dfecb460...9620 | VMRay Analyzer Report
Logo
Try VMRay Analyzer
VTI SCORE: 100/100
Dynamic Analysis Report
Classification: -
Threat Names:
Gen:Variant.Ser.Razy.13274
Gen:Variant.Razy.728766

Setup.exe

Windows Exe (x86-32)

Created 5 years ago

...

VMRay Threat Identifiers (11 rules, 14 matches)

SeverityCategoryOperationCountClassification
5/5
AntivirusMalicious content was detected by heuristic scan2-
4/5
User Data ModificationModifies Windows automatic backups1-
3/5
Network ConnectionConnects to TOR hidden service1-
2/5
Anti AnalysisTries to detect debugger3-
2/5
ObfuscationResolves APIs dynamically to possibly evade static detection1-
2/5
Network ConnectionAttempts to connect to unavailable TCP servers1-
2/5
ReputationFile has embedded suspicious URL1-
1/5
MutexCreates mutex1-
1/5
Network ConnectionPerforms DNS request1-
1/5
Network ConnectionConnects to HTTP server1-

Screenshots

Monitored Processes

Process GraphProcess Graph Legend

MITRE ATT&CK™ Matrix - Windows

ActiveAll
Version: 2019-04-25 20:53:07.719000
Initial Access
Execution
Persistence
Privilege Escalation
Defense Evasion
Software Packing
Credential Access
Discovery
Process Discovery
Lateral Movement
Collection
Command and Control
Multi-hop Proxy
Multilayer Encryption
Standard Application Layer Protocol
Exfiltration
Impact
Inhibit System Recovery

Sample Information

ID#1363858
MD5
9e5c89c84cdbf460fc6857c4e32dafdf
SHA1
ee0a95846ce48c59261eda0fdd6b38dfc83d9f4d
SHA256
dfecb46078038bcfa9d0b8db18bdc0646f33bad55ee7dd5ee46e61c6cf399620
SSDeep
1536:7ufJPTAoUei1obcxtZbW3BqlIS2IyUY4h2wEsOolJT+y9v:7upTAneif03BqarUY4l
ImpHash
bd51a645a9c68bd03b2e51586e5cbdcb
FilenameSetup.exe
File Size68.00 KB
Sample TypeWindows Exe (x86-32)

Analysis Information

Creation Time2020-09-24 13:09 (UTC+)
Analysis Duration00:04:00
Number of Monitored Processes10
Execution SuccessfulTrue
Reputation EnabledTrue
WHOIS EnabledFalse
Local AV EnabledTrue
Local AV Applied OnSample Files, PCAP File, Downloaded Files, Dropped Files, Modified Files, Memory Dumps
YARA EnabledTrue
YARA Applied OnSample Files, PCAP File, Downloaded Files, Dropped Files, Modified Files, Memory Dumps
Number of AV Matches3
Number of YARA Matches0
Termination ReasonTimeout
VMRay - Analyzer - www.vmray.com
Legal Note - Privacy Policy
Function Logfile
Download-Icon
Exit-Icon

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy". 


    

   

   

    Before
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    After
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    

     
      

       
       
       
       
      

     
     
     
    

   

  

  

   

    
    

     Screenshot
    

    

     Expand-Icon
    

    

     Exit-Icon
    

   

   

    

     icon_left
    

    

     icon_left
    

   

   

   

   

    image