Sample File:

	MD5 hash:
		9cc1c14059b17532c4aa410d7b0c1601

	SHA1 hash:
		81f4fdeeb08c80ec96798d9aec28d986a572042c

	SHA256 hash:
		75ca5c2caf5216140f8e3e34160bdc64ce59d75fce1feeaa809ec18f01427783

	SSDEEP hash:
		6144:2gkc4XJqHujPpYCv9zr73VVO1cVOoqOkGSZNqlYOTZ/VBLPnV5:2cqJ4gPpxx7FQ1cIQ/eQYwZD

	Filename(s):
		volumesound.exe

	Filetype:
		Windows Exe (x86-32)


Mutex IOCs:

		Global\UzFCA0D558
		Lambda


Registry Key IOCs:

		HKEY_LOCAL_MACHINE\HARDWARE\Description\System
		HKEY_LOCAL_MACHINE\HARDWARE\Description\System\VideoBiosVersion
		HKEY_LOCAL_MACHINE\SOFTWARE\137FBF1F\
		HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion
		HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\CurrentVersion
		HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\InstallDate
		HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProductID
		HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProductName


Domain IOCs:

		- None -


IP IOCs:

		- None -


URL IOCs:

		- None -


File IOCs:

	Filenames:

		

		C:\Users\CIIHMN~1\AppData\Local\Temp\F57916AF
		C:\Users\CIIHMN~1\AppData\Local\Temp\FA6AEE10
		C:\Users\CIiHmnxMn6Ps\Desktop\volumesound.exe
		System Paging File

	MD5 hashes:

		9cc1c14059b17532c4aa410d7b0c1601

	SHA1 hashes:

		81f4fdeeb08c80ec96798d9aec28d986a572042c

	SHA256 hashes:

		75ca5c2caf5216140f8e3e34160bdc64ce59d75fce1feeaa809ec18f01427783

	SSDEEP hashes:

		6144:2gkc4XJqHujPpYCv9zr73VVO1cVOoqOkGSZNqlYOTZ/VBLPnV5:2cqJ4gPpxx7FQ1cIQ/eQYwZD