File name: | 1ff6117e48109285b11b97c3f33386179ecab9d93a4e5401ff073b50446f4110 |
Full analysis: | https://app.any.run/tasks/528ca4cd-9e9f-4438-bcab-33469f5f1369 |
Verdict: | Malicious activity |
Analysis date: | April 23, 2019, 22:12:25 |
OS: | Windows 7 Professional Service Pack 1 (build: 7601, 32 bit) |
Indicators: | |
MIME: | application/x-rar |
File info: | RAR archive data, v5 |
MD5: | 4332C4EA9B9A43B03CE634E41686E992 |
SHA1: | 66E8916D75563092BA01DD671AC017019BADCECB |
SHA256: | 1FF6117E48109285B11B97C3F33386179ECAB9D93A4E5401FF073B50446F4110 |
SSDEEP: | 6144:LTlmWLlcNl0/RbftgBKh127hZ0n/B3I0tMIS:1I0/FtKXhK/B3LtMIS |
.rar | | | RAR compressed archive (v5.0) (61.5) |
---|---|---|
.rar | | | RAR compressed archive (gen) (38.4) |
PID | CMD | Path | Indicators | Parent process |
---|---|---|---|---|
2316 | "C:\Program Files\WinRAR\WinRAR.exe" "C:\Users\admin\AppData\Local\Temp\1ff6117e48109285b11b97c3f33386179ecab9d93a4e5401ff073b50446f4110.rar" | C:\Program Files\WinRAR\WinRAR.exe | explorer.exe | |
User: admin Company: Alexander Roshal Integrity Level: MEDIUM Description: WinRAR archiver Exit code: 0 Version: 5.60.0 | ||||
1868 | "C:\Users\admin\Desktop\Transfer slip.bat" | C:\Users\admin\Desktop\Transfer slip.bat | — | explorer.exe |
User: admin Company: poling Integrity Level: MEDIUM Description: pascha Version: 1.01.0005 | ||||
680 | "C:\Users\admin\Desktop\Transfer slip.bat" | C:\Users\admin\Desktop\Transfer slip.bat | — | explorer.exe |
User: admin Company: poling Integrity Level: MEDIUM Description: pascha Version: 1.01.0005 |
PID | Process | Filename | Type | |
---|---|---|---|---|
2316 | WinRAR.exe | C:\Users\admin\Desktop\Transfer slip.bat | executable | |
MD5:4CF7CC21E4CA7F0BC17E880F5FB2FF86 | SHA256:8FA6C77E7278019D2C76969881C4169299B69F41608C508F630DB23B0C9B55FF |