File name: | IBAN DETAILS.iso |
Full analysis: | https://app.any.run/tasks/b0183a3c-979c-4534-8e58-f7d87cda0ec7 |
Verdict: | Malicious activity |
Analysis date: | May 20, 2019, 12:11:08 |
OS: | Windows 7 Professional Service Pack 1 (build: 7601, 32 bit) |
Indicators: | |
MIME: | application/x-iso9660-image |
File info: | ISO 9660 CD-ROM filesystem data 'IBAN DETAILS' |
MD5: | 17B7111263B6FCBE3FBC1D3E4E84721F |
SHA1: | 77E840C7C914B37EF353726F8A6E2E7D4EDAA01A |
SHA256: | D6B5982B130647DAE75B46328857902A95A7BA03309E0767CE8E7B35EECF16E9 |
SSDEEP: | 6144:jOQZM2bMSMNkKtefDh/HxKRhQAn2jaTmEAx2c6vhD/VRy:CaDx6XKahSHMc6vhhE |
.iso | | | ISO 9660 CD image (27.6) |
---|---|---|
.atn | | | Photoshop Action (27.1) |
.gmc | | | Game Music Creator Music (6.1) |
System: | Win32 |
---|---|
VolumeName: | IBAN DETAILS |
VolumeBlockCount: | 326 |
VolumeBlockSize: | 2048 |
RootDirectoryCreateDate: | 2019:05:16 19:29:11+01:00 |
Software: | PowerISO |
VolumeCreateDate: | 2019:05:16 19:29:11.00+01:00 |
VolumeModifyDate: | 2019:05:16 19:29:11.00+01:00 |
VolumeSize: | 652 kB |
---|
PID | CMD | Path | Indicators | Parent process |
---|---|---|---|---|
2956 | "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\admin\AppData\Local\Temp\IBAN DETAILS.iso | C:\Windows\system32\rundll32.exe | — | explorer.exe |
User: admin Company: Microsoft Corporation Integrity Level: MEDIUM Description: Windows host process (Rundll32) Exit code: 0 Version: 6.1.7600.16385 (win7_rtm.090713-1255) | ||||
584 | "C:\Program Files\WinRAR\WinRAR.exe" "C:\Users\admin\AppData\Local\Temp\IBAN DETAILS.iso" | C:\Program Files\WinRAR\WinRAR.exe | — | rundll32.exe |
User: admin Company: Alexander Roshal Integrity Level: MEDIUM Description: WinRAR archiver Version: 5.60.0 | ||||
852 | "C:\Users\admin\Desktop\IBAN DETAILS.bat" | C:\Users\admin\Desktop\IBAN DETAILS.bat | — | explorer.exe |
User: admin Company: ODNIM0 Integrity Level: MEDIUM Version: 1.02.0003 | ||||
3316 | "C:\Users\admin\Desktop\IBAN DETAILS.bat.exe" | C:\Users\admin\Desktop\IBAN DETAILS.bat.exe | — | explorer.exe |
User: admin Company: ODNIM0 Integrity Level: MEDIUM Version: 1.02.0003 |
PID | Process | Filename | Type | |
---|---|---|---|---|
584 | WinRAR.exe | C:\Users\admin\AppData\Local\Temp\Rar$DRa584.29942\IBAN DETAILS.bat | — | |
MD5:— | SHA256:— |