File: 311059203fb9e199a6422ce182037cb35160b2d89a6d40cb90e7c4fa16283106

Metadata
File name:311059203fb9e199a6422ce182037cb35160b2d89a6d40cb90e7c4fa16283106.jar
File type:Java Jar file data (zip)
File size:118194 bytes
Analysis date:2016-02-10 07:33:29
MD5:573a11d29492b266a9a98d227a8cb042
SHA1:a8c87c223ca73164ed3860452b96514e33b96bf8
SHA256:311059203fb9e199a6422ce182037cb35160b2d89a6d40cb90e7c4fa16283106
SHA512:1e412b6241077dbba3df9663187af6c96f292b3cacfa6a7487f339f1aa45092c297e72a94537ef3b4ccc8d3d80adc016776563a53bec1ae38c69da61032b855c
SSDEEP:1536:RCwJqVUFjCfywFBeps6qwrXdK+LmB5Bp7wQimIFZgRDM1e6go0FM5FHK+Jh3ns+1:d4UFQr/ij9xLmBDaFZglDI9K+JJs+u6
IMPHASH:N/A
Authentihash:N/A
Related resources
APTNotes
Cyber threat intelligence reports associated with 311059203fb9e199a6422ce182037cb35160b2d89a6d40cb90e7c4fa16283106.
Loading...
Domains
Domains the malware sample communicates with.
Hosts
Hosts the malware sample communicates with.
HTTP Requests
HTTP requests the malware sample makes.
AV Detections
AV detection names associated with the malware sample.
Mutants
Mutants created by the malware sample.
Registry keys
Registry keys created by the malware sample.
AVGJava/Backdoor
AegisLabExp.Java.Pdlil!c
AvastJava:Malware-gen [Trj]
AviraEXP/Java.pdlil.1
ComodoUnclassifiedMalware
CyrenJava/Adwind.AD
ESET-NOD32a variant of Java/Adwind.OM
F-ProtJava/Adwind.AD
FortinetPossibleThreat.P1
GDataJava.Trojan.Agent.GH8SNY
IkarusTrojan.Java.Adwind
JiangminTrojan.Java.ah
KasperskyBackdoor.Java.Adwind.af
McAfeeAdwind.c!jar
McAfee-GW-EditionAdwind!jar
MicrosoftTrojan:Java/Adwind.P
SophosTroj/Java-AAW
SymantecBackdoor.Adwind!g1
TencentJava.Backdoor.Adwind.Suny
TrendMicroJAVA_ADWIND.OPV
TrendMicro-HouseCallJAVA_ADWIND.OPV
VIPRELooksLike.Java.ObfuscatorAllatori.a (v) (not malicious)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\IMM
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers
HKEY_CURRENT_USER\SOFTWARE\Microsoft\CTF
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\SystemShared
HKEY_CURRENT_USER\Control Panel\Desktop
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
HKEY_CURRENT_USER\Control Panel\Desktop\WindowMetrics
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\comdlg32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\comdlg32\PlacesBar
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\FontSubstitutes
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ThemeManager
Comments
User comments about 311059203fb9e199a6422ce182037cb35160b2d89a6d40cb90e7c4fa16283106.
NOTICE: We have updated our privacy terms and conditions in accordance to GDPR. By using our site, you acknowledge that you have read and understand our Privacy Policy. Your use of ThreatMiner’s Products and Services is subject to these policies and terms.