File name: | Sample-PNG-Image.png |
Full analysis: | https://app.any.run/tasks/e190d144-0f3c-4111-ac99-46e4aa08c659 |
Verdict: | Malicious activity |
Analysis date: | October 05, 2022, 07:32:55 |
OS: | Windows 7 Professional Service Pack 1 (build: 7601, 32 bit) |
MIME: | image/png |
File info: | PNG image data, 864 x 409, 8-bit/color RGBA, non-interlaced |
MD5: | 43FA010FD5F9A49EC978F5DEC499349D |
SHA1: | 6606EB57A8CE14F7951B694C5D98D4A66FAB3373 |
SHA256: | 2977B3B72CEDD8B835094F4A7474F5DB4FB3A7F42AC5B8C4F83D226CA122F553 |
SSDEEP: | 3072:FUbfto0hffZBUOa12YitG+t8tYRd/2QhWSo:GTOEhiGmtYaQ4 |
.png | | | Portable Network Graphics (100) |
---|
PID | CMD | Path | Indicators | Parent process |
---|---|---|---|---|
3696 | "C:\Windows\System32\rundll32.exe" "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen "C:\Users\admin\AppData\Local\Temp\Sample-PNG-Image.png" | C:\Windows\System32\rundll32.exe | — | Explorer.EXE |
User: admin Company: Microsoft Corporation Integrity Level: MEDIUM Description: Windows host process (Rundll32) Exit code: 0 Version: 6.1.7600.16385 (win7_rtm.090713-1255) |
(PID) Process: | (3696) rundll32.exe | Key: | HKEY_CURRENT_USER\Software\Microsoft\Direct3D\MostRecentApplication |
Operation: | write | Name: | Name |
Value: rundll32.exe |