File name: | Openfiber.png |
Full analysis: | https://app.any.run/tasks/8374f0d2-c108-4606-85ed-2cc6f51b57e2 |
Verdict: | Malicious activity |
Analysis date: | October 05, 2022, 07:18:51 |
OS: | Windows 7 Professional Service Pack 1 (build: 7601, 32 bit) |
MIME: | image/png |
File info: | PNG image data, 510 x 99, 8-bit colormap, non-interlaced |
MD5: | 3F7B8DD4435A9A8BA0836FFE785CE446 |
SHA1: | 7CF79C9512B12B859CA6FE114B1B1A66AADF4F8D |
SHA256: | AB528DEB64754CF448CA00567D09E8927DB76B3DA823D61879AE1784BB978080 |
SSDEEP: | 192:+/Eyre45+nxRLOuBpBORnVblolIyicOhp46E:+/Eyr/+nTxpsBV2lIUOv6 |
.png | | | Portable Network Graphics (100) |
---|
PID | CMD | Path | Indicators | Parent process |
---|---|---|---|---|
3220 | "C:\Windows\System32\rundll32.exe" "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen "C:\Users\admin\AppData\Local\Temp\Openfiber.png" | C:\Windows\System32\rundll32.exe | — | Explorer.EXE |
User: admin Company: Microsoft Corporation Integrity Level: MEDIUM Description: Windows host process (Rundll32) Exit code: 0 Version: 6.1.7600.16385 (win7_rtm.090713-1255) |
(PID) Process: | (3220) rundll32.exe | Key: | HKEY_CURRENT_USER\Software\Microsoft\Direct3D\MostRecentApplication |
Operation: | write | Name: | Name |
Value: rundll32.exe |