File name: | de pago del 24.01.2022.JPG_________________________.z |
Full analysis: | https://app.any.run/tasks/adefbd8b-c0d6-49ee-8ef6-8531c250b38b |
Verdict: | Malicious activity |
Analysis date: | January 24, 2022, 19:29:14 |
OS: | Windows 7 Professional Service Pack 1 (build: 7601, 32 bit) |
Indicators: | |
MIME: | application/x-rar |
File info: | RAR archive data, v5 |
MD5: | 8910A8EFA7F0A60A7DDE0ECA6C57F68B |
SHA1: | D6778A74AE85C5C4706454B4FC418E79E936F1BC |
SHA256: | 9974AEFFFAA26F58064C9AF9D1727F7189E6EA5FD698BA2387B57DB37C59FF52 |
SSDEEP: | 1536:GTbfce7z34oqrn4hq9bnFUSDYLZjDPFRIBLce:G/cG8t0hMFAjDPEWe |
.rar | | | RAR compressed archive (v5.0) (61.5) |
---|---|---|
.rar | | | RAR compressed archive (gen) (38.4) |
PID | CMD | Path | Indicators | Parent process |
---|---|---|---|---|
2532 | "C:\Program Files\WinRAR\WinRAR.exe" "C:\Users\admin\Desktop\de pago del 24.01.2022.JPG_________________________.z.rar" | C:\Program Files\WinRAR\WinRAR.exe | Explorer.EXE | |
User: admin Company: Alexander Roshal Integrity Level: MEDIUM Description: WinRAR archiver Version: 5.91.0 | ||||
2544 | "C:\Users\admin\Desktop\de pago del 24.01.2022.JPG_________________________.exe" | C:\Users\admin\Desktop\de pago del 24.01.2022.JPG_________________________.exe | — | Explorer.EXE |
User: admin Company: VAR Fas Integrity Level: MEDIUM Version: 1.00 |
PID | Process | Filename | Type | |
---|---|---|---|---|
2532 | WinRAR.exe | C:\Users\admin\Desktop\de pago del 24.01.2022.JPG_________________________.exe | executable | |
MD5:467617DBEDF34C76274D295DB6F1EB6D | SHA256:DFBDE4AEFADB4CCAF7EC92690BD3561E288635A0744D3A776E25B03B5A44F8B5 |
PID | Process | IP | Domain | ASN | CN | Reputation |
---|---|---|---|---|---|---|
— | — | 192.168.100.2:53 | — | — | — | whitelisted |
Domain | IP | Reputation |
---|---|---|
www.microsoft.com |
| whitelisted |