VirSCAN VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.
4, If your browser cannot upload files, please download VirSCAN uploader to upload.

Language
Server load
Server Load
VirSCAN
VirSCAN

1, You can UPLOAD any files, but there is 20Mb limit per file.
2, VirSCAN supports Rar/Zip decompression, but it must be less than 20 files.
3, Aplikace VirSCAN může skenovat komprimované soubory s heslem 'infected'nebo'virus'.

cf7e8d1e9ed742c241bc8da767c26715    Hybrid analysis report

Basic Information

file name: cf7e8d1e9ed742c241bc8da767c26715
file size: 2481664
file type: PE32 executable (GUI) Intel 80386, for MS Windows
Submission time: 2019-09-07 07:00:33
MD5: cf7e8d1e9ed742c241bc8da767c26715
sha1: 6595653a386b97630cc625470bba2274202905d8
sha256: f0b736545703e74d3aa50b302d6be4f2567b60886e727d8aff919e09ca8e4e43
enviorment_description: Windows 7 32 bit (HWP Support)
total_processes: 0
total_signatures: 0
file_analysis: 0
mitre_attcks: 0

Document analysis report

uuid: java:java.util.UUID
xmlns: http://www.misp-project.org/
Event
id: 1749398a-08cc-4739-a1be-5087fcabab1f
date: 2019-09-06
info: Falcon Sandbox auto-generated for \"f0b736545703e74d3aa50b302d6be4f2567b60886e727d8aff919e09ca8e4e43\"
analysis: 2
distribution: 1
published: 1
Attribute
category: External analysis
type: link
value: https://www.hybrid-analysis.com/search?query=f0b736545703e74d3aa50b302d6be4f2567b60886e727d8aff919e09ca8e4e43
distribution: 1
category: External analysis
type: comment
value: Falcon Sandbox v8.30 Copyright 2019 Hybrid Analysis GmbH, All Rights Reserved, www.payload-security.com
distribution: 1
category: Payload delivery
type: filename|md5
value: f0b736545703e74d3aa50b302d6be4f2567b60886e727d8aff919e09ca8e4e43|cf7e8d1e9ed742c241bc8da767c26715
distribution: 1
category: Payload delivery
type: filename|sha1
value: f0b736545703e74d3aa50b302d6be4f2567b60886e727d8aff919e09ca8e4e43|6595653a386b97630cc625470bba2274202905d8
distribution: 1
category: Payload delivery
type: filename|sha256
value: f0b736545703e74d3aa50b302d6be4f2567b60886e727d8aff919e09ca8e4e43|f0b736545703e74d3aa50b302d6be4f2567b60886e727d8aff919e09ca8e4e43
distribution: 1
category: Payload delivery
type: filename|sha512
value: f0b736545703e74d3aa50b302d6be4f2567b60886e727d8aff919e09ca8e4e43|8530a16376d5011064bd15c2be4bd2d01fc0e6e2d8eca7ff662ae54cae984422322dd325a401b0ff9dbf8179ac3a4d629c0e2dd497b74569eee1bd22fbdd3212
distribution: 1
category: Network activity
type: ip-dst
value: 200.87.164.69
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\SCGCKCKO.EXE|43003A005C00550073006500720073005C0048004100500055004200570053005C00640059004100410041006300410055005C0053004300670063006B0063006B006F002E006500780065000000
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\QYQUKYAO.EXE|43003A005C00500072006F006700720061006D0044006100740061005C005A005300590063006B006F00550041005C0071005900510055006B00590041006F002E006500780065000000
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\SCGCKCKO.EXE|43003A005C00550073006500720073005C0048004100500055004200570053005C00640059004100410041006300410055005C0053004300670063006B0063006B006F002E006500780065000000
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\*@
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\*@
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\*@
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\QYQUKYAO.EXE|43003A005C00500072006F006700720061006D0044006100740061005C005A005300590063006B006F00550041005C0071005900510055006B00590041006F002E006500780065000000
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\*@
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\*@
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\*@
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED\HIDEFILEEXT|01000000
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED\HIDDEN|02000000
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM\ENABLELUA|00000000
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED\HIDEFILEEXT|01000000
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED\HIDDEN|02000000
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM\ENABLELUA|00000000
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED\HIDEFILEEXT|01000000
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED\HIDDEN|02000000
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM\ENABLELUA|00000000
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED\HIDEFILEEXT|01000000
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED\HIDDEN|02000000
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM\ENABLELUA|00000000
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED\HIDEFILEEXT|01000000
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED\HIDDEN|02000000
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: \Sessions\1\BaseNamedObjects\SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped
type: mutex
value: SiIwEAUM
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: ý)@
distribution: 1
category: Artifacts dropped
type: mutex
value: *@
distribution: 1
category: Artifacts dropped
type: mutex
value: õ)@
distribution: 1
category: Persistence mechanism
type: regkey|value
value: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM\ENABLELUA|00000000
distribution: 1
category: Artifacts dropped
type: mutex
value: fUMEMwcA
distribution: 1
category: Artifacts dropped