Analysis Date2018-04-10 04:33:13
MD5e36f50793e566bd1b76c628bb2dd9432
SHA1680d85658db48389e0cdc5a61ff3723deabc74ea

Static Details:

AVArcabit (arcavir)Gen:Trojan.Heur.GM.0100010902
AVAuthentiumW32/S-dc879512!Eldorado
AVGrisoft (avg)No Virus
AVAvira (antivir)TR/Crypt.XPACK.Gen
AVAlwil (avast)Sankei
AVAlwil (avast)Win32:Sankei
AVAd-AwareGen:Trojan.Heur.GM.0100010902
AVBitDefenderGen:Trojan.Heur.GM.0100010902
AVBullGuardGen:Trojan.Heur.GM.0100010902
AVClamAVNo Virus
AVDr. WebTrojan.KillFiles.62112
AVEmsisoftGen:Trojan.Heur.GM.0100010902
AVMicroWorld (escan)Gen:Trojan.Heur.GM.0100010902
AVCA (E-Trust Ino)Gen:Trojan.Heur.GM.0100010902
AVFortinetW32/Ausiv.A
AVFrisk (f-prot)W32/S-dc879512!Eldorado
AVF-SecureGen:Trojan.Heur.GM.0100010902
AVIkarusPacker.Win32.Krap
AVK7Trojan ( 00517a0d1 )
AVKasperskyPacked.Win32.Krap.jc
AVMalwareBytesNo Virus
AVMcafeePacked-SU!E36F50793E56
AVMicrosoft Security EssentialsTrojan:Win32/Ausiv
AVNANOTrojan.Win32.Krap.espnuv
AVEset (nod32)Win32/Ausiv.A virus
AVPadvishNo Virus
AVCAT (quickheal)No Virus
AVRisingNo Virus
AV360 SafeNo Virus
AVSUPERAntiSpywareNo Virus
AVSymantecW32.Suviapen
AVTrend MicroNo Virus
AVTwisterW32.Ausiv.A.klhm
AVVirusBlokAda (vba32)Trojan.KillFiles
AVWindows DefenderTrojan:Win32/Ausiv
AVZillya!Trojan.Black.Win32.51917

Runtime Details:

Screenshot

Process
↳ C:\Windows\System32\lsass.exe

Process
↳ C:\Users\Phil\AppData\Local\Temp\680d85658db48389e0cdc5a61ff3723deabc74ea.exe

Network Details:


Raw Pcap

Strings