Free Automated Malware Analysis Service - powered by Falcon Sandbox - Viewing online file analysis results for 'vScraper.exe'

not enough data to reliably determine

vScraper.exe

This report is generated from a file or URL submitted to this webservice on December 22nd 2015 16:21:31 (UTC)
Guest System: Windows 7 32 bit, Home Premium, 6.1 (build 7601), Service Pack 1
Report generated by Falcon Sandbox v3.10 © Hybrid Analysis

Overview Sample not shared Re-analyze Hash Seen Before Show Similar Samples Report False-Positive

Attention: this analysis ran with the legacy Usermode Monitor. It is highly recommended to use the Kernelmode Monitor.

Request Report Deletion

Incident Response

Risk Assessment

Fingerprint: Contains ability to lookup the windows account name

Indicators

Not all malicious and suspicious indicators are displayed. Get your own cloud service or the full version to view all details.

Malicious Indicators 1
External Systems
- Sample was identified as malicious by at least one Antivirus engine
  
  details
  
  3/55 Antivirus vendors marked sample as malicious (5% detection rate)
  
  source
  
  External System
  
  relevance
  
  8/10

Suspicious Indicators 10
Anti-Detection/Stealthyness
- Queries kernel debugger information
  
  details
  
  "<Input Sample>" at 00136046-00003960-76F261F8-320163
  
  source
  
  API Call
  
  relevance
  
  6/10
Anti-Reverse Engineering
- Creates guarded memory regions (anti-debugging trick to avoid memory dumping)
  
  details
  
  Creates guarded memory regions (anti-debugging trick to avoid memory dumping)
  
  source
  
  API Call
  
  relevance
  
  10/10
- PE file has unusual entropy sections
  
  details
  
  .text with unusual entropies 7.95912784718
  
  source
  
  Static Parser
  
  relevance
  
  10/10
Environment Awareness
- Queries volume information
  
  details
  
  "<Input Sample>" queries volume information of "Z:\share\vScraper.exe" at 00136046-00003960-76F26268-138406
  
  source
  
  API Call
  
  relevance
  
  2/10
- Tries to sleep for a long time (more than two minutes)
  
  details
  
  "<Input Sample>" sleeping for "1566804069" milliseconds
  
  source
  
  API Call
  
  relevance
  
  10/10
General
- Reads configuration files
  
  details
  
  "<Input Sample>" read file "%WINDIR%\win.ini"
  
  source
  
  API Call
  
  relevance
  
  4/10
Installation/Persistance
- Creates/touches files in windows directory
  
  details
  
  "<Input Sample>" created file "%WINDIR%\system32\rsaenh.dll"
  
  source
  
  API Call
  
  relevance
  
  7/10
Network Related
- Found potential IP address in binary/memory
  
  details
  
  "1.0.1.0"
  
  source
  
  File/Memory
  
  relevance
  
  3/10
Unusual Characteristics
- Installs hooks/patches the running process
  
  details
  
  "<Input Sample>" wrote bytes "AD43904E" to virtual address "0x6A4E2AFC" (part of module "CLR.DLL")
  
  source
  
  Hook Detection
  
  relevance
  
  10/10
- Reads information about supported languages
  
  details
  
  "<Input Sample>" (Path: "\REGISTRY\MACHINE\SYSTEM\CONTROLSET001\CONTROL\NLS\LOCALE", Key: "00000409")
  "<Input Sample>" (Path: "\REGISTRY\MACHINE\SYSTEM\CONTROLSET001\CONTROL\NLS\CUSTOMLOCALE", Key: "EN")
  "<Input Sample>" (Path: "\REGISTRY\MACHINE\SYSTEM\CONTROLSET001\CONTROL\NLS\EXTENDEDLOCALE", Key: "EN")
  "<Input Sample>" (Path: "\REGISTRY\MACHINE\SYSTEM\CONTROLSET001\CONTROL\NLS\CUSTOMLOCALE", Key: "AR")
  "<Input Sample>" (Path: "\REGISTRY\MACHINE\SYSTEM\CONTROLSET001\CONTROL\NLS\EXTENDEDLOCALE", Key: "AR")
  "<Input Sample>" (Path: "\REGISTRY\MACHINE\SYSTEM\CONTROLSET001\CONTROL\NLS\CUSTOMLOCALE", Key: "AR-SA")
  "<Input Sample>" (Path: "\REGISTRY\MACHINE\SYSTEM\CONTROLSET001\CONTROL\NLS\EXTENDEDLOCALE", Key: "AR-SA")
  "<Input Sample>" (Path: "\REGISTRY\MACHINE\SYSTEM\CONTROLSET001\CONTROL\NLS\CUSTOMLOCALE", Key: "BG")
  "<Input Sample>" (Path: "\REGISTRY\MACHINE\SYSTEM\CONTROLSET001\CONTROL\NLS\EXTENDEDLOCALE", Key: "BG")
  "<Input Sample>" (Path: "\REGISTRY\MACHINE\SYSTEM\CONTROLSET001\CONTROL\NLS\CUSTOMLOCALE", Key: "BG-BG")
  "<Input Sample>" (Path: "\REGISTRY\MACHINE\SYSTEM\CONTROLSET001\CONTROL\NLS\EXTENDEDLOCALE", Key: "BG-BG")
  "<Input Sample>" (Path: "\REGISTRY\MACHINE\SYSTEM\CONTROLSET001\CONTROL\NLS\CUSTOMLOCALE", Key: "CA")
  "<Input Sample>" (Path: "\REGISTRY\MACHINE\SYSTEM\CONTROLSET001\CONTROL\NLS\EXTENDEDLOCALE", Key: "CA")
  "<Input Sample>" (Path: "\REGISTRY\MACHINE\SYSTEM\CONTROLSET001\CONTROL\NLS\CUSTOMLOCALE", Key: "CA-ES")
  "<Input Sample>" (Path: "\REGISTRY\MACHINE\SYSTEM\CONTROLSET001\CONTROL\NLS\EXTENDEDLOCALE", Key: "CA-ES")
  "<Input Sample>" (Path: "\REGISTRY\MACHINE\SYSTEM\CONTROLSET001\CONTROL\NLS\CUSTOMLOCALE", Key: "ZH-HANS")
  "<Input Sample>" (Path: "\REGISTRY\MACHINE\SYSTEM\CONTROLSET001\CONTROL\NLS\EXTENDEDLOCALE", Key: "ZH-HANS")
  "<Input Sample>" (Path: "\REGISTRY\MACHINE\SYSTEM\CONTROLSET001\CONTROL\NLS\CUSTOMLOCALE", Key: "ZH-CN")
  "<Input Sample>" (Path: "\REGISTRY\MACHINE\SYSTEM\CONTROLSET001\CONTROL\NLS\EXTENDEDLOCALE", Key: "ZH-CN")
  
  source
  
  Registry Access
  
  relevance
  
  3/10

Informative 5
General
- Loads modules at runtime
  
  details
  
  "<Input Sample>" loaded module "API-MS-WIN-SECURITY-LSALOOKUP-L1-1-0.DLL" at base 77040000
  "<Input Sample>" loaded module "ADVAPI32.DLL" at base 76C60000
  "<Input Sample>" loaded module "CRYPTSP.DLL" at base 74AB0000
  "<Input Sample>" loaded module "%WINDIR%\SYSTEM32\RSAENH.DLL" at base 74850000
  "<Input Sample>" loaded module "CRYPTBASE.DLL" at base 74F80000
  "<Input Sample>" loaded module "RPCRTREMOTE.DLL" at base 75020000
  
  source
  
  API Call
  
  relevance
  
  1/10
- Loads rich edit control libraries
  
  details
  
  "<Input Sample>" loaded module "%WINDIR%\system32\RichEd20.DLL" at 6ACA0000
  
  source
  
  Loaded Module
- Loads the .NET runtime environment
  
  details
  
  "<Input Sample>" loaded module "%WINDIR%\assembly\NativeImages_v4.0.30319_32\mscorlib\51e2934144ba15628ba5a31be2dae7dc\mscorlib.ni.dll" at 69520000
  
  source
  
  Loaded Module
- Looks up procedures from modules (excluding apphelp.dll, kernel32.dll, user32.dll, gdi32.dll, ole32.dll, comctl32.dll, uxtheme.dll, oleaut32.dll, version.dll, msctfime.ime)
  
  details
  
  "LookupAccountNameLocalW@sechost.dll"
  "LookupAccountSidW@ADVAPI32.dll"
  "LookupAccountSidLocalW@sechost.dll"
  "CryptAcquireContextW@CRYPTSP.dll"
  "GdipDisposeImage@gdiplus.dll"
  "EventUnregister@ADVAPI32.dll"
  "CPAcquireContext@rsaenh.dll"
  "CPReleaseContext@rsaenh.dll"
  "CPGenKey@rsaenh.dll"
  "CPDeriveKey@rsaenh.dll"
  "CPDestroyKey@rsaenh.dll"
  "CPSetKeyParam@rsaenh.dll"
  "CPGetKeyParam@rsaenh.dll"
  "CPExportKey@rsaenh.dll"
  "CPImportKey@rsaenh.dll"
  "CPEncrypt@rsaenh.dll"
  "CPDecrypt@rsaenh.dll"
  "CPCreateHash@rsaenh.dll"
  "CPHashData@rsaenh.dll"
  "CPHashSessionKey@rsaenh.dll"
  
  source
  
  API Call
  
  relevance
  
  1/10
Installation/Persistance
- Contains ability to lookup the windows account name
  
  details
  
  LookupAccountNameLocalW@SECHOST.DLL at 00136046-00003960-76F4228D-320098
  
  source
  
  Hybrid Analysis Technology
  
  relevance
  
  5/10

File Details

All Details:

vScraper.exe

Filename: vScraper.exe
Size: 218KiB (222720 bytes)
Type: peexe assembly executable
Description: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
Architecture
: WINDOWS
SHA256
: a7543bdf95eca9811c0f361a4cd00606b145b0424892b7d731a691f67f5131d5
MD5
: a0b3673bc0d506293b7bc02757bbf35c
SHA1
: 5929d900ada679875814291fa7c5c19d48761623
ssdeep
: 3072:qoivI6+Ig24YJd6wceXsWWRq6oHhocqoGY1R:rqdFJwwceXsWWRqBHGXY1
imphash
: f34d5f2d4577ed6d9ceec516c1f5a744
authentihash
: cda7f7aab34a4dd9a8017f2997e93b70ae2811ba9135907288fa307f0274c889
PDB Pathway

Resources

Language
: NEUTRAL
Icon

Visualization

Input File (PortEx)

Version Info

Translation: 0x0000 0x04b0
LegalCopyright: Copyright 2015
Assembly Version: 1.0.1.0
InternalName: vScraper.exe
FileVersion: 1.0.1.0
CompanyName: -
LegalTrademarks: -
Comments: -
ProductName: vScraper
ProductVersion: 1.0.1.0
FileDescription: vScraper
OriginalFilename: vScraper.exe

Classification (TrID)

82.9% (.EXE) Generic CIL Executable (.NET, Mono, etc.)
7.4% (.DLL) Win32 Dynamic Link Library (generic)
5.1% (.EXE) Win32 Executable (generic)
2.2% (.EXE) Generic Win/DOS Executable
2.2% (.EXE) DOS Executable Generic

File Sections

Details	Name	Entropy	Virtual Address	Virtual Size	Raw Size	MD5	Characteristics
Name .text Entropy 7.95912784718 Virtual Address 0x2000 Virtual Size 0x25044 Raw Size 0x25200 MD5 9ba8b91c166cc8ae829425fc1a26b875	.text	7.95912784718	0x2000	0x25044	0x25200	9ba8b91c166cc8ae829425fc1a26b875	-
Name .rsrc Entropy 4.96742005668 Virtual Address 0x28000 Virtual Size 0x10e78 Raw Size 0x11000 MD5 f6f1f69388381d787e472d929e6616b1	.rsrc	4.96742005668	0x28000	0x10e78	0x11000	f6f1f69388381d787e472d929e6616b1	-
Name .reloc Entropy 0.101910425663 Virtual Address 0x3a000 Virtual Size 0xc Raw Size 0x200 MD5 b470578ad99bf9c6d510e8db0ac86391	.reloc	0.101910425663	0x3a000	0xc	0x200	b470578ad99bf9c6d510e8db0ac86391	-

File Resources

Details	Name	RVA	Size	Type	Language
Name RT_ICON RVA 0x28130 Size 0x10828 Type data Language Neutral	RT_ICON	0x28130	0x10828	data	Neutral
Name RT_GROUP_ICON RVA 0x38958 Size 0x14 Type MS Windows icon resource - 1 icon Language Neutral	RT_GROUP_ICON	0x38958	0x14	MS Windows icon resource - 1 icon	Neutral
Name RT_VERSION RVA 0x3896c Size 0x31c Type data Language Neutral	RT_VERSION	0x3896c	0x31c	data	Neutral
Name RT_MANIFEST RVA 0x38c88 Size 0x1ea Type XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators Language Neutral	RT_MANIFEST	0x38c88	0x1ea	XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators	Neutral

File Imports

mscoree.dll

_CorExeMain

Screenshots

Loading content, please wait...

Hybrid Analysis

Tip: Click an analysed process below to view more details.

Analysed 1 process in total (System Resource Monitor).

vScraper.exe (PID: 3960)

Logged Script Calls	Logged Stdout	Extracted Streams	Memory Dumps
Reduced Monitoring	Network Activityy	Network Error	Multiscan Match

Network Analysis

DNS Requests

No relevant DNS requests were made.

Contacted Hosts

No relevant hosts were contacted.

HTTP Traffic

No relevant HTTP requests were made.

Extracted Strings

Download All Memory Strings (3.8KiB)

!This program cannot be run in DOS mode.$

Ansi based on Memory/File Scan (vScraper.exe.bin)

$12ea5ea2-d938-4cd3-b4cf-571f8db8ee2b

Ansi based on Memory/File Scan (vScraper.exe.bin)

0_0,,u?=,9__

Ansi based on Image Processing (screen_4.png)

0Cun____99

Ansi based on Image Processing (screen_6.png)

1.0.1.0

Ansi based on Memory/File Scan (vScraper.exe.bin)

1____5__304_m

Ansi based on Image Processing (screen_0.png)

?0__?,?___

Ansi based on Image Processing (screen_6.png)

???__???s??___

Ansi based on Image Processing (screen_4.png)

?_?______

Ansi based on Image Processing (screen_6.png)

?___??___0___'

Ansi based on Image Processing (screen_6.png)

?____?___

Ansi based on Image Processing (screen_6.png)

?v__?__?__

Ansi based on Image Processing (screen_0.png)

_'_m_q___

Ansi based on Image Processing (screen_0.png)

_0?____?___?0?

Ansi based on Image Processing (screen_6.png)

_??____q0__

Ansi based on Image Processing (screen_0.png)

__g_ms1a_Ld

Ansi based on Image Processing (screen_0.png)

_CorExeMain

Ansi based on Memory/File Scan (vScraper.exe.bin)

_streamPos

Ansi based on Memory/File Scan (vScraper.exe.bin)

_TrackMouseEvent

Ansi based on Runtime Data (vScraper.exe )

_windowSize

Ansi based on Memory/File Scan (vScraper.exe.bin)

add_AssemblyResolve

Ansi based on Memory/File Scan (vScraper.exe.bin)

AllocateAndInitializeSid

Ansi based on Runtime Data (vScraper.exe )

AppDomain

Ansi based on Memory/File Scan (vScraper.exe.bin)

Arabic Transparent

Unicode based on Runtime Data (vScraper.exe )

Arabic Transparent Bold

Unicode based on Runtime Data (vScraper.exe )

Arabic Transparent Bold,0

Unicode based on Runtime Data (vScraper.exe )

Arabic Transparent Bold,06f

Unicode based on Runtime Data (vScraper.exe )

Arabic Transparent,0old

Unicode based on Runtime Data (vScraper.exe )

Arial Baltic,186nt Bold,0

Unicode based on Runtime Data (vScraper.exe )

Arial Baltic,186nt Bold,06f

Unicode based on Runtime Data (vScraper.exe )

Arial CE,238,186nt Bold,0

Unicode based on Runtime Data (vScraper.exe )

Arial CE,238,186nt Bold,06f

Unicode based on Runtime Data (vScraper.exe )

Arial CYR,204186nt Bold,0

Unicode based on Runtime Data (vScraper.exe )

Arial CYR,204186nt Bold,06f

Unicode based on Runtime Data (vScraper.exe )

Arial Greek,1616nt Bold,0

Unicode based on Runtime Data (vScraper.exe )

Arial Greek,1616nt Bold,06f

Unicode based on Runtime Data (vScraper.exe )

Arial TUR,162616nt Bold,0

Unicode based on Runtime Data (vScraper.exe )

Arial TUR,162616nt Bold,06f

Unicode based on Runtime Data (vScraper.exe )

AssemblyCompanyAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

AssemblyConfigurationAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

AssemblyCopyrightAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

AssemblyDescriptionAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

AssemblyFileVersionAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

AssemblyName

Ansi based on Memory/File Scan (vScraper.exe.bin)

AssemblyProductAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

AssemblyTitleAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

AssemblyTrademarkAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

Attribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

az-Latn-AZ

Unicode based on Runtime Data (vScraper.exe )

BitDecoder

Ansi based on Memory/File Scan (vScraper.exe.bin)

BitTreeDecoder

Ansi based on Memory/File Scan (vScraper.exe.bin)

BlockCopy

Ansi based on Memory/File Scan (vScraper.exe.bin)

CacheLocation

Unicode based on Runtime Data (vScraper.exe )

CloseHandle

Ansi based on Runtime Data (vScraper.exe )

CloseThemeData

Ansi based on Runtime Data (vScraper.exe )

CloseThemeDataW

Ansi based on Runtime Data (vScraper.exe )

CoCreateInstance

Ansi based on Runtime Data (vScraper.exe )

CoGetClassObject

Ansi based on Runtime Data (vScraper.exe )

CoGetContextToken

Ansi based on Runtime Data (vScraper.exe )

CoGetMarshalSizeMax

Ansi based on Runtime Data (vScraper.exe )

CoGetPSClsid

Ansi based on Runtime Data (vScraper.exe )

CoMarshalInterface

Ansi based on Runtime Data (vScraper.exe )

CompilationRelaxationsAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

ComVisibleAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

ConfusedByAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

ConfuserEx v0.6.0

Ansi based on Memory/File Scan (vScraper.exe.bin)

CopyBlock

Ansi based on Memory/File Scan (vScraper.exe.bin)

CoReleaseMarshalData

Ansi based on Runtime Data (vScraper.exe )

CoTaskMemAlloc

Ansi based on Runtime Data (vScraper.exe )

CoTaskMemFree

Ansi based on Runtime Data (vScraper.exe )

CoUnmarshalInterface

Ansi based on Runtime Data (vScraper.exe )

Courier New Baltic,186d,0

Unicode based on Runtime Data (vScraper.exe )

Courier New Baltic,186d,06f

Unicode based on Runtime Data (vScraper.exe )

Courier New CE,238,186d,0

Unicode based on Runtime Data (vScraper.exe )

Courier New CE,238,186d,06f

Unicode based on Runtime Data (vScraper.exe )

Courier New CYR,204186d,0

Unicode based on Runtime Data (vScraper.exe )

Courier New CYR,204186d,06f

Unicode based on Runtime Data (vScraper.exe )

Courier New Greek,1616d,0

Unicode based on Runtime Data (vScraper.exe )

Courier New Greek,1616d,06f

Unicode based on Runtime Data (vScraper.exe )

Courier New TUR,162616d,0

Unicode based on Runtime Data (vScraper.exe )

Courier New TUR,162616d,06f

Unicode based on Runtime Data (vScraper.exe )

CoWaitForMultipleHandles

Ansi based on Runtime Data (vScraper.exe )

CPAcquireContext

Ansi based on Runtime Data (vScraper.exe )

CPCreateHash

Ansi based on Runtime Data (vScraper.exe )

CPDecrypt

Ansi based on Runtime Data (vScraper.exe )

CPDeriveKey

Ansi based on Runtime Data (vScraper.exe )

CPDestroyHash

Ansi based on Runtime Data (vScraper.exe )

CPDestroyKey

Ansi based on Runtime Data (vScraper.exe )

CPDuplicateHash

Ansi based on Runtime Data (vScraper.exe )

CPDuplicateKey

Ansi based on Runtime Data (vScraper.exe )

CPEncrypt

Ansi based on Runtime Data (vScraper.exe )

CPExportKey

Ansi based on Runtime Data (vScraper.exe )

CPGenRandom

Ansi based on Runtime Data (vScraper.exe )

CPGetHashParam

Ansi based on Runtime Data (vScraper.exe )

CPGetKeyParam

Ansi based on Runtime Data (vScraper.exe )

CPGetProvParam

Ansi based on Runtime Data (vScraper.exe )

CPGetUserKey

Ansi based on Runtime Data (vScraper.exe )

CPHashData

Ansi based on Runtime Data (vScraper.exe )

CPHashSessionKey

Ansi based on Runtime Data (vScraper.exe )

CPImportKey

Ansi based on Runtime Data (vScraper.exe )

CPReleaseContext

Ansi based on Runtime Data (vScraper.exe )

CPSetHashParam

Ansi based on Runtime Data (vScraper.exe )

CPSetKeyParam

Ansi based on Runtime Data (vScraper.exe )

CPSetProvParam

Ansi based on Runtime Data (vScraper.exe )

CPSignHash

Ansi based on Runtime Data (vScraper.exe )

CPVerifySignature

Ansi based on Runtime Data (vScraper.exe )

CryptAcquireContextW

Ansi based on Runtime Data (vScraper.exe )

CryptGenRandom

Ansi based on Runtime Data (vScraper.exe )

DataField

Ansi based on Memory/File Scan (vScraper.exe.bin)

DataFilePath

Unicode based on Runtime Data (vScraper.exe )

David TransparentUR,162616f

Unicode based on Runtime Data (vScraper.exe )

DbgJITDebugLaunchSetting

Unicode based on Runtime Data (vScraper.exe )

DbgManagedDebugger

Unicode based on Runtime Data (vScraper.exe )

DcomChannelSetHResult

Ansi based on Runtime Data (vScraper.exe )

DebuggableAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

DebuggingModes

Ansi based on Memory/File Scan (vScraper.exe.bin)

DecodeDirectBits

Ansi based on Memory/File Scan (vScraper.exe.bin)

DecodeNormal

Ansi based on Memory/File Scan (vScraper.exe.bin)

DecodePointer

Ansi based on Runtime Data (vScraper.exe )

DecodeWithMatchByte

Ansi based on Memory/File Scan (vScraper.exe.bin)

Decompress

Ansi based on Memory/File Scan (vScraper.exe.bin)

DefaultAccessPermission

Unicode based on Runtime Data (vScraper.exe )

DeleteObject

Ansi based on Runtime Data (vScraper.exe )

DestroyIcon

Ansi based on Runtime Data (vScraper.exe )

DestroyWindow

Ansi based on Runtime Data (vScraper.exe )

DevOverrideEnable

Unicode based on Runtime Data (vScraper.exe )

DisableConfigCache

Unicode based on Runtime Data (vScraper.exe )

DisableMSIPeek

Unicode based on Runtime Data (vScraper.exe )

DownloadCacheQuotaInKB

Unicode based on Runtime Data (vScraper.exe )

EnableLog

Unicode based on Runtime Data (vScraper.exe )

EncodePointer

Ansi based on Runtime Data (vScraper.exe )

EnumThreadWindows

Ansi based on Runtime Data (vScraper.exe )

ersion="1.0" encoding="UTF-8" standalone="yes"?><assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"> <assemblyIdentity version="1.0.0.0" name="MyApplication.app"/> <trustInfo xmlns="urn:schemas-microsoft-com:asm.v2"> <security> <requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3"> <requestedExecutionLevel level="asInvoker" uiAccess="false"/> </requestedPrivileges> </security> </trustInfo></assembly>

Ansi based on Memory/File Scan (vScraper.exe.bin)

EventUnregister

Ansi based on Runtime Data (vScraper.exe )

FangSong_GB2312ansparent16f

Unicode based on Runtime Data (vScraper.exe )

FileInUseMillisecondsBetweenRetries

Unicode based on Runtime Data (vScraper.exe )

FileInUseRetryAttempts

Unicode based on Runtime Data (vScraper.exe )

FileVersion

Unicode based on Memory/File Scan (vScraper.exe.bin)

Fixed Miriam Transparent16f

Unicode based on Runtime Data (vScraper.exe )

FontCachePath

Unicode based on Runtime Data (vScraper.exe )

GCHandleType

Ansi based on Memory/File Scan (vScraper.exe.bin)

GdipDisposeImage

Ansi based on Runtime Data (vScraper.exe )

get_CurrentDomain

Ansi based on Memory/File Scan (vScraper.exe.bin)

get_FullName

Ansi based on Memory/File Scan (vScraper.exe.bin)

get_Length

Ansi based on Memory/File Scan (vScraper.exe.bin)

get_ManifestModule

Ansi based on Memory/File Scan (vScraper.exe.bin)

get_Target

Ansi based on Memory/File Scan (vScraper.exe.bin)

GetCapture

Ansi based on Runtime Data (vScraper.exe )

GetDlgItem

Ansi based on Runtime Data (vScraper.exe )

GetEntryAssembly

Ansi based on Memory/File Scan (vScraper.exe.bin)

GetExecutingAssembly

Ansi based on Memory/File Scan (vScraper.exe.bin)

GetKeyState

Ansi based on Runtime Data (vScraper.exe )

GetLenToPosState

Ansi based on Memory/File Scan (vScraper.exe.bin)

GetManifestResourceStream

Ansi based on Memory/File Scan (vScraper.exe.bin)

GetMessageA

Ansi based on Runtime Data (vScraper.exe )

GetParameters

Ansi based on Memory/File Scan (vScraper.exe.bin)

GetTokenInformation

Ansi based on Runtime Data (vScraper.exe )

GlobalSession

Unicode based on Runtime Data (vScraper.exe )

GuidAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

ha-Latn-NG

Unicode based on Runtime Data (vScraper.exe )

Helveticaansparent Bold,0

Unicode based on Runtime Data (vScraper.exe )

Helveticaansparent Bold,06f

Unicode based on Runtime Data (vScraper.exe )

Helvma Armenian TUR,162616f

Unicode based on Runtime Data (vScraper.exe )

I_RpcExtInitializeExtensionPoint

Ansi based on Runtime Data (vScraper.exe )

Image Path

Unicode based on Runtime Data (vScraper.exe )

InitializeArray

Ansi based on Memory/File Scan (vScraper.exe.bin)

InstallRoot

Unicode based on Runtime Data (vScraper.exe )

InternalName

Unicode based on Memory/File Scan (vScraper.exe.bin)

IsCharState

Ansi based on Memory/File Scan (vScraper.exe.bin)

iu-Latn-CA

Unicode based on Runtime Data (vScraper.exe )

KaiTi_GB2312312ansparent16f

Unicode based on Runtime Data (vScraper.exe )

leDescription

Unicode based on Memory/File Scan (vScraper.exe.bin)

LegacyPolicyTimeStamp

Unicode based on Runtime Data (vScraper.exe )

LegalCopyright

Unicode based on Memory/File Scan (vScraper.exe.bin)

LegalTrademarks

Unicode based on Memory/File Scan (vScraper.exe.bin)

LenDecoder

Ansi based on Memory/File Scan (vScraper.exe.bin)

LiteralDecoder

Ansi based on Memory/File Scan (vScraper.exe.bin)

LoadModule

Ansi based on Memory/File Scan (vScraper.exe.bin)

LogFailures

Unicode based on Runtime Data (vScraper.exe )

LoggingLevel

Unicode based on Runtime Data (vScraper.exe )

LogResourceBinds

Unicode based on Runtime Data (vScraper.exe )

LookupAccountNameLocalW

Ansi based on Runtime Data (vScraper.exe )

LookupAccountSidLocalW

Ansi based on Runtime Data (vScraper.exe )

LookupAccountSidW

Ansi based on Runtime Data (vScraper.exe )

LzmaDecoder

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_Choice2

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_Decoders

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_DictionarySize

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_DictionarySizeCheck

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_HighCoder

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_IsMatchDecoders

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_IsRep0LongDecoders

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_IsRepDecoders

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_IsRepG0Decoders

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_IsRepG1Decoders

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_IsRepG2Decoders

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_LenDecoder

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_LiteralDecoder

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_LowCoder

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_MidCoder

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_NumPosBits

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_NumPosStates

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_NumPrevBits

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_OutWindow

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_PosAlignDecoder

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_PosDecoders

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_PosMask

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_PosSlotDecoder

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_PosStateMask

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_RangeDecoder

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_RepLenDecoder

Ansi based on Memory/File Scan (vScraper.exe.bin)

MachineGuid

Unicode based on Runtime Data (vScraper.exe )

MachineThrottling

Unicode based on Runtime Data (vScraper.exe )

MapWindowPoints

Ansi based on Runtime Data (vScraper.exe )

MemoryStream

Ansi based on Memory/File Scan (vScraper.exe.bin)

MethodBase

Ansi based on Memory/File Scan (vScraper.exe.bin)

Miriam TransparentR,162616f

Unicode based on Runtime Data (vScraper.exe )

mpanyName

Unicode based on Memory/File Scan (vScraper.exe.bin)

MS Shell Dlg 2n TUR,162616f

Unicode based on Runtime Data (vScraper.exe )

MS Shell Dlg312ansparent16f

Unicode based on Runtime Data (vScraper.exe )

mscoree.dll

Ansi based on Memory/File Scan (vScraper.exe.bin)

NdrOleExtDLL

Unicode based on Runtime Data (vScraper.exe )

NdrOleInitializeExtension

Ansi based on Runtime Data (vScraper.exe )

NoClientChecks

Unicode based on Runtime Data (vScraper.exe )

Normalize

Ansi based on Memory/File Scan (vScraper.exe.bin)

NumBitLevels

Ansi based on Memory/File Scan (vScraper.exe.bin)

OleUninitialize

Ansi based on Runtime Data (vScraper.exe )

OnlyUseLatestCLR

Unicode based on Runtime Data (vScraper.exe )

OpenProcessToken

Ansi based on Runtime Data (vScraper.exe )

OpenThreadToken

Ansi based on Runtime Data (vScraper.exe )

OptimizeUsedBinaries

Unicode based on Runtime Data (vScraper.exe )

OutWindow

Ansi based on Memory/File Scan (vScraper.exe.bin)

ParameterInfo

Ansi based on Memory/File Scan (vScraper.exe.bin)

PostMessage

Ansi based on Runtime Data (vScraper.exe )

PostMessageW

Ansi based on Runtime Data (vScraper.exe )

PostThreadMessage

Ansi based on Runtime Data (vScraper.exe )

PostThreadMessageW

Ansi based on Runtime Data (vScraper.exe )

PreferExternalManifest

Unicode based on Runtime Data (vScraper.exe )

PrivateKeyLifetimeSeconds

Unicode based on Runtime Data (vScraper.exe )

PrivKeyCacheMaxItems

Unicode based on Runtime Data (vScraper.exe )

PrivKeyCachePurgeIntervalSeconds

Unicode based on Runtime Data (vScraper.exe )

ProductName

Unicode based on Memory/File Scan (vScraper.exe.bin)

ProductVersion

Unicode based on Memory/File Scan (vScraper.exe.bin)

RaiseDefaultAuthnLevel

Unicode based on Runtime Data (vScraper.exe )

ReleaseStream

Ansi based on Memory/File Scan (vScraper.exe.bin)

RemoteRpcDll

Unicode based on Runtime Data (vScraper.exe )

ResolveEventArgs

Ansi based on Memory/File Scan (vScraper.exe.bin)

ResolveEventHandler

Ansi based on Memory/File Scan (vScraper.exe.bin)

ResolveMethod

Ansi based on Memory/File Scan (vScraper.exe.bin)

ResolveSignature

Ansi based on Memory/File Scan (vScraper.exe.bin)

ReverseDecode

Ansi based on Memory/File Scan (vScraper.exe.bin)

Rod Transparentansparent16f

Unicode based on Runtime Data (vScraper.exe )

RuntimeCompatibilityAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

RuntimeFieldHandle

Ansi based on Memory/File Scan (vScraper.exe.bin)

RuntimeHelpers

Ansi based on Memory/File Scan (vScraper.exe.bin)

SafeProcessSearchMode

Unicode based on Runtime Data (vScraper.exe )

sembly Version

Unicode based on Memory/File Scan (vScraper.exe.bin)

SendMessage

Ansi based on Runtime Data (vScraper.exe )

SendMessageW

Ansi based on Runtime Data (vScraper.exe )

SetClassLong

Ansi based on Runtime Data (vScraper.exe )

SetClassLongW

Ansi based on Runtime Data (vScraper.exe )

SetCursor

Ansi based on Runtime Data (vScraper.exe )

SetDecoderProperties

Ansi based on Memory/File Scan (vScraper.exe.bin)

SetDictionarySize

Ansi based on Memory/File Scan (vScraper.exe.bin)

SetLiteralProperties

Ansi based on Memory/File Scan (vScraper.exe.bin)

SetPosBitsProperties

Ansi based on Memory/File Scan (vScraper.exe.bin)

STAThreadAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

StringFileInfo

Unicode based on Memory/File Scan (vScraper.exe.bin)

StringFromIID

Ansi based on Runtime Data (vScraper.exe )

sYearMonth

Unicode based on Runtime Data (vScraper.exe )

System.Diagnostics

Ansi based on Memory/File Scan (vScraper.exe.bin)

System.IO

Ansi based on Memory/File Scan (vScraper.exe.bin)

System.Reflection

Ansi based on Memory/File Scan (vScraper.exe.bin)

System.Runtime.CompilerServices

Ansi based on Memory/File Scan (vScraper.exe.bin)

System.Runtime.InteropServices

Ansi based on Memory/File Scan (vScraper.exe.bin)

System.Runtime.Versioning

Ansi based on Memory/File Scan (vScraper.exe.bin)

System.Text

Ansi based on Memory/File Scan (vScraper.exe.bin)

SystemFunction036

Ansi based on Runtime Data (vScraper.exe )

Tahoma Armenian TUR,162616f

Unicode based on Runtime Data (vScraper.exe )

TargetFrameworkAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

tg-Cyrl-TJ

Unicode based on Runtime Data (vScraper.exe )

Times New Roman Baltic,186f

Unicode based on Runtime Data (vScraper.exe )

Times New Roman CE,238,186f

Unicode based on Runtime Data (vScraper.exe )

Times New Roman CYR,204186f

Unicode based on Runtime Data (vScraper.exe )

Times New Roman Greek,1616f

Unicode based on Runtime Data (vScraper.exe )

Times New Roman TUR,162616f

Unicode based on Runtime Data (vScraper.exe )

Timeser New TUR,162616d,0

Unicode based on Runtime Data (vScraper.exe )

Timeser New TUR,162616d,06f

Unicode based on Runtime Data (vScraper.exe )

Tms RmnArmenian TUR,162616f

Unicode based on Runtime Data (vScraper.exe )

ToBase64String

Ansi based on Memory/File Scan (vScraper.exe.bin)

ToUpperInvariant

Ansi based on Memory/File Scan (vScraper.exe.bin)

tzm-Latn-DZ

Unicode based on Runtime Data (vScraper.exe )

UnmapViewOfFile

Ansi based on Runtime Data (vScraper.exe )

UnregisterClass

Ansi based on Runtime Data (vScraper.exe )

UnregisterClassW

Ansi based on Runtime Data (vScraper.exe )

UpdateChar

Ansi based on Memory/File Scan (vScraper.exe.bin)

UpdateMatch

Ansi based on Memory/File Scan (vScraper.exe.bin)

UpdateRep

Ansi based on Memory/File Scan (vScraper.exe.bin)

UpdateShortRep

Ansi based on Memory/File Scan (vScraper.exe.bin)

UseLegacyIdentityFormat

Unicode based on Runtime Data (vScraper.exe )

UseLegacyV2RuntimeActivationPolicyDefaultValue

Unicode based on Runtime Data (vScraper.exe )

uz-Latn-UZ

Unicode based on Runtime Data (vScraper.exe )

v4.0.30319

Ansi based on Memory/File Scan (vScraper.exe.bin)

ValueType

Ansi based on Memory/File Scan (vScraper.exe.bin)

VarFileInfo

Unicode based on Memory/File Scan (vScraper.exe.bin)

VS_VERSION_INFO

Unicode based on Memory/File Scan (vScraper.exe.bin)

vScraper.exe

Ansi based on Memory/File Scan (vScraper.exe.bin)

vScraper.Form1.resources

Ansi based on Memory/File Scan (vScraper.exe.bin)

vScraper.Form2.resources

Ansi based on Memory/File Scan (vScraper.exe.bin)

vScraper.Properties.Resources.resources

Ansi based on Memory/File Scan (vScraper.exe.bin)

vScrapervl

Ansi based on Image Processing (screen_6.png)

vScrapLrvIDI

Ansi based on Image Processing (screen_0.png)

%SAMPLEDIR%\;C:\Windows\system32;C:\Windows\system;C:\Windows;.;%ALLUSERSPROFILE%\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windo

Unicode based on Runtime Data (vScraper.exe )

$12ea5ea2-d938-4cd3-b4cf-571f8db8ee2b

Ansi based on Memory/File Scan (vScraper.exe.bin)

1.0.1.0

Ansi based on Memory/File Scan (vScraper.exe.bin)

_CorExeMain

Ansi based on Memory/File Scan (vScraper.exe.bin)

AssemblyCompanyAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

AssemblyDescriptionAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

AssemblyFileVersionAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

CoCreateInstance

Ansi based on Runtime Data (vScraper.exe )

CoGetClassObject

Ansi based on Runtime Data (vScraper.exe )

CoGetContextToken

Ansi based on Runtime Data (vScraper.exe )

CoGetMarshalSizeMax

Ansi based on Runtime Data (vScraper.exe )

CoGetPSClsid

Ansi based on Runtime Data (vScraper.exe )

CoMarshalInterface

Ansi based on Runtime Data (vScraper.exe )

CompilationRelaxationsAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

ComVisibleAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

CPDeriveKey

Ansi based on Runtime Data (vScraper.exe )

CPDestroyKey

Ansi based on Runtime Data (vScraper.exe )

CPDuplicateKey

Ansi based on Runtime Data (vScraper.exe )

CPExportKey

Ansi based on Runtime Data (vScraper.exe )

CPGetHashParam

Ansi based on Runtime Data (vScraper.exe )

CPGetKeyParam

Ansi based on Runtime Data (vScraper.exe )

CPGetProvParam

Ansi based on Runtime Data (vScraper.exe )

CPGetUserKey

Ansi based on Runtime Data (vScraper.exe )

CPHashSessionKey

Ansi based on Runtime Data (vScraper.exe )

CPImportKey

Ansi based on Runtime Data (vScraper.exe )

CPSetKeyParam

Ansi based on Runtime Data (vScraper.exe )

DcomChannelSetHResult

Ansi based on Runtime Data (vScraper.exe )

Decompress

Ansi based on Memory/File Scan (vScraper.exe.bin)

DisableMSIPeek

Unicode based on Runtime Data (vScraper.exe )

Ansi based on Memory/File Scan (vScraper.exe.bin)

EventUnregister

Ansi based on Runtime Data (vScraper.exe )

FileVersion

Unicode based on Memory/File Scan (vScraper.exe.bin)

get_CurrentDomain

Ansi based on Memory/File Scan (vScraper.exe.bin)

get_FullName

Ansi based on Memory/File Scan (vScraper.exe.bin)

get_Length

Ansi based on Memory/File Scan (vScraper.exe.bin)

get_ManifestModule

Ansi based on Memory/File Scan (vScraper.exe.bin)

get_Target

Ansi based on Memory/File Scan (vScraper.exe.bin)

GetCapture

Ansi based on Runtime Data (vScraper.exe )

GetDlgItem

Ansi based on Runtime Data (vScraper.exe )

GetEntryAssembly

Ansi based on Memory/File Scan (vScraper.exe.bin)

GetExecutingAssembly

Ansi based on Memory/File Scan (vScraper.exe.bin)

GetKeyState

Ansi based on Runtime Data (vScraper.exe )

GetLenToPosState

Ansi based on Memory/File Scan (vScraper.exe.bin)

GetManifestResourceStream

Ansi based on Memory/File Scan (vScraper.exe.bin)

GetMessageA

Ansi based on Runtime Data (vScraper.exe )

GetParameters

Ansi based on Memory/File Scan (vScraper.exe.bin)

GetTokenInformation

Ansi based on Runtime Data (vScraper.exe )

InstallRoot

Unicode based on Runtime Data (vScraper.exe )

leDescription

Unicode based on Memory/File Scan (vScraper.exe.bin)

LogFailures

Unicode based on Runtime Data (vScraper.exe )

LogResourceBinds

Unicode based on Runtime Data (vScraper.exe )

LookupAccountNameLocalW

Ansi based on Runtime Data (vScraper.exe )

LookupAccountSidLocalW

Ansi based on Runtime Data (vScraper.exe )

LookupAccountSidW

Ansi based on Runtime Data (vScraper.exe )

mscoree.dll

Ansi based on Memory/File Scan (vScraper.exe.bin)

OpenProcessToken

Ansi based on Runtime Data (vScraper.exe )

OptimizeUsedBinaries

Unicode based on Runtime Data (vScraper.exe )

ParameterInfo

Ansi based on Memory/File Scan (vScraper.exe.bin)

PostMessage

Ansi based on Runtime Data (vScraper.exe )

PostMessageW

Ansi based on Runtime Data (vScraper.exe )

PostThreadMessage

Ansi based on Runtime Data (vScraper.exe )

PostThreadMessageW

Ansi based on Runtime Data (vScraper.exe )

PrivateKeyLifetimeSeconds

Unicode based on Runtime Data (vScraper.exe )

PrivKeyCacheMaxItems

Unicode based on Runtime Data (vScraper.exe )

PrivKeyCachePurgeIntervalSeconds

Unicode based on Runtime Data (vScraper.exe )

ProductVersion

Unicode based on Memory/File Scan (vScraper.exe.bin)

RemoteRpcDll

Unicode based on Runtime Data (vScraper.exe )

ResolveEventArgs

Ansi based on Memory/File Scan (vScraper.exe.bin)

RuntimeCompatibilityAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

SafeProcessSearchMode

Unicode based on Runtime Data (vScraper.exe )

sembly Version

Unicode based on Memory/File Scan (vScraper.exe.bin)

StringFileInfo

Unicode based on Memory/File Scan (vScraper.exe.bin)

System.Runtime.CompilerServices

Ansi based on Memory/File Scan (vScraper.exe.bin)

System.Runtime.InteropServices

Ansi based on Memory/File Scan (vScraper.exe.bin)

System.Runtime.Versioning

Ansi based on Memory/File Scan (vScraper.exe.bin)

TargetFrameworkAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

UnregisterClass

Ansi based on Runtime Data (vScraper.exe )

UnregisterClassW

Ansi based on Runtime Data (vScraper.exe )

VarFileInfo

Unicode based on Memory/File Scan (vScraper.exe.bin)

VS_VERSION_INFO

Unicode based on Memory/File Scan (vScraper.exe.bin)

vScraper.exe

Ansi based on Memory/File Scan (vScraper.exe.bin)

vScraper.Form1.resources

Ansi based on Memory/File Scan (vScraper.exe.bin)

vScraper.Form2.resources

Ansi based on Memory/File Scan (vScraper.exe.bin)

vScraper.Properties.Resources.resources

Ansi based on Memory/File Scan (vScraper.exe.bin)

vScrapervl

Ansi based on Image Processing (screen_6.png)

vScrapLrvIDI

Ansi based on Image Processing (screen_0.png)

%SAMPLEDIR%\;C:\Windows\system32;C:\Windows\system;C:\Windows;.;%ALLUSERSPROFILE%\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windo

Unicode based on Runtime Data (vScraper.exe )

!This program cannot be run in DOS mode.$

Ansi based on Memory/File Scan (vScraper.exe.bin)

$12ea5ea2-d938-4cd3-b4cf-571f8db8ee2b

Ansi based on Memory/File Scan (vScraper.exe.bin)

1.0.1.0

Ansi based on Memory/File Scan (vScraper.exe.bin)

_CorExeMain

Ansi based on Memory/File Scan (vScraper.exe.bin)

_streamPos

Ansi based on Memory/File Scan (vScraper.exe.bin)

_windowSize

Ansi based on Memory/File Scan (vScraper.exe.bin)

add_AssemblyResolve

Ansi based on Memory/File Scan (vScraper.exe.bin)

AppDomain

Ansi based on Memory/File Scan (vScraper.exe.bin)

AssemblyCompanyAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

AssemblyConfigurationAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

AssemblyCopyrightAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

AssemblyDescriptionAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

AssemblyFileVersionAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

AssemblyName

Ansi based on Memory/File Scan (vScraper.exe.bin)

AssemblyProductAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

AssemblyTitleAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

AssemblyTrademarkAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

Attribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

BitDecoder

Ansi based on Memory/File Scan (vScraper.exe.bin)

BitTreeDecoder

Ansi based on Memory/File Scan (vScraper.exe.bin)

BlockCopy

Ansi based on Memory/File Scan (vScraper.exe.bin)

CompilationRelaxationsAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

ComVisibleAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

ConfusedByAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

ConfuserEx v0.6.0

Ansi based on Memory/File Scan (vScraper.exe.bin)

CopyBlock

Ansi based on Memory/File Scan (vScraper.exe.bin)

DataField

Ansi based on Memory/File Scan (vScraper.exe.bin)

DebuggableAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

DebuggingModes

Ansi based on Memory/File Scan (vScraper.exe.bin)

DecodeDirectBits

Ansi based on Memory/File Scan (vScraper.exe.bin)

DecodeNormal

Ansi based on Memory/File Scan (vScraper.exe.bin)

DecodeWithMatchByte

Ansi based on Memory/File Scan (vScraper.exe.bin)

Decompress

Ansi based on Memory/File Scan (vScraper.exe.bin)

FileVersion

Unicode based on Memory/File Scan (vScraper.exe.bin)

GCHandleType

Ansi based on Memory/File Scan (vScraper.exe.bin)

get_CurrentDomain

Ansi based on Memory/File Scan (vScraper.exe.bin)

get_FullName

Ansi based on Memory/File Scan (vScraper.exe.bin)

get_Length

Ansi based on Memory/File Scan (vScraper.exe.bin)

get_ManifestModule

Ansi based on Memory/File Scan (vScraper.exe.bin)

get_Target

Ansi based on Memory/File Scan (vScraper.exe.bin)

GetEntryAssembly

Ansi based on Memory/File Scan (vScraper.exe.bin)

GetExecutingAssembly

Ansi based on Memory/File Scan (vScraper.exe.bin)

GetLenToPosState

Ansi based on Memory/File Scan (vScraper.exe.bin)

GetManifestResourceStream

Ansi based on Memory/File Scan (vScraper.exe.bin)

GetParameters

Ansi based on Memory/File Scan (vScraper.exe.bin)

GuidAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

InitializeArray

Ansi based on Memory/File Scan (vScraper.exe.bin)

InternalName

Unicode based on Memory/File Scan (vScraper.exe.bin)

IsCharState

Ansi based on Memory/File Scan (vScraper.exe.bin)

leDescription

Unicode based on Memory/File Scan (vScraper.exe.bin)

LegalCopyright

Unicode based on Memory/File Scan (vScraper.exe.bin)

LegalTrademarks

Unicode based on Memory/File Scan (vScraper.exe.bin)

LenDecoder

Ansi based on Memory/File Scan (vScraper.exe.bin)

LiteralDecoder

Ansi based on Memory/File Scan (vScraper.exe.bin)

LoadModule

Ansi based on Memory/File Scan (vScraper.exe.bin)

LzmaDecoder

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_Choice2

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_Decoders

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_DictionarySize

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_DictionarySizeCheck

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_HighCoder

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_IsMatchDecoders

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_IsRep0LongDecoders

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_IsRepDecoders

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_IsRepG0Decoders

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_IsRepG1Decoders

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_IsRepG2Decoders

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_LenDecoder

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_LiteralDecoder

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_LowCoder

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_MidCoder

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_NumPosBits

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_NumPosStates

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_NumPrevBits

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_OutWindow

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_PosAlignDecoder

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_PosDecoders

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_PosMask

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_PosSlotDecoder

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_PosStateMask

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_RangeDecoder

Ansi based on Memory/File Scan (vScraper.exe.bin)

m_RepLenDecoder

Ansi based on Memory/File Scan (vScraper.exe.bin)

MemoryStream

Ansi based on Memory/File Scan (vScraper.exe.bin)

MethodBase

Ansi based on Memory/File Scan (vScraper.exe.bin)

mpanyName

Unicode based on Memory/File Scan (vScraper.exe.bin)

mscoree.dll

Ansi based on Memory/File Scan (vScraper.exe.bin)

Normalize

Ansi based on Memory/File Scan (vScraper.exe.bin)

NumBitLevels

Ansi based on Memory/File Scan (vScraper.exe.bin)

OutWindow

Ansi based on Memory/File Scan (vScraper.exe.bin)

ParameterInfo

Ansi based on Memory/File Scan (vScraper.exe.bin)

ProductName

Unicode based on Memory/File Scan (vScraper.exe.bin)

ProductVersion

Unicode based on Memory/File Scan (vScraper.exe.bin)

ReleaseStream

Ansi based on Memory/File Scan (vScraper.exe.bin)

ResolveEventArgs

Ansi based on Memory/File Scan (vScraper.exe.bin)

ResolveEventHandler

Ansi based on Memory/File Scan (vScraper.exe.bin)

ResolveMethod

Ansi based on Memory/File Scan (vScraper.exe.bin)

ResolveSignature

Ansi based on Memory/File Scan (vScraper.exe.bin)

ReverseDecode

Ansi based on Memory/File Scan (vScraper.exe.bin)

RuntimeCompatibilityAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

RuntimeFieldHandle

Ansi based on Memory/File Scan (vScraper.exe.bin)

RuntimeHelpers

Ansi based on Memory/File Scan (vScraper.exe.bin)

sembly Version

Unicode based on Memory/File Scan (vScraper.exe.bin)

SetDecoderProperties

Ansi based on Memory/File Scan (vScraper.exe.bin)

SetDictionarySize

Ansi based on Memory/File Scan (vScraper.exe.bin)

SetLiteralProperties

Ansi based on Memory/File Scan (vScraper.exe.bin)

SetPosBitsProperties

Ansi based on Memory/File Scan (vScraper.exe.bin)

STAThreadAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

StringFileInfo

Unicode based on Memory/File Scan (vScraper.exe.bin)

System.Diagnostics

Ansi based on Memory/File Scan (vScraper.exe.bin)

System.IO

Ansi based on Memory/File Scan (vScraper.exe.bin)

System.Reflection

Ansi based on Memory/File Scan (vScraper.exe.bin)

System.Runtime.CompilerServices

Ansi based on Memory/File Scan (vScraper.exe.bin)

System.Runtime.InteropServices

Ansi based on Memory/File Scan (vScraper.exe.bin)

System.Runtime.Versioning

Ansi based on Memory/File Scan (vScraper.exe.bin)

System.Text

Ansi based on Memory/File Scan (vScraper.exe.bin)

TargetFrameworkAttribute

Ansi based on Memory/File Scan (vScraper.exe.bin)

ToBase64String

Ansi based on Memory/File Scan (vScraper.exe.bin)

ToUpperInvariant

Ansi based on Memory/File Scan (vScraper.exe.bin)

UpdateChar

Ansi based on Memory/File Scan (vScraper.exe.bin)

UpdateMatch

Ansi based on Memory/File Scan (vScraper.exe.bin)

UpdateRep

Ansi based on Memory/File Scan (vScraper.exe.bin)

UpdateShortRep

Ansi based on Memory/File Scan (vScraper.exe.bin)

v4.0.30319

Ansi based on Memory/File Scan (vScraper.exe.bin)

ValueType

Ansi based on Memory/File Scan (vScraper.exe.bin)

VarFileInfo

Unicode based on Memory/File Scan (vScraper.exe.bin)

VS_VERSION_INFO

Unicode based on Memory/File Scan (vScraper.exe.bin)

vScraper.exe

Ansi based on Memory/File Scan (vScraper.exe.bin)

vScraper.Form1.resources

Ansi based on Memory/File Scan (vScraper.exe.bin)

vScraper.Form2.resources

Ansi based on Memory/File Scan (vScraper.exe.bin)

vScraper.Properties.Resources.resources

Ansi based on Memory/File Scan (vScraper.exe.bin)

0_0,,u?=,9__

Ansi based on Image Processing (screen_4.png)

???__???s??___

Ansi based on Image Processing (screen_4.png)

0Cun____99

Ansi based on Image Processing (screen_6.png)

?0__?,?___

Ansi based on Image Processing (screen_6.png)

?_?______

Ansi based on Image Processing (screen_6.png)

?___??___0___'

Ansi based on Image Processing (screen_6.png)

?____?___

Ansi based on Image Processing (screen_6.png)

_0?____?___?0?

Ansi based on Image Processing (screen_6.png)

vScrapervl

Ansi based on Image Processing (screen_6.png)

1____5__304_m

Ansi based on Image Processing (screen_0.png)

?v__?__?__

Ansi based on Image Processing (screen_0.png)

_'_m_q___

Ansi based on Image Processing (screen_0.png)

_??____q0__

Ansi based on Image Processing (screen_0.png)

__g_ms1a_Ld

Ansi based on Image Processing (screen_0.png)

vScrapLrvIDI

Ansi based on Image Processing (screen_0.png)

_TrackMouseEvent

Ansi based on Runtime Data (vScraper.exe )

AllocateAndInitializeSid

Ansi based on Runtime Data (vScraper.exe )

Arabic Transparent

Unicode based on Runtime Data (vScraper.exe )

Arabic Transparent Bold

Unicode based on Runtime Data (vScraper.exe )

Arabic Transparent Bold,0

Unicode based on Runtime Data (vScraper.exe )

Arabic Transparent Bold,06f

Unicode based on Runtime Data (vScraper.exe )

Arabic Transparent,0old

Unicode based on Runtime Data (vScraper.exe )

Arial Baltic,186nt Bold,0

Unicode based on Runtime Data (vScraper.exe )

Arial Baltic,186nt Bold,06f

Unicode based on Runtime Data (vScraper.exe )

Arial CE,238,186nt Bold,0

Unicode based on Runtime Data (vScraper.exe )

Arial CE,238,186nt Bold,06f

Unicode based on Runtime Data (vScraper.exe )

Arial CYR,204186nt Bold,0

Unicode based on Runtime Data (vScraper.exe )

Arial CYR,204186nt Bold,06f

Unicode based on Runtime Data (vScraper.exe )

Arial Greek,1616nt Bold,0

Unicode based on Runtime Data (vScraper.exe )

Arial Greek,1616nt Bold,06f

Unicode based on Runtime Data (vScraper.exe )

Arial TUR,162616nt Bold,0

Unicode based on Runtime Data (vScraper.exe )

Arial TUR,162616nt Bold,06f

Unicode based on Runtime Data (vScraper.exe )

az-Latn-AZ

Unicode based on Runtime Data (vScraper.exe )

CacheLocation

Unicode based on Runtime Data (vScraper.exe )

CloseHandle

Ansi based on Runtime Data (vScraper.exe )

CloseThemeData

Ansi based on Runtime Data (vScraper.exe )

CloseThemeDataW

Ansi based on Runtime Data (vScraper.exe )

CoCreateInstance

Ansi based on Runtime Data (vScraper.exe )

CoGetClassObject

Ansi based on Runtime Data (vScraper.exe )

CoGetContextToken

Ansi based on Runtime Data (vScraper.exe )

CoGetMarshalSizeMax

Ansi based on Runtime Data (vScraper.exe )

CoGetPSClsid

Ansi based on Runtime Data (vScraper.exe )

CoMarshalInterface

Ansi based on Runtime Data (vScraper.exe )

CoReleaseMarshalData

Ansi based on Runtime Data (vScraper.exe )

CoTaskMemAlloc

Ansi based on Runtime Data (vScraper.exe )

CoTaskMemFree

Ansi based on Runtime Data (vScraper.exe )

CoUnmarshalInterface

Ansi based on Runtime Data (vScraper.exe )

Courier New Baltic,186d,0

Unicode based on Runtime Data (vScraper.exe )

Courier New Baltic,186d,06f

Unicode based on Runtime Data (vScraper.exe )

Courier New CE,238,186d,0

Unicode based on Runtime Data (vScraper.exe )

Courier New CE,238,186d,06f

Unicode based on Runtime Data (vScraper.exe )

Courier New CYR,204186d,0

Unicode based on Runtime Data (vScraper.exe )

Courier New CYR,204186d,06f

Unicode based on Runtime Data (vScraper.exe )

Courier New Greek,1616d,0

Unicode based on Runtime Data (vScraper.exe )

Courier New Greek,1616d,06f

Unicode based on Runtime Data (vScraper.exe )

Courier New TUR,162616d,0

Unicode based on Runtime Data (vScraper.exe )

Courier New TUR,162616d,06f

Unicode based on Runtime Data (vScraper.exe )

CoWaitForMultipleHandles

Ansi based on Runtime Data (vScraper.exe )

CPAcquireContext

Ansi based on Runtime Data (vScraper.exe )

CPCreateHash

Ansi based on Runtime Data (vScraper.exe )

CPDecrypt

Ansi based on Runtime Data (vScraper.exe )

CPDeriveKey

Ansi based on Runtime Data (vScraper.exe )

CPDestroyHash

Ansi based on Runtime Data (vScraper.exe )

CPDestroyKey

Ansi based on Runtime Data (vScraper.exe )

CPDuplicateHash

Ansi based on Runtime Data (vScraper.exe )

CPDuplicateKey

Ansi based on Runtime Data (vScraper.exe )

CPEncrypt

Ansi based on Runtime Data (vScraper.exe )

CPExportKey

Ansi based on Runtime Data (vScraper.exe )

CPGenRandom

Ansi based on Runtime Data (vScraper.exe )

CPGetHashParam

Ansi based on Runtime Data (vScraper.exe )

CPGetKeyParam

Ansi based on Runtime Data (vScraper.exe )

CPGetProvParam

Ansi based on Runtime Data (vScraper.exe )

CPGetUserKey

Ansi based on Runtime Data (vScraper.exe )

CPHashData

Ansi based on Runtime Data (vScraper.exe )

CPHashSessionKey

Ansi based on Runtime Data (vScraper.exe )

CPImportKey

Ansi based on Runtime Data (vScraper.exe )

CPReleaseContext

Ansi based on Runtime Data (vScraper.exe )

CPSetHashParam

Ansi based on Runtime Data (vScraper.exe )

CPSetKeyParam

Ansi based on Runtime Data (vScraper.exe )

CPSetProvParam

Ansi based on Runtime Data (vScraper.exe )

CPSignHash

Ansi based on Runtime Data (vScraper.exe )

CPVerifySignature

Ansi based on Runtime Data (vScraper.exe )

CryptAcquireContextW

Ansi based on Runtime Data (vScraper.exe )

CryptGenRandom

Ansi based on Runtime Data (vScraper.exe )

DataFilePath

Unicode based on Runtime Data (vScraper.exe )

David TransparentUR,162616f

Unicode based on Runtime Data (vScraper.exe )

DbgJITDebugLaunchSetting

Unicode based on Runtime Data (vScraper.exe )

DbgManagedDebugger

Unicode based on Runtime Data (vScraper.exe )

DcomChannelSetHResult

Ansi based on Runtime Data (vScraper.exe )

DecodePointer

Ansi based on Runtime Data (vScraper.exe )

DefaultAccessPermission

Unicode based on Runtime Data (vScraper.exe )

DeleteObject

Ansi based on Runtime Data (vScraper.exe )

DestroyIcon

Ansi based on Runtime Data (vScraper.exe )

DestroyWindow

Ansi based on Runtime Data (vScraper.exe )

DevOverrideEnable

Unicode based on Runtime Data (vScraper.exe )

DisableConfigCache

Unicode based on Runtime Data (vScraper.exe )

DisableMSIPeek

Unicode based on Runtime Data (vScraper.exe )

DownloadCacheQuotaInKB

Unicode based on Runtime Data (vScraper.exe )

EnableLog

Unicode based on Runtime Data (vScraper.exe )

EncodePointer

Ansi based on Runtime Data (vScraper.exe )

EnumThreadWindows

Ansi based on Runtime Data (vScraper.exe )

EventUnregister

Ansi based on Runtime Data (vScraper.exe )

FangSong_GB2312ansparent16f

Unicode based on Runtime Data (vScraper.exe )

FileInUseMillisecondsBetweenRetries

Unicode based on Runtime Data (vScraper.exe )

FileInUseRetryAttempts

Unicode based on Runtime Data (vScraper.exe )

Fixed Miriam Transparent16f

Unicode based on Runtime Data (vScraper.exe )

FontCachePath

Unicode based on Runtime Data (vScraper.exe )

GdipDisposeImage

Ansi based on Runtime Data (vScraper.exe )

GetCapture

Ansi based on Runtime Data (vScraper.exe )

GetDlgItem

Ansi based on Runtime Data (vScraper.exe )

GetKeyState

Ansi based on Runtime Data (vScraper.exe )

GetMessageA

Ansi based on Runtime Data (vScraper.exe )

GetTokenInformation

Ansi based on Runtime Data (vScraper.exe )

GlobalSession

Unicode based on Runtime Data (vScraper.exe )

ha-Latn-NG

Unicode based on Runtime Data (vScraper.exe )

Helveticaansparent Bold,0

Unicode based on Runtime Data (vScraper.exe )

Helveticaansparent Bold,06f

Unicode based on Runtime Data (vScraper.exe )

Helvma Armenian TUR,162616f

Unicode based on Runtime Data (vScraper.exe )

I_RpcExtInitializeExtensionPoint

Ansi based on Runtime Data (vScraper.exe )

Image Path

Unicode based on Runtime Data (vScraper.exe )

InstallRoot

Unicode based on Runtime Data (vScraper.exe )

iu-Latn-CA

Unicode based on Runtime Data (vScraper.exe )

KaiTi_GB2312312ansparent16f

Unicode based on Runtime Data (vScraper.exe )

LegacyPolicyTimeStamp

Unicode based on Runtime Data (vScraper.exe )

LogFailures

Unicode based on Runtime Data (vScraper.exe )

LoggingLevel

Unicode based on Runtime Data (vScraper.exe )

LogResourceBinds

Unicode based on Runtime Data (vScraper.exe )

LookupAccountNameLocalW

Ansi based on Runtime Data (vScraper.exe )

LookupAccountSidLocalW

Ansi based on Runtime Data (vScraper.exe )

LookupAccountSidW

Ansi based on Runtime Data (vScraper.exe )

MachineGuid

Unicode based on Runtime Data (vScraper.exe )

MachineThrottling

Unicode based on Runtime Data (vScraper.exe )

MapWindowPoints

Ansi based on Runtime Data (vScraper.exe )

Miriam TransparentR,162616f

Unicode based on Runtime Data (vScraper.exe )

MS Shell Dlg 2n TUR,162616f

Unicode based on Runtime Data (vScraper.exe )

MS Shell Dlg312ansparent16f

Unicode based on Runtime Data (vScraper.exe )

NdrOleExtDLL

Unicode based on Runtime Data (vScraper.exe )

NdrOleInitializeExtension

Ansi based on Runtime Data (vScraper.exe )

NoClientChecks

Unicode based on Runtime Data (vScraper.exe )

OleUninitialize

Ansi based on Runtime Data (vScraper.exe )

OnlyUseLatestCLR

Unicode based on Runtime Data (vScraper.exe )

OpenProcessToken

Ansi based on Runtime Data (vScraper.exe )

OpenThreadToken

Ansi based on Runtime Data (vScraper.exe )

OptimizeUsedBinaries

Unicode based on Runtime Data (vScraper.exe )

PostMessage

Ansi based on Runtime Data (vScraper.exe )

PostMessageW

Ansi based on Runtime Data (vScraper.exe )

PostThreadMessage

Ansi based on Runtime Data (vScraper.exe )

PostThreadMessageW

Ansi based on Runtime Data (vScraper.exe )

PreferExternalManifest

Unicode based on Runtime Data (vScraper.exe )

PrivateKeyLifetimeSeconds

Unicode based on Runtime Data (vScraper.exe )

PrivKeyCacheMaxItems

Unicode based on Runtime Data (vScraper.exe )

PrivKeyCachePurgeIntervalSeconds

Unicode based on Runtime Data (vScraper.exe )

RaiseDefaultAuthnLevel

Unicode based on Runtime Data (vScraper.exe )

RemoteRpcDll

Unicode based on Runtime Data (vScraper.exe )

Rod Transparentansparent16f

Unicode based on Runtime Data (vScraper.exe )

SafeProcessSearchMode

Unicode based on Runtime Data (vScraper.exe )

SendMessage

Ansi based on Runtime Data (vScraper.exe )

SendMessageW

Ansi based on Runtime Data (vScraper.exe )

SetClassLong

Ansi based on Runtime Data (vScraper.exe )

SetClassLongW

Ansi based on Runtime Data (vScraper.exe )

SetCursor

Ansi based on Runtime Data (vScraper.exe )

StringFromIID

Ansi based on Runtime Data (vScraper.exe )

sYearMonth

Unicode based on Runtime Data (vScraper.exe )

SystemFunction036

Ansi based on Runtime Data (vScraper.exe )

Tahoma Armenian TUR,162616f

Unicode based on Runtime Data (vScraper.exe )

tg-Cyrl-TJ

Unicode based on Runtime Data (vScraper.exe )

Times New Roman Baltic,186f

Unicode based on Runtime Data (vScraper.exe )

Times New Roman CE,238,186f

Unicode based on Runtime Data (vScraper.exe )

Times New Roman CYR,204186f

Unicode based on Runtime Data (vScraper.exe )

Times New Roman Greek,1616f

Unicode based on Runtime Data (vScraper.exe )

Times New Roman TUR,162616f

Unicode based on Runtime Data (vScraper.exe )

Timeser New TUR,162616d,0

Unicode based on Runtime Data (vScraper.exe )

Timeser New TUR,162616d,06f

Unicode based on Runtime Data (vScraper.exe )

Tms RmnArmenian TUR,162616f

Unicode based on Runtime Data (vScraper.exe )

tzm-Latn-DZ

Unicode based on Runtime Data (vScraper.exe )

UnmapViewOfFile

Ansi based on Runtime Data (vScraper.exe )

UnregisterClass

Ansi based on Runtime Data (vScraper.exe )

UnregisterClassW

Ansi based on Runtime Data (vScraper.exe )

UseLegacyIdentityFormat

Unicode based on Runtime Data (vScraper.exe )

UseLegacyV2RuntimeActivationPolicyDefaultValue

Unicode based on Runtime Data (vScraper.exe )

uz-Latn-UZ

Unicode based on Runtime Data (vScraper.exe )

%SAMPLEDIR%\;C:\Windows\system32;C:\Windows\system;C:\Windows;.;%ALLUSERSPROFILE%\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windo

Unicode based on Runtime Data (vScraper.exe )

Extracted Files

No significant files were extracted.

Notifications

Runtime

Added comment to VirusTotal report

Not all sources for signature ID "api-8" are available in the report

Not all sources for signature ID "registry-25" are available in the report

Environment 1

Sample was not shared with the community

Community

There are no community comments.

You must be logged in to submit a comment.

vScraper.exe

Incident Response

Risk Assessment

Indicators

Malicious Indicators 1

Suspicious Indicators 10

Informative 5

File Details

vScraper.exe

Resources

Visualization

Version Info

Classification (TrID)

File Sections

File Resources

File Imports

Screenshots

System Resource Monitor

Hybrid Analysis

Network Analysis

DNS Requests

Contacted Hosts

HTTP Traffic

Extracted Strings

Extracted Files

Notifications

Runtime

Environment 1

Community

Latest News

Vetting required

Request Report Deletion

Link