d45dfa19146949ef791c96b183f04f1b2ba480d32308b39a32976a2f30ecb6e5 (SHA256)
sample.exe
Created at 2019-03-08 08:37:00
Notifications (1/1)
The operating system was rebooted during the analysis.
Severity | Category | Operation | Classification | |
---|---|---|---|---|
4/5
|
Information Stealing | Reads browser data | - | |
|
||||
2/5
|
Injection | Writes into the memory of a process running from a created or modified executable | - | |
|
||||
|
||||
|
||||
2/5
|
Injection | Modifies control flow of a process running from a created or modified executable | - | |
|
||||
|
||||
|
||||
2/5
|
Network | Sets up server that accepts incoming connections | Backdoor | |
|
||||
1/5
|
Process | Creates system object | - | |
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
1/5
|
Process | Creates process with hidden window | - | |
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
1/5
|
File System | Modifies operating system directory | - | |
|
||||
|
||||
|
||||
|
||||
|
||||
1/5
|
Persistence | Installs system service | - | |
|
||||
1/5
|
Anti Analysis | Resolves APIs dynamically | - | |
|
||||
1/5
|
Process | Creates a page with write and execute permissions | - | |
|
||||
1/5
|
Network | Performs DNS request | - | |
|
||||
1/5
|
Static | Unparsable sections in file | - | |
|
||||
1/5
|
Network | Downloads data | Downloader | |
|
||||
|
||||
|
||||
1/5
|
Network | Connects to HTTP server | - | |
|
||||
|
||||
|
||||
1/5
|
PE | Drops PE file | Dropper | |
|
||||
1/5
|
PE | Executes dropped PE file | - | |
|