File name: | Tapjoy Exploit V2.3.rar |
Full analysis: | https://app.any.run/tasks/446a71a1-014a-4ce0-a9b5-84df60970402 |
Verdict: | Malicious activity |
Analysis date: | July 12, 2020, 13:20:03 |
OS: | Windows 7 Professional Service Pack 1 (build: 7601, 32 bit) |
Indicators: | |
MIME: | application/x-rar |
File info: | RAR archive data, v4, os: Win32 |
MD5: | 3AA102B207B1C3B02DA0E213CF675396 |
SHA1: | 3986C9742D7166D1FE26D0295E5E0A0AA397B222 |
SHA256: | 40F55EE22852BE4C979B37F76759A851E66834F621FCFC7894E37D9597A748FE |
SSDEEP: | 12288:EXoEwwohLWnS7+5siVvmt9+3n5aj+anYVDNwEbSdrmGT6oJxHN09EonuHqle:Ebwwm7+5sw8CaqaYVpvGT6Ot09EtIe |
.rar | | | RAR compressed archive (v-4.x) (58.3) |
---|---|---|
.rar | | | RAR compressed archive (gen) (41.6) |
CompressedSize: | 600736 |
---|---|
UncompressedSize: | 610304 |
OperatingSystem: | Win32 |
ModifyDate: | 2020:06:12 16:44:15 |
PackingMethod: | Normal |
ArchivedFileName: | Tapjoy Exploit V2.3.exe |
PID | CMD | Path | Indicators | Parent process |
---|---|---|---|---|
2568 | "C:\Program Files\WinRAR\WinRAR.exe" "C:\Users\admin\AppData\Local\Temp\Tapjoy Exploit V2.3.rar" | C:\Program Files\WinRAR\WinRAR.exe | explorer.exe | |
User: admin Company: Alexander Roshal Integrity Level: MEDIUM Description: WinRAR archiver Version: 5.60.0 | ||||
1380 | "C:\Users\admin\AppData\Local\Temp\Rar$EXa2568.35357\Tapjoy Exploit V2.3.exe" | C:\Users\admin\AppData\Local\Temp\Rar$EXa2568.35357\Tapjoy Exploit V2.3.exe | — | WinRAR.exe |
User: admin Integrity Level: MEDIUM Exit code: 0 Version: 1.0.0.0 | ||||
1456 | "C:\Users\admin\AppData\Local\Temp\Rar$EXa2568.35357\Tapjoy Exploit V2.3.exe" | C:\Users\admin\AppData\Local\Temp\Rar$EXa2568.35357\Tapjoy Exploit V2.3.exe | Tapjoy Exploit V2.3.exe | |
User: admin Integrity Level: HIGH Exit code: 0 Version: 1.0.0.0 |
PID | Process | Filename | Type | |
---|---|---|---|---|
2568 | WinRAR.exe | C:\Users\admin\AppData\Local\Temp\Rar$EXa2568.35357\Tapjoy Exploit V2.3.exe | executable | |
MD5:5E5B18A02EEDF6A0317BFDA7EDFD3687 | SHA256:83483E86381DA3EA5234BA7AE7860EF30D55A3053EC8178224CEDC6B47F859D1 | |||
1456 | Tapjoy Exploit V2.3.exe | C:\Users\admin\AppData\Local\Pic1fPBkmq\LOHejsSdpL.exe | executable | |
MD5:5E5B18A02EEDF6A0317BFDA7EDFD3687 | SHA256:83483E86381DA3EA5234BA7AE7860EF30D55A3053EC8178224CEDC6B47F859D1 |
PID | Process | IP | Domain | ASN | CN | Reputation |
---|---|---|---|---|---|---|
1456 | Tapjoy Exploit V2.3.exe | 151.101.0.133:443 | raw.githubusercontent.com | Fastly | US | malicious |
Domain | IP | Reputation |
---|---|---|
raw.githubusercontent.com |
| shared |
Process | Message |
---|---|
Tapjoy Exploit V2.3.exe | Thread Exiting: 1480 |