Analysis Date2018-04-12 08:25:01
MD503180b3b81c9372609748ca1b5235299
SHA14112db8738c8b675b191b51f650bfd64c7adb1ed

Static Details:

File typePE32 executable (GUI) Intel 80386, for MS Windows
PEhash
AVIkarusBackdoor.Win32.Hupigon
AVCA (E-Trust Ino)No Virus
AVZillya!Trojan.Virut.Win32.3773
AV360 SafeNo Virus
AVKasperskyTrojan.Win32.Generic
AVSymantecNo Virus
AVAlwil (avast)Win32:Vitro
AVArcabit (arcavir)Error Scanning File
AVFrisk (f-prot)W32/Zbot.AW.gen!Eldorado
AVGrisoft (avg)Generic38.BGVL
AVAuthentiumW32/Zbot.AW.gen!Eldorado
AVMcafeeW32/Virut.n.gen
AVNANOTrojan.Win32.Shohdi.ethqtc
AVTwisterHeuri.Virut.1
AVDr. WebWin32.HLLP.Shohdi
AVAvira (antivir)W32/Virut.Gen
AVClamAVWin.Trojan.Shohdi-6136104-0
AVPadvishNo Virus
AVTrend MicroNo Virus
AVMalwareBytesNo Virus
AVMicroWorld (escan)Gen:Variant.Razy.134072
AVK7Virus ( 0050b8571 )
AVFortinetW32/Hupigon.NCU
AVAd-AwareGen:Variant.Razy.134072
AVBitDefenderGen:Variant.Razy.134072
AVRisingWin32.Shodi.e
AVEmsisoftGen:Variant.Razy.134072
AVAlwil (avast)Vitro
AVEset (nod32)Win32/Virut.NHA virus
AVVirusBlokAda (vba32)Virus.Virut.02
AVKasperskyVirus.Win32.Virut.ce
AVWindows DefenderVirus:Win32/Shodi.I
AVAlwil (avast)Evo-gen [Susp]
AVCAT (quickheal)Trojan.Mauvaise.SL1
AVBullGuardGen:Variant.Razy.134072
AVTwisterW32.Virut.NFA.gen.zore
AVSUPERAntiSpywareNo Virus
AVMicrosoft Security EssentialsVirus:Win32/Shodi.I
AVF-SecureGen:Variant.Razy.134072

Runtime Details:

Screenshot

Process
↳ C:\Windows\System32\lsass.exe

Process
↳ C:\Users\Phil\AppData\Local\Temp\4112db8738c8b675b191b51f650bfd64c7adb1ed.exe

Network Details:


Raw Pcap

Strings