Analyzing...
|
File Name:   FileSystemDriver.exe
SHA1:   cb6766e38986ec1f0b7b00c6e572a89a2401b219
MD5:   cbe3ef8fe1827f27d78317b9b306c9a8
First Seen Date:  2016-12-31 09:06:33.880118 ( )
Number of Clients Seen:   21
Last Analysis Date:  2020-04-22 14:44:01.482270 ( )
Human Expert Analysis Date:  2020-04-22 14:37:19.579263 ( )Human Expert Analysis Result:   PUA
Analysis Summary
Analysis Type | Date | Verdict | |
---|---|---|---|
Signature Based Detection | 2018-11-05 04:29:30.740175 | Malware | |
Static Analysis Overall Verdict | 2020-04-22 14:44:01.482270 | Highly Suspicious | |
Dynamic Analysis Overall Verdict | 2020-04-22 14:44:01.482270 | No Threat Found | help |
Human Expert Analysis Overall Verdict | 2020-04-22 14:37:19.579263 | PUA |
Static Analysis
Static Analysis Overall Verdict | Result |
---|---|
Highly Suspicious |
Detector | Result | |
---|---|---|
Optional Header LoaderFlags field is valued illegal | Clean | |
Non-ascii or empty section names detected | Clean | |
Illegal size of optional Header | Clean | |
Packer detection on signature database | Unknown | help |
Based on the sections entropy check! file is possibly packed | Clean | |
Timestamp value suspicious | Clean | |
Header Checksum is zero! | Clean | |
Enrty point is outside the 1st(.code) section! Binary is possibly packed | Clean | |
Optional Header NumberOfRvaAndSizes field is valued illegal | Clean | |
Anti-vm present | Suspicious | |
The Size Of Raw data is valued illegal! Binary might crash your disassembler/debugger | Clean | |
TLS callback functions array detected | Clean |
Packer detection on signature database
Armadillo v1.71
InstallShield 2000
Microsoft Visual C++ v5.0/v6.0 (MFC)
Microsoft Visual C++
Dynamic Analysis
Dynamic Analysis Overall Verdict | Result |
---|---|
No Threat Found | help |
Suspicious Behaviors | |
---|---|
Has no visible windows |
Precise Detectors Analysis Results
No Detector Result Received
Advance Heuristics
No Advanced Heuristic Analysis Result Received
Human Expert Analysis Results
Analysis Start Date:   2020-04-22 12:06:13.113052 ( )
Analysis End Date:  2020-04-22 14:37:19.579263 ( )
File Upload Date:  2020-04-22 10:54:35.435300 ( )
Update Date:  2020-04-22 14:43:56.050977 ( )
Human Expert Analyst Feedback:  
Verdict:   PUA
Malware Family:  
Malware Type:   0
Additional File Information
Property | Value |
---|
Name | Virtual Address | Virtual Size | Raw Size | Entropy | MD5 |
---|