Dynamic Analysis Report
Created 2 years ago
558944fc2adfcd051a2f55cf18141d0b6e70282d51bb425e4035c09d39aac49a.exe
Windows Exe (x86-32)
Remarks (2/3)
(0x02000008): One or more processes crashed during the analysis. Analysis results may be incomplete.
(0x0200000E): The overall sleep time of all monitored processes was truncated from "7 minutes, 17 seconds" to "20 seconds" to reveal dormant functionality.
Remarks
(0x0200001F): Code in memory was overwritten during this analysis. Review the corresponding VTI for more information.
(0x0200004A): 3 dump(s) were skipped because they exceeded the maximum dump size of 16 MB. The largest one was 512 MB.
Monitored Processes
Behavior Information - Grouped by Category
Process #1: 558944fc2adfcd051a2f55cf18141d0b6e70282d51bb425e4035c09d39aac49a.exe
1287
2747Process #2: miner.exe
6
0Process #3: vbc.exe
40Process #4: kk.exe
700Process #5: 360.exe
00Process #6: word.exe
890Process #8: 360.exe
00Process #9: portable.exe
3100Process #10: werfault.exe
00Process #11: malwr.exe
1560Process #13: lyla131.exe
7120Process #14: explorer.exe
19180Process #15: ostaj2.1.exe
2830Process #16: cmd.exe
140Process #17: toolspub2.exe
3180Process #18: vssadmin.exe
00Process #19: had.exe
120Process #20: luckywheel.exe
00Process #21: file.exe
220Process #22: toolspub2.exe
420Process #23: 5_6232986114823555269.exe
6600Process #24: ostaj2.1.exe
620Process #25: windowsservices.exe
00Process #26: cmd.exe
540Process #27: photo_560.exe
730Process #29: powershell.exe
00Process #30: powershell.exe
00Process #31: powershell.exe
00Process #32: powershell.exe
00Process #34: foto0183.exe
00Process #38: v6852231.exe
00Process #39: taskkill.exe
00Process #40: luckywheel.exe
00Process #41: luckywheel.exe
00Process #42: luckywheel.exe
00
