Analysis Date2018-05-09 16:42:10
MD5cdc241a74bba419648260a872a98441f
SHA1fc90ff5652914dd2dab5781745f5cb4c93c90322

Static Details:

File type
Section.text md5: sha1: size:
Section.data md5: sha1: size:
Section.xcpad md5: sha1: size:
Section.idata md5: sha1: size:
Section.reloc md5: sha1: size:
Section.rsrc md5: sha1: size:
Timestamp
VersionLegalCopyright:
PackagerVersion:
InternalName:
FileVersion:
CompanyName:
Comments:
ProductName:
ProductVersion:
FileDescription:
Packager:
OriginalFilename:
Packer
PEhash
IMPhash
AVAd-Awareno_virus
AVAlwil (avast)no_virus
AVArcabit (arcavir)no_virus
AVAuthentiumno_virus
AVAvira (antivir)no_virus
AVBitDefenderno_virus
AVBullGuardno_virus
AVCA (E-Trust Ino)no_virus
AVCAT (quickheal)no_virus
AVClamAVno_virus
AVDr. Webno_virus
AVEmsisoftno_virus
AVEset (nod32)no_virus
AVF-Secureno_virus
AVFortinetno_virus
AVFrisk (f-prot)no_virus
AVGrisoft (avg)no_virus
AVIkarusno_virus
AVK7no_virus
AVKasperskyno_virus
AVMalwareBytesno_virus
AVMcafeeno_virus
AVMicroWorld (escan)no_virus
AVMicrosoft Security Essentialsno_virus
AVRisingno_virus
AVSymantecno_virus
AVTrend Microno_virus
AVTwisterno_virus
AVVirusBlokAda (vba32)no_virus
AVZillya!no_virus

Runtime Details:

Screenshot

Process
↳ C:\Windows\System32\lsass.exe

Process
↳ C:\Users\Phil\AppData\Local\Temp\fc90ff5652914dd2dab5781745f5cb4c93c90322.exe

Creates FileC:\Windows\Globalization\Sorting\sortdefault.nls
Creates FileC:\Windows\Fonts\staticcache.dat

Network Details:


Raw Pcap

Strings