File: c1e21a06a1fa1de2998392668b6910ca2be0d5d9ecc39bd3e3a2a3ae7623400d

Metadata
File name:office.bin
File type:PE32 executable (GUI) Intel 80386, for MS Windows
File size:221184 bytes
Analysis date:2016-12-20 23:45:14
MD5:8582db69683290be0381bd1485013435
SHA1:b6d32b488e2b778bd8414a4241a74883f01452fe
SHA256:c1e21a06a1fa1de2998392668b6910ca2be0d5d9ecc39bd3e3a2a3ae7623400d
SHA512:1cbe943f52d1266e6144de2805d426a9305e875e1c07c84d9bfce2df511f0c6270586be5b2cd22bc6a1c163c80f7a9332f3c48af6666ab5d6d856faab0891162
SSDEEP:6144:ew53m+Iup077YYe+6IVkHOVX8888888888888888888888888:0+IcYe+6IVkHOVX8888888888888888
IMPHASH:9a27d7a35ab57ab70794cadfbe18b89a
Authentihash:N/A
Related resources
APTNotes
Cyber threat intelligence reports associated with c1e21a06a1fa1de2998392668b6910ca2be0d5d9ecc39bd3e3a2a3ae7623400d.
Loading...
Domains
Domains the malware sample communicates with.
Hosts
Hosts the malware sample communicates with.
HTTP Requests
HTTP requests the malware sample makes.
AV Detections
AV detection names associated with the malware sample.
ALYacTrojan.GenericKD.3291895
AVGGeneric_vb.LVX
AVwareTrojan.Win32.Generic!BT
Ad-AwareTrojan.GenericKD.3291895
AegisLabTroj.Generickd!c
AhnLab-V3Trojan/Win32.ZBot.N2018588244
Antiy-AVLTrojan/Win32.TSGeneric
ArcabitTrojan.Generic.D323AF7
AvastWin32:Malware-gen
AviraTR/Dropper.VB.kjgs
BaiduWin32.Trojan.WisdomEyes.16070401.9500.9704
BitDefenderTrojan.GenericKD.3291895
BkavW32.Clod46a.Trojan.e89e
CAT-QuickHealTrojan.VBObfuscator.GN3
ClamAVWin.Malware.Agent617223535/CRDF-1
ComodoTrojWare.Win32.Agent.eaavt
CrowdStrikemalicious_confidence_93% (W)
CyrenW32/Zbot.FTGF-2987
DrWebTrojan.VbCrypt.1362
ESET-NOD32Win32/Spy.Zbot.ACM
EmsisoftTrojan.GenericKD.3291895 (B)
F-ProtW32/Zbot.AAJN
F-SecureTrojan.GenericKD.3291895
FortinetW32/ZBOT.YAPY!tr
GDataTrojan.GenericKD.3291895
IkarusTrojan-Spy.Agent
Invinceageneric.a
JiangminTrojanSpy.Zbot.fetj
K7AntiVirusSpyware ( 004dc4921 )
K7GWSpyware ( 004dc4921 )
KasperskyTrojan-Spy.Win32.Zbot.wuju
MalwarebytesTrojan.MalPack.VB
McAfeeGeneric.ys
McAfee-GW-EditionBehavesLike.Win32.Almanahe.dc
MicroWorld-eScanTrojan.GenericKD.3291895
MicrosoftPWS:Win32/Zbot
NANO-AntivirusTrojan.Win32.Zbot.edmmhq
PandaTrj/WLT.B
Qihoo-360HEUR/QVM03.0.Malware.Gen
RisingMalware.XPACK-HIE/Heur!1.9C48 (classic)
SophosMal/FareitVB-G
SymantecTrojan.Exedapan
TencentWin32.Trojan-spy.Zbot.Eana
TrendMicroTSPY_ZBOT.YAPY
TrendMicro-HouseCallTSPY_ZBOT.YAPY
VIPRETrojan.Win32.Generic!BT
ViRobotTrojan.Win32.Z.Zbot.221184.CV[h]
YandexTrojanSpy.Zbot!AigXU1atNXQ
ZillyaTrojan.Spy.Win32.646
ZonerTrojan.Zbot
Mutants
Mutants created by the malware sample.
Registry keys
Registry keys created by the malware sample.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager
HKEY_USERS\S-1-5-21-1547161642-507921405-839522115-1004\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers
HKEY_CURRENT_USER\SOFTWARE\Microsoft\CTF
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\SystemShared
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Codepage
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VBA\Monitors
Comments
User comments about c1e21a06a1fa1de2998392668b6910ca2be0d5d9ecc39bd3e3a2a3ae7623400d.
NOTICE: We have updated our privacy terms and conditions in accordance to GDPR. By using our site, you acknowledge that you have read and understand our Privacy Policy. Your use of ThreatMiner’s Products and Services is subject to these policies and terms.