Analysis
-
max time kernel
190s -
max time network
219s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system -
submitted
23-11-2022 21:28
Static task
static1
Behavioral task
behavioral1
Sample
42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe
Resource
win10v2004-20221111-en
General
-
Target
42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe
-
Size
83KB
-
MD5
4b8cca1bcb934b2307c9c7eb7817a526
-
SHA1
85e3d7a30bd20ceaf2e38b7248c989bc57e20b5d
-
SHA256
42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924
-
SHA512
0f4e70f0582bde9915625cca4e75a3f2cea1277809f4c5f21a77d8f1ef62b4d227a0dc2bdab2c46584f24eaa0d5629e5bfc3e7c0d3a5dddecfd5fbc9971d5352
-
SSDEEP
768:dvmKZor4WvMzGBrxUv7SBEMm7SB2WrAwsOlFkJ7SB2WrAwlTa0XZdPQbMoIRIdBk:dvmKZozvMzmNBzsmzv48v8G0Ct
Malware Config
Signatures
-
Looks for VMWare Tools registry key 2 TTPs 1 IoCs
Processes:
42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exedescription ioc process Key opened \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\VMware, Inc.\VMware Tools 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe -
Adds Run key to start application 2 TTPs 4 IoCs
Processes:
42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exedescription ioc process Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\WinProfile = "sndcfg16.exe" 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunServices 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunServices\WinProfile = "sndcfg16.exe" 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe -
Drops file in Program Files directory 64 IoCs
Processes:
42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exedescription ioc process File created C:\Program Files\eDonkey2000\incoming\Snood crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\LimeWire\Shared\Medal Of Honor - Allied Assault no cd crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\LimeWire\Shared\The Sims- Vacation no cd crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\LimeWire\Shared\The Sims Double Deluxe no cd crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\LimeWire\Shared\Star Wars Knights of the Old Republic II - The Sith Lords Role-Playing LucasArts crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\eDonkey2000\incoming\Adobe PageMaker v7.0 Keygen.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\eDonkey2000\incoming\Macromedia Director 8 Crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\LimeWire\Shared\Soldier of Fortune II- Double Helix no cd crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\LimeWire\Shared\Windows XP Activation Crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\eDonkey2000\incoming\MSN Toolbar advert remover.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\LimeWire\Shared\Doom 3 NO CD Crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\LimeWire\Shared\Windows XP Professional crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\LimeWire\Shared\mirc 6.1x reg entries.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\eDonkey2000\incoming\The Lord of the Rings The Return of The King crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\eDonkey2000\incoming\Macromedia Flash SWF-Unprotect v2.0.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\eDonkey2000\incoming\NBA Live 2003 crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\eDonkey2000\incoming\WinZip v9.0 Registration.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\LimeWire\Shared\Vampire - The Masquerade - Bloodlines Role-Playing Activision crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\eDonkey2000\incoming\Warez P2P.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\eDonkey2000\incoming\The Lord of the Rings The Battle for Middle-earth Strategy EA Games crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\LimeWire\Shared\FlashFXP v2.1 crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\LimeWire\Shared\Final Fantasy VII - Advent Children PSP Role-Playing Square Enix crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\LimeWire\Shared\Need for Speed Underground 2 Electronic Arts crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\eDonkey2000\incoming\Max Payne 2 The Fall of Max Payne NO CD crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\LimeWire\Shared\Spider-Man 2 GC Activision crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\eDonkey2000\incoming\MS Zoo Tycoon no cd crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\eDonkey2000\incoming\Front Mission 4 Strategy Square Enix crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\LimeWire\Shared\The Sims no cd crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\eDonkey2000\incoming\Backyard Wrestling 2 - There Goes the Neighborhood Eidos Interactive crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\LimeWire\Shared\Battlefield Vietnam Multiplayer Online Crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\LimeWire\Shared\Microsoft Office XP Activation Crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\LimeWire\Shared\Half-Life 2 Keygen.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\eDonkey2000\incoming\The Sims - Unleashed Expansion Pack no cd crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\eDonkey2000\incoming\Macromedia Flash MX v6.0 crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\LimeWire\Shared\Dragon Ball Z - Budokai 3 Atari crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\eDonkey2000\incoming\Far Cry Ubisoft crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\LimeWire\Shared\Unreal Tournament 2003 no cd crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\LimeWire\Shared\Download Accelerator Plus (spyware free).exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\LimeWire\Shared\VirtualLab Data Recovery crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\LimeWire\Shared\The Sims - Hot Date Expansion Pack no cd crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\LimeWire\Shared\Macromedia Flash MX v6.0 crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\LimeWire\Shared\Purge Jihad Freeform Interactive LLC crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\eDonkey2000\incoming\The Sims - Vacation Expansion Pack no cd crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\eDonkey2000\incoming\Warcraft III - Reign Of Chaos no cd crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\eDonkey2000\incoming\Roller Coaster Tycoon no cd crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\eDonkey2000\incoming\ZoneAlarm crack (keygen).exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\LimeWire\Shared\Adobe Photoshop 7 keygen.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\LimeWire\Shared\WinZip Self-Extractor v2.2 keygen.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\LimeWire\Shared\Webroot Spy Sweeper.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\eDonkey2000\incoming\ICQ 4.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\eDonkey2000\incoming\Madden NFL 2005 EA crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\LimeWire\Shared\Sonic the Hedgehog 3 crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\eDonkey2000\incoming\Mario Tennis GC Nintendo crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\eDonkey2000\incoming\Yoshinoya Success crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\LimeWire\Shared\Microsoft Office 2000 Regmaker.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\LimeWire\Shared\Unreal Tournament 2004 NO CD crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\LimeWire\Shared\Madden NFL 2003 no cd crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\eDonkey2000\incoming\Macromedia Flash All Versions keygen.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\eDonkey2000\incoming\mirc 6.1x reg entries.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\LimeWire\Shared\The Elder Scrolls III - Morrowind Game of the Year Edition Role-Playing Bethesda Softworks crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\eDonkey2000\incoming\The Sims no cd crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\eDonkey2000\incoming\The Sims Double Deluxe no cd crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\eDonkey2000\incoming\The Sims - Superstar Expansion Pack no cd crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Program Files\eDonkey2000\incoming\Windows XP Activation Crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe -
Drops file in Windows directory 64 IoCs
Processes:
42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exedescription ioc process File created C:\Windows\InputMethod\SHARED\Warcraft III - Reign Of Chaos no cd crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\Medieval - Total War no cd crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\Nero Burning ROM v6.x crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\Adobe Serial Generator v2.0.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\Grand Theft Auto San Andreas NO CD crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\Harry Potter & The Sorcerers Stone no cd crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\McFarlanes Evil Prophecy Konami crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\Blitzkrieg - Burning Horizon Strategy CDV Software GmbH crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\Final Fantasy XII Role-Playing Square Enix crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\SoftwareDistribution\Download\Starcraft - Battlechest no cd crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\SoftwareDistribution\Download\Halo - Combat Evolved - Microsoft no cd crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\SoftwareDistribution\Download\Command & Conquer - Generals Zero Hour no cd crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\Half-Life 2 NO CD Crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\Macromedia Director 8 Crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\Avant Browser.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\Gran Turismo 4 SCEA crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\SoftwareDistribution\Download\Grand Theft Auto III no cd crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\SoftwareDistribution\Download\Harry Potter & The Sorcerers Stone no cd crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\SoftwareDistribution\Download\Max Payne 2 Fall Of Max Payne no cd crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\The Sims Double Deluxe no cd crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\iMesh patch.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\RoboForm crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\Age of Empires II The Age of Kings NO CD crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\Madden NFL 2005 EA crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\Vampire - The Masquerade - Bloodlines Role-Playing Activision crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\Mega Man Anniversary Collection GC Capcom crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\Fable Role-Playing Microsoft crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\SoftwareDistribution\Download\Freedom Force no cd crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\SoftwareDistribution\Download\Microsoft Flight Simulator 2004 - A Century Of Flight no cd crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\All Macromedia Products Keygen.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\Ninja Gaiden Tecmo crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\SoftwareDistribution\Download\The Sims - Vacation Expansion Pack no cd crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File opened for modification C:\Windows\InputMethod\SHARED\Half-Life 2 NO CD Crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\Microsoft Office XP Activation Crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File opened for modification C:\Windows\InputMethod\SHARED\Spider-Man 2 Activision crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\ShellShock - Nam 67 Eidos Interactive crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\SoftwareDistribution\Download\The Sims - Hot Date Expansion Pack no cd crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\Macromedia Dreamweaver UltraDev 4.0 Patch.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\WinZip Self-Extractor v2.2 Patch.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\Resident Evil 4 GC Adventure Capcom crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\Fire Emblem - Seima no Kouseki GBA Role-Playing Nintendo crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\SoftwareDistribution\Download\Medal Of Honor - Allied Assault no cd crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\Deus Ex Invisible War NO CD Crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\The Sims - Makin Magic Expansion Pack no cd crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\NBA Live 2004 crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\Need for Speed Underground NO CD crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\F.E.A.R. VU Games crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\Spider-Man 2 Activision crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\Dark Matter - The Baryon Proj crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\Adobe Photoshop all.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\Microsoft Office XP Universal Activator v1.0.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\ICQ 4.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\RYL crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\Yoshinoya Success crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\NCAA Football 2005 EA crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\SoftwareDistribution\Download\The Sims - Hot Date Expansion Pack no cd crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\Command & Conquer - Generals Zero Hour no cd crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\Need for Speed Hot Pursuit 2 CD KeyGenerator.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\Harry Potter and the Prisoner of Azkaban Adventure EA Games crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\The Suffering Midway crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\SoftwareDistribution\Download\Max Payne 2 NO CD Crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\SoftwareDistribution\Download\Diablo 2 no cd crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\Hidden & Dangerous 2 NO CD Crack.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe File created C:\Windows\InputMethod\SHARED\Adobe Photoshop 7 keygen.exe 42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe"C:\Users\Admin\AppData\Local\Temp\42647e730b1d7dc26ab551e3fed41b469e190e8e61374b7d98de2b08e4c5e924.exe"1⤵
- Looks for VMWare Tools registry key
- Adds Run key to start application
- Drops file in Program Files directory
- Drops file in Windows directory