Sample: c9866d9db230a5f03d0fb4da701bcb32

Note: if you are new to ThreatMiner, check out the how-to page to find out how you can get the most out of this portal.

Metadata
File name:text_1480629767022.txt
File type:ASCII text
File size:8 bytes
Analysis date:2016-12-01 15:56:19
MD5:c9866d9db230a5f03d0fb4da701bcb32
SHA1:92e25c3d9bdf96fb468fe20fcf965c1313d9c993
SHA256:1456e7cb086f4b1f228d3a034f4a96bbcd9b857371cce1d0e5d0d06d09103077
SHA512:e1ab1031292ba0793085726f6e1137ecc92f01ae06ea4a2d581695da3cc1c52a7584be4b61a4329e4577734c58be3ae7173fe4afc8b6e0df8176e965c52ad10b
SSDEEP:3:dEqiL:A
IMPHASH:N/A
Authentihash:N/A
Related resources
APTNotes
Cyber threat intelligence reports associated with c9866d9db230a5f03d0fb4da701bcb32.
Loading...
Domains
Domains the malware sample communicates with.
Hosts
Hosts the malware sample communicates with.
HTTP Requests
HTTP requests the malware sample makes.
AV Detections
AV detection names associated with the malware sample.
Mutants
Mutants created by the malware sample.
Registry keys
Registry keys created by the malware sample.
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System
HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor
HKEY_CURRENT_USER\Software\Microsoft\Command Processor
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Locale
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Locale\Alternate Sorts
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Language Groups
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\IMM
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers
HKEY_CURRENT_USER\SOFTWARE\Microsoft\CTF
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\SystemShared
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Applications\NOTEPAD.EXE
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{20D04FE0-3AEA-1069-A2D8-08002B30309D}
HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\InProcServer32
HKEY_CLASSES_ROOT\Drive\shellex\FolderExtensions
HKEY_CLASSES_ROOT\Drive\shellex\FolderExtensions\{fbeb8a05-beee-4442-804e-409d6c4515e9}
HKEY_CLASSES_ROOT\Directory
HKEY_CLASSES_ROOT\Directory\CurVer
HKEY_CLASSES_ROOT\Directory\
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
HKEY_CLASSES_ROOT\Directory\\ShellEx\IconHandler
HKEY_CLASSES_ROOT\Directory\\Clsid
HKEY_CLASSES_ROOT\Folder
HKEY_CLASSES_ROOT\Folder\Clsid
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.txt
HKEY_CLASSES_ROOT\.txt
HKEY_CLASSES_ROOT\txtfile
HKEY_CLASSES_ROOT\txtfile\CurVer
HKEY_CLASSES_ROOT\txtfile\
HKEY_CLASSES_ROOT\txtfile\\ShellEx\IconHandler
HKEY_CLASSES_ROOT\SystemFileAssociations\.txt
HKEY_CLASSES_ROOT\SystemFileAssociations\text
HKEY_CLASSES_ROOT\SystemFileAssociations\text\ShellEx\IconHandler
HKEY_CLASSES_ROOT\txtfile\\Clsid
HKEY_CLASSES_ROOT\SystemFileAssociations\text\Clsid
HKEY_CLASSES_ROOT\*
HKEY_CLASSES_ROOT\*\Clsid
HKEY_CURRENT_USER\Keyboard Layout\Toggle
HKEY_CURRENT_USER\SOFTWARE\Microsoft\CTF\LangBarAddIn\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\LangBarAddIn\
Comments
User comments about c9866d9db230a5f03d0fb4da701bcb32.
NOTICE: We have updated our privacy terms and conditions in accordance to GDPR. By using our site, you acknowledge that you have read and understand our Privacy Policy. Your use of ThreatMiner’s Products and Services is subject to these policies and terms.