Multi-License Discount Quote

Change Region

English
Threat Database Potentially Unwanted Programs PUP.Montiera.D

PUP.Montiera.D

By CagedTech in Potentially Unwanted Programs

Analysis Report

General information

Family Name: PUP.Montiera.D
Signature status: No Signature

Known Samples

MD5: d04606d46b91e7c6b47dd382444c151a
SHA1: 9eef2e2e03b8b7c288884916d04ade4adb9ce836
SHA256: 006E792AD6F23C3102E51CD6261A5FA2FF98B5C9FEE4208EC86B56D909E528D3
File Size: 357.48 KB, 357479 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have exports table
  • File doesn't have relocations information
  • File doesn't have security information
  • File is 32-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is Native application (NOT .NET application)
  • File is not packed
Show More
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name Value
Company Name BabylonToolbar
File Version 1.8.3.8
Product Name BabylonToolbar

File Traits

  • dll
  • x86

Files Modified

File Attributes
c:\users\user\appdata\local\temp\nsc5a78.tmp Synchronize,Write Attributes
c:\users\user\appdata\local\temp\nsc5a78.tmp\mt.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsc5a78.tmp\mt.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\nsc5a78.tmp\nsisos.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsc5a78.tmp\nsisos.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\nsc5a78.tmp\system.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsc5a78.tmp\system.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\nsc5a78.tmp\time.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsc5a78.tmp\time.dll Synchronize,Write Attributes

Registry Modifications

Key::Value Data API Name
HKLM\system\controlset001\control\session manager::pendingfilerenameoperations \??\C:\Windows\SystemTemp\77e37ce0-8214-4414-aced-551c5ae204d7.tmp\??\C:\Windows\SystemTemp\e28eadcf-6ab0-4d8c-8821-7ce9a6aba1 RegNtPreCreateKey
HKLM\system\controlset001\control\session manager::pendingfilerenameoperations \??\C:\Windows\SystemTemp\77e37ce0-8214-4414-aced-551c5ae204d7.tmp\??\C:\Windows\SystemTemp\e28eadcf-6ab0-4d8c-8821-7ce9a6aba1 RegNtPreCreateKey

Windows API Usage

Category API
Network Info Queried
  • GetAdaptersInfo

Trending

Most Viewed

Loading...