Cuckoo Sandbox

Name	17138c945863b29c_silent hill 4 patch.exe Download Submit file
Filepath	C:\Windows\win32dc\Silent Hill 4 patch.exe
Size	214.0KB
Processes	1112 (5f6fa9cfd457cca2_sims 2 trainer.exe)
Type	PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed
MD5	`cd789776d358363446767675a7c55b9f`
SHA1	`23e028ba858597e9f0dd45cd2ed4a16874bab636`
SHA256	`17138c945863b29c4397ef18e19c7fc26f159158a619d4a628615d38e4631d73`
CRC32	`0B5C1D75`
ssdeep	`None`
Yara	suspicious_packer_section - The packer/protector section names/keywords network_irc - Communications over IRC network network_dropper - File downloader/dropper network_tcp_socket - Communications over RAW socket network_dns - Communications use DNS keylogger - Run a keylogger spreading_share - Malware can spread east-west using share drive win_mutex - Create or check mutex win_registry - Affect system registries win_private_profile - Affect private profile
VirusTotal	Search for analysis

Name	6b593a81fe77d232_ut2004 nocd.exe Download Submit file
Filepath	C:\Windows\win32dc\UT2004 nocd.exe
Size	214.0KB
Processes	1112 (5f6fa9cfd457cca2_sims 2 trainer.exe)
Type	PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed
MD5	`d44ecdd24434d33599c6601338850dba`
SHA1	`303481e2e7277772139e3d0083917d29bebe069a`
SHA256	`6b593a81fe77d23234a86c7d0d472785b07a286733f32a6a9bce49d75fab9e76`
CRC32	`810CEE1D`
ssdeep	`None`
Yara	suspicious_packer_section - The packer/protector section names/keywords network_irc - Communications over IRC network network_dropper - File downloader/dropper network_tcp_socket - Communications over RAW socket network_dns - Communications use DNS keylogger - Run a keylogger spreading_share - Malware can spread east-west using share drive win_mutex - Create or check mutex win_registry - Affect system registries win_private_profile - Affect private profile
VirusTotal	Search for analysis

Dropped Files