File name:

5821adde-40cd-431f-aeed-78bad1b91c71

Full analysis: https://app.any.run/tasks/070476a0-80bd-4a01-b675-37c3b7247029
Verdict: No threats detected
Analysis date: March 06, 2020, 13:58:10
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
MIME: image/png
File info: PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced
MD5:

1E13EE0ED09C4AF1ADFB6C0D280879B0

SHA1:

1192A79F7B4C4FF814583743F8C66ACA7ECB8ACF

SHA256:

E2395FBA25D3FB8A971345CA65D144F7D9C9D933F70409165446E63D18C0958D

SSDEEP:

48:RgHrMEg/Nf3otqzX6xRFyvGmgoeK0vhHGic8Z/FtFDzioSPHDNOM9UqjFm:MrME6LEF0Y1K0vhHGS1WoSvDNOt2m

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    No malicious indicators.

  • SUSPICIOUS

    No suspicious indicators.

  • INFO

    No info indicators.
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.png | Portable Network Graphics (100)

EXIF

PNG

ImageWidth: 96
ImageHeight: 96
BitDepth: 8
ColorType: RGB with Alpha
Compression: Deflate/Inflate
Filter: Adaptive
Interlace: Noninterlaced
SRGBRendering: Perceptual

Composite

ImageSize: 96x96
Megapixels: 0.009
No data.
screenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
34
Monitored processes
1
Malicious processes
0
Suspicious processes
0

Behavior graph

Click at the process to see the details
start rundll32.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
2892"C:\Windows\System32\rundll32.exe" "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen C:\Users\admin\AppData\Local\Temp\5821adde-40cd-431f-aeed-78bad1b91c71.pngC:\Windows\System32\rundll32.exeexplorer.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Windows host process (Rundll32)
Exit code:
0
Version:
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\windows\system32\rundll32.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\imagehlp.dll
Total events
367
Read events
366
Write events
1
Delete events
0

Modification events

(PID) Process:(2892) rundll32.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Direct3D\MostRecentApplication
Operation:writeName:Name
Value:
rundll32.exe
Executable files
0
Suspicious files
0
Text files
0
Unknown types
0

Dropped files

No data
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
0
TCP/UDP connections
0
DNS requests
0
Threats
0

HTTP requests

No HTTP requests
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

No data

DNS requests

No data

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2026 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
5821adde-40cd-431f-aeed-78bad1b91c71