Cuckoo Sandbox

Name	ebfc7ab9dfa960da_sysctl.exe Download Submit file
Filepath	C:\Windows\SysWOW64\sysctl.exe
Size	423.6KB
Processes	1836 (ae0c756b0525ff1b_realex.exe)
Type	PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed
MD5	`c09eaeef8bf01f0a73720ceece4cfb81`
SHA1	`ed710df0898a35f2bfa1003975d159f2c9e0e352`
SHA256	`ebfc7ab9dfa960da32156ceb51d68bb312185a4ee2106733895b679a9acf007e`
CRC32	`9940C3A2`
ssdeep	`None`
Yara	suspicious_packer_section - The packer/protector section names/keywords screenshot - Take screenshot keylogger - Run a keylogger win_mutex - Create or check mutex win_registry - Affect system registries win_files_operation - Affect private profile win_hook - Affect hook table
VirusTotal	Search for analysis

Dropped Files