1423053f90855d33858db47f354055b660943104c1c18f848c9b7b415979dc5f

Submit
Reports

Overview

overview

Static

static

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

ฺฺฺK...ฺฺ

windows10_x64

Resubmissions

03-07-2024 16:04

01-07-2024 18:12

01-07-2024 18:03

01-07-2024 18:03

01-07-2024 18:03

01-07-2024 18:03

01-07-2024 18:02

01-07-2024 18:02

22-11-2023 17:02

Analysis

max time kernel
302s
max time network
368s
platform
windows10_x64
resource
win10v20201028
submitted
19-11-2020 13:14

Sharing

Copy URL

Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

08751be484e1572995ebb085df1c2c6372084d63a64dce7fab28130d79a6ea2d.dll

Resource

win10v20201028

zloader main 26.02.2020 botnet persistence trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

0a9f79abd48b95544d7e2b6658637d1eb23067a94e10bf06d05c9ecc73cf4b51.exe

Resource

win10v20201028

azorult oski discovery infostealer spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral3

Sample

1.bin/1.exe

Resource

win10v20201028

agenttesla danabot dharma formbook gozi_rm3 nanocore qakbot 86920224 spx129 1590734339 app i0qi w9z agilenet banker botnet coreentity cryptone evasion keylogger packer persistence ransomware rat rezer0 spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral4

Sample

2019-09-02_22-41-10.exe

Resource

win10v20201028

smokeloader backdoor trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral5

Sample

2b5e50bc3077610128051bc3e657c3f0e331fb8fed2559c6596911890ea866ba.dll

Resource

win10v20201028

zloader botnet trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral6

Sample

2c01b007729230c415420ad641ad92eb.exe

Resource

win10v20201028

hawkeye nanocore keylogger persistence spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral7

Sample

31.exe

Resource

win10v20201028

agenttesla danabot dharma formbook gozi_rm3 qakbot 86920224 spx129 1590734339 app i0qi w9z agilenet banker botnet coreentity cryptone evasion keylogger packer persistence ransomware rat rezer0 spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral8

Sample

3DMark 11 Advanced Edition.exe

Resource

win10v20201028

agenttesla azorult plugx redline smokeloader tofsee xmrig backdoor bootkit discovery evasion infostealer keylogger macro miner persistence spyware stealer trojan upx vmprotect

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral9

Sample

42f972925508a82236e8533567487761.exe

Resource

win10v20201028

asyncrat darkcomet warzonerat evasion infostealer persistence rat trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral10

Sample

42f972925508a82236e8533567487761(1).exe

Resource

win10v20201028

asyncrat darkcomet njrat warzonerat evasion infostealer persistence rat trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral11

Sample

5da0116af495e6d8af7241da9b8281d918b9ff9a98a3deab4cca1aec1e456c18.exe

Resource

win10v20201028

discovery persistence ransomware upx

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral12

Sample

69c56d12ed7024696936fb69b4c6bee58174a275cb53fa966646a0b092d9626b.exe

Resource

win10v20201028

hakbit ransomware spyware stealer

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral13

Sample

6a9e7107c97762eb1196a64baeadb291.exe

Resource

win10v20201028

persistence

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral14

Sample

905d572f23883f5f161f920e53473989cf7dffc16643aa759f77842e54add550.exe

Resource

win10v20201028

revengerat xmrig xdsddd miner stealer trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral15

Sample

948340be97cc69c2cf8e5c8327ee52a89eeb50095f978696c710ad773a46b654.exe

Resource

win10v20201028

revengerat victime persistence stealer trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral16

Sample

95560f1a465e8ba87a73f8e60a6657545073d55c3b5cfc2ffdaf3d69d46afcf9.dll

Resource

win10v20201028

zloader 25/03 botnet trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral17

Sample

Archive.zip__ccacaxs2tbz2t6ob3e.exe

Resource

win10v20201028

discovery persistence spyware stealer

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral18

Sample

CVE-2018-15982_PoC.swf

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral19

Sample

CVWSHSetup[1].bin/WSHSetup[1].exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral20

Sample

DiskInternals_Uneraser_v5_keygen.exe

Resource

win10v20201028

azorult pony socelars discovery evasion infostealer persistence rat spyware stealer trojan upx

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral21

Sample

ForceOp 2.8.7 - By RaiSence.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral22

Sample

HYDRA.exe

Resource

win10v20201028

smokeloader backdoor persistence trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral23

Sample

KLwC6vii.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral24

Sample

Keygen.exe

Resource

win10v20201028

asyncrat azorult modiloader oski raccoon remcos 5e4db353b88c002ba6466c06437973619aad03b3 xxxxxxxxxxx discovery evasion infostealer persistence rat spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral25

Sample

Lonelyscreen.1.2.9.keygen.by.Paradox/Lonelyscreen.1.2.9.keygen.by.Paradox.exe

Resource

win10v20201028

socelars discovery persistence spyware stealer upx vmprotect

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral26

Sample

LtHv0O2KZDK4M637.exe

Resource

win10v20201028

azorult rms xmrig aspackv2 discovery evasion infostealer miner persistence rat spyware stealer trojan upx

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral27

Sample

Magic_File_v3_keygen_by_KeygenNinja.exe

Resource

win10v20201028

pony bootkit discovery evasion persistence rat rezer0 spyware stealer trojan upx

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral28

Sample

OnlineInstaller.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral29

Sample

Remouse.Micro.Micro.v3.5.3.serial.maker.by.aaocg.exe

Resource

win10v20201028

agenttesla azorult redline smokeloader tofsee xmrig backdoor bootkit discovery evasion infostealer keylogger macro miner persistence ransomware spyware stealer trojan upx vmprotect

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral30

Sample

[email protected]

Resource

win10v20201028

icedid banker loader trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral31

Sample

SecuriteInfo.com.Generic.mg.cde56cf0169830ee.29869.dll

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral32

Sample

SecurityTaskManager_Setup.exe

Resource

win10v20201028

discovery evasion spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

CVE-2018-15982_PoC.swf

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082

Processes

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\CVE-2018-15982_PoC.swf
1⤵
PID:816

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads