Sample Name: | SecuriteInfo.com.Trojan.NSISX.Spy.Gen.2.8452.17207 (renamed file extension from 17207 to exe) |
Analysis ID: | 626424 |
MD5: | 14848f52302c15e27b26fee5fada11c1 |
SHA1: | 04d62d915bd1a81c4b5ed35df6edb953107398c8 |
SHA256: | 4ac982ea35522a13de30ff7ddbbec9becf2c7528a48f0aff377e3d6758a7ae7b |
Tags: | exe |
Infos: | |
Score: | 84 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
AV Detection |
---|
Source: |
Malware Configuration Extractor: |
Source: |
Virustotal: |
Perma Link | ||
Source: |
ReversingLabs: |
Source: |
File source: |
||
Source: |
File source: |
||
Source: |
File source: |
Source: |
Virustotal: |
Perma Link | ||
Source: |
ReversingLabs: |
Source: |
Avira: |
Source: |
Static PE information: |
Source: |
Static PE information: |
Source: |
Binary string: |
Source: |
Code function: |
0_2_00405D7A | |
Source: |
Code function: |
0_2_004069A4 | |
Source: |
Code function: |
0_2_0040290B |
Networking |
---|
Source: |
URLs: |
Source: |
String found in binary or memory: |
Source: |
Code function: |
0_2_0040580F |
E-Banking Fraud |
---|
Source: |
File source: |
||
Source: |
File source: |
||
Source: |
File source: |
System Summary |
---|
Source: |
Matched rule: |
||
Source: |
Matched rule: |
||
Source: |
Matched rule: |
||
Source: |
Matched rule: |
||
Source: |
Matched rule: |
||
Source: |
Matched rule: |
Source: |
Static PE information: |
Source: |
Matched rule: |
||
Source: |
Matched rule: |
||
Source: |
Matched rule: |
||
Source: |
Matched rule: |
||
Source: |
Matched rule: |
||
Source: |
Matched rule: |
Source: |
Static PE information: |
Source: |
Code function: |
0_2_00403646 |
Source: |
Code function: |
1_2_002E1890 | |
Source: |
Code function: |
1_2_002E9C12 | |
Source: |
Code function: |
1_2_002E96A0 | |
Source: |
Code function: |
1_2_002E7E88 | |
Source: |
Code function: |
1_2_002EC3BD | |
Source: |
Code function: |
1_2_002EA184 | |
Source: |
Code function: |
1_2_002EB3F1 |
Source: |
Virustotal: |
||
Source: |
ReversingLabs: |
Source: |
File read: |
Jump to behavior |
Source: |
Static PE information: |
Source: |
Key opened: |
Jump to behavior |
Source: |
Process created: |
|||
Source: |
Process created: |
|||
Source: |
Process created: |
|||
Source: |
Process created: |
Jump to behavior | ||
Source: |
Process created: |
Jump to behavior |
Source: |
Key value queried: |
Jump to behavior |
Source: |
Code function: |
0_2_00403646 |
Source: |
Command line argument: |
1_2_002E45B0 |
Source: |
File created: |
Jump to behavior |
Source: |
Classification label: |
Source: |
Code function: |
0_2_004021AA |
Source: |
File read: |
Jump to behavior |
Source: |
Code function: |
0_2_00404ABB |
Source: |
Static PE information: |
Source: |
Binary string: |
Source: |
Code function: |
1_2_002E2458 |
Source: |
File created: |
Jump to dropped file |
Source: |
Code function: |
1_2_002E1890 |
Source: |
Process information set: |
Jump to behavior |
Source: |
Evasive API call chain: |
Source: |
Code function: |
0_2_00405D7A | |
Source: |
Code function: |
0_2_004069A4 | |
Source: |
Code function: |
0_2_0040290B |
Source: |
API call chain: |
||
Source: |
API call chain: |
Source: |
Code function: |
1_2_002E7A95 |
Source: |
Code function: |
1_2_002E558A |
Source: |
Code function: |
1_2_002E86ED |
Source: |
Code function: |
1_2_002E439B | |
Source: |
Code function: |
1_2_002E43CC |
Source: |
Process created: |
Jump to behavior |
Source: |
Code function: |
1_2_002E3283 |
Source: |
Code function: |
0_2_00403646 |
Source: |
Code function: |
1_2_002E3EC8 |
Stealing of Sensitive Information |
---|
Source: |
File source: |
||
Source: |
File source: |
||
Source: |
File source: |
Remote Access Functionality |
---|
Source: |
File source: |
||
Source: |
File source: |
||
Source: |
File source: |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
true |
|
low |