File name: | scan01_C1E637F.gz |
Full analysis: | https://app.any.run/tasks/50cc127a-cb23-4669-8691-072596ab0c6b |
Verdict: | Malicious activity |
Analysis date: | January 17, 2019, 14:41:20 |
OS: | Windows 7 Professional Service Pack 1 (build: 7601, 32 bit) |
Indicators: | |
MIME: | application/zip |
File info: | Zip archive data, at least v2.0 to extract |
MD5: | F3369AC73C690ED5E36E714185EFF192 |
SHA1: | 01D18BBE1C3E4C16BC0BCA97368BE84026008CEA |
SHA256: | 5349C28FE5E3AA760B9D5105C927D10BDE735E84D2B3DC2A80B992A8A94ABF72 |
SSDEEP: | 12288:dS3XwSQBh5VzSYxrqUwFg9Wi3Vg23jEBxQ:dSnKd/7w+P3jEBxQ |
.zip | | | ZIP compressed archive (100) |
---|
ZipRequiredVersion: | 20 |
---|---|
ZipBitFlag: | - |
ZipCompression: | Deflated |
ZipModifyDate: | 2007:12:06 17:00:05 |
ZipCRC: | 0xf683e869 |
ZipCompressedSize: | 443471 |
ZipUncompressedSize: | 1136304 |
ZipFileName: | scan01_C1E637F.exe |
PID | CMD | Path | Indicators | Parent process |
---|---|---|---|---|
3044 | "C:\Program Files\WinRAR\WinRAR.exe" "C:\Users\admin\AppData\Local\Temp\scan01_C1E637F.gz.zip" | C:\Program Files\WinRAR\WinRAR.exe | explorer.exe | |
User: admin Company: Alexander Roshal Integrity Level: MEDIUM Description: WinRAR archiver Exit code: 0 Version: 5.60.0 | ||||
3308 | "C:\Users\admin\Desktop\scan01_C1E637F.exe" | C:\Users\admin\Desktop\scan01_C1E637F.exe | — | explorer.exe |
User: admin Company: nowheres Integrity Level: MEDIUM Description: Sheepheaded Version: 7.04.0005 |
PID | Process | Filename | Type | |
---|---|---|---|---|
3044 | WinRAR.exe | C:\Users\admin\AppData\Local\Temp\Rar$DRa3044.10439\scan01_C1E637F.exe | executable | |
MD5:F94F4AF35DDC3B3F6D46A8FFFBBB39F6 | SHA256:997BB7CBE852401961C3965EF593886806C752D27623DD6080CE73021F2D8407 |