ca0da220f7691059b3174b2de14bd41ddb96bf3f02a2824b2b8c103215c7403c (SHA256)
Sales invoice Z12_01 copy.iqy.iqy
Created at 2018-06-06 09:51:00
Notifications (2/2)
The overall sleep time of all monitored processes was truncated from "3 minutes, 21 seconds" to "2 seconds" to reveal dormant functionality.
Severity | Category | Operation | Classification | |
---|---|---|---|---|
5/5
|
Anti Analysis | Tries to detect the presence of antivirus software | - | |
|
||||
4/5
|
Process | Creates process | - | |
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
4/5
|
Network | Associated with known malicious/suspicious URLs | - | |
|
||||
|
||||
|
||||
4/5
|
Network | Downloads data | Downloader | |
|
||||
|
||||
|
||||
3/5
|
Network | Performs DNS request | - | |
|
||||
3/5
|
Network | Connects to remote host | - | |
|
||||
3/5
|
PE | Executes dropped PE file | - | |
|
||||
|
||||
2/5
|
File System | Associated with suspicious files | Trojan, Exploit | |
|
||||
|
||||
2/5
|
Network | Connects to HTTP server | - | |
|
||||
|
||||
|
||||
2/5
|
PE | Drops PE file | Dropper | |
|
||||
|
||||
1/5
|
Process | Creates system object | - | |
|
||||
1/5
|
Process | Overwrites code | - | |
|