Cuckoo Sandbox

Name	36bd03fd0baef347_ut2004 + serial.exe Download Submit file
Filepath	C:\Windows\win32dc\UT2004 + serial.exe
Size	198.5KB
Processes	2628 (735e2b0bb7d56fbb_silent hill 4(crack).exe)
Type	PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed
MD5	`d1f6a8203defb3778ab2e406f4fa8065`
SHA1	`46a7b19a31fbcd68c6e83ea3be0bf57980e70d76`
SHA256	`36bd03fd0baef347274760374414b5fe2bc95781e2fac2afc3e5b0fc9c3c7478`
CRC32	`48A12627`
ssdeep	`None`
Yara	suspicious_packer_section - The packer/protector section names/keywords network_irc - Communications over IRC network network_dropper - File downloader/dropper network_tcp_socket - Communications over RAW socket network_dns - Communications use DNS keylogger - Run a keylogger spreading_share - Malware can spread east-west using share drive win_mutex - Create or check mutex win_registry - Affect system registries win_private_profile - Affect private profile
VirusTotal	Search for analysis

Name	61e6e3a5ce4fd523_counter-strike(nocd).exe Download Submit file
Filepath	C:\Windows\win32dc\Counter-Strike(nocd).exe
Size	200.5KB
Processes	2628 (735e2b0bb7d56fbb_silent hill 4(crack).exe)
Type	PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed
MD5	`1f4eaa782bc7b7c507e760dcd1057629`
SHA1	`832c13b3b3b2653186bd0f872b296cc1fb8f5e6c`
SHA256	`61e6e3a5ce4fd5239176f77c72f266d4ef80f3a4f07a3dfa178fdf8d36f5ca3d`
CRC32	`91991F7B`
ssdeep	`None`
Yara	suspicious_packer_section - The packer/protector section names/keywords network_irc - Communications over IRC network network_dropper - File downloader/dropper network_tcp_socket - Communications over RAW socket network_dns - Communications use DNS keylogger - Run a keylogger spreading_share - Malware can spread east-west using share drive win_mutex - Create or check mutex win_registry - Affect system registries win_private_profile - Affect private profile
VirusTotal	Search for analysis

Dropped Files