Analysis Date2018-04-27 07:10:33
MD50a00ee43ab62e997caa768097ca09c82
SHA104fd9aa6c83d5ad4ccedbf9fc3c4044b3000234c

Static Details:

File typePE32 executable (GUI) Intel 80386, for MS Windows
PEhash

Runtime Details:

Screenshot

Process
↳ C:\Windows\System32\lsass.exe

Process
↳ C:\Users\Phil\AppData\Local\Temp\04fd9aa6c83d5ad4ccedbf9fc3c4044b3000234c.exe

Creates FileC:\Users\Phil\AppData\Local\Temp\04fd9aa6c83d5ad4ccedbf9fc3c4044b3000234c.exe

Process
↳ C:\Windows\SysWOW64\winver.exe

Creates Mutex8DDBDE66
Creates FileC:\Windows\Globalization\Sorting\sortdefault.nls

Network Details:


Raw Pcap

Strings