File name: | shellexecute.rar |
Full analysis: | https://app.any.run/tasks/a2a669ee-eb55-4b90-96ec-a0a6482e2364 |
Verdict: | Malicious activity |
Analysis date: | January 22, 2019, 17:41:19 |
OS: | Windows 7 Professional Service Pack 1 (build: 7601, 32 bit) |
MIME: | application/x-rar |
File info: | RAR archive data, v4, os: Win32 |
MD5: | 481CD269494FF4F8CC6B536B2E2B605B |
SHA1: | 893497CC4CFAE5CAF3E12038D310CEB39259D4C7 |
SHA256: | 98B1D3E25FA6560AD8FE2325C2B7A662DE5D6ACE3BBEFE4E84AF233C6BCF6D2D |
SSDEEP: | 384:BSu/mwjYsqzdLJELYIKshttk48dtnChyGKoWxs:B+PzdLmLY9Ittk4GRQKoWxs |
.rar | | | RAR compressed archive (v-4.x) (58.3) |
---|---|---|
.rar | | | RAR compressed archive (gen) (41.6) |
ArchivedFileName: | shellexecute.exe |
---|---|
PackingMethod: | Normal |
ModifyDate: | 2007:08:22 11:21:00 |
OperatingSystem: | Win32 |
UncompressedSize: | 45056 |
CompressedSize: | 15145 |
PID | CMD | Path | Indicators | Parent process |
---|---|---|---|---|
2992 | "C:\Program Files\WinRAR\WinRAR.exe" "C:\Users\admin\AppData\Local\Temp\shellexecute.rar" | C:\Program Files\WinRAR\WinRAR.exe | explorer.exe | |
User: admin Company: Alexander Roshal Integrity Level: MEDIUM Description: WinRAR archiver Version: 5.60.0 | ||||
3160 | "C:\Users\admin\Desktop\shellexecute.exe" | C:\Users\admin\Desktop\shellexecute.exe | — | explorer.exe |
User: admin Company: SEAL Systems Integrity Level: MEDIUM Description: shellexecute Exit code: 0 Version: 1, 0, 2, 0 | ||||
2388 | "C:\Users\admin\Desktop\shellexecute.exe" | C:\Users\admin\Desktop\shellexecute.exe | — | explorer.exe |
User: admin Company: SEAL Systems Integrity Level: MEDIUM Description: shellexecute Exit code: 0 Version: 1, 0, 2, 0 |
PID | Process | Filename | Type | |
---|---|---|---|---|
2992 | WinRAR.exe | C:\Users\admin\AppData\Local\Temp\Rar$DRa2992.41277\shellexecute.exe | executable | |
MD5:FE7418F9DA56513F337F0B86D1312652 | SHA256:1D7C84FD2A39EB10DA00A44C7A8E15F0F63A14FA6334A2478BD162511A169C39 |