Analysis Date2018-05-15 19:15:08
MD5b4eb158d337976be1566193c2aa0100f
SHA11982cf3b034fafe8cea93a051bcb2abf39d47cad

Static Details:

AVArcabit (arcavir)Trojan.VBRan.Gen.2
AVAuthentiumW32/Vobfus.AM.gen!Eldorado
AVGrisoft (avg)Worm/Generic_vb.AKO
AVAvira (antivir)TR/Jorik.Vobfus.ajr
AVAlwil (avast)VB-ACGX [Trj]
AVAd-AwareTrojan.VBRan.Gen.2
AVBitDefenderTrojan.VBRan.Gen.2
AVBullGuardTrojan.VBRan.Gen.2
AVClamAVWin.Trojan.Vobfus-70344
AVDr. WebWin32.HLLW.Autoruner2.29121
AVEmsisoftTrojan.VBRan.Gen.2
AVMicroWorld (escan)Trojan.VBRan.Gen.2
AVCA (E-Trust Ino)Trojan.VBRan.Gen.2
AVFortinetW32/VBObfus.AU!tr
AVFrisk (f-prot)W32/Vobfus.AM.gen!Eldorado
AVF-SecureTrojan.VBRan.Gen.2
AVIkarusWorm.Win32.VBNA
AVK7EmailWorm ( 0040f0951 )
AVKasperskyWorm.Win32.Vobfus.aiez
AVMalwareBytesNo Virus
AVMcafeeVBObfus.ds
AVMicrosoft Security EssentialsNo Virus
AVNANOTrojan.Win32.Autoruner.cihufu
AVEset (nod32)Win32/AutoRun.VB.AUM worm
AVPadvishWorm.Win32.Vobfus.aijw.Generic
AVCAT (quickheal)Worm.Vobfus.Gen
AVRisingWorm.Win32.Vobfus.ad
AV360 SafeTrojan.Win32.VB.M
AVSUPERAntiSpywareWorm.Vobfus
AVSymantecW32.Changeup
AVTrend MicroWORM_VOBFUS.SMC
AVTwisterVirus.FDA09472@2FFA09472.mg
AVVirusBlokAda (vba32)SScope.Malware-Cryptor.VBCR.1141
AVWindows DefenderWorm:Win32/Vobfus
AVZillya!Trojan.JorikGen.Win32.1

Runtime Details:

Screenshot

Process
↳ C:\Windows\System32\lsass.exe

Process
↳ C:\Users\Phil\AppData\Local\Temp\1982cf3b034fafe8cea93a051bcb2abf39d47cad.exe

Creates FileC:\Users\Phil\AppData\Local\Temp\1982cf3b034fafe8cea93a051bcb2abf39d47cad.exe
Creates FileC:\Users\Phil\AppData\Local\Temp\1982cf3b034fafe8cea93a051bcb2abf39d47cad.exe
Creates FileC:\Users\Phil\AppData\Local\Temp\1982cf3b034fafe8cea93a051bcb2abf39d47cad.exe
Creates FileC:\Users\Phil\muanas.exe
Creates FileC:\Users\Phil\muanas.exe
Creates MutexP

Process
↳ C:\Users\Phil\muanas.exe

Creates FileC:\Users\Phil\muanas.exe
Creates FileC:\Users\Phil\muanas.exe
Creates FileC:\Users\Phil\muanas.exe
Creates FileC:\Users\Phil\keenez.exe
Creates FileC:\Users\Phil\keenez.exe
Creates MutexP

Process
↳ C:\Users\Phil\keenez.exe

Creates FileC:\Users\Phil\keenez.exe
Creates FileC:\Users\Phil\keenez.exe
Creates FileC:\Users\Phil\keenez.exe
Creates FileC:\Users\Phil\wouezac.exe
Creates FileC:\Users\Phil\wouezac.exe
Creates MutexP

Process
↳ C:\Users\Phil\wouezac.exe

Creates FileC:\Users\Phil\wouezac.exe
Creates FileC:\Users\Phil\wouezac.exe
Creates FileC:\Users\Phil\wouezac.exe
Creates FileC:\Users\Phil\ydcouj.exe
Creates FileC:\Users\Phil\ydcouj.exe
Creates MutexP

Process
↳ C:\Users\Phil\ydcouj.exe

Creates FileC:\Users\Phil\ydcouj.exe
Creates FileC:\Users\Phil\ydcouj.exe
Creates FileC:\Users\Phil\ydcouj.exe
Creates FileC:\Users\Phil\toeak.exe
Creates FileC:\Users\Phil\toeak.exe
Creates MutexP

Process
↳ C:\Users\Phil\toeak.exe

Creates FileC:\Users\Phil\toeak.exe
Creates FileC:\Users\Phil\toeak.exe
Creates FileC:\Users\Phil\toeak.exe
Creates FileC:\Users\Phil\kiepep.exe
Creates FileC:\Users\Phil\kiepep.exe
Creates MutexP

Process
↳ C:\Users\Phil\kiepep.exe

Creates FileC:\Users\Phil\kiepep.exe
Creates FileC:\Users\Phil\kiepep.exe
Creates FileC:\Users\Phil\kiepep.exe
Creates FileC:\Users\Phil\juaan.exe
Creates FileC:\Users\Phil\juaan.exe
Creates MutexP

Process
↳ C:\Users\Phil\juaan.exe

Creates FileC:\Users\Phil\juaan.exe
Creates FileC:\Users\Phil\juaan.exe
Creates FileC:\Users\Phil\juaan.exe
Creates FileC:\Users\Phil\nbweil.exe
Creates FileC:\Users\Phil\nbweil.exe
Creates MutexP

Process
↳ C:\Users\Phil\nbweil.exe

Creates FileC:\Users\Phil\nbweil.exe
Creates FileC:\Users\Phil\nbweil.exe
Creates FileC:\Users\Phil\nbweil.exe
Creates FileC:\Users\Phil\gieqab.exe
Creates FileC:\Users\Phil\gieqab.exe
Creates MutexP

Process
↳ C:\Users\Phil\gieqab.exe

Creates FileC:\Users\Phil\gieqab.exe
Creates FileC:\Users\Phil\gieqab.exe
Creates FileC:\Users\Phil\gieqab.exe
Creates FileC:\Users\Phil\neoexac.exe
Creates FileC:\Users\Phil\neoexac.exe
Creates MutexP

Process
↳ C:\Users\Phil\neoexac.exe

Creates FileC:\Users\Phil\neoexac.exe
Creates FileC:\Users\Phil\neoexac.exe
Creates FileC:\Users\Phil\neoexac.exe
Creates FileC:\Users\Phil\feaoyu.exe
Creates FileC:\Users\Phil\feaoyu.exe
Creates MutexP

Network Details:


Raw Pcap

Strings