Created 5 months ago
Lana_Rhoades_Photoos.js
Remarks (2/2)
(0x00600018): Static Analysis failed to analyze the sample due to an error. Check the sample_static_analysis.log file for further information.
(0x02000050): This analysis has been updated with the latest reputation and static analysis results from the original analysis with the ID #17994119.
Virtual Machine Information
| Name | win7_64_sp1_en_mso2016 |
| Description | windows 7 (64bit SP1 -EN- MSO_2016) |
| Architecture | x86 64-bit |
| Operating System | Windows 7 |
| Kernel Version | 6.1.7601.18741 (2e37f962-d699-492c-aaf3-f9f4e9770b1d) |
| Network Scheme Name | Local Gateway |
| Network Config Name | Local Gateway |
Platform Information
| Platform Version | 2024.4.1 |
| Dynamic Engine Version | 2024.4.1 / 2024-10-11 04:10 (UTC+) |
| Static Engine Version | 2024.4.1.0 / 2024-10-11 03:10 (UTC+) |
| AV Exceptions Version | 2024.4.1.18 / 2024-10-18 12:10 (UTC+) |
| Link Detonation Heuristics Version | 2024.4.1.21 / 2024-10-25 08:10 (UTC+) |
| Config Extractors Version | 2024.4.1.21 / 2024-10-25 08:10 (UTC+) |
| Smart Memory Dumping Rules | 2024.4.1.18 / 2024-10-18 12:10 (UTC+) |
| Signature Trust Store Version | 2024.4.1.3 / 2024-08-31 15:08 (UTC+) |
| VMRay Threat Identifiers Version | 2024.4.1.22 / 2024-10-28 08:10 (UTC+) |
| YARA Built-in Ruleset Version | 2024.4.1.21 |
Anti Virus Information
Software Information
| Adobe Acrobat Reader Version | Not installed |
| Microsoft Office | 2016 |
| Microsoft Office Version | 16.0.4266.1001 |
| Hangul Office | Not installed |
| Hangul Office Version | Not installed |
| Internet Explorer Version | 8.0.7601.17514 |
| Chrome Version | Not installed |
| Firefox Version | Not installed |
| Flash Version | Not installed |
| Java Version | 8.0.1710.11 |
System Information
| Sample Directory | C:\Users\kEecfMwgj\Desktop |
| Computer Name | Q9IATRKPRH |
| User Domain | Q9IATRKPRH |
| User Name | kEecfMwgj |
| User Profile | C:\Users\kEecfMwgj |
| Temp Directory | C:\Users\KEECFM~1\AppData\Local\Temp |
| System Root | C:\Windows |
Randomly Created Artifacts
This section provides information about processes and files that were created before the analysis was started. This is one of many steps designed to make the analysis system look more realistic and prevent evasion by environment aware malware. The number of randomly generated artifacts can be changed in the configuration.
Customized Created Artifacts
Similar to Randomly Created Artifacts, this section lists the pre-configured files and processes that were created on the account of randomly generated artifacts, to ensure a more realistic environment.
