Automated Malware Analysis IOC Report for

Details

Filetype:	PE32 executable (GUI) Intel 80386, for MS Windows
Entropy:	7.994312498291434
Filename:	WsiysHggF9.exe
Filesize:	21526435
MD5:	350ea577229a9518d3b9dcd76d109e14
SHA1:	b9431df0ca98d1fa3abeefc92d1bd25e4c8b4e22
SHA256:	2c8960c00dfc803bb8175a6833904173b6ff044c7128c24c8de2379b47274c77
SHA512:	b0c50dfeb8889935ebf97982f358ad0b7b4c2969b676904aab325e18f9f7c2db25ffb811df33cbd42f068454d8597a4dbbba88983178dff5006dc2e050059746
SSDEEP:	393216:M1TPcOFw/xVaHL8LTsemEsDVwodwzpl8z8vjw3lbbl3AxMT/fiUUE8qH+T8s:6TEOFeVaHIU1DVwy5m4lbbBAxMDiUeWc
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......b`..&...&...&.....h.+.....j.......k.>.....^.$...._..0...._..5...._....../y..,.../y..#...&...,...._......._..'...._f.'...._..'..

Signature Hits	Behavior Group	Mitre Attack
Multi AV Scanner detection for submitted file	AV Detection
Uses 32bit PE files	Compliance, System Summary	Masquerading
Drops PE files to the application program directory (C:\ProgramData)	Persistence and Installation Behavior
Contains functionality to check if a debugger is running (IsDebuggerPresent)	Anti Debugging	Security Software Discovery
Contains functionality to query locales information (e.g. system language)	Language, Device and Operating System Detection
Uses code obfuscation techniques (call, push, ret)	Data Obfuscation	Security Software Discovery
PE file contains sections with non-standard names	Data Obfuscation
Detected potential crypto function	System Summary	Archive Collected Data Encrypted Channel
Contains functionality to query CPU information (cpuid)	Language, Device and Operating System Detection	Windows Service
Found potential string decryption / allocating functions	System Summary	Deobfuscate/Decode Files or Information Obfuscated Files or Information
Contains functionality to communicate with device drivers	System Summary
Contains functionality which may be used to detect a debugger (GetProcessHeap)	Anti Debugging	Security Software Discovery
Sample file is different than original file name gathered from version info	System Summary	Security Software Discovery
Tries to load missing DLLs	System Summary	DLL Side-Loading
Contains functionality to read the PEB	Anti Debugging	Security Software Discovery
File is packed with WinRar	Data Obfuscation	Software Packing Security Software Discovery
Creates a process in suspended mode (likely to inject code)	HIPS / PFW / Operating System Protection Evasion
Sample is known by Antivirus	System Summary	Windows Service
Sample reads its own file content	System Summary	Security Software Discovery
Contains functionality to query system information	Malware Analysis System Evasion
PE file has an executable .text section and no other executable section	System Summary
Reads software policies	System Summary
Contains functionality to enumerate / list files inside a directory	Spreading, Malware Analysis System Evasion	File and Directory Discovery
Uses an in-process (OLE) Automation server	System Summary
Contains functionality to query local / system time	Language, Device and Operating System Detection	System Time Discovery
Disables application error messsages (SetErrorMode)	Hooking and other Techniques for Hiding and Protection
Reads ini files	System Summary
Contains functionality for error logging	System Summary
Contains functionality to query windows version	Language, Device and Operating System Detection	System Information Discovery
Contains functionality to load and extract PE file embedded resources	System Summary
Program exit points	Malware Analysis System Evasion	Windows Service
Contains functionality to register its own exception handler	Anti Debugging	Security Software Discovery
Might use command line arguments	System Summary	Masquerading
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery
PE file contains a valid data directory to section mapping	System Summary	Security Software Discovery
PE file contains a debug data directory	System Summary
Contains modern PE file flags such as dynamic base (ASLR) or NX	Compliance, System Summary	Security Software Discovery
PE file contains a mix of data directories often seen in goodware	System Summary
Submission file is bigger than most known malware samples	System Summary

Details

File:	C:\ProgramData\Installation_controller.exe
Category:	dropped
Dump:	Installation_controller.exe.0.dr
ID:	dr_1
Target ID:	0
Process:	C:\Users\user\Desktop\WsiysHggF9.exe
Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Entropy:	7.975038847386626
Encrypted:	false
Ssdeep:	98304:fXgnL2Z7jZprPfBfSNXsfheZG0XbSKSms52SqhysvT0gLDxsKonUT4Ubg5JkLXof:fQLqT+Xs2lSx2SSLT0sDuRXDrqFJ4
Size:	7705088
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Overwrites code with unconditional jumps - possibly settings hooks in foreign process	Hooking and other Techniques for Hiding and Protection	Credential API Hooking
Allocates memory with a write watch (potentially for evading sandboxes)	Malware Analysis System Evasion	Virtualization/Sandbox Evasion
Creates a process in suspended mode (likely to inject code)	HIPS / PFW / Operating System Protection Evasion	Process Injection
Drops PE files	Persistence and Installation Behavior
Drops PE files to the application program directory (C:\ProgramData)	Persistence and Installation Behavior
Queries the volume information (name, serial number etc) of a device	Language, Device and Operating System Detection	System Information Discovery
Tries to load missing DLLs	System Summary	DLL Side-Loading
Creates guard pages, often used to prevent reverse usering and debugging	Anti Debugging	Disable or Modify Tools
Disables application error messsages (SetErrorMode)	Hooking and other Techniques for Hiding and Protection
Queries a list of all running processes	Malware Analysis System Evasion	Process Discovery
Queries the cryptographic machine GUID	Language, Device and Operating System Detection	System Information Discovery
Spawns processes	System Summary	Process Injection
Found GUI installer (many successful clicks)	System Summary

Details

File:	C:\ProgramData\audacity-win-3.2.0-64bit.exe
Category:	dropped
Dump:	audacity-win-3.2.0-64bit.exe.0.dr
ID:	dr_0
Target ID:	0
Process:	C:\Users\user\Desktop\WsiysHggF9.exe
Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Entropy:	7.972101567600099
Encrypted:	false
Ssdeep:	393216:AJWTFS1Df0vvyRZAcKp76FatiQlxGQBGN0py:AkT4DfGyrAcKJ6YkQBVy
Size:	14290656
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Obfuscated command line found	Data Obfuscation	Command and Scripting Interpreter Deobfuscate/Decode Files or Information
Creates a process in suspended mode (likely to inject code)	HIPS / PFW / Operating System Protection Evasion	Process Injection
Drops PE files	Persistence and Installation Behavior
Drops PE files to the application program directory (C:\ProgramData)	Persistence and Installation Behavior
Creates temporary files	System Summary
Disables application error messsages (SetErrorMode)	Hooking and other Techniques for Hiding and Protection
Parts of this applications are using Borland Delphi (Probably coded in Delphi)	System Summary
Spawns processes	System Summary	Process Injection

Details

File:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Category:	dropped
Dump:	audacity-win-3.2.0-64bit.tmp.10.dr
ID:	dr_2
Target ID:	10
Process:	C:\ProgramData\audacity-win-3.2.0-64bit.exe
Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Entropy:	6.337141694661292
Encrypted:	false
Ssdeep:	49152:udx4HDQNJL0VR6SgMt+k4RiP+RmXMjiINiMq95FoHVHNTQTEjt333ONcqnx:PHDYsqiPRhINnq95FoHVBt333ONcqx
Size:	3301352
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Obfuscated command line found	Data Obfuscation	Command and Scripting Interpreter Deobfuscate/Decode Files or Information
Creates a process in suspended mode (likely to inject code)	HIPS / PFW / Operating System Protection Evasion	Process Injection
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion
Queries the volume information (name, serial number etc) of a device	Language, Device and Operating System Detection	System Information Discovery
Stores files to the Windows start menu directory	Boot Survival	Registry Run Keys / Startup Folder
Creates files inside the program directory	System Summary	Masquerading
Creates files inside the user directory	System Summary	Masquerading
Disables application error messsages (SetErrorMode)	Hooking and other Techniques for Hiding and Protection
Parts of this applications are using Borland Delphi (Probably coded in Delphi)	System Summary
Reads the Windows registered organization settings	System Summary	System Owner/User Discovery
Spawns processes	System Summary	Process Injection
Writes ini files	System Summary	File and Directory Discovery
Creates a directory in C:\Program Files	Compliance, System Summary	Masquerading
Creates a software uninstall entry	Compliance, System Summary	Windows Service
Executable creates window controls seldom found in malware	System Summary
Found GUI installer (many successful clicks)	System Summary
Uses Rich Edit Controls	System Summary
Reads the Windows registered owner settings	System Summary	System Owner/User Discovery

Details

File:	C:\Program Files\Audacity\Audacity.exe (copy)
Category:	dropped
Dump:	is-NTE5N.tmp.11.dr
ID:	dr_213
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	PE32+ executable (GUI) x86-64, for MS Windows
Entropy:	5.799007831846941
Encrypted:	false
Ssdeep:	98304:Kjzz9bIIQItaxXOK0fSiBSKnDD0S27jAx/wovRsrNnasJvkvNcqC:gX9bqXOK0LBSKnsSGo/L5srNnasVN/
Size:	18346984
Whitelisted:	false
Reputation:	low

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found GUI installer (many successful clicks)	System Summary

Details

File:	C:\Program Files\Audacity\EffectsMenuDefaults.xml (copy)
Category:	dropped
Dump:	is-7A0A0.tmp.11.dr
ID:	dr_277
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	exported SGML document, ASCII text, with CRLF line terminators
Entropy:	4.118243114663798
Encrypted:	false
Ssdeep:	24:/FiVGnSelecVMFum4rq41b5JDpprkwPdTnRxKqiwh:951ecQMTcwPdzRxK98
Size:	3135
Whitelisted:	false
Reputation:	low

Details

File:	C:\Program Files\Audacity\FLAC++.dll (copy)
Category:	dropped
Dump:	is-CV5R1.tmp.11.dr
ID:	dr_216
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	PE32+ executable (DLL) (console) x86-64, for MS Windows
Entropy:	5.2787590433466605
Encrypted:	false
Ssdeep:	1536:+7gYw7uaHb0JVXTyYHTYc5r7dnW8aetBg/nlXH:FYmuaH2xTyYzYc5s8aetBSnhH
Size:	163304
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files\Audacity\FLAC.dll (copy)
Category:	dropped
Dump:	is-7U34J.tmp.11.dr
ID:	dr_217
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	PE32+ executable (DLL) (console) x86-64, for MS Windows
Entropy:	5.75829192222849
Encrypted:	false
Ssdeep:	3072:Jwa20khRG66NAjLzwJyVTe2e/B9RjhsqmTcmZk+CGYnhB8:JwJPh466AzL5SZOcVlnT8
Size:	275944
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Drops PE files	Persistence and Installation Behavior
Found dropped PE file which has not been started or loaded	Malware Analysis System Evasion

Details

File:	C:\Program Files\Audacity\FirstTime.ini
Category:	dropped
Dump:	FirstTime.ini.11.dr
ID:	dr_197
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	3.8100810205217304
Encrypted:	false
Ssdeep:	3:qs/KM3REnvn:X/KMMvn
Size:	27
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Writes ini files	System Summary	File and Directory Discovery

Details

File:	C:\Program Files\Audacity\LICENSE.txt (copy)
Category:	dropped
Dump:	is-P90KL.tmp.11.dr
ID:	dr_212
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	ASCII text, with CRLF line terminators
Entropy:	4.705526648142378
Encrypted:	false
Ssdeep:	768:2pzun1iYWrTXo0HDOc7Y+tNdSz3ZlqXOWoInuzx3Y8N3WiYD9P1GKQwq1Fl+bzg:A+8TXoWVtNIq1uzZY13oKQT1+3g
Size:	74895
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Program Files\Audacity\Languages\af\audacity.mo (copy)
Category:	dropped
Dump:	is-HO62N.tmp.11.dr
ID:	dr_278
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 487 messages, Project-Id-Version: audacity 3.0.3 '"%s" bestaan nie.'
Entropy:	5.077796478193377
Encrypted:	false
Ssdeep:	768:CMZ2sfpnvRpw39KZo4hBKf3v8EOq125og2sEH08Uo:fjfFo9KZocKf3vFOB5oWEH4o
Size:	29840
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Program Files\Audacity\Languages\af\is-HO62N.tmp
Category:	dropped
Dump:	is-HO62N.tmp.11.dr
ID:	dr_143
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 487 messages, Project-Id-Version: audacity 3.0.3 '"%s" bestaan nie.'
Entropy:	5.077796478193377
Encrypted:	false
Ssdeep:	768:CMZ2sfpnvRpw39KZo4hBKf3v8EOq125og2sEH08Uo:fjfFo9KZocKf3vFOB5oWEH4o
Size:	29840
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates a directory in C:\Program Files	Compliance, System Summary	Masquerading

Details

File:	C:\Program Files\Audacity\Languages\ar\audacity.mo (copy)
Category:	dropped
Dump:	is-T0H9J.tmp.11.dr
ID:	dr_279
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 3170 messages, Project-Id-Version: audacity 3.0.3 '\330\247\331\204\331\205\331\204\331\201\330\247\330\252 \330\247\331\204\331\205\330\270\331\207\330\261\330\251 \331\203\331\205\331\201\331\202\331\210\330\257 \330\252\331\205 \331\206\331\202\331\204\331\207\330\247 \330\243\331\210 \330\255\330\260\331\201\330\252 \331\210 \331\204\330\247 \331\212\331\205\331\203\331\206 \331\206\330\263\330\256\331\207\330\247.'
Entropy:	5.633438263939798
Encrypted:	false
Ssdeep:	6144:KXR9XhRDxQoszZOfc+uA9U4jR1IGMC/r7:CxKZA9U4t1IGMC/P
Size:	271446
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Program Files\Audacity\Languages\ar\is-T0H9J.tmp
Category:	dropped
Dump:	is-T0H9J.tmp.11.dr
ID:	dr_144
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 3170 messages, Project-Id-Version: audacity 3.0.3 '\330\247\331\204\331\205\331\204\331\201\330\247\330\252 \330\247\331\204\331\205\330\270\331\207\330\261\330\251 \331\203\331\205\331\201\331\202\331\210\330\257 \330\252\331\205 \331\206\331\202\331\204\331\207\330\247 \330\243\331\210 \330\255\330\260\331\201\330\252 \331\210 \331\204\330\247 \331\212\331\205\331\203\331\206 \331\206\330\263\330\256\331\207\330\247.'
Entropy:	5.633438263939798
Encrypted:	false
Ssdeep:	6144:KXR9XhRDxQoszZOfc+uA9U4jR1IGMC/r7:CxKZA9U4t1IGMC/P
Size:	271446
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates a directory in C:\Program Files	Compliance, System Summary	Masquerading

Details

File:	C:\Program Files\Audacity\Languages\be\audacity.mo (copy)
Category:	dropped
Dump:	is-M4P44.tmp.11.dr
ID:	dr_280
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 996 messages, Project-Id-Version: audacity 3.0.3 '\320\232\320\260\320\273\321\226 \320\267\320\260\321\205\320\260\320\262\320\260\321\206\321\214, \321\203 \320\277\321\200\320\260\320\265\320\272\321\206\320\265 \320\275\320\265 \320\261\321\203\320\264\320\267\320\265'
Entropy:	5.4901962318832105
Encrypted:	false
Ssdeep:	1536:XwDbHSdiG2JYxw6ZoLgHnNGBLoAx4HwCnJbb9ujg56Y9tiYpn0Q:i6owZoLgHn4BLoA+qbYzp0Q
Size:	86428
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Program Files\Audacity\Languages\be\is-M4P44.tmp
Category:	dropped
Dump:	is-M4P44.tmp.11.dr
ID:	dr_145
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 996 messages, Project-Id-Version: audacity 3.0.3 '\320\232\320\260\320\273\321\226 \320\267\320\260\321\205\320\260\320\262\320\260\321\206\321\214, \321\203 \320\277\321\200\320\260\320\265\320\272\321\206\320\265 \320\275\320\265 \320\261\321\203\320\264\320\267\320\265'
Entropy:	5.4901962318832105
Encrypted:	false
Ssdeep:	1536:XwDbHSdiG2JYxw6ZoLgHnNGBLoAx4HwCnJbb9ujg56Y9tiYpn0Q:i6owZoLgHn4BLoA+qbYzp0Q
Size:	86428
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates a directory in C:\Program Files	Compliance, System Summary	Masquerading

Details

File:	C:\Program Files\Audacity\Languages\bg\audacity.mo (copy)
Category:	dropped
Dump:	is-3UN24.tmp.11.dr
ID:	dr_281
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 1325 messages, Project-Id-Version: audacity 3.0.3 '\320\244\320\260\320\271\320\273\320\276\320\262\320\265\321\202\320\265, \320\277\320\276\320\272\320\260\320\267\320\260\320\275\320\270 \320\272\320\260\321\202\320\276 \342\200\236\320\273\320\270\320\277\321\201\320\262\320\260\321\211\320\270\342\200\234, \321\201\320\260 \320\277\321\200\320\265\320\274\320\265\321\201\321\202\320\265\320\275\320\270 \320\270\320\273\320\270 \320\270\320\267\321\202\321\200\320\270\321\202\320\270 \320\270 \320\275\320\265 \320'
Entropy:	5.425765802901142
Encrypted:	false
Ssdeep:	3072:R6hYw/slTPvPAZogCd4RDapnmjLBALSey0Pvx8TymYb2uVNxQN00PDy2uq:RiY9vPnyRDMn8LBAdhP5vmzDNuq
Size:	135847
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Program Files\Audacity\Languages\bg\is-3UN24.tmp
Category:	dropped
Dump:	is-3UN24.tmp.11.dr
ID:	dr_146
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 1325 messages, Project-Id-Version: audacity 3.0.3 '\320\244\320\260\320\271\320\273\320\276\320\262\320\265\321\202\320\265, \320\277\320\276\320\272\320\260\320\267\320\260\320\275\320\270 \320\272\320\260\321\202\320\276 \342\200\236\320\273\320\270\320\277\321\201\320\262\320\260\321\211\320\270\342\200\234, \321\201\320\260 \320\277\321\200\320\265\320\274\320\265\321\201\321\202\320\265\320\275\320\270 \320\270\320\273\320\270 \320\270\320\267\321\202\321\200\320\270\321\202\320\270 \320\270 \320\275\320\265 \320'
Entropy:	5.425765802901142
Encrypted:	false
Ssdeep:	3072:R6hYw/slTPvPAZogCd4RDapnmjLBALSey0Pvx8TymYb2uVNxQN00PDy2uq:RiY9vPnyRDMn8LBAdhP5vmzDNuq
Size:	135847
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates a directory in C:\Program Files	Compliance, System Summary	Masquerading

Details

File:	C:\Program Files\Audacity\Languages\bn\audacity.mo (copy)
Category:	dropped
Dump:	is-TP6MB.tmp.11.dr
ID:	dr_282
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 70 messages, Project-Id-Version: audacity 3.0.3 '%d \340\246\232\340\247\215\340\246\257\340\246\276\340\246\250\340\247\207\340\246\262'
Entropy:	4.971887850240577
Encrypted:	false
Ssdeep:	96:RM1JCuhzgjLRORUeMmlMykLFkUIEQK1HpVQmEPhhWOWapg:KJCcgjLRO2eMmRK1JONPyrF
Size:	4218
Whitelisted:	true
Reputation:	timeout

Details

File:	C:\Program Files\Audacity\Languages\bn\is-TP6MB.tmp
Category:	dropped
Dump:	is-TP6MB.tmp.11.dr
ID:	dr_147
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 70 messages, Project-Id-Version: audacity 3.0.3 '%d \340\246\232\340\247\215\340\246\257\340\246\276\340\246\250\340\247\207\340\246\262'
Entropy:	4.971887850240577
Encrypted:	false
Ssdeep:	96:RM1JCuhzgjLRORUeMmlMykLFkUIEQK1HpVQmEPhhWOWapg:KJCcgjLRO2eMmRK1JONPyrF
Size:	4218
Whitelisted:	true
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates a directory in C:\Program Files	Compliance, System Summary	Masquerading

Details

File:	C:\Program Files\Audacity\Languages\bs\audacity.mo (copy)
Category:	dropped
Dump:	is-2VUIJ.tmp.11.dr
ID:	dr_283
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 695 messages, Project-Id-Version: audacity 3.0.3 ' Nijemo uklju\304\215eno'
Entropy:	5.262920147681837
Encrypted:	false
Ssdeep:	768:ySLmNwLE6W2qS7m3iVd8vnZoyjgK0kFjeeoaA1+gkXe2zMmgVDmoNEKe8TZCz/CT:UjAmpZoJK0kRelaA1+5egxESoNEITZCO
Size:	47256
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Program Files\Audacity\Languages\bs\is-2VUIJ.tmp
Category:	dropped
Dump:	is-2VUIJ.tmp.11.dr
ID:	dr_148
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 695 messages, Project-Id-Version: audacity 3.0.3 ' Nijemo uklju\304\215eno'
Entropy:	5.262920147681837
Encrypted:	false
Ssdeep:	768:ySLmNwLE6W2qS7m3iVd8vnZoyjgK0kFjeeoaA1+gkXe2zMmgVDmoNEKe8TZCz/CT:UjAmpZoJK0kRelaA1+5egxESoNEITZCO
Size:	47256
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates a directory in C:\Program Files	Compliance, System Summary	Masquerading

Details

File:	C:\Program Files\Audacity\Languages\ca\audacity.mo (copy)
Category:	dropped
Dump:	is-6CEK5.tmp.11.dr
ID:	dr_284
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 2886 messages, Project-Id-Version: audacity 3.0.3 'Els fitxers etiquetats amb l'expressi\303\263 DESAPAREGUT han estat moguts o eliminats i no es poden copiar.'
Entropy:	5.400772098596046
Encrypted:	false
Ssdeep:	6144:YTTgPZAf5urmNgDKoCnuL/cC6A9fWOibwLMl9oV6sJabfq45r5anvh036c:WgA7BA9fWO2wLMl9oV6sJabf9N5anJS
Size:	220954
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Program Files\Audacity\Languages\ca\is-6CEK5.tmp
Category:	dropped
Dump:	is-6CEK5.tmp.11.dr
ID:	dr_159
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 2886 messages, Project-Id-Version: audacity 3.0.3 'Els fitxers etiquetats amb l'expressi\303\263 DESAPAREGUT han estat moguts o eliminats i no es poden copiar.'
Entropy:	5.400772098596046
Encrypted:	false
Ssdeep:	6144:YTTgPZAf5urmNgDKoCnuL/cC6A9fWOibwLMl9oV6sJabfq45r5anvh036c:WgA7BA9fWO2wLMl9oV6sJabf9N5anJS
Size:	220954
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates a directory in C:\Program Files	Compliance, System Summary	Masquerading

Details

File:	C:\Program Files\Audacity\Languages\ca_ES@valencia\audacity.mo (copy)
Category:	dropped
Dump:	is-MT216.tmp.11.dr
ID:	dr_285
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 3382 messages, Project-Id-Version: audacity 3.0.3 'Els fitxers mostrats com DESAPAREGUTS s'han mogut o eliminat i no es poden copiar.'
Entropy:	5.401967372777679
Encrypted:	false
Ssdeep:	6144:6/tRQpn/ZqjDjJoSqTrac+UA957eQi8IHUWWCEXiuwXGz6x1MJabOi1n/1MZ3elY:6/bQGl6A957eQBIHUWWCEXiuwXGz6x14
Size:	275091
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Program Files\Audacity\Languages\ca_ES@valencia\is-MT216.tmp
Category:	dropped
Dump:	is-MT216.tmp.11.dr
ID:	dr_160
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 3382 messages, Project-Id-Version: audacity 3.0.3 'Els fitxers mostrats com DESAPAREGUTS s'han mogut o eliminat i no es poden copiar.'
Entropy:	5.401967372777679
Encrypted:	false
Ssdeep:	6144:6/tRQpn/ZqjDjJoSqTrac+UA957eQi8IHUWWCEXiuwXGz6x1MJabOi1n/1MZ3elY:6/bQGl6A957eQBIHUWWCEXiuwXGz6x14
Size:	275091
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates a directory in C:\Program Files	Compliance, System Summary	Masquerading

Details

File:	C:\Program Files\Audacity\Languages\co\audacity.mo (copy)
Category:	dropped
Dump:	is-3NQSM.tmp.11.dr
ID:	dr_286
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 4353 messages, Project-Id-Version: Audacity '\011 \303\250'
Entropy:	5.457322037273507
Encrypted:	false
Ssdeep:	6144:6m72UlyUk9CD2PsYRDjIoj5/asc+1A7MY89yazDk/neY:6DtVVA7MY89j8H
Size:	376833
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Program Files\Audacity\Languages\co\is-3NQSM.tmp
Category:	dropped
Dump:	is-3NQSM.tmp.11.dr
ID:	dr_161
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 4353 messages, Project-Id-Version: Audacity '\011 \303\250'
Entropy:	5.457322037273507
Encrypted:	false
Ssdeep:	6144:6m72UlyUk9CD2PsYRDjIoj5/asc+1A7MY89yazDk/neY:6DtVVA7MY89j8H
Size:	376833
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates a directory in C:\Program Files	Compliance, System Summary	Masquerading

Details

File:	C:\Program Files\Audacity\Languages\cs\audacity.mo (copy)
Category:	dropped
Dump:	is-T6M9E.tmp.11.dr
ID:	dr_287
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 4032 messages, Project-Id-Version: audacity 3.0.3 '\011 a'
Entropy:	5.639759719225201
Encrypted:	false
Ssdeep:	6144:TAQi7ZcyaZURDj1oCULeoc+9A7jiGrP8QCID:Ts5LeA7ji/Na
Size:	333409
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Program Files\Audacity\Languages\cs\is-T6M9E.tmp
Category:	dropped
Dump:	is-T6M9E.tmp.11.dr
ID:	dr_162
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 4032 messages, Project-Id-Version: audacity 3.0.3 '\011 a'
Entropy:	5.639759719225201
Encrypted:	false
Ssdeep:	6144:TAQi7ZcyaZURDj1oCULeoc+9A7jiGrP8QCID:Ts5LeA7ji/Na
Size:	333409
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates a directory in C:\Program Files	Compliance, System Summary	Masquerading

Details

File:	C:\Program Files\Audacity\Languages\cy\audacity.mo (copy)
Category:	dropped
Dump:	is-H92PA.tmp.11.dr
ID:	dr_288
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 314 messages, Project-Id-Version: audacity 3.0.3 '%d Sianel'
Entropy:	5.119843426705521
Encrypted:	false
Ssdeep:	384:xI2OdWjtkt9DXFt1oQ/2JM83yyX/Wej6dwFh2wBGA7f99ylsNzBHUxIZ7:cWZefoQqyyn8k9BGk9ylGhUxIZ7
Size:	19555
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Program Files\Audacity\Languages\cy\is-H92PA.tmp
Category:	dropped
Dump:	is-H92PA.tmp.11.dr
ID:	dr_163
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 314 messages, Project-Id-Version: audacity 3.0.3 '%d Sianel'
Entropy:	5.119843426705521
Encrypted:	false
Ssdeep:	384:xI2OdWjtkt9DXFt1oQ/2JM83yyX/Wej6dwFh2wBGA7f99ylsNzBHUxIZ7:cWZefoQqyyn8k9BGk9ylGhUxIZ7
Size:	19555
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates a directory in C:\Program Files	Compliance, System Summary	Masquerading

Details

File:	C:\Program Files\Audacity\Languages\da\audacity.mo (copy)
Category:	dropped
Dump:	is-L5QPV.tmp.11.dr
ID:	dr_289
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 4353 messages, Project-Id-Version: audacity 3.2.0 '\011 og'
Entropy:	5.4414931559385575
Encrypted:	false
Ssdeep:	6144:6m72Usdx7pWsYRDjIoj5/asc+1A7MJLXN75gBTqbJmPe:6DMVVA7Mz7a1Pe
Size:	347992
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Program Files\Audacity\Languages\da\is-L5QPV.tmp
Category:	dropped
Dump:	is-L5QPV.tmp.11.dr
ID:	dr_164
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 4353 messages, Project-Id-Version: audacity 3.2.0 '\011 og'
Entropy:	5.4414931559385575
Encrypted:	false
Ssdeep:	6144:6m72Usdx7pWsYRDjIoj5/asc+1A7MJLXN75gBTqbJmPe:6DMVVA7Mz7a1Pe
Size:	347992
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates a directory in C:\Program Files	Compliance, System Summary	Masquerading

Details

File:	C:\Program Files\Audacity\Languages\de\audacity.mo (copy)
Category:	dropped
Dump:	is-52QJJ.tmp.11.dr
ID:	dr_290
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 4353 messages, Project-Id-Version: Audacity '\011 und'
Entropy:	5.456538351366818
Encrypted:	false
Ssdeep:	6144:6m72UbAaQSiDODihIeusYRDjIoj5/asc+1A7M6/Nbj8ARq8CQXbu:66FpDCOVVA7M6Vbj8B8CQXbu
Size:	359799
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Program Files\Audacity\Languages\de\is-52QJJ.tmp
Category:	dropped
Dump:	is-52QJJ.tmp.11.dr
ID:	dr_165
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 4353 messages, Project-Id-Version: Audacity '\011 und'
Entropy:	5.456538351366818
Encrypted:	false
Ssdeep:	6144:6m72UbAaQSiDODihIeusYRDjIoj5/asc+1A7M6/Nbj8ARq8CQXbu:66FpDCOVVA7M6Vbj8B8CQXbu
Size:	359799
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates a directory in C:\Program Files	Compliance, System Summary	Masquerading

Details

File:	C:\Program Files\Audacity\Languages\el\audacity.mo (copy)
Category:	dropped
Dump:	is-4K82R.tmp.11.dr
ID:	dr_291
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 4304 messages, Project-Id-Version: audacity 3.0.3 '\011 \316\272\316\261\316\271'
Entropy:	5.580974353473279
Encrypted:	false
Ssdeep:	12288:nsLJgA70aF11BMHOA3UgDLmP/4V5gT8AiANB3S09P2++ia3Omp7ufleTSPg:GyA70U1BMlDKP45gT8AHNB3SYP2++iaj
Size:	474186
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Program Files\Audacity\Languages\el\is-4K82R.tmp
Category:	dropped
Dump:	is-4K82R.tmp.11.dr
ID:	dr_166
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 4304 messages, Project-Id-Version: audacity 3.0.3 '\011 \316\272\316\261\316\271'
Entropy:	5.580974353473279
Encrypted:	false
Ssdeep:	12288:nsLJgA70aF11BMHOA3UgDLmP/4V5gT8AiANB3S09P2++ia3Omp7ufleTSPg:GyA70U1BMlDKP45gT8AHNB3SYP2++iaj
Size:	474186
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates a directory in C:\Program Files	Compliance, System Summary	Masquerading

Details

File:	C:\Program Files\Audacity\Languages\es\audacity.mo (copy)
Category:	dropped
Dump:	is-44RRB.tmp.11.dr
ID:	dr_292
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 4353 messages, Project-Id-Version: audacity 3.0.3 '\011 y'
Entropy:	5.357333136836256
Encrypted:	false
Ssdeep:	6144:6m72UYDK2q/CsYRDjIoj5/asc+1A7MJz2Euz+:6TDKGVVA7MF/uK
Size:	364815
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Program Files\Audacity\Languages\es\is-44RRB.tmp
Category:	dropped
Dump:	is-44RRB.tmp.11.dr
ID:	dr_167
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 4353 messages, Project-Id-Version: audacity 3.0.3 '\011 y'
Entropy:	5.357333136836256
Encrypted:	false
Ssdeep:	6144:6m72UYDK2q/CsYRDjIoj5/asc+1A7MJz2Euz+:6TDKGVVA7MF/uK
Size:	364815
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates a directory in C:\Program Files	Compliance, System Summary	Masquerading

Details

File:	C:\Program Files\Audacity\Languages\eu\audacity.mo (copy)
Category:	dropped
Dump:	is-BBOJ7.tmp.11.dr
ID:	dr_293
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 3831 messages, Project-Id-Version: audacity 3.0.3 '\011 eta'
Entropy:	5.379575700457028
Encrypted:	false
Ssdeep:	6144:PHqv047m9vu5mo1URDjmortOKoc+9A9GuVe4+PsIsKMDNNk9zcUaN6he2anDM6rz:c04OFRXeA9GBPsIsKMDNNksv8kCTBzts
Size:	299054
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Program Files\Audacity\Languages\eu\is-BBOJ7.tmp
Category:	dropped
Dump:	is-BBOJ7.tmp.11.dr
ID:	dr_168
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 3831 messages, Project-Id-Version: audacity 3.0.3 '\011 eta'
Entropy:	5.379575700457028
Encrypted:	false
Ssdeep:	6144:PHqv047m9vu5mo1URDjmortOKoc+9A9GuVe4+PsIsKMDNNk9zcUaN6he2anDM6rz:c04OFRXeA9GBPsIsKMDNNksv8kCTBzts
Size:	299054
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates a directory in C:\Program Files	Compliance, System Summary	Masquerading

Details

File:	C:\Program Files\Audacity\Languages\eu_ES\audacity.mo (copy)
Category:	dropped
Dump:	is-AMHSN.tmp.11.dr
ID:	dr_294
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 4086 messages, Project-Id-Version: audacity 3.0.3 '\011 eta'
Entropy:	5.356088937988997
Encrypted:	false
Ssdeep:	6144:woRYlyQhJtMRDjeo4aLYoc+dA7B4/xgzHiPQN7MK9HK4BKrlGVXOtV83FSZBEhgo:0DI0+A7BmgriPiK4BKrlGVk8VSZBEhgo
Size:	333356
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Program Files\Audacity\Languages\eu_ES\is-AMHSN.tmp
Category:	dropped
Dump:	is-AMHSN.tmp.11.dr
ID:	dr_179
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 4086 messages, Project-Id-Version: audacity 3.0.3 '\011 eta'
Entropy:	5.356088937988997
Encrypted:	false
Ssdeep:	6144:woRYlyQhJtMRDjeo4aLYoc+dA7B4/xgzHiPQN7MK9HK4BKrlGVXOtV83FSZBEhgo:0DI0+A7BmgriPiK4BKrlGVk8VSZBEhgo
Size:	333356
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates a directory in C:\Program Files	Compliance, System Summary	Masquerading

Details

File:	C:\Program Files\Audacity\Languages\fa\audacity.mo (copy)
Category:	dropped
Dump:	is-FG87I.tmp.11.dr
ID:	dr_295
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 1.1, 567 messages, 17 sysdep messages, Project-Id-Version: audacity 3.0.3 ' \330\255\330\247\331\204\330\252 \330\250\333\214\342\200\214\330\265\330\257\330\247 \330\261\331\210\330\264\331\206'
Entropy:	5.501785498653541
Encrypted:	false
Ssdeep:	768:F62klauaZFky4k25ZoIdKYk3rEThbsbt2AyJvKJ/gFdUkZGuTJ:F9klCZF3kZomKYkbENbgt+GgUkZGuTJ
Size:	48292
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Program Files\Audacity\Languages\fa\is-FG87I.tmp
Category:	dropped
Dump:	is-FG87I.tmp.11.dr
ID:	dr_180
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 1.1, 567 messages, 17 sysdep messages, Project-Id-Version: audacity 3.0.3 ' \330\255\330\247\331\204\330\252 \330\250\333\214\342\200\214\330\265\330\257\330\247 \330\261\331\210\330\264\331\206'
Entropy:	5.501785498653541
Encrypted:	false
Ssdeep:	768:F62klauaZFky4k25ZoIdKYk3rEThbsbt2AyJvKJ/gFdUkZGuTJ:F9klCZF3kZomKYkbENbgt+GgUkZGuTJ
Size:	48292
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates a directory in C:\Program Files	Compliance, System Summary	Masquerading

Details

File:	C:\Program Files\Audacity\Languages\fi\audacity.mo (copy)
Category:	dropped
Dump:	is-N6N61.tmp.11.dr
ID:	dr_296
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 4086 messages, Project-Id-Version: audacity 3.0.3 '\011 ja'
Entropy:	5.436476684935239
Encrypted:	false
Ssdeep:	6144:t1F/uk0QhJtMRDjeo4aLYoc+dA7BtqIQ3f+EFCL6Kqc1:t1FuII0+A7Btqb+v
Size:	328001
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Program Files\Audacity\Languages\fi\is-N6N61.tmp
Category:	dropped
Dump:	is-N6N61.tmp.11.dr
ID:	dr_181
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 4086 messages, Project-Id-Version: audacity 3.0.3 '\011 ja'
Entropy:	5.436476684935239
Encrypted:	false
Ssdeep:	6144:t1F/uk0QhJtMRDjeo4aLYoc+dA7BtqIQ3f+EFCL6Kqc1:t1FuII0+A7Btqb+v
Size:	328001
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates a directory in C:\Program Files	Compliance, System Summary	Masquerading

Details

File:	C:\Program Files\Audacity\Languages\fr\audacity.mo (copy)
Category:	dropped
Dump:	is-NL67K.tmp.11.dr
ID:	dr_297
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 3974 messages, Project-Id-Version: audacity 3.0.3 '\011 et'
Entropy:	5.419584478237276
Encrypted:	false
Ssdeep:	6144:+sYSjDv/IcMRDjeo4/gboc+dA7v9dglyBMMevHeKorksmiq7:48VA7v9dgQUv+Lrksmh7
Size:	344071
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Program Files\Audacity\Languages\fr\is-NL67K.tmp
Category:	dropped
Dump:	is-NL67K.tmp.11.dr
ID:	dr_182
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 3974 messages, Project-Id-Version: audacity 3.0.3 '\011 et'
Entropy:	5.419584478237276
Encrypted:	false
Ssdeep:	6144:+sYSjDv/IcMRDjeo4/gboc+dA7v9dglyBMMevHeKorksmiq7:48VA7v9dgQUv+Lrksmh7
Size:	344071
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates a directory in C:\Program Files	Compliance, System Summary	Masquerading

Details

File:	C:\Program Files\Audacity\Languages\ga\audacity.mo (copy)
Category:	dropped
Dump:	is-T5ETS.tmp.11.dr
ID:	dr_298
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 2001 messages, Project-Id-Version: audacity 3.0.3 '\011 agus'
Entropy:	5.41588775035177
Encrypted:	false
Ssdeep:	3072:72dwyB1I5/FLJyWsopa1e2zMV2vAYdxOfllWeovjDUwjN6rnHcpCX3Kg8u3dbdym:adwyofLJX0Q2zMcvQsP8czSb
Size:	111479
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Program Files\Audacity\Languages\ga\is-T5ETS.tmp
Category:	dropped
Dump:	is-T5ETS.tmp.11.dr
ID:	dr_183
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 2001 messages, Project-Id-Version: audacity 3.0.3 '\011 agus'
Entropy:	5.41588775035177
Encrypted:	false
Ssdeep:	3072:72dwyB1I5/FLJyWsopa1e2zMV2vAYdxOfllWeovjDUwjN6rnHcpCX3Kg8u3dbdym:adwyofLJX0Q2zMcvQsP8czSb
Size:	111479
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates a directory in C:\Program Files	Compliance, System Summary	Masquerading

Details

File:	C:\Program Files\Audacity\Languages\gl\audacity.mo (copy)
Category:	dropped
Dump:	is-OKLKC.tmp.11.dr
ID:	dr_299
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 1695 messages, Project-Id-Version: audacity 3.0.3 'Os ficheiros amosados como PERDIDOS foron movidos ou eliminados e non \303\251 pos\303\255bel copialos.'
Entropy:	5.315607729059806
Encrypted:	false
Ssdeep:	3072:AAPtr/VrZo1x//Y9RDaNoJe6Wn0eAlf7h56kiTWpVjy:A+HEQ9RDYo86O0eAkTL
Size:	137309
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Program Files\Audacity\Languages\gl\is-OKLKC.tmp
Category:	dropped
Dump:	is-OKLKC.tmp.11.dr
ID:	dr_184
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 1695 messages, Project-Id-Version: audacity 3.0.3 'Os ficheiros amosados como PERDIDOS foron movidos ou eliminados e non \303\251 pos\303\255bel copialos.'
Entropy:	5.315607729059806
Encrypted:	false
Ssdeep:	3072:AAPtr/VrZo1x//Y9RDaNoJe6Wn0eAlf7h56kiTWpVjy:A+HEQ9RDYo86O0eAkTL
Size:	137309
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates a directory in C:\Program Files	Compliance, System Summary	Masquerading

Details

File:	C:\Program Files\Audacity\Languages\he\audacity.mo (copy)
Category:	dropped
Dump:	is-O5794.tmp.11.dr
ID:	dr_300
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 736 messages, Project-Id-Version: audacity 3.0.3 '\327\224\327\247\327\221\327\246\327\231\327\235 \327\251\327\236\327\225\327\246\327\222\327\231\327\235 \327\233\327\227\327\241\327\250\327\231\327\235 \327\224\327\225\327\242\327\221\327\250\327\225 \327\220\327\225 \327\240\327\236\327\227\327\247\327\225 \327\225\327\234\327\220 \327\240\327\231\327\252\327\240\327\231\327\235 \327\234\327\224\327\242\327\252\327\247\327\224.'
Entropy:	5.256203369943165
Encrypted:	false
Ssdeep:	1536:r5yqB+8BaFhZoS420oadA0b5yGSiF86fG2OAWJH:9b6hZoS4HoadAC5NoBJH
Size:	53648
Whitelisted:	false
Reputation:	timeout

Details

File:	C:\Program Files\Audacity\Languages\he\is-O5794.tmp
Category:	dropped
Dump:	is-O5794.tmp.11.dr
ID:	dr_185
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 736 messages, Project-Id-Version: audacity 3.0.3 '\327\224\327\247\327\221\327\246\327\231\327\235 \327\251\327\236\327\225\327\246\327\222\327\231\327\235 \327\233\327\227\327\241\327\250\327\231\327\235 \327\224\327\225\327\242\327\221\327\250\327\225 \327\220\327\225 \327\240\327\236\327\227\327\247\327\225 \327\225\327\234\327\220 \327\240\327\231\327\252\327\240\327\231\327\235 \327\234\327\224\327\242\327\252\327\247\327\224.'
Entropy:	5.256203369943165
Encrypted:	false
Ssdeep:	1536:r5yqB+8BaFhZoS420oadA0b5yGSiF86fG2OAWJH:9b6hZoS4HoadAC5NoBJH
Size:	53648
Whitelisted:	false
Reputation:	timeout

Signature Hits	Behavior Group	Mitre Attack
Creates a directory in C:\Program Files	Compliance, System Summary	Masquerading

Details

File:	C:\Program Files\Audacity\Languages\hi\audacity.mo (copy)
Category:	dropped
Dump:	is-SQO61.tmp.11.dr
ID:	dr_301
Target ID:	11
Process:	C:\Users\user\AppData\Local\Temp\is-BVVE5.tmp\audacity-win-3.2.0-64bit.tmp
Type:	GNU message catalog (little endian), revision 0.0, 4353 messages, Project-Id-Version: Audacity '\011 \340\244\224\340\244\260'
Entropy:	5.297074821332897
Encrypted:	false
Ssdeep:	6144:6m72Up8Fxr6sYRDjIoj5/asc+1A7MwpcXWGacb4:6R+VVA7MwpcyX

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
WsiysHggF9.exe

Files

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC ReportWsiysHggF9.exe

Files

IOC Report
WsiysHggF9.exe