97328f00d5dc6d72f7a1a5c75e6991135183ffeef10e1a6a49dab7cba2eb7f6c (SHA256)
97328f00d5dc6d72f7a1a5c75e6991135183ffeef10e1a6a49dab7cba2eb7f6c.dll
Windows DLL (x86-32)
Created at 2018-04-29 13:05:00
Notifications (2/2)
This report is associated with a dynamic link library (DLL), which normally needs an appropriate loader. If an appropriate loader was not submitted along with the DLL, the analysis results may be incomplete and may not fully represent the behavior of the sample.
The overall sleep time of all monitored processes was truncated from "3 hours, 58 minutes, 39 seconds" to "40 seconds" to reveal dormant functionality.
| Severity | Category | Operation | Classification | |
|---|---|---|---|---|
|
4/5
|
File System | Associated with malicious files | Trojan | |
|
||||
|
4/5
|
Injection | Writes into the memory of another running process | - | |
|
||||
|
4/5
|
Injection | Modifies control flow of another process | - | |
|
||||
|
1/5
|
Anti Analysis | Resolves APIs dynamically to possibly evade static detection | - | |
|
||||
|
1/5
|
Anti Analysis | Delays execution | - | |
|
||||
|
1/5
|
Process | Creates process with hidden window | - | |
|
||||
|
1/5
|
Process | Creates a page with write and execute permissions | - | |
|
||||
|
1/5
|
Network | Downloads data | Downloader | |
|
||||
|
||||
|
1/5
|
Network | Connects to HTTP server | - | |
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
