Dynamic Analysis Report
Created 10 months ago
c0628d64b48b90236336a7b3b16a8d8f.virus.exe
Windows Exe (x86-32)
Remarks (1/1)
(0x02000008): One or more processes crashed during the analysis. Analysis results may be incomplete.
Virtual Machine Information
| Name | win10_64_20h1_en_base |
| Description | windows 10 (64bit 20H1 -EN-) |
| Architecture | x86 64-bit |
| Operating System | Windows 10 20H1 |
| Kernel Version | 10.0.19041.208 (dc9233f8-5819-e3d0-929a-7bde0b87f0b9) |
| Network Scheme Name | Local Gateway |
| Network Config Name | Local Gateway |
Platform Information
| Platform Version | 2024.2.1 |
| Dynamic Engine Version | 2024.2.1 / 2024-03-23 11:03 (UTC+) |
| Static Engine Version | 2024.2.1.0 / 2024-03-23 09:03 (UTC+) |
| AV Exceptions Version | 2024.2.1.5 / 2024-03-22 20:03 (UTC+) |
| Link Detonation Heuristics Version | 2024.2.1.29 / 2024-05-11 04:05 (UTC+) |
| Config Extractors Version | 2024.2.1.27 / 2024-05-02 14:05 (UTC+) |
| Smart Memory Dumping Rules | 2024.2.1.5 / 2024-03-22 20:03 (UTC+) |
| Signature Trust Store Version | 2024.2.1.9 / 2024-03-26 09:03 (UTC+) |
| VMRay Threat Identifiers Version | 2024.2.1.31 / 2024-05-17 05:05 (UTC+) |
| YARA Built-in Ruleset Version | 2024.2.1.24 |
Anti Virus Information
Software Information
| Adobe Acrobat Reader Version | Not installed |
| Microsoft Office | Not installed |
| Microsoft Office Version | Not installed |
| Hangul Office | Not installed |
| Hangul Office Version | Not installed |
| Internet Explorer Version | 11.207.19041.0 |
| Chrome Version | Not installed |
| Firefox Version | 108.0 |
| Flash Version | Not installed |
| Java Version | 8.0.3610.9 |
System Information
| Sample Directory | C:\Users\OqXZRaykm\Desktop |
| Computer Name | PXTHFFRYO7 |
| User Domain | PXTHFFRYO7 |
| User Name | OqXZRaykm |
| User Profile | C:\Users\OqXZRaykm |
| Temp Directory | C:\Users\OQXZRA~1\AppData\Local\Temp |
| System Root | C:\Windows |
Randomly Created Artifacts
This section provides information about processes and files that were created before the analysis was started. This is one of many steps designed to make the analysis system look more realistic and prevent evasion by environment aware malware. The number of randomly generated artifacts can be changed in the configuration.
Customized Created Artifacts
Similar to Randomly Created Artifacts, this section lists the pre-configured files and processes that were created on the account of randomly generated artifacts, to ensure a more realistic environment.
