0761d457...5af4 | Environment
Try VMRay Analyzer
VTI SCORE: 100/100
Dynamic Analysis Report
Classification: Trojan

Virtual Machine Information

Name:win7_64_sp1
Description:
Architecture:x86 64-bit
Operating System:Windows 7
Kernel Version:6.1.7601.17514 (3844dbb9-2017-4967-be7a-a4a2c20430fa)
Network Scheme Name:Local Gateway
Network Config Name:Local Gateway

Analyzer Information

Analyzer Version3.1.2
Dynamic Engine Version3.1.2 / 2019-10-28 10:10 (UTC+)
Static Engine Version1.2.1 / 2019-10-28 10:10 (UTC+)
Local AV VersionAVCORE v2.1 Linux/x86_64 11.0.1.18 (Aug 9, 2017)
Local AV Database Update Release Date2019-12-26 05:27:32+00:00
VTI Ruleset Version3.5
YARA Built-in Ruleset Version1.4
Analysis Report Layout Version6

Software Information

Adobe Acrobat Reader Version10.0.0
Microsoft Office2010
Microsoft Office Version14.0.4762.1000
Internet Explorer Version8.0.7601.17514
Chrome Version58.0.3029.110
Firefox Version25.0
Flash Version11.2.202.233
Java Version7.0.450.18

System Information

Sample DirectoryC:\Users\5p5NrGJn0jS HALPmcxz\Desktop
Computer NameXDUWTFONO
User DomainXDUWTFONO
User Name5p5NrGJn0jS HALPmcxz
User ProfileC:\Users\5p5NrGJn0jS HALPmcxz
Temp DirectoryC:\Users\5P5NRG~1\AppData\Local\Temp
System RootC:\Windows

Randomly Created Artifacts

This section provides information about processes and files that were created before the analysis was started. This is one of many steps designed to make the analysis system look more realistic and prevent evasion by environment aware malware. The number of randomly generated artifacts can be changed in the configuration.

»
Processes (21)
»
Files (286)
Function Logfile
Exit-Icon

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".


    
Before

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".


    
After

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".


    
Screenshot
Expand-Icon
Exit-Icon
icon_left
icon_left
image