File: dbeda80756f7638f1bf44357a01a1c26

Metadata
File name:Planilha_093472843_Mes_Fevereiro.wsf
File type:HTML document, ASCII text, with CRLF line terminators
File size:1857 bytes
Analysis date:Analyzed on February 23 2017 18:44:16
MD5:dbeda80756f7638f1bf44357a01a1c26
SHA1:7baeb2f6aed0816eb383115e9d31c4d3b205c40f
SHA256:58b336fc55f0d48f53b15a8e7666415d600817b05d73e4e9503e19e97cbad8cc
SHA512:7a5cc36c382283b4a8e294083bdf44fe868958f1523b1e1c094ba94d5821c3071807c3b68e7aefd42073b213259b917162387afe37ddf31db529bb481eff0b90
SSDEEP:N/A
IMPHASH:N/A
Authentihash:N/A
Related resources
APTNotes
Cyber threat intelligence reports associated with dbeda80756f7638f1bf44357a01a1c26.
Loading...
Domains
Domains the malware sample communicates with.
DomainIP
ns3067093.ip-79-137-65.eu79.137.65.212
Hosts
Hosts the malware sample communicates with.
79.137.65.212
HTTP Requests
HTTP requests the malware sample makes.
HostURLUser-Agent
79.137.65.212/processsysytemexplorer64.zipMozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)
N/A
N/A
N/A
AV Detections
AV detection names associated with the malware sample.
Mutants
Mutants created by the malware sample.
"\Sessions\1\BaseNamedObjects\Local\_!MSFTHISTORY!_"
"\Sessions\1\BaseNamedObjects\Local\c:!users!5dquzme!appdata!roaming!microsoft!windows!cookies!"
"\Sessions\1\BaseNamedObjects\Local\c:!users!5dquzme!appdata!local!microsoft!windows!history!history.ie5!"
"\Sessions\1\BaseNamedObjects\Local\WininetStartupMutex"
"\Sessions\1\BaseNamedObjects\Local\WininetConnectionMutex"
"\Sessions\1\BaseNamedObjects\Local\WininetProxyRegistryMutex"
"\Sessions\1\BaseNamedObjects\Local\!IETld!Mutex"
"\Sessions\1\BaseNamedObjects\Local\c:!users!5dquzme!appdata!roaming!microsoft!windows!ietldcache!"
"\Sessions\1\BaseNamedObjects\RasPbFile"
"\Sessions\1\BaseNamedObjects\Local\c:!users!5dquzme!appdata!local!microsoft!windows!temporary internet files!content.ie5!"
"\Sessions\1\BaseNamedObjects\Local\ZonesCounterMutex"
"\Sessions\1\BaseNamedObjects\Local\ZoneAttributeCacheCounterMutex"
"\Sessions\1\BaseNamedObjects\Local\ZonesCacheCounterMutex"
"\Sessions\1\BaseNamedObjects\Local\ZonesLockedCacheCounterMutex"
"\Sessions\1\BaseNamedObjects\IESQMMUTEX_0_208"
"\Sessions\1\BaseNamedObjects\A64BF0173DF70C39"
Registry keys
Registry keys created by the malware sample.
Comments
User comments about dbeda80756f7638f1bf44357a01a1c26.
NOTICE: We have updated our privacy terms and conditions in accordance to GDPR. By using our site, you acknowledge that you have read and understand our Privacy Policy. Your use of ThreatMiner’s Products and Services is subject to these policies and terms.