Score: | 68 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
AV Detection |
---|
Source: |
Avira: |
Source: |
ReversingLabs: |
Source: |
Joe Sandbox ML: |
Source: |
Static PE information: |
Source: |
File opened: |
Jump to behavior | ||
Source: |
File opened: |
Jump to behavior | ||
Source: |
File opened: |
Jump to behavior | ||
Source: |
File opened: |
Jump to behavior | ||
Source: |
File opened: |
Jump to behavior | ||
Source: |
File opened: |
Jump to behavior | ||
Source: |
File opened: |
Jump to behavior | ||
Source: |
File opened: |
Jump to behavior | ||
Source: |
File opened: |
Jump to behavior | ||
Source: |
File opened: |
Jump to behavior | ||
Source: |
File opened: |
Jump to behavior | ||
Source: |
File opened: |
Jump to behavior | ||
Source: |
File opened: |
Jump to behavior | ||
Source: |
File opened: |
Jump to behavior | ||
Source: |
File opened: |
Jump to behavior | ||
Source: |
File opened: |
Jump to behavior | ||
Source: |
File opened: |
Jump to behavior | ||
Source: |
File opened: |
Jump to behavior | ||
Source: |
File opened: |
Jump to behavior | ||
Source: |
File opened: |
Jump to behavior | ||
Source: |
File opened: |
Jump to behavior | ||
Source: |
File opened: |
Jump to behavior | ||
Source: |
File opened: |
Jump to behavior | ||
Source: |
File opened: |
Jump to behavior |
Source: |
Code function: |
0_2_00BF449B | |
Source: |
Code function: |
0_2_00BFC75D | |
Source: |
Code function: |
0_2_00BF3B56 | |
Source: |
Code function: |
0_2_00BFBD48 | |
Source: |
Code function: |
0_2_00BFC7E8 | |
Source: |
Code function: |
0_2_00BFF021 | |
Source: |
Code function: |
0_2_00BFF17E | |
Source: |
Code function: |
0_2_00BFF47F | |
Source: |
Code function: |
0_2_00BF3833 |
Source: |
Code function: |
0_2_00C02404 |
Source: |
String found in binary or memory: |
||
Source: |
String found in binary or memory: |
||
Source: |
String found in binary or memory: |
||
Source: |
String found in binary or memory: |
Source: |
Code function: |
0_2_00C0407C |
Source: |
Code function: |
0_2_00C0427A |
Source: |
Code function: |
0_2_00C0407C |
Source: |
Code function: |
0_2_00BF003A |
Source: |
Code function: |
0_2_00C1CB26 |
Spam, unwanted Advertisements and Ransom Demands |
---|
Source: |
File deleted: |
Jump to behavior | ||
Source: |
File deleted: |
Jump to behavior | ||
Source: |
File deleted: |
Jump to behavior | ||
Source: |
File deleted: |
Jump to behavior | ||
Source: |
File deleted: |
Jump to behavior |
System Summary |
---|
Source: |
Code function: |
0_2_00B93B4C | |
Source: |
String found in binary or memory: |
||
Source: |
String found in binary or memory: |
memstr_ea2c1207-d | |
Source: |
String found in binary or memory: |
memstr_8fbf2c03-e | |
Source: |
String found in binary or memory: |
memstr_6742bde8-0 | |
Source: |
String found in binary or memory: |
memstr_1ddca0a1-c | |
Source: |
String found in binary or memory: |
memstr_7bd1baaf-a | |
Source: |
String found in binary or memory: |
memstr_c756ca74-2 |
Source: |
Process Stats: |
Source: |
Code function: |
0_2_00BFA279 |
Source: |
Code function: |
0_2_00BE8638 |
Source: |
Code function: |
0_2_00BF5264 |
Source: |
Code function: |
0_2_00B9E060 | |
Source: |
Code function: |
0_2_00B9E800 | |
Source: |
Code function: |
0_2_00B9FE40 | |
Source: |
Code function: |
0_2_00BA4140 | |
Source: |
Code function: |
0_2_00BB2345 | |
Source: |
Code function: |
0_2_00C10465 | |
Source: |
Code function: |
0_2_00BC6452 | |
Source: |
Code function: |
0_2_00BC25AE | |
Source: |
Code function: |
0_2_00BB277A | |
Source: |
Code function: |
0_2_00C108E2 | |
Source: |
Code function: |
0_2_00BA6841 | |
Source: |
Code function: |
0_2_00BC69C4 | |
Source: |
Code function: |
0_2_00BF8932 | |
Source: |
Code function: |
0_2_00BEE928 | |
Source: |
Code function: |
0_2_00BC890F | |
Source: |
Code function: |
0_2_00BA8968 | |
Source: |
Code function: |
0_2_00BBCCA1 | |
Source: |
Code function: |
0_2_00BC6F36 | |
Source: |
Code function: |
0_2_00BA70FE | |
Source: |
Code function: |
0_2_00BA3190 | |
Source: |
Code function: |
0_2_00B91287 | |
Source: |
Code function: |
0_2_00BB3307 | |
Source: |
Code function: |
0_2_00BBF359 | |
Source: |
Code function: |
0_2_00BA5680 | |
Source: |
Code function: |
0_2_00BB1604 | |
Source: |
Code function: |
0_2_00BA58C0 | |
Source: |
Code function: |
0_2_00BB7813 | |
Source: |
Code function: |
0_2_00BB1AF8 | |
Source: |
Code function: |
0_2_00BBDAF5 | |
Source: |
Code function: |
0_2_00BC9C35 | |
Source: |
Code function: |
0_2_00C17E0D | |
Source: |
Code function: |
0_2_00BBBF26 | |
Source: |
Code function: |
0_2_00BB1F10 |
Source: |
Binary or memory string: |
||
Source: |
Binary or memory string: |
||
Source: |
Binary or memory string: |
Source: |
Static PE information: |
Source: |
Classification label: |
Source: |
Code function: |
0_2_00BFA0F4 |
Source: |
Code function: |
0_2_00BE84F3 | |
Source: |
Code function: |
0_2_00BE8AA3 |
Source: |
Code function: |
0_2_00BFB3BF |
Source: |
Code function: |
0_2_00C0EF21 |
Source: |
Code function: |
0_2_00C084D0 |
Source: |
Code function: |
0_2_00B94FE9 |
Source: |
File created: |
Jump to behavior |
Source: |
Static PE information: |
Source: |
Key opened: |
Jump to behavior |
Source: |
ReversingLabs: |
Source: |
File read: |
Jump to behavior |
Source: |
Section loaded: |
Jump to behavior | ||
Source: |
Section loaded: |
Jump to behavior | ||
Source: |
Section loaded: |
Jump to behavior | ||
Source: |
Section loaded: |
Jump to behavior | ||
Source: |
Section loaded: |
Jump to behavior | ||
Source: |
Section loaded: |
Jump to behavior | ||
Source: |
Section loaded: |
Jump to behavior | ||
Source: |
Section loaded: |
Jump to behavior | ||
Source: |
Section loaded: |
Jump to behavior | ||
Source: |
Section loaded: |
Jump to behavior | ||
Source: |
Section loaded: |
Jump to behavior | ||
Source: |
Section loaded: |
Jump to behavior | ||
Source: |
Section loaded: |
Jump to behavior | ||
Source: |
Section loaded: |
Jump to behavior |
Source: |
Static PE information: |
||
Source: |
Static PE information: |
||
Source: |
Static PE information: |
||
Source: |
Static PE information: |
||
Source: |
Static PE information: |
||
Source: |
Static PE information: |
Source: |
Static PE information: |
Source: |
Static PE information: |
||
Source: |
Static PE information: |
||
Source: |
Static PE information: |
||
Source: |
Static PE information: |
||
Source: |
Static PE information: |
Source: |
Code function: |
0_2_00C0C104 |
Source: |
Static PE information: |
Source: |
Code function: |
0_2_00BB8AD8 |
Source: |
Code function: |
0_2_00B94A35 | |
Source: |
Code function: |
0_2_00C153DF |
Source: |
Code function: |
0_2_00BB3307 |
Source: |
Process information set: |
Jump to behavior |
Source: |
Evasive API call chain: |
Source: |
API coverage: |
Source: |
Code function: |
0_2_00BF449B | |
Source: |
Code function: |
0_2_00BFC75D | |
Source: |
Code function: |
0_2_00BF3B56 | |
Source: |
Code function: |
0_2_00BFBD48 | |
Source: |
Code function: |
0_2_00BFC7E8 | |
Source: |
Code function: |
0_2_00BFF021 | |
Source: |
Code function: |
0_2_00BFF17E | |
Source: |
Code function: |
0_2_00BFF47F | |
Source: |
Code function: |
0_2_00BF3833 |
Source: |
Code function: |
0_2_00B94AFE |
Source: |
API call chain: |
||
Source: |
API call chain: |
Source: |
Code function: |
0_2_00C0401F |
Source: |
Code function: |
0_2_00B93B4C |
Source: |
Code function: |
0_2_00BC5BFC |
Source: |
Code function: |
0_2_00C0C104 |
Source: |
Code function: |
0_2_00BE81D4 |
Source: |
Code function: |
0_2_00BBA2A4 | |
Source: |
Code function: |
0_2_00BBA2D5 |
Source: |
Code function: |
0_2_00BE8A73 |
Source: |
Code function: |
0_2_00B93B4C |
Source: |
Code function: |
0_2_00B94A35 |
Source: |
Code function: |
0_2_00BF4CFA |
Source: |
Code function: |
0_2_00BE81D4 |
Source: |
Code function: |
0_2_00BF4A08 |
Source: |
Binary or memory string: |
||
Source: |
Binary or memory string: |
Source: |
Code function: |
0_2_00BB87AB |
Source: |
Code function: |
0_2_00BC5007 |
Source: |
Code function: |
0_2_00BD215F |
Source: |
Code function: |
0_2_00BC40BA |
Source: |
Code function: |
0_2_00B94AFE |
Source: |
Key value queried: |
Jump to behavior |
Source: |
Binary or memory string: |
||
Source: |
Binary or memory string: |
||
Source: |
Binary or memory string: |
||
Source: |
Binary or memory string: |
||
Source: |
Binary or memory string: |
||
Source: |
Binary or memory string: |
||
Source: |
Binary or memory string: |
Source: |
Code function: |
0_2_00C06399 | |
Source: |
Code function: |
0_2_00C0685D |