Analysis Date2018-02-07 03:39:39
MD54c3ffe5ee65fe32131c81bba4360dca6
SHA103ca71169a92efe3ae469c4eafa3ab4948ab12c8

Static Details:

File typePE32+ executable (GUI) x86-64, for MS Windows
PEhash
AVArcabit (arcavir)No Virus
AVAuthentiumNo Virus
AVGrisoft (avg)Error Scanning File
AVAvira (antivir)TR/Dldr.Upatre.xofbk
AVAlwil (avast)No Virus
AVAd-AwareNo Virus
AVBitDefenderNo Virus
AVBullGuardError Scanning File
AVClamAVError Scanning File
AVDr. WebNo Virus
AVEmsisoftNo Virus
AVMicroWorld (escan)No Virus
AVCA (E-Trust Ino)Error Scanning File
AVFortinetNo Virus
AVFrisk (f-prot)No Virus
AVF-SecureNo Virus
AVIkarusError Scanning File
AVK7Error Scanning File
AVKasperskyError Scanning File
AVMalwareBytesNo Virus
AVMcafeeNo Virus
AVMicrosoft Security EssentialsNo Virus
AVNANONo Virus
AVEset (nod32)Win64/Packed.Themida.BA
AVPadvishNo Virus
AVCAT (quickheal)No Virus
AVRisingNo Virus
AV360 SafeNo Virus
AVSUPERAntiSpywareNo Virus
AVSymantecNo Virus
AVTrend MicroNo Virus
AVTwisterNo Virus
AVVirusBlokAda (vba32)No Virus
AVWindows DefenderNo Virus
AVZillya!Error Scanning File

Runtime Details:

Screenshot

Process
↳ C:\Windows\System32\lsass.exe

Process
↳ C:\Users\THX1138\AppData\Local\Temp\03ca71169a92efe3ae469c4eafa3ab4948ab12c8.exe

Creates Mutex

Network Details:


Raw Pcap

Strings