Analyzer Log
2025-06-21 12:37:19,015 [analyzer] DEBUG: Starting analyzer from: C:\tmp2pjrvv
2025-06-21 12:37:19,030 [analyzer] DEBUG: Pipe server name: \??\PIPE\sBkkEpzoDkNKdRAkLrkJlzMLv
2025-06-21 12:37:19,030 [analyzer] DEBUG: Log pipe server name: \??\PIPE\qBNCmjfITEfBxhECNoNwscC
2025-06-21 12:37:19,030 [analyzer] DEBUG: No analysis package specified, trying to detect it automagically.
2025-06-21 12:37:19,030 [analyzer] INFO: Automatically selected analysis package "exe"
2025-06-21 12:37:19,328 [analyzer] DEBUG: Started auxiliary module Curtain
2025-06-21 12:37:19,328 [analyzer] DEBUG: Started auxiliary module DbgView
2025-06-21 12:37:19,717 [analyzer] DEBUG: Started auxiliary module Disguise
2025-06-21 12:37:19,937 [analyzer] DEBUG: Loaded monitor into process with pid 504
2025-06-21 12:37:19,937 [analyzer] DEBUG: Started auxiliary module DumpTLSMasterSecrets
2025-06-21 12:37:19,937 [analyzer] DEBUG: Started auxiliary module Human
2025-06-21 12:37:19,937 [analyzer] DEBUG: Started auxiliary module InstallCertificate
2025-06-21 12:37:19,937 [analyzer] DEBUG: Started auxiliary module Reboot
2025-06-21 12:37:20,000 [analyzer] DEBUG: Started auxiliary module RecentFiles
2025-06-21 12:37:20,000 [analyzer] DEBUG: Started auxiliary module Screenshots
2025-06-21 12:37:20,015 [analyzer] DEBUG: Started auxiliary module Sysmon
2025-06-21 12:37:20,015 [analyzer] DEBUG: Started auxiliary module LoadZer0m0n
2025-06-21 12:37:20,155 [lib.api.process] INFO: Successfully executed process from path u'C:\\Users\\ADMINI~1\\AppData\\Local\\Temp\\3a193231bf5d75e4_i_pnhfaxsqki.exe' with arguments '' and pid 1964
2025-06-21 12:37:20,342 [analyzer] DEBUG: Loaded monitor into process with pid 1964
2025-06-21 12:37:20,858 [analyzer] INFO: Added new file to list with pid 1964 and path C:\Temp\CreateProcess.exe
2025-06-21 12:37:21,858 [analyzer] INFO: Added new file to list with pid 1964 and path C:\Temp\gaysqlidbvtnlfdy.exe
2025-06-21 12:37:21,921 [analyzer] INFO: Injected into process with pid 1992 and name u'gaysqlidbvtnlfdy.exe'
2025-06-21 12:37:22,030 [analyzer] INFO: Injected into process with pid 3052 and name u'iexplore.exe'
2025-06-21 12:37:22,062 [analyzer] DEBUG: Loaded monitor into process with pid 1992
2025-06-21 12:37:22,078 [analyzer] INFO: Added new file to list with pid 1992 and path \Device\NamedPipe\lsass
2025-06-21 12:37:22,265 [analyzer] DEBUG: Loaded monitor into process with pid 3052
2025-06-21 12:37:24,046 [analyzer] INFO: Added new file to list with pid 1964 and path C:\Temp\gaysqlidbvtnlfdy.sys
2025-06-21 12:37:24,171 [analyzer] INFO: Process with pid 1964 has terminated
2025-06-21 12:37:24,733 [analyzer] INFO: Added new file to list with pid 1992 and path C:\Temp\hbztrmjecw.exe
2025-06-21 12:37:24,812 [analyzer] INFO: Injected into process with pid 1164 and name u'CreateProcess.exe'
2025-06-21 12:37:24,937 [analyzer] DEBUG: Loaded monitor into process with pid 1164
2025-06-21 12:37:26,187 [analyzer] INFO: Process with pid 1164 has terminated
2025-06-21 12:37:27,312 [analyzer] INFO: Added new file to list with pid 1992 and path C:\Temp\i_hbztrmjecw.exe
2025-06-21 12:37:32,733 [analyzer] INFO: Added new file to list with pid 1992 and path C:\Temp\tomgeywqoj.exe
2025-06-21 12:40:39,203 [analyzer] INFO: Analysis timeout hit, terminating analysis.
2025-06-21 12:40:40,280 [analyzer] INFO: Terminating remaining processes before shutdown.
2025-06-21 12:40:40,280 [lib.api.process] INFO: Successfully terminated process with pid 1992.
2025-06-21 12:40:40,296 [lib.api.process] INFO: Successfully terminated process with pid 3052.
2025-06-21 12:40:40,296 [analyzer] WARNING: File at path u'\\device\\namedpipe\\lsass' does not exist, skip.
2025-06-21 12:40:40,312 [analyzer] INFO: Analysis completed.
Cuckoo Log
2025-06-25 12:09:49,960 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:09:51,006 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:09:52,223 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:09:53,306 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:09:54,391 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:09:55,489 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:09:56,665 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:09:57,718 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:09:58,788 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:09:59,866 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:00,934 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:02,012 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:03,063 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:04,451 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:05,524 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:06,561 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:07,621 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:08,653 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:09,690 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:10,711 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:11,740 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:12,908 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:13,932 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:15,014 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:16,051 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:17,100 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:18,143 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:19,300 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:20,347 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:21,387 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:22,434 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:23,484 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:24,565 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:25,842 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:26,989 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:28,162 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:29,252 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:30,285 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:31,311 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:32,343 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:33,368 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:34,546 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:35,577 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:36,601 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:37,621 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:38,680 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:39,708 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:40,736 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:41,878 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:42,902 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:43,937 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:44,972 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:46,002 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:47,028 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:48,168 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:49,409 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:50,485 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:51,532 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:52,601 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:53,671 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:54,731 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:55,789 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:56,897 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:58,258 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:10:59,468 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:00,646 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:01,688 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:02,732 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:03,775 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:04,825 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:05,869 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:06,900 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:07,941 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:08,981 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:10,101 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:11,127 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:12,151 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:13,176 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:14,193 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:15,225 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:16,247 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:17,271 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:18,309 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:19,397 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:20,427 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:21,452 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:22,482 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:23,508 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:24,564 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:25,652 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:26,733 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:27,834 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:28,904 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:29,969 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:31,026 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:32,101 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:33,171 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:34,309 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:35,441 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:36,534 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:37,588 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:38,670 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:39,757 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:40,811 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:41,905 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:42,981 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:44,072 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:45,331 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:46,596 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:47,814 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:48,850 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:49,889 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:50,910 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:52,129 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:53,292 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:54,326 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:55,366 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:56,398 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:57,431 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:58,487 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:11:59,547 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:00,882 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:01,989 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:03,051 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:04,144 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:05,215 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:06,296 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:07,387 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:08,443 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:09,762 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:11,235 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:12,279 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:13,314 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:14,376 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:15,434 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:16,492 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:17,548 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:18,621 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:19,694 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:20,772 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:21,841 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:22,917 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:23,979 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:25,035 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:26,116 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:27,297 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:28,349 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:29,398 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:30,438 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:31,492 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:32,550 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:33,605 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:34,649 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:35,698 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:36,753 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:37,804 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:38,885 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:39,945 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:41,001 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:42,073 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:43,145 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:44,192 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:45,243 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:46,289 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:47,327 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:48,686 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:49,879 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:50,938 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:51,985 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:53,038 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:54,087 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:55,215 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:56,307 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:57,382 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:58,529 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:12:59,568 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:13:00,614 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:13:01,652 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:13:02,687 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:13:03,727 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:13:04,761 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:13:05,800 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:13:06,832 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:13:07,866 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:13:08,909 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:13:09,954 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:13:11,036 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:13:12,069 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:13:13,103 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:13:14,139 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:13:15,175 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:13:16,206 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:13:17,269 [cuckoo.core.scheduler] DEBUG: Task #6588449: no machine available yet
2025-06-25 12:13:18,430 [cuckoo.core.scheduler] INFO: Task #6588449: acquired machine win7x648 (label=win7x648)
2025-06-25 12:13:18,432 [cuckoo.core.resultserver] DEBUG: Now tracking machine 192.168.168.208 for task #6588449
2025-06-25 12:13:18,834 [cuckoo.auxiliary.sniffer] INFO: Started sniffer with PID 3928357 (interface=vboxnet0, host=192.168.168.208)
2025-06-25 12:13:19,152 [cuckoo.machinery.virtualbox] DEBUG: Starting vm win7x648
2025-06-25 12:13:19,750 [cuckoo.machinery.virtualbox] DEBUG: Restoring virtual machine win7x648 to vmcloak
2025-06-25 12:15:39,507 [cuckoo.core.guest] INFO: Starting analysis #6588449 on guest (id=win7x648, ip=192.168.168.208)
2025-06-25 12:15:40,512 [cuckoo.core.guest] DEBUG: win7x648: not ready yet
2025-06-25 12:15:45,536 [cuckoo.core.guest] INFO: Guest is running Cuckoo Agent 0.10 (id=win7x648, ip=192.168.168.208)
2025-06-25 12:15:45,605 [cuckoo.core.guest] DEBUG: Uploading analyzer to guest (id=win7x648, ip=192.168.168.208, monitor=latest, size=6660546)
2025-06-25 12:15:46,751 [cuckoo.core.resultserver] DEBUG: Task #6588449: live log analysis.log initialized.
2025-06-25 12:15:47,629 [cuckoo.core.resultserver] DEBUG: Task #6588449 is sending a BSON stream
2025-06-25 12:15:48,020 [cuckoo.core.resultserver] DEBUG: Task #6588449 is sending a BSON stream
2025-06-25 12:15:48,855 [cuckoo.core.resultserver] DEBUG: Task #6588449: File upload for 'shots/0001.jpg'
2025-06-25 12:15:48,877 [cuckoo.core.resultserver] DEBUG: Task #6588449 uploaded file length: 133504
2025-06-25 12:15:49,755 [cuckoo.core.resultserver] DEBUG: Task #6588449 is sending a BSON stream
2025-06-25 12:15:49,895 [cuckoo.core.resultserver] DEBUG: Task #6588449 is sending a BSON stream
2025-06-25 12:15:52,629 [cuckoo.core.resultserver] DEBUG: Task #6588449 is sending a BSON stream
2025-06-25 12:15:53,071 [cuckoo.core.resultserver] DEBUG: Task #6588449: File upload for 'files/af0f3ae48316850a_hbztrmjecw.exe'
2025-06-25 12:15:53,076 [cuckoo.core.resultserver] DEBUG: Task #6588449 uploaded file length: 369664
2025-06-25 12:15:57,859 [cuckoo.core.resultserver] DEBUG: Task #6588449: File upload for 'files/07f0cc57aa77cca7_i_hbztrmjecw.exe'
2025-06-25 12:15:57,863 [cuckoo.core.resultserver] DEBUG: Task #6588449 uploaded file length: 369664
2025-06-25 12:16:01,549 [cuckoo.core.guest] DEBUG: win7x648: analysis #6588449 still processing
2025-06-25 12:16:16,839 [cuckoo.core.guest] DEBUG: win7x648: analysis #6588449 still processing
2025-06-25 12:16:31,955 [cuckoo.core.guest] DEBUG: win7x648: analysis #6588449 still processing
2025-06-25 12:16:47,107 [cuckoo.core.guest] DEBUG: win7x648: analysis #6588449 still processing
2025-06-25 12:17:02,473 [cuckoo.core.guest] DEBUG: win7x648: analysis #6588449 still processing
2025-06-25 12:17:17,569 [cuckoo.core.guest] DEBUG: win7x648: analysis #6588449 still processing
2025-06-25 12:17:32,992 [cuckoo.core.guest] DEBUG: win7x648: analysis #6588449 still processing
2025-06-25 12:17:48,263 [cuckoo.core.guest] DEBUG: win7x648: analysis #6588449 still processing
2025-06-25 12:18:04,013 [cuckoo.core.guest] DEBUG: win7x648: analysis #6588449 still processing
2025-06-25 12:18:19,198 [cuckoo.core.guest] DEBUG: win7x648: analysis #6588449 still processing
2025-06-25 12:18:34,292 [cuckoo.core.guest] DEBUG: win7x648: analysis #6588449 still processing
2025-06-25 12:18:49,381 [cuckoo.core.guest] DEBUG: win7x648: analysis #6588449 still processing
2025-06-25 12:19:04,471 [cuckoo.core.guest] DEBUG: win7x648: analysis #6588449 still processing
2025-06-25 12:19:07,350 [cuckoo.core.resultserver] DEBUG: Task #6588449: File upload for 'curtain/1750502439.39.curtain.log'
2025-06-25 12:19:07,353 [cuckoo.core.resultserver] DEBUG: Task #6588449 uploaded file length: 36
2025-06-25 12:19:08,044 [cuckoo.core.resultserver] DEBUG: Task #6588449: File upload for 'sysmon/1750502440.14.sysmon.xml'
2025-06-25 12:19:08,187 [cuckoo.core.resultserver] DEBUG: Task #6588449 uploaded file length: 9500334
2025-06-25 12:19:08,205 [cuckoo.core.resultserver] DEBUG: Task #6588449: File upload for 'files/ef7c6fe0cec601bc_gaysqlidbvtnlfdy.exe'
2025-06-25 12:19:08,208 [cuckoo.core.resultserver] DEBUG: Task #6588449: File upload for 'files/11b30329bb092234_gaysqlidbvtnlfdy.sys'
2025-06-25 12:19:08,212 [cuckoo.core.resultserver] DEBUG: Task #6588449 uploaded file length: 300544
2025-06-25 12:19:08,215 [cuckoo.core.resultserver] DEBUG: Task #6588449: File upload for 'files/63e90548e1c83414_createprocess.exe'
2025-06-25 12:19:08,216 [cuckoo.core.resultserver] DEBUG: Task #6588449 uploaded file length: 3584
2025-06-25 12:19:08,217 [cuckoo.core.resultserver] DEBUG: Task #6588449 uploaded file length: 369664
2025-06-25 12:19:08,244 [cuckoo.core.resultserver] DEBUG: Task #6588449 had connection reset for <Context for LOG>
2025-06-25 12:19:10,508 [cuckoo.core.guest] INFO: win7x648: analysis completed successfully
2025-06-25 12:19:10,525 [cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Redsocks
2025-06-25 12:19:10,680 [cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Sniffer
2025-06-25 12:19:11,544 [cuckoo.machinery.virtualbox] INFO: Successfully generated memory dump for virtual machine with label win7x648 to path /srv/cuckoo/cwd/storage/analyses/6588449/memory.dmp
2025-06-25 12:19:11,546 [cuckoo.machinery.virtualbox] DEBUG: Stopping vm win7x648
2025-06-25 12:22:10,100 [cuckoo.core.resultserver] DEBUG: Stopped tracking machine 192.168.168.208 for task #6588449
2025-06-25 12:22:11,166 [cuckoo.core.scheduler] DEBUG: Released database task #6588449
2025-06-25 12:22:11,195 [cuckoo.core.scheduler] INFO: Task #6588449: analysis procedure completed