51bc32788b49aca2384cd07dce9f8ac63f07f52c27cf33c938e01c64c374eee4 (SHA256)
worldtime.exe
Created at 2018-10-30 17:02:00
Notifications (2/2)
The operating system was rebooted during the analysis.
Severity | Category | Operation | Classification | |
---|---|---|---|---|
4/5
|
Injection | Writes into the memory of another running process | - | |
|
||||
|
||||
|
||||
4/5
|
Injection | Modifies control flow of another process | - | |
|
||||
|
||||
|
||||
|
||||
3/5
|
Browser | Changes security-related browser settings | - | |
|
||||
3/5
|
Device | Monitors keyboard input | Keylogger | |
|
||||
2/5
|
File System | Known suspicious file | Trojan | |
|
||||
1/5
|
Anti Analysis | Resolves APIs dynamically | - | |
|
||||
1/5
|
Information Stealing | Reads system data | Spyware | |
|
||||
|
||||
1/5
|
Persistence | Installs system startup script or application | - | |
|
||||
1/5
|
Process | Creates process with hidden window | - | |
|
||||
|
||||
1/5
|
Process | Creates a page with write and execute permissions | - | |
|
||||
1/5
|
Process | Creates system object | - | |
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
1/5
|
Process | Reads from memory of another process | - | |
|
||||
1/5
|
Process | Overwrites code | - | |
|