Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [ General information ]
- * File name: c:\users\server-vm\desktop\coologger.exe
- * File length: 1453056 bytes
- * MD5 hash: d6073f790829d3706dbb3076206ad865
- * SHA1 hash: 547597f450d42d7ffe84812f00db6b16bbfcace3
- * SHA256 hash: e051472974929be1a98c1bff5c40520266739ed4d19a11271cb8e5165620d75f
- [ Changes to filesystem ]
- * No changes
- [ Changes to registry ]
- * Creates Registry key HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\NetworkProvider\HwOrder
- * Creates Registry key HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5
- * Creates Registry key HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9
- * Modifies value "NukeOnDelete=00000001" in key HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Explorer\BitBucket\Volume\{b924a5bd-5049-11e0-9787-806e6f6e6963}
- old value empty
- * Deletes Registry key HKEY_CURRENT_USER\software\classes\*\shell\sandbox
- [ Process/window information ]
- * Keylogger functionality.
- * Creates an event named "Global\CorDBIPCSetupSyncEvent_3492".
- * Creates a mutex "Global\.net clr networking".
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement