ee74c63f...4752 | Network
Logo
Try VMRay Analyzer
VTI SCORE: 95/100
Dynamic Analysis Report
Classification: Trojan, Keylogger

ee74c63faa2eb9709b1d738762e28072aece2e7b9eeffc5913eb6a5fd1564752 (SHA256)

key_payload.exe.zzz.exe

Windows Exe (x86-32)

Created at 2018-08-20 09:32:00

...

Notifications (1/1)

Some extracted files may be missing in the report since the maximum number of extracted files was reached during the analysis. You can increase the limit in the configuration settings.

Network Overview

Hosts (3)
»
Hostname IP Address Location Protocols Reputation Status WHOIS Data
cosonar.mcdir.ru - - UDP
Has Blacklisted URL
Show WHOIS
- 157.56.120.207 - UDP
Not Queried
Not Queried
- 157.56.120.208 - UDP
Not Queried
Not Queried
DNS Queries (1)
»
Hostname Categories Names Source Reputation Status
cosonar.mcdir.ru Malware Mal/HTMLGen-A Function Log
Blacklisted

Connections

DNS (4)
»
Operation Additional Information Success Count Logfile
Resolve Name host = cosonar.mcdir.ru, service = http False 4
Fn
UDP Sessions (3)
»
Total Data Sent 0.85 KB
Total Data Received 1.00 KB
Contacted Host Count 3
Contacted Hosts 192.168.0.1, 157.56.120.207, 157.56.120.208
UDP Session #1
»
Information Value
Source PCAP
Stream ID 208
Remote Address 192.168.0.1
Remote Port 53
Local Address 192.168.0.219
Local Port 64033
Data Sent 0.07 KB
Data Received 0.07 KB
Time Highest Layer Additional Information Success
118.497448 s DNS Data Sent: 0.07 KB, Data Received: 0.07 KB True
UDP Session #2
»
Information Value
Source PCAP
Stream ID 211
Remote Address 157.56.120.207
Remote Port 3544
Local Address 192.168.0.219
Local Port 57347
Data Sent 0.68 KB
Data Received 0.77 KB
Time Highest Layer Additional Information Success
122.290309 s ICMPV6 Data Sent: 0.10 KB, Data Received: 0.15 KB True
150.746384 s IPV6 Data Sent: 0.10 KB, Data Received: 0.10 KB True
156.949200 s IPV6 Data Sent: 0.10 KB, Data Received: 0.10 KB True
161.471651 s IPV6 Data Sent: 0.10 KB, Data Received: 0.10 KB True
163.633298 s IPV6 Data Sent: 0.10 KB, Data Received: 0.10 KB True
165.571338 s IPV6 Data Sent: 0.10 KB, Data Received: 0.10 KB True
226.645305 s ICMPV6 Data Sent: 0.10 KB, Data Received: 0.15 KB True
UDP Session #3
»
Information Value
Source PCAP
Stream ID 212
Remote Address 157.56.120.208
Remote Port 3544
Local Address 192.168.0.219
Local Port 57347
Data Sent 0.10 KB
Data Received 0.15 KB
Time Highest Layer Additional Information Success
122.351930 s ICMPV6 Data Sent: 0.10 KB, Data Received: 0.15 KB True
Exit-Icon
WHOIS Domain Information
Domain Name
WHOIS Response 

       		
      

     

    

   

  

  

  

  

   

    
    

     Function Logfile
    

    

     

      Download-Icon
     

    

    

     Exit-Icon
    

   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    Before
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    After
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    

     
      

       
       
       
       
      

     
     
     
    

   

  

  

   

    
    

     Screenshot
    

    

     Expand-Icon
    

    

     Exit-Icon
    

   

   

    

     icon_left
    

    

     icon_left
    

   

   

   

   

    image