File name:

CSPCA.crl

Full analysis: https://app.any.run/tasks/2f977d9d-062b-4c63-b373-17a0e045a31b
Verdict: No threats detected
Analysis date: June 23, 2020, 14:08:26
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
MIME: application/octet-stream
File info: data
MD5:

A26DCBB948DA05EC8AF97885DBD149B0

SHA1:

CFA529C048EC394A1203853C0C9A5E28EA23F035

SHA256:

3CEB4A8069B2B9E5FDF508EF67D5AF5B9D3E6A7B417919953A89FA9773E16440

SSDEEP:

12:kYmJrXuBF74BBQ4TI0gIpoL4/Qat8CiaNwtxjz8lbADJr5:kXDuD743QqI0gG/j5wtFz4bo5

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    No malicious indicators.

  • SUSPICIOUS

    No suspicious indicators.

  • INFO

    No info indicators.
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.der | DER encoded X509 Certificate (100)
No data.
screenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
34
Monitored processes
1
Malicious processes
0
Suspicious processes
0

Behavior graph

Click at the process to see the details
start rundll32.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
860"C:\Windows\system32\rundll32.exe" cryptext.dll,CryptExtOpenCRL C:\Users\admin\AppData\Local\Temp\CSPCA.crlC:\Windows\system32\rundll32.exeexplorer.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Windows host process (Rundll32)
Exit code:
0
Version:
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\windows\system32\rundll32.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\usp10.dll
c:\windows\system32\imagehlp.dll
Total events
16
Read events
1
Write events
15
Delete events
0

Modification events

(PID) Process:(860) rundll32.exeKey:HKEY_CLASSES_ROOT\Local Settings\MuiCache\12F\52C64B7E
Operation:writeName:LanguageList
Value:
en-US
(PID) Process:(860) rundll32.exeKey:HKEY_CLASSES_ROOT\Local Settings\MuiCache\12F\52C64B7E
Operation:writeName:@%SystemRoot%\system32\p2pcollab.dll,-8042
Value:
Peer to Peer Trust
(PID) Process:(860) rundll32.exeKey:HKEY_CLASSES_ROOT\Local Settings\MuiCache\12F\52C64B7E
Operation:writeName:@%SystemRoot%\system32\qagentrt.dll,-10
Value:
System Health Authentication
(PID) Process:(860) rundll32.exeKey:HKEY_CLASSES_ROOT\Local Settings\MuiCache\12F\52C64B7E
Operation:writeName:@%SystemRoot%\system32\dnsapi.dll,-103
Value:
Domain Name System (DNS) Server Trust
(PID) Process:(860) rundll32.exeKey:HKEY_CLASSES_ROOT\Local Settings\MuiCache\12F\52C64B7E
Operation:writeName:@%SystemRoot%\System32\fveui.dll,-843
Value:
BitLocker Drive Encryption
(PID) Process:(860) rundll32.exeKey:HKEY_CLASSES_ROOT\Local Settings\MuiCache\12F\52C64B7E
Operation:writeName:@%SystemRoot%\System32\fveui.dll,-844
Value:
BitLocker Data Recovery Agent
Executable files
0
Suspicious files
0
Text files
0
Unknown types
0

Dropped files

No data
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
0
TCP/UDP connections
0
DNS requests
0
Threats
0

HTTP requests

No HTTP requests
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

No data

DNS requests

No data

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
CSPCA.crl