Analysis Date2018-05-15 20:33:39
MD531fc4087be2146317c2f32292a33a16a
SHA1dbd34760592da85d6b7f73ad26449fa6d81a2b74

Static Details:

AVArcabit (arcavir)Error Scanning File
AVAuthentiumW32/FakeAlert.NH.gen!Eldorado
AVGrisoft (avg)FakeAV.OHJ
AVAvira (antivir)TR/Crypt.XPACK.Gen2
AVAlwil (avast)MalOb-GP [Cryp]
AVAd-AwareGen:Trojan.Heur.KS.2
AVBitDefenderGen:Trojan.Heur.KS.2
AVBullGuardGen:Trojan.Heur.KS.2
AVClamAVWin.Downloader.112970-1
AVDr. WebTrojan.DownLoader2.50643
AVEmsisoftGen:Trojan.Heur.KS.2
AVMicroWorld (escan)Gen:Trojan.Heur.KS.2
AVCA (E-Trust Ino)Gen:Trojan.Heur.KS.2
AVFortinetW32/Generic.AC.1EA99!tr
AVFrisk (f-prot)W32/FakeAlert.NH.gen!Eldorado
AVF-SecureGen:Trojan.Heur.KS.2
AVIkarusTrojan.Win32.Jorik
AVK7Trojan ( 0025662f1 )
AVKasperskyTrojan-Downloader.Win32.CodecPack.aswe
AVMalwareBytesNo Virus
AVMcafeeDownloader-CEW.ao
AVMicrosoft Security EssentialsTrojanDownloader:Win32/Renos
AVNANOError Scanning File
AVEset (nod32)Win32/TrojanDownloader.FakeAlert.BBT
AVPadvishMalware.Trojan.Downloader-112970
AVCAT (quickheal)Trojan.Renos.PG
AVRisingError Scanning File
AV360 SafeNo Virus
AVSUPERAntiSpywareError Scanning File
AVSymantecTrojan.Gen
AVTrend MicroTROJ_FAKEAV.SM91
AVTwisterTrojan.24F8@2FF0087@2FF5.mg
AVVirusBlokAda (vba32)TrojanDownloader.CodecPack
AVWindows DefenderTrojanDownloader:Win32/Renos
AVZillya!No Virus

Runtime Details:

Screenshot

Process
↳ C:\Windows\System32\lsass.exe

Process
↳ C:\Users\Phil\AppData\Local\Temp\dbd34760592da85d6b7f73ad26449fa6d81a2b74.exe

Network Details:


Raw Pcap

Strings