Analysis Date2018-03-28 20:33:35
MD536e291d0e756d3ed862867dce6ccba17
SHA195df908bbc7fab0dd68a68ba03e6aef87d589d8c

Static Details:

AVArcabit (arcavir)No Virus
AVAuthentiumNo Virus
AVGrisoft (avg)No Virus
AVAvira (antivir)No Virus
AVAlwil (avast)No Virus
AVAd-AwareNo Virus
AVBitDefenderNo Virus
AVBullGuardNo Virus
AVClamAVNo Virus
AVDr. WebNo Virus
AVEmsisoftNo Virus
AVMicroWorld (escan)No Virus
AVCA (E-Trust Ino)No Virus
AVFortinetNo Virus
AVFrisk (f-prot)No Virus
AVF-SecureNo Virus
AVIkarusBackdoor.Win32.Gbot
AVK7Error Scanning File
AVKasperskyTrojan.Win32.Generic
AVMalwareBytesNo Virus
AVMcafeeNo Virus
AVMicrosoft Security EssentialsNo Virus
AVNANONo Virus
AVEset (nod32)No Virus
AVPadvishError Scanning File
AVCAT (quickheal)No Virus
AVRisingNo Virus
AV360 SafeNo Virus
AVSUPERAntiSpywareNo Virus
AVSymantecNo Virus
AVTrend MicroNo Virus
AVTwisterTrojan.82B54D5A84C93468
AVVirusBlokAda (vba32)No Virus
AVWindows DefenderNo Virus
AVZillya!No Virus

Runtime Details:

Screenshot

Process
↳ C:\Windows\System32\lsass.exe

Process
↳ C:\Users\Phil\AppData\Local\Temp\95df908bbc7fab0dd68a68ba03e6aef87d589d8c.exe

Creates Filec:\stopthis.now
Creates FileC:\Windows\_delis32.ini

Network Details:


Raw Pcap

Strings