APT41, A DUAL ESPIONAGE AND CYBER CRIME OPERATION
Common Information
| Type | Value |
|---|---|
| UUID | 3e7cc04a-e8dc-4d2b-9114-42f7417cde87 |
| Fingerprint | a147427b39c68b537bb1552e0f1274c3053268581e5b34aa9c831d2d593757e3 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Feb. 23, 2022, 3:07 p.m. |
| Added to db | March 10, 2024, 6:05 a.m. |
| Last updated | Aug. 31, 2024, 1:36 a.m. |
| Headline | APT41, A DUAL ESPIONAGE AND CYBER CRIME OPERATION |
| Title | APT41, A DUAL ESPIONAGE AND CYBER CRIME OPERATION |
| Detected Hints/Tags/Attributes | 492/4/312 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | File | 2125 | cmd.exe |
|
| Details | File | 2 | c:\wmi.dll |
|
| Details | File | 19 | a.bat |
|
| Details | File | 2 | readme_liesmich_encryptor_raas.txt |
|
| Details | File | 22 | apphelp.dll |
|
| Details | File | 1 | apt.pas |
|
| Details | File | 1018 | rundll32.exe |
|
| Details | File | 26 | backdoor.msi |
|
| Details | File | 73 | trojan.msi |
|
| Details | File | 2 | win.pot |
|
| Details | File | 3 | trojan.pl |
|
| Details | File | 263 | iexplore.exe |
|
| Details | File | 1 | zxshell.sys |
|
| Details | File | 1 | の予防.7z |
|
| Details | Github username | 4 | search |
|
| Details | md5 | 1 | 5e87b09f9a3f1b728c9797560a38764b |
|
| Details | md5 | 1 | 72499e9734ea73e1593cf75c3b26cef0 |
|
| Details | md5 | 1 | 645925ca66990f8504d9632f7c7b3ae6 |
|
| Details | md5 | 1 | 1b135f38c68cab15ef47dfbcbb7ab7b9 |
|
| Details | md5 | 1 | 748aa5fcfa2af451c76039faf6a8684d |
|
| Details | md5 | 2 | 37e100dd8b2ad8b301b130c2bca3f1ea |
|
| Details | md5 | 2 | 557ff68798c71652db8a85596a4bab72 |
|
| Details | md5 | 2 | ff8d92dfbcda572ef97c142017eec658 |
|
| Details | md5 | 1 | b0877494d36fab1f9f4219c3defbfb19 |
|
| Details | md5 | 2 | ffd0f34739c1568797891b9961111464 |
|
| Details | md5 | 1 | 04fb0ccf3ef309b1cd587f609ab0e81e |
|
| Details | md5 | 1 | fcfab508663d9ce519b51f767e902806 |
|
| Details | md5 | 1 | 0b2e07205245697a749e422238f9f785 |
|
| Details | md5 | 1 | 272537bbd2a8e2a2c3938dc31f0d2461 |
|
| Details | md5 | 1 | dd792f9185860e1464b4346254b2101b |
|
| Details | md5 | 1 | 223e4cc4cf5ce049f300671697a17a01 |
|
| Details | md5 | 1 | 8c6cceae2eea92deb6f7632f949293f0 |
|
| Details | md5 | 1 | 72584d6b7dd10c82d9118567b548b2b1 |
|
| Details | md5 | 1 | a6c7db170bc7a4ee2cdb192247b59cd6 |
|
| Details | md5 | 2 | 830a09ff05eac9a5f42897ba5176a36a |
|
| Details | md5 | 3 | 97363d50a279492fda14cbab53429e75 |
|
| Details | md5 | 1 | 0f49621b06f2cdaac8850c6e9581a594 |
|
| Details | md5 | 1 | c8403fabda4d036a55d0353520e765c9 |
|
| Details | md5 | 1 | 09b8b54f78a10c435cd319070aa13c28 |
|
| Details | CVE | 1 | cve-2019-3369 |
|
| Details | CVE | 38 | cve-2019-3396 |
|
| Details | CVE | 176 | cve-2012-0158 |
|
| Details | CVE | 48 | cve-2015-1641 |
|
| Details | CVE | 269 | cve-2017-0199 |
|
| Details | CVE | 375 | cve-2017-11882 |
|
| Details | Domain | 2 | sexyjapan.ddns.info |
|
| Details | Domain | 1 | gs4.playdr2.tw |
|
| Details | Domain | 4127 | github.com |
|
| Details | Domain | 1 | en.search.wordpress.com |
|
| Details | Domain | 3 | notped.com |
|
| Details | Domain | 3 | dnsgogle.com |
|
| Details | Domain | 2 | operatingbox.com |
|
| Details | Domain | 3 | paniesx.com |
|
| Details | Domain | 3 | techniciantext.com |
|
| Details | Domain | 112 | docs.google.com |
|
| Details | Domain | 41 | steamcommunity.com |
|
| Details | Domain | 3 | gxxservice.com |
|
| Details | Domain | 3 | infestexe.com |
|
| Details | Domain | 2 | xigncodeservice.com |
|
| Details | Domain | 1174 | gmail.com |
|
| Details | Domain | 22 | 126.com |
|
| Details | Domain | 85 | 163.com |
|
| Details | Domain | 179 | hotmail.com |
|
| Details | Domain | 99 | qq.com |
|
| Details | Domain | 18 | sohu.com |
|
| Details | Domain | 1 | agegamepay.com |
|
| Details | Domain | 1 | ageofwuxia.com |
|
| Details | Domain | 1 | ageofwuxia.info |
|
| Details | Domain | 1 | ageofwuxia.net |
|
| Details | Domain | 1 | ageofwuxia.org |
|
| Details | Domain | 1 | gamewushu.com |
|
| Details | Domain | 1 | microsoff.com |
|
| Details | Domain | 2 | microsotf.com |
|
| Details | Domain | 2 | serverbye.com |
|
| Details | Domain | 2 | byeserver.com |
|
| Details | Domain | 1 | ibmupdate.com |
|
| Details | Domain | 1 | linux-update.net |
|
| Details | Domain | 1 | win7update.net |
|
| Details | Domain | 1 | kasparsky.net |
|
| Details | Domain | 1 | macfee.ga |
|
| Details | Domain | 1 | symanteclabs.com |
|
| Details | Domain | 6 | backdoor.win |
|
| Details | Domain | 5 | apt.backdoor.win |
|
| Details | Domain | 1 | apt.downloader.win |
|
| Details | Domain | 3 | backdoor.lv |
|
| Details | Domain | 1 | backdoor.apt.photo |
|
| Details | Domain | 2 | bugcheck.xigncodeservice.com |
|
| Details | Domain | 2 | micros0ff.com |
|
| Details | Domain | 1 | micros0tf.com |
|
| Details | Domain | 287 | yahoo.com |
|
| Details | Domain | 182 | www.mandiant.com |
|
| Details | Domain | 17 | mandiant.com |
|
| Details | 2 | hrsimon59@gmail.com |
||
| Details | 1 | injuriesa@gmail.com |
||
| Details | 1 | injuriesa@hotmail.com |
||
| Details | 1 | injuriesa@qq.com |
||
| Details | 1 | ravinder10@hotmail.com |
||
| Details | 1 | ravinder10@sohu.com |
||
| Details | 2 | petervc1983@gmail.com |
||
| Details | 1 | wolf_zhi@yahoo.com |
||
| Details | 6 | info@mandiant.com |
||
| Details | File | 3 | highnoon.bin |
|
| Details | File | 1 | crosswalk.bin |
|
| Details | File | 7 | ddns.inf |
|
| Details | File | 1 | gs4.pl |
|
| Details | File | 1 | x64.vbs |
|
| Details | File | 1 | fairwin.chm |
|
| Details | File | 2 | documents.7z |
|
| Details | File | 1 | ageofwuxia.inf |
|
| Details | File | 2 | nvsmartex.exe |
|
| Details | File | 11 | form.exe |
|
| Details | File | 1 | drvdll.dll |
|
| Details | File | 2 | plusdll.dll |
|
| Details | File | 1 | highnoon.pas |
|
| Details | md5 | 1 | 26a196afc8e6aff6fc6c46734bf228cb |
|
| Details | md5 | 1 | 9e1a54d3dc889a7f0e56753c0486fd0f |
|
| Details | md5 | 2 | 36711896cfeb67f599305b590f195aec |
|
| Details | md5 | 2 | a0a96138b57ee24eed31b652ddf60d4e |
|
| Details | md5 | 1 | 46a557fbdce734a6794b228df0195474 |
|
| Details | md5 | 1 | 77c60e5d2d99c3f63f2aea1773ed4653 |
|
| Details | md5 | 2 | 7d51ea0230d4692eeedc2d5a4cd66d2d |
|
| Details | md5 | 1 | 849ab91e93116ae420d2fe2136d24a87 |
|
| Details | md5 | 1 | ba08b593250c3ca5c13f56e2ca97d85e |
|
| Details | md5 | 1 | f8c89ccd8937f2b760e6706738210744 |
|
| Details | md5 | 1 | 5b26f5c7c367d5e976aaba320965cc7f |
|
| Details | md5 | 1 | 2862c9bff365dc8d51ba0c4953869d5d |
|
| Details | md5 | 1 | b5120174d92f30d3162ceda23e201cea |
|
| Details | md5 | 1 | df143c22465b88c4bdb042956fef8121 |
|
| Details | md5 | 1 | d00b3edc3fe688fa035f1b919ef6e8f4 |
|
| Details | md5 | 1 | 51a9c2197ef83d9bac3fa3af5e752243 |
|
| Details | md5 | 1 | 42d138d0938494fd64e1e919707e7201 |
|
| Details | md5 | 1 | e6675b1122bf30ab51b1ae26adaec921 |
|
| Details | md5 | 1 | 7cd17fc948eb5fa398b8554fea036bdb |
|
| Details | md5 | 1 | 3c0045880e03acbe532f4082c271e3c5 |
|
| Details | md5 | 1 | 2eea29d83f485897e2bac9501ef000cc |
|
| Details | md5 | 1 | 266ffe10019d8c529555a3435ac4aabd |
|
| Details | md5 | 1 | 5d971ed3947597fbb7e51d806647b37d |
|
| Details | md5 | 1 | 64d9fe915b35c7c9eaf79a37b82dab90 |
|
| Details | md5 | 1 | 70c03ce5c80aca2d35a5555b0532eede |
|
| Details | md5 | 1 | de24d4cc6bdb32a2c8f7e630bba5f26e |
|
| Details | md5 | 1 | 3e6c4e97cc09d0432fbbbf3f3e424d4a |
|
| Details | md5 | 1 | a967d3073b6002305cd6573c47f0341f |
|
| Details | md5 | 1 | 9283703dfbc642dd70c8c76675285526 |
|
| Details | md5 | 1 | 90e998bcb3f3374273c0b5c90c0d1366 |
|
| Details | md5 | 1 | 0055dfaccc952c99b1171ce431a02abf |
|
| Details | md5 | 1 | ce5c6f8fb5dc39e4019b624a7d03bfcb |
|
| Details | md5 | 1 | c51c5bbc6f59407286276ce07f0f7ea9 |
|
| Details | md5 | 1 | 94e76216e0abe34cbf20f1b1cbd9446d |
|
| Details | md5 | 1 | 63e8ed9692810d562adb80f27bb1aeaf |
|
| Details | md5 | 1 | 48849e468bf5fd157bc83ca83139b6d7 |
|
| Details | md5 | 1 | 79190925bd1c3fae65b0d11db40ac8e6 |
|
| Details | md5 | 1 | 1fb9326ccfed9b7e09084b891089602d |
|
| Details | md5 | 1 | 354c174e583e968f0ecf86cc20d59ecd |
|
| Details | md5 | 1 | 6e0f9d21800428453b8db63f344f0f22 |
|
| Details | md5 | 1 | bae8f4f5fc959bff980d6a6d12797b0d |
|
| Details | md5 | 1 | 647e97cc811c5b9e827d0b985d87f68f |
|
| Details | sha1 | 2 | 44260a1dfd92922a621124640015160e621f32d5 |
|
| Details | sha1 | 2 | dde82093decde6371eb852a5e9a1aa4acf3b56ba |
|
| Details | sha1 | 2 | a045939f53c5ad2c0f7368b082aa7b0bd7b116da |
|
| Details | sha1 | 2 | a260dcf193e747cee49ae83568eea6c04bf93cb3 |
|
| Details | sha1 | 2 | 8272c1f41f7c223316c0d78bd3bd5744e25c2e9f |
|
| Details | sha1 | 1 | c2fb50c9ef7ae776a42409bce8ef1be464654a4e |
|
| Details | sha1 | 1 | f3c222606f890573e6128fbeb389f37bd6f6bda3 |
|
| Details | sha1 | 1 | 41bac813ae07aef41436e8ad22d605f786f9e099 |
|
| Details | sha1 | 1 | ad77a34627192abdf32daa9208fbde8b4ebfb25c |
|
| Details | sha1 | 1 | 3f1dee370a155dc2e8fb15e776821d7697583c75 |
|
| Details | sha1 | 1 | 1835c7751436cc199c55b42f34566d25fe6104ca |
|
| Details | sha1 | 1 | 32466d8d232d7b1801f456fe336615e6fa5e6ffb |
|
| Details | sha1 | 1 | 971bb08196bba400b07cf213345f55ce0a6eedc8 |
|
| Details | sha1 | 1 | 2366d181a1697bcb4f368df397dd0533ab8b5d27 |
|
| Details | sha1 | 1 | 4dc5fadece500ccd8cc49cfcf8a1b59baee3382a |
|
| Details | sha1 | 1 | d0429abec299ddfee7e1d9ccff1766afd4c0992b |
|
| Details | sha1 | 1 | 6f065eea36e28403d4d518b8e24bb7a915b612c3 |
|
| Details | sha1 | 1 | 82072cb53416c89bfee95b239f9a90677a0848df |
|
| Details | sha1 | 1 | 5ee7c57dc84391f63eaa3824c53cc10eafc9e388 |
|
| Details | sha1 | 1 | 03de2118aac6f20786043c7ef0324ef01dcf4265 |
|
| Details | sha1 | 1 | f067443c2c4d99dc6577006a2f105e51af731659 |
|
| Details | sha1 | 1 | f1a181d29b38dfe60d8ea487e8ed0ef30f064763 |
|
| Details | sha1 | 1 | 5a85d1e19e0414fc59e454ccbaef0a3c6bb41268 |
|
| Details | sha1 | 1 | 67c957c268c1e56cc8eb34b02e5c09eae62680f5 |
|
| Details | sha1 | 1 | b193ff40a98cd086f92893784d8896065faa3ee3 |
|
| Details | IPv4 | 1 | 61.38.186.0 |
|
| Details | IPv4 | 198 | 1.1.1.1 |
|
| Details | MITRE ATT&CK Techniques | 542 | T1190 |
|
| Details | MITRE ATT&CK Techniques | 191 | T1133 |
|
| Details | MITRE ATT&CK Techniques | 49 | T1193 |
|
| Details | MITRE ATT&CK Techniques | 52 | T1195 |
|
| Details | MITRE ATT&CK Techniques | 52 | T1199 |
|
| Details | MITRE ATT&CK Techniques | 306 | T1078 |
|
| Details | MITRE ATT&CK Techniques | 116 | T1134 |
|
| Details | MITRE ATT&CK Techniques | 3 | T1015 |
|
| Details | MITRE ATT&CK Techniques | 8 | T1038 |
|
| Details | MITRE ATT&CK Techniques | 1 | T1034 |
|
| Details | MITRE ATT&CK Techniques | 440 | T1055 |
|
| Details | MITRE ATT&CK Techniques | 7 | T1100 |
|
| Details | MITRE ATT&CK Techniques | 695 | T1059 |
|
| Details | MITRE ATT&CK Techniques | 2 | T1223 |
|
| Details | MITRE ATT&CK Techniques | 239 | T1106 |
|
| Details | MITRE ATT&CK Techniques | 120 | T1129 |
|
| Details | MITRE ATT&CK Techniques | 245 | T1203 |
|
| Details | MITRE ATT&CK Techniques | 6 | T1061 |
|
| Details | MITRE ATT&CK Techniques | 12 | T1170 |
|
| Details | MITRE ATT&CK Techniques | 41 | T1086 |
|
| Details | MITRE ATT&CK Techniques | 480 | T1053 |
|
| Details | MITRE ATT&CK Techniques | 27 | T1085 |
|
| Details | MITRE ATT&CK Techniques | 80 | T1064 |
|
| Details | MITRE ATT&CK Techniques | 39 | T1035 |
|
| Details | MITRE ATT&CK Techniques | 420 | T1204 |
|
| Details | MITRE ATT&CK Techniques | 310 | T1047 |
|
| Details | MITRE ATT&CK Techniques | 112 | T1098 |
|
| Details | MITRE ATT&CK Techniques | 5 | T1067 |
|
| Details | MITRE ATT&CK Techniques | 86 | T1136 |
|
| Details | MITRE ATT&CK Techniques | 13 | T1179 |
|
| Details | MITRE ATT&CK Techniques | 53 | T1031 |
|
| Details | MITRE ATT&CK Techniques | 36 | T1050 |
|
| Details | MITRE ATT&CK Techniques | 10 | T1108 |
|
| Details | MITRE ATT&CK Techniques | 279 | T1060 |
|
| Details | MITRE ATT&CK Techniques | 5 | T1165 |
|
| Details | MITRE ATT&CK Techniques | 111 | T1119 |
|
| Details | MITRE ATT&CK Techniques | 56 | T1213 |
|
| Details | MITRE ATT&CK Techniques | 534 | T1005 |
|
| Details | MITRE ATT&CK Techniques | 152 | T1056 |
|
| Details | MITRE ATT&CK Techniques | 219 | T1113 |
|
| Details | MITRE ATT&CK Techniques | 125 | T1110 |
|
| Details | MITRE ATT&CK Techniques | 289 | T1003 |
|
| Details | MITRE ATT&CK Techniques | 189 | T1081 |
|
| Details | MITRE ATT&CK Techniques | 4 | T1145 |
|
| Details | MITRE ATT&CK Techniques | 179 | T1087 |
|
| Details | MITRE ATT&CK Techniques | 124 | T1482 |
|
| Details | MITRE ATT&CK Techniques | 585 | T1083 |
|
| Details | MITRE ATT&CK Techniques | 65 | T1069 |
|
| Details | MITRE ATT&CK Techniques | 433 | T1057 |
|
| Details | MITRE ATT&CK Techniques | 24 | T1063 |
|
| Details | MITRE ATT&CK Techniques | 1006 | T1082 |
|
| Details | MITRE ATT&CK Techniques | 245 | T1016 |
|
| Details | MITRE ATT&CK Techniques | 1 | T0149 |
|
| Details | MITRE ATT&CK Techniques | 230 | T1033 |
|
| Details | MITRE ATT&CK Techniques | 86 | T1124 |
|
| Details | MITRE ATT&CK Techniques | 238 | T1497 |
|
| Details | MITRE ATT&CK Techniques | 60 | T1043 |
|
| Details | MITRE ATT&CK Techniques | 152 | T1090 |
|
| Details | MITRE ATT&CK Techniques | 23 | T1094 |
|
| Details | MITRE ATT&CK Techniques | 96 | T1132 |
|
| Details | MITRE ATT&CK Techniques | 75 | T1001 |
|
| Details | MITRE ATT&CK Techniques | 1 | T1483 |
|
| Details | MITRE ATT&CK Techniques | 141 | T1219 |
|
| Details | MITRE ATT&CK Techniques | 492 | T1105 |
|
| Details | MITRE ATT&CK Techniques | 444 | T1071 |
|
| Details | MITRE ATT&CK Techniques | 23 | T1032 |
|
| Details | MITRE ATT&CK Techniques | 159 | T1095 |
|
| Details | MITRE ATT&CK Techniques | 26 | T1065 |
|
| Details | MITRE ATT&CK Techniques | 7 | T1075 |
|
| Details | MITRE ATT&CK Techniques | 13 | T1076 |
|
| Details | MITRE ATT&CK Techniques | 24 | T1002 |
|
| Details | MITRE ATT&CK Techniques | 28 | T1022 |
|
| Details | MITRE ATT&CK Techniques | 422 | T1041 |
|
| Details | MITRE ATT&CK Techniques | 2 | T1487 |
|
| Details | MITRE ATT&CK Techniques | 12 | T1009 |
|
| Details | MITRE ATT&CK Techniques | 2 | T1146 |
|
| Details | MITRE ATT&CK Techniques | 14 | T1116 |
|
| Details | MITRE ATT&CK Techniques | 504 | T1140 |
|
| Details | MITRE ATT&CK Techniques | 41 | T1089 |
|
| Details | MITRE ATT&CK Techniques | 23 | T1073 |
|
| Details | MITRE ATT&CK Techniques | 67 | T1107 |
|
| Details | MITRE ATT&CK Techniques | 1 | T1054 |
|
| Details | MITRE ATT&CK Techniques | 247 | T1070 |
|
| Details | MITRE ATT&CK Techniques | 348 | T1036 |
|
| Details | MITRE ATT&CK Techniques | 550 | T1112 |
|
| Details | MITRE ATT&CK Techniques | 627 | T1027 |
|
| Details | MITRE ATT&CK Techniques | 41 | T1014 |
|
| Details | MITRE ATT&CK Techniques | 29 | T1045 |
|
| Details | MITRE ATT&CK Techniques | 12 | T1099 |
|
| Details | MITRE ATT&CK Techniques | 149 | T1102 |
|
| Details | Pdb | 1 | d:\桌面\木马\anti_winmm\appinit\appinit\release\appinit.pdb |
|
| Details | Pdb | 2 | h:\rbdoor\anti_winmm\appinit\appinit\release\appinit.pdb |
|
| Details | Pdb | 1 | h:\double-v1\stone_srv\bin\rbdoor64.pdb |
|
| Details | Pdb | 1 | h:\double\door_wh\appinit\x64\release\appinit.pdb |
|
| Details | Pdb | 1 | h:\double\door_wh\rbdoorx64\x64\release\rbdoorx64.pdb |
|
| Details | Pdb | 1 | h:\double\door_wh_kav\bin\rbdoor64.pdb |
|
| Details | Pdb | 1 | h:\rbdoor\anti_winmm\appinit\appinit\x64\release\appinit.pdb |
|
| Details | Pdb | 1 | h:\rbdoor\anti_winmm\appinit\shutdownevent\x64\release\shutdownevent.pdb |
|
| Details | Pdb | 1 | h:\rbdoor\anti_winmm\appinit\rbdoorx64\release\rbdoor.pdb |
|
| Details | Pdb | 1 | h:\rbdoor\anti_winmm\appinit\shutdownevent\release\shutdownevent.pdb |
|
| Details | Pdb | 1 | h:\rbdoor\lib\wmi_ssl\remotelib\bin\testrjlib.pdb |
|
| Details | Pdb | 1 | h:\svn\double-v1\stone_srv\bin\rbdoor64.pdb |
|
| Details | Threat Actor Identifier - APT | 522 | APT41 |
|
| Details | Threat Actor Identifier - APT | 66 | APT17 |
|
| Details | Threat Actor Identifier - APT | 13 | APT20 |
|
| Details | Threat Actor Identifier - APT | 166 | APT31 |
|
| Details | Threat Actor Identifier - APT | 143 | APT40 |
|
| Details | Threat Actor Identifier - APT | 278 | APT10 |
|
| Details | Threat Actor Identifier - APT | 78 | APT3 |
|
| Details | Threat Actor Identifier - APT | 9 | APT9 |
|
| Details | Threat Actor Identifier - APT | 115 | APT1 |
|
| Details | Threat Actor Identifier - APT | 22 | APT18 |
|
| Details | Threat Actor Identifier - APT | 24 | APT19 |
|
| Details | Url | 1 | https://github.com/search?q=joinlur |
|
| Details | Url | 1 | https://en.search.wordpress.com |
|
| Details | Url | 1 | https://docs.google.com/document/d/1iqwnf3ibwpz6-95vhrraprl6u_ut_k7x-rqrb7xt95k |
|
| Details | Url | 2 | https://steamcommunity.com/id/oswal053 |
|
| Details | Url | 1 | https://docs.google.com/document/d/1kj_rjrtkkhcujjxockteoluwh3sri72puhtfukncyrc |
|
| Details | Url | 1 | https://docs.google.com/document/d/1tktc3fhuvebsburzigw7kf5yspjblpahl1fksrdcuto |
|
| Details | Url | 1 | https://steamcommunity.com/id/119887132 |
|
| Details | Url | 1 | https://docs.google.com/document/d/1lcysd5zngj9jz8pigzsuv8lciusykqoq0rpe2e0zgmu |
|
| Details | Url | 1 | https://steamcommunity.com/id/869406565 |
|
| Details | Url | 1 | https://docs.google.com/document |
|
| Details | Url | 1 | https://docs.google.com/document/d/1lcysd5zngj9jz8pigzs |
|
| Details | Url | 1 | https://docs.google.com/document/d/1kj_ |
|
| Details | Url | 1 | https://docs.google.com/document/d/1tktc3fhuvebsburzig |
|
| Details | Url | 1 | https://docs.google.com/document/d/1iqwnf3ibwpz6- |
|
| Details | Windows Registry Key | 14 | HKLM\SOFTWARE |
|
| Details | Windows Registry Key | 1 | HKLM\SOFTWARE\RAT |