Cuckoo Sandbox

Name	73dc8d15284ea85b_flatout + crack.exe Download Submit file
Filepath	C:\Windows\win32dc\FlatOut + crack.exe
Size	200.1KB
Processes	2892 (5e1b71ed75943732_quake3 patch.exe)
Type	PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed
MD5	`b949bd7a421bac58e57fb367a341adf7`
SHA1	`dc9c5055a4e067ccaa20d330fb85caa908ed59d8`
SHA256	`73dc8d15284ea85b3c934cf5b247005ebc63322186d3b9115a82bbee1747ad93`
CRC32	`01B7C4E3`
ssdeep	`None`
Yara	suspicious_packer_section - The packer/protector section names/keywords network_irc - Communications over IRC network network_dropper - File downloader/dropper network_tcp_socket - Communications over RAW socket network_dns - Communications use DNS keylogger - Run a keylogger spreading_share - Malware can spread east-west using share drive win_mutex - Create or check mutex win_registry - Affect system registries win_private_profile - Affect private profile
VirusTotal	Search for analysis

Name	4bf5cfdc99618811_silent hill 4(nocd).exe Download Submit file
Filepath	C:\Windows\win32dc\Silent Hill 4(nocd).exe
Size	203.1KB
Processes	2892 (5e1b71ed75943732_quake3 patch.exe)
Type	PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed
MD5	`c893bfbc8801cae7a11b90db444bdb5b`
SHA1	`4acb8c2b90b542872bd6eca7f8146e859948e965`
SHA256	`4bf5cfdc9961881119fa1e19778e341ca9693616fec750d9c1ba2c0656d9eb8d`
CRC32	`6223E224`
ssdeep	`None`
Yara	suspicious_packer_section - The packer/protector section names/keywords network_irc - Communications over IRC network network_dropper - File downloader/dropper network_tcp_socket - Communications over RAW socket network_dns - Communications use DNS keylogger - Run a keylogger spreading_share - Malware can spread east-west using share drive win_mutex - Create or check mutex win_registry - Affect system registries win_private_profile - Affect private profile
VirusTotal	Search for analysis

Dropped Files