8e775324...2393 | VMRay Analyzer Report
Logo
Try VMRay Analyzer
VTI SCORE: 100/100
Dynamic Analysis Report
Classification:
Ransomware
Dropper
Threat Names:
Trojan.MSIL.Basic.6.Gen
Mal/Generic-S

bbc.exe

Windows Exe (x86-32)

Created 4 years ago

...

VMRay Threat Identifiers (13 rules, 28 matches)

SeverityCategoryOperationCountClassification
5/5
AntivirusMalicious content was detected by heuristic scan2-
5/5
ReputationKnown malicious file2-
4/5
User Data ModificationRenames user files1Ransomware
4/5
User Data ModificationModifies content of user files1Ransomware
2/5
Hide TracksDeletes file after execution1-
2/5
Anti AnalysisTries to detect virtual machine1-
2/5
Anti AnalysisCreates an unusually large number of processes1-
1/5
Hide TracksCreates process with hidden window14-
1/5
MutexCreates mutex1-
1/5
PersistenceInstalls system startup script or application1-

Screenshots

Monitored Processes

Process GraphProcess Graph Legend

MITRE ATT&CK™ Matrix - Windows

ActiveAll
Version: 2019-04-25 20:53:07.719000
Initial Access
Execution
Persistence
Registry Run Keys / Startup Folder
Privilege Escalation
Defense Evasion
Virtualization / Sandbox Evasion
Hidden Window
Credential Access
Discovery
Virtualization / Sandbox Evasion
System Time Discovery
Lateral Movement
Collection
Command and Control
Exfiltration
Impact
Data Encrypted for Impact

Sample Information

ID#1896049
MD5
19f207b20b1d2a05aba1a1eb59da54d2
SHA1
8d75108ec34fd79f8336041d5ff31443cc527add
SHA256
8e775324fc69a677394cf6d079d1d45bf53af10acd683bda53e5f86a8a192393
SSDeep
1536:eXoKlnzpMyqDQ+IJDDctJUX0DKR+cQpOJ0ILn6Cw+9WdlIgoAG4FbrZvJdEwP9dI:uomnzVincQDKgcQpHIbHIlDRrZRdp9dI
ImpHash
e9c0657252137ac61c1eeeba4c021000
Filenamebbc.exe
File Size88.48 KB
Sample TypeWindows Exe (x86-32)

Analysis Information

Creation Time2021-01-22 15:01 (UTC+)
Analysis Duration00:04:00
Number of Monitored Processes562
Execution SuccessfulTrue
Reputation EnabledTrue
WHOIS EnabledFalse
Local AV EnabledTrue
Local AV Applied OnSample Files, PCAP File, Downloaded Files, Dropped Files, Modified Files, Memory Dumps
YARA EnabledTrue
YARA Applied OnSample Files, PCAP File, Downloaded Files, Dropped Files, Modified Files, Memory Dumps
Number of AV Matches2
Number of YARA Matches0
Termination ReasonTimeout
VMRay - Analyzer - www.vmray.com
Legal Note - Privacy Policy
Function Logfile
Download-Icon
Exit-Icon

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy". 


    

   

   

    Before
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    After
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    

     
      

       
       
       
       
      

     
     
     
    

   

  

  

   

    
    

     Screenshot
    

    

     Expand-Icon
    

    

     Exit-Icon
    

   

   

    

     icon_left
    

    

     icon_left
    

   

   

   

   

    image