Malware Analysis Report

2025-08-06 00:24

Sample ID 240611-a7rktsxdpg
Target 9614bf8af8f64731cc8c167783514b910c78a5e6bacacf59ab27e1b798b79a41
SHA256 9614bf8af8f64731cc8c167783514b910c78a5e6bacacf59ab27e1b798b79a41
Tags
upx
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

9614bf8af8f64731cc8c167783514b910c78a5e6bacacf59ab27e1b798b79a41

Threat Level: Shows suspicious behavior

The file 9614bf8af8f64731cc8c167783514b910c78a5e6bacacf59ab27e1b798b79a41 was found to be: Shows suspicious behavior.

Malicious Activity Summary

upx

UPX packed file

Unsigned PE

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-11 00:51

Signatures

UPX packed file

upx
Description Indicator Process Target
N/A N/A N/A N/A

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-11 00:51

Reported

2024-06-11 00:54

Platform

win7-20240419-en

Max time kernel

121s

Max time network

122s

Command Line

"C:\Users\Admin\AppData\Local\Temp\9614bf8af8f64731cc8c167783514b910c78a5e6bacacf59ab27e1b798b79a41.exe"

Signatures

UPX packed file

upx
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Processes

C:\Users\Admin\AppData\Local\Temp\9614bf8af8f64731cc8c167783514b910c78a5e6bacacf59ab27e1b798b79a41.exe

"C:\Users\Admin\AppData\Local\Temp\9614bf8af8f64731cc8c167783514b910c78a5e6bacacf59ab27e1b798b79a41.exe"

Network

N/A

Files

memory/2440-0-0x0000000000400000-0x000000000041B000-memory.dmp

C:\My Downloads\International Cricket Captain 2003 ISO - Full Downloader.exe

MD5 2da637ebbe15b544cefe82bdfbd2644a
SHA1 44109bf19a6ac96419852441009a24ab99bb447e
SHA256 fc752c39db6f393d1e6bbfc934cae615c828b597d33d695dc6fdd033887d551c
SHA512 ae1d3741e76d9d8ffcf96b4469cb4411c85241a907a41ae84f1b98ef3811bfc99f2a16dfc49777c0a255d43f29bb9a10f8743ba7c2d18ec94e5340158546cea5

memory/2440-101-0x0000000000400000-0x000000000041B000-memory.dmp

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-11 00:51

Reported

2024-06-11 00:54

Platform

win10v2004-20240426-en

Max time kernel

92s

Max time network

151s

Command Line

"C:\Users\Admin\AppData\Local\Temp\9614bf8af8f64731cc8c167783514b910c78a5e6bacacf59ab27e1b798b79a41.exe"

Signatures

UPX packed file

upx
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Processes

C:\Users\Admin\AppData\Local\Temp\9614bf8af8f64731cc8c167783514b910c78a5e6bacacf59ab27e1b798b79a41.exe

"C:\Users\Admin\AppData\Local\Temp\9614bf8af8f64731cc8c167783514b910c78a5e6bacacf59ab27e1b798b79a41.exe"

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 58.55.71.13.in-addr.arpa udp
US 8.8.8.8:53 240.221.184.93.in-addr.arpa udp
US 8.8.8.8:53 64.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 157.123.68.40.in-addr.arpa udp
US 8.8.8.8:53 56.126.166.20.in-addr.arpa udp
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp

Files

memory/1576-0-0x0000000000400000-0x000000000041B000-memory.dmp

C:\My Downloads\Clive Barker’s Undying Crack.exe

MD5 99a04e666acca4d2b62d9168e6ddd0b3
SHA1 999e39188aa97ea617bf324bc731921210a77709
SHA256 a8068a6492139052f2895827062ae74a1f89807c4e6df5cb979d08cd9b6509f5
SHA512 be7a7ae8644f36345b717863eff047ff59f92b6bd96ca2be43892e43b78e759b3d1fa3df4ccbebfc616758c9cd8633da2f6e0bb2d8c4cbd479e2990935eac8c4

memory/1576-101-0x0000000000400000-0x000000000041B000-memory.dmp