API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 17th, 2011
518
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.16 KB | None | 0 0
raw download clone embed print report
  1.  
  2. [ General information ]
  3. * File name: c:\users\server-vm\desktop\coologger.exe
  4. * File length: 1453056 bytes
  5. * MD5 hash: d6073f790829d3706dbb3076206ad865
  6. * SHA1 hash: 547597f450d42d7ffe84812f00db6b16bbfcace3
  7. * SHA256 hash: e051472974929be1a98c1bff5c40520266739ed4d19a11271cb8e5165620d75f
  8.  
  9. [ Changes to filesystem ]
  10. * No changes
  11.  
  12. [ Changes to registry ]
  13. * Creates Registry key HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\NetworkProvider\HwOrder
  14. * Creates Registry key HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5
  15. * Creates Registry key HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9
  16. * Modifies value "NukeOnDelete=00000001" in key HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Explorer\BitBucket\Volume\{b924a5bd-5049-11e0-9787-806e6f6e6963}
  17. old value empty
  18. * Deletes Registry key HKEY_CURRENT_USER\software\classes\*\shell\sandbox
  19.  
  20. [ Process/window information ]
  21. * Keylogger functionality.
  22. * Creates an event named "Global\CorDBIPCSetupSyncEvent_3492".
  23. * Creates a mutex "Global\.net clr networking".
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!