Try VMRay Platform
Malicious
Classifications

Spyware Ransomware

Threat Names

Mal/Generic-S

Dynamic Analysis Report

Created 3 years ago

a7f09cfde433f3d47fc96502bf2b623ae5e7626da85d0a0130dcd19d1679af9b.exe

Windows Exe (x86-32)
...

Virtual Machine Information

Namewin10_64_th2_en_mso2016
Descriptionwin10_64_th2_en_mso2016
Architecturex86 64-bit
Operating SystemWindows 10 Threshold 2
Kernel Version10.0.10586.0 (0de6dc23-8e19-4bb7-8608-d54b1e6fa379)
Network Scheme NameLocal Gateway
Network Config NameLocal Gateway

Platform Information

Platform Version4.4.1
Dynamic Engine Version4.4.1 / 2022-01-14 05:01 (UTC+)
Static Engine Version4.4.1.0 / 2022-01-14 04:01 (UTC+)
AV Exceptions Version4.4.1.6 / 2021-12-14 15:12 (UTC+)
Link Detonation Heuristics Version4.4.1.16 / 2022-03-11 16:03 (UTC+)
Smart Memory Dumping Rules4.4.1.6 / 2021-12-14 15:12 (UTC+)
Signature Trust Store Version4.4.1.6 / 2021-12-14 15:12 (UTC+)
VMRay Threat Identifiers Version4.4.1.19 / 2022-03-31 10:03 (UTC+)
YARA Built-in Ruleset Version4.4.1.19

Anti Virus Information

Software Information

Adobe Acrobat Reader VersionNot installed
Microsoft Office2016
Microsoft Office Version16.0.4266.1003
Hangul OfficeNot installed
Hangul Office VersionNot installed
Internet Explorer Version11.0.10586.0
Chrome VersionNot installed
Firefox VersionNot installed
Flash VersionNot installed
Java VersionNot installed

System Information

Sample DirectoryC:\Users\RDhJ0CNFevzX\Desktop
Computer NameXC64ZB
User DomainXC64ZB
User NameRDhJ0CNFevzX
User ProfileC:\Users\RDhJ0CNFevzX
Temp DirectoryC:\Users\RDHJ0C~1\AppData\Local\Temp
System RootC:\Windows

Randomly Created Artifacts

This section provides information about processes and files that were created before the analysis was started. This is one of many steps designed to make the analysis system look more realistic and prevent evasion by environment aware malware. The number of randomly generated artifacts can be changed in the configuration.

»
Processes (20)
»
Files (285)

Customized Created Artifacts

Similar to Randomly Created Artifacts, this section lists the pre-configured files and processes that were created on the account of randomly generated artifacts, to ensure a more realistic environment.

»
Processes (43)
VMRay - Analyzer - www.vmray.com
Legal Note - Privacy Policy
Function Logfile
Download-Icon
Exit-Icon

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy". 


    

   

   

    Before
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    After
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    

     
      

       
       
       
       
      

     
     
     
    

   

  

  

   

    
    

     Screenshot
    

    

     Expand-Icon
    

    

     Exit-Icon
    

   

   

    

     icon_left
    

    

     icon_left
    

   

   

   

   

    image