Analysis Date2018-04-17 12:05:50
MD5957b6d60beba1f421d8a4ef29e61af41
SHA1040365f02d747c22bbafddfae31f5bc160ccbfd9

Static Details:

File typePE32 executable (GUI) Intel 80386, for MS Windows
PEhash
AVArcabit (arcavir)No Virus
AVAuthentiumNo Virus
AVGrisoft (avg)Error Scanning File
AVAvira (antivir)No Virus
AVAlwil (avast)No Virus
AVAd-AwareNo Virus
AVBitDefenderNo Virus
AVBullGuardNo Virus
AVClamAVNo Virus
AVDr. WebError Scanning File
AVEmsisoftNo Virus
AVMicroWorld (escan)No Virus
AVCA (E-Trust Ino)No Virus
AVFortinetNo Virus
AVFrisk (f-prot)No Virus
AVF-SecureNo Virus
AVIkarusTrojan-Dropper.Agent
AVK7No Virus
AVKasperskyNo Virus
AVMalwareBytesNo Virus
AVMcafeeNo Virus
AVMicrosoft Security EssentialsNo Virus
AVNANONo Virus
AVEset (nod32)No Virus
AVPadvishError Scanning File
AVCAT (quickheal)No Virus
AVRisingNo Virus
AV360 SafeNo Virus
AVSUPERAntiSpywareNo Virus
AVSymantecNo Virus
AVTrend MicroNo Virus
AVTwisterTrojanDldr.Url2File.A.rloa
AVVirusBlokAda (vba32)No Virus
AVWindows DefenderNo Virus
AVZillya!No Virus

Runtime Details:

Screenshot

Process
↳ C:\Windows\System32\lsass.exe

Process
↳ C:\Users\Phil\AppData\Local\Temp\040365f02d747c22bbafddfae31f5bc160ccbfd9.exe

Creates FileC:\Windows\Globalization\Sorting\sortdefault.nls
Creates FileC:\Users\Phil\AppData\Local\Temp\040365f02d747c22bbafddfae31f5bc160ccbfd9.exe
Creates FileC:\Users\Phil\AppData\Local\Temp\040365f02d747c22bbafddfae31f5bc160ccbfd9.exe
Creates FileC:\Windows\Fonts\staticcache.dat
Creates Mutex
Creates Mutex

Network Details:


Raw Pcap

Strings