|
Analyzing...
|
File Name: FileSystemDriver.exe
SHA1: cb6766e38986ec1f0b7b00c6e572a89a2401b219
MD5: cbe3ef8fe1827f27d78317b9b306c9a8
First Seen Date: 2016-12-31 09:06:33.880118 ( )
Number of Clients Seen: 15
Last Analysis Date: 2017-01-01 05:02:10.722928 ( )
Human Expert Analysis Result: No human expert analysis verdict given to this sample yet.
Analysis Summary
| Analysis Type | Date | Verdict | |
|---|---|---|---|
| Signature Based Detection | 2018-11-05 04:29:30.740175 | Malware | |
| Static Analysis Overall Verdict | 2017-01-01 05:02:10.722928 | Highly Suspicious | |
| Dynamic Analysis Overall Verdict | 2017-01-01 05:02:10.722928 | No Threat Found | help |
Static Analysis
| Static Analysis Overall Verdict | Result |
|---|---|
| Highly Suspicious |
| Detector | Result | |
|---|---|---|
| Optional Header LoaderFlags field is valued illegal | Clean | |
| Non-ascii or empty section names detected | Clean | |
| Illegal size of optional Header | Clean | |
| Packer detection on signature database | Unknown | help |
| Based on the sections entropy check! file is possibly packed | Clean | |
| Timestamp value suspicious | Clean | |
| Header Checksum is zero! | Clean | |
| Enrty point is outside the 1st(.code) section! Binary is possibly packed | Clean | |
| Optional Header NumberOfRvaAndSizes field is valued illegal | Clean | |
| Anti-vm present | Suspicious | |
| The Size Of Raw data is valued illegal! Binary might crash your disassembler/debugger | Clean | |
| TLS callback functions array detected | Clean | |
Packer detection on signature database
Armadillo v1.71
InstallShield 2000
Microsoft Visual C++ v5.0/v6.0 (MFC)
Microsoft Visual C++
Dynamic Analysis
| Dynamic Analysis Overall Verdict | Result |
|---|---|
| No Threat Found | help |
| Suspicious Behaviors | |
|---|---|
| Has no visible windows | |
Precise Detectors Analysis Results
No Detector Result Received
Advance Heuristics
No Advanced Heuristic Analysis Result Received
Additional File Information
| Property | Value |
|---|
| File Path on Client | Seen Count |
|---|---|
| C:\Users\w7\AppData\Local\FileSystemDriver\FileSystemDriver.exe | 1 |
| Name | Virtual Address | Virtual Size | Raw Size | Entropy | MD5 |
|---|