Analysis

Category Package Started Completed Duration Log
STATIC 2019-10-28 11:05:39 2019-10-28 11:05:40 1 seconds Show Log

    

MalScore

0.0

Benign

File Details

File Name VeraCryptPortable.zip
File Size 19631696 bytes
File Type Zip archive data, at least v2.0 to extract
MD5 64e70706965b97e8ee0ac16a579bcc39
SHA1 7652af884ac341a9bf5c6ed45c14d66a2f5307d3
SHA256 035063f6a52f376e9aaffddfc3f8c55b2fbf884a01195385099457eaccc6074d
SHA512 c27d98c492622c82fc0f9e1ecd1fd8fa4a8fa6d26f689884fd62238f71b8a87f0a8f86416a720882b03e8e420ea59c73f4313b0cf8ff0c9546f209d935ab4f6a
CRC32 C4045114
Ssdeep 393216:/wrHC7XrRhFPG/UJuEBQDk9WFTeAlMIbvkoyYe40PeJh2kCDSU3C2:/wrg55Bl6/uiMo9e4fJgN73z
TrID None matched
ClamAV None matched
Yara None matched
CAPE Yara None matched
Resubmit sample

Signatures

No signatures


Screenshots

No screenshots available.

Hosts

No hosts contacted.

DNS

No domains contacted.


Summary

No static analysis available.
-[p>
?3-|l
?S_;K
Hsr[#L'
oXD} $
pB'IpOqJ)
6T4VC5]
c[P(i
h|?1_PHc
{^<eZRs
EkS\"
!6}K5
ZX_IO
QLEq59hhs
fvWI@
naqKj.
(V1yU
,d=PN
&LGn'
Z_q`?c
k&-Oz
49gQP
`o1aw
YFL.gi
LRg=V=
?]c`M
n)I<H
,jup!
q<|7d
lX,[]1
@;Jn{
p0};:
K*4V!Y
S~ KG
S#VPn
ii>&"
5gV& U9Da
#Ft|p
UK3lW<
*&)Ep
Ls"r1#Rl
Y$}z#
KsJ*O
lh7'a57N
(h?cG
v'hY*
~j(iD
W&wXk
Ylwi{
<TkK6
cNap4
ov B,
t4~l{
tkbLP
;]UyT
TE+A!
=rWlp
SmJ[
;=YigI+{
Wb{&(]
y&?hlV
Kv\ZX
p@K]*X#
L(Q.y<<
Av;Vu
)qPpL
Tes6S
f6b`E'
BldE+s
f[7][
?_"tT
3ThuQ
Vk71)
>W+Fh
a~=-D`N
q"zT++%
w'7G9
7 @H}<
9K8[tj
R~CYb
FG`ObI_G
H?"-F
d8.X7
R#/eL'
^tEZ|
/UZp,
]q3!?_
T:yvlS
=<`=fCT@z
N6|,bG
Wdvm{
O{t-`
(N>ra
$tG.I!
)i8t[p
7.P<]
!Ninh1
|!c0RY
6:\!s
ZqaTUM$
ay1PY
+C6^Z
[q[[z`p
-itu/A
$`-o;
8<:>9=;
wq.N/
0_N`O
CM/g
Vb"&_
-itu/A
K^%.4
2 .-C`
:n:CZ
/V'Dn
8@.1R
8y.h$f?
]q3!?_
T:yvlS
Q;E2\
uC58Y
D}aQU
q9,x#@
Fb[9i
|"r)^
9'#VVez
,RbhS
plQhm
j3omd]
Q;E2\
Wc#'Y
m8/FN
Vf5m@
CAU$T
"hy3d
l^23l8
/{~1{
2x/@Uk
SQwSn
{<(;W
^p|:\
6v@z=
ljLNn
ott4q
k&6`-
eqa{q
>~Kce
C1g&O
d?R#;
sJY*n
D9@\^|
WRR?ZMi
p]Lds
})^&j
x+LCg
Microsoft Hv
]q3!?_
T:yvlS
<O"Ze
-itu/A
pxt|rzv
$tG.I!
)i8t[p
7.P<]
!Ninh1
|!c0RY
1<Wz6
b<~6;
{ GXu
wR-.2`S
%HYdZ
{J#OH
\&Twq
k|@Jc7]
2!3wrs 0@`
@Yh4Z
7Zy)U
E*rsP
"d#.@
$`-o;
{*c/(
/tAPN!A
[q[[z`p
]]&*l9,y
$`-o;
ANchbf
uC58Y
8<:>9=;
e9Zo,
=<`=fCT@z
D}aQU
h0B\K
&011I
+\]]w
c$`$Qi
1y+#n:
M~`,r9
~?vg>
*[0ku[
b!8T]
FI<WW=uXCl
qo(p>
X`'qh}
10S/@
V&C>E
?c9>X
3cL}2 W?U
\fMzJ
``0`P``
=Wb-'
[Z6}_
%`5kC
9w(Y5V
Un HQ
?/;}4'j
flTpb
n}dBm
tD$pj'
o_7$.
T@BFe
,we{E
V61 ,.
\*#YL>B\
}X4@0
"D-D:v
B-ULI
7.h>c,
0JwuE\U
taJv^
|t"o3
%m\PI
}NiB(
E[>Dr
ur@+.O-
v|&-3q^
"59l^
]s4M""
F*@dI
,]B(cUw
LHj4B;6:j.
NM]O`
N?AF1f
)xQaI
R|I<E
K5dN<>g
(K^a;(
z?4p)
CfV?P
h!Yj$
iC ?)
)r~bu
vJMl{fK
p&6@jx3
MNFY3\
E!9)Bo'-)1
=;Ucw
)x9}.q
)8xz~]%
cwt)`
]oh:N
Tvnp|
yUJBL:
l,I-NuR
z~g@/
GB9{sS
@!B+I4
bzCP!R
3K7'!N
;1EO4hah@
Edbku
8x+`I
o3wk:
vb+:x
}T\r}
5(nX!
$tG.I!
)i8t[p
7.P<]
!Ninh1
.N.MU
|!c0RY
SeL?-
,_vujq
ZycVI
ay1PY
<O"Ze
jw7B;
m8/FN
a{QS*MJq:
%54]b
;ulC@
0U_/~
8Q%pP%
@KmHM
@K4eT<
miO']
sHxcxu/Dp
E*rsP
[q[[z`p
]]&*l9,y
-itu/A
|"r)^
k5J@=n<
1U}/G
&6Dk<
^k,Dn
C<4M&
[q[[z`p
]]&*l9,y
'E["[4o
?pxt|rzv
{J#OH
\&Twq
fZD|A0
(IDFI
@e<6@_
e0d0c0
<O"Ze
Vb"&_
h0B\K
{J#OH
\&Twq
0\BCT
(KPdP
M "&2%Y
$"<oG
_7~1{
pu%<K
D!)Q!x#TD
uC58Y
-itu/A
uC58Y
+UfU>
c#3v#
:qEz<
3nzUE
pQo7J
du8H.
P9uTg:
H}w]x
("/R:
Zq-,O5@_2
hbNLA,
hA5h/W
N@?`i
(\FwQ]
rX"ILB
U8:{~fI0/
h0B\K
KW]Yx|
iHKKk
n#Anx
|"r)^
{*c/(
$tG.I!
)i8t[p
7.P<]
!Ninh1
.N.MU
|!c0RY
1 ptw5
{ {|W,
>UFuWr
Vf5m@
q9,x#@
o^[7w
<@{$\
sPUdq
8y.h$f?
E*rsP
h0B\K
q9,x#@
uC58Y
uh5o\{@;
t//58
ffif:
sj8W'I
=<`=fCT@z
D}aQU
1Qqf!
W$'V/J
R"#@dlHd
RsJGMs
]q3!?_
T:yvlS
2 .-C`
Rh5hN=
/0 --
^ 9`Y
}_ cb
+^;#j Ag
sZd$br5!
8y.h$f?
m8/FN
E*rsP
N[.FA
AZILh
88s<u
^tGZ|
As#oUD5R
/Mt|L
v<Z/!]
=<`=fCT@z
Vf5m@
KWYYx|
n#Anx
?pxt|rzv
$tG.I!
)i8t[p
7.P<]
!Ninh1
|!c0RY
W#W0(
b*T-9
EV,SI
DQXcB
ay1PY
iM1cZW
Fd>{k`
CM/g
h0B\K
@maiE
1k]4@
hcvs;
OdM{8
>#b>W
A|n?\
}LuLz
+K'\Ox
N6|,bG
uC58Y
:n:CZ
KtSd$
'nC{i
V.cO;
VNaO;
Vv#O;
[q[[z`p
]]&*l9,y
ZR"@JD$%
@U<6@O
]q3!?_
T:yvlS
rX"ILB
E*rsP
"d#.@
$`-o;
{*c/(
Q3`bS
p'26z
}#Ue(4x
X5WyqN
'P]X?'
/;:F~
SU*~g
4O0D;
S/pT
3l,3k
h)a<]B
90jFP
k,Cg-
EE8a?
LO9,Q
EW|!i
AB.]q
ZhqnG
w8<X9
t6NES
(G2p7
=+a4Vs
h0B\K
8<:>9=;
sg"pI
$tG.I!
)i8t[p
7.P<]
!Ninh1
|!c0RY
&\8yk
ay1PY
:zC>OAC
Yk!0F/I
q9,x#@
"^#Ke
.!\Ac
]q3!?_
T:yvlS
E*rsP
Vf5m@
<=66O!
PR<,(
ZR"@JD$%
kHdcxu?Dh
h0B\K
>y?[lA
[jyKdWV}
01!%&
`'cJ;:
Grk!c
]q3!?_
T:yvlS
"d#.@
Bw JH
sPO9`
hd;yt
c<_b;y
%]eOP
S*;-?
gk~2l
tEXtSoftware
tEXtSoftware
VeraCryptPortable/Other/Help/Images/Help_Logo_Top.png
tEXtSoftware
.8yJI[
^fwBZ
5424224
G]ksS
Hsr[#L'
pB'IpOqJ)
This file is not on VirusTotal.

Hosts

No hosts contacted.

TCP

No TCP connections recorded.

UDP

No UDP connections recorded.

DNS

No domains contacted.

HTTP Requests

No HTTP requests performed.

SMTP traffic

No SMTP traffic performed.

IRC traffic

No IRC requests performed.

ICMP traffic

No ICMP traffic performed.

CIF Results

No CIF Results

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Suricata HTTP

No Suricata HTTP

Sorry! No dropped Suricata Extracted files.

JA3

No JA3 hashes found.

Sorry! No dropped files.
Sorry! No CAPE files.
Sorry! No process dumps.

Comments



No comments posted

Processing ( 18.56 seconds )

  • 8.933 TargetInfo
  • 8.376 CAPE
  • 1.236 Strings
  • 0.009 Static
  • 0.005 AnalysisInfo
  • 0.001 Debug

Signatures ( 0.108 seconds )

  • 0.016 ransomware_files
  • 0.014 antiav_detectreg
  • 0.006 antiav_detectfile
  • 0.006 infostealer_ftp
  • 0.006 ransomware_extensions
  • 0.005 persistence_autorun
  • 0.004 infostealer_im
  • 0.003 tinba_behavior
  • 0.003 rat_nanocore
  • 0.003 antianalysis_detectfile
  • 0.003 antianalysis_detectreg
  • 0.003 antivm_vbox_files
  • 0.003 browser_security
  • 0.003 infostealer_bitcoin
  • 0.003 infostealer_mail
  • 0.002 cerber_behavior
  • 0.002 antivm_vbox_keys
  • 0.002 geodo_banking_trojan
  • 0.002 bot_drive
  • 0.002 disables_browser_warn
  • 0.002 ie_martian_children
  • 0.001 betabot_behavior
  • 0.001 ursnif_behavior
  • 0.001 antivm_parallels_keys
  • 0.001 antivm_vmware_files
  • 0.001 antivm_vmware_keys
  • 0.001 antivm_xen_keys
  • 0.001 banker_zeus_mutex
  • 0.001 bot_athenahttp
  • 0.001 bot_drive2
  • 0.001 browser_addon
  • 0.001 modify_security_center_warnings
  • 0.001 modify_uac_prompt
  • 0.001 persistence_shim_database
  • 0.001 recon_fingerprint
  • 0.001 stealth_hiddenreg

Reporting ( 0.0 seconds )

Task ID 103255
Mongo ID 5db6cb998bdf6f9aa8216007
Cuckoo release 1.3-CAPE
Delete