Analysis Date2018-05-11 02:39:40
MD5db63ea2d43c5366369a09561eb228b39
SHA1cdc3684a91670641333aa4633d422b71e4592897

Static Details:

AVArcabit (arcavir)DeepScan:Generic.Nimda.57EDAF37
AVAuthentiumW32/S-f9cb8831!Eldorado
AVGrisoft (avg)Generic38.BOSQ
AVAvira (antivir)TR/Spy.Gen
AVAlwil (avast)Error Scanning File
AVAd-AwareDeepScan:Generic.Nimda.57EDAF37
AVBitDefenderDeepScan:Generic.Nimda.57EDAF37
AVBullGuardDeepScan:Generic.Nimda.57EDAF37
AVClamAVError Scanning File
AVDr. WebTrojan.Inject1.58305
AVEmsisoftDeepScan:Generic.Nimda.57EDAF37
AVMicroWorld (escan)DeepScan:Generic.Nimda.57EDAF37
AVCA (E-Trust Ino)Error Scanning File
AVFortinetW32/Agent.OJQ!tr.spy
AVFrisk (f-prot)W32/S-f9cb8831!Eldorado
AVF-SecureDeepScan:Generic.Nimda.57EDAF37
AVIkarusError Scanning File
AVK7Trojan ( 000aef511 )
AVKasperskyError Scanning File
AVMalwareBytesError Scanning File
AVMcafeeDropper-FVF!DB63EA2D43C5
AVMicrosoft Security EssentialsNo Virus
AVNANOTrojan.Win32.Dinwod.ejafor
AVEset (nod32)Win32/Agent.XFC
AVPadvishVirus.Win32.Virut.BN
AVCAT (quickheal)Trojan.Zenshirsh.SL7
AVRisingNo Virus
AV360 SafeNo Virus
AVSUPERAntiSpywareNo Virus
AVSymantecTrojan.Gen
AVTrend MicroNo Virus
AVTwisterTrojanDrop.Dinwod.unm.dafl
AVVirusBlokAda (vba32)Trojan.Inject
AVWindows DefenderBackdoor:MSIL/Bladabindi
AVZillya!Dropper.DinwodGen.Win32.1

Runtime Details:

Screenshot

Process
↳ C:\Windows\System32\lsass.exe

Process
↳ C:\Users\Phil\AppData\Local\Temp\cdc3684a91670641333aa4633d422b71e4592897.exe

Creates FileC:\Users\Phil\AppData\Local\Temp\cdc3684a91670641333aa4633d422b71e4592897.exe
Creates Filec:\gv4v7.exe

Process
↳ c:\gv4v7.exe

Creates Filec:\gv4v7.exe
Creates Filec:\hk3t6h.exe

Process
↳ c:\hk3t6h.exe

Creates Filec:\hk3t6h.exe
Creates Filec:\gup96.exe

Process
↳ c:\gup96.exe

Creates Filec:\gup96.exe
Creates Filec:\5ufuox0.exe

Process
↳ c:\5ufuox0.exe

Creates Filec:\5ufuox0.exe
Creates Filec:\x3xi33f.exe

Process
↳ c:\x3xi33f.exe

Creates Filec:\x3xi33f.exe
Creates Filec:\x1filcx.exe

Process
↳ c:\x1filcx.exe

Creates Filec:\x1filcx.exe
Creates Filec:\jv35m.exe

Process
↳ c:\jv35m.exe

Creates Filec:\jv35m.exe
Creates Filec:\2ttbn9.exe

Process
↳ c:\2ttbn9.exe

Creates Filec:\2ttbn9.exe
Creates Filec:\0fxxf6x.exe

Process
↳ c:\0fxxf6x.exe

Creates Filec:\0fxxf6x.exe
Creates Filec:\95nwn1.exe

Process
↳ c:\95nwn1.exe

Creates Filec:\95nwn1.exe
Creates Filec:\8xr9x2x.exe

Process
↳ c:\8xr9x2x.exe

Creates Filec:\8xr9x2x.exe
Creates Filec:\5a3dv.exe

Process
↳ c:\5a3dv.exe

Creates Filec:\5a3dv.exe
Creates Filec:\cfr08il.exe

Process
↳ c:\cfr08il.exe

Creates Filec:\cfr08il.exe
Creates Filec:\ttww35.exe

Network Details:


Raw Pcap

Strings