35.0.0 Citrine
IR
694561
CloudBasic
23:58:21
31/08/2022
vy3mvlAaCZ.exe
default.jbs
Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 104, IE 11, Adobe Reader DC 19, Java 8 Update 211
WINDOWS
1873a210d41acdef243e921f3810803a
6fa90a229148759d12c63bee342e55fa887f6976
34c779bada9918972748153c3f618d6656148748478beec1ec57c7bb5e363593
Win32 Executable (generic) a (10002005/4) 99.96%
true
false
false
false
88
0
100
5
0
5
false
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_vy3mvlAaCZ.exe_6074d93d852c1785169ec71e797e6a243c122_d0e789f3_1326a322\Report.wer
true
3BB61DDF965463EDB0AA60D2950DC834
94BB88E8277D67F9261EFDA7122B5063FAD1C3AD
7887FD561BF713404541B56AB5EF8BC9FA9A5F10F72A15C245B2559DE5EBC544
C:\ProgramData\Microsoft\Windows\WER\Temp\WER97F6.tmp.dmp
false
8041C81145A8C17D64471E698F53B7E0
CB951C6F726CCC535AA77568B26EB0E4AF325116
853815B51624678FA302216392D8377C0DEA180C2C2F7590C599123E3297A7C2
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9A1A.tmp.WERInternalMetadata.xml
false
0E50780F5CD7ECADA812B9172438386E
CA9FAE7738916E845C90B37DA95C2B06BAB3B294
8E4496A05D4373E8EFC1358AA278C11A2639CECF86AD744F8A492B6CBBD9C630
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9B44.tmp.xml
false
CAF0E5DE2CF8BA7461786631E7875A69
02194DB299C7DF9D3E170E694DA2DCB9EDE3FB5E
333617884EFEDD0428071F30423AB1BE7EBA23F46EE7B32C922B87F79258F534
Antivirus / Scanner detection for submitted sample
Yara detected Gandcrab
Multi AV Scanner detection for submitted file
Malicious sample detected (through community Yara rule)
Machine Learning detection for sample
Yara detected ReflectiveLoader
Found API chain indicative of sandbox detection