8a1e66b4834499dacc24abb27733c387733d919070fc504b14ee865678952559 (SHA256)
2018-05-22_13-47-32.exe
Windows Exe (x86-32)
Created at 2018-05-22 08:11:00
Notifications (2/3)
Due to a reputation service error, no query could be made to determine the reputation status of any contacted URL.
Some extracted files may be missing in the report since the maximum number of extracted files was reached during the analysis. You can increase the limit in the configuration settings.
The operating system was rebooted during the analysis.
| Severity | Category | Operation | Classification | |
|---|---|---|---|---|
|
5/5
|
File System | Encrypts content of user files | Ransomware | |
|
||||
|
3/5
|
OS | Modifies certificate store | - | |
|
||||
|
||||
|
||||
|
||||
|
||||
|
3/5
|
Browser | Reads data related to browser cookies | - | |
|
||||
|
2/5
|
Anti Analysis | Tries to detect virtual machine | - | |
|
||||
|
2/5
|
Browser | Reads data related to browsing history | - | |
|
||||
|
1/5
|
Anti Analysis | Resolves APIs dynamically to possibly evade static detection | - | |
|
||||
|
1/5
|
Process | Creates system object | - | |
|
||||
|
1/5
|
Persistence | Installs system startup script or application | - | |
|
||||
|
1/5
|
Process | Creates process with hidden window | - | |
|
||||
|
||||
|
||||
|
||||
|
1/5
|
Network | Performs DNS request | - | |
|
||||
|
||||
|
1/5
|
File System | Modifies application directory | - | |
|
||||
|
||||
|
1/5
|
File System | Creates an unusually large number of files | - | |
|
||||
|
1/5
|
Process | Overwrites code | - | |
|
||||
|
1/5
|
Network | Checks external IP address | - | |
|
||||
|
1/5
|
Network | Downloads data | Downloader | |
|
||||
|
||||
|
||||
|
||||
|
||||
|
1/5
|
Network | Connects to HTTP server | - | |
|
||||
|
||||
|
||||
|
||||
|
||||
|
1/5
|
PE | Drops PE file | Dropper | |
|
||||
|
1/5
|
PE | Executes dropped PE file | - | |
|
||||
