BigEyes/Lime Ransomware | VTI by Category
Try VMRay Analyzer
VTI Information
VTI Score
85 / 100
VTI Database Version 2.6
VTI Rule Match Count 9
VTI Rule Type Default (PE, ...)
Detected Threats
Arrow Device
Arrow
Monitor mouse movements and clicks
Frequently read the state of a mouse button by API.
Arrow File System
Arrow
Delete user files
Delete multiple user files. This is an indicator for ransomware or wiper malware.
Arrow
Create many files
Create above average number of files.
Arrow Masquerade
Arrow
Change folder appearance
Folder "c:\users\5jghkoaofdp\documents" has a changed appearance.
Folder "c:\users\5jghkoaofdp\documents\my shapes" has a changed appearance.
Folder "c:\users\5jghkoaofdp\music" has a changed appearance.
Arrow PE
Arrow
Drop PE file
Drop file "c:\users\5jghkoaofdp\desktop\#decryptor.exe".
Arrow
Execute dropped PE file
Execute dropped file "c:\users\5jghkoaofdp\desktop\#decryptor.exe".
Arrow Persistence
Arrow
Install system startup script or application
Add "C:\Users\5JgHKoaOfdp\Desktop\#Decryptor.exe" to windows startup via registry.
- Anti Analysis
- Browser
- OS
- Hide Tracks
- Information Stealing
- Injection
- Kernel
- Network
- Process
- User
- VBA Macro
- YARA
Function Logfile
Download-Icon
Exit-Icon

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy". 


    

   

   

    

     
      

       
       
       
       
      

     
     
     
    

   

  

  

   

    
    

     Screenshot
    

    

     Expand-Icon
    

    

     Exit-Icon
    

   

   

    

     icon_left
    

    

     icon_left
    

   

   

   

   

    image