Sample: af8803b2aaf070cbc25f27cc6d07f984

Note: if you are new to ThreatMiner, check out the how-to page to find out how you can get the most out of this portal.

Metadata
File name:Fantastic Butterfly.exe_
File type:PE32 executable (GUI) Intel 80386, for MS Windows
File size:23064576 bytes
Analysis date:2016-12-01 18:09:54
MD5:af8803b2aaf070cbc25f27cc6d07f984
SHA1:b07012f2e30ee9fc296851796f8f00770a951e90
SHA256:632486a335197d99de8dd443334da9f2da965844f6b8c68b11b78a68004a0897
SHA512:00d3e81c6b307eaf904294ea05b4c7ee68d05a067901b37676d440bc5472f05b7d3cfecfb74af114d78e6dbc1bdd7e68a2050dab678bd64570e3d3674e6baa8c
SSDEEP:393216:yVYrELLSH49mztq0eP+NRqp+mLPrv0NddtqjCfOHZw8cvS7BuFBwe:ElCYckXhzsNddyJgEuFae
IMPHASH:b0e165fc19a112b49640a18d58d46da3
Authentihash:N/A
Related resources
APTNotes
Cyber threat intelligence reports associated with af8803b2aaf070cbc25f27cc6d07f984.
Loading...
Domains
Domains the malware sample communicates with.
Hosts
Hosts the malware sample communicates with.
HTTP Requests
HTTP requests the malware sample makes.
AV Detections
AV detection names associated with the malware sample.
Mutants
Mutants created by the malware sample.
Registry keys
Registry keys created by the malware sample.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\IMM
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers
HKEY_CURRENT_USER\SOFTWARE\Microsoft\CTF
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\SystemShared
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\
HKEY_CURRENT_USER\Software\DesktopPaints.com\Animated Wallpaper Maker\
HKEY_LOCAL_MACHINE\Software\Microsoft\Direct3D
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Video\{4517F971-80B9-4F31-93FF-496D8420E9A1}\0000
HKEY_LOCAL_MACHINE\Software\Microsoft\DirectDraw\GammaCalibrator
HKEY_LOCAL_MACHINE\Software\Microsoft\Direct3D\Drivers
HKEY_LOCAL_MACHINE\Software\Microsoft\Direct3D\ReferenceDevice
HKEY_CURRENT_USER\Keyboard Layout\Toggle
HKEY_CURRENT_USER\SOFTWARE\Microsoft\CTF\LangBarAddIn\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\LangBarAddIn\
Comments
User comments about af8803b2aaf070cbc25f27cc6d07f984.
NOTICE: We have updated our privacy terms and conditions in accordance to GDPR. By using our site, you acknowledge that you have read and understand our Privacy Policy. Your use of ThreatMiner’s Products and Services is subject to these policies and terms.