36.0.0 Rainbow Opal
IR
756303
CloudBasic
00:31:51
30/11/2022
file.exe
default.jbs
Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 104, IE 11, Adobe Reader DC 19, Java 8 Update 211
WINDOWS
2479739c5d062ecb325147623241f007
4394b6d2ca4ed82a5f2d70d10cd05cfa3b35ab2c
728de9789af5f2ebc9ac2fac80fee25b186bc5b3acb960650934377f0c77726d
Win32 Executable (generic) a (10002005/4) 99.96%
true
false
false
false
60
0
100
5
0
5
false
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_c7d966c262eae458e8625727f886cf5c34890_82810a17_17838664\Report.wer
false
B7842D267FA3159E4A8265EBAC15123F
3D4D338A7C45E365594BA86138D807EED613A94C
5717EDDC18EB335A212F6E124134E7F324BA31057B46A483197BCA34239B3B50
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5A43.tmp.dmp
false
04159DD8A5DDC0568C97E006374F7741
8E398F95770652F5D2B3871551B5FEF2F92B65AF
4311401125079F5548772A6F3C2DC9F31EB7ABB5C86C7B32A4FD6270973D3E67
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5E5B.tmp.WERInternalMetadata.xml
false
5976AC6867FE145BE9EFAB78E49B153B
E54FFB751BA19A4D32A839E201834403C12CE2CB
697D1A118718E1C61BD8139E12E6CE43DD850A6B4AE68694B7358332A1D4941A
C:\ProgramData\Microsoft\Windows\WER\Temp\WER6021.tmp.xml
false
491AB42B77F192F72422E10ADCA02307
8A4E64A2196BA81DC3F318C95C384021DACE4EA2
EDC4790ABA665857A173E802CDBE593B6549E8D20C965FEB7E143D338AC59D25
C:\Users\user\AppData\Local\Temp\Serpodtudpwhhta.dll
false
424622874EE7EBF8B20601F9D1CC0D2B
4614C33AFDD7EFF974CEB2E1364E9B13832C80C4
A839052F14CD3DDB3914153373EBCA9BF2591FCFCD61E704141A74D7F9DAED2E
Multi AV Scanner detection for submitted file
Tries to detect virtualization through RDTSC time measurements
Detected unpacking (changes PE section rights)
Malicious sample detected (through community Yara rule)
Detected unpacking (overwrites its own PE header)
Machine Learning detection for sample