c04c541f...d341 | Network
Logo
Try VMRay Analyzer
VTI SCORE: 100/100
Target: win7_64_sp1 | exe
Classification: Trojan, Dropper, Ransomware

c04c541f066a2b089bdc261616894a2f6bd49fca2e29350698175d9fc51cd341 (SHA256)

c04c541f066a2b089bdc261616894a2f6bd49fca2e29350698175d9fc51c.exe

Windows Exe (x86-32)

Created at 2018-07-13 07:59:00

...

Notifications (1/1)

The operating system was rebooted during the analysis.

Connection Overview

Contacted Hosts (1)
»
Hostname IP Address Location Protocols Reputation Status WHOIS Data
- 192.168.0.1 - UDP
Unknown
Not Queried

Connections

DNS (5)
»
Operation Additional Information Success Count Logfile
Get Hostname name_out = XDuwTfOno True 1
Fn
Get Hostname name_out = XDuwTfOno True 1
Fn
Get Hostname name_out = XDuwTfOno True 1
Fn
Get Hostname name_out = XDuwTfOno True 1
Fn
Get Hostname name_out = XDuwTfOno True 1
Fn
UDP Sessions (10)
»
Information Value
Total Data Sent 0.42 KB
Total Data Received 0.56 KB
Contacted Host Count 1
Contacted Hosts 192.168.0.1:53
UDP Session #1
»
Information Value
Handle 0x110
Address Family AF_INET
Type SOCK_DGRAM
Protocol IPPROTO_IP
Local Address -
Local Port -
Data Sent 0.04 KB
Data Received 0.04 KB
Operation Additional Information Success Count Logfile
Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_DGRAM True 1
Fn
Connect remote_address = 192.168.0.1, remote_port = 53 False 1
Fn
Send flags = NO_FLAG_SET, size = 42, size_out = 42 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 65536, size_out = 42 True 1
Fn
Data
Close type = SOCK_DGRAM True 1
Fn
UDP Session #2
»
Information Value
Handle 0x110
Address Family AF_INET
Type SOCK_DGRAM
Protocol IPPROTO_IP
Local Address -
Local Port -
Data Sent 0.04 KB
Data Received 0.07 KB
Operation Additional Information Success Count Logfile
Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_DGRAM True 1
Fn
Connect remote_address = 192.168.0.1, remote_port = 53 False 1
Fn
Send flags = NO_FLAG_SET, size = 41, size_out = 41 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 65536, size_out = 69 True 1
Fn
Data
Close type = SOCK_DGRAM True 1
Fn
UDP Session #3
»
Information Value
Handle 0x110
Address Family AF_INET
Type SOCK_DGRAM
Protocol IPPROTO_IP
Local Address -
Local Port -
Data Sent 0.04 KB
Data Received 0.04 KB
Operation Additional Information Success Count Logfile
Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_DGRAM True 1
Fn
Connect remote_address = 192.168.0.1, remote_port = 53 False 1
Fn
Send flags = NO_FLAG_SET, size = 42, size_out = 42 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 65536, size_out = 42 True 1
Fn
Data
Close type = SOCK_DGRAM True 1
Fn
UDP Session #4
»
Information Value
Handle 0x110
Address Family AF_INET
Type SOCK_DGRAM
Protocol IPPROTO_IP
Local Address -
Local Port -
Data Sent 0.04 KB
Data Received 0.10 KB
Operation Additional Information Success Count Logfile
Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_DGRAM True 1
Fn
Connect remote_address = 192.168.0.1, remote_port = 53 False 1
Fn
Send flags = NO_FLAG_SET, size = 46, size_out = 46 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 65536, size_out = 105 True 1
Fn
Data
Close type = SOCK_DGRAM True 1
Fn
UDP Session #5
»
Information Value
Handle 0x110
Address Family AF_INET
Type SOCK_DGRAM
Protocol IPPROTO_IP
Local Address -
Local Port -
Data Sent 0.04 KB
Data Received 0.04 KB
Operation Additional Information Success Count Logfile
Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_DGRAM True 1
Fn
Connect remote_address = 192.168.0.1, remote_port = 53 False 1
Fn
Send flags = NO_FLAG_SET, size = 42, size_out = 42 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 65536, size_out = 42 True 1
Fn
Data
Close type = SOCK_DGRAM True 1
Fn
UDP Session #6
»
Information Value
Handle 0x110
Address Family AF_INET
Type SOCK_DGRAM
Protocol IPPROTO_IP
Local Address -
Local Port -
Data Sent 0.04 KB
Data Received 0.10 KB
Operation Additional Information Success Count Logfile
Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_DGRAM True 1
Fn
Connect remote_address = 192.168.0.1, remote_port = 53 False 1
Fn
Send flags = NO_FLAG_SET, size = 42, size_out = 42 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 65536, size_out = 99 True 1
Fn
Data
Close type = SOCK_DGRAM True 1
Fn
UDP Session #7
»
Information Value
Handle 0x110
Address Family AF_INET
Type SOCK_DGRAM
Protocol IPPROTO_IP
Local Address -
Local Port -
Data Sent 0.04 KB
Data Received 0.04 KB
Operation Additional Information Success Count Logfile
Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_DGRAM True 1
Fn
Connect remote_address = 192.168.0.1, remote_port = 53 False 1
Fn
Send flags = NO_FLAG_SET, size = 42, size_out = 42 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 65536, size_out = 42 True 1
Fn
Data
Close type = SOCK_DGRAM True 1
Fn
UDP Session #8
»
Information Value
Handle 0x110
Address Family AF_INET
Type SOCK_DGRAM
Protocol IPPROTO_IP
Local Address -
Local Port -
Data Sent 0.04 KB
Data Received 0.04 KB
Operation Additional Information Success Count Logfile
Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_DGRAM True 1
Fn
Connect remote_address = 192.168.0.1, remote_port = 53 False 1
Fn
Send flags = NO_FLAG_SET, size = 42, size_out = 42 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 65536, size_out = 42 True 1
Fn
Data
Close type = SOCK_DGRAM True 1
Fn
UDP Session #9
»
Information Value
Handle 0x110
Address Family AF_INET
Type SOCK_DGRAM
Protocol IPPROTO_IP
Local Address -
Local Port -
Data Sent 0.04 KB
Data Received 0.04 KB
Operation Additional Information Success Count Logfile
Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_DGRAM True 1
Fn
Connect remote_address = 192.168.0.1, remote_port = 53 False 1
Fn
Send flags = NO_FLAG_SET, size = 42, size_out = 42 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 65536, size_out = 42 True 1
Fn
Data
Close type = SOCK_DGRAM True 1
Fn
UDP Session #10
»
Information Value
Handle 0x110
Address Family AF_INET
Type SOCK_DGRAM
Protocol IPPROTO_IP
Local Address -
Local Port -
Data Sent 0.04 KB
Data Received 0.04 KB
Operation Additional Information Success Count Logfile
Create protocol = IPPROTO_IP, address_family = AF_INET, type = SOCK_DGRAM True 1
Fn
Connect remote_address = 192.168.0.1, remote_port = 53 False 1
Fn
Send flags = NO_FLAG_SET, size = 44, size_out = 44 True 1
Fn
Data
Receive flags = NO_FLAG_SET, size = 65536, size_out = 44 True 1
Fn
Data
Close type = SOCK_DGRAM True 1
Fn
Exit-Icon
WHOIS Domain Information
Domain Name
WHOIS Response 

       		
      

     

    

   

  

  

  

  

   

    
    

     Function Logfile
    

    

     

      Download-Icon
     

    

    

     Exit-Icon
    

   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    Before
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    After
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".
     

     

    

   

   

    

     
      

       
       
       
       
      

     
     
     
    

   

  

  

   

    
    

     Screenshot
    

    

     Expand-Icon
    

    

     Exit-Icon
    

   

   

    

     icon_left
    

    

     icon_left
    

   

   

   

   

    image