Win32/Cryptor | Joachim De Zutter
Filename: shared.exe
Filesize: 134144
MD5: f0418bd911e063fe7c8c4cf0e79615d5
SHA1: c2e44322b56a5912f3acbc15deb66692b07ce06e
SHA256: 53a9261f7088091ea27103cad0735cf6071db403ef4afd891af409f102d24e60
Performs DNS queries for slade.safehousenumber.com, murik.portal-protection.net.ru, world.rickstudio.ru, banana.cocolands.su, portal.roomshowerbord.com.
portal.roomshowerbord.com resolved to 146.185.244.237

http://www.utrace.de/?query=146.185.244.237
Provider: Petersburg Internet Network ltd., Region: Saint Petersburg (Russia)

Listens for UDP packets on port 1040 and 1045.
Sent UDP packets to port 33111 of 146.185.244.237
Received UDP packets on port 1040 and 1045 from 146.185.244.237