Analysis Date2018-05-07 23:30:48
MD5ebd186a6bf0f14b169887cedbfde91bb
SHA1f7143db85b3347cc88f7840ff26dad3d04457279

Static Details:

AVArcabit (arcavir)Gen:Variant.Kazy.66687
AVAuthentiumW32/Troj_Obfusc.AO.gen!Eldorado
AVGrisoft (avg)Win32/Cryptor
AVAvira (antivir)TR/Crypt.XPACK.Gen
AVAlwil (avast)MalOb-HP [Cryp]
AVAd-AwareError Scanning File
AVBitDefenderError Scanning File
AVBullGuardGen:Variant.Kazy.66687
AVClamAVWin.Trojan.Agent-968639
AVDr. WebTrojan.PWS.Panda.2401
AVEmsisoftGen:Variant.Kazy.66687
AVMicroWorld (escan)Gen:Variant.Kazy.66687
AVCA (E-Trust Ino)Gen:Variant.Kazy.66687
AVFortinetW32/ZeroAccess.B!tr
AVFrisk (f-prot)W32/Troj_Obfusc.AO.gen!Eldorado
AVF-SecureGen:Variant.Kazy.66687
AVIkarusTrojan-Ransom.Win32.Birele
AVK7Error Scanning File
AVKasperskyTrojan.Win32.Generic
AVMalwareBytesTrojan.Agent.MRGGen
AVMcafeePWS-Zbot.gen.hv
AVMicrosoft Security EssentialsTrojan:Win32/Toga!rfn
AVNANOTrojan.Win32.Crypted.cuoxgv
AVEset (nod32)Win32/Kryptik.AKWC
AVPadvishNo Virus
AVCAT (quickheal)TrojanPWS.Zbot.Gen
AVRisingNo Virus
AV360 SafeNo Virus
AVSUPERAntiSpywareNo Virus
AVSymantecPacked.Generic.393
AVTrend MicroTSPY_ZBOT.SM32
AVTwisterTrojan.0000558BEC83EC0C@.mg
AVVirusBlokAda (vba32)Trojan.Genome.af
AVWindows DefenderTrojan:Win32/Toga!rfn
AVZillya!No Virus

Runtime Details:

Screenshot

Process
↳ C:\Windows\System32\lsass.exe

Process
↳ C:\Users\Phil\AppData\Local\Temp\f7143db85b3347cc88f7840ff26dad3d04457279.exe

Creates FileC:\Windows\Globalization\Sorting\sortdefault.nls

Network Details:


Raw Pcap

Strings