File name: | 新建文本文档.7z |
Full analysis: | https://app.any.run/tasks/3507cc22-87cc-4cd9-934c-c07cffc420e6 |
Verdict: | Malicious activity |
Analysis date: | July 18, 2019, 09:14:43 |
OS: | Windows 7 Professional Service Pack 1 (build: 7601, 32 bit) |
Indicators: | |
MIME: | application/x-7z-compressed |
File info: | 7-zip archive data, version 0.4 |
MD5: | 75F0F5585F56A49C5CB0B644BBF62A9B |
SHA1: | 7519A6373109F81D441E8128C940B46C3057961E |
SHA256: | C5BE196C4E20675BEC3B79A23B52B52D065C915052B8A929129F953BA4FC24B5 |
SSDEEP: | 96:bGD5/bNfNfuTj+VcZyNdznBfG5GF2pO6nMDJ29:yt/bNFyTkdzBfOg2ig |
.7z | | | 7-Zip compressed archive (v0.4) (57.1) |
---|---|---|
.7z | | | 7-Zip compressed archive (gen) (42.8) |
PID | CMD | Path | Indicators | Parent process |
---|---|---|---|---|
2844 | "C:\Program Files\WinRAR\WinRAR.exe" "C:\Users\admin\AppData\Local\Temp\新建文本文档.7z" | C:\Program Files\WinRAR\WinRAR.exe | — | explorer.exe |
User: admin Company: Alexander Roshal Integrity Level: MEDIUM Description: WinRAR archiver Exit code: 0 Version: 5.60.0 | ||||
2284 | "C:\Windows\System32\WScript.exe" "C:\Users\admin\Desktop\新建文本文档.vbs" | C:\Windows\System32\WScript.exe | explorer.exe | |
User: admin Company: Microsoft Corporation Integrity Level: MEDIUM Description: Microsoft ® Windows Based Script Host Version: 5.8.7600.16385 |
PID | Process | Filename | Type | |
---|---|---|---|---|
2844 | WinRAR.exe | C:\Users\admin\Desktop\新建文本文档.vbs | text | |
MD5:8DDA45E550277D5C6670F8B146701457 | SHA256:FF208AD4CC99E913D09632D50E2D57ED0723B8289F3CEB036E1ADE6A2C1DFCFB |