75ca5c2c...7783 | Yara
Logo
Try VMRay Analyzer
VTI SCORE: 100/100
Dynamic Analysis Report
Classification: Spyware

75ca5c2caf5216140f8e3e34160bdc64ce59d75fce1feeaa809ec18f01427783 (SHA256)

volumesound.exe

Windows Exe (x86-32)

Created at 2018-11-06 10:28:00

...

YARA Information

Applied On Sample Files, PCAP File, Created Files, Modified Files, Process Dumps
Number of YARA matches 1
Ruleset Name Rule Name Rule Description File Type Filename Classification Severity Actions
APTs APT28_IMPLANT_4_v10 BlackEnergy / Voodoo Bear Implant by APT28 Process Dump \Users\CIiHmnxMn6Ps\Desktop\volumesound.exe -
5/5
...
Function Logfile
Download-Icon
Exit-Icon

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy". 


    

   

   

    Before
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    After
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    

     
      

       
       
       
       
      

     
     
     
    

   

  

  

   

    
    

     Screenshot
    

    

     Expand-Icon
    

    

     Exit-Icon
    

   

   

    

     icon_left
    

    

     icon_left
    

   

   

   

   

    image