File name: | scanner.rar |
Full analysis: | https://app.any.run/tasks/cc1ef243-f040-4d50-b870-d235fd82d07a |
Verdict: | Malicious activity |
Analysis date: | March 30, 2020, 16:30:07 |
OS: | Windows 7 Professional Service Pack 1 (build: 7601, 32 bit) |
Indicators: | |
MIME: | application/x-rar |
File info: | RAR archive data, v4, os: Win32 |
MD5: | 567D8286FDA1218C9EF19FFFF0EFFD47 |
SHA1: | 95AEC28F9730C679A87AB6F100DAC7D3335531D6 |
SHA256: | EF1A2FFD39844B03BDE79B1EE8F51A7FFEAE2FF1CA320141E4EF4E3833CBD7E5 |
SSDEEP: | 196608:GVi+XpTf7IxZru+JZtcTKXbrY1K0Gk8E7gJYckKPOIT4I1P:GViGJcxZru2DLmJsYoWo9 |
.rar | | | RAR compressed archive (v-4.x) (58.3) |
---|---|---|
.rar | | | RAR compressed archive (gen) (41.6) |
CompressedSize: | 920 |
---|---|
UncompressedSize: | 884 |
OperatingSystem: | Win32 |
ModifyDate: | 2014:02:23 10:01:07 |
PackingMethod: | Stored |
ArchivedFileName: | Base\backup.avz |
PID | CMD | Path | Indicators | Parent process |
---|---|---|---|---|
3504 | "C:\Program Files\WinRAR\WinRAR.exe" "C:\Users\admin\AppData\Local\Temp\scanner.rar" | C:\Program Files\WinRAR\WinRAR.exe | explorer.exe | |
User: admin Company: Alexander Roshal Integrity Level: MEDIUM Description: WinRAR archiver Version: 5.60.0 | ||||
1520 | "C:\Users\admin\Desktop\scanner\avz.exe" | C:\Users\admin\Desktop\scanner\avz.exe | — | explorer.exe |
User: admin Company: Лаборатория Касперского, 2007-2013 Integrity Level: MEDIUM Description: Антивирусная утилита AVZ Exit code: 3221226540 Version: 4.43.0.0 | ||||
3764 | "C:\Users\admin\Desktop\scanner\avz.exe" | C:\Users\admin\Desktop\scanner\avz.exe | explorer.exe | |
User: admin Company: Лаборатория Касперского, 2007-2013 Integrity Level: HIGH Description: Антивирусная утилита AVZ Version: 4.43.0.0 |
PID | Process | Filename | Type | |
---|---|---|---|---|
3504 | WinRAR.exe | C:\Users\admin\Desktop\scanner\Base\backup.avz | pva | |
MD5:A02C0F71D0724F87A332841C5E713542 | SHA256:BA3DDD7DCCE4E1A981FBF8C731D71E62F59520BA73DEA6B556D06C3582728392 | |||
3504 | WinRAR.exe | C:\Users\admin\Desktop\scanner\Base\lang_ru.avz | pva | |
MD5:13CACB1C6177FD8887137C826FF4A26E | SHA256:B222E7C6FA290390DCC93AF2D4766456C7AE4E5F5B457C0118CB5B7814A0C175 | |||
3504 | WinRAR.exe | C:\Users\admin\Desktop\scanner\Base\krnldrv.avz | pva | |
MD5:3455426B907C247C0F7C24536919040A | SHA256:DF8289BDB25D99DFECD37A6F83819AC5D860EF25735C95522710441B097D63E7 | |||
3504 | WinRAR.exe | C:\Users\admin\Desktop\scanner\Base\esc.avz | pva | |
MD5:53B05B0B0804844D1CDFB8BC17195449 | SHA256:6A4AF62FE094075C60E569A16501EE85AB7E6D26D80D26FEE83426AFF801A017 | |||
3504 | WinRAR.exe | C:\Users\admin\Desktop\scanner\Base\main.avz | pva | |
MD5:C0B6386155A11C8829F1FE2CD957BDCE | SHA256:725CF1744828524D3094ADF2C7FD6A655314FE97411D97DA44A18CA6B9373E06 | |||
3504 | WinRAR.exe | C:\Users\admin\Desktop\scanner\Base\main001.avz | pva | |
MD5:9D7A1994024D6E6DA6FF453938640C38 | SHA256:56182D19C70C936E82E7A155966743494783D844C315BA99F6B6FDB34F83485A | |||
3504 | WinRAR.exe | C:\Users\admin\Desktop\scanner\Base\main005.avz | pva | |
MD5:57C57D3B8896083B71131E6B3EE1E032 | SHA256:49132BEE55D0D37E016457494B772ACF1E57AC32E74AEABB45807AAE6D9E9C32 | |||
3504 | WinRAR.exe | C:\Users\admin\Desktop\scanner\Base\keylogger.avz | pva | |
MD5:3F6E67FC443B53FC27A5E563CA90C531 | SHA256:54B5683A941576EED9E5AF91A2F3B80FA8B1E6A08B52A6C0F2702FC8DD3497F9 | |||
3504 | WinRAR.exe | C:\Users\admin\Desktop\scanner\Base\main009.avz | pva | |
MD5:89A954C1B0E2DF34C3C926C526C90913 | SHA256:3FDA3C92AC8EE838215B56C9718D68E24FD31D64FE52594EB090E1737EEB2057 | |||
3504 | WinRAR.exe | C:\Users\admin\Desktop\scanner\Base\extract.avz | pva | |
MD5:A9849F62A037A67A376F57EEABF805A1 | SHA256:39861D3F8E0ADFEC5B4E934BDEB863870BD3389CF5793AE2512105CF2814F915 |