Trojan.Agent.Gen.AUE
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Popularity Rank: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Popularity Rank: | 2,296 |
| Threat Level: | 80 % (High) |
| Infected Computers: | 131 |
| First Seen: | February 17, 2026 |
| Last Seen: | April 29, 2026 |
| OS(es) Affected: | Windows |
Table of Contents
Analysis Report
General information
| Family Name: | Trojan.Agent.Gen.AUE |
|---|---|
| Signature status: | No Signature |
Known Samples
Known Samples
This section lists other file samples believed to be associated with this family.|
MD5:
f5d86455dcf91c429deb679d58513293
SHA1:
ebf41ffd75c5963322eff9ce22972e1f77ee9fba
SHA256:
9C9E34B67D5A684E043E65B1955713E316592AA2E4E33214964661FE22463A51
File Size:
20.48 KB, 20480 bytes
|
|
MD5:
e41e39625e8f508ae4a071c8c97de781
SHA1:
9e13a670cbc1027628b377da291953e802ad981c
SHA256:
93B10C153B784923C15D2BDC71AE764421EC70160CA993E65D63EB4F1F734333
File Size:
20.48 KB, 20480 bytes
|
|
MD5:
2f02388b3bb5df7be3da1aeb3f68c325
SHA1:
eb6c19574ffdd6a68c4bd78842cc793264f2680d
SHA256:
E0A33382EF7CDC4E02AD68F4300701A49F36D47992E36DF13A555BC99B64D747
File Size:
20.48 KB, 20480 bytes
|
|
MD5:
325681d0d01bf5eff17cd3b427db207a
SHA1:
a4f704b6336293ee896823d822a1b8d0f7fc9956
SHA256:
83D6367CC4B12E1E42C3EB71D767253D7BB3A5E4340FA00610865D702B406D2A
File Size:
242.69 KB, 242688 bytes
|
|
MD5:
047d046b01fd76f56ad78f64403a15d0
SHA1:
656128b7cb88eb4bc15a61dba8d4598524dfaac6
SHA256:
BAFD7AE9A01C88FBE84643E25DECFEE3208C4E25CC91D82F513796285780D66C
File Size:
242.69 KB, 242688 bytes
|
Show More
|
MD5:
e8278701966e88f3fd5c82153c5d1be8
SHA1:
1600637ed1b31fd9e66b433a3ffcb1af0c0814c7
SHA256:
60CBFF9A253E91A57EE2EAA3E3FA4AF1BCF5D0C155518D7E3227B5BA3DA5B8A1
File Size:
242.69 KB, 242688 bytes
|
|
MD5:
573dbd7100fd3ab33ac00132e457c39c
SHA1:
ce6ed8b11e6226a3e445264139d702e30f5280e4
SHA256:
8703E078277C3DEF6E976C61BA0477AAF0D464A7E6F338C5AE134A8FA7FB1E86
File Size:
242.69 KB, 242688 bytes
|
|
MD5:
7951cf599bfa2bf4b76cf6fc49ca7ada
SHA1:
3216d63d1c124c10bc80a5a555bef2bb931b7634
SHA256:
CC6CC4991F78F54968DB7090E7CB0E489391EBA5031B4C72BDA74F5123097587
File Size:
242.69 KB, 242688 bytes
|
|
MD5:
828942ebcdb4fa104944d8a3cac82d9c
SHA1:
206c71c220481af1bee194104efb5d3b9ac5c455
SHA256:
1028FDDDCC3CCFF85B76A4D44EE2B26C4879D7A8720B0B0D9D48A8EE50DF18FF
File Size:
21.50 KB, 21504 bytes
|
|
MD5:
2a576b8792d88ed1856ecb7839b3c25f
SHA1:
dfcfeb49c44fedf0e2544146e7288bcb3e99fc17
SHA256:
6C63C48C0BE7403DB955B14237448BB6103D55F1B00A7FF77C27EF147F509BC6
File Size:
242.69 KB, 242688 bytes
|
|
MD5:
f0d6941621758aafe4e88866333dfd99
SHA1:
01c265fdbef57b5747b9048b740a91a9e1a1a45f
SHA256:
5A9844B73FEC4591BFB9E480700FF7AE30D2C6003A43EE2E632C5967B45C237D
File Size:
19.97 KB, 19968 bytes
|
|
MD5:
2b607618180be4d10f28df62d450833a
SHA1:
6f1ec20121133ed7167e6df7da5a8a7b57dcd5fe
SHA256:
7546D14F9BD222CB9C89655C094D500A8A376A5CC329C3EB6FA19F131ACE5189
File Size:
20.48 KB, 20480 bytes
|
|
MD5:
330bb54a30bc9b5c4600ba69844b3c6b
SHA1:
e221b5ffa690860eb9e5ac253316768fcc5e648f
SHA256:
E95EB2D1DBD3BE7EDFC13490EA7ED412D8327581004D58BDC59C39D21BDEA2AA
File Size:
19.97 KB, 19968 bytes
|
|
MD5:
1679d467cf628d3db3e89c1154eefced
SHA1:
af2dc13fc7b99e74347ca60004d7d71ba88e14a0
SHA256:
CC488DC9813BE80A8A4903F005C40DA0ABB10D564796500EBA040345E202E260
File Size:
19.97 KB, 19968 bytes
|
|
MD5:
0445c91b5bd6fa5cbfb25700cd985879
SHA1:
b585b606add9e539c8a30af09d17345c983e3e4d
SHA256:
C63EEDA99DFDBC0105832A825E95EB03278AC12D3BA461CD9CD982B4C755C49B
File Size:
20.48 KB, 20480 bytes
|
|
MD5:
c626b6b999bdd0c932b7b550272125e5
SHA1:
eefb260b0d3e6453d71df4fd09c222db5a466508
SHA256:
794996E46DB91B2A97EE66E064C6A91963E8BE8F46EFE8305543D17DC4FBF815
File Size:
242.69 KB, 242688 bytes
|
|
MD5:
7200082af704f1ab65f454433aeea374
SHA1:
b6608576cd2451cca7c358532921801970ae4c76
SHA256:
A5F6AF9A4499EA3A338DECF49A6D69B3B5F236DA095631CD6B60508C6332F8AB
File Size:
242.69 KB, 242688 bytes
|
|
MD5:
ba813d891777f67931ec45cf91020f33
SHA1:
387b41850c6c8d105f421f4f5d2de69b48f81bac
SHA256:
25C77E1942CC8F4D8D20579A812CEF9CAEA31018DC44DDFC55F8ACDAF157CED5
File Size:
19.97 KB, 19968 bytes
|
|
MD5:
b0e0dc4c5b8e38b6980b20f665cd3380
SHA1:
b1b0b8721b9906aef1167e548fef88a6f171910c
SHA256:
78E14AD82F1574A1D9833AC900E13B02C3CB0C5CF901CA28A05DCB52FADF3AFD
File Size:
19.46 KB, 19456 bytes
|
|
MD5:
8e0cce37ed54ff8262c4a967b06cfbdc
SHA1:
d697b88ab2b57aeded93436f75ce14aedcd51f08
SHA256:
CD0B665C65FD63A8C8C47D1C60FBD2D20316B455307DD774ECA5BE8D02CB0B22
File Size:
19.97 KB, 19968 bytes
|
|
MD5:
169b98c9dbe4d21f183f94502530fe88
SHA1:
41850b086ed43829fc9fee78ca2b6fea98bcef16
SHA256:
198DB6A7C5BC6959374C1E0089F3BB483FCDDA2CEC96D5A5A2D3DBF09B4141BA
File Size:
28.16 KB, 28160 bytes
|
|
MD5:
6380a4688c5a62ff02b09e9ae1783d15
SHA1:
b7873831ce932c5c18a090ca4eda39737edf813b
SHA256:
61F6ACD636B727ED57828DE90BFACD2B6F849D792F961D88849F2A0955CFC532
File Size:
28.16 KB, 28160 bytes
|
|
MD5:
9eea840d83132d8c070c37d9d0386654
SHA1:
f7b91fae101cbd9fd5b18da9fab8590ef30fbbd6
SHA256:
01A35020171721995A70EC5FB90D60F71423C157B9C0DCCBAF99BB0D9F0E5C13
File Size:
242.69 KB, 242688 bytes
|
|
MD5:
8320c11e7923fa2df9de8f9521bac936
SHA1:
f6c64190bf91ef9b40258afbe30004652fc14517
SHA256:
6E955F0EA6D138392E8379CBDA795C227AB4BD72CC592E9E0C295E629951327A
File Size:
242.69 KB, 242688 bytes
|
|
MD5:
3f532286daa5e80680af07da3f19ab23
SHA1:
bc2e210f087ba2f06e4242de0e6796ea8b49c9ea
SHA256:
0973CFDDC289DCFA0404D521E99AB2413E7BC1F51CB3DBA5F92039624D0F6041
File Size:
19.46 KB, 19456 bytes
|
|
MD5:
4ef6063306334ce4855d9df9185db78a
SHA1:
23f7cead1969c0f3b87b6bf86a48f2c232792c53
SHA256:
BD4E4FDB3DE89FF7563B74BC81A6A891193DFB01B32B8DAB3655742B108B75DC
File Size:
28.16 KB, 28160 bytes
|
|
MD5:
b5260ce014e349615f9133dac13c3eaa
SHA1:
8f5170a9d9dcb0f8e6af6457db203af7e0fcade6
SHA256:
4F73C72CE357730676719BDDDF797D5AC1F74CF359962A067ADAEC8F490874D3
File Size:
28.16 KB, 28160 bytes
|
|
MD5:
3112b979b102f6dc43a980542aa34682
SHA1:
37d01310f4bb2e8ca20280af8503ebb3ce731a75
SHA256:
1B31459A11E5314C7930152479E669F5719783CFB59AE3C90589AB99792D44C4
File Size:
28.16 KB, 28160 bytes
|
|
MD5:
1251222d10b75fa0b40dc117a4f253ea
SHA1:
f90bcbf172e2ac3998eb29423a6c6af3f600e926
SHA256:
9353E66462DB10EBC91B19BB3FE77E261C122007D3DB7E648709BA9157A24726
File Size:
28.16 KB, 28160 bytes
|
|
MD5:
a1f8a06289f298946eda6a8c691a5896
SHA1:
141715fe4840efda86907a9abaf18f14ca0177fa
SHA256:
6140307D56E1F9C81BEA99DDC1BA0E9692484D54439175A29E287FE08AC1CA48
File Size:
242.69 KB, 242688 bytes
|
|
MD5:
3a78cb39240b9a9a4f1200a8e61be308
SHA1:
62cd3e959f4aa58e12c20006536b6e221be3ce7e
SHA256:
8799931C3A717083D7E06E85DAD51AEE9E5ED5A2F8F561657D398B235BA132EC
File Size:
242.69 KB, 242688 bytes
|
|
MD5:
f7d1a5941cefbf5013c3197894b2e519
SHA1:
fdaea7103b483eba2269d6d26eb5337817397000
SHA256:
1A357948BF8B79684C0EAC028BFC01800AC5956B3CCF8746729C1C746DAA0623
File Size:
28.16 KB, 28160 bytes
|
|
MD5:
43871e6948c35e3f710c322461e86065
SHA1:
d27fa67e884e428f75e2846bdecadfca53144f38
SHA256:
DDEF3236EEE5564DA2FE715AE5C4494634A75ECBF8C8267FBD0D2550A302518F
File Size:
242.69 KB, 242688 bytes
|
|
MD5:
ddd47cbf1bbd649e5d9ea1749c401855
SHA1:
356f8fa453081dda712c9115f37a4318961aa61b
SHA256:
4315595A86A7B8098E06ADE214C23F9EA1710EA6A24BDC7B7A1B16559BF43392
File Size:
28.16 KB, 28160 bytes
|
|
MD5:
e1dc12770cb453069f35d6380e96e45f
SHA1:
190d7d3241d5b75f656a1a0630080c33d9d3ad10
SHA256:
78F6D8FF5DB159B0C6D06BEFE930B58DB52D5AB67F23AC46AACAB776EDF83079
File Size:
242.69 KB, 242688 bytes
|
|
MD5:
6fd194bf08e22fff1a53724f69123ed3
SHA1:
a9d2d283b51c473018a7ea69f5689315b5a67e23
SHA256:
322EA1B90AD393EB8717C3DB7894A06A3FF4BA66109F8AF135FEE5C680D3809E
File Size:
28.16 KB, 28160 bytes
|
|
MD5:
2b8302c577a912ff3791bd117bfa572f
SHA1:
af8757d4d9b8cec10bf762ad0b10fa9c1eeb6d3a
SHA256:
0DD7A73DC0C88B62C9737FED442566A6982330B267F46D02CC1AD90F38F978BF
File Size:
28.16 KB, 28160 bytes
|
|
MD5:
7e2ba5d56b04261b5463de68a1e2b739
SHA1:
bbc330830e5c4b1b56b5071379bc466ec6895c9d
SHA256:
FE237EFD703D4EF1E6DB33CCAC5B69473B63B020EB91F0C0E0C33DECCFEE96DD
File Size:
28.16 KB, 28160 bytes
|
|
MD5:
f4874a2fcc56fd3cdac00254821c865c
SHA1:
5f65e70cb7c345e07aa88417273cad30a0255951
SHA256:
0AD778EBA174AF90DBBC28A943F7EA9AB183CB42757A9EAFA8F25D3DC6CE6326
File Size:
28.16 KB, 28160 bytes
|
|
MD5:
60aa7bf6e20ace1ebd959aa3761cb676
SHA1:
7f46f17298c8f46314d90dfdf6b6385f5cae543b
SHA256:
5E424E6D678B3FCC16B9A174B6388211506BF5D1AB3988C3D659A4E4CB725810
File Size:
28.16 KB, 28160 bytes
|
|
MD5:
10a48aec9d454cd6fd1875bc4a08fba1
SHA1:
b3879f2767cea3d30e8c59537f0bb8a4ee9313b8
SHA256:
D1B581069FB2670A5A5DDACC240B318B91B4BB3DECEDC7198B5AB75F71CCFB83
File Size:
28.16 KB, 28160 bytes
|
|
MD5:
61ea32a4daf4779adc7a1ed4d2f9b512
SHA1:
e203f8c9aeb43df7f5de9047435ce71724c9db70
SHA256:
487468E438DB719357961B34E5AEEDF04CB895C472A156FF35BBE3C6E001A3B6
File Size:
28.16 KB, 28160 bytes
|
|
MD5:
d04d7437d1fcea76490ebede60869685
SHA1:
308faa9d4245b0dd6f147b2f90c07d26121b8bf5
SHA256:
E1E863F22B09D0EA4867950191D62C1CE8A687AC1878E523EAD650352A67D6AE
File Size:
19.46 KB, 19456 bytes
|
|
MD5:
c6325f5462c288e03a732ecf9f6590e9
SHA1:
71dc8fc16e8c74749dfe2b7a2b615c571c9514bb
SHA256:
41C809C4A2369E2C38154526F57F3CC78B86CD7F3E44F4BFC543D1B749B47C1D
File Size:
28.16 KB, 28160 bytes
|
|
MD5:
7ce81d9c7fe3e8952e9cfe87c6728c9d
SHA1:
a94330e0438b8b26068d3e838e4e36cb2d9a8a2b
SHA256:
E47CFBC41FE69A1EB7A6F9065910BB125DC8BD5E9469333639B2B351C820DA03
File Size:
28.16 KB, 28160 bytes
|
|
MD5:
4bbce94274f077f342e39cc5226733e3
SHA1:
f452694a817871d00572bdc5dd828effb7080b66
SHA256:
ECBDE94F4495CC90EE06754FDE8F318BEAC8D8B8250E68F13FF84482BB022CE0
File Size:
28.16 KB, 28160 bytes
|
|
MD5:
7865c7d873ca12eaf62da65113f09343
SHA1:
357db6fa8cdc046231016964af15b0489892a020
SHA256:
007447C2FA60511A471B9586E5DC5668697168168A51FB92CDB35B0ECF472346
File Size:
242.69 KB, 242688 bytes
|
|
MD5:
c05b197a323a2517f93a59171a7da6c3
SHA1:
4c9a25d9e3125bc4971aad307ec6ec2a60194cb1
SHA256:
C66D3460DD8F0887AE5847F70F84ED224799075A08F64DB85D545E786A1D2F82
File Size:
28.16 KB, 28160 bytes
|
|
MD5:
cd8dfb860a7ca36fe1be6749bfc1c935
SHA1:
7d70b1dffad0dbfa43bc4232c0d80d45cbb85a5c
SHA256:
C1C4A610677E4546D3C8E8724E43517FBD70ED05CB5E3C16659D569ED6B008AE
File Size:
28.16 KB, 28160 bytes
|
|
MD5:
d9afea610db5332cb6ec6a0a5cc6c2e3
SHA1:
e405d70db618d236a8ac7e91130d65b33be17f18
SHA256:
E892C62422D320A12358FCBC6750E8F5F296BD5B45FC9B8165E35A823E7564C6
File Size:
28.16 KB, 28160 bytes
|
|
MD5:
cd40873d93b1cc8e811de71c1480b115
SHA1:
3505c7ae6e0bcde3a3091b07d6c0312fb5b7a8f8
SHA256:
66215B318C16F5944E69E2EA9EEA562193CF67410163E9CCA68C29A5F6255451
File Size:
28.16 KB, 28160 bytes
|
|
MD5:
2011095533a2141f3a51ec122dc5a3b4
SHA1:
9ddad699828e826a053bcadd4c41c7f003de1434
SHA256:
E23DFADE90D6C8C79DA654BF96E2B8AD349AB560804004185334C31EFE5C81C6
File Size:
242.69 KB, 242688 bytes
|
|
MD5:
2bb6b6c3d4c897701198ac124d60bb87
SHA1:
4d4ef43d44ed509dad208dadf971e9248bf8b131
SHA256:
36328B2702028E0E673EFFB242578DBE718910AEB27D098519DE2D0AEA0D8AD3
File Size:
28.16 KB, 28160 bytes
|
|
MD5:
eb8275a921dbe869b8dca55b0ee81282
SHA1:
224e0af660b5a06b49198b854fed0a9444344d77
SHA256:
79679CA7E3B0AD6ABFFE6316EB00A9D97E2A6A1952C0E8286E7107E6594B6DEF
File Size:
19.97 KB, 19968 bytes
|
|
MD5:
5ffa3f0e59ecfebae59ca8cc692de30d
SHA1:
308911a4887713e337bd4e204c3ad4284ad45d98
SHA256:
E5169F5610B9EE66F38B4BAFBAA24876F47B6B5463D5803928CC69D68AEFFF5D
File Size:
28.16 KB, 28160 bytes
|
|
MD5:
e659ac7fdadd90bd837dac2400e485d4
SHA1:
b152ba711c1f6dd765db16c8dc806d3479c0a2f7
SHA256:
6CE7E3C20BE875478C1B02C604FB4B6FEEB62991EA796A7BAE18748469143ED9
File Size:
28.16 KB, 28160 bytes
|
|
MD5:
66b5a8b237fac3de6c8c0aa00f6b3cfa
SHA1:
52648d54e3fdd7ce732db346f84f2f5d2f6d37fe
SHA256:
1152DD41FC1342D0AD05920FFCEBDB959CE04EF5EC1F2FF3B46A2F629D048335
File Size:
28.16 KB, 28160 bytes
|
|
MD5:
61d83149475a491fd115e7dba217a7ea
SHA1:
8a86cbfed167102c0a05e90ef2dacbfb9f022a74
SHA256:
FDE91170834229D6F80A891BE7F5C4B26D335C65ECA4F3498ACEA2E2C3807108
File Size:
242.69 KB, 242688 bytes
|
|
MD5:
2163d320a6d6675b564395b9413a0f09
SHA1:
b3141c5229661dcb790a7a56b75e47a2bb923511
SHA256:
A94768C94F7B0909F870D5A5E39E0DAFD52155627EDF7CC3B0D301F0E8B20ECD
File Size:
29.18 KB, 29184 bytes
|
|
MD5:
f0b7da4005c630631f12049cf4374fa9
SHA1:
c2836abd23b71863c49aeb4994e2dcab3c0f1018
SHA256:
8452F0122812FB9A4DDEC9CCC64C78DD9A2190B82EAE5D29068E6F1496A84F1F
File Size:
28.16 KB, 28160 bytes
|
|
MD5:
4396d868c5103758c4d776209656cc54
SHA1:
e44fb6004dba93fad7c4c78f1b39d3b3315ad213
SHA256:
65DFE184D64888AFCA130601D702C50B0B2DD4ADB0389A9E1C54C220F9183425
File Size:
29.18 KB, 29184 bytes
|
|
MD5:
811d257f1f6ad302b52233b83218640f
SHA1:
bdf53dd5563c201a0028c4c2a064adb17f54c4e0
SHA256:
AB74F348CDDAA035CBD6640C370463E06FC42A1C411907E58F84A7AFA65665CC
File Size:
29.18 KB, 29184 bytes
|
|
MD5:
16257107a7ef867b6a42901c1dee25a3
SHA1:
e7758660b6e0bb216b16b9bb411e35c5e00525f8
SHA256:
16488F9E3093E29D0CC1FC0D552824EFCBBB03C99C8EED05CFAE25407D0D8ABC
File Size:
28.16 KB, 28160 bytes
|
|
MD5:
fdc97c5f0bbc17aff50b8541b05dcb81
SHA1:
946b0fa12456500bde379be3b638dc79289bb2ee
SHA256:
ACDFA448569EAD0B3A935B3B390C1A7CD6E935B6E49E7CE833523B896B5BB3B3
File Size:
242.69 KB, 242688 bytes
|
|
MD5:
e962c37af70fa9b11f39099493f9c984
SHA1:
df5c873579f48836ac5069842933c3eb1f040759
SHA256:
5EC6CF3E2823F7F7D5F58569E36A987A710310241A649CBEA8077DCE1496E396
File Size:
29.18 KB, 29184 bytes
|
|
MD5:
0e231900cf21815dc853259e2057f5f2
SHA1:
0307832032bb18d1e858b7d8b5160288cbcf5fee
SHA256:
D3BC1E6771E0351C4B7743A7A76E7128AE32E9DF332050B71D2ACFA5376721DD
File Size:
29.18 KB, 29184 bytes
|
|
MD5:
bd959f69cef9cf67397b34be111d6ce5
SHA1:
baf8730dad39975142266a96a1e972590be6f137
SHA256:
C2F582C612CF90D87DA5F3D908D0C77D7FA3A1A4FC23AFF13EC9AE3A0535C2F9
File Size:
19.97 KB, 19968 bytes
|
|
MD5:
9c4fb56fcb6ad8b169dd6f93439b47fd
SHA1:
b4f68ec04b7e1f4234c29d82d463a36edbe02ca9
SHA256:
36D6F94E76FAAB696A7630D6E2AFC9297F71CB19F8CD61E2737AB3BF00791AC9
File Size:
242.69 KB, 242688 bytes
|
|
MD5:
675b43fc2a860225089cd4bd0a84ecc8
SHA1:
ec19fe8fd5562a5500988275295f4b6584dbcbbc
SHA256:
BF3291DC26974CCC01ED5154AE02BA8A9E78E58DB0E514874FD0D2BA351DEB05
File Size:
242.69 KB, 242688 bytes
|
|
MD5:
21d2bd1a42d57abec5204ffea77f75af
SHA1:
1d5453ddd2ccd54f5bbd7366b7c9a38404e7f64a
SHA256:
AD879711AC57144D50FFE09C098F0CA3B0CD886C2A45156D376605F207D233F1
File Size:
29.18 KB, 29184 bytes
|
|
MD5:
300f0c15cae8b1f027c1c59899fa0147
SHA1:
7a5b536d08dec9b5912dcdefb1171a1d6ca15d55
SHA256:
0F4B5554594A8AA3314B61A9F44409888326CE8C700C93489BB7D35DC2542153
File Size:
28.16 KB, 28160 bytes
|
|
MD5:
86960bd7eaf6ad933119da5eae52b96d
SHA1:
f47ac325ec637e4356126c7a3d62aaae23db5670
SHA256:
EA732359651D39BF4381C52204CA1B117178A8E42DBC6B2C45657904D2094747
File Size:
29.18 KB, 29184 bytes
|
|
MD5:
8995fdfa3b3221c9388cb9941de8b529
SHA1:
99f5eaacc240f05a857a0fa22757c18bb66bc145
SHA256:
65F64574BBE382D8BC9A596B86AD2BCB7349803636D6F89D5C177C2D6F91D7F5
File Size:
29.18 KB, 29184 bytes
|
Windows Portable Executable Attributes
- File doesn't have "Rich" header
- File doesn't have debug information
- File doesn't have security information
- File has been packed
- File has exports table
- File is 64-bit executable
- File is either console or GUI application
- File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
- File is Native application (NOT .NET application)
- File is not packed
Show More
- IMAGE_FILE_DLL is not set inside PE header (Executable)
- IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)
File Traits
- dll
- x64
Block Information
Block Information
During analysis, EnigmaSoft breaks file samples into logical blocks for classification and comparison with other samples. Blocks can be used to generate malware detection rules and to group file samples into families based on shared source code, functionality and other distinguishing attributes and characteristics. This section lists a summary of this block data, as well as its classification by EnigmaSoft. A visual representation of the block data is also displayed, where available.| Total Blocks: | 50 |
|---|---|
| Potentially Malicious Blocks: | 6 |
| Whitelisted Blocks: | 44 |
| Unknown Blocks: | 0 |
Visual Map
x
0
0
0
0
x
x
x
x
0
x
0
0
0
2
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2
0
0
0
0
0
0
0
0
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block
? - Unknown Block
x - Potentially Malicious Block
Similar Families
Similar Families
This section lists other families that share similarities with this family, based on EnigmaSoft’s analysis. Many malware families are created from the same malware toolkits and use the same packing and encryption techniques but uniquely extend functionality. Similar families may also share source code, attributes, icons, subcomponents, compromised and/or invalid digital signatures, and network characteristics. Researchers leverage these similarities to rapidly and effectively triage file samples and extend malware detection rules.- ClipBanker.FS
- LockScreen.AG
- StrelaStealer.A
- StrelaStealer.B
- Trojan.Agent.Gen.AZD
Show More
- Trojan.Agent.Gen.BIA
- Trojan.Agent.Gen.BIK
- Trojan.Downloader.Gen.QY
- Trojan.Downloader.Gen.QZ
- Trojan.Kryptik.Gen.DET
- Trojan.Kryptik.Gen.DQY
- Trojan.Kryptik.Gen.EIZ
Files Modified
Files Modified
This section lists files that were created, modified, moved and/or deleted by samples in this family. File system activity can provide valuable insight into how malware functions on the operating system.| File | Attributes |
|---|---|
| c:\programdata\amdvirtualization\control.exe | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\prx5ee8.tmp\prx5ee8.tmp | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\prx7400.tmp\prx7400.tmp | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\prx745b.tmp\prx745b.tmp | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\prx74de.tmp\prx74de.tmp | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\prx80ec.tmp\prx80ec.tmp | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\prxa17a.tmp\prxa17a.tmp | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\prxa207.tmp\prxa207.tmp | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\prxa226.tmp\prxa226.tmp | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\prxa265.tmp\prxa265.tmp | Generic Write,Read Attributes |
Show More
| c:\users\user\appdata\local\temp\prxa381.tmp\prxa381.tmp | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\prxa572.tmp\prxa572.tmp | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\prxa582.tmp\prxa582.tmp | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\prxa69b.tmp\prxa69b.tmp | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\prxaf67.tmp\prxaf67.tmp | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\prxb6b2.tmp\prxb6b2.tmp | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\prxb701.tmp\prxb701.tmp | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\prxb710.tmp\prxb710.tmp | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\prxb7ac.tmp\prxb7ac.tmp | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\prxb80a.tmp\prxb80a.tmp | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\prxbfb5.tmp\prxbfb5.tmp | Generic Write,Read Attributes |
Registry Modifications
Registry Modifications
This section lists registry keys and values that were created, modified and/or deleted by samples in this family. Windows Registry activity can provide valuable insight into malware functionality. Additionally, malware often creates registry values to allow itself to automatically start and indefinitely persist after an initial infection has compromised the system.| Key::Value | Data | API Name |
|---|---|---|
| HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75 | RegNtPreCreateKey |
Windows API Usage
Windows API Usage
This section lists Windows API calls that are used by the samples in this family. Windows API usage analysis is a valuable tool that can help identify malicious activity, such as keylogging, security privilege escalation, data encryption, data exfiltration, interference with antivirus software, and network request manipulation.| Category | API |
|---|---|
| Syscall Use |
Show More
|
