Ordinypt Wiper | VMRay Analyzer Report
Try VMRay Analyzer
Analysis Information
Creation Time 2017-11-10 15:41 (UTC+1)
VM Analysis Duration Time 00:02:20
Execution Successful True
Sample Filename ofgzdr.exe
Command Line Parameters False
Prescript False
Number of Processes 1
Termination Reason Timeout
Reputation Enabled True
Download Archive Function Logfile Generic Logfile PCAP STIX/CybOX XML Summary JSON
VTI Information
VTI Score
83 / 100
VTI Database Version 2.6
VTI Rule Match Count 3
VTI Rule Type Default (PE, ...)
Tags
#Wiper #Ordinypt
Remarks
Critical The maximum number of extracted files was reached during the analysis. Some files may be missing in the reports. You can increase the limit in the configuration.
Screenshots
Monitored Processes
Process Graph


ID PID Monitor Reason Integrity Level Image Name Command Line Origin ID
#1 0x9fc Analysis Target High (Elevated) ofgzdr.exe "C:\Users\EEBsYm5\Desktop\ofgzdr.exe" -
Sample Information
ID #20158
MD5 Hash Value 870acd0ca66986cc20ab0a655fbc5873
SHA1 Hash Value 4a1b74432e38a1dfbd0b3336547cd764a25886e2
SHA256 Hash Value 085256b114079911b64f5826165f85a28a2a4ddc2ce0d935fa8545651ce5ab09
Filename ofgzdr.exe
File Size 493.50 KB (505344 bytes)
File Type Windows Exe (x86-32)
Analyzer and Virtual Machine Information
Analyzer Version 2.2.0
Analyzer Build Date 2017-10-17 16:08
Internet Explorer Version 8.0.7601.17514
Chrome Version 58.0.3029.110
Firefox Version 25.0
Flash Version 10.3.183.90
Java Version 7.0.450
VM Name win7_32_sp1
VM Architecture x86 32-bit PAE
VM OS Windows 7
VM Kernel Version 6.1.7601.17514 (684da42a-30cc-450f-81c5-35b4d18944b1)
Function Logfile
Exit-Icon

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".


    
Screenshot
Expand-Icon
Exit-Icon
icon_left
icon_left
image