Professional Documents
Culture Documents
Zip PDF
Zip PDF
Zip PDF
1/4
1 File Information
File Signer
SHA-256 2965fa86fbf389e690ce4576ca6dbafe8da2988edf6fe1160250bed39922b807
SHA-1 a440be3a2d7a4f7d2b5a2f869ab5423c431fa7c7
MD5 d87ff7a8936fc1e789eb4f6ebf92e328
Verdict Malware
2 Static Analysis
This file was statically analyzed and the table below lists the suspicious items that were
found. The presence of these suspicious items caused the sample to be further analyzed
in the virtual machine sandbox configurations listed in the tabs below.
This archive file contained the following files which received a verdict.
3 Dynamic Analysis
2/4
3.1. VM1 (Windows XP, Adobe Reader 9.4.0, Flash 10, Office 2007)
Behavior Severit y
www.google.com A 216.58.195.68
google.com NS ns4.google.com
google.com NS ns3.google.com
google.com NS ns2.google.com
google.com NS ns1.google.com
Registry Activity
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Par
Create
ameters
Created Mutexes
Mut ex Name
CTF.TimListCache.FMPDefaultS-1-5-21-515967899-776561741-1417001333-500MUTEX.DefaultS-1-5-21-515967899-776561741-1417001333-500
Event Timeline
3/4
3.2. VM2 (Windows 7 x64 SP1, Adobe Reader 11, Flash 11, Office
2010)
Behavior Severit y
google.com NS ns4.google.com
google.com NS ns3.google.com
teredo.ipv6.microsoft.com NXDOMAIN
google.com NS ns1.google.com
google.com NS ns2.google.com
www.google.com A 216.58.195.68
Connections
(command: C:\Users\Administrator\sample.exe)
No activity recorded for this process.
Event Timeline
4/4