d4de58e7...ea2c

VTI SCORE: 100/100

Target:

win7_64_sp1 | exe

Classification:

Riskware, Wiper, Ransomware

d4de58e79bfcf66ea933e50fbeada266fe32ee2ce0636419ed9ec0f60a99ea2c (SHA256)

d4de58e79bfcf66ea933e50fbeada266fe32ee2ce0636419ed9ec0f60a99ea2c.exe

Windows Exe (x86-32)

Created at 2018-07-02 12:52:00

Top Threat Indicators (View all 382 threat indicators)

Category	Operation	Classification
File System	Encrypts content of user files	Ransomware
Browser	Reads data related to browser cache	-
Browser	Reads data related to browser cookies	-

Screenshots

Monitored Processes

Analysis Information

Creation Time	2018-07-02 14:52 (UTC+2)
Analysis Duration	00:01:50
Number of Monitored Processes	4
Execution Successful
Reputation Enabled
Termination Reason	Maximum binlog size reached
Tags

Analyzer and Virtual Machine Information

Analyzer Version	2.3.0
Analyzer Build Date	2018-04-12 16:32 (UTC+2)
Adobe Acrobat Reader Version	10.0.0
Microsoft Office	2010
Microsoft Office Version	14.0.4762.1000
Microsoft Project Version	14.0.6023.1000
Microsoft Visio Version	14.0.6022.1000
Internet Explorer Version	8.0.7601.17514
Chrome Version	58.0.3029.110
Firefox Version	25.0
Flash Version	11.2.202.233
Java Version	7.0.450.18
VM Name	win7_64_sp1
VM Architecture	x86 64-bit
VM OS	Windows 7
VM Kernel Version	6.1.7601.17514 (3844dbb9-2017-4967-be7a-a4a2c20430fa)

Sample Information

ID	#66410
MD5 Hash Value	8893004b04b4436eb47e9b504b7a437f
SHA1 Hash Value	29b18de4657e00cabc41b3600e753ef51960cd21
SHA256 Hash Value	d4de58e79bfcf66ea933e50fbeada266fe32ee2ce0636419ed9ec0f60a99ea2c
Filename	d4de58e79bfcf66ea933e50fbeada266fe32ee2ce0636419ed9ec0f60a99ea2c.exe
File Size	355.50 KB
File Type	Windows Exe (x86-32)

Function Logfile

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".