File name: | 5446563195813888.zip |
Full analysis: | https://app.any.run/tasks/d532e8e0-8796-4ab0-a77e-ef8fa9dba253 |
Verdict: | Malicious activity |
Analysis date: | May 29, 2020, 22:38:07 |
OS: | Windows 7 Professional Service Pack 1 (build: 7601, 32 bit) |
Indicators: | |
MIME: | application/zip |
File info: | Zip archive data, at least v2.0 to extract |
MD5: | BFAD6A69196094DCAB82F68B4B7E4407 |
SHA1: | 81E44A69DEEFEEB2863074C89C1C0DFF6935627D |
SHA256: | F0B5139B0AEFDBE3ED856A2EAA5C3BDDF678EF4F82BEC08AF66FE5077596E528 |
SSDEEP: | 1536:3KwBfvH5awHb0ZICbfn8H2k5O5F3A49G4sQXClP+7+Msmv6SUW8Voz9mK0pFcxu2:aCfR2tUHjsJPbI+D6Xq9mKHuNJ0yaK5S |
.zip | | | ZIP compressed archive (100) |
---|
ZipRequiredVersion: | 20 |
---|---|
ZipBitFlag: | 0x0009 |
ZipCompression: | Deflated |
ZipModifyDate: | 1980:00:00 00:00:00 |
ZipCRC: | 0x1c610f1e |
ZipCompressedSize: | 93841 |
ZipUncompressedSize: | 174592 |
ZipFileName: | 37c26bddf236ab461d7fe9f3ad62a4e8ca44d6145425246cf77e4436fa8091c3 |
PID | CMD | Path | Indicators | Parent process |
---|---|---|---|---|
1396 | "C:\Program Files\WinRAR\WinRAR.exe" "C:\Users\admin\AppData\Local\Temp\5446563195813888.zip" | C:\Program Files\WinRAR\WinRAR.exe | explorer.exe | |
User: admin Company: Alexander Roshal Integrity Level: MEDIUM Description: WinRAR archiver Version: 5.60.0 | ||||
2624 | "C:\Users\admin\Desktop\37c26bddf236ab461d7fe9f3ad62a4e8ca44d6145425246cf77e4436fa8091c3.exe" | C:\Users\admin\Desktop\37c26bddf236ab461d7fe9f3ad62a4e8ca44d6145425246cf77e4436fa8091c3.exe | — | explorer.exe |
User: admin Integrity Level: MEDIUM | ||||
2408 | "C:\Users\admin\Desktop\37c26bddf236ab461d7fe9f3ad62a4e8ca44d6145425246cf77e4436fa8091c3.exe" | C:\Users\admin\Desktop\37c26bddf236ab461d7fe9f3ad62a4e8ca44d6145425246cf77e4436fa8091c3.exe | — | explorer.exe |
User: admin Integrity Level: MEDIUM Exit code: 1 | ||||
2204 | "C:\Users\admin\Desktop\37c26bddf236ab461d7fe9f3ad62a4e8ca44d6145425246cf77e4436fa8091c3.exe" | C:\Users\admin\Desktop\37c26bddf236ab461d7fe9f3ad62a4e8ca44d6145425246cf77e4436fa8091c3.exe | — | explorer.exe |
User: admin Integrity Level: MEDIUM Exit code: 1 |
PID | Process | Filename | Type | |
---|---|---|---|---|
1396 | WinRAR.exe | C:\Users\admin\AppData\Local\Temp\Rar$DRb1396.23983\37c26bddf236ab461d7fe9f3ad62a4e8ca44d6145425246cf77e4436fa8091c3 | executable | |
MD5:7BB08E3A5E41ADE7AD6DB8B13771B4BF | SHA256:37C26BDDF236AB461D7FE9F3AD62A4E8CA44D6145425246CF77E4436FA8091C3 | |||
2624 | 37c26bddf236ab461d7fe9f3ad62a4e8ca44d6145425246cf77e4436fa8091c3.exe | C:\Users\admin\AppData\Local\VirtualStore\Ver.ver | cdx | |
MD5:8834DD75C6A15DA327B6FF9EA6366527 | SHA256:A70E40D42B5947C54ACB2D4A5535A5941A8C3D5E41FF78966BED26E9900B9595 |