SHA256: 141470b7e44308fc541be2476092cfd8f2b6140bc698bd51c088b89331cfd4b5
RobotHash
In order to better analyze this mixed capture, we also executed the malware alone, without any user interaction. The capture can be found here.
Started win-normal-1
Start chrome
Started skype
Search "other cars" in google
Enter to "gocompare.com"
Infected with 141470b7e44308fc541be2476092cfd8f2b6140bc698bd51c088b89331cfd4b5.exe It is locky ransomware
Enter to www.confused.com normally
Search something in google
enter www.pgatour.com
Power off windows