analyze malware
  • Huge database of samples and IOCs
  • Custom VM setup
  • Unlimited submissions
  • Interactive approach
Sign up, it’s free
File name:

IBAN DETAILS.iso

Full analysis: https://app.any.run/tasks/b0183a3c-979c-4534-8e58-f7d87cda0ec7
Verdict: Malicious activity
Analysis date: May 20, 2019, 12:11:08
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:
MIME: application/x-iso9660-image
File info: ISO 9660 CD-ROM filesystem data 'IBAN DETAILS'
MD5:

17B7111263B6FCBE3FBC1D3E4E84721F

SHA1:

77E840C7C914B37EF353726F8A6E2E7D4EDAA01A

SHA256:

D6B5982B130647DAE75B46328857902A95A7BA03309E0767CE8E7B35EECF16E9

SSDEEP:

6144:jOQZM2bMSMNkKtefDh/HxKRhQAn2jaTmEAx2c6vhD/VRy:CaDx6XKahSHMc6vhhE

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Application was dropped or rewritten from another process

      • IBAN DETAILS.bat (PID: 852)
      • IBAN DETAILS.bat.exe (PID: 3316)

  • SUSPICIOUS

    No suspicious indicators.

  • INFO

    • Manual execution by user

      • IBAN DETAILS.bat (PID: 852)
      • IBAN DETAILS.bat.exe (PID: 3316)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.iso | ISO 9660 CD image (27.6)
.atn | Photoshop Action (27.1)
.gmc | Game Music Creator Music (6.1)

EXIF

ISO

System: Win32
VolumeName: IBAN DETAILS
VolumeBlockCount: 326
VolumeBlockSize: 2048
RootDirectoryCreateDate: 2019:05:16 19:29:11+01:00
Software: PowerISO
VolumeCreateDate: 2019:05:16 19:29:11.00+01:00
VolumeModifyDate: 2019:05:16 19:29:11.00+01:00

Composite

VolumeSize: 652 kB
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
37
Monitored processes
4
Malicious processes
1
Suspicious processes
0

Behavior graph

Click at the process to see the details
start rundll32.exe no specs winrar.exe no specs iban details.bat no specs iban details.bat.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
2956"C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\admin\AppData\Local\Temp\IBAN DETAILS.isoC:\Windows\system32\rundll32.exeexplorer.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Windows host process (Rundll32)
Exit code:
0
Version:
6.1.7600.16385 (win7_rtm.090713-1255)
584"C:\Program Files\WinRAR\WinRAR.exe" "C:\Users\admin\AppData\Local\Temp\IBAN DETAILS.iso"C:\Program Files\WinRAR\WinRAR.exerundll32.exe
User:
admin
Company:
Alexander Roshal
Integrity Level:
MEDIUM
Description:
WinRAR archiver
Version:
5.60.0
852"C:\Users\admin\Desktop\IBAN DETAILS.bat" C:\Users\admin\Desktop\IBAN DETAILS.batexplorer.exe
User:
admin
Company:
ODNIM0
Integrity Level:
MEDIUM
Version:
1.02.0003
3316"C:\Users\admin\Desktop\IBAN DETAILS.bat.exe" C:\Users\admin\Desktop\IBAN DETAILS.bat.exeexplorer.exe
User:
admin
Company:
ODNIM0
Integrity Level:
MEDIUM
Version:
1.02.0003
Total events
885
Read events
796
Write events
0
Delete events
0

Modification events

No data
Executable files
0
Suspicious files
0
Text files
0
Unknown types
0

Dropped files

PID
Process
Filename
Type
584WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa584.29942\IBAN DETAILS.bat
MD5:
SHA256:
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
0
TCP/UDP connections
0
DNS requests
0
Threats
0

HTTP requests

No HTTP requests
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

No data

DNS requests

No data

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2024 ANY.RUN LLC. ALL RIGHTS RESERVED
ANY.RUN
Reports
IBAN DETAILS.iso