Sample: e689b1fb0610b752f42adafc403fa49f

Note: if you are new to ThreatMiner, check out the how-to page to find out how you can get the most out of this portal.

Metadata
File name:e689b1fb0610b752f42adafc403fa49f
File type:PE32 executable (GUI) Intel 80386, for MS Windows
File size:123904 bytes
Analysis date:2016-12-01 18:22:38
MD5:e689b1fb0610b752f42adafc403fa49f
SHA1:be08b1025dd9d46c7012aa1ae752d4e0af91fc71
SHA256:60cce954b7d0f3eb0a808e281623149485acd958c58f1dfac2416a954afb5b8e
SHA512:32670e428be2737d1f3a9a996916aa0ece5c2f7a7509536c42db7c3dff56cb1fb80012060be5efb803738ce7d6e620f1099a212af906b87feab8b9499eabd163
SSDEEP:3072:x/1U6ZbZnadtpiRJpLLNkKYz54FlkYkARyQqY:11NZbRaQLaK84FlkYnytY
IMPHASH:51fa801d0a175c62e8360f7d2b97117a
Authentihash:N/A
Related resources
APTNotes
Cyber threat intelligence reports associated with e689b1fb0610b752f42adafc403fa49f.
Loading...
Domains
Domains the malware sample communicates with.
Hosts
Hosts the malware sample communicates with.
HTTP Requests
HTTP requests the malware sample makes.
AV Detections
AV detection names associated with the malware sample.
Mutants
Mutants created by the malware sample.
Registry keys
Registry keys created by the malware sample.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Applications\e689b1fb0610b752f42adafc403fa49f.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\COM3
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004_Classes
HKEY_LOCAL_MACHINE\Software\Classes
\REGISTRY\USER
HKEY_LOCAL_MACHINE\Software\Classes\CLSID
CLSID\{00021401-0000-0000-C000-000000000046}
CLSID\{00021401-0000-0000-C000-000000000046}\TreatAs
\CLSID\{00021401-0000-0000-C000-000000000046}
\CLSID\{00021401-0000-0000-C000-000000000046}\InprocServer32
\CLSID\{00021401-0000-0000-C000-000000000046}\InprocServerX86
\CLSID\{00021401-0000-0000-C000-000000000046}\LocalServer32
\CLSID\{00021401-0000-0000-C000-000000000046}\InprocHandler32
\CLSID\{00021401-0000-0000-C000-000000000046}\InprocHandlerX86
\CLSID\{00021401-0000-0000-C000-000000000046}\LocalServer
HKEY_CLASSES_ROOT\CLSID\{00021401-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\CLSID\{00021401-0000-0000-C000-000000000046}\TreatAs
HKEY_CLASSES_ROOT\Drive\shellex\FolderExtensions
HKEY_CLASSES_ROOT\Drive\shellex\FolderExtensions\{fbeb8a05-beee-4442-804e-409d6c4515e9}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
.exe
HKEY_CLASSES_ROOT\.exe
HKEY_CLASSES_ROOT\exefile
HKEY_CLASSES_ROOT\exefile\CurVer
HKEY_CLASSES_ROOT\exefile\
HKEY_CLASSES_ROOT\exefile\\ShellEx\IconHandler
HKEY_CLASSES_ROOT\SystemFileAssociations\.exe
HKEY_CLASSES_ROOT\SystemFileAssociations\application
HKEY_CLASSES_ROOT\exefile\\Clsid
HKEY_CLASSES_ROOT\*
HKEY_CLASSES_ROOT\*\Clsid
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\ProductOptions
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\DefaultSecurity
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\ComputerName
ActiveComputerName
ActiveComputerName\DelegateFolders
ActiveComputerName\{BDEADF00-C265-11D0-BCED-00A0C90AB50F}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace
\SessionInfo\0000000000009f43
\SessionInfo\0000000000009f43\MyComputer\NameSpace
HKEY_CLASSES_ROOT\CLSID\{21EC2020-3AEA-1069-A2DD-08002B30309D}\ShellFolder
HKEY_CLASSES_ROOT\CLSID\{BDEADF00-C265-11D0-BCED-00A0C90AB50F}\ShellFolder
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{1f4de370-d627-11d1-ba4f-00a0c91eedba}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{450D8FBA-AD25-11D0-98A8-0800361B1103}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{645FF040-5081-101B-9F08-00AA002F954E}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{e17d4fc0-5564-11d1-83f2-00a0c90dc849}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace
\SessionInfo\0000000000009f43\Desktop\NameSpace
HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder
HKEY_CLASSES_ROOT\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\ShellFolder
HKEY_CLASSES_ROOT\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\ShellFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{871C5380-42A0-1069-A2EA-08002B30309D}
HKEY_CLASSES_ROOT\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InProcServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{871c5380-42a0-1069-a2ea-08002b30309d}\InProcServer32
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\TreatAs
\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}
\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32
\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServerX86
\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\LocalServer32
\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocHandler32
\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocHandlerX86
\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\LocalServer
HKEY_CLASSES_ROOT\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}
HKEY_CLASSES_ROOT\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\TreatAs
HKEY_CLASSES_ROOT\CLSID\{1F4DE370-D627-11D1-BA4F-00A0C91EEDBA}\ShellFolder
HKEY_CLASSES_ROOT\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder
HKEY_CLASSES_ROOT\CLSID\{5858A72C-C2B4-4DD7-B2BF-B76DB1BD9F6C}\ShellFolder
HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder
HKEY_CLASSES_ROOT\CLSID\{E17D4FC0-5564-11D1-83F2-00A0C90DC849}\ShellFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Objects\{20D04FE0-3AEA-1069-A2D8-08002B30309D}
HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\InProcServer32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList
HKEY_CLASSES_ROOT\CLSID\{59031A47-3F72-44A7-89C5-5595FE6B30EE}\InProcServer32
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\Controls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\DelegateFolders
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{BDEADF00-C265-11D0-BCED-00A0C90AB50F}
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\ComputerName\DelegateFolders
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\ComputerName\{BDEADF00-C265-11D0-BCED-00A0C90AB50F}
HKEY_LOCAL_MACHINE\Software\Adobe\Adobe Acrobat\9.0\Security
HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Reader\9.0\ORO
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\IMM
HKEY_CURRENT_USER\SOFTWARE\Microsoft\CTF
HKEY_LOCAL_MACHINE\System
HKEY_LOCAL_MACHINE\System\Acrobatviewercpp304
HKEY_LOCAL_MACHINE\Software\Adobe
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\Installer\Migrated
HKEY_LOCAL_MACHINE\Software\Adobe\Repair\Acrobat Reader\9.0\IOD
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\Language\current
HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Reader\9.0\Installer
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Installer
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-1547161642-507921405-839522115-1004\Installer\Products\68AB67CA7DA73301B7449A0400000010
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Microsoft\Installer\Products\68AB67CA7DA73301B7449A0400000010
HKEY_LOCAL_MACHINE\Software\Classes\Installer\Products\68AB67CA7DA73301B7449A0400000010
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\68AB67CA7DA73301B7449A0400000010\InstallProperties
HKEY_CURRENT_USER\Software\Adobe\Adobe Acrobat\9.0\Installer\Migrated
HKEY_CURRENT_USER\Software\Adobe\Acrobat Distiller\9.0\Installer\Migrated
HKEY_CURRENT_USER\Software\Adobe\Acrobat Elements\9.0\Installer\Migrated
HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Reader\9.0\Installer\Migrate
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\Language\path
HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Reader\9.0\Language\path
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\Language\select
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\Language\next
HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Reader\9.0\Language\next
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\Language\UseMUI
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\AdobeViewer
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\AVGeneral
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\SDI
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\Originals
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\AVPrivate
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\Private
HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Reader\9.0\Private
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\Hotfix
HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Reader\9.0\Hotfix
HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Reader\9.0\AVGeneral
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Applications\AcroRd32.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{475c7950-e3d2-11e0-8d7a-806d6172696f}\
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{475c7952-e3d2-11e0-8d7a-806d6172696f}\
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{475c7952-e3d2-11e0-8d7a-806d6172696f}\
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{475c7950-e3d2-11e0-8d7a-806d6172696f}\
HKEY_CLASSES_ROOT\Directory
HKEY_CLASSES_ROOT\Directory\CurVer
HKEY_CLASSES_ROOT\Directory\
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
HKEY_CLASSES_ROOT\Directory\\ShellEx\IconHandler
HKEY_CLASSES_ROOT\Directory\\Clsid
HKEY_CLASSES_ROOT\Folder
HKEY_CLASSES_ROOT\Folder\Clsid
HKEY_CLASSES_ROOT\CLSID
HKEY_CLASSES_ROOT\CLSID\{00021401-0000-0000-C000-000000000046}\InProcServer32
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Type 1 Installer\Type 1 Fonts
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\AVConversionToPDF
HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Reader\9.0\AVConversionToPDF
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\AVConversionFromPDF
HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Reader\9.0\AVConversionFromPDF
HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Reader\9.0\Language\current
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\Intl
HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Reader\9.0\AVPrivate
HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Reader\9.0\Intl
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\RIF
HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Reader\9.0\RIF
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\Selection
HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Reader\9.0\Selection
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Adobe\Acrobat Reader\9.0\FeatureLockdown
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Adobe\Acrobat Reader\9.0\FeatureLockdown\cDefaultExecMenuItems
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Adobe\Acrobat Reader\9.0\FeatureLockdown\cDefaultLaunchAttachmentPerms
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Adobe\Acrobat Reader\9.0\FeatureLockdown\cDefaultLaunchURLPerms
HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Reader\9.0\Originals
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\AVDisplay
HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Reader\9.0\AVDisplay
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004
HKEY_LOCAL_MACHINE\Software\Microsoft\Ole
HKEY_CLASSES_ROOT\AppID\AcroRd32.exe
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\Workflows
HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Reader\9.0\Workflows
HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Reader\9.0\SDI
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\Annots
HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Reader\9.0\Annots
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\AVAlert
HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Reader\9.0\AVAlert
HKEY_CURRENT_USER\Software\Adobe\Adobe Acrobat
HKEY_CURRENT_USER\Software\Adobe\Adobe Acrobat\9.0
HKEY_CURRENT_USER\Software\Adobe\Adobe Acrobat\9.0\DiskCabs
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\Collab
HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Reader\9.0\Collab
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\AVTracker
HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Reader\9.0\AVTracker
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\TaskButtons
HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Reader\9.0\TaskButtons
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\AutoSaveDocs
HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Reader\9.0\AutoSaveDocs
HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Reader\9.0\AdobeViewer
HKEY_CURRENT_USER\Software\Adobe\Adobe Synchronizer\9.0
HKEY_CURRENT_USER\Software\Adobe\Adobe Acrobat\9.1024\AVPrivate
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\Security
HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Reader\9.0\Security
HKEY_CURRENT_USER\Software\Adobe\Adobe Synchronizer\9.0\Acrobat.com
HKEY_LOCAL_MACHINE\SOFTWARE\Adobe\Acrobat Reader\9.0\JavaScriptPerms
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\Collab\cDocumentCenter
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\Collab\cDocumentCenter\cSettings
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\Collab\cEmailDistribution
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\Collab\cEmailDistribution\cSettings
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\Collab\cInitiationWizardFirstLaunch
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\JSPrefs
HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Reader\9.0\JSPrefs
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\SOFTWARE\Microsoft\Cryptography\Providers\Type 001
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Microsoft Strong Cryptographic Provider
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Offload
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Locale
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Locale\Alternate Sorts
CLSID\{B5F8350B-0548-48B1-A6EE-88BD00B4A5E7}
CLSID\{B5F8350B-0548-48B1-A6EE-88BD00B4A5E7}\TreatAs
\CLSID\{B5F8350B-0548-48B1-A6EE-88BD00B4A5E7}
\CLSID\{B5F8350B-0548-48B1-A6EE-88BD00B4A5E7}\InprocServer32
\CLSID\{B5F8350B-0548-48B1-A6EE-88BD00B4A5E7}\InprocServerX86
\CLSID\{B5F8350B-0548-48B1-A6EE-88BD00B4A5E7}\LocalServer32
\CLSID\{B5F8350B-0548-48B1-A6EE-88BD00B4A5E7}\InprocHandler32
\CLSID\{B5F8350B-0548-48B1-A6EE-88BD00B4A5E7}\InprocHandlerX86
\CLSID\{B5F8350B-0548-48B1-A6EE-88BD00B4A5E7}\LocalServer
\AppID\{667524BE-9EC0-4196-91C9-C6ED1F7A899D}
HKEY_CLASSES_ROOT\CLSID\{B5F8350B-0548-48B1-A6EE-88BD00B4A5E7}
HKEY_CLASSES_ROOT\CLSID\{B5F8350B-0548-48B1-A6EE-88BD00B4A5E7}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Accessibility\Handlers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLEAUT
HKEY_CLASSES_ROOT\TypeLib
HKEY_CLASSES_ROOT\TypeLib\{1EA4DBF0-3C3B-11CF-810C-00AA00389B71}
HKEY_CLASSES_ROOT\TypeLib\{1EA4DBF0-3C3B-11CF-810C-00AA00389B71}\1.1
HKEY_CLASSES_ROOT\TypeLib\{1EA4DBF0-3C3B-11CF-810C-00AA00389B71}\1.1\FLAGS
HKEY_CLASSES_ROOT\TypeLib\{1EA4DBF0-3C3B-11CF-810C-00AA00389B71}\1.1\0
HKEY_CLASSES_ROOT\TypeLib\{1EA4DBF0-3C3B-11CF-810C-00AA00389B71}\1.1\0\win32
HKEY_CLASSES_ROOT\TypeLib\{1EA4DBF0-3C3B-11CF-810C-00AA00389B71}\1.1\HELPDIR
HKEY_CLASSES_ROOT\Interface
HKEY_CLASSES_ROOT\Interface\{618736E0-3C3D-11CF-810C-00AA00389B71}
HKEY_CLASSES_ROOT\Interface\{618736E0-3C3D-11CF-810C-00AA00389B71}\ProxyStubClsid
HKEY_CLASSES_ROOT\Interface\{618736E0-3C3D-11CF-810C-00AA00389B71}\ProxyStubClsid32
HKEY_CLASSES_ROOT\Interface\{618736E0-3C3D-11CF-810C-00AA00389B71}\TypeLib
HKEY_CLASSES_ROOT\Interface\{03022430-ABC4-11D0-BDE2-00AA001A1953}
HKEY_CLASSES_ROOT\Interface\{03022430-ABC4-11D0-BDE2-00AA001A1953}\ProxyStubClsid
HKEY_CLASSES_ROOT\Interface\{03022430-ABC4-11D0-BDE2-00AA001A1953}\ProxyStubClsid32
HKEY_CLASSES_ROOT\Interface\{03022430-ABC4-11D0-BDE2-00AA001A1953}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback
HKEY_CURRENT_USER\Keyboard Layout\Toggle
HKEY_CURRENT_USER\SOFTWARE\Microsoft\CTF\LangBarAddIn\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\LangBarAddIn\
CLSID\{B801CA65-A1FC-11D0-85AD-444553540000}
CLSID\{B801CA65-A1FC-11D0-85AD-444553540000}\TreatAs
\CLSID\{B801CA65-A1FC-11D0-85AD-444553540000}
\CLSID\{B801CA65-A1FC-11D0-85AD-444553540000}\InprocServer32
\CLSID\{B801CA65-A1FC-11D0-85AD-444553540000}\InprocServerX86
\CLSID\{B801CA65-A1FC-11D0-85AD-444553540000}\LocalServer32
\CLSID\{B801CA65-A1FC-11D0-85AD-444553540000}\InprocHandler32
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E96E-E325-11CE-BFC1-08002BE10318}\0000
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ICM
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ICM\RegisteredProfiles
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\RememberedViews
HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Reader\9.0\RememberedViews
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\UsageMeasurement
HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Reader\9.0\UsageMeasurement
HKEY_CURRENT_USER\Software\Adobe\CommonFiles\Usage\Reader 9
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\General
HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Reader\9.0\General
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\9.0\Updater
HKEY_LOCAL_MACHINE\Software\Adobe\Acrobat Reader\9.0\Updater
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System
HKEY_LOCAL_MACHINE\System\WSZXSGANXFJVAYSXYQGNXKQY
HKEY_LOCAL_MACHINE\Software\Adobe\Adobe ARM\1.0\ARM
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Microsoft DH SChannel Cryptographic Provider
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-1547161642-507921405-839522115-1004
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Environment
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Environment
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Volatile Environment
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Microsoft\Cryptography\DSSUserKeys\User
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Cryptography
HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\
HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\http\
HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\*\
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache
HKEY_LOCAL_MACHINE\System\Setup
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\Path1
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\Path2
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\Path3
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\Path4
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Special Paths
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012014092220140929
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012014092920140930
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_AUTOPROXY_CACHE_ANAME_KB921400
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_TEMPORARYFILES_FOR_NOCACHE_840387
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_TEMPORARYFILES_FOR_NOCACHE_840386
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\RETRY_HEADERONLYPOST_ONCONNECTIONRESET
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CHUNK_TIMEOUT_KB914453
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CERT_TRUST_VERIFIED_KB936882
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BUFFERBREAKING_818408
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SKIP_POST_RETRY_ON_INTERNETWRITEFILE_KB895954
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENSURE_FQDN_FOR_NEGOTIATE_KB899417
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_DISABLE_NTLM_PREAUTH_IF_ABORTED_KB902409
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PERMIT_CACHE_FOR_AUTHENTICATED_FTP_KB910274
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WPAD_STORE_URL_AS_FQDN_KB903926
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_CNAME_FOR_SPN_KB911149
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_KEEP_CACHE_INDEX_OPEN_KB899342
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WAIT_TIME_THREAD_TERMINATE_KB886801
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FIX_CHUNKED_PROXY_SCRIPT_DOWNLOAD_KB843289
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\UA Tokens
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Pre Platform
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Pre Platform
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UrlMon Settings
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Http Filters\RPA
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Http Filters\RPA
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INCLUDE_PORT_IN_SPN_KB908209
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\\Ranges\
HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing
HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\RASAPI32
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Microsoft\windows\CurrentVersion\Internet Settings
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Microsoft\windows\CurrentVersion\Internet Settings\Connections
HKEY_CURRENT_CONFIG\Software\Microsoft\windows\CurrentVersion\Internet Settings
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\\1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\\2
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\\3
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\\4
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_URLHOSTNAME
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\\Domains\epac.to
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\epac.to
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\\ProtocolDefaults\
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESPECT_OBJECTSAFETY_POLICY_KB905547
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HANDLE_RELEASED_PROTOCOL_KB942169
Comments
User comments about e689b1fb0610b752f42adafc403fa49f.
NOTICE: We have updated our privacy terms and conditions in accordance to GDPR. By using our site, you acknowledge that you have read and understand our Privacy Policy. Your use of ThreatMiner’s Products and Services is subject to these policies and terms.