|
Analyzing...
|
File Name: FileSystemDriver.exe
SHA1: cb6766e38986ec1f0b7b00c6e572a89a2401b219
MD5: cbe3ef8fe1827f27d78317b9b306c9a8
First Seen Date: 2016-12-31 09:06:33.880118 ( )
Number of Clients Seen: 21
Last Analysis Date: 2020-04-22 14:44:01.482270 ( )
Human Expert Analysis Date: 2020-04-22 14:37:19.579263 ( )Human Expert Analysis Result: PUA
Analysis Summary
| Analysis Type | Date | Verdict | |
|---|---|---|---|
| Signature Based Detection | 2018-11-05 04:29:30.740175 | Malware | |
| Static Analysis Overall Verdict | 2020-04-22 14:44:01.482270 | Highly Suspicious | |
| Dynamic Analysis Overall Verdict | 2020-04-22 14:44:01.482270 | No Threat Found | help |
| Human Expert Analysis Overall Verdict | 2020-04-22 14:37:19.579263 | PUA | |
Static Analysis
| Static Analysis Overall Verdict | Result |
|---|---|
| Highly Suspicious |
| Detector | Result | |
|---|---|---|
| Optional Header LoaderFlags field is valued illegal | Clean | |
| Non-ascii or empty section names detected | Clean | |
| Illegal size of optional Header | Clean | |
| Packer detection on signature database | Unknown | help |
| Based on the sections entropy check! file is possibly packed | Clean | |
| Timestamp value suspicious | Clean | |
| Header Checksum is zero! | Clean | |
| Enrty point is outside the 1st(.code) section! Binary is possibly packed | Clean | |
| Optional Header NumberOfRvaAndSizes field is valued illegal | Clean | |
| Anti-vm present | Suspicious | |
| The Size Of Raw data is valued illegal! Binary might crash your disassembler/debugger | Clean | |
| TLS callback functions array detected | Clean | |
Packer detection on signature database
Armadillo v1.71
InstallShield 2000
Microsoft Visual C++ v5.0/v6.0 (MFC)
Microsoft Visual C++
Dynamic Analysis
| Dynamic Analysis Overall Verdict | Result |
|---|---|
| No Threat Found | help |
| Suspicious Behaviors | |
|---|---|
| Has no visible windows | |
Precise Detectors Analysis Results
No Detector Result Received
Advance Heuristics
No Advanced Heuristic Analysis Result Received
Human Expert Analysis Results
Analysis Start Date: 2020-04-22 12:06:13.113052 ( )
Analysis End Date: 2020-04-22 14:37:19.579263 ( )
File Upload Date: 2020-04-22 10:54:35.435300 ( )
Update Date: 2020-04-22 14:43:56.050977 ( )
Human Expert Analyst Feedback:
Verdict: PUA
Malware Family:
Malware Type: 0
Additional File Information
| Property | Value |
|---|
| Name | Virtual Address | Virtual Size | Raw Size | Entropy | MD5 |
|---|