Loading ...

Play interactive tourEdit tour

Analysis Report MICHELAN.ASM

Overview

General Information

Sample Name:MICHELAN.ASM
Analysis ID:321437
MD5:cec8ed72d9d686bd84029da5eae500fd
SHA1:07d00071334f434154b16f7a59528e4975c9b8e5
SHA256:4d3cc687673eb38dbfea35505b8b5e4b535209e7957ebadd37541f0a002866cc

Most interesting Screenshot:

Errors
  • Nothing to analyse, Joe Sandbox has not found any analysis process or sample
  • Corrupt sample or wrongly selected analyzer. Details: 80040153

Detection

Score:48
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Multi AV Scanner detection for submitted file

Classification

Malware Configuration

No configs have been found

Yara Overview

No yara matches

Sigma Overview

No Sigma rule has matched

Signature Overview

Click to jump to signature section

Show All Signature Results

AV Detection:

barindex
Multi AV Scanner detection for submitted fileShow sources
Source: MICHELAN.ASMVirustotal: Detection: 8%Perma Link
Source: MICHELAN.ASMReversingLabs: Detection: 14%
Source: classification engineClassification label: mal48.winASM@0/0@0/0
Source: MICHELAN.ASMVirustotal: Detection: 8%
Source: MICHELAN.ASMReversingLabs: Detection: 14%

Mitre Att&ck Matrix

No Mitre Att&ck techniques found

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
MICHELAN.ASM8%VirustotalBrowse
MICHELAN.ASM3%MetadefenderBrowse
MICHELAN.ASM15%ReversingLabsDOS.Virus.Mgelo

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

No contacted domains info

Contacted IPs

No contacted IP infos

General Information

Joe Sandbox Version:31.0.0 Red Diamond
Analysis ID:321437
Start date:22.11.2020
Start time:05:47:53
Joe Sandbox Product:CloudBasic
Overall analysis duration:0h 1m 31s
Hypervisor based Inspection enabled:false
Report type:full
Sample file name:MICHELAN.ASM
Cookbook file name:default.jbs
Analysis system description:Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Number of analysed new started processes analysed:0
Number of new started drivers analysed:0
Number of existing processes analysed:0
Number of existing drivers analysed:0
Number of injected processes analysed:0
Technologies:
  • EGA enabled
  • HDC enabled
  • AMSI enabled
Analysis Mode:default
Analysis stop reason:Timeout
Detection:MAL
Classification:mal48.winASM@0/0@0/0
Cookbook Comments:
  • Adjust boot time
  • Enable AMSI
  • Unable to launch sample, stop analysis
Errors:
  • Nothing to analyse, Joe Sandbox has not found any analysis process or sample
  • Corrupt sample or wrongly selected analyzer. Details: 80040153

Simulations

Behavior and APIs

No simulations

Joe Sandbox View / Context

IPs

No context

Domains

No context

ASN

No context

JA3 Fingerprints

No context

Dropped Files

No context

Created / dropped Files

No created / dropped files found

Static File Info

General

File type:ASCII text
Entropy (8bit):3.2395409315146857
TrID:
    File name:MICHELAN.ASM
    File size:9994
    MD5:cec8ed72d9d686bd84029da5eae500fd
    SHA1:07d00071334f434154b16f7a59528e4975c9b8e5
    SHA256:4d3cc687673eb38dbfea35505b8b5e4b535209e7957ebadd37541f0a002866cc
    SHA512:4311ec75bc7755067b8f1b71b3a5354fd16e39ef072d6fb29ae2890b29fc9eb6b9ffd7c842702368b15c9cb0a573876f16f49e9c3439838379c4ec06b4c00dbe
    SSDEEP:96:8/vXnybP8+6zTNee9dGQpgh6cz+3l4mSsDERTBLIhz3Q6:uXn4P98bdGQpZ1sgERdLI9Q6
    File Content Preview:From netcom.com!ix.netcom.com!netnews Tue Nov 29 09:45:29 1994.Xref: netcom.com alt.comp.virus:511.Path: netcom.com!ix.netcom.com!netnews.From: Zeppelin@ix.netcom.com (Mr. G).Newsgroups: alt.comp.virus.Subject: Ye Ole MichelAngelo Virus.Date: 29 Nov 1994

    File Icon

    Icon Hash:74f0e4e4e4e4e0e4

    Network Behavior