Hidden Files and Directories
DRV.exe
Windows Exe (x86-32)
Created 5 years ago
VMRay Threat Identifiers (5 rules, 5 matches)
| Severity | Category | Operation | Count | Classification | |
|---|---|---|---|---|---|
5/5 | Antivirus | Malicious content was detected by heuristic scan | 1 | - | |
4/5 | User Data Modification | Modifies content of user files | 1 | Ransomware | |
4/5 | User Data Modification | Renames user files | 1 | Ransomware | |
2/5 | Hide Tracks | Hides files | 1 | - | |
1/5 | System Modification | Creates an unusually large number of files | 1 | - |
Screenshots
Monitored Processes
MITRE ATT&CK™ Matrix - Windows
ActiveAll
Version: 2019-04-25 20:53:07.719000
Initial Access
Execution
Persistence
Privilege Escalation
Defense Evasion
Hidden Files and Directories
Credential Access
Discovery
Lateral Movement
Collection
Command and Control
Exfiltration
Impact
Data Encrypted for Impact
Sample Information
| ID | #450070 |
| MD5 | |
| SHA1 | |
| SHA256 | |
| SSDeep | |
| ImpHash | |
| Filename | DRV.exe |
| File Size | 211.00 kB |
| Sample Type | Windows Exe (x86-32) |
Analysis Information
| Creation Time | 2020-02-02 05:02 (UTC+) |
| Analysis Duration | 00:04:00 |
| Number of Monitored Processes | 2 |
| Execution Successful |  |
| Reputation Enabled | |
| WHOIS Enabled |  |
| Local AV Enabled | |
| Local AV Applied On | Sample Files, PCAP File, Downloaded Files, Dropped Files, Modified Files, Memory Dumps |
| YARA Enabled | |
| YARA Applied On | Sample Files, PCAP File, Downloaded Files, Dropped Files, Modified Files, Memory Dumps |
| Number of AV Matches | 1 |
| Number of YARA Matches | 0 |
| Termination Reason | Timeout |
