File name: | TemphPF56.bin.zip |
Full analysis: | https://app.any.run/tasks/e1cc983e-d6f4-410c-8e5b-5b6173e9b372 |
Verdict: | Malicious activity |
Analysis date: | April 23, 2019, 14:31:13 |
OS: | Windows 7 Professional Service Pack 1 (build: 7601, 32 bit) |
MIME: | application/zip |
File info: | Zip archive data, at least v2.0 to extract |
MD5: | 85D0B665C2EE2AA4C594E406B5B49257 |
SHA1: | 3A2DFBF7E66646D0F86341DE09758DA2C959D527 |
SHA256: | 7437172EB2DC6FC2274D99069BB38C0DF033FD0C8FF8614AFC5AEFAD51055A19 |
SSDEEP: | 12288:P+gvdkl6JdPPd1IRGJ83ek7hx7PegIwmf:P+gVkl6fPjIRGGv1x7PTInf |
.zip | | | ZIP compressed archive (100) |
---|
ZipRequiredVersion: | 788 |
---|---|
ZipBitFlag: | 0x0001 |
ZipCompression: | Deflated |
ZipModifyDate: | 2019:04:23 16:29:22 |
ZipCRC: | 0xa222060d |
ZipCompressedSize: | 434527 |
ZipUncompressedSize: | 651776 |
ZipFileName: | TemphPF56.bin |
PID | CMD | Path | Indicators | Parent process |
---|---|---|---|---|
1740 | "C:\Program Files\WinRAR\WinRAR.exe" "C:\Users\admin\AppData\Local\Temp\TemphPF56.bin.zip" | C:\Program Files\WinRAR\WinRAR.exe | — | explorer.exe |
User: admin Company: Alexander Roshal Integrity Level: MEDIUM Description: WinRAR archiver Exit code: 0 Version: 5.60.0 | ||||
3120 | "C:\Users\admin\Desktop\TemphPF56.exe" | C:\Users\admin\Desktop\TemphPF56.exe | — | explorer.exe |
User: admin Integrity Level: MEDIUM |
PID | Process | Filename | Type | |
---|---|---|---|---|
1740 | WinRAR.exe | C:\Users\admin\AppData\Local\Temp\Rar$DRb1740.41258\TemphPF56.bin | — | |
MD5:— | SHA256:— |