PUP.Bitcoinminer.KBF

By CagedTech in Potentially Unwanted Programs

Table of Contents

Analysis Report

General information

Family Name:	PUP.Bitcoinminer.KBF
Signature status:	No Signature

Known Samples

MD5: 47d4ea0b5b5d9785f7e1e8a878190fd6

SHA1: ac8d49de579d48d8a2490b9277cdddfe5e973111

SHA256: 714AC895CED46953C29D6A37C43AD3CE9BE06640DFAFA417287D601192F2AE88

File Size: 4.19 MB, 4188603 bytes

MD5: 0a2f4ba2f6672e1e1cf4a77943dff228

SHA1: 3fd258b7503119ec2640aa597884a57bdf3f9938

SHA256: D12826E4316AF3991E9AAAA355C3A6DC358B816941DBE56825FAB9FA7A0AD590

File Size: 7.46 MB, 7458936 bytes

MD5: 4231e59b95342049137efa32b72c0a18

SHA1: 3c823dd24925ef29bb98b5fa1d7b83fea065fa6e

SHA256: FC27175FF90EB7F0C17715CD0E9CD7CC06F963234E7612B11742D6C1C2D32CA7

File Size: 7.21 MB, 7206560 bytes

MD5: 44ee59c929b81b047e9ea006e6539df8

SHA1: 951b22b3aba93cf408feb38cbf80baf943c266d0

SHA256: 8E65D5053CFBD20D0EC9980C7EEF902EE74A89D9074EC1498B4E48B8D1BDB9A6

File Size: 982.53 KB, 982528 bytes

MD5: c28ff1ab345a26a179c61942ac216967

SHA1: c40539b4133fbd669090ef2a58bc87f940d472d2

SHA256: C9539F30B387C8034A71D913C85797A68C54DC061FEC7C5D311B9198133E812A

File Size: 6.79 MB, 6786155 bytes

MD5: 719423aa441603987007a47545b40b66

SHA1: e331eb4a18ab3274291e275b5dcf270bafc05960

SHA256: C5CE4BD0A9A8424393F2299EC836CE0C99FDBAD52D3CFDA9FF7E8914F16B8210

File Size: 1.52 MB, 1515541 bytes

MD5: 4b99364abecc482053af81e301856e79

SHA1: a706c0c9b2dfc84e490dd737023a11a5d2456863

SHA256: 755F69B423CBF77601F9457066FB51ED2875C4F78ED25B52385A6128902F6D0E

File Size: 7.50 MB, 7503872 bytes

MD5: 1d1a1f31b1e72ec1b1973615f98e3874

SHA1: b5668d6a64d2a7b17d7a6aa1a2fded63f833e058

SHA256: 17479AAC5DE1C1BF1A3A22F5E6BD916B28F0001C22D2BAFB942387A7C85AA2F9

File Size: 3.70 MB, 3702784 bytes

MD5: 7520ef6e68c14d187144e4af80416003

SHA1: 6cb729a8cd92bf45d2c0861ba9b8a9094d54236a

SHA256: 6815407DB129C13803D5A13BDBFAD418C1ABB49C2D0952F9547779FA607EFFF3

File Size: 3.00 MB, 3004048 bytes

MD5: 34d4b0128603f03b089a5d2ae8e7aa14

SHA1: a4f45079dee61de89a5a167584eae065e52e82db

SHA256: 780E2C51D586DEAE12E2A1A0271F9FA55B44AB14237A28F4CF00B0712664D6A1

File Size: 8.14 MB, 8143203 bytes

MD5: 43fb34469adc5057b18d0e462bbe339e

SHA1: 85b9439d275275e971d62a279de77684bd027835

SHA256: 1D1BACBA8339B8F4E9B9E601DC72D6F94E19F971FA369A17C021811D027341D9

File Size: 3.63 MB, 3633443 bytes

Windows Portable Executable Attributes

File doesn't have "Rich" header
File doesn't have security information
File has exports table
File is 32-bit executable
File is either console or GUI application
File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
File is Native application (NOT .NET application)
File is not packed
IMAGE_FILE_DLL is not set inside PE header (Executable)
IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name	Value
Company Name	Bronze 5 Box Rewase Games
File Description	Bonetale: Sans vs Frisk Bronze 5 Box
File Version	1.6.0.9 1.0.0.0
Legal Copyright	Bronze 5 Box Woloned

File Traits

big overlay
HighEntropy
x86

Block Information

Total Blocks:	2,703
Potentially Malicious Blocks:	9
Whitelisted Blocks:	2,694
Unknown Blocks:	0

Visual Map

0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 2 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 0 0 0 0 0 0 0 0 0 0 0 2

... Data truncated

0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

Bitcoinminer.KBF
Bitcoinminer.KBL
GameTool.R
Keylogger.AF
Socelars.AM

Files Modified

File	Attributes
c:\users\user\appdata\local\temp\0271ef34-b857-4003-8d3f-0e30a88cda81.fusionapp\.lock	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\0271ef34-b857-4003-8d3f-0e30a88cda81.fusionapp\mmfs2.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\21edcf1f-f127-4e4c-8805-4b533c14384b.fusionapp\.lock	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\21edcf1f-f127-4e4c-8805-4b533c14384b.fusionapp\cctrans.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\21edcf1f-f127-4e4c-8805-4b533c14384b.fusionapp\mmf2d3d8.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\21edcf1f-f127-4e4c-8805-4b533c14384b.fusionapp\mmf2d3d9.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\21edcf1f-f127-4e4c-8805-4b533c14384b.fusionapp\mmfs2.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\21edcf1f-f127-4e4c-8805-4b533c14384b.fusionapp\mp3flt.sft	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\294aaed5-f155-4048-8bdb-bdb41ccd80c3.fusionapp\.lock	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\294aaed5-f155-4048-8bdb-bdb41ccd80c3.fusionapp\adshow.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data

c:\users\user\appdata\local\temp\294aaed5-f155-4048-8bdb-bdb41ccd80c3.fusionapp\adsmfplayer.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\294aaed5-f155-4048-8bdb-bdb41ccd80c3.fusionapp\bmpflt.ift	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\294aaed5-f155-4048-8bdb-bdb41ccd80c3.fusionapp\drpc.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\294aaed5-f155-4048-8bdb-bdb41ccd80c3.fusionapp\easing.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\294aaed5-f155-4048-8bdb-bdb41ccd80c3.fusionapp\fireflybi.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\294aaed5-f155-4048-8bdb-bdb41ccd80c3.fusionapp\fireflyca.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\294aaed5-f155-4048-8bdb-bdb41ccd80c3.fusionapp\fireflyen.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\294aaed5-f155-4048-8bdb-bdb41ccd80c3.fusionapp\fireflyim.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\294aaed5-f155-4048-8bdb-bdb41ccd80c3.fusionapp\fireflyli.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\294aaed5-f155-4048-8bdb-bdb41ccd80c3.fusionapp\fireflyma.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\294aaed5-f155-4048-8bdb-bdb41ccd80c3.fusionapp\fireflymo.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\294aaed5-f155-4048-8bdb-bdb41ccd80c3.fusionapp\fireflypa.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\294aaed5-f155-4048-8bdb-bdb41ccd80c3.fusionapp\fireflypr.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\294aaed5-f155-4048-8bdb-bdb41ccd80c3.fusionapp\fireflysk.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\294aaed5-f155-4048-8bdb-bdb41ccd80c3.fusionapp\fireflyst.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\294aaed5-f155-4048-8bdb-bdb41ccd80c3.fusionapp\fontembed.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\294aaed5-f155-4048-8bdb-bdb41ccd80c3.fusionapp\ini++15.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\294aaed5-f155-4048-8bdb-bdb41ccd80c3.fusionapp\jpgflt.ift	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\294aaed5-f155-4048-8bdb-bdb41ccd80c3.fusionapp\kcini.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\294aaed5-f155-4048-8bdb-bdb41ccd80c3.fusionapp\kcwctrl.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\294aaed5-f155-4048-8bdb-bdb41ccd80c3.fusionapp\layer.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\294aaed5-f155-4048-8bdb-bdb41ccd80c3.fusionapp\mmf2d3d11.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\294aaed5-f155-4048-8bdb-bdb41ccd80c3.fusionapp\mmf2d3d8.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\294aaed5-f155-4048-8bdb-bdb41ccd80c3.fusionapp\mmf2d3d9.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\294aaed5-f155-4048-8bdb-bdb41ccd80c3.fusionapp\mmfs2.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\294aaed5-f155-4048-8bdb-bdb41ccd80c3.fusionapp\platform.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\294aaed5-f155-4048-8bdb-bdb41ccd80c3.fusionapp\pngflt.ift	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\294aaed5-f155-4048-8bdb-bdb41ccd80c3.fusionapp\tgaflt.ift	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\294aaed5-f155-4048-8bdb-bdb41ccd80c3.fusionapp\ultimatefullscreen.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\297c7a63-68a4-4164-834b-a6c0acda0544.fusionapp\.lock	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\297c7a63-68a4-4164-834b-a6c0acda0544.fusionapp\aviflt.ift	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\297c7a63-68a4-4164-834b-a6c0acda0544.fusionapp\bmpflt.ift	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\297c7a63-68a4-4164-834b-a6c0acda0544.fusionapp\cctrans.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\297c7a63-68a4-4164-834b-a6c0acda0544.fusionapp\fliflt.ift	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\297c7a63-68a4-4164-834b-a6c0acda0544.fusionapp\gifflt.ift	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\297c7a63-68a4-4164-834b-a6c0acda0544.fusionapp\jpgflt.ift	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\297c7a63-68a4-4164-834b-a6c0acda0544.fusionapp\kcpict.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\297c7a63-68a4-4164-834b-a6c0acda0544.fusionapp\mmf2d3d8.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\297c7a63-68a4-4164-834b-a6c0acda0544.fusionapp\mmf2d3d9.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\297c7a63-68a4-4164-834b-a6c0acda0544.fusionapp\mmfs2.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\297c7a63-68a4-4164-834b-a6c0acda0544.fusionapp\mp3flt.sft	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\297c7a63-68a4-4164-834b-a6c0acda0544.fusionapp\pcxflt.ift	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\297c7a63-68a4-4164-834b-a6c0acda0544.fusionapp\pngflt.ift	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\297c7a63-68a4-4164-834b-a6c0acda0544.fusionapp\tgaflt.ift	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\3e68cb21-7e76-45ed-8ce2-f67410d00917.fusionapp\.lock	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\3f5a9c10-18b7-43e6-8b87-7217eb47070c.fusionapp\.lock	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\3f5a9c10-18b7-43e6-8b87-7217eb47070c.fusionapp\kcini.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\3f5a9c10-18b7-43e6-8b87-7217eb47070c.fusionapp\layer.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\3f5a9c10-18b7-43e6-8b87-7217eb47070c.fusionapp\mmf2d3d8.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\3f5a9c10-18b7-43e6-8b87-7217eb47070c.fusionapp\mmf2d3d9.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\3f5a9c10-18b7-43e6-8b87-7217eb47070c.fusionapp\mmfs2.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\3f5a9c10-18b7-43e6-8b87-7217eb47070c.fusionapp\perspective.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\3f5a9c10-18b7-43e6-8b87-7217eb47070c.fusionapp\waveflt.sft	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\515c6160-3b92-47f9-a152-339e207bd6d4.fusionapp\.lock	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\515c6160-3b92-47f9-a152-339e207bd6d4.fusionapp\box2d8directions.mvx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\515c6160-3b92-47f9-a152-339e207bd6d4.fusionapp\box2dbase.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\515c6160-3b92-47f9-a152-339e207bd6d4.fusionapp\box2dplatform.mvx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\515c6160-3b92-47f9-a152-339e207bd6d4.fusionapp\cctrans.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\515c6160-3b92-47f9-a152-339e207bd6d4.fusionapp\mmf2d3d8.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\515c6160-3b92-47f9-a152-339e207bd6d4.fusionapp\mmf2d3d9.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\515c6160-3b92-47f9-a152-339e207bd6d4.fusionapp\mmfs2.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\515c6160-3b92-47f9-a152-339e207bd6d4.fusionapp\perspective.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\515c6160-3b92-47f9-a152-339e207bd6d4.fusionapp\waveflt.sft	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\60b762c5-836a-45a9-a2b8-64a7b519c540.fusionapp\.lock	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\60b762c5-836a-45a9-a2b8-64a7b519c540.fusionapp\cctrans.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\60b762c5-836a-45a9-a2b8-64a7b519c540.fusionapp\clickteam-circular.mvx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\60b762c5-836a-45a9-a2b8-64a7b519c540.fusionapp\easing.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\60b762c5-836a-45a9-a2b8-64a7b519c540.fusionapp\kccursor.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\60b762c5-836a-45a9-a2b8-64a7b519c540.fusionapp\kcfile.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\60b762c5-836a-45a9-a2b8-64a7b519c540.fusionapp\kcini (2).mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\60b762c5-836a-45a9-a2b8-64a7b519c540.fusionapp\kcini.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\60b762c5-836a-45a9-a2b8-64a7b519c540.fusionapp\kcmixer.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\60b762c5-836a-45a9-a2b8-64a7b519c540.fusionapp\kcwctrl.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\60b762c5-836a-45a9-a2b8-64a7b519c540.fusionapp\layer.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\60b762c5-836a-45a9-a2b8-64a7b519c540.fusionapp\mmf2d3d11.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\60b762c5-836a-45a9-a2b8-64a7b519c540.fusionapp\mmf2d3d8.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\60b762c5-836a-45a9-a2b8-64a7b519c540.fusionapp\mmf2d3d9.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\60b762c5-836a-45a9-a2b8-64a7b519c540.fusionapp\mmfs2.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\60b762c5-836a-45a9-a2b8-64a7b519c540.fusionapp\moveit.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\60b762c5-836a-45a9-a2b8-64a7b519c540.fusionapp\oggflt.sft	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\60b762c5-836a-45a9-a2b8-64a7b519c540.fusionapp\perspective.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\60b762c5-836a-45a9-a2b8-64a7b519c540.fusionapp\waveflt.sft	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\a706c0c9b2dfc84e490dd737023a11a5d2456863_0007503872_steam\steam_appid.txt	Generic Write,Read Attributes
c:\users\user\appdata\local\temp\acad22ba-9d0b-4ac5-aef5-9bae6cddaebc.fusionapp\.lock	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\acad22ba-9d0b-4ac5-aef5-9bae6cddaebc.fusionapp\kcmouse.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\acad22ba-9d0b-4ac5-aef5-9bae6cddaebc.fusionapp\kcpop.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\acad22ba-9d0b-4ac5-aef5-9bae6cddaebc.fusionapp\kcwctrl.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\acad22ba-9d0b-4ac5-aef5-9bae6cddaebc.fusionapp\mmf2d3d8.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\acad22ba-9d0b-4ac5-aef5-9bae6cddaebc.fusionapp\mmf2d3d9.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\acad22ba-9d0b-4ac5-aef5-9bae6cddaebc.fusionapp\mmfs2.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\acad22ba-9d0b-4ac5-aef5-9bae6cddaebc.fusionapp\mp3flt.sft	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\acad22ba-9d0b-4ac5-aef5-9bae6cddaebc.fusionapp\waveflt.sft	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\b7c3acb9-19ca-44f6-be85-d3cea4039c40.fusionapp\.lock	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\b7c3acb9-19ca-44f6-be85-d3cea4039c40.fusionapp\aiffflt.sft	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\b7c3acb9-19ca-44f6-be85-d3cea4039c40.fusionapp\kcini.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\b7c3acb9-19ca-44f6-be85-d3cea4039c40.fusionapp\kclist.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\b7c3acb9-19ca-44f6-be85-d3cea4039c40.fusionapp\mmf2d3d8.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\b7c3acb9-19ca-44f6-be85-d3cea4039c40.fusionapp\mmf2d3d9.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\b7c3acb9-19ca-44f6-be85-d3cea4039c40.fusionapp\mmfs2.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\b7c3acb9-19ca-44f6-be85-d3cea4039c40.fusionapp\modflt.sft	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\b7c3acb9-19ca-44f6-be85-d3cea4039c40.fusionapp\mp3flt.sft	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\b7c3acb9-19ca-44f6-be85-d3cea4039c40.fusionapp\oggflt.sft	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\b7c3acb9-19ca-44f6-be85-d3cea4039c40.fusionapp\waveflt.sft	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\da5fa3d2-e094-4bbb-b9b8-a465cf650534.fusionapp\.lock	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\da5fa3d2-e094-4bbb-b9b8-a465cf650534.fusionapp\drpc.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\da5fa3d2-e094-4bbb-b9b8-a465cf650534.fusionapp\get.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\da5fa3d2-e094-4bbb-b9b8-a465cf650534.fusionapp\ini++15.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\da5fa3d2-e094-4bbb-b9b8-a465cf650534.fusionapp\kcclock.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\da5fa3d2-e094-4bbb-b9b8-a465cf650534.fusionapp\kcfile.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\da5fa3d2-e094-4bbb-b9b8-a465cf650534.fusionapp\kclist.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\da5fa3d2-e094-4bbb-b9b8-a465cf650534.fusionapp\kcplugin.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\da5fa3d2-e094-4bbb-b9b8-a465cf650534.fusionapp\kcpop.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\da5fa3d2-e094-4bbb-b9b8-a465cf650534.fusionapp\kcwctrl.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\da5fa3d2-e094-4bbb-b9b8-a465cf650534.fusionapp\layer.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\da5fa3d2-e094-4bbb-b9b8-a465cf650534.fusionapp\mmf2d3d11.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\da5fa3d2-e094-4bbb-b9b8-a465cf650534.fusionapp\mmf2d3d8.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\da5fa3d2-e094-4bbb-b9b8-a465cf650534.fusionapp\mmf2d3d9.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\da5fa3d2-e094-4bbb-b9b8-a465cf650534.fusionapp\mmfs2.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\da5fa3d2-e094-4bbb-b9b8-a465cf650534.fusionapp\mp3flt.sft	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\da5fa3d2-e094-4bbb-b9b8-a465cf650534.fusionapp\oggflt.sft	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\da5fa3d2-e094-4bbb-b9b8-a465cf650534.fusionapp\parser.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\da5fa3d2-e094-4bbb-b9b8-a465cf650534.fusionapp\registry2.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\da5fa3d2-e094-4bbb-b9b8-a465cf650534.fusionapp\steam_api.dll	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\da5fa3d2-e094-4bbb-b9b8-a465cf650534.fusionapp\steamworks.mfx	Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\da5fa3d2-e094-4bbb-b9b8-a465cf650534.fusionapp\waveflt.sft	Generic Read,Write Data,Write Attributes,Write extended,Append data

Registry Modifications

Key::Value	Data	API Name
HKLM\software\wow6432node\microsoft\audiocompressionmanager\drivercache\msacm.imaadpcm::fdwsupport		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\audiocompressionmanager\drivercache\msacm.imaadpcm::cformattags		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\audiocompressionmanager\drivercache\msacm.imaadpcm::aformattagcache		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\audiocompressionmanager\drivercache\msacm.imaadpcm::cfiltertags		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\audiocompressionmanager\drivercache\msacm.msadpcm::fdwsupport		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\audiocompressionmanager\drivercache\msacm.msadpcm::cformattags		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\audiocompressionmanager\drivercache\msacm.msadpcm::aformattagcache	2	RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\audiocompressionmanager\drivercache\msacm.msadpcm::cfiltertags		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\audiocompressionmanager\drivercache\msacm.msg711::fdwsupport		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\audiocompressionmanager\drivercache\msacm.msg711::cformattags		RegNtPreCreateKey

HKLM\software\wow6432node\microsoft\audiocompressionmanager\drivercache\msacm.msg711::aformattagcache		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\audiocompressionmanager\drivercache\msacm.msg711::cfiltertags		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\audiocompressionmanager\drivercache\msacm.msgsm610::fdwsupport		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\audiocompressionmanager\drivercache\msacm.msgsm610::cformattags		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\audiocompressionmanager\drivercache\msacm.msgsm610::aformattagcache	1	RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\audiocompressionmanager\drivercache\msacm.msgsm610::cfiltertags		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\audiocompressionmanager\drivercache\msacm.l3acm::fdwsupport		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\audiocompressionmanager\drivercache\msacm.l3acm::cformattags		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\audiocompressionmanager\drivercache\msacm.l3acm::aformattagcache	U	RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\audiocompressionmanager\drivercache\msacm.l3acm::cfiltertags		RegNtPreCreateKey

Windows API Usage

Category	API
Anti Debug	IsDebuggerPresent OutputDebugString
User Data Access	GetUserObjectInformation
Keyboard Access	GetKeyboardState GetKeyState

EnigmaSoft’s Payment Processor Digital River GmbH Filing for Bankruptcy Does Not Impact SpyHunter Customers’ Anti-Malware Protection

Search

Change Region

PUP.Bitcoinminer.KBF

Analysis Report

General information

Known Samples

Known Samples

Windows Portable Executable Attributes

Windows Portable Executable Attributes

File Icons

File Icons

Windows PE Version Information

Windows PE Version Information

File Traits

Block Information

Block Information

Visual Map

Similar Families

Similar Families

Files Modified

Files Modified

Registry Modifications

Registry Modifications

Windows API Usage

Windows API Usage

Submit Comment

Trending

PUP.MacSpaceReviver.macOS

P2P Networking

Ffgogogo Browser

Most Viewed

How To Fix 'Printer Driver is Unavailable' Error

How to Fix 'macOS cannot verify that this app is...

Discord Shows Black Screen when Sharing Screen