File: d7a54023df6dad87985f8744a20956cd

Metadata
File name:id0981234.js
File type:ASCII text, with very long lines
File size:10159 bytes
Analysis date:2017-04-21 03:37:17
MD5:d7a54023df6dad87985f8744a20956cd
SHA1:1ca7bf0775ff382f1a2dd18e21f3583b83ec1db6
SHA256:769c01e9575f84cb3fd6365d45b969534ff90b61e9b9d8e8bdae267cf77e33b9
SHA512:9b3e671556ad9b2ccbc0cf02c50d65982baf2b6d33041157e5a69aa7aa55ead3a58c3bde35b27a2be33542a23af62699cb8da8cda55f30dadc9ec132e34f74f4
SSDEEP:192:Z9fN6a9Wo4evBGTCtmTKlwdCUAZZ9GFa8UiiJh:b1p9WP20T4mLCb9GFaj/H
IMPHASH:N/A
Authentihash:N/A
Related resources
APTNotes
Cyber threat intelligence reports associated with d7a54023df6dad87985f8744a20956cd.
Loading...
Domains
Domains the malware sample communicates with.
DomainIP
fastshippingtoday.biz92.243.95.176
Hosts
Hosts the malware sample communicates with.
92.243.95.176
HTTP Requests
HTTP requests the malware sample makes.
HostURLUser-Agent
fastshippingtoday.biz/jst/avne138056awlyvndg/Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
fastshippingtoday.biz/73475683746apt471209329048715/file/Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
AV Detections
AV detection names associated with the malware sample.
KasperskyHEUR:Trojan.Script.Agent.gen
McAfee-GW-EditionBehavesLike.JS.Exploit.zm
NANO-AntivirusTrojan.Script.Heuristic-js.iacgm
ZoneAlarmHEUR:Trojan.Script.Agent.gen
Mutants
Mutants created by the malware sample.
Registry keys
Registry keys created by the malware sample.
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System
HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor
HKEY_CURRENT_USER\Software\Microsoft\Command Processor
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Locale
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Locale\Alternate Sorts
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Language Groups
HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings
HKEY_LOCAL_MACHINE\Software\Microsoft\Ole
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\ComputerName
ActiveComputerName
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\IMM
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers
HKEY_CURRENT_USER\SOFTWARE\Microsoft\CTF
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\SystemShared
HKEY_CLASSES_ROOT\.js
HKEY_CLASSES_ROOT\JSFile\ScriptEngine
HKEY_CLASSES_ROOT\JScript
HKEY_CLASSES_ROOT\JScript\CLSID
HKEY_LOCAL_MACHINE\Software\Microsoft\COM3
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004_Classes
HKEY_LOCAL_MACHINE\Software\Classes
\REGISTRY\USER
HKEY_LOCAL_MACHINE\Software\Classes\CLSID
HKEY_CLASSES_ROOT\JScript\CLSID\CLSID\{F414C260-6AC0-11CF-B6D1-00AA00BBBB58}
HKEY_CLASSES_ROOT\JScript\CLSID\CLSID\{F414C260-6AC0-11CF-B6D1-00AA00BBBB58}\TreatAs
HKEY_CLASSES_ROOT\JScript\CLSID\
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{F414C260-6AC0-11CF-B6D1-00AA00BBBB58}
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{F414C260-6AC0-11CF-B6D1-00AA00BBBB58}\InprocServer32
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{F414C260-6AC0-11CF-B6D1-00AA00BBBB58}\InprocServerX86
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{F414C260-6AC0-11CF-B6D1-00AA00BBBB58}\LocalServer32
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{F414C260-6AC0-11CF-B6D1-00AA00BBBB58}\InprocHandler32
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{F414C260-6AC0-11CF-B6D1-00AA00BBBB58}\InprocHandlerX86
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{F414C260-6AC0-11CF-B6D1-00AA00BBBB58}\LocalServer
HKEY_CLASSES_ROOT\CLSID\{F414C260-6AC0-11CF-B6D1-00AA00BBBB58}
HKEY_CLASSES_ROOT\CLSID\{F414C260-6AC0-11CF-B6D1-00AA00BBBB58}\TreatAs
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\LevelObjects
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers
{dda3f824-d8cb-441b-834d-be2efd2c1a33}
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\UrlZones
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\4096\Paths
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\4096\Hashes
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\4096\UrlZones
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\65536\Paths
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\65536\Hashes
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\65536\UrlZones
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\131072\Paths
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\131072\Hashes
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\131072\UrlZones
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\262144\Paths
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\262144\Hashes
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\262144\UrlZones
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\UrlZones
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\4096\Paths
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\4096\Hashes
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\4096\UrlZones
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\65536\Paths
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\65536\Hashes
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\65536\UrlZones
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\131072\Paths
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\131072\Hashes
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\131072\UrlZones
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\262144\Paths
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\262144\Hashes
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\262144\UrlZones
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\Certificate\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\Initialization\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\Message\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\Signature\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\CertCheck\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\DiagnosticPolicy\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Providers\Trust\Cleanup\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\SOFTWARE\Microsoft\Cryptography\Providers\Type 001
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Microsoft Strong Cryptographic Provider
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Offload
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Microsoft\Internet Explorer\Security
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\SystemCertificates\TrustedPublisher\Safer
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Policies\Microsoft\SystemCertificates\TrustedPublisher\Safer
HKEY_LOCAL_MACHINE\Software\Microsoft\SystemCertificates\TrustedPublisher\Safer
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllIsMyFileType
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllIsMyFileType2
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllIsMyFileType2\{000C10F1-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllIsMyFileType2\{06C9E010-38CE-11D4-A2A3-00104BD35090}
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllIsMyFileType2\{1629F04E-2799-4DB5-8FE5-ACE10F17EBAB}
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllIsMyFileType2\{1A610570-38CE-11D4-A2A3-00104BD35090}
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 1
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 1\CryptSIPDllIsMyFileType2
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{000C10F1-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{06C9E010-38CE-11D4-A2A3-00104BD35090}
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{1629F04E-2799-4DB5-8FE5-ACE10F17EBAB}
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{1A610570-38CE-11D4-A2A3-00104BD35090}
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{9BA61D3F-E73A-11D0-8CD2-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{AB13F5B1-F718-11D0-82AA-00AA00C065E1}
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{C689AAB8-8E78-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{C689AAB9-8E78-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{C689AABA-8E78-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{DE351A42-8E59-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{DE351A43-8E59-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 1\CryptSIPDllPutSignedDataMsg
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllGetSignedDataMsg
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllGetSignedDataMsg\{000C10F1-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllGetSignedDataMsg\{06C9E010-38CE-11D4-A2A3-00104BD35090}
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllGetSignedDataMsg\{1629F04E-2799-4DB5-8FE5-ACE10F17EBAB}
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllGetSignedDataMsg\{1A610570-38CE-11D4-A2A3-00104BD35090}
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllGetSignedDataMsg\{9BA61D3F-E73A-11D0-8CD2-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllGetSignedDataMsg\{AB13F5B1-F718-11D0-82AA-00AA00C065E1}
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllGetSignedDataMsg\{C689AAB8-8E78-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllGetSignedDataMsg\{C689AAB9-8E78-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllGetSignedDataMsg\{C689AABA-8E78-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllGetSignedDataMsg\{DE351A42-8E59-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllGetSignedDataMsg\{DE351A43-8E59-11D0-8C47-00C04FC295EE}
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 1\CryptSIPDllGetSignedDataMsg
HKEY_CLASSES_ROOT\JScript\CLSID\CLSID\{06290BD1-48AA-11D2-8432-006008C3FBFC}
HKEY_CLASSES_ROOT\JScript\CLSID\CLSID\{06290BD1-48AA-11D2-8432-006008C3FBFC}\TreatAs
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{06290BD1-48AA-11D2-8432-006008C3FBFC}
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{06290BD1-48AA-11D2-8432-006008C3FBFC}\InprocServer32
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{06290BD1-48AA-11D2-8432-006008C3FBFC}\InprocServerX86
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{06290BD1-48AA-11D2-8432-006008C3FBFC}\LocalServer32
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{06290BD1-48AA-11D2-8432-006008C3FBFC}\InprocHandler32
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{06290BD1-48AA-11D2-8432-006008C3FBFC}\InprocHandlerX86
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{06290BD1-48AA-11D2-8432-006008C3FBFC}\LocalServer
HKEY_CLASSES_ROOT\CLSID\{06290BD1-48AA-11D2-8432-006008C3FBFC}
HKEY_CLASSES_ROOT\CLSID\{06290BD1-48AA-11D2-8432-006008C3FBFC}\TreatAs
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SafeBoot\Option
HKEY_CLASSES_ROOT\WScript.Shell
HKEY_CLASSES_ROOT\WScript.Shell\CLSID
HKEY_CLASSES_ROOT\JScript\CLSID\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8}
HKEY_CLASSES_ROOT\JScript\CLSID\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8}\TreatAs
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8}
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8}\InprocServer32
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8}\InprocServerX86
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8}\LocalServer32
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8}\InprocHandler32
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8}\InprocHandlerX86
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8}\LocalServer
HKEY_CLASSES_ROOT\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8}
HKEY_CLASSES_ROOT\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8}\TreatAs
HKEY_CLASSES_ROOT\Scripting.FileSystemObject
HKEY_CLASSES_ROOT\Scripting.FileSystemObject\CLSID
HKEY_CLASSES_ROOT\JScript\CLSID\CLSID\{0D43FE01-F093-11CF-8940-00A0C9054228}
HKEY_CLASSES_ROOT\JScript\CLSID\CLSID\{0D43FE01-F093-11CF-8940-00A0C9054228}\TreatAs
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{0D43FE01-F093-11CF-8940-00A0C9054228}
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{0D43FE01-F093-11CF-8940-00A0C9054228}\InprocServer32
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{0D43FE01-F093-11CF-8940-00A0C9054228}\InprocServerX86
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{0D43FE01-F093-11CF-8940-00A0C9054228}\LocalServer32
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{0D43FE01-F093-11CF-8940-00A0C9054228}\InprocHandler32
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{0D43FE01-F093-11CF-8940-00A0C9054228}\InprocHandlerX86
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{0D43FE01-F093-11CF-8940-00A0C9054228}\LocalServer
HKEY_CLASSES_ROOT\CLSID\{0D43FE01-F093-11CF-8940-00A0C9054228}
HKEY_CLASSES_ROOT\CLSID\{0D43FE01-F093-11CF-8940-00A0C9054228}\TreatAs
HKEY_CLASSES_ROOT\TypeLib
HKEY_CLASSES_ROOT\TypeLib\{420B2830-E718-11CF-893D-00A0C9054228}
HKEY_CLASSES_ROOT\TypeLib\{420B2830-E718-11CF-893D-00A0C9054228}\1.0
HKEY_CLASSES_ROOT\TypeLib\{420B2830-E718-11CF-893D-00A0C9054228}\1.0\0
HKEY_CLASSES_ROOT\TypeLib\{420B2830-E718-11CF-893D-00A0C9054228}\1.0\0\win32
HKEY_CLASSES_ROOT\Msxml2.ServerXMLHTTP
HKEY_CLASSES_ROOT\Msxml2.ServerXMLHTTP\CLSID
HKEY_CLASSES_ROOT\JScript\CLSID\CLSID\{AFBA6B42-5692-48EA-8141-DC517DCF0EF1}
HKEY_CLASSES_ROOT\JScript\CLSID\CLSID\{AFBA6B42-5692-48EA-8141-DC517DCF0EF1}\TreatAs
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{AFBA6B42-5692-48EA-8141-DC517DCF0EF1}
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{AFBA6B42-5692-48EA-8141-DC517DCF0EF1}\InprocServer32
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{AFBA6B42-5692-48EA-8141-DC517DCF0EF1}\InprocServerX86
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{AFBA6B42-5692-48EA-8141-DC517DCF0EF1}\LocalServer32
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{AFBA6B42-5692-48EA-8141-DC517DCF0EF1}\InprocHandler32
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{AFBA6B42-5692-48EA-8141-DC517DCF0EF1}\InprocHandlerX86
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{AFBA6B42-5692-48EA-8141-DC517DCF0EF1}\LocalServer
HKEY_CLASSES_ROOT\CLSID\{AFBA6B42-5692-48EA-8141-DC517DCF0EF1}
HKEY_CLASSES_ROOT\CLSID\{AFBA6B42-5692-48EA-8141-DC517DCF0EF1}\TreatAs
HKEY_CLASSES_ROOT\JScript\CLSID\CLSID\{2087C2F4-2CEF-4953-A8AB-66779B670495}
HKEY_CLASSES_ROOT\JScript\CLSID\CLSID\{2087C2F4-2CEF-4953-A8AB-66779B670495}\TreatAs
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{2087C2F4-2CEF-4953-A8AB-66779B670495}
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{2087C2F4-2CEF-4953-A8AB-66779B670495}\InprocServer32
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{2087C2F4-2CEF-4953-A8AB-66779B670495}\InprocServerX86
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{2087C2F4-2CEF-4953-A8AB-66779B670495}\LocalServer32
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{2087C2F4-2CEF-4953-A8AB-66779B670495}\InprocHandler32
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{2087C2F4-2CEF-4953-A8AB-66779B670495}\InprocHandlerX86
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{2087C2F4-2CEF-4953-A8AB-66779B670495}\LocalServer
HKEY_CLASSES_ROOT\CLSID\{2087C2F4-2CEF-4953-A8AB-66779B670495}
HKEY_CLASSES_ROOT\CLSID\{2087C2F4-2CEF-4953-A8AB-66779B670495}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp
HKEY_LOCAL_MACHINE\Software\Microsoft\windows\CurrentVersion\Internet Settings\Connections
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp\UnsafeSslApps
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International
HKEY_CLASSES_ROOT\JScript\CLSID\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}
HKEY_CLASSES_ROOT\JScript\CLSID\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}\TreatAs
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}\InprocServer32
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}\InprocServerX86
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}\LocalServer32
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}\InprocHandler32
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}\InprocHandlerX86
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}\LocalServer
HKEY_CLASSES_ROOT\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}
HKEY_CLASSES_ROOT\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}\TreatAs
HKEY_CLASSES_ROOT\TypeLib\{F935DC20-1CF0-11D0-ADB9-00C04FD58A0B}
HKEY_CLASSES_ROOT\TypeLib\{F935DC20-1CF0-11D0-ADB9-00C04FD58A0B}\1.0
HKEY_CLASSES_ROOT\TypeLib\{F935DC20-1CF0-11D0-ADB9-00C04FD58A0B}\1.0\409
HKEY_CLASSES_ROOT\TypeLib\{F935DC20-1CF0-11D0-ADB9-00C04FD58A0B}\1.0\9
HKEY_CLASSES_ROOT\TypeLib\{F935DC20-1CF0-11D0-ADB9-00C04FD58A0B}\1.0\0
HKEY_CLASSES_ROOT\TypeLib\{F935DC20-1CF0-11D0-ADB9-00C04FD58A0B}\1.0\0\win32
HKEY_CLASSES_ROOT\ADODB.Stream
HKEY_CLASSES_ROOT\ADODB.Stream\CLSID
HKEY_CLASSES_ROOT\JScript\CLSID\CLSID\{00000566-0000-0010-8000-00AA006D2EA4}
HKEY_CLASSES_ROOT\JScript\CLSID\CLSID\{00000566-0000-0010-8000-00AA006D2EA4}\TreatAs
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{00000566-0000-0010-8000-00AA006D2EA4}
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{00000566-0000-0010-8000-00AA006D2EA4}\InprocServer32
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{00000566-0000-0010-8000-00AA006D2EA4}\InprocServerX86
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{00000566-0000-0010-8000-00AA006D2EA4}\LocalServer32
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{00000566-0000-0010-8000-00AA006D2EA4}\InprocHandler32
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{00000566-0000-0010-8000-00AA006D2EA4}\InprocHandlerX86
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{00000566-0000-0010-8000-00AA006D2EA4}\LocalServer
HKEY_CLASSES_ROOT\CLSID\{00000566-0000-0010-8000-00AA006D2EA4}
HKEY_CLASSES_ROOT\CLSID\{00000566-0000-0010-8000-00AA006D2EA4}\TreatAs
HKEY_CLASSES_ROOT\TypeLib\{00020430-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\TypeLib\{00020430-0000-0000-C000-000000000046}\2.0
HKEY_CLASSES_ROOT\TypeLib\{00020430-0000-0000-C000-000000000046}\2.0\0
HKEY_CLASSES_ROOT\TypeLib\{00020430-0000-0000-C000-000000000046}\2.0\0\win32
HKEY_CLASSES_ROOT\Shell.Application
HKEY_CLASSES_ROOT\Shell.Application\CLSID
HKEY_CLASSES_ROOT\JScript\CLSID\CLSID\{13709620-C279-11CE-A49E-444553540000}
HKEY_CLASSES_ROOT\JScript\CLSID\CLSID\{13709620-C279-11CE-A49E-444553540000}\TreatAs
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{13709620-C279-11CE-A49E-444553540000}
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{13709620-C279-11CE-A49E-444553540000}\InprocServer32
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{13709620-C279-11CE-A49E-444553540000}\InprocServerX86
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{13709620-C279-11CE-A49E-444553540000}\LocalServer32
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{13709620-C279-11CE-A49E-444553540000}\InprocHandler32
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{13709620-C279-11CE-A49E-444553540000}\InprocHandlerX86
HKEY_CLASSES_ROOT\JScript\CLSID\\CLSID\{13709620-C279-11CE-A49E-444553540000}\LocalServer
HKEY_CLASSES_ROOT\CLSID\{13709620-C279-11CE-A49E-444553540000}
HKEY_CLASSES_ROOT\CLSID\{13709620-C279-11CE-A49E-444553540000}\TreatAs
HKEY_CLASSES_ROOT\TypeLib\{50A7E9B0-70EF-11D1-B75A-00A0C90564FE}
HKEY_CLASSES_ROOT\TypeLib\{50A7E9B0-70EF-11D1-B75A-00A0C90564FE}\1.0
HKEY_CLASSES_ROOT\TypeLib\{50A7E9B0-70EF-11D1-B75A-00A0C90564FE}\1.0\9
HKEY_CLASSES_ROOT\TypeLib\{50A7E9B0-70EF-11D1-B75A-00A0C90564FE}\1.0\0
HKEY_CLASSES_ROOT\TypeLib\{50A7E9B0-70EF-11D1-B75A-00A0C90564FE}\1.0\0\win32
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\YQekct.dll
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
Comments
User comments about d7a54023df6dad87985f8744a20956cd.
NOTICE: We have updated our privacy terms and conditions in accordance to GDPR. By using our site, you acknowledge that you have read and understand our Privacy Policy. Your use of ThreatMiner’s Products and Services is subject to these policies and terms.