File: 948cd0bf83a670c05401c8b67d2eb310

Metadata
File name:N/A
File type:N/A
File size:N/A
Analysis date:2016-07-27 20:13:35
MD5:948cd0bf83a670c05401c8b67d2eb310
SHA1:e5c8c10b10ee288512d3a7c79ae1249b57857d23
SHA256:91f72808aaed45a76ff1044a23fd6df4b7ab7ace292725522518feb9c0b8574e
SHA512:N/A
SSDEEP:N/A
IMPHASH:N/A
Authentihash:N/A
Related resources
PE TypePE32
Internal Namemsiexec
File Size92 kB
Machine TypeIntel 386 or later, and compatibles
File OSWindows NT 32-bit
Code Size72192
OS Version5.1
Entry Point0x1032e
File Flags Mask0x003f
Linker Version8.0
File SubtypeN/A
Uninitialized Data SizeN/A
File Version5.0.7601.17514 (win7sp1_rtm.101119-1850)
Initialized Data Size20480
File DescriptionWindows®SysUtility
Product Version Number5.0.7601.17514
Product NameWindowsSysUtility - Unicode
Company NameMicrosoft Corporation
MIME Typeapplication/octet-stream
Character SetUnicode
Language CodeEnglish (U.S.)
File Version Number5.0.7601.17514
File TypeWin32 EXE
Original Filenamemsiexec.exe
Legal Copyright© Microsoft Corporation. All rights reserved.
SubsystemWindows GUI
Object File TypeExecutable application
Image Version0.0
File Flags(none)
Subsystem Version5.1
Product Version5.0.7601.17514
Source:
APTNotes
Cyber threat intelligence reports associated with 948cd0bf83a670c05401c8b67d2eb310.
Loading...
Domains
Domains the malware sample communicates with.
Hosts
Hosts the malware sample communicates with.
HTTP Requests
HTTP requests the malware sample makes.
AV Detections
AV detection names associated with the malware sample.
AVGWin32:Malware-gen
AVwareTrojan.Win32.Generic!BT
Ad-AwareGen:Trojan.Heur.TDss.fq0@bSbST!gi
AegisLabBackdoor.W32.Blakken!c
AhnLab-V3Trojan/Win32.Blacken.R124316
Antiy-AVLTrojan[Backdoor]/Win32.Blakken
ArcabitTrojan.Heur.TDss.E4D72A
AvastWin32:Malware-gen
AviraTR/Spy.93696.138
BaiduWin32.Trojan.WisdomEyes.16070401.9500.9999
BitDefenderGen:Trojan.Heur.TDss.fq0@bSbST!gi
CAT-QuickHealBackdoor.Phdet
ClamAVWin.Trojan.BlackEnergy2-1
CrowdStrikemalicious_confidence_80% (W)
CylanceUnsafe
CyrenW32/Trojan.PTVL-8929
ESET-NOD32a variant of Win32/Kryptik.BVIG
EmsisoftGen:Trojan.Heur.TDss.fq0@bSbST!gi (B)
Endgamemalicious (high confidence)
F-SecureTrojan-Dropper:W32/BlackEnergy.A
FortinetW32/Blakken.AAC!tr.bdr
GDataGen:Trojan.Heur.TDss.fq0@bSbST!gi
IkarusBackdoor.Win32.Blakken
Invinceaheuristic
K7AntiVirusTrojan ( 00496f851 )
K7GWTrojan ( 00496f851 )
KasperskyBackdoor.Win32.Blakken.aac
MAXmalware (ai score=100)
McAfeeArtemis!948CD0BF83A6
McAfee-GW-EditionBehavesLike.Win32.RansomWannaCry.nc
MicroWorld-eScanGen:Trojan.Heur.TDss.fq0@bSbST!gi
Paloaltogeneric.ml
PandaTrj/Genetic.gen
Qihoo-360HEUR/Malware.QVM20.Gen
RisingBackdoor.Blakken!8.2E8C (TFE:1:L1jvIOSddfN)
SophosMal/Behav-321
SymantecBackdoor.Lancafdo.A
TencentWin32.Backdoor.Blakken.Htce
TheHackerTrojan/Kryptik.bvig
TrendMicroBKDR_BLACKEN.A
TrendMicro-HouseCallBKDR_BLACKEN.A
VBA32SScope.Trojan.FakeAV.01695
VIPRETrojan.Win32.Generic!BT
ViRobotTrojan.Win32.S.Agent.93696.AT
WebrootW32.Black.Energy
WhiteArmorMalware.HighConfidence
YandexTrojan.Kryptik!FGyPhdWIUEg
ZillyaBackdoor.Blakken.Win32.171
ZoneAlarmBackdoor.Win32.Blakken.aac
eGambitTrojan.Generic
Mutants
Mutants created by the malware sample.
Registry keys
Registry keys created by the malware sample.
Comments
User comments about 948cd0bf83a670c05401c8b67d2eb310.
NOTICE: We have updated our privacy terms and conditions in accordance to GDPR. By using our site, you acknowledge that you have read and understand our Privacy Policy. Your use of ThreatMiner’s Products and Services is subject to these policies and terms.