Automated Malware Analysis IOC Report for

Details

Filetype:	PE32 executable (console) Intel 80386, for MS Windows
Entropy:	7.090697371035919
Filename:	JpQFDOA7Uk.exe
Filesize:	8167424
MD5:	4e66429d85967e344d8354e9b81719dc
SHA1:	b958fb7241cc9675b8dd967b02df6a6ad92de52d
SHA256:	de0b74917fe24c2b38e2d1172b7352f88bf8b3df64b6d44ca5f317db85aeb324
SHA512:	8645025d5c94eb2580c6094f47f733a7ab27d1482e4e5bcc9f93dc0e419b4d50fc1a1e0236ba8204f07389136032a9ebe64f5ea9cd3e42ddf2879a516d6cbe09
SSDEEP:	196608:9RRRRRgRRRRRRRRRRRRRURRRRRRRRRRRRR/3LRcDRRRRRH56RRRRR9BcM9tpfHmH:9RRRRRgRRRRRRRRRRRRRURRRRRRRRRR6
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...................................7...........................Ur......Ur......Ur......eq......eqq.....eq......Rich............PE..L..

Signature Hits	Behavior Group	Mitre Attack
Antivirus / Scanner detection for submitted sample	AV Detection
Multi AV Scanner detection for submitted file	AV Detection
Found stalling execution ending in API Sleep call	Malware Analysis System Evasion
Modifies existing user documents (likely ransomware behavior)	Spam, unwanted Advertisements and Ransom Demands
Writes a notice file (html or txt) to demand a ransom	Spam, unwanted Advertisements and Ransom Demands	Data Encrypted for Impact
Checks for available system drives (often done to infect USB drives)	Spreading	Replication Through Removable Media Peripheral Device Discovery
Contains functionality for read data from the clipboard	Key, Mouse, Clipboard, Microphone and Screen Capturing	Clipboard Data
Contains functionality to check if a debugger is running (IsDebuggerPresent)	Anti Debugging
Contains functionality to modify clipboard data	Key, Mouse, Clipboard, Microphone and Screen Capturing
Detected potential crypto function	System Summary	Archive Collected Data Encrypted Channel
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)	Malware Analysis System Evasion
Found potential string decryption / allocating functions	System Summary	Deobfuscate/Decode Files or Information Obfuscated Files or Information
May sleep (evasive loops) to hinder dynamic analysis	Malware Analysis System Evasion
Sleep loop found (likely to delay execution)	Malware Analysis System Evasion	Virtualization/Sandbox Evasion
Uses 32bit PE files	Compliance, System Summary	Masquerading
Uses code obfuscation techniques (call, push, ret)	Data Obfuscation
Contains functionality to enumerate / list files inside a directory	Spreading, Malware Analysis System Evasion
Contains functionality to query local / system time	Language, Device and Operating System Detection	System Time Discovery System Information Discovery
Contains functionality to register its own exception handler	Anti Debugging
Creates files inside the user directory	System Summary	Masquerading
Creates temporary files	System Summary
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery
PE file has an executable .text section and no other executable section	System Summary
Reads ini files	System Summary	File and Directory Discovery
Reads software policies	System Summary
Sample is known by Antivirus	System Summary
Sample reads its own file content	System Summary
Tries to load missing DLLs	System Summary	DLL Side-Loading
URLs found in memory or binary data	Networking
PE file contains a debug data directory	System Summary
PE file has a big raw section	System Summary
Creates license or readme file	Compliance, Persistence and Installation Behavior
Submission file is bigger than most known malware samples	System Summary
Found GUI installer (many successful clicks)	System Summary

Details

File:	C:\Users\user\.ms-ad\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt0.0.dr
ID:	dr_27
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Writes a notice file (html or txt) to demand a ransom	Spam, unwanted Advertisements and Ransom Demands	Data Encrypted for Impact
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\user\3D Objects\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt2.0.dr
ID:	dr_33
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Writes a notice file (html or txt) to demand a ransom	Spam, unwanted Advertisements and Ransom Demands	Data Encrypted for Impact
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\user\Contacts\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt3.0.dr
ID:	dr_37
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Writes a notice file (html or txt) to demand a ransom	Spam, unwanted Advertisements and Ransom Demands	Data Encrypted for Impact
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\user\Desktop\BJZFPPWAPT\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt.0.dr
ID:	dr_15
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Writes a notice file (html or txt) to demand a ransom	Spam, unwanted Advertisements and Ransom Demands	Data Encrypted for Impact
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\user\Desktop\EIVQSAOTAQ\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt4.0.dr
ID:	dr_41
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Writes a notice file (html or txt) to demand a ransom	Spam, unwanted Advertisements and Ransom Demands	Data Encrypted for Impact
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\user\Desktop\EWZCVGNOWT\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt5.0.dr
ID:	dr_43
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Writes a notice file (html or txt) to demand a ransom	Spam, unwanted Advertisements and Ransom Demands	Data Encrypted for Impact
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\user\Desktop\GRXZDKKVDB\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt8.0.dr
ID:	dr_64
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Writes a notice file (html or txt) to demand a ransom	Spam, unwanted Advertisements and Ransom Demands	Data Encrypted for Impact
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\user\Desktop\JpQFDOA7Uk.exe.CyberVolk
Category:	dropped
Dump:	JpQFDOA7Uk.exe.CyberVolk.0.dr
ID:	dr_68
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	7.255112544680944
Encrypted:	false
Ssdeep:	196608:kylRRRRRgRRRRRRRRRRRRRqRRRRRRRRRRRRRcWMRcDRRRRRHVozsBJ792x87QonD:TlRRRRRgRRRRRRRRRRRRRqRRRRRRRRRJ
Size:	8168476
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Antivirus / Scanner detection for submitted sample	AV Detection
Multi AV Scanner detection for submitted file	AV Detection
Found stalling execution ending in API Sleep call	Malware Analysis System Evasion
Modifies existing user documents (likely ransomware behavior)	Spam, unwanted Advertisements and Ransom Demands	Data Encrypted for Impact
Writes a notice file (html or txt) to demand a ransom	Spam, unwanted Advertisements and Ransom Demands	Data Encrypted for Impact
Checks for available system drives (often done to infect USB drives)	Spreading	Replication Through Removable Media Peripheral Device Discovery
Contains functionality for read data from the clipboard	Key, Mouse, Clipboard, Microphone and Screen Capturing	Clipboard Data
Contains functionality to check if a debugger is running (IsDebuggerPresent)	Anti Debugging	Security Software Discovery
Contains functionality to modify clipboard data	Key, Mouse, Clipboard, Microphone and Screen Capturing	Clipboard Data
Detected potential crypto function	System Summary	Encrypted Channel Archive Collected Data
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)	Malware Analysis System Evasion
Found potential string decryption / allocating functions	System Summary	Obfuscated Files or Information Deobfuscate/Decode Files or Information
Sleep loop found (likely to delay execution)	Malware Analysis System Evasion	Virtualization/Sandbox Evasion
Uses 32bit PE files	Compliance, System Summary
Uses code obfuscation techniques (call, push, ret)	Data Obfuscation	Obfuscated Files or Information
Contains functionality to enumerate / list files inside a directory	Spreading, Malware Analysis System Evasion	File and Directory Discovery
Contains functionality to query local / system time	Language, Device and Operating System Detection	System Information Discovery System Time Discovery
Contains functionality to register its own exception handler	Anti Debugging
Creates files inside the user directory	System Summary	Masquerading
Creates temporary files	System Summary
PE file has an executable .text section and no other executable section	System Summary
Reads ini files	System Summary	File and Directory Discovery
Reads software policies	System Summary	System Information Discovery
Sample is known by Antivirus	System Summary
Sample reads its own file content	System Summary
Spawns processes	System Summary	Process Injection
Tries to load missing DLLs	System Summary	DLL Side-Loading
PE file contains a debug data directory	System Summary
PE file has a big raw section	System Summary
Creates license or readme file	Compliance, Persistence and Installation Behavior
Submission file is bigger than most known malware samples	System Summary
Found GUI installer (many successful clicks)	System Summary

Details

File:	C:\Users\user\Downloads\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt1.0.dr
ID:	dr_28
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Writes a notice file (html or txt) to demand a ransom	Spam, unwanted Advertisements and Ransom Demands	Data Encrypted for Impact
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\user\Favorites\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt7.0.dr
ID:	dr_58
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Writes a notice file (html or txt) to demand a ransom	Spam, unwanted Advertisements and Ransom Demands	Data Encrypted for Impact
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\user\Favorites\Links\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt6.0.dr
ID:	dr_51
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Writes a notice file (html or txt) to demand a ransom	Spam, unwanted Advertisements and Ransom Demands	Data Encrypted for Impact
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\CyberVolk_ReadMe.txt
Category:	modified
Dump:	CyberVolk_ReadMe.txt35.0.dr
ID:	dr_152
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	low

Signature Hits	Behavior Group	Mitre Attack
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\Public\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt34.0.dr
ID:	dr_151
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	low

Signature Hits	Behavior Group	Mitre Attack
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\Public\Documents\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt27.0.dr
ID:	dr_132
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	low

Signature Hits	Behavior Group	Mitre Attack
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\Public\Documents\desktop.ini.CyberVolk
Category:	dropped
Dump:	desktop.ini.CyberVolk16.0.dr
ID:	dr_131
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	5.457167810629989
Encrypted:	false
Ssdeep:	24:0KX1g7YHVCCSzbC1AupOE2UuPL8clUzat0pXTyymWUg1zJb7Q0+2gpnEc9K:/g7YUCP1A1UuPL8aUzNpXnh1Q6WK
Size:	1340
Whitelisted:	false
Reputation:	low

Details

File:	C:\Users\Public\Downloads\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt28.0.dr
ID:	dr_134
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	low

Signature Hits	Behavior Group	Mitre Attack
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\Public\Downloads\desktop.ini.CyberVolk
Category:	dropped
Dump:	desktop.ini.CyberVolk17.0.dr
ID:	dr_133
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	5.059527954580536
Encrypted:	false
Ssdeep:	24:0KXSBCCSzbC1AupOE2UuPL8clUzat0pXTyymWUg1zJb7Q0+2gpnEc9K:g4CP1A1UuPL8aUzNpXnh1Q6WK
Size:	1228
Whitelisted:	false
Reputation:	low

Details

File:	C:\Users\Public\Music\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt29.0.dr
ID:	dr_136
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	low

Signature Hits	Behavior Group	Mitre Attack
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\Public\Music\desktop.ini.CyberVolk
Category:	dropped
Dump:	desktop.ini.CyberVolk18.0.dr
ID:	dr_135
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	5.750209596067987
Encrypted:	false
Ssdeep:	24:0KXgoZ1axd91CCSzbC1AupOE2UuPL8clUzat0pXTyymWUg1zJb7Q0+2gpnEc9K:CoCKCP1A1UuPL8aUzNpXnh1Q6WK
Size:	1436
Whitelisted:	false
Reputation:	low

Details

File:	C:\Users\Public\Pictures\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt30.0.dr
ID:	dr_138
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	low

Signature Hits	Behavior Group	Mitre Attack
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\Public\Pictures\desktop.ini.CyberVolk
Category:	dropped
Dump:	desktop.ini.CyberVolk19.0.dr
ID:	dr_137
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	5.749222241619445
Encrypted:	false
Ssdeep:	24:0KXVVB7uM0N/CCSzbC1AupOE2UuPL8clUzat0pXTyymWUg1zJb7Q0+2gpnEc9K:Nx0KCP1A1UuPL8aUzNpXnh1Q6WK
Size:	1436
Whitelisted:	false
Reputation:	low

Details

File:	C:\Users\Public\Videos\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt33.0.dr
ID:	dr_150
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	low

Signature Hits	Behavior Group	Mitre Attack
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\Public\Videos\desktop.ini.CyberVolk
Category:	dropped
Dump:	desktop.ini.CyberVolk20.0.dr
ID:	dr_139
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	5.68485913787104
Encrypted:	false
Ssdeep:	24:2drgvVzvxjLU3xbfrkHuELstUvpwntaaZBxzQRPnXkNSIc+czf8ASLGR:KMVx03xbf4Hppvgt5kR/XkNSIc+czf9l
Size:	1436
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\Public\desktop.ini.CyberVolk
Category:	dropped
Dump:	desktop.ini.CyberVolk15.0.dr
ID:	dr_130
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	5.064056964082534
Encrypted:	false
Ssdeep:	24:0KXo3CCSzbC1AupOE2UuPL8clUzat0pXTyymWUg1zJb7Q0+2gpnEc9K:1CP1A1UuPL8aUzNpXnh1Q6WK
Size:	1228
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\.curlrc.CyberVolk
Category:	dropped
Dump:	.curlrc.CyberVolk.0.dr
ID:	dr_25
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	4.238690403661082
Encrypted:	false
Ssdeep:	24:r0Q27Vk5z3h3xBnBnFnoo79omk08Ecaup56BIYtBnyXbRPbAU:sG7hhBtrxhk0VZIeS1n
Size:	1067
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates files inside the user directory	System Summary	Masquerading

Details

File:	C:\Users\user\3D Objects\desktop.ini.CyberVolk
Category:	dropped
Dump:	desktop.ini.CyberVolk0.0.dr
ID:	dr_31
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	5.510883777638181
Encrypted:	false
Ssdeep:	24:rkYCELcNGZuWgdQQ27Vk5z3h3xBnBnFnoo79omk08Ecaup56BIYtBnyXbRPbAU:4+ELcG7hhBtrxhk0VZIeS1n
Size:	1355
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\AppData\Local\Temp\tmp.bmp
Category:	dropped
Dump:	tmp.bmp.0.dr
ID:	dr_21
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	PC bitmap, Windows 3.x format, 1920 x 1080 x 24, image size 6220800, cbSize 6220854, bits offset 54
Entropy:	7.24706441700385
Encrypted:	false
Ssdeep:	98304:+CqRRRRRgRRRRRRRRRRRRRURRRRRRRRRRRRR/3RNRcDRRRRRH50rRRRRR9B0PHMV:4RRRRRgRRRRRRRRRRRRRURRRRRRRRRRN
Size:	6220854
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates temporary files	System Summary

Details

File:	C:\Users\user\AppData\Roaming\time.dat
Category:	dropped
Dump:	time.dat.0.dr
ID:	dr_29
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text, with no line terminators
Entropy:	1.9219280948873623
Encrypted:	false
Ssdeep:	3:Lq:W
Size:	5
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Contacts\desktop.ini.CyberVolk
Category:	dropped
Dump:	desktop.ini.CyberVolk2.0.dr
ID:	dr_35
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	5.791779824047297
Encrypted:	false
Ssdeep:	24:rkYgoNi48orcLLnwyhQ27Vk5z3h3xBnBnFnoo79omk08Ecaup56BIYtBnyXbRPb7:4Hog4TrQdG7hhBtrxhk0VZIeS1n
Size:	1467
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt25.0.dr
ID:	dr_118
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\user\Desktop\BJZFPPWAPT.docx.CyberVolk
Category:	dropped
Dump:	BJZFPPWAPT.docx.CyberVolk.0.dr
ID:	dr_16
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.7694778140608225
Encrypted:	false
Ssdeep:	48:+rf/wfVP+ypmP4mZY7n+1OKLly69caoG5cGQzgRN9VWyvZpGcY:+biAwmGS1HlyQnjQzg1VbhpdY
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Desktop\BJZFPPWAPT.xlsx.CyberVolk
Category:	dropped
Dump:	BJZFPPWAPT.xlsx.CyberVolk.0.dr
ID:	dr_17
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.7694778140608225
Encrypted:	false
Ssdeep:	48:+rf/wfVP+ypmP4mZY7n+1OKLly69caoG5cGQzgRN9VWyvZpGcY:+biAwmGS1HlyQnjQzg1VbhpdY
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Desktop\BJZFPPWAPT\BJZFPPWAPT.docx.CyberVolk
Category:	dropped
Dump:	BJZFPPWAPT.docx.CyberVolk0.0.dr
ID:	dr_39
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.770169289747063
Encrypted:	false
Ssdeep:	48:zR2zgodeRbpHN6U74g01G7hhBtrxhk0VZIeS1n:gteLNf8g01G7hHtrxhk0bhSJ
Size:	2077
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Desktop\BJZFPPWAPT\DUUDTUBZFW.xlsx.CyberVolk
Category:	dropped
Dump:	DUUDTUBZFW.xlsx.CyberVolk.0.dr
ID:	dr_10
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.743625142700293
Encrypted:	false
Ssdeep:	48:spyl3Nn+EJ3DuWOa+djI0lLRZG7hhBtrxhk0VZIeS1n:spyl3NhJTuWj+2GLHG7hHtrxhk0bhSJ
Size:	2077
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Desktop\BJZFPPWAPT\EWZCVGNOWT.jpg.CyberVolk
Category:	dropped
Dump:	EWZCVGNOWT.jpg.CyberVolk0.0.dr
ID:	dr_11
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.757670791745738
Encrypted:	false
Ssdeep:	48:OtdQu1qSLvBQW5fHy44gdR/G7hhBtrxhk0VZIeS1n:42xU5QCVPG7hHtrxhk0bhSJ
Size:	2077
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Desktop\BJZFPPWAPT\JDDHMPCDUJ.mp3.CyberVolk
Category:	dropped
Dump:	JDDHMPCDUJ.mp3.CyberVolk0.0.dr
ID:	dr_12
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.766696727591425
Encrypted:	false
Ssdeep:	48:pq8ugybcCJGx1NMELKLly69caoG5cGQzgRN9VWyvZpGcY:pq8unkxzrolyQnjQzg1VbhpdY
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Desktop\BJZFPPWAPT\KLIZUSIQEN.png.CyberVolk
Category:	dropped
Dump:	KLIZUSIQEN.png.CyberVolk0.0.dr
ID:	dr_13
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.783306694104898
Encrypted:	false
Ssdeep:	48:JzUjvTvq0VLLrjnWbyKk9BNKLly69caoG5cGQzgRN9VWyvZpGcY:BsvX/HW9k9BylyQnjQzg1VbhpdY
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Desktop\BJZFPPWAPT\ZGGKNSUKOP.pdf.CyberVolk
Category:	dropped
Dump:	ZGGKNSUKOP.pdf.CyberVolk.0.dr
ID:	dr_14
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.7742292436571505
Encrypted:	false
Ssdeep:	48:e+hiekQ08/HZujXQ6d2KLly69caoG5cGQzgRN9VWyvZpGcY:RhiekQTPCQ6plyQnjQzg1VbhpdY
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Desktop\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt22.0.dr
ID:	dr_107
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\user\Desktop\DUUDTUBZFW.jpg.CyberVolk
Category:	dropped
Dump:	DUUDTUBZFW.jpg.CyberVolk.0.dr
ID:	dr_19
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.752597040718796
Encrypted:	false
Ssdeep:	48:vRA5yJSLNQmIHHMjWp2DJvKLly69caoG5cGQzgRN9VWyvZpGcY:y5yJ4ypoJMlyQnjQzg1VbhpdY
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Desktop\DUUDTUBZFW.xlsx.CyberVolk
Category:	dropped
Dump:	DUUDTUBZFW.xlsx.CyberVolk0.0.dr
ID:	dr_40
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.752597040718796
Encrypted:	false
Ssdeep:	48:vRA5yJSLNQmIHHMjWp2DJvKLly69caoG5cGQzgRN9VWyvZpGcY:y5yJ4ypoJMlyQnjQzg1VbhpdY
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Desktop\EOWRVPQCCS.png.CyberVolk
Category:	dropped
Dump:	EOWRVPQCCS.png.CyberVolk0.0.dr
ID:	dr_42
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.777449403980338
Encrypted:	false
Ssdeep:	48:BhT3wrHpzjTZCOFBWo5zQKLly69caoG5cGQzgRN9VWyvZpGcY:Bh+xXZCOFBnlyQnjQzg1VbhpdY
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Desktop\EWZCVGNOWT.jpg.CyberVolk
Category:	dropped
Dump:	EWZCVGNOWT.jpg.CyberVolk1.0.dr
ID:	dr_44
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.762087339755774
Encrypted:	false
Ssdeep:	48:yC7wtfDnJgwASjDmHFdFXaPb1BKLly69caoG5cGQzgRN9VWyvZpGcY:bCD/CapGlyQnjQzg1VbhpdY
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Desktop\Excel.lnk.CyberVolk
Category:	dropped
Dump:	Excel.lnk.CyberVolk.0.dr
ID:	dr_45
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.009527780897806
Encrypted:	false
Ssdeep:	96:QLroevu8uoO4uPh56XlyQnjQzg1VbhpdY:yroef9W6Xl7jXTbvdY
Size:	3507
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Desktop\GIGIYTFFYT.pdf.CyberVolk
Category:	dropped
Dump:	GIGIYTFFYT.pdf.CyberVolk0.0.dr
ID:	dr_46
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.757633368080147
Encrypted:	false
Ssdeep:	48:6u5jE4qgtQevmyAj3jqL7hKLly69caoG5cGQzgRN9VWyvZpGcY:6QVqEVvC+ilyQnjQzg1VbhpdY
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Desktop\GLTYDMDUST.mp3.CyberVolk
Category:	dropped
Dump:	GLTYDMDUST.mp3.CyberVolk0.0.dr
ID:	dr_47
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.753684894696676
Encrypted:	false
Ssdeep:	48:M2Ym1xAklXUO8/STDEBev1raTKLly69caoG5cGQzgRN9VWyvZpGcY:M2DdmIEdwlyQnjQzg1VbhpdY
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Desktop\GRXZDKKVDB.docx.CyberVolk
Category:	dropped
Dump:	GRXZDKKVDB.docx.CyberVolk1.0.dr
ID:	dr_65
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.761964644652942
Encrypted:	false
Ssdeep:	48:9C4JYRWHKPAIGU5kcKZ9gc5POsCGz8vgqhKkYpo:9C4JDw79KHgc5POsCGQIqr
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Desktop\GRXZDKKVDB\BJZFPPWAPT.xlsx.CyberVolk
Category:	dropped
Dump:	BJZFPPWAPT.xlsx.CyberVolk0.0.dr
ID:	dr_48
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.7694778140608225
Encrypted:	false
Ssdeep:	48:+rf/wfVP+ypmP4mZY7n+1OKLly69caoG5cGQzgRN9VWyvZpGcY:+biAwmGS1HlyQnjQzg1VbhpdY
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Desktop\GRXZDKKVDB\DUUDTUBZFW.jpg.CyberVolk
Category:	dropped
Dump:	DUUDTUBZFW.jpg.CyberVolk0.0.dr
ID:	dr_49
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.752597040718796
Encrypted:	false
Ssdeep:	48:vRA5yJSLNQmIHHMjWp2DJvKLly69caoG5cGQzgRN9VWyvZpGcY:y5yJ4ypoJMlyQnjQzg1VbhpdY
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Desktop\GRXZDKKVDB\EOWRVPQCCS.png.CyberVolk
Category:	dropped
Dump:	EOWRVPQCCS.png.CyberVolk1.0.dr
ID:	dr_60
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.777449403980338
Encrypted:	false
Ssdeep:	48:BhT3wrHpzjTZCOFBWo5zQKLly69caoG5cGQzgRN9VWyvZpGcY:Bh+xXZCOFBnlyQnjQzg1VbhpdY
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Desktop\GRXZDKKVDB\GRXZDKKVDB.docx.CyberVolk
Category:	dropped
Dump:	GRXZDKKVDB.docx.CyberVolk0.0.dr
ID:	dr_61
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.765756733821089
Encrypted:	false
Ssdeep:	48:YTL15+ZQ3WV2L1NTrI0fbvcYhIdKLly69caoG5cGQzgRN9VWyvZpGcY:Ynj+WGVMnA0frVIClyQnjQzg1VbhpdY
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Desktop\GRXZDKKVDB\PALRGUCVEH.pdf.CyberVolk
Category:	dropped
Dump:	PALRGUCVEH.pdf.CyberVolk0.0.dr
ID:	dr_62
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.766402957522018
Encrypted:	false
Ssdeep:	48:BUUrrPmQ7TKpkDIMFZOWJcsCGz8vgqhKkYpo:BXvp7TiMpHOWJcsCGQIqr
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Desktop\GRXZDKKVDB\ZGGKNSUKOP.mp3.CyberVolk
Category:	dropped
Dump:	ZGGKNSUKOP.mp3.CyberVolk0.0.dr
ID:	dr_63
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.762166415772224
Encrypted:	false
Ssdeep:	48:F3JV0n/77YJWXR98ziUsCGz8vgqhKkYpo:t4/7sm6WUsCGQIqr
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Desktop\JDDHMPCDUJ.jpg.CyberVolk
Category:	dropped
Dump:	JDDHMPCDUJ.jpg.CyberVolk0.0.dr
ID:	dr_66
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.756059632920139
Encrypted:	false
Ssdeep:	48:UTosF+SRDL5RMK8aJeC3BsCGz8vgqhKkYpo:+rtRHbqaJ53BsCGQIqr
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Desktop\JDDHMPCDUJ.mp3.CyberVolk
Category:	dropped
Dump:	JDDHMPCDUJ.mp3.CyberVolk1.0.dr
ID:	dr_67
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.756059632920139
Encrypted:	false
Ssdeep:	48:UTosF+SRDL5RMK8aJeC3BsCGz8vgqhKkYpo:+rtRHbqaJ53BsCGQIqr
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Desktop\KLIZUSIQEN.png.CyberVolk
Category:	dropped
Dump:	KLIZUSIQEN.png.CyberVolk1.0.dr
ID:	dr_69
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.754785040775082
Encrypted:	false
Ssdeep:	48:be83aL7mvTu/0hOjfoApo4oQT77eoDJW2vsvfWuZ9:beJ6Lu/0hmjp/oGmoDJ7vsmm
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Desktop\LIJDSFKJZG\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt11.0.dr
ID:	dr_80
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\user\Desktop\NWCXBPIUYI\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt12.0.dr
ID:	dr_81
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\user\Desktop\NYMMPCEIMA\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt13.0.dr
ID:	dr_82
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\user\Desktop\PALRGUCVEH.docx.CyberVolk
Category:	dropped
Dump:	PALRGUCVEH.docx.CyberVolk1.0.dr
ID:	dr_100
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.7912475329115525
Encrypted:	false
Ssdeep:	48:kcxZQeGca4vT5xm53WLBgR4LsGo4oQT77eoDJW2vsvfWuZ9:lGOb253oi4/oGmoDJ7vsmm
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Desktop\PALRGUCVEH.pdf.CyberVolk
Category:	dropped
Dump:	PALRGUCVEH.pdf.CyberVolk1.0.dr
ID:	dr_101
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.7912475329115525
Encrypted:	false
Ssdeep:	48:kcxZQeGca4vT5xm53WLBgR4LsGo4oQT77eoDJW2vsvfWuZ9:lGOb253oi4/oGmoDJ7vsmm
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Desktop\PALRGUCVEH\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt14.0.dr
ID:	dr_89
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\user\Desktop\PALRGUCVEH\GIGIYTFFYT.pdf.CyberVolk
Category:	dropped
Dump:	GIGIYTFFYT.pdf.CyberVolk1.0.dr
ID:	dr_83
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.7820741903144
Encrypted:	false
Ssdeep:	48:dmntV/lrubuXMqJAD7Co4oQT77eoDJW2vsvfWuZ9:sntxlL/S7C/oGmoDJ7vsmm
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Desktop\PALRGUCVEH\GLTYDMDUST.mp3.CyberVolk
Category:	dropped
Dump:	GLTYDMDUST.mp3.CyberVolk1.0.dr
ID:	dr_84
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.767448323690586
Encrypted:	false
Ssdeep:	48:s3Gy9xhFsktmQaRqYuo1o4oQT77eoDJW2vsvfWuZ9:s3XZs7QaRd1/oGmoDJ7vsmm
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Desktop\PALRGUCVEH\JDDHMPCDUJ.jpg.CyberVolk
Category:	dropped
Dump:	JDDHMPCDUJ.jpg.CyberVolk1.0.dr
ID:	dr_85
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.7397174062462835
Encrypted:	false
Ssdeep:	48:5I7SmRlqApfcKaXujiHu8XOPoo4oQT77eoDJW2vsvfWuZ9:53mvqsUKaejiO8So/oGmoDJ7vsmm
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Desktop\PALRGUCVEH\PALRGUCVEH.docx.CyberVolk
Category:	dropped
Dump:	PALRGUCVEH.docx.CyberVolk0.0.dr
ID:	dr_86
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.7912475329115525
Encrypted:	false
Ssdeep:	48:kcxZQeGca4vT5xm53WLBgR4LsGo4oQT77eoDJW2vsvfWuZ9:lGOb253oi4/oGmoDJ7vsmm
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Desktop\PALRGUCVEH\ZGGKNSUKOP.xlsx.CyberVolk
Category:	dropped
Dump:	ZGGKNSUKOP.xlsx.CyberVolk0.0.dr
ID:	dr_87
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.761369797591048
Encrypted:	false
Ssdeep:	48:fhUNreW5lFutHbgLIYnws4o4oQT77eoDJW2vsvfWuZ9:fhKeWJe8Ll+/oGmoDJ7vsmm
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Desktop\PALRGUCVEH\ZIPXYXWIOY.png.CyberVolk
Category:	dropped
Dump:	ZIPXYXWIOY.png.CyberVolk0.0.dr
ID:	dr_88
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.756789398828517
Encrypted:	false
Ssdeep:	48:Z3R8n3U1b93MKxne0o4oQT77eoDJW2vsvfWuZ9:Z3R8qFne0/oGmoDJ7vsmm
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Desktop\VWDFPKGDUF\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt21.0.dr
ID:	dr_102
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\user\Desktop\ZGGKNSUKOP.mp3.CyberVolk
Category:	dropped
Dump:	ZGGKNSUKOP.mp3.CyberVolk1.0.dr
ID:	dr_103
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.761369797591048
Encrypted:	false
Ssdeep:	48:fhUNreW5lFutHbgLIYnws4o4oQT77eoDJW2vsvfWuZ9:fhKeWJe8Ll+/oGmoDJ7vsmm
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Desktop\ZGGKNSUKOP.pdf.CyberVolk
Category:	dropped
Dump:	ZGGKNSUKOP.pdf.CyberVolk1.0.dr
ID:	dr_104
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.761369797591048
Encrypted:	false
Ssdeep:	48:fhUNreW5lFutHbgLIYnws4o4oQT77eoDJW2vsvfWuZ9:fhKeWJe8Ll+/oGmoDJ7vsmm
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Desktop\ZGGKNSUKOP.xlsx.CyberVolk
Category:	dropped
Dump:	ZGGKNSUKOP.xlsx.CyberVolk1.0.dr
ID:	dr_105
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.761369797591048
Encrypted:	false
Ssdeep:	48:fhUNreW5lFutHbgLIYnws4o4oQT77eoDJW2vsvfWuZ9:fhKeWJe8Ll+/oGmoDJ7vsmm
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Desktop\ZIPXYXWIOY.png.CyberVolk
Category:	dropped
Dump:	ZIPXYXWIOY.png.CyberVolk1.0.dr
ID:	dr_106
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.756789398828517
Encrypted:	false
Ssdeep:	48:Z3R8n3U1b93MKxne0o4oQT77eoDJW2vsvfWuZ9:Z3R8qFne0/oGmoDJ7vsmm
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Desktop\desktop.ini.CyberVolk
Category:	dropped
Dump:	desktop.ini.CyberVolk.0.dr
ID:	dr_18
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	5.441475555578534
Encrypted:	false
Ssdeep:	24:AzwQ7ZKn/v2VMur6Omay26qKbuCvNxwB69caEBGVzvMdGQ733QSKN9VWn+viiQWS:HoZoH2Vhr6Oma/6qKLly69caoG5cGQz1
Size:	1340
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Documents\BJZFPPWAPT.docx.CyberVolk
Category:	dropped
Dump:	BJZFPPWAPT.docx.CyberVolk2.0.dr
ID:	dr_125
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.76158152495687
Encrypted:	false
Ssdeep:	48:gOPjQbkIHHQSPTCmJGu0FbF9yo4oQT77eoDJW2vsvfWuZ9:g80Ic51IlFny/oGmoDJ7vsmm
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Documents\BJZFPPWAPT.xlsx.CyberVolk
Category:	dropped
Dump:	BJZFPPWAPT.xlsx.CyberVolk1.0.dr
ID:	dr_126
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.76158152495687
Encrypted:	false
Ssdeep:	48:gOPjQbkIHHQSPTCmJGu0FbF9yo4oQT77eoDJW2vsvfWuZ9:g80Ic51IlFny/oGmoDJ7vsmm
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Documents\BJZFPPWAPT\BJZFPPWAPT.docx.CyberVolk
Category:	dropped
Dump:	BJZFPPWAPT.docx.CyberVolk1.0.dr
ID:	dr_108
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.76158152495687
Encrypted:	false
Ssdeep:	48:gOPjQbkIHHQSPTCmJGu0FbF9yo4oQT77eoDJW2vsvfWuZ9:g80Ic51IlFny/oGmoDJ7vsmm
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Documents\BJZFPPWAPT\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt26.0.dr
ID:	dr_124
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\user\Documents\BJZFPPWAPT\DUUDTUBZFW.xlsx.CyberVolk
Category:	dropped
Dump:	DUUDTUBZFW.xlsx.CyberVolk1.0.dr
ID:	dr_109
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.772866110821743
Encrypted:	false
Ssdeep:	48:iyp+GEUkhJgWS5FtuOvWErZ/Rs8Xbo4oQT77eoDJW2vsvfWuZ9:zShJg15wEl/fb/oGmoDJ7vsmm
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Documents\BJZFPPWAPT\EWZCVGNOWT.jpg.CyberVolk
Category:	dropped
Dump:	EWZCVGNOWT.jpg.CyberVolk2.0.dr
ID:	dr_120
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.763967564193615
Encrypted:	false
Ssdeep:	48:x6SZ14Dybp1WPbaasCBwnCClyNvTBo4oQT77eoDJW2vsvfWuZ9:x6Q4mHe1sjurB/oGmoDJ7vsmm
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Documents\BJZFPPWAPT\JDDHMPCDUJ.mp3.CyberVolk
Category:	dropped
Dump:	JDDHMPCDUJ.mp3.CyberVolk2.0.dr
ID:	dr_121
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.7397174062462835
Encrypted:	false
Ssdeep:	48:5I7SmRlqApfcKaXujiHu8XOPoo4oQT77eoDJW2vsvfWuZ9:53mvqsUKaejiO8So/oGmoDJ7vsmm
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Documents\BJZFPPWAPT\KLIZUSIQEN.png.CyberVolk
Category:	dropped
Dump:	KLIZUSIQEN.png.CyberVolk2.0.dr
ID:	dr_122
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.754785040775082
Encrypted:	false
Ssdeep:	48:be83aL7mvTu/0hOjfoApo4oQT77eoDJW2vsvfWuZ9:beJ6Lu/0hmjp/oGmoDJ7vsmm
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Documents\BJZFPPWAPT\ZGGKNSUKOP.pdf.CyberVolk
Category:	dropped
Dump:	ZGGKNSUKOP.pdf.CyberVolk2.0.dr
ID:	dr_123
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.761369797591048
Encrypted:	false
Ssdeep:	48:fhUNreW5lFutHbgLIYnws4o4oQT77eoDJW2vsvfWuZ9:fhKeWJe8Ll+/oGmoDJ7vsmm
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Documents\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt42.0.dr
ID:	dr_177
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\user\Documents\DUUDTUBZFW.jpg.CyberVolk
Category:	dropped
Dump:	DUUDTUBZFW.jpg.CyberVolk1.0.dr
ID:	dr_128
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.772866110821743
Encrypted:	false
Ssdeep:	48:iyp+GEUkhJgWS5FtuOvWErZ/Rs8Xbo4oQT77eoDJW2vsvfWuZ9:zShJg15wEl/fb/oGmoDJ7vsmm
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Documents\DUUDTUBZFW.xlsx.CyberVolk
Category:	dropped
Dump:	DUUDTUBZFW.xlsx.CyberVolk2.0.dr
ID:	dr_129
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.772866110821743
Encrypted:	false
Ssdeep:	48:iyp+GEUkhJgWS5FtuOvWErZ/Rs8Xbo4oQT77eoDJW2vsvfWuZ9:zShJg15wEl/fb/oGmoDJ7vsmm
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Documents\EIVQSAOTAQ\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt31.0.dr
ID:	dr_140
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\user\Documents\EOWRVPQCCS.png.CyberVolk
Category:	dropped
Dump:	EOWRVPQCCS.png.CyberVolk2.0.dr
ID:	dr_141
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.747846353153788
Encrypted:	false
Ssdeep:	48:KiLPt+F7yhk1iymNT12/o4oQT77eoDJW2vsvfWuZ9:LPt+aFNs//oGmoDJ7vsmm
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Documents\EWZCVGNOWT.jpg.CyberVolk
Category:	dropped
Dump:	EWZCVGNOWT.jpg.CyberVolk3.0.dr
ID:	dr_143
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.7417972211255455
Encrypted:	false
Ssdeep:	48:R+PsrPTEsIbDwF9+NYFa6WpmZEPu0HzcVQC:QUjTEsIlYFYrumzcVQC
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Documents\EWZCVGNOWT\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt32.0.dr
ID:	dr_142
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\user\Documents\GIGIYTFFYT.pdf.CyberVolk
Category:	dropped
Dump:	GIGIYTFFYT.pdf.CyberVolk2.0.dr
ID:	dr_144
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.792843524676093
Encrypted:	false
Ssdeep:	48:uQwiskEO3eYqEIxlRbJj6WpmZEPu0HzcVQC:u5kEOOYqFxl7LrumzcVQC
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Documents\GLTYDMDUST.mp3.CyberVolk
Category:	dropped
Dump:	GLTYDMDUST.mp3.CyberVolk2.0.dr
ID:	dr_145
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.7485864185403805
Encrypted:	false
Ssdeep:	48:jFL9Gm5bPTHv87JJp6Ev46WpmZEPu0HzcVQC:Zom5bPAsISrumzcVQC
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Documents\GRXZDKKVDB.docx.CyberVolk
Category:	dropped
Dump:	GRXZDKKVDB.docx.CyberVolk3.0.dr
ID:	dr_156
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.767795956690902
Encrypted:	false
Ssdeep:	48:5pMIpUeTH8JPh3dcmvMODb6WpmZEPu0HzcVQC:5pbgJPh3dLvZXrumzcVQC
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Documents\GRXZDKKVDB\BJZFPPWAPT.xlsx.CyberVolk
Category:	dropped
Dump:	BJZFPPWAPT.xlsx.CyberVolk2.0.dr
ID:	dr_146
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.764044431148043
Encrypted:	false
Ssdeep:	24:fflegJ+ZG4M/tNP7j+v/U4DsPZUBd7pmSgpwNWn6WFPmZXUP74+ip0l/eyPzcVDF:jJ+ZG4M/tpj4HUbV6WpmZEPu0HzcVQC
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Documents\GRXZDKKVDB\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt36.0.dr
ID:	dr_155
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\user\Documents\GRXZDKKVDB\DUUDTUBZFW.jpg.CyberVolk
Category:	dropped
Dump:	DUUDTUBZFW.jpg.CyberVolk2.0.dr
ID:	dr_147
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.7654277994577265
Encrypted:	false
Ssdeep:	48:c9IYwzAIjm6RDb2HKbD8eXCf6WpmZEPu0HzcVQC:cSNnldIeS/rumzcVQC
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Documents\GRXZDKKVDB\EOWRVPQCCS.png.CyberVolk
Category:	dropped
Dump:	EOWRVPQCCS.png.CyberVolk3.0.dr
ID:	dr_148
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.724243907401696
Encrypted:	false
Ssdeep:	48:xS83U5jbNnkSTcCHjHW17k6WpmZEPu0HzcVQC:mECH7072rumzcVQC
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Documents\GRXZDKKVDB\GRXZDKKVDB.docx.CyberVolk
Category:	dropped
Dump:	GRXZDKKVDB.docx.CyberVolk2.0.dr
ID:	dr_149
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.767795956690902
Encrypted:	false
Ssdeep:	48:5pMIpUeTH8JPh3dcmvMODb6WpmZEPu0HzcVQC:5pbgJPh3dLvZXrumzcVQC
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Documents\GRXZDKKVDB\PALRGUCVEH.pdf.CyberVolk
Category:	dropped
Dump:	PALRGUCVEH.pdf.CyberVolk2.0.dr
ID:	dr_153
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.76477707498498
Encrypted:	false
Ssdeep:	48:k7Az8MXSEz9fWbElAqq08V6WpmZEPu0HzcVQC:kA8MXSifOE+bRrumzcVQC
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Documents\GRXZDKKVDB\ZGGKNSUKOP.mp3.CyberVolk
Category:	dropped
Dump:	ZGGKNSUKOP.mp3.CyberVolk2.0.dr
ID:	dr_154
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.73186957212124
Encrypted:	false
Ssdeep:	48:HU9oQs+oJe721wnRmnlaje6WpmZEPu0HzcVQC:09+kUwn4lajkrumzcVQC
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Documents\JDDHMPCDUJ.jpg.CyberVolk
Category:	dropped
Dump:	JDDHMPCDUJ.jpg.CyberVolk2.0.dr
ID:	dr_157
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.760292195222222
Encrypted:	false
Ssdeep:	48:IPeNjaEtxNzWj3PzSr08FR4OpE6WpmZEPu0HzcVQC:Ye9tDW7uhwKWrumzcVQC
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Documents\JDDHMPCDUJ.mp3.CyberVolk
Category:	dropped
Dump:	JDDHMPCDUJ.mp3.CyberVolk3.0.dr
ID:	dr_158
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.760292195222222
Encrypted:	false
Ssdeep:	48:IPeNjaEtxNzWj3PzSr08FR4OpE6WpmZEPu0HzcVQC:Ye9tDW7uhwKWrumzcVQC
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Documents\KLIZUSIQEN.png.CyberVolk
Category:	dropped
Dump:	KLIZUSIQEN.png.CyberVolk3.0.dr
ID:	dr_159
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.754575367528431
Encrypted:	false
Ssdeep:	48:0sWUeYWXXVmxEt9Zl6y8M6T6WpmZEPu0HzcVQC:/WUNUVgc96y6rumzcVQC
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Documents\LIJDSFKJZG\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt37.0.dr
ID:	dr_160
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\user\Documents\NWCXBPIUYI\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt38.0.dr
ID:	dr_161
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\user\Documents\NYMMPCEIMA\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt39.0.dr
ID:	dr_162
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\user\Documents\PALRGUCVEH.docx.CyberVolk
Category:	dropped
Dump:	PALRGUCVEH.docx.CyberVolk3.0.dr
ID:	dr_170
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.76477707498498
Encrypted:	false
Ssdeep:	48:k7Az8MXSEz9fWbElAqq08V6WpmZEPu0HzcVQC:kA8MXSifOE+bRrumzcVQC
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Documents\PALRGUCVEH.pdf.CyberVolk
Category:	dropped
Dump:	PALRGUCVEH.pdf.CyberVolk3.0.dr
ID:	dr_171
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.76477707498498
Encrypted:	false
Ssdeep:	48:k7Az8MXSEz9fWbElAqq08V6WpmZEPu0HzcVQC:kA8MXSifOE+bRrumzcVQC
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Documents\PALRGUCVEH\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt40.0.dr
ID:	dr_169
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\user\Documents\PALRGUCVEH\GIGIYTFFYT.pdf.CyberVolk
Category:	dropped
Dump:	GIGIYTFFYT.pdf.CyberVolk3.0.dr
ID:	dr_163
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.792843524676093
Encrypted:	false
Ssdeep:	48:uQwiskEO3eYqEIxlRbJj6WpmZEPu0HzcVQC:u5kEOOYqFxl7LrumzcVQC
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Documents\PALRGUCVEH\GLTYDMDUST.mp3.CyberVolk
Category:	dropped
Dump:	GLTYDMDUST.mp3.CyberVolk3.0.dr
ID:	dr_164
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.7485864185403805
Encrypted:	false
Ssdeep:	48:jFL9Gm5bPTHv87JJp6Ev46WpmZEPu0HzcVQC:Zom5bPAsISrumzcVQC
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Documents\PALRGUCVEH\JDDHMPCDUJ.jpg.CyberVolk
Category:	dropped
Dump:	JDDHMPCDUJ.jpg.CyberVolk3.0.dr
ID:	dr_165
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.760292195222222
Encrypted:	false
Ssdeep:	48:IPeNjaEtxNzWj3PzSr08FR4OpE6WpmZEPu0HzcVQC:Ye9tDW7uhwKWrumzcVQC
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Documents\PALRGUCVEH\PALRGUCVEH.docx.CyberVolk
Category:	dropped
Dump:	PALRGUCVEH.docx.CyberVolk2.0.dr
ID:	dr_166
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.76477707498498
Encrypted:	false
Ssdeep:	48:k7Az8MXSEz9fWbElAqq08V6WpmZEPu0HzcVQC:kA8MXSifOE+bRrumzcVQC
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Documents\PALRGUCVEH\ZGGKNSUKOP.xlsx.CyberVolk
Category:	dropped
Dump:	ZGGKNSUKOP.xlsx.CyberVolk2.0.dr
ID:	dr_167
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.73186957212124
Encrypted:	false
Ssdeep:	48:HU9oQs+oJe721wnRmnlaje6WpmZEPu0HzcVQC:09+kUwn4lajkrumzcVQC
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Documents\PALRGUCVEH\ZIPXYXWIOY.png.CyberVolk
Category:	dropped
Dump:	ZIPXYXWIOY.png.CyberVolk2.0.dr
ID:	dr_168
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.7811750925408685
Encrypted:	false
Ssdeep:	48:9uEnVBUcJgdKIo0eUNQg16WpmZEPu0HzcVQC:9TVeDKIo0eirumzcVQC
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Documents\VWDFPKGDUF\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt41.0.dr
ID:	dr_172
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\user\Documents\ZGGKNSUKOP.mp3.CyberVolk
Category:	dropped
Dump:	ZGGKNSUKOP.mp3.CyberVolk3.0.dr
ID:	dr_173
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.73186957212124
Encrypted:	false
Ssdeep:	48:HU9oQs+oJe721wnRmnlaje6WpmZEPu0HzcVQC:09+kUwn4lajkrumzcVQC
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Documents\ZGGKNSUKOP.pdf.CyberVolk
Category:	dropped
Dump:	ZGGKNSUKOP.pdf.CyberVolk3.0.dr
ID:	dr_174
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.73186957212124
Encrypted:	false
Ssdeep:	48:HU9oQs+oJe721wnRmnlaje6WpmZEPu0HzcVQC:09+kUwn4lajkrumzcVQC
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Documents\ZGGKNSUKOP.xlsx.CyberVolk
Category:	dropped
Dump:	ZGGKNSUKOP.xlsx.CyberVolk3.0.dr
ID:	dr_175
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.73186957212124
Encrypted:	false
Ssdeep:	48:HU9oQs+oJe721wnRmnlaje6WpmZEPu0HzcVQC:09+kUwn4lajkrumzcVQC
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Documents\ZIPXYXWIOY.png.CyberVolk
Category:	dropped
Dump:	ZIPXYXWIOY.png.CyberVolk3.0.dr
ID:	dr_176
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.7811750925408685
Encrypted:	false
Ssdeep:	48:9uEnVBUcJgdKIo0eUNQg16WpmZEPu0HzcVQC:9TVeDKIo0eirumzcVQC
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Documents\desktop.ini.CyberVolk
Category:	dropped
Dump:	desktop.ini.CyberVolk14.0.dr
ID:	dr_127
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	5.791548737309277
Encrypted:	false
Ssdeep:	24:zyrEIt3+ZlFow/8XlrFlzNj+42dWAQT7kOeA3Df6wvWo9aGGSsDp9fWATzbN9:zi1EMxo4oQT77eoDJW2vsvfWuZ9
Size:	1468
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Downloads\BJZFPPWAPT.docx.CyberVolk
Category:	dropped
Dump:	BJZFPPWAPT.docx.CyberVolk3.0.dr
ID:	dr_178
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.756935187566286
Encrypted:	false
Ssdeep:	48:08aI2FLC0m5Wi9Tfxc/7MQDW9FL4D0DSmV8Y7DsDNtRBjecQ:Fd2FLC0Ihx87MuM4ADSmV8Y3sVBjpQ
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Downloads\BJZFPPWAPT.xlsx.CyberVolk
Category:	dropped
Dump:	BJZFPPWAPT.xlsx.CyberVolk3.0.dr
ID:	dr_179
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.756935187566286
Encrypted:	false
Ssdeep:	48:08aI2FLC0m5Wi9Tfxc/7MQDW9FL4D0DSmV8Y7DsDNtRBjecQ:Fd2FLC0Ihx87MuM4ADSmV8Y3sVBjpQ
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Downloads\DUUDTUBZFW.jpg.CyberVolk
Category:	dropped
Dump:	DUUDTUBZFW.jpg.CyberVolk3.0.dr
ID:	dr_181
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.7247464118950635
Encrypted:	false
Ssdeep:	48:GK6uBzIT/uBXA7U2R61rmDW9FL4D0DSmV8Y7DsDNtRBjecQ:DFBzITCw7UUmAM4ADSmV8Y3sVBjpQ
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Downloads\DUUDTUBZFW.xlsx.CyberVolk
Category:	dropped
Dump:	DUUDTUBZFW.xlsx.CyberVolk3.0.dr
ID:	dr_182
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.7247464118950635
Encrypted:	false
Ssdeep:	48:GK6uBzIT/uBXA7U2R61rmDW9FL4D0DSmV8Y7DsDNtRBjecQ:DFBzITCw7UUmAM4ADSmV8Y3sVBjpQ
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Downloads\EOWRVPQCCS.png.CyberVolk
Category:	dropped
Dump:	EOWRVPQCCS.png.CyberVolk.0.dr
ID:	dr_0
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.729226465400784
Encrypted:	false
Ssdeep:	48:nV3rHnLxHthYopcn5r3ztEDW9FL4D0DSmV8Y7DsDNtRBjecQ:nRrHLhUDwM4ADSmV8Y3sVBjpQ
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Downloads\EWZCVGNOWT.jpg.CyberVolk
Category:	dropped
Dump:	EWZCVGNOWT.jpg.CyberVolk.0.dr
ID:	dr_1
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.722274931313067
Encrypted:	false
Ssdeep:	48:JTxKFji3eSCRtDRRP4DW9FL4D0DSmV8Y7DsDNtRBjecQ:JQi3eSgDLmM4ADSmV8Y3sVBjpQ
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Downloads\GIGIYTFFYT.pdf.CyberVolk
Category:	dropped
Dump:	GIGIYTFFYT.pdf.CyberVolk.0.dr
ID:	dr_2
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.754775362257371
Encrypted:	false
Ssdeep:	48:yDUkQP5BhBrr+ViqJRDW9FL4D0DSmV8Y7DsDNtRBjecQ:rkg/XOViq3M4ADSmV8Y3sVBjpQ
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Downloads\GLTYDMDUST.mp3.CyberVolk
Category:	dropped
Dump:	GLTYDMDUST.mp3.CyberVolk.0.dr
ID:	dr_3
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.755024985534381
Encrypted:	false
Ssdeep:	48:1MeGlOLW20zTALWTornNjDW9FL4D0DSmV8Y7DsDNtRBjecQ:17U/HALWTornFM4ADSmV8Y3sVBjpQ
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Downloads\GRXZDKKVDB.docx.CyberVolk
Category:	dropped
Dump:	GRXZDKKVDB.docx.CyberVolk.0.dr
ID:	dr_4
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.7731258898542
Encrypted:	false
Ssdeep:	48:ny+SyMnQd8tV2Tt9mWVbMus/DW9FL4D0DSmV8Y7DsDNtRBjecQ:y+Sw8z2Tt9/bMpM4ADSmV8Y3sVBjpQ
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Downloads\JDDHMPCDUJ.jpg.CyberVolk
Category:	dropped
Dump:	JDDHMPCDUJ.jpg.CyberVolk.0.dr
ID:	dr_5
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.754465576569014
Encrypted:	false
Ssdeep:	48:IEVLDGPyZ6EgSpHhDW9FL4D0DSmV8Y7DsDNtRBjecQ:+g5gEVM4ADSmV8Y3sVBjpQ
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Downloads\JDDHMPCDUJ.mp3.CyberVolk
Category:	dropped
Dump:	JDDHMPCDUJ.mp3.CyberVolk.0.dr
ID:	dr_6
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.754465576569014
Encrypted:	false
Ssdeep:	48:IEVLDGPyZ6EgSpHhDW9FL4D0DSmV8Y7DsDNtRBjecQ:+g5gEVM4ADSmV8Y3sVBjpQ
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Downloads\KLIZUSIQEN.png.CyberVolk
Category:	dropped
Dump:	KLIZUSIQEN.png.CyberVolk.0.dr
ID:	dr_7
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.750331692349134
Encrypted:	false
Ssdeep:	48:+soMF9wy+8IkTA3wMkAVIK4DDW9FL4D0DSmV8Y7DsDNtRBjecQ:+xMFuy3Ir3Nkm9mM4ADSmV8Y3sVBjpQ
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Downloads\PALRGUCVEH.docx.CyberVolk
Category:	dropped
Dump:	PALRGUCVEH.docx.CyberVolk.0.dr
ID:	dr_8
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.773022961527402
Encrypted:	false
Ssdeep:	48:xWbxBUHxjFcFZq99m0BDW9FL4D0DSmV8Y7DsDNtRBjecQ:ev+mZq99msM4ADSmV8Y3sVBjpQ
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Downloads\PALRGUCVEH.pdf.CyberVolk
Category:	dropped
Dump:	PALRGUCVEH.pdf.CyberVolk.0.dr
ID:	dr_9
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.773022961527402
Encrypted:	false
Ssdeep:	48:xWbxBUHxjFcFZq99m0BDW9FL4D0DSmV8Y7DsDNtRBjecQ:ev+mZq99msM4ADSmV8Y3sVBjpQ
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Downloads\ZGGKNSUKOP.mp3.CyberVolk
Category:	dropped
Dump:	ZGGKNSUKOP.mp3.CyberVolk.0.dr
ID:	dr_20
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.7617346248161
Encrypted:	false
Ssdeep:	48:2pm/SwUWH0JXk6gMOhrFr/ueXyBL99FSnfYli2J7:8mKwUKKDgdzTuEMJinQi2N
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Downloads\ZGGKNSUKOP.pdf.CyberVolk
Category:	dropped
Dump:	ZGGKNSUKOP.pdf.CyberVolk0.0.dr
ID:	dr_22
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.7617346248161
Encrypted:	false
Ssdeep:	48:2pm/SwUWH0JXk6gMOhrFr/ueXyBL99FSnfYli2J7:8mKwUKKDgdzTuEMJinQi2N
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Downloads\ZGGKNSUKOP.xlsx.CyberVolk
Category:	dropped
Dump:	ZGGKNSUKOP.xlsx.CyberVolk.0.dr
ID:	dr_23
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.7617346248161
Encrypted:	false
Ssdeep:	48:2pm/SwUWH0JXk6gMOhrFr/ueXyBL99FSnfYli2J7:8mKwUKKDgdzTuEMJinQi2N
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Downloads\ZIPXYXWIOY.png.CyberVolk
Category:	dropped
Dump:	ZIPXYXWIOY.png.CyberVolk.0.dr
ID:	dr_26
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.758372916669944
Encrypted:	false
Ssdeep:	48:Ty9Rk0G1YH/EWi1QA2CCidj8QWnSrrFr/ueXyBL99FSnfYli2J7:5cvij8QxTuEMJinQi2N
Size:	2078
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Downloads\desktop.ini.CyberVolk
Category:	dropped
Dump:	desktop.ini.CyberVolk21.0.dr
ID:	dr_180
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	5.451377713892017
Encrypted:	false
Ssdeep:	24:HB0ZXk60oUKvwIqBlW9FL4DYJDSGqY8vFGyBlvZTY7DsDNthHBjeXMhSn:ySXpDDW9FL4D0DSmV8Y7DsDNtRBjecQ
Size:	1340
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Favorites\Amazon.url.CyberVolk
Category:	dropped
Dump:	Amazon.url.CyberVolk.0.dr
ID:	dr_30
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	4.7421890891283125
Encrypted:	false
Ssdeep:	24:DbkkOUSX+02PxAwiKVZtPmewWyBRVJJEW/lHYhuS/nnfYli2JaS:0kd5rFr/ueXyBL99FSnfYli2J7
Size:	1164
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Favorites\Bing.url.CyberVolk
Category:	dropped
Dump:	Bing.url.CyberVolk.0.dr
ID:	dr_32
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	5.177373213373953
Encrypted:	false
Ssdeep:	24:DbkkOZmc602PxAwiKVZtPmewWyBRVJJEW/lHYhuS/nnfYli2JaS:0kLdrFr/ueXyBL99FSnfYli2J7
Size:	1260
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Favorites\Facebook.url.CyberVolk
Category:	dropped
Dump:	Facebook.url.CyberVolk.0.dr
ID:	dr_36
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	4.811862816703631
Encrypted:	false
Ssdeep:	24:DbkkOUP102PxAwiKVZtPmewWyBRVJJEW/lHYhuS/nnfYli2JaS:0kdP1rFr/ueXyBL99FSnfYli2J7
Size:	1180
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Favorites\Google.url.CyberVolk
Category:	dropped
Dump:	Google.url.CyberVolk.0.dr
ID:	dr_38
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	4.749951719631439
Encrypted:	false
Ssdeep:	24:DbkkOU/02PxAwiKVZtPmewWyBRVJJEW/lHYhuS/nnfYli2JaS:0kd/rFr/ueXyBL99FSnfYli2J7
Size:	1164
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Favorites\Links\desktop.ini.CyberVolk
Category:	dropped
Dump:	desktop.ini.CyberVolk3.0.dr
ID:	dr_50
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	4.583916495494443
Encrypted:	false
Ssdeep:	24:DbFOKhdh02PxAwiKVZtPmewWyBRVJJEW/lHYhuS/nnfYli2JaS:vHhrFr/ueXyBL99FSnfYli2J7
Size:	1132
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Favorites\Live.url.CyberVolk
Category:	dropped
Dump:	Live.url.CyberVolk.0.dr
ID:	dr_52
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	4.745806779367827
Encrypted:	false
Ssdeep:	24:DbkkOUB+02PxAwiKVZtPmewWyBRVJJEW/lHYhuS/nnfYli2JaS:0kdwrFr/ueXyBL99FSnfYli2J7
Size:	1164
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Favorites\NYTimes.url.CyberVolk
Category:	dropped
Dump:	NYTimes.url.CyberVolk.0.dr
ID:	dr_53
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	4.751121429128712
Encrypted:	false
Ssdeep:	24:DbkkOUfr02PxAwiKVZtPmewWyBRVJJEW/lHYhuS/nnfYli2JaS:0kdzrFr/ueXyBL99FSnfYli2J7
Size:	1164
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Favorites\Reddit.url.CyberVolk
Category:	dropped
Dump:	Reddit.url.CyberVolk.0.dr
ID:	dr_54
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	4.7392354851469785
Encrypted:	false
Ssdeep:	24:DbkkOUq+k102PxAwiKVZtPmewWyBRVJJEW/lHYhuS/nnfYli2JaS:0kdq+k1rFr/ueXyBL99FSnfYli2J7
Size:	1164
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Favorites\Twitter.url.CyberVolk
Category:	dropped
Dump:	Twitter.url.CyberVolk.0.dr
ID:	dr_55
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	4.736026395755844
Encrypted:	false
Ssdeep:	24:DbkkOUx902PxAwiKVZtPmewWyBRVJJEW/lHYhuS/nnfYli2JaS:0kdzrFr/ueXyBL99FSnfYli2J7
Size:	1164
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Favorites\Wikipedia.url.CyberVolk
Category:	dropped
Dump:	Wikipedia.url.CyberVolk.0.dr
ID:	dr_56
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	4.81130326445716
Encrypted:	false
Ssdeep:	24:DbkkOU1It02PxAwiKVZtPmewWyBRVJJEW/lHYhuS/nnfYli2JaS:0kdatrFr/ueXyBL99FSnfYli2J7
Size:	1180
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Favorites\Youtube.url.CyberVolk
Category:	dropped
Dump:	Youtube.url.CyberVolk.0.dr
ID:	dr_57
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	4.743227699369347
Encrypted:	false
Ssdeep:	24:DbkkOUq02PxAwiKVZtPmewWyBRVJJEW/lHYhuS/nnfYli2JaS:0kdqrFr/ueXyBL99FSnfYli2J7
Size:	1164
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Favorites\desktop.ini.CyberVolk
Category:	dropped
Dump:	desktop.ini.CyberVolk1.0.dr
ID:	dr_34
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	5.844592138408294
Encrypted:	false
Ssdeep:	24:Db1R2b9MAOMn02PxAwiKVZtPmewWyBRVJJEW/lHYhuS/nnfYli2JaS:FR2bDrFr/ueXyBL99FSnfYli2J7
Size:	1468
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Links\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt9.0.dr
ID:	dr_72
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\user\Links\Desktop.lnk.CyberVolk
Category:	dropped
Dump:	Desktop.lnk.CyberVolk.0.dr
ID:	dr_70
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	5.970852265449946
Encrypted:	false
Ssdeep:	48:gQVHbzKGrMDI7y0/trFr/ueXyBL99FSnfYli2J7:tHbfJTuEMJinQi2N
Size:	1548
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Links\Downloads.lnk.CyberVolk
Category:	dropped
Dump:	Downloads.lnk.CyberVolk.0.dr
ID:	dr_71
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.674946535309034
Encrypted:	false
Ssdeep:	48:g0DA/Pd2/ZBSSQUl7RrFr/ueXyBL99FSnfYli2J7:7DGPOBSRETuEMJinQi2N
Size:	1996
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Links\desktop.ini.CyberVolk
Category:	dropped
Dump:	desktop.ini.CyberVolk4.0.dr
ID:	dr_59
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.039418958806117
Encrypted:	false
Ssdeep:	24:Db1R2lcrfgTw56SbiNxq02PxAwiKVZtPmewWyBRVJJEW/lHYhuS/nnfYli2JaS:FR2+DMKTrFr/ueXyBL99FSnfYli2J7
Size:	1564
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Music\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt10.0.dr
ID:	dr_74
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\user\Music\desktop.ini.CyberVolk
Category:	dropped
Dump:	desktop.ini.CyberVolk5.0.dr
ID:	dr_73
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.069910464978212
Encrypted:	false
Ssdeep:	24:Db1R2UTxTb2KEHpRA402PxAwiKVZtPmewWyBRVJJEW/lHYhuS/nnfYli2JaS:FR2cnx6LA4rFr/ueXyBL99FSnfYli2J7
Size:	1564
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\NTUSER.DAT{53b39e88-18c4-11ea-a811-000d3aa4692b}.TM.blf.CyberVolk
Category:	dropped
Dump:	NTUSER.DAT{53b39e88-18c4-11ea-a811-000d3aa4692b}.TM.blf.CyberVolk.0.dr
ID:	dr_75
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	1.6670926433938036
Encrypted:	false
Ssdeep:	192:2WFjeT645R8szlGMubFwalZ2aG64LR8sw6MSVyq2MWvUSDQi9:NjeG4/4Hw8Z2a4txMmWvR9
Size:	66588
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\NTUSER.DAT{53b39e88-18c4-11ea-a811-000d3aa4692b}.TMContainer00000000000000000001.regtrans-ms.CyberVolk
Category:	dropped
Dump:	NTUSER.DAT{53b39e88-18c4-11ea-a811-000d3aa4692b}.TMContainer00000000000000000001.regtrans-ms.CyberVolk.0.dr
ID:	dr_76
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	1.3008854844099562
Encrypted:	false
Ssdeep:	1536:CzaLgjkzWc3aLrUTFn6hBnt12nR97A19ONbQA:ZLgwzWtvUTFn+Bnt12nkHaf
Size:	525340
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\NTUSER.DAT{53b39e88-18c4-11ea-a811-000d3aa4692b}.TMContainer00000000000000000002.regtrans-ms.CyberVolk
Category:	dropped
Dump:	NTUSER.DAT{53b39e88-18c4-11ea-a811-000d3aa4692b}.TMContainer00000000000000000002.regtrans-ms.CyberVolk.0.dr
ID:	dr_77
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	1.3009261460089776
Encrypted:	false
Ssdeep:	768:5ITcu7tRsFh+joJ6KRDVnZnL0MC6R/eXN2TVdHKq05hxCeKbBsr8gWds0Mb0iMn9:GcuRRsFcoJTYl2xRtR4qlQjs
Size:	525340
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\OneDrive\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt15.0.dr
ID:	dr_90
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\user\OneDrive\desktop.ini.CyberVolk
Category:	dropped
Dump:	desktop.ini.CyberVolk6.0.dr
ID:	dr_79
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	4.758580568404544
Encrypted:	false
Ssdeep:	24:DbH2tAN+tt02PxAwiKVZtPmewWyBRVJJEW/lHYhuS/nnfYli2JaS:GyqtrFr/ueXyBL99FSnfYli2J7
Size:	1164
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Pictures\Camera Roll\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt16.0.dr
ID:	dr_92
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\user\Pictures\Camera Roll\desktop.ini.CyberVolk
Category:	dropped
Dump:	desktop.ini.CyberVolk7.0.dr
ID:	dr_91
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	5.15288451630608
Encrypted:	false
Ssdeep:	24:0KXLWCCSzbC1AupOE2UuPL8clUzat0pXTyymWUg1zJb7Q0+2gpnEc9K:9zCP1A1UuPL8aUzNpXnh1Q6WK
Size:	1244
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Pictures\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt18.0.dr
ID:	dr_96
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\user\Pictures\Saved Pictures\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt17.0.dr
ID:	dr_95
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\user\Pictures\Saved Pictures\desktop.ini.CyberVolk
Category:	dropped
Dump:	desktop.ini.CyberVolk9.0.dr
ID:	dr_94
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	5.140301050370242
Encrypted:	false
Ssdeep:	24:0KXLRKCCSzbC1AupOE2UuPL8clUzat0pXTyymWUg1zJb7Q0+2gpnEc9K:9RvCP1A1UuPL8aUzNpXnh1Q6WK
Size:	1244
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Pictures\desktop.ini.CyberVolk
Category:	dropped
Dump:	desktop.ini.CyberVolk8.0.dr
ID:	dr_93
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.0450794697392
Encrypted:	false
Ssdeep:	24:0KX95XEKixCRNW8CCSzbC1AupOE2UuPL8clUzat0pXTyymWUg1zJb7Q0+2gpnEcI:jlEJxwNWtCP1A1UuPL8aUzNpXnh1Q6WK
Size:	1564
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Recent\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt19.0.dr
ID:	dr_97
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\user\Saved Games\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt20.0.dr
ID:	dr_99
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\user\Saved Games\desktop.ini.CyberVolk
Category:	dropped
Dump:	desktop.ini.CyberVolk10.0.dr
ID:	dr_98
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	5.467085103308685
Encrypted:	false
Ssdeep:	24:0KXg+4jETCCSzbC1AupOE2UuPL8clUzat0pXTyymWUg1zJb7Q0+2gpnEc9K:bKxCP1A1UuPL8aUzNpXnh1Q6WK
Size:	1340
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Searches\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt23.0.dr
ID:	dr_114
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\user\Searches\Everywhere.search-ms.CyberVolk
Category:	dropped
Dump:	Everywhere.search-ms.CyberVolk.0.dr
ID:	dr_111
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	5.3292613518479
Encrypted:	false
Ssdeep:	24:0KA+Mkh5187qwQQVCCSzbC1AupOE2UuPL8clUzat0pXTyymWUg1zJb7Q0+2gpnEX:KCKHQQ0CP1A1UuPL8aUzNpXnh1Q6WK
Size:	1308
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Searches\Indexed Locations.search-ms.CyberVolk
Category:	dropped
Dump:	Indexed Locations.search-ms.CyberVolk.0.dr
ID:	dr_112
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	5.347031125912063
Encrypted:	false
Ssdeep:	24:0KA+Mkh518arfhCCSzbC1AupOE2UuPL8clUzat0pXTyymWUg1zJb7Q0+2gpnEc9K:KCH8CP1A1UuPL8aUzNpXnh1Q6WK
Size:	1308
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Searches\desktop.ini.CyberVolk
Category:	dropped
Dump:	desktop.ini.CyberVolk11.0.dr
ID:	dr_110
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.086634703464789
Encrypted:	false
Ssdeep:	48:2cvAmZU5TcCP1A1UuPL8aUzNpXnh1Q6WK:TvFuIN1UuD8HTvRn
Size:	1580
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Searches\winrt--{S-1-5-21-2246122658-3693405117-2476756634-1003}-.searchconnector-ms.CyberVolk
Category:	dropped
Dump:	winrt--{S-1-5-21-2246122658-3693405117-2476756634-1003}-.searchconnector-ms.CyberVolk.0.dr
ID:	dr_113
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.573192825914695
Encrypted:	false
Ssdeep:	48:Ky0aBCpbrl+EtvhZcs3Hl0Mo0CP1A1UuPL8aUzNpXnh1Q6WK:9ClttvMgl0Mo0N1UuD8HTvRn
Size:	1916
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\Videos\CyberVolk_ReadMe.txt
Category:	dropped
Dump:	CyberVolk_ReadMe.txt24.0.dr
ID:	dr_116
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text
Entropy:	4.680830333675681
Encrypted:	false
Ssdeep:	6:xi7GxCX2mrcHAu8xIzGCc3CjhXYPmXrdyF5zPOjXg1wVvswqoculySufEAa+:oqQnIguJZhXYub25zOjXqwVkZclssA1
Size:	347
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates license or readme file	Compliance, Persistence and Installation Behavior

Details

File:	C:\Users\user\Videos\desktop.ini.CyberVolk
Category:	dropped
Dump:	desktop.ini.CyberVolk12.0.dr
ID:	dr_115
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	6.036676156192474
Encrypted:	false
Ssdeep:	24:0KX96iJHS2vYhCCSzbC1AupOE2UuPL8clUzat0pXTyymWUg1zJb7Q0+2gpnEc9K:nzYYCP1A1UuPL8aUzNpXnh1Q6WK
Size:	1564
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\_curlrc.CyberVolk
Category:	dropped
Dump:	_curlrc.CyberVolk.0.dr
ID:	dr_117
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	4.251713760950484
Encrypted:	false
Ssdeep:	24:0KKqCCCSzbC1AupOE2UuPL8clUzat0pXTyymWUg1zJb7Q0+2gpnEc9K:sqXCP1A1UuPL8aUzNpXnh1Q6WK
Size:	1068
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\user\ntuser.ini.CyberVolk
Category:	dropped
Dump:	ntuser.ini.CyberVolk.0.dr
ID:	dr_78
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	4.345820851647413
Encrypted:	false
Ssdeep:	24:DbrN02PxAwiKVZtPmewWyBRVJJEW/lHYhuS/nnfYli2JaS:JrFr/ueXyBL99FSnfYli2J7
Size:	1084
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Users\desktop.ini.CyberVolk
Category:	dropped
Dump:	desktop.ini.CyberVolk13.0.dr
ID:	dr_119
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	data
Entropy:	5.058807891672308
Encrypted:	false
Ssdeep:	24:0KXNCCSzbC1AupOE2UuPL8clUzat0pXTyymWUg1zJb7Q0+2gpnEc9K:SCP1A1UuPL8aUzNpXnh1Q6WK
Size:	1228
Whitelisted:	false
Reputation:	timeout

Details

File:	\Device\ConDrv
Category:	dropped
Dump:	ConDrv.0.dr
ID:	dr_24
Target ID:	0
Process:	C:\Users\user\Desktop\JpQFDOA7Uk.exe
Type:	ASCII text, with CRLF line terminators
Entropy:	5.400622690566633
Encrypted:	false
Ssdeep:	192:IglensjUX6QuR3NPeadKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKy:E6nPo
Size:	31474
Whitelisted:	false
Reputation:	timeout

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
JpQFDOA7Uk.exe

Files

Processes

URLs

Domains

Memdumps

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC ReportJpQFDOA7Uk.exe

Files

Processes

URLs

Domains

Memdumps

IOC Report
JpQFDOA7Uk.exe