Cuckoo Sandbox

Name	8e2714b5b450e2ec_ut2004(cdfix).exe Download Submit file
Filepath	C:\Windows\win32dc\UT2004(cdfix).exe
Size	203.2KB
Processes	2172 (263032810e4040a30c4b8a0f6a7887d3cc25b7ba7703ba0942f0d88e1ff57aa1.exe)
Type	PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed
MD5	`c8441cecfcc03f34c129554825b4ac8f`
SHA1	`2c927178d21075de35604131ce454d86738d33e3`
SHA256	`8e2714b5b450e2ec4f0a0ad431182e08eb8a5a55c12928261a7f728e08fc8288`
CRC32	`9BFDFEC5`
ssdeep	`None`
Yara	suspicious_packer_section - The packer/protector section names/keywords network_irc - Communications over IRC network network_dropper - File downloader/dropper network_tcp_socket - Communications over RAW socket network_dns - Communications use DNS keylogger - Run a keylogger spreading_share - Malware can spread east-west using share drive win_mutex - Create or check mutex win_registry - Affect system registries win_private_profile - Affect private profile
VirusTotal	Search for analysis

Name	1e53aacbfb05fe70_doom 3_fix.exe Download Submit file
Filepath	C:\Windows\win32dc\Doom 3_fix.exe
Size	204.2KB
Processes	2172 (263032810e4040a30c4b8a0f6a7887d3cc25b7ba7703ba0942f0d88e1ff57aa1.exe)
Type	PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed
MD5	`79817d25049f9e84629b633a3eb3d52d`
SHA1	`07287d27433babca975358d8c8a5a69a821ec5d5`
SHA256	`1e53aacbfb05fe70a06a1109a26a18d591316dd24f2d74e9e9aa951eaa7134dc`
CRC32	`75211C83`
ssdeep	`None`
Yara	suspicious_packer_section - The packer/protector section names/keywords network_irc - Communications over IRC network network_dropper - File downloader/dropper network_tcp_socket - Communications over RAW socket network_dns - Communications use DNS keylogger - Run a keylogger spreading_share - Malware can spread east-west using share drive win_mutex - Create or check mutex win_registry - Affect system registries win_private_profile - Affect private profile
VirusTotal	Search for analysis

Dropped Files