Multi-License Discount Quote

Change Region

English
Threat Database Trojans Trojan.Kryptik.UGB

Trojan.Kryptik.UGB

By CagedTech in Trojans

Analysis Report

General information

Family Name: Trojan.Kryptik.UGB
Signature status: No Signature

Known Samples

MD5: 380e65caac031f74a5e7c58b86307e5c
SHA1: a02238e5ff21aeba0172c3b6d274b2593e7e93d1
File Size: 2.65 MB, 2649600 bytes
MD5: 7f2eca30bab99d5d24a0377cadcb2b8a
SHA1: be503e3a112270eba0e12e3bd42a3c939c861109
File Size: 2.69 MB, 2688392 bytes
MD5: 6d7e398c0382be13aaa857586b1978e3
SHA1: f6030d2d843b347c0b7f6215bacbb370ed81f59a
File Size: 2.80 MB, 2800128 bytes
MD5: a1bf9e7f6b915b0c28ed647a53057676
SHA1: 5d9364b7ca42dac3ee79333ddd68b7a9f7a96a03
File Size: 3.14 MB, 3144464 bytes
MD5: cd7f97d1aac8a2af963b9f5d2fe50c4c
SHA1: 43b4adb643e98cf1579b6e3c71862e9646ca64ad
File Size: 2.65 MB, 2648632 bytes
Show More
MD5: 7b999789bf0cc76fb6c90ca9ed94543d
SHA1: 141396094c95cf93049d7d909540339bb10a8487
File Size: 2.65 MB, 2649128 bytes
MD5: b1480d8de8019379bbf24d87e4e68e02
SHA1: 15a336bdd32c274effbc15f918b62992277140f5
File Size: 2.68 MB, 2678664 bytes
MD5: 8bbc3cca3905e7ada419a806de48006c
SHA1: d9527797784197257a37c743da36f4de8197e924
File Size: 7.11 MB, 7113728 bytes
MD5: 351a47d9c304203c17767ddf2d647192
SHA1: 3e719df6d280289d272608e7f7a34a11c8433537
SHA256: AA3BF861D3FE9D55128692A9B8C9D60BBD6205CA4C47A3136DCB5DCE7CD12E10
File Size: 2.66 MB, 2658816 bytes
MD5: 98c43b4e5e41afd9c067992312376604
SHA1: b05e6c239042595d6678305a05aa720143e681c6
SHA256: 38FE85277E2FAE305BDE2ACD5CEF0D3F5FB54A41CF9AE0782CC2324163D584F7
File Size: 7.09 MB, 7085056 bytes
MD5: ac675763e138763816bc85ad86d7c551
SHA1: 2489562e13583ff3dff94e9d4dd0fa82ccd18870
SHA256: EB2C36A03406570530B1AD98E8D46AA2F30459488795549C94C2C0BE9225D8BD
File Size: 5.29 MB, 5289360 bytes
MD5: 4431990df79d423e12134e78ec7974c4
SHA1: e8f91bf2d2e452f8988f07ef7f275ac3d89cb1a1
SHA256: C7FCF42F7554ED3D6E8AB760CB2BB54261C0C8B0C23F7DB76F15BD8E771CE15F
File Size: 5.29 MB, 5289568 bytes
MD5: 77a155c9c14f573e8497854acea90882
SHA1: 10b5d998800e497a4f28c2ed13dbf4da23ef482d
SHA256: 78F2D606541E8360BB2E3EB6C4836FE0D6372E284568D7AB0F301FF74C032C26
File Size: 2.68 MB, 2677824 bytes
MD5: e68da544fb1815bfbc653277a2941970
SHA1: 92c01c6c9848f3c7a7066f568587ca6923ff94a3
SHA256: 7200700ACCA1BE7F4F1EFC0D88F1FD3FB9CEB0968ED607EE207840325AD5A837
File Size: 2.65 MB, 2649600 bytes
MD5: 8d4c7baff17b583c93419d241230fc8d
SHA1: 6bb4494cfd50e34e79cfdf77a66f9b338744a00f
SHA256: BE0E230659C1193C7C4A1F604234A0694C50876FD0FE2469727A2C7B2F66FB47
File Size: 5.40 MB, 5401184 bytes
MD5: 77b1ebefa1b6a5f43e484aa8e210c11d
SHA1: 5fb8d273f5fa8d8d0de35ca9428901237c91a481
SHA256: 895862EDFC907F3943ECC9C278163A23C33E21C6F4DE50AC1E87F248B7DA3E0F
File Size: 3.02 MB, 3019776 bytes
MD5: b1d4fdd2206987cda0acac49ac6e9ae7
SHA1: 22d02ab37a911b1299493cd988d1ad745515a155
SHA256: CB0D22A541249A3AC1EE4326688DDC6EB6C0F30D7AD267389DF1786642DF6C9C
File Size: 5.40 MB, 5396480 bytes
MD5: fadd68326fc39dfaf78d866252123fab
SHA1: ca2584b5304e3df915e31669ad1ffa044a35a104
SHA256: 2D7E81DC127F6BD0E7FF7597AD95696D4F4E9377D181274373C0D631EEFC2313
File Size: 7.11 MB, 7113728 bytes
MD5: 4d35e144f5a0fb916239b2a589c941ab
SHA1: a7c6669f6c21cd0817f8e344cf8f45b936408187
SHA256: D2F309CF31BB47C30CC890AFD9F09B236C122A17D5686F786C7DA82E5CA37311
File Size: 4.94 MB, 4942848 bytes
MD5: 346ef829535608721966cfc40dd6e309
SHA1: 06bcf1b43a025c9a9a8535d7b5f0a789e0bcfed6
SHA256: 568AA2DEE36C4B29CF688E842D80750DE528EE1851AEAFACDD635EE004ACD201
File Size: 2.67 MB, 2673808 bytes
MD5: 34a28cee133cc8e722242694332cd11c
SHA1: 6d3af3a8ebb117536dc1c8089241df3403bfe458
SHA256: 2951C4CA5C7AD164FF3A747C1DB44E18FC4EC20FA91CA0C87FF6CC79007EFEA6
File Size: 7.11 MB, 7113216 bytes
MD5: 09c60a5121f89102560ab606c3f185ad
SHA1: 1092053c0267398a80a625fb463b208b8fa8ebad
SHA256: D8D4C136068C9C5AAD47A796B1E5F075BAE4DED6C9E547DDBA00CA9E112CB279
File Size: 2.71 MB, 2710808 bytes
MD5: b53c6ad0fa76e0ced947dffaf938acec
SHA1: 79487e34844a91628b98d77458eeb8eecf148af1
SHA256: B26AC42DCF282C4B0B53F0A369F88C7BFC210EBB3A276CBBFF821A7D7A440970
File Size: 2.85 MB, 2854912 bytes
MD5: bb8b2061aabdf72a060d586ec19edfca
SHA1: 6c67a1820f0d6cbe069caee5d78ca005354e7712
SHA256: 202A7BAE390FA568123A6A29D6E6BA6729A7B682A547B9A10AD7B6EAE3F8A1C7
File Size: 4.94 MB, 4942848 bytes
MD5: 1133561ea2d1d1738933f1e996c64db1
SHA1: 6e458e4c58fd46d139570ff38134c26a496312eb
SHA256: 62DAEBC264DBB6102FB8E5455B8F5EB54A48F126C479B7D7149D3351D1AF361E
File Size: 2.89 MB, 2888472 bytes
MD5: 622c348891a01566c60eea69f566a73c
SHA1: 7009cb9f2ec1f228a3cafbebaed939fb8d03d74b
SHA256: 0A8D3BB957F515F9B5A766A2FD39DC59F80B334F83EDA5F38D49BCC0EA012AED
File Size: 2.66 MB, 2658816 bytes
MD5: 2551cc8fb2f00bd0736a5a7029b89655
SHA1: 9bf11f275c3190e73b7314a9e40051e88e3869e1
SHA256: 7B2FA6B5FF8797E0600589D0312B5CAD4FF7C136A32B7B775ED111FD888875C1
File Size: 5.40 MB, 5395968 bytes
MD5: 9a45b7c102f5f4b05504dad17f775875
SHA1: f9c46c4628aa10eeee7a0cbc9f3b54748994057f
SHA256: 4F85B6D87DCC12F7904F95F3716B18930C63CB18BD624C1ABCBDD9181BA4EFC2
File Size: 4.94 MB, 4942848 bytes
MD5: c78b0d517fc207c3e5cac628c00b0aaa
SHA1: 4c15beb98094d84a1efa2563a63f308e88c766b8
SHA256: B024E769F90CEB5531D9DBAF1BA20E39F4C0B558BF214394B06E385238F1C521
File Size: 2.65 MB, 2649600 bytes
MD5: eba5a3d5c0671d10b8e478dd17d4cccb
SHA1: 4b4e499e208d43fef00c810e9af5a6c7a4085cad
SHA256: EAEF4F0400C746E0387A16A4BD23441E580F1E194B2F7CBA0E15C83FB85ED8AB
File Size: 5.25 MB, 5251128 bytes
MD5: 4facaa3155bb577cc9857dd39b286a1c
SHA1: cd1a9669e38f73eda6601c2c6682416930c0cec2
SHA256: 88D16A77360C5B6A0740152A34FA9C2B63BE2B94260431BC08EAF531E8BAC0BA
File Size: 2.64 MB, 2641448 bytes
MD5: 96b1fef363f657b8592765f7d2802240
SHA1: 80c11b7148cb70f06ba1a99e7edab8de20fc8e91
SHA256: 517FD59369B02DAD8B29CCBFBC735CCDC840ACA093EB066B55B5E6DC62E80D6F
File Size: 2.69 MB, 2694224 bytes
MD5: 1048f6cb21d6b22873333b96de4e870b
SHA1: 000cfa0491c7d546dea28db64f0ad349a018a310
SHA256: 7DB237199E6EB50A6E81098223B02184E387018E9F818F1DBF67B492CE4DF544
File Size: 2.99 MB, 2989568 bytes
MD5: be05a99ec040f3a5727da57f544aa85f
SHA1: b292a7736ab59d5665244603a16d7edbdda740bb
SHA256: 5D6AEBF9C467A3538054DDFA3FAEEA70F48A0A26203FBFBE82A8BEB1F8974511
File Size: 5.40 MB, 5395456 bytes
MD5: c1058a4c2ab356d705eede1fa0cac2f3
SHA1: e6e47497c516c33a602bd5799117e65bcfb4aefe
SHA256: 5781A1210DD9579682A8198A7DA8C7455CE36070DCCE347EE598483E9EF4495F
File Size: 2.67 MB, 2668656 bytes
MD5: 3db3055ddfe219ee463b9592a355f744
SHA1: a64c08cf0f7a33a67857b395c77eb6bfc04a6ef6
SHA256: E027D9980978DFE552FD1C5567A1B59CC5726997A408E9161F47124D2E5C2EE0
File Size: 2.71 MB, 2705216 bytes
MD5: 54d2542dd948d7cb211de81acef5c741
SHA1: 14c11a62e922f07d503fa24c66dbcec5b3fc321b
SHA256: 565FBEE73B6F960B4E218057C442521F8E10FEF240B0198CEE69F145FC1C371A
File Size: 2.80 MB, 2800128 bytes
MD5: 4dc93730ebe04a9b508a9f9dae74ae09
SHA1: 7c41da2ca4497fb2c95ce15722302da18f70e735
SHA256: BF1B5C1F792E929A442740F8B73109BBAC48A9310167102F6A3BBC6CDD08E540
File Size: 4.94 MB, 4943360 bytes
MD5: 17be09f89f6964836e777349aab30d23
SHA1: ea939d99182c160dc1a81fa381342c52642fc83f
SHA256: 4CFF658B7BAE754068C4927CE3615BAD0057027B98CE23E23525F5F9E5D0C124
File Size: 2.80 MB, 2799616 bytes
MD5: 1ca42278ebed81ae35033daeff62fe46
SHA1: c00e2a119ce70dcca95eb0f4c654d75584b9e6dc
SHA256: A9273A70D21347C68FB466605038C0E48580B464681A5390325A5EDEBF8CE527
File Size: 3.02 MB, 3019776 bytes
MD5: 8d1f742ce4f9794dc5bcbe0f689f6728
SHA1: 6dabdff0d52faca926884c663d5add2960b09b55
SHA256: 9D4322DC5EC24B907D138356416A7C749A7415A721FD38A6B8C0279D70837B6E
File Size: 3.20 MB, 3200512 bytes
MD5: d12e9ff3199932d4b5afe3339d8b7bba
SHA1: cb3c36d4d91adb8ba5aa2028b63117ff3435192c
SHA256: 70F56209970EE594532596B038D314A0A754D33A0F355BD1E87E068C9BF71159
File Size: 2.65 MB, 2649600 bytes
MD5: 119c34666a1e091619ebd1c5e2e78aa8
SHA1: 3223708d3af42297834e430517d0565f6ddcf71e
SHA256: D335A352595CD376587CC3E071B6FDAA58B1E8F5E193F090D679E36CDA054B66
File Size: 3.44 MB, 3436344 bytes
MD5: a0c374f31894aa332d158f56608c89c3
SHA1: 0236445a761fca6dcda1b9014beb78198dfae9f8
SHA256: CE7CA5446E66CE1E9190E16922FA33FEBB0789F27561AA820D1D1BF14C86CFE1
File Size: 2.73 MB, 2728960 bytes
MD5: aaacd691df9b669852759bb8932d42cf
SHA1: dfd46b7da2be9695a146f9613367b3dbd38a2661
SHA256: 8997A4FD659A9882458FA32E5D10D2C66CA46879B0B77E0D5DEE4A3673844463
File Size: 2.65 MB, 2649600 bytes
MD5: ad69cb1fb5ba18986bd159baa4fb8d33
SHA1: 3a20b95a4a3a4dc44deff483c04f01595d1a3e2d
SHA256: 4F499191E7E47DBB7B350E192D64111D84E21003535F9E4A1486C51A3A892AF6
File Size: 3.20 MB, 3198976 bytes
MD5: d0e76ba68e3ed818f5f08a86d3a6396d
SHA1: a8fdf4c8afd50eb0d6c1da451530ca8bdb6ef1b9
SHA256: 34138F64F34293BA4447E9FA12786D2EEC54C6C5E7EB501952122E4E92B42FD1
File Size: 2.64 MB, 2644992 bytes
MD5: e9205201ef792ced806fc56b11b12668
SHA1: 1b3962a185d9924c620a69feb39c0ac5e5a8e8b4
SHA256: C9F265CA65D46ADD665486E24C89D30B02521A2C566289A87757770BB86CC231
File Size: 3.02 MB, 3019776 bytes
MD5: 6aeefd758521a88ba55b9c41fdfce791
SHA1: a2812ddff1ed22b2894e56e3028dbd3b7a22e27c
SHA256: A56DDF40113B691058AD267C94191DAC6583E19406D28D52AB9CFE2187046C53
File Size: 3.22 MB, 3219912 bytes
MD5: 17ced981f71cf733b207de6f396c394e
SHA1: 7a686ba93911849612d0e88fe7a0f41a16d949be
SHA256: 427E74F26FA8B5488B304F110DC2734174D2797FB948A6DA094965A5640227E0
File Size: 3.20 MB, 3200512 bytes
MD5: eb3b1c71faaa8c1c19cc1f5566c4928a
SHA1: 09ae0d73a699c1da5cb5b8ffc8ca8c8a4a40d499
SHA256: A3EE04EA9B4D947932548FFF737AC54E6F36FDB2686680989082C7E7C7192614
File Size: 5.29 MB, 5289360 bytes
MD5: 08e9868657289f14b391650fa1ee0efe
SHA1: 253b9892b3eb6b5ddd2b377ca45b20f52b614926
SHA256: 90245F1A83C588643402419D8FE15916FC5348DDE89E85A359F6B080321E262E
File Size: 2.86 MB, 2860032 bytes
MD5: 908ed1ec99f6fd4ee386e735cf38d7bc
SHA1: 19ada702dbfa2449320e12b716617720e8cca4f0
SHA256: 91A6E1F14BD267D5F6BF9D01B57FE3D6758BEDBA8E1953362858485A8771252C
File Size: 2.91 MB, 2911384 bytes
MD5: 14b10318c86dc492169c4cb75198757c
SHA1: 92eb5c236d61d93b6b485d427efe5041b4b51343
SHA256: 16B58427CDF37AAD270BF596655768AAA8297107EEF52071B826D4C1F24A3416
File Size: 5.26 MB, 5257216 bytes
MD5: 48c7a2c368fa5b545292f847690fa5f5
SHA1: 2e04474f02818970c9c2ea8411661d5dd4f8f698
SHA256: 7BF25083B7B39F99C8A7676AB327F3379A8BC8FC2F294E28BFB27A6A7315563F
File Size: 3.02 MB, 3019776 bytes
MD5: 3287391002202d59134c9ba76aa82c3c
SHA1: b23f2bbb208996012abe7b7837651382127ab5c6
SHA256: F41702E67B456FCFC70D6370548B6C579D81091E6E761FF0AAE58F3C860B303A
File Size: 2.87 MB, 2871296 bytes
MD5: cf56ef60383cf5f721c4706e0299d19d
SHA1: b6592eaa7a643721a3063061db375cb670ed0d88
SHA256: D7E2B69096734EB8566EB999120F82719F3B08FF72058933625E111AF92ECF22
File Size: 2.85 MB, 2853888 bytes
MD5: 1c9e997630137286cf9f9ac02996af9a
SHA1: d7552ba771e9a8f4de6ec0ebdeca881adfe62536
SHA256: D4A91CAEA5A03D5D81955CF0DBADD6A665B1714F1A75E1FF3B38B54FCEA8C5E3
File Size: 2.67 MB, 2669136 bytes
MD5: 834a5e75c2f577d6b1670db0ac7f9818
SHA1: 147bb0d27f14995a6cf27de5ee7c1cb5e283dd98
SHA256: FE4B292AC748B13309CF0DE25F45BCD7D6FC5F159CD175B78DF4741A30E60F1F
File Size: 2.68 MB, 2679888 bytes
MD5: 0d020d274be37ae464672d2d411f4576
SHA1: 5833567b10897a98172d7a28a7e3cb6b83712a0b
SHA256: 9E91E947A673C1B91FA596FDDA59DAEE86B06AE4AFD5D4651AC9ABD490E4C8DE
File Size: 5.40 MB, 5396480 bytes
MD5: 84ce286baa8da64280bd907379f7f513
SHA1: 1d32195d4068aad814132c67b3b80065c1b881d9
SHA256: 990816BC0A736E73CBB05CD503189226D57B0202E446300541092DC1244CE102
File Size: 2.68 MB, 2680400 bytes
MD5: bbc58ebf274d79f4baf1921fe854566b
SHA1: a80103c24b6651bd71fbd4078bbdd7712595b055
SHA256: 443B57711E2E7BCD59B84DBCB3D755FDE2C40E0332879001117A5F9A507E0713
File Size: 3.02 MB, 3019776 bytes
MD5: ab86d4a76ed0e288d2249302e68a18c3
SHA1: eef2c224b3fb2355620fdbcf8c7a4ca60053f0e9
SHA256: DCD1DAC46D711E4A991017A1A5D5F4A7BB3692A540F15B4D970F0A97CEBCCBCB
File Size: 3.20 MB, 3201024 bytes
MD5: f45f41f5c416a7e691f1da2ca0c4e175
SHA1: ca9d17177945af0b59c68798b464968c4ae21614
SHA256: 7885095CF66DCE92B73043DA0E47E123B9304E2F40D68BA6F882FAC01D9B4DC2
File Size: 2.87 MB, 2874368 bytes
MD5: d92193370d5ada89ad9111de60cddfaf
SHA1: f90146ad8ee4dca1c3fa78019aa2b5899eebba74
SHA256: C1FFDECEF1A13AC93B783C21B2BD719F4E4F3BCBE26B6E96AAD09E00D4FA96CD
File Size: 4.94 MB, 4942848 bytes
MD5: f19627580886090eddd287471e9b8cf3
SHA1: fac2acb2b8908dc60391faedc78d71864ef9f3aa
SHA256: FE5F7DC4690B786E946731F828CB4003D5FCE5C4DED16B4566BAD63AF1A8D1E8
File Size: 2.68 MB, 2683696 bytes
MD5: 326491f1e9fad4c3ff99343f1634d52c
SHA1: 9619e5db2efebaa78874fbc3115d381dfe1b5757
SHA256: 4607EB3A4912C3C3D695E031872C4FF7AF638A46CF610D19F318492C1A7F93EE
File Size: 5.51 MB, 5514128 bytes
MD5: 1946e730c84e92837fff89f12d0a8e14
SHA1: 72db2e45ec26d3a69351e3b9f9492a1abb94530e
SHA256: E7579E07F60EBDD73EC7EF8A41367E4E079368C638675BB9BCD34978184FE9A9
File Size: 3.23 MB, 3234248 bytes
MD5: 71fa97fe1aff2cf769580aedf5a6ea88
SHA1: 7a849698c1f425534d67ed594d11964590dc22ae
SHA256: 7EBEA646A173B7A9B6D24747E719B637A7DF19AE6200324523868B1E802E45F9
File Size: 5.25 MB, 5251208 bytes
MD5: 15358bdc778e0d529a2d953386fe84d8
SHA1: 2fa7ab7fe138fdc6205edc9ff407fdcdf141ca50
SHA256: 2F238085742BB9FAE961880C97729F498ACBBBF0DE33B853C858016870AEDEDD
File Size: 2.70 MB, 2702448 bytes
MD5: 51bfe1a82c040a9ecc2079c15cb06531
SHA1: af11b16fb23eae7b978f84d1390bee5cc101e84b
SHA256: C4D90182ACF624B1F222BB190D98D814F4FEF48417E777A51042415F8FF1AA0F
File Size: 5.24 MB, 5243648 bytes
MD5: 90a14170d7ab2b565bb2e8790805c287
SHA1: bfb32cbd74834f8f6a98a67ff221312ad0dbd7ad
SHA256: 8091FCDAE12AA7A48D230617307C9D369C973622FA491643A0EFB2F212E4A29B
File Size: 3.44 MB, 3443512 bytes
MD5: d5c7fd0169441f67ab2288d646b75e54
SHA1: 9a0257d6fe17fa3d3b6718c490ce179d4739f2f5
SHA256: D27B561A3E62E3F1099ED6D9091ACF806BCED52F432379F30816281BF75B2F2D
File Size: 2.66 MB, 2657792 bytes
MD5: a75422973b5d1fd6817ea4e9ad3b15d1
SHA1: b65fc1746164ed0a749034258f2a52525dc52c9c
SHA256: 1B47C9AF43D318723ABC0EF7E0B6F0629392A804695777A7759FB11D3B3F8033
File Size: 2.87 MB, 2868736 bytes
MD5: 6f1c49ad6c2c36b02a89ce92766cc4f4
SHA1: aafe198899b4c9f2192c3ede7cc5199ac7235214
SHA256: CAC3E6B49363AA1CE7E53E359055944EE48E735B427D6D0A0CF39A4CB1C4F752
File Size: 3.19 MB, 3188224 bytes
MD5: de60ba3620d1ecd090c7d73ee90dc679
SHA1: 0a3fd4681e96b80b75c6531302ca785520f95f0a
SHA256: 45ACC2C742A333D8AFA7C056ADE407E4B32FE23064712D93B90EE07E4B19E27A
File Size: 2.68 MB, 2681440 bytes
MD5: bab4d14761ba17e5867ba9f9e3e9212e
SHA1: 11fe37e5a6071ffb75fdbba605ccabb6d9f14a0a
SHA256: 5FC26E7A7CE1EF1E70C29DACE68191CE08C2DFB9372BF38FB77BADF6BCBCBAB4
File Size: 3.21 MB, 3205632 bytes
MD5: f68c80477f92bd39e6a0db4d71d6848b
SHA1: a94ff7f8be3b49ba9662f7074ef4ddfbe5de78fd
SHA256: 689D36A7FA423960E2A04688ADC87EE57585AD4B6C4B9C591DDAF18B19FB4A6C
File Size: 2.68 MB, 2675584 bytes
MD5: 12981930d33f57f0a92898e24ee245dc
SHA1: 26415bc11ba8b093ab05e5635946e3f58888ca29
SHA256: 0F317E541BABCF4215394AA2C4F0FF9B612943D1E2A207312EFE5E669C224CAC
File Size: 2.68 MB, 2677824 bytes
MD5: 3b105c2875265b51872afa5551bbeb8b
SHA1: ce820d334e0806dfdba2cf043f1a4e68218879e9
SHA256: 7CE378FFE3FB1CCBF272825267F26A38E343314BF9A2B1BA81082D4CEF79BE1D
File Size: 3.20 MB, 3201024 bytes
MD5: d0456491612511e3e5437564fd7e50ee
SHA1: 9cb54897826ac855cf27c90a65a9dff40c397688
SHA256: A3BCC102DCA87A2EEDB2C73299EC6A2D6280853FA86CB7042447C92B165505E1
File Size: 3.20 MB, 3198976 bytes
MD5: 1556a11d9d521d2415755ed496c1ce89
SHA1: e5ad949a74931c65ff404676d62b740ee4280d84
SHA256: A105FB5323097412305787F9B066BEF9F6B344FC064DCE6141C2A46616FD7791
File Size: 3.20 MB, 3200512 bytes
MD5: 41ec29a7beddb4d911e7f470e4045c13
SHA1: 2646fff8a73204a1199379db92eac13b0c87a198
SHA256: A87271CAE506454061D7A59B754996A025E92299BD7EA4A94621DF4DC28340BF
File Size: 5.29 MB, 5294592 bytes
MD5: d4724eb566cc2b419a40c638d55a8e79
SHA1: 1aaa39e8f5bfdf7294134977dcbe3d93616dd665
SHA256: F358EF273D81216A9E1B602487221B19BBFC650DC5328918FE78A4EFB1BEED20
File Size: 5.26 MB, 5263360 bytes
MD5: 1ae116344006e66329e1beb1277a5d08
SHA1: 10db121587eae1754384a9b8c54ffb034eb13a92
SHA256: CFCFAFF6B9E6056D19A528A766D538E4246F2AA673C7DA0B168C35AAB75B540D
File Size: 3.02 MB, 3019776 bytes
MD5: 5be0c5dae419579396a1460a22cb9975
SHA1: eb4bc2b566948009cd4d9229f877b8a94de1e341
SHA256: 39ACE9893C1A1D65B1AF5BD1224173931BBD02A28C01BDF631C0C399BBE4A6B6
File Size: 2.90 MB, 2902888 bytes
MD5: 85ddcb7988aa919f3087fb8e17e17f4d
SHA1: b35332f51026e88d2dfc4886e8e2b2b4d0b9f426
SHA256: CBE4FD90046C25ECE024267BA0948C1B71377574A03166A5CB7C8B01FA013D31
File Size: 3.20 MB, 3200512 bytes
MD5: 125f47ce5e1f5bbd23355774b3a334f9
SHA1: 19d6dfcadb7af75860523961a7364dabea9d0d22
SHA256: F6D674A442698197BBDB99F03F5DDEE89EFA01300A0C18C20FD7280E88AFDCF9
File Size: 2.68 MB, 2682768 bytes
MD5: 76f0e56795279a76babd4c268448a846
SHA1: 814aa7fd56028c83570f02d9e6d6e9fabe6df4f8
SHA256: 531F53AFB90FB4AB6F584573506523231D9931990D4380DB3FE6B689CB119762
File Size: 2.88 MB, 2881912 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have exports table
  • File doesn't have resources
  • File doesn't have security information
  • File has TLS information
  • File is 64-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is Native application (NOT .NET application)
Show More
  • File is not packed
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name Value
Company Name
  • Avast
  • Firefox
  • Google Chrome
  • Google Inc.
  • Microsoft Corporation
  • Microsoft OneDrive
  • Microsoft® Windows® Operating System
  • qFlipper
  • Qt6
  • Steam
Show More
  • Telegram Desktop
  • Telegram Desktop
  • The Chromium Authors
  • VideoLAN
File Description
  • Avast Installer
  • Chromium
  • File Picker
  • Firefox
  • Google Chrome
  • Microsoft PowerPoint
  • OOBE Network Connection Flow
  • qFlipper Windows Installer
  • Qt Linguist
  • Steam
Show More
  • Telegram Desktop
  • Telegram Desktop Setup
  • Updater Service
  • Visual Studio Installer
  • VLC media player
File Title
  • chrome.exe
  • chrome_exe
  • chromium.exe
  • FilePicker
  • Firefox
  • microstub
  • OneDriveUpdaterService.exe
  • OOBENetworkConnectionFlow
  • powerpnt.exe
  • steam (buildbot_steam-relclient-w32.build.valve.org_steam_rel_client_win32@steam-relclient-w32)
Show More
  • vlc
File Version
  • 138,0,7204,97
  • 137,0,2,110
  • 137,0,2,0
  • 81,0,4044,138
  • 70,0,3538,110
  • 23,158,730,1
  • 17,14,36212,18
  • 16,0,13231,20262
  • 10,0,19041,3636
  • 10,0,17763,1
Show More
  • 9,86,62,31
  • 6,9,3,0
  • 5,16,3,0
  • 5,6,3,0
  • 4,12,2,0
  • 3,0,3,0
  • 2,1,133,0
  • 1,3,3,0
Legal Copyright
  • (C) Flipper Devices Inc.
  • Copyright (C) 2014-2023
  • Copyright (C) 2014-2025
  • Copyright (C) 2021 Valve Corporation
  • Copyright (C) The Qt Company Ltd. and other contributors.
  • Copyright 2017 Google Inc. All rights reserved.
  • Copyright 2025 Google LLC. All rights reserved.
  • Copyright © 1996-2018 VideoLAN and VLC Authors
  • Copyright © 2024 Gen Digital Inc. All rights reserved.
  • Telegram FZ-LLC 2014-2024
Show More
  • © 2020 The Chromium Authors. All rights reserved.
  • ©Firefox and Mozilla Developers; available under the MPL 2 license.
  • © Microsoft Corporation. All rights reserved.
Legal Trademark
  • Firefox is a Trademark of The Mozilla Foundation.
  • VLC media player, VideoLAN and x264 are registered trademarks from VideoLAN
Product Name
  • Chromium
  • Flipper Devices Inc.
  • Gen Digital Inc.
  • Google Chrome
  • Google LLC
  • Microsoft Corporation
  • Microsoft PowerPoint
  • Microsoft Visual Studio Community
  • Mozilla Corporation
  • Telegram FZ-LLC
Show More
  • Telegram FZ-LLC
  • The Qt Company Ltd.
  • Valve Corporation
  • VLC media player
Product Version
  • 138,0,7204,97
  • 137,0,2,110
  • 137,0,2,0
  • 81,0,4044,138
  • 70,0,3538,110
  • 23,158,730,1
  • 17,14,36212,18
  • 16,0,13231,20262
  • 10,0,19041,3636
  • 10,0,17763,1
Show More
  • 9,86,62,31
  • 6,9,3,0
  • 5,16,3,0
  • 5,6,3,0
  • 4,12,2,0
  • 3,0,3,0
  • 2,1,133,0
  • 1,3,3,0

Digital Signatures

Signer Root Status
C2RService C2RService Hash Mismatch
AnyDesk Software GmbH DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1 Hash Mismatch
Figma, Inc. DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1 Hash Mismatch
Google LLC DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1 Hash Mismatch
Logitech Inc DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1 Hash Mismatch
Show More
NVIDIA Corporation DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1 Hash Mismatch
Rockstar Games, Inc. DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1 Hash Mismatch
win.rar GmbH DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1 Hash Mismatch
AnyDesk Software GmbH DigiCert Trusted Root G4 Hash Mismatch
Google LLC DigiCert Trusted Root G4 Hash Mismatch
Mozilla Corporation DigiCert Trusted Root G4 Hash Mismatch
Valve Corp. DigiCert Trusted Root G4 Hash Mismatch
The Qt Company Oy Entrust Root Certification Authority - G2 Hash Mismatch
Flipper Devices Inc. Flipper Devices Inc. Hash Mismatch
Telegram FZ-LLC GlobalSign GCC R45 EV CodeSigning CA 2020 Hash Mismatch
Microsoft Corporation Microsoft Code Signing PCA 2010 Hash Mismatch
Microsoft Corporation Microsoft Code Signing PCA 2011 Hash Mismatch
Microsoft Windows Microsoft Windows Production PCA 2011 Hash Mismatch
Microsoft Windows Publisher Microsoft Windows Production PCA 2011 Hash Mismatch
Akeo Consulting Sectigo Public Code Signing Root R46 Hash Mismatch
Tim Kosse Tim Kosse Hash Mismatch

File Traits

  • HighEntropy
  • Installer Version
  • No Version Info
  • WriteProcessMemory
  • x64

Block Information

Total Blocks: 106
Potentially Malicious Blocks: 42
Whitelisted Blocks: 64
Unknown Blocks: 0

Visual Map

0 0 0 0 0 0 x 0 x x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 x x x x x x x x x x x 0 x x x x x 0 x x 0 x x 0 x x 0 x x x x x x 0 x x x x x 0 x x x x
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

  • Agent.DEAB
  • CobaltStrike.RG
  • CobaltStrike.SN
  • CobaltStrike.SR
  • CobaltStrike.SU
Show More
  • CobaltStrike.TQ
  • Coinminer.LM
  • Downloader.Agent.DTB
  • Kryptik.UGB
  • Kryptik.UGD
  • Spyloader.M

Files Modified

File Attributes
\device\namedpipe\pshost.133993646596854951.4372.defaultappdomain.powershell Generic Read,Write Data,Write Attributes,Write extended,Append data,LEFT 524288
c Generic Write
c:\programdata Generic Write
c:\programdata\sbbchqifcsdm Generic Write
c:\programdata\sbbchqifcsdm\ognyzhgnnojq.exe Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete
c:\programdata\winupdtmanager Generic Write
c:\programdata\winupdtmanager\sysgruvklm.exe Generic Read,Write Data,Write Attributes,Write extended,Append data,Delete
c:\users\user\appdata\local\temp\__psscriptpolicytest_4kl3i1se.qmw.psm1 Generic Write,Read Attributes
c:\users\user\appdata\local\temp\__psscriptpolicytest_ieimdadp.buo.ps1 Generic Write,Read Attributes

Registry Modifications

Key::Value Data API Name
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\conhost.exe 翓࣊ǜ RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\conhost.exe RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\conhost.exe 쒧耩࣊ǜ RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\conhost.exe ⁦ﮐંǜ RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\conhost.exe RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\conhost.exe IJ㥧毵ǜ RegNtPreCreateKey
HKLM\system\controlset001\services\bam\state\usersettings\s-1-5-21-3119368278-1123331430-659265220-1001::\device\harddiskvolume2\windows\system32\conhost.exe ➅㦍毵ǜ RegNtPreCreateKey

Windows API Usage

Category API
Syscall Use
  • ntdll.dll!NtAccessCheck
  • ntdll.dll!NtAccessCheckAndAuditAlarm
  • ntdll.dll!NtAccessCheckByTypeResultList
  • ntdll.dll!NtAccessCheckByTypeResultListAndAuditAlarm
  • ntdll.dll!NtAccessCheckByTypeResultListAndAuditAlarmByHandle
  • ntdll.dll!NtAcquireProcessActivityReference
  • ntdll.dll!NtAddDriverEntry
  • ntdll.dll!NtAdjustGroupsToken
  • ntdll.dll!NtAdjustTokenClaimsAndDeviceGroups
  • ntdll.dll!NtAlertResumeThread
Show More
  • ntdll.dll!NtAlertThread
  • ntdll.dll!NtAlertThreadByThreadId
  • ntdll.dll!NtAllocateLocallyUniqueId
  • ntdll.dll!NtAllocateReserveObject
  • ntdll.dll!NtAllocateUserPhysicalPages
  • ntdll.dll!NtAllocateUuids
  • ntdll.dll!NtAlpcConnectPort
  • ntdll.dll!NtAlpcConnectPortEx
  • ntdll.dll!NtAlpcCreatePortSection
  • ntdll.dll!NtAlpcCreateResourceReserve
  • ntdll.dll!NtAlpcCreateSectionView
  • ntdll.dll!NtAlpcCreateSecurityContext
  • ntdll.dll!NtAlpcDeletePortSection
  • ntdll.dll!NtAlpcDeleteResourceReserve
  • ntdll.dll!NtAlpcDisconnectPort
  • ntdll.dll!NtAlpcImpersonateClientOfPort
  • ntdll.dll!NtAlpcOpenSenderProcess
  • ntdll.dll!NtAlpcOpenSenderThread
  • ntdll.dll!NtAlpcQueryInformation
  • ntdll.dll!NtAlpcQueryInformationMessage
  • ntdll.dll!NtAlpcSendWaitReceivePort
  • ntdll.dll!NtAlpcSetInformation
  • ntdll.dll!NtApphelpCacheControl
  • ntdll.dll!NtAreMappedFilesTheSame
  • ntdll.dll!NtAssociateWaitCompletionPacket
  • ntdll.dll!NtCancelIoFile
  • ntdll.dll!NtCancelIoFileEx
  • ntdll.dll!NtCancelSynchronousIoFile
  • ntdll.dll!NtCancelTimer
  • ntdll.dll!NtCancelTimer2
  • ntdll.dll!NtCancelWaitCompletionPacket
  • ntdll.dll!NtClearEvent
  • ntdll.dll!NtClose
  • ntdll.dll!NtCloseObjectAuditAlarm
  • ntdll.dll!NtCommitComplete
  • ntdll.dll!NtCommitEnlistment
  • ntdll.dll!NtCommitTransaction
  • ntdll.dll!NtCompactKeys
  • ntdll.dll!NtCompareSigningLevels
  • ntdll.dll!NtCompleteConnectPort
  • ntdll.dll!NtCompressKey
  • ntdll.dll!NtConnectPort
  • ntdll.dll!NtContinue
  • ntdll.dll!NtContinueEx
  • ntdll.dll!NtConvertBetweenAuxiliaryCounterAndPerformanceCounter
  • ntdll.dll!NtCreateCrossVmEvent
  • ntdll.dll!NtCreateDebugObject
  • ntdll.dll!NtCreateDirectoryObjectEx
  • ntdll.dll!NtCreateEnclave
  • ntdll.dll!NtCreateEvent
  • ntdll.dll!NtCreateEventPair
  • ntdll.dll!NtCreateFile
  • ntdll.dll!NtCreateIoCompletion
  • ntdll.dll!NtCreateJobObject
  • ntdll.dll!NtCreateJobSet
  • ntdll.dll!NtCreateKey
  • ntdll.dll!NtCreateKeyedEvent
  • ntdll.dll!NtCreateLowBoxToken
  • ntdll.dll!NtCreateMutant
  • ntdll.dll!NtCreateNamedPipeFile
  • ntdll.dll!NtCreatePagingFile
  • ntdll.dll!NtCreatePort
  • ntdll.dll!NtCreatePrivateNamespace
  • ntdll.dll!NtCreateProcessEx
  • ntdll.dll!NtCreateProfile
  • ntdll.dll!NtCreateProfileEx
  • ntdll.dll!NtCreateRegistryTransaction
  • ntdll.dll!NtCreateResourceManager
  • ntdll.dll!NtCreateSection
  • ntdll.dll!NtCreateSectionEx
  • ntdll.dll!NtCreateSemaphore
  • ntdll.dll!NtCreateThread
  • ntdll.dll!NtCreateThreadEx
  • ntdll.dll!NtCreateTimer
  • ntdll.dll!NtCreateTimer2
  • ntdll.dll!NtCreateTokenEx
  • ntdll.dll!NtCreateTransactionManager
  • ntdll.dll!NtCreateUserProcess
  • ntdll.dll!NtCreateWaitablePort
  • ntdll.dll!NtCreateWaitCompletionPacket
  • ntdll.dll!NtCreateWorkerFactory
  • ntdll.dll!NtDebugContinue
  • ntdll.dll!NtDelayExecution
  • ntdll.dll!NtDeleteAtom
  • ntdll.dll!NtDeleteBootEntry
  • ntdll.dll!NtDeleteDriverEntry
  • ntdll.dll!NtDeleteFile
  • ntdll.dll!NtDeleteObjectAuditAlarm
  • ntdll.dll!NtDeletePrivateNamespace
  • ntdll.dll!NtDeleteWnfStateName

288 additional items are not displayed above.

Anti Debug
  • IsDebuggerPresent
  • NtQuerySystemInformation
User Data Access
  • GetUserDefaultLocaleName
  • GetUserName
  • GetUserNameEx
  • GetUserObjectInformation
Process Shell Execute
  • WriteConsole
Process Terminate
  • TerminateProcess
Encryption Used
  • BCryptOpenAlgorithmProvider
Other Suspicious
  • AdjustTokenPrivileges

Shell Command Execution

WriteConsole: [SC] OpenService
WriteConsole: [SC] CreateServi
WriteConsole: [SC] ControlServ
WriteConsole: [SC] StartServic

Trending

Most Viewed

Loading...