wwllww.vexe.exe
Windows Exe (x86-32)
Created 5 years ago
Remarks (2/2)
(0x0200000E): The overall sleep time of all monitored processes was truncated from "30 seconds" to "10 seconds" to reveal dormant functionality.
Virtual Machine Information
| Name | win10_64_rs2 |
| Description | Windows 10 RS2 |
| Architecture | x86 64-bit |
| Operating System | Windows 10 Redstone 2 |
| Kernel Version | 10.0.15063.540 (f6f48955-5489-4b24-b4df-942361f0730d) |
| Network Scheme Name | Local Gateway |
| Network Config Name | Local Gateway |
Analyzer Information
| Analyzer Version | 3.2.1 |
| Dynamic Engine Version | 3.2.1 / 2020-01-31 06:01 (UTC+) |
| Static Engine Version | 1.3.0 / 2020-01-31 06:01 (UTC+) |
| Local AV Version | AVCORE v2.1 Linux/x86_64 11.0.1.19 (January 14, 2020) |
| Local AV Database Update Release Date | 2020-02-03 05:35:28+00:00 |
| VTI Ruleset Version | 3.6 |
| YARA Built-in Ruleset Version | 1.5 |
| Analysis Report Layout Version | 7 |
Software Information
| Adobe Acrobat Reader Version | 18.009.20050 |
| Microsoft Office | 2016 |
| Microsoft Office Version | 16.0.4266.1003 |
| Internet Explorer Version | 11.540.15063.0 |
| Chrome Version | 61.0.3163.79 |
| Firefox Version | 55.0.3 |
| Flash Version | 25.0.0.148 |
| Java Version | 8.0.1440.1 |
System Information
| Sample Directory | C:\Users\FD1HVy\Desktop |
| Computer Name | NQDPDE |
| User Domain | NQDPDE |
| User Name | FD1HVy |
| User Profile | C:\Users\FD1HVy |
| Temp Directory | C:\Users\FD1HVy\AppData\Local\Temp |
| System Root | C:\WINDOWS |
Randomly Created Artifacts
This section provides information about processes and files that were created before the analysis was started. This is one of many steps designed to make the analysis system look more realistic and prevent evasion by environment aware malware. The number of randomly generated artifacts can be changed in the configuration.
