ShrugTwo.exe
Created 5 years ago
Virtual Machine Information
Name: | win7_64_sp1 |
Description: | |
Architecture: | x86 64-bit |
Operating System: | Windows 7 |
Kernel Version: | 6.1.7601.17514 (3844dbb9-2017-4967-be7a-a4a2c20430fa) |
Network Scheme Name: | Local Gateway |
Network Config Name: | Local Gateway |
Analyzer Information
Analyzer Version | 3.1.2 |
Dynamic Engine Version | 3.1.2 / 2019-10-28 10:10 (UTC+) |
Static Engine Version | 1.2.1 / 2019-10-28 10:10 (UTC+) |
Local AV Version | AVCORE v2.1 Linux/x86_64 11.0.1.18 (Aug 9, 2017) |
Local AV Database Update Release Date | 2019-12-26 05:27:32+00:00 |
VTI Ruleset Version | 3.5 |
YARA Built-in Ruleset Version | 1.4 |
Analysis Report Layout Version | 6 |
Software Information
Adobe Acrobat Reader Version | 10.0.0 |
Microsoft Office | 2010 |
Microsoft Office Version | 14.0.4762.1000 |
Internet Explorer Version | 8.0.7601.17514 |
Chrome Version | 58.0.3029.110 |
Firefox Version | 25.0 |
Flash Version | 11.2.202.233 |
Java Version | 7.0.450.18 |
System Information
Sample Directory | C:\Users\5p5NrGJn0jS HALPmcxz\Desktop |
Computer Name | XDUWTFONO |
User Domain | XDUWTFONO |
User Name | 5p5NrGJn0jS HALPmcxz |
User Profile | C:\Users\5p5NrGJn0jS HALPmcxz |
Temp Directory | C:\Users\5P5NRG~1\AppData\Local\Temp |
System Root | C:\Windows |
Randomly Created Artifacts
This section provides information about processes and files that were created before the analysis was started. This is one of many steps designed to make the analysis system look more realistic and prevent evasion by environment aware malware. The number of randomly generated artifacts can be changed in the configuration.