VTI SCORE: 100/100
Dynamic Analysis Report |
Classification: Ransomware, Wiper, Trojan |
White.exe
Windows Exe (x86-32)
Created at 2019-07-06T06:55:00
Detection Information
Local AV Applied On | Sample Files, PCAP File, Downloaded Files, Dropped Files, Modified Files, Memory Dumps, Embedded Files |
YARA Applied On | Sample Files, PCAP File, Downloaded Files, Dropped Files, Modified Files, Memory Dumps, Embedded Files |
Local AV Matches (1)
»
File Type | Threat Name | Filename | Severity | Actions |
---|---|---|---|---|
Sample File | Generic.Ransom.Hiddentear.A.A3A73378 | C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\White.exe |
Malicious
|
...
|
YARA Matches (4)
»
Ruleset Name | Rule Name | Rule Description | File Type | Filename | Classification | Severity | Actions |
---|---|---|---|---|---|---|---|
Generic | JS_High_Entropy | JavaScript has a high entropy; possible obfuscation | Modified File | C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\cast_route_details.js | - |
Malicious
|
...
|
Generic | JS_High_Entropy | JavaScript has a high entropy; possible obfuscation | Modified File | C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\common.js | - |
Malicious
|
...
|
Generic | JS_High_Entropy | JavaScript has a high entropy; possible obfuscation | Modified File | C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\mirroring_common.js | - |
Malicious
|
...
|
Generic | JS_High_Entropy | JavaScript has a high entropy; possible obfuscation | Modified File | C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\cast_setup\cast_app.js | - |
Malicious
|
...
|