File: b29ac95c3f60b04240d9fb5b3482c5f215aa39ef4df8c75b5c3b37ec32910167

Metadata
File name:KB3002659.exe
File type:PE32 executable (GUI) Intel 80386, for MS Windows, RAR self-extracting archive
File size:289447 bytes
Analysis date:2015-08-02 02:50:46
MD5:0b943d68cc711bda2e587da0b9ad12d0
SHA1:e32cfec1c7f87d5ee83cfd22ef2be7d55e4109ec
SHA256:b29ac95c3f60b04240d9fb5b3482c5f215aa39ef4df8c75b5c3b37ec32910167
SHA512:2d96ae36c90f943e2dfeabcffd2a84a7832ca14ab4dc0b778fb2937c5d2d0a593177b349b5a34be60b47c113c6970a376319ab4d340d85ca46179bfa74e2ff43
SSDEEP:6144:EcWMJJhqryYP/daqlz390+swxfAgrQOW9nYtTg7QqAZ9:EczJJhqrVPldK+sYrQrYtDZ9
IMPHASH:699d7ca9b5f33853d396ae97caeae645
Authentihash:N/A
Related resources
PE TypePE32
MIME Typeapplication/octet-stream
Linker Version9.0
Uninitialized Data SizeN/A
Initialized Data Size72704
Image Version0.0
File TypeWin32 EXE
File Size283 kB
Machine TypeIntel 386 or later, and compatibles
Subsystem Version4.0
SubsystemWindows GUI
Code Size67584
OS Version5.0
Entry Point0xa785
Source:
APTNotes
Cyber threat intelligence reports associated with b29ac95c3f60b04240d9fb5b3482c5f215aa39ef4df8c75b5c3b37ec32910167.
Loading...
Domains
Domains the malware sample communicates with.
DomainIP
vietapps.vietimes.org192.199.244.70
Hosts
Hosts the malware sample communicates with.
192.199.244.70
HTTP Requests
HTTP requests the malware sample makes.
AV Detections
AV detection names associated with the malware sample.
Mutants
Mutants created by the malware sample.
"\Sessions\1\BaseNamedObjects\Local\ZonesCounterMutex"
"\Sessions\1\BaseNamedObjects\Local\ZoneAttributeCacheCounterMutex"
"\Sessions\1\BaseNamedObjects\Local\ZonesCacheCounterMutex"
"\Sessions\1\BaseNamedObjects\Local\ZonesLockedCacheCounterMutex"
"\Sessions\1\BaseNamedObjects\Global\kivrvlg"
"\Sessions\1\BaseNamedObjects\Global\wrdyfcbbyezmh"
"\Sessions\1\BaseNamedObjects\ATEtcLoadLibrary-BADBCCA6-F410-403c-B926-E8CA1DE1A138"
Registry keys
Registry keys created by the malware sample.
Comments
User comments about b29ac95c3f60b04240d9fb5b3482c5f215aa39ef4df8c75b5c3b37ec32910167.
NOTICE: We have updated our privacy terms and conditions in accordance to GDPR. By using our site, you acknowledge that you have read and understand our Privacy Policy. Your use of ThreatMiner’s Products and Services is subject to these policies and terms.