File: f9f3374d89baf1878854f1700c8d5a2e5cf40de36071d97c6b9ff6b55d837fca

Metadata
File name:smss.exe
File type:PE32 executable (GUI) Intel 80386, for MS Windows
File size:204800 bytes
Analysis date:2016-12-22 10:45:43
MD5:ee4886f7b0e87edc6dd727ddfb012eb8
SHA1:92fe49f6a758492363215a58d62df701afb63f66
SHA256:f9f3374d89baf1878854f1700c8d5a2e5cf40de36071d97c6b9ff6b55d837fca
SHA512:4d25fb3d5c3defa77631eeedfdf7e8fa79d7fd4801d8349ca244aa189ecc1650299c4013b85cc65adca2f3a9561c82bd051d8031f4cf0e8d6206bf67fa82e470
SSDEEP:3072:C0T8L5duTd81hFKg4VoiwYBIMhYnti6lV9CVfZ3toig:C0T8L5duTGFKgm9wYBd2iUifZ+B
IMPHASH:4aa277f26f36b7861812c70d9350f7fe
Authentihash:N/A
Related resources
APTNotes
Cyber threat intelligence reports associated with f9f3374d89baf1878854f1700c8d5a2e5cf40de36071d97c6b9ff6b55d837fca.
Loading...
Domains
Domains the malware sample communicates with.
Hosts
Hosts the malware sample communicates with.
HTTP Requests
HTTP requests the malware sample makes.
AV Detections
AV detection names associated with the malware sample.
ALYacGen:Variant.KillDisk.1
AVGAtros4.BNGI
Ad-AwareGen:Variant.KillDisk.1
ArcabitTrojan.KillDisk.1
AvastWin32:Malware-gen
BitDefenderGen:Variant.KillDisk.1
ClamAVWin.Trojan.KillDisk-3
DrWebTrojan.Siggen7.8431
ESET-NOD32Win32/KillDisk.NBK
EmsisoftGen:Variant.KillDisk.1 (B)
F-SecureGen:Variant.KillDisk.1
GDataGen:Variant.KillDisk.1
KasperskyTrojan.Win32.KillDisk.fx
MicroWorld-eScanGen:Variant.KillDisk.1
Qihoo-360HEUR/QVM09.0.0000.Malware.Gen
RisingMalware.Generic!VXPyCQ7YebJ@5 (thunder)
SymantecTrojan.Disakil
Mutants
Mutants created by the malware sample.
Registry keys
Registry keys created by the malware sample.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\ComputerName
ActiveComputerName
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\SOFTWARE\Microsoft\Cryptography\Providers\Type 001
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Microsoft Strong Cryptographic Provider
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Offload
HKEY_LOCAL_MACHINE\Software\Microsoft\UpdateCenter
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System
HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor
HKEY_CURRENT_USER\Software\Microsoft\Command Processor
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Locale
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Locale\Alternate Sorts
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Language Groups
Comments
User comments about f9f3374d89baf1878854f1700c8d5a2e5cf40de36071d97c6b9ff6b55d837fca.
NOTICE: We have updated our privacy terms and conditions in accordance to GDPR. By using our site, you acknowledge that you have read and understand our Privacy Policy. Your use of ThreatMiner’s Products and Services is subject to these policies and terms.