File name: | LC-DOCUMENT 09269865974258952P0.ace |
Full analysis: | https://app.any.run/tasks/013c963b-a849-442a-b477-2bf09281f025 |
Verdict: | Malicious activity |
Analysis date: | April 25, 2019, 11:29:21 |
OS: | Windows 7 Professional Service Pack 1 (build: 7601, 32 bit) |
Indicators: | |
MIME: | application/octet-stream |
File info: | ACE archive data version 20, from Win/32, version 20 to extract, contains AV-String (unregistered), solid |
MD5: | E140EA6A2DD435290BE7848185D11252 |
SHA1: | CEC3BE312CB670E08BD8CB8D7BD16E8617AB9F96 |
SHA256: | C1EE7A6393CB075073328719298BE1A6472C7A7B0736ED3D74E5C42271E23A30 |
SSDEEP: | 12288:IxyprdEVM/ITLzZNoI55PuYwOA/OiEp8wUwMq:IxypZEji/CpRv |
.ace | | | ACE compressed archive (100) |
---|
PID | CMD | Path | Indicators | Parent process |
---|---|---|---|---|
2484 | "C:\Program Files\WinRAR\WinRAR.exe" "C:\Users\admin\AppData\Local\Temp\LC-DOCUMENT 09269865974258952P0.ace" | C:\Program Files\WinRAR\WinRAR.exe | explorer.exe | |
User: admin Company: Alexander Roshal Integrity Level: MEDIUM Description: WinRAR archiver Exit code: 0 Version: 5.60.0 | ||||
1204 | "C:\Users\admin\Desktop\LC-DOCUMENT 09269865974258952P0.exe" | C:\Users\admin\Desktop\LC-DOCUMENT 09269865974258952P0.exe | — | explorer.exe |
User: admin Integrity Level: MEDIUM Exit code: 0 | ||||
3448 | "C:\Users\admin\Desktop\LC-DOCUMENT 09269865974258952P0.exe" | C:\Users\admin\Desktop\LC-DOCUMENT 09269865974258952P0.exe | — | LC-DOCUMENT 09269865974258952P0.exe |
User: admin Integrity Level: MEDIUM Exit code: 0 | ||||
3092 | "C:\Users\admin\Desktop\LC-DOCUMENT 09269865974258952P0.exe" | C:\Users\admin\Desktop\LC-DOCUMENT 09269865974258952P0.exe | — | LC-DOCUMENT 09269865974258952P0.exe |
User: admin Integrity Level: MEDIUM Exit code: 0 | ||||
3236 | "C:\Users\admin\Desktop\LC-DOCUMENT 09269865974258952P0.exe" | C:\Users\admin\Desktop\LC-DOCUMENT 09269865974258952P0.exe | — | LC-DOCUMENT 09269865974258952P0.exe |
User: admin Integrity Level: MEDIUM Exit code: 0 | ||||
2152 | "C:\Users\admin\Desktop\LC-DOCUMENT 09269865974258952P0.exe" | C:\Users\admin\Desktop\LC-DOCUMENT 09269865974258952P0.exe | — | LC-DOCUMENT 09269865974258952P0.exe |
User: admin Integrity Level: MEDIUM Exit code: 0 | ||||
2712 | "C:\Users\admin\Desktop\LC-DOCUMENT 09269865974258952P0.exe" | C:\Users\admin\Desktop\LC-DOCUMENT 09269865974258952P0.exe | — | LC-DOCUMENT 09269865974258952P0.exe |
User: admin Integrity Level: MEDIUM Exit code: 0 | ||||
2704 | "C:\Users\admin\Desktop\LC-DOCUMENT 09269865974258952P0.exe" | C:\Users\admin\Desktop\LC-DOCUMENT 09269865974258952P0.exe | — | LC-DOCUMENT 09269865974258952P0.exe |
User: admin Integrity Level: MEDIUM Exit code: 0 |
PID | Process | Filename | Type | |
---|---|---|---|---|
2484 | WinRAR.exe | C:\Users\admin\Desktop\LC-DOCUMENT 09269865974258952P0.exe | executable | |
MD5:E33CA4A751C016D9DF5838ECF17FEBA9 | SHA256:EAD5E9048C6742126341E5880AD06F1F29B5865DFA137C56D2298C28AD5BDF38 | |||
2484 | WinRAR.exe | C:\Users\admin\AppData\Local\Temp\LC-DOCUMENT 09269865974258952P0\LC-DOCUMENT 09269865974258952P0.exe | executable | |
MD5:E33CA4A751C016D9DF5838ECF17FEBA9 | SHA256:EAD5E9048C6742126341E5880AD06F1F29B5865DFA137C56D2298C28AD5BDF38 |