Cuckoo Sandbox

Name	33c316b6d72eadef_comb.dll Download Submit file
Filepath	C:\Windows\SysWOW64\com\comb.dll
Size	329.0B
Processes	2664 (rundll32.exe)
Type	ASCII text, with CRLF line terminators
MD5	`23aeba70baa45c6ec1fe7a11452f846c`
SHA1	`e64e86571f411a2194a1ec8a1d77f66f759ae265`
SHA256	`33c316b6d72eadefb37f567e4e159f1725b19b499dbdcf718e88c85b6a42723f`
CRC32	`8F5EE21B`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	93303320ed9f17d5_miscson.dll Download Submit file
Filepath	C:\Windows\SysWOW64\Miscson.dll
Size	137.6KB
Processes	2664 (rundll32.exe)
Type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
MD5	`f1f9c8e0d90cb1f75fe3b8cca03d3e23`
SHA1	`17a44a1d5730d2c27fdb3be49bda95ad279dd8b4`
SHA256	`93303320ed9f17d5371b855064aae92633874c06587b0b28e1f94d73e3f16235`
CRC32	`2D85E89C`
ssdeep	`None`
Yara	create_service - Create a windows service escalate_priv - Escalade priviledges keylogger - Run a keylogger win_mutex - Create or check mutex win_registry - Affect system registries win_token - Affect system token win_files_operation - Affect private profile
VirusTotal	Search for analysis

Dropped Files