31.0.0 Red Diamond
IR
339364
CloudBasic
21:41:53
13/01/2021
FYI.exe
default.jbs
Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
WINDOWS
4768fad22f989c9ac940775ca46f91f6
78f2e47fbcd50d77b8c0ea5e07209a2b1a79c45e
275b79db451178b96e4872f9164b8b89f25a5f22ff8ba5f983d555cb3972a95d
Win32 Executable (generic) Net Framework (10011505/4) 49.83%
true
false
false
false
76
0
100
5
0
5
false
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_FYI.exe_decd39a630c9d4191a275eb268c8ae351d3d61e4_41043005_12becc4f\Report.wer
true
19C943447658E2C23D5AE333BA6CC6E9
EAFE017FC8DB5497D1026188C9C16D08E242E88F
9082B7E39BF17FC2F26A834C7A2E9898906B4C706ABCDB19967DB7E364FAE8E8
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7630.tmp.dmp
false
691D98FD805127129A2CAC03D6C32AB4
C5C8D660EC5DAFBC973FF31100B10DD141C89834
BDF5DC92ACD40D607BA423EA47B1C2EF54A03F782572E5D0FA0FE025D7C01849
C:\ProgramData\Microsoft\Windows\WER\Temp\WER8053.tmp.WERInternalMetadata.xml
false
91110FF09C7FC442779F7EF580769F22
57C9D5D4865F64BE2ED5A5E5EA629449D9482287
56ECD21B10ED2EC7F9BDC0358279EBC0222EC5B50ACD51C7ED0FCE0D1837284F
C:\ProgramData\Microsoft\Windows\WER\Temp\WER8342.tmp.xml
false
A8539EC6F218065D2C5A263606E75913
F1B63F2D4B25EC3C75BA64C5F856F302947D4E33
5CBFED0D236862A5F0BAD8621CCB4BDAD446DB68F61EF6C21837EE21B1735EB6
192.168.2.1
.NET source code contains potential unpacker
Machine Learning detection for sample
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
Multi AV Scanner detection for submitted file
Yara detected AgentTesla
Yara detected AntiVM_3