Score: | 22 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Source: |
String found in binary or memory: |
System Summary: |
---|
Java / VBScript file with very long strings (likely obfuscated code) |
Source: |
Initial sample: |
Source: |
Key value queried: |
Jump to behavior |
Source: |
Key opened: |
Jump to behavior |
Source: |
Classification label: |
Data Obfuscation: |
---|
Potential obfuscated javascript found |
Source: |
Initial file: |
Hooking and other Techniques for Hiding and Protection: |
---|
Monitors certain registry keys / values for changes (often done to protect autostart functionality) |
Source: |
Registry key monitored for changes: |
Jump to behavior |
Source: |
Process information set: |
Jump to behavior | ||
Source: |
Process information set: |
Jump to behavior |
Malware Analysis System Evasion: |
---|
Program does not show much activity (idle) |
Source: |
Thread injection, dropped files, key value created, disk infection and DNS query: |
Found WSH timer for Javascript or VBS script (likely evasive script) |
Source: |
Window found: |
Jump to behavior |
Anti Debugging: |
---|
Program does not show much activity (idle) |
Source: |
Thread injection, dropped files, key value created, disk infection and DNS query: |
Source: |
Key value queried: |
Jump to behavior |
No contacted IP infos |
---|