BigEyes/Lime Ransomware | VMRay Analyzer Report
Try VMRay Analyzer
| Creation Time | 2018-01-17 14:10 (UTC+1) |
| VM Analysis Duration Time | 00:03:16 |
| Execution Successful |
|
| Sample Filename | Crypt.exe |
| Command Line Parameters |
|
| Prescript |
|
| Number of Processes | 3 |
| Termination Reason | Timeout |
| Reputation Enabled |
|
| Download | Archive Function Logfile Generic Logfile PCAP STIX/CybOX XML Summary JSON |
|
VTI Score
85 / 100
|
|
| VTI Database Version | 2.6 |
| VTI Rule Match Count | 9 |
| VTI Rule Type | Default (PE, ...) |
|
The operating system was rebooted during the analysis. |
| ID | PID | Monitor Reason | Integrity Level | Image Name | Command Line | Origin ID |
|---|---|---|---|---|---|---|
| #1 | 0xaf8 | Analysis Target | High (Elevated) | crypt.exe | "C:\Users\5JgHKoaOfdp\Desktop\Crypt.exe" | - |
| #2 | 0x9ec | Modified File | Medium | #decryptor.exe | "C:\Users\5JgHKoaOfdp\Desktop\#Decryptor.exe" | #1 |
| #3 | 0x3c0 | Autostart | Medium | #decryptor.exe | "C:\Users\5JgHKoaOfdp\Desktop\#Decryptor.exe" | - |
| ID | #20929 |
| MD5 Hash Value | e1b571f1ad5266156c8233fa0d2ba1e0 |
| SHA1 Hash Value | dcec2db3a228baeef3c629991743fc7e39bfaab6 |
| SHA256 Hash Value | 9dbd7b3133c9bc80b9ed83712d488d014b856c8814a268871046a30c4b6fc6ae |
| Filename | Crypt.exe |
| File Size | 440.00 KB (450560 bytes) |
| File Type | Windows Exe (x86-32) |
| Analyzer Version | 2.2.0 |
| Analyzer Build Date | 2018-01-15 17:39 |
| Microsoft Office Version | 15.0.4420.1017 |
| Internet Explorer Version | 11.0.9600.17031 |
| Chrome Version | 58.0.3029.110 |
| Firefox Version | 25.0 |
| Flash Version | 11.2.202.228 |
| Java Version | 7.0.510.13 |
| VM Name | win8.1_64 |
| VM Architecture | x86 64-bit |
| VM OS | Windows 8.1 |
| VM Kernel Version | 6.3.9600.17031 (6066913d-fbad-4ef6-b754-e136c12beca3) |
