Analysis Date2018-03-26 23:32:50
MD52f36323f473f12384521b0f1ce304706
SHA12e173774f841fa30dc2b2c9e077cfd24751072d8

Static Details:

AVArcabit (arcavir)Gen:Variant.Razy.4486
AVAuthentiumW32/Flo.A.gen!Eldorado
AVGrisoft (avg)Agent4.ANMH
AVAvira (antivir)TR/Crypt.XPACK.Gen7
AVAlwil (avast)Dropper-gen [Drp]
AVAd-AwareGen:Variant.Razy.4486
AVBitDefenderGen:Variant.Razy.4486
AVBullGuardError Scanning File
AVClamAVError Scanning File
AVDr. WebTrojan.Redirect.140
AVEmsisoftGen:Variant.Razy.4486
AVMicroWorld (escan)Gen:Variant.Razy.4486
AVCA (E-Trust Ino)Error Scanning File
AVFortinetW32/Kryptik.AZHQ!tr
AVFrisk (f-prot)W32/Flo.A.gen!Eldorado
AVF-SecureGen:Variant.Razy.4486
AVIkarusError Scanning File
AVK7Error Scanning File
AVKasperskyError Scanning File
AVMalwareBytesTrojan.Agent.NR
AVMcafeeDropper-FEQ!2F36323F473F
AVMicrosoft Security EssentialsNo Virus
AVNANOTrojan.Win32.Agent.bxpifm
AVEset (nod32)Win32/Kryptik.BBEX
AVPadvishNo Virus
AVCAT (quickheal)Trojan.Toga
AVRisingNo Virus
AV360 SafeNo Virus
AVSUPERAntiSpywareTrojan.Agent/Gen-Kryptik
AVSymantecTrojan.Gen
AVTrend MicroTROJ_SPNR.35FG13
AVTwisterTrojan.FD8339880850FC90
AVVirusBlokAda (vba32)SScope.Malware-Cryptor.Carberp.2313
AVWindows DefenderTrojan:Win32/Toga!rfn
AVZillya!Error Scanning File

Runtime Details:

Screenshot

Process
↳ C:\Windows\System32\lsass.exe

Process
↳ C:\Users\Phil\AppData\Local\Temp\2e173774f841fa30dc2b2c9e077cfd24751072d8.exe

Creates FileC:\Users\Phil\AppData\Local\Temp\2e173774f841fa30dc2b2c9e077cfd24751072d8.exe
Creates FileC:\ProgramData\Mozilla\fhpdslh.exe

Network Details:


Raw Pcap

Strings