analyze malware
  • Huge database of samples and IOCs
  • Custom VM setup
  • Unlimited submissions
  • Interactive approach
Sign up, it’s free
File name:

Soundpad 3.2.1 [Cracked By Ray_Black].rar

Full analysis: https://app.any.run/tasks/442bc95c-29c5-4ec3-b24e-d52b7a08433e
Verdict: Malicious activity
Analysis date: April 18, 2021, 07:16:38
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:
MIME: application/x-rar
File info: RAR archive data, v5
MD5:

2026189D981761AD200FAD9C878CB79B

SHA1:

6FC54D23685D17D4B9A7E317F255934F7DDC932D

SHA256:

B381C923E7F78FA28E1B2658212B600CD56140B014EFA407E0D83F1E26BFA8EB

SSDEEP:

196608:cYMvdrOovBFR7spEUBMHsBcxwP9/s7xf4tT4/w0li:czDTVgzcxwFRS/wj

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.
  • MALICIOUS

    No malicious indicators.
  • SUSPICIOUS

    • Drops a file that was compiled in debug mode

      • WinRAR.exe (PID: 2172)
    • Executable content was dropped or overwritten

      • WinRAR.exe (PID: 2172)
  • INFO

    No info indicators.
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.rar | RAR compressed archive (v5.0) (61.5)
.rar | RAR compressed archive (gen) (38.4)
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
38
Monitored processes
1
Malicious processes
1
Suspicious processes
0

Behavior graph

Click at the process to see the details
start winrar.exe

Process information

PID
CMD
Path
Indicators
Parent process
2172"C:\Program Files\WinRAR\WinRAR.exe" "C:\Users\admin\AppData\Local\Temp\Soundpad 3.2.1 [Cracked By Ray_Black].rar"C:\Program Files\WinRAR\WinRAR.exe
explorer.exe
User:
admin
Company:
Alexander Roshal
Integrity Level:
MEDIUM
Description:
WinRAR archiver
Version:
5.60.0
Total events
440
Read events
427
Write events
0
Delete events
0

Modification events

No data
Executable files
18
Suspicious files
0
Text files
9
Unknown types
150

Dropped files

PID
Process
Filename
Type
2172WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$EXb2172.6555\Soundpad 3.2.1 [Cracked By Ray_Black]\languages\cs\translation.mogmo
MD5:BD713F81EB3AC090F5323D4EA5E1419F
SHA256:D10BF445478D99BA0C162460B83F8C0D5F90FCC6F6B2A0781B06665855B90E0F
2172WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$EXb2172.6555\Soundpad 3.2.1 [Cracked By Ray_Black]\languages\de\translation.mogmo
MD5:72FD2494771DEBA6E0793349E09CFF87
SHA256:95C10350A09A13FBAE765392157B1F87CA0FBE2A90064FA6E392D488D611D009
2172WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$EXb2172.6555\Soundpad 3.2.1 [Cracked By Ray_Black]\languages\es_ES\translation.mogmo
MD5:4A1B3ADD8695DBA63A4EE3C33DD12EE9
SHA256:1451498AB0E6FE99E0AF2E2CB2E16A96584E05A35B7D612D6A49541951F2C5B2
2172WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$EXb2172.6555\Soundpad 3.2.1 [Cracked By Ray_Black]\languages\bg_BG\translation.mogmo
MD5:C9DC36847168EB37AB4AC0207C9CD95F
SHA256:B36E440664FD01D2D81C7B4B7A423391D2FE06E27C20E91D56D4314B8B031160
2172WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$EXb2172.6555\Soundpad 3.2.1 [Cracked By Ray_Black]\languages\ms_MY\translation.mogmo
MD5:DD05E2221615D75FEAADB00E4BE8EB5A
SHA256:388BC2510D61DBCF930C7D1F17D2942A4BE023E043448090ACDE563C9D214A8E
2172WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$EXb2172.6555\Soundpad 3.2.1 [Cracked By Ray_Black]\languages\fi\translation.mogmo
MD5:0809047DC82E7F969D3E6FA156F443A7
SHA256:F7A36922EA8EE9EDD118025AE093487B1C8215C007D398F640BFBFE7A945D599
2172WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$EXb2172.6555\Soundpad 3.2.1 [Cracked By Ray_Black]\languages\hi_IN\translation.mogmo
MD5:8C542A3D38767F434FB45168710809A4
SHA256:0812F61DAA444024F7836BC76101FBFA406EA55E38DDCFCA4384625E41F14193
2172WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$EXb2172.6555\Soundpad 3.2.1 [Cracked By Ray_Black]\languages\ja\translation.mogmo
MD5:24E416AA8A35BB178FBDAEB9DE73A341
SHA256:992B05B0BC1A1D31A23CB05CD90270C9E107988307A81133D7B8550D986718B1
2172WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$EXb2172.6555\Soundpad 3.2.1 [Cracked By Ray_Black]\languages\lv_LV\translation.mogmo
MD5:175B6516FE9E068B32C63EE66F514452
SHA256:23A6E2AB1E6E8C09CFD51067804E127A401AA432E185CD208055CAC12902B286
2172WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$EXb2172.6555\Soundpad 3.2.1 [Cracked By Ray_Black]\languages\fr\translation.mogmo
MD5:AA9A8580463FF09ABDC1F6C8F6F98EA3
SHA256:07A94424F4E8D4EFC4E177C77E7B3505C2ACBD006773B029050CC1DE44EC239B
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
0
TCP/UDP connections
0
DNS requests
0
Threats
0

HTTP requests

No HTTP requests
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

No data

DNS requests

No data

Threats

No threats detected
No debug info