Analysis Date2018-03-04 19:22:59
MD53c4ef251b9684b1afd420cdef2ba4f38
SHA103ca0175853a17c58a3f08795cf7d36f5589fdf5

Static Details:

File typePE32 executable (DLL) (GUI) Intel 80386, for MS Windows
PEhash
AVArcabit (arcavir)Gen:Variant.Graftor.471893
AVAuthentiumNo Virus
AVGrisoft (avg)No Virus
AVAvira (antivir)No Virus
AVAlwil (avast)No Virus
AVAd-AwareGen:Variant.Graftor.471893
AVBitDefenderGen:Variant.Graftor.471893
AVBullGuardGen:Variant.Graftor.471893
AVClamAVNo Virus
AVDr. WebNo Virus
AVEmsisoftGen:Variant.Graftor.471893
AVMicroWorld (escan)No Virus
AVCA (E-Trust Ino)No Virus
AVFortinetNo Virus
AVFrisk (f-prot)No Virus
AVF-SecureGen:Variant.Graftor.471893
AVIkarusNo Virus
AVK7Error Scanning File
AVKasperskyNo Virus
AVMalwareBytesError Scanning File
AVMcafeeNo Virus
AVMicrosoft Security EssentialsNo Virus
AVNANONo Virus
AVEset (nod32)No Virus
AVPadvishNo Virus
AVCAT (quickheal)No Virus
AVRisingNo Virus
AV360 SafeNo Virus
AVSUPERAntiSpywareNo Virus
AVSymantecNo Virus
AVTrend MicroNo Virus
AVTwisterNo Virus
AVVirusBlokAda (vba32)No Virus
AVWindows DefenderNo Virus
AVZillya!No Virus

Runtime Details:

Screenshot

Process
↳ C:\Windows\System32\lsass.exe

Process
↳ C:\Windows\System32\rundll32.exe

Creates FileC:\Users\THX1138\AppData\Local\Temp\03ca0175853a17c58a3f08795cf7d36f5589fdf5.dll

Process
↳ C:\Windows\SysWOW64\rundll32.exe

Creates Mutex
Creates Mutex

Network Details:


Raw Pcap

Strings