Analysis Date2018-04-28 21:29:20
MD5e1d48215ab176503bb2fc59f852c7be9
SHA101efd0a6ba388ed9d112064a4f8965e224ca9b7d

Static Details:

File typePE32 executable (GUI) Intel 80386, for MS Windows
PEhash

Runtime Details:

Screenshot

Process
↳ C:\Windows\System32\lsass.exe

Process
↳ C:\Users\Phil\AppData\Local\Temp\01efd0a6ba388ed9d112064a4f8965e224ca9b7d.exe

Creates FileC:\Users\Phil\AppData\Local\Temp\last.inf
Creates FileC:\Users\Phil\AppData\Local\Temp\01efd0a6ba388ed9d112064a4f8965e224ca9b7d.exe
Creates FileC:\Windows\Globalization\Sorting\sortdefault.nls
Creates FileC:\Users\Phil\AppData\Local\Temp\misid.exe
Creates Mutex
Creates Mutex

Process
↳ C:\Users\Phil\AppData\Local\Temp\misid.exe

Creates FileC:\Users\Phil\AppData\Local\Temp\last.inf
Creates FileC:\Users\Phil\AppData\Local\Temp\misid.exe
Creates FileC:\Windows\Globalization\Sorting\sortdefault.nls

Network Details:


Raw Pcap

Strings