16F27905A9478F5994A59ED7420CF6D66E9DDDF45B33BFF432AF10F748DC12EE { "applicationVersion": "5.4.0.213", "chromeSyncResetQueryRequested": false, "chromeSyncResetQueryResult": false, "clientID": "MBAM5", "clientType": "fullUIScan", "componentsUpdatePackageVersion": "141.1.5388", "coreDllFileVersion": "3.1.0.168", "cpu": "x64", "dbSDKUpdatePackageVersion": "1.0.103703", "detectionDateTime": "2025-10-09T02:32:05Z", "fileSystem": "NTFS", "id": "25105012-a4b8-11f0-9445-7c10c98ca238", "isLargePEEnabled": true, "isUserAdmin": true, "largePEMaxSize": 2147483647, "licenseState": "free", "linkagePhaseComplete": true, "loggedOnUserName": "DESKTOP-MBNLABQ\\PC CASA", "machineID": "", "os": "Windows 10 (Build 19045.6332)", "schemaVersion": 24, "sourceDetails": { "aggressiveMode": false, "clientMetadata": { "jobId": "", "scheduleId": "", "scheduleTag": "" }, "ddsigEnabled": true, "filesScannedByIG": 4, "objectsScanned": 229583, "scanEndTime": "2025-10-09T02:35:15Z", "scanOnlineStatus": "online", "scanOptions": { "pumHandling": "detect", "pupHandling": "detect", "scanArchives": true, "scanFileSystem": true, "scanMemoryObjects": true, "scanPUMs": true, "scanPUPs": true, "scanRookits": false, "scanStartupAndRegistry": true, "scanType": "threat", "useHeuristics": true }, "scanResult": "completed", "scanStartTime": "2025-10-09T02:32:05Z", "scanState": "completed", "shurikenEnabled": true, "totalScannedPEHashes": 533, "type": "scan" }, "threats": [ { "ddsSigFileVersion": "03561229", "linkedTraces": [ ], "mainTrace": { "ImpersonationSid": "", "aggressive_path": false, "aggressive_timestamp": false, "aggressive_zone": false, "amsiAppImagePath": "", "archiveMember": "", "archiveMemberMD5": "", "cleanAction": "ignore", "cleanContext": { }, "cleanResult": "notStarted", "cleanResultErrorCode": 0, "cleanResultReason": "HubbleDND", "cleanTime": "", "dateOfCreation": "2025-10-05T15:31:07.633Z", "dateOfModification": "2018-12-30T17:45:24.000Z", "generatedByPostCleanupAction": false, "hubbleRequestErrorCode": 0, "id": "8649ec80-a4b8-11f0-a381-7c10c98ca238", "igExitCode": "", "isPEFile": true, "isPEFileValid": true, "isReportOnly": false, "isScript": false, "isWhitelistedByAdsInfo": false, "linkType": "none", "objectMD5": "7CBE7DB7FC9258B6A43551140C343BB3", "objectPath": "C:\\$RECYCLE.BIN\\S-1-5-21-2713832108-2030042451-1293485546-1001\\$R3EZQV0.TMP\\CLS-MAGIC2L_X86.EXE", "objectSha256": "6EA07AA4F5565AC289402ADE3B2E52BF8089AD6185E0ECF0E1F36CEA39C091A9", "objectSize": -1, "objectType": "file", "originatingScriptMD5": "", "originatingScriptSHA256": "", "resolvedPath": "", "rtpEventType": "other", "suggestedAction": { "archiveDir": false, "chromeExtensionOther": false, "chromeExtensionPreferences": false, "chromeExtensionSecurePreferences": false, "chromeExtensionSyncData": false, "chromeUrlOther": false, "chromeUrlSecurePreferences": false, "chromeUrlSyncData": false, "chromeUrlWebData": false, "disableHubbleWhiteListing": true, "disableSignatureWhiteListing": true, "fileDelete": true, "fileReplace": false, "fileTxtReplace": false, "folderDelete": false, "isChromeObject": false, "isDDS": true, "isDoppleganging": false, "isExternalDetection": false, "isPUP": false, "isShuriken": false, "isWMIEventConsumer": false, "killProcess": false, "minimalWhiteListing": false, "moduleUnload": false, "noLinking": false, "physicalSectorReplace": false, "priorityHigh": false, "priorityNormal": false, "priorityUrgent": false, "processUnload": false, "regKeyDelete": false, "regValueDelete": false, "regValueReplace": false, "shortcutReplace": false, "silentMode": true, "singleDelete": false, "testingMode": false, "treatAsRootkit": false, "useDDA": false, "verifyResolvedPath": false, "whitelistCheckError": false }, "uploadToBTOC": true, "winVerifyTrustResult": { "expectedError": false, "lastErrorCode": 0, "wvtCalled": false, "wvtResult": 0 } }, "ruleID": 1199098, "ruleString": "000000000000000000000820", "rulesVersion": "1.0.103703", "srcEngineComponent": "dds", "srcEngineThreatNames": [ "Malware.Heuristic.2080" ], "threatID": 1000001, "threatName": "Malware.Heuristic.2080" }, { "ddsSigFileVersion": "03561229", "linkedTraces": [ ], "mainTrace": { "ImpersonationSid": "", "aggressive_path": false, "aggressive_timestamp": false, "aggressive_zone": false, "amsiAppImagePath": "", "archiveMember": "", "archiveMemberMD5": "", "cleanAction": "ignore", "cleanContext": { }, "cleanResult": "notStarted", "cleanResultErrorCode": 0, "cleanResultReason": "HubbleDND", "cleanTime": "", "dateOfCreation": "2025-10-05T15:31:07.612Z", "dateOfModification": "2018-12-30T17:45:06.000Z", "generatedByPostCleanupAction": false, "hubbleRequestErrorCode": 0, "id": "866b9150-a4b8-11f0-be57-7c10c98ca238", "igExitCode": "", "isPEFile": true, "isPEFileValid": true, "isReportOnly": false, "isScript": false, "isWhitelistedByAdsInfo": false, "linkType": "none", "objectMD5": "7234C4334A7523B1AC6F51C072497071", "objectPath": "C:\\$RECYCLE.BIN\\S-1-5-21-2713832108-2030042451-1293485546-1001\\$R3EZQV0.TMP\\CLS-MAGIC2_X64.EXE", "objectSha256": "D92F7C60256509F74E36D9B5AAB041FE44999B1A3910D70AA83C9D01F062EA29", "objectSize": -1, "objectType": "file", "originatingScriptMD5": "", "originatingScriptSHA256": "", "resolvedPath": "", "rtpEventType": "other", "suggestedAction": { "archiveDir": false, "chromeExtensionOther": false, "chromeExtensionPreferences": false, "chromeExtensionSecurePreferences": false, "chromeExtensionSyncData": false, "chromeUrlOther": false, "chromeUrlSecurePreferences": false, "chromeUrlSyncData": false, "chromeUrlWebData": false, "disableHubbleWhiteListing": true, "disableSignatureWhiteListing": true, "fileDelete": true, "fileReplace": false, "fileTxtReplace": false, "folderDelete": false, "isChromeObject": false, "isDDS": true, "isDoppleganging": false, "isExternalDetection": false, "isPUP": false, "isShuriken": false, "isWMIEventConsumer": false, "killProcess": false, "minimalWhiteListing": false, "moduleUnload": false, "noLinking": false, "physicalSectorReplace": false, "priorityHigh": false, "priorityNormal": false, "priorityUrgent": false, "processUnload": false, "regKeyDelete": false, "regValueDelete": false, "regValueReplace": false, "shortcutReplace": false, "silentMode": true, "singleDelete": false, "testingMode": false, "treatAsRootkit": false, "useDDA": false, "verifyResolvedPath": false, "whitelistCheckError": false }, "uploadToBTOC": true, "winVerifyTrustResult": { "expectedError": false, "lastErrorCode": 0, "wvtCalled": false, "wvtResult": 0 } }, "ruleID": 1199098, "ruleString": "000000000000000000000820", "rulesVersion": "1.0.103703", "srcEngineComponent": "dds", "srcEngineThreatNames": [ "Malware.Heuristic.2080" ], "threatID": 1000001, "threatName": "Malware.Heuristic.2080" }, { "ddsSigFileVersion": "03561229", "linkedTraces": [ ], "mainTrace": { "ImpersonationSid": "", "aggressive_path": false, "aggressive_timestamp": false, "aggressive_zone": false, "amsiAppImagePath": "", "archiveMember": "", "archiveMemberMD5": "", "cleanAction": "ignore", "cleanContext": { }, "cleanResult": "notStarted", "cleanResultErrorCode": 0, "cleanResultReason": "HubbleDND", "cleanTime": "", "dateOfCreation": "2025-10-05T04:39:11.731Z", "dateOfModification": "2017-10-30T18:33:22.000Z", "generatedByPostCleanupAction": false, "hubbleRequestErrorCode": 0, "id": "867309ee-a4b8-11f0-9751-7c10c98ca238", "igExitCode": "", "isPEFile": true, "isPEFileValid": true, "isReportOnly": false, "isScript": false, "isWhitelistedByAdsInfo": false, "linkType": "none", "objectMD5": "3527C6739C46F4EE1CFB6B48E1407883", "objectPath": "C:\\$RECYCLE.BIN\\S-1-5-21-2713832108-2030042451-1293485546-1001\\$R6CAJ04.TMP\\CLS-LOLLYPOP_X86.EXE", "objectSha256": "724C6E07180E321298B4EA4405C3F7536C524D9826D24F5D6FC50BCB0EF8F723", "objectSize": -1, "objectType": "file", "originatingScriptMD5": "", "originatingScriptSHA256": "", "resolvedPath": "", "rtpEventType": "other", "suggestedAction": { "archiveDir": false, "chromeExtensionOther": false, "chromeExtensionPreferences": false, "chromeExtensionSecurePreferences": false, "chromeExtensionSyncData": false, "chromeUrlOther": false, "chromeUrlSecurePreferences": false, "chromeUrlSyncData": false, "chromeUrlWebData": false, "disableHubbleWhiteListing": true, "disableSignatureWhiteListing": true, "fileDelete": true, "fileReplace": false, "fileTxtReplace": false, "folderDelete": false, "isChromeObject": false, "isDDS": true, "isDoppleganging": false, "isExternalDetection": false, "isPUP": false, "isShuriken": false, "isWMIEventConsumer": false, "killProcess": false, "minimalWhiteListing": false, "moduleUnload": false, "noLinking": false, "physicalSectorReplace": false, "priorityHigh": false, "priorityNormal": false, "priorityUrgent": false, "processUnload": false, "regKeyDelete": false, "regValueDelete": false, "regValueReplace": false, "shortcutReplace": false, "silentMode": true, "singleDelete": false, "testingMode": false, "treatAsRootkit": false, "useDDA": false, "verifyResolvedPath": false, "whitelistCheckError": false }, "uploadToBTOC": true, "winVerifyTrustResult": { "expectedError": false, "lastErrorCode": 0, "wvtCalled": false, "wvtResult": 0 } }, "ruleID": 1199098, "ruleString": "000000000000000000000820", "rulesVersion": "1.0.103703", "srcEngineComponent": "dds", "srcEngineThreatNames": [ "Malware.Heuristic.2080" ], "threatID": 1000001, "threatName": "Malware.Heuristic.2080" }, { "ddsSigFileVersion": "03561229", "linkedTraces": [ ], "mainTrace": { "ImpersonationSid": "", "aggressive_path": false, "aggressive_timestamp": false, "aggressive_zone": false, "amsiAppImagePath": "", "archiveMember": "", "archiveMemberMD5": "", "cleanAction": "ignore", "cleanContext": { }, "cleanResult": "notStarted", "cleanResultErrorCode": 0, "cleanResultReason": "HubbleDND", "cleanTime": "", "dateOfCreation": "2025-10-05T04:39:11.757Z", "dateOfModification": "2018-12-30T17:45:24.000Z", "generatedByPostCleanupAction": false, "hubbleRequestErrorCode": 0, "id": "86796e24-a4b8-11f0-b1d1-7c10c98ca238", "igExitCode": "", "isPEFile": true, "isPEFileValid": true, "isReportOnly": false, "isScript": false, "isWhitelistedByAdsInfo": false, "linkType": "none", "objectMD5": "7CBE7DB7FC9258B6A43551140C343BB3", "objectPath": "C:\\$RECYCLE.BIN\\S-1-5-21-2713832108-2030042451-1293485546-1001\\$R6CAJ04.TMP\\CLS-MAGIC2_X86.EXE", "objectSha256": "6EA07AA4F5565AC289402ADE3B2E52BF8089AD6185E0ECF0E1F36CEA39C091A9", "objectSize": -1, "objectType": "file", "originatingScriptMD5": "", "originatingScriptSHA256": "", "resolvedPath": "", "rtpEventType": "other", "suggestedAction": { "archiveDir": false, "chromeExtensionOther": false, "chromeExtensionPreferences": false, "chromeExtensionSecurePreferences": false, "chromeExtensionSyncData": false, "chromeUrlOther": false, "chromeUrlSecurePreferences": false, "chromeUrlSyncData": false, "chromeUrlWebData": false, "disableHubbleWhiteListing": true, "disableSignatureWhiteListing": true, "fileDelete": true, "fileReplace": false, "fileTxtReplace": false, "folderDelete": false, "isChromeObject": false, "isDDS": true, "isDoppleganging": false, "isExternalDetection": false, "isPUP": false, "isShuriken": false, "isWMIEventConsumer": false, "killProcess": false, "minimalWhiteListing": false, "moduleUnload": false, "noLinking": false, "physicalSectorReplace": false, "priorityHigh": false, "priorityNormal": false, "priorityUrgent": false, "processUnload": false, "regKeyDelete": false, "regValueDelete": false, "regValueReplace": false, "shortcutReplace": false, "silentMode": true, "singleDelete": false, "testingMode": false, "treatAsRootkit": false, "useDDA": false, "verifyResolvedPath": false, "whitelistCheckError": false }, "uploadToBTOC": true, "winVerifyTrustResult": { "expectedError": false, "lastErrorCode": 0, "wvtCalled": false, "wvtResult": 0 } }, "ruleID": 1199098, "ruleString": "000000000000000000000820", "rulesVersion": "1.0.103703", "srcEngineComponent": "dds", "srcEngineThreatNames": [ "Malware.Heuristic.2080" ], "threatID": 1000001, "threatName": "Malware.Heuristic.2080" }, { "ddsSigFileVersion": "03561229", "linkedTraces": [ ], "mainTrace": { "ImpersonationSid": "", "aggressive_path": false, "aggressive_timestamp": false, "aggressive_zone": false, "amsiAppImagePath": "", "archiveMember": "", "archiveMemberMD5": "", "cleanAction": "ignore", "cleanContext": { }, "cleanResult": "notStarted", "cleanResultErrorCode": 0, "cleanResultReason": "HubbleDND", "cleanTime": "", "dateOfCreation": "2025-10-05T04:39:11.747Z", "dateOfModification": "2018-12-30T17:45:06.000Z", "generatedByPostCleanupAction": false, "hubbleRequestErrorCode": 0, "id": "8686f972-a4b8-11f0-8fc1-7c10c98ca238", "igExitCode": "", "isPEFile": true, "isPEFileValid": true, "isReportOnly": false, "isScript": false, "isWhitelistedByAdsInfo": false, "linkType": "none", "objectMD5": "7234C4334A7523B1AC6F51C072497071", "objectPath": "C:\\$RECYCLE.BIN\\S-1-5-21-2713832108-2030042451-1293485546-1001\\$R6CAJ04.TMP\\CLS-MAGIC2_X64.EXE", "objectSha256": "D92F7C60256509F74E36D9B5AAB041FE44999B1A3910D70AA83C9D01F062EA29", "objectSize": -1, "objectType": "file", "originatingScriptMD5": "", "originatingScriptSHA256": "", "resolvedPath": "", "rtpEventType": "other", "suggestedAction": { "archiveDir": false, "chromeExtensionOther": false, "chromeExtensionPreferences": false, "chromeExtensionSecurePreferences": false, "chromeExtensionSyncData": false, "chromeUrlOther": false, "chromeUrlSecurePreferences": false, "chromeUrlSyncData": false, "chromeUrlWebData": false, "disableHubbleWhiteListing": true, "disableSignatureWhiteListing": true, "fileDelete": true, "fileReplace": false, "fileTxtReplace": false, "folderDelete": false, "isChromeObject": false, "isDDS": true, "isDoppleganging": false, "isExternalDetection": false, "isPUP": false, "isShuriken": false, "isWMIEventConsumer": false, "killProcess": false, "minimalWhiteListing": false, "moduleUnload": false, "noLinking": false, "physicalSectorReplace": false, "priorityHigh": false, "priorityNormal": false, "priorityUrgent": false, "processUnload": false, "regKeyDelete": false, "regValueDelete": false, "regValueReplace": false, "shortcutReplace": false, "silentMode": true, "singleDelete": false, "testingMode": false, "treatAsRootkit": false, "useDDA": false, "verifyResolvedPath": false, "whitelistCheckError": false }, "uploadToBTOC": true, "winVerifyTrustResult": { "expectedError": false, "lastErrorCode": 0, "wvtCalled": false, "wvtResult": 0 } }, "ruleID": 1199098, "ruleString": "000000000000000000000820", "rulesVersion": "1.0.103703", "srcEngineComponent": "dds", "srcEngineThreatNames": [ "Malware.Heuristic.2080" ], "threatID": 1000001, "threatName": "Malware.Heuristic.2080" }, { "ddsSigFileVersion": "03561229", "linkedTraces": [ ], "mainTrace": { "ImpersonationSid": "", "aggressive_path": false, "aggressive_timestamp": false, "aggressive_zone": false, "amsiAppImagePath": "", "archiveMember": "", "archiveMemberMD5": "", "cleanAction": "ignore", "cleanContext": { }, "cleanResult": "notStarted", "cleanResultErrorCode": 0, "cleanResultReason": "HubbleDND", "cleanTime": "", "dateOfCreation": "2025-10-05T15:31:07.631Z", "dateOfModification": "2018-12-30T17:45:06.000Z", "generatedByPostCleanupAction": false, "hubbleRequestErrorCode": 0, "id": "868dd288-a4b8-11f0-a57e-7c10c98ca238", "igExitCode": "", "isPEFile": true, "isPEFileValid": true, "isReportOnly": false, "isScript": false, "isWhitelistedByAdsInfo": false, "linkType": "none", "objectMD5": "7234C4334A7523B1AC6F51C072497071", "objectPath": "C:\\$RECYCLE.BIN\\S-1-5-21-2713832108-2030042451-1293485546-1001\\$R3EZQV0.TMP\\CLS-MAGIC2L_X64.EXE", "objectSha256": "D92F7C60256509F74E36D9B5AAB041FE44999B1A3910D70AA83C9D01F062EA29", "objectSize": -1, "objectType": "file", "originatingScriptMD5": "", "originatingScriptSHA256": "", "resolvedPath": "", "rtpEventType": "other", "suggestedAction": { "archiveDir": false, "chromeExtensionOther": false, "chromeExtensionPreferences": false, "chromeExtensionSecurePreferences": false, "chromeExtensionSyncData": false, "chromeUrlOther": false, "chromeUrlSecurePreferences": false, "chromeUrlSyncData": false, "chromeUrlWebData": false, "disableHubbleWhiteListing": true, "disableSignatureWhiteListing": true, "fileDelete": true, "fileReplace": false, "fileTxtReplace": false, "folderDelete": false, "isChromeObject": false, "isDDS": true, "isDoppleganging": false, "isExternalDetection": false, "isPUP": false, "isShuriken": false, "isWMIEventConsumer": false, "killProcess": false, "minimalWhiteListing": false, "moduleUnload": false, "noLinking": false, "physicalSectorReplace": false, "priorityHigh": false, "priorityNormal": false, "priorityUrgent": false, "processUnload": false, "regKeyDelete": false, "regValueDelete": false, "regValueReplace": false, "shortcutReplace": false, "silentMode": true, "singleDelete": false, "testingMode": false, "treatAsRootkit": false, "useDDA": false, "verifyResolvedPath": false, "whitelistCheckError": false }, "uploadToBTOC": true, "winVerifyTrustResult": { "expectedError": false, "lastErrorCode": 0, "wvtCalled": false, "wvtResult": 0 } }, "ruleID": 1199098, "ruleString": "000000000000000000000820", "rulesVersion": "1.0.103703", "srcEngineComponent": "dds", "srcEngineThreatNames": [ "Malware.Heuristic.2080" ], "threatID": 1000001, "threatName": "Malware.Heuristic.2080" }, { "ddsSigFileVersion": "03561229", "linkedTraces": [ ], "mainTrace": { "ImpersonationSid": "", "aggressive_path": false, "aggressive_timestamp": false, "aggressive_zone": false, "amsiAppImagePath": "", "archiveMember": "", "archiveMemberMD5": "", "cleanAction": "ignore", "cleanContext": { }, "cleanResult": "notStarted", "cleanResultErrorCode": 0, "cleanResultReason": "HubbleDND", "cleanTime": "", "dateOfCreation": "2025-10-05T15:31:07.586Z", "dateOfModification": "2017-10-30T18:33:22.000Z", "generatedByPostCleanupAction": false, "hubbleRequestErrorCode": 0, "id": "8696f408-a4b8-11f0-868f-7c10c98ca238", "igExitCode": "", "isPEFile": true, "isPEFileValid": true, "isReportOnly": false, "isScript": false, "isWhitelistedByAdsInfo": false, "linkType": "none", "objectMD5": "3527C6739C46F4EE1CFB6B48E1407883", "objectPath": "C:\\$RECYCLE.BIN\\S-1-5-21-2713832108-2030042451-1293485546-1001\\$R3EZQV0.TMP\\CLS-LOLLYPOP_X86.EXE", "objectSha256": "724C6E07180E321298B4EA4405C3F7536C524D9826D24F5D6FC50BCB0EF8F723", "objectSize": -1, "objectType": "file", "originatingScriptMD5": "", "originatingScriptSHA256": "", "resolvedPath": "", "rtpEventType": "other", "suggestedAction": { "archiveDir": false, "chromeExtensionOther": false, "chromeExtensionPreferences": false, "chromeExtensionSecurePreferences": false, "chromeExtensionSyncData": false, "chromeUrlOther": false, "chromeUrlSecurePreferences": false, "chromeUrlSyncData": false, "chromeUrlWebData": false, "disableHubbleWhiteListing": true, "disableSignatureWhiteListing": true, "fileDelete": true, "fileReplace": false, "fileTxtReplace": false, "folderDelete": false, "isChromeObject": false, "isDDS": true, "isDoppleganging": false, "isExternalDetection": false, "isPUP": false, "isShuriken": false, "isWMIEventConsumer": false, "killProcess": false, "minimalWhiteListing": false, "moduleUnload": false, "noLinking": false, "physicalSectorReplace": false, "priorityHigh": false, "priorityNormal": false, "priorityUrgent": false, "processUnload": false, "regKeyDelete": false, "regValueDelete": false, "regValueReplace": false, "shortcutReplace": false, "silentMode": true, "singleDelete": false, "testingMode": false, "treatAsRootkit": false, "useDDA": false, "verifyResolvedPath": false, "whitelistCheckError": false }, "uploadToBTOC": true, "winVerifyTrustResult": { "expectedError": false, "lastErrorCode": 0, "wvtCalled": false, "wvtResult": 0 } }, "ruleID": 1199098, "ruleString": "000000000000000000000820", "rulesVersion": "1.0.103703", "srcEngineComponent": "dds", "srcEngineThreatNames": [ "Malware.Heuristic.2080" ], "threatID": 1000001, "threatName": "Malware.Heuristic.2080" }, { "ddsSigFileVersion": "03561229", "linkedTraces": [ ], "mainTrace": { "ImpersonationSid": "", "aggressive_path": false, "aggressive_timestamp": false, "aggressive_zone": false, "amsiAppImagePath": "", "archiveMember": "", "archiveMemberMD5": "", "cleanAction": "ignore", "cleanContext": { }, "cleanResult": "notStarted", "cleanResultErrorCode": 0, "cleanResultReason": "HubbleDND", "cleanTime": "", "dateOfCreation": "2025-10-05T15:31:07.622Z", "dateOfModification": "2018-12-30T17:45:24.000Z", "generatedByPostCleanupAction": false, "hubbleRequestErrorCode": 0, "id": "869df424-a4b8-11f0-9b66-7c10c98ca238", "igExitCode": "", "isPEFile": true, "isPEFileValid": true, "isReportOnly": false, "isScript": false, "isWhitelistedByAdsInfo": false, "linkType": "none", "objectMD5": "7CBE7DB7FC9258B6A43551140C343BB3", "objectPath": "C:\\$RECYCLE.BIN\\S-1-5-21-2713832108-2030042451-1293485546-1001\\$R3EZQV0.TMP\\CLS-MAGIC2_X86.EXE", "objectSha256": "6EA07AA4F5565AC289402ADE3B2E52BF8089AD6185E0ECF0E1F36CEA39C091A9", "objectSize": -1, "objectType": "file", "originatingScriptMD5": "", "originatingScriptSHA256": "", "resolvedPath": "", "rtpEventType": "other", "suggestedAction": { "archiveDir": false, "chromeExtensionOther": false, "chromeExtensionPreferences": false, "chromeExtensionSecurePreferences": false, "chromeExtensionSyncData": false, "chromeUrlOther": false, "chromeUrlSecurePreferences": false, "chromeUrlSyncData": false, "chromeUrlWebData": false, "disableHubbleWhiteListing": true, "disableSignatureWhiteListing": true, "fileDelete": true, "fileReplace": false, "fileTxtReplace": false, "folderDelete": false, "isChromeObject": false, "isDDS": true, "isDoppleganging": false, "isExternalDetection": false, "isPUP": false, "isShuriken": false, "isWMIEventConsumer": false, "killProcess": false, "minimalWhiteListing": false, "moduleUnload": false, "noLinking": false, "physicalSectorReplace": false, "priorityHigh": false, "priorityNormal": false, "priorityUrgent": false, "processUnload": false, "regKeyDelete": false, "regValueDelete": false, "regValueReplace": false, "shortcutReplace": false, "silentMode": true, "singleDelete": false, "testingMode": false, "treatAsRootkit": false, "useDDA": false, "verifyResolvedPath": false, "whitelistCheckError": false }, "uploadToBTOC": true, "winVerifyTrustResult": { "expectedError": false, "lastErrorCode": 0, "wvtCalled": false, "wvtResult": 0 } }, "ruleID": 1199098, "ruleString": "000000000000000000000820", "rulesVersion": "1.0.103703", "srcEngineComponent": "dds", "srcEngineThreatNames": [ "Malware.Heuristic.2080" ], "threatID": 1000001, "threatName": "Malware.Heuristic.2080" }, { "ddsSigFileVersion": "03561229", "linkedTraces": [ ], "mainTrace": { "ImpersonationSid": "", "aggressive_path": false, "aggressive_timestamp": false, "aggressive_zone": false, "amsiAppImagePath": "", "archiveMember": "", "archiveMemberMD5": "", "cleanAction": "ignore", "cleanContext": { }, "cleanResult": "notStarted", "cleanResultErrorCode": 0, "cleanResultReason": "HubbleDND", "cleanTime": "", "dateOfCreation": "2025-10-05T04:39:11.771Z", "dateOfModification": "2018-12-30T17:45:24.000Z", "generatedByPostCleanupAction": false, "hubbleRequestErrorCode": 0, "id": "86a62be4-a4b8-11f0-bb37-7c10c98ca238", "igExitCode": "", "isPEFile": true, "isPEFileValid": true, "isReportOnly": false, "isScript": false, "isWhitelistedByAdsInfo": false, "linkType": "none", "objectMD5": "7CBE7DB7FC9258B6A43551140C343BB3", "objectPath": "C:\\$RECYCLE.BIN\\S-1-5-21-2713832108-2030042451-1293485546-1001\\$R6CAJ04.TMP\\CLS-MAGIC2L_X86.EXE", "objectSha256": "6EA07AA4F5565AC289402ADE3B2E52BF8089AD6185E0ECF0E1F36CEA39C091A9", "objectSize": -1, "objectType": "file", "originatingScriptMD5": "", "originatingScriptSHA256": "", "resolvedPath": "", "rtpEventType": "other", "suggestedAction": { "archiveDir": false, "chromeExtensionOther": false, "chromeExtensionPreferences": false, "chromeExtensionSecurePreferences": false, "chromeExtensionSyncData": false, "chromeUrlOther": false, "chromeUrlSecurePreferences": false, "chromeUrlSyncData": false, "chromeUrlWebData": false, "disableHubbleWhiteListing": true, "disableSignatureWhiteListing": true, "fileDelete": true, "fileReplace": false, "fileTxtReplace": false, "folderDelete": false, "isChromeObject": false, "isDDS": true, "isDoppleganging": false, "isExternalDetection": false, "isPUP": false, "isShuriken": false, "isWMIEventConsumer": false, "killProcess": false, "minimalWhiteListing": false, "moduleUnload": false, "noLinking": false, "physicalSectorReplace": false, "priorityHigh": false, "priorityNormal": false, "priorityUrgent": false, "processUnload": false, "regKeyDelete": false, "regValueDelete": false, "regValueReplace": false, "shortcutReplace": false, "silentMode": true, "singleDelete": false, "testingMode": false, "treatAsRootkit": false, "useDDA": false, "verifyResolvedPath": false, "whitelistCheckError": false }, "uploadToBTOC": true, "winVerifyTrustResult": { "expectedError": false, "lastErrorCode": 0, "wvtCalled": false, "wvtResult": 0 } }, "ruleID": 1199098, "ruleString": "000000000000000000000820", "rulesVersion": "1.0.103703", "srcEngineComponent": "dds", "srcEngineThreatNames": [ "Malware.Heuristic.2080" ], "threatID": 1000001, "threatName": "Malware.Heuristic.2080" }, { "ddsSigFileVersion": "03561229", "linkedTraces": [ ], "mainTrace": { "ImpersonationSid": "", "aggressive_path": false, "aggressive_timestamp": false, "aggressive_zone": false, "amsiAppImagePath": "", "archiveMember": "", "archiveMemberMD5": "", "cleanAction": "ignore", "cleanContext": { }, "cleanResult": "notStarted", "cleanResultErrorCode": 0, "cleanResultReason": "HubbleDND", "cleanTime": "", "dateOfCreation": "2025-10-05T04:39:11.769Z", "dateOfModification": "2018-12-30T17:45:06.000Z", "generatedByPostCleanupAction": false, "hubbleRequestErrorCode": 0, "id": "8ab03428-a4b8-11f0-ab19-7c10c98ca238", "igExitCode": "", "isPEFile": true, "isPEFileValid": true, "isReportOnly": false, "isScript": false, "isWhitelistedByAdsInfo": false, "linkType": "none", "objectMD5": "7234C4334A7523B1AC6F51C072497071", "objectPath": "C:\\$RECYCLE.BIN\\S-1-5-21-2713832108-2030042451-1293485546-1001\\$R6CAJ04.TMP\\CLS-MAGIC2L_X64.EXE", "objectSha256": "D92F7C60256509F74E36D9B5AAB041FE44999B1A3910D70AA83C9D01F062EA29", "objectSize": -1, "objectType": "file", "originatingScriptMD5": "", "originatingScriptSHA256": "", "resolvedPath": "", "rtpEventType": "other", "suggestedAction": { "archiveDir": false, "chromeExtensionOther": false, "chromeExtensionPreferences": false, "chromeExtensionSecurePreferences": false, "chromeExtensionSyncData": false, "chromeUrlOther": false, "chromeUrlSecurePreferences": false, "chromeUrlSyncData": false, "chromeUrlWebData": false, "disableHubbleWhiteListing": true, "disableSignatureWhiteListing": true, "fileDelete": true, "fileReplace": false, "fileTxtReplace": false, "folderDelete": false, "isChromeObject": false, "isDDS": true, "isDoppleganging": false, "isExternalDetection": false, "isPUP": false, "isShuriken": false, "isWMIEventConsumer": false, "killProcess": false, "minimalWhiteListing": false, "moduleUnload": false, "noLinking": false, "physicalSectorReplace": false, "priorityHigh": false, "priorityNormal": false, "priorityUrgent": false, "processUnload": false, "regKeyDelete": false, "regValueDelete": false, "regValueReplace": false, "shortcutReplace": false, "silentMode": true, "singleDelete": false, "testingMode": false, "treatAsRootkit": false, "useDDA": false, "verifyResolvedPath": false, "whitelistCheckError": false }, "uploadToBTOC": true, "winVerifyTrustResult": { "expectedError": false, "lastErrorCode": 0, "wvtCalled": false, "wvtResult": 0 } }, "ruleID": 1199098, "ruleString": "000000000000000000000820", "rulesVersion": "1.0.103703", "srcEngineComponent": "dds", "srcEngineThreatNames": [ "Malware.Heuristic.2080" ], "threatID": 1000001, "threatName": "Malware.Heuristic.2080" } ], "threatsDetected": 0 }