Cuckoo Sandbox

Name	6c08f99c1ad73100_rifaien2-2rTUj1UapRERNS2F.exe Download Submit file
Filepath	C:\Users\Administrator\AppData\Local\Temp\rifaien2-2rTUj1UapRERNS2F.exe
Size	236.0KB
Processes	1940 (d8f6c5fdaa8a0b7a_rifaien2-e5p7yFEGH5xCVMgX.exe)
Type	PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed
MD5	`4a4cc6b89f79156d79a0476126d12b83`
SHA1	`d9497af8c0c8808255472f1f1b904a897ffe53f9`
SHA256	`6c08f99c1ad7310080b530e05ed9bfd4bea906b8e9e31a2b41a945967cd26579`
CRC32	`C87C37E0`
ssdeep	`None`
Yara	UPX - (no description) suspicious_packer_section - The packer/protector section names/keywords network_tcp_listen - Listen for incoming communication network_tcp_socket - Communications over RAW socket network_dns - Communications use DNS
VirusTotal	Search for analysis

Name	125145fbac261ae1_rifaien2-TcXmhRIsQkYZYqlH.exe Download Submit file
Filepath	C:\Users\Administrator\AppData\Local\Temp\rifaien2-TcXmhRIsQkYZYqlH.exe
Size	236.0KB
Processes	1940 (d8f6c5fdaa8a0b7a_rifaien2-e5p7yFEGH5xCVMgX.exe)
Type	PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed
MD5	`11f48ce5679306353aec77e24cdcb874`
SHA1	`4888d4b916b97e20dee522cc08eb69772cfb2e67`
SHA256	`125145fbac261ae1e6d635e7cc12916d222c35a913dfa4c3f07bf9effd720170`
CRC32	`47711AB4`
ssdeep	`None`
Yara	UPX - (no description) suspicious_packer_section - The packer/protector section names/keywords network_tcp_listen - Listen for incoming communication network_tcp_socket - Communications over RAW socket network_dns - Communications use DNS
VirusTotal	Search for analysis

Dropped Files