File: 3a51870a302f6042ea45dce6e09253c2

Metadata
File name:test.exe
File type:PE32 executable (GUI) Intel 80386, for MS Windows
File size:141312 bytes
Analysis date:2016-01-08 07:46:49
MD5:3a51870a302f6042ea45dce6e09253c2
SHA1:a6abdc9351f6bbf5b7582a5d8de131d8aa57db8b
SHA256:6423b37fbb4f669f984ce4a9040cabe371fd0a25427e64b981dab8d266517a54
SHA512:6578400c3cd9d55e2dde8e2a76e07447abde6afdfb87a3d22786821634861232127cabc5e7b1748630b840573547373ec0e2e5720bd8b30476b5b8e5ffb3c7fa
SSDEEP:3072:r7bV8U7oxErE6nO+otIqS13mQ1FIgQOCQXSrE/3XyYfq:rl8U7oxE7Fouj2GMQi4/2
IMPHASH:4310dad400d93b4e4f05f962e6cc9eb8
Authentihash:N/A
Related resources
APTNotes
Cyber threat intelligence reports associated with 3a51870a302f6042ea45dce6e09253c2.
Loading...
Domains
Domains the malware sample communicates with.
Hosts
Hosts the malware sample communicates with.
HTTP Requests
HTTP requests the malware sample makes.
AV Detections
AV detection names associated with the malware sample.
Mutants
Mutants created by the malware sample.
Registry keys
Registry keys created by the malware sample.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-1547161642-507921405-839522115-1004
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{20D04FE0-3AEA-1069-A2D8-08002B30309D}
HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\InProcServer32
HKEY_CLASSES_ROOT\Drive\shellex\FolderExtensions
HKEY_CLASSES_ROOT\Drive\shellex\FolderExtensions\{fbeb8a05-beee-4442-804e-409d6c4515e9}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\ComputerName
ActiveComputerName
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP
HKEY_CLASSES_ROOT\jarfile\shell\open\command
HKEY_CURRENT_USER\Software\Valve\Steam
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\ComputerName\ActiveComputerName
HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\1
HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\Default
HKEY_CLASSES_ROOT\HTTP\shell\open\command
HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\origin
HKEY_CURRENT_USER\SOFTWARE\Blizzard Entertainment
HKEY_CURRENT_USER\Software\Skype
HKEY_CURRENT_USER\Software\Microsoft\VisualStudio
HKEY_CURRENT_USER\Software\VMware, Inc.
HKEY_CURRENT_USER\Software\Win7zip
HKEY_LOCAL_MACHINE\Software\Win7zip
HKEY_CURRENT_USER\Software\Classes\CLSID\{2C220028-BC88-1640-AA41-2F8B9326BBEF}\00000000\CG1
Comments
User comments about 3a51870a302f6042ea45dce6e09253c2.
NOTICE: We have updated our privacy terms and conditions in accordance to GDPR. By using our site, you acknowledge that you have read and understand our Privacy Policy. Your use of ThreatMiner’s Products and Services is subject to these policies and terms.