File name:

AppNee.com.GenP.v2.4.7z

Full analysis: https://app.any.run/tasks/b44bc1ee-1e87-47bd-8d6f-66ba2358eeed
Verdict: Suspicious activity
Analysis date: March 04, 2020, 00:56:38
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:
MIME: application/x-7z-compressed
File info: 7-zip archive data, version 0.4
MD5:

FB541ABA76E9266162C12AE11D57CC4D

SHA1:

3A7A70AAECFA52699B7FC98B382B226AED639CD1

SHA256:

E7EF4488BFB4D48550121006CA52FB9B66112E3C15432DA28CC9B2A68DC0A331

SSDEEP:

49152:5zsxdS/J4ykQR0P4uacqS9lEsJw88A6X5m+hjmiloi:VsS/unP9qQNCS6pUk

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Application was dropped or rewritten from another process

      • ASP_v2_0_P.exe (PID: 2732)
      • ASP_v2_0_P.exe (PID: 3620)

    • Loads dropped or rewritten executable

      • ASP_v2_0_P.exe (PID: 3620)

  • SUSPICIOUS

    • Executable content was dropped or overwritten

      • ASP_v2_0_P.exe (PID: 3620)
      • WinRAR.exe (PID: 2524)
      • WinRAR.exe (PID: 2080)

  • INFO

    • Manual execution by user

      • ASP_v2_0_P.exe (PID: 2732)
      • ASP_v2_0_P.exe (PID: 3620)
      • WinRAR.exe (PID: 2080)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.7z | 7-Zip compressed archive (v0.4) (57.1)
.7z | 7-Zip compressed archive (gen) (42.8)
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
50
Monitored processes
4
Malicious processes
0
Suspicious processes
0

Behavior graph

Click at the process to see the details
start winrar.exe asp_v2_0_p.exe no specs asp_v2_0_p.exe winrar.exe

Process information

PID
CMD
Path
Indicators
Parent process
2080"C:\Program Files\WinRAR\WinRAR.exe" x -iext -ow -ver -- "C:\Users\admin\Desktop\AppNee.com.GenP.v2.4.7z" C:\Users\admin\Desktop\AppNee.com.GenP.v2.4\C:\Program Files\WinRAR\WinRAR.exe
explorer.exe
User:
admin
Company:
Alexander Roshal
Integrity Level:
MEDIUM
Description:
WinRAR archiver
Exit code:
0
Version:
5.60.0
Modules
Images
c:\program files\winrar\winrar.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\comdlg32.dll
2524"C:\Program Files\WinRAR\WinRAR.exe" "C:\Users\admin\AppData\Local\Temp\AppNee.com.GenP.v2.4.7z"C:\Program Files\WinRAR\WinRAR.exe
explorer.exe
User:
admin
Company:
Alexander Roshal
Integrity Level:
MEDIUM
Description:
WinRAR archiver
Exit code:
0
Version:
5.60.0
Modules
Images
c:\program files\winrar\winrar.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\comdlg32.dll
2732"C:\Users\admin\Desktop\crack\ASP_v2_0_P.exe" C:\Users\admin\Desktop\crack\ASP_v2_0_P.exeexplorer.exe
User:
admin
Company:
PainteR
Integrity Level:
MEDIUM
Description:
Universal Adobe Patcher
Exit code:
3221226540
Version:
2.0.0.0
Modules
Images
c:\users\admin\desktop\crack\asp_v2_0_p.exe
c:\systemroot\system32\ntdll.dll
3620"C:\Users\admin\Desktop\crack\ASP_v2_0_P.exe" C:\Users\admin\Desktop\crack\ASP_v2_0_P.exe
explorer.exe
User:
admin
Company:
PainteR
Integrity Level:
HIGH
Description:
Universal Adobe Patcher
Exit code:
0
Version:
2.0.0.0
Modules
Images
c:\users\admin\desktop\crack\asp_v2_0_p.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
Total events
584
Read events
551
Write events
33
Delete events
0

Modification events

(PID) Process:(2524) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\Interface\Themes
Operation:writeName:ShellExtBMP
Value:
(PID) Process:(2524) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\Interface\Themes
Operation:writeName:ShellExtIcon
Value:
(PID) Process:(2524) WinRAR.exeKey:HKEY_CLASSES_ROOT\Local Settings\MuiCache\12B\52C64B7E
Operation:writeName:LanguageList
Value:
en-US
(PID) Process:(2524) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\ArcHistory
Operation:writeName:0
Value:
C:\Users\admin\AppData\Local\Temp\AppNee.com.GenP.v2.4.7z
(PID) Process:(2524) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:name
Value:
120
(PID) Process:(2524) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:size
Value:
80
(PID) Process:(2524) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:type
Value:
120
(PID) Process:(2524) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:mtime
Value:
100
(PID) Process:(2524) WinRAR.exeKey:HKEY_CLASSES_ROOT\Local Settings\MuiCache\12B\52C64B7E
Operation:writeName:@C:\Windows\System32\ieframe.dll,-10046
Value:
Internet Shortcut
(PID) Process:(2524) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\DialogEditHistory\ExtrPath
Operation:writeName:0
Value:
C:\Users\admin\Desktop\crack
Executable files
12
Suspicious files
0
Text files
52
Unknown types
0

Dropped files

PID
Process
Filename
Type
2524WinRAR.exeC:\Users\admin\Desktop\crack\ICONS\19.jpgimage
MD5:
SHA256:
2524WinRAR.exeC:\Users\admin\Desktop\crack\ICONS\0.jpgimage
MD5:7AED4367314D3D021C043B3948FB6E2B
SHA256:20C16AA353140AB48F6E0C2FDA1433FF82A69E50542E4EFB5F8C45BB286D6196
2524WinRAR.exeC:\Users\admin\Desktop\crack\ICONS\10.jpgimage
MD5:42FEFC40BEDE481274B70283DD15A0A3
SHA256:35601B7983134B903B042430E0F0666857AF707238EC54EC6821A97FBEBE6E79
2524WinRAR.exeC:\Users\admin\Desktop\crack\ICONS\17.jpgimage
MD5:1EED193223EF2E841C70761B52B2F124
SHA256:EF3FD9662375305E36648935AA256DE732F5C7FE659FB24858A30DD3760D8D5B
2524WinRAR.exeC:\Users\admin\Desktop\crack\ICONS\4.jpgimage
MD5:835EC82230FCAE4845140BC091232FCC
SHA256:49D080CB04F7F641860DF958E412B2786B62BA84D6072299D7F52EA1C408B721
2524WinRAR.exeC:\Users\admin\Desktop\crack\ICONS\2.jpgimage
MD5:41A8B6926C31A9B7C24F69262F95008E
SHA256:5212D81722B07A8A2A100CE8A24D24DAC0016F97277DF3A0446B901736D61731
2524WinRAR.exeC:\Users\admin\Desktop\crack\ICONS\20.jpgimage
MD5:B9EBE66F591D456843BEE62FA78F3EDF
SHA256:D0F10D0C9054B2CE39327E3CA3DC1A6737EC7509F44F8727919B1E900B8738A9
2524WinRAR.exeC:\Users\admin\Desktop\crack\ICONS\3.jpgimage
MD5:4567054C08A68A6C72892D814B55C923
SHA256:125BDEC1C59188CCA7808123A926DC36933CE657B685AE09BB16C87F9C7DAFB8
2524WinRAR.exeC:\Users\admin\Desktop\crack\ICONS\21.jpgimage
MD5:2F2A2DEE3061026335AFD000A50C987A
SHA256:49E28BDB46222C5A61FF1A144B55D3A106E8E3DFEBE90A011E4C7414F3665FFE
2524WinRAR.exeC:\Users\admin\Desktop\crack\ICONS\23.jpgimage
MD5:80B037A859CE618A5C4A2657663827D4
SHA256:95BC3A2D219EB6F19CD8E850029D0D097C022BD5CA12069487244FCC5AB1CA33
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
0
TCP/UDP connections
0
DNS requests
0
Threats
0

HTTP requests

No HTTP requests
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

No data

DNS requests

No data

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2026 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
AppNee.com.GenP.v2.4.7z