File name: | Junit.zip |
Full analysis: | https://app.any.run/tasks/756f7a8c-5d19-48d3-8be9-62bebdd57aa7 |
Verdict: | Malicious activity |
Analysis date: | December 06, 2019, 16:00:07 |
OS: | Windows 7 Professional Service Pack 1 (build: 7601, 32 bit) |
Indicators: | |
MIME: | application/zip |
File info: | Zip archive data, at least v2.0 to extract |
MD5: | B9EA34681E1825F19723B90EF6D3053B |
SHA1: | B380911DEAE942407FBD41BFDC5C931794455900 |
SHA256: | CEA903FBD465CEB16CF743A424594DFA64595FFD14D86D2077FFD58AEDED0BFD |
SSDEEP: | 49152:V8z2EGFoSXAO16WAddDMI7xCTljQ6B1HD5L2N7OlnN5oAEjsHst:VCGL1d/Q095CFOlnN5w |
.zip | | | ZIP compressed archive (36.3) |
---|
ZipRequiredVersion: | 20 |
---|---|
ZipBitFlag: | - |
ZipCompression: | Deflated |
ZipModifyDate: | 2019:10:22 00:38:29 |
ZipCRC: | 0x1f866908 |
ZipCompressedSize: | 2244 |
ZipUncompressedSize: | 6259 |
ZipFileName: | Junit/build.gradle.kts |
PID | CMD | Path | Indicators | Parent process |
---|---|---|---|---|
992 | "C:\Program Files\WinRAR\WinRAR.exe" "C:\Users\admin\AppData\Local\Temp\Junit.zip" | C:\Program Files\WinRAR\WinRAR.exe | — | explorer.exe |
User: admin Company: Alexander Roshal Integrity Level: MEDIUM Description: WinRAR archiver Version: 5.60.0 | ||||
2200 | cmd /c ""C:\Users\admin\AppData\Local\Temp\Rar$DIa992.9456\gradlew.bat" " | C:\Windows\system32\cmd.exe | — | WinRAR.exe |
User: admin Company: Microsoft Corporation Integrity Level: MEDIUM Description: Windows Command Processor Exit code: 1 Version: 6.1.7601.17514 (win7sp1_rtm.101119-1850) | ||||
2944 | java.exe -version | C:\ProgramData\Oracle\Java\javapath\java.exe | — | cmd.exe |
User: admin Company: Oracle Corporation Integrity Level: MEDIUM Description: Java(TM) Platform SE binary Exit code: 0 Version: 8.0.920.14 | ||||
2376 | "java.exe" "-Xmx64m" "-Xms64m" "-Dorg.gradle.appname=gradlew" -classpath "C:\Users\admin\AppData\Local\Temp\Rar$DIa992.9456\\gradle\wrapper\gradle-wrapper.jar" org.gradle.wrapper.GradleWrapperMain | C:\ProgramData\Oracle\Java\javapath\java.exe | — | cmd.exe |
User: admin Company: Oracle Corporation Integrity Level: MEDIUM Description: Java(TM) Platform SE binary Exit code: 1 Version: 8.0.920.14 | ||||
2472 | "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\admin\AppData\Local\Temp\Rar$DIa992.13940\AssertAll.java | C:\Windows\system32\rundll32.exe | — | WinRAR.exe |
User: admin Company: Microsoft Corporation Integrity Level: MEDIUM Description: Windows host process (Rundll32) Version: 6.1.7600.16385 (win7_rtm.090713-1255) | ||||
2544 | "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\admin\AppData\Local\Temp\Rar$DIa992.14037\AssertFalse.java | C:\Windows\system32\rundll32.exe | — | WinRAR.exe |
User: admin Company: Microsoft Corporation Integrity Level: MEDIUM Description: Windows host process (Rundll32) Version: 6.1.7600.16385 (win7_rtm.090713-1255) | ||||
3960 | "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\admin\AppData\Local\Temp\Rar$DIa992.14190\AssertionUtils.java | C:\Windows\system32\rundll32.exe | — | WinRAR.exe |
User: admin Company: Microsoft Corporation Integrity Level: MEDIUM Description: Windows host process (Rundll32) Version: 6.1.7600.16385 (win7_rtm.090713-1255) | ||||
892 | "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\admin\AppData\Local\Temp\Rar$DIa992.14307\AssertArrayEquals.java | C:\Windows\system32\rundll32.exe | — | WinRAR.exe |
User: admin Company: Microsoft Corporation Integrity Level: MEDIUM Description: Windows host process (Rundll32) Version: 6.1.7600.16385 (win7_rtm.090713-1255) |
PID | Process | Filename | Type | |
---|---|---|---|---|
2944 | java.exe | C:\Users\admin\.oracle_jre_usage\90737d32e3abaa4.timestamp | text | |
MD5:976E648E28516B7D68606A6E47B4CF31 | SHA256:54CB515B2394B7DBAC09A7EFC8766FE4A8D7521410D89C0804A7DA6B6E3C95AC | |||
992 | WinRAR.exe | C:\Users\admin\AppData\Local\Temp\Rar$DIa992.9456\gradlew.bat | text | |
MD5:EBBD0EECBF8C36AE45F0707B19247C7B | SHA256:87268485AC5C93F230997F2715A9831DCAAFB3A631C7A1646DCA2AFC2DBDA7F2 | |||
992 | WinRAR.exe | C:\Users\admin\AppData\Local\Temp\Rar$DIa992.14037\AssertFalse.java | text | |
MD5:F7634E57E93E7784492485917A0FCE80 | SHA256:9231244E4669DC0D14BA3DD7E8BDCD68509B198DBAD33827E87CE8BA2FCA24B0 | |||
992 | WinRAR.exe | C:\Users\admin\AppData\Local\Temp\Rar$DIa992.14190\AssertionUtils.java | text | |
MD5:CCC84DCB33DB90C4AEAAE36515208B00 | SHA256:76222871286E96C1AEE6406C5BC5BDF12878F2B44428A077543D57F619ECDDC1 | |||
992 | WinRAR.exe | C:\Users\admin\AppData\Local\Temp\Rar$DIa992.14307\AssertArrayEquals.java | text | |
MD5:C9A8E70B07DE0A0F70126C49B554A492 | SHA256:62E7D08C2C12C421E8B98603FD5206BC14BDB09FAB45018E0D557793FC76EC50 | |||
2376 | java.exe | C:\Users\admin\.oracle_jre_usage\90737d32e3abaa4.timestamp | text | |
MD5:976E648E28516B7D68606A6E47B4CF31 | SHA256:54CB515B2394B7DBAC09A7EFC8766FE4A8D7521410D89C0804A7DA6B6E3C95AC | |||
992 | WinRAR.exe | C:\Users\admin\AppData\Local\Temp\Rar$DIa992.13940\AssertAll.java | text | |
MD5:0DEF4951ED2F2B504A6BC3F84F881EE0 | SHA256:52E0922B86224D79F958D531ADF45B56D8634477A686EC9981C63008DEE5271C |