VMRay Analyzer Report
Analysis Information
Creation Time2016-09-26 12:41 (UTC+2)
VM Analysis Duration Time00:02:45
Execution SuccessfulTrue
Sample Filename249bebc650b7160cfeee41d08bc61dc220ecb740.malware.exe
Command Line ParametersFalse
PrescriptFalse
Number of Processes9
Termination ReasonTimeout
Download Function Logfile Generic Logfile PCAP STIX/CybOX
VTI Information
VTI Score
75 / 100
VTI Database Version2.2
VTI Rule Match Count23
VTI Rule TypeDefault (PE, ...)
Tags
The tags feature is only available in the fully licensed version of VMRay Analyzer.
Screenshots
Screenshot Screenshot Screenshot Screenshot Screenshot Screenshot
Monitored Processes
Process Graph


IDPIDMonitor ReasonImage NameCommand LineOrigin ID
#10xc8cAnalysis Target249bebc650b7160cfeee41d08bc61dc220ecb740.malware.exe"C:\Users\WI2yhmtI onvScY7Pe\Desktop\249bebc650b7160cfeee41d08bc61dc220ecb740.malware.exe"
#20xd78Child Processxumiasww.exe"C:\Users\WI2yhmtI onvScY7Pe\ayooEMEE\XuMIAsww.exe"#1
#30xdb8Child Processyoummieo.exe"C:\ProgramData\VmYMsIgM\YOUMMIEo.exe"#1
#40x4Created DaemonSystem#1
#50xe00Created Daemonxuaecwog.exeC:\ProgramData\BAIEAAcU\xUAEcwog.exe#1
#60xe38Child Processcmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\WI2yhmtI onvScY7Pe\Desktop\249bebc650b7160cfeee41d08bc61dc220ecb740.malware"#1
#70xe4cChild Processreg.exereg add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /f /v HideFileExt /t REG_DWORD /d 1#1
#90xe60Child Processreg.exereg add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /f /v Hidden /t REG_DWORD /d 2#1
#100xe68Child Processreg.exereg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /d 0 /t REG_DWORD /f#1
Sample Information
ID#609232
MD5 Hash Valuea66df34f40f1345861846918f4f8f56d
SHA1 Hash Value249bebc650b7160cfeee41d08bc61dc220ecb740
SHA256 Hash Value91de42dda9985493ed08b1e6b7f5c3931135189a5455a3afb9bac8cc8d7c0870
Filename249bebc650b7160cfeee41d08bc61dc220ecb740.malware.exe
File Size1.99 MB (2084864 bytes)
File TypeWindows Exe (x86-32)
Analyzer and Virtual Machine Information
Analyzer Version1.11.0
Analyzer Build Date2016-09-19 10:58 (UTC+2)
VM Namewin10_64
VM DescriptionWindows 10 (64-bit)
VM Architecturex86 64-bit
VM OSWindows 10
VM Kernel Version10.0.10240.16384 (c68ee22f-dcf6-4778-95c5-4a862be16567)
Function Logfile
Download-Icon
Exit-Icon

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefox with deactivated setting "security.fileuri.strict_origin_policy". 
































Screenshot



Expand-Icon


Exit-Icon






icon_left




icon_left








image