CRACKING A SOFT CELL IS HARDER THAN YOU THINK
Show in Graph
Image Description
Common Information
Type Value
UUID 1a2f19c3-4248-45a8-b162-78e2502b558b
Fingerprint b11a34350e986a0b17b27902a24c89d5ff600d985ecffb13b85fec1b970aba70
Analysis status DONE
Considered CTI value 2
Text language
Published Jan. 15, 2021, 8:36 a.m.
Added to db April 14, 2024, 3:39 a.m.
Last updated Aug. 31, 2024, 5:16 a.m.
Headline CRACKING A SOFT CELL IS HARDER THAN YOU THINK
Title CRACKING A SOFT CELL IS HARDER THAN YOU THINK
Detected Hints/Tags/Attributes 50/3/68
Source URLs
Redirection Url
Details Source https://raw.githubusercontent.com/yt0ng/cracking_softcell/main/Cracking_SOFTCLL_TLP_WHITE.pdf
URL Provider
Details Provider Source level domain
Details githubusercontent.com raw.githubusercontent.com
Attributes
Details Type #Events CTI Value
Details Domain 10 
go.crowdstrike.com
Details Domain 170 
www.sans.org
Details Domain 403 
securelist.com
Details File 5 
runhelp.exe
Details File 6 
mcoemcpy.exe
Details File 12 
mcutil.dll
Details File 1 
antivir.dat
Details File 3 
report2018globalthreatreport.pdf
Details File 14 
imagingdevices.exe
Details File 2 
imagingengine.dll
Details File 14 
activeds.dll
Details File 1 
photo.dat
Details File 1 
c:\windows\system32\rmtclt.exe
Details File 1 
c:\windows\syswow64\rmtclt.exe
Details File 1 
simplify_32.exe
Details File 1 
s_i64d.exe
Details File 1 
simplify_i64d.exe
Details File 1 
39_64d.exe
Details File 1 
configmoudle.exe
Details File 1 
simplify_64.exe
Details File 1 
42_32.exe
Details File 1 
sy32.exe
Details File 1 
s_x86d.exe
Details File 7 
myfile.exe
Details File 1 
39_32d.exe
Details File 1 
simplify_x86d.exe
Details File 1 
33333.exe
Details File 2 
s64.exe
Details File 1 
sy64.exe
Details File 1 
c:\\windows\\system32\\inetsrv\\config\\applicationhost.config
Details md5 1 
7a1d592339db1f0d1e76294a62ec842b
Details md5 1 
a8366127d37ab82fa37b612b3bfd046e
Details md5 1 
9fda6a46c96a9ee0b87c2313ba04bf2b
Details md5 1 
1a7cbfae5796ebbef5c8c150e461f2e7
Details md5 1 
2f089510d01ca58460d0debff4962700
Details md5 1 
648eee77fa92d07f4747a72970f944e9
Details md5 1 
d9c25f0c43ffc64a99ad709c8d8e9496
Details md5 1 
bc7bbeb92078f9289cfb94e3a6eb193a
Details md5 1 
00a928b681e545c0ae859c56f2dfd160
Details md5 1 
2e834d8dde313e992997cbda050a15f1
Details md5 1 
fee9bc26f55c2049e1b64616a442dc7b
Details md5 1 
426ce7bf9e1e7c43f6dc05438798be8c
Details md5 1 
fbdc5eaa50c3f7c0439c51ba4e9841f7
Details md5 1 
24fc7f311ea28ffbb579a3aad486b61a
Details md5 1 
034f46545c5b1112e03eb60e2c7670ce
Details md5 1 
4534f50279f9e4d935c0423c654e9252
Details md5 1 
7351406c380d9e22d080a0ad509824de
Details md5 1 
16485ff94213ab24a6bda3c16d47b348
Details md5 1 
b429265c5678804ce6de0ecd9e6d205e
Details md5 1 
723a98a3b0f9db7e15533848abe1fdfb
Details md5 1 
4c3a453cda4f8a61f47fc80762d65f54
Details md5 1 
abcffc85e306cb307d5a63602184acce
Details md5 1 
67f68b8cf07fdc1f8d025a3b2774e7c7
Details md5 1 
64f8b0cc6cb16b7e57605813e3ce0a76
Details sha1 1 
32078ac8e12f61046aec24f153b1e438a36100ac
Details Pdb 1 
e:\vs_proj\remotemanager\clientexe\clientexe\debug\clientexe.pdb
Details Pdb 1 
gh0st.pdb
Details Pdb 1 
e:\vs_proj\remoteserver\release\remoteserver.pdb
Details Pdb 1 
e:\vs_proj\remotemanager\release\remoteserver.pdb
Details Pdb 1 
e:\vs_proj\remotemanager\server\release\remoteserver.pdb
Details Pdb 1 
e:\vs_proj\remotemanager_new\server\release\remoteserver.pdb
Details Pdb 3 
e:\vs_proj\simplify_modify\win32\simplify.pdb
Details Pdb 2 
e:\simplify_modify\x64\simplify.pdb
Details Threat Actor Identifier - APT 278 
APT10
Details Threat Actor Identifier - APT 522 
APT41
Details Url 2 
https://go.crowdstrike.com/rs/281-obq-
Details Url 1 
http://www.sans.org/cyber-security-summit/archives/download/23430
Details Url 1 
https://securelist.com/luckymouse-ndisproxy-driver/87914