Edit tour
Windows
Analysis Report
http://d1isumqvmnq7jz.cloudfront.net/build/pl/v4.397.63.30.34
Overview
General Information
Detection
Score: | 56 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Antivirus / Scanner detection for submitted sample
Multi AV Scanner detection for dropped file
Downloads executable code via HTTP
Drops PE files
Drops files with a non-matching file extension (content does not match file extension)
PE file contains an invalid checksum
PE file contains executable resources (Code or Archives)
PE file contains sections with non-standard names
PE file does not import any functions
PE file overlay found
Classification
- System is w10x64
- chrome.exe (PID: 3196 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 3524 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2236 --fi eld-trial- handle=220 8,i,440694 9674789423 698,269795 8066234429 667,262144 --disable -features= Optimizati onGuideMod elDownload ing,Optimi zationHint s,Optimiza tionHintsF etching,Op timization TargetPred iction /pr efetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 6572 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= chrome.moj om.UtilRea dIcon --la ng=en-US - -service-s andbox-typ e=icon_rea der --mojo -platform- channel-ha ndle=5480 --field-tr ial-handle =2208,i,44 0694967478 9423698,26 9795806623 4429667,26 2144 --dis able-featu res=Optimi zationGuid eModelDown loading,Op timization Hints,Opti mizationHi ntsFetchin g,Optimiza tionTarget Prediction /prefetch :8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 6392 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt p://d1isum qvmnq7jz.c loudfront. net/build/ pl/v4.397. 63.30.34" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- free-barcode-6.8.10-installer_c-RQoW1.exe (PID: 3604 cmdline:
"C:\Users\ user\Downl oads\free- barcode-6. 8.10-insta ller_c-RQo W1.exe" MD5: 6144AC21E74CC0373B54BCFE210BAFC8) - free-barcode-6.8.10-installer_c-RQoW1.tmp (PID: 6500 cmdline:
"C:\Users\ user\AppDa ta\Local\T emp\is-VUM NN.tmp\fre e-barcode- 6.8.10-ins taller_c-R QoW1.tmp" /SL5="$A00 76,837550, 832512,C:\ Users\user \Downloads \free-barc ode-6.8.10 -installer _c-RQoW1.e xe" MD5: 8A8ADFED91899D41DFB711744C8BE5E7)
- cleanup
⊘No configs have been found
⊘No yara matches
⊘No Sigma rule has matched
⊘No Snort rule has matched
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | Avira URL Cloud: |
Source: | Virustotal: | Perma Link | ||
Source: | Virustotal: | Perma Link | ||
Source: | Virustotal: | Perma Link |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | HTTP traffic detected: |