File name:

about_0.92-1_ZX0zrNN.svg

Full analysis: https://app.any.run/tasks/46b023ae-9879-4617-801f-fa455a8b7680
Verdict: No threats detected
Analysis date: March 19, 2018, 14:56:06
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
MIME: image/svg+xml
File info: SVG Scalable Vector Graphics image
MD5:

AD289EFC0C384D0E068CF2EE6D241504

SHA1:

0DF60852D8992F2C553CB06603BE7BEB030901D6

SHA256:

0558F26D2DEF2CAA2D4817E71DDE1964F35CCF303B134BDEF488D758F0A951B5

SSDEEP:

3072:sK/bzjqB7sYM6zG15O8IYN3QuQokwDHuq/OiDvGejciHFZOGxyKXiH8OVEknMhpX:n

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    No malicious indicators.

  • SUSPICIOUS

    No suspicious indicators.

  • INFO

    No info indicators.
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.rdf | Resource Description Framework (48.6)
.svg | Scalable Vector Graphics (var.3) (38.1)
.xml | Generic XML (ASCII) (13.1)

EXIF

SVG

Xmlns: http://www.w3.org/2000/svg
ImageWidth: 750
ImageHeight: 625
ViewBox: 0 0 750.00002 624.99999
ID: svg2
SVGVersion: 1.1
Version: 0.91 r13725
Docname: about 0.92-1.svg
Export-filename: D:\about Inkscape 0.92\about 0.92-1.png
Export-xdpi: 90
Export-ydpi: 90
TitleId: title4209
Title: INK scaped
MetadataID: metadata7

XMP

WorkFormat: image/svg+xml
WorkType: http://purl.org/dc/dcmitype/StillImage
WorkTitle: INK scaped
WorkDate: 12 November, 2016
WorkCreatorAgentTitle: Njeru James Elvis Ndea
WorkLicense: http://creativecommons.org/licenses/by-sa/3.0/
WorkDescription: http://creativecommons.org/licenses/by-sa/3.0/
WorkContributorAgentTitle: NJERU J E N Wikipedia
About: http://creativecommons.org/licenses/by-sa/3.0/
LicensePermits: http://creativecommons.org/ns#Reproduction
LicenseRequires: http://creativecommons.org/ns#Notice

Composite

ImageSize: 750x625
Megapixels: 0.469
No data.
screenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
31
Monitored processes
1
Malicious processes
0
Suspicious processes
0

Behavior graph

Click at the process to see the details
start rundll32.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
2880"C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\admin\AppData\Local\Temp\about_0.92-1_ZX0zrNN.svgC:\Windows\system32\rundll32.exeexplorer.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Windows host process (Rundll32)
Exit code:
0
Version:
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\windows\system32\rundll32.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\imagehlp.dll
Total events
365
Read events
349
Write events
16
Delete events
0

Modification events

(PID) Process:(2880) rundll32.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
Operation:writeName:C:\Program Files\Opera\Opera.exe
Value:
Opera Internet Browser
(PID) Process:(2880) rundll32.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
Operation:writeName:C:\Program Files\Google\Chrome\Application\chrome.exe
Value:
Google Chrome
(PID) Process:(2880) rundll32.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
Operation:writeName:C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
Value:
Adobe Acrobat Reader DC
(PID) Process:(2880) rundll32.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
Operation:writeName:C:\Windows\eHome\ehshell.exe
Value:
Windows Media Center
(PID) Process:(2880) rundll32.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
Operation:writeName:C:\Program Files\Internet Explorer\iexplore.exe
Value:
Internet Explorer
(PID) Process:(2880) rundll32.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
Operation:writeName:C:\Windows\system32\mspaint.exe
Value:
Paint
(PID) Process:(2880) rundll32.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
Operation:writeName:C:\Windows\system32\NOTEPAD.EXE
Value:
Notepad
(PID) Process:(2880) rundll32.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
Operation:writeName:C:\PROGRA~1\MICROS~1\Office14\OIS.EXE
Value:
Microsoft Office 2010
(PID) Process:(2880) rundll32.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
Operation:writeName:C:\Program Files\Windows Photo Viewer\PhotoViewer.dll
Value:
Windows Photo Viewer
(PID) Process:(2880) rundll32.exeKey:HKEY_CLASSES_ROOT\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
Operation:writeName:C:\Users\admin\AppData\Roaming\uTorrent\uTorrent.exe
Value:
µTorrent
Executable files
0
Suspicious files
0
Text files
0
Unknown types
0

Dropped files

No data
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
0
TCP/UDP connections
0
DNS requests
0
Threats
0

HTTP requests

No HTTP requests
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

No data

DNS requests

No data

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
about_0.92-1_ZX0zrNN.svg