Created
June 17, 2023 17:24
-
-
Save BushidoUK/181dc9b645caf542d7525fc5e9159d9c to your computer and use it in GitHub Desktop.
Collection of Vulnerable Legit Applications used for DLL side-loading or search-order hijacking
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Valid signed file by Symantec, Symantec Antivirus Installer | |
61d1943f0b702f4c16bb37228ade1d8f0ef4675b480921950d026c82e4a65fde | |
Valid signed file by Venta Association, VentaFax MAPI client | |
390d75e6c7fc1cf258145dc712c1fac1eb183efccee1b03c058cec1d790e46b1 | |
Valid signed file by Vivaldi Technologies, Vivaldi.exe | |
58e7af5eb1acb5c9bee821d59054c69263aed3dce1b95616255dea7114ad8494 | |
Valid signed file by Invincea, Inc. Sandboxie | |
90a29c688ce683fb2201145faac00cb44c3d5566697279b68960c6bc3208ae84 | |
Valid signed file by Guosen, GuosenPassGuard | |
cb8a83b590893daa9b02b8e1a1c9afb68d6f2a82c9e0d2d2c63a36a510f6fda3 | |
Valid signed file by Avast Software, Avast Internet WSC Proxy | |
bd4635d582413f84ac83adbb4b449b18bac4fc87ca000d0c7be84ad0f9caf68e | |
Valid signed file by Microsoft, Microsoft C Runtime Library | |
f11009988b813821857c8d2db0f88e1d45b20762f62a3cf432339f352b12cefe | |
Valid signed file by Logitech, Logitech PlugIn Installer Utility | |
2f2a5e5cdb262cd62b43b88bf1e9cfb40a26eac5897616b9eacec4e25d95cbb9 | |
Valid signed file by Hewlett Packard, HP Digital Imaging | |
8857232077b4b0f0e4a2c3bb5717fd65079209784f41694f8e1b469e34754cf6 | |
Valid signed file by Microsoft, Microsoft C Runtime Library | |
86e39b5995af0e042fcdaa85fe2aefd7c9ddc7ad65e6327bd5e7058bc3ab615f | |
Valid signed file by Google, GoogleUpdateSetup.exe | |
fa56ba25861f1b5040afd04bfbfd36353004cd6b2c457971fb01db26ff002f35 | |
Valid signed file by Qihoo 360 Software (Beijing) Company Limited | |
a23dbce5bcde8ce541b8f326a951d29f6241280d944a1e921ca8658d3d4b65ac | |
Valid signed file by DigiCert, SmadavProtect Antivirus software | |
4f54a6555a7a3bec84e8193d2ff9ae75eb7f06110505e78337fa2f515790a562 | |
Valid signed file WinGup for Notepadd++ | |
e5bbbf34414426f63e6cd1354c306405e54bf31279829c7542dccfb7d85af0ec | |
Valid signed file by Microsoft, OLEview | |
91f6547bceddfb2f241570ac82c00de700e311e4a38dea60d8619638f1ed3520 | |
Valid signed file by McAfee, MCSync | |
075f9dfb6ab3379f69165c03991abf1a969ca0c21e04564543564dc536ea95dd | |
Valid signed file by Microsoft, .NET Framework Optimization Service | |
0809e3b71709f1343086eeb6c820543c1a7119e74eef8ac1aee1f81093abec66 | |
Valid signed file by Yandex, Yandex Browser | |
12b15f31f295416417f1e028904a4e10a0c8ec39dd00bac7df4887c194f2865b | |
Valid signed file by Microsoft, ATL Trace Tool | |
197d0ad8e3f6591e4493daaee9e52e53ecf192e32f9d167c67f2ffb408c76f2c | |
Valid signed file by Microsoft, MFCDLL Shared Library - Retail Version | |
33f631c0b561199b5feb9020faa99e50efa9f421d7484ffa640c5561494726da | |
Valid signed file by Microsoft, Microsoft C Runtime Library | |
45a61f4b7e5798f1389a7d6abc8a924c37db6f51552b4cafc901e7e4a50dabc6 | |
Valid signed file by Lenovo, Lenovo Intelligent Sensing Technology Application | |
473b4f8b8640a68d1092f6b54b521c6b0ccb1c567eca4a18a2c2da3481bc027a | |
Valid signed file by VPN Proxy Master | |
ce13248fa2da5b27773f855c2dd0c6ce276b4a10b020e4da57bc47ab0fe07eae | |
Valid signed file by Luxand, Facial Recognition software | |
0d243cbcd1c3654ca318d2d6d08f4e9d293fc85a68d751a52c23b04314c67b99 | |
Valid signed file by Asus, ASUS VGA Fan Control | |
00bfbbe6e9d0c54312de906be79cc1e9f18b2957856a1215eaff1ac7bb2 | |
Valid signed file by Daum Communications Corp, PotPlayer | |
76da9d0046fe76fc28b80c4c1062b17852264348fd873b7dd781f39491f911e0 | |
Valid signed file by Global Graphics Software, FontGenerator | |
19870dd4d8c6453d5bb6f3b2beccbbbe28c6f280b6a7ebf5e0785ec386170000 | |
Source Reports: | |
https://decoded.avast.io/threatintel/apt-treasure-trove-avast-suspects-chinese-apt-group-mustang-panda-is-collecting-data-from-burmese-government-agencies-and-opposition-groups/ | |
https://www.welivesecurity.com/2022/03/23/mustang-panda-hodur-old-tricks-new-korplug-variant/ | |
https://www.welivesecurity.com/2023/03/02/mqsttang-mustang-panda-latest-backdoor-treads-new-ground-qt-mqtt/ | |
https://www.proofpoint.com/us/blog/threat-insight/good-bad-and-web-bug-ta416-increases-operational-tempo-against-european | |
https://securelist.com/apt-luminousmoth/103332/ | |
https://www.bitdefender.co.uk/blog/labs/luminousmoth-plugx-file-exfiltration-and-persistence-revisited/ | |
https://www.secureworks.com/blog/bronze-president-targets-russian-speakers-with-updated-plugx |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment