| download: | TheVisitorWE.msi |
| Full analysis: | https://app.any.run/tasks/7567605d-163c-42f6-810a-16a2d0048b4e |
| Verdict: | No threats detected |
| Analysis date: | April 11, 2020, 18:09:07 |
| OS: | Windows 7 Professional Service Pack 1 (build: 7601, 32 bit) |
| Tags: | |
| Indicators: | |
| MIME: | application/x-msi |
| File info: | Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Code page: 1252, Title: Installation Database, Subject: The Visitor - Windows Edition is an application to allows friends, family and professionals to conduct video visits with an incarcerated person., Author: ICSolutions, Keywords: Installer, Comments: All Rights Reserved. Copyright Inmate Calling Solutions, LLC d/b/a ICSolutions., Template: x64;1033, Revision Number: {DE05B4B6-6CEC-459D-B24F-70C5C5FC4E4E}, Create Time/Date: Fri Jun 21 20:35:30 2019, Last Saved Time/Date: Fri Jun 21 20:35:30 2019, Number of Pages: 200, Number of Words: 2, Name of Creating Application: Windows Installer XML Toolset (3.11.1.2318), Security: 2 |
| MD5: | ECEF6D25E68324B4758A4C0184C6DAE3 |
| SHA1: | 4C6DA5BE209C1BF71A54A3E806672C188120ABF0 |
| SHA256: | C9422ABA7BC43F287CEC9CE749256D0A15BDC06012ABA0B001E5C8B854990A4D |
| SSDEEP: | 393216:lEHmh3M02Hfze7YxG0Go+IeGjGW3ekMqp3/PFM88JWPs/I9qRNU8eypGTJnI:CP062Y80CIeGjGW3TPPpsgkRG5+ |
MALICIOUS
No malicious indicators.SUSPICIOUS
No suspicious indicators.INFO
No info indicators.
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
TRiD
| .msi | | | Microsoft Windows Installer (98.5) |
|---|---|---|
| .msi | | | Microsoft Installer (100) |
EXIF
FlashPix
| CodePage: | Windows Latin 1 (Western European) |
|---|---|
| Title: | Installation Database |
| Subject: | The Visitor™ - Windows Edition is an application to allows friends, family and professionals to conduct video visits with an incarcerated person. |
| Author: | ICSolutions |
| Keywords: | Installer |
| Comments: | All Rights Reserved. Copyright Inmate Calling Solutions, LLC d/b/a ICSolutions. |
| Template: | x64;1033 |
| RevisionNumber: | {DE05B4B6-6CEC-459D-B24F-70C5C5FC4E4E} |
| CreateDate: | 2019:06:21 19:35:30 |
| ModifyDate: | 2019:06:21 19:35:30 |
| Pages: | 200 |
| Words: | 2 |
| Software: | Windows Installer XML Toolset (3.11.1.2318) |
| Security: | Read-only recommended |
Total processes
36
Monitored processes
2
Malicious processes
0
Suspicious processes
0
Behavior graph
Click at the process to see the details
Process information
PID | CMD | Path | Indicators | Parent process | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 1784 | C:\Windows\system32\msiexec.exe /V | C:\Windows\system32\msiexec.exe | — | services.exe | |||||||||||
User: SYSTEM Company: Microsoft Corporation Integrity Level: SYSTEM Description: Windows® installer Exit code: 0 Version: 5.0.7600.16385 (win7_rtm.090713-1255) Modules
| |||||||||||||||
| 3176 | "C:\Windows\System32\msiexec.exe" /i "C:\Users\admin\AppData\Local\Temp\TheVisitorWE.msi" | C:\Windows\System32\msiexec.exe | — | explorer.exe | |||||||||||
User: admin Company: Microsoft Corporation Integrity Level: MEDIUM Description: Windows® installer Exit code: 1633 Version: 5.0.7600.16385 (win7_rtm.090713-1255) Modules
| |||||||||||||||
Total events
9
Read events
9
Write events
0
Delete events
0
Modification events
Executable files
0
Suspicious files
0
Text files
0
Unknown types
0
Dropped files
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
0
TCP/UDP connections
0
DNS requests
0
Threats
0
HTTP requests
Download PCAP, analyze network streams, HTTP content and a lot more at the full report