VMRay Analyzer Report for Sample #616432
VMRay Analyzer
3.2.2
URI
google.com
Resolved_To
Address
172.217.23.142
Process
1
2852
lef9nvbny3gqm5dx.exe
1108
lef9nvbny3gqm5dx.exe
"C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\Lef9NVBNY3Gqm5dX.exe"
C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
c:\users\5p5nrgjn0js halpmcxz\desktop\lef9nvbny3gqm5dx.exe
Child_Of
Child_Of
Child_Of
Child_Of
Created
Created
Created
Opened
Opened
Opened
Modified_Properties_Of
Created
Process
2
2708
buccwoag.exe
2852
buccwoag.exe
"C:\Users\5p5NrGJn0jS HALPmcxz\duIwksoU\BUccwoAg.exe"
C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
c:\users\5p5nrgjn0js halpmcxz\duiwksou\buccwoag.exe
Created
Created
Created
Created
Created
Created
Created
Created
Created
Opened
Resumed
Read_From
Process
3
2688
ymiisqma.exe
2852
ymiisqma.exe
"C:\ProgramData\GSogosQc\YMIIsQMA.exe"
C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
c:\programdata\gsogosqc\ymiisqma.exe
Created
Created
Created
Created
Created
Created
Created
Created
Created
Opened
Resumed
Read_From
Process
4
4
System
18446744073709551615
System
None
System
Process
5
472
services.exe
376
services.exe
C:\Windows\system32\services.exe
C:\Windows\system32\
c:\windows\system32\services.exe
Child_Of
Child_Of
Child_Of
Child_Of
Child_Of
Child_Of
Child_Of
Child_Of
Child_Of
Child_Of
Child_Of
Child_Of
Child_Of
Child_Of
Process
6
592
svchost.exe
472
svchost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\
c:\windows\system32\svchost.exe
Child_Of
Child_Of
Process
7
660
svchost.exe
472
svchost.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\
c:\windows\system32\svchost.exe
Process
8
712
svchost.exe
472
svchost.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\
c:\windows\system32\svchost.exe
Process
9
824
svchost.exe
472
svchost.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\
c:\windows\system32\svchost.exe
Process
10
880
svchost.exe
472
svchost.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\
c:\windows\system32\svchost.exe
Process
11
200
svchost.exe
472
svchost.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\
c:\windows\system32\svchost.exe
Process
12
284
svchost.exe
472
svchost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\
c:\windows\system32\svchost.exe
Process
13
1148
spoolsv.exe
472
spoolsv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\
c:\windows\system32\spoolsv.exe
Process
14
1212
svchost.exe
472
svchost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\
c:\windows\system32\svchost.exe
Process
15
1224
taskhost.exe
472
taskhost.exe
"taskhost.exe"
C:\Windows\system32\
c:\windows\system32\taskhost.exe
Process
16
2912
taskhost.exe
472
taskhost.exe
taskhost.exe $(Arg0)
C:\Windows\system32\
c:\windows\system32\taskhost.exe
Process
17
176
ssyiykgc.exe
472
ssyiykgc.exe
C:\ProgramData\VWcUEoYI\ssYIYkgc.exe
C:\Windows\system32\
c:\programdata\vwcueoyi\ssyiykgc.exe
Child_Of
Process
18
1348
dllhost.exe
592
dllhost.exe
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
C:\Windows\system32\
c:\windows\system32\dllhost.exe
Process
20
2196
dllhost.exe
592
dllhost.exe
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
C:\Windows\system32\
c:\windows\system32\dllhost.exe
Process
22
2724
werfault.exe
176
werfault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 176 -s 124
C:\Windows\SysWOW64\
c:\windows\syswow64\werfault.exe
Process
23
2804
ssyiykgc.exe
472
ssyiykgc.exe
C:\ProgramData\VWcUEoYI\ssYIYkgc.exe
C:\Windows\system32\
c:\programdata\vwcueoyi\ssyiykgc.exe
Created
Created
Process
24
2908
ssyiykgc.exe
472
ssyiykgc.exe
C:\ProgramData\VWcUEoYI\ssYIYkgc.exe
C:\Windows\system32\
c:\programdata\vwcueoyi\ssyiykgc.exe
Created
Created
Process
25
1224
buccwoag.exe
308
buccwoag.exe
"C:\Users\5p5NrGJn0jS HALPmcxz\duIwksoU\BUccwoAg.exe"
C:\Windows\system32\
c:\users\5p5nrgjn0js halpmcxz\duiwksou\buccwoag.exe
Child_Of
Created
Created
Created
Created
Created
Created
Created
Created
Created
Created
Opened
Read_From
Read_From
Process
26
1676
ssyiykgc.exe
452
ssyiykgc.exe
C:\ProgramData\VWcUEoYI\ssYIYkgc.exe
C:\Windows\system32\
c:\programdata\vwcueoyi\ssyiykgc.exe
Created
Created
Opened
Opened
Opened
Process
27
1840
ymiisqma.exe
1224
ymiisqma.exe
"C:\ProgramData\GSogosQc\YMIIsQMA.exe"
C:\Windows\system32\
c:\programdata\gsogosqc\ymiisqma.exe
Connected_To
Connected_To
Connected_To
Created
Created
Created
Created
Created
Created
Created
Created
Created
Opened
Modified_Properties_Of
Read_From
Read_From
Mutex
uwkkwwAk
Mutex
DakkIgow
WinRegistryKey
software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER
BUccwoAg.exe
C:\Users\5p5NrGJn0jS HALPmcxz\duIwksoU\BUccwoAg.exe
REG_SZ
WinRegistryKey
software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE
YMIIsQMA.exe
C:\ProgramData\GSogosQc\YMIIsQMA.exe
REG_SZ
WinRegistryKey
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
HKEY_LOCAL_MACHINE
Userinit
C:\Windows\system32\userinit.exe,C:\ProgramData\GSogosQc\YMIIsQMA.exe,
REG_SZ
Userinit
WinRegistryKey
SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
HKEY_LOCAL_MACHINE
Userinit
userinit.exe,C:\ProgramData\GSogosQc\YMIIsQMA.exe,
REG_SZ
Userinit
WinService
lMMYIkPL
lMMYIkPL
C:\ProgramData\VWcUEoYI\ssYIYkgc.exe
SERVICE_AUTO_START
SERVICE_WIN32_OWN_PROCESS
Mutex
è0@
Mutex
ð0@
Mutex
ø0@
Mutex
Mutex
�1@
Mutex
HYMEMkcU1
Mutex
LcQMUQsg1
WinRegistryKey
software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER
BUccwoAg.exe
C:\Users\5p5NrGJn0jS HALPmcxz\duIwksoU\BUccwoAg.exe
REG_SZ
BUccwoAg.exe
C:\Users\5p5NrGJn0jS HALPmcxz\duIwksoU\BUccwoAg.exe
REG_SZ
DNSRecord
google.com
Mutex
è0@
Mutex
ð0@
Mutex
ø0@
Mutex
Mutex
�1@
Mutex
HYMEMkcU1
Mutex
LcQMUQsg1
WinRegistryKey
software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE
YMIIsQMA.exe
C:\ProgramData\GSogosQc\YMIIsQMA.exe
REG_SZ
DNSRecord
google.com
SocketAddress
172.217.23.142
80
TCP
NetworkSocket
172.217.23.142
80
TCP
Contains
SocketAddress
google.com
80
NetworkConnection
HTTP
google.com
80
URI
http://google.com/
Contains
Mutex
uwkkwwAk
Mutex
DakkIgow
Mutex
uwkkwwAk
Mutex
DakkIgow
DNSRecord
google.com
DNSRecord
google.com
WinRegistryKey
software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE
YMIIsQMA.exe
C:\ProgramData\GSogosQc\YMIIsQMA.exe
REG_SZ
WinRegistryKey
software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE
YMIIsQMA.exe
C:\ProgramData\GSogosQc\YMIIsQMA.exe
REG_SZ
WinRegistryKey
software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE
YMIIsQMA.exe
C:\ProgramData\GSogosQc\YMIIsQMA.exe
REG_SZ
WinRegistryKey
software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE
YMIIsQMA.exe
74776576
REG_SZ
DNSRecord
google.com
DNSRecord
google.com
Analyzed Sample #616432
Malware Artifacts
616432
Sample-ID: #616432
Job-ID: #1610007
This sample was analyzed by VMRay Analyzer 3.2.2 on a Windows 7 system
100
VTI Score based on VTI Database Version 3.6
Metadata of Sample File #616432
Submission-ID: #3964790
32f7a9e9e50f7a4f14cf9667bf30f7b51dc2937cee18c3c5fe97773767c41ff0exe
MD5
4fb2382b7c4e49880851c42cad35e269
SHA1
6b4b6a3ae92084d78e50277896fe9e9e297acae9
SHA256
32f7a9e9e50f7a4f14cf9667bf30f7b51dc2937cee18c3c5fe97773767c41ff0
Opened_By
Metadata of Analysis for Job-ID #1610007
True
Timeout
True
240.021
XDUWTFONO
win7_64_sp1
x86 64-bit
Windows 7
6.1.7601.17514 (3844dbb9-2017-4967-be7a-a4a2c20430fa)
5p5NrGJn0jS HALPmcxz
XDUWTFONO
This is a property collection for additional information of VMRay analysis
VMRay Analyzer
Obfuscation
VTI rule match with VTI rule score 2/5
vmray_dynamic_api_usage_by_api
Resolves an unusually high number of APIs.
Resolves APIs dynamically to possibly evade static detection
Mutex
VTI rule match with VTI rule score 1/5
vmray_create_named_mutex
Creates mutex with name "uwkkwwAk".
Creates mutex
Mutex
VTI rule match with VTI rule score 1/5
vmray_create_named_mutex
Creates mutex with name "DakkIgow".
Creates mutex
Discovery
VTI rule match with VTI rule score 0/5
vmray_enumerate_processes
Enumerates running processes.
Enumerates running processes
Hide Tracks
VTI rule match with VTI rule score 1/5
vmray_create_process_with_hidden_window
The process "C:\Users\5p5NrGJn0jS HALPmcxz\duIwksoU\BUccwoAg.exe" starts with hidden window.
Creates process with hidden window
Persistence
VTI rule match with VTI rule score 1/5
vmray_install_startup_script_by_registry
Adds "C:\Users\5p5NrGJn0jS HALPmcxz\duIwksoU\BUccwoAg.exe" to Windows startup via registry.
Installs system startup script or application
Hide Tracks
VTI rule match with VTI rule score 1/5
vmray_create_process_with_hidden_window
The process "C:\ProgramData\GSogosQc\YMIIsQMA.exe" starts with hidden window.
Creates process with hidden window
Persistence
VTI rule match with VTI rule score 1/5
vmray_install_startup_script_by_registry
Adds "C:\ProgramData\GSogosQc\YMIIsQMA.exe" to Windows startup via registry.
Installs system startup script or application
Persistence
VTI rule match with VTI rule score 1/5
vmray_install_startup_script_by_registry
Adds "C:\Windows\system32\userinit.exe,C:\ProgramData\GSogosQc\YMIIsQMA.exe," to Windows startup via registry.
Installs system startup script or application
Persistence
VTI rule match with VTI rule score 1/5
vmray_install_startup_script_by_registry
Adds "userinit.exe,C:\ProgramData\GSogosQc\YMIIsQMA.exe," to Windows startup via registry.
Installs system startup script or application
Mutex
VTI rule match with VTI rule score 1/5
vmray_create_named_mutex
Creates mutex with name "è0@".
Creates mutex
Mutex
VTI rule match with VTI rule score 1/5
vmray_create_named_mutex
Creates mutex with name "ð0@".
Creates mutex
Mutex
VTI rule match with VTI rule score 1/5
vmray_create_named_mutex
Creates mutex with name "ø0@".
Creates mutex
Mutex
VTI rule match with VTI rule score 1/5
vmray_create_named_mutex
Creates mutex with name "1@".
Creates mutex
Mutex
VTI rule match with VTI rule score 1/5
vmray_create_named_mutex
Creates mutex with name "HYMEMkcU1".
Creates mutex
Mutex
VTI rule match with VTI rule score 1/5
vmray_create_named_mutex
Creates mutex with name "LcQMUQsg1".
Creates mutex
Persistence
VTI rule match with VTI rule score 1/5
vmray_install_service_by_api
Installs service "lMMYIkPL" by CreateServiceW.
Installs system service
Network Connection
VTI rule match with VTI rule score 1/5
vmray_request_dns_by_name
Resolves host name "google.com".
Performs DNS request
Anti Analysis
VTI rule match with VTI rule score 2/5
vmray_delay_execution_by_sleep
One thread sleeps more than 5 minutes.
Delays execution
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "C:\Windows\system32\config\systemprofile\duIwksoU\BUccwoAg" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "C:\Windows\system32\config\systemprofile\duIwksoU\BUccwoAg" in the OS directory.
Modifies operating system directory
Persistence
VTI rule match with VTI rule score 1/5
vmray_install_startup_script_by_registry
Adds "74776576" to Windows startup via registry.
Installs system startup script or application
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "ggEI.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "sMYu.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "sMYu.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "qsoI.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "QgIo.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "QgIo.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "cAIY.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "gocU.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "gocU.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "wYko.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "aQEk.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "aQEk.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "ACoI.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "Esgi.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "Esgi.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "acss.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "wAwu.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "wAwu.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "eKAo.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "iAsS.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "iAsS.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "ywks.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "UoMm.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "UoMm.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "CCsw.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "OgAC.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "OgAC.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "GCgI.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "akIm.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "akIm.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "ugow.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "uQQI.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "uQQI.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "cAIs.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "mUQY.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "mUQY.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "YgMU.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "IAQK.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "IAQK.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "OAkA.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "sYIe.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "sYIe.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "wGMY.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "qAkG.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "qAkG.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "OUYk.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "MIYi.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "MIYi.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "WWIM.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "igYm.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "igYm.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "aogg.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "awUo.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "awUo.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "gWIw.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "IwES.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "IwES.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "kyQc.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "QEEc.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "QEEc.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "quYg.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "mEss.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "mEss.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "YWMA.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "QEcK.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "QEcK.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "cygY.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "QAMK.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "QAMK.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "IwAA.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "eQwE.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "eQwE.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "gYQQ.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "kUAg.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "kUAg.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "iWUs.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "eUsk.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "eUsk.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "eIEk.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "aYIw.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "aYIw.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "EyYc.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "iQoi.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "iQoi.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "GQIA.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "skUw.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "skUw.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "SAgs.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "EwsI.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "EwsI.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "KWog.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "uogK.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "uogK.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "goYo.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "msUu.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "msUu.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "YYkQ.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "CUMm.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "CUMm.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "mkUM.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "YIQg.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "YIQg.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "kEwU.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "kUoW.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "kUoW.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "eSUY.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "gAcM.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "gAcM.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "wywI.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "IAsk.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "IAsk.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "YKos.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "qEIi.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "qEIi.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "GgUQ.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "OUkq.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "OUkq.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "MGkM.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "Uccc.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "Uccc.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "Wigc.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "cwIs.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "cwIs.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "KysU.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "WAki.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "WAki.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "iWEw.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "AEAG.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "AEAG.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "SGgA.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "gYEW.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "gYEW.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "gQII.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "Wwsq.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "Wwsq.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "eUkk.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "YAUw.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "YAUw.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "GCAM.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "SIUU.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "SIUU.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "Ymsk.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "wggO.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "wggO.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "oGsg.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "gAgE.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "gAgE.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "AsII.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "WEAI.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "WEAI.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "UeEg.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "UUkA.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "UUkA.exe" in the OS directory.
Modifies operating system directory
Data Collection
VTI rule match with VTI rule score 2/5
vmray_read_browser_creds_by_file
Trying to read sensitive data of web browser "Google Chrome" by file.
Reads sensitive browser data
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "gics.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "Usog.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "Usog.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "MKMQ.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "KcsQ.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "KcsQ.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "WuUo.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "WsQq.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "WsQq.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "Kmsc.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "wIMU.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "wIMU.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "gAAg.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "IowS.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "IowS.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "guwU.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "yIMY.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "yIMY.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "QCkc.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "YEEo.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "YEEo.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "gmQw.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "QUYI.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "QUYI.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "wysI.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "OoUq.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "OoUq.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "uKAk.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "iQMu.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "iQMu.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "YooY.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "Ekse.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "Ekse.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "UWwo.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "cUcK.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "cUcK.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "EOQM.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "kQYS.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "kQYS.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "aYIY.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "csou.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "csou.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "KsIk.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "gAgw.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "gAgw.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\5p5nrgjn0js halpmcxz\appdata\roaming\4iuatejezphqcmoxk_.mp3.exe" has a double file extension.
Uses a double file extension
User Data Modification
VTI rule match with VTI rule score 4/5
vmray_modify_user_files
Modifies the content of multiple user files. This is an indicator for an encryption attempt.
Modifies content of user files
User Data Modification
VTI rule match with VTI rule score 4/5
vmray_delete_user_files
Deletes multiple user files. This is an indicator for ransomware or wiper malware.
Deletes user files
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "yYMQ.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "IAwK.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "IAwK.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "MqsE.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "YscE.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "YscE.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\5p5nrgjn0js halpmcxz\appdata\roaming\a5lnipkafdz8fs9f1eoh.mp3.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "MGYI.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "uUUu.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "uUUu.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "IWQU.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "scsw.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "scsw.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "MQEY.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "cEsK.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "cEsK.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "umIU.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "woky.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "woky.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\5p5nrgjn0js halpmcxz\appdata\roaming\kpwsrol.mp3.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "YUgI.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "GoUc.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "GoUc.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\5p5nrgjn0js halpmcxz\appdata\roaming\kqwik.mp3.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "IuoE.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "YcIC.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "YcIC.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\5p5nrgjn0js halpmcxz\appdata\roaming\ktjfyvfan4.mp3.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "YOsg.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "EcIS.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "EcIS.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "UmUk.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "isAm.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "isAm.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\5p5nrgjn0js halpmcxz\appdata\roaming\stl.jpg.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "YKUI.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "EoMq.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "EoMq.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "GCsk.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "UMoW.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "UMoW.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\5p5nrgjn0js halpmcxz\appdata\roaming\xaaslydjsfxx7iqhvgc.mp3.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "sIIA.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "aYgs.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "aYgs.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "cawM.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "eUIM.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "eUIM.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "QQoM.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "WwAI.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "WwAI.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "GuME.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "cIIk.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "cIIk.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "OMgY.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "kwsC.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "kwsC.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "esIw.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "yowi.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "yowi.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\5p5nrgjn0js halpmcxz\desktop\qjcq9gpdqe4-vg.mp3.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "YmAA.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "yAgm.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "yAgm.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "eKcQ.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "CYUY.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "CYUY.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "WwYs.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "ewAm.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "ewAm.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\5p5nrgjn0js halpmcxz\desktop\vx7kil8e6gjjl_1msr.mp3.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "EkIs.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "iIUK.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "iIUK.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\5p5nrgjn0js halpmcxz\documents\-6j0pxacze.doc.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "cmkU.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "WEEU.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "WEEU.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "gEME.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "iMQO.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "iMQO.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "qqsI.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "MoMC.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "MoMC.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "UeEQ.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "oosY.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "oosY.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "sqss.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "KoQU.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "KoQU.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\5p5nrgjn0js halpmcxz\documents\brgpww8z.docx.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "iyYo.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "cwwg.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "cwwg.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "IMAc.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "OkUE.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "OkUE.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\5p5nrgjn0js halpmcxz\documents\ee3sndxb 1.docx.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "oosc.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "CYwM.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "CYwM.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "SMIk.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "gEki.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "gEki.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\5p5nrgjn0js halpmcxz\documents\giar ain.doc.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "iYUA.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "ckwA.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "ckwA.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "AQwQ.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "Wgce.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "Wgce.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "iaUo.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "QMUC.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "QMUC.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\5p5nrgjn0js halpmcxz\documents\llwf1\d_shzen-yqcs.doc.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "oewk.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "WYwu.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "WYwu.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\5p5nrgjn0js halpmcxz\documents\llwf1\f3nvpts.docx.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "AAso.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "Igow.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "Igow.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "Gooc.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "CsYK.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "CsYK.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "AAsA.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "agwo.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "agwo.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\5p5nrgjn0js halpmcxz\documents\llwf1\pkdg0v0bp.pdf.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "wEIA.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "YAQm.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "YAQm.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "cYcs.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "UAQG.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "UAQG.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "gwgM.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "GIsO.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "GIsO.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "IqME.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "CgAw.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "CgAw.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\5p5nrgjn0js halpmcxz\documents\pltgkcfm3nh.pdf.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "UAYI.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "ywoK.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "ywoK.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "CmMk.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "Wsom.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "Wsom.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "WeQc.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "CwMe.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "CwMe.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\5p5nrgjn0js halpmcxz\documents\sosfgwq6fny qm.docx.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "SekQ.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "oQYq.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "oQYq.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "AuIo.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "YAEq.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "YAEq.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\5p5nrgjn0js halpmcxz\documents\ustfgnw.docx.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "iIcs.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "YAUG.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "YAUG.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "WAEk.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "KcUE.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "KcUE.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\5p5nrgjn0js halpmcxz\documents\xmkw.docx.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "wqQk.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "mAMA.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "mAMA.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\5p5nrgjn0js halpmcxz\documents\zrobvph3jhetni-wr.docx.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "IUQo.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "EUUQ.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "EUUQ.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\5p5nrgjn0js halpmcxz\music\k8qwen-iisanrvynz7\g5ta-8tponu_t\4m_lvfwhvio9k3s29ce.mp3.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "sAQw.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "MwMm.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "MwMm.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\5p5nrgjn0js halpmcxz\music\k8qwen-iisanrvynz7\g5ta-8tponu_t\scbd21d.mp3.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "qecM.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "MksW.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "MksW.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\5p5nrgjn0js halpmcxz\music\k8qwen-iisanrvynz7\qqwc7w\eejrg3piyyolm n\igx92gnkayxq6d.mp3.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "wCcs.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "GIkk.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "GIkk.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\5p5nrgjn0js halpmcxz\music\k8qwen-iisanrvynz7\qqwc7w\eejrg3piyyolm n\lwzohd riuuzn\hpqjdyq5y3kgy.mp3.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "EyoM.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "uEoQ.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "uEoQ.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\5p5nrgjn0js halpmcxz\music\k8qwen-iisanrvynz7\qqwc7w\eejrg3piyyolm n\lwzohd riuuzn\pwwabxs7haabn.mp3.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "qukE.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "CQoQ.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "CQoQ.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\5p5nrgjn0js halpmcxz\music\k8qwen-iisanrvynz7\qqwc7w\eejrg3piyyolm n\og8t7cuxgweituq-tl.mp3.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "IoEw.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "UAsy.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "UAsy.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\5p5nrgjn0js halpmcxz\music\k8qwen-iisanrvynz7\qqwc7w\eejrg3piyyolm n\uqxzsmxcbu\td496dkv6zbjvy4nlkz-.mp3.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "mkoM.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "YQkC.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "YQkC.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\5p5nrgjn0js halpmcxz\music\k8qwen-iisanrvynz7\qqwc7w\eejrg3piyyolm n\uqxzsmxcbu\xt7nr_n-e.mp3.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "OMAE.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "yUcC.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "yUcC.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\5p5nrgjn0js halpmcxz\pictures\10ecavj.jpg.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "caMk.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "oMcM.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "oMcM.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "iUwM.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "UQAG.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "UQAG.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\5p5nrgjn0js halpmcxz\pictures\78bglu.jpg.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "CEMo.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "kkQi.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "kkQi.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "KMYc.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "CIIM.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "CIIM.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\5p5nrgjn0js halpmcxz\pictures\8u3vajhvmgvfejgjjis.jpg.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "Eykg.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "oEYY.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "oEYY.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "CksM.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "WkQE.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "WkQE.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\5p5nrgjn0js halpmcxz\pictures\hmsdm6gnno4.jpg.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "oyEo.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "ycIU.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "ycIU.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "KWUY.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "kowE.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "kowE.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "AmEM.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "EYAE.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "EYAE.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "yykk.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "Kkcw.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "Kkcw.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "USII.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "OYUM.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "OYUM.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "YcMM.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "cUUC.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "cUUC.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "gYIs.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "GAYU.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "GAYU.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "AMsI.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "sMQA.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "sMQA.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "KysQ.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "MkcA.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "MkcA.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "uGUU.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "OUgE.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "OUgE.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "ckAM.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "UAAM.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "UAAM.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "gkAs.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "AgUm.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "AgUm.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "aeks.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "UQwq.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "UQwq.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "okMk.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "UsQY.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "UsQY.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "CyUk.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "YEQM.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "YEQM.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "aKAc.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "wYQW.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "wYQW.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\5p5nrgjn0js halpmcxz\pictures\wadgm-om nzhxcf\g1_x_hewkjdbjqrqogji.jpg.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "Ecwc.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "eUYq.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "eUYq.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "CkQQ.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "owMS.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "owMS.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "CeAo.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "igQG.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "igQG.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "EQwQ.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "KEMM.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "KEMM.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "kKQU.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "uUUA.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "uUUA.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "MmIE.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "kcEi.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "kcEi.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "wEgE.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "UgcC.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "UgcC.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "mEwc.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "IsYu.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "IsYu.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "uSgc.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "AQgI.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "AQgI.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "gCco.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "KQoa.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "KQoa.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "iykc.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "YgYk.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "YgYk.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "mYUg.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "gwcK.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "gwcK.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "WQQk.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "MkYI.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "MkYI.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "cwYA.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "UMIK.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "UMIK.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "cCQw.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "CAEg.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "CAEg.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "iiIE.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "GQgm.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "GQgm.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "yaQc.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "yMMg.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "yMMg.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "qoIM.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "ckQg.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "ckQg.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "Wksw.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "cIcg.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "cIcg.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "GAIc.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "AgQE.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "AgQE.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "gyoU.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "sUsU.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "sUsU.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "OWQo.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "yMQO.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "yMQO.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "qKMQ.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "kQgG.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "kQgG.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "AmYQ.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "aMMy.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "aMMy.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "wOoo.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "YUQW.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "YUQW.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "EacY.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "oYUS.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "oYUS.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "cWwk.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "cIga.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "cIga.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "SwQY.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "YssA.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "YssA.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "KYIM.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "UYEQ.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "UYEQ.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "wIQw.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "gYkk.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "gYkk.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "YsAg.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "KgsG.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "KgsG.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "kAIQ.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "yoYW.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "yoYW.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "CiMc.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "QEgi.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "QEgi.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "sYww.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "uAwE.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "uAwE.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "WYYs.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "kwsA.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "kwsA.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "kUcg.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "YgoS.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "YgoS.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "guUg.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "Ykks.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "Ykks.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "EckA.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "yUgY.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "yUgY.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "EGEU.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "GcAi.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "GcAi.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "OQYU.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "AQwo.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "AQwo.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "eYoA.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "IQIe.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "IQIe.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "caMI.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "sAcE.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "sAcE.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "IEwg.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "yIEg.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "yIEg.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "iEEE.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "GIcW.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "GIcW.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "mqkk.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "AkMO.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "AkMO.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "mKcQ.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "EUEu.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "EUEu.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "ukkw.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "ogwS.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "ogwS.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "SKwE.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "AgsO.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "AgsO.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "oOwM.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "wwYe.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "wwYe.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "auYY.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "AcQS.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "AcQS.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "KWoQ.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "YUMq.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "YUMq.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "gyos.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "QUAW.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "QUAW.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "YWEQ.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "Eksm.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "Eksm.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "KkoE.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "csIO.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "csIO.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "WYco.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "yEwg.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "yEwg.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "iqgc.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "UUcQ.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "UUcQ.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "kYsQ.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "mgAE.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "mgAE.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "OsUo.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "IIES.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "IIES.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\public\music\sample music\kalimba.mp3.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "icIQ.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "Scgq.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "Scgq.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\public\music\sample music\maid with the flaxen hair.mp3.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "aeYI.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "iAck.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "iAck.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\public\music\sample music\sleep away.mp3.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "gaMU.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "mkwA.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "mkwA.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\public\pictures\sample pictures\chrysanthemum.jpg.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "qUEA.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "UYgy.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "UYgy.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\public\pictures\sample pictures\desert.jpg.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "wEMU.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "WYkA.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "WYkA.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\public\pictures\sample pictures\hydrangeas.jpg.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "cIYc.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "iMoQ.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "iMoQ.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\public\pictures\sample pictures\jellyfish.jpg.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "iaUw.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "oYEa.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "oYEa.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\public\pictures\sample pictures\koala.jpg.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "kmkg.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "CUYE.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "CUYE.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\public\pictures\sample pictures\lighthouse.jpg.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "SEwM.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "YYwU.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "YYwU.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\public\pictures\sample pictures\penguins.jpg.exe" has a double file extension.
Uses a double file extension
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "oeIE.ico" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_file_in_os_dir
Creates file "mQES.exe" in the OS directory.
Modifies operating system directory
System Modification
VTI rule match with VTI rule score 1/5
vmray_overwrite_file_in_os_dir
Modifies file "mQES.exe" in the OS directory.
Modifies operating system directory
Masquerade
VTI rule match with VTI rule score 4/5
vmray_use_double_file_extension
File "c:\users\public\pictures\sample pictures\tulips.jpg.exe" has a double file extension.
Uses a double file extension
Anti Analysis
VTI rule match with VTI rule score 2/5
vmray_detect_generic_vm_by_rdtsc
Possibly trying to detect VM via rdtsc.
Tries to detect virtual machine
System Modification
VTI rule match with VTI rule score 1/5
vmray_create_many_files
Creates above average number of files.
Creates an unusually large number of files
Antivirus
VTI rule match with VTI rule score 5/5
vmray_av_malicious_match
Local AV detected the sample itself as "Win32.Virlock.Gen.1".
Malicious content was detected by heuristic scan
Antivirus
VTI rule match with VTI rule score 5/5
vmray_av_malicious_match
Local AV detected the dropped file "C:\Users\5p5NrGJn0jS HALPmcxz\duIwksoU\BUccwoAg.exe" as "Win32.Virlock.Gen.1".
Malicious content was detected by heuristic scan
Antivirus
VTI rule match with VTI rule score 5/5
vmray_av_malicious_match
Local AV detected the dropped file "C:\ProgramData\GSogosQc\YMIIsQMA.exe" as "Win32.Virlock.Gen.1".
Malicious content was detected by heuristic scan
Antivirus
VTI rule match with VTI rule score 5/5
vmray_av_malicious_match
Local AV detected the dropped file "C:\ProgramData\VWcUEoYI\ssYIYkgc.exe" as "Win32.Virlock.Gen.1".
Malicious content was detected by heuristic scan
Antivirus
VTI rule match with VTI rule score 5/5
vmray_av_malicious_match
Local AV detected the dropped file "ccgE.exe" as "Win32.Virlock.Gen.1".
Malicious content was detected by heuristic scan
Antivirus
VTI rule match with VTI rule score 5/5
vmray_av_malicious_match
Local AV detected the dropped file "C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\DW20.EXE.exe" as "Win32.Virlock.Gen.1".
Malicious content was detected by heuristic scan
Antivirus
VTI rule match with VTI rule score 5/5
vmray_av_malicious_match
Local AV detected a memory dump of process "lef9nvbny3gqm5dx.exe" as "Gen:Trojan.Heur.FU.IqX@aq8O8nni".
Malicious content was detected by heuristic scan
Antivirus
VTI rule match with VTI rule score 5/5
vmray_av_malicious_match
Local AV detected a memory dump of process "lef9nvbny3gqm5dx.exe" as "Gen:Trojan.Heur.TP.IqX@bq8O8nni".
Malicious content was detected by heuristic scan
Antivirus
VTI rule match with VTI rule score 2/5
vmray_av_suspicious_match
Local AV detected a memory dump of process "buccwoag.exe" as "Gen:Variant.Adware.NaviPromo.8".
Suspicious content was detected by heuristic scan
Antivirus
VTI rule match with VTI rule score 2/5
vmray_av_suspicious_match
Local AV detected a memory dump of process "ymiisqma.exe" as "Gen:Variant.Adware.NaviPromo.8".
Suspicious content was detected by heuristic scan
Antivirus
VTI rule match with VTI rule score 2/5
vmray_av_suspicious_match
Local AV detected a memory dump of process "ssyiykgc.exe" as "Gen:Variant.Adware.NaviPromo.8".
Suspicious content was detected by heuristic scan
Crash
VTI rule match with VTI rule score 1/5
vmray_crashed_process
Process "c:\programdata\vwcueoyi\ssyiykgc.exe" crashed.
Process crashed
Execution
VTI rule match with VTI rule score 1/5
vmray_drop_pe_file
Drops file "C:\Users\5p5NrGJn0jS HALPmcxz\duIwksoU\BUccwoAg.exe".
Drops PE file
Execution
VTI rule match with VTI rule score 1/5
vmray_drop_pe_file
Drops file "C:\ProgramData\GSogosQc\YMIIsQMA.exe".
Drops PE file
Execution
VTI rule match with VTI rule score 1/5
vmray_drop_pe_file
Drops file "C:\ProgramData\VWcUEoYI\ssYIYkgc.exe".
Drops PE file
Execution
VTI rule match with VTI rule score 1/5
vmray_drop_pe_file
Drops file "ccgE.exe".
Drops PE file
Execution
VTI rule match with VTI rule score 1/5
vmray_drop_pe_file
Drops file "C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\DW20.EXE.exe".
Drops PE file
Execution
VTI rule match with VTI rule score 1/5
vmray_execute_dropped_pe_file
Executes dropped file "C:\Users\5p5NrGJn0jS HALPmcxz\duIwksoU\BUccwoAg.exe".
Executes dropped PE file
Execution
VTI rule match with VTI rule score 1/5
vmray_execute_dropped_pe_file
Executes dropped file "C:\ProgramData\GSogosQc\YMIIsQMA.exe".
Executes dropped PE file
Execution
VTI rule match with VTI rule score 1/5
vmray_execute_dropped_pe_file
Executes dropped file "C:\ProgramData\VWcUEoYI\ssYIYkgc.exe".
Executes dropped PE file
Network Connection
VTI rule match with VTI rule score 1/5
vmray_tcp_out_connection
Outgoing TCP connection to host "172.217.23.142:80".
Connects to remote host
Network Connection
VTI rule match with VTI rule score 1/5
vmray_establish_http_connection
URL "http://google.com/".
Connects to HTTP server