Analysis Date2018-05-15 05:09:57
MD5651ea2b2987b3b45772789f68382f862
SHA131c57f38efb13f2985457db4bbb961caaf01bbcc

Static Details:

AVArcabit (arcavir)No Virus
AVAuthentiumW32/Sality.E.gen!Eldorado
AVGrisoft (avg)Win32/Sality
AVAvira (antivir)TR/Patched.Ren.Gen
AVAlwil (avast)Error Scanning File
AVAd-AwareNo Virus
AVBitDefenderNo Virus
AVBullGuardNo Virus
AVClamAVError Scanning File
AVDr. WebNo Virus
AVEmsisoftNo Virus
AVMicroWorld (escan)No Virus
AVCA (E-Trust Ino)Error Scanning File
AVFortinetNo Virus
AVFrisk (f-prot)W32/Sality.E.gen!Eldorado
AVF-SecureNo Virus
AVIkarusError Scanning File
AVK7Riskware ( 0040eff71 )
AVKasperskyError Scanning File
AVMalwareBytesNo Virus
AVMcafeeNo Virus
AVMicrosoft Security EssentialsNo Virus
AVNANOTrojan.Win32.Diple.egjdsv
AVEset (nod32)No Virus
AVPadvishNo Virus
AVCAT (quickheal)No Virus
AVRisingNo Virus
AV360 SafeNo Virus
AVSUPERAntiSpywareNo Virus
AVSymantecNo Virus
AVTrend MicroPE_SALITY.RL
AVTwisterNo Virus
AVVirusBlokAda (vba32)Trojan.Diple
AVWindows DefenderNo Virus
AVZillya!No Virus

Runtime Details:

Screenshot

Process
↳ C:\Windows\System32\lsass.exe

Process
↳ C:\Users\Phil\AppData\Local\Temp\31c57f38efb13f2985457db4bbb961caaf01bbcc.exe

Creates FileC:\Users\Phil\AppData\Local\Temp\~DFB611EE2F1B3BDF75.TMP

Network Details:


Raw Pcap

Strings