File name: | jailbreak-master.zip |
Full analysis: | https://app.any.run/tasks/54299020-bd02-4c28-8959-ba8b7d05300a |
Verdict: | Malicious activity |
Analysis date: | September 19, 2019, 09:39:49 |
OS: | Windows 7 Professional Service Pack 1 (build: 7601, 32 bit) |
Indicators: | |
MIME: | application/zip |
File info: | Zip archive data, at least v1.0 to extract |
MD5: | B28DB8208018F46166CD34E2B603E5B1 |
SHA1: | B3F3CE5BF914E944314282D8D2BB2A8F6BA249F6 |
SHA256: | AD4B7DB6BE59E3F5A4D17087F0A48B567CF9AF49C0309E486A084C6C0A630DFC |
SSDEEP: | 12288:5fofS7wYViDXiY0g5X/dHFCjtJORW6iZfoQS7wYViDm:5AKkYhY0wdHMJORW6OAbkYX |
.zip | | | ZIP compressed archive (100) |
---|
ZipFileName: | jailbreak-master/ |
---|---|
ZipUncompressedSize: | - |
ZipCompressedSize: | - |
ZipCRC: | 0x00000000 |
ZipModifyDate: | 2015:12:28 09:11:23 |
ZipCompression: | None |
ZipBitFlag: | - |
ZipRequiredVersion: | 10 |
PID | CMD | Path | Indicators | Parent process |
---|---|---|---|---|
2880 | "C:\Program Files\WinRAR\WinRAR.exe" "C:\Users\admin\AppData\Local\Temp\jailbreak-master.zip" | C:\Program Files\WinRAR\WinRAR.exe | explorer.exe | |
User: admin Company: Alexander Roshal Integrity Level: MEDIUM Description: WinRAR archiver Version: 5.60.0 | ||||
1732 | "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" | C:\Windows\System32\SearchProtocolHost.exe | — | SearchIndexer.exe |
User: SYSTEM Company: Microsoft Corporation Integrity Level: SYSTEM Description: Microsoft Windows Search Protocol Host Version: 7.00.7600.16385 (win7_rtm.090713-1255) | ||||
2972 | "C:\Users\admin\Desktop\jailbreak-master\binaries\jbstore2_32.exe" | C:\Users\admin\Desktop\jailbreak-master\binaries\jbstore2_32.exe | — | explorer.exe |
User: admin Integrity Level: MEDIUM Exit code: 1 | ||||
3160 | "C:\Users\admin\Desktop\jailbreak-master\binaries\jailbreak32.exe" | C:\Users\admin\Desktop\jailbreak-master\binaries\jailbreak32.exe | — | explorer.exe |
User: admin Integrity Level: MEDIUM Exit code: 4294967295 | ||||
2340 | "C:\Users\admin\Desktop\jailbreak-master\binaries\jailbreak32.exe" | C:\Users\admin\Desktop\jailbreak-master\binaries\jailbreak32.exe | explorer.exe | |
User: admin Integrity Level: HIGH Exit code: 4294967295 | ||||
276 | C:\Windows\Explorer.EXE | C:\Windows\explorer.exe | — | — |
User: admin Company: Microsoft Corporation Integrity Level: MEDIUM Description: Windows Explorer Version: 6.1.7600.16385 (win7_rtm.090713-1255) | ||||
2188 | cmd /c ""C:\Users\admin\Desktop\jailbreak-master\jbcert32.bat" " | C:\Windows\system32\cmd.exe | — | explorer.exe |
User: admin Company: Microsoft Corporation Integrity Level: MEDIUM Description: Windows Command Processor Exit code: 4294967295 Version: 6.1.7601.17514 (win7sp1_rtm.101119-1850) | ||||
3192 | jailbreak32.exe C:\Windows\system32\mmc.exe C:\Windows\system32\certmgr.msc -32 | C:\Users\admin\Desktop\jailbreak-master\binaries\jailbreak32.exe | — | cmd.exe |
User: admin Integrity Level: MEDIUM Exit code: 4294967295 | ||||
3432 | C:\Windows\system32\mmc.exe C:\Windows\system32\certmgr.msc -32 | C:\Windows\system32\mmc.exe | — | jailbreak32.exe |
User: admin Company: Microsoft Corporation Integrity Level: MEDIUM Description: Microsoft Management Console Exit code: 3221226540 Version: 6.1.7600.16385 (win7_rtm.090713-1255) |
(PID) Process: | (2880) WinRAR.exe | Key: | HKEY_CURRENT_USER\Software\WinRAR\Interface\Themes |
Operation: | write | Name: | ShellExtBMP |
Value: | |||
(PID) Process: | (2880) WinRAR.exe | Key: | HKEY_CURRENT_USER\Software\WinRAR\Interface\Themes |
Operation: | write | Name: | ShellExtIcon |
Value: | |||
(PID) Process: | (2880) WinRAR.exe | Key: | HKEY_CLASSES_ROOT\Local Settings\MuiCache\72\52C64B7E |
Operation: | write | Name: | LanguageList |
Value: en-US | |||
(PID) Process: | (276) explorer.exe | Key: | HKEY_CLASSES_ROOT\Local Settings\MuiCache\72\52C64B7E |
Operation: | write | Name: | LanguageList |
Value: en-US | |||
(PID) Process: | (2880) WinRAR.exe | Key: | HKEY_CURRENT_USER\Software\WinRAR\ArcHistory |
Operation: | write | Name: | 0 |
Value: C:\Users\admin\AppData\Local\Temp\jailbreak-master.zip | |||
(PID) Process: | (276) explorer.exe | Key: | HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ApplicationDestinations |
Operation: | write | Name: | MaxEntries |
Value: 15 | |||
(PID) Process: | (2880) WinRAR.exe | Key: | HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths |
Operation: | write | Name: | name |
Value: 120 | |||
(PID) Process: | (2880) WinRAR.exe | Key: | HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths |
Operation: | write | Name: | size |
Value: 80 | |||
(PID) Process: | (2880) WinRAR.exe | Key: | HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths |
Operation: | write | Name: | type |
Value: 120 | |||
(PID) Process: | (2880) WinRAR.exe | Key: | HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths |
Operation: | write | Name: | mtime |
Value: 100 |
PID | Process | Filename | Type | |
---|---|---|---|---|
2880 | WinRAR.exe | C:\Users\admin\AppData\Local\Temp\Rar$DRa2880.1667\jailbreak-master\binaries\jailbreak32.exe.sha256 | text | |
MD5:A9EF1A5A43306C7739C44C8AEBB9637A | SHA256:0E3E504E355827F2C66A9F0FB3AEFDA75E08E51B64A6DED5C486119861A6078E | |||
2880 | WinRAR.exe | C:\Users\admin\AppData\Local\Temp\Rar$DRa2880.1667\jailbreak-master\binaries\jailbreakhook32.dll | executable | |
MD5:236171178DE3C0D985AB7038E5B1E64D | SHA256:796C4E92F5B78E5FAF2C2DD22BEA768638DE14B10D3C37B666A62B162901A6B7 | |||
2880 | WinRAR.exe | C:\Users\admin\AppData\Local\Temp\Rar$DRa2880.1667\jailbreak-master\binaries\jbstore2_64.exe | executable | |
MD5:565653A01D5E914DE9676BE44E5D323A | SHA256:2E998997F746F5F331DFDCC038FDA80A7A581664503CDD148651ACDB9A69352F | |||
2880 | WinRAR.exe | C:\Users\admin\AppData\Local\Temp\Rar$DRa2880.1667\jailbreak-master\.gitignore | text | |
MD5:710A4CB08A9DDD43ED04879169BD63DD | SHA256:2F6BEE2423BD7DEC17683E42B2A85A5EC446A5A22BEB70A49082BA72B638ABD2 | |||
2880 | WinRAR.exe | C:\Users\admin\AppData\Local\Temp\Rar$DRa2880.1667\jailbreak-master\binaries\jailbreak64.exe.sha256 | text | |
MD5:263321A3A4A7E64D9AB99FC5FF2F2FBB | SHA256:ED014305ACA9D332D9256F23AB8A9161E6D7CBB42CEC9BA9344435752486D44A | |||
2880 | WinRAR.exe | C:\Users\admin\AppData\Local\Temp\Rar$DRa2880.1667\jailbreak-master\LICENSE | text | |
MD5:D8406488EA21766D65902668C1F625F3 | SHA256:9D8CB63A8C8A1060D0162757DAE6BED58D0C66708D67E2300A834093A23F5D0A | |||
2880 | WinRAR.exe | C:\Users\admin\AppData\Local\Temp\Rar$DRa2880.1667\jailbreak-master\binaries\jailbreakhook64.dll.sha256 | text | |
MD5:E9058C4669A3FBC4BD9BB2C90A29211A | SHA256:6BCADF205B82F729233043146A36E46A78CC4E9AB8268CBE9B7A23BAD3D3F16D | |||
2880 | WinRAR.exe | C:\Users\admin\AppData\Local\Temp\Rar$DRa2880.1667\jailbreak-master\binaries\jbstore2_32.exe.sha256 | text | |
MD5:55E200FF20CC7FEC26D483D1CB3A8533 | SHA256:7D5C77BBE02328FDE7B2AF4BEE8B9727CF21FC58D3E73FCF2B25E8A7F7F99A51 | |||
2880 | WinRAR.exe | C:\Users\admin\AppData\Local\Temp\Rar$DRa2880.1667\jailbreak-master\README.md | text | |
MD5:4AAFD0BD76FF3FBA9FB78F86843510B4 | SHA256:86FD6A4F9CDD53F118044A5963F58BD77CEBBA1D369D96D990CB74936DE87A57 | |||
2880 | WinRAR.exe | C:\Users\admin\AppData\Local\Temp\Rar$DRa2880.1667\jailbreak-master\binaries\jailbreak32.exe | executable | |
MD5:8FBE0B5E85EE953A824CC952AE50D3B7 | SHA256:7E50BC71C20EFDAE915BA1647D7B8C4FDB2A189908D9861F795DEE699FFE1DE3 |