d77378dcc42b912e514d3bd4466cdda050dda9b57799a6c97f70e8489dd8c8d0 (SHA256)
o.exe
Created at 2018-09-24 10:34:00
Notifications (2/3)
Due to a reputation service error, no query could be made to determine the reputation status of file hashes.
Some extracted files may be missing in the report since the maximum number of extracted files was reached during the analysis. You can increase the limit in the configuration settings.
The operating system was rebooted during the analysis.
Severity | Category | Operation | Classification | |
---|---|---|---|---|
5/5
|
File System | Encrypts content of user files | Ransomware | |
|
||||
5/5
|
Device | Writes to Master Boot Record (MBR) | - | |
|
||||
3/5
|
Persistence | Adds file to open the next time Excel is launched | - | |
|
||||
|
||||
3/5
|
OS | Modifies certificate store | - | |
|
||||
|
||||
|
||||
|
||||
|
||||
3/5
|
Persistence | Adds file to open the next time Word is launched | - | |
|
||||
|
||||
3/5
|
Browser | Reads data related to browser cookies | - | |
|
||||
|
||||
3/5
|
Browser | Reads data related to saved browser credentials | - | |
|
||||
|
||||
2/5
|
Anti Analysis | Tries to detect virtual machine | - | |
|
||||
2/5
|
Anti Analysis | Resolves APIs dynamically to possibly evade static detection | - | |
|
||||
2/5
|
Browser | Reads data related to browsing history | - | |
|
||||
2/5
|
Network | Associated with known malicious/suspicious URLs | - | |
|
||||
|
||||
|
||||
|
||||
|
||||
1/5
|
Process | Creates system object | - | |
|
||||
1/5
|
File System | Modifies application directory | - | |
|
||||
|
||||
|
||||
|
||||
1/5
|
Process | Creates process with hidden window | - | |
|
||||
1/5
|
File System | Creates an unusually large number of files | - | |
|
||||
1/5
|
Network | Downloads data | Downloader | |
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
1/5
|
Network | Connects to HTTP server | - | |
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|