File name: | Secured.7z |
Full analysis: | https://app.any.run/tasks/8352a03d-68f6-49e8-8059-ba6527a6de58 |
Verdict: | Malicious activity |
Analysis date: | November 08, 2018, 19:45:49 |
OS: | Windows 7 Professional Service Pack 1 (build: 7601, 32 bit) |
Indicators: | |
MIME: | application/x-7z-compressed |
File info: | 7-zip archive data, version 0.4 |
MD5: | 8CB75F37EABFD504DE80148D53CF1C0C |
SHA1: | 5DC4D02C2FA90A253743A3A3C2C9572BD0F3D3D9 |
SHA256: | 3C9C71E0C8A537EFEE9813C07850838CFA54BC443A2EA9494BFF4E5A3171E857 |
SSDEEP: | 49152:j6Sgh6D6ybCdjDP3Mzl62rxB+7DvNntZLRdjXNLVdRxp4GE306E/h2Z2WuE:2So6D6SChL3Al6KQvNtZLRdXNpPxpzEt |
.7z | | | 7-Zip compressed archive (v0.4) (57.1) |
---|---|---|
.7z | | | 7-Zip compressed archive (gen) (42.8) |
PID | CMD | Path | Indicators | Parent process |
---|---|---|---|---|
3384 | "C:\Program Files\WinRAR\WinRAR.exe" "C:\Users\admin\AppData\Local\Temp\Secured.7z" | C:\Program Files\WinRAR\WinRAR.exe | explorer.exe | |
User: admin Company: Alexander Roshal Integrity Level: MEDIUM Description: WinRAR archiver Version: 5.60.0 | ||||
1308 | "C:\Users\admin\AppData\Local\Temp\Rar$EXa3384.38720\Secured\Crack-Me.exe" | C:\Users\admin\AppData\Local\Temp\Rar$EXa3384.38720\Secured\Crack-Me.exe | WinRAR.exe | |
User: admin Integrity Level: MEDIUM Description: Crack-Me2 Version: 1.0.0.0 |
PID | Process | Filename | Type | |
---|---|---|---|---|
3384 | WinRAR.exe | C:\Users\admin\AppData\Local\Temp\Rar$EXa3384.38720\Secured\AgileDotNet.VMRuntime.dll | executable | |
MD5:DC6734ACDA9A6B0F2BA0214A0AD4BF28 | SHA256:7B731537498C2994040F4BEBE5BE66C7824819E491C796242B36E76491621026 | |||
1308 | Crack-Me.exe | C:\Users\admin\AppData\Local\Temp\ea1e999e-f6ce-4bd9-951e-80b4b6155478\AgileDotNetRT.dll | executable | |
MD5:2492EDD201D7F094059EBEB210BA65D1 | SHA256:3217306C5D5C6C69EA658B6EB94559A24D6FFE48D75649C916A99B71413A55CE | |||
3384 | WinRAR.exe | C:\Users\admin\AppData\Local\Temp\Rar$EXa3384.38720\Secured\Crack-Me.exe | executable | |
MD5:7B9F21D9E5DA4B552B3555938C601036 | SHA256:EB42478D4357A0C6F9784DB34EE4DFA9348562B7EF5EBCD42AA5BD16DD2D249B |
Process | Message |
---|---|
Crack-Me.exe |
%s------------------------------------------------
--- Themida Professional ---
--- (c)2012 Oreans Technologies ---
------------------------------------------------
|