Analysis Date2018-04-20 13:41:53
MD53bdf97644db564d54a90fec0280c78e8
SHA1fb5e110ed437b86481a7b526d67e69a46b607e27

Static Details:

File typePE32 executable (DLL) (GUI) Intel 80386, for MS Windows
PEhash
AVBitDefenderTrojan.Rajbot.Gen.1
AVCAT (quickheal)Worm.Gamarue.WR5
AVNANOTrojan.Win32.Bundpil.dvrfox
AVAuthentiumW32/Bundpil.C.gen!Eldorado
AV360 SafeNo Virus
AVEmsisoftTrojan.Rajbot.Gen.1
AVArcabit (arcavir)Trojan.Rajbot.Gen.1
AVF-SecureTrojan:W32/Gamarue.F
AVVirusBlokAda (vba32)Worm.Bundpil
AVSymantecPacked.Dromedan!gen17
AVGrisoft (avg)Worm/Generic3.TSC
AVRisingNo Virus
AVWindows DefenderNo Virus
AVClamAVNo Virus
AVZillya!Worm.Bundpil.Win32.119432
AVAlwil (avast)MalOb-LU [Cryp]
AVEset (nod32)Win32/Bundpil.DJ.gen worm
AVFrisk (f-prot)W32/Bundpil.C.gen!Eldorado
AVMicroWorld (escan)Trojan.Rajbot.Gen.1
AVFortinetW32/Bundpil.DC!worm
AVMalwareBytesNo Virus
AVAd-AwareTrojan.Rajbot.Gen.1
AVDr. WebBackDoor.IRC.Bot.3429
AVKasperskyWorm.Win32.Bundpil.auq
AVMcafeeTrojan-FGXR!3BDF97644DB5
AVSUPERAntiSpywareNo Virus
AVBullGuardTrojan.Rajbot.Gen.1
AVAvira (antivir)WORM/Lodbak.Gen4
AVTrend MicroMal_Bundpil-4
AVMicrosoft Security EssentialsNo Virus
AVPadvishNo Virus
AVTwisterW32.Bundpil.DJ.gen.wzxa
AVK7Error Scanning File
AVCA (E-Trust Ino)Trojan.Rajbot.Gen.1
AVIkarusWorm.Win32.Bundpil

Runtime Details:

Screenshot

Process
↳ C:\Windows\System32\lsass.exe

Process
↳ C:\Windows\System32\rundll32.exe

Creates FileC:\Users\Phil\AppData\Local\Temp\fb5e110ed437b86481a7b526d67e69a46b607e27.dll

Process
↳ C:\Windows\SysWOW64\rundll32.exe

Creates FileC:\Users\Phil\AppData\Local\Temp\IndexerVolumeGuid

Network Details:


Raw Pcap

Strings