dokumentacja_92622.vbe
VBScript
Created at 2019-04-30T10:37:00
VMRay Threat Indicators (9 rules, 10 matches)
| Severity | Category | Operation | Count | Classification | |
|---|---|---|---|---|---|
|
4/5
|
Process | Creates an unusually large number of processes | 1 | - | |
|
|||||
|
4/5
|
Process | Executes encoded PowerShell script | 1 | - | |
|
|||||
|
3/5
|
Network | Reads network adapter information | 1 | - | |
|
|||||
|
2/5
|
Network | Performs DNS request | 1 | - | |
|
|||||
|
2/5
|
Network | Connects to HTTP server | 1 | - | |
|
|||||
|
2/5
|
PE | Drops PE file | 1 | Dropper | |
|
|||||
|
1/5
|
Process | Creates system object | 2 | - | |
|
|||||
|
|||||
|
1/5
|
Process | Enumerates running processes | 1 | - | |
|
|||||
|
1/5
|
Network | Connects to remote host | 1 | - | |
|
|||||
Screenshots
Monitored Processes
Sample Information
| ID | #632978 |
| MD5 |
c0b9640880d94923f8aeb1b7944a4f69
|
| SHA1 |
2dddc57a59b07449a052167218bc3a198c8cd82c
|
| SHA256 |
04ad737a63367cfb492597ba86fd3509eb7340f2b762d830c05dfd9fe9870a07
|
| SSDeep |
96:MvS4P8h6j2Fm1hxe777TTppp7TTCpYhhhhhhhtJ4vB7PkoJeJXJMNMf8AiMHB5Qe:MOo7IH9
|
| Filename | dokumentacja_92622.vbe |
| File Size | 7.13 KB |
| Sample Type | VBScript |
Analysis Information
| Creation Time | 2019-04-30 12:37 (UTC+2) |
| Analysis Duration | 00:16:29 |
| Number of Monitored Processes | 277 |
| Execution Successful |
|
| Reputation Enabled |
|
| WHOIS Enabled |
|
| Local AV Enabled |
|
| YARA Enabled |
|
| Number of AV Matches | 0 |
| Number of YARA Matches | 0 |
| Termination Reason | Timeout |
| Tags |
