File: bec774ea4f5a915be0d7658b89cd3a64bb3530d8e2f05650b4d8a5dbd4cbf3b2

Metadata
File name:nonso.exe
File type:PE32 executable (GUI) Intel 80386, for MS Windows
File size:413696 bytes
Analysis date:2016-04-17 23:38:27
MD5:a59ab299e2179100b22b038c9575475b
SHA1:6ff50918caaae7767e38fa9cbc3497a0d57a1d09
SHA256:bec774ea4f5a915be0d7658b89cd3a64bb3530d8e2f05650b4d8a5dbd4cbf3b2
SHA512:e54e33e958e9bea1c749c43e1b51045553fe45552abeb04361034d27a4515b69ea62b75d5a39ea249c653f9a3867c5c1f657de2eef2e9d05e33ddd562145a8d2
SSDEEP:6144:8rWbkWzHzTJOXOXO32aQe87m1E2mwMcGTGB3HUgVUMyC5FS+XGJuQsXQ2J:HkW3TJObzoTGCgxFS+M
IMPHASH:70fa4af936ed2e60129736705bfbdb79
Authentihash:N/A
Related resources
PE TypePE32
Internal NameDarfeuil
CommentsVoids0
File Size404 kB
Machine TypeIntel 386 or later, and compatibles
File OSWin32
Code Size401408
OS Version4.0
Entry Point0x1188
File Flags Mask0x0000
Linker Version6.0
File SubtypeN/A
Uninitialized Data SizeN/A
File Version1.00
Initialized Data Size28672
File DescriptionReshman0
Product Version Number1.0.0.0
Product NameNethack7
Company Nameromanlab Software
MIME Typeapplication/octet-stream
Character SetUnicode
Language CodeEnglish (U.S.)
File Version Number1.0.0.0
File TypeWin32 EXE
Original FilenameDarfeuil.exe
SubsystemWindows GUI
Object File TypeExecutable application
Image Version1.0
File Flags(none)
Subsystem Version4.0
Product Version1.00
Source:
APTNotes
Cyber threat intelligence reports associated with bec774ea4f5a915be0d7658b89cd3a64bb3530d8e2f05650b4d8a5dbd4cbf3b2.
Loading...
Domains
Domains the malware sample communicates with.
Hosts
Hosts the malware sample communicates with.
HTTP Requests
HTTP requests the malware sample makes.
AV Detections
AV detection names associated with the malware sample.
AVGCrypt_vb.ITD
Ad-AwareGen:Variant.Jaik.11041
ArcabitTrojan.Jaik.D2B21
AviraTR/Dropper.VB.rldh
BitDefenderGen:Variant.Jaik.11041
EmsisoftGen:Variant.Jaik.11041 (B)
F-SecureGen:Variant.Jaik.11041
GDataGen:Variant.Jaik.11041
K7GWHacktool ( 655367771 )
MicroWorld-eScanGen:Variant.Jaik.11041
PandaTrj/Genetic.gen
Qihoo-360HEUR/QVM03.0.0000.Malware.Gen
RisingPE:Malware.XPACK-HIE/Heur!1.9C48 [F]
Mutants
Mutants created by the malware sample.
Registry keys
Registry keys created by the malware sample.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers
HKEY_CURRENT_USER\SOFTWARE\Microsoft\CTF
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\SystemShared
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Codepage
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VBA\Monitors
Comments
User comments about bec774ea4f5a915be0d7658b89cd3a64bb3530d8e2f05650b4d8a5dbd4cbf3b2.
NOTICE: We have updated our privacy terms and conditions in accordance to GDPR. By using our site, you acknowledge that you have read and understand our Privacy Policy. Your use of ThreatMiner’s Products and Services is subject to these policies and terms.