2017-09-13_03-12-18.exe | |
PE32 executable (GUI) Intel 80386, for MS Windows | 207360 bytes |
2017-09-12 20:38:20 | |
c3e6e1837c24566425b1750c50dced42 | |
403c106fd9bb25f917608537d6a2c190dfb30c26 | |
794e9116c38c68af887b0712e4e45a397cd4c010bc438fdc515cef68f5ee7c49 | |
1930399cb49a27e49c98e88f5ddaa410cca6826b0d9224dc8d947c63ab6e802ac1b9a54b6def056ba42d7758308df4757003ecaaf60e61a195f3be8e4507a52c | |
3072:PdQ2R3b+5p5p5p5p5p5p5O5uEjksACXhZ3NXLJersf1IB+s8+sgz:P6YbUEj9AUZ37er2m+ez | |
15ffd8af0d5230968e90742f91f7e2a2 | |
N/A | |
Host | URL | User-Agent |
---|---|---|
ponedobla.bit | /us/ | |
ponedobla.bit | /net/ |
Baidu | Win32.Trojan.WisdomEyes.16070401.9500.9994 |
CrowdStrike | malicious_confidence_100% (D) |
Cylance | Unsafe |
Endgame | malicious (high confidence) |
Fortinet | W32/Kryptik.FWMX!tr |
Invincea | heuristic |
McAfee | Ransomware-GFC!C3E6E1837C24 |
Qihoo-360 | HEUR/QVM20.1.CF12.Malware.Gen |
Rising | Malware.Heuristic!ET#99% (rdm+) |
SentinelOne | static engine - malicious |
Sophos | Mal/Elenoocka-E |
Symantec | ML.Attribute.HighConfidence |
TrendMicro | Ransom_CERBER.SMALY0 |
TrendMicro-HouseCall | Ransom_CERBER.SMALY0 |
WhiteArmor | Malware.HighConfidence |
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\ComputerName |
ActiveComputerName |
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\Run |
HKEY_LOCAL_MACHINE\software\policies\microsoft\windows defender |
HKEY_LOCAL_MACHINE\software\policies\microsoft\windows defender\real-time protection |
HKEY_CURRENT_USER\Software\Microsoft\Gy |
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion |
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders |
HKEY_CURRENT_USER\Software\Microsoft |
HKEY_CURRENT_USER\Software\Microsoft\Gy\ |
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Identitiesy |
HKEY_CURRENT_USER\SOFTWARE\Microsoft |
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Identitiesy\ |