| File name: | NTUSER.rhk |
| Full analysis: | https://app.any.run/tasks/69589c7c-e098-4e0e-9b96-41b35f4b3d20 |
| Verdict: | No threats detected |
| Analysis date: | July 04, 2019, 22:13:45 |
| OS: | Windows 7 Professional Service Pack 1 (build: 7601, 32 bit) |
| MIME: | application/octet-stream |
| File info: | MS Windows registry file, NT/2000 or above |
| MD5: | 97D9D373874379BBE9A912050A415C3B |
| SHA1: | 33A754D8FE5743ED28D34880F9D2B89BECFF50F6 |
| SHA256: | 13B36C4904D5EAA60CADC92075002CF0D1D546BDEA362F3B4D38159DFC4BEB18 |
| SSDEEP: | 1536:hHHaME7jGUVc13iuBhETXqXeDZyiJPfbQeSduCKn+t1fCKn:ajGT1nEkekiJP8eYuCKn+zfCKn |
MALICIOUS
No malicious indicators.SUSPICIOUS
No suspicious indicators.INFO
No info indicators.
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
TRiD
| .hiv/dat | | | Windows NT Registry Hive (generic) (100) |
|---|
Total processes
34
Monitored processes
1
Malicious processes
0
Suspicious processes
0
Behavior graph
Click at the process to see the details
Process information
PID | CMD | Path | Indicators | Parent process | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 3436 | "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\admin\Desktop\NTUSER.rhk.hiv | C:\Windows\system32\rundll32.exe | — | explorer.exe | |||||||||||
User: admin Company: Microsoft Corporation Integrity Level: MEDIUM Description: Windows host process (Rundll32) Exit code: 0 Version: 6.1.7600.16385 (win7_rtm.090713-1255) Modules
| |||||||||||||||
Total events
0
Read events
0
Write events
0
Delete events
0
Modification events
Executable files
0
Suspicious files
0
Text files
0
Unknown types
0
Dropped files
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
0
TCP/UDP connections
0
DNS requests
0
Threats
0
HTTP requests
Download PCAP, analyze network streams, HTTP content and a lot more at the full report