| Source: Yara match |
File source: sc.com, type: SAMPLE |
| Source: sc.com |
String found in binary or memory: https://i.ibb.co/7CKgHCt/ep.png |
| Source: sc.com |
String found in binary or memory: https://i.ibb.co/9qFGmjh/miciconlogo.png |
| Source: sc.com |
String found in binary or memory: https://i.ibb.co/F3yr74z/forgotpass.png |
| Source: sc.com |
String found in binary or memory: https://i.ibb.co/gtKmtC9/officebg.png |
| Source: sc.com |
String found in binary or memory: https://i.ibb.co/r5zjhmN/officebg2.png |
| Source: sc.com |
String found in binary or memory: https://passwordreset.microsoftonline.com/ |
| Source: sc.com |
String found in binary or memory: https://pikap.kz/wp-admin/wed/server5.php |
| Source: classification engine |
Classification label: mal48.phis.winCOM@4/5@0/0 |
| Source: C:\Program Files\internet explorer\iexplore.exe |
File created: C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High |
Jump to behavior |
| Source: C:\Program Files\internet explorer\iexplore.exe |
File created: C:\Users\user\AppData\Local\Temp\~DFF37C87F1E61570B4.TMP |
Jump to behavior |
| Source: C:\Program Files\internet explorer\iexplore.exe |
File read: C:\Users\desktop.ini |
Jump to behavior |
| Source: unknown |
Process created: C:\Program Files\internet explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' -Embedding |
|
| Source: unknown |
Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:5624 CREDAT:17410 /prefetch:2 |
|
| Source: C:\Program Files\internet explorer\iexplore.exe |
Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:5624 CREDAT:17410 /prefetch:2 |
Jump to behavior |
| Source: C:\Program Files\internet explorer\iexplore.exe |
Automated click: Run |
| Source: C:\Program Files\internet explorer\iexplore.exe |
Automated click: Run |
| Source: C:\Program Files\internet explorer\iexplore.exe |
Automated click: Run |
| Source: C:\Program Files\internet explorer\iexplore.exe |
Automated click: Run |
| Source: C:\Program Files\internet explorer\iexplore.exe |
Automated click: Run |
| Source: C:\Program Files\internet explorer\iexplore.exe |
Automated click: Run |
| Source: C:\Program Files\internet explorer\iexplore.exe |
Automated click: Run |
| Source: C:\Program Files\internet explorer\iexplore.exe |
Automated click: Run |
| Source: C:\Program Files\internet explorer\iexplore.exe |
Automated click: Run |
| Source: C:\Program Files\internet explorer\iexplore.exe |
Automated click: Run |
| Source: C:\Program Files\internet explorer\iexplore.exe |
Automated click: Run |
| Source: C:\Program Files\internet explorer\iexplore.exe |
Automated click: Run |
| Source: C:\Program Files\internet explorer\iexplore.exe |
Automated click: Run |
| Source: C:\Program Files\internet explorer\iexplore.exe |
Automated click: Run |
| Source: C:\Program Files\internet explorer\iexplore.exe |
Automated click: Run |
| Source: C:\Program Files\internet explorer\iexplore.exe |
Automated click: Run |
| Source: C:\Program Files\internet explorer\iexplore.exe |
Automated click: Run |
| Source: C:\Program Files\internet explorer\iexplore.exe |
Automated click: Run |
| Source: C:\Program Files\internet explorer\iexplore.exe |
Automated click: Run |
| Source: C:\Program Files\internet explorer\iexplore.exe |
Automated click: Run |
| Source: C:\Program Files\internet explorer\iexplore.exe |
Automated click: Run |
| Source: C:\Program Files\internet explorer\iexplore.exe |
Automated click: Run |
| Source: Window Recorder |
Window detected: More than 3 window changes detected |
| Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe |
File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll |
Jump to behavior |
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet