0ae30fafe5abef509bf4cae1f726701a File Analysis Results

Metadata

File name:	GET USERS 4.7-cleaned.exe
File type:	PE32 executable (GUI) Intel 80386 (stripped to external PDB) Mono/.Net assembly, for MS Windows
File size:	217088 bytes
Analysis date:	2016-12-01 16:17:06
MD5:	0ae30fafe5abef509bf4cae1f726701a
SHA1:	f950efe580a79a2bf5add2de545211982f6d5615
SHA256:	f126251a4eacc6ff5770dfa4c961ab46f4aa6e41475836536624b0e0cc2dfb26
SHA512:	2a8b6bbde1424b73d8a9f256514f96e7939a9930932aef81a34b9ad7f899a87219386607cc0c62f2dea008058e2aeb4be4aa586476ed52f54121530de1808af1
SSDEEP:	6144:acjcyQWGVd6My5LPhkz35o29s4BkevKYYMsgwc4S8x:tDoVdO1Jk75FBHXO
IMPHASH:	f34d5f2d4577ed6d9ceec516c1f5a744
Authentihash:	N/A
Related resources

APTNotes
Cyber threat intelligence reports associated with 0ae30fafe5abef509bf4cae1f726701a.

Domains
Domains the malware sample communicates with.

Hosts
Hosts the malware sample communicates with.

HTTP Requests
HTTP requests the malware sample makes.

AV Detections
AV detection names associated with the malware sample.

Avira	TR/Dropper.Gen
Baidu	Win32.Trojan.WisdomEyes.16070401.9500.9997
CrowdStrike	malicious_confidence_100% (D)
ESET-NOD32	a variant of MSIL/Injector.CKZ
Invincea	backdoor.win32.netwiredrc.c
McAfee-GW-Edition	BehavesLike.Win32.Backdoor.dc
Qihoo-360	HEUR/QVM03.0.0000.Malware.Gen
Symantec	Heur.AdvML.B

Mutants
Mutants created by the malware sample.

Registry keys
Registry keys created by the malware sample.

HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework

HKEY_CURRENT_USER\Software\Microsoft\.NETFramework\Policy\Standards

HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\Policy\Standards

HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\Policy\Standards\v4.0.30319

HKEY_CURRENT_USER\Software\Microsoft\.NETFramework\Policy\Upgrades

HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\Policy\Upgrades

HKEY_CURRENT_USER\Software\Microsoft\.NETFramework

Comments
User comments about 0ae30fafe5abef509bf4cae1f726701a.

File: 0ae30fafe5abef509bf4cae1f726701a