Analysis Date2018-06-08 15:04:34
MD5e4538c11e8cd4ea6a89da6f0bafbba15
SHA11128fb6be31bd05d29e421fd4dbb9664ce92fc08

Static Details:

File typePE32 executable for MS Windows (GUI) Intel 80386 32-bit
SectionUPX0 md5: d41d8cd98f00b204e9800998ecf8427e sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 size: 0
SectionUPX1 md5: 63a196f7a3411c83ed85dec6e05d59b1 sha1: 201c56428196576bf18790049a880b70b0b39a8d size: 1580032
Section.rsrc md5: b9c7c593bc32e86c69084a223b5265aa sha1: 8cdcb2a02e647aea373cc8fdff9cd760180e9839 size: 27136
Timestamp1992-06-19 22:22:17
PackerUPX -> www.upx.sourceforge.net
PEhash4f91f5c44bbe785c95b9a2865caa13bfb62cc089
IMPhashe371053facce05fe972d0abd50e5c0cb
AVAd-AwareTrojan.Generic.6716861
AVMicrosoft Security EssentialsBackdoor:Win32/Bifrose.gen!F
AVGrisoft (avg)Generic16.ZH
AVF-SecureTrojan.Generic.6716861
AVEmsisoftTrojan.Generic.6716861
AVRisingTrojan.Win32.Generic.12A67AF7
AVFrisk (f-prot)no_virus
AVDr. WebTrojan.Siggen2.35347
AVVirusBlokAda (vba32)Trojan.Mepaow
AVFortinetPossibleThreat
AVTwisterTrojan.4D6E10BC17D747A2
AVZillya!Trojan.Mepaow.Win32.455
AVK7Trojan ( 0001140e1 )
AVTrend Microno_virus
AVAvira (antivir)BDC/Apocal.14.EdS.2
AVBitDefenderTrojan.Generic.6716861
AVCAT (quickheal)Trojan.Mepaow.jzl.n3
AVIkarusVirus.Win32.DelfInject
AVMalwareBytesno_virus
AVEset (nod32)Win32/Lypserat.A
AVAuthentiumno_virus
AVKasperskyTrojan.Win32.Generic
AVAlwil (avast)Lypserat [Trj]
AVPadvishno_virus
AVSymantecSpyware.Keylogger
AVClamAVTrojan.Buzus-6424
AVMicroWorld (escan)Trojan.Generic.6716861
AVArcabit (arcavir)Trojan.Generic.6716861
AVCA (E-Trust Ino)no_virus
AVMcafeeno_virus
AVBullGuardTrojan.Generic.6716861

Runtime Details:

Screenshot

Process
↳ C:\Windows\System32\lsass.exe

Process
↳ C:\Users\Phil\AppData\Local\Temp\1128fb6be31bd05d29e421fd4dbb9664ce92fc08.exe

Creates FileC:\Windows\Globalization\Sorting\sortdefault.nls

Network Details:


Raw Pcap

Strings