File: 55d025ac36d1bc284849f9f01ab8c6f5

Metadata
File name:info_2.js
File type:scriptjavascript
File size:3512 bytes
Analysis date:Analyzed on April 26 2017 03:27:33
MD5:55d025ac36d1bc284849f9f01ab8c6f5
SHA1:7a6f6e0e3a188c8b0ab2498cbbd83c3537eadd8f
SHA256:999a18f162d915cf160dfde77f53f5ed54f28a8f1d8e58b5a87e1c3769b4ea18
SHA512:9f1ebeae023c6b02fca7383b7fede8b389887c2175744d8301c30eb41b56897b505a824e9c4ae6b61dbc0a6d1a01adc47b3a5f30aeb6f862e7c49792b1b29b4c
SSDEEP:N/A
IMPHASH:N/A
Authentihash:N/A
Related resources
APTNotes
Cyber threat intelligence reports associated with 55d025ac36d1bc284849f9f01ab8c6f5.
Loading...
Domains
Domains the malware sample communicates with.
DomainIP
trade.plumbum.company46.33.233.164
sport.betsfor.today46.33.233.164
Hosts
Hosts the malware sample communicates with.
46.33.233.164
5.12.153.105
82.137.62.34
HTTP Requests
HTTP requests the malware sample makes.
HostURLUser-Agent
46.33.233.164 (trade.plumbum.company)/uAwZyCwPXM.php0A 55 73 65 72 2D 41 67 65 6E 74 3A 20 4D 6F 7A [.User-Agent
N/A
N/A
N/A
46.33.233.164 (sport.betsfor.today)/uAwZyCwPXM.php0A 55 73 65 72 2D 41 67 65 6E 74 3A 20 4D 6F 7A [.User-Agent
N/A
N/A
N/A
AV Detections
AV detection names associated with the malware sample.
Mutants
Mutants created by the malware sample.
"\Sessions\1\BaseNamedObjects\Local\_!MSFTHISTORY!_"
"\Sessions\1\BaseNamedObjects\Local\c:!users!9ytzgfl!appdata!roaming!microsoft!windows!cookies!"
"\Sessions\1\BaseNamedObjects\Local\c:!users!9ytzgfl!appdata!local!microsoft!windows!history!history.ie5!"
"\Sessions\1\BaseNamedObjects\Local\WininetStartupMutex"
"\Sessions\1\BaseNamedObjects\Local\WininetConnectionMutex"
"\Sessions\1\BaseNamedObjects\Local\WininetProxyRegistryMutex"
"\Sessions\1\BaseNamedObjects\Local\!IETld!Mutex"
"\Sessions\1\BaseNamedObjects\Local\c:!users!9ytzgfl!appdata!roaming!microsoft!windows!ietldcache!"
"\Sessions\1\BaseNamedObjects\RasPbFile"
"\Sessions\1\BaseNamedObjects\Local\ZonesCounterMutex"
"\Sessions\1\BaseNamedObjects\Local\ZoneAttributeCacheCounterMutex"
"\Sessions\1\BaseNamedObjects\Local\ZonesCacheCounterMutex"
"\Sessions\1\BaseNamedObjects\Local\ZonesLockedCacheCounterMutex"
"\Sessions\1\BaseNamedObjects\Local\c:!users!9ytzgfl!appdata!local!microsoft!windows!temporary internet files!content.ie5!"
"Local\ZonesLockedCacheCounterMutex"
"Local\WininetStartupMutex"
"Local\c:!users!9ytzgfl!appdata!local!microsoft!windows!temporary internet files!content.ie5!"
"Local\WininetConnectionMutex"
"Local\ZonesCounterMutex"
"Local\_!MSFTHISTORY!_"
Registry keys
Registry keys created by the malware sample.
Comments
User comments about 55d025ac36d1bc284849f9f01ab8c6f5.
NOTICE: We have updated our privacy terms and conditions in accordance to GDPR. By using our site, you acknowledge that you have read and understand our Privacy Policy. Your use of ThreatMiner’s Products and Services is subject to these policies and terms.