Analysis Overview
SHA256
71203efe126daa8aaf69b5f984aff6522746572767a0e02ca433f3de7011bd83
Threat Level: Likely benign
The file 71203efe126daa8aaf69b5f984aff6522746572767a0e02ca433f3de7011bd83 was found to be: Likely benign.
Malicious Activity Summary
System Location Discovery: System Language Discovery
Unsigned PE
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-11-09 23:21
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral2
Detonation Overview
Submitted
2024-11-09 23:21
Reported
2024-11-09 23:23
Platform
win10v2004-20241007-en
Max time kernel
150s
Max time network
151s
Command Line
Signatures
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\71203efe126daa8aaf69b5f984aff6522746572767a0e02ca433f3de7011bd83.exe | N/A |
Processes
C:\Users\Admin\AppData\Local\Temp\71203efe126daa8aaf69b5f984aff6522746572767a0e02ca433f3de7011bd83.exe
"C:\Users\Admin\AppData\Local\Temp\71203efe126daa8aaf69b5f984aff6522746572767a0e02ca433f3de7011bd83.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.20.149.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.209.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | udp |
Files
C:\My Downloads\Winzip 8.0 Key Generator.exe
| MD5 | ba07ae3fea17bb6b464fb99b6e8ca729 |
| SHA1 | 3d75e9845a5fb4d60506c451358b97cabd333dd5 |
| SHA256 | 71203efe126daa8aaf69b5f984aff6522746572767a0e02ca433f3de7011bd83 |
| SHA512 | b33e73407d174a7a179eed668e4fa5baa73666d08ea3a13f1b1f00387b48fe6ee1b7189b455e3e06dd910f0015a2f60167a52a9b693e8b4d9931998dad61d35e |
memory/400-100-0x0000000000400000-0x000000000040F000-memory.dmp
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-09 23:21
Reported
2024-11-09 23:23
Platform
win7-20240903-en
Max time kernel
118s
Max time network
119s
Command Line
Signatures
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\71203efe126daa8aaf69b5f984aff6522746572767a0e02ca433f3de7011bd83.exe | N/A |
Processes
C:\Users\Admin\AppData\Local\Temp\71203efe126daa8aaf69b5f984aff6522746572767a0e02ca433f3de7011bd83.exe
"C:\Users\Admin\AppData\Local\Temp\71203efe126daa8aaf69b5f984aff6522746572767a0e02ca433f3de7011bd83.exe"
Network
Files
C:\My Downloads\Clive Barker’s Undying Crack.exe
| MD5 | ba07ae3fea17bb6b464fb99b6e8ca729 |
| SHA1 | 3d75e9845a5fb4d60506c451358b97cabd333dd5 |
| SHA256 | 71203efe126daa8aaf69b5f984aff6522746572767a0e02ca433f3de7011bd83 |
| SHA512 | b33e73407d174a7a179eed668e4fa5baa73666d08ea3a13f1b1f00387b48fe6ee1b7189b455e3e06dd910f0015a2f60167a52a9b693e8b4d9931998dad61d35e |
memory/2924-100-0x0000000000400000-0x000000000040F000-memory.dmp