b365a249a15ceeaee2e054f7112bf83683e6ada258f90da71762c992797b0b07 (SHA256)
resultado-623472740.PDF.lnk
Created at 2018-10-22 05:25:00
Notifications (1/1)
The overall sleep time of all monitored processes was truncated from "36 minutes, 30 seconds" to "6 minutes, 10 seconds" to reveal dormant functionality.
Severity | Category | Operation | Classification | |
---|---|---|---|---|
4/5
|
File System | Known malicious file | Trojan | |
|
||||
|
||||
4/5
|
Injection | Writes into the memory of another running process | - | |
|
||||
4/5
|
Injection | Modifies control flow of another process | - | |
|
||||
3/5
|
Process | Creates an unusally large number of processes | - | |
|
||||
2/5
|
Anti Analysis | Delays execution | - | |
|
||||
2/5
|
File System | Known suspicious file | Hacktool, Pua | |
|
||||
|
||||
2/5
|
Network | Associated with known malicious/suspicious URLs | - | |
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
1/5
|
Anti Analysis | Resolves APIs dynamically | - | |
|
||||
1/5
|
Process | Creates process with hidden window | - | |
|
||||
1/5
|
Process | Reads from memory of another process | - | |
|
||||
1/5
|
Process | Creates a page with write and execute permissions | - | |
|
||||
1/5
|
Static | Unparsable sections in file | - | |
|
||||
1/5
|
Network | Downloads data | Downloader | |
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
1/5
|
Network | Connects to HTTP server | - | |
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
1/5
|
PE | The PE file was created with a packer | - | |
|
||||
|
||||
|
||||
|
||||
|
||||
1/5
|
PE | Drops PE file | Dropper | |
|
||||
|
||||
|