VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load
VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

a64a0a254811c2a7e96ea76f103f7ceb    Hybrid analysis report

Basic Information

file name: a64a0a254811c2a7e96ea76f103f7ceb
file size: 1709056
file type: PE32 executable (GUI) Intel 80386, for MS Windows
Submission time: 2019-09-06 08:00:35
MD5: a64a0a254811c2a7e96ea76f103f7ceb
sha1: d3c8e65dbe4178bed0abc9017429d47f5efb0b11
sha256: 8dfa2d75d57808918e2a2b58141384103579ac777bc537240a89770488cc4878
enviorment_description: Windows 7 32 bit (HWP Support)
total_processes: 0
total_signatures: 0
file_analysis: 0
mitre_attcks: 0

Document analysis report

uuid: java:java.util.UUID
xmlns: http://www.misp-project.org/
Event
id: 909c23b0-301f-43f1-b801-cd8d6f4b081e
date: 2019-09-06
info: Falcon Sandbox auto-generated for \"8dfa2d75d57808918e2a2b58141384103579ac777bc537240a89770488cc4878\"
analysis: 2
distribution: 1
published: 1
Attribute
category: External analysis
type: link
value: https://www.hybrid-analysis.com/search?query=8dfa2d75d57808918e2a2b58141384103579ac777bc537240a89770488cc4878
distribution: 1
category: External analysis
type: comment
value: Falcon Sandbox v8.30 Copyright 2019 Hybrid Analysis GmbH, All Rights Reserved, www.payload-security.com
distribution: 1
category: Payload delivery
type: filename|md5
value: 8dfa2d75d57808918e2a2b58141384103579ac777bc537240a89770488cc4878|a64a0a254811c2a7e96ea76f103f7ceb
distribution: 1
category: Payload delivery
type: filename|sha1
value: 8dfa2d75d57808918e2a2b58141384103579ac777bc537240a89770488cc4878|d3c8e65dbe4178bed0abc9017429d47f5efb0b11
distribution: 1
category: Payload delivery
type: filename|sha256
value: 8dfa2d75d57808918e2a2b58141384103579ac777bc537240a89770488cc4878|8dfa2d75d57808918e2a2b58141384103579ac777bc537240a89770488cc4878
distribution: 1
category: Payload delivery
type: filename|sha512
value: 8dfa2d75d57808918e2a2b58141384103579ac777bc537240a89770488cc4878|6466a35ee94963a7360dc1f3a09a070b07b5bf445e32aee199b6ebc6db6123f168846cd3f02526827097de6447a6aafebd0a2a56b14722b209764cf3c826ed66
distribution: 1
category: Network activity
type: ip-dst
value: 200.87.164.69
distribution: 1
category: Network activity
type: ip-dst
value: 200.119.204.12
distribution: 1
category: Network activity
type: ip-dst
value: 190.186.45.170
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\SCGCKCKO.EXE|43003A005C00550073006500720073005C0048004100500055004200570053005C00640059004100410041006300410055005C0053004300670063006B0063006B006F002E006500780065000000
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\QYQUKYAO.EXE|43003A005C00500072006F006700720061006D0044006100740061005C005A005300590063006B006F00550041005C0071005900510055006B00590041006F002E006500780065000000
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\SCGCKCKO.EXE|43003A005C00550073006500720073005C0048004100500055004200570053005C00640059004100410041006300410055005C0053004300670063006B0063006B006F002E006500780065000000
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\*@
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\*@
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\*@
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\QYQUKYAO.EXE|43003A005C00500072006F006700720061006D0044006100740061005C005A005300590063006B006F00550041005C0071005900510055006B00590041006F002E006500780065000000
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\*@
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\*@
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\*@
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED\HIDEFILEEXT|01000000
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED\HIDDEN|02000000
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM\ENABLELUA|00000000
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED\HIDEFILEEXT|01000000
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED\HIDDEN|02000000
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM\ENABLELUA|00000000
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED\HIDEFILEEXT|01000000
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED\HIDDEN|02000000
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM\ENABLELUA|00000000
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED\HIDEFILEEXT|01000000
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM\ENABLELUA|00000000
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED\HIDDEN|02000000
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED\HIDEFILEEXT|01000000
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM\ENABLELUA|00000000
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED\HIDDEN|02000000
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: