Summary

6ef4c995989abb500557ee04b58c3ad2e0059cb191eb2839ec3ed0116664d503

File 6ef4c995989abb500557ee04b58c3ad2e0059cb191eb2839ec3ed0116664d503

Summary
Download Resubmit sample

Size 82.5KB
Type PE32+ executable (GUI) x86-64, for MS Windows
MD5 ab26cf311c4521f2b29d36645b5ebfed
SHA1 deebbcc99959dfe8d5f0e28407b06fd944ba0e18
SHA256 6ef4c995989abb500557ee04b58c3ad2e0059cb191eb2839ec3ed0116664d503
SHA512
0538ed48e6c79e830ef7e0a15ea05e25368b830915a67ec9904337f8e06a5398bce26525ef792e0c0d8859ff57d82b8151f23eb4d2f416298f7144b3f9aff82d
CRC32 181BCE44
ssdeep None
Yara None matched

Score

This file is very suspicious, with a score of 10 out of 10!

Please notice: The scoring system is currently still in development and should be considered an alpha feature.

Feedback

Expecting different results? Send us this analysis and we will inspect it. Click here

Information on Execution

Analysis
Category Started Completed Duration Routing Logs
FILE June 21, 2025, 12:31 p.m. June 21, 2025, 12:40 p.m. 572 seconds internet Show Analyzer Log
Show Cuckoo Log

Analyzer Log

2025-06-20 15:40:56,000 [analyzer] DEBUG: Starting analyzer from: C:\tmphzbxu3
2025-06-20 15:40:56,015 [analyzer] DEBUG: Pipe server name: \??\PIPE\gmfmCRrsPyiMKqrdSoRghWGh
2025-06-20 15:40:56,015 [analyzer] DEBUG: Log pipe server name: \??\PIPE\CGZmHAwiRBVXNNNEtHGZKdtSBRvVciI
2025-06-20 15:40:56,328 [analyzer] DEBUG: Started auxiliary module Curtain
2025-06-20 15:40:56,328 [analyzer] DEBUG: Started auxiliary module DbgView
2025-06-20 15:40:56,796 [analyzer] DEBUG: Started auxiliary module Disguise
2025-06-20 15:40:57,000 [analyzer] DEBUG: Loaded monitor into process with pid 500
2025-06-20 15:40:57,000 [analyzer] DEBUG: Started auxiliary module DumpTLSMasterSecrets
2025-06-20 15:40:57,000 [analyzer] DEBUG: Started auxiliary module Human
2025-06-20 15:40:57,000 [analyzer] DEBUG: Started auxiliary module InstallCertificate
2025-06-20 15:40:57,015 [analyzer] DEBUG: Started auxiliary module Reboot
2025-06-20 15:40:57,078 [analyzer] DEBUG: Started auxiliary module RecentFiles
2025-06-20 15:40:57,078 [analyzer] DEBUG: Started auxiliary module Screenshots
2025-06-20 15:40:57,078 [analyzer] DEBUG: Started auxiliary module Sysmon
2025-06-20 15:40:57,092 [analyzer] DEBUG: Started auxiliary module LoadZer0m0n
2025-06-20 15:40:57,217 [lib.api.process] INFO: Successfully executed process from path u'C:\\Users\\ADMINI~1\\AppData\\Local\\Temp\\6ef4c995989abb500557ee04b58c3ad2e0059cb191eb2839ec3ed0116664d503.exe' with arguments '' and pid 1488
2025-06-20 15:40:57,467 [analyzer] DEBUG: Loaded monitor into process with pid 1488
2025-06-20 15:41:18,983 [analyzer] INFO: Injected into process with pid 2144 and name u'cmd.exe'
2025-06-20 15:41:19,296 [analyzer] DEBUG: Loaded monitor into process with pid 2144
2025-06-20 15:41:20,217 [analyzer] INFO: Process with pid 1488 has terminated
2025-06-20 15:41:21,217 [analyzer] INFO: Process with pid 2144 has terminated
2025-06-20 15:41:21,217 [analyzer] INFO: Process list is empty, terminating analysis.
2025-06-20 15:41:22,546 [analyzer] INFO: Terminating remaining processes before shutdown.
2025-06-20 15:41:22,546 [analyzer] INFO: Analysis completed.

Cuckoo Log

2025-06-21 12:31:09,450 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:10,586 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:11,643 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:12,831 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:14,208 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:15,252 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:16,298 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:17,352 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:18,391 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:19,421 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:20,470 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:21,510 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:22,554 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:23,613 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:24,671 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:25,740 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:26,797 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:27,903 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:28,993 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:30,137 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:31,260 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:32,500 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:33,604 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:34,691 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:35,816 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:36,840 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:38,080 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:39,540 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:40,588 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:41,875 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:42,913 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:43,950 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:45,001 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:46,298 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:47,474 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:48,504 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:49,528 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:50,550 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:51,573 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:52,597 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:53,651 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:55,111 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:56,620 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:58,027 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:31:59,092 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:00,173 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:01,276 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:02,395 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:03,519 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:04,797 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:05,924 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:07,014 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:08,082 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:09,118 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:10,154 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:11,189 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:12,214 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:13,238 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:14,405 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:15,475 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:16,546 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:17,613 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:18,666 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:19,730 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:20,795 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:21,858 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:22,923 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:23,976 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:25,034 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:26,084 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:27,146 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:28,203 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:29,278 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:30,804 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:31,890 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:33,030 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:34,137 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:35,301 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:36,430 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:37,525 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:38,599 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:39,673 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:40,701 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:41,726 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:42,749 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:43,771 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:44,791 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:45,815 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:46,976 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:48,005 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:49,058 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:50,116 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:51,154 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:52,190 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:53,228 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:54,287 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:55,373 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:56,655 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:57,708 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:58,733 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:32:59,758 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:00,783 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:01,804 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:02,991 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:04,228 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:05,434 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:06,475 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:07,531 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:08,576 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:10,269 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:11,396 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:13,073 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:14,209 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:15,515 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:16,852 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:17,918 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:19,007 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:20,089 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:21,153 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:22,235 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:23,293 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:24,350 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:25,411 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:26,491 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:27,558 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:28,641 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:29,992 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:31,071 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:32,514 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:33,601 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:34,650 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:35,718 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:36,775 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:37,824 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:38,899 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:39,965 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:41,360 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:42,415 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:43,497 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:44,573 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:45,641 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:46,835 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:48,035 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:49,114 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:50,189 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:51,243 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:52,691 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:53,753 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:54,857 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:55,904 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:56,977 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:58,070 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:33:59,437 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:00,521 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:01,977 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:03,071 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:04,176 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:05,290 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:06,380 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:07,456 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:08,514 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:09,573 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:10,628 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:11,703 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:12,763 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:13,829 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:15,192 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:16,243 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:17,309 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:18,567 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:19,640 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:20,733 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:21,813 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:22,886 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:24,142 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:25,268 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:26,315 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:27,581 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:28,676 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:29,797 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:30,954 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:32,069 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:33,161 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:34,450 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:35,840 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:37,603 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:39,152 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:40,199 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:41,244 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:42,298 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:43,344 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:44,966 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:45,999 [cuckoo.core.scheduler] DEBUG: Task #6570727: no machine available yet
2025-06-21 12:34:47,230 [cuckoo.core.scheduler] INFO: Task #6570727: acquired machine win7x6425 (label=win7x6425)
2025-06-21 12:34:47,246 [cuckoo.core.resultserver] DEBUG: Now tracking machine 192.168.168.225 for task #6570727
2025-06-21 12:34:48,130 [cuckoo.auxiliary.sniffer] INFO: Started sniffer with PID 281939 (interface=vboxnet0, host=192.168.168.225)
2025-06-21 12:34:48,758 [cuckoo.machinery.virtualbox] DEBUG: Starting vm win7x6425
2025-06-21 12:34:49,620 [cuckoo.machinery.virtualbox] DEBUG: Restoring virtual machine win7x6425 to vmcloak
2025-06-21 12:36:37,934 [cuckoo.core.guest] INFO: Starting analysis #6570727 on guest (id=win7x6425, ip=192.168.168.225)
2025-06-21 12:36:38,958 [cuckoo.core.guest] DEBUG: win7x6425: not ready yet
2025-06-21 12:36:43,995 [cuckoo.core.guest] INFO: Guest is running Cuckoo Agent 0.10 (id=win7x6425, ip=192.168.168.225)
2025-06-21 12:36:44,431 [cuckoo.core.guest] DEBUG: Uploading analyzer to guest (id=win7x6425, ip=192.168.168.225, monitor=latest, size=6660546)
2025-06-21 12:36:45,836 [cuckoo.core.resultserver] DEBUG: Task #6570727: live log analysis.log initialized.
2025-06-21 12:36:46,784 [cuckoo.core.resultserver] DEBUG: Task #6570727 is sending a BSON stream
2025-06-21 12:36:47,276 [cuckoo.core.resultserver] DEBUG: Task #6570727 is sending a BSON stream
2025-06-21 12:36:48,076 [cuckoo.core.resultserver] DEBUG: Task #6570727: File upload for 'shots/0001.jpg'
2025-06-21 12:36:48,386 [cuckoo.core.resultserver] DEBUG: Task #6570727 uploaded file length: 133501
2025-06-21 12:37:00,648 [cuckoo.core.guest] DEBUG: win7x6425: analysis #6570727 still processing
2025-06-21 12:37:08,985 [cuckoo.core.resultserver] DEBUG: Task #6570727 is sending a BSON stream
2025-06-21 12:37:12,287 [cuckoo.core.resultserver] DEBUG: Task #6570727: File upload for 'curtain/1750426882.34.curtain.log'
2025-06-21 12:37:12,369 [cuckoo.core.resultserver] DEBUG: Task #6570727 uploaded file length: 36
2025-06-21 12:37:12,395 [cuckoo.core.resultserver] DEBUG: Task #6570727: File upload for 'sysmon/1750426882.55.sysmon.xml'
2025-06-21 12:37:12,408 [cuckoo.core.resultserver] DEBUG: Task #6570727 uploaded file length: 851538
2025-06-21 12:37:12,852 [cuckoo.core.resultserver] DEBUG: Task #6570727 had connection reset for <Context for LOG>
2025-06-21 12:37:13,037 [cuckoo.core.guest] INFO: win7x6425: analysis completed successfully
2025-06-21 12:37:13,051 [cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Redsocks
2025-06-21 12:37:13,082 [cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Sniffer
2025-06-21 12:37:14,639 [cuckoo.machinery.virtualbox] INFO: Successfully generated memory dump for virtual machine with label win7x6425 to path /srv/cuckoo/cwd/storage/analyses/6570727/memory.dmp
2025-06-21 12:37:14,680 [cuckoo.machinery.virtualbox] DEBUG: Stopping vm win7x6425
2025-06-21 12:40:40,395 [cuckoo.core.resultserver] DEBUG: Stopped tracking machine 192.168.168.225 for task #6570727
2025-06-21 12:40:41,321 [cuckoo.core.scheduler] DEBUG: Released database task #6570727
2025-06-21 12:40:41,371 [cuckoo.core.scheduler] INFO: Task #6570727: analysis procedure completed

Signatures

Allocates read-write-execute memory (usually to unpack itself) (1 event)
Time & API Arguments Status Return Repeated

NtAllocateVirtualMemory

 process_identifier: 1488
region_size: 4096
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 0
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x00000000004c0000
allocation_type: 12288 (MEM_COMMIT|MEM_RESERVE)
process_handle: 0xffffffffffffffff
1 0 0
One or more processes crashed (1 event)
Time & API Arguments Status Return Repeated

__exception__

 stacktrace: 
EnterCriticalSection+0x1e ExitThread-0x19 kernel32+0xaa4eb @ 0x7772a4eb
0x4c01cc
0x7fffffd9000
0x92fce8
0x4c000a
0x4c01cc

exception.instruction_r: 4e 54 44 4c 4c 2e 52 74 6c 45 78 69 74 55 73 65
exception.symbol: EnterCriticalSection+0x1e ExitThread-0x19 kernel32+0xaa4eb
exception.instruction: push rsp
exception.module: kernel32.dll
exception.exception_code: 0xc0000005
exception.offset: 697579
exception.address: 0x7772a4eb
registers.r14: 9633416
registers.r15: 0
registers.rcx: 0
registers.rsi: 9633280
registers.r10: 4981196
registers.rbx: 1453503984
registers.rsp: 9633184
registers.r11: 582
registers.r8: 9633000
registers.r9: 4980746
registers.rdx: 8796092862464
registers.r12: 9632992
registers.rbp: 4980746
registers.rdi: 92
registers.rax: 2004002027
registers.r13: 9633000
1 0 0
File has been identified by 8 AntiVirus engine on IRMA as malicious (8 events)
G Data Antivirus (Windows) Virus: Trojan.GenericKD.76671982 (Engine A)
Avast Core Security (Linux) Win64:Evo-gen [Trj]
WithSecure (Linux) Trojan.TR/AD.PatchedWinSwrort.amqfu
eScan Antivirus (Linux) Trojan.GenericKD.76671982(DB)
ESET Security (Windows) a variant of Win64/Agent_AGen.EJD trojan
Sophos Anti-Virus (Linux) Mal/Generic-S
Bitdefender Antivirus (Linux) Trojan.GenericKD.76671982
Emsisoft Commandline Scanner (Windows) Trojan.GenericKD.76671982 (B)
File has been identified by 24 AntiVirus engines on VirusTotal as malicious (24 events)
Bkav W64.AIDetectMalware
Cynet Malicious (score: 99)
Skyhigh BehavesLike.Win64.Generic.mm
Sangfor Trojan.Win32.Save.a
CrowdStrike win/malicious_confidence_70% (D)
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
ESET-NOD32 a variant of Win64/Agent_AGen.EJD
APEX Malicious
Avast Win64:Evo-gen [Trj]
Kaspersky HEUR:Trojan.Win32.Generic
Rising Backdoor.Convagent!8.123DC (TFE:5:F1vZQnFfKYB)
F-Secure Trojan.TR/AD.PatchedWinSwrort.amqfu
SentinelOne Static AI - Suspicious PE
Google Detected
Avira TR/AD.PatchedWinSwrort.amqfu
Microsoft Trojan:Win64/Rozena.AMBE!MTB
AhnLab-V3 Trojan/Win.Generic.R700813
DeepInstinct MALICIOUS
Ikarus Trojan.Win64.Rozena
Panda Trj/GdSda.A
TrendMicro-HouseCall Trojan.Win32.VSX.PE04C9Z
huorong Backdoor/W64.Meterpreter.b
AVG Win64:Evo-gen [Trj]
Screenshots
Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action VT Location
No hosts contacted.
Cuckoo

We're processing your submission... This could take a few seconds.