UNNAM3D Ransomware

VTI SCORE: 94/100

Dynamic Analysis Report

Classification: Ransomware, Wiper, Dropper

gblyrzexggw.exe

Windows Exe (x86-32)

Created at 2019-04-02T12:03:00

Remarks (2/2)

Anti-Sleep Triggered (0x200000e): The overall sleep time of all monitored processes was truncated from "31 minutes, 2 seconds" to "40 seconds" to reveal dormant functionality.

Auto Reboot Triggered (0x2000004): The operating system was rebooted during the analysis because the sample installed a startup script, task or application for persistence.

Remarks

No YARA Matches Detected (0x2000022): There are no YARA matches for this sample.

Detection Information

YARA Applied On

Sample Files, PCAP File, Downloaded Files, Dropped Files, Modified Files, Memory Dumps, Embedded Files

Function Logfile

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".

Remarks (2/2)

Remarks

Detection Information

Before

After