ADWCleaner[S00] Code:
# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-06-29.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 07-24-2021
# Duration: 00:00:14
# OS: Windows 10 Pro
# Scanned: 31988
# Detected: 6
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
Adware.DoubleD C:\Users\maxhe\Desktop\Controller
PUP.Optional.DownloadSponsor C:\Users\maxhe\AppData\Local\Temp\DMR
***** [ Files ] *****
PUP.Optional.Chip C:\Users\maxhe\Desktop\..\Downloads\BITWARDEN PASSWORT MANAGER - CHIP-INSTALLER.EXE
PUP.Optional.Chip C:\Users\maxhe\Desktop\..\Downloads\GHOSTMOUSE - CHIP-INSTALLER.EXE
PUP.Optional.Chip C:\Users\maxhe\Desktop\..\Downloads\TEAMVIEWER - CHIP-INSTALLER.EXE
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.Fake.OpenOfficeUpdater HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|OpenOffice Updater
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ########## Und Malwarebytes Code:
EB8809C2CE15103E53409087BCE18920B760BF91528D4ADCEB1AA3C42F94A1BC
{
"applicationVersion" : "4.4.3.125",
"chromeSyncResetQueryRequested" : false,
"chromeSyncResetQueryResult" : false,
"clientID" : "MbamUI",
"clientType" : "fullUIScan",
"componentsUpdatePackageVersion" : "1.0.1387",
"coreDllFileVersion" : "3.0.0.1166",
"cpu" : "x64",
"dbSDKUpdatePackageVersion" : "1.0.43476",
"detectionDateTime" : "2021-07-24T15:32:20Z",
"fileSystem" : "NTFS",
"id" : "55e92da2-ec94-11eb-a571-00d861d43252",
"isUserAdmin" : true,
"licenseState" : "trial",
"linkagePhaseComplete" : true,
"loggedOnUserName" : "DESKTOP-UM53QP8\\maxhe",
"machineID" : "",
"os" : "Windows 10 (Build 19041.1110)",
"schemaVersion" : 19,
"sourceDetails" : {
"aggressiveMode" : false,
"clientMetadata" : {
"jobId" : "",
"scheduleId" : "",
"scheduleTag" : ""
},
"ddsigEnabled" : true,
"filesScannedByIG" : 5,
"objectsScanned" : 317338,
"scanEndTime" : "2021-07-24T15:34:12Z",
"scanOnlineStatus" : "online",
"scanOptions" : {
"pumHandling" : "detect",
"pupHandling" : "detect",
"scanArchives" : true,
"scanFileSystem" : true,
"scanMemoryObjects" : true,
"scanPUMs" : true,
"scanPUPs" : true,
"scanRookits" : false,
"scanStartupAndRegistry" : true,
"scanType" : "threat",
"useHeuristics" : true
},
"scanResult" : "completed",
"scanStartTime" : "2021-07-24T15:32:20Z",
"scanState" : "completed",
"shurikenEnabled" : true,
"type" : "scan"
},
"threats" : [
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "successful",
"cleanResultErrorCode" : 0,
"cleanTime" : "2021-07-24T15:34:33Z",
"generatedByPostCleanupAction" : false,
"hubbleRequestErrorCode" : 0,
"id" : "86f44472-ec94-11eb-82ba-00d861d43252",
"igExitCode" : "",
"isPEFile" : true,
"isPEFileValid" : true,
"isWhitelistedByAdsInfo" : false,
"linkType" : "none",
"objectMD5" : "962AA8E2AFAF4537FE0B114ADEAE604D",
"objectPath" : "C:\\$RECYCLE.BIN\\S-1-5-21-4124461801-2848895045-3988357269-1001\\$RZ82O1P\\TEMBOTGENERATORV2.EXE",
"objectSha256" : "60CF9B94D38447B600EB0DB295A472134EB1CFBA0DEF626D83B46864EB1F1F34",
"objectSize" : 708608,
"objectType" : "file",
"resolvedPath" : "C:\\$Recycle.Bin\\S-1-5-21-4124461801-2848895045-3988357269-1001\\$RZ82O1P\\TemBotGeneratorv2.exe",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : true,
"disableSignatureWhiteListing" : true,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : true,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"singleDelete" : false,
"treatAsRootkit" : false,
"useDDA" : false,
"verifyResolvedPath" : true,
"whitelistCheckError" : false
},
"winVerifyTrustResult" : {
"expectedError" : true,
"lastErrorCode" : -2146762496,
"wvtCalled" : true,
"wvtResult" : -2146762496
}
},
"ruleID" : 392686,
"ruleString" : "",
"rulesVersion" : "1.0.43476",
"srcEngineComponent" : "shuriken",
"srcEngineThreatNames" : [
],
"threatID" : 0,
"threatName" : "Generic.Malware\/Suspicious"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "successful",
"cleanResultErrorCode" : 0,
"cleanTime" : "2021-07-24T15:34:33Z",
"generatedByPostCleanupAction" : false,
"hubbleRequestErrorCode" : 0,
"id" : "8a5e2088-ec94-11eb-b4b7-00d861d43252",
"igExitCode" : "",
"isPEFile" : true,
"isPEFileValid" : true,
"isWhitelistedByAdsInfo" : false,
"linkType" : "none",
"objectMD5" : "AF6448DFB8813224F17056CB60001201",
"objectPath" : "C:\\$RECYCLE.BIN\\S-1-5-21-4124461801-2848895045-3988357269-1001\\$RZ82O1P\\LUMAFINDER.EXE",
"objectSha256" : "D4304B62215BA46075B131C00C40BBB3A28302558D48D59547F089E94D18045B",
"objectSize" : 709120,
"objectType" : "file",
"resolvedPath" : "C:\\$Recycle.Bin\\S-1-5-21-4124461801-2848895045-3988357269-1001\\$RZ82O1P\\LumaFinder.exe",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : true,
"disableSignatureWhiteListing" : true,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : true,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"singleDelete" : false,
"treatAsRootkit" : false,
"useDDA" : false,
"verifyResolvedPath" : true,
"whitelistCheckError" : false
},
"winVerifyTrustResult" : {
"expectedError" : true,
"lastErrorCode" : -2146762496,
"wvtCalled" : true,
"wvtResult" : -2146762496
}
},
"ruleID" : 392686,
"ruleString" : "",
"rulesVersion" : "1.0.43476",
"srcEngineComponent" : "shuriken",
"srcEngineThreatNames" : [
],
"threatID" : 0,
"threatName" : "Generic.Malware\/Suspicious"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "successful",
"cleanResultErrorCode" : 0,
"cleanTime" : "2021-07-24T15:34:33Z",
"generatedByPostCleanupAction" : false,
"hubbleRequestErrorCode" : 0,
"id" : "8bc37ae0-ec94-11eb-9ea8-00d861d43252",
"igExitCode" : "",
"isPEFile" : false,
"isPEFileValid" : true,
"isWhitelistedByAdsInfo" : false,
"linkType" : "none",
"objectMD5" : "94A57473027A98E9FFD895F9F371935F",
"objectPath" : "C:\\USERS\\MAXHE\\DOWNLOADS\\TEMBOTV1.8.0A-HOTFIX-2.ZIP",
"objectSha256" : "9D133C65025EDB61AED6A69F90CD9B5A4B6D7D69FA211644CDF611D31610A4C8",
"objectSize" : 1655469,
"objectType" : "file",
"resolvedPath" : "C:\\Users\\maxhe\\Downloads\\TemBotv1.8.0a-HOTFIX-2.zip",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : false,
"disableSignatureWhiteListing" : false,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : true,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"singleDelete" : false,
"treatAsRootkit" : false,
"useDDA" : false,
"verifyResolvedPath" : true,
"whitelistCheckError" : false
},
"winVerifyTrustResult" : {
"expectedError" : false,
"lastErrorCode" : -2146762749,
"wvtCalled" : true,
"wvtResult" : -2146762749
}
},
"ruleID" : 392686,
"ruleString" : "",
"rulesVersion" : "1.0.43476",
"srcEngineComponent" : "shuriken",
"srcEngineThreatNames" : [
],
"threatID" : 0,
"threatName" : "Generic.Malware\/Suspicious"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "successful",
"cleanResultErrorCode" : 0,
"cleanTime" : "2021-07-24T15:34:33Z",
"generatedByPostCleanupAction" : false,
"hubbleRequestErrorCode" : 0,
"id" : "8bc46568-ec94-11eb-86f6-00d861d43252",
"igExitCode" : "",
"isPEFile" : false,
"isPEFileValid" : true,
"isWhitelistedByAdsInfo" : false,
"linkType" : "none",
"objectMD5" : "6D3C70C3C2D2B0C227466708C9B7D4FC",
"objectPath" : "C:\\USERS\\MAXHE\\DOWNLOADS\\TEMBOTV1.9.1A.ZIP",
"objectSha256" : "5FA3A2E13ECA63524103B56A788E2DB7B4C58B2D1210BA96FDFC924FAF21E97E",
"objectSize" : 1655609,
"objectType" : "file",
"resolvedPath" : "C:\\Users\\maxhe\\Downloads\\TemBotv1.9.1a.zip",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : false,
"disableSignatureWhiteListing" : false,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : true,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"singleDelete" : false,
"treatAsRootkit" : false,
"useDDA" : false,
"verifyResolvedPath" : true,
"whitelistCheckError" : false
},
"winVerifyTrustResult" : {
"expectedError" : false,
"lastErrorCode" : -2146762749,
"wvtCalled" : true,
"wvtResult" : -2146762749
}
},
"ruleID" : 392686,
"ruleString" : "",
"rulesVersion" : "1.0.43476",
"srcEngineComponent" : "shuriken",
"srcEngineThreatNames" : [
],
"threatID" : 0,
"threatName" : "Generic.Malware\/Suspicious"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "duplicate",
"cleanResultErrorCode" : 0,
"cleanTime" : "2021-07-24T15:33:51Z",
"generatedByPostCleanupAction" : false,
"hubbleRequestErrorCode" : 0,
"id" : "8bc528ea-ec94-11eb-9da1-00d861d43252",
"igExitCode" : "",
"isPEFile" : true,
"isPEFileValid" : true,
"isWhitelistedByAdsInfo" : false,
"linkType" : "none",
"objectMD5" : "6D3C70C3C2D2B0C227466708C9B7D4FC",
"objectPath" : "C:\\USERS\\MAXHE\\DOWNLOADS\\TEMBOTV1.9.1A.ZIP",
"objectSha256" : "5FA3A2E13ECA63524103B56A788E2DB7B4C58B2D1210BA96FDFC924FAF21E97E",
"objectSize" : -1,
"objectType" : "file",
"resolvedPath" : "",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : false,
"disableSignatureWhiteListing" : false,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : true,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"singleDelete" : false,
"treatAsRootkit" : false,
"useDDA" : false,
"verifyResolvedPath" : false,
"whitelistCheckError" : false
},
"winVerifyTrustResult" : {
"expectedError" : false,
"lastErrorCode" : -2146762749,
"wvtCalled" : true,
"wvtResult" : -2146762749
}
},
"ruleID" : 392686,
"ruleString" : "",
"rulesVersion" : "1.0.43476",
"srcEngineComponent" : "shuriken",
"srcEngineThreatNames" : [
],
"threatID" : 0,
"threatName" : "Generic.Malware\/Suspicious"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "successful",
"cleanResultErrorCode" : 0,
"cleanTime" : "2021-07-24T15:34:33Z",
"generatedByPostCleanupAction" : false,
"hubbleRequestErrorCode" : 0,
"id" : "8cf29676-ec94-11eb-a556-00d861d43252",
"igExitCode" : "",
"isPEFile" : true,
"isPEFileValid" : true,
"isWhitelistedByAdsInfo" : false,
"linkType" : "none",
"objectMD5" : "E4A1BB686469D8FC8B1B35EED316B7BD",
"objectPath" : "C:\\USERS\\MAXHE\\DOWNLOADS\\BITWARDEN PASSWORT MANAGER - CHIP-INSTALLER.EXE",
"objectSha256" : "B7DC489F26A16EEA70A528B5485037F557A3D7CC7FF93E69E4FA1B6FC3D48F53",
"objectSize" : 1353232,
"objectType" : "file",
"resolvedPath" : "C:\\Users\\maxhe\\Downloads\\Bitwarden Passwort Manager - CHIP-Installer.exe",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : true,
"disableSignatureWhiteListing" : true,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : true,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"singleDelete" : false,
"treatAsRootkit" : false,
"useDDA" : false,
"verifyResolvedPath" : true,
"whitelistCheckError" : false
},
"winVerifyTrustResult" : {
"expectedError" : false,
"lastErrorCode" : -2146762495,
"wvtCalled" : true,
"wvtResult" : -2146762495
}
},
"ruleID" : 562568,
"ruleString" : "",
"rulesVersion" : "1.0.43476",
"srcEngineComponent" : "ame",
"srcEngineThreatNames" : [
],
"threatID" : 633,
"threatName" : "PUP.Optional.ChipDe"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "successful",
"cleanResultErrorCode" : 0,
"cleanTime" : "2021-07-24T15:34:33Z",
"generatedByPostCleanupAction" : false,
"hubbleRequestErrorCode" : 0,
"id" : "8ebb17f8-ec94-11eb-88a1-00d861d43252",
"igExitCode" : "",
"isPEFile" : false,
"isPEFileValid" : true,
"isWhitelistedByAdsInfo" : false,
"linkType" : "none",
"objectMD5" : "A9D5B6B8FBBF4B75063B9ECCFD65F7A6",
"objectPath" : "C:\\USERS\\MAXHE\\DOWNLOADS\\TEMBOTV1.9.0-BETA-HOTFIX2.ZIP",
"objectSha256" : "B50A396DC417391F8CD33B1B0E6D37DD82D9F099B6E1993716548AD24A246C7C",
"objectSize" : 1659502,
"objectType" : "file",
"resolvedPath" : "C:\\Users\\maxhe\\Downloads\\TemBotv1.9.0-BETA-HOTFIX2.zip",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : false,
"disableSignatureWhiteListing" : false,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : true,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"singleDelete" : false,
"treatAsRootkit" : false,
"useDDA" : false,
"verifyResolvedPath" : true,
"whitelistCheckError" : false
},
"winVerifyTrustResult" : {
"expectedError" : false,
"lastErrorCode" : -2146762749,
"wvtCalled" : true,
"wvtResult" : -2146762749
}
},
"ruleID" : 392686,
"ruleString" : "",
"rulesVersion" : "1.0.43476",
"srcEngineComponent" : "shuriken",
"srcEngineThreatNames" : [
],
"threatID" : 0,
"threatName" : "Generic.Malware\/Suspicious"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "successful",
"cleanResultErrorCode" : 0,
"cleanTime" : "2021-07-24T15:34:33Z",
"generatedByPostCleanupAction" : false,
"hubbleRequestErrorCode" : 0,
"id" : "8ebbeef8-ec94-11eb-bd44-00d861d43252",
"igExitCode" : "",
"isPEFile" : false,
"isPEFileValid" : true,
"isWhitelistedByAdsInfo" : false,
"linkType" : "none",
"objectMD5" : "279FAFC0A25E782818FD7EFAE15EBE21",
"objectPath" : "C:\\USERS\\MAXHE\\DOWNLOADS\\TEMBOTV1.9.0B-UPDATE1.ZIP",
"objectSha256" : "5EE20662D18A1DFBEB887BEF07A098F69A8E64E8423B65505FBB999F1C10571F",
"objectSize" : 1655590,
"objectType" : "file",
"resolvedPath" : "C:\\Users\\maxhe\\Downloads\\TemBotv1.9.0b-UPDATE1.zip",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : false,
"disableSignatureWhiteListing" : false,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : true,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"singleDelete" : false,
"treatAsRootkit" : false,
"useDDA" : false,
"verifyResolvedPath" : true,
"whitelistCheckError" : false
},
"winVerifyTrustResult" : {
"expectedError" : false,
"lastErrorCode" : -2146762749,
"wvtCalled" : true,
"wvtResult" : -2146762749
}
},
"ruleID" : 392686,
"ruleString" : "",
"rulesVersion" : "1.0.43476",
"srcEngineComponent" : "shuriken",
"srcEngineThreatNames" : [
],
"threatID" : 0,
"threatName" : "Generic.Malware\/Suspicious"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "duplicate",
"cleanResultErrorCode" : 0,
"cleanTime" : "2021-07-24T15:33:56Z",
"generatedByPostCleanupAction" : false,
"hubbleRequestErrorCode" : 0,
"id" : "8ebcb284-ec94-11eb-8462-00d861d43252",
"igExitCode" : "",
"isPEFile" : true,
"isPEFileValid" : true,
"isWhitelistedByAdsInfo" : false,
"linkType" : "none",
"objectMD5" : "A9D5B6B8FBBF4B75063B9ECCFD65F7A6",
"objectPath" : "C:\\USERS\\MAXHE\\DOWNLOADS\\TEMBOTV1.9.0-BETA-HOTFIX2.ZIP",
"objectSha256" : "B50A396DC417391F8CD33B1B0E6D37DD82D9F099B6E1993716548AD24A246C7C",
"objectSize" : -1,
"objectType" : "file",
"resolvedPath" : "",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : false,
"disableSignatureWhiteListing" : false,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : true,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"singleDelete" : false,
"treatAsRootkit" : false,
"useDDA" : false,
"verifyResolvedPath" : false,
"whitelistCheckError" : false
},
"winVerifyTrustResult" : {
"expectedError" : false,
"lastErrorCode" : -2146762749,
"wvtCalled" : true,
"wvtResult" : -2146762749
}
},
"ruleID" : 392686,
"ruleString" : "",
"rulesVersion" : "1.0.43476",
"srcEngineComponent" : "shuriken",
"srcEngineThreatNames" : [
],
"threatID" : 0,
"threatName" : "Generic.Malware\/Suspicious"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "duplicate",
"cleanResultErrorCode" : 0,
"cleanTime" : "2021-07-24T15:33:56Z",
"generatedByPostCleanupAction" : false,
"hubbleRequestErrorCode" : 0,
"id" : "8ebdc462-ec94-11eb-ad8c-00d861d43252",
"igExitCode" : "",
"isPEFile" : true,
"isPEFileValid" : true,
"isWhitelistedByAdsInfo" : false,
"linkType" : "none",
"objectMD5" : "279FAFC0A25E782818FD7EFAE15EBE21",
"objectPath" : "C:\\USERS\\MAXHE\\DOWNLOADS\\TEMBOTV1.9.0B-UPDATE1.ZIP",
"objectSha256" : "5EE20662D18A1DFBEB887BEF07A098F69A8E64E8423B65505FBB999F1C10571F",
"objectSize" : -1,
"objectType" : "file",
"resolvedPath" : "",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : false,
"disableSignatureWhiteListing" : false,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : true,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"singleDelete" : false,
"treatAsRootkit" : false,
"useDDA" : false,
"verifyResolvedPath" : false,
"whitelistCheckError" : false
},
"winVerifyTrustResult" : {
"expectedError" : false,
"lastErrorCode" : -2146762749,
"wvtCalled" : true,
"wvtResult" : -2146762749
}
},
"ruleID" : 392686,
"ruleString" : "",
"rulesVersion" : "1.0.43476",
"srcEngineComponent" : "shuriken",
"srcEngineThreatNames" : [
],
"threatID" : 0,
"threatName" : "Generic.Malware\/Suspicious"
},
{
"ddsSigFileVersion" : "01347198",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "TemBot\\Data\\hyde.dll",
"archiveMemberMD5" : "672307E317686D53F37B2CA275FABF9A",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "successful",
"cleanResultErrorCode" : 0,
"cleanTime" : "2021-07-24T15:34:33Z",
"generatedByPostCleanupAction" : false,
"hubbleRequestErrorCode" : 0,
"id" : "8f093a8c-ec94-11eb-904d-00d861d43252",
"igExitCode" : "",
"isPEFile" : false,
"isPEFileValid" : true,
"isWhitelistedByAdsInfo" : false,
"linkType" : "none",
"objectMD5" : "5613FB8A94BDE9E4D3FEE37A56B65FF3",
"objectPath" : "C:\\USERS\\MAXHE\\DOWNLOADS\\TEMBOTV1.2.1.ZIP",
"objectSha256" : "7AB3B0BC8D8C346BE9D3456E79143EAE37B15139CBDB7AE4AD9E11396888B554",
"objectSize" : 1754040,
"objectType" : "file",
"resolvedPath" : "C:\\Users\\maxhe\\Downloads\\TemBotv1.2.1.zip",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : false,
"disableSignatureWhiteListing" : false,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : true,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"singleDelete" : false,
"treatAsRootkit" : false,
"useDDA" : false,
"verifyResolvedPath" : true,
"whitelistCheckError" : false
},
"winVerifyTrustResult" : {
"expectedError" : false,
"lastErrorCode" : 0,
"wvtCalled" : true,
"wvtResult" : 0
}
},
"ruleID" : 0,
"ruleString" : "D9D1652A960B1A3EEDE3FC6C",
"rulesVersion" : "1.0.43476",
"srcEngineComponent" : "dds",
"srcEngineThreatNames" : [
"Malware.AI.3991141484"
],
"threatID" : 1000000,
"threatName" : "Malware.AI.3991141484"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "successful",
"cleanResultErrorCode" : 0,
"cleanTime" : "2021-07-24T15:34:33Z",
"generatedByPostCleanupAction" : false,
"hubbleRequestErrorCode" : 0,
"id" : "8ff56b8c-ec94-11eb-902a-00d861d43252",
"igExitCode" : "",
"isPEFile" : false,
"isPEFileValid" : true,
"isWhitelistedByAdsInfo" : false,
"linkType" : "none",
"objectMD5" : "E68E7AA1AFFCDA7897FBD8F63518836E",
"objectPath" : "C:\\USERS\\MAXHE\\DOWNLOADS\\TEMBOTV1.9.0A-TESTVERSION.ZIP",
"objectSha256" : "1E97150DA6B8AA5F0CE19F6EB91ABA9945B566E1E7AD5A6E66990E73281A9033",
"objectSize" : 1657262,
"objectType" : "file",
"resolvedPath" : "C:\\Users\\maxhe\\Downloads\\TemBotv1.9.0a-TESTVERSION.zip",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : false,
"disableSignatureWhiteListing" : false,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : true,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"singleDelete" : false,
"treatAsRootkit" : false,
"useDDA" : false,
"verifyResolvedPath" : true,
"whitelistCheckError" : false
},
"winVerifyTrustResult" : {
"expectedError" : false,
"lastErrorCode" : -2146762749,
"wvtCalled" : true,
"wvtResult" : -2146762749
}
},
"ruleID" : 392686,
"ruleString" : "",
"rulesVersion" : "1.0.43476",
"srcEngineComponent" : "shuriken",
"srcEngineThreatNames" : [
],
"threatID" : 0,
"threatName" : "Generic.Malware\/Suspicious"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "duplicate",
"cleanResultErrorCode" : 0,
"cleanTime" : "2021-07-24T15:33:58Z",
"generatedByPostCleanupAction" : false,
"hubbleRequestErrorCode" : 0,
"id" : "8ff7a276-ec94-11eb-9b80-00d861d43252",
"igExitCode" : "",
"isPEFile" : true,
"isPEFileValid" : true,
"isWhitelistedByAdsInfo" : false,
"linkType" : "none",
"objectMD5" : "E68E7AA1AFFCDA7897FBD8F63518836E",
"objectPath" : "C:\\USERS\\MAXHE\\DOWNLOADS\\TEMBOTV1.9.0A-TESTVERSION.ZIP",
"objectSha256" : "1E97150DA6B8AA5F0CE19F6EB91ABA9945B566E1E7AD5A6E66990E73281A9033",
"objectSize" : -1,
"objectType" : "file",
"resolvedPath" : "",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : false,
"disableSignatureWhiteListing" : false,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : true,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"singleDelete" : false,
"treatAsRootkit" : false,
"useDDA" : false,
"verifyResolvedPath" : false,
"whitelistCheckError" : false
},
"winVerifyTrustResult" : {
"expectedError" : false,
"lastErrorCode" : -2146762749,
"wvtCalled" : true,
"wvtResult" : -2146762749
}
},
"ruleID" : 392686,
"ruleString" : "",
"rulesVersion" : "1.0.43476",
"srcEngineComponent" : "shuriken",
"srcEngineThreatNames" : [
],
"threatID" : 0,
"threatName" : "Generic.Malware\/Suspicious"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "successful",
"cleanResultErrorCode" : 0,
"cleanTime" : "2021-07-24T15:34:33Z",
"generatedByPostCleanupAction" : false,
"hubbleRequestErrorCode" : 0,
"id" : "902f608a-ec94-11eb-9dc8-00d861d43252",
"igExitCode" : "",
"isPEFile" : true,
"isPEFileValid" : true,
"isWhitelistedByAdsInfo" : false,
"linkType" : "none",
"objectMD5" : "04D697F7235E2F03CEDA4BEBA9619D22",
"objectPath" : "C:\\USERS\\MAXHE\\DOWNLOADS\\TEAMVIEWER - CHIP-INSTALLER.EXE",
"objectSha256" : "7C3A7C69D8065A37EDC5B28F7C58DEBE343180DEE8176010EB14E71FB0407880",
"objectSize" : 1353232,
"objectType" : "file",
"resolvedPath" : "C:\\Users\\maxhe\\Downloads\\TeamViewer - CHIP-Installer.exe",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : true,
"disableSignatureWhiteListing" : true,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : true,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"singleDelete" : false,
"treatAsRootkit" : false,
"useDDA" : false,
"verifyResolvedPath" : true,
"whitelistCheckError" : false
},
"winVerifyTrustResult" : {
"expectedError" : false,
"lastErrorCode" : -2146762495,
"wvtCalled" : true,
"wvtResult" : -2146762495
}
},
"ruleID" : 562568,
"ruleString" : "",
"rulesVersion" : "1.0.43476",
"srcEngineComponent" : "ame",
"srcEngineThreatNames" : [
],
"threatID" : 633,
"threatName" : "PUP.Optional.ChipDe"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
{
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanResult" : "successful",
"cleanResultErrorCode" : 0,
"cleanTime" : "2021-07-24T15:34:33Z",
"generatedByPostCleanupAction" : false,
"hubbleRequestErrorCode" : 0,
"id" : "90831130-ec94-11eb-bb1b-00d861d43252",
"igExitCode" : "",
"isPEFile" : false,
"isPEFileValid" : true,
"isWhitelistedByAdsInfo" : false,
"linkType" : "dirContent",
"objectMD5" : "EEE9B23FB30C0B415E6B4F0E1B605E79",
"objectPath" : "C:\\Users\\maxhe\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Sync Data\\LevelDB\\000003.ldb",
"objectSha256" : "585D0A6704F94F54A11CEAE3A81209A3D33D56DBFECD1C4A10FE1EDA396BE19F",
"objectSize" : 99840,
"objectType" : "file",
"resolvedPath" : "C:\\Users\\maxhe\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Sync Data\\LevelDB\\000003.ldb",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : false,
"disableSignatureWhiteListing" : false,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : true,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"singleDelete" : false,
"treatAsRootkit" : false,
"useDDA" : false,
"verifyResolvedPath" : true,
"whitelistCheckError" : false
}
},
{
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanResult" : "successful",
"cleanResultErrorCode" : 0,
"cleanTime" : "2021-07-24T15:34:33Z",
"generatedByPostCleanupAction" : false,
"hubbleRequestErrorCode" : 0,
"id" : "9083d4b2-ec94-11eb-9d00-00d861d43252",
"igExitCode" : "",
"isPEFile" : false,
"isPEFileValid" : true,
"isWhitelistedByAdsInfo" : false,
"linkType" : "dirContent",
"objectMD5" : "57606A45172CD9A2EC32EF38F6A83584",
"objectPath" : "C:\\Users\\maxhe\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Sync Data\\LevelDB\\000004.log",
"objectSha256" : "92CE5DD865847053028E90CC5B6EA266E05F7CDCCFD5865590423049C4D7B0C4",
"objectSize" : 458272,
"objectType" : "file",
"resolvedPath" : "C:\\Users\\maxhe\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Sync Data\\LevelDB\\000004.log",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : false,
"disableSignatureWhiteListing" : false,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : true,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"singleDelete" : false,
"treatAsRootkit" : false,
"useDDA" : false,
"verifyResolvedPath" : true,
"whitelistCheckError" : false
}
},
{
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanResult" : "successful",
"cleanResultErrorCode" : 0,
"cleanTime" : "2021-07-24T15:34:33Z",
"generatedByPostCleanupAction" : false,
"hubbleRequestErrorCode" : 0,
"id" : "9084bf4e-ec94-11eb-93d5-00d861d43252",
"igExitCode" : "",
"isPEFile" : false,
"isPEFileValid" : true,
"isWhitelistedByAdsInfo" : false,
"linkType" : "dirContent",
"objectMD5" : "46295CAC801E5D4857D09837238A6394",
"objectPath" : "C:\\Users\\maxhe\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Sync Data\\LevelDB\\CURRENT",
"objectSha256" : "0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443",
"objectSize" : 16,
"objectType" : "file",
"resolvedPath" : "C:\\Users\\maxhe\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Sync Data\\LevelDB\\CURRENT",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : false,
"disableSignatureWhiteListing" : false,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : true,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"singleDelete" : false,
"treatAsRootkit" : false,
"useDDA" : false,
"verifyResolvedPath" : true,
"whitelistCheckError" : false
}
},
{
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanResult" : "successful",
"cleanResultErrorCode" : 0,
"cleanTime" : "2021-07-24T15:34:33Z",
"generatedByPostCleanupAction" : false,
"hubbleRequestErrorCode" : 0,
"id" : "908582bc-ec94-11eb-bfcc-00d861d43252",
"igExitCode" : "",
"isPEFile" : false,
"isPEFileValid" : true,
"isWhitelistedByAdsInfo" : false,
"linkType" : "dirContent",
"objectMD5" : "",
"objectPath" : "C:\\Users\\maxhe\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Sync Data\\LevelDB\\LOCK",
"objectSha256" : "",
"objectSize" : 0,
"objectType" : "file",
"resolvedPath" : "C:\\Users\\maxhe\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Sync Data\\LevelDB\\LOCK",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : false,
"disableSignatureWhiteListing" : false,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : true,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"singleDelete" : false,
"treatAsRootkit" : false,
"useDDA" : false,
"verifyResolvedPath" : true,
"whitelistCheckError" : false
}
},
{
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanResult" : "successful",
"cleanResultErrorCode" : 0,
"cleanTime" : "2021-07-24T15:34:33Z",
"generatedByPostCleanupAction" : false,
"hubbleRequestErrorCode" : 0,
"id" : "908680e0-ec94-11eb-be20-00d861d43252",
"igExitCode" : "",
"isPEFile" : false,
"isPEFileValid" : true,
"isWhitelistedByAdsInfo" : false,
"linkType" : "dirContent",
"objectMD5" : "C2A6DB4390E04F35FD59A6CE2CAE1EA2",
"objectPath" : "C:\\Users\\maxhe\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Sync Data\\LevelDB\\LOG",
"objectSha256" : "3A41182CB05DF062CA5CE9CBDF126054E1086BCE281C35193A26C8275394E6FF",
"objectSize" : 324,
"objectType" : "file",
"resolvedPath" : "C:\\Users\\maxhe\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Sync Data\\LevelDB\\LOG",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : false,
"disableSignatureWhiteListing" : false,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : true,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"singleDelete" : false,
"treatAsRootkit" : false,
"useDDA" : false,
"verifyResolvedPath" : true,
"whitelistCheckError" : false
}
},
{
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanResult" : "successful",
"cleanResultErrorCode" : 0,
"cleanTime" : "2021-07-24T15:34:33Z",
"generatedByPostCleanupAction" : false,
"hubbleRequestErrorCode" : 0,
"id" : "908757ea-ec94-11eb-aa75-00d861d43252",
"igExitCode" : "",
"isPEFile" : false,
"isPEFileValid" : true,
"isWhitelistedByAdsInfo" : false,
"linkType" : "dirContent",
"objectMD5" : "7A4C33A26093499A22C2B9EB3F3D032F",
"objectPath" : "C:\\Users\\maxhe\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Sync Data\\LevelDB\\LOG.old",
"objectSha256" : "3E6063FB9DAAB96123147D7E9176D764BDB95C6FE8D723BB929973BC963A2370",
"objectSize" : 321,
"objectType" : "file",
"resolvedPath" : "C:\\Users\\maxhe\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Sync Data\\LevelDB\\LOG.old",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : false,
"disableSignatureWhiteListing" : false,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : true,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"singleDelete" : false,
"treatAsRootkit" : false,
"useDDA" : false,
"verifyResolvedPath" : true,
"whitelistCheckError" : false
}
},
{
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanResult" : "successful",
"cleanResultErrorCode" : 0,
"cleanTime" : "2021-07-24T15:34:33Z",
"generatedByPostCleanupAction" : false,
"hubbleRequestErrorCode" : 0,
"id" : "90881b6c-ec94-11eb-a410-00d861d43252",
"igExitCode" : "",
"isPEFile" : false,
"isPEFileValid" : true,
"isWhitelistedByAdsInfo" : false,
"linkType" : "dirContent",
"objectMD5" : "B6C148550BA886C1DEA7D54BB862D8A1",
"objectPath" : "C:\\Users\\maxhe\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Sync Data\\LevelDB\\MANIFEST-000001",
"objectSha256" : "2E542B15AA308F364DDDCC3450098C38A24865E2A0B29855B5470C4D22FE2B47",
"objectSize" : 130,
"objectType" : "file",
"resolvedPath" : "C:\\Users\\maxhe\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Sync Data\\LevelDB\\MANIFEST-000001",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : false,
"disableSignatureWhiteListing" : false,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : true,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"singleDelete" : false,
"treatAsRootkit" : false,
"useDDA" : false,
"verifyResolvedPath" : true,
"whitelistCheckError" : false
}
},
{
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
"chromeData" : {
"isSyncDB" : true,
"remediateUsingSDK" : false,
"restrictLinkingToSDK" : true,
"sdkData" : "{\n \"browserType\" : \"chrome\",\n \"context\" : {\n \"chromeUrlSyncData\" : {\n \"defaultSearchProviderSyncGuid\" : \"\",\n \"deletedSearchProviderData\" : [\n\n ],\n \"homepageUrl\" : \"https:\\\/\\\/www.google.de\\\/search?q={searchTerms}&btnK=Google+Suche&sxsrf=ALeKk00eVJ4yNqL3wKi_K7suHFxkypSceQ%3A1627139402514&source=hp&ei=Si38YIHhHNyBhbIPyKKc-A0&iflsig=AINFCbYAAAAAYPw7WoeNUHID1_lsPHyeQhWiprpMS0-h&oq=http%3A%2F%2Fwww1.online%2F%3Fw%3DRD1919&gs_lcp=Cgdnd3Mtd2l6EAMyBAgjECdQ_gNY_gNgoQZoAHAAeACAAVCIAVCSAQExmAEAoAECoAEBqgEHZ3dzLXdpeg&sclient=gws-wiz&ved=0ahUKEwiBrtbQ_vvxAhXcQEEAHUgRB98Q4dUDCAo&uact=5\",\n \"startupUrl\" : \"https:\\\/\\\/www.google.de\\\/search?q={searchTerms}&btnK=Google+Suche&sxsrf=ALeKk00eVJ4yNqL3wKi_K7suHFxkypSceQ%3A1627139402514&source=hp&ei=Si38YIHhHNyBhbIPyKKc-A0&iflsig=AINFCbYAAAAAYPw7WoeNUHID1_lsPHyeQhWiprpMS0-h&oq=http%3A%2F%2Fwww1.online%2F%3Fw%3DRD1919&gs_lcp=Cgdnd3Mtd2l6EAMyBAgjECdQ_gNY_gNgoQZoAHAAeACAAVCIAVCSAQExmAEAoAECoAEBqgEHZ3dzLXdpeg&sclient=gws-wiz&ved=0ahUKEwiBrtbQ_vvxAhXcQEEAHUgRB98Q4dUDCAo&uact=5\"\n }\n },\n \"contextSelectionFlags\" : {\n \"chromeExtensionData\" : false,\n \"chromeNotificationData\" : false,\n \"chromeSyncSettingsData\" : false,\n \"chromeUrlData\" : false,\n \"chromeUrlSyncData\" : true\n },\n \"objectPath\" : \"C:\\\\USERS\\\\MAXHE\\\\APPDATA\\\\LOCAL\\\\GOOGLE\\\\CHROME\\\\USER DATA\\\\Default\\\\Sync Data\\\\LevelDB\",\n \"objectType\" : \"syncData\",\n \"schemaVersion\" : 4,\n \"syncDBType\" : \"levelDB\"\n}"
}
},
"cleanResult" : "successful",
"cleanResultErrorCode" : 0,
"cleanTime" : "2021-07-24T15:34:33Z",
"generatedByPostCleanupAction" : false,
"hubbleRequestErrorCode" : 0,
"id" : "907a221e-ec94-11eb-835a-00d861d43252",
"igExitCode" : "",
"isPEFile" : false,
"isPEFileValid" : false,
"isWhitelistedByAdsInfo" : false,
"linkType" : "linkedTrace",
"objectMD5" : "",
"objectPath" : "C:\\USERS\\MAXHE\\APPDATA\\LOCAL\\GOOGLE\\CHROME\\USER DATA\\Default\\Sync Data\\LevelDB",
"objectSha256" : "",
"objectSize" : -1,
"objectType" : "folder",
"resolvedPath" : "C:\\Users\\maxhe\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Sync Data\\LevelDB",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : false,
"disableSignatureWhiteListing" : false,
"fileDelete" : false,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : true,
"isChromeObject" : true,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : true,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"singleDelete" : false,
"treatAsRootkit" : false,
"useDDA" : false,
"verifyResolvedPath" : true,
"whitelistCheckError" : false
}
}
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
"chromeData" : {
"isSyncDB" : false,
"remediateUsingSDK" : true,
"restrictLinkingToSDK" : true,
"sdkData" : "{\n \"browserType\" : \"chrome\",\n \"context\" : {\n \"chromeUrlData\" : {\n \"url\" : \"https:\\\/\\\/www.google.de\\\/search?q={searchTerms}&btnK=Google+Suche&sxsrf=ALeKk00eVJ4yNqL3wKi_K7suHFxkypSceQ%3A1627139402514&source=hp&ei=Si38YIHhHNyBhbIPyKKc-A0&iflsig=AINFCbYAAAAAYPw7WoeNUHID1_lsPHyeQhWiprpMS0-h&oq=http%3A%2F%2Fwww1.online%2F%3Fw%3DRD1919&gs_lcp=Cgdnd3Mtd2l6EAMyBAgjECdQ_gNY_gNgoQZoAHAAeACAAVCIAVCSAQExmAEAoAECoAEBqgEHZ3dzLXdpeg&sclient=gws-wiz&ved=0ahUKEwiBrtbQ_vvxAhXcQEEAHUgRB98Q4dUDCAo&uact=5\"\n }\n },\n \"contextSelectionFlags\" : {\n \"chromeExtensionData\" : false,\n \"chromeNotificationData\" : false,\n \"chromeSyncSettingsData\" : false,\n \"chromeUrlData\" : true,\n \"chromeUrlSyncData\" : false\n },\n \"objectPath\" : \"C:\\\\USERS\\\\MAXHE\\\\APPDATA\\\\LOCAL\\\\GOOGLE\\\\CHROME\\\\USER DATA\\\\Default\\\\Web Data\",\n \"objectType\" : \"webData\",\n \"schemaVersion\" : 4,\n \"syncDBType\" : \"none\"\n}"
}
},
"cleanResult" : "successful",
"cleanResultErrorCode" : 0,
"cleanTime" : "2021-07-24T15:34:33Z",
"generatedByPostCleanupAction" : false,
"hubbleRequestErrorCode" : 0,
"id" : "9042d958-ec94-11eb-ad70-00d861d43252",
"igExitCode" : "",
"isPEFile" : false,
"isPEFileValid" : true,
"isWhitelistedByAdsInfo" : false,
"linkType" : "none",
"objectMD5" : "E45BB896BB4D32BC6226F67C40FD755F",
"objectPath" : "C:\\USERS\\MAXHE\\APPDATA\\LOCAL\\GOOGLE\\CHROME\\USER DATA\\Default\\Web Data",
"objectSha256" : "95DC52D9A2D8C78B2006DD8D2EF95CA6DD9A742924ACE227790B32EC172D9A41",
"objectSize" : 294912,
"objectType" : "file",
"resolvedPath" : "C:\\Users\\maxhe\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Web Data",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : true,
"disableSignatureWhiteListing" : true,
"fileDelete" : false,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : true,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : true,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : true,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"singleDelete" : false,
"treatAsRootkit" : false,
"useDDA" : false,
"verifyResolvedPath" : true,
"whitelistCheckError" : false
},
"winVerifyTrustResult" : {
"expectedError" : false,
"lastErrorCode" : -2146762749,
"wvtCalled" : true,
"wvtResult" : -2146762749
}
},
"ruleID" : 454813,
"ruleString" : "",
"rulesVersion" : "1.0.43476",
"srcEngineComponent" : "ame",
"srcEngineThreatNames" : [
],
"threatID" : 241,
"threatName" : "PUP.Optional.StartPage"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "successful",
"cleanResultErrorCode" : 0,
"cleanTime" : "2021-07-24T15:34:33Z",
"generatedByPostCleanupAction" : false,
"hubbleRequestErrorCode" : 0,
"id" : "915e5f38-ec94-11eb-8cb8-00d861d43252",
"igExitCode" : "",
"isPEFile" : true,
"isPEFileValid" : true,
"isWhitelistedByAdsInfo" : false,
"linkType" : "none",
"objectMD5" : "8DE15C2E5FE9661CFD86EB8254991B73",
"objectPath" : "C:\\USERS\\MAXHE\\DOWNLOADS\\GHOSTMOUSE - CHIP-INSTALLER.EXE",
"objectSha256" : "3427DB66777176B68A03CD09F5FCFE9613755005452A5C401AC64BA22D692143",
"objectSize" : 1353232,
"objectType" : "file",
"resolvedPath" : "C:\\Users\\maxhe\\Downloads\\GhostMouse - CHIP-Installer.exe",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : true,
"disableSignatureWhiteListing" : true,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : true,
"isShuriken" : false,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"singleDelete" : false,
"treatAsRootkit" : false,
"useDDA" : false,
"verifyResolvedPath" : true,
"whitelistCheckError" : false
},
"winVerifyTrustResult" : {
"expectedError" : false,
"lastErrorCode" : -2146762495,
"wvtCalled" : true,
"wvtResult" : -2146762495
}
},
"ruleID" : 562568,
"ruleString" : "",
"rulesVersion" : "1.0.43476",
"srcEngineComponent" : "ame",
"srcEngineThreatNames" : [
],
"threatID" : 633,
"threatName" : "PUP.Optional.ChipDe"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "successful",
"cleanResultErrorCode" : 0,
"cleanTime" : "2021-07-24T15:34:33Z",
"generatedByPostCleanupAction" : false,
"hubbleRequestErrorCode" : 0,
"id" : "92af6c74-ec94-11eb-aebf-00d861d43252",
"igExitCode" : "",
"isPEFile" : false,
"isPEFileValid" : true,
"isWhitelistedByAdsInfo" : false,
"linkType" : "none",
"objectMD5" : "5627E4FB4D14CC8D0248EA76391AFD97",
"objectPath" : "C:\\USERS\\MAXHE\\DOWNLOADS\\TEMBOTV1.7.1-HOTFIX.ZIP",
"objectSha256" : "0F2767249060119C8B4C6511231E21ECE806C58C2B9F93B571657A8E3DFC7F26",
"objectSize" : 1548127,
"objectType" : "file",
"resolvedPath" : "C:\\Users\\maxhe\\Downloads\\TemBotv1.7.1-HOTFIX.zip",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : false,
"disableSignatureWhiteListing" : false,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : true,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"singleDelete" : false,
"treatAsRootkit" : false,
"useDDA" : false,
"verifyResolvedPath" : true,
"whitelistCheckError" : false
},
"winVerifyTrustResult" : {
"expectedError" : false,
"lastErrorCode" : -2146762749,
"wvtCalled" : true,
"wvtResult" : -2146762749
}
},
"ruleID" : 392686,
"ruleString" : "",
"rulesVersion" : "1.0.43476",
"srcEngineComponent" : "shuriken",
"srcEngineThreatNames" : [
],
"threatID" : 0,
"threatName" : "Generic.Malware\/Suspicious"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "successful",
"cleanResultErrorCode" : 0,
"cleanTime" : "2021-07-24T15:34:33Z",
"generatedByPostCleanupAction" : false,
"hubbleRequestErrorCode" : 0,
"id" : "92b04392-ec94-11eb-b996-00d861d43252",
"igExitCode" : "",
"isPEFile" : false,
"isPEFileValid" : true,
"isWhitelistedByAdsInfo" : false,
"linkType" : "none",
"objectMD5" : "0CAFEBB3205C651BEDF03375B8397064",
"objectPath" : "C:\\USERS\\MAXHE\\DOWNLOADS\\TEMBOTV1.9.1A-TEST.ZIP",
"objectSha256" : "B6782751BE7F06607758C15D115AD0A1FD999816C62AD5E5729C544D7E40A5CD",
"objectSize" : 1655616,
"objectType" : "file",
"resolvedPath" : "C:\\Users\\maxhe\\Downloads\\TemBotv1.9.1a-TEST.zip",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : false,
"disableSignatureWhiteListing" : false,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : true,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"singleDelete" : false,
"treatAsRootkit" : false,
"useDDA" : false,
"verifyResolvedPath" : true,
"whitelistCheckError" : false
},
"winVerifyTrustResult" : {
"expectedError" : false,
"lastErrorCode" : -2146762749,
"wvtCalled" : true,
"wvtResult" : -2146762749
}
},
"ruleID" : 392686,
"ruleString" : "",
"rulesVersion" : "1.0.43476",
"srcEngineComponent" : "shuriken",
"srcEngineThreatNames" : [
],
"threatID" : 0,
"threatName" : "Generic.Malware\/Suspicious"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "duplicate",
"cleanResultErrorCode" : 0,
"cleanTime" : "2021-07-24T15:34:04Z",
"generatedByPostCleanupAction" : false,
"hubbleRequestErrorCode" : 0,
"id" : "936252a8-ec94-11eb-be64-00d861d43252",
"igExitCode" : "",
"isPEFile" : true,
"isPEFileValid" : true,
"isWhitelistedByAdsInfo" : false,
"linkType" : "none",
"objectMD5" : "0CAFEBB3205C651BEDF03375B8397064",
"objectPath" : "C:\\USERS\\MAXHE\\DOWNLOADS\\TEMBOTV1.9.1A-TEST.ZIP",
"objectSha256" : "B6782751BE7F06607758C15D115AD0A1FD999816C62AD5E5729C544D7E40A5CD",
"objectSize" : -1,
"objectType" : "file",
"resolvedPath" : "",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : false,
"disableSignatureWhiteListing" : false,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : true,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"singleDelete" : false,
"treatAsRootkit" : false,
"useDDA" : false,
"verifyResolvedPath" : false,
"whitelistCheckError" : false
},
"winVerifyTrustResult" : {
"expectedError" : false,
"lastErrorCode" : -2146762749,
"wvtCalled" : true,
"wvtResult" : -2146762749
}
},
"ruleID" : 392686,
"ruleString" : "",
"rulesVersion" : "1.0.43476",
"srcEngineComponent" : "shuriken",
"srcEngineThreatNames" : [
],
"threatID" : 0,
"threatName" : "Generic.Malware\/Suspicious"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "successful",
"cleanResultErrorCode" : 0,
"cleanTime" : "2021-07-24T15:34:33Z",
"generatedByPostCleanupAction" : false,
"hubbleRequestErrorCode" : 0,
"id" : "9363645e-ec94-11eb-8e6e-00d861d43252",
"igExitCode" : "",
"isPEFile" : false,
"isPEFileValid" : true,
"isWhitelistedByAdsInfo" : false,
"linkType" : "none",
"objectMD5" : "3F00D94B1A931FCDBE64516B65DDA99B",
"objectPath" : "C:\\USERS\\MAXHE\\DOWNLOADS\\TEMBOTV1.9.0-BETA.ZIP",
"objectSha256" : "FB7E1BA995A583F8E11A3BBA040FBDF1BE15B8FE75760DE609948B25ACBA6FC1",
"objectSize" : 1659497,
"objectType" : "file",
"resolvedPath" : "C:\\Users\\maxhe\\Downloads\\TemBotv1.9.0-BETA.zip",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : false,
"disableSignatureWhiteListing" : false,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : true,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"singleDelete" : false,
"treatAsRootkit" : false,
"useDDA" : false,
"verifyResolvedPath" : true,
"whitelistCheckError" : false
},
"winVerifyTrustResult" : {
"expectedError" : false,
"lastErrorCode" : -2146762749,
"wvtCalled" : true,
"wvtResult" : -2146762749
}
},
"ruleID" : 392686,
"ruleString" : "",
"rulesVersion" : "1.0.43476",
"srcEngineComponent" : "shuriken",
"srcEngineThreatNames" : [
],
"threatID" : 0,
"threatName" : "Generic.Malware\/Suspicious"
},
{
"ddsSigFileVersion" : "",
"linkedTraces" : [
],
"mainTrace" : {
"archiveMember" : "",
"archiveMemberMD5" : "",
"cleanAction" : "quarantine",
"cleanContext" : {
},
"cleanResult" : "duplicate",
"cleanResultErrorCode" : 0,
"cleanTime" : "2021-07-24T15:34:04Z",
"generatedByPostCleanupAction" : false,
"hubbleRequestErrorCode" : 0,
"id" : "9364fed6-ec94-11eb-ad2f-00d861d43252",
"igExitCode" : "",
"isPEFile" : true,
"isPEFileValid" : true,
"isWhitelistedByAdsInfo" : false,
"linkType" : "none",
"objectMD5" : "3F00D94B1A931FCDBE64516B65DDA99B",
"objectPath" : "C:\\USERS\\MAXHE\\DOWNLOADS\\TEMBOTV1.9.0-BETA.ZIP",
"objectSha256" : "FB7E1BA995A583F8E11A3BBA040FBDF1BE15B8FE75760DE609948B25ACBA6FC1",
"objectSize" : -1,
"objectType" : "file",
"resolvedPath" : "",
"suggestedAction" : {
"archiveDir" : false,
"chromeExtensionOther" : false,
"chromeExtensionPreferences" : false,
"chromeExtensionSecurePreferences" : false,
"chromeExtensionSyncData" : false,
"chromeUrlOther" : false,
"chromeUrlSecurePreferences" : false,
"chromeUrlSyncData" : false,
"chromeUrlWebData" : false,
"disableHubbleWhiteListing" : false,
"disableSignatureWhiteListing" : false,
"fileDelete" : true,
"fileReplace" : false,
"fileTxtReplace" : false,
"folderDelete" : false,
"isChromeObject" : false,
"isDDS" : false,
"isDoppleganging" : false,
"isExternalDetection" : false,
"isPUP" : false,
"isShuriken" : true,
"isWMIEventConsumer" : false,
"killProcess" : false,
"minimalWhiteListing" : false,
"moduleUnload" : false,
"noLinking" : false,
"physicalSectorReplace" : false,
"priorityHigh" : false,
"priorityNormal" : false,
"priorityUrgent" : false,
"processUnload" : false,
"regKeyDelete" : false,
"regValueDelete" : false,
"regValueReplace" : false,
"shortcutReplace" : false,
"silentMode" : false,
"singleDelete" : false,
"treatAsRootkit" : false,
"useDDA" : false,
"verifyResolvedPath" : false,
"whitelistCheckError" : false
},
"winVerifyTrustResult" : {
"expectedError" : false,
"lastErrorCode" : -2146762749,
"wvtCalled" : true,
"wvtResult" : -2146762749
}
},
"ruleID" : 392686,
"ruleString" : "",
"rulesVersion" : "1.0.43476",
"srcEngineComponent" : "shuriken",
"srcEngineThreatNames" : [
],
"threatID" : 0,
"threatName" : "Generic.Malware\/Suspicious"
}
],
"threatsDetected" : 15
} |