VTI SCORE: 100/100
Dynamic Analysis Report |
Classification: |
Exploit
Downloader
Spyware
|
Threat Names: |
MailPassView
Exploit.RTF-ObfsObjDat.Gen
Gen:Variant.Ser.MSILPerseus.3740
...
|
gymhei.rtf
RTF Document
Created at 2020-03-09T01:30:00
Remarks (1/1)
(0x02000010): The operating system was rebooted during the analysis.
Indicators
File (75)
»
Registry (82)
»
Mutex (3)
»
Mutex Name | Operations |
---|---|
Global\.net clr networking | Access |
OytkuFnNtwYSuu | Access |
c0a7917d-51d4-4342-b9d4-3e877f7af0ef | Access |
Domain (1)
»
Domain | Sources | Severity |
---|---|---|
robotrade.com.vn | Function Log, PCAP |
Blacklisted
|
URL (1)
»
URL | Operations | Category | Severity |
---|---|---|---|
http://robotrade.com.vn/wp-content/images/views/A3nBEySMVDPuHZJ.exe | GET | Contacted |
Blacklisted
|
IP (1)
»
IP | Protocols | Sources |
---|---|---|
103.74.123.3 | DNS, TCP, HTTP | Function Log, PCAP |