
|
Dump: |
is-8D8JB.tmp.4.dr
|
ID: |
dr_575
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.073558223699166
|
Encrypted: |
false
|
Ssdeep: |
6:tV9/Kb00Y8uDAQnL+V5hpHJ7nixW/5Bg9DYNJH0sfW/nBg9DaApcY8uDAQnL+V5p:tVkb0OM7L+vJpWYNjAB0YM7L+dJp
|
Size: |
432
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\gvimdiff (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\gvimdiff (copy)
|
Category: |
dropped
|
Dump: |
is-R3T8K.tmp.4.dr
|
ID: |
dr_576
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.375222374437916
|
Encrypted: |
false
|
Ssdeep: |
3:YWF6cIPCDPn:YS6XPAP
|
Size: |
29
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-0I0E2.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-0I0E2.tmp
|
Category: |
dropped
|
Dump: |
is-0I0E2.tmp.4.dr
|
ID: |
dr_379
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.973998606498254
|
Encrypted: |
false
|
Ssdeep: |
12:H8cRL18+vJN1GZH3D0dQOQBSYD0NbXVnOXWNPPuaB9Y74XL18+U:HZR5RGdz/OQY0UbXVnOmJU0S
|
Size: |
761
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-2H32K.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-2H32K.tmp
|
Category: |
dropped
|
Dump: |
is-2H32K.tmp.4.dr
|
ID: |
dr_346
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.066723571675747
|
Encrypted: |
false
|
Ssdeep: |
6:tV9/sAtCb00Y8a2Z+V5hpHJ7nixW/mg1rixJH0sfW/Kb1rP50ApcY8a2Z+V5w:tVhCb0Oa8+vJWg0xjJb95ea8+U
|
Size: |
453
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-3DHBE.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-3DHBE.tmp
|
Category: |
dropped
|
Dump: |
is-3DHBE.tmp.4.dr
|
ID: |
dr_366
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.139829064517854
|
Encrypted: |
false
|
Ssdeep: |
24:/xA9FU3fAXTw1pfAXYTHMXd5CwPjw8AdV3qXdS:JA923oXTw1poXY7E1bwRf3SI
|
Size: |
784
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-5DBIK.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-5DBIK.tmp
|
Category: |
dropped
|
Dump: |
is-5DBIK.tmp.4.dr
|
ID: |
dr_381
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.0877421028161445
|
Encrypted: |
false
|
Ssdeep: |
6:tV9/XO059PY862Z+V5hpHNIAqJK/SZMP/g+ITrHBgYSFQ7LPYpcY862Z+V5w:tVpO05nT+vN9q9ZnvHWgLXT+U
|
Size: |
510
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-8D8JB.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-8D8JB.tmp
|
Category: |
dropped
|
Dump: |
is-8D8JB.tmp.4.dr
|
ID: |
dr_359
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.073558223699166
|
Encrypted: |
false
|
Ssdeep: |
6:tV9/Kb00Y8uDAQnL+V5hpHJ7nixW/5Bg9DYNJH0sfW/nBg9DaApcY8uDAQnL+V5p:tVkb0OM7L+vJpWYNjAB0YM7L+dJp
|
Size: |
432
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-BBT2M.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-BBT2M.tmp
|
Category: |
dropped
|
Dump: |
is-BBT2M.tmp.4.dr
|
ID: |
dr_364
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.375222374437916
|
Encrypted: |
false
|
Ssdeep: |
3:YWF6cIPCDPn:YS6XPAP
|
Size: |
29
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-FQBBU.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-FQBBU.tmp
|
Category: |
dropped
|
Dump: |
is-FQBBU.tmp.4.dr
|
ID: |
dr_377
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.96962690421861
|
Encrypted: |
false
|
Ssdeep: |
6:tV9/FCbyYG6Y8BEZ+V5hpHJ7nixW/FegyY/JH0sfW/FCbyYUApcY8BEZ+V5w:tV7CbBBS+vJVegbjMCb6BS+U
|
Size: |
423
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-G491L.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-G491L.tmp
|
Category: |
dropped
|
Dump: |
is-G491L.tmp.4.dr
|
ID: |
dr_342
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.122022236962505
|
Encrypted: |
false
|
Ssdeep: |
6:tV9/KbcnDBPY8bkZ+V5hpHJ7nixW/uaDQwhP0bR0w0sfW/uhhxCb0DApcY8bkZ+9:tVkb8Rby+vJeNR0sdxCb0rby+dJp
|
Size: |
460
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-G5JDP.tmp
|
ASCII text, with very long lines (470)
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-G5JDP.tmp
|
Category: |
dropped
|
Dump: |
is-G5JDP.tmp.4.dr
|
ID: |
dr_380
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text, with very long lines (470)
|
Entropy: |
5.3507371571697275
|
Encrypted: |
false
|
Ssdeep: |
384:cdH40sjq1Ak3+vAk3m9OEF/IkUgFqHAGcDCnKEi77lQHONgPraDsrm/rC:ch40sjQAk3sAk3m9OEMHAGcaKlflyONE
|
Size: |
17505
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-G960J.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-G960J.tmp
|
Category: |
dropped
|
Dump: |
is-G960J.tmp.4.dr
|
ID: |
dr_365
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.995811088606424
|
Encrypted: |
false
|
Ssdeep: |
6:tV9/Kb/tY8ZZZ+V5hpHJ7nixW/Kb4fx7X0sfW/KbRCOx7KApcY8ZZZ+V5w:tVkbrV+vJabsJbOV+U
|
Size: |
418
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-GHGU1.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-GHGU1.tmp
|
Category: |
dropped
|
Dump: |
is-GHGU1.tmp.4.dr
|
ID: |
dr_340
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.203836139186393
|
Encrypted: |
false
|
Ssdeep: |
12:tVkb8Rbw4+vNjdG/0EKOEVc3zUCf7aU/KVcAbNNjJb0Jbw4+WA4p:/A8R071dNEJEOA+aUIcErjdE0LI
|
Size: |
818
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-H6CAB.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-H6CAB.tmp
|
Category: |
dropped
|
Dump: |
is-H6CAB.tmp.4.dr
|
ID: |
dr_357
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.980495810750976
|
Encrypted: |
false
|
Ssdeep: |
6:tV9/WQyag00Y8xYpHJ7nixW/yaAZoc8rU8/K/0sfW/yaAZyWrg/KyApcY8xIFQ47:tVMag0OAJCaA2rUFraAMWrMQp
|
Size: |
535
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-MVAA2.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-MVAA2.tmp
|
Category: |
dropped
|
Dump: |
is-MVAA2.tmp.4.dr
|
ID: |
dr_382
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.198806370267601
|
Encrypted: |
false
|
Ssdeep: |
24:/8kf8r3E6QgcBFRJndf+7fZQNnl7P+7fZQNWIn2:Ak5rpBNnlrNWQ2
|
Size: |
913
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-NUA1K.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-NUA1K.tmp
|
Category: |
dropped
|
Dump: |
is-NUA1K.tmp.4.dr
|
ID: |
dr_334
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.185371719109056
|
Encrypted: |
false
|
Ssdeep: |
6:tV9/aCbcnDBPY8I0xZ+V5hpHJ7nixW/SXc53gRaAcDksfW/kjRaAcDvYvApcY8IQ:tVz8Rv+vJCIgRaAcrjRaADvv+zC
|
Size: |
515
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-O3HR9.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-O3HR9.tmp
|
Category: |
dropped
|
Dump: |
is-O3HR9.tmp.4.dr
|
ID: |
dr_361
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.26443571946273
|
Encrypted: |
false
|
Ssdeep: |
12:tV8Bl8R++vJMo08ego9Qq8Cbo4v++dJBf/KEBizvNq2p:/8b8RRbpCcWZDTKEYzvNqo
|
Size: |
818
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-O40EQ.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-O40EQ.tmp
|
Category: |
dropped
|
Dump: |
is-O40EQ.tmp.4.dr
|
ID: |
dr_336
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.096486267120575
|
Encrypted: |
false
|
Ssdeep: |
12:tVkb0OfUpC+vJabUfjJbKfUpC+UqvCBu6KRwNVCn:/A0OfUpdMUfjdKfUpaI2NVCn
|
Size: |
584
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-R3T8K.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-R3T8K.tmp
|
Category: |
dropped
|
Dump: |
is-R3T8K.tmp.4.dr
|
ID: |
dr_360
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.375222374437916
|
Encrypted: |
false
|
Ssdeep: |
3:YWF6cIPCDPn:YS6XPAP
|
Size: |
29
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-RPQE4.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-RPQE4.tmp
|
Category: |
dropped
|
Dump: |
is-RPQE4.tmp.4.dr
|
ID: |
dr_358
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.090393597006929
|
Encrypted: |
false
|
Ssdeep: |
6:tV9/Kby5vg6Y8WZFFL+V5hpHJ7nixW/uVRyu1At0sfW/uOyu1QKApcY8WZFFL+Vz:tVkbgvgIW7h+vJMRRKj0RCIW7h+p
|
Size: |
493
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-SG79U.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-SG79U.tmp
|
Category: |
dropped
|
Dump: |
is-SG79U.tmp.4.dr
|
ID: |
dr_344
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.002524913211334
|
Encrypted: |
false
|
Ssdeep: |
6:tV9/Kb/tY8bDZ+V5hpHJ7nixW/ywbRdX0sfW/ywb/KApcY8bDZ+V5w:tVkbrbN+vJCwblrwbAbN+U
|
Size: |
395
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-SH5JV.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-SH5JV.tmp
|
Category: |
dropped
|
Dump: |
is-SH5JV.tmp.4.dr
|
ID: |
dr_338
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.059786037196863
|
Encrypted: |
false
|
Ssdeep: |
12:tVkb0O8C+vJHtkzQjo/8C+UWhZAdXRzmJy:/A0O8d9uQjo/8NCdXRzH
|
Size: |
510
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-SVS1I.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-SVS1I.tmp
|
Category: |
dropped
|
Dump: |
is-SVS1I.tmp.4.dr
|
ID: |
dr_378
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.0416861795014745
|
Encrypted: |
false
|
Ssdeep: |
6:tV9/Kb00Y8L3+V5hpHJ7nixW/7BnYHCb0w0sfW/1Cb0DwrNNbDINpcY8L3+V5w:tVkb0OL3+vJLBUCb0sGCb0eB/L3+U
|
Size: |
403
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-VLKGO.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-VLKGO.tmp
|
Category: |
dropped
|
Dump: |
is-VLKGO.tmp.4.dr
|
ID: |
dr_363
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.037471660418027
|
Encrypted: |
false
|
Ssdeep: |
48:I08KmKb01EalU0b/OZcP7QElp8gAX8UGM37TSEj0xpl/pU4mGs3DvveE+R:I08KmKb01EalU0b/wcPNvtAX8UGM37T4
|
Size: |
2213
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-VQ31Q.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\is-VQ31Q.tmp
|
Category: |
dropped
|
Dump: |
is-VQ31Q.tmp.4.dr
|
ID: |
dr_362
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.848481672843229
|
Encrypted: |
false
|
Ssdeep: |
6:HIAKPY88IC+V52V9/Kb0YpcY88IC+V5prNNbz:HmRRC+qVkb0/RC+dJp
|
Size: |
264
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\kdiff3 (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\kdiff3 (copy)
|
Category: |
dropped
|
Dump: |
is-O3HR9.tmp.4.dr
|
ID: |
dr_577
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.26443571946273
|
Encrypted: |
false
|
Ssdeep: |
12:tV8Bl8R++vJMo08ego9Qq8Cbo4v++dJBf/KEBizvNq2p:/8b8RRbpCcWZDTKEYzvNqo
|
Size: |
818
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\kompare (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\kompare (copy)
|
Category: |
dropped
|
Dump: |
is-VQ31Q.tmp.4.dr
|
ID: |
dr_578
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.848481672843229
|
Encrypted: |
false
|
Ssdeep: |
6:HIAKPY88IC+V52V9/Kb0YpcY88IC+V5prNNbz:HmRRC+qVkb0/RC+dJp
|
Size: |
264
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\meld (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\meld (copy)
|
Category: |
dropped
|
Dump: |
is-VLKGO.tmp.4.dr
|
ID: |
dr_579
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.037471660418027
|
Encrypted: |
false
|
Ssdeep: |
48:I08KmKb01EalU0b/OZcP7QElp8gAX8UGM37TSEj0xpl/pU4mGs3DvveE+R:I08KmKb01EalU0b/wcPNvtAX8UGM37T4
|
Size: |
2213
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\nvimdiff (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\nvimdiff (copy)
|
Category: |
dropped
|
Dump: |
is-BBT2M.tmp.4.dr
|
ID: |
dr_580
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.375222374437916
|
Encrypted: |
false
|
Ssdeep: |
3:YWF6cIPCDPn:YS6XPAP
|
Size: |
29
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\opendiff (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\opendiff (copy)
|
Category: |
dropped
|
Dump: |
is-G960J.tmp.4.dr
|
ID: |
dr_581
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.995811088606424
|
Encrypted: |
false
|
Ssdeep: |
6:tV9/Kb/tY8ZZZ+V5hpHJ7nixW/Kb4fx7X0sfW/KbRCOx7KApcY8ZZZ+V5w:tVkbrV+vJabsJbOV+U
|
Size: |
418
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\p4merge (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\p4merge (copy)
|
Category: |
dropped
|
Dump: |
is-3DHBE.tmp.4.dr
|
ID: |
dr_582
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.139829064517854
|
Encrypted: |
false
|
Ssdeep: |
24:/xA9FU3fAXTw1pfAXYTHMXd5CwPjw8AdV3qXdS:JA923oXTw1poXY7E1bwRf3SI
|
Size: |
784
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\smerge (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\smerge (copy)
|
Category: |
dropped
|
Dump: |
is-FQBBU.tmp.4.dr
|
ID: |
dr_583
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.96962690421861
|
Encrypted: |
false
|
Ssdeep: |
6:tV9/FCbyYG6Y8BEZ+V5hpHJ7nixW/FegyY/JH0sfW/FCbyYUApcY8BEZ+V5w:tV7CbBBS+vJVegbjMCb6BS+U
|
Size: |
423
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\tkdiff (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\tkdiff (copy)
|
Category: |
dropped
|
Dump: |
is-SVS1I.tmp.4.dr
|
ID: |
dr_584
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.0416861795014745
|
Encrypted: |
false
|
Ssdeep: |
6:tV9/Kb00Y8L3+V5hpHJ7nixW/7BnYHCb0w0sfW/1Cb0DwrNNbDINpcY8L3+V5w:tVkb0OL3+vJLBUCb0sGCb0eB/L3+U
|
Size: |
403
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\tortoisemerge (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\tortoisemerge (copy)
|
Category: |
dropped
|
Dump: |
is-0I0E2.tmp.4.dr
|
ID: |
dr_585
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.973998606498254
|
Encrypted: |
false
|
Ssdeep: |
12:H8cRL18+vJN1GZH3D0dQOQBSYD0NbXVnOXWNPPuaB9Y74XL18+U:HZR5RGdz/OQY0UbXVnOmJU0S
|
Size: |
761
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\vimdiff (copy)
|
ASCII text, with very long lines (470)
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\vimdiff (copy)
|
Category: |
dropped
|
Dump: |
is-G5JDP.tmp.4.dr
|
ID: |
dr_586
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text, with very long lines (470)
|
Entropy: |
5.3507371571697275
|
Encrypted: |
false
|
Ssdeep: |
384:cdH40sjq1Ak3+vAk3m9OEF/IkUgFqHAGcDCnKEi77lQHONgPraDsrm/rC:ch40sjQAk3sAk3m9OEMHAGcaKlflyONE
|
Size: |
17505
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\winmerge (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\winmerge (copy)
|
Category: |
dropped
|
Dump: |
is-5DBIK.tmp.4.dr
|
ID: |
dr_587
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.0877421028161445
|
Encrypted: |
false
|
Ssdeep: |
6:tV9/XO059PY862Z+V5hpHNIAqJK/SZMP/g+ITrHBgYSFQ7LPYpcY862Z+V5w:tVpO05nT+vN9q9ZnvHWgLXT+U
|
Size: |
510
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\xxdiff (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\libexec\git-core\mergetools\xxdiff (copy)
|
Category: |
dropped
|
Dump: |
is-MVAA2.tmp.4.dr
|
ID: |
dr_588
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.198806370267601
|
Encrypted: |
false
|
Ssdeep: |
24:/8kf8r3E6QgcBFRJndf+7fZQNnl7P+7fZQNWIn2:Ak5rpBNnlrNWQ2
|
Size: |
913
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\doc\expat\AUTHORS (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\doc\expat\AUTHORS (copy)
|
Category: |
dropped
|
Dump: |
is-CO9RE.tmp.4.dr
|
ID: |
dr_589
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.73033054878804
|
Encrypted: |
false
|
Ssdeep: |
3:YujXMR6jKDA9XnspvcFnMbcIAqALjOvZWU5MmL2e2uMSZ:YaA6jkkFU1AfaWPE2uMS
|
Size: |
142
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\doc\expat\is-CO9RE.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\doc\expat\is-CO9RE.tmp
|
Category: |
dropped
|
Dump: |
is-CO9RE.tmp.4.dr
|
ID: |
dr_383
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.73033054878804
|
Encrypted: |
false
|
Ssdeep: |
3:YujXMR6jKDA9XnspvcFnMbcIAqALjOvZWU5MmL2e2uMSZ:YaA6jkkFU1AfaWPE2uMS
|
Size: |
142
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\doc\mpfr\AUTHORS (copy)
|
Unicode text, UTF-8 text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\doc\mpfr\AUTHORS (copy)
|
Category: |
dropped
|
Dump: |
is-LLCVJ.tmp.4.dr
|
ID: |
dr_590
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Unicode text, UTF-8 text
|
Entropy: |
4.554107302904299
|
Encrypted: |
false
|
Ssdeep: |
24:VgrcT2JKlz3MmwWRE1mivE7B0lU/LeCdm8ev/Xh:iIT2Ilz8u8DvEVe0Led8e/h
|
Size: |
1375
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\doc\mpfr\COPYING (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\doc\mpfr\COPYING (copy)
|
Category: |
dropped
|
Dump: |
is-KSVMJ.tmp.4.dr
|
ID: |
dr_591
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.57328272673034
|
Encrypted: |
false
|
Ssdeep: |
768:Fo1acy3LTB2VsrHG/OfvMmnBCtLmJ9A7J:Fhcycsrfrnoum
|
Size: |
35149
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\doc\mpfr\COPYING.LESSER (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\doc\mpfr\COPYING.LESSER (copy)
|
Category: |
dropped
|
Dump: |
is-NRKKR.tmp.4.dr
|
ID: |
dr_592
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.498418602838688
|
Encrypted: |
false
|
Ssdeep: |
192:wnJvhVL0qhYqlpIle4RrJQSqOBng4kS/cKM6L:qvjxhYWpce48engvA
|
Size: |
7652
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\doc\mpfr\is-KSVMJ.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\doc\mpfr\is-KSVMJ.tmp
|
Category: |
dropped
|
Dump: |
is-KSVMJ.tmp.4.dr
|
ID: |
dr_385
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.57328272673034
|
Encrypted: |
false
|
Ssdeep: |
768:Fo1acy3LTB2VsrHG/OfvMmnBCtLmJ9A7J:Fhcycsrfrnoum
|
Size: |
35149
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\doc\mpfr\is-LLCVJ.tmp
|
Unicode text, UTF-8 text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\doc\mpfr\is-LLCVJ.tmp
|
Category: |
dropped
|
Dump: |
is-LLCVJ.tmp.4.dr
|
ID: |
dr_384
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Unicode text, UTF-8 text
|
Entropy: |
4.554107302904299
|
Encrypted: |
false
|
Ssdeep: |
24:VgrcT2JKlz3MmwWRE1mivE7B0lU/LeCdm8ev/Xh:iIT2Ilz8u8DvEVe0Led8e/h
|
Size: |
1375
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\doc\mpfr\is-NRKKR.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\doc\mpfr\is-NRKKR.tmp
|
Category: |
dropped
|
Dump: |
is-NRKKR.tmp.4.dr
|
ID: |
dr_386
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.498418602838688
|
Encrypted: |
false
|
Ssdeep: |
192:wnJvhVL0qhYqlpIle4RrJQSqOBng4kS/cKM6L:qvjxhYWpce48engvA
|
Size: |
7652
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\description (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\description (copy)
|
Category: |
dropped
|
Dump: |
is-IGCDI.tmp.4.dr
|
ID: |
dr_595
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.073913813607716
|
Encrypted: |
false
|
Ssdeep: |
3:+w97AA2d75XUNGkwIA+FOM2E:+iOd7JU5ih/E
|
Size: |
73
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\applypatch-msg.sample (copy)
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\applypatch-msg.sample (copy)
|
Category: |
dropped
|
Dump: |
is-R6AEN.tmp.4.dr
|
ID: |
dr_596
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
4.628819384045908
|
Encrypted: |
false
|
Ssdeep: |
12:sGdBL5R137AUoFJREeFMZRmgBRycJVbXgANj:ssP5AUAf2vm0DaKj
|
Size: |
478
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\commit-msg.sample (copy)
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\commit-msg.sample (copy)
|
Category: |
dropped
|
Dump: |
is-9GM8Q.tmp.4.dr
|
ID: |
dr_597
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
4.957289835923775
|
Encrypted: |
false
|
Ssdeep: |
24:ssPP0Q1bt9yuu0DIMopdXia7qiDWY5HNF9HS:TXFQlGalFtvHS
|
Size: |
896
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\fsmonitor-watchman.sample (copy)
|
Perl script text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\fsmonitor-watchman.sample (copy)
|
Category: |
dropped
|
Dump: |
is-DG5GH.tmp.4.dr
|
ID: |
dr_598
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Perl script text executable
|
Entropy: |
5.195031986133579
|
Encrypted: |
false
|
Ssdeep: |
96:GFCscBOvOFXDgRvi/3UCwN4ZlkRo/j5SpoNOBoi+geBIzCa:GFCsEOmWRa8CwN4ZqRo7geEk3IzCa
|
Size: |
4726
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\is-32G2B.tmp
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\is-32G2B.tmp
|
Category: |
dropped
|
Dump: |
is-32G2B.tmp.4.dr
|
ID: |
dr_59
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
4.996088117571221
|
Encrypted: |
false
|
Ssdeep: |
48:pCaVHgjBOTCaEQ0fPSBu/BoB0BzBaRoO/suBVb+/YrbXkV/IJVCIMoJzXTIEuc4A:hHGwkVE3Lb+/Yrzs/IJVzHRXTyc4m3
|
Size: |
3650
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\is-4COVI.tmp
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\is-4COVI.tmp
|
Category: |
dropped
|
Dump: |
is-4COVI.tmp.4.dr
|
ID: |
dr_49
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
4.859887909095222
|
Encrypted: |
false
|
Ssdeep: |
24:sNVtggvTgpbpnkORBm4Hr+qR3obBTga88xNAvG/wNQeZ+tVnacxdCWT2Be:ytgmTgVdBbVloNT5xNAvG/wNzZ+fnLdr
|
Size: |
1374
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\is-5TRMP.tmp
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\is-5TRMP.tmp
|
Category: |
dropped
|
Dump: |
is-5TRMP.tmp.4.dr
|
ID: |
dr_53
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
5.13234064089237
|
Encrypted: |
false
|
Ssdeep: |
12:sGdBHFd7bwSKwixs2h6iwDJeAGplTGph02dG7qP+qHO:sQYR/lwteAGDTGBGeWEO
|
Size: |
544
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\is-65D49.tmp
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\is-65D49.tmp
|
Category: |
dropped
|
Dump: |
is-65D49.tmp.4.dr
|
ID: |
dr_55
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
5.094384720791357
|
Encrypted: |
false
|
Ssdeep: |
24:s4IP0Tbe8HeBedTr2MRMacqAKYg45CKASoQdIv4Qz51vQV3QQFJA8Z1mgVkQ6SUA:byF/gdTqHa6g0UdQuQk5VQpQQzAmm0kY
|
Size: |
1492
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\is-7E2Q3.tmp
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\is-7E2Q3.tmp
|
Category: |
dropped
|
Dump: |
is-7E2Q3.tmp.4.dr
|
ID: |
dr_57
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
4.6348218152936065
|
Encrypted: |
false
|
Ssdeep: |
48:cjxQLPiGRb3I35HAXgITKt4lGQ6TuAFdMI1xTDZnHYBHg2dVm1IhFsu:yJGBI3RigzFTuGZ4B1cmhOu
|
Size: |
2783
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\is-9GM8Q.tmp
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\is-9GM8Q.tmp
|
Category: |
dropped
|
Dump: |
is-9GM8Q.tmp.4.dr
|
ID: |
dr_37
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
4.957289835923775
|
Encrypted: |
false
|
Ssdeep: |
24:ssPP0Q1bt9yuu0DIMopdXia7qiDWY5HNF9HS:TXFQlGalFtvHS
|
Size: |
896
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\is-B576N.tmp
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\is-B576N.tmp
|
Category: |
dropped
|
Dump: |
is-B576N.tmp.4.dr
|
ID: |
dr_51
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
4.846789819360513
|
Encrypted: |
false
|
Ssdeep: |
96:vJ7EgXasqXq6zaqK1ep8m5MDVUT2bTEwEWDhG38deyig9yhCLtQH:vJ4gXasI1zaqKwUTHhzeyil4tm
|
Size: |
4898
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\is-DG5GH.tmp
|
Perl script text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\is-DG5GH.tmp
|
Category: |
dropped
|
Dump: |
is-DG5GH.tmp.4.dr
|
ID: |
dr_39
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Perl script text executable
|
Entropy: |
5.195031986133579
|
Encrypted: |
false
|
Ssdeep: |
96:GFCscBOvOFXDgRvi/3UCwN4ZlkRo/j5SpoNOBoi+geBIzCa:GFCsEOmWRa8CwN4ZqRo7geEk3IzCa
|
Size: |
4726
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\is-LVECB.tmp
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\is-LVECB.tmp
|
Category: |
dropped
|
Dump: |
is-LVECB.tmp.4.dr
|
ID: |
dr_45
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
4.82528150591187
|
Encrypted: |
false
|
Ssdeep: |
48:Mef567fpi5HBeGz/szFpc+6xuw50FGVcczwK9MFhp:M/fozcFG+8ZG+VMFr
|
Size: |
1643
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\is-R6AEN.tmp
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\is-R6AEN.tmp
|
Category: |
dropped
|
Dump: |
is-R6AEN.tmp.4.dr
|
ID: |
dr_35
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
4.628819384045908
|
Encrypted: |
false
|
Ssdeep: |
12:sGdBL5R137AUoFJREeFMZRmgBRycJVbXgANj:ssP5AUAf2vm0DaKj
|
Size: |
478
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\is-RK3OE.tmp
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\is-RK3OE.tmp
|
Category: |
dropped
|
Dump: |
is-RK3OE.tmp.4.dr
|
ID: |
dr_43
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
4.680234847331966
|
Encrypted: |
false
|
Ssdeep: |
12:sGdBkSPFdGRmUUoFJREeFMZRHUJxtPd9HTLb:seN0mUUAf2vcZ9z/
|
Size: |
424
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\is-RTU16.tmp
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\is-RTU16.tmp
|
Category: |
dropped
|
Dump: |
is-RTU16.tmp.4.dr
|
ID: |
dr_47
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
4.665148264690098
|
Encrypted: |
false
|
Ssdeep: |
12:sGdBkSPFdGRms9r5FJREehRHUJuyVMDqdQ0x2qd0:seN0ms9rffHc7+Denx2e0
|
Size: |
416
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\is-SKUHA.tmp
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\is-SKUHA.tmp
|
Category: |
dropped
|
Dump: |
is-SKUHA.tmp.4.dr
|
ID: |
dr_41
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
4.488007575888407
|
Encrypted: |
false
|
Ssdeep: |
3:TKH4viGdhGtAIrejpTj2BNTyamIjfDb34uyl5sAFReWX7dCQQrNrlh6v:hKGdh6ajIBBya7Lbouy3sgRJXxCZbhE
|
Size: |
189
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\post-update.sample (copy)
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\post-update.sample (copy)
|
Category: |
dropped
|
Dump: |
is-SKUHA.tmp.4.dr
|
ID: |
dr_599
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
4.488007575888407
|
Encrypted: |
false
|
Ssdeep: |
3:TKH4viGdhGtAIrejpTj2BNTyamIjfDb34uyl5sAFReWX7dCQQrNrlh6v:hKGdh6ajIBBya7Lbouy3sgRJXxCZbhE
|
Size: |
189
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\pre-applypatch.sample (copy)
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\pre-applypatch.sample (copy)
|
Category: |
dropped
|
Dump: |
is-RK3OE.tmp.4.dr
|
ID: |
dr_600
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
4.680234847331966
|
Encrypted: |
false
|
Ssdeep: |
12:sGdBkSPFdGRmUUoFJREeFMZRHUJxtPd9HTLb:seN0mUUAf2vcZ9z/
|
Size: |
424
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\pre-commit.sample (copy)
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\pre-commit.sample (copy)
|
Category: |
dropped
|
Dump: |
is-LVECB.tmp.4.dr
|
ID: |
dr_601
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
4.82528150591187
|
Encrypted: |
false
|
Ssdeep: |
48:Mef567fpi5HBeGz/szFpc+6xuw50FGVcczwK9MFhp:M/fozcFG+8ZG+VMFr
|
Size: |
1643
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\pre-merge-commit.sample (copy)
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\pre-merge-commit.sample (copy)
|
Category: |
dropped
|
Dump: |
is-RTU16.tmp.4.dr
|
ID: |
dr_602
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
4.665148264690098
|
Encrypted: |
false
|
Ssdeep: |
12:sGdBkSPFdGRms9r5FJREehRHUJuyVMDqdQ0x2qd0:seN0ms9rffHc7+Denx2e0
|
Size: |
416
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\pre-push.sample (copy)
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\pre-push.sample (copy)
|
Category: |
dropped
|
Dump: |
is-4COVI.tmp.4.dr
|
ID: |
dr_603
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
4.859887909095222
|
Encrypted: |
false
|
Ssdeep: |
24:sNVtggvTgpbpnkORBm4Hr+qR3obBTga88xNAvG/wNQeZ+tVnacxdCWT2Be:ytgmTgVdBbVloNT5xNAvG/wNzZ+fnLdr
|
Size: |
1374
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\pre-rebase.sample (copy)
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\pre-rebase.sample (copy)
|
Category: |
dropped
|
Dump: |
is-B576N.tmp.4.dr
|
ID: |
dr_604
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
4.846789819360513
|
Encrypted: |
false
|
Ssdeep: |
96:vJ7EgXasqXq6zaqK1ep8m5MDVUT2bTEwEWDhG38deyig9yhCLtQH:vJ4gXasI1zaqKwUTHhzeyil4tm
|
Size: |
4898
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\pre-receive.sample (copy)
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\pre-receive.sample (copy)
|
Category: |
dropped
|
Dump: |
is-5TRMP.tmp.4.dr
|
ID: |
dr_605
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
5.13234064089237
|
Encrypted: |
false
|
Ssdeep: |
12:sGdBHFd7bwSKwixs2h6iwDJeAGplTGph02dG7qP+qHO:sQYR/lwteAGDTGBGeWEO
|
Size: |
544
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\prepare-commit-msg.sample (copy)
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\prepare-commit-msg.sample (copy)
|
Category: |
dropped
|
Dump: |
is-65D49.tmp.4.dr
|
ID: |
dr_606
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
5.094384720791357
|
Encrypted: |
false
|
Ssdeep: |
24:s4IP0Tbe8HeBedTr2MRMacqAKYg45CKASoQdIv4Qz51vQV3QQFJA8Z1mgVkQ6SUA:byF/gdTqHa6g0UdQuQk5VQpQQzAmm0kY
|
Size: |
1492
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\push-to-checkout.sample (copy)
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\push-to-checkout.sample (copy)
|
Category: |
dropped
|
Dump: |
is-7E2Q3.tmp.4.dr
|
ID: |
dr_607
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
4.6348218152936065
|
Encrypted: |
false
|
Ssdeep: |
48:cjxQLPiGRb3I35HAXgITKt4lGQ6TuAFdMI1xTDZnHYBHg2dVm1IhFsu:yJGBI3RigzFTuGZ4B1cmhOu
|
Size: |
2783
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\update.sample (copy)
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\hooks\update.sample (copy)
|
Category: |
dropped
|
Dump: |
is-32G2B.tmp.4.dr
|
ID: |
dr_608
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
4.996088117571221
|
Encrypted: |
false
|
Ssdeep: |
48:pCaVHgjBOTCaEQ0fPSBu/BoB0BzBaRoO/suBVb+/YrbXkV/IJVCIMoJzXTIEuc4A:hHGwkVE3Lb+/Yrzs/IJVzHRXTyc4m3
|
Size: |
3650
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\info\exclude (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\info\exclude (copy)
|
Category: |
dropped
|
Dump: |
is-7OUJR.tmp.4.dr
|
ID: |
dr_609
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.633791568623328
|
Encrypted: |
false
|
Ssdeep: |
6:Sl2KRMesbgNLFIj1LQQ3qoEjcOe8mSLeiebNeMTJ+KC:2RMBgNBC0Q3qhkSLMNeO+KC
|
Size: |
240
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\info\is-7OUJR.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\info\is-7OUJR.tmp
|
Category: |
dropped
|
Dump: |
is-7OUJR.tmp.4.dr
|
ID: |
dr_61
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.633791568623328
|
Encrypted: |
false
|
Ssdeep: |
6:Sl2KRMesbgNLFIj1LQQ3qoEjcOe8mSLeiebNeMTJ+KC:2RMBgNBC0Q3qhkSLMNeO+KC
|
Size: |
240
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\is-IGCDI.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\git-core\templates\is-IGCDI.tmp
|
Category: |
dropped
|
Dump: |
is-IGCDI.tmp.4.dr
|
ID: |
dr_33
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.073913813607716
|
Encrypted: |
false
|
Ssdeep: |
3:+w97AA2d75XUNGkwIA+FOM2E:+iOd7JU5ih/E
|
Size: |
73
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\git\edit-git-bash.exe (copy)
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\git\edit-git-bash.exe (copy)
|
Category: |
dropped
|
Dump: |
is-V3Q4E.tmp.4.dr
|
ID: |
dr_593
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
5.3200827298284095
|
Encrypted: |
false
|
Ssdeep: |
1536:eznckZpHWx/hNG5s+xfkfvIhoOfidCd+YgTZIdWUhJ72oZ/7uUNRMivHQgaI32Lw:e7ZZp2lGW+xf3bDzur4+w
|
Size: |
126000
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\git\git-wrapper.exe (copy)
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\git\git-wrapper.exe (copy)
|
Category: |
dropped
|
Dump: |
is-MNDBI.tmp.4.dr
|
ID: |
dr_594
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
6.203089470945605
|
Encrypted: |
false
|
Ssdeep: |
768:neK3cjV4skGOBK82DA0BM/T/uWvsYWCyiR8uF:eHKskG6KNq/T/uWvsrCyipF
|
Size: |
45104
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\git\is-MNDBI.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\git\is-MNDBI.tmp
|
Category: |
dropped
|
Dump: |
is-MNDBI.tmp.4.dr
|
ID: |
dr_31
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
6.203089470945605
|
Encrypted: |
false
|
Ssdeep: |
768:neK3cjV4skGOBK82DA0BM/T/uWvsYWCyiR8uF:eHKskG6KNq/T/uWvsrCyipF
|
Size: |
45104
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\git\is-V3Q4E.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\git\is-V3Q4E.tmp
|
Category: |
dropped
|
Dump: |
is-V3Q4E.tmp.4.dr
|
ID: |
dr_29
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
5.3200827298284095
|
Encrypted: |
false
|
Ssdeep: |
1536:eznckZpHWx/hNG5s+xfkfvIhoOfidCd+YgTZIdWUhJ72oZ/7uUNRMivHQgaI32Lw:e7ZZp2lGW+xf3bDzur4+w
|
Size: |
126000
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\brotli\LICENSE (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\brotli\LICENSE (copy)
|
Category: |
dropped
|
Dump: |
is-SBCKJ.tmp.4.dr
|
ID: |
dr_610
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.14131125223171
|
Encrypted: |
false
|
Ssdeep: |
24:gL2rmJHHH0yN3gtsHw1hj9QHOsUv4eOk4q/m3oqLF5n:E2aJHlxE35QHOs5e/m3ogF5n
|
Size: |
1084
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\brotli\is-SBCKJ.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\brotli\is-SBCKJ.tmp
|
Category: |
dropped
|
Dump: |
is-SBCKJ.tmp.4.dr
|
ID: |
dr_63
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.14131125223171
|
Encrypted: |
false
|
Ssdeep: |
24:gL2rmJHHH0yN3gtsHw1hj9QHOsUv4eOk4q/m3oqLF5n:E2aJHlxE35QHOs5e/m3ogF5n
|
Size: |
1084
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\expat\COPYING (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\expat\COPYING (copy)
|
Category: |
dropped
|
Dump: |
is-N3L6K.tmp.4.dr
|
ID: |
dr_611
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.153878926571173
|
Encrypted: |
false
|
Ssdeep: |
24:FSiJHxRHuyPP3GtIHw1h39QH+sUW8Ok4odZo3U/qldFD:QiJzfPvGt7NQH+sfINi3OMFD
|
Size: |
1144
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\expat\is-N3L6K.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\expat\is-N3L6K.tmp
|
Category: |
dropped
|
Dump: |
is-N3L6K.tmp.4.dr
|
ID: |
dr_65
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.153878926571173
|
Encrypted: |
false
|
Ssdeep: |
24:FSiJHxRHuyPP3GtIHw1h39QH+sUW8Ok4odZo3U/qldFD:QiJzfPvGt7NQH+sfINi3OMFD
|
Size: |
1144
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gcc-libs\COPYING.LIB (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gcc-libs\COPYING.LIB (copy)
|
Category: |
dropped
|
Dump: |
is-KVK81.tmp.4.dr
|
ID: |
dr_612
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.60187022934322
|
Encrypted: |
false
|
Ssdeep: |
384:Db5sOuAbnnkURSX6wFDVxnFw7xqsvzt+z3k8E9HinIhFkspcMtxc7ups0C7uQY:Db53rLSDnFMz1ReScMc7Gsh7uQY
|
Size: |
26527
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gcc-libs\COPYING.RUNTIME (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gcc-libs\COPYING.RUNTIME (copy)
|
Category: |
dropped
|
Dump: |
is-I7SJ9.tmp.4.dr
|
ID: |
dr_613
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.657970991150273
|
Encrypted: |
false
|
Ssdeep: |
96:SDLuUETp4Y6+qu+vvQwmIYBQ2wzNade4BtT2eC7XL:SDaESS4wgqjc9qeC7XL
|
Size: |
3324
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gcc-libs\COPYING3 (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gcc-libs\COPYING3 (copy)
|
Category: |
dropped
|
Dump: |
is-1BG0R.tmp.4.dr
|
ID: |
dr_614
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.573442652974749
|
Encrypted: |
false
|
Ssdeep: |
768:Mo1acy3LTB2VsrHG/OfvMmnBCtLmJ9A7D:Mhcycsrfrnoue
|
Size: |
35147
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gcc-libs\README (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gcc-libs\README (copy)
|
Category: |
dropped
|
Dump: |
is-FU9ET.tmp.4.dr
|
ID: |
dr_615
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.656788723432296
|
Encrypted: |
false
|
Ssdeep: |
6:2VW5OkoFE1FKUctAYL6+jGwZe/eMZnJcEHQKOFGslV:vc+PK1y/+jFOBZnXqGM
|
Size: |
227
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gcc-libs\is-1BG0R.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gcc-libs\is-1BG0R.tmp
|
Category: |
dropped
|
Dump: |
is-1BG0R.tmp.4.dr
|
ID: |
dr_72
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.573442652974749
|
Encrypted: |
false
|
Ssdeep: |
768:Mo1acy3LTB2VsrHG/OfvMmnBCtLmJ9A7D:Mhcycsrfrnoue
|
Size: |
35147
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gcc-libs\is-FU9ET.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gcc-libs\is-FU9ET.tmp
|
Category: |
dropped
|
Dump: |
is-FU9ET.tmp.4.dr
|
ID: |
dr_75
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.656788723432296
|
Encrypted: |
false
|
Ssdeep: |
6:2VW5OkoFE1FKUctAYL6+jGwZe/eMZnJcEHQKOFGslV:vc+PK1y/+jFOBZnXqGM
|
Size: |
227
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gcc-libs\is-I7SJ9.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gcc-libs\is-I7SJ9.tmp
|
Category: |
dropped
|
Dump: |
is-I7SJ9.tmp.4.dr
|
ID: |
dr_69
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.657970991150273
|
Encrypted: |
false
|
Ssdeep: |
96:SDLuUETp4Y6+qu+vvQwmIYBQ2wzNade4BtT2eC7XL:SDaESS4wgqjc9qeC7XL
|
Size: |
3324
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gcc-libs\is-KVK81.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gcc-libs\is-KVK81.tmp
|
Category: |
dropped
|
Dump: |
is-KVK81.tmp.4.dr
|
ID: |
dr_67
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.60187022934322
|
Encrypted: |
false
|
Ssdeep: |
384:Db5sOuAbnnkURSX6wFDVxnFw7xqsvzt+z3k8E9HinIhFkspcMtxc7ups0C7uQY:Db53rLSDnFMz1ReScMc7Gsh7uQY
|
Size: |
26527
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gettext\COPYING (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gettext\COPYING (copy)
|
Category: |
dropped
|
Dump: |
is-EIA8H.tmp.4.dr
|
ID: |
dr_616
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.573431714141348
|
Encrypted: |
false
|
Ssdeep: |
768:Fo1acy3LTB2VsrHG/OfvMmnBCtLmJ9A72:FhcycsrfrnouF
|
Size: |
35151
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gettext\gettext-runtime\COPYING (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gettext\gettext-runtime\COPYING (copy)
|
Category: |
dropped
|
Dump: |
is-SVU8S.tmp.4.dr
|
ID: |
dr_617
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.630294749114476
|
Encrypted: |
false
|
Ssdeep: |
6:T0qqj9+cMlGTrm1ZFUFJBCCKXjnAK0AfQ43G65F3wQXwFC7WZrDnYkdgJBCCKXMV:9HLlFNC2IyG652QEtZrnfC6YE3IPV
|
Size: |
495
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gettext\gettext-runtime\intl\COPYING.LIB (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gettext\gettext-runtime\intl\COPYING.LIB (copy)
|
Category: |
dropped
|
Dump: |
is-3RQBQ.tmp.4.dr
|
ID: |
dr_618
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.602410540521722
|
Encrypted: |
false
|
Ssdeep: |
384:Dy5sOuAbnNyUfoX6wFDVxnFM7xqsvxt+z/k8E9HinIzFksp4Mtxc7Cps0GJQ+:Dy53rxoDnFQx1jeS4Mc7CsjJQ+
|
Size: |
26545
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gettext\gettext-runtime\intl\is-3RQBQ.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gettext\gettext-runtime\intl\is-3RQBQ.tmp
|
Category: |
dropped
|
Dump: |
is-3RQBQ.tmp.4.dr
|
ID: |
dr_84
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.602410540521722
|
Encrypted: |
false
|
Ssdeep: |
384:Dy5sOuAbnNyUfoX6wFDVxnFM7xqsvxt+z/k8E9HinIzFksp4Mtxc7Cps0GJQ+:Dy53rxoDnFQx1jeS4Mc7CsjJQ+
|
Size: |
26545
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gettext\gettext-runtime\is-SVU8S.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gettext\gettext-runtime\is-SVU8S.tmp
|
Category: |
dropped
|
Dump: |
is-SVU8S.tmp.4.dr
|
ID: |
dr_81
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.630294749114476
|
Encrypted: |
false
|
Ssdeep: |
6:T0qqj9+cMlGTrm1ZFUFJBCCKXjnAK0AfQ43G65F3wQXwFC7WZrDnYkdgJBCCKXMV:9HLlFNC2IyG652QEtZrnfC6YE3IPV
|
Size: |
495
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gettext\gettext-runtime\libasprintf\COPYING (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gettext\gettext-runtime\libasprintf\COPYING (copy)
|
Category: |
dropped
|
Dump: |
is-D770O.tmp.4.dr
|
ID: |
dr_619
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.600129782661155
|
Encrypted: |
false
|
Ssdeep: |
3:YDrvOEZMQZpnsr6sn:yrDZMQjnAzn
|
Size: |
65
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gettext\gettext-runtime\libasprintf\COPYING.LIB (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gettext\gettext-runtime\libasprintf\COPYING.LIB (copy)
|
Category: |
dropped
|
Dump: |
is-9EF8K.tmp.4.dr
|
ID: |
dr_620
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.602410540521722
|
Encrypted: |
false
|
Ssdeep: |
384:Dy5sOuAbnNyUfoX6wFDVxnFM7xqsvxt+z/k8E9HinIzFksp4Mtxc7Cps0GJQ+:Dy53rxoDnFQx1jeS4Mc7CsjJQ+
|
Size: |
26545
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gettext\gettext-runtime\libasprintf\is-9EF8K.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gettext\gettext-runtime\libasprintf\is-9EF8K.tmp
|
Category: |
dropped
|
Dump: |
is-9EF8K.tmp.4.dr
|
ID: |
dr_90
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.602410540521722
|
Encrypted: |
false
|
Ssdeep: |
384:Dy5sOuAbnNyUfoX6wFDVxnFM7xqsvxt+z/k8E9HinIzFksp4Mtxc7Cps0GJQ+:Dy53rxoDnFQx1jeS4Mc7CsjJQ+
|
Size: |
26545
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gettext\gettext-runtime\libasprintf\is-D770O.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gettext\gettext-runtime\libasprintf\is-D770O.tmp
|
Category: |
dropped
|
Dump: |
is-D770O.tmp.4.dr
|
ID: |
dr_87
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.600129782661155
|
Encrypted: |
false
|
Ssdeep: |
3:YDrvOEZMQZpnsr6sn:yrDZMQjnAzn
|
Size: |
65
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gettext\gettext-tools\COPYING (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gettext\gettext-tools\COPYING (copy)
|
Category: |
dropped
|
Dump: |
is-M1DCB.tmp.4.dr
|
ID: |
dr_621
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.54036204016411
|
Encrypted: |
false
|
Ssdeep: |
3:hWSUgMQZ+0MLZAK8s7WtJv:hkgMQMBD8XJv
|
Size: |
78
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gettext\gettext-tools\gnulib-lib\libxml\COPYING (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gettext\gettext-tools\gnulib-lib\libxml\COPYING (copy)
|
Category: |
dropped
|
Dump: |
is-7DKC7.tmp.4.dr
|
ID: |
dr_622
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.098155085902387
|
Encrypted: |
false
|
Ssdeep: |
24:EYNhV6LrmJHHH0yN3gtbHw1hj9QHOsUv4DOk4q/m3oqLF5n:EYNXOaJHlxEs5QHOs5N/m3ogF5n
|
Size: |
1289
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gettext\gettext-tools\gnulib-lib\libxml\is-7DKC7.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gettext\gettext-tools\gnulib-lib\libxml\is-7DKC7.tmp
|
Category: |
dropped
|
Dump: |
is-7DKC7.tmp.4.dr
|
ID: |
dr_96
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.098155085902387
|
Encrypted: |
false
|
Ssdeep: |
24:EYNhV6LrmJHHH0yN3gtbHw1hj9QHOsUv4DOk4q/m3oqLF5n:EYNXOaJHlxEs5QHOs5N/m3ogF5n
|
Size: |
1289
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gettext\gettext-tools\is-M1DCB.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gettext\gettext-tools\is-M1DCB.tmp
|
Category: |
dropped
|
Dump: |
is-M1DCB.tmp.4.dr
|
ID: |
dr_93
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.54036204016411
|
Encrypted: |
false
|
Ssdeep: |
3:hWSUgMQZ+0MLZAK8s7WtJv:hkgMQMBD8XJv
|
Size: |
78
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gettext\gnulib-local\lib\libxml\COPYING (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gettext\gnulib-local\lib\libxml\COPYING (copy)
|
Category: |
dropped
|
Dump: |
is-C3HDQ.tmp.4.dr
|
ID: |
dr_623
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.098155085902387
|
Encrypted: |
false
|
Ssdeep: |
24:EYNhV6LrmJHHH0yN3gtbHw1hj9QHOsUv4DOk4q/m3oqLF5n:EYNXOaJHlxEs5QHOs5N/m3ogF5n
|
Size: |
1289
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gettext\gnulib-local\lib\libxml\is-C3HDQ.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gettext\gnulib-local\lib\libxml\is-C3HDQ.tmp
|
Category: |
dropped
|
Dump: |
is-C3HDQ.tmp.4.dr
|
ID: |
dr_99
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.098155085902387
|
Encrypted: |
false
|
Ssdeep: |
24:EYNhV6LrmJHHH0yN3gtbHw1hj9QHOsUv4DOk4q/m3oqLF5n:EYNXOaJHlxEs5QHOs5N/m3ogF5n
|
Size: |
1289
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gettext\is-EIA8H.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\gettext\is-EIA8H.tmp
|
Category: |
dropped
|
Dump: |
is-EIA8H.tmp.4.dr
|
ID: |
dr_78
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.573431714141348
|
Encrypted: |
false
|
Ssdeep: |
768:Fo1acy3LTB2VsrHG/OfvMmnBCtLmJ9A72:FhcycsrfrnouF
|
Size: |
35151
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libffi\LICENSE (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libffi\LICENSE (copy)
|
Category: |
dropped
|
Dump: |
is-8ND12.tmp.4.dr
|
ID: |
dr_624
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.126128868977439
|
Encrypted: |
false
|
Ssdeep: |
24:WzXiJHTHuyPP3GtIHw1Gg9WPH+sUW8Ok4odZo3U/qldFD:WDiJTfPvGt7ICWPH+sfINi3OMFD
|
Size: |
1132
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libffi\is-8ND12.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libffi\is-8ND12.tmp
|
Category: |
dropped
|
Dump: |
is-8ND12.tmp.4.dr
|
ID: |
dr_102
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.126128868977439
|
Encrypted: |
false
|
Ssdeep: |
24:WzXiJHTHuyPP3GtIHw1Gg9WPH+sUW8Ok4odZo3U/qldFD:WDiJTfPvGt7ICWPH+sfINi3OMFD
|
Size: |
1132
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libiconv\COPYING (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libiconv\COPYING (copy)
|
Category: |
dropped
|
Dump: |
is-RDIPF.tmp.4.dr
|
ID: |
dr_625
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.573442652974749
|
Encrypted: |
false
|
Ssdeep: |
768:Mo1acy3LTB2VsrHG/OfvMmnBCtLmJ9A7D:Mhcycsrfrnoue
|
Size: |
35147
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libiconv\COPYING.LIB (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libiconv\COPYING.LIB (copy)
|
Category: |
dropped
|
Dump: |
is-2R2CR.tmp.4.dr
|
ID: |
dr_626
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.600527408268341
|
Encrypted: |
false
|
Ssdeep: |
384:LE56OuAbnn0UReX6wFDVxnFw7xqsvzt+z/k8E9HinIhFkspcM9bc7ups0CZuQW:LE5trLeDnFMz1ReScmc7GshZuQW
|
Size: |
26530
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libiconv\README (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libiconv\README (copy)
|
Category: |
dropped
|
Dump: |
is-POMBU.tmp.4.dr
|
ID: |
dr_627
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.087577314932365
|
Encrypted: |
false
|
Ssdeep: |
96:GTQ9hJYF9lkfGR6OD56fcDcDE2/DvMTUU6W+x6fBKpqJyDqzxTQ4w1EAQt+4Y:GT6jf6qMcDE2LvqUU6W+OBKpcyezGZOQ
|
Size: |
5664
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libiconv\is-2R2CR.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libiconv\is-2R2CR.tmp
|
Category: |
dropped
|
Dump: |
is-2R2CR.tmp.4.dr
|
ID: |
dr_108
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.600527408268341
|
Encrypted: |
false
|
Ssdeep: |
384:LE56OuAbnn0UReX6wFDVxnFw7xqsvzt+z/k8E9HinIhFkspcM9bc7ups0CZuQW:LE5trLeDnFMz1ReScmc7GshZuQW
|
Size: |
26530
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libiconv\is-POMBU.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libiconv\is-POMBU.tmp
|
Category: |
dropped
|
Dump: |
is-POMBU.tmp.4.dr
|
ID: |
dr_111
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.087577314932365
|
Encrypted: |
false
|
Ssdeep: |
96:GTQ9hJYF9lkfGR6OD56fcDcDE2/DvMTUU6W+x6fBKpqJyDqzxTQ4w1EAQt+4Y:GT6jf6qMcDE2LvqUU6W+OBKpcyezGZOQ
|
Size: |
5664
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libiconv\is-RDIPF.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libiconv\is-RDIPF.tmp
|
Category: |
dropped
|
Dump: |
is-RDIPF.tmp.4.dr
|
ID: |
dr_105
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.573442652974749
|
Encrypted: |
false
|
Ssdeep: |
768:Mo1acy3LTB2VsrHG/OfvMmnBCtLmJ9A7D:Mhcycsrfrnoue
|
Size: |
35147
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libiconv\libcharset\COPYING.LIB (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libiconv\libcharset\COPYING.LIB (copy)
|
Category: |
dropped
|
Dump: |
is-DLVUI.tmp.4.dr
|
ID: |
dr_628
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.600527408268341
|
Encrypted: |
false
|
Ssdeep: |
384:LE56OuAbnn0UReX6wFDVxnFw7xqsvzt+z/k8E9HinIhFkspcM9bc7ups0CZuQW:LE5trLeDnFMz1ReScmc7GshZuQW
|
Size: |
26530
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libiconv\libcharset\is-DLVUI.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libiconv\libcharset\is-DLVUI.tmp
|
Category: |
dropped
|
Dump: |
is-DLVUI.tmp.4.dr
|
ID: |
dr_114
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.600527408268341
|
Encrypted: |
false
|
Ssdeep: |
384:LE56OuAbnn0UReX6wFDVxnFw7xqsvzt+z/k8E9HinIhFkspcM9bc7ups0CZuQW:LE5trLeDnFMz1ReScmc7GshZuQW
|
Size: |
26530
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libpsl\COPYING (copy)
|
Unicode text, UTF-8 text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libpsl\COPYING (copy)
|
Category: |
dropped
|
Dump: |
is-8LKG0.tmp.4.dr
|
ID: |
dr_629
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Unicode text, UTF-8 text
|
Entropy: |
5.1300176513890055
|
Encrypted: |
false
|
Ssdeep: |
24:jrRONJHLH0cPP3gtkHw1hj9QHOsUv4eOk4/+/m3oqMSFB:jtONJbbvE/5QHOs5exm3oEFB
|
Size: |
1060
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libpsl\is-8LKG0.tmp
|
Unicode text, UTF-8 text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libpsl\is-8LKG0.tmp
|
Category: |
dropped
|
Dump: |
is-8LKG0.tmp.4.dr
|
ID: |
dr_117
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Unicode text, UTF-8 text
|
Entropy: |
5.1300176513890055
|
Encrypted: |
false
|
Ssdeep: |
24:jrRONJHLH0cPP3gtkHw1hj9QHOsUv4eOk4/+/m3oqMSFB:jtONJbbvE/5QHOs5exm3oEFB
|
Size: |
1060
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libssh2\LICENSE (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libssh2\LICENSE (copy)
|
Category: |
dropped
|
Dump: |
is-1HQCD.tmp.4.dr
|
ID: |
dr_630
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.217346528172009
|
Encrypted: |
false
|
Ssdeep: |
48:/XfQF7ECQDMbnOzsrYxsrYJTVVPXJ932sBX4s3Stq1Zt+bs:P4FpQDMSzsrYxsrYJTV5J93tJb04
|
Size: |
1960
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libssh2\is-1HQCD.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libssh2\is-1HQCD.tmp
|
Category: |
dropped
|
Dump: |
is-1HQCD.tmp.4.dr
|
ID: |
dr_120
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.217346528172009
|
Encrypted: |
false
|
Ssdeep: |
48:/XfQF7ECQDMbnOzsrYxsrYJTVVPXJ932sBX4s3Stq1Zt+bs:P4FpQDMSzsrYxsrYJTV5J93tJb04
|
Size: |
1960
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libtasn1\COPYING (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libtasn1\COPYING (copy)
|
Category: |
dropped
|
Dump: |
is-G1RKP.tmp.4.dr
|
ID: |
dr_631
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.573442652974749
|
Encrypted: |
false
|
Ssdeep: |
768:Mo1acy3LTB2VsrHG/OfvMmnBCtLmJ9A7D:Mhcycsrfrnoue
|
Size: |
35147
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libtasn1\COPYING.LESSER (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libtasn1\COPYING.LESSER (copy)
|
Category: |
dropped
|
Dump: |
is-L3T1T.tmp.4.dr
|
ID: |
dr_632
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.600527408268341
|
Encrypted: |
false
|
Ssdeep: |
384:LE56OuAbnn0UReX6wFDVxnFw7xqsvzt+z/k8E9HinIhFkspcM9bc7ups0CZuQW:LE5trLeDnFMz1ReScmc7GshZuQW
|
Size: |
26530
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libtasn1\is-G1RKP.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libtasn1\is-G1RKP.tmp
|
Category: |
dropped
|
Dump: |
is-G1RKP.tmp.4.dr
|
ID: |
dr_123
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.573442652974749
|
Encrypted: |
false
|
Ssdeep: |
768:Mo1acy3LTB2VsrHG/OfvMmnBCtLmJ9A7D:Mhcycsrfrnoue
|
Size: |
35147
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libtasn1\is-L3T1T.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libtasn1\is-L3T1T.tmp
|
Category: |
dropped
|
Dump: |
is-L3T1T.tmp.4.dr
|
ID: |
dr_126
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.600527408268341
|
Encrypted: |
false
|
Ssdeep: |
384:LE56OuAbnn0UReX6wFDVxnFw7xqsvzt+z/k8E9HinIhFkspcM9bc7ups0CZuQW:LE5trLeDnFMz1ReScmc7GshZuQW
|
Size: |
26530
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libunistring\LICENSE (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libunistring\LICENSE (copy)
|
Category: |
dropped
|
Dump: |
is-FIJJL.tmp.4.dr
|
ID: |
dr_633
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.573442652974749
|
Encrypted: |
false
|
Ssdeep: |
768:Mo1acy3LTB2VsrHG/OfvMmnBCtLmJ9A7D:Mhcycsrfrnoue
|
Size: |
35147
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libunistring\LICENSE.LIB (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libunistring\LICENSE.LIB (copy)
|
Category: |
dropped
|
Dump: |
is-TAPTM.tmp.4.dr
|
ID: |
dr_634
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.504461845403901
|
Encrypted: |
false
|
Ssdeep: |
192:Che7vhVL0qhYqlpIle4RrJQSsOBng4kS/cKM6L:bvjxhYWpce48OngvA
|
Size: |
7639
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libunistring\is-FIJJL.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libunistring\is-FIJJL.tmp
|
Category: |
dropped
|
Dump: |
is-FIJJL.tmp.4.dr
|
ID: |
dr_139
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.573442652974749
|
Encrypted: |
false
|
Ssdeep: |
768:Mo1acy3LTB2VsrHG/OfvMmnBCtLmJ9A7D:Mhcycsrfrnoue
|
Size: |
35147
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libunistring\is-TAPTM.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libunistring\is-TAPTM.tmp
|
Category: |
dropped
|
Dump: |
is-TAPTM.tmp.4.dr
|
ID: |
dr_142
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.504461845403901
|
Encrypted: |
false
|
Ssdeep: |
192:Che7vhVL0qhYqlpIle4RrJQSsOBng4kS/cKM6L:bvjxhYWpce48OngvA
|
Size: |
7639
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libwinpthread\COPYING (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libwinpthread\COPYING (copy)
|
Category: |
dropped
|
Dump: |
is-C6D66.tmp.4.dr
|
ID: |
dr_635
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.054606216639493
|
Encrypted: |
false
|
Ssdeep: |
48:Plalx3IWFYOJSrYHNirYH1D3kPE6q74VDxZ6WHA432svix3hEW33tEFHv:t6x13QrYHcrYH1D3J4tP6Wj3+3hjOFP
|
Size: |
2326
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libwinpthread\is-C6D66.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libwinpthread\is-C6D66.tmp
|
Category: |
dropped
|
Dump: |
is-C6D66.tmp.4.dr
|
ID: |
dr_145
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.054606216639493
|
Encrypted: |
false
|
Ssdeep: |
48:Plalx3IWFYOJSrYHNirYH1D3kPE6q74VDxZ6WHA432svix3hEW33tEFHv:t6x13QrYHcrYH1D3J4tP6Wj3+3hjOFP
|
Size: |
2326
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libwinpthread\mingw-w64-libraries\winpthreads\COPYING (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libwinpthread\mingw-w64-libraries\winpthreads\COPYING (copy)
|
Category: |
dropped
|
Dump: |
is-MRNVQ.tmp.4.dr
|
ID: |
dr_636
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.1050957404814925
|
Encrypted: |
false
|
Ssdeep: |
48:ItONJbbvE/5QHOs5exm3oEF1OvjyyVzq1wbJFO3JPJz3JRPTY432spVs3EZmJ3tn:sqshQHToOOv/zq2W3JPJz3J9r36TeVi
|
Size: |
2883
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libwinpthread\mingw-w64-libraries\winpthreads\is-MRNVQ.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\libwinpthread\mingw-w64-libraries\winpthreads\is-MRNVQ.tmp
|
Category: |
dropped
|
Dump: |
is-MRNVQ.tmp.4.dr
|
ID: |
dr_148
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.1050957404814925
|
Encrypted: |
false
|
Ssdeep: |
48:ItONJbbvE/5QHOs5exm3oEF1OvjyyVzq1wbJFO3JPJz3JRPTY432spVs3EZmJ3tn:sqshQHToOOv/zq2W3JPJz3J9r36TeVi
|
Size: |
2883
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\nghttp2\COPYING (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\nghttp2\COPYING (copy)
|
Category: |
dropped
|
Dump: |
is-RMAC6.tmp.4.dr
|
ID: |
dr_637
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.184232908038811
|
Encrypted: |
false
|
Ssdeep: |
24:M0iJHxRHuyPP3GtIHw1Gg9QH+sUW8Ok4F+d1o36qjFD:NiJzfPvGt7ICQH+sfIte36AFD
|
Size: |
1156
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\nghttp2\is-RMAC6.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\nghttp2\is-RMAC6.tmp
|
Category: |
dropped
|
Dump: |
is-RMAC6.tmp.4.dr
|
ID: |
dr_151
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.184232908038811
|
Encrypted: |
false
|
Ssdeep: |
24:M0iJHxRHuyPP3GtIHw1Gg9QH+sUW8Ok4F+d1o36qjFD:NiJzfPvGt7ICQH+sfIte36AFD
|
Size: |
1156
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\openssl\LICENSE (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\openssl\LICENSE (copy)
|
Category: |
dropped
|
Dump: |
is-DUS7E.tmp.4.dr
|
ID: |
dr_638
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.131101092967376
|
Encrypted: |
false
|
Ssdeep: |
96:MuZOOrYJarYJTqBMvgQgk3bzAxxnkVbYCk1MbrYJArYJOHbSLli3+3zX4T3CCg:TZOOrsarslvgQgk3eZ++1MbrsArsQoi8
|
Size: |
6121
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\openssl\is-DUS7E.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\openssl\is-DUS7E.tmp
|
Category: |
dropped
|
Dump: |
is-DUS7E.tmp.4.dr
|
ID: |
dr_154
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.131101092967376
|
Encrypted: |
false
|
Ssdeep: |
96:MuZOOrYJarYJTqBMvgQgk3bzAxxnkVbYCk1MbrYJArYJOHbSLli3+3zX4T3CCg:TZOOrsarslvgQgk3eZ++1MbrsArsQoi8
|
Size: |
6121
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\pcre2\COPYING (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\pcre2\COPYING (copy)
|
Category: |
dropped
|
Dump: |
is-J1B1Q.tmp.4.dr
|
ID: |
dr_639
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.386938910409406
|
Encrypted: |
false
|
Ssdeep: |
3:XFDg31JheABgkRNA97KwNUzA+MJMv41v:aJLqfu6Ju4l
|
Size: |
97
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\pcre2\LICENCE (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\pcre2\LICENCE (copy)
|
Category: |
dropped
|
Dump: |
is-8U911.tmp.4.dr
|
ID: |
dr_640
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.140651396440829
|
Encrypted: |
false
|
Ssdeep: |
48:LD2c4cc558Uv9iHAKI9iHWOoJCJWPoj9O432sHj32sZEtY17wBHp/BOPpPs8:32Vcc5WUvlKIQoJCJWP29F3X31EBez
|
Size: |
3477
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\pcre2\is-8U911.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\pcre2\is-8U911.tmp
|
Category: |
dropped
|
Dump: |
is-8U911.tmp.4.dr
|
ID: |
dr_160
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.140651396440829
|
Encrypted: |
false
|
Ssdeep: |
48:LD2c4cc558Uv9iHAKI9iHWOoJCJWPoj9O432sHj32sZEtY17wBHp/BOPpPs8:32Vcc5WUvlKIQoJCJWP29F3X31EBez
|
Size: |
3477
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\pcre2\is-J1B1Q.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\pcre2\is-J1B1Q.tmp
|
Category: |
dropped
|
Dump: |
is-J1B1Q.tmp.4.dr
|
ID: |
dr_157
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.386938910409406
|
Encrypted: |
false
|
Ssdeep: |
3:XFDg31JheABgkRNA97KwNUzA+MJMv41v:aJLqfu6Ju4l
|
Size: |
97
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\zlib\LICENSE (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\zlib\LICENSE (copy)
|
Category: |
dropped
|
Dump: |
is-85A5C.tmp.4.dr
|
ID: |
dr_641
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.440843931751654
|
Encrypted: |
false
|
Ssdeep: |
24:Ltxm0M+/jxAb/oyhQNKMTp4/GE+wjqt8PgBO:LW03/jeb/bh6KMTp4/z3jqeCO
|
Size: |
1002
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\zlib\is-85A5C.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\zlib\is-85A5C.tmp
|
Category: |
dropped
|
Dump: |
is-85A5C.tmp.4.dr
|
ID: |
dr_163
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.440843931751654
|
Encrypted: |
false
|
Ssdeep: |
24:Ltxm0M+/jxAb/oyhQNKMTp4/GE+wjqt8PgBO:LW03/jeb/bh6KMTp4/z3jqeCO
|
Size: |
1002
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\zstd\LICENSE (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\zstd\LICENSE (copy)
|
Category: |
dropped
|
Dump: |
is-K8G4B.tmp.4.dr
|
ID: |
dr_642
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.124107137267993
|
Encrypted: |
false
|
Ssdeep: |
24:jGejUneZXox+bOOrXIFTC+JPFTzTfMuHLofXBTPz96432s4EOkUs8QROJ32s3yxZ:jvfVOOrXIJ9JzA0EfRPJ6432sv832s3s
|
Size: |
1530
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\zstd\is-K8G4B.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\share\licenses\zstd\is-K8G4B.tmp
|
Category: |
dropped
|
Dump: |
is-K8G4B.tmp.4.dr
|
ID: |
dr_166
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.124107137267993
|
Encrypted: |
false
|
Ssdeep: |
24:jGejUneZXox+bOOrXIFTC+JPFTzTfMuHLofXBTPz96432s4EOkUs8QROJ32s3yxZ:jvfVOOrXIJ9JzA0EfRPJ6432sv832s3s
|
Size: |
1530
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\ssl\cert.pem (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\ssl\cert.pem (copy)
|
Category: |
dropped
|
Dump: |
is-U9NDF.tmp.4.dr
|
ID: |
dr_643
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.984730442064373
|
Encrypted: |
false
|
Ssdeep: |
3072:QeUwSJhyIDqoVcwlhnVid4JSqgOoIL2tyzFvCfvnwV228MvSc1mVByqib4dFWvD1:QtwSQkFVa4n5mQ2U4BfCGswXwFjZB
|
Size: |
199360
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\ssl\certs\ca-bundle.crt (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\ssl\certs\ca-bundle.crt (copy)
|
Category: |
dropped
|
Dump: |
is-DN9KG.tmp.4.dr
|
ID: |
dr_648
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.984730442064373
|
Encrypted: |
false
|
Ssdeep: |
3072:QeUwSJhyIDqoVcwlhnVid4JSqgOoIL2tyzFvCfvnwV228MvSc1mVByqib4dFWvD1:QtwSQkFVa4n5mQ2U4BfCGswXwFjZB
|
Size: |
199360
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\ssl\certs\ca-bundle.trust.crt (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\ssl\certs\ca-bundle.trust.crt (copy)
|
Category: |
dropped
|
Dump: |
is-3FHSM.tmp.4.dr
|
ID: |
dr_649
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.975359916420671
|
Encrypted: |
false
|
Ssdeep: |
6144:QauDrKuhi4Imc71qKAL/7CgMEkm6XRHr63:hirKAImUjALG8kmgM3
|
Size: |
237015
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\ssl\certs\is-3FHSM.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\ssl\certs\is-3FHSM.tmp
|
Category: |
dropped
|
Dump: |
is-3FHSM.tmp.4.dr
|
ID: |
dr_197
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.975359916420671
|
Encrypted: |
false
|
Ssdeep: |
6144:QauDrKuhi4Imc71qKAL/7CgMEkm6XRHr63:hirKAImUjALG8kmgM3
|
Size: |
237015
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\ssl\certs\is-DN9KG.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\ssl\certs\is-DN9KG.tmp
|
Category: |
dropped
|
Dump: |
is-DN9KG.tmp.4.dr
|
ID: |
dr_194
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.984730442064373
|
Encrypted: |
false
|
Ssdeep: |
3072:QeUwSJhyIDqoVcwlhnVid4JSqgOoIL2tyzFvCfvnwV228MvSc1mVByqib4dFWvD1:QtwSQkFVa4n5mQ2U4BfCGswXwFjZB
|
Size: |
199360
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\ssl\ct_log_list.cnf (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\ssl\ct_log_list.cnf (copy)
|
Category: |
dropped
|
Dump: |
is-FSJ2B.tmp.4.dr
|
ID: |
dr_644
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.630279584626542
|
Encrypted: |
false
|
Ssdeep: |
12:qS7ura5gECl+pcmcCL2kXwZRMEoYqhE6N:qInaJl1+WoLBN
|
Size: |
412
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\ssl\ct_log_list.cnf.dist (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\ssl\ct_log_list.cnf.dist (copy)
|
Category: |
dropped
|
Dump: |
is-N9PEV.tmp.4.dr
|
ID: |
dr_645
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.630279584626542
|
Encrypted: |
false
|
Ssdeep: |
12:qS7ura5gECl+pcmcCL2kXwZRMEoYqhE6N:qInaJl1+WoLBN
|
Size: |
412
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\ssl\is-E2E38.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\ssl\is-E2E38.tmp
|
Category: |
dropped
|
Dump: |
is-E2E38.tmp.4.dr
|
ID: |
dr_188
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.997790879396199
|
Encrypted: |
false
|
Ssdeep: |
192:9h8p9fYZNtmGpr/kWJGXgvr/YVML6A+smgYuFo8fA+smgaHMLlEp83ezmB2jb:3yh0pr/kCGwvr/YVCti7esOR
|
Size: |
10909
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\ssl\is-FSJ2B.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\ssl\is-FSJ2B.tmp
|
Category: |
dropped
|
Dump: |
is-FSJ2B.tmp.4.dr
|
ID: |
dr_182
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.630279584626542
|
Encrypted: |
false
|
Ssdeep: |
12:qS7ura5gECl+pcmcCL2kXwZRMEoYqhE6N:qInaJl1+WoLBN
|
Size: |
412
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\ssl\is-MC4IT.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\ssl\is-MC4IT.tmp
|
Category: |
dropped
|
Dump: |
is-MC4IT.tmp.4.dr
|
ID: |
dr_191
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.997790879396199
|
Encrypted: |
false
|
Ssdeep: |
192:9h8p9fYZNtmGpr/kWJGXgvr/YVML6A+smgYuFo8fA+smgaHMLlEp83ezmB2jb:3yh0pr/kCGwvr/YVCti7esOR
|
Size: |
10909
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\ssl\is-N9PEV.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\ssl\is-N9PEV.tmp
|
Category: |
dropped
|
Dump: |
is-N9PEV.tmp.4.dr
|
ID: |
dr_185
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.630279584626542
|
Encrypted: |
false
|
Ssdeep: |
12:qS7ura5gECl+pcmcCL2kXwZRMEoYqhE6N:qInaJl1+WoLBN
|
Size: |
412
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\ssl\is-U9NDF.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\ssl\is-U9NDF.tmp
|
Category: |
dropped
|
Dump: |
is-U9NDF.tmp.4.dr
|
ID: |
dr_179
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.984730442064373
|
Encrypted: |
false
|
Ssdeep: |
3072:QeUwSJhyIDqoVcwlhnVid4JSqgOoIL2tyzFvCfvnwV228MvSc1mVByqib4dFWvD1:QtwSQkFVa4n5mQ2U4BfCGswXwFjZB
|
Size: |
199360
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\mingw64\ssl\openssl.cnf (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\ssl\openssl.cnf (copy)
|
Category: |
dropped
|
Dump: |
is-E2E38.tmp.4.dr
|
ID: |
dr_646
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.997790879396199
|
Encrypted: |
false
|
Ssdeep: |
192:9h8p9fYZNtmGpr/kWJGXgvr/YVML6A+smgYuFo8fA+smgaHMLlEp83ezmB2jb:3yh0pr/kCGwvr/YVCti7esOR
|
Size: |
10909
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\mingw64\ssl\openssl.cnf.dist (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\mingw64\ssl\openssl.cnf.dist (copy)
|
Category: |
dropped
|
Dump: |
is-MC4IT.tmp.4.dr
|
ID: |
dr_647
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.997790879396199
|
Encrypted: |
false
|
Ssdeep: |
192:9h8p9fYZNtmGpr/kWJGXgvr/YVML6A+smgYuFo8fA+smgaHMLlEp83ezmB2jb:3yh0pr/kCGwvr/YVCti7esOR
|
Size: |
10909
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\awk.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\awk.exe (copy)
|
Category: |
dropped
|
Dump: |
is-8JE6R.tmp.4.dr
|
ID: |
dr_650
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.36469282043092
|
Encrypted: |
false
|
Ssdeep: |
12288:bJxKw4cts8kpQY3GOBguvVRwfrRdm12DunXj6jq64WlS6HZxU:bJxsctkdLvVerRdxun+jqtWlS6HZxU
|
Size: |
627466
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\b2sum.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\b2sum.exe (copy)
|
Category: |
dropped
|
Dump: |
is-452VR.tmp.4.dr
|
ID: |
dr_651
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.015853566917886
|
Encrypted: |
false
|
Ssdeep: |
1536:9ya5X5o+PfgdxtZZkFw7fMrm240OZWfpLoKK:9TX5o+gxtTecfQm2VOkfpLoKK
|
Size: |
55390
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\basename.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\basename.exe (copy)
|
Category: |
dropped
|
Dump: |
is-92MS7.tmp.4.dr
|
ID: |
dr_652
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.71089699938499
|
Encrypted: |
false
|
Ssdeep: |
768:0YzOU7VvL+mlEA7O+MIQxg4NiqbolGIOaZ8WweFMK:JzTaaRNOayWweFMK
|
Size: |
34883
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\basenc.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\basenc.exe (copy)
|
Category: |
dropped
|
Dump: |
is-8OU69.tmp.4.dr
|
ID: |
dr_653
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.890013376515648
|
Encrypted: |
false
|
Ssdeep: |
768:bmYh8CvYO3Zk1wVPlIbKfOEW4/U6Niqboy0RvfbhGB/5ryW5domNK:bfK8NQKgK4vZW5domNK
|
Size: |
49499
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\cat.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\cat.exe (copy)
|
Category: |
dropped
|
Dump: |
is-EMU5S.tmp.4.dr
|
ID: |
dr_654
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.683016985837291
|
Encrypted: |
false
|
Ssdeep: |
768:HW2R76LvHccOqfQyqcAZJXsNiqbo6Q+1lnWqobMK:HWz7ccSJkLWqobMK
|
Size: |
38719
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\chattr.exe (copy)
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\chattr.exe (copy)
|
Category: |
dropped
|
Dump: |
is-ECF62.tmp.4.dr
|
ID: |
dr_655
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
5.6387022352637794
|
Encrypted: |
false
|
Ssdeep: |
3072:10Cvjev+1eqekxVFeIxD6H1NiHDy72zCujvUJ3LLosrC5:CCvDa3LLosrw
|
Size: |
100040
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\cmp.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\cmp.exe (copy)
|
Category: |
dropped
|
Dump: |
is-E01I9.tmp.4.dr
|
ID: |
dr_656
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.726276078594495
|
Encrypted: |
false
|
Ssdeep: |
768:2J8IyZLoWRm2MPL5ibRjOKpax15yes/edvla7Wfkti6GHNiqboFdmNCiW4zAUeK:qULlMj4bnpax153sWvlTMQ6GdzW4UUeK
|
Size: |
48718
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\comm.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\comm.exe (copy)
|
Category: |
dropped
|
Dump: |
is-ESO7H.tmp.4.dr
|
ID: |
dr_657
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.688619196387137
|
Encrypted: |
false
|
Ssdeep: |
768:8+OB/AmJpD8uXxClXZ6bO0saDNiqboZmfoMW4lF1K:aifYClXsvBfXW4lF1K
|
Size: |
40237
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\cp.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\cp.exe (copy)
|
Category: |
dropped
|
Dump: |
is-OINB4.tmp.4.dr
|
ID: |
dr_658
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.0752708609901696
|
Encrypted: |
false
|
Ssdeep: |
3072:KO6JXA1GaiGe9TGgNTOhFiOrOK+J53s5F5kG:6+1GN9TGg50D+J53s5FWG
|
Size: |
114653
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\cut.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\cut.exe (copy)
|
Category: |
dropped
|
Dump: |
is-U1VR9.tmp.4.dr
|
ID: |
dr_659
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.725569886212962
|
Encrypted: |
false
|
Ssdeep: |
768:qA+x9C3sgHkLLhm/jsQIw8q8NQLUPwZrNiqbospiuWgdFbrK:qxt5uVIwplvWgdFbrK
|
Size: |
45102
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\cygwin-console-helper.exe (copy)
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\cygwin-console-helper.exe (copy)
|
Category: |
dropped
|
Dump: |
is-HRJ3D.tmp.4.dr
|
ID: |
dr_660
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
5.25648370080503
|
Encrypted: |
false
|
Ssdeep: |
3072:P4y/sZLNq8CLkObxXQYPQfRAQyJ7UwfdzZm1kVcaENGsU1IABsrpn:wykvYgjfRum1xpABsr5
|
Size: |
313696
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\dash.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\dash.exe (copy)
|
Category: |
dropped
|
Dump: |
is-2T706.tmp.4.dr
|
ID: |
dr_661
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.033584251955401
|
Encrypted: |
false
|
Ssdeep: |
3072:GsbAr09MlkvDdzc80DOvGet++TFkJ8qFssx+x5u8Fi:GILAkvDdzc80DmGk+OqFZ25u8Fi
|
Size: |
109703
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\date.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\date.exe (copy)
|
Category: |
dropped
|
Dump: |
is-A9KLA.tmp.4.dr
|
ID: |
dr_662
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.291327563512328
|
Encrypted: |
false
|
Ssdeep: |
1536:kpF2VjAKenRRkLfl7uvUh4mtB92rGjCtr65Fd0eJ2/4p6hnqAX+i9sfXF4HeW1JF:4Y0Ke+iUuKBJKrYboqe9sPK/1JkFK
|
Size: |
120177
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\diff.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\diff.exe (copy)
|
Category: |
dropped
|
Dump: |
is-DAJP9.tmp.4.dr
|
ID: |
dr_663
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.272756205572392
|
Encrypted: |
false
|
Ssdeep: |
6144:rgJPozVlNgYsuzKPxmTs/uv2rQ0Ed2oxTe:rgJELgYsTJjWN0Ed2oxTe
|
Size: |
211777
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\diff3.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\diff3.exe (copy)
|
Category: |
dropped
|
Dump: |
is-BVTGB.tmp.4.dr
|
ID: |
dr_664
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.952540789323527
|
Encrypted: |
false
|
Ssdeep: |
1536:41Qw6/ARgmxwyXGktOeSSSSwSSSSSSSSSSSSSSSSlXzWMyIFL9K:41yAhxwCe6XIFL9K
|
Size: |
63289
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\dirname.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\dirname.exe (copy)
|
Category: |
dropped
|
Dump: |
is-O7SJV.tmp.4.dr
|
ID: |
dr_665
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.599485295422324
|
Encrypted: |
false
|
Ssdeep: |
384:XCkvX1fKWSz+e5Af3Xcu/67amPakjmiThNF5wNiqbowY4uD2qS/bpjfosOCWfFMK:TX1fb+7Af3s/7amt4NiqbodH29tWfFMK
|
Size: |
34830
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\echo.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\echo.exe (copy)
|
Category: |
dropped
|
Dump: |
is-MR8N7.tmp.4.dr
|
ID: |
dr_666
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.717517069050245
|
Encrypted: |
false
|
Ssdeep: |
384:FG5MDaF4KiSrADTU4GffHN+H2f2B5wNiqbofYSYabKD/UfvOCWWQF2K:E6aF4vmL4afHv2YNiqbowubjNWWQF2K
|
Size: |
35755
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\env.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\env.exe (copy)
|
Category: |
dropped
|
Dump: |
is-CEVTP.tmp.4.dr
|
ID: |
dr_667
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.828225894923742
|
Encrypted: |
false
|
Ssdeep: |
768:vRoQYwfHOz/ScxCon5WrT7H2wDLyR2p84GpNiqboEkCeVWJk/K:vRZ7kFxwHWw6C84GMWJk/K
|
Size: |
44180
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\expr.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\expr.exe (copy)
|
Category: |
dropped
|
Dump: |
is-SE1DS.tmp.4.dr
|
ID: |
dr_668
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.138845079089895
|
Encrypted: |
false
|
Ssdeep: |
3072:t2X5sEuEzFA1Z4i3ZZ/ds/s4BXaxQaL6FmKr:JMF2ZZp4UQaL6FmKr
|
Size: |
111126
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\false.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\false.exe (copy)
|
Category: |
dropped
|
Dump: |
is-GEKAK.tmp.4.dr
|
ID: |
dr_669
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.553352702975135
|
Encrypted: |
false
|
Ssdeep: |
384:qQBkcfc4/YKdSMSnTDdWgVYIJ4tYCnA5wNiqboPYp/NfvOCW5TwFFK:9Gj4/YYZsR7VJnCn5NiqbogDNW5UFFK
|
Size: |
33123
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\find.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\find.exe (copy)
|
Category: |
dropped
|
Dump: |
is-50JNI.tmp.4.dr
|
ID: |
dr_670
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.291610209086505
|
Encrypted: |
false
|
Ssdeep: |
6144:lzoZs5S/gO9LuWHjgaN/t9hZTSnxjz3gYWEIx/K:m6M/v1tlKz3gYWEIx/K
|
Size: |
267485
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\gencat.exe (copy)
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\gencat.exe (copy)
|
Category: |
dropped
|
Dump: |
is-GATAI.tmp.4.dr
|
ID: |
dr_671
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
5.704860954622595
|
Encrypted: |
false
|
Ssdeep: |
3072:0quM7QVYqeyJ/DWeIxD6H1NiHDy72zCujvhyL/8LBsr3Z:0dTLL/8LBsrp
|
Size: |
108752
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\getfacl.exe (copy)
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\getfacl.exe (copy)
|
Category: |
dropped
|
Dump: |
is-2AK4O.tmp.4.dr
|
ID: |
dr_672
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
5.642766164822019
|
Encrypted: |
false
|
Ssdeep: |
1536:5YORsR5WX33X6mfhtA04UnqereXu9MlweeIxD6H1NiHDy72zCujvd/7kuGY0fes/:2mn3qmfeeqerEuTeeIxD6H1NiHDy72zY
|
Size: |
96856
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\getopt.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\getopt.exe (copy)
|
Category: |
dropped
|
Dump: |
is-H9GFU.tmp.4.dr
|
ID: |
dr_673
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
4.877052383031692
|
Encrypted: |
false
|
Ssdeep: |
192:hOg/JzpVbkaCCCCxRcrYePGQRiJWaGSiAsfBkL2Xx0IdKkwd5r8jfCszBc9pCi:hrkax4lPGJJ3G1nKAxHdKld8TCWWSi
|
Size: |
18136
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\git-flow (copy)
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\git-flow (copy)
|
Category: |
dropped
|
Dump: |
is-RLPH4.tmp.4.dr
|
ID: |
dr_674
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
5.4795028917275115
|
Encrypted: |
false
|
Ssdeep: |
192:5P1dOrF7G43n3hC2BS48U8ny40rWEO2I/t0tysaBNvEeAHPHeb:5N4rF7Gy3h940rWEO2IKtyvBBEzHe
|
Size: |
6937
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\git-flow-bugfix (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\git-flow-bugfix (copy)
|
Category: |
dropped
|
Dump: |
is-5TN5B.tmp.4.dr
|
ID: |
dr_675
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.274993211636219
|
Encrypted: |
false
|
Ssdeep: |
768:QN3hwKo9Icn8I/xQL51Eg3wcS8GszJ2hgRkfFVRk:QL3W49rWk6e
|
Size: |
24605
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\git-flow-config (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\git-flow-config (copy)
|
Category: |
dropped
|
Dump: |
is-BG5HM.tmp.4.dr
|
ID: |
dr_676
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.287676831027939
|
Encrypted: |
false
|
Ssdeep: |
192:5PFOrF7G43n3hCERNEs3VCV1pkIrVgMsjeNTvcTTvOkMaVgbR8HRK5DjOo3Va:5YrF7Gy3hl3N6NTvATvzVgbR8HRld
|
Size: |
8619
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\git-flow-feature (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\git-flow-feature (copy)
|
Category: |
dropped
|
Dump: |
is-OHOJL.tmp.4.dr
|
ID: |
dr_677
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.247295895724409
|
Encrypted: |
false
|
Ssdeep: |
768:QN3hPKYxcatI4xQLVu6g3xccmGydx2hgBKfFVRd:QLyY1eQ90of
|
Size: |
24690
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\git-flow-hotfix (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\git-flow-hotfix (copy)
|
Category: |
dropped
|
Dump: |
is-30NIL.tmp.4.dr
|
ID: |
dr_678
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.306664849421537
|
Encrypted: |
false
|
Ssdeep: |
384:5N4rF7Gy3hxTVaeAdN+KHxxhBuGsLDyTYTgC2wgp1xFlLMz+UVATFI8ND3gPcEUh:QN3hxIeAdN+KHmGsLDyTYTgC2v1xFlL/
|
Size: |
24270
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\git-flow-init (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\git-flow-init (copy)
|
Category: |
dropped
|
Dump: |
is-EBONT.tmp.4.dr
|
ID: |
dr_679
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.155526359063834
|
Encrypted: |
false
|
Ssdeep: |
384:5N4rF7Gy3hcfZfQe0JCdNFq/lcxVN3d/NouapKKbT+Zd:QN3hQZf0JwNFYcJN/NoO
|
Size: |
15496
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\git-flow-log (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\git-flow-log (copy)
|
Category: |
dropped
|
Dump: |
is-EM65F.tmp.4.dr
|
ID: |
dr_680
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.403422589379035
|
Encrypted: |
false
|
Ssdeep: |
48:5JlJ2Q/NnIDOOrTJrhJzin432sM232s3Eqh3tAHkRAKRLmO9cfg+5O7ihd+:5IQNnIaOrTJrhJzi43n3zdCERAfhI
|
Size: |
2797
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\git-flow-release (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\git-flow-release (copy)
|
Category: |
dropped
|
Dump: |
is-55N9F.tmp.4.dr
|
ID: |
dr_681
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.279305668170349
|
Encrypted: |
false
|
Ssdeep: |
768:QN3hkBFlRLP+XVV7L36c9FlLh+YVVh33Rc68AdS/K516KYTJj2zAdu3D8vHL5IB+:QLGbmlVjdUsVGAdf516KYTJMAdbvHL5n
|
Size: |
38694
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\git-flow-support (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\git-flow-support (copy)
|
Category: |
dropped
|
Dump: |
is-G4QUR.tmp.4.dr
|
ID: |
dr_682
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.384300725692716
|
Encrypted: |
false
|
Ssdeep: |
192:5P1dOrF7G43n3hCcR1DiA2v8rsNPvw4KSNGsL:5N4rF7Gy3h7sNn6SNGsL
|
Size: |
6952
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\git-flow-version (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\git-flow-version (copy)
|
Category: |
dropped
|
Dump: |
is-F0RFV.tmp.4.dr
|
ID: |
dr_683
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.35308144885827
|
Encrypted: |
false
|
Ssdeep: |
48:5JlJ2Q/NnIDOOrTJrhJzin432sM232s3Eqh3tAHTMNxaI7autOsN+:5IQNnIaOrTJrhJzi43n3zdCzM/HVtOsY
|
Size: |
2173
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\gitflow-common (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\gitflow-common (copy)
|
Category: |
dropped
|
Dump: |
is-9TD4Q.tmp.4.dr
|
ID: |
dr_684
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.353965204239221
|
Encrypted: |
false
|
Ssdeep: |
384:5N4rF7Gy3hDZdZaopH9nkHxgFaY/KXcWIhRDrmQ7qCMEYqqUUMe1KvQ:QN3h/ZpH9kHxgFaYqcWIhRnmQ7qCMEV8
|
Size: |
19838
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\gitflow-shFlags (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\gitflow-shFlags (copy)
|
Category: |
dropped
|
Dump: |
is-L5O97.tmp.4.dr
|
ID: |
dr_685
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.2428289411219575
|
Encrypted: |
false
|
Ssdeep: |
768:W+abqzYxiE7OYoB5i4q4v8V7DGkGbPhOQ0/hLEofV3xO7:W+amMxHOYoLi4q48V+lG/hLEoW7
|
Size: |
35637
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\gmondump.exe (copy)
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\gmondump.exe (copy)
|
Category: |
dropped
|
Dump: |
is-OJMCH.tmp.4.dr
|
ID: |
dr_686
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
5.660268066044869
|
Encrypted: |
false
|
Ssdeep: |
1536:jjLBVCoW53TAIKnnqe2osSTMlUReIxD6H1NiHDy72zCujvV9Ls23hAfUsryyiO:jxVC9BcIKnqe2d8ReIxD6H1NiHDy72zw
|
Size: |
95728
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\grep.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\grep.exe (copy)
|
Category: |
dropped
|
Dump: |
is-93KVA.tmp.4.dr
|
ID: |
dr_687
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.259185843976795
|
Encrypted: |
false
|
Ssdeep: |
6144:A2q1UlilE7VEv9fkR/MVicN4txyCO8ovLK:O1U0UYcxMstxyCO8ovLK
|
Size: |
213201
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\head.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\head.exe (copy)
|
Category: |
dropped
|
Dump: |
is-6GU8F.tmp.4.dr
|
ID: |
dr_688
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.743861837429772
|
Encrypted: |
false
|
Ssdeep: |
768:4fG5/B7QrvtcOsarUSGk3A6dHWDKoMyzNiqbob8sk/tWdgdoHK:4fK/C5cr+nNXjkVWdgdoHK
|
Size: |
45413
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-0UPEL.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-0UPEL.tmp
|
Category: |
dropped
|
Dump: |
is-0UPEL.tmp.4.dr
|
ID: |
dr_44
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
5.860427034373632
|
Encrypted: |
false
|
Ssdeep: |
3072:FoefAADcobwCvdqexs9agbZb0ibKqe/j9q6HeIxD6H1NiHDy72zCujvJmTC3VGjG:GNQTkagbZBGZmW3VG6eyLsrE
|
Size: |
203120
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-22E1M.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-22E1M.tmp
|
Category: |
dropped
|
Dump: |
is-22E1M.tmp.4.dr
|
ID: |
dr_82
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.922945277913381
|
Encrypted: |
false
|
Ssdeep: |
768:JRMDHj02PBYaqULGRoQFAKGHgyUTLHDaUhsabqnNiqbo+r3XhF31n4Wg1roKK:JRMDHhMiGRoQ20HhN+jxb4WAroKK
|
Size: |
49460
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-2AK4O.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-2AK4O.tmp
|
Category: |
dropped
|
Dump: |
is-2AK4O.tmp.4.dr
|
ID: |
dr_285
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
5.642766164822019
|
Encrypted: |
false
|
Ssdeep: |
1536:5YORsR5WX33X6mfhtA04UnqereXu9MlweeIxD6H1NiHDy72zCujvd/7kuGY0fes/:2mn3qmfeeqerEuTeeIxD6H1NiHDy72zY
|
Size: |
96856
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-2T706.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-2T706.tmp
|
Category: |
dropped
|
Dump: |
is-2T706.tmp.4.dr
|
ID: |
dr_243
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.033584251955401
|
Encrypted: |
false
|
Ssdeep: |
3072:GsbAr09MlkvDdzc80DOvGet++TFkJ8qFssx+x5u8Fi:GILAkvDdzc80DmGk+OqFZ25u8Fi
|
Size: |
109703
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-30NIL.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-30NIL.tmp
|
Category: |
dropped
|
Dump: |
is-30NIL.tmp.4.dr
|
ID: |
dr_307
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.306664849421537
|
Encrypted: |
false
|
Ssdeep: |
384:5N4rF7Gy3hxTVaeAdN+KHxxhBuGsLDyTYTgC2wgp1xFlLMz+UVATFI8ND3gPcEUh:QN3hxIeAdN+KHmGsLDyTYTgC2v1xFlL/
|
Size: |
24270
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-34H01.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-34H01.tmp
|
Category: |
dropped
|
Dump: |
is-34H01.tmp.4.dr
|
ID: |
dr_64
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.157680864135103
|
Encrypted: |
false
|
Ssdeep: |
1536:SdXKFM0I3XqKPJyiORnE461wVKahK15XA/R+BHqsUDyfre+WnUDWdsods9:WXKqv3RsN5vVKagFAZG8sre+W9dsods9
|
Size: |
109591
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-359E4.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-359E4.tmp
|
Category: |
dropped
|
Dump: |
is-359E4.tmp.4.dr
|
ID: |
dr_54
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.9840396887775125
|
Encrypted: |
false
|
Ssdeep: |
1536:BiTul1U3peh8DGYs1dAqn60/nEIneW6FmiK:nsYhSs16qnb/nEk6FmiK
|
Size: |
63813
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-3KVKN.tmp
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-3KVKN.tmp
|
Category: |
dropped
|
Dump: |
is-3KVKN.tmp.4.dr
|
ID: |
dr_17
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.062057129107789
|
Encrypted: |
false
|
Ssdeep: |
3072:EAnX/7JAqSBmcIHjjLRknWOpi/Z2807GtHu9QSEDjNGibrJK8GO:EgF7SvQfRpOpB97GFu9rEXxrJK8GO
|
Size: |
227921
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-3V559.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-3V559.tmp
|
Category: |
dropped
|
Dump: |
is-3V559.tmp.4.dr
|
ID: |
dr_56
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.130584635920437
|
Encrypted: |
false
|
Ssdeep: |
1536:GVl7xnzBwCURPMbCIuwBWWG2FtZUKTpGWzFPPK:GnxzBYR09WwD1zFPPK
|
Size: |
62247
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-452VR.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-452VR.tmp
|
Category: |
dropped
|
Dump: |
is-452VR.tmp.4.dr
|
ID: |
dr_203
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.015853566917886
|
Encrypted: |
false
|
Ssdeep: |
1536:9ya5X5o+PfgdxtZZkFw7fMrm240OZWfpLoKK:9TX5o+gxtTecfQm2VOkfpLoKK
|
Size: |
55390
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-4OF19.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-4OF19.tmp
|
Category: |
dropped
|
Dump: |
is-4OF19.tmp.4.dr
|
ID: |
dr_62
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.932591488869057
|
Encrypted: |
false
|
Ssdeep: |
49152:bMepVZZaGL669nAs2dbRPjdfQhWBAUZLYgio6EZGaXBuQQ9ew:XpfZa8dSs2db2WBAUZLGqO
|
Size: |
2293136
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-4RE92.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-4RE92.tmp
|
Category: |
dropped
|
Dump: |
is-4RE92.tmp.4.dr
|
ID: |
dr_66
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.597105190222745
|
Encrypted: |
false
|
Ssdeep: |
6144:GIIIIlIIIIEIIII4IIII7TIIII0IIIIbIIIIfIIII6xIIIITIIIIAIIIIBIIIIkD:3nSpWa3ezDZBGDDVc4tJDuA1fvWyN3
|
Size: |
432556
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-4ULKA.tmp
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-4ULKA.tmp
|
Category: |
dropped
|
Dump: |
is-4ULKA.tmp.4.dr
|
ID: |
dr_18
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.421837966914291
|
Encrypted: |
false
|
Ssdeep: |
3072:5ej21uBMlQEORjijb9rClrds9cfH32lLUBvMlxnxzCeNRF2QyBfin9thWCBFg5b:5sMSLj2bgF32lLwevF2Qy9in91Fg5b
|
Size: |
202652
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-50JNI.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-50JNI.tmp
|
Category: |
dropped
|
Dump: |
is-50JNI.tmp.4.dr
|
ID: |
dr_280
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.291610209086505
|
Encrypted: |
false
|
Ssdeep: |
6144:lzoZs5S/gO9LuWHjgaN/t9hZTSnxjz3gYWEIx/K:m6M/v1tlKz3gYWEIx/K
|
Size: |
267485
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-55N9F.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-55N9F.tmp
|
Category: |
dropped
|
Dump: |
is-55N9F.tmp.4.dr
|
ID: |
dr_313
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.279305668170349
|
Encrypted: |
false
|
Ssdeep: |
768:QN3hkBFlRLP+XVV7L36c9FlLh+YVVh33Rc68AdS/K516KYTJj2zAdu3D8vHL5IB+:QLGbmlVjdUsVGAdf516KYTJMAdbvHL5n
|
Size: |
38694
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-57KQT.tmp
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-57KQT.tmp
|
Category: |
dropped
|
Dump: |
is-57KQT.tmp.4.dr
|
ID: |
dr_21
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.144083269775037
|
Encrypted: |
false
|
Ssdeep: |
6144:WNidrp0BDl9sUEHAdaUEXydbd+fO0sjiI2vcB:Jdrp0tl9aHAdFd+fOPiI2vcB
|
Size: |
277926
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-5TN5B.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-5TN5B.tmp
|
Category: |
dropped
|
Dump: |
is-5TN5B.tmp.4.dr
|
ID: |
dr_301
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.274993211636219
|
Encrypted: |
false
|
Ssdeep: |
768:QN3hwKo9Icn8I/xQL51Eg3wcS8GszJ2hgRkfFVRk:QL3W49rWk6e
|
Size: |
24605
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-68D6D.tmp
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-68D6D.tmp
|
Category: |
dropped
|
Dump: |
is-68D6D.tmp.4.dr
|
ID: |
dr_14
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.148539893991215
|
Encrypted: |
false
|
Ssdeep: |
3072:s/M1u9OAYoras0DBpnmMczgLVt9t0L422OX5vE6tQP:k99Y3moztY24ZtQP
|
Size: |
213840
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-6GU8F.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-6GU8F.tmp
|
Category: |
dropped
|
Dump: |
is-6GU8F.tmp.4.dr
|
ID: |
dr_337
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.743861837429772
|
Encrypted: |
false
|
Ssdeep: |
768:4fG5/B7QrvtcOsarUSGk3A6dHWDKoMyzNiqbob8sk/tWdgdoHK:4fK/C5cr+nNXjkVWdgdoHK
|
Size: |
45413
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-70LFC.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-70LFC.tmp
|
Category: |
dropped
|
Dump: |
is-70LFC.tmp.4.dr
|
ID: |
dr_88
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.596504079807287
|
Encrypted: |
false
|
Ssdeep: |
768:lFcP4c0DgVek4JR2gOdYEsNiqboNPoWSFMK:C8DAeRWSFMK
|
Size: |
35876
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-7ATDF.tmp
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-7ATDF.tmp
|
Category: |
dropped
|
Dump: |
is-7ATDF.tmp.4.dr
|
ID: |
dr_19
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.763063899493303
|
Encrypted: |
false
|
Ssdeep: |
1536:83dHeyVnt4Kk3bB71jv0Y13vO7k88qfUAK:UQyL4KkrB714TT8sUAK
|
Size: |
52962
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-7C5D8.tmp
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-7C5D8.tmp
|
Category: |
dropped
|
Dump: |
is-7C5D8.tmp.4.dr
|
ID: |
dr_12
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.918409384417855
|
Encrypted: |
false
|
Ssdeep: |
768:lkLccl/PYonzMHsQ5EVOigJgLa1eUD37GK:KLccJYCounVLa0UfGK
|
Size: |
40857
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-7MDJG.tmp
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-7MDJG.tmp
|
Category: |
dropped
|
Dump: |
is-7MDJG.tmp.4.dr
|
ID: |
dr_20
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.550599343324782
|
Encrypted: |
false
|
Ssdeep: |
768:SMLRh/cesjYwIg/NFKJHQSCtIHiBRQ38K:SMLRhk/0wJLKJw1auRQ38K
|
Size: |
33301
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-8JE6R.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-8JE6R.tmp
|
Category: |
dropped
|
Dump: |
is-8JE6R.tmp.4.dr
|
ID: |
dr_200
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.36469282043092
|
Encrypted: |
false
|
Ssdeep: |
12288:bJxKw4cts8kpQY3GOBguvVRwfrRdm12DunXj6jq64WlS6HZxU:bJxsctkdLvVerRdxun+jqtWlS6HZxU
|
Size: |
627466
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-8MBUS.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-8MBUS.tmp
|
Category: |
dropped
|
Dump: |
is-8MBUS.tmp.4.dr
|
ID: |
dr_70
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.042660357284004
|
Encrypted: |
false
|
Ssdeep: |
24576:fyrxJneP7PSTh7wJ1FG2Tb8jYXUMlhJFjNifeXkSw:fyr/h7wHE2wYXUMlhxifeXkSw
|
Size: |
943783
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-8OU69.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-8OU69.tmp
|
Category: |
dropped
|
Dump: |
is-8OU69.tmp.4.dr
|
ID: |
dr_219
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.890013376515648
|
Encrypted: |
false
|
Ssdeep: |
768:bmYh8CvYO3Zk1wVPlIbKfOEW4/U6Niqboy0RvfbhGB/5ryW5domNK:bfK8NQKgK4vZW5domNK
|
Size: |
49499
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-92MS7.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-92MS7.tmp
|
Category: |
dropped
|
Dump: |
is-92MS7.tmp.4.dr
|
ID: |
dr_206
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.71089699938499
|
Encrypted: |
false
|
Ssdeep: |
768:0YzOU7VvL+mlEA7O+MIQxg4NiqbolGIOaZ8WweFMK:JzTaaRNOayWweFMK
|
Size: |
34883
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-93KVA.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-93KVA.tmp
|
Category: |
dropped
|
Dump: |
is-93KVA.tmp.4.dr
|
ID: |
dr_335
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.259185843976795
|
Encrypted: |
false
|
Ssdeep: |
6144:A2q1UlilE7VEv9fkR/MVicN4txyCO8ovLK:O1U0UYcxMstxyCO8ovLK
|
Size: |
213201
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-9TD4Q.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-9TD4Q.tmp
|
Category: |
dropped
|
Dump: |
is-9TD4Q.tmp.4.dr
|
ID: |
dr_329
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.353965204239221
|
Encrypted: |
false
|
Ssdeep: |
384:5N4rF7Gy3hDZdZaopH9nkHxgFaY/KXcWIhRDrmQ7qCMEYqqUUMe1KvQ:QN3h/ZpH9kHxgFaYqcWIhRnmQ7qCMEV8
|
Size: |
19838
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-9V1D1.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-9V1D1.tmp
|
Category: |
dropped
|
Dump: |
is-9V1D1.tmp.4.dr
|
ID: |
dr_48
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.810444554906277
|
Encrypted: |
false
|
Ssdeep: |
768:17vIK+ZWDRbTXWixnz8EHhHvqAiqQHNiqboilM4rE/uYWbnSFmlJK:17wK5RTmOFPq7m4nYWLSFm/K
|
Size: |
48491
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-A4UPI.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-A4UPI.tmp
|
Category: |
dropped
|
Dump: |
is-A4UPI.tmp.4.dr
|
ID: |
dr_40
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.6330015995775415
|
Encrypted: |
false
|
Ssdeep: |
768:Pgf6Ive+OWcJye1oPcNiqboJaLIW3BFUK:PgrcWo50WxFUK
|
Size: |
35362
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-A9KLA.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-A9KLA.tmp
|
Category: |
dropped
|
Dump: |
is-A9KLA.tmp.4.dr
|
ID: |
dr_246
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.291327563512328
|
Encrypted: |
false
|
Ssdeep: |
1536:kpF2VjAKenRRkLfl7uvUh4mtB92rGjCtr65Fd0eJ2/4p6hnqAX+i9sfXF4HeW1JF:4Y0Ke+iUuKBJKrYboqe9sPK/1JkFK
|
Size: |
120177
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-AFDO0.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-AFDO0.tmp
|
Category: |
dropped
|
Dump: |
is-AFDO0.tmp.4.dr
|
ID: |
dr_91
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.786350190792906
|
Encrypted: |
false
|
Ssdeep: |
768:vzUQ9IuNqmIjbxqPsIAGaZn77T3jBMs52xaNiqboxsfEqWDFfK:vd9XNqxUsIAGaZnvBMVx7mEqWDFfK
|
Size: |
45019
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-AFU2D.tmp
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-AFU2D.tmp
|
Category: |
dropped
|
Dump: |
is-AFU2D.tmp.4.dr
|
ID: |
dr_34
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
4.812005018113588
|
Encrypted: |
false
|
Ssdeep: |
3072:3xL7Ar5BwzU4Shem4jUaSwHWGc4kTrgx10t3T:urHwEhehUaSqk/gx10t3T
|
Size: |
164937
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-BG5HM.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-BG5HM.tmp
|
Category: |
dropped
|
Dump: |
is-BG5HM.tmp.4.dr
|
ID: |
dr_303
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.287676831027939
|
Encrypted: |
false
|
Ssdeep: |
192:5PFOrF7G43n3hCERNEs3VCV1pkIrVgMsjeNTvcTTvOkMaVgbR8HRK5DjOo3Va:5YrF7Gy3hl3N6NTvATvzVgbR8HRld
|
Size: |
8619
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-BVTGB.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-BVTGB.tmp
|
Category: |
dropped
|
Dump: |
is-BVTGB.tmp.4.dr
|
ID: |
dr_262
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.952540789323527
|
Encrypted: |
false
|
Ssdeep: |
1536:41Qw6/ARgmxwyXGktOeSSSSwSSSSSSSSSSSSSSSSlXzWMyIFL9K:41yAhxwCe6XIFL9K
|
Size: |
63289
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-CCFT7.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-CCFT7.tmp
|
Category: |
dropped
|
Dump: |
is-CCFT7.tmp.4.dr
|
ID: |
dr_345
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.749819477885052
|
Encrypted: |
false
|
Ssdeep: |
768:7EsPOsUyt9ArNoBD67HlixCi81NiqbocBFuWO2FeK:xyoANC8AWBFeK
|
Size: |
44192
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-CEVTP.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-CEVTP.tmp
|
Category: |
dropped
|
Dump: |
is-CEVTP.tmp.4.dr
|
ID: |
dr_271
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.828225894923742
|
Encrypted: |
false
|
Ssdeep: |
768:vRoQYwfHOz/ScxCon5WrT7H2wDLyR2p84GpNiqboEkCeVWJk/K:vRZ7kFxwHWw6C84GMWJk/K
|
Size: |
44180
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-CVGUL.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-CVGUL.tmp
|
Category: |
dropped
|
Dump: |
is-CVGUL.tmp.4.dr
|
ID: |
dr_46
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.725306995089882
|
Encrypted: |
false
|
Ssdeep: |
768:f6PaPEArExcnITv4+3MhNiqbo/FkVboWQFCK:ykCcno70qWQFCK
|
Size: |
36148
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-DAJP9.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-DAJP9.tmp
|
Category: |
dropped
|
Dump: |
is-DAJP9.tmp.4.dr
|
ID: |
dr_259
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.272756205572392
|
Encrypted: |
false
|
Ssdeep: |
6144:rgJPozVlNgYsuzKPxmTs/uv2rQ0Ed2oxTe:rgJELgYsTJjWN0Ed2oxTe
|
Size: |
211777
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-E01I9.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-E01I9.tmp
|
Category: |
dropped
|
Dump: |
is-E01I9.tmp.4.dr
|
ID: |
dr_228
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.726276078594495
|
Encrypted: |
false
|
Ssdeep: |
768:2J8IyZLoWRm2MPL5ibRjOKpax15yes/edvla7Wfkti6GHNiqboFdmNCiW4zAUeK:qULlMj4bnpax153sWvlTMQ6GdzW4UUeK
|
Size: |
48718
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-EBONT.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-EBONT.tmp
|
Category: |
dropped
|
Dump: |
is-EBONT.tmp.4.dr
|
ID: |
dr_309
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.155526359063834
|
Encrypted: |
false
|
Ssdeep: |
384:5N4rF7Gy3hcfZfQe0JCdNFq/lcxVN3d/NouapKKbT+Zd:QN3hQZf0JwNFYcJN/NoO
|
Size: |
15496
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-ECF62.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-ECF62.tmp
|
Category: |
dropped
|
Dump: |
is-ECF62.tmp.4.dr
|
ID: |
dr_225
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
5.6387022352637794
|
Encrypted: |
false
|
Ssdeep: |
3072:10Cvjev+1eqekxVFeIxD6H1NiHDy72zCujvUJ3LLosrC5:CCvDa3LLosrw
|
Size: |
100040
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-EM65F.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-EM65F.tmp
|
Category: |
dropped
|
Dump: |
is-EM65F.tmp.4.dr
|
ID: |
dr_311
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.403422589379035
|
Encrypted: |
false
|
Ssdeep: |
48:5JlJ2Q/NnIDOOrTJrhJzin432sM232s3Eqh3tAHkRAKRLmO9cfg+5O7ihd+:5IQNnIaOrTJrhJzi43n3zdCERAfhI
|
Size: |
2797
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-EMU5S.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-EMU5S.tmp
|
Category: |
dropped
|
Dump: |
is-EMU5S.tmp.4.dr
|
ID: |
dr_222
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.683016985837291
|
Encrypted: |
false
|
Ssdeep: |
768:HW2R76LvHccOqfQyqcAZJXsNiqbo6Q+1lnWqobMK:HWz7ccSJkLWqobMK
|
Size: |
38719
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-ESO7H.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-ESO7H.tmp
|
Category: |
dropped
|
Dump: |
is-ESO7H.tmp.4.dr
|
ID: |
dr_231
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.688619196387137
|
Encrypted: |
false
|
Ssdeep: |
768:8+OB/AmJpD8uXxClXZ6bO0saDNiqboZmfoMW4lF1K:aifYClXsvBfXW4lF1K
|
Size: |
40237
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-F0RFV.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-F0RFV.tmp
|
Category: |
dropped
|
Dump: |
is-F0RFV.tmp.4.dr
|
ID: |
dr_327
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.35308144885827
|
Encrypted: |
false
|
Ssdeep: |
48:5JlJ2Q/NnIDOOrTJrhJzin432sM232s3Eqh3tAHTMNxaI7autOsN+:5IQNnIaOrTJrhJzi43n3zdCzM/HVtOsY
|
Size: |
2173
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-FNAF9.tmp
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-FNAF9.tmp
|
Category: |
dropped
|
Dump: |
is-FNAF9.tmp.4.dr
|
ID: |
dr_28
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.0901807590277075
|
Encrypted: |
false
|
Ssdeep: |
6144:XBKqFwHVi1/2qP7z18qAwJEBNCgjkOm5d5P6pkOX5XfXIFCuz:XBKOwHViIq/18qAVdq5d5P6jlIFCuz
|
Size: |
264373
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-G4OF1.tmp
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-G4OF1.tmp
|
Category: |
dropped
|
Dump: |
is-G4OF1.tmp.4.dr
|
ID: |
dr_25
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.217367563734053
|
Encrypted: |
false
|
Ssdeep: |
12288:eWN63+ofjZWOxebwnBx4SmtfjHRtSmd/Ewelv2s/Fa:ee6u28OxebwBqSmtfjHRgsvuJ/Fa
|
Size: |
627427
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-G4QUR.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-G4QUR.tmp
|
Category: |
dropped
|
Dump: |
is-G4QUR.tmp.4.dr
|
ID: |
dr_315
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.384300725692716
|
Encrypted: |
false
|
Ssdeep: |
192:5P1dOrF7G43n3hCcR1DiA2v8rsNPvw4KSNGsL:5N4rF7Gy3h7sNn6SNGsL
|
Size: |
6952
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-GATAI.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-GATAI.tmp
|
Category: |
dropped
|
Dump: |
is-GATAI.tmp.4.dr
|
ID: |
dr_283
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
5.704860954622595
|
Encrypted: |
false
|
Ssdeep: |
3072:0quM7QVYqeyJ/DWeIxD6H1NiHDy72zCujvhyL/8LBsr3Z:0dTLL/8LBsrp
|
Size: |
108752
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-GEKAK.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-GEKAK.tmp
|
Category: |
dropped
|
Dump: |
is-GEKAK.tmp.4.dr
|
ID: |
dr_277
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.553352702975135
|
Encrypted: |
false
|
Ssdeep: |
384:qQBkcfc4/YKdSMSnTDdWgVYIJ4tYCnA5wNiqboPYp/NfvOCW5TwFFK:9Gj4/YYZsR7VJnCn5NiqbogDNW5UFFK
|
Size: |
33123
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-GS9VI.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-GS9VI.tmp
|
Category: |
dropped
|
Dump: |
is-GS9VI.tmp.4.dr
|
ID: |
dr_60
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.200981287141944
|
Encrypted: |
false
|
Ssdeep: |
3072:sCUMkwOTTLYnZ5NpFGvIzeRilKSMvLwuopyopn16GMkpnOQ36Toh/R:sCNOcRllALwsrGMkpv36Toh/R
|
Size: |
178140
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-H9GFU.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-H9GFU.tmp
|
Category: |
dropped
|
Dump: |
is-H9GFU.tmp.4.dr
|
ID: |
dr_297
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
4.877052383031692
|
Encrypted: |
false
|
Ssdeep: |
192:hOg/JzpVbkaCCCCxRcrYePGQRiJWaGSiAsfBkL2Xx0IdKkwd5r8jfCszBc9pCi:hrkax4lPGJJ3G1nKAxHdKld8TCWWSi
|
Size: |
18136
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-HNNM1.tmp
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-HNNM1.tmp
|
Category: |
dropped
|
Dump: |
is-HNNM1.tmp.4.dr
|
ID: |
dr_23
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.795191564176706
|
Encrypted: |
false
|
Ssdeep: |
768:YQ9Nm0XMpCWTAtSxMn5run4/st3ZaRsPMYlUYFMl1VGnlr1vMdA+WreR/k4t:JNm0cppAExMrsgcFfNMd3Wr6/kK
|
Size: |
45895
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-HRJ3D.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-HRJ3D.tmp
|
Category: |
dropped
|
Dump: |
is-HRJ3D.tmp.4.dr
|
ID: |
dr_240
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
5.25648370080503
|
Encrypted: |
false
|
Ssdeep: |
3072:P4y/sZLNq8CLkObxXQYPQfRAQyJ7UwfdzZm1kVcaENGsU1IABsrpn:wykvYgjfRum1xpABsr5
|
Size: |
313696
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-IFS4S.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-IFS4S.tmp
|
Category: |
dropped
|
Dump: |
is-IFS4S.tmp.4.dr
|
ID: |
dr_98
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.93647949822774
|
Encrypted: |
false
|
Ssdeep: |
1536:dcCR5aZi//+MfKpVJllFSYwVhEheWZrbFLe:ddsZXAK5fFSYxxbFLe
|
Size: |
68362
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-IIGR6.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-IIGR6.tmp
|
Category: |
dropped
|
Dump: |
is-IIGR6.tmp.4.dr
|
ID: |
dr_76
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.11199110776128
|
Encrypted: |
false
|
Ssdeep: |
1536:RA2zzjcGYxeC8GVTO3VumPWWttiuQBTI9kI6BWNFIK:2ozYxKGBAWcIIfNFIK
|
Size: |
70331
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-JAO6D.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-JAO6D.tmp
|
Category: |
dropped
|
Dump: |
is-JAO6D.tmp.4.dr
|
ID: |
dr_341
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
5.666990122567557
|
Encrypted: |
false
|
Ssdeep: |
3072:DnkSm8KfeqeU4oteIxD6H1NiHDy72zCujvYg8TtTcsrCx:gSkgTtTcsrE
|
Size: |
98392
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-JIM1A.tmp
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-JIM1A.tmp
|
Category: |
dropped
|
Dump: |
is-JIM1A.tmp.4.dr
|
ID: |
dr_24
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.285309781606265
|
Encrypted: |
false
|
Ssdeep: |
6144:vZ0wFZnl9j3gYWvd2QWt6Pqv38zDRygLPjGNQXaxURj8ZPjnemW5qZp/vTuG:SwFZnl9rgYCQ8dlygj8ZPjeR5Q/vTuG
|
Size: |
490513
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-JL1TT.tmp
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-JL1TT.tmp
|
Category: |
dropped
|
Dump: |
is-JL1TT.tmp.4.dr
|
ID: |
dr_26
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.1837314646781385
|
Encrypted: |
false
|
Ssdeep: |
6144:dOdsVxWUeJIC/s+v8OymwrBg70gPu0xbRpXaRP25a2OjV1oCFJ1:dRUUXCEq8O0dgYqu0xbnXa2OjV1oCFJ1
|
Size: |
335618
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-JLF3M.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-JLF3M.tmp
|
Category: |
dropped
|
Dump: |
is-JLF3M.tmp.4.dr
|
ID: |
dr_42
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.118112146257181
|
Encrypted: |
false
|
Ssdeep: |
1536:DvB6IZ10n7hRDvCXcZCfvDNHJWGE9QJyI1j3LWfF4K:DpPsn7Xkcw3rWsv3SfF4K
|
Size: |
72003
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-JMV83.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-JMV83.tmp
|
Category: |
dropped
|
Dump: |
is-JMV83.tmp.4.dr
|
ID: |
dr_85
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.553287017256515
|
Encrypted: |
false
|
Ssdeep: |
384:1QMkcfc4/YKdSMSnTDdWgVYIJ4J1KnA5wNiqboPYF/NfvOCW5TwFFK:27j4/YYZsR7VJaKn5NiqbogvNW5UFFK
|
Size: |
33123
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-KA4RL.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-KA4RL.tmp
|
Category: |
dropped
|
Dump: |
is-KA4RL.tmp.4.dr
|
ID: |
dr_343
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.118866291946782
|
Encrypted: |
false
|
Ssdeep: |
1536:xzECnNAoICU8yZ8fY76sqyiW6mNiV7/HWAFkK:xzNTw8ym0V6iAFkK
|
Size: |
71435
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-KE0B7.tmp
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-KE0B7.tmp
|
Category: |
dropped
|
Dump: |
is-KE0B7.tmp.4.dr
|
ID: |
dr_9
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.207932583198621
|
Encrypted: |
false
|
Ssdeep: |
12288:c2WHzyQ5v2gzlH1ZERxPHMA7/UQsUbRF3MK:uHGgRVuRxPHNbRF3MK
|
Size: |
560685
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-L5O97.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-L5O97.tmp
|
Category: |
dropped
|
Dump: |
is-L5O97.tmp.4.dr
|
ID: |
dr_331
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.2428289411219575
|
Encrypted: |
false
|
Ssdeep: |
768:W+abqzYxiE7OYoB5i4q4v8V7DGkGbPhOQ0/hLEofV3xO7:W+amMxHOYoLi4q48V+lG/hLEoW7
|
Size: |
35637
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-LAA2G.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-LAA2G.tmp
|
Category: |
dropped
|
Dump: |
is-LAA2G.tmp.4.dr
|
ID: |
dr_68
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.506956161819081
|
Encrypted: |
false
|
Ssdeep: |
12288:ms7Gfl5ZozIPPLTVxReMpfoD1kBenfvCscS:oRozIPPLJoD1kBenfvCscS
|
Size: |
402749
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-LNH3Q.tmp
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-LNH3Q.tmp
|
Category: |
dropped
|
Dump: |
is-LNH3Q.tmp.4.dr
|
ID: |
dr_11
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
3.7736870227823593
|
Encrypted: |
false
|
Ssdeep: |
192:1kGFnUwPOjpZCCCoxQLmqINv/T8j3jSNVtrtuTbJ4:HFnOjp/amqINv/Qje7rtuTbu
|
Size: |
10102
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-MLLI2.tmp
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-MLLI2.tmp
|
Category: |
dropped
|
Dump: |
is-MLLI2.tmp.4.dr
|
ID: |
dr_16
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.575554349927672
|
Encrypted: |
false
|
Ssdeep: |
12288:in5Cz+MiKheCRNKbnGxsm+bsJPnch5F3s:Koz+vk2nGxsm+bsJUh5F3s
|
Size: |
585801
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-MR8N7.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-MR8N7.tmp
|
Category: |
dropped
|
Dump: |
is-MR8N7.tmp.4.dr
|
ID: |
dr_268
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.717517069050245
|
Encrypted: |
false
|
Ssdeep: |
384:FG5MDaF4KiSrADTU4GffHN+H2f2B5wNiqbofYSYabKD/UfvOCWWQF2K:E6aF4vmL4afHv2YNiqbowubjNWWQF2K
|
Size: |
35755
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-N0FV2.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-N0FV2.tmp
|
Category: |
dropped
|
Dump: |
is-N0FV2.tmp.4.dr
|
ID: |
dr_73
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.928879164833447
|
Encrypted: |
false
|
Ssdeep: |
768:PVfscRLD9w/7MRe8aayXf3PeikiYMpwVjkzP/CDvveM7pNiqbowOzki4mPWNVdoG:P5sc166arf3PTbpwPqMz+ICWNVdo7K
|
Size: |
56617
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-N5GE7.tmp
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-N5GE7.tmp
|
Category: |
dropped
|
Dump: |
is-N5GE7.tmp.4.dr
|
ID: |
dr_22
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
7.237575870531518
|
Encrypted: |
false
|
Ssdeep: |
24576:VtSBAUZLY3wPKo6VbbTiZGavkg3NyeuQ6l9fH+fTc:VYBAUZLYgio6EZGaXBuQQ9eTc
|
Size: |
1082798
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-O6BRD.tmp
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-O6BRD.tmp
|
Category: |
dropped
|
Dump: |
is-O6BRD.tmp.4.dr
|
ID: |
dr_27
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.186108509362763
|
Encrypted: |
false
|
Ssdeep: |
3072:XyQEU+3u49JdRKgi5Uerz+gM9b8hR0dYCuh0HgxiOolnCguZ5P8Py6+PiaAt3dKw:9fIwgi3n+Dosm0lCgk4y6+ad1dKF3jK
|
Size: |
289270
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-O7SJV.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-O7SJV.tmp
|
Category: |
dropped
|
Dump: |
is-O7SJV.tmp.4.dr
|
ID: |
dr_265
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.599485295422324
|
Encrypted: |
false
|
Ssdeep: |
384:XCkvX1fKWSz+e5Af3Xcu/67amPakjmiThNF5wNiqbowY4uD2qS/bpjfosOCWfFMK:TX1fb+7Af3s/7amt4NiqbodH29tWfFMK
|
Size: |
34830
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-OHOJL.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-OHOJL.tmp
|
Category: |
dropped
|
Dump: |
is-OHOJL.tmp.4.dr
|
ID: |
dr_305
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.247295895724409
|
Encrypted: |
false
|
Ssdeep: |
768:QN3hPKYxcatI4xQLVu6g3xccmGydx2hgBKfFVRd:QLyY1eQ90of
|
Size: |
24690
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-OINB4.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-OINB4.tmp
|
Category: |
dropped
|
Dump: |
is-OINB4.tmp.4.dr
|
ID: |
dr_234
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.0752708609901696
|
Encrypted: |
false
|
Ssdeep: |
3072:KO6JXA1GaiGe9TGgNTOhFiOrOK+J53s5F5kG:6+1GN9TGg50D+J53s5FWG
|
Size: |
114653
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-OJMCH.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-OJMCH.tmp
|
Category: |
dropped
|
Dump: |
is-OJMCH.tmp.4.dr
|
ID: |
dr_333
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
5.660268066044869
|
Encrypted: |
false
|
Ssdeep: |
1536:jjLBVCoW53TAIKnnqe2osSTMlUReIxD6H1NiHDy72zCujvV9Ls23hAfUsryyiO:jxVC9BcIKnqe2d8ReIxD6H1NiHDy72zw
|
Size: |
95728
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-OM906.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-OM906.tmp
|
Category: |
dropped
|
Dump: |
is-OM906.tmp.4.dr
|
ID: |
dr_38
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.098307878906199
|
Encrypted: |
false
|
Ssdeep: |
3072:zkUtxvWRsjcrzr2ppdTOO6GC2anm1w53s5FKDjG:zkUSKcr2fEm1w53s5FKHG
|
Size: |
122430
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-PFMDO.tmp
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-PFMDO.tmp
|
Category: |
dropped
|
Dump: |
is-PFMDO.tmp.4.dr
|
ID: |
dr_13
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.711172205815115
|
Encrypted: |
false
|
Ssdeep: |
49152:1VwAsOdJ7m419JQc9H45ZRtdKlo5IU6i3ZTBgAWsWmaSc7tkuV1GtlqXT/iHrmIQ:zV45ZRtdAF+3dJW7mXc3/T/iHH2oY5YA
|
Size: |
2484482
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-QA3S9.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-QA3S9.tmp
|
Category: |
dropped
|
Dump: |
is-QA3S9.tmp.4.dr
|
ID: |
dr_58
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.7483778468140905
|
Encrypted: |
false
|
Ssdeep: |
768:sNCSS/cdx3KtRDOHEK3SRprP6XF+3nHnKaKZXxwpoLkSNiqbo7GlRWsRNgLFK:/ET3UOfir6VOnHKXZXHWsRqLFK
|
Size: |
54426
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-QFORH.tmp
|
a /usr/bin/dash script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-QFORH.tmp
|
Category: |
dropped
|
Dump: |
is-QFORH.tmp.4.dr
|
ID: |
dr_52
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
a /usr/bin/dash script, ASCII text executable
|
Entropy: |
5.231952671810017
|
Encrypted: |
false
|
Ssdeep: |
96:ezfFz95TxE3n8KM1l0Kh/KpL5rZwAdZ5KocJKThiQ5s/VuPVjxeFT9TPAxPTe8E7:4fF3VE38AF9w+ZYKIQ5s/VuExclm3r
|
Size: |
7151
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-QOCJS.tmp
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-QOCJS.tmp
|
Category: |
dropped
|
Dump: |
is-QOCJS.tmp.4.dr
|
ID: |
dr_30
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.849662644781003
|
Encrypted: |
false
|
Ssdeep: |
1536:Qv63PS0zDuXhWlSjdCZMvQCU9dq62xN95TEai17KdFLEt:KGawl2CGvV77fYiFLEt
|
Size: |
67079
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-R4CH3.tmp
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-R4CH3.tmp
|
Category: |
dropped
|
Dump: |
is-R4CH3.tmp.4.dr
|
ID: |
dr_32
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.383333271549078
|
Encrypted: |
false
|
Ssdeep: |
24576:6Y6fMXxY4B/Ma3N3gscjBurln0HfBib9VdPtQtMHtkAQ1PyeFZHgI:n6fMSXat3cfCX0yeFZHgI
|
Size: |
1343609
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-RI9PB.tmp
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-RI9PB.tmp
|
Category: |
dropped
|
Dump: |
is-RI9PB.tmp.4.dr
|
ID: |
dr_8
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
Entropy: |
5.955153034052179
|
Encrypted: |
false
|
Ssdeep: |
98304:o9vnRe32+A2e3vUVlorFGexoll+E91u7MHYuHQlWzAvv3kfFt:QV2W8VlJ9l+m
|
Size: |
3628912
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-RLPH4.tmp
|
POSIX shell script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-RLPH4.tmp
|
Category: |
dropped
|
Dump: |
is-RLPH4.tmp.4.dr
|
ID: |
dr_299
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
POSIX shell script, ASCII text executable
|
Entropy: |
5.4795028917275115
|
Encrypted: |
false
|
Ssdeep: |
192:5P1dOrF7G43n3hC2BS48U8ny40rWEO2I/t0tysaBNvEeAHPHeb:5N4rF7Gy3h940rWEO2IKtyvBBEzHe
|
Size: |
6937
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-RSSOE.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-RSSOE.tmp
|
Category: |
dropped
|
Dump: |
is-RSSOE.tmp.4.dr
|
ID: |
dr_94
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.738666984400488
|
Encrypted: |
false
|
Ssdeep: |
768:kaQ2LAGg4LWf8tE9KrVB2lh2uXjxYfWN5RNiqboLeAIEKBFWN/do8K:a2d3WwzxB2lMyjz0MWN/do8K
|
Size: |
47366
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-SCTG2.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-SCTG2.tmp
|
Category: |
dropped
|
Dump: |
is-SCTG2.tmp.4.dr
|
ID: |
dr_79
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.227417038541123
|
Encrypted: |
false
|
Ssdeep: |
3072:WNu5gxH4+RjEU6z48Xlxhhvh1+uL9XUpFyK:WN9E/z48Xlxhhvh1+uL9kpFyK
|
Size: |
107463
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-SE1DS.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-SE1DS.tmp
|
Category: |
dropped
|
Dump: |
is-SE1DS.tmp.4.dr
|
ID: |
dr_274
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.138845079089895
|
Encrypted: |
false
|
Ssdeep: |
3072:t2X5sEuEzFA1Z4i3ZZ/ds/s4BXaxQaL6FmKr:JMF2ZZp4UQaL6FmKr
|
Size: |
111126
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-SE2C2.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-SE2C2.tmp
|
Category: |
dropped
|
Dump: |
is-SE2C2.tmp.4.dr
|
ID: |
dr_50
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.166230256459294
|
Encrypted: |
false
|
Ssdeep: |
12288:ksvYIERznDaH4T85nuxIfgZ+Yqz4Nm7Onm1NjMuqIvWhej9V1aFqbaLAhBcdmwAk:jYIERznDaH4T8hGJZ+tz4tRdHPzPB5F
|
Size: |
901362
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-T5FGV.tmp
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-T5FGV.tmp
|
Category: |
dropped
|
Dump: |
is-T5FGV.tmp.4.dr
|
ID: |
dr_15
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.987437245537878
|
Encrypted: |
false
|
Ssdeep: |
1536:5Z+r3f3WfINPGjCoYTbyBrCTNonZ9Fu2xIrFj:Kr3fGfIEL9hHFuy0Fj
|
Size: |
76038
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-U1VR9.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-U1VR9.tmp
|
Category: |
dropped
|
Dump: |
is-U1VR9.tmp.4.dr
|
ID: |
dr_237
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.725569886212962
|
Encrypted: |
false
|
Ssdeep: |
768:qA+x9C3sgHkLLhm/jsQIw8q8NQLUPwZrNiqbospiuWgdFbrK:qxt5uVIwplvWgdFbrK
|
Size: |
45102
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-VQ6EJ.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-VQ6EJ.tmp
|
Category: |
dropped
|
Dump: |
is-VQ6EJ.tmp.4.dr
|
ID: |
dr_339
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.251416967459125
|
Encrypted: |
false
|
Ssdeep: |
3072:HmCwTh8zsBC/CoEdSPSFiExf07T+VKZQizOuuD1SKqzuHDHYnoCW:GCwThtC6oSOT0NsOuuCiHDHYnoCW
|
Size: |
149479
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-VUNL5.tmp
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-VUNL5.tmp
|
Category: |
dropped
|
Dump: |
is-VUNL5.tmp.4.dr
|
ID: |
dr_36
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.394423691316713
|
Encrypted: |
false
|
Ssdeep: |
1536:5OdXmGE7IMpiD48AKZtM5Wwk84ALLLcFRn6dhvIOeIOeL2ae:5ORrE7NplK3M5WwBLLLcFh2hMeqD
|
Size: |
88064
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\is-VV2UP.tmp
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\is-VV2UP.tmp
|
Category: |
dropped
|
Dump: |
is-VV2UP.tmp.4.dr
|
ID: |
dr_10
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.79195307168262
|
Encrypted: |
false
|
Ssdeep: |
768:7n9WjpamB9BAZaf/jSFGWWlvxskKDyFZvyuvQhpbBXFO:JQpae9BvPWWDmmvRvCXFO
|
Size: |
49547
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\ls.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\ls.exe (copy)
|
Category: |
dropped
|
Dump: |
is-VQ6EJ.tmp.4.dr
|
ID: |
dr_689
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.251416967459125
|
Encrypted: |
false
|
Ssdeep: |
3072:HmCwTh8zsBC/CoEdSPSFiExf07T+VKZQizOuuD1SKqzuHDHYnoCW:GCwThtC6oSOT0NsOuuCiHDHYnoCW
|
Size: |
149479
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\lsattr.exe (copy)
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\lsattr.exe (copy)
|
Category: |
dropped
|
Dump: |
is-JAO6D.tmp.4.dr
|
ID: |
dr_690
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
5.666990122567557
|
Encrypted: |
false
|
Ssdeep: |
3072:DnkSm8KfeqeU4oteIxD6H1NiHDy72zCujvYg8TtTcsrCx:gSkgTtTcsrE
|
Size: |
98392
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\mkdir.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\mkdir.exe (copy)
|
Category: |
dropped
|
Dump: |
is-KA4RL.tmp.4.dr
|
ID: |
dr_691
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.118866291946782
|
Encrypted: |
false
|
Ssdeep: |
1536:xzECnNAoICU8yZ8fY76sqyiW6mNiV7/HWAFkK:xzNTw8ym0V6iAFkK
|
Size: |
71435
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\mktemp.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\mktemp.exe (copy)
|
Category: |
dropped
|
Dump: |
is-CCFT7.tmp.4.dr
|
ID: |
dr_692
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.749819477885052
|
Encrypted: |
false
|
Ssdeep: |
768:7EsPOsUyt9ArNoBD67HlixCi81NiqbocBFuWO2FeK:xyoANC8AWBFeK
|
Size: |
44192
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\msys-2.0.dll (copy)
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\msys-2.0.dll (copy)
|
Category: |
dropped
|
Dump: |
is-RI9PB.tmp.4.dr
|
ID: |
dr_693
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
Entropy: |
5.955153034052179
|
Encrypted: |
false
|
Ssdeep: |
98304:o9vnRe32+A2e3vUVlorFGexoll+E91u7MHYuHQlWzAvv3kfFt:QV2W8VlJ9l+m
|
Size: |
3628912
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\msys-asn1-8.dll (copy)
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\msys-asn1-8.dll (copy)
|
Category: |
dropped
|
Dump: |
is-KE0B7.tmp.4.dr
|
ID: |
dr_694
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.207932583198621
|
Encrypted: |
false
|
Ssdeep: |
12288:c2WHzyQ5v2gzlH1ZERxPHMA7/UQsUbRF3MK:uHGgRVuRxPHNbRF3MK
|
Size: |
560685
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\msys-cbor-0.9.dll (copy)
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\msys-cbor-0.9.dll (copy)
|
Category: |
dropped
|
Dump: |
is-VV2UP.tmp.4.dr
|
ID: |
dr_695
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.79195307168262
|
Encrypted: |
false
|
Ssdeep: |
768:7n9WjpamB9BAZaf/jSFGWWlvxskKDyFZvyuvQhpbBXFO:JQpae9BvPWWDmmvRvCXFO
|
Size: |
49547
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\msys-com_err-1.dll (copy)
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\msys-com_err-1.dll (copy)
|
Category: |
dropped
|
Dump: |
is-LNH3Q.tmp.4.dr
|
ID: |
dr_696
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
3.7736870227823593
|
Encrypted: |
false
|
Ssdeep: |
192:1kGFnUwPOjpZCCCoxQLmqINv/T8j3jSNVtrtuTbJ4:HFnOjp/amqINv/Qje7rtuTbu
|
Size: |
10102
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\msys-crypt-0.dll (copy)
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\msys-crypt-0.dll (copy)
|
Category: |
dropped
|
Dump: |
is-7C5D8.tmp.4.dr
|
ID: |
dr_697
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.918409384417855
|
Encrypted: |
false
|
Ssdeep: |
768:lkLccl/PYonzMHsQ5EVOigJgLa1eUD37GK:KLccJYCounVLa0UfGK
|
Size: |
40857
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\msys-crypto-1.1.dll (copy)
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\msys-crypto-1.1.dll (copy)
|
Category: |
dropped
|
Dump: |
is-PFMDO.tmp.4.dr
|
ID: |
dr_698
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.711172205815115
|
Encrypted: |
false
|
Ssdeep: |
49152:1VwAsOdJ7m419JQc9H45ZRtdKlo5IU6i3ZTBgAWsWmaSc7tkuV1GtlqXT/iHrmIQ:zV45ZRtdAF+3dJW7mXc3/T/iHH2oY5YA
|
Size: |
2484482
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\msys-fido2-1.dll (copy)
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\msys-fido2-1.dll (copy)
|
Category: |
dropped
|
Dump: |
is-68D6D.tmp.4.dr
|
ID: |
dr_699
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.148539893991215
|
Encrypted: |
false
|
Ssdeep: |
3072:s/M1u9OAYoras0DBpnmMczgLVt9t0L422OX5vE6tQP:k99Y3moztY24ZtQP
|
Size: |
213840
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\msys-gcc_s-seh-1.dll (copy)
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\msys-gcc_s-seh-1.dll (copy)
|
Category: |
dropped
|
Dump: |
is-T5FGV.tmp.4.dr
|
ID: |
dr_700
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.987437245537878
|
Encrypted: |
false
|
Ssdeep: |
1536:5Z+r3f3WfINPGjCoYTbyBrCTNonZ9Fu2xIrFj:Kr3fGfIEL9hHFuy0Fj
|
Size: |
76038
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\msys-gmp-10.dll (copy)
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\msys-gmp-10.dll (copy)
|
Category: |
dropped
|
Dump: |
is-MLLI2.tmp.4.dr
|
ID: |
dr_701
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.575554349927672
|
Encrypted: |
false
|
Ssdeep: |
12288:in5Cz+MiKheCRNKbnGxsm+bsJPnch5F3s:Koz+vk2nGxsm+bsJUh5F3s
|
Size: |
585801
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\msys-gssapi-3.dll (copy)
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\msys-gssapi-3.dll (copy)
|
Category: |
dropped
|
Dump: |
is-3KVKN.tmp.4.dr
|
ID: |
dr_702
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.062057129107789
|
Encrypted: |
false
|
Ssdeep: |
3072:EAnX/7JAqSBmcIHjjLRknWOpi/Z2807GtHu9QSEDjNGibrJK8GO:EgF7SvQfRpOpB97GFu9rEXxrJK8GO
|
Size: |
227921
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\msys-hcrypto-4.dll (copy)
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\msys-hcrypto-4.dll (copy)
|
Category: |
dropped
|
Dump: |
is-4ULKA.tmp.4.dr
|
ID: |
dr_703
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.421837966914291
|
Encrypted: |
false
|
Ssdeep: |
3072:5ej21uBMlQEORjijb9rClrds9cfH32lLUBvMlxnxzCeNRF2QyBfin9thWCBFg5b:5sMSLj2bgF32lLwevF2Qy9in91Fg5b
|
Size: |
202652
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\msys-heimbase-1.dll (copy)
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\msys-heimbase-1.dll (copy)
|
Category: |
dropped
|
Dump: |
is-7ATDF.tmp.4.dr
|
ID: |
dr_704
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.763063899493303
|
Encrypted: |
false
|
Ssdeep: |
1536:83dHeyVnt4Kk3bB71jv0Y13vO7k88qfUAK:UQyL4KkrB714TT8sUAK
|
Size: |
52962
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\msys-heimntlm-0.dll (copy)
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\msys-heimntlm-0.dll (copy)
|
Category: |
dropped
|
Dump: |
is-7MDJG.tmp.4.dr
|
ID: |
dr_705
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.550599343324782
|
Encrypted: |
false
|
Ssdeep: |
768:SMLRh/cesjYwIg/NFKJHQSCtIHiBRQ38K:SMLRhk/0wJLKJw1auRQ38K
|
Size: |
33301
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\msys-hx509-5.dll (copy)
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\msys-hx509-5.dll (copy)
|
Category: |
dropped
|
Dump: |
is-57KQT.tmp.4.dr
|
ID: |
dr_706
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.144083269775037
|
Encrypted: |
false
|
Ssdeep: |
6144:WNidrp0BDl9sUEHAdaUEXydbd+fO0sjiI2vcB:Jdrp0tl9aHAdFd+fOPiI2vcB
|
Size: |
277926
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\msys-iconv-2.dll (copy)
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\msys-iconv-2.dll (copy)
|
Category: |
dropped
|
Dump: |
is-N5GE7.tmp.4.dr
|
ID: |
dr_707
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
7.237575870531518
|
Encrypted: |
false
|
Ssdeep: |
24576:VtSBAUZLY3wPKo6VbbTiZGavkg3NyeuQ6l9fH+fTc:VYBAUZLYgio6EZGaXBuQQ9eTc
|
Size: |
1082798
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\msys-intl-8.dll (copy)
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\msys-intl-8.dll (copy)
|
Category: |
dropped
|
Dump: |
is-HNNM1.tmp.4.dr
|
ID: |
dr_708
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.795191564176706
|
Encrypted: |
false
|
Ssdeep: |
768:YQ9Nm0XMpCWTAtSxMn5run4/st3ZaRsPMYlUYFMl1VGnlr1vMdA+WreR/k4t:JNm0cppAExMrsgcFfNMd3Wr6/kK
|
Size: |
45895
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\msys-krb5-26.dll (copy)
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\msys-krb5-26.dll (copy)
|
Category: |
dropped
|
Dump: |
is-JIM1A.tmp.4.dr
|
ID: |
dr_709
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.285309781606265
|
Encrypted: |
false
|
Ssdeep: |
6144:vZ0wFZnl9j3gYWvd2QWt6Pqv38zDRygLPjGNQXaxURj8ZPjnemW5qZp/vTuG:SwFZnl9rgYCQ8dlygj8ZPjeR5Q/vTuG
|
Size: |
490513
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\msys-mpfr-6.dll (copy)
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\msys-mpfr-6.dll (copy)
|
Category: |
dropped
|
Dump: |
is-G4OF1.tmp.4.dr
|
ID: |
dr_710
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.217367563734053
|
Encrypted: |
false
|
Ssdeep: |
12288:eWN63+ofjZWOxebwnBx4SmtfjHRtSmd/Ewelv2s/Fa:ee6u28OxebwBqSmtfjHRgsvuJ/Fa
|
Size: |
627427
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\msys-ncursesw6.dll (copy)
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\msys-ncursesw6.dll (copy)
|
Category: |
dropped
|
Dump: |
is-JL1TT.tmp.4.dr
|
ID: |
dr_711
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.1837314646781385
|
Encrypted: |
false
|
Ssdeep: |
6144:dOdsVxWUeJIC/s+v8OymwrBg70gPu0xbRpXaRP25a2OjV1oCFJ1:dRUUXCEq8O0dgYqu0xbnXa2OjV1oCFJ1
|
Size: |
335618
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\msys-pcre-1.dll (copy)
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\msys-pcre-1.dll (copy)
|
Category: |
dropped
|
Dump: |
is-O6BRD.tmp.4.dr
|
ID: |
dr_712
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.186108509362763
|
Encrypted: |
false
|
Ssdeep: |
3072:XyQEU+3u49JdRKgi5Uerz+gM9b8hR0dYCuh0HgxiOolnCguZ5P8Py6+PiaAt3dKw:9fIwgi3n+Dosm0lCgk4y6+ad1dKF3jK
|
Size: |
289270
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\msys-readline8.dll (copy)
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\msys-readline8.dll (copy)
|
Category: |
dropped
|
Dump: |
is-FNAF9.tmp.4.dr
|
ID: |
dr_713
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.0901807590277075
|
Encrypted: |
false
|
Ssdeep: |
6144:XBKqFwHVi1/2qP7z18qAwJEBNCgjkOm5d5P6pkOX5XfXIFCuz:XBKOwHViIq/18qAVdq5d5P6jlIFCuz
|
Size: |
264373
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\msys-roken-18.dll (copy)
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\msys-roken-18.dll (copy)
|
Category: |
dropped
|
Dump: |
is-QOCJS.tmp.4.dr
|
ID: |
dr_714
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.849662644781003
|
Encrypted: |
false
|
Ssdeep: |
1536:Qv63PS0zDuXhWlSjdCZMvQCU9dq62xN95TEai17KdFLEt:KGawl2CGvV77fYiFLEt
|
Size: |
67079
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\msys-sqlite3-0.dll (copy)
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\msys-sqlite3-0.dll (copy)
|
Category: |
dropped
|
Dump: |
is-R4CH3.tmp.4.dr
|
ID: |
dr_715
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.383333271549078
|
Encrypted: |
false
|
Ssdeep: |
24576:6Y6fMXxY4B/Ma3N3gscjBurln0HfBib9VdPtQtMHtkAQ1PyeFZHgI:n6fMSXat3cfCX0yeFZHgI
|
Size: |
1343609
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\msys-wind-0.dll (copy)
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\msys-wind-0.dll (copy)
|
Category: |
dropped
|
Dump: |
is-AFU2D.tmp.4.dr
|
ID: |
dr_716
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
4.812005018113588
|
Encrypted: |
false
|
Ssdeep: |
3072:3xL7Ar5BwzU4Shem4jUaSwHWGc4kTrgx10t3T:urHwEhehUaSqk/gx10t3T
|
Size: |
164937
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\msys-z.dll (copy)
|
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\msys-z.dll (copy)
|
Category: |
dropped
|
Dump: |
is-VUNL5.tmp.4.dr
|
ID: |
dr_717
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.394423691316713
|
Encrypted: |
false
|
Ssdeep: |
1536:5OdXmGE7IMpiD48AKZtM5Wwk84ALLLcFRn6dhvIOeIOeL2ae:5ORrE7NplK3M5WwBLLLcFh2hMeqD
|
Size: |
88064
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\mv.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\mv.exe (copy)
|
Category: |
dropped
|
Dump: |
is-OM906.tmp.4.dr
|
ID: |
dr_718
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.098307878906199
|
Encrypted: |
false
|
Ssdeep: |
3072:zkUtxvWRsjcrzr2ppdTOO6GC2anm1w53s5FKDjG:zkUSKcr2fEm1w53s5FKHG
|
Size: |
122430
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\pathchk.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\pathchk.exe (copy)
|
Category: |
dropped
|
Dump: |
is-A4UPI.tmp.4.dr
|
ID: |
dr_719
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.6330015995775415
|
Encrypted: |
false
|
Ssdeep: |
768:Pgf6Ive+OWcJye1oPcNiqboJaLIW3BFUK:PgrcWo50WxFUK
|
Size: |
35362
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\printf.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\printf.exe (copy)
|
Category: |
dropped
|
Dump: |
is-JLF3M.tmp.4.dr
|
ID: |
dr_720
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.118112146257181
|
Encrypted: |
false
|
Ssdeep: |
1536:DvB6IZ10n7hRDvCXcZCfvDNHJWGE9QJyI1j3LWfF4K:DpPsn7Xkcw3rWsv3SfF4K
|
Size: |
72003
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\profiler.exe (copy)
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\profiler.exe (copy)
|
Category: |
dropped
|
Dump: |
is-0UPEL.tmp.4.dr
|
ID: |
dr_721
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
5.860427034373632
|
Encrypted: |
false
|
Ssdeep: |
3072:FoefAADcobwCvdqexs9agbZb0ibKqe/j9q6HeIxD6H1NiHDy72zCujvJmTC3VGjG:GNQTkagbZBGZmW3VG6eyLsrE
|
Size: |
203120
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\pwd.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\pwd.exe (copy)
|
Category: |
dropped
|
Dump: |
is-CVGUL.tmp.4.dr
|
ID: |
dr_722
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.725306995089882
|
Encrypted: |
false
|
Ssdeep: |
768:f6PaPEArExcnITv4+3MhNiqbo/FkVboWQFCK:ykCcno70qWQFCK
|
Size: |
36148
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\readlink.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\readlink.exe (copy)
|
Category: |
dropped
|
Dump: |
is-9V1D1.tmp.4.dr
|
ID: |
dr_723
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.810444554906277
|
Encrypted: |
false
|
Ssdeep: |
768:17vIK+ZWDRbTXWixnz8EHhHvqAiqQHNiqboilM4rE/uYWbnSFmlJK:17wK5RTmOFPq7m4nYWLSFm/K
|
Size: |
48491
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\rebase.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\rebase.exe (copy)
|
Category: |
dropped
|
Dump: |
is-SE2C2.tmp.4.dr
|
ID: |
dr_724
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.166230256459294
|
Encrypted: |
false
|
Ssdeep: |
12288:ksvYIERznDaH4T85nuxIfgZ+Yqz4Nm7Onm1NjMuqIvWhej9V1aFqbaLAhBcdmwAk:jYIERznDaH4T8hGJZ+tz4tRdHPzPB5F
|
Size: |
901362
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\rebaseall (copy)
|
a /usr/bin/dash script, ASCII text executable
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\rebaseall (copy)
|
Category: |
dropped
|
Dump: |
is-QFORH.tmp.4.dr
|
ID: |
dr_725
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
a /usr/bin/dash script, ASCII text executable
|
Entropy: |
5.231952671810017
|
Encrypted: |
false
|
Ssdeep: |
96:ezfFz95TxE3n8KM1l0Kh/KpL5rZwAdZ5KocJKThiQ5s/VuPVjxeFT9TPAxPTe8E7:4fF3VE38AF9w+ZYKIQ5s/VuExclm3r
|
Size: |
7151
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\rm.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\rm.exe (copy)
|
Category: |
dropped
|
Dump: |
is-359E4.tmp.4.dr
|
ID: |
dr_726
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.9840396887775125
|
Encrypted: |
false
|
Ssdeep: |
1536:BiTul1U3peh8DGYs1dAqn60/nEIneW6FmiK:nsYhSs16qnb/nEk6FmiK
|
Size: |
63813
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\rmdir.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\rmdir.exe (copy)
|
Category: |
dropped
|
Dump: |
is-3V559.tmp.4.dr
|
ID: |
dr_727
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.130584635920437
|
Encrypted: |
false
|
Ssdeep: |
1536:GVl7xnzBwCURPMbCIuwBWWG2FtZUKTpGWzFPPK:GnxzBYR09WwD1zFPPK
|
Size: |
62247
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\sdiff.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\sdiff.exe (copy)
|
Category: |
dropped
|
Dump: |
is-QA3S9.tmp.4.dr
|
ID: |
dr_728
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.7483778468140905
|
Encrypted: |
false
|
Ssdeep: |
768:sNCSS/cdx3KtRDOHEK3SRprP6XF+3nHnKaKZXxwpoLkSNiqbo7GlRWsRNgLFK:/ET3UOfir6VOnHKXZXHWsRqLFK
|
Size: |
54426
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\sed.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\sed.exe (copy)
|
Category: |
dropped
|
Dump: |
is-GS9VI.tmp.4.dr
|
ID: |
dr_729
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.200981287141944
|
Encrypted: |
false
|
Ssdeep: |
3072:sCUMkwOTTLYnZ5NpFGvIzeRilKSMvLwuopyopn16GMkpnOQ36Toh/R:sCNOcRllALwsrGMkpv36Toh/R
|
Size: |
178140
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\sh.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\sh.exe (copy)
|
Category: |
dropped
|
Dump: |
is-4OF19.tmp.4.dr
|
ID: |
dr_730
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.932591488869057
|
Encrypted: |
false
|
Ssdeep: |
49152:bMepVZZaGL669nAs2dbRPjdfQhWBAUZLYgio6EZGaXBuQQ9ew:XpfZa8dSs2db2WBAUZLGqO
|
Size: |
2293136
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\sort.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\sort.exe (copy)
|
Category: |
dropped
|
Dump: |
is-34H01.tmp.4.dr
|
ID: |
dr_731
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.157680864135103
|
Encrypted: |
false
|
Ssdeep: |
1536:SdXKFM0I3XqKPJyiORnE461wVKahK15XA/R+BHqsUDyfre+WnUDWdsods9:WXKqv3RsN5vVKagFAZG8sre+W9dsods9
|
Size: |
109591
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\ssh-add.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\ssh-add.exe (copy)
|
Category: |
dropped
|
Dump: |
is-4RE92.tmp.4.dr
|
ID: |
dr_732
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.597105190222745
|
Encrypted: |
false
|
Ssdeep: |
6144:GIIIIlIIIIEIIII4IIII7TIIII0IIIIbIIIIfIIII6xIIIITIIIIAIIIIBIIIIkD:3nSpWa3ezDZBGDDVc4tJDuA1fvWyN3
|
Size: |
432556
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\ssh-agent.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\ssh-agent.exe (copy)
|
Category: |
dropped
|
Dump: |
is-LAA2G.tmp.4.dr
|
ID: |
dr_733
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.506956161819081
|
Encrypted: |
false
|
Ssdeep: |
12288:ms7Gfl5ZozIPPLTVxReMpfoD1kBenfvCscS:oRozIPPLJoD1kBenfvCscS
|
Size: |
402749
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\ssh.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\ssh.exe (copy)
|
Category: |
dropped
|
Dump: |
is-8MBUS.tmp.4.dr
|
ID: |
dr_734
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.042660357284004
|
Encrypted: |
false
|
Ssdeep: |
24576:fyrxJneP7PSTh7wJ1FG2Tb8jYXUMlhJFjNifeXkSw:fyr/h7wHE2wYXUMlhxifeXkSw
|
Size: |
943783
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\tail.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\tail.exe (copy)
|
Category: |
dropped
|
Dump: |
is-N0FV2.tmp.4.dr
|
ID: |
dr_735
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.928879164833447
|
Encrypted: |
false
|
Ssdeep: |
768:PVfscRLD9w/7MRe8aayXf3PeikiYMpwVjkzP/CDvveM7pNiqbowOzki4mPWNVdoG:P5sc166arf3PTbpwPqMz+ICWNVdo7K
|
Size: |
56617
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\test.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\test.exe (copy)
|
Category: |
dropped
|
Dump: |
is-IIGR6.tmp.4.dr
|
ID: |
dr_736
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.11199110776128
|
Encrypted: |
false
|
Ssdeep: |
1536:RA2zzjcGYxeC8GVTO3VumPWWttiuQBTI9kI6BWNFIK:2ozYxKGBAWcIIfNFIK
|
Size: |
70331
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\touch.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\touch.exe (copy)
|
Category: |
dropped
|
Dump: |
is-SCTG2.tmp.4.dr
|
ID: |
dr_737
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
6.227417038541123
|
Encrypted: |
false
|
Ssdeep: |
3072:WNu5gxH4+RjEU6z48Xlxhhvh1+uL9XUpFyK:WN9E/z48Xlxhhvh1+uL9kpFyK
|
Size: |
107463
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\tr.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\tr.exe (copy)
|
Category: |
dropped
|
Dump: |
is-22E1M.tmp.4.dr
|
ID: |
dr_738
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.922945277913381
|
Encrypted: |
false
|
Ssdeep: |
768:JRMDHj02PBYaqULGRoQFAKGHgyUTLHDaUhsabqnNiqbo+r3XhF31n4Wg1roKK:JRMDHhMiGRoQ20HhN+jxb4WAroKK
|
Size: |
49460
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\true.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\true.exe (copy)
|
Category: |
dropped
|
Dump: |
is-JMV83.tmp.4.dr
|
ID: |
dr_739
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.553287017256515
|
Encrypted: |
false
|
Ssdeep: |
384:1QMkcfc4/YKdSMSnTDdWgVYIJ4J1KnA5wNiqboPYF/NfvOCW5TwFFK:27j4/YYZsR7VJaKn5NiqbogvNW5UFFK
|
Size: |
33123
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\uname.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\uname.exe (copy)
|
Category: |
dropped
|
Dump: |
is-70LFC.tmp.4.dr
|
ID: |
dr_740
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.596504079807287
|
Encrypted: |
false
|
Ssdeep: |
768:lFcP4c0DgVek4JR2gOdYEsNiqboNPoWSFMK:C8DAeRWSFMK
|
Size: |
35876
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\uniq.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\uniq.exe (copy)
|
Category: |
dropped
|
Dump: |
is-AFDO0.tmp.4.dr
|
ID: |
dr_741
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.786350190792906
|
Encrypted: |
false
|
Ssdeep: |
768:vzUQ9IuNqmIjbxqPsIAGaZn77T3jBMs52xaNiqboxsfEqWDFfK:vd9XNqxUsIAGaZnvBMVx7mEqWDFfK
|
Size: |
45019
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\wc.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\wc.exe (copy)
|
Category: |
dropped
|
Dump: |
is-RSSOE.tmp.4.dr
|
ID: |
dr_742
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.738666984400488
|
Encrypted: |
false
|
Ssdeep: |
768:kaQ2LAGg4LWf8tE9KrVB2lh2uXjxYfWN5RNiqboLeAIEKBFWN/do8K:a2d3WwzxB2lMyjz0MWN/do8K
|
Size: |
47366
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\bin\xargs.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\bin\xargs.exe (copy)
|
Category: |
dropped
|
Dump: |
is-IFS4S.tmp.4.dr
|
ID: |
dr_743
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.93647949822774
|
Encrypted: |
false
|
Ssdeep: |
1536:dcCR5aZi//+MfKpVJllFSYwVhEheWZrbFLe:ddsZXAK5fFSYxxbFLe
|
Size: |
68362
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\etc\profile.d\gawk.csh (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\etc\profile.d\gawk.csh (copy)
|
Category: |
dropped
|
Dump: |
is-3F6MC.tmp.4.dr
|
ID: |
dr_744
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.218961177402176
|
Encrypted: |
false
|
Ssdeep: |
24:qmnNpxznAImnX5nxznAImnX5e/mn0OgQAdmnL5pzgQAdmnL5LKK:1c5cmZ1QV
|
Size: |
1107
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\etc\profile.d\gawk.sh (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\etc\profile.d\gawk.sh (copy)
|
Category: |
dropped
|
Dump: |
is-D97E3.tmp.4.dr
|
ID: |
dr_745
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.37592695697235
|
Encrypted: |
false
|
Ssdeep: |
12:qVmCByhBqExcwQBqEx3yrBqEx3yZm4HVm8QBypHEBqEK1BB4qwP1X1HEBqEK1B3t:qVmOyhNc5N3yrN3yfVmdytEefm7Ee3yY
|
Size: |
757
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\etc\profile.d\is-3F6MC.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\etc\profile.d\is-3F6MC.tmp
|
Category: |
dropped
|
Dump: |
is-3F6MC.tmp.4.dr
|
ID: |
dr_100
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.218961177402176
|
Encrypted: |
false
|
Ssdeep: |
24:qmnNpxznAImnX5nxznAImnX5e/mn0OgQAdmnL5pzgQAdmnL5LKK:1c5cmZ1QV
|
Size: |
1107
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\etc\profile.d\is-D97E3.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\etc\profile.d\is-D97E3.tmp
|
Category: |
dropped
|
Dump: |
is-D97E3.tmp.4.dr
|
ID: |
dr_103
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.37592695697235
|
Encrypted: |
false
|
Ssdeep: |
12:qVmCByhBqExcwQBqEx3yrBqEx3yZm4HVm8QBypHEBqEK1BB4qwP1X1HEBqEK1B3t:qVmOyhNc5N3yrN3yfVmdytEefm7Ee3yY
|
Size: |
757
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\lib\ssh\is-JRLKV.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\lib\ssh\is-JRLKV.tmp
|
Category: |
dropped
|
Dump: |
is-JRLKV.tmp.4.dr
|
ID: |
dr_112
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.479228240604825
|
Encrypted: |
false
|
Ssdeep: |
6144:pIIIIxIIII2IIIIDIIIIrIIII+IIIItIIIITIIIIwvIIIIkIIIIZIIIIWIIII8IV:nVGY/BatzquV7keYPZzpKrv1c4L
|
Size: |
384072
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\lib\ssh\is-N6F5T.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\lib\ssh\is-N6F5T.tmp
|
Category: |
dropped
|
Dump: |
is-N6F5T.tmp.4.dr
|
ID: |
dr_106
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.769670262932186
|
Encrypted: |
false
|
Ssdeep: |
12288:WaOsDZsZwEeKRlXJe1xeGSVSpUs80B4zhXf0yAW7:WJsDZLEeuXJKxeqB4zhXf0yAW7
|
Size: |
541849
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\lib\ssh\is-U9I37.tmp
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\lib\ssh\is-U9I37.tmp
|
Category: |
dropped
|
Dump: |
is-U9I37.tmp.4.dr
|
ID: |
dr_109
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.479550526805191
|
Encrypted: |
false
|
Ssdeep: |
6144:jvIIIIwIIIIMIIIIAIIIIzdIIIIHIIIIfIIIImIIIIZIIIIqIIIIUIIII/IIIIou:jiFWNsnc3ppv8ATXISVKFsnvHKQfhtAG
|
Size: |
387786
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\lib\ssh\ssh-keysign.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\lib\ssh\ssh-keysign.exe (copy)
|
Category: |
dropped
|
Dump: |
is-N6F5T.tmp.4.dr
|
ID: |
dr_746
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.769670262932186
|
Encrypted: |
false
|
Ssdeep: |
12288:WaOsDZsZwEeKRlXJe1xeGSVSpUs80B4zhXf0yAW7:WJsDZLEeuXJKxeqB4zhXf0yAW7
|
Size: |
541849
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\lib\ssh\ssh-pkcs11-helper.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\lib\ssh\ssh-pkcs11-helper.exe (copy)
|
Category: |
dropped
|
Dump: |
is-U9I37.tmp.4.dr
|
ID: |
dr_747
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.479550526805191
|
Encrypted: |
false
|
Ssdeep: |
6144:jvIIIIwIIIIMIIIIAIIIIzdIIIIHIIIIfIIIImIIIIZIIIIqIIIIUIIII/IIIIou:jiFWNsnc3ppv8ATXISVKFsnvHKQfhtAG
|
Size: |
387786
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\lib\ssh\ssh-sk-helper.exe (copy)
|
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\lib\ssh\ssh-sk-helper.exe (copy)
|
Category: |
dropped
|
Dump: |
is-JRLKV.tmp.4.dr
|
ID: |
dr_748
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
|
Entropy: |
5.479228240604825
|
Encrypted: |
false
|
Ssdeep: |
6144:pIIIIxIIII2IIIIDIIIIrIIII+IIIItIIIITIIIIwvIIIIkIIIIZIIIIWIIII8IV:nVGY/BatzquV7keYPZzpKrv1c4L
|
Size: |
384072
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\libexec\getprocaddr32.exe (copy)
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\libexec\getprocaddr32.exe (copy)
|
Category: |
dropped
|
Dump: |
is-2AOA2.tmp.4.dr
|
ID: |
dr_749
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (console) Intel 80386, for MS Windows
|
Entropy: |
5.798013513632193
|
Encrypted: |
false
|
Ssdeep: |
3072:yBPk8CfCBmUFYn+tXZB2An6tNTUmC3AWfaL5usrO+:yBPkbCBxFY+tXZgAnINTY3AokYsrl
|
Size: |
278824
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\libexec\getprocaddr64.exe (copy)
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\libexec\getprocaddr64.exe (copy)
|
Category: |
dropped
|
Dump: |
is-9120Q.tmp.4.dr
|
ID: |
dr_750
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
5.267235785377305
|
Encrypted: |
false
|
Ssdeep: |
3072:nnutkB/9jkOkwIyzZHzlcuQyJ7UwfdCZmMPcgENM9H6YvElZiZsrMzz:nuabcwHdHZcPmMYeWiZsrM/
|
Size: |
316248
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\Git\usr\libexec\is-2AOA2.tmp
|
PE32 executable (console) Intel 80386, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\libexec\is-2AOA2.tmp
|
Category: |
dropped
|
Dump: |
is-2AOA2.tmp.4.dr
|
ID: |
dr_115
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (console) Intel 80386, for MS Windows
|
Entropy: |
5.798013513632193
|
Encrypted: |
false
|
Ssdeep: |
3072:yBPk8CfCBmUFYn+tXZB2An6tNTUmC3AWfaL5usrO+:yBPkbCBxFY+tXZgAnINTY3AokYsrl
|
Size: |
278824
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\libexec\is-9120Q.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\libexec\is-9120Q.tmp
|
Category: |
dropped
|
Dump: |
is-9120Q.tmp.4.dr
|
ID: |
dr_118
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
5.267235785377305
|
Encrypted: |
false
|
Ssdeep: |
3072:nnutkB/9jkOkwIyzZHzlcuQyJ7UwfdCZmMPcgENM9H6YvElZiZsrMzz:nuabcwHdHZcPmMYeWiZsrM/
|
Size: |
316248
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\assert.awk (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\assert.awk (copy)
|
Category: |
dropped
|
Dump: |
is-VS8KP.tmp.4.dr
|
ID: |
dr_751
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.645354951360368
|
Encrypted: |
false
|
Ssdeep: |
6:S/AbdEyyevy2x92yVtE878lVzWYKFsBgprRotWkd1FYMovrc6fMuXxovC:NdRyev/9202F66BgprKYkd1FYMy8uXxb
|
Size: |
383
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\bits2str.awk (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\bits2str.awk (copy)
|
Category: |
dropped
|
Dump: |
is-P903T.tmp.4.dr
|
ID: |
dr_752
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.211975162233401
|
Encrypted: |
false
|
Ssdeep: |
6:SshSdGg8qGIMGd06F4DGTGbolbEnWk/EbWHoFa68/o6wqm6byIypn:QdGgpGwJ4DGPlInWEEboYoNm6byLp
|
Size: |
334
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\cliff_rand.awk (copy)
|
awk or perl script, ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\cliff_rand.awk (copy)
|
Category: |
dropped
|
Dump: |
is-HJD7M.tmp.4.dr
|
ID: |
dr_753
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
awk or perl script, ASCII text
|
Entropy: |
4.685673866325587
|
Encrypted: |
false
|
Ssdeep: |
6:STWvjy2xbeXoJejJVUi8yqRVvCfuj67qv7yRenv:3vj/mjJ+i8PR9mVqDyRenv
|
Size: |
307
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\ctime.awk (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\ctime.awk (copy)
|
Category: |
dropped
|
Dump: |
is-TTDJU.tmp.4.dr
|
ID: |
dr_754
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.340104218330589
|
Encrypted: |
false
|
Ssdeep: |
6:Sdn3Tboybv+oRWx+YEq4GYEsuAokzw1iFKW9l69lRE:Fybv+owTEVEsuxkWmKSA9w
|
Size: |
234
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\ftrans.awk (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\ftrans.awk (copy)
|
Category: |
dropped
|
Dump: |
is-4UHFD.tmp.4.dr
|
ID: |
dr_755
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.840870954335024
|
Encrypted: |
false
|
Ssdeep: |
6:S0FnPDjJgYRLipyXBz3MG47gy2xRI9tjNK6OF/cgMJA8BOLYFjIrNFNgvMnhQmM4:v91gYxVxMy/RI5qF/cgMO82YFWNQvMpl
|
Size: |
315
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\getopt.awk (copy)
|
awk or perl script, ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\getopt.awk (copy)
|
Category: |
dropped
|
Dump: |
is-RLMFT.tmp.4.dr
|
ID: |
dr_756
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
awk or perl script, ASCII text
|
Entropy: |
4.424706948400525
|
Encrypted: |
false
|
Ssdeep: |
48:Ws4wVU+V2ksAnmSyenpbHPRRMHeNXEjET/H+gEHuNQKHj6ONR4+1:Ws4wuw2GmHe1RRM+NXYaPUONQKPCa
|
Size: |
2202
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\gettime.awk (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\gettime.awk (copy)
|
Category: |
dropped
|
Dump: |
is-C0G6N.tmp.4.dr
|
ID: |
dr_757
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.498868941177135
|
Encrypted: |
false
|
Ssdeep: |
24:XuCvIGYK0YO66CWYHrJrHU7UFK+cL+3Zau0P8A9xjDYPLCSPLcILTLD3hSa:XdvsoRWKx7K+cLQwulcx/2gI333hSa
|
Size: |
2491
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\group.awk (copy)
|
awk or perl script, ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\group.awk (copy)
|
Category: |
dropped
|
Dump: |
is-G5RU0.tmp.4.dr
|
ID: |
dr_758
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
awk or perl script, ASCII text
|
Entropy: |
4.678760342900937
|
Encrypted: |
false
|
Ssdeep: |
48:blgdTYp2t8vrfrat/q/uDj8/DtIXDfRKkRmeR+jpeC3:baVYLjTatymDYbtIXjRZRDR+le2
|
Size: |
1761
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\have_mpfr.awk (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\have_mpfr.awk (copy)
|
Category: |
dropped
|
Dump: |
is-5QMCO.tmp.4.dr
|
ID: |
dr_759
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.92112738342503
|
Encrypted: |
false
|
Ssdeep: |
6:S9rWWUtESI8qFjz88+UIFxUVqxwrWWnIJZjH:UrWWRH/b+UcUISrWWIf
|
Size: |
221
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\inplace.awk (copy)
|
awk or perl script, ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\inplace.awk (copy)
|
Category: |
dropped
|
Dump: |
is-K71PO.tmp.4.dr
|
ID: |
dr_760
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
awk or perl script, ASCII text
|
Entropy: |
4.9117955238216435
|
Encrypted: |
false
|
Ssdeep: |
48:tRSPzhyUjH6GbGzfr07TpYWBtkjENGQSTU/A/W:tR8z10zfalfFl4U/A+
|
Size: |
1992
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\intdiv0.awk (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\intdiv0.awk (copy)
|
Category: |
dropped
|
Dump: |
is-556AS.tmp.4.dr
|
ID: |
dr_761
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.692612176922914
|
Encrypted: |
false
|
Ssdeep: |
6:SbI5K1DHvy2xVBpayrkHmuHh5ezM2HWdql6ctpSpyU30dQzKFVNmpKzANmJCOuC7:P5K1DHv/VBpZUh5VGWdqu0rpm5mNPf
|
Size: |
462
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-14QDS.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-14QDS.tmp
|
Category: |
dropped
|
Dump: |
is-14QDS.tmp.4.dr
|
ID: |
dr_192
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
3.9219258888131923
|
Encrypted: |
false
|
Ssdeep: |
6:AHTYViJGP/woNwLKMWoaqU1LVKdhxdPYViLllFKdov:AHT+R33NYXwGz+YlFl
|
Size: |
355
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-1QH5E.tmp
|
awk or perl script, ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-1QH5E.tmp
|
Category: |
dropped
|
Dump: |
is-1QH5E.tmp.4.dr
|
ID: |
dr_198
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
awk or perl script, ASCII text
|
Entropy: |
4.752798877286637
|
Encrypted: |
false
|
Ssdeep: |
12:BbqegtX/TGFBHdeN2zf75XFcHFExVg6eo57yE/T:y1LGjFz7BFcHFgVTVyE/T
|
Size: |
489
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-37GER.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-37GER.tmp
|
Category: |
dropped
|
Dump: |
is-37GER.tmp.4.dr
|
ID: |
dr_220
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.728134581810642
|
Encrypted: |
false
|
Ssdeep: |
12:QLIHc06WqtEEt+W/g0bof0KZyaNAxoExSha:1HJqLf/FosYySAZSha
|
Size: |
472
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-3QRNM.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-3QRNM.tmp
|
Category: |
dropped
|
Dump: |
is-3QRNM.tmp.4.dr
|
ID: |
dr_218
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.192868686660682
|
Encrypted: |
false
|
Ssdeep: |
12:E4sBg/IMVqYNhCcMaDMDZEd+/Nxc1YTRangXVW5vqaIvC/qaXzwSFVuAyvqD/qe:3ggwRoTO0+LvTRGgAVl/XwSFVux4/l
|
Size: |
661
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-4GA5T.tmp
|
awk or perl script, ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-4GA5T.tmp
|
Category: |
dropped
|
Dump: |
is-4GA5T.tmp.4.dr
|
ID: |
dr_229
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
awk or perl script, ASCII text
|
Entropy: |
4.833712889141928
|
Encrypted: |
false
|
Ssdeep: |
12:pq+eX/VKBiwrV/h/sTBAu/frs/AFf5/htBAuA:QshV/hkNAGDsYZ5/hrAN
|
Size: |
424
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-4UHFD.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-4UHFD.tmp
|
Category: |
dropped
|
Dump: |
is-4UHFD.tmp.4.dr
|
ID: |
dr_143
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.840870954335024
|
Encrypted: |
false
|
Ssdeep: |
6:S0FnPDjJgYRLipyXBz3MG47gy2xRI9tjNK6OF/cgMJA8BOLYFjIrNFNgvMnhQmM4:v91gYxVxMy/RI5qF/cgMO82YFWNQvMpl
|
Size: |
315
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-556AS.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-556AS.tmp
|
Category: |
dropped
|
Dump: |
is-556AS.tmp.4.dr
|
ID: |
dr_161
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.692612176922914
|
Encrypted: |
false
|
Ssdeep: |
6:SbI5K1DHvy2xVBpayrkHmuHh5ezM2HWdql6ctpSpyU30dQzKFVNmpKzANmJCOuC7:P5K1DHv/VBpZUh5VGWdqu0rpm5mNPf
|
Size: |
462
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-5QMCO.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-5QMCO.tmp
|
Category: |
dropped
|
Dump: |
is-5QMCO.tmp.4.dr
|
ID: |
dr_155
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.92112738342503
|
Encrypted: |
false
|
Ssdeep: |
6:S9rWWUtESI8qFjz88+UIFxUVqxwrWWnIJZjH:UrWWRH/b+UcUISrWWIf
|
Size: |
221
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-6LUHP.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-6LUHP.tmp
|
Category: |
dropped
|
Dump: |
is-6LUHP.tmp.4.dr
|
ID: |
dr_164
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.530795731656769
|
Encrypted: |
false
|
Ssdeep: |
6:S37tTjASgy2x569V/Fyj9tWq9He/7wFIYJhg4v/zwHd6DUK0231irVsiNyU:MM/5rj9N+/Vt4HOd6DK24rVbyU
|
Size: |
378
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-7K3CS.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-7K3CS.tmp
|
Category: |
dropped
|
Dump: |
is-7K3CS.tmp.4.dr
|
ID: |
dr_223
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.497100711867551
|
Encrypted: |
false
|
Ssdeep: |
24:BSxi4qDjUkKEDDZI50l4o5QEUUuFJNKEeXoDZI605UqKoZ016dURA9MsuuHQXfSx:oxi9/H250l4o57nu/beX+2605lb2i9MM
|
Size: |
1454
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-7RDRT.tmp
|
awk or perl script, ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-7RDRT.tmp
|
Category: |
dropped
|
Dump: |
is-7RDRT.tmp.4.dr
|
ID: |
dr_183
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
awk or perl script, ASCII text
|
Entropy: |
4.994632573411483
|
Encrypted: |
false
|
Ssdeep: |
24:Au+XNkgh7oXjhNtewtJgMQrQchrGkBWRmBMpz8Qj0oHjzoWAbjYnCBSpv:N+dThET3te8wrfrPBW8i9jvHjcWajHSB
|
Size: |
1282
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-9P9M5.tmp
|
awk or perl script, ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-9P9M5.tmp
|
Category: |
dropped
|
Dump: |
is-9P9M5.tmp.4.dr
|
ID: |
dr_180
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
awk or perl script, ASCII text
|
Entropy: |
4.9553883003557635
|
Encrypted: |
false
|
Ssdeep: |
12:+Z3DsNE6Y5Cy/Tut7XJ7WzfgGYpH7OcQi+SCn:+FDSE6e7LW7XEzO7RQi+7n
|
Size: |
422
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-A8ATM.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-A8ATM.tmp
|
Category: |
dropped
|
Dump: |
is-A8ATM.tmp.4.dr
|
ID: |
dr_204
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.7763174263557096
|
Encrypted: |
false
|
Ssdeep: |
12:9lJ3gig/7bT+fS2PQREj6KEXiCvNv/hdy:FwTTbTF2umTajvDy
|
Size: |
404
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-C0G6N.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-C0G6N.tmp
|
Category: |
dropped
|
Dump: |
is-C0G6N.tmp.4.dr
|
ID: |
dr_149
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.498868941177135
|
Encrypted: |
false
|
Ssdeep: |
24:XuCvIGYK0YO66CWYHrJrHU7UFK+cL+3Zau0P8A9xjDYPLCSPLcILTLD3hSa:XdvsoRWKx7K+cLQwulcx/2gI333hSa
|
Size: |
2491
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-CTS5J.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-CTS5J.tmp
|
Category: |
dropped
|
Dump: |
is-CTS5J.tmp.4.dr
|
ID: |
dr_195
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.672257914203469
|
Encrypted: |
false
|
Ssdeep: |
12:QGE/VXZ2xJFzR2IdzcCHxBIb9uB99dSuExeAOHvs0cDIdY1ZKRN/7OL0kME:672nT1YCvuoUuE/avsVmcKRN/qLh
|
Size: |
1031
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-D48AP.tmp
|
awk or perl script, ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-D48AP.tmp
|
Category: |
dropped
|
Dump: |
is-D48AP.tmp.4.dr
|
ID: |
dr_189
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
awk or perl script, ASCII text
|
Entropy: |
4.899812114387889
|
Encrypted: |
false
|
Ssdeep: |
24:ku+XNkgYEQjCowtJhMQrQchrGamBkNz8IOhoRGJhoRHAFGhVMCnv:h+dTYE2h8trfr0wFRGERHqCMCv
|
Size: |
1195
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-G5RU0.tmp
|
awk or perl script, ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-G5RU0.tmp
|
Category: |
dropped
|
Dump: |
is-G5RU0.tmp.4.dr
|
ID: |
dr_152
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
awk or perl script, ASCII text
|
Entropy: |
4.678760342900937
|
Encrypted: |
false
|
Ssdeep: |
48:blgdTYp2t8vrfrat/q/uDj8/DtIXDfRKkRmeR+jpeC3:baVYLjTatymDYbtIXjRZRDR+le2
|
Size: |
1761
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-HJD7M.tmp
|
awk or perl script, ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-HJD7M.tmp
|
Category: |
dropped
|
Dump: |
is-HJD7M.tmp.4.dr
|
ID: |
dr_138
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
awk or perl script, ASCII text
|
Entropy: |
4.685673866325587
|
Encrypted: |
false
|
Ssdeep: |
6:STWvjy2xbeXoJejJVUi8yqRVvCfuj67qv7yRenv:3vj/mjJ+i8PR9mVqDyRenv
|
Size: |
307
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-K71PO.tmp
|
awk or perl script, ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-K71PO.tmp
|
Category: |
dropped
|
Dump: |
is-K71PO.tmp.4.dr
|
ID: |
dr_158
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
awk or perl script, ASCII text
|
Entropy: |
4.9117955238216435
|
Encrypted: |
false
|
Ssdeep: |
48:tRSPzhyUjH6GbGzfr07TpYWBtkjENGQSTU/A/W:tR8z10zfalfFl4U/A+
|
Size: |
1992
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-L57AL.tmp
|
C source, ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-L57AL.tmp
|
Category: |
dropped
|
Dump: |
is-L57AL.tmp.4.dr
|
ID: |
dr_178
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
C source, ASCII text
|
Entropy: |
4.358052111735043
|
Encrypted: |
false
|
Ssdeep: |
6:AM8ij0MyqorVSTRR69Q8yqkr0/cTRR6BSKbvC:Asj0MPohE29Tkh2BSKLC
|
Size: |
238
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-LNVIU.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-LNVIU.tmp
|
Category: |
dropped
|
Dump: |
is-LNVIU.tmp.4.dr
|
ID: |
dr_201
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.611941290947733
|
Encrypted: |
false
|
Ssdeep: |
6:SDqnezEn+/xJT+3uXYIqLkSbPsrTEHGdhfii0uXKjeiJ+yg:IqnnnqKuIIqLkSjsrTHhSkyg
|
Size: |
267
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-P903T.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-P903T.tmp
|
Category: |
dropped
|
Dump: |
is-P903T.tmp.4.dr
|
ID: |
dr_124
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.211975162233401
|
Encrypted: |
false
|
Ssdeep: |
6:SshSdGg8qGIMGd06F4DGTGbolbEnWk/EbWHoFa68/o6wqm6byIypn:QdGgpGwJ4DGPlInWEEboYoNm6byLp
|
Size: |
334
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-PF4M1.tmp
|
awk or perl script, ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-PF4M1.tmp
|
Category: |
dropped
|
Dump: |
is-PF4M1.tmp.4.dr
|
ID: |
dr_186
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
awk or perl script, ASCII text
|
Entropy: |
4.5551717258317606
|
Encrypted: |
false
|
Ssdeep: |
24:QIJXHSp1AL7iZxdI0eUZFPvNrTsdDt/ugEC6RWr4FAXKv:QIJXyp8mPdI0hZlJTu1ur1Ra5Kv
|
Size: |
937
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-RLMFT.tmp
|
awk or perl script, ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-RLMFT.tmp
|
Category: |
dropped
|
Dump: |
is-RLMFT.tmp.4.dr
|
ID: |
dr_146
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
awk or perl script, ASCII text
|
Entropy: |
4.424706948400525
|
Encrypted: |
false
|
Ssdeep: |
48:Ws4wVU+V2ksAnmSyenpbHPRRMHeNXEjET/H+gEHuNQKHj6ONR4+1:Ws4wuw2GmHe1RRM+NXYaPUONQKPCa
|
Size: |
2202
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-S82MB.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-S82MB.tmp
|
Category: |
dropped
|
Dump: |
is-S82MB.tmp.4.dr
|
ID: |
dr_226
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
3.9029718132347653
|
Encrypted: |
false
|
Ssdeep: |
3:TMQr+Div/FURWFEMWEHeI/jg6IA2xfFK/clVzKFz5f9pwZrvn:A9JtMWoDUrFK/clVzKFVffav
|
Size: |
214
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-TTDJU.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-TTDJU.tmp
|
Category: |
dropped
|
Dump: |
is-TTDJU.tmp.4.dr
|
ID: |
dr_140
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.340104218330589
|
Encrypted: |
false
|
Ssdeep: |
6:Sdn3Tboybv+oRWx+YEq4GYEsuAokzw1iFKW9l69lRE:Fybv+owTEVEsuxkWmKSA9w
|
Size: |
234
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-VS8KP.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\is-VS8KP.tmp
|
Category: |
dropped
|
Dump: |
is-VS8KP.tmp.4.dr
|
ID: |
dr_121
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.645354951360368
|
Encrypted: |
false
|
Ssdeep: |
6:S/AbdEyyevy2x92yVtE878lVzWYKFsBgprRotWkd1FYMovrc6fMuXxovC:NdRyev/9202F66BgprKYkd1FYMy8uXxb
|
Size: |
383
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\join.awk (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\join.awk (copy)
|
Category: |
dropped
|
Dump: |
is-6LUHP.tmp.4.dr
|
ID: |
dr_762
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.530795731656769
|
Encrypted: |
false
|
Ssdeep: |
6:S37tTjASgy2x569V/Fyj9tWq9He/7wFIYJhg4v/zwHd6DUK0231irVsiNyU:MM/5rj9N+/Vt4HOd6DK24rVbyU
|
Size: |
378
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\libintl.awk (copy)
|
C source, ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\libintl.awk (copy)
|
Category: |
dropped
|
Dump: |
is-L57AL.tmp.4.dr
|
ID: |
dr_763
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
C source, ASCII text
|
Entropy: |
4.358052111735043
|
Encrypted: |
false
|
Ssdeep: |
6:AM8ij0MyqorVSTRR69Q8yqkr0/cTRR6BSKbvC:Asj0MPohE29Tkh2BSKLC
|
Size: |
238
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\noassign.awk (copy)
|
awk or perl script, ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\noassign.awk (copy)
|
Category: |
dropped
|
Dump: |
is-9P9M5.tmp.4.dr
|
ID: |
dr_764
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
awk or perl script, ASCII text
|
Entropy: |
4.9553883003557635
|
Encrypted: |
false
|
Ssdeep: |
12:+Z3DsNE6Y5Cy/Tut7XJ7WzfgGYpH7OcQi+SCn:+FDSE6e7LW7XEzO7RQi+7n
|
Size: |
422
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\ns_passwd.awk (copy)
|
awk or perl script, ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\ns_passwd.awk (copy)
|
Category: |
dropped
|
Dump: |
is-7RDRT.tmp.4.dr
|
ID: |
dr_765
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
awk or perl script, ASCII text
|
Entropy: |
4.994632573411483
|
Encrypted: |
false
|
Ssdeep: |
24:Au+XNkgh7oXjhNtewtJgMQrQchrGkBWRmBMpz8Qj0oHjzoWAbjYnCBSpv:N+dThET3te8wrfrPBW8i9jvHjcWajHSB
|
Size: |
1282
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\ord.awk (copy)
|
awk or perl script, ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\ord.awk (copy)
|
Category: |
dropped
|
Dump: |
is-PF4M1.tmp.4.dr
|
ID: |
dr_766
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
awk or perl script, ASCII text
|
Entropy: |
4.5551717258317606
|
Encrypted: |
false
|
Ssdeep: |
24:QIJXHSp1AL7iZxdI0eUZFPvNrTsdDt/ugEC6RWr4FAXKv:QIJXyp8mPdI0hZlJTu1ur1Ra5Kv
|
Size: |
937
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\passwd.awk (copy)
|
awk or perl script, ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\passwd.awk (copy)
|
Category: |
dropped
|
Dump: |
is-D48AP.tmp.4.dr
|
ID: |
dr_767
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
awk or perl script, ASCII text
|
Entropy: |
4.899812114387889
|
Encrypted: |
false
|
Ssdeep: |
24:ku+XNkgYEQjCowtJhMQrQchrGamBkNz8IOhoRGJhoRHAFGhVMCnv:h+dTYE2h8trfr0wFRGERHqCMCv
|
Size: |
1195
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\processarray.awk (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\processarray.awk (copy)
|
Category: |
dropped
|
Dump: |
is-14QDS.tmp.4.dr
|
ID: |
dr_768
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
3.9219258888131923
|
Encrypted: |
false
|
Ssdeep: |
6:AHTYViJGP/woNwLKMWoaqU1LVKdhxdPYViLllFKdov:AHT+R33NYXwGz+YlFl
|
Size: |
355
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\quicksort.awk (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\quicksort.awk (copy)
|
Category: |
dropped
|
Dump: |
is-CTS5J.tmp.4.dr
|
ID: |
dr_769
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.672257914203469
|
Encrypted: |
false
|
Ssdeep: |
12:QGE/VXZ2xJFzR2IdzcCHxBIb9uB99dSuExeAOHvs0cDIdY1ZKRN/7OL0kME:672nT1YCvuoUuE/avsVmcKRN/qLh
|
Size: |
1031
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\readable.awk (copy)
|
awk or perl script, ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\readable.awk (copy)
|
Category: |
dropped
|
Dump: |
is-1QH5E.tmp.4.dr
|
ID: |
dr_770
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
awk or perl script, ASCII text
|
Entropy: |
4.752798877286637
|
Encrypted: |
false
|
Ssdeep: |
12:BbqegtX/TGFBHdeN2zf75XFcHFExVg6eo57yE/T:y1LGjFz7BFcHFgVTVyE/T
|
Size: |
489
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\readfile.awk (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\readfile.awk (copy)
|
Category: |
dropped
|
Dump: |
is-LNVIU.tmp.4.dr
|
ID: |
dr_771
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.611941290947733
|
Encrypted: |
false
|
Ssdeep: |
6:SDqnezEn+/xJT+3uXYIqLkSbPsrTEHGdhfii0uXKjeiJ+yg:IqnnnqKuIIqLkSjsrTHhSkyg
|
Size: |
267
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\rewind.awk (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\rewind.awk (copy)
|
Category: |
dropped
|
Dump: |
is-A8ATM.tmp.4.dr
|
ID: |
dr_772
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.7763174263557096
|
Encrypted: |
false
|
Ssdeep: |
12:9lJ3gig/7bT+fS2PQREj6KEXiCvNv/hdy:FwTTbTF2umTajvDy
|
Size: |
404
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\round.awk (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\round.awk (copy)
|
Category: |
dropped
|
Dump: |
is-3QRNM.tmp.4.dr
|
ID: |
dr_773
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.192868686660682
|
Encrypted: |
false
|
Ssdeep: |
12:E4sBg/IMVqYNhCcMaDMDZEd+/Nxc1YTRangXVW5vqaIvC/qaXzwSFVuAyvqD/qe:3ggwRoTO0+LvTRGgAVl/XwSFVux4/l
|
Size: |
661
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\shellquote.awk (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\shellquote.awk (copy)
|
Category: |
dropped
|
Dump: |
is-37GER.tmp.4.dr
|
ID: |
dr_774
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.728134581810642
|
Encrypted: |
false
|
Ssdeep: |
12:QLIHc06WqtEEt+W/g0bof0KZyaNAxoExSha:1HJqLf/FosYySAZSha
|
Size: |
472
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\strtonum.awk (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\strtonum.awk (copy)
|
Category: |
dropped
|
Dump: |
is-7K3CS.tmp.4.dr
|
ID: |
dr_775
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.497100711867551
|
Encrypted: |
false
|
Ssdeep: |
24:BSxi4qDjUkKEDDZI50l4o5QEUUuFJNKEeXoDZI605UqKoZ016dURA9MsuuHQXfSx:oxi9/H250l4o57nu/beX+2605lb2i9MM
|
Size: |
1454
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\walkarray.awk (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\walkarray.awk (copy)
|
Category: |
dropped
|
Dump: |
is-S82MB.tmp.4.dr
|
ID: |
dr_776
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
3.9029718132347653
|
Encrypted: |
false
|
Ssdeep: |
3:TMQr+Div/FURWFEMWEHeI/jg6IA2xfFK/clVzKFz5f9pwZrvn:A9JtMWoDUrFK/clVzKFVffav
|
Size: |
214
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\share\awk\zerofile.awk (copy)
|
awk or perl script, ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\awk\zerofile.awk (copy)
|
Category: |
dropped
|
Dump: |
is-4GA5T.tmp.4.dr
|
ID: |
dr_777
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
awk or perl script, ASCII text
|
Entropy: |
4.833712889141928
|
Encrypted: |
false
|
Ssdeep: |
12:pq+eX/VKBiwrV/h/sTBAu/frs/AFf5/htBAuA:QshV/hkNAGDsYZ5/hrAN
|
Size: |
424
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\share\licenses\gcc-libs\RUNTIME.LIBRARY.EXCEPTION (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\licenses\gcc-libs\RUNTIME.LIBRARY.EXCEPTION (copy)
|
Category: |
dropped
|
Dump: |
is-2NEKU.tmp.4.dr
|
ID: |
dr_778
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.657970991150273
|
Encrypted: |
false
|
Ssdeep: |
96:SDLuUETp4Y6+qu+vvQwmIYBQ2wzNade4BtT2eC7XL:SDaESS4wgqjc9qeC7XL
|
Size: |
3324
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\share\licenses\gcc-libs\is-2NEKU.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\licenses\gcc-libs\is-2NEKU.tmp
|
Category: |
dropped
|
Dump: |
is-2NEKU.tmp.4.dr
|
ID: |
dr_232
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.657970991150273
|
Encrypted: |
false
|
Ssdeep: |
96:SDLuUETp4Y6+qu+vvQwmIYBQ2wzNade4BtT2eC7XL:SDaESS4wgqjc9qeC7XL
|
Size: |
3324
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\share\licenses\libsqlite\LICENSE (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\licenses\libsqlite\LICENSE (copy)
|
Category: |
dropped
|
Dump: |
is-MQ86A.tmp.4.dr
|
ID: |
dr_779
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.417235616262876
|
Encrypted: |
false
|
Ssdeep: |
24:DpHrRlj2O2UCZoYUErIe9QPDsv/MVSo7xdD84iUOwIo/CID8:DBUU9ErgPDqUjNdDNiTo/CID8
|
Size: |
1528
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\share\licenses\libsqlite\is-MQ86A.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\licenses\libsqlite\is-MQ86A.tmp
|
Category: |
dropped
|
Dump: |
is-MQ86A.tmp.4.dr
|
ID: |
dr_235
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.417235616262876
|
Encrypted: |
false
|
Ssdeep: |
24:DpHrRlj2O2UCZoYUErIe9QPDsv/MVSo7xdD84iUOwIo/CID8:DBUU9ErgPDqUjNdDNiTo/CID8
|
Size: |
1528
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\share\licenses\ncurses\is-PHVSI.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\licenses\ncurses\is-PHVSI.tmp
|
Category: |
dropped
|
Dump: |
is-PHVSI.tmp.4.dr
|
ID: |
dr_238
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.211661100516947
|
Encrypted: |
false
|
Ssdeep: |
48:LNyWJPEiPvw4EbhQH6sFIIL3KZiFvYr0YuF0YYNpL:LCiPQQHPjKZDr0YHvN
|
Size: |
2292
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\share\licenses\ncurses\license.txt (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\licenses\ncurses\license.txt (copy)
|
Category: |
dropped
|
Dump: |
is-PHVSI.tmp.4.dr
|
ID: |
dr_780
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.211661100516947
|
Encrypted: |
false
|
Ssdeep: |
48:LNyWJPEiPvw4EbhQH6sFIIL3KZiFvYr0YuF0YYNpL:LCiPQQHPjKZDr0YHvN
|
Size: |
2292
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\share\licenses\openssh\LICENCE (copy)
|
Unicode text, UTF-8 text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\licenses\openssh\LICENCE (copy)
|
Category: |
dropped
|
Dump: |
is-A0M80.tmp.4.dr
|
ID: |
dr_781
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Unicode text, UTF-8 text
|
Entropy: |
4.981820832999263
|
Encrypted: |
false
|
Ssdeep: |
384:nySMVmsG9bxELCbACU559rsQrs3PNbtnErsQrs1LT8dnydrs8rsPohdCYjoM4rqj:nsG9dELcA1559PKNbtEPgTEyTBhdJj15
|
Size: |
18563
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\share\licenses\openssh\is-A0M80.tmp
|
Unicode text, UTF-8 text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\licenses\openssh\is-A0M80.tmp
|
Category: |
dropped
|
Dump: |
is-A0M80.tmp.4.dr
|
ID: |
dr_241
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Unicode text, UTF-8 text
|
Entropy: |
4.981820832999263
|
Encrypted: |
false
|
Ssdeep: |
384:nySMVmsG9bxELCbACU559rsQrs3PNbtnErsQrs1LT8dnydrs8rsPohdCYjoM4rqj:nsG9dELcA1559PKNbtEPgTEyTBhdJj15
|
Size: |
18563
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\share\licenses\openssl\LICENSE (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\licenses\openssl\LICENSE (copy)
|
Category: |
dropped
|
Dump: |
is-A6DEF.tmp.4.dr
|
ID: |
dr_782
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.131101092967376
|
Encrypted: |
false
|
Ssdeep: |
96:MuZOOrYJarYJTqBMvgQgk3bzAxxnkVbYCk1MbrYJArYJOHbSLli3+3zX4T3CCg:TZOOrsarslvgQgk3eZ++1MbrsArsQoi8
|
Size: |
6121
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\share\licenses\openssl\is-A6DEF.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\licenses\openssl\is-A6DEF.tmp
|
Category: |
dropped
|
Dump: |
is-A6DEF.tmp.4.dr
|
ID: |
dr_244
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
5.131101092967376
|
Encrypted: |
false
|
Ssdeep: |
96:MuZOOrYJarYJTqBMvgQgk3bzAxxnkVbYCk1MbrYJArYJOHbSLli3+3zX4T3CCg:TZOOrsarslvgQgk3eZ++1MbrsArsQoi8
|
Size: |
6121
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\share\licenses\zlib\LICENSE (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\licenses\zlib\LICENSE (copy)
|
Category: |
dropped
|
Dump: |
is-P5EH1.tmp.4.dr
|
ID: |
dr_783
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.440843931751654
|
Encrypted: |
false
|
Ssdeep: |
24:Ltxm0M+/jxAb/oyhQNKMTp4/GE+wjqt8PgBO:LW03/jeb/bh6KMTp4/z3jqeCO
|
Size: |
1002
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\share\licenses\zlib\is-P5EH1.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\share\licenses\zlib\is-P5EH1.tmp
|
Category: |
dropped
|
Dump: |
is-P5EH1.tmp.4.dr
|
ID: |
dr_258
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.440843931751654
|
Encrypted: |
false
|
Ssdeep: |
24:Ltxm0M+/jxAb/oyhQNKMTp4/GE+wjqt8PgBO:LW03/jeb/bh6KMTp4/z3jqeCO
|
Size: |
1002
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\ssl\ct_log_list.cnf (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\ssl\ct_log_list.cnf (copy)
|
Category: |
dropped
|
Dump: |
is-TMT94.tmp.4.dr
|
ID: |
dr_784
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.630279584626542
|
Encrypted: |
false
|
Ssdeep: |
12:qS7ura5gECl+pcmcCL2kXwZRMEoYqhE6N:qInaJl1+WoLBN
|
Size: |
412
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\ssl\ct_log_list.cnf.dist (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\ssl\ct_log_list.cnf.dist (copy)
|
Category: |
dropped
|
Dump: |
is-TGTPO.tmp.4.dr
|
ID: |
dr_785
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.630279584626542
|
Encrypted: |
false
|
Ssdeep: |
12:qS7ura5gECl+pcmcCL2kXwZRMEoYqhE6N:qInaJl1+WoLBN
|
Size: |
412
|
Whitelisted: |
true
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\ssl\is-3MH2O.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\ssl\is-3MH2O.tmp
|
Category: |
dropped
|
Dump: |
is-3MH2O.tmp.4.dr
|
ID: |
dr_269
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.997492081599919
|
Encrypted: |
false
|
Ssdeep: |
192:9h8p9fYhNtmGpr/kWJGXgvr/YVML6A+smgYuFo8fA+smgaHMLlEp83ezmB2jb:3yhMpr/kCGwvr/YVCti7esOR
|
Size: |
10909
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\ssl\is-T0Q67.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\ssl\is-T0Q67.tmp
|
Category: |
dropped
|
Dump: |
is-T0Q67.tmp.4.dr
|
ID: |
dr_266
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.997492081599919
|
Encrypted: |
false
|
Ssdeep: |
192:9h8p9fYhNtmGpr/kWJGXgvr/YVML6A+smgYuFo8fA+smgaHMLlEp83ezmB2jb:3yhMpr/kCGwvr/YVCti7esOR
|
Size: |
10909
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\ssl\is-TGTPO.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\ssl\is-TGTPO.tmp
|
Category: |
dropped
|
Dump: |
is-TGTPO.tmp.4.dr
|
ID: |
dr_263
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.630279584626542
|
Encrypted: |
false
|
Ssdeep: |
12:qS7ura5gECl+pcmcCL2kXwZRMEoYqhE6N:qInaJl1+WoLBN
|
Size: |
412
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\ssl\is-TMT94.tmp
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\ssl\is-TMT94.tmp
|
Category: |
dropped
|
Dump: |
is-TMT94.tmp.4.dr
|
ID: |
dr_260
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.630279584626542
|
Encrypted: |
false
|
Ssdeep: |
12:qS7ura5gECl+pcmcCL2kXwZRMEoYqhE6N:qInaJl1+WoLBN
|
Size: |
412
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Git\usr\ssl\openssl.cnf (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\ssl\openssl.cnf (copy)
|
Category: |
dropped
|
Dump: |
is-T0Q67.tmp.4.dr
|
ID: |
dr_786
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.997492081599919
|
Encrypted: |
false
|
Ssdeep: |
192:9h8p9fYhNtmGpr/kWJGXgvr/YVML6A+smgYuFo8fA+smgaHMLlEp83ezmB2jb:3yhMpr/kCGwvr/YVCti7esOR
|
Size: |
10909
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Git\usr\ssl\openssl.cnf.dist (copy)
|
ASCII text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Git\usr\ssl\openssl.cnf.dist (copy)
|
Category: |
dropped
|
Dump: |
is-3MH2O.tmp.4.dr
|
ID: |
dr_787
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
ASCII text
|
Entropy: |
4.997492081599919
|
Encrypted: |
false
|
Ssdeep: |
192:9h8p9fYhNtmGpr/kWJGXgvr/YVML6A+smgYuFo8fA+smgaHMLlEp83ezmB2jb:3yhMpr/kCGwvr/YVCti7esOR
|
Size: |
10909
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\ASP.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\ASP.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-39AQO.tmp.4.dr
|
ID: |
dr_405
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.538982327519802
|
Encrypted: |
false
|
Ssdeep: |
768:1Dqu0xIBOdkNU7S0mCkj8rrV3as7wOsHM3m3Qd98xDtzQ:1WuOUObNrV3aIfS33a
|
Size: |
119772
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\ActionScript.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\ActionScript.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-3A6SB.tmp.4.dr
|
ID: |
dr_403
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
5.187955319320103
|
Encrypted: |
false
|
Ssdeep: |
192:FLJtiHbymBjxc3t1RSDNUyLaHemooSuhYyOO9hnje7uaTMojv5Iqrna64GnOzm/d:LtYbnB2oDNPLRo45u5ybwojhJLLCm/d
|
Size: |
17561
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\AppleScript.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\AppleScript.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-57O8N.tmp.4.dr
|
ID: |
dr_404
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.78064213411636
|
Encrypted: |
false
|
Ssdeep: |
384:97/8i6iM3CjyTv2UMCz3zqoOk+y0QF1OP5ma:qp31TOU2oOAnERma
|
Size: |
33990
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\Batch File.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\Batch File.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-JIPQ4.tmp.4.dr
|
ID: |
dr_406
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.5273122554490595
|
Encrypted: |
false
|
Ssdeep: |
1536:3D+JMkHD3PzkrEcZ6mR5xondNxzutu7I+uz9JFnQ8dnlig5DpNKvCekB5221dJN2:q5D3pP
|
Size: |
328491
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\Binary.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\Binary.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-IN7HB.tmp.4.dr
|
ID: |
dr_407
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
5.161020374990796
|
Encrypted: |
false
|
Ssdeep: |
12:5jJmKruwXkuca6lyrIrku6sHLDjwzdIDvJmlu2DkZu:9J1rJXvggsHYd46/R
|
Size: |
496
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\C#.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\C#.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-JP28L.tmp.4.dr
|
ID: |
dr_408
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.286024209444611
|
Encrypted: |
false
|
Ssdeep: |
1536:s7PfXH04tZ9MWkUApWzHQVXc3F0vraqkwRZ0tchpLFCXnkSm:SPP04JADNZ/PN
|
Size: |
299305
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\C++.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\C++.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-17UDH.tmp.4.dr
|
ID: |
dr_409
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.726008018516386
|
Encrypted: |
false
|
Ssdeep: |
6144:hjH+VT2CSwam4iXHiXAEinivciMdvXkXJrJcCptJjiUiHiXR/ajQlp60:hjH+VT2CSwam4iXHiXAEinivciMdvXk1
|
Size: |
382653
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\CSS.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\CSS.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-R70J6.tmp.4.dr
|
ID: |
dr_413
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.439429645162574
|
Encrypted: |
false
|
Ssdeep: |
1536:lsPFtEX2Ty5O+mOghaUjnr0chSulgD0g6F3glCDIAK85YtQ7acVswsOAK/4GQaQh:lsPFtHyOhaUjnrOC3pyBenKs4Bj4Elp
|
Size: |
402158
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\Clojure.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\Clojure.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-O73N1.tmp.4.dr
|
ID: |
dr_410
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.544664118127066
|
Encrypted: |
false
|
Ssdeep: |
768:MmWlGvycIKcH+ceH7Ls89/eBT3EaUhqZBaZXyQzeQ:MoeBTUHhqZBaZXyoeQ
|
Size: |
98363
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\Color Scheme - Default.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\Color Scheme - Default.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-B40SR.tmp.4.dr
|
ID: |
dr_411
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.215176603734274
|
Encrypted: |
false
|
Ssdeep: |
384:di2U08TnGeMkehIbjDqqSL0JtQL/yqSknvc+zghUx1OLptrqSLABCrEFsbmVmzyL:QTAoRIb+AOQ7Yo
|
Size: |
52200
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\Color Scheme - Legacy.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\Color Scheme - Legacy.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-6O896.tmp.4.dr
|
ID: |
dr_412
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.6975399230443795
|
Encrypted: |
false
|
Ssdeep: |
768:Y0JO1xO2at9l/Kays2fAQVBVTmdg7rghIId4Hk7rghIMULe5ajPk:fOGCgd4NULew4
|
Size: |
266233
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\D.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\D.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-OL32C.tmp.4.dr
|
ID: |
dr_414
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.5736317273549725
|
Encrypted: |
false
|
Ssdeep: |
768:Bpuk8jqEuzjNrH0yXKaeAcjbxUOwmbCDiA5gLsJy/FcmeRslvtnJo:HOkeAwbxUOwmbCDiA5g0SFcmO
|
Size: |
244686
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\Default - Merge.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\Default - Merge.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-PM40K.tmp.4.dr
|
ID: |
dr_415
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.846431614153475
|
Encrypted: |
false
|
Ssdeep: |
192:IlnFn4rTC53tCD9VITe1Hh8ra6LqJamXIxibe4u9nkCqRfkbvt4FlI3cbhp8BR7o:I0HC5ccOourMbO+dysULF5CSLre4d7
|
Size: |
36270
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\Default.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\Default.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-EQNJ2.tmp.4.dr
|
ID: |
dr_416
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
5.184684647530307
|
Encrypted: |
false
|
Ssdeep: |
3072:2ie8ErEfj91BacLAI55v52qTEd1OxcYnKzjdSe9+NX6moQpRDW2bi:ffjxbrAjIeqK
|
Size: |
282592
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\Erlang.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\Erlang.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-6IBNG.tmp.4.dr
|
ID: |
dr_417
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.388446055236439
|
Encrypted: |
false
|
Ssdeep: |
768:FylLa2uteNYukBEnA/cW95qEpjgFAHBlqXx4NXpYuNEWOcmkoStoh60nTQlrjDZn:FiDjFR5nLgsxfRe
|
Size: |
402132
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\Git Formats.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\Git Formats.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-1RJMU.tmp.4.dr
|
ID: |
dr_418
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.686405266938026
|
Encrypted: |
false
|
Ssdeep: |
1536:0smBTpvGi4KZvOBiEFFjbBEFFpyx2PT2xBYq+fv7SGT3tVMavTFjHneapIMaM9uI:Lmr5ZS0NgKak+ySm
|
Size: |
234552
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\Go.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\Go.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-1QK2D.tmp.4.dr
|
ID: |
dr_419
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.378433284993739
|
Encrypted: |
false
|
Ssdeep: |
3072:atYeVp82M0IdwdOQBgdBMfdxOqdO6BadBUDYeYOwSAQkeidKCYS2ixNpvdJvtpNE:aU0z
|
Size: |
396220
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\Graphviz.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\Graphviz.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-1VO30.tmp.4.dr
|
ID: |
dr_420
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.67044903923011
|
Encrypted: |
false
|
Ssdeep: |
384:6o5maa3GQi9Gh3eg/JfqqZofdkuw/kjrUIvbk2JJL5HPlxQmJyAQj5Iqu3g/iMhY:6o5mt3Gwhx/JC/VmAQj5IqumBzrPO
|
Size: |
73326
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\Groovy.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\Groovy.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-1QVA7.tmp.4.dr
|
ID: |
dr_421
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
5.421688712191047
|
Encrypted: |
false
|
Ssdeep: |
1536:JTbtyK75OK7rI6oXHBeBC7EAoZv8KG+YLwT6JP8oIFCgPn+zBa57N33+wqyx2LVP:ZD7Vo
|
Size: |
89087
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\HTML.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\HTML.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-77KBV.tmp.4.dr
|
ID: |
dr_423
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.6505280494875985
|
Encrypted: |
false
|
Ssdeep: |
384:r2sd0jDz39anO3V9UeJSlfV5FQw1gcjRsTUJWEBIkxEWeGsT0sC8OHKiniL:rI39gjRsTUJWMEjiW
|
Size: |
103523
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\Haskell.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\Haskell.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-NNB3F.tmp.4.dr
|
ID: |
dr_422
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.579026357870598
|
Encrypted: |
false
|
Ssdeep: |
768:qzXfLOaIs+7ZKpvP4RlD68TLBS8fik81IOCd4vCOReRDbBzXCcgGTSxX9/j94iRM:vKvN8ak9OnHGYj9zLKVif/vIRIbWrdfN
|
Size: |
374515
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\JSON.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\JSON.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-MMEAL.tmp.4.dr
|
ID: |
dr_426
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
5.124147216925339
|
Encrypted: |
false
|
Ssdeep: |
192:y3735j37i5H375D7375UVu6Shu6S5irdCTrHirJSUx0TXgNOwwfntINTUIUV/hXn:ypYJ7uVAyisSrJzMntIynCv4M+7b
|
Size: |
17699
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\Java.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\Java.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-RNI9P.tmp.4.dr
|
ID: |
dr_424
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.366621895462164
|
Encrypted: |
false
|
Ssdeep: |
3072:X2YiO+Ied1znvmrFQDDr+U7n1fuf9VMS1Bfm3LyRoMj:mYiO+ISzn0j
|
Size: |
908150
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\JavaScript.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\JavaScript.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-RQTV1.tmp.4.dr
|
ID: |
dr_425
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.633892772858284
|
Encrypted: |
false
|
Ssdeep: |
3072:w07gKwfb285lM6jzre0rn1n/dF8CVxPt96EFoDVL7:w0EKwfb28sVB
|
Size: |
386812
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\LaTeX.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\LaTeX.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-1FLC4.tmp.4.dr
|
ID: |
dr_428
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.749313610668783
|
Encrypted: |
false
|
Ssdeep: |
1536:+17/M9FNjvvX55BabIrYqUhVxBN4lQu8CaZ8ltzHw:E/M9FVvX554bIrY9nu8CaZ8ltc
|
Size: |
241068
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\Language - English.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\Language - English.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-BUMB1.tmp.4.dr
|
ID: |
dr_427
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.883947016473318
|
Encrypted: |
false
|
Ssdeep: |
49152:LtFT8dBiA4+yEJxQ3ULut9QyLZvGZX792Hw3qoJdmQFCOnax:n
|
Size: |
1673087
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\Lisp.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\Lisp.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-FIBDP.tmp.4.dr
|
ID: |
dr_429
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.368997804825651
|
Encrypted: |
false
|
Ssdeep: |
768:bn7aCTs78sLew3w6PUgqt239NfjclFqjB7xkNI5clJfPHqDQycxdjLb8y38Ct5tn:HsPXCb8y38W5tFxOFrreHXKE9AW1
|
Size: |
201020
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\Lua.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\Lua.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-T983B.tmp.4.dr
|
ID: |
dr_430
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.681046490124997
|
Encrypted: |
false
|
Ssdeep: |
384:79Ldm26UB1hgwnLceEvGIyxTW1cc1yJw0xyRR16GAaK/8XQrFiWXNns0+gpl6bMq:f6UBfgwnLhEvGIaPpLGY8T
|
Size: |
80322
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\Makefile.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\Makefile.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-M07HC.tmp.4.dr
|
ID: |
dr_431
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.7209710011481985
|
Encrypted: |
false
|
Ssdeep: |
768:uR5endONTTdpZOh1I4+Phz9y9Id1Yzeby8:uVYFeby8
|
Size: |
64268
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\Markdown.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\Markdown.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-CJT2P.tmp.4.dr
|
ID: |
dr_432
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.860713644662055
|
Encrypted: |
false
|
Ssdeep: |
3072:shFVRozTBEwgSATDZ2iJHDw5XVz7p6uB/5k4hsLFkFKcdqJYQgqyRemlBdDBahFr:mDgkC+CDA
|
Size: |
499052
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\Matlab.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\Matlab.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-SDAI5.tmp.4.dr
|
ID: |
dr_433
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.957946628256629
|
Encrypted: |
false
|
Ssdeep: |
1536:rWEKquRytGCrdan5uR3Wxpb37431IRnjHhGH:jSRy0yQ5uR3W2yQ
|
Size: |
141655
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\OCaml.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\OCaml.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-NVVKN.tmp.4.dr
|
ID: |
dr_435
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
5.1108225023557186
|
Encrypted: |
false
|
Ssdeep: |
384:iHvDQJBPI5jPjEnl3QqE96a9QJtmdJd8TDuAlvflw+53UD0Xn0EyIVvcbGATo1M8:mDQLI5jPjsl3QqE9oJtmOKGd31A6
|
Size: |
61036
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\Objective-C.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\Objective-C.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-2VUO7.tmp.4.dr
|
ID: |
dr_434
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.804205885711258
|
Encrypted: |
false
|
Ssdeep: |
6144:iit9nqbiMdvXkXJrJcCptJjiUiHilRlkp8lp6MdiXHiXAEiniu:icqbiMdvXkXJrJcCptJjiUiHilRmp8lk
|
Size: |
308826
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\PHP.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\PHP.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-A5A81.tmp.4.dr
|
ID: |
dr_438
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
5.06625210283719
|
Encrypted: |
false
|
Ssdeep: |
24576:P/QmXfnDQaLyuYVx0xSdCWTPMIxGc4LiIYbeKQ:7DHLybMIxW
|
Size: |
1266428
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\Pascal.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\Pascal.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-3KNQH.tmp.4.dr
|
ID: |
dr_436
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
5.240895607613184
|
Encrypted: |
false
|
Ssdeep: |
48:9BAd1KwMQ9Hud1nLrgsmpylaYV9PxHNxCaUzXnp+KXnVUzmmxx0Y3AKt6ptJcJp+:vI9HiLjmEQYfxH+OmmT0YxQaxhVw/7N
|
Size: |
5457
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\Perl.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\Perl.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-A2RBT.tmp.4.dr
|
ID: |
dr_437
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.585681488251869
|
Encrypted: |
false
|
Ssdeep: |
6144:PxYKmENlapi/yZF5FIRRwJjvFKlldwllFzllQW:G
|
Size: |
329263
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\Python.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\Python.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-0AEER.tmp.4.dr
|
ID: |
dr_439
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.843582010233564
|
Encrypted: |
false
|
Ssdeep: |
1536:D6Xn+TgAThsk1h8DA8+wDDUq2V+wupZMZ2+9worA0S+j7Umsoo0qT:D6OT3Thn1h8DvvT
|
Size: |
159187
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\R.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\R.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-K2CK4.tmp.4.dr
|
ID: |
dr_440
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
5.158689853067352
|
Encrypted: |
false
|
Ssdeep: |
1536:jVnYSIzUpXZDgV/mfaYbOrtOSQ5W1q5jKU38UCJ:aSYUpXZDgV/mfaYbOrtOSQ/5jKU38UCJ
|
Size: |
81203
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\Rails.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\Rails.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-FSOUQ.tmp.4.dr
|
ID: |
dr_441
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
5.363382865904437
|
Encrypted: |
false
|
Ssdeep: |
768:KW+I+DQKs89qMPK8l/5HcYGGotq0Dizer7i3jDMoE8Xz7KTRkmqIKqKK+vhaoyH9:6pXcYGGotq0Dik4jDM47KTKmqzkTf
|
Size: |
164276
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\Regular Expressions.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\Regular Expressions.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-26A5I.tmp.4.dr
|
ID: |
dr_442
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.895306252167432
|
Encrypted: |
false
|
Ssdeep: |
384:wI8QpOFNwIRwj7FZF9bFtbF5Y+isRyiWH0Oi0hnqqeO5w9Brx5Mr+TKyTcbcQX:fOFNwIqgJeLBrrMrx
|
Size: |
54525
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\RestructuredText.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\RestructuredText.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-QB9TF.tmp.4.dr
|
ID: |
dr_443
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.819296162717372
|
Encrypted: |
false
|
Ssdeep: |
96:GNFBe4Uc0wod4qvt63bmTv8w7Bvpy0d5nhaTntJ358PX/Jb/bLfP0:5bwod4gt6LUh00d5nunj3uPXRb/bg
|
Size: |
12016
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\Ruby.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\Ruby.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-6D149.tmp.4.dr
|
ID: |
dr_444
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
5.193494678262701
|
Encrypted: |
false
|
Ssdeep: |
1536:7wMhZRCmQFuKjUcRlZvTR7zmuQusmeMDdjRro4kfbdyfu7e:UYymQF7R7zmTusmvDvrolpyfu7e
|
Size: |
208087
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\Rust.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\Rust.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-UONIK.tmp.4.dr
|
ID: |
dr_445
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.710393056961018
|
Encrypted: |
false
|
Ssdeep: |
1536:5Ll5h8KPCI822RG0BANSnc3zPp3qNcdy9Tw9Dgj6QTM4mi1:5l5jPCI82k3ANSnc3F6NhAo7
|
Size: |
206854
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\SQL.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\SQL.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-DPVJP.tmp.4.dr
|
ID: |
dr_448
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.765905681351292
|
Encrypted: |
false
|
Ssdeep: |
384:cIMOAmbWt4DkcIScZ6Nv9QsbMvMUgpWEiS:jMOAm5kcIScZ6zQskA
|
Size: |
29019
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\Scala.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\Scala.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-NMRNH.tmp.4.dr
|
ID: |
dr_446
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.680430523680469
|
Encrypted: |
false
|
Ssdeep: |
3072:9GK+LAVlfcvsQXAWDo1yNIzXw9whLYmiuqvz/CGNj:6LAVlfcvsQXAWgyNIzXw9whxiuqvz/Cu
|
Size: |
132886
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\ShellScript.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\ShellScript.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-L4S2C.tmp.4.dr
|
ID: |
dr_447
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.567328632642135
|
Encrypted: |
false
|
Ssdeep: |
768:feE66FnQmWRMPtQzV9W1RTHDzM4xuzsZ+LfXJMqwUCvGTgi0eo/pZmD55rwtOPR9:k3DTTrvghRhaiTAWB91H98f
|
Size: |
444312
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\TCL.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\TCL.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-LI2J2.tmp.4.dr
|
ID: |
dr_449
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.900969644552667
|
Encrypted: |
false
|
Ssdeep: |
384:490RAqsWm49PeDlL2KkBPCJllePpLJSei0Dbo5Hkn6pJni6JsDzurgTgv0Ibh1TQ:4wmDUKkBPaePvSei0Dbo5En6Xn3fc/IY
|
Size: |
36057
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\Text.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\Text.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-O3FON.tmp.4.dr
|
ID: |
dr_450
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
5.177399818552961
|
Encrypted: |
false
|
Ssdeep: |
24:9fBuddj2tgRPWBC9Xi1P/BbiK9R1ZD4bJi+zUrBhCc:9fGdveCtiNkmcbJRzIPCc
|
Size: |
1157
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\Textile.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\Textile.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-B8H39.tmp.4.dr
|
ID: |
dr_451
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
5.290994887453625
|
Encrypted: |
false
|
Ssdeep: |
384:Q5RoOawGNoWgRFGS3Iso4XJiZAZ6hpHauxrdGjI:YGS3LRZk
|
Size: |
13228
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\Theme - Default.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\Theme - Default.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-STSVB.tmp.4.dr
|
ID: |
dr_452
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
6.9684313634692
|
Encrypted: |
false
|
Ssdeep: |
6144:G7SsMU7SME5s6sKObj8L+e4ruqGFhotUjE6U9AzC:G7SsMU7SME5s6sKObj8Ce4NwRE6AAzC
|
Size: |
403314
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\Theme - Merge.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\Theme - Merge.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-F4QFS.tmp.4.dr
|
ID: |
dr_453
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
6.725824436665387
|
Encrypted: |
false
|
Ssdeep: |
6144:VW+18MNV+GYVFueLxmfNbv0GwVeMIUV0wgC/:VW+18MNV+GYVFuA4fNb1wVe7UVngC/
|
Size: |
246754
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\XML.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\XML.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-M00NR.tmp.4.dr
|
ID: |
dr_454
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.356708721629162
|
Encrypted: |
false
|
Ssdeep: |
3072:g4tVce8c77v8rUJ0pA9W4hzjdgBjnqk69BRD6bRh2ZJ1Z01JmsQErrP5nrTJ4vEf:xtVce8c77v8rUJ0pA9W4hzjdgBjnqk6I
|
Size: |
113247
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\YAML.sublime-package (copy)
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\YAML.sublime-package (copy)
|
Category: |
dropped
|
Dump: |
is-F059V.tmp.4.dr
|
ID: |
dr_455
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.894284715133006
|
Encrypted: |
false
|
Ssdeep: |
384:UjSWFwrhvZ9uyD2M4bkgvueKesPWfmDbDfIBh0uwlAM8WsWygbg8ZhDt1NF2Nm0a:+SWqrR2wa309
|
Size: |
69028
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\Packages\is-0AEER.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-0AEER.tmp
|
Category: |
dropped
|
Dump: |
is-0AEER.tmp.4.dr
|
ID: |
dr_254
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.843582010233564
|
Encrypted: |
false
|
Ssdeep: |
1536:D6Xn+TgAThsk1h8DA8+wDDUq2V+wupZMZ2+9worA0S+j7Umsoo0qT:D6OT3Thn1h8DvvT
|
Size: |
159187
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-17UDH.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-17UDH.tmp
|
Category: |
dropped
|
Dump: |
is-17UDH.tmp.4.dr
|
ID: |
dr_134
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.726008018516386
|
Encrypted: |
false
|
Ssdeep: |
6144:hjH+VT2CSwam4iXHiXAEinivciMdvXkXJrJcCptJjiUiHiXR/ajQlp60:hjH+VT2CSwam4iXHiXAEinivciMdvXk1
|
Size: |
382653
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-1FLC4.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-1FLC4.tmp
|
Category: |
dropped
|
Dump: |
is-1FLC4.tmp.4.dr
|
ID: |
dr_213
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.749313610668783
|
Encrypted: |
false
|
Ssdeep: |
1536:+17/M9FNjvvX55BabIrYqUhVxBN4lQu8CaZ8ltzHw:E/M9FVvX554bIrY9nu8CaZ8ltc
|
Size: |
241068
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-1QK2D.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-1QK2D.tmp
|
Category: |
dropped
|
Dump: |
is-1QK2D.tmp.4.dr
|
ID: |
dr_174
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.378433284993739
|
Encrypted: |
false
|
Ssdeep: |
3072:atYeVp82M0IdwdOQBgdBMfdxOqdO6BadBUDYeYOwSAQkeidKCYS2ixNpvdJvtpNE:aU0z
|
Size: |
396220
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-1QVA7.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-1QVA7.tmp
|
Category: |
dropped
|
Dump: |
is-1QVA7.tmp.4.dr
|
ID: |
dr_176
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
5.421688712191047
|
Encrypted: |
false
|
Ssdeep: |
1536:JTbtyK75OK7rI6oXHBeBC7EAoZv8KG+YLwT6JP8oIFCgPn+zBa57N33+wqyx2LVP:ZD7Vo
|
Size: |
89087
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-1RJMU.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-1RJMU.tmp
|
Category: |
dropped
|
Dump: |
is-1RJMU.tmp.4.dr
|
ID: |
dr_173
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.686405266938026
|
Encrypted: |
false
|
Ssdeep: |
1536:0smBTpvGi4KZvOBiEFFjbBEFFpyx2PT2xBYq+fv7SGT3tVMavTFjHneapIMaM9uI:Lmr5ZS0NgKak+ySm
|
Size: |
234552
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-1VO30.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-1VO30.tmp
|
Category: |
dropped
|
Dump: |
is-1VO30.tmp.4.dr
|
ID: |
dr_175
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.67044903923011
|
Encrypted: |
false
|
Ssdeep: |
384:6o5maa3GQi9Gh3eg/JfqqZofdkuw/kjrUIvbk2JJL5HPlxQmJyAQj5Iqu3g/iMhY:6o5mt3Gwhx/JC/VmAQj5IqumBzrPO
|
Size: |
73326
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-26A5I.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-26A5I.tmp
|
Category: |
dropped
|
Dump: |
is-26A5I.tmp.4.dr
|
ID: |
dr_257
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.895306252167432
|
Encrypted: |
false
|
Ssdeep: |
384:wI8QpOFNwIRwj7FZF9bFtbF5Y+isRyiWH0Oi0hnqqeO5w9Brx5Mr+TKyTcbcQX:fOFNwIqgJeLBrrMrx
|
Size: |
54525
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-2VUO7.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-2VUO7.tmp
|
Category: |
dropped
|
Dump: |
is-2VUO7.tmp.4.dr
|
ID: |
dr_249
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.804205885711258
|
Encrypted: |
false
|
Ssdeep: |
6144:iit9nqbiMdvXkXJrJcCptJjiUiHilRlkp8lp6MdiXHiXAEiniu:icqbiMdvXkXJrJcCptJjiUiHilRmp8lk
|
Size: |
308826
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-39AQO.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-39AQO.tmp
|
Category: |
dropped
|
Dump: |
is-39AQO.tmp.4.dr
|
ID: |
dr_130
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.538982327519802
|
Encrypted: |
false
|
Ssdeep: |
768:1Dqu0xIBOdkNU7S0mCkj8rrV3as7wOsHM3m3Qd98xDtzQ:1WuOUObNrV3aIfS33a
|
Size: |
119772
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-3A6SB.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-3A6SB.tmp
|
Category: |
dropped
|
Dump: |
is-3A6SB.tmp.4.dr
|
ID: |
dr_128
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
5.187955319320103
|
Encrypted: |
false
|
Ssdeep: |
192:FLJtiHbymBjxc3t1RSDNUyLaHemooSuhYyOO9hnje7uaTMojv5Iqrna64GnOzm/d:LtYbnB2oDNPLRo45u5ybwojhJLLCm/d
|
Size: |
17561
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-3KNQH.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-3KNQH.tmp
|
Category: |
dropped
|
Dump: |
is-3KNQH.tmp.4.dr
|
ID: |
dr_251
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
5.240895607613184
|
Encrypted: |
false
|
Ssdeep: |
48:9BAd1KwMQ9Hud1nLrgsmpylaYV9PxHNxCaUzXnp+KXnVUzmmxx0Y3AKt6ptJcJp+:vI9HiLjmEQYfxH+OmmT0YxQaxhVw/7N
|
Size: |
5457
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-57O8N.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-57O8N.tmp
|
Category: |
dropped
|
Dump: |
is-57O8N.tmp.4.dr
|
ID: |
dr_129
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.78064213411636
|
Encrypted: |
false
|
Ssdeep: |
384:97/8i6iM3CjyTv2UMCz3zqoOk+y0QF1OP5ma:qp31TOU2oOAnERma
|
Size: |
33990
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-6D149.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-6D149.tmp
|
Category: |
dropped
|
Dump: |
is-6D149.tmp.4.dr
|
ID: |
dr_288
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
5.193494678262701
|
Encrypted: |
false
|
Ssdeep: |
1536:7wMhZRCmQFuKjUcRlZvTR7zmuQusmeMDdjRro4kfbdyfu7e:UYymQF7R7zmTusmvDvrolpyfu7e
|
Size: |
208087
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-6IBNG.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-6IBNG.tmp
|
Category: |
dropped
|
Dump: |
is-6IBNG.tmp.4.dr
|
ID: |
dr_172
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.388446055236439
|
Encrypted: |
false
|
Ssdeep: |
768:FylLa2uteNYukBEnA/cW95qEpjgFAHBlqXx4NXpYuNEWOcmkoStoh60nTQlrjDZn:FiDjFR5nLgsxfRe
|
Size: |
402132
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-6O896.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-6O896.tmp
|
Category: |
dropped
|
Dump: |
is-6O896.tmp.4.dr
|
ID: |
dr_137
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.6975399230443795
|
Encrypted: |
false
|
Ssdeep: |
768:Y0JO1xO2at9l/Kays2fAQVBVTmdg7rghIId4Hk7rghIMULe5ajPk:fOGCgd4NULew4
|
Size: |
266233
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-77KBV.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-77KBV.tmp
|
Category: |
dropped
|
Dump: |
is-77KBV.tmp.4.dr
|
ID: |
dr_208
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.6505280494875985
|
Encrypted: |
false
|
Ssdeep: |
384:r2sd0jDz39anO3V9UeJSlfV5FQw1gcjRsTUJWEBIkxEWeGsT0sC8OHKiniL:rI39gjRsTUJWMEjiW
|
Size: |
103523
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-A2RBT.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-A2RBT.tmp
|
Category: |
dropped
|
Dump: |
is-A2RBT.tmp.4.dr
|
ID: |
dr_252
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.585681488251869
|
Encrypted: |
false
|
Ssdeep: |
6144:PxYKmENlapi/yZF5FIRRwJjvFKlldwllFzllQW:G
|
Size: |
329263
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-A5A81.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-A5A81.tmp
|
Category: |
dropped
|
Dump: |
is-A5A81.tmp.4.dr
|
ID: |
dr_253
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
5.06625210283719
|
Encrypted: |
false
|
Ssdeep: |
24576:P/QmXfnDQaLyuYVx0xSdCWTPMIxGc4LiIYbeKQ:7DHLybMIxW
|
Size: |
1266428
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-B40SR.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-B40SR.tmp
|
Category: |
dropped
|
Dump: |
is-B40SR.tmp.4.dr
|
ID: |
dr_136
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.215176603734274
|
Encrypted: |
false
|
Ssdeep: |
384:di2U08TnGeMkehIbjDqqSL0JtQL/yqSknvc+zghUx1OLptrqSLABCrEFsbmVmzyL:QTAoRIb+AOQ7Yo
|
Size: |
52200
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-B8H39.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-B8H39.tmp
|
Category: |
dropped
|
Dump: |
is-B8H39.tmp.4.dr
|
ID: |
dr_295
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
5.290994887453625
|
Encrypted: |
false
|
Ssdeep: |
384:Q5RoOawGNoWgRFGS3Iso4XJiZAZ6hpHauxrdGjI:YGS3LRZk
|
Size: |
13228
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-BUMB1.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-BUMB1.tmp
|
Category: |
dropped
|
Dump: |
is-BUMB1.tmp.4.dr
|
ID: |
dr_212
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.883947016473318
|
Encrypted: |
false
|
Ssdeep: |
49152:LtFT8dBiA4+yEJxQ3ULut9QyLZvGZX792Hw3qoJdmQFCOnax:n
|
Size: |
1673087
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-CJT2P.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-CJT2P.tmp
|
Category: |
dropped
|
Dump: |
is-CJT2P.tmp.4.dr
|
ID: |
dr_217
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.860713644662055
|
Encrypted: |
false
|
Ssdeep: |
3072:shFVRozTBEwgSATDZ2iJHDw5XVz7p6uB/5k4hsLFkFKcdqJYQgqyRemlBdDBahFr:mDgkC+CDA
|
Size: |
499052
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-DPVJP.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-DPVJP.tmp
|
Category: |
dropped
|
Dump: |
is-DPVJP.tmp.4.dr
|
ID: |
dr_292
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.765905681351292
|
Encrypted: |
false
|
Ssdeep: |
384:cIMOAmbWt4DkcIScZ6Nv9QsbMvMUgpWEiS:jMOAm5kcIScZ6zQskA
|
Size: |
29019
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-EQNJ2.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-EQNJ2.tmp
|
Category: |
dropped
|
Dump: |
is-EQNJ2.tmp.4.dr
|
ID: |
dr_171
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
5.184684647530307
|
Encrypted: |
false
|
Ssdeep: |
3072:2ie8ErEfj91BacLAI55v52qTEd1OxcYnKzjdSe9+NX6moQpRDW2bi:ffjxbrAjIeqK
|
Size: |
282592
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-F059V.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-F059V.tmp
|
Category: |
dropped
|
Dump: |
is-F059V.tmp.4.dr
|
ID: |
dr_319
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.894284715133006
|
Encrypted: |
false
|
Ssdeep: |
384:UjSWFwrhvZ9uyD2M4bkgvueKesPWfmDbDfIBh0uwlAM8WsWygbg8ZhDt1NF2Nm0a:+SWqrR2wa309
|
Size: |
69028
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-F4QFS.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-F4QFS.tmp
|
Category: |
dropped
|
Dump: |
is-F4QFS.tmp.4.dr
|
ID: |
dr_317
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
6.725824436665387
|
Encrypted: |
false
|
Ssdeep: |
6144:VW+18MNV+GYVFueLxmfNbv0GwVeMIUV0wgC/:VW+18MNV+GYVFuA4fNb1wVe7UVngC/
|
Size: |
246754
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-FIBDP.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-FIBDP.tmp
|
Category: |
dropped
|
Dump: |
is-FIBDP.tmp.4.dr
|
ID: |
dr_214
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.368997804825651
|
Encrypted: |
false
|
Ssdeep: |
768:bn7aCTs78sLew3w6PUgqt239NfjclFqjB7xkNI5clJfPHqDQycxdjLb8y38Ct5tn:HsPXCb8y38W5tFxOFrreHXKE9AW1
|
Size: |
201020
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-FSOUQ.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-FSOUQ.tmp
|
Category: |
dropped
|
Dump: |
is-FSOUQ.tmp.4.dr
|
ID: |
dr_256
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
5.363382865904437
|
Encrypted: |
false
|
Ssdeep: |
768:KW+I+DQKs89qMPK8l/5HcYGGotq0Dizer7i3jDMoE8Xz7KTRkmqIKqKK+vhaoyH9:6pXcYGGotq0Dik4jDM47KTKmqzkTf
|
Size: |
164276
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-IN7HB.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-IN7HB.tmp
|
Category: |
dropped
|
Dump: |
is-IN7HB.tmp.4.dr
|
ID: |
dr_132
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
5.161020374990796
|
Encrypted: |
false
|
Ssdeep: |
12:5jJmKruwXkuca6lyrIrku6sHLDjwzdIDvJmlu2DkZu:9J1rJXvggsHYd46/R
|
Size: |
496
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-JIPQ4.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-JIPQ4.tmp
|
Category: |
dropped
|
Dump: |
is-JIPQ4.tmp.4.dr
|
ID: |
dr_131
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.5273122554490595
|
Encrypted: |
false
|
Ssdeep: |
1536:3D+JMkHD3PzkrEcZ6mR5xondNxzutu7I+uz9JFnQ8dnlig5DpNKvCekB5221dJN2:q5D3pP
|
Size: |
328491
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-JP28L.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-JP28L.tmp
|
Category: |
dropped
|
Dump: |
is-JP28L.tmp.4.dr
|
ID: |
dr_133
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.286024209444611
|
Encrypted: |
false
|
Ssdeep: |
1536:s7PfXH04tZ9MWkUApWzHQVXc3F0vraqkwRZ0tchpLFCXnkSm:SPP04JADNZ/PN
|
Size: |
299305
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-K2CK4.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-K2CK4.tmp
|
Category: |
dropped
|
Dump: |
is-K2CK4.tmp.4.dr
|
ID: |
dr_255
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
5.158689853067352
|
Encrypted: |
false
|
Ssdeep: |
1536:jVnYSIzUpXZDgV/mfaYbOrtOSQ5W1q5jKU38UCJ:aSYUpXZDgV/mfaYbOrtOSQ/5jKU38UCJ
|
Size: |
81203
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-L4S2C.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-L4S2C.tmp
|
Category: |
dropped
|
Dump: |
is-L4S2C.tmp.4.dr
|
ID: |
dr_291
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.567328632642135
|
Encrypted: |
false
|
Ssdeep: |
768:feE66FnQmWRMPtQzV9W1RTHDzM4xuzsZ+LfXJMqwUCvGTgi0eo/pZmD55rwtOPR9:k3DTTrvghRhaiTAWB91H98f
|
Size: |
444312
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-LI2J2.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-LI2J2.tmp
|
Category: |
dropped
|
Dump: |
is-LI2J2.tmp.4.dr
|
ID: |
dr_293
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.900969644552667
|
Encrypted: |
false
|
Ssdeep: |
384:490RAqsWm49PeDlL2KkBPCJllePpLJSei0Dbo5Hkn6pJni6JsDzurgTgv0Ibh1TQ:4wmDUKkBPaePvSei0Dbo5En6Xn3fc/IY
|
Size: |
36057
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-M00NR.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-M00NR.tmp
|
Category: |
dropped
|
Dump: |
is-M00NR.tmp.4.dr
|
ID: |
dr_318
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.356708721629162
|
Encrypted: |
false
|
Ssdeep: |
3072:g4tVce8c77v8rUJ0pA9W4hzjdgBjnqk69BRD6bRh2ZJ1Z01JmsQErrP5nrTJ4vEf:xtVce8c77v8rUJ0pA9W4hzjdgBjnqk6I
|
Size: |
113247
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-M07HC.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-M07HC.tmp
|
Category: |
dropped
|
Dump: |
is-M07HC.tmp.4.dr
|
ID: |
dr_216
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.7209710011481985
|
Encrypted: |
false
|
Ssdeep: |
768:uR5endONTTdpZOh1I4+Phz9y9Id1Yzeby8:uVYFeby8
|
Size: |
64268
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-MMEAL.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-MMEAL.tmp
|
Category: |
dropped
|
Dump: |
is-MMEAL.tmp.4.dr
|
ID: |
dr_211
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
5.124147216925339
|
Encrypted: |
false
|
Ssdeep: |
192:y3735j37i5H375D7375UVu6Shu6S5irdCTrHirJSUx0TXgNOwwfntINTUIUV/hXn:ypYJ7uVAyisSrJzMntIynCv4M+7b
|
Size: |
17699
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-NMRNH.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-NMRNH.tmp
|
Category: |
dropped
|
Dump: |
is-NMRNH.tmp.4.dr
|
ID: |
dr_290
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.680430523680469
|
Encrypted: |
false
|
Ssdeep: |
3072:9GK+LAVlfcvsQXAWDo1yNIzXw9whLYmiuqvz/CGNj:6LAVlfcvsQXAWgyNIzXw9whxiuqvz/Cu
|
Size: |
132886
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-NNB3F.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-NNB3F.tmp
|
Category: |
dropped
|
Dump: |
is-NNB3F.tmp.4.dr
|
ID: |
dr_177
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.579026357870598
|
Encrypted: |
false
|
Ssdeep: |
768:qzXfLOaIs+7ZKpvP4RlD68TLBS8fik81IOCd4vCOReRDbBzXCcgGTSxX9/j94iRM:vKvN8ak9OnHGYj9zLKVif/vIRIbWrdfN
|
Size: |
374515
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-NVVKN.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-NVVKN.tmp
|
Category: |
dropped
|
Dump: |
is-NVVKN.tmp.4.dr
|
ID: |
dr_250
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
5.1108225023557186
|
Encrypted: |
false
|
Ssdeep: |
384:iHvDQJBPI5jPjEnl3QqE96a9QJtmdJd8TDuAlvflw+53UD0Xn0EyIVvcbGATo1M8:mDQLI5jPjsl3QqE9oJtmOKGd31A6
|
Size: |
61036
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-O3FON.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-O3FON.tmp
|
Category: |
dropped
|
Dump: |
is-O3FON.tmp.4.dr
|
ID: |
dr_294
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
5.177399818552961
|
Encrypted: |
false
|
Ssdeep: |
24:9fBuddj2tgRPWBC9Xi1P/BbiK9R1ZD4bJi+zUrBhCc:9fGdveCtiNkmcbJRzIPCc
|
Size: |
1157
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-O73N1.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-O73N1.tmp
|
Category: |
dropped
|
Dump: |
is-O73N1.tmp.4.dr
|
ID: |
dr_135
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.544664118127066
|
Encrypted: |
false
|
Ssdeep: |
768:MmWlGvycIKcH+ceH7Ls89/eBT3EaUhqZBaZXyQzeQ:MoeBTUHhqZBaZXyoeQ
|
Size: |
98363
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-OL32C.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-OL32C.tmp
|
Category: |
dropped
|
Dump: |
is-OL32C.tmp.4.dr
|
ID: |
dr_169
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.5736317273549725
|
Encrypted: |
false
|
Ssdeep: |
768:Bpuk8jqEuzjNrH0yXKaeAcjbxUOwmbCDiA5gLsJy/FcmeRslvtnJo:HOkeAwbxUOwmbCDiA5g0SFcmO
|
Size: |
244686
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-PM40K.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-PM40K.tmp
|
Category: |
dropped
|
Dump: |
is-PM40K.tmp.4.dr
|
ID: |
dr_170
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.846431614153475
|
Encrypted: |
false
|
Ssdeep: |
192:IlnFn4rTC53tCD9VITe1Hh8ra6LqJamXIxibe4u9nkCqRfkbvt4FlI3cbhp8BR7o:I0HC5ccOourMbO+dysULF5CSLre4d7
|
Size: |
36270
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-QB9TF.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-QB9TF.tmp
|
Category: |
dropped
|
Dump: |
is-QB9TF.tmp.4.dr
|
ID: |
dr_287
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.819296162717372
|
Encrypted: |
false
|
Ssdeep: |
96:GNFBe4Uc0wod4qvt63bmTv8w7Bvpy0d5nhaTntJ358PX/Jb/bLfP0:5bwod4gt6LUh00d5nunj3uPXRb/bg
|
Size: |
12016
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-R70J6.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-R70J6.tmp
|
Category: |
dropped
|
Dump: |
is-R70J6.tmp.4.dr
|
ID: |
dr_168
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.439429645162574
|
Encrypted: |
false
|
Ssdeep: |
1536:lsPFtEX2Ty5O+mOghaUjnr0chSulgD0g6F3glCDIAK85YtQ7acVswsOAK/4GQaQh:lsPFtHyOhaUjnrOC3pyBenKs4Bj4Elp
|
Size: |
402158
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-RNI9P.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-RNI9P.tmp
|
Category: |
dropped
|
Dump: |
is-RNI9P.tmp.4.dr
|
ID: |
dr_209
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.366621895462164
|
Encrypted: |
false
|
Ssdeep: |
3072:X2YiO+Ied1znvmrFQDDr+U7n1fuf9VMS1Bfm3LyRoMj:mYiO+ISzn0j
|
Size: |
908150
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-RQTV1.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-RQTV1.tmp
|
Category: |
dropped
|
Dump: |
is-RQTV1.tmp.4.dr
|
ID: |
dr_210
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.633892772858284
|
Encrypted: |
false
|
Ssdeep: |
3072:w07gKwfb285lM6jzre0rn1n/dF8CVxPt96EFoDVL7:w0EKwfb28sVB
|
Size: |
386812
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-SDAI5.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-SDAI5.tmp
|
Category: |
dropped
|
Dump: |
is-SDAI5.tmp.4.dr
|
ID: |
dr_248
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.957946628256629
|
Encrypted: |
false
|
Ssdeep: |
1536:rWEKquRytGCrdan5uR3Wxpb37431IRnjHhGH:jSRy0yQ5uR3W2yQ
|
Size: |
141655
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-STSVB.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-STSVB.tmp
|
Category: |
dropped
|
Dump: |
is-STSVB.tmp.4.dr
|
ID: |
dr_296
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
6.9684313634692
|
Encrypted: |
false
|
Ssdeep: |
6144:G7SsMU7SME5s6sKObj8L+e4ruqGFhotUjE6U9AzC:G7SsMU7SME5s6sKObj8Ce4NwRE6AAzC
|
Size: |
403314
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-T983B.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-T983B.tmp
|
Category: |
dropped
|
Dump: |
is-T983B.tmp.4.dr
|
ID: |
dr_215
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.681046490124997
|
Encrypted: |
false
|
Ssdeep: |
384:79Ldm26UB1hgwnLceEvGIyxTW1cc1yJw0xyRR16GAaK/8XQrFiWXNns0+gpl6bMq:f6UBfgwnLhEvGIaPpLGY8T
|
Size: |
80322
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\Packages\is-UONIK.tmp
|
Zip archive data, at least v2.0 to extract, compression method=store
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\Packages\is-UONIK.tmp
|
Category: |
dropped
|
Dump: |
is-UONIK.tmp.4.dr
|
ID: |
dr_289
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
Zip archive data, at least v2.0 to extract, compression method=store
|
Entropy: |
4.710393056961018
|
Encrypted: |
false
|
Ssdeep: |
1536:5Ll5h8KPCI822RG0BANSnc3zPp3qNcdy9Tw9Dgj6QTM4mi1:5l5jPCI82k3ANSnc3F6NhAo7
|
Size: |
206854
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\changelog.txt (copy)
|
HTML document, Unicode text, UTF-8 text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\changelog.txt (copy)
|
Category: |
dropped
|
Dump: |
is-U8O8O.tmp.4.dr
|
ID: |
dr_788
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
HTML document, Unicode text, UTF-8 text
|
Entropy: |
4.771044815257441
|
Encrypted: |
false
|
Ssdeep: |
768:RXrXdoV/FpqVH0uxm2oEXmtJRMg9pjhHzpaMsD2wnSnPLAet/Y4N3+:NdO2pgNaMGpeOz
|
Size: |
59621
|
Whitelisted: |
false
|
Reputation: |
timeout
|
|
C:\Program Files\Sublime Merge\crash_handler.exe (copy)
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\crash_handler.exe (copy)
|
Category: |
dropped
|
Dump: |
is-Q6HKJ.tmp.4.dr
|
ID: |
dr_400
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (GUI) x86-64, for MS Windows
|
Entropy: |
6.508602621494966
|
Encrypted: |
false
|
Ssdeep: |
12288:9aI/sXeW40/VT0llhRu1JwucnBw1JafbDiYgAB+iBZjodOi/ecZjHNtIDCnE6CFL:l/ueW40NTUnBCIfFRdZjni/ecZjHNtIp
|
Size: |
683904
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\is-39IJ3.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\is-39IJ3.tmp
|
Category: |
dropped
|
Dump: |
is-39IJ3.tmp.4.dr
|
ID: |
dr_6
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
6.589695728897208
|
Encrypted: |
false
|
Ssdeep: |
49152:uAflT10yNDM0HHvR3PhgxSlbcFBTtUCFFNZpHRJB:oEDH5/iBnFFNZpHB
|
Size: |
2365824
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\is-4EI04.tmp
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\is-4EI04.tmp
|
Category: |
dropped
|
Dump: |
is-4EI04.tmp.4.dr
|
ID: |
dr_4
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (GUI) x86-64, for MS Windows
|
Entropy: |
6.299819907079116
|
Encrypted: |
false
|
Ssdeep: |
3072:u3J35y4+C/WGA8BUeuxFeUdSTrL7vZtoY4OG/cOp:u3t5yHC/JA8St3eUdSHLohHp
|
Size: |
183680
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\is-65J4M.tmp
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\is-65J4M.tmp
|
Category: |
dropped
|
Dump: |
is-65J4M.tmp.4.dr
|
ID: |
dr_3
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (GUI) x86-64, for MS Windows
|
Entropy: |
6.561536815941871
|
Encrypted: |
false
|
Ssdeep: |
98304:37evUZtbqkULJittdGOTHHKQDyhEIOFFEbzE42hxHbgqKFmph6Bt:iHo6OTX/ozERhxHUqKkph6D
|
Size: |
8741248
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\is-6FBIR.tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\is-6FBIR.tmp
|
Category: |
dropped
|
Dump: |
is-6FBIR.tmp.4.dr
|
ID: |
dr_2
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (GUI) Intel 80386, for MS Windows
|
Entropy: |
6.412402881281171
|
Encrypted: |
false
|
Ssdeep: |
24576:RtdAm9DUi/CR3wCkCiRgoG7hBaHkbEXXeG/jFt5lTxytI:PqTytRFk6ek1LJ
|
Size: |
1188232
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\is-Q6HKJ.tmp
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\is-Q6HKJ.tmp
|
Category: |
dropped
|
Dump: |
is-Q6HKJ.tmp.4.dr
|
ID: |
dr_5
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (GUI) x86-64, for MS Windows
|
Entropy: |
6.508602621494966
|
Encrypted: |
false
|
Ssdeep: |
12288:9aI/sXeW40/VT0llhRu1JwucnBw1JafbDiYgAB+iBZjodOi/ecZjHNtIDCnE6CFL:l/ueW40NTUnBCIfFRdZjni/ecZjHNtIp
|
Size: |
683904
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\is-TGD4U.tmp
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\is-TGD4U.tmp
|
Category: |
dropped
|
Dump: |
is-TGD4U.tmp.4.dr
|
ID: |
dr_7
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (GUI) x86-64, for MS Windows
|
Entropy: |
6.393874670345117
|
Encrypted: |
false
|
Ssdeep: |
3072:du6AF/AB2jmyDV8ZMcIDLAO7ZrHjfvxAJVputh2oY4mLNA+XWVYb:UZF/AB2VDV8ScSz7ZrHjfyJV3ohmnrb
|
Size: |
208256
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\is-U8O8O.tmp
|
HTML document, Unicode text, UTF-8 text
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\is-U8O8O.tmp
|
Category: |
dropped
|
Dump: |
is-U8O8O.tmp.4.dr
|
ID: |
dr_272
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
HTML document, Unicode text, UTF-8 text
|
Entropy: |
4.771044815257441
|
Encrypted: |
false
|
Ssdeep: |
768:RXrXdoV/FpqVH0uxm2oEXmtJRMg9pjhHzpaMsD2wnSnPLAet/Y4N3+:NdO2pgNaMGpeOz
|
Size: |
59621
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\smerge.exe (copy)
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\smerge.exe (copy)
|
Category: |
dropped
|
Dump: |
is-39IJ3.tmp.4.dr
|
ID: |
dr_401
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
6.589695728897208
|
Encrypted: |
false
|
Ssdeep: |
49152:uAflT10yNDM0HHvR3PhgxSlbcFBTtUCFFNZpHRJB:oEDH5/iBnFFNZpHB
|
Size: |
2365824
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\ssh-askpass-sublime.exe (copy)
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\ssh-askpass-sublime.exe (copy)
|
Category: |
dropped
|
Dump: |
is-TGD4U.tmp.4.dr
|
ID: |
dr_402
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (GUI) x86-64, for MS Windows
|
Entropy: |
6.393874670345117
|
Encrypted: |
false
|
Ssdeep: |
3072:du6AF/AB2jmyDV8ZMcIDLAO7ZrHjfvxAJVputh2oY4mLNA+XWVYb:UZF/AB2VDV8ScSz7ZrHjfyJV3ohmnrb
|
Size: |
208256
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\sublime_merge.exe (copy)
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\sublime_merge.exe (copy)
|
Category: |
dropped
|
Dump: |
is-65J4M.tmp.4.dr
|
ID: |
dr_398
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (GUI) x86-64, for MS Windows
|
Entropy: |
6.561536815941871
|
Encrypted: |
false
|
Ssdeep: |
98304:37evUZtbqkULJittdGOTHHKQDyhEIOFFEbzE42hxHbgqKFmph6Bt:iHo6OTX/ozERhxHUqKkph6D
|
Size: |
8741248
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Program Files\Sublime Merge\unins000.dat
|
InnoSetup Log 64-bit Sublime Merge, version 0x418, 76737 bytes, 124406\37\user\376\, C:\Program Files\Sublime Merge\376\377\377
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\unins000.dat
|
Category: |
dropped
|
Dump: |
unins000.dat.4.dr
|
ID: |
dr_281
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
InnoSetup Log 64-bit Sublime Merge, version 0x418, 76737 bytes, 124406\37\user\376\, C:\Program Files\Sublime Merge\376\377\377
|
Entropy: |
3.426421210254555
|
Encrypted: |
false
|
Ssdeep: |
768:Iz48gIMDPpJmipkAVKcCKcRS5yYRxWcAvI:F+B/w
|
Size: |
76737
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\unins000.exe (copy)
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\unins000.exe (copy)
|
Category: |
dropped
|
Dump: |
is-6FBIR.tmp.4.dr
|
ID: |
dr_397
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32 executable (GUI) Intel 80386, for MS Windows
|
Entropy: |
6.412402881281171
|
Encrypted: |
false
|
Ssdeep: |
24576:RtdAm9DUi/CR3wCkCiRgoG7hBaHkbEXXeG/jFt5lTxytI:PqTytRFk6ek1LJ
|
Size: |
1188232
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
|
C:\Program Files\Sublime Merge\unins000.msg
|
InnoSetup messages, version 5.5.3, 221 messages (UTF-16), &About Setup...
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\unins000.msg
|
Category: |
dropped
|
Dump: |
unins000.msg.4.dr
|
ID: |
dr_278
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
InnoSetup messages, version 5.5.3, 221 messages (UTF-16), &About Setup...
|
Entropy: |
3.2704486925356004
|
Encrypted: |
false
|
Ssdeep: |
192:Q41EjXgkg3Sqf8sfr69FT0AKanzLYfMa1tzvL7Vzo+Fc51USQDztXfbKJUfvo:Q41Elvqf9r6fKVfMmRo+y1USQDztP3o
|
Size: |
22709
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
|
C:\Program Files\Sublime Merge\update_installer.exe (copy)
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Program Files\Sublime Merge\update_installer.exe (copy)
|
Category: |
dropped
|
Dump: |
is-4EI04.tmp.4.dr
|
ID: |
dr_399
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (GUI) x86-64, for MS Windows
|
Entropy: |
6.299819907079116
|
Encrypted: |
false
|
Ssdeep: |
3072:u3J35y4+C/WGA8BUeuxFeUdSTrL7vZtoY4OG/cOp:u3t5yHC/JA8St3eUdSHLohHp
|
Size: |
183680
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Merge.lnk
|
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive,
ctime=Mon Dec 23 10:35:09 2024, mtime=Mon Dec 23 10:35:09 2024, atime=Mon Oct 28 06:33:36 2024, length=8741248, window=hide
|
dropped
|
|
|
|
File: |
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Merge.lnk
|
Category: |
dropped
|
Dump: |
Sublime Merge.lnk.4.dr
|
ID: |
dr_275
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive,
ctime=Mon Dec 23 10:35:09 2024, mtime=Mon Dec 23 10:35:09 2024, atime=Mon Oct 28 06:33:36 2024, length=8741248, window=hide
|
Entropy: |
4.52931395304699
|
Encrypted: |
false
|
Ssdeep: |
12:8m3c6FYXxjh9dKTbdpF4ITpbBZk63iAitYjAwrjbdpWaA1tbdpWNx4xwmV:8mM6bdpNWmYyAAdWdAx4wm
|
Size: |
925
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Stores files to the Windows start menu directory |
Boot Survival |
Registry Run Keys / Startup Folder
|
|
C:\Users\user\AppData\Local\Temp\is-524BH.tmp\_isetup\_setup64.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Users\user\AppData\Local\Temp\is-524BH.tmp\_isetup\_setup64.tmp
|
Category: |
dropped
|
Dump: |
_setup64.tmp.4.dr
|
ID: |
dr_1
|
Target ID: |
4
|
Process: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Type: |
PE32+ executable (console) x86-64, for MS Windows
|
Entropy: |
4.720366600008286
|
Encrypted: |
false
|
Ssdeep: |
96:sfkcXegaJ/ZAYNzcld1xaX12p+gt1sONA0:sfJEVYlvxaX12C6A0
|
Size: |
6144
|
Whitelisted: |
true
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
|
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
File: |
C:\Users\user\AppData\Local\Temp\is-V942G.tmp\sublime_merge_build_2102_x64_setup.tmp
|
Category: |
dropped
|
Dump: |
sublime_merge_build_2102_x64_setup.tmp.2.dr
|
ID: |
dr_0
|
Target ID: |
2
|
Process: |
C:\Users\user\Desktop\sublime_merge_build_2102_x64_setup.exe
|
Type: |
PE32 executable (GUI) Intel 80386, for MS Windows
|
Entropy: |
6.412402881281171
|
Encrypted: |
false
|
Ssdeep: |
24576:RtdAm9DUi/CR3wCkCiRgoG7hBaHkbEXXeG/jFt5lTxytI:PqTytRFk6ek1LJ
|
Size: |
1188232
|
Whitelisted: |
false
|
Reputation: |
timeout
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Drops PE files |
Persistence and Installation Behavior |
|
Found dropped PE file which has not been started or loaded |
Malware Analysis System Evasion |
|
Queries keyboard layouts |
Malware Analysis System Evasion |
System Information Discovery
|
Queries the volume information (name, serial number etc) of a device |
Language, Device and Operating System Detection |
System Information Discovery
|
Stores files to the Windows start menu directory |
Boot Survival |
Registry Run Keys / Startup Folder
|
Creates files inside the program directory |
System Summary |
|
Creates files inside the user directory |
System Summary |
|
Disables application error messsages (SetErrorMode) |
Hooking and other Techniques for Hiding and Protection |
|
Parts of this applications are using Borland Delphi (Probably coded in Delphi) |
System Summary |
|
Queries a list of all running processes |
Malware Analysis System Evasion |
|
Reads ini files |
System Summary |
File and Directory Discovery
|
Reads the Windows registered organization settings |
System Summary |
System Owner/User Discovery
|
Spawns processes |
System Summary |
|
Tries to load missing DLLs |
System Summary |
|
Uses an in-process (OLE) Automation server |
System Summary |
|
Creates a directory in C:\Program Files |
Compliance, System Summary |
|
Creates a software uninstall entry |
Compliance, System Summary |
|
Executable creates window controls seldom found in malware |
System Summary |
|
Found GUI installer (many successful clicks) |
System Summary |
|
Reads the Windows registered owner settings |
System Summary |
System Owner/User Discovery
|
|