File name: | 1.7z |
Full analysis: | https://app.any.run/tasks/1b17327b-405f-4801-852d-f4349a8610ab |
Verdict: | Malicious activity |
Analysis date: | June 27, 2022, 08:40:29 |
OS: | Windows 7 Professional Service Pack 1 (build: 7601, 32 bit) |
Indicators: | |
MIME: | application/x-7z-compressed |
File info: | 7-zip archive data, version 0.4 |
MD5: | 450B047C5B3723482F2DB899080D2F88 |
SHA1: | 350EC992BF41EDF31AF83D88A044DB52C07FFA90 |
SHA256: | A045E17493A073CA80B7E0A3C8780FFDBC187AED96D5090595337A52C7A0B52A |
SSDEEP: | 24576:y8IId5L5n08looAYLoALYeAqM/EFK1pi/KOA2gKE:y8Is5LVxxAYrLYhx/Jpi/U2gKE |
.7z | | | 7-Zip compressed archive (v0.4) (57.1) |
---|---|---|
.7z | | | 7-Zip compressed archive (gen) (42.8) |
PID | CMD | Path | Indicators | Parent process |
---|---|---|---|---|
2564 | "C:\Program Files\WinRAR\WinRAR.exe" "C:\Users\admin\AppData\Local\Temp\1.7z" | C:\Program Files\WinRAR\WinRAR.exe | Explorer.EXE | |
User: admin Company: Alexander Roshal Integrity Level: MEDIUM Description: WinRAR archiver Exit code: 0 Version: 5.91.0 | ||||
992 | "cmd.exe" /s /k pushd "C:\Users\admin\Desktop" | C:\Windows\system32\cmd.exe | — | Explorer.EXE |
User: admin Company: Microsoft Corporation Integrity Level: MEDIUM Description: Windows Command Processor Version: 6.1.7601.17514 (win7sp1_rtm.101119-1850) | ||||
2160 | explorer.exe log.com | C:\Windows\explorer.exe | — | cmd.exe |
User: admin Company: Microsoft Corporation Integrity Level: MEDIUM Description: Windows Explorer Version: 6.1.7600.16385 (win7_rtm.090713-1255) | ||||
2472 | C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding | C:\Windows\explorer.exe | — | svchost.exe |
User: admin Company: Microsoft Corporation Integrity Level: MEDIUM Description: Windows Explorer Exit code: 1 Version: 6.1.7600.16385 (win7_rtm.090713-1255) |
PID | Process | Filename | Type | |
---|---|---|---|---|
2564 | WinRAR.exe | C:\Users\admin\AppData\Local\Temp\Rar$DRa2564.39975\log.com | executable | |
MD5:F61955A2D14CD3B2D76F36E7FD21B305 | SHA256:3DB7CF5F42B0BC39E1DE1E9036F57CA3578F8B98D5EF07F58CEA9BCD196E1ED6 | |||
2564 | WinRAR.exe | C:\Users\admin\AppData\Local\Temp\Rar$DRa2564.39975\360zip.exe | executable | |
MD5:03D53D7431470E434D44E50050AFBB27 | SHA256:4A21ACAE2BC6F435106EF7D16E8B89045F938C39DCDCBE00FA7B8FEB910F076D |