Analysis Date2018-05-09 05:57:47
MD510a1cbea354d8b200ea118691bab0dfc
SHA103ca9c7160df9b00948cee3e1de4cd12060d9cc5

Static Details:

File typedata
PEhash

Runtime Details:

Screenshot

Process
↳ C:\Windows\System32\lsass.exe

Process
↳ C:\Windows\System32\cmd.exe

Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\Caches\cversions.1.db
Creates FileC:\Users\Phil\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000001.db
Creates FileC:\Users\Phil\Desktop\desktop.ini

Process
↳ C:\Windows\System32\rundll32.exe

Creates FileC:\Windows\Globalization\Sorting\sortdefault.nls
Creates FileC:\Windows\Fonts\staticcache.dat
Creates Mutex

Process
↳ C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe

Process
↳ C:\Program Files (x86)\Adobe\Reader 10.0\Reader\wow_helper.exe

Network Details:


Raw Pcap

Strings