Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6402	Aug. 17, 2021, 5:32 p.m.	Aug. 17, 2021, 5:44 p.m.

Size	90.5KB
Type	PE32 executable (console) Intel 80386, for MS Windows
MD5	`ff2d2b1250ae2706f6550893e12a25f8`
SHA256	`ca46080e121408d9624322e505dc2178ba99e15871c90e101b54e42ea7b54a96`
CRC32	`6F1E9657`
ssdeep	`1536:lWvNrof2xIZ2ToPCt6VkPRYLUbrjhd3d7t20WYwuIJLO+s8jcdd1vzGHY:lWufhgTeCt0uREWrdhdY0W5uIVO77vKH`
Yara	PE_Header_Zero - PE File Signature OS_Processor_Check_Zero - OS Processor Check UPX_Zero - UPX packed file Malicious_Library_Zero - Malicious_Library IsPE32 - (no description)

03da82f27a042bb21948e80c78809783.exe "C:\Users\test22\AppData\Local\Temp\03da82f27a042bb21948e80c78809783.exe"
1280
- 03da82f27a042bb21948e80c78809783.exe "C:\Users\test22\AppData\Local\Temp\03da82f27a042bb21948e80c78809783.exe" -q
  2080

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Checks amount of memory in system, this can be used to detect virtual machines that have a low amount of memory available (1 event)

Time & API	Arguments	Status	Return	Repeated
GlobalMemoryStatusEx Aug. 17, 2021, 5:32 p.m.		1	1	0

The executable contains unknown PE section names indicative of a packer (could be a false positive) (1 event)

section

.gfids

One or more processes crashed (50 out of 65536 events)

Time & API	Arguments	Status
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x250a @ 0xda250a 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 66 registers.esi: 3011856 registers.ecx: 6	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x251c @ 0xda251c 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 10 registers.esi: 3011980 registers.ecx: 2	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x252b @ 0xda252b 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 24 registers.esi: 3011764 registers.ecx: 6	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x250a @ 0xda250a 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 66 registers.esi: 3011816 registers.ecx: 16	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x251c @ 0xda251c 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 10 registers.esi: 3011980 registers.ecx: 2	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x252b @ 0xda252b 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 24 registers.esi: 3011764 registers.ecx: 6	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x250a @ 0xda250a 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 66 registers.esi: 3011816 registers.ecx: 16	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x251c @ 0xda251c 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 10 registers.esi: 3011980 registers.ecx: 2	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x252b @ 0xda252b 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 24 registers.esi: 3011764 registers.ecx: 6	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x250a @ 0xda250a 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 66 registers.esi: 3011816 registers.ecx: 16	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x251c @ 0xda251c 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 10 registers.esi: 3011980 registers.ecx: 2	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x252b @ 0xda252b 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 24 registers.esi: 3011764 registers.ecx: 6	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x250a @ 0xda250a 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 66 registers.esi: 3011816 registers.ecx: 16	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x251c @ 0xda251c 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 10 registers.esi: 3011980 registers.ecx: 2	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x252b @ 0xda252b 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 24 registers.esi: 3011764 registers.ecx: 6	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x250a @ 0xda250a 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 66 registers.esi: 3011816 registers.ecx: 16	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x251c @ 0xda251c 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 10 registers.esi: 3011980 registers.ecx: 2	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x252b @ 0xda252b 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 24 registers.esi: 3011764 registers.ecx: 6	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x250a @ 0xda250a 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 66 registers.esi: 3011816 registers.ecx: 16	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x251c @ 0xda251c 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 10 registers.esi: 3011980 registers.ecx: 2	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x252b @ 0xda252b 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 24 registers.esi: 3011764 registers.ecx: 6	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x250a @ 0xda250a 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 66 registers.esi: 3011816 registers.ecx: 16	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x251c @ 0xda251c 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 10 registers.esi: 3011980 registers.ecx: 2	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x252b @ 0xda252b 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 24 registers.esi: 3011764 registers.ecx: 6	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x250a @ 0xda250a 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 66 registers.esi: 3011816 registers.ecx: 16	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x251c @ 0xda251c 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 10 registers.esi: 3011980 registers.ecx: 2	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x252b @ 0xda252b 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 24 registers.esi: 3011764 registers.ecx: 6	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x250a @ 0xda250a 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 66 registers.esi: 3011816 registers.ecx: 16	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x251c @ 0xda251c 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 10 registers.esi: 3011980 registers.ecx: 2	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x252b @ 0xda252b 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 24 registers.esi: 3011764 registers.ecx: 6	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x250a @ 0xda250a 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 66 registers.esi: 3011816 registers.ecx: 16	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x251c @ 0xda251c 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 10 registers.esi: 3011980 registers.ecx: 2	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x252b @ 0xda252b 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 24 registers.esi: 3011764 registers.ecx: 6	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x250a @ 0xda250a 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 66 registers.esi: 3011816 registers.ecx: 16	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x251c @ 0xda251c 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 10 registers.esi: 3011980 registers.ecx: 2	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x252b @ 0xda252b 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 24 registers.esi: 3011764 registers.ecx: 6	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x250a @ 0xda250a 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 66 registers.esi: 3011816 registers.ecx: 16	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x251c @ 0xda251c 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 10 registers.esi: 3011980 registers.ecx: 2	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x252b @ 0xda252b 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 24 registers.esi: 3011764 registers.ecx: 6	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x250a @ 0xda250a 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 66 registers.esi: 3011816 registers.ecx: 16	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x251c @ 0xda251c 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 10 registers.esi: 3011980 registers.ecx: 2	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x252b @ 0xda252b 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 24 registers.esi: 3011764 registers.ecx: 6	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x250a @ 0xda250a 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 66 registers.esi: 3011816 registers.ecx: 16	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x251c @ 0xda251c 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 10 registers.esi: 3011980 registers.ecx: 2	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x252b @ 0xda252b 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 24 registers.esi: 3011764 registers.ecx: 6	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x250a @ 0xda250a 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 66 registers.esi: 3011816 registers.ecx: 16	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x251c @ 0xda251c 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 10 registers.esi: 3011980 registers.ecx: 2	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x252b @ 0xda252b 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 24 registers.esi: 3011764 registers.ecx: 6	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x250a @ 0xda250a 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 66 registers.esi: 3011816 registers.ecx: 16	1
__exception__ Aug. 17, 2021, 5:32 p.m.	stacktrace: 03da82f27a042bb21948e80c78809783+0x251c @ 0xda251c 0x710073 exception.instruction_r: f3 a5 8b cb 83 e1 03 f3 a4 89 55 fc e8 56 93 fd exception.symbol: lstrcatW+0x40 CopyFileW-0x3f kernel32+0x382ce exception.instruction: movsd dword ptr es:[edi], dword ptr [esi] exception.module: kernel32.dll exception.exception_code: 0xc0000005 exception.offset: 230094 exception.address: 0x76a682ce registers.esp: 3011704 registers.edi: 3014656 registers.eax: 3011992 registers.ebp: 3011744 registers.edx: 4294967294 registers.ebx: 10 registers.esi: 3011980 registers.ecx: 2	1

Tries to unhook Windows functions monitored by Cuckoo (1 event)

Time & API	Arguments	Status	Return	Repeated
__anomaly__ Aug. 17, 2021, 5:32 p.m.	tid: 2084 message: Encountered 65537 exceptions, quitting. subcategory: exception function_name:	1	0	0

File has been identified by 27 AntiVirus engines on VirusTotal as malicious (27 events)

MicroWorld-eScan	Trojan.GenericKD.46801264
McAfee	RDN/Generic.grp
Cylance	Unsafe
Sangfor	Riskware.Win32.Agent.ky
Arcabit	Trojan.Generic.D2CA2170
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Kaspersky	UDS:DangerousObject.Multi.Generic
BitDefender	Trojan.GenericKD.46801264
Avast	FileRepMetagen [Malware]
Ad-Aware	Trojan.GenericKD.46801264
Sophos	Mal/Generic-S
McAfee-GW-Edition	Artemis!Trojan
FireEye	Trojan.GenericKD.46801264
Emsisoft	Trojan.GenericKD.46801264 (B)
eGambit	Unsafe.AI_Score_72%
MAX	malware (ai score=88)
Kingsoft	Win32.Troj.Generic_a.a.(kcloud)
Microsoft	Trojan:Win32/Hynamer.A!ml
ZoneAlarm	UDS:DangerousObject.Multi.Generic
GData	Trojan.GenericKD.46801264
VBA32	BScope.Trojan.Downloader
ALYac	Trojan.GenericKD.46801264
Ikarus	Trojan.Win32.Clipbanker
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/PossibleThreat
AVG	FileRepMetagen [Malware]

03da82f27a042bb21948e80c78809783.exe

Process Tree Toggle all

Network Toggle all

Suricata Toggle all

Suricata Alerts

Suricata TLS

Signatures Toggle All