Sample File: MD5 hash: 0c2a5323f76cbffca948a310aae11cfe SHA1 hash: 5b283977be104627f30b2bdcdc2d47f7aa3bc807 SHA256 hash: 276dfc5994510eb3186bc273360e01487994723246fbbd296e9215d268888114 Filename(s): 276dfc5994510eb3186bc273360e01487994723246fbbd296e9215d268888114.exe Filetype: Windows Exe (x86-32) Mutex IOCs: - None - Registry Key IOCs: 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-1 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-10 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-11 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-12 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-13 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-14 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-15 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-16 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-17 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-18 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-19 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-2 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-20 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-21 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-22 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-23 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-24 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-25 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-26 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-27 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-28 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-29 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-3 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-30 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-31 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-32 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-33 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-34 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-35 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-36 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-37 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-38 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-39 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-4 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-40 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-41 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-5 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-6 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-7 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-8 8DEC0AF1-0341-4b93-85CD-72606C2DF94C-7P-9 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones\AUS Eastern Standard Time HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones\AUS Eastern Standard Time\Dynamic DST IP IOCs: - None - URL IOCs: - None - File IOCs: Filenames: C:\ C:\$RECYCLE.BIN C:\BOOT C:\DOCUMENTS AND SETTINGS C:\PERFLOGS C:\PROGRAM FILES C:\PROGRAM FILES (X86) C:\PROGRAMDATA C:\Program Files (x86)\Windows Mail\crystal_bath_flip_mixer.exe C:\RECOVERY C:\SYSTEM VOLUME INFORMATION C:\USERS C:\Users\CIiHmnxMn6Ps\AppData\Local\Icosineczo.bin C:\Users\CIiHmnxMn6Ps\Desktop\I4R-uL5\YxXEXh\XQ6rK6UQ64DvG1c.avi C:\Users\CIiHmnxMn6Ps\Desktop\pHqq\HNnrDpa C:\Users\CIiHmnxMn6Ps\Desktop\pHqq\HNnrDpa\vM9Rzszbg2B2vr2.avi C:\Users\CIiHmnxMn6Ps\Documents C:\Users\CIiHmnxMn6Ps\Documents\Database1.accdb C:\Users\CIiHmnxMn6Ps\Documents\woTi L543Fb\XljhQ-TRREwg.csv C:\WINDOWS C:\Windows\Explorer.EXE C:\Windows\Microsoft.NET\Framework64\v4.0.30319\config\machine.config C:\Windows\system32\dwm.exe C:\Windows\system32\sihost.exe C:\Windows\system32\svchost.exe MD5 hashes: 0affb996a3d753e52944587f1949b434 186ab6b31766e04f07fa8b3eb9314bef 3b0a062839ef2d945084f41b11081d9c bdd673b0dd4e1e770b5253a6e9383594 c5adfc861c7f8e34c6780adc95727876 SHA1 hashes: 073cc2544d7db1bb48ee1f1742b40b8452baed3a 467f132d345dbe2e5b01e87fcc30dbb2ea14a64b 879261e7b3d7f41c407e79dd5da6c1ea72afbdf5 900fe27c29cb830233a23446e265b7435fcc74e5 ebab8b38fd4c556d990be10a21118577e666490f SHA256 hashes: 16fc1803b0ed60de6b82db5c94769af7651f7b98ebaa630cb48f7d17810284c4 4f7f8918ce69501048d1b846428c509bf352ab662d6e33b82ec93caa72e7f9da 69313f9e8400235f34fe6f09c8789fadfb2bff8d19d19fda69782cc0085c652f 8cdcb2d8d8434ee55c9c9c0b7565ad3a6c9691470d0dc825c0f13dfdb73cf185 c4925f97c5939cc6abe1bd3c0826b711ee6aaeaf8507c73836ee1bd8e2efb403