Threat Database Trojans Trojan.MSIL.Agent.SKH

Trojan.MSIL.Agent.SKH

By CagedTech in Trojans

Analysis Report

General information

Family Name: Trojan.MSIL.Agent.SKH
Signature status: No Signature

Known Samples

MD5: d2bfcfbda5498046bf2be83cefc50266
SHA1: 1970af2e1d9c219d7ee105a044225e112668ba32
SHA256: 92FD5DBC9B19C32ADA9C1E0DD443B06770ABE6A03F9DD79C36899213C11E599B
File Size: 26.62 KB, 26624 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have exports table
  • File doesn't have security information
  • File is .NET application
  • File is 32-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is not packed
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

Windows PE Version Information

Name Value
Assembly Version 1.0.0.0
Comments Seamless solution that optimizes your security. Powerful utility that coordinates your automation. Seamless platform that enhances your analytics. Seamless solution that optimizes your security. Powerful utility that coordinates your automation. Seamless platform that enhances your analytics. Seamless solution that optimizes your security. Powerful utility that coordinates your automation. Seamless platform that enhances your analytics.
Company Name Akeyic
File Description Cotahi
File Version 1.0.0.0
Internal Name Akeyic.exe
Legal Copyright Copyright © 2025
Original Filename Akeyic.exe
Product Name Cotahi
Product Version 1.0.0.0

File Traits

  • .NET
  • x86

Block Information

Total Blocks: 98
Potentially Malicious Blocks: 44
Whitelisted Blocks: 54
Unknown Blocks: 0

Visual Map

0 0 x x x x 0 x x x 0 x 0 0 x x x 0 0 0 0 0 0 x 0 x x x 0 0 0 x 0 x 0 x x 0 0 x x x x 0 0 0 0 0 x 0 x x 0 0 x 0 0 x 0 0 0 0 x 0 x 0 0 0 0 0 x x 0 0 x 0 0 0 x x 0 x 0 0 0 x 0 x x 0 0 x x x x 0 x 0
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

  • MSIL.Agent.SKG
  • MSIL.Agent.SKH

Windows API Usage

Category API
Syscall Use
  • ntdll.dll!NtAlpcSendWaitReceivePort
  • ntdll.dll!NtClearEvent
  • ntdll.dll!NtClose
  • ntdll.dll!NtCreateEvent
  • ntdll.dll!NtCreateMutant
  • ntdll.dll!NtCreatePrivateNamespace
  • ntdll.dll!NtCreateSection
  • ntdll.dll!NtCreateThreadEx
  • ntdll.dll!NtDuplicateObject
  • ntdll.dll!NtEnumerateKey
Show More
  • ntdll.dll!NtEnumerateValueKey
  • ntdll.dll!NtFreeVirtualMemory
  • ntdll.dll!NtMapViewOfSection
  • ntdll.dll!NtOpenDirectoryObject
  • ntdll.dll!NtOpenEvent
  • ntdll.dll!NtOpenFile
  • ntdll.dll!NtOpenKey
  • ntdll.dll!NtOpenKeyEx
  • ntdll.dll!NtOpenProcess
  • ntdll.dll!NtOpenProcessToken
  • ntdll.dll!NtOpenThreadToken
  • ntdll.dll!NtProtectVirtualMemory
  • ntdll.dll!NtQueryAttributesFile
  • ntdll.dll!NtQueryDefaultLocale
  • ntdll.dll!NtQueryDirectoryFileEx
  • ntdll.dll!NtQueryFullAttributesFile
  • ntdll.dll!NtQueryInformationFile
  • ntdll.dll!NtQueryInformationJobObject
  • ntdll.dll!NtQueryInformationProcess
  • ntdll.dll!NtQueryInformationThread
  • ntdll.dll!NtQueryInformationToken
  • ntdll.dll!NtQueryKey
  • ntdll.dll!NtQueryLicenseValue
  • ntdll.dll!NtQueryPerformanceCounter
  • ntdll.dll!NtQuerySecurityAttributesToken
  • ntdll.dll!NtQuerySecurityObject
  • ntdll.dll!NtQuerySystemInformation
  • ntdll.dll!NtQuerySystemInformationEx
  • ntdll.dll!NtQueryValueKey
  • ntdll.dll!NtQueryVirtualMemory
  • ntdll.dll!NtQueryVolumeInformationFile
  • ntdll.dll!NtReadFile
  • ntdll.dll!NtReadRequestData
  • ntdll.dll!NtReleaseMutant
  • ntdll.dll!NtReleaseWorkerFactoryWorker
  • ntdll.dll!NtResumeThread
  • ntdll.dll!NtSetEvent
  • ntdll.dll!NtSetInformationKey
  • ntdll.dll!NtSetInformationProcess
  • ntdll.dll!NtSetInformationWorkerFactory
  • ntdll.dll!NtSubscribeWnfStateChange
  • ntdll.dll!NtTestAlert
  • ntdll.dll!NtTraceControl
  • ntdll.dll!NtUnmapViewOfSection
  • ntdll.dll!NtUnmapViewOfSectionEx
  • ntdll.dll!NtWaitForSingleObject
  • ntdll.dll!NtWaitForWorkViaWorkerFactory
  • ntdll.dll!NtWriteFile
  • UNKNOWN
User Data Access
  • GetComputerNameEx
  • GetUserDefaultLocaleName
  • GetUserObjectInformation

Trending

Most Viewed

Loading...