Cuckoo Sandbox

Name	c3446d4a103f0ad7_backup.exe Download Submit file
Filepath	C:\Users\Administrator\AppData\Local\Temp\0C7910BA-F902-421E-9E69-CF9AEE0DD4D7\backup.exe
Size	446.8KB
Processes	3060 (85f1986c9af0a2a2_backup.exe)
Type	PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed
MD5	`aa898385a3974f4fc5ee6f8c7a2ddb2f`
SHA1	`372616af8238d828a42a871ffa552a451ba87375`
SHA256	`c3446d4a103f0ad7faabc650e7386a4ce40f9913c64c1bd8bf57390c00d274dd`
CRC32	`C5F2246E`
ssdeep	`None`
Yara	UPX - (no description) suspicious_packer_section - The packer/protector section names/keywords SEH__vba - (no description) escalate_priv - Escalade priviledges win_mutex - Create or check mutex win_registry - Affect system registries win_token - Affect system token
VirusTotal	Search for analysis

Name	fad34fb4e77fb256_backup.exe Download Submit file
Filepath	C:\backup.exe
Size	446.8KB
Processes	2356 (backup.exe)
Type	PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed
MD5	`aa36f65cc516d005e10db34644366d3f`
SHA1	`5f7e18182cd9afa68e56613616de1a152cf0ed53`
SHA256	`fad34fb4e77fb2569e864af2e2e050ec28f59c9c9fddb876c18625edd03852bb`
CRC32	`B47C1916`
ssdeep	`None`
Yara	UPX - (no description) suspicious_packer_section - The packer/protector section names/keywords SEH__vba - (no description) escalate_priv - Escalade priviledges win_mutex - Create or check mutex win_registry - Affect system registries win_token - Affect system token
VirusTotal	Search for analysis

Dropped Files