File: 5b3af8ebaba8a69138082222953c84c56136ea4ccae550efe290b04685a67d21

Metadata
File name:word.exe
File type:PE32 executable (GUI) Intel 80386, for MS Windows
File size:260608 bytes
Analysis date:2016-04-19 02:37:09
MD5:0ef4fe312fdafc87b0f785e8e69c3ecf
SHA1:7ac2dc2560610f00859c83c33afab23553cb670b
SHA256:5b3af8ebaba8a69138082222953c84c56136ea4ccae550efe290b04685a67d21
SHA512:2da6a733a8fc3063bf03852085fca6d279601f34cb41a07cec4999e61f5ebc9d3f75fa537027fb48c2f9cd098dc4d94636adf49be5fa3491846b3b311715312c
SSDEEP:3072:g6saVpKEwmEVYI4AuYcv4lmZUQkgVvMoApJ0a00aU+G9zjIRRJSj5eS/:gGBEVGlsmKcKy/knIR
IMPHASH:a067d52fd105fe6527eb8d4d2f0114cf
Authentihash:N/A
Related resources
APTNotes
Cyber threat intelligence reports associated with 5b3af8ebaba8a69138082222953c84c56136ea4ccae550efe290b04685a67d21.
Loading...
Domains
Domains the malware sample communicates with.
Hosts
Hosts the malware sample communicates with.
178.73.192.178
HTTP Requests
HTTP requests the malware sample makes.
AV Detections
AV detection names associated with the malware sample.
Mutants
Mutants created by the malware sample.
Registry keys
Registry keys created by the malware sample.
HKEY_LOCAL_MACHINE\Software\Microsoft\COM3
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004_Classes
HKEY_LOCAL_MACHINE\Software\Classes
\REGISTRY\USER
HKEY_LOCAL_MACHINE\Software\Classes\CLSID
CLSID\{00021401-0000-0000-C000-000000000046}
CLSID\{00021401-0000-0000-C000-000000000046}\TreatAs
\CLSID\{00021401-0000-0000-C000-000000000046}
\CLSID\{00021401-0000-0000-C000-000000000046}\InprocServer32
\CLSID\{00021401-0000-0000-C000-000000000046}\InprocServerX86
\CLSID\{00021401-0000-0000-C000-000000000046}\LocalServer32
\CLSID\{00021401-0000-0000-C000-000000000046}\InprocHandler32
\CLSID\{00021401-0000-0000-C000-000000000046}\InprocHandlerX86
\CLSID\{00021401-0000-0000-C000-000000000046}\LocalServer
HKEY_CLASSES_ROOT\CLSID\{00021401-0000-0000-C000-000000000046}
HKEY_CLASSES_ROOT\CLSID\{00021401-0000-0000-C000-000000000046}\TreatAs
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AeDebug
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\PCHealth\ErrorReporting
HKEY_LOCAL_MACHINE\Software\Microsoft\PCHealth\ErrorReporting
HKEY_LOCAL_MACHINE\Software\Microsoft\PCHealth\ErrorReporting\DW
HKEY_LOCAL_MACHINE\Software\Microsoft\PCHealth\ErrorReporting\ExclusionList
HKEY_LOCAL_MACHINE\Software\Microsoft\PCHealth\ErrorReporting\InclusionList
HKEY_LOCAL_MACHINE\System\Setup
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\ComputerName
ActiveComputerName
Comments
User comments about 5b3af8ebaba8a69138082222953c84c56136ea4ccae550efe290b04685a67d21.
NOTICE: We have updated our privacy terms and conditions in accordance to GDPR. By using our site, you acknowledge that you have read and understand our Privacy Policy. Your use of ThreatMiner’s Products and Services is subject to these policies and terms.