Analysis Date2018-04-14 09:49:33
MD52ae03031b2d4afee3a9b99054bc72823
SHA1419171eecf3df345c0baeb5ac30f2134e4da3403

Static Details:

File typePE32 executable (GUI) Intel 80386, for MS Windows
PEhash
AVCA (E-Trust Ino)Error Scanning File
AVIkarusError Scanning File
AVMicroWorld (escan)Trojan.Crypt.AI
AVPadvishWorm.Win32.Socks.ja
AVAvira (antivir)TR/Dldr.Agent.agl
AVAd-AwareTrojan.Crypt.AI
AVSUPERAntiSpywareTrojan.Agent/Gen-Malex
AVCAT (quickheal)Trojan.Mauvaise.SL1
AVZillya!Worm.Socks.Win32.311
AVAlwil (avast)Small-JVY [Trj]
AVBitDefenderTrojan.Crypt.AI
AVFortinetW32/Socks.NAL!tr
AVKasperskyError Scanning File
AVGrisoft (avg)Win32/DH{Tjk?}
AVMicrosoft Security EssentialsTrojan:Win32/Malex.gen!J
AVEmsisoftTrojan.Crypt.AI
AVArcabit (arcavir)Trojan.Crypt.AI
AVRisingTrojan.Agent!4DB5
AVClamAVError Scanning File
AVVirusBlokAda (vba32)Worm.Socks
AVK7EmailWorm ( 000415851 )
AVNANOTrojan.Win32.Socks.oojm
AVSymantecW32.Mandaph
AVEset (nod32)Win32/PSW.Agent.NHG
AV360 SafeNo Virus
AVMcafeeBackDoor-DRW
AVAlwil (avast)Small-JMK [Trj]
AVDr. WebBackDoor.FireOn.70
AVFrisk (f-prot)W32/Socks.A.gen!Eldorado
AVBullGuardTrojan.Crypt.AI
AVWindows DefenderTrojan:Win32/Malex.gen!J
AVNANOTrojan.Win32.Socks.dbszmw
AVF-SecureTrojan.Crypt.AI
AVAuthentiumW32/Socks.A.gen!Eldorado
AVTrend MicroWORM_SOCKS.EC
AVMalwareBytesNo Virus
AVTwisterVirus.B975BD09D2B05CF1

Runtime Details:

Screenshot

Process
↳ C:\Windows\System32\lsass.exe

Process
↳ C:\Users\Phil\AppData\Local\Temp\419171eecf3df345c0baeb5ac30f2134e4da3403.exe

Network Details:


Raw Pcap
0x00000000 (00000)   47455420 2f6e6373 692e7478 74204854   GET /ncsi.txt HT
0x00000010 (00016)   54502f31 2e310d0a 436f6e6e 65637469   TP/1.1..Connecti
0x00000020 (00032)   6f6e3a20 436c6f73 650d0a55 7365722d   on: Close..User-
0x00000030 (00048)   4167656e 743a204d 6963726f 736f6674   Agent: Microsoft
0x00000040 (00064)   204e4353 490d0a48 6f73743a 20777777    NCSI..Host: www
0x00000050 (00080)   2e6d7366 746e6373 692e636f 6d0d0a0d   .msftncsi.com...
0x00000060 (00096)   0a                                    .


Strings