Analysis Date2018-05-17 03:53:56
MD5b84942205113aa9d30dfa7eca08297e5
SHA190d55bc721e83b5dae2ae0502750e7c045e1b9a5

Static Details:

AVArcabit (arcavir)Gen:Variant.Zusy.47850
AVAuthentiumNo Virus
AVGrisoft (avg)PSW.Generic11.CAZ
AVAvira (antivir)TR/Crypt.ZPACK.Gen8
AVAlwil (avast)Agent-ARVP [Trj]
AVAd-AwareGen:Variant.Zusy.47850
AVBitDefenderGen:Variant.Zusy.47850
AVBullGuardGen:Variant.Zusy.47850
AVClamAVWin.Trojan.Blocker-208
AVDr. WebTrojan.Packed.24328
AVEmsisoftGen:Variant.Zusy.47850
AVMicroWorld (escan)Gen:Variant.Zusy.47850
AVCA (E-Trust Ino)Gen:Variant.Symmi.18763
AVFortinetW32/Injector.AEUM!tr
AVFrisk (f-prot)No Virus
AVF-SecureGen:Variant.Zusy.47850
AVIkarusWorm.Win32.Dorkbot
AVK7Error Scanning File
AVKasperskyTrojan-Ransom.Win32.Blocker.azsl
AVMalwareBytesNo Virus
AVMcafeeGenericR-CGD!B84942205113
AVMicrosoft Security EssentialsPWS:Win32/Zbot
AVNANOTrojan.Win32.Blocker.eezxrt
AVEset (nod32)Win32/Injector.AHHU
AVPadvishNo Virus
AVCAT (quickheal)Worm.Gamarue
AVRisingTrojan.VBInject!4947
AV360 SafeNo Virus
AVSUPERAntiSpywareWorm.Dorkbot/Variant
AVSymantecNo Virus
AVTrend MicroNo Virus
AVTwisterTrojan.744FC931D80D2F4C
AVVirusBlokAda (vba32)TrojanSpy.Zbot
AVWindows DefenderPWS:Win32/Zbot
AVZillya!Trojan.Blocker.Win32.7171

Runtime Details:

Screenshot

Process
↳ C:\Windows\System32\lsass.exe

Process
↳ C:\Users\Phil\AppData\Local\Temp\90d55bc721e83b5dae2ae0502750e7c045e1b9a5.exe

Creates FileC:\Users\Phil\AppData\Local\Temp\~DFD1EC9D54893DE543.TMP

Process
↳ C:\Users\Phil\AppData\Local\Temp\90d55bc721e83b5dae2ae0502750e7c045e1b9a5.exe

Creates FileC:\Users\Phil\AppData\Local\Temp\90d55bc721e83b5dae2ae0502750e7c045e1b9a5.exe

Network Details:


Raw Pcap

Strings