File: 667ccf2c606b8d349e2c7385f30e6a6a725f6b180fc27fc92153096f18c90926

Metadata
File name:3d9ad65c856cfacca4105ac723bdb567_Zogygx.bin
File type:PE32 executable (GUI) Intel 80386, for MS Windows
File size:323585 bytes
Analysis date:2016-11-12 09:17:39
MD5:3d9ad65c856cfacca4105ac723bdb567
SHA1:d2fd686b6d1cd6fac62b85dd0478e73ee39ef733
SHA256:667ccf2c606b8d349e2c7385f30e6a6a725f6b180fc27fc92153096f18c90926
SHA512:f5422d70e8cbf40805fcf6d444dc5151d79923651804a5dd00b6750f25f5eee1f21349244df88c1509e9e527c087e6764b76950720cfc65c011f9315a9cf3451
SSDEEP:6144:HHHeEy8q+GF00EOvBrN9NGLN2utWCwPFIImLW55Ie:SB+IlrN9UntWVI1LW5f
IMPHASH:07b9bbe88f6704997c700afbcc3e37db
Authentihash:N/A
Related resources
APTNotes
Cyber threat intelligence reports associated with 667ccf2c606b8d349e2c7385f30e6a6a725f6b180fc27fc92153096f18c90926.
Loading...
Domains
Domains the malware sample communicates with.
DomainIP
av.shannen.cc199.2.137.20
api.wipmania.com212.83.168.196
Hosts
Hosts the malware sample communicates with.
199.2.137.20
212.83.168.196
HTTP Requests
HTTP requests the malware sample makes.
HostURLUser-Agent
api.wipmania.com/Mozilla/4.0
AV Detections
AV detection names associated with the malware sample.
AVGDropper.Generic3.AOKY
AVwareLooksLike.Win32.Malware!h (v)
Ad-AwareGen:Trojan.Heur.RX.tm1@X0s8GcjO
AgnitumTrojan.VBKrypt!tep7DXmTJdM
AhnLab-V3Trojan/Win32.VBKrypt
Antiy-AVLTrojan/Win32.VBKrypt
AvastWin32:Malware-gen
AviraTR/Patched.Ren.Gen
Baidu-InternationalTrojan.Win32.VBKrypt.Arcs
BitDefenderGen:Trojan.Heur.RX.tm1@X0s8GcjO
CAT-QuickHealVirTool.VBInject
CMCTrojan.Win32.VBKrypt!O
ComodoUnclassifiedMalware
CyrenW32/VBcrypt.T.gen!Eldorado
DrWebTrojan.MulDrop2.64043
ESET-NOD32a variant of Win32/Injector.ITQ
EmsisoftGen:Trojan.Heur.RX.tm1@X0s8GcjO (B)
F-ProtW32/VBcrypt.T.gen!Eldorado
F-SecureGen:Trojan.Heur.RX.tm1@X0s8GcjO
FortinetW32/Refroso.DZP!tr
GDataGen:Trojan.Heur.RX.tm1@X0s8GcjO
IkarusVirus.Win32.VBInject
K7AntiVirusRiskware ( 0015e4f11 )
K7GWRiskware ( 0015e4f11 )
KasperskyTrojan.Win32.VBKrypt.ddcw
KingsoftWin32.Troj.Generic.a.(kcloud)
McAfeeGenericR-AWA!3D9AD65C856C
McAfee-GW-EditionBehavesLike.Win32.Downloader.fm
MicroWorld-eScanGen:Trojan.Heur.RX.tm1@X0s8GcjO
MicrosoftVirTool:Win32/VBInject.gen!DM
NANO-AntivirusTrojan.Win32.VBKrypt.cdzjfn
NormanSuspicious_Gen2.QHDZM
PandaTrj/Inject.KP
Qihoo-360HEUR/Malware.QVM03.Gen
RisingPE:Trojan.Win32.Generic.15AF7C1C!363822108
SophosMal/VBCheMan-C
SymantecW32.IRCBot.NG
TencentWin32.Trojan.Vbkrypt.Lnew
TheHackerTrojan/Injector.itq
TotalDefenseWin32/VBInject.O!generic
VBA32Trojan.VB.SuperDropper.va
VIPRELooksLike.Win32.Malware!h (v)
ZillyaTrojan.Injector.Win32.16502
Mutants
Mutants created by the malware sample.
Registry keys
Registry keys created by the malware sample.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers
HKEY_CURRENT_USER\SOFTWARE\Microsoft\CTF
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\SystemShared
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Codepage
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VBA\Monitors
Comments
User comments about 667ccf2c606b8d349e2c7385f30e6a6a725f6b180fc27fc92153096f18c90926.
NOTICE: We have updated our privacy terms and conditions in accordance to GDPR. By using our site, you acknowledge that you have read and understand our Privacy Policy. Your use of ThreatMiner’s Products and Services is subject to these policies and terms.