File: d4d7733fa92e2e7f1668d6d089805987567d6ddd38afef18afc9e759d52105d9

Metadata
File name:details_Atkifa.js
File type:ASCII text, with very long lines, with CRLF line terminators
File size:3943 bytes
Analysis date:2016-03-13 14:20:42
MD5:05a44df4418ea3f133a3708d4d829dc7
SHA1:db854322f47789d584faff33e2973903e9a4a21a
SHA256:d4d7733fa92e2e7f1668d6d089805987567d6ddd38afef18afc9e759d52105d9
SHA512:526963871c96d5ec492bc61086f2fbb4fb06559dbf02ef91cca4f43c12060de624d81b56050bfed33f226d85420ad5b15640ec960cae67c2a26a08080bf7f455
SSDEEP:N/A
IMPHASH:N/A
Authentihash:N/A
Related resources
APTNotes
Cyber threat intelligence reports associated with d4d7733fa92e2e7f1668d6d089805987567d6ddd38afef18afc9e759d52105d9.
Loading...
Domains
Domains the malware sample communicates with.
DomainIP
ohelloguyzzqq.com54.212.162.6
Hosts
Hosts the malware sample communicates with.
54.212.162.6
HTTP Requests
HTTP requests the malware sample makes.
HostURLUser-Agent
54.212.162.6 (ohelloguyzzqq.com)/85.exe?1Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
AV Detections
AV detection names associated with the malware sample.
Mutants
Mutants created by the malware sample.
"\Sessions\1\BaseNamedObjects\IESQMMUTEX_0_208"
"\Sessions\1\BaseNamedObjects\Local\_!MSFTHISTORY!_"
"\Sessions\1\BaseNamedObjects\Local\c:!users!pspubws!appdata!local!microsoft!windows!temporary internet files!content.ie5!"
"\Sessions\1\BaseNamedObjects\Local\c:!users!pspubws!appdata!roaming!microsoft!windows!cookies!"
"\Sessions\1\BaseNamedObjects\Local\c:!users!pspubws!appdata!local!microsoft!windows!history!history.ie5!"
"\Sessions\1\BaseNamedObjects\Local\WininetStartupMutex"
"\Sessions\1\BaseNamedObjects\Local\WininetConnectionMutex"
"\Sessions\1\BaseNamedObjects\Local\WininetProxyRegistryMutex"
"\Sessions\1\BaseNamedObjects\Local\!IETld!Mutex"
"\Sessions\1\BaseNamedObjects\RasPbFile"
"\Sessions\1\BaseNamedObjects\Local\ZonesCounterMutex"
"\Sessions\1\BaseNamedObjects\Local\ZoneAttributeCacheCounterMutex"
"\Sessions\1\BaseNamedObjects\Local\ZonesCacheCounterMutex"
"\Sessions\1\BaseNamedObjects\Local\ZonesLockedCacheCounterMutex"
Registry keys
Registry keys created by the malware sample.
Comments
User comments about d4d7733fa92e2e7f1668d6d089805987567d6ddd38afef18afc9e759d52105d9.
NOTICE: We have updated our privacy terms and conditions in accordance to GDPR. By using our site, you acknowledge that you have read and understand our Privacy Policy. Your use of ThreatMiner’s Products and Services is subject to these policies and terms.