7eef6ef8fed53b7c3bf61ba821f375a0a433ea4cb0185fd223780b729a9a5792 (SHA256)
output.113528456.txt.exe
Windows Exe (x86-32)
Created at 2018-08-10 04:08:00
Notifications (1/1)
The maximum number of reputation file hash requests (20 per analysis) was exceeded. As a result, the reputation status could not be queried for all file hashes. In order to get the reputation status for all file hashes, please increase the 'Max File Hash Requests' setting in the system configurations.
| Severity | Category | Operation | Classification | |
|---|---|---|---|---|
|
5/5
|
YARA | YARA match | Backdoor, Spyware | |
|
||||
|
||||
|
||||
|
||||
|
||||
|
4/5
|
Masquerade | Uses a double file extension | Riskware | |
|
||||
|
3/5
|
Anti Analysis | Tries to detect the presence of antivirus software | - | |
|
||||
|
3/5
|
Browser | Reads data related to browser cookies | - | |
|
||||
|
||||
|
||||
|
||||
|
3/5
|
Browser | Reads data related to saved browser credentials | - | |
|
||||
|
2/5
|
Anti Analysis | Resolves APIs dynamically to possibly evade static detection | - | |
|
||||
|
2/5
|
File System | Known suspicious file | Trojan | |
|
||||
|
||||
|
2/5
|
Network | Associated with known malicious/suspicious URLs | - | |
|
||||
|
||||
|
||||
|
1/5
|
Process | Creates process with hidden window | - | |
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
1/5
|
Process | Creates system object | - | |
|
||||
|
||||
|
1/5
|
Network | Performs DNS request | - | |
|
||||
|
||||
|
||||
|
||||
|
1/5
|
Network | Connects to remote host | - | |
|
||||
|
||||
|
1/5
|
Network | Downloads data | Downloader | |
|
||||
|
||||
|
||||
|
1/5
|
Network | Connects to HTTP server | - | |
|
||||
|
||||
|
||||
|
1/5
|
PE | Drops PE file | Dropper | |
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
1/5
|
PE | Executes dropped PE file | - | |
|
||||
|
||||
