File: 28fec2819aadd0491f08d784a14ba47b

Metadata
File name:D.exe
File type:PE32 executable (GUI) Intel 80386, for MS Windows
File size:352121 bytes
Analysis date:2016-08-25 20:36:51
MD5:28fec2819aadd0491f08d784a14ba47b
SHA1:84c9aee31f2dbe3f893e91fd52f8e62d560973ff
SHA256:0f4ed850ba2754a9b884378313c37c121b2970e19455c0217f73d402e6c9b23c
SHA512:ff17fea3c7310bb39a7c2f8b3d43ebb42ff328fc1ee07df90b4065a211b72179c02f2abc6fcd118711685c6a80dd64a680cb6834ba2b74802ae791db7bf37d36
SSDEEP:6144:mmgek4yIIox4YoMr7sXxWjic1qx8sTWMP1rUwUMsPm3sd+IYOyx163dDBrTgq:dvkSIoyckXxWjZ3/MPjU7WZx1tq
IMPHASH:91a0c87fca7bc027eadd2410b4aa291d
Authentihash:N/A
Related resources
APTNotes
Cyber threat intelligence reports associated with 28fec2819aadd0491f08d784a14ba47b.
Loading...
Domains
Domains the malware sample communicates with.
Hosts
Hosts the malware sample communicates with.
HTTP Requests
HTTP requests the malware sample makes.
AV Detections
AV detection names associated with the malware sample.
AVGRansom_s.DQ
Ad-AwareGen:Variant.Symmi.67857
AhnLab-V3Trojan/Win32.Locky.C1531941
ArcabitTrojan.Symmi.D10911
AvastWin32:Malware-gen
BaiduWin32.Trojan.WisdomEyes.151026.9950.9999
BitDefenderGen:Variant.Symmi.67857
CrowdStrikemalicious_confidence_100% (D)
DrWebTrojan.Inject2.27447
ESET-NOD32a variant of Win32/Kryptik.FFBO
EmsisoftGen:Variant.Symmi.67857 (B)
F-SecureGen:Variant.Symmi.67857
GDataGen:Variant.Symmi.67857
K7AntiVirusTrojan ( 004f6de91 )
K7GWTrojan ( 004f6de91 )
KasperskyUDS:DangerousObject.Multi.Generic
McAfeeArtemis!28FEC2819AAD
McAfee-GW-EditionBehavesLike.Win32.PWSZbot.fc
MicroWorld-eScanGen:Variant.Symmi.67857
PandaTrj/Genetic.gen
Qihoo-360HEUR/QVM10.1.5C3A.Malware.Gen
SymantecHeur.AdvML.C
Mutants
Mutants created by the malware sample.
Registry keys
Registry keys created by the malware sample.
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System
HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor
HKEY_CURRENT_USER\Software\Microsoft\Command Processor
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Locale
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Locale\Alternate Sorts
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Language Groups
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VSS\Debug\Tracing
HKEY_LOCAL_MACHINE\Software\Microsoft\Ole
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\ComputerName
ActiveComputerName
Comments
User comments about 28fec2819aadd0491f08d784a14ba47b.
NOTICE: We have updated our privacy terms and conditions in accordance to GDPR. By using our site, you acknowledge that you have read and understand our Privacy Policy. Your use of ThreatMiner’s Products and Services is subject to these policies and terms.