File: 57e90c503ffd9f990d892063b626527898952a0e7a95d4656e8439f63f7caf72

Metadata
File name:2017-05-30-Rig-EK-payload-Kovter-2nd-run.exe
File type:PE32 executable (GUI) Intel 80386, for MS Windows
File size:388213 bytes
Analysis date:2017-08-23 03:12:06
MD5:17daecdab5b6c2554b3a971e51cfd258
SHA1:53c00d86c89fbae87d5be5444d47ebf2f666b9a4
SHA256:57e90c503ffd9f990d892063b626527898952a0e7a95d4656e8439f63f7caf72
SHA512:a4700d292192580c6025b8869396cd3ad9d8adf38cac3aeb5aa2f098a703dfc50f8ca5668270fa860d34fe90261a4b24a69aaa0793636f46136a5f3efa671d42
SSDEEP:6144:j075trC/nUgD0kwwt8hiVOQ7nv9S0RFsBJ6EV52I+PVEUIpzR58X2a78NDiFy2bV:Wtr8nUgDb7njbR+BbV8pPVEvp78wi4wr
IMPHASH:52206a2c08ff89329db02861f492d29a
Authentihash:N/A
Related resources
APTNotes
Cyber threat intelligence reports associated with 57e90c503ffd9f990d892063b626527898952a0e7a95d4656e8439f63f7caf72.
Loading...
Domains
Domains the malware sample communicates with.
Hosts
Hosts the malware sample communicates with.
HTTP Requests
HTTP requests the malware sample makes.
AV Detections
AV detection names associated with the malware sample.
ALYacTrojan.Agent.Kovter
AVGWin32:Malware-gen
AVwareTrojan.Win32.Kovter.ab (v)
Ad-AwareTrojan.GenericKD.5223643
AegisLabMl.Attribute.Gen!c
AhnLab-V3Trojan/Win32.Poweliks.R201491
Antiy-AVLTrojan/Win32.AGeneric
ArcabitTrojan.Generic.D4FB4DB
AvastWin32:Malware-gen
AviraTR/Crypt.Xpack.betaj
BaiduWin32.Trojan.WisdomEyes.16070401.9500.9999
BitDefenderTrojan.GenericKD.5223643
CAT-QuickHealTrojan.Poweliks
ComodoUnclassifiedMalware
CrowdStrikemalicious_confidence_100% (W)
CylanceUnsafe
CyrenW32/Kovter.T2.gen!Eldorado
DrWebTrojan.Kovter.519
ESET-NOD32a variant of Win32/Kryptik.FTFL
EmsisoftTrojan.GenericKD.5223643 (B)
Endgamemalicious (high confidence)
F-ProtW32/Kovter.T2.gen!Eldorado
F-SecureTrojan.GenericKD.5223643
FortinetW32/GenKryptik.AIMC!tr
GDataTrojan.GenericKD.5223643
IkarusTrojan.Kovter
Invinceaheuristic
K7AntiVirusTrojan ( 0050eeb01 )
K7GWTrojan ( 0050eeb01 )
KasperskyTrojan.Win32.Poweliks.aapo
MAXmalware (ai score=89)
MalwarebytesTrojan.Kovter
McAfeeGenericR-JVF!17DAECDAB5B6
McAfee-GW-EditionBehavesLike.Win32.ICLoader.fc
MicroWorld-eScanTrojan.GenericKD.5223643
MicrosoftTrojan:Win32/Kovter
NANO-AntivirusTrojan.Win32.Kovter.epttkp
Paloaltogeneric.ml
PandaTrj/GdSda.A
RisingTrojan.GenKryptik!8.AA55 (ktse)
SentinelOnestatic engine - malicious
SophosMal/Kovter-Z
SymantecRansom.Kovter
TrendMicroTROJ_FRS.0ND000EV17
TrendMicro-HouseCallTROJ_FRS.0ND000EV17
VBA32Trojan.Poweliks
VIPRETrojan.Win32.Kovter.ab (v)
ViRobotTrojan.Win32.Z.Kovter.388213
WebrootW32.Trojan.Gen
YandexTrojan.Poweliks!
ZillyaTrojan.Poweliks.Win32.1080
ZoneAlarmTrojan.Win32.Poweliks.aapo
nProtectTrojan/W32.Agent.388213
Mutants
Mutants created by the malware sample.
Registry keys
Registry keys created by the malware sample.
HKEY_CURRENT_USER\Software\Borland\Locales
HKEY_CURRENT_USER\Software\Borland\Delphi\Locales
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion
Comments
User comments about 57e90c503ffd9f990d892063b626527898952a0e7a95d4656e8439f63f7caf72.
NOTICE: We have updated our privacy terms and conditions in accordance to GDPR. By using our site, you acknowledge that you have read and understand our Privacy Policy. Your use of ThreatMiner’s Products and Services is subject to these policies and terms.