Cuckoo Sandbox

Name	dbab8a968bbd02f4_counter-strike serial.exe Download Submit file
Filepath	C:\Windows\win32dc\Counter-Strike serial.exe
Size	204.3KB
Processes	856 (b7c717c25b8fe8614e4aa550c25fd04ec3c38023a9784750ab1cceddb76714e6.exe)
Type	PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed
MD5	`0dc6b73c765b5e309ccb5083de95c15b`
SHA1	`080c1ce9bcff1437a17145c39b250d8b12bdc3e6`
SHA256	`dbab8a968bbd02f4985734f293590a8c7a0fa7219791d8f337dcd9957a6e416a`
CRC32	`199314D3`
ssdeep	`None`
Yara	suspicious_packer_section - The packer/protector section names/keywords network_irc - Communications over IRC network network_dropper - File downloader/dropper network_tcp_socket - Communications over RAW socket network_dns - Communications use DNS keylogger - Run a keylogger spreading_share - Malware can spread east-west using share drive win_mutex - Create or check mutex win_registry - Affect system registries win_private_profile - Affect private profile
VirusTotal	Search for analysis

Name	ff3f1f229474d57b_ut2004_codes.exe Download Submit file
Filepath	C:\Windows\win32dc\UT2004_codes.exe
Size	206.3KB
Processes	856 (b7c717c25b8fe8614e4aa550c25fd04ec3c38023a9784750ab1cceddb76714e6.exe)
Type	PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed
MD5	`0f3d36934710c30c063ba84886c030df`
SHA1	`9821e2697e23ef9098471170594e4d52bc684a59`
SHA256	`ff3f1f229474d57b7f184a96bfd82d30e2e831a26545a82306b24033088ed396`
CRC32	`C2CE5430`
ssdeep	`None`
Yara	suspicious_packer_section - The packer/protector section names/keywords network_irc - Communications over IRC network network_dropper - File downloader/dropper network_tcp_socket - Communications over RAW socket network_dns - Communications use DNS keylogger - Run a keylogger spreading_share - Malware can spread east-west using share drive win_mutex - Create or check mutex win_registry - Affect system registries win_private_profile - Affect private profile
VirusTotal	Search for analysis

Dropped Files