download: | B3RAP.zip |
Full analysis: | https://app.any.run/tasks/88ccf3d2-8ccb-4615-ab80-99818779ac2d |
Verdict: | Malicious activity |
Analysis date: | May 30, 2020, 18:59:02 |
OS: | Windows 7 Professional Service Pack 1 (build: 7601, 32 bit) |
Indicators: | |
MIME: | application/zip |
File info: | Zip archive data, at least v1.0 to extract |
MD5: | 7FADAF427F7F72ECFB3093EEFAF40A13 |
SHA1: | 23D20CBFC5EDCA9B5CE7139FA63175E9044969E3 |
SHA256: | 25ADF33587BC37C607B4D2E1E6B25EC7E7B8CAF5E9721FE461BAAADB1B204FFD |
SSDEEP: | 49152:jCURXAc87XiI/niK6A/nCUziwveDU35l1wIrLnP6Vc8r/xMSRVfynF1gRkza:jhR2jv/iyRziQUUbnP6VjrtVfy/Y |
.zip | | | ZIP compressed archive (100) |
---|
ZipRequiredVersion: | 10 |
---|---|
ZipBitFlag: | - |
ZipCompression: | None |
ZipModifyDate: | 2019:07:03 18:06:15 |
ZipCRC: | 0x00000000 |
ZipCompressedSize: | - |
ZipUncompressedSize: | - |
ZipFileName: | B3RAP Leecher v0.4.1/ |
PID | CMD | Path | Indicators | Parent process |
---|---|---|---|---|
2320 | "C:\Program Files\WinRAR\WinRAR.exe" "C:\Users\admin\AppData\Local\Temp\B3RAP.zip" | C:\Program Files\WinRAR\WinRAR.exe | explorer.exe | |
User: admin Company: Alexander Roshal Integrity Level: MEDIUM Description: WinRAR archiver Version: 5.60.0 | ||||
2944 | "C:\Users\admin\AppData\Local\Temp\Rar$EXa2320.49733\B3RAP Leecher v0.4.1\B3RAP Leecher.exe" | C:\Users\admin\AppData\Local\Temp\Rar$EXa2320.49733\B3RAP Leecher v0.4.1\B3RAP Leecher.exe | — | WinRAR.exe |
User: admin Integrity Level: MEDIUM Description: B3RAP Leecher Exit code: 3221226540 Version: 1.0.0.0 | ||||
272 | "C:\Users\admin\AppData\Local\Temp\Rar$EXa2320.49733\B3RAP Leecher v0.4.1\B3RAP Leecher.exe" | C:\Users\admin\AppData\Local\Temp\Rar$EXa2320.49733\B3RAP Leecher v0.4.1\B3RAP Leecher.exe | WinRAR.exe | |
User: admin Integrity Level: HIGH Description: B3RAP Leecher Version: 1.0.0.0 |
PID | Process | Filename | Type | |
---|---|---|---|---|
2320 | WinRAR.exe | C:\Users\admin\AppData\Local\Temp\Rar$EXa2320.49733\B3RAP Leecher v0.4.1\B3RAP Leecher.exe | executable | |
MD5:6AD20F00EDBBBFD1EA28B86356632C90 | SHA256:8A901A8D4EC02A93AD996AB8F414EDA74BB1FC50C0B2DFE8E512C78099033662 | |||
272 | B3RAP Leecher.exe | C:\Users\admin\AppData\Roaming\LeakManiaVPN\CONFIG\LeakMania-NL.ovpn | text | |
MD5:5A40BA02F8F0AE39D65054CB80C2C0CE | SHA256:D73143D4B9C84F5F8AAFE5299A0820D01548A04DD59B2F3292756EFF05649C71 | |||
272 | B3RAP Leecher.exe | C:\Users\admin\AppData\Roaming\LeakManiaVPN\OpenVPN\libssl-1_1-x64.dll | executable | |
MD5:414A382D57FCC26F0541FAB7394DDE6E | SHA256:7FD0BB50B5033DD34E571CDB6CB9A1A79D3676E43764D7EB0B5D79389FEF0209 | |||
2320 | WinRAR.exe | C:\Users\admin\AppData\Local\Temp\Rar$EXa2320.49733\B3RAP Leecher v0.4.1\Leaf.xNet.dll | executable | |
MD5:B5CB88DE9FE40B6645496F9543CE8E26 | SHA256:A91293829D0A4A0F2F34787FC1BA13B9D3AA4F640D0FCA652B24A88F464BC343 | |||
272 | B3RAP Leecher.exe | C:\Users\admin\AppData\Roaming\LeakManiaVPN\OpenVPN\openvpn.exe | executable | |
MD5:5E6A11E18F115E0DAFEF5069118AA676 | SHA256:1C95AE4D20549E9AF22922D1679C6E047DDB21C5E9AC90EF1C58536A45FEBCF2 | |||
272 | B3RAP Leecher.exe | C:\Users\admin\AppData\Roaming\LeakManiaVPN\OpenVPN\openssl.exe | executable | |
MD5:064F4449B6F4BD6D99B72368FF42014C | SHA256:F8E6C68DF295B62522B2F2CB0B633C9CBFE093B3968B03B23C67BB4866139E7A | |||
272 | B3RAP Leecher.exe | C:\Users\admin\AppData\Roaming\LeakManiaVPN\OpenVPN\libpkcs11-helper-1.dll | executable | |
MD5:2FEF81541C63C74808577183CD027A0E | SHA256:8AC11C4FF07323E985D08401945476FEEEAB92848705EF61970ACEFB24FBC5AB | |||
272 | B3RAP Leecher.exe | C:\Users\admin\AppData\Roaming\LeakManiaVPN\OpenVPN\openvpnserv2.exe | executable | |
MD5:861D9AFE99DCFBDEF816ECF59D0266C0 | SHA256:E9D7E26DC91C06D50D13071CD85AC922FB3438E57796B18B467A629A1BE75320 | |||
272 | B3RAP Leecher.exe | C:\Users\admin\AppData\Roaming\LeakManiaVPN\OpenVPN\liblzo2-2.dll | executable | |
MD5:46BE4D605BDB49DFC5BAF15E67BF12C2 | SHA256:3D3E4939A84FBCEA9A29A1A8C9A4AD1FCD9B85BB3A38010E19D1205FFF5D9F58 | |||
272 | B3RAP Leecher.exe | C:\Users\admin\AppData\Roaming\LeakManiaVPN\OpenVPN\openvpnserv.exe | executable | |
MD5:275426EEB679572374B8C69D14CFFA11 | SHA256:C701F1404722D339952488479B81A2DAE71DF2F72100D242D781630921B83B1F |
PID | Process | IP | Domain | ASN | CN | Reputation |
---|---|---|---|---|---|---|
272 | B3RAP Leecher.exe | 204.79.197.200:443 | www.bing.com | Microsoft Corporation | US | whitelisted |
272 | B3RAP Leecher.exe | 172.67.213.196:443 | paste2.org | — | US | unknown |
272 | B3RAP Leecher.exe | 104.23.99.190:443 | pastebin.com | Cloudflare Inc | US | malicious |
272 | B3RAP Leecher.exe | 172.67.219.133:443 | paste.ee | — | US | malicious |
— | — | 172.67.213.196:443 | paste2.org | — | US | unknown |
— | — | 204.79.197.200:443 | www.bing.com | Microsoft Corporation | US | whitelisted |
Domain | IP | Reputation |
---|---|---|
www.bing.com |
| whitelisted |
pastebin.com |
| shared |
paste2.org |
| whitelisted |
paste.ee |
| shared |