53cbae26...d4ee | VMRay Analyzer Report
Logo
Try VMRay Analyzer
VTI SCORE: 100/100
Dynamic Analysis Report
Classification:
Ransomware
Threat Names:
Trojan.Ransom.AIG

dttcodexgigas.5ac3e23c0c50b5cb8ca01b675b827995ada38e5b.exe

Windows Exe (x86-32)

Created 5 years ago

...

VMRay Threat Identifiers (9 rules, 3473 matches)

SeverityCategoryOperationCountClassification
5/5
AntivirusMalicious content was detected by heuristic scan2-
4/5
User Data ModificationRenames user files1Ransomware
2/5
Data CollectionReads sensitive browser data1-
2/5
System ModificationChanges the desktop wallpaper.1-
1/5
PersistenceInstalls system startup script or application1-
1/5
System ModificationModifies application directory3389-
1/5
DiscoveryPossibly does reconnaissance1-
1/5
System ModificationModifies operating system directory76-
1/5
System ModificationCreates an unusually large number of files1-

Screenshots

Monitored Processes

Process GraphProcess Graph Legend

MITRE ATT&CK™ Matrix - Windows

ActiveAll
Version: 2019-04-25 20:53:07.719000
Initial Access
Execution
Persistence
Registry Run Keys / Startup Folder
Privilege Escalation
Defense Evasion
Modify Registry
Credential Access
Credentials in Files
Discovery
File and Directory Discovery
Lateral Movement
Collection
Automated Collection
Data from Local System
Command and Control
Exfiltration
Impact
Data Encrypted for Impact
Defacement

Sample Information

ID#1234029
MD5
8504ce2e89ae8130ac2de60e9814783b
SHA1
5ac3e23c0c50b5cb8ca01b675b827995ada38e5b
SHA256
53cbae26f53ed578a6da78de7ebf3ab0c21f33b81049b3c310703cf5c4fdd4ee
SSDeep
24576:Nhkub2MxX+RTuXP5/P6YmwV0db6s623ZFKgwyl:NhkubVx8w5nbpVSOg3Zb
ImpHash
0ee5d9cb6f5676c02853dce193d35794
Filenamedttcodexgigas.5ac3e23c0c50b5cb8ca01b675b827995ada38e5b.exe
File Size4569.50 KB
Sample TypeWindows Exe (x86-32)

Analysis Information

Creation Time2020-08-21 23:08 (UTC+)
Analysis Duration00:02:00
Number of Monitored Processes1
Execution SuccessfulTrue
Reputation EnabledTrue
WHOIS EnabledFalse
Local AV EnabledTrue
Local AV Applied OnSample Files, PCAP File, Downloaded Files, Dropped Files, Modified Files, Memory Dumps
YARA EnabledTrue
YARA Applied OnSample Files, PCAP File, Downloaded Files, Dropped Files, Modified Files, Memory Dumps
Number of AV Matches3
Number of YARA Matches0
Termination ReasonAll processes terminated
VMRay - Analyzer - www.vmray.com
Legal Note - Privacy Policy
Function Logfile
Download-Icon
Exit-Icon

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy". 


    

   

   

    Before
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    After
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    

     
      

       
       
       
       
      

     
     
     
    

   

  

  

   

    
    

     Screenshot
    

    

     Expand-Icon
    

    

     Exit-Icon
    

   

   

    

     icon_left
    

    

     icon_left
    

   

   

   

   

    image