analyze malware
  • Huge database of samples and IOCs
  • Custom VM setup
  • Unlimited submissions
  • Interactive approach
Sign up, it’s free
File name:

Ableton Live Suite 10.0.2 x64 ISO + Patch R2R.rar

Full analysis: https://app.any.run/tasks/d95fddf6-b3c4-4083-a2f2-60e58d4fe377
Verdict: No threats detected
Analysis date: October 11, 2019, 08:15:23
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:
MIME: application/x-rar
File info: RAR archive data, v5
MD5:

9F408F637AE8321EA344D06486D623AA

SHA1:

5DD517C8DF17C4F56BF4DF5D8BF9257B7EFB75FB

SHA256:

07D175E1BC120B58B75F9F9F79C80EEBD52620C0B0AC37FBB6F180E0E321FD2D

SSDEEP:

24576:ho6cLUNPPqWymPLbyrsb0Y667qr/qGMOvI9+f1gBxh/EcHi:hhA4PPCmTGIJGbPMOvuOkhsCi

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Application was dropped or rewritten from another process

      • Ableton_KeyGen.exe (PID: 332)
      • Ableton_KeyGen.exe (PID: 3028)
      • keygen.exe (PID: 2412)

    • Loads dropped or rewritten executable

      • keygen.exe (PID: 2412)

  • SUSPICIOUS

    • Executable content was dropped or overwritten

      • WinRAR.exe (PID: 2172)
      • Ableton_KeyGen.exe (PID: 332)

  • INFO

    No info indicators.
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.rar | RAR compressed archive (v5.0) (61.5)
.rar | RAR compressed archive (gen) (38.4)
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
40
Monitored processes
4
Malicious processes
0
Suspicious processes
1

Behavior graph

Click at the process to see the details
drop and start drop and start start drop and start winrar.exe ableton_keygen.exe no specs ableton_keygen.exe keygen.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
2172"C:\Program Files\WinRAR\WinRAR.exe" "C:\Users\admin\AppData\Local\Temp\Ableton Live Suite 10.0.2 x64 ISO + Patch R2R.rar"C:\Program Files\WinRAR\WinRAR.exe
explorer.exe
User:
admin
Company:
Alexander Roshal
Integrity Level:
MEDIUM
Description:
WinRAR archiver
Version:
5.60.0
Modules
Images
c:\program files\winrar\winrar.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\comdlg32.dll
3028"C:\Users\admin\AppData\Local\Temp\Rar$EXa2172.25307\Ableton Live Suite 10.0.2 x64 ISO + Patch R2R\R2R\Ableton_KeyGen.exe" C:\Users\admin\AppData\Local\Temp\Rar$EXa2172.25307\Ableton Live Suite 10.0.2 x64 ISO + Patch R2R\R2R\Ableton_KeyGen.exeWinRAR.exe
User:
admin
Integrity Level:
MEDIUM
Exit code:
3221226540
Modules
Images
c:\users\admin\appdata\local\temp\rar$exa2172.25307\ableton live suite 10.0.2 x64 iso + patch r2r\r2r\ableton_keygen.exe
c:\systemroot\system32\ntdll.dll
332"C:\Users\admin\AppData\Local\Temp\Rar$EXa2172.25307\Ableton Live Suite 10.0.2 x64 ISO + Patch R2R\R2R\Ableton_KeyGen.exe" C:\Users\admin\AppData\Local\Temp\Rar$EXa2172.25307\Ableton Live Suite 10.0.2 x64 ISO + Patch R2R\R2R\Ableton_KeyGen.exe
WinRAR.exe
User:
admin
Integrity Level:
HIGH
Modules
Images
c:\users\admin\appdata\local\temp\rar$exa2172.25307\ableton live suite 10.0.2 x64 iso + patch r2r\r2r\ableton_keygen.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
2412C:\Users\admin\AppData\Local\Temp\keygen.exeC:\Users\admin\AppData\Local\Temp\keygen.exeAbleton_KeyGen.exe
User:
admin
Integrity Level:
HIGH
Modules
Images
c:\users\admin\appdata\local\temp\keygen.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\kernel32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
Total events
789
Read events
776
Write events
13
Delete events
0

Modification events

(PID) Process:(2172) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\Interface\Themes
Operation:writeName:ShellExtBMP
Value:
(PID) Process:(2172) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\Interface\Themes
Operation:writeName:ShellExtIcon
Value:
(PID) Process:(2172) WinRAR.exeKey:HKEY_CLASSES_ROOT\Local Settings\MuiCache\12B\52C64B7E
Operation:writeName:LanguageList
Value:
en-US
(PID) Process:(2172) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\ArcHistory
Operation:writeName:0
Value:
C:\Users\admin\AppData\Local\Temp\Ableton Live Suite 10.0.2 x64 ISO + Patch R2R.rar
(PID) Process:(2172) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:name
Value:
120
(PID) Process:(2172) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:size
Value:
80
(PID) Process:(2172) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:type
Value:
120
(PID) Process:(2172) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:mtime
Value:
100
(PID) Process:(2172) WinRAR.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Operation:writeName:UNCAsIntranet
Value:
0
(PID) Process:(2172) WinRAR.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Operation:writeName:AutoDetect
Value:
1
Executable files
4
Suspicious files
0
Text files
2
Unknown types
1

Dropped files

PID
Process
Filename
Type
2172WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$EXa2172.25307\Ableton Live Suite 10.0.2 x64 ISO + Patch R2R\uploaded_from_alldebrid.txttext
MD5:9DC6E74865E2FF7CDF90E5F32C2AFB2F
SHA256:AEBD597A3AB49E1B01B146CA90B82EC9B4FF3E72FFE06DAA5B6D63DB178DCFF7
2172WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$EXa2172.25307\Ableton Live Suite 10.0.2 x64 ISO + Patch R2R\R2R\R2R.txttext
MD5:DB524954C6D9E8234D98A48AE0BEB862
SHA256:C83F2381BF3101B99A16C246EE3930ABAE75207A54D21E6050731D2337D5F6EB
332Ableton_KeyGen.exeC:\Users\admin\AppData\Local\Temp\BASSMOD.dllexecutable
MD5:E4EC57E8508C5C4040383EBE6D367928
SHA256:8AD9E47693E292F381DA42DDC13724A3063040E51C26F4CA8E1F8E2F1DDD547F
332Ableton_KeyGen.exeC:\Users\admin\AppData\Local\Temp\R2RLIVE.dllexecutable
MD5:FBD46335CABCE4A96F315D0C89C8CD09
SHA256:0FD18A0DCF5C1E67F652EF3CAFA271C8F513065380F426E7C6A7B9C246B8891F
2172WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$EXa2172.25307\Ableton Live Suite 10.0.2 x64 ISO + Patch R2R\R2R\Ableton_KeyGen.exeexecutable
MD5:EC367A19C43AB8A12921DDC16D29C37E
SHA256:84B315464F9786E590299675B6A01F8F7EFCAA1B55D78522D86E51CD41621394
332Ableton_KeyGen.exeC:\Users\admin\AppData\Local\Temp\bgm.xmxm
MD5:EAC249A6CBD92E5A744F1921261B4134
SHA256:9AE311E672F224A27350DD37CCE871187377531741DF048082B9CB680CD12882
332Ableton_KeyGen.exeC:\Users\admin\AppData\Local\Temp\keygen.exeexecutable
MD5:A870E917D041D74C09A99C322B13709A
SHA256:0CB1C127272A6B8F69EE52488FC51991D42CB021BDCD0A404C294B4011B30F87
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
0
TCP/UDP connections
0
DNS requests
0
Threats
0

HTTP requests

No HTTP requests
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

No data

DNS requests

No data

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2024 ANY.RUN LLC. ALL RIGHTS RESERVED
ANY.RUN
Reports
Ableton Live Suite 10.0.2 x64 ISO + Patch R2R.rar