Analysis Overview
SHA256
9614bf8af8f64731cc8c167783514b910c78a5e6bacacf59ab27e1b798b79a41
Threat Level: Shows suspicious behavior
The file 9614bf8af8f64731cc8c167783514b910c78a5e6bacacf59ab27e1b798b79a41 was found to be: Shows suspicious behavior.
Malicious Activity Summary
UPX packed file
Unsigned PE
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-06-11 00:51
Signatures
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-11 00:51
Reported
2024-06-11 00:54
Platform
win7-20240419-en
Max time kernel
121s
Max time network
122s
Command Line
Signatures
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Processes
C:\Users\Admin\AppData\Local\Temp\9614bf8af8f64731cc8c167783514b910c78a5e6bacacf59ab27e1b798b79a41.exe
"C:\Users\Admin\AppData\Local\Temp\9614bf8af8f64731cc8c167783514b910c78a5e6bacacf59ab27e1b798b79a41.exe"
Network
Files
memory/2440-0-0x0000000000400000-0x000000000041B000-memory.dmp
C:\My Downloads\International Cricket Captain 2003 ISO - Full Downloader.exe
| MD5 | 2da637ebbe15b544cefe82bdfbd2644a |
| SHA1 | 44109bf19a6ac96419852441009a24ab99bb447e |
| SHA256 | fc752c39db6f393d1e6bbfc934cae615c828b597d33d695dc6fdd033887d551c |
| SHA512 | ae1d3741e76d9d8ffcf96b4469cb4411c85241a907a41ae84f1b98ef3811bfc99f2a16dfc49777c0a255d43f29bb9a10f8743ba7c2d18ec94e5340158546cea5 |
memory/2440-101-0x0000000000400000-0x000000000041B000-memory.dmp
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-11 00:51
Reported
2024-06-11 00:54
Platform
win10v2004-20240426-en
Max time kernel
92s
Max time network
151s
Command Line
Signatures
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Processes
C:\Users\Admin\AppData\Local\Temp\9614bf8af8f64731cc8c167783514b910c78a5e6bacacf59ab27e1b798b79a41.exe
"C:\Users\Admin\AppData\Local\Temp\9614bf8af8f64731cc8c167783514b910c78a5e6bacacf59ab27e1b798b79a41.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.123.68.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.126.166.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
Files
memory/1576-0-0x0000000000400000-0x000000000041B000-memory.dmp
C:\My Downloads\Clive Barker’s Undying Crack.exe
| MD5 | 99a04e666acca4d2b62d9168e6ddd0b3 |
| SHA1 | 999e39188aa97ea617bf324bc731921210a77709 |
| SHA256 | a8068a6492139052f2895827062ae74a1f89807c4e6df5cb979d08cd9b6509f5 |
| SHA512 | be7a7ae8644f36345b717863eff047ff59f92b6bd96ca2be43892e43b78e759b3d1fa3df4ccbebfc616758c9cd8633da2f6e0bb2d8c4cbd479e2990935eac8c4 |
memory/1576-101-0x0000000000400000-0x000000000041B000-memory.dmp