Try VMRay Platform
Malicious
Classifications

Spyware

Threat Names

-

Dynamic Analysis Report

Created 3 years ago

10101010.exe

Windows Exe (x86-32)
...

VMRay Threat Identifiers (9 rules, 18 matches)

ScoreCategoryOperationCountClassification
5/5
Data CollectionTries to read cached credentials of various applications1Spyware
2/5
Data CollectionReads sensitive ftp data2-
2/5
Data CollectionReads sensitive application data1-
2/5
System ModificationChanges the desktop wallpaper1-
2/5
MasqueradeCreates a new process from a system binary1-
1/5
Anti AnalysisTries to detect analyzer sandbox1-
1/5
Hide TracksCreates process with hidden window9-
1/5
ObfuscationResolves API functions dynamically1-
1/5
CrashAn unmonitored process crashed1-

Screenshots

Monitored Processes

Process GraphProcess Graph Legend

MITRE ATT&CK™ Matrix - Windows

ActiveAll
Version: 2019-04-25 20:53:07.719000
Initial Access
Execution
Persistence
Privilege Escalation
Defense Evasion
Virtualization / Sandbox Evasion
Hidden Window
Software Packing
Credential Access
Credentials in Files
Discovery
File and Directory Discovery
Virtualization / Sandbox Evasion
System Time Discovery
Lateral Movement
Collection
Automated Collection
Data from Local System
Command and Control
Exfiltration
Impact
Defacement

Sample Information

ID#3869281
MD5
2b99e5c85cd8b0e6decf30d6daee094e
SHA1
c3e7652e16a2e03d96b0274b5520d19b96196a03
SHA256
e4defd8a187a513212cb19c9f2a800505395e66d9cd9eb3a96c291060224e7dd
SSDeep
6144:9mEdSunAqHdroKcykhPBbiMV5xzr2fXGzN:94ujKyUp+gOg
ImpHash
818c0e000ca7da0505349e2306c68948
File Name10101010.exe
File Size308.00 KB
Sample TypeWindows Exe (x86-32)

Analysis Information

Creation Time2022-03-22 11:03 (UTC+)
Analysis Duration00:04:00
Termination ReasonTimeout
Number of Monitored Processes13
Execution Successful
Reputation Enabled
Built-in AV Enabled
Number of AV Matches0
YARA Enabled
Number of YARA Matches0
VMRay - Analyzer - www.vmray.com
Legal Note - Privacy Policy
Function Logfile
Download-Icon
Exit-Icon

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy". 


    

   

   

    Before
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    After
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    

     
      

       
       
       
       
      

     
     
     
    

   

  

  

   

    
    

     Screenshot
    

    

     Expand-Icon
    

    

     Exit-Icon
    

   

   

    

     icon_left
    

    

     icon_left
    

   

   

   

   

    image