← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
research 5 * CAPE Sandbox
WHITE msudosos 2026-05-22 Modified: 2026-05-25
3951
IOCs
HIGH VOLUME
[look back at the results of the WaproIntegration.exe analysis, conducted by Asseco Business Solutions, and published by the Microsoft Office (MSW) on 1 January 2017.] Client *doesnt* have windows.
cnamestronglibraryfile typefile sizemwdbbazaarsha3384ssdeepnone rticonacceptshutdownbacksha256guardregistersloadsdcompe fileperforms dnssamplenetwork infoprocesses extraaslrurlsoverviewmitre attackoverview zenboxdefense evasionnextserverdomain namedomain statusemailregistrantregistrargooglehigh prioritygmt ifnonematchprioritysha1detail infotickcountfilenamebehaviourimagepathcmdlineoffsettargetprocesswriteaddresssizewriteshellopendefaultaddress virtualshell folderspayloadbootkitstreamtofseeseraph secureg4 codesigning rsa4096sha384ca1 validfromcode signingalgorithmthumbprintthumbprint md5respondernothingip addressregistry keyscape sandboxfoundcenterhttpporttitlecreatesdropped infoascii textheadbodypersistencedatednssecstatusabuse contactregistrar abusecontact phoneregistrar ianakey identifierx509v3 subjectnumberissuercus cnthawtetls rsaca g1odigicert inccde stbayerninfov3 seriallmnchen oteamcus cnr3oletsubject publickey infokey algorithmcus oletencrypt cnr10validitycus starizonacngo daddyauthorityg2 validityavailable fromcoderegistry techadmin countrykr registrantorganizationexpiration daterdap databasehandleiana registrarlinkscus oapplepublic serverrsa cag1 validitypublic keynamedomainexpiry datequery timeunitedupdate date
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (86 / 3951 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 IPv4 URL hostname domain email IPv6 Mutex
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 2be30473e872451da174145e9b33abdf 2026-05-22
FileHash-MD5 3364fab042831f297dc37b70cca734e2 2026-05-22
FileHash-MD5 4ec2ceca1241e72c0a75d993516941d8 2026-05-22
FileHash-MD5 50ccf4d183835e2f537e822bb94c7ebd 2026-05-22
FileHash-MD5 6b94b476cc5e4053960185350b9958cb 2026-05-22
FileHash-MD5 85cade207c7f269d500264b26c65bc24 2026-05-22
FileHash-MD5 916b3a003f0205adcd6c6d202cf427f6 2026-05-22
FileHash-MD5 b04f3c60afb0156b84fe3dd00748f8f6 2026-05-22
FileHash-MD5 bb3ac2c21e02c68abcad237dc3fa6d00 2026-05-22
FileHash-MD5 1ece34ddeba14a72ec1c8788ebb40b6e 2026-05-22
FileHash-MD5 41b369c381696da6d20a32432a676d09 2026-05-22
FileHash-MD5 908fa1703ccd29438389439a5e39542a 2026-05-22
FileHash-MD5 ada79a13ebdf165816a558ae331b2ead 2026-05-22
FileHash-MD5 be3560359bcedd2e28831263c6c4eae9 2026-05-22
FileHash-MD5 d15a21ce2d02cb115ada44c516d36910 2026-05-22
FileHash-MD5 dbce2e7c306f2e96c197b78230a909a6 2026-05-22
FileHash-MD5 2b13e5ed07cc359c51fb9e04be522360 2026-05-22
FileHash-MD5 93eabc64831793516336500039d98cac 2026-05-22
FileHash-MD5 bb768eab19f122a6994524984baa7348 2026-05-22
FileHash-MD5 d1a6d375bd4e66fa293dc15b1fbcf4b5 2026-05-22
FileHash-MD5 00d152c1523e56c619d25f6c96c21a41 2026-05-22
FileHash-MD5 0bdef4d92a94790d7d279561a490c5bb 2026-05-22
FileHash-MD5 1ebc4b3ab3b23f896de2d55a4efdf473 2026-05-22
FileHash-MD5 1f83c4509d309a7cab495858ef7d1a8d 2026-05-22
FileHash-MD5 23c325ac0f3042a328f8387ef3ff3a0c 2026-05-22
FileHash-MD5 392b4d61b1d1dadc1f06444df258188a 2026-05-22
FileHash-MD5 4118fac85d3c7a49b6889e71a54fd3b7 2026-05-22
FileHash-MD5 42061ef95c951f5f664c0a846c9f3cf1 2026-05-22
FileHash-MD5 64efec9f0dd2955de50c14dacfe76f41 2026-05-22
FileHash-MD5 686f40ae776d9638a830c9a812897676 2026-05-22
FileHash-MD5 6c6b65687ed235cb86b7ebb9999a7746 2026-05-22
FileHash-MD5 7b07262916bc3bd9914dcf9c9bcd224b 2026-05-22
FileHash-MD5 8202c237f7a908b07b8f06137a31590e 2026-05-22
FileHash-MD5 96efea0e9d0a18bce15fe7bec297f093 2026-05-22
FileHash-MD5 b0186bfb128dd87c65da98140190fa23 2026-05-22
FileHash-MD5 cde93a16f9d9348f1528f9c05d033572 2026-05-22
FileHash-MD5 ce1e537f3bee34b262ace968ce8c1cff 2026-05-22
FileHash-MD5 d26dd300166e52481cd20d03f4be0f8c 2026-05-22
FileHash-MD5 e55641fba39eaff4ee89e5fc0af8f337 2026-05-22
FileHash-MD5 f1aa631204fa2aab6347b5720a170748 2026-05-22
FileHash-MD5 2dae62f878f840b12f4f0b369b465155 2026-05-22
FileHash-MD5 32a069a9c8d16e41e5eecc97fbd917f4 2026-05-22
FileHash-MD5 4496ed33d5c888823b0aad70e0c60475 2026-05-22
FileHash-MD5 480b04e9ba972d65531d2d24535836bd 2026-05-22
FileHash-MD5 672ebf11deba13e4f3f87b14a0079b59 2026-05-22
FileHash-MD5 68712f2e944bb16d048037e45403e94a 2026-05-22
FileHash-MD5 757512cd1f7aa36b5009398bf203730b 2026-05-22
FileHash-MD5 8233db5db66e97a9b1ccac7c9c39095a 2026-05-22
FileHash-MD5 a2fcec728cf62911fd07c5c5e0bf03e3 2026-05-22
FileHash-MD5 a738f70ddfe8b728e3a778b20cdcc17b 2026-05-22
FileHash-MD5 bffe9150cad9225a49fd0fef53f42368 2026-05-22
FileHash-MD5 c3dd680b4add0d79e3758a65b810fdcc 2026-05-22
FileHash-MD5 cf285cf70eb157ac77152249c62fc973 2026-05-22
FileHash-MD5 d3b3def7ecf99632f101ea3fc853623f 2026-05-22
FileHash-MD5 d46a28dbcca27143655c0d2a5c41b888 2026-05-22
FileHash-MD5 d6cc5ea7a3edc1f3c028afead759fa67 2026-05-22
FileHash-MD5 dfb72d41f1e34c0b54f38f78b184e78a 2026-05-22
FileHash-MD5 fb3f2db0e0baffee1b8de89374baae1c 2026-05-22
FileHash-MD5 1354fff31595f081912f6510cbf93c60 2026-05-22
FileHash-MD5 1a5681e49b7e3d6e74d5f1a0b5038f0e 2026-05-22
FileHash-MD5 2116aa4561bb4567a80c6aefbb8937f7 2026-05-22
FileHash-MD5 2594dd8887f582058226bcdd1b1a7c5b 2026-05-22
FileHash-MD5 2d24bf7e4cb1026a48a94a1b1302e685 2026-05-22
FileHash-MD5 2f2e7006c8cc3a91328af2b44c003b19 2026-05-22
FileHash-MD5 36aca64342e317a965993effb8acfdd0 2026-05-22
FileHash-MD5 642d746b7d6f4fc6ebe778b0611ce358 2026-05-22
FileHash-MD5 6c2c5fc1974f3ea46a832b74df2c7fa2 2026-05-22
FileHash-MD5 966d7a43ed4feeb7f8a9eb536e94b7c1 2026-05-22
FileHash-MD5 99db24ae75faecb66c9f00090bad83ab 2026-05-22
FileHash-MD5 c516c934426b299eef750723fd89ddf6 2026-05-22
FileHash-MD5 c8a4c97cb58314ea08c457831f53caa6 2026-05-22
FileHash-MD5 ddbb3eef631957f988f10b48742f9549 2026-05-22
FileHash-MD5 e2da71de103084c097b5fa6c8fa914f0 2026-05-22
FileHash-MD5 e31abef615d0fde9c2cdc5f2bd13c5c7 2026-05-22
FileHash-MD5 3b5074b1b5d032e5620f69f9f700ff0e 2026-05-22
FileHash-MD5 223bf019ef684ea9fcabeb35f22e78fd MD5 of 09badb19582df8788a5228c5c359c0976aee4b103b7139631c39fb6264daf823 2026-05-22
FileHash-MD5 43209de6d4cc3cffcc841e7ad710890c 2026-05-22
FileHash-MD5 495ac303d566dd687af1e65bb259f29e 2026-05-22
FileHash-MD5 b3d0fac6de1cce99599cbd9a91102123 2026-05-22
FileHash-MD5 bfb7cca8aee3e2b6ed0d6f694c795381 2026-05-22
FileHash-MD5 e48fd1279df3ec220752d05c27a87952 2026-05-22
FileHash-MD5 f1f56c6375770b1f7b04fa676d23a724 2026-05-22
FileHash-MD5 2c7e5ed12042f438eb47fcc3988936c4 2026-05-22
FileHash-MD5 6ea2ecadb3b90420b9e6cbaf787bbce3 2026-05-22
FileHash-MD5 778617ee40345599fc23f11e402baf00 MD5 of a664cf4f5b58504ef6435d8d4db03a9b886a94aeded0f7e1f509a4c0b2448bc8 2026-05-22
FileHash-MD5 dfae5b2d26f2ec293f9f822adfe94e61 MD5 of 71e5a6ab02a478bd8ac951c67cd7f253c73cfb877a63e5ec860dd1c80e1bf978 2026-05-22
References (10)
↗ https://vtbehaviour.commondatastorage.googleapis.com/004a881e84a216c4bc74f3c80b65b93b0e92730e8650fcd540ddd9c05496821f_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1779437688&Signature=gFtkoBqF5pShJtX6qkZtdovQkyQMLUYrFOjDP6NqgmFoOhYNKhh4DR%2BRduecXCaeSRa%2FFMLPwsZ1NNrjc%2Fg3iGJunOiw%2BNVCbqHgsCqgFukn94EvgBPpTB6B9jvTJkiWGF2dGk%2Bc%2FRUi11iqTV98lN1HTrKNfw0yL67LRmHYEPltNEYRvTe3krIx9Lc3e%2FgV5D2YEoCr%2BEB72AwqJDp3RZPJVsuY1pQBVpH%2FTq4FHpa% ↗ https://vtbehaviour.commondatastorage.googleapis.com/01b1f4159b48ac9d2145ca334ac5088cb79c8d4c03cf0688a87e55335349b331_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1779437830&Signature=o1mMUhfVofwSs5xyuFNizd0ePwrbhenHNa%2FGv1rJB1qPc8iZP5wkSG7TAOksy%2Bbq%2BSYFTz%2BK5iCcc3PayR7eyLcifui7TFP%2BR6BRfA165PwBWOQoBUg5NFD9IRXuidu5YGzacnbqDVdrzIWuDRh1%2BN95ftOdtUVsknU6Vxrs%2FlpgDcCvuCw8yBT9TpzeqirdVKlJPVDo9DR35AroEk%2BnXJbeXiIRkTJ3eVKTGSz6CphpXF ↗ https://vtbehaviour.commondatastorage.googleapis.com/01b1f4159b48ac9d2145ca334ac5088cb79c8d4c03cf0688a87e55335349b331_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1779437889&Signature=kOQWTYWZEnXg6x3z7n1h%2BZxGkgstZeT94Va6iNASpQTWtCaM1UzUpKuQfGgpopGCyTOEK%2F7OD4pGKGjQDwX29jg3%2BWWCnmzl2Mzx9F4yN1rq4t4SzOITafJ%2ByjOuVbRn5K%2BAZoVXDIZIUCsUMxgTHhqST3vBcQ503uW6lfzxUcdHHauNqTsPUzjiSG6JrJRGSJW%2BzxrctN1HmMSRzpHcu7CHCOeQuIhHiX7ibuCHhA3JzarYcCaHYe%2B8 ↗ https://vtbehaviour.commondatastorage.googleapis.com/07e1e7ad5d00405ee7c5fed83b4d9e3a512d9e872d8670cb86fd701f3b8b6259_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1779438246&Signature=ZGz53K8c67xrCiLmZJbODFjoXur2NU9sF9Xjc%2Ff81AQIH8dBUyDkBf7MQwIyCG7huDtUlwHzNWPb0VzcJksqTxIo%2BJPVvtYvIl8RV%2BckzCDGa3AWmKyyvYPZbn4h%2B8stgKiEu6RzeO9KCA2o91kJ8RAu6HhS6SSlddRteH%2BA3MOc17NU6cmUv0B06xlL9i%2FEgkhPukOAi3TFeOT3hK7Y3pW%2FCBP536Ae%2BaDIzY24ugSkQ% ↗ https://vtbehaviour.commondatastorage.googleapis.com/7d441193d1f16f78d054c1fe662e533db705dad62d0121f02d000e9a6b5fe86b_Tencent%20HABO.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1779438365&Signature=h7GZQeeOJNTBzxgmrZzfcTlZI6TwhUTTE1VEYyZfCBcBfVE3Jb8jMGpRJTIh2RjWBMEf1FRvCibTgA%2BKnZNrtxGDZe4CJvEqy02XWJbLarRkHqmn1sMQpskfa4sIPni%2FCkajAZUdYmEuTES7jYJsimQO%2FNtd1bIFSqBot7ecyvQT%2F9ax7KazcoIudKVimT0ihn%2BstThD1NxJalqWZoY2sO1jzCgkaOK9lZeCsAXDE1H3B3LD6yIg ↗ https://vtbehaviour.commondatastorage.googleapis.com/8a7e906f7a61cab63e462258f69c24e3425fa54e5e90cdf68b495c4fd04a1982_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1779438540&Signature=vQDqnOc819uwIf0UqNrPAXjrnU5lZulCRWIGBinfcBaYOLutIIcBkwpwhJn4GTrg04JjCxqIcZ43GlpX%2FYhN5uiLQZ5Iq0%2FZl1WfsxOy3LhAomStnIrBU0FvlkCre1wYUHlPoU48crf8016tg9ioYlD%2BwbWR7jeN%2Bk5Ji8P0ipnBOP7K0C822Ae5VenOIz4a%2BB8OR1YdodkTomWdLo46lmTdc899jW0IxF3msxKmV4nal0ZD4aeX ↗ https://vtbehaviour.commondatastorage.googleapis.com/3fe3b0bc7ca7ec4d23c1cd7c07d5cdf9cb3463beb18cd58e2501150d343d0851_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1779438798&Signature=pANruTzJyu09Hzf4DTv20LDHBbtyRDfVqdUDXcUHU5t%2Fo4ZASzGodrrrh0fSnpxRID7l8PUYQBpatP0X3BS%2BDZyUILHdoxM41n4EbpJ%2B53f5rTs3mKuxEjWVK5Qqv%2BETgwTMnpZ8nScsLJfzlqHy%2B0U7pGcwf58Ddn5NAxMvveGCxrjpeP1nPaMKQMqKtlgIaoZKaRUTWeQus8tECh70NEy%2FBGwoljYsR%2FbGJ5YyrB1jlrAY ↗ https://vtbehaviour.commondatastorage.googleapis.com/7d441193d1f16f78d054c1fe662e533db705dad62d0121f02d000e9a6b5fe86b_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1779438900&Signature=GdSSawcnAzzWjiMJAEJMz7h0KpqPNqgwPzPkzv%2FPKo1IhjY2w4WE1ioTHKCJ7eMvq%2F0dzNI1JvYz47q%2FosHjl0ZOvE39XCHG5BsiO6AoXnUe9D1sIksXC19D%2FvOQZLtOQ8uMwJ7oehwmB9VfuwQCEqwu22ClFUwOXSvDI%2FBRa2m8ingT7tEflhqF2okL36dFvtY8GKspHKfRv4ayCedzCEp70TXYBwOOFSkNdMr8ddnW5YBSkzp5 ↗ https://vtbehaviour.commondatastorage.googleapis.com/beddd6543579e4744aa3aceb91c6ff522e5d4a9cf54c41b27ad97d6533cff57e_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1779439368&Signature=CDFw0%2B8LvB0k7nbKeUPwBR%2FfS5URr4xkEa2F4j12yJ7df5yIucYFDJweGXE%2BExkhEyGCO5CWuoTJB0K%2F6Rpxgfnlabbn5ygiAsFOnib4deEJdbcSyN3Gy9Kws8AW9KqC0rNuo61G5054uz8o49zs3kKm1T18tPWnUdh7hoAvUZZd%2FYUxruCfZvqZhlpNuf5GDd2wiMtdi5FN0gjAWablDvhxF3tIQ15UvXQMm%2BBmTkTGDpYQ1N ↗ https://vtbehaviour.commondatastorage.googleapis.com/beddd6543579e4744aa3aceb91c6ff522e5d4a9cf54c41b27ad97d6533cff57e_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1779439406&Signature=Yyt5VdwIWVXZPSrz2llE%2Fkbs8LRRL%2FYacK8lMJDwqz1wnQB9NTQ5QEbHs%2B45GJHAJP3KN1mSh2WU7JPp%2BmDqFZFoauenLoF11M2RaKMwIDojWNE%2Fwb%2BSo6gvaguoU25WEGapdxQpMpn7ojI4%2FW3dmzzX7F9qYQmhmbC9ipqyKXDZHQuAUJaa074tvOcIBvP974a3DKMGUmWO1KyDP73MEZpyuKfxhVFdco02FkPG7mvGCJnXuw3KbSvC