File name:

AppNee.com.GenP.v2.4.7z

Full analysis: https://app.any.run/tasks/b44bc1ee-1e87-47bd-8d6f-66ba2358eeed
Verdict: Suspicious activity
Analysis date: March 04, 2020, 00:56:38
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:
MIME: application/x-7z-compressed
File info: 7-zip archive data, version 0.4
MD5:

FB541ABA76E9266162C12AE11D57CC4D

SHA1:

3A7A70AAECFA52699B7FC98B382B226AED639CD1

SHA256:

E7EF4488BFB4D48550121006CA52FB9B66112E3C15432DA28CC9B2A68DC0A331

SSDEEP:

49152:5zsxdS/J4ykQR0P4uacqS9lEsJw88A6X5m+hjmiloi:VsS/unP9qQNCS6pUk

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Application was dropped or rewritten from another process

      • ASP_v2_0_P.exe (PID: 3620)
      • ASP_v2_0_P.exe (PID: 2732)

    • Loads dropped or rewritten executable

      • ASP_v2_0_P.exe (PID: 3620)

  • SUSPICIOUS

    • Executable content was dropped or overwritten

      • WinRAR.exe (PID: 2524)
      • ASP_v2_0_P.exe (PID: 3620)
      • WinRAR.exe (PID: 2080)

  • INFO

    • Manual execution by user

      • ASP_v2_0_P.exe (PID: 3620)
      • ASP_v2_0_P.exe (PID: 2732)
      • WinRAR.exe (PID: 2080)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.7z | 7-Zip compressed archive (v0.4) (57.1)
.7z | 7-Zip compressed archive (gen) (42.8)
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
50
Monitored processes
4
Malicious processes
0
Suspicious processes
0

Behavior graph

Click at the process to see the details
start winrar.exe asp_v2_0_p.exe no specs asp_v2_0_p.exe winrar.exe

Process information

PID
CMD
Path
Indicators
Parent process
2080"C:\Program Files\WinRAR\WinRAR.exe" x -iext -ow -ver -- "C:\Users\admin\Desktop\AppNee.com.GenP.v2.4.7z" C:\Users\admin\Desktop\AppNee.com.GenP.v2.4\C:\Program Files\WinRAR\WinRAR.exe
explorer.exe
User:
admin
Company:
Alexander Roshal
Integrity Level:
MEDIUM
Description:
WinRAR archiver
Exit code:
0
Version:
5.60.0
Modules
Images
c:\program files\winrar\winrar.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\comdlg32.dll
2524"C:\Program Files\WinRAR\WinRAR.exe" "C:\Users\admin\AppData\Local\Temp\AppNee.com.GenP.v2.4.7z"C:\Program Files\WinRAR\WinRAR.exe
explorer.exe
User:
admin
Company:
Alexander Roshal
Integrity Level:
MEDIUM
Description:
WinRAR archiver
Exit code:
0
Version:
5.60.0
Modules
Images
c:\program files\winrar\winrar.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\comdlg32.dll
2732"C:\Users\admin\Desktop\crack\ASP_v2_0_P.exe" C:\Users\admin\Desktop\crack\ASP_v2_0_P.exeexplorer.exe
User:
admin
Company:
PainteR
Integrity Level:
MEDIUM
Description:
Universal Adobe Patcher
Exit code:
3221226540
Version:
2.0.0.0
Modules
Images
c:\users\admin\desktop\crack\asp_v2_0_p.exe
c:\systemroot\system32\ntdll.dll
3620"C:\Users\admin\Desktop\crack\ASP_v2_0_P.exe" C:\Users\admin\Desktop\crack\ASP_v2_0_P.exe
explorer.exe
User:
admin
Company:
PainteR
Integrity Level:
HIGH
Description:
Universal Adobe Patcher
Exit code:
0
Version:
2.0.0.0
Modules
Images
c:\users\admin\desktop\crack\asp_v2_0_p.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
Total events
584
Read events
551
Write events
33
Delete events
0

Modification events

(PID) Process:(2524) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\Interface\Themes
Operation:writeName:ShellExtBMP
Value:
(PID) Process:(2524) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\Interface\Themes
Operation:writeName:ShellExtIcon
Value:
(PID) Process:(2524) WinRAR.exeKey:HKEY_CLASSES_ROOT\Local Settings\MuiCache\12B\52C64B7E
Operation:writeName:LanguageList
Value:
en-US
(PID) Process:(2524) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\ArcHistory
Operation:writeName:0
Value:
C:\Users\admin\AppData\Local\Temp\AppNee.com.GenP.v2.4.7z
(PID) Process:(2524) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:name
Value:
120
(PID) Process:(2524) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:size
Value:
80
(PID) Process:(2524) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:type
Value:
120
(PID) Process:(2524) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:mtime
Value:
100
(PID) Process:(2524) WinRAR.exeKey:HKEY_CLASSES_ROOT\Local Settings\MuiCache\12B\52C64B7E
Operation:writeName:@C:\Windows\System32\ieframe.dll,-10046
Value:
Internet Shortcut
(PID) Process:(2524) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\DialogEditHistory\ExtrPath
Operation:writeName:0
Value:
C:\Users\admin\Desktop\crack
Executable files
12
Suspicious files
0
Text files
52
Unknown types
0

Dropped files

PID
Process
Filename
Type
2524WinRAR.exeC:\Users\admin\Desktop\crack\ICONS\13.jpgimage
MD5:5E8AB8C7B3FD01B70A9F1D83F611A3F5
SHA256:1187CE3203E9E4918F3D636C79435D288EAEC436A1D17BD400A4CA6F9CD02298
2524WinRAR.exeC:\Users\admin\Desktop\crack\ICONS\14.jpgimage
MD5:D3E486625A0E82C37163B57E5CF6BFC7
SHA256:E64829DACC2E8BB18C006CB5FE8476811361CB29F9F27968CAF8419953074BB5
2524WinRAR.exeC:\Users\admin\Desktop\crack\ICONS\15.jpgimage
MD5:66FF480FDCC702B257D2CC9286CABC27
SHA256:1598FF051144A1C180131F3297D36ECD68649DB69AAA0BD1DC600FC55E153BE5
2524WinRAR.exeC:\Users\admin\Desktop\crack\ICONS\17.jpgimage
MD5:1EED193223EF2E841C70761B52B2F124
SHA256:EF3FD9662375305E36648935AA256DE732F5C7FE659FB24858A30DD3760D8D5B
2524WinRAR.exeC:\Users\admin\Desktop\crack\ICONS\11.jpgimage
MD5:68D355824858FA8C3877CDD14FEBE742
SHA256:10F450CB2B9788E68C64091EA829790254D3C0C83CBE82DADAEDA13D98B65C8B
2524WinRAR.exeC:\Users\admin\Desktop\crack\ICONS\19.jpgimage
MD5:
SHA256:
2524WinRAR.exeC:\Users\admin\Desktop\crack\ICONS\12.jpgimage
MD5:AE14AF30E9FA671F328B8695443D25E0
SHA256:FBFBC979B817163667D6B854927D53B13E4426DB17518A8D3AD14B858B8319F7
2524WinRAR.exeC:\Users\admin\Desktop\crack\ICONS\21.jpgimage
MD5:2F2A2DEE3061026335AFD000A50C987A
SHA256:49E28BDB46222C5A61FF1A144B55D3A106E8E3DFEBE90A011E4C7414F3665FFE
2524WinRAR.exeC:\Users\admin\Desktop\crack\ICONS\23.jpgimage
MD5:80B037A859CE618A5C4A2657663827D4
SHA256:95BC3A2D219EB6F19CD8E850029D0D097C022BD5CA12069487244FCC5AB1CA33
2524WinRAR.exeC:\Users\admin\Desktop\crack\ICONS\3.jpgimage
MD5:4567054C08A68A6C72892D814B55C923
SHA256:125BDEC1C59188CCA7808123A926DC36933CE657B685AE09BB16C87F9C7DAFB8
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
0
TCP/UDP connections
0
DNS requests
0
Threats
0

HTTP requests

No HTTP requests
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

No data

DNS requests

No data

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
AppNee.com.GenP.v2.4.7z