Windows Analysis Report
Velaro-Setup-3.0.1.exe.004

Overview

General Information

Sample Name: Velaro-Setup-3.0.1.exe.004
Analysis ID: 632521
MD5: 3cb813b471cb8ca054dc17b2b63fafaa
SHA1: 154f6fcfca197953724da3fc512c04192fe0c1fc
SHA256: 0f3cf49c41197703e373464e4a7be354d179dc91c98441ff9172f5a916b4a586
Errors
  • Corrupt sample or wrongly selected analyzer. Details: The RPC server is unavailable.

Detection

Score: 0
Range: 0 - 100
Whitelisted: false
Confidence: 100%

Signatures

Program does not show much activity (idle)

Classification

Source: C:\Windows\System32\OpenWith.exe Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\InProcServer32 Jump to behavior
Source: C:\Windows\System32\OpenWith.exe Key opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers Jump to behavior
Source: classification engine Classification label: unknown0.win004@1/0@0/0
Source: Velaro-Setup-3.0.1.exe.004 Joe Sandbox Cloud Basic: Detection: clean Score: 2 Perma Link
Source: Velaro-Setup-3.0.1.exe.004 Static file information: File size 10485760 > 1048576
Program does not show much activity (idle)
Source: all processes Thread injection, dropped files, key value created, disk infection and DNS query: no activity detected
Program does not show much activity (idle)
Source: all processes Thread injection, dropped files, key value created, disk infection and DNS query: no activity detected
windows-stand
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 process2 2 Behavior Graph ID: 632521 Sample: Velaro-Setup-3.0.1.exe.004 Startdate: 23/05/2022 Architecture: WINDOWS Score: 0 4 OpenWith.exe 2->4         started       
No contacted IP infos