Windows Analysis Report
_ISDel.exe

Overview

General Information

Sample name: _ISDel.exe
Analysis ID: 1528053
MD5: 130f6392e3c8c43773b1ca7737d0b8b0
SHA1: 372d0412388d8d0c9cd7cb8ddeb175b21cbf7395
SHA256: 1058834b08b4323ca825843e43c0687d687ac4fd40e667e90da56a58389bc32a

Detection

Score: 56
Range: 0 - 100
Whitelisted: false
Confidence: 100%

Signatures

Antivirus / Scanner detection for submitted sample
Machine Learning detection for sample
PE file has a writeable .text section
Program does not show much activity (idle)
Uses 32bit PE files

Classification

AV Detection
barindex
Antivirus / Scanner detection for submitted sample
Source: _ISDel.exe Avira: detected
Machine Learning detection for sample
Source: _ISDel.exe Joe Sandbox ML: detected
Uses 32bit PE files
Source: _ISDel.exe Static PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE

System Summary
barindex
PE file has a writeable .text section
Source: _ISDel.exe Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
Uses 32bit PE files
Source: _ISDel.exe Static PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
Source: classification engine Classification label: mal56.winEXE@1/0@0/0
Source: C:\Users\user\Desktop\_ISDel.exe Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers Jump to behavior
Source: C:\Users\user\Desktop\_ISDel.exe Section loaded: apphelp.dll Jump to behavior
Source: C:\Users\user\Desktop\_ISDel.exe Section loaded: acspecfc.dll Jump to behavior
Source: C:\Users\user\Desktop\_ISDel.exe Section loaded: sspicli.dll Jump to behavior
Source: C:\Users\user\Desktop\_ISDel.exe Section loaded: mscms.dll Jump to behavior
Source: C:\Users\user\Desktop\_ISDel.exe Section loaded: userenv.dll Jump to behavior
Source: C:\Users\user\Desktop\_ISDel.exe Section loaded: mpr.dll Jump to behavior
Source: C:\Users\user\Desktop\_ISDel.exe Section loaded: winmm.dll Jump to behavior
Source: C:\Users\user\Desktop\_ISDel.exe Section loaded: ddraw.dll Jump to behavior
Source: C:\Users\user\Desktop\_ISDel.exe Section loaded: dwmapi.dll Jump to behavior
Source: C:\Users\user\Desktop\_ISDel.exe Section loaded: msi.dll Jump to behavior
Source: C:\Users\user\Desktop\_ISDel.exe Section loaded: userenv.dll Jump to behavior
Source: C:\Users\user\Desktop\_ISDel.exe Section loaded: coloradapterclient.dll Jump to behavior
Source: C:\Users\user\Desktop\_ISDel.exe Section loaded: kernel.appcore.dll Jump to behavior
Source: C:\Users\user\Desktop\_ISDel.exe Section loaded: dxgi.dll Jump to behavior
Source: C:\Users\user\Desktop\_ISDel.exe Section loaded: dciman32.dll Jump to behavior
Source: C:\Users\user\Desktop\_ISDel.exe Section loaded: acgenral.dll Jump to behavior
Source: C:\Users\user\Desktop\_ISDel.exe Section loaded: uxtheme.dll Jump to behavior
Source: C:\Users\user\Desktop\_ISDel.exe Section loaded: samcli.dll Jump to behavior
Source: C:\Users\user\Desktop\_ISDel.exe Section loaded: msacm32.dll Jump to behavior
Source: C:\Users\user\Desktop\_ISDel.exe Section loaded: version.dll Jump to behavior
Source: C:\Users\user\Desktop\_ISDel.exe Section loaded: urlmon.dll Jump to behavior
Source: C:\Users\user\Desktop\_ISDel.exe Section loaded: winmmbase.dll Jump to behavior
Source: C:\Users\user\Desktop\_ISDel.exe Section loaded: winmmbase.dll Jump to behavior
Source: C:\Users\user\Desktop\_ISDel.exe Section loaded: iertutil.dll Jump to behavior
Source: C:\Users\user\Desktop\_ISDel.exe Section loaded: srvcli.dll Jump to behavior
Source: C:\Users\user\Desktop\_ISDel.exe Section loaded: netutils.dll Jump to behavior
Source: C:\Users\user\Desktop\_ISDel.exe Section loaded: acwow64.dll Jump to behavior
Source: C:\Users\user\Desktop\_ISDel.exe Section loaded: aclayers.dll Jump to behavior
Source: C:\Users\user\Desktop\_ISDel.exe Section loaded: sfc.dll Jump to behavior
Source: C:\Users\user\Desktop\_ISDel.exe Section loaded: sfc_os.dll Jump to behavior
Source: C:\Users\user\Desktop\_ISDel.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\Desktop\_ISDel.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\Desktop\_ISDel.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\Desktop\_ISDel.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Source: C:\Users\user\Desktop\_ISDel.exe Process information set: NOOPENFILEERRORBOX Jump to behavior
Program does not show much activity (idle)
Source: all processes Thread injection, dropped files, key value created, disk infection and DNS query: no activity detected
Program does not show much activity (idle)
Source: all processes Thread injection, dropped files, key value created, disk infection and DNS query: no activity detected
windows-stand
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 signatures2 2 Behavior Graph ID: 1528053 Sample: _ISDel.exe Startdate: 07/10/2024 Architecture: WINDOWS Score: 56 7 Antivirus / Scanner detection for submitted sample 2->7 9 Machine Learning detection for sample 2->9 11 PE file has a writeable .text section 2->11 5 _ISDel.exe 2->5         started        process3
No contacted IP infos