76917b219ad5a1ff8229a75eb23c34a9ad1ce98264257d3cca538ac59c49a15f (SHA256)
29082018_64943.iqy
Created at 2018-08-30 14:38:00
Notifications (1/1)
The operating system was rebooted during the analysis.
Severity | Category | Operation | Classification | |
---|---|---|---|---|
5/5
|
Anti Analysis | Tries to detect virtual machine | - | |
|
||||
|
||||
|
||||
5/5
|
Anti Analysis | Tries to detect application sandbox | - | |
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
5/5
|
Anti Analysis | Tries to detect a forensic tool | - | |
|
||||
|
||||
4/5
|
Process | Creates process | - | |
|
||||
|
||||
|
||||
|
||||
|
||||
4/5
|
File System | Known malicious file | Trojan, Backdoor | |
|
||||
|
||||
4/5
|
Network | Downloads data | Downloader | |
|
||||
|
||||
3/5
|
Network | Performs DNS request | - | |
|
||||
|
||||
3/5
|
Persistence | Installs system startup script or application | - | |
|
||||
3/5
|
PE | Executes dropped PE file | - | |
|
||||
|
||||
2/5
|
Anti Analysis | Tries to detect debugger | - | |
|
||||
2/5
|
Network | Associated with known malicious/suspicious URLs | - | |
|
||||
|
||||
|
||||
|
||||
|
||||
2/5
|
Network | Connects to HTTP server | - | |
|
||||
|
||||
2/5
|
PE | Drops PE file | Dropper | |
|
||||
|
||||
|
||||
1/5
|
Process | Creates system object | - | |
|
||||
|
||||
1/5
|
PE | The PE file was created with a packer | - | |
|