Cuckoo Sandbox

Name	8f5564f44005d754_silent hill 4 cdfix.exe Download Submit file
Filepath	C:\Windows\win32dc\Silent Hill 4 cdfix.exe
Size	203.2KB
Processes	736 (11227ee51970b525_half-life 2(serial).exe)
Type	PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed
MD5	`f271de2c844adad7aaefd6001a71ac8a`
SHA1	`7abcb81f4ee7afd80d9165fe35c203c72d77da56`
SHA256	`8f5564f44005d754451104302e84f9e872e9061c7950679f1194b8fad3b1cea3`
CRC32	`0A871E24`
ssdeep	`None`
Yara	suspicious_packer_section - The packer/protector section names/keywords network_irc - Communications over IRC network network_dropper - File downloader/dropper network_tcp_socket - Communications over RAW socket network_dns - Communications use DNS keylogger - Run a keylogger spreading_share - Malware can spread east-west using share drive win_mutex - Create or check mutex win_registry - Affect system registries win_private_profile - Affect private profile
VirusTotal	Search for analysis

Name	365c6dd01410b591_daoc(patch).exe Download Submit file
Filepath	C:\Windows\win32dc\DAoC(patch).exe
Size	200.2KB
Processes	736 (11227ee51970b525_half-life 2(serial).exe)
Type	PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed
MD5	`43a10e5241f963f5a098d5d845cf7d9f`
SHA1	`8633a7cf54faf3e95b08c953e6881eebad87cf89`
SHA256	`365c6dd01410b59118f90d10ff57002e3f369f609a834631a7b36be0f33f3eb0`
CRC32	`0F86AAA4`
ssdeep	`None`
Yara	suspicious_packer_section - The packer/protector section names/keywords network_irc - Communications over IRC network network_dropper - File downloader/dropper network_tcp_socket - Communications over RAW socket network_dns - Communications use DNS keylogger - Run a keylogger spreading_share - Malware can spread east-west using share drive win_mutex - Create or check mutex win_registry - Affect system registries win_private_profile - Affect private profile
VirusTotal	Search for analysis

Dropped Files