Cuckoo Sandbox

Name	5f6fa9cfd457cca2_sims 2 trainer.exe Download Submit file
Filepath	C:\Windows\win32dc\Sims 2 trainer.exe
Size	210.0KB
Processes	2108 (057c9ef5e3a7a661717fec957bb22cb75bc36623a6b9f95d8eecf8063a6d9192.exe)
Type	PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed
MD5	`2730f5a983d202bbd3092baddc72ed14`
SHA1	`3cc1a44ef91d69520c3c74ed4b0a5630bb42c069`
SHA256	`5f6fa9cfd457cca2bf26f73379e328e81a9ca3edc9d8a1afdf4ecfeac6c1a6f9`
CRC32	`2800BE5B`
ssdeep	`None`
Yara	suspicious_packer_section - The packer/protector section names/keywords network_irc - Communications over IRC network network_dropper - File downloader/dropper network_tcp_socket - Communications over RAW socket network_dns - Communications use DNS keylogger - Run a keylogger spreading_share - Malware can spread east-west using share drive win_mutex - Create or check mutex win_registry - Affect system registries win_private_profile - Affect private profile
VirusTotal	Search for analysis

Name	1a3a6bd44c84e0f9_quake3 + serial.exe Download Submit file
Filepath	C:\Windows\win32dc\Quake3 + serial.exe
Size	207.0KB
Processes	2108 (057c9ef5e3a7a661717fec957bb22cb75bc36623a6b9f95d8eecf8063a6d9192.exe)
Type	PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed
MD5	`cafdda205a5791b8de3145e756647a98`
SHA1	`cdb03cec68f5726da5c3db7ff6a25249399e64c4`
SHA256	`1a3a6bd44c84e0f98fd1ed32ca7d3b4ea73be2273ccae75206975cb6de88951b`
CRC32	`4849CC11`
ssdeep	`None`
Yara	suspicious_packer_section - The packer/protector section names/keywords network_irc - Communications over IRC network network_dropper - File downloader/dropper network_tcp_socket - Communications over RAW socket network_dns - Communications use DNS keylogger - Run a keylogger spreading_share - Malware can spread east-west using share drive win_mutex - Create or check mutex win_registry - Affect system registries win_private_profile - Affect private profile
VirusTotal	Search for analysis

Dropped Files