cmd.exe
Created at 2019-03-18T23:18:00
VMRay Threat Indicators (8 rules, 31 matches)
Severity | Category | Operation | Classification | |
---|---|---|---|---|
5/5
|
File System | Known malicious file | Trojan | |
|
||||
4/5
|
File System | Modifies content of user files | Ransomware | |
|
||||
4/5
|
File System | Renames user files | Ransomware | |
|
||||
3/5
|
File System | Possibly drops ransom note files | Ransomware | |
|
||||
1/5
|
Persistence | Installs system startup script or application | - | |
|
||||
1/5
|
Masquerade | Changes folder appearance | - | |
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
1/5
|
File System | Creates an unusually large number of files | - | |
|
||||
0/5
|
Process | Enumerates running processes | - | |
|
Screenshots
Monitored Processes
Sample Information
Analysis Information
Creation Time | 2019-03-19 00:18 (UTC+1) |
Analysis Duration | 00:04:36 |
Number of Monitored Processes | 1 |
Execution Successful | |
Reputation Enabled | |
WHOIS Enabled | |
YARA Enabled | |
Number of YARA Matches | 0 |
Termination Reason | Timeout |
Tags |