Cuckoo Sandbox

Name	eee0b243aaac5de9_battlefield 1942 + patch.exe Download Submit file
Filepath	C:\Windows\win32dc\BattleField 1942 + patch.exe
Size	207.2KB
Processes	2452 (ff3f1f229474d57b_ut2004_codes.exe)
Type	PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed
MD5	`e81f739fdc4367ec5e2579690c48ff2b`
SHA1	`4fb48206b7540379e8799f9846f308d04bbab58d`
SHA256	`eee0b243aaac5de9b4880b39658b139b95117518abfe0b35df4dda39e6a26b16`
CRC32	`07BA598B`
ssdeep	`None`
Yara	suspicious_packer_section - The packer/protector section names/keywords network_irc - Communications over IRC network network_dropper - File downloader/dropper network_tcp_socket - Communications over RAW socket network_dns - Communications use DNS keylogger - Run a keylogger spreading_share - Malware can spread east-west using share drive win_mutex - Create or check mutex win_registry - Affect system registries win_private_profile - Affect private profile
VirusTotal	Search for analysis

Name	e73ce6c255431ce1_sims 2(codes).exe Download Submit file
Filepath	C:\Windows\win32dc\Sims 2(codes).exe
Size	210.2KB
Processes	2452 (ff3f1f229474d57b_ut2004_codes.exe)
Type	PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed
MD5	`359ae2264d31428647b68e92e5f7a67f`
SHA1	`df612dd80ec20d556fcaba71cdf4b32eae247414`
SHA256	`e73ce6c255431ce1c06272292df301fbccf3bc4c8056dae878a44620b7325154`
CRC32	`E4CA99C7`
ssdeep	`None`
Yara	suspicious_packer_section - The packer/protector section names/keywords network_irc - Communications over IRC network network_dropper - File downloader/dropper network_tcp_socket - Communications over RAW socket network_dns - Communications use DNS keylogger - Run a keylogger spreading_share - Malware can spread east-west using share drive win_mutex - Create or check mutex win_registry - Affect system registries win_private_profile - Affect private profile
VirusTotal	Search for analysis

Dropped Files