BigEyes/Lime Ransomware | VTI by Score
Try VMRay Analyzer
VTI Information
VTI Score
85 / 100
VTI Database Version 2.6
VTI Rule Match Count 9
VTI Rule Type Default (PE, ...)
Detected Threats
Arrow File System Delete user files
Delete multiple user files. This is an indicator for ransomware or wiper malware.
Arrow Masquerade Change folder appearance
Folder "c:\users\5jghkoaofdp\documents" has a changed appearance.
Folder "c:\users\5jghkoaofdp\documents\my shapes" has a changed appearance.
Folder "c:\users\5jghkoaofdp\music" has a changed appearance.
Arrow Persistence Install system startup script or application
Add "C:\Users\5JgHKoaOfdp\Desktop\#Decryptor.exe" to windows startup via registry.
Arrow Device Monitor mouse movements and clicks
Frequently read the state of a mouse button by API.
Arrow File System Create many files
Create above average number of files.
Arrow PE Drop PE file
Drop file "c:\users\5jghkoaofdp\desktop\#decryptor.exe".
Arrow PE Execute dropped PE file
Execute dropped file "c:\users\5jghkoaofdp\desktop\#decryptor.exe".
Function Logfile
Download-Icon
Exit-Icon

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy". 


    

   

   

    

     
      

       
       
       
       
      

     
     
     
    

   

  

  

   

    
    

     Screenshot
    

    

     Expand-Icon
    

    

     Exit-Icon
    

   

   

    

     icon_left
    

    

     icon_left
    

   

   

   

   

    image