6ded37a61962a6a6626bd47adb66f5f73742d8d2125cdff1dc3f932d0a8e5d2e (SHA256)
gootkit_vbs-6ded37a6.vir.vbs
Created at 2018-12-13 14:00:00
Notifications (2/2)
The overall sleep time of all monitored processes was truncated from "29 minutes, 45 seconds" to "1 minute, 40 seconds" to reveal dormant functionality.
Severity | Category | Operation | Classification | |
---|---|---|---|---|
5/5
|
Anti Analysis | Tries to detect application sandbox | - | |
|
||||
|
||||
5/5
|
Anti Analysis | Tries to detect virtual machine | - | |
|
||||
|
||||
5/5
|
Information Stealing | Reads system data | Spyware | |
|
||||
|
||||
5/5
|
Injection | Writes into the memory of another running process | - | |
|
||||
5/5
|
Network | Sets up server that accepts incoming connections | Backdoor | |
|
||||
|
||||
4/5
|
Network | Associated with known malicious/suspicious URLs | - | |
|
||||
|
||||
|
||||
|
||||
3/5
|
Anti Analysis | Delays execution | - | |
|
||||
3/5
|
Browser | Changes security-related browser settings | - | |
|
||||
|
||||
|
||||
|
||||
|
||||
2/5
|
Network | Performs DNS request | - | |
|
||||
|
||||
2/5
|
Network | Downloads data | Downloader | |
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
2/5
|
Network | Connects to HTTP server | - | |
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
2/5
|
PE | Drops PE file | Dropper | |
|
||||
|
||||
2/5
|
PE | Executes dropped PE file | - | |
|
||||
|
||||
1/5
|
Process | Creates system object | - | |
|
||||
|
||||
1/5
|
Process | Overwrites code | - | |
|
||||
1/5
|
Network | Connects to remote host | - | |
|