Territorial Dispute
Show in Graph
Image Description
Common Information
Type Value
UUID 2d9bd8bf-6bd2-4414-a222-be08554176a7
Fingerprint 6a6804171b2740edc16f50600d20411cdfd045f365288ddc78e185d663f95169
Analysis status DONE
Considered CTI value 2
Text language
Published March 8, 2018, 5:53 p.m.
Added to db April 14, 2024, 8:24 a.m.
Last updated Aug. 31, 2024, 6:43 a.m.
Headline Territorial Dispute
Title Territorial Dispute
Detected Hints/Tags/Attributes 136/3/411
Source URLs
Redirection Url
Details Source https://www.crysys.hu/publications/files/tedi/ukatemicrysys_territorialdispute.pdf
URL Provider
Details Provider Source level domain
Details crysys.hu www.crysys.hu
Attributes
Details Type #Events CTI Value
Details Domain 17 
www.crysys.hu
Details Domain 622 
en.wikipedia.org
Details Domain 5 
sigs.py
Details Domain 10 
utils.py
Details Domain 79 
www.f-secure.com
Details Domain 177 
www.wired.com
Details Domain 9 
blog.threatexpert.com
Details Domain 8 
totalhash.cymru.com
Details Domain 97 
virustotal.com
Details Domain 1 
pressbrig1.tripod.com
Details Domain 1 
www.scifi.pages.at
Details Domain 604 
www.trendmicro.com
Details Domain 103 
www.mcafee.com
Details Domain 261 
blog.talosintelligence.com
Details Domain 280 
thehackernews.com
Details Domain 1 
home.mcafee.com
Details Domain 1 
reg.ke
Details Domain 3 
telussecuritylabs.com
Details Domain 132 
www.sophos.com
Details Domain 216 
www.symantec.com
Details Domain 403 
securelist.com
Details Domain 10 
webcache.googleusercontent.com
Details Domain 1 
kam.lt
Details Domain 4127 
github.com
Details Domain 2 
malware-research.org
Details Domain 262 
www.welivesecurity.com
Details Domain 36 
malwr.com
Details Domain 268 
www.virustotal.com
Details Domain 3 
blog.kaspersky.com
Details Domain 397 
www.microsoft.com
Details Domain 1 
sha1.virscan.org
Details Domain 1 
artemonsecurity.blogspot.hu
Details Domain 1 
repo.cryptam.com
Details File 1 
driverlist.db
Details File 1 
ipfilter.dll
Details File 5 
sigs.py
Details File 10 
utils.py
Details File 1 
winver32.exe
Details File 1 
gwdef_other_peeps.txt
Details File 4 
drv_list.txt
Details File 1 
s7otbxdxa.sys
Details File 1 
s7obxsx.sys
Details File 2 
reg.key
Details File 5 
agentbtz-threat-that-hit-pentagon.html
Details File 1 
atmarpd.sys
Details File 82 
default.aspx
Details File 4 
fdisk.sys
Details File 1 
uroburos.html
Details File 1 
uroburos-rootkit-most-sophisticated-3.html
Details File 1 
syswpsvc.sys
Details File 1 
virusprofile.aspx
Details File 1 
ipconfhlp.sys
Details File 1 
ipmontr.exe
Details File 1 
ipconfhlp.dll
Details File 1 
internat.sys
Details File 1 
internat32.exe
Details File 1 
msadp32.exe
Details File 1 
internat.dll
Details File 2 
detailed-analysis.aspx
Details File 1 
ghotexinternat.sys
Details File 31 
writeup.jsp
Details File 6 
s7otbxsx.dll
Details File 1 
s7otbxsx.sys
Details File 17 
mrxcls.sys
Details File 14 
mrxnet.sys
Details File 5 
jmidebs.sys
Details File 5 
skywiper.pdf
Details File 1 
icsvnt32.dll
Details File 1 
icsvnt32.sys
Details File 1 
ups32.exe
Details File 1 
utilman32.exe
Details File 1 
utliman32.exe
Details File 6 
ups.exe
Details File 1 
msvcp11.dll
Details File 1 
msxml10.dll
Details File 1 
w3ssl.sys
Details File 1 
isuninst.bin
Details File 1 
wowmgr.exe
Details File 1 
datastore.sys
Details File 1 
'isuninst.bin
Details File 1 
'wowmgr.exe
Details File 1 
muxbde40.dll
Details File 1 
taskbar.exe
Details File 1 
msgqueue.exe
Details File 1 
sndtray.exe
Details File 1 
msserv.exe
Details File 2 
sed.exe
Details File 1 
winip.drv
Details File 1 
winext32.dll
Details File 1 
rpclog.dll
Details File 1 
c:\win\drivers\slidebar.exe
Details File 1 
rpclog.sys
Details File 1 
winext32.sys
Details File 1 
winip.sys
Details File 1 
c:\\applicationdata\\appdata1\\logfile.txt
Details File 1 
%userprofile%\\myhood\\btmn\\system\\temp\\cnf.txt
Details File 1 
c:\\syslog\\temp\\012tg7\\system\\cnf.txt
Details File 1 
tlbcon32.exe
Details File 6 
5.pdf
Details File 1 
adwm.dll
Details File 1 
asfipc.dll
Details File 1 
browui.dll
Details File 1 
capespn.dll
Details File 1 
cfgkrnl3.dll
Details File 1 
cryptkrn.dll
Details File 1 
deskkrne.dll
Details File 1 
dskmgr.dll
Details File 1 
explored.dll
Details File 1 
fmem.dll
Details File 1 
hddback4.dll
Details File 1 
hwmap.dll
Details File 1 
ipnetd.dll
Details File 1 
knrladd.dll
Details File 1 
mailapic.dll
Details File 1 
msgrthlp.dll
Details File 1 
msiaxcpl.dll
Details File 1 
msid32.dll
Details File 1 
msrecv40.dll
Details File 1 
ncfg.dll
Details File 1 
paraleui.dll
Details File 1 
secur16.dll
Details File 1 
soundloc.dll
Details File 1 
winf.dll
Details File 1 
wmcrt.dll
Details File 1 
ndisalex.sys
Details File 1 
ndisio32.sys
Details File 1 
paravdm.sys
Details File 1 
msncp.exe
Details File 4 
netsvcs.exe
Details File 1 
msprnt.exe
Details File 1 
htmlprsr.exe
Details File 1 
dhtmled.dll
Details File 1 
dhtmled.sys
Details File 1 
ethio.sys
Details File 1 
fmem.sys
Details File 1 
ntdos505.sys
Details File 1 
pnppci.sys
Details File 1 
triedit.sys
Details File 1 
vgx.sys
Details File 1 
nsecm.dll
Details File 1 
nsecm.sys
Details File 1 
00000000.dat
Details File 6 
update.msi
Details File 1 
wusvcd.exe
Details File 2 
wmimgnt.dll
Details File 2 
wmimgnt.exe
Details File 1 
temp56273.pdf
Details File 2 
iecache.dll
Details File 3 
acelpvc.dll
Details File 1 
acelpvc.sys
Details File 1 
turla_epic_cc_v1.pdf
Details File 1 
mfc64comm.sys
Details File 1 
adap64info.sys
Details File 1 
actmove.exe
Details File 1 
appned.exe
Details File 1 
boof.exe
Details File 1 
gflash.exe
Details File 1 
lnetcpl.exe
Details File 1 
qernet.exe
Details File 1 
serves.exe
Details File 1 
secury.exe
Details File 1 
webhelp.exe
Details File 1 
autocheck.exe
Details File 1 
xflash.exe
Details File 1 
inetcpl.exe
Details File 1 
activemov.exe
Details File 1 
xmlhelp.exe
Details File 1 
winspooler.exe
Details File 1 
xsocket.exe
Details File 1 
actmove.sys
Details File 1 
appned.sys
Details File 1 
boof.sys
Details File 1 
gflash.sys
Details File 1 
lnetcpl.sys
Details File 1 
qernet.sys
Details File 1 
serves.sys
Details File 1 
secury.sys
Details File 1 
webhelp.sys
Details File 1 
autocheck.sys
Details File 1 
xflash.sys
Details File 1 
inetcpl.sys
Details File 1 
activemov.sys
Details File 1 
xmlhelp.sys
Details File 1 
winspooler.sys
Details File 1 
xsocket.sys
Details File 1 
divxfix.dll
Details File 1 
dbdebug.dll
Details File 1 
countryfix.dll
Details File 1 
cdboot.dll
Details File 1 
bitcheck.dll
Details File 1 
biosfix.dll
Details File 1 
actproxy.dll
Details File 1 
activems.dll
Details File 1 
dsound4d.dll
Details File 1 
actmove.dll
Details File 1 
appned.dll
Details File 1 
qernet.dll
Details File 1 
boof.dll
Details File 1 
gflash.dll
Details File 1 
lnetcpl.dll
Details File 1 
serves.dll
Details File 1 
secury.dll
Details File 1 
activems.sys
Details File 1 
actproxy.sys
Details File 1 
biosfix.sys
Details File 1 
bitcheck.sys
Details File 1 
cdboot.sys
Details File 1 
countryfix.sys
Details File 1 
dbdebug.sys
Details File 1 
divxfix.sys
Details File 1 
dsound4d.sys
Details File 9 
result.dat
Details File 22 
data.dat
Details File 5 
acrobat.dll
Details File 1 
first.tmp
Details File 1 
ieloader.dll
Details File 1 
orepst.dll
Details File 1 
pstore.dll
Details File 1 
msdxofg.dll
Details File 1 
atllib.dll
Details File 1 
ndisxapi.sys
Details File 1 
492dc600e22de6da96898e097566bc01309b5996.html
Details File 1 
rootkit.html
Details File 1 
ms1e.tmp
Details File 1 
fmifen.tmp
Details File 1 
wpa.db
Details File 1 
l.bak
Details File 1 
sslkey.exe
Details File 3 
adpu321.sys
Details File 1 
hpnd5x86.sys
Details File 3 
igdkmd16b.sys
Details File 1 
msgdi32.sys
Details File 1 
mssfdr.sys
Details File 1 
mssloct.sys
Details File 1 
mssygx.sys
Details File 1 
ntrbos.sys
Details File 1 
qd240x86.sys
Details File 1 
qd260x86.sys
Details File 748 
kernel32.dll
Details File 4 
godown.dll
Details File 1 
fafcadf75afd0b.html
Details File 1 
winns.exe
Details File 1 
kbdarpe.dll
Details File 3 
teamspy.pdf
Details File 1 
cryptapi32.dll
Details File 1 
rasmgr.dll
Details File 1 
raseap.dll
Details File 1 
c:\windows\system32\microsoft\protect\windows\svshost.exe
Details File 1 
c:\windows\system32\microsoft\protect\windows\svchost.exe
Details File 3 
adobe.dll
Details Github username 11 
yara-rules
Details Github username 35 
neo23x0
Details md5 3 
b834ebeb777ea07fb6aab6bf35cdf07f
Details md5 3 
ad19fbaa55e8ad585a97bbcddcde59d4
Details md5 3 
f8153747bae8b4ae48837ee17172151e
Details md5 3 
cc1db5360109de3b857654297d262ca1
Details md5 3 
7a4e2d2638a454442efb95f23df391a1
Details md5 3 
5b855cff1dba22ca12d4b70b43927db7
Details md5 3 
d102bdad06b27616babe442e14461059
Details md5 1 
6719FF0EAB92F8C88C0E34CB54EA92BB
Details sha1 1 
4dd95ce1ec9941f362d4a6ceb65ab915dbfd9458
Details sha1 1 
453f502cf1db45bf234600d50127ec8fad1003a6
Details sha1 1 
8805f1d7d603face71d5c926af7d7e84e7120456
Details sha1 1 
6b3f6b6fb370836ea78bbfb68f00308d374a897c
Details sha1 1 
4f9786ddd6e75750221c59dcecc6e84822cf6050
Details sha1 1 
492dc600e22de6da96898e097566bc01309b5996
Details sha1 1 
bad7b98554f38ad3883d3f864777c8806f7797a0
Details sha256 1 
71eb7c15a026d011cca82fed8b634c10b569bb6b0cda1af532287218b9ee110f
Details sha256 1 
bf9eba33cf5f161ae8260732ba0a80fbfacac99957d6b9fd4ca36795175dc798
Details sha256 1 
b3df5e63a72bf60c5ffda75e663037463874ccd446f123fca3630e7ce3f3b23a
Details sha256 1 
febc132c608fe85ecf4b235b80426cf2d722143fbfee5996fdaa167509115e60
Details sha256 1 
9e97a774cfc8a92e9f2dd6e074784dea215eceaf3dc90a560164aad98b9f9052
Details sha256 1 
53c0d4d159aad1022bd8c7df263921c9799bd31ee75515c84d05a77584ccf539
Details sha256 1 
d431ba45cc2182f7c9e153586a6b153a286ccfcd4f26d83d246c3611d48fced9
Details sha256 1 
33460a8f849550267910b7893f0867afe55a5a24452d538f796d9674e629acc4
Details sha256 1 
63d5d58cb833f84c4c2687a7cb8303ca1306022ba01f68337d2180fd6521def8
Details sha256 1 
ce792f3ed7eaa53b1a26bf0d879e861f645413c7f629e6db8e14a5feff61e517
Details sha256 1 
c924855408cca3dc55555f5b9ad1e1f2ab3b3d1558e13e8464f3db4578d41056
Details sha256 1 
12f5968b1d551f7a35adc482f5cfe957b1caf0513daba9c6c7187b478ddc81a7
Details sha256 1 
23be7e7eeb654533ca82bd6564a6ddf53a31eb61f4793856106da7d979764fa8
Details sha256 1 
9344b0b20a28fd50e28025c984cbeaff8216cfaab247dbca57f680f1356eec2a
Details sha256 1 
9363ae91667316a3bbffaf47d181d84c8a832812b4d89a56e942b32337f76b9a
Details sha256 1 
6e3a7fe487b928726fb55907faa344dcfd10b0e3c0bfc3c2e8268bd5baef19d1
Details sha256 1 
ba5f55cca1d119fa602cc21b5b3dfbe2a47f5416ecdcf5c165ef635d5a4eeb62
Details sha256 1 
554924ebdde8e68cb8d367b8e9a016c5908640954ec9fb936ece07ac4c5e1b75
Details sha256 1 
333875eb8a6baa773d69e38e8f05d914def30750fdec3d9f2c8fbb01efa80fe1
Details sha256 1 
9bae0b89aa47f37f199d0b38ca8631020c9d221ea3e66aafecb7105c064ae343
Details sha256 1 
c6776d9ebe91b2d33b3ac36c845528fd7a81b35095beffbd2ea080fe6eab67cf
Details sha256 2 
32159d2a16397823bc882ddd3cd77ecdbabe0fde934e62f297b8ff4d7b89832a
Details sha256 2 
63735d555f219765d486b3d253e39bd316bbcb1c0ec595ea45ddf6e419bef3cb
Details sha256 2 
c074aeef97ce81e8c68b7376b124546cabf40e2cd3aff1719d9daa6c3f780532
Details sha256 2 
dc18850d065ff6a8364421a9c8f9dd5fcce6c7567f4881466cee00e5cd0c7aa8
Details sha256 2 
ec41b029c3ff4147b6a5252cb8b659f851f4538d4af0a574f7e16bc1cd14a300
Details sha256 1 
7ba09403e9d7122a20fa510de11f7809822e6e11efb164414e2148b762cf4e75
Details sha256 1 
2007aa72dfe0c6c93beb44f737b85b6cd487175e7abc6b717dae9344bed46c6c
Details sha256 1 
de4ff8901766e8fc89e8443f8732394618bf925ce29b6a8aafe1d60f496e7f0e
Details sha256 1 
b338b7f6fdaa187583ce858cd0dcfee08e4dc66edebad321d3f5bd23548b2fb5
Details sha256 1 
5e49440b907b271eb952101b5d337625b890d88a76a232ce04a2276542dfb4b0
Details sha256 1 
668ce24473d788791d2bfee0caec2d10dca52b5bc8c021bf06f9eb3527688ade
Details sha256 1 
6f8e344bb529364ca5bab7f0d73216437040e9922917e2e85a862bcb2a90929c
Details sha256 1 
192805e26bb4b8ecb7579bb38fdc1adc2d63f55f03b1c221a377d72ca3ef29f0
Details sha256 1 
417542fd4be726db4e9ce3c24eb26f9b7c82cfaea1f918ced567c67a098fd2a6
Details sha256 1 
5cda2f749e59cd4e364ff54d347f776dee78632fc75e7f949e0f36429571fa68
Details sha256 1 
2db467faac6a4a29d735a61e62310a0d5090019d72bebf793684c7c36817de3c
Details sha256 1 
f0d2306186da1e0d73e95eb098a2a63d1026671359433831cc57d6de853ebfd5
Details sha256 1 
a1daf65f9c6042b347bf6df3eef7c04c19eb6086176c8fee6196bc4d1af13a13
Details sha256 1 
3de70d94e6448752a7758484d887e80fd0c42a370c7a3f9cdb1cff103308df43
Details sha256 1 
fb253831862d882b0d22cb2cb2a80d423cae92a6218ac3d126fafcadf75afd0b
Details sha256 2 
7f6f9645499f5840b59fb59525343045abf91bc57183aae459dca98dc8216965
Details sha256 1 
9d9697509adfd039f214b036497c16c21395f97eb8a58847ae46e7f37846414a
Details sha256 1 
8131e0ad082a7c0f0c8ecd1699f4d7480e6e535c04e1514543727ca31d630a1d
Details sha256 1 
cdcb5144c36c3aee7604fbafa191c51475ff11eaf7e2fba1bdf4f836edc4cda5
Details sha256 1 
e9dd6420aa2db28ae5eeb3963d020e1873de8e3109bfcb38e9116b9e51377969
Details sha256 1 
47a49caaa6bd9bb4014f311369a610bdd0405eb36b19ed5f88ef232b0ac43483
Details sha256 1 
ce363e58b8654642fee57ea84e9b3ca82393bb621d4822b964487912e1cf3f53
Details Pdb 1 
mfc42l00.pdb
Details Pdb 1 
'mfc42l00.pdb
Details Threat Actor Identifier by NSA 1 
SIG10
Details Threat Actor Identifier by NSA 1 
SIG11
Details Threat Actor Identifier by NSA 1 
SIG12
Details Threat Actor Identifier by NSA 1 
SIG13
Details Threat Actor Identifier by NSA 1 
SIG14
Details Threat Actor Identifier by NSA 3 
SIG15
Details Threat Actor Identifier by NSA 1 
SIG16
Details Threat Actor Identifier by NSA 1 
SIG17
Details Threat Actor Identifier by NSA 1 
SIG18
Details Threat Actor Identifier by NSA 1 
SIG19
Details Threat Actor Identifier by NSA 2 
SIG20
Details Threat Actor Identifier by NSA 1 
SIG21
Details Threat Actor Identifier by NSA 3 
SIG22
Details Threat Actor Identifier by NSA 5 
SIG23
Details Threat Actor Identifier by NSA 1 
SIG24
Details Threat Actor Identifier by NSA 6 
SIG25
Details Threat Actor Identifier by NSA 1 
SIG26
Details Threat Actor Identifier by NSA 1 
SIG27
Details Threat Actor Identifier by NSA 1 
SIG28
Details Threat Actor Identifier by NSA 1 
SIG29
Details Threat Actor Identifier by NSA 1 
SIG30
Details Threat Actor Identifier by NSA 1 
SIG31
Details Threat Actor Identifier by NSA 1 
SIG32
Details Threat Actor Identifier by NSA 1 
SIG33
Details Threat Actor Identifier by NSA 1 
SIG34
Details Threat Actor Identifier by NSA 1 
SIG35
Details Threat Actor Identifier by NSA 1 
SIG36
Details Threat Actor Identifier by NSA 4 
SIG37
Details Threat Actor Identifier by NSA 1 
SIG38
Details Threat Actor Identifier by NSA 3 
SIG39
Details Threat Actor Identifier by NSA 9 
SIG40
Details Threat Actor Identifier by NSA 1 
SIG41
Details Threat Actor Identifier by NSA 1 
SIG42
Details Threat Actor Identifier by NSA 1 
SIG43
Details Threat Actor Identifier by NSA 1 
SIG44
Details Threat Actor Identifier by NSA 1 
SIG45
Details Url 4 
http://www.crysys.hu
Details Url 1 
https://en.wikipedia.org/wiki/the_shadow_brokers
Details Url 2 
https://www.f-secure.com/v-descs/worm_w32_agent_btz.shtml
Details Url 1 
https://www.wired.com/2008/11/army-bans-usb-d
Details Url 5 
http://blog.threatexpert.com/2008/11/agentbtz-threat-that-hit-pentagon.html
Details Url 1 
https://totalhash.cymru.com/analysis/?4dd95ce1ec9941f362d4a6ceb65ab915dbfd9458
Details Url 1 
https://virustotal.com/hu/file/71eb7c15a026d011cca82fed8b634c10b569bb6b0cda1af53228
Details Url 1 
https://www.trendmicro.com/vinfo/us/threat-
Details Url 1 
https://www.mcafee.com/threat-intelligence/malware/default.aspx?id=141194
Details Url 1 
http://blog.talosintelligence.com/2014/04/snake-campaign-few-words-about-
Details Url 1 
http://thehackernews.com/2014/03/uroburos-rootkit-most-sophisticated-3.html
Details Url 1 
https://home.mcafee.com/virusinfo/virusprofile.aspx?key=4367516#none
Details Url 1 
http://telussecuritylabs.com/threats/show/tsl20120120-06
Details Url 1 
https://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-
Details Url 1 
https://www.symantec.com/security_response/writeup.jsp?docid=2003
Details Url 1 
https://securelist.com/blog/incidents/34344/the-flame-questions-and-answers-51
Details Url 1 
https://www.crysys.hu/skywiper/skywiper.pdf
Details Url 1 
https://securelist.com/analysis/publications/68560/miniflame-aka-spe-elvis-and-his-
Details Url 1 
https://www.wired.com/2012/10/miniflame-espionage-tool
Details Url 1 
https://www.trendmicro.com/vinfo/us/threat-encyclopedia/malware/troj_dloadr.yq
Details Url 1 
https://home.mcafee.com/virusinfo/virusprofile.aspx?key=1727735#none
Details Url 1 
https://www.mcafee.com/threat-intelligence/malware/default.aspx?id=305192
Details Url 1 
https://webcache.googleusercontent.com/search?q=cache:8oumzacr0zoj:https://kam.lt/d
Details Url 1 
https://github.com/yara-rules/rules/blob/master/malware/apt_cheshirecat.yar
Details Url 1 
https://malware-research.org/prepare-father-of-stuxnet-news-are-coming
Details Url 2 
https://www.welivesecurity.com/2015/06/30/dino-spying-malware-analyzed
Details Url 2 
https://securelist.com/blog/research/69114/animals-in-the-apt-farm
Details Url 2 
https://www.symantec.com/security_response/writeup.jsp?docid=2010
Details Url 1 
https://www.wired.com/2010/03/source-code-hacks
Details Url 1 
https://www.symantec.com/connect/blogs/trojanhydraq-incident-analysis-aurora-0-day-
Details Url 1 
https://www.symantec.com/connect/blogs/trojanhydraq-incident
Details Url 1 
https://malwr.com/analysis/ztdlnjrmmgnhmzqznge5zjhkm2q5ymm1mjqzyzawowi
Details Url 1 
http://www.crysys.hu/turlaepiccc/turla_epic_cc_v1.pdf
Details Url 3 
https://securelist.com/analysis/publications/65545/the-epic-turla-operation
Details Url 1 
https://www.virustotal.com/hu/file/de4ff8901766e8fc89e8443f8732394618bf925ce29b6a8a
Details Url 1 
http://securelist.com/blog/research/66779/the-darkhotel-apt
Details Url 1 
https://blog.kaspersky.com/darkhotel-apt/6613
Details Url 1 
https://www.symantec.com/security_response/writeup.jsp?docid=2011
Details Url 1 
https://www.trendmicro.com/vinfo/us/threat-encyclopedia/malware/troj_hidfile.ab
Details Url 1 
https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-
Details Url 1 
https://www.mcafee.com/threat-intelligence/malware/default.aspx?id=253485
Details Url 1 
https://www.trendmicro.com/vinfo/us/threat-encyclopedia/malware/troj_cmse.a
Details Url 1 
http://sha1.virscan.org/492dc600e22de6da96898e097566bc01309b5996.html
Details Url 1 
http://artemonsecurity.blogspot.hu/2012/12/analysis-of-virtoolwinntexforela-
Details Url 1 
https://home.mcafee.com/virusinfo/virusprofile.aspx?key=145695#none
Details Url 1 
https://www.virustotal.com/en/file/2db467faac6a4a29d735a61e62310a0d5090019d72bebf79
Details Url 1 
https://home.mcafee.com/virusinfo/virusprofile.aspx?key=7825284
Details Url 18 
https://www.virustotal.com/#
Details Url 1 
https://repo.cryptam.com/reports/fb253831862d882b0d22cb2cb2a80d423cae92a6218ac3d126
Details Url 1 
https://www.crysys.hu/teamspy/teamspy.pdf
Details Url 1 
https://virustotal.com/en/file/7f6f9645499f5840b59fb59525343045abf91bc57183aae459dc
Details Url 1 
https://www.trendmicro.com/vinfo/us/threat-encyclopedia/malware/troj_swisyn.smfp
Details Url 1 
https://www.virustotal.com/en/file/322cc4328e46bad28f12d1e4aa781c1cc6bcfb22fa24bb6a
Details Url 1 
https://home.mcafee.com/virusinfo/virusprofile.aspx?key=964778
Details Url 1 
https://www.symantec.com/security_response/writeup.jsp?docid=2006
Details Url 8 
https://github.com/neo23x0/signature-base
Details Windows Registry Key 2 
HKEY_LOCAL_MACHINE\Software\Sun\1.1.2
Details Windows Registry Key 41 
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run