Analysis Date2018-04-15 08:36:12
MD5e9dc670ad1c4f8e53a46a4a585692462
SHA104fd8081525d5ea475bb1b0ce7586e52dd29459a

Static Details:

File typePE32 executable (GUI) Intel 80386, for MS Windows
PEhash
AVArcabit (arcavir)Trojan.BRMon.Gen.3
AVAuthentiumW32/S-e060449c!Eldorado
AVGrisoft (avg)Crypt9.GQA
AVAvira (antivir)TR/Crypt.Agent.mhxde
AVAlwil (avast)Malware-gen
AVAlwil (avast)Win32:Malware-gen
AVAd-AwareTrojan.BRMon.Gen.3
AVBitDefenderTrojan.BRMon.Gen.3
AVBullGuardTrojan.BRMon.Gen.3
AVClamAVError Scanning File
AVDr. WebTrojan.PWS.Banker1.25218
AVEmsisoftTrojan.BRMon.Gen.3
AVMicroWorld (escan)No Virus
AVCA (E-Trust Ino)Error Scanning File
AVFortinetW32/GenKryptik.BAPN!worm
AVFrisk (f-prot)W32/S-e060449c!Eldorado
AVF-SecureTrojan.BRMon.Gen.3
AVIkarusError Scanning File
AVK7Trojan ( 00526bf41 )
AVKasperskyError Scanning File
AVMalwareBytesTrojan.MalPack
AVMcafeePacked-ZG!E9DC670AD1C4
AVMicrosoft Security EssentialsTrojan:Win32/Tiggre!rfn
AVNANOTrojan.Win32.Banker1.exxnwb
AVEset (nod32)Win32/Kryptik.GCYY
AVPadvishNo Virus
AVCAT (quickheal)No Virus
AVRisingNo Virus
AV360 SafeNo Virus
AVSUPERAntiSpywareTrojan.Agent/Gen-Kryptik
AVSymantecRansom.GandCrab
AVTrend MicroNo Virus
AVTwisterTrojan.Girtk.GCYY.robo
AVVirusBlokAda (vba32)Trojan.Scar
AVWindows DefenderTrojan:Win32/Tiggre!rfn
AVZillya!Trojan.Scar.Win32.108290

Runtime Details:

Screenshot

Process
↳ C:\Windows\System32\lsass.exe

Process
↳ C:\Users\Phil\AppData\Local\Temp\04fd8081525d5ea475bb1b0ce7586e52dd29459a.exe

Network Details:


Raw Pcap

Strings