0660957_2019-07-19_20_30.txt

1.  
2. * MalFamily: ""
3.  
4. * MalScore: 1.6
5.  
6. * File Name: "0660957"
7. * File Size: 87980
8. * File Type: "PE32 executable (GUI) Intel 80386, for MS Windows"
9. * SHA256: "b11c2e333a6439b7064f72a0e8b65f4232c4cd0996f1ecee11c82ab14e3052ba"
10. * MD5: "d67243f35a967ec8d1cf275c545e822d"
11. * SHA1: "d0e7e5fc380a8ec1ad6a563c5d44792736c8e2ed"
12. * SHA512: "be03284fd88673cc3db0d0261ebbaf351598767d70bc8abb46c538fe1daf3f93a27070402d74add5dd1f4b71387c2e7f72a7d79d20f70ef9a9ed0a3a86fdce6f"
13. * CRC32: "1461063B"
14. * SSDEEP: "1536:sb7RFqUtsX1WuccOiElzboqTMB1EJsRExp0+mV5vry7+mBABWBa27q:sbbtgvJ9ENHyKJs0QLDy7bmks27q"
15.  
16. * Process Execution:
17.  
18. * Executed Commands:
19.  
20. * Signatures Detected:
21.  
22. "Description": "Anomalous binary characteristics",
23. "Details":
24.  
25. "anomaly": "Timestamp on binary predates the release date of the OS version it requires by at least a year"
26.  
27.  
28.  
29.  
30.  
31. * Started Service:
32.  
33. * Mutexes:
34.  
35. * Modified Files:
36.  
37. * Deleted Files:
38.  
39. * Modified Registry Keys:
40.  
41. * Deleted Registry Keys:
42.  
43. * DNS Communications:
44.  
45. * Domains:
46.  
47. * Network Communication - ICMP:
48.  
49. * Network Communication - HTTP:
50.  
51. * Network Communication - SMTP:
52.  
53. * Network Communication - Hosts:
54.  
55. * Network Communication - IRC: