Cuckoo Sandbox

Name	28feb200ae78bc8d_daoc(serial).exe Download Submit file
Filepath	C:\Windows\win32dc\DAoC(serial).exe
Size	207.3KB
Processes	944 (dbab8a968bbd02f4_counter-strike serial.exe)
Type	PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed
MD5	`08f2d1663ca78d0552b27983924a2f31`
SHA1	`9b1012ed482880ddca936cb0edd0030732ae14c6`
SHA256	`28feb200ae78bc8dff60bd9b90d3e3e8e94cfbaf45f07e46e91297010daf9098`
CRC32	`3501BD0F`
ssdeep	`None`
Yara	suspicious_packer_section - The packer/protector section names/keywords network_irc - Communications over IRC network network_dropper - File downloader/dropper network_tcp_socket - Communications over RAW socket network_dns - Communications use DNS keylogger - Run a keylogger spreading_share - Malware can spread east-west using share drive win_mutex - Create or check mutex win_registry - Affect system registries win_private_profile - Affect private profile
VirusTotal	Search for analysis

Name	eb4cf9fb6ff41635_doom 3(serial).exe Download Submit file
Filepath	C:\Windows\win32dc\Doom 3(serial).exe
Size	205.3KB
Processes	944 (dbab8a968bbd02f4_counter-strike serial.exe)
Type	PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed
MD5	`fceb859c3cc6c5c43fbb80064cd983c7`
SHA1	`80a5cdbbd33c1100a8f70d1dd72e43371824acba`
SHA256	`eb4cf9fb6ff416358f53e0386680ee6f62cbd848786622e86b8de12caf9c68eb`
CRC32	`451BE471`
ssdeep	`None`
Yara	suspicious_packer_section - The packer/protector section names/keywords network_irc - Communications over IRC network network_dropper - File downloader/dropper network_tcp_socket - Communications over RAW socket network_dns - Communications use DNS keylogger - Run a keylogger spreading_share - Malware can spread east-west using share drive win_mutex - Create or check mutex win_registry - Affect system registries win_private_profile - Affect private profile
VirusTotal	Search for analysis

Dropped Files