Cuckoo Sandbox

File ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe

Summary
Download Resubmit sample

Size	871.0KB
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`ccc8bf5a958e5570c379428a90bf3a38`
SHA1	`8773bee5fb51d60cf23c914f611eee80ac109917`
SHA256	`ae4ad33b74ca7e07cddef84972e406c86777463ea9ec551e1244416004613f3b`
SHA512	`2913d6e4ca59bc76332686d39cdd5c0ee02d66a6f98699bc120c7f191359679bedf585fdec719cc707f4d2eee8af7f3025e8857a930d0aacf8f952e46f77099c`
CRC32	`E33E75DA`
ssdeep	`None`
Yara	DebuggerException__SetConsoleCtrl - (no description) win_mutex - Create or check mutex win_registry - Affect system registries win_files_operation - Affect private profile

Score

This file is very suspicious, with a score of 10 out of 10!

Please notice: The scoring system is currently still in development and should be considered an alpha feature.

Autosubmit

Parent_Task_ID:7269181

Feedback

Expecting different results? Send us this analysis and we will inspect it. Click here

Information on Execution

Analysis

Category	Started	Completed	Duration	Routing	Logs
FILE	Dec. 27, 2025, 1:17 p.m.	Dec. 27, 2025, 1:25 p.m.	474 seconds	internet	Show Analyzer Log Show Cuckoo Log

Analyzer Log

2025-12-27 09:19:43,015 [analyzer] DEBUG: Starting analyzer from: C:\tmpf7a_02
2025-12-27 09:19:43,015 [analyzer] DEBUG: Pipe server name: \??\PIPE\SPsyqgpDQHqQQVQiLNVBbC
2025-12-27 09:19:43,015 [analyzer] DEBUG: Log pipe server name: \??\PIPE\vBGVjEQsMygstbXLZqnkr
2025-12-27 09:19:43,015 [analyzer] DEBUG: No analysis package specified, trying to detect it automagically.
2025-12-27 09:19:43,015 [analyzer] INFO: Automatically selected analysis package "exe"
2025-12-27 09:19:43,342 [analyzer] DEBUG: Started auxiliary module Curtain
2025-12-27 09:19:43,342 [analyzer] DEBUG: Started auxiliary module DbgView
2025-12-27 09:19:43,828 [analyzer] DEBUG: Started auxiliary module Disguise
2025-12-27 09:19:44,030 [analyzer] DEBUG: Loaded monitor into process with pid 504
2025-12-27 09:19:44,030 [analyzer] DEBUG: Started auxiliary module DumpTLSMasterSecrets
2025-12-27 09:19:44,030 [analyzer] DEBUG: Started auxiliary module Human
2025-12-27 09:19:44,030 [analyzer] DEBUG: Started auxiliary module InstallCertificate
2025-12-27 09:19:44,030 [analyzer] DEBUG: Started auxiliary module Reboot
2025-12-27 09:19:44,125 [analyzer] DEBUG: Started auxiliary module RecentFiles
2025-12-27 09:19:44,125 [analyzer] DEBUG: Started auxiliary module Screenshots
2025-12-27 09:19:44,125 [analyzer] DEBUG: Started auxiliary module Sysmon
2025-12-27 09:19:44,125 [analyzer] DEBUG: Started auxiliary module LoadZer0m0n
2025-12-27 09:19:44,296 [lib.api.process] INFO: Successfully executed process from path u'C:\\Users\\ADMINI~1\\AppData\\Local\\Temp\\ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe' with arguments '' and pid 2676
2025-12-27 09:19:44,483 [analyzer] DEBUG: Loaded monitor into process with pid 2676
2025-12-27 09:19:45,140 [analyzer] INFO: Added new file to list with pid 2676 and path C:\Windows\mssrv.exe
2025-12-27 09:19:45,250 [analyzer] INFO: Added new file to list with pid 2676 and path C:\Program Files\Common Files\Microsoft Shared\swedish horse trambling catfight  (Sylvia).mpg.exe
2025-12-27 09:19:45,578 [analyzer] INFO: Added new file to list with pid 2676 and path C:\Program Files\DVD Maker\Shared\tyrkish cumshot gay girls black hairunshaved .rar.exe
2025-12-27 09:19:45,953 [analyzer] INFO: Added new file to list with pid 2676 and path C:\Program Files\Microsoft Office\Templates\lingerie full movie glans 40+  (Janette).avi.exe
2025-12-27 09:19:46,000 [analyzer] INFO: Added new file to list with pid 2676 and path C:\Program Files\Microsoft Office\Templates\1033\ONENOTE\14\Notebook Templates\lingerie sleeping high heels .avi.exe
2025-12-27 09:19:46,108 [analyzer] INFO: Added new file to list with pid 2676 and path C:\Program Files\Windows Journal\Templates\lingerie full movie hole upskirt  (Tatjana).avi.exe
2025-12-27 09:19:46,233 [analyzer] INFO: Added new file to list with pid 2676 and path C:\Program Files\Windows Sidebar\Shared Gadgets\black kicking fucking [bangbus] mistress .zip.exe
2025-12-27 09:19:46,312 [analyzer] INFO: Added new file to list with pid 2676 and path C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\italian cumshot sperm uncut boots .zip.exe
2025-12-27 09:19:46,437 [analyzer] INFO: Added new file to list with pid 2676 and path C:\Program Files (x86)\Common Files\microsoft shared\beast hot (!)  (Jade).mpeg.exe
2025-12-27 09:19:46,828 [analyzer] INFO: Injected into process with pid 1796 and name ''
2025-12-27 09:19:46,967 [analyzer] INFO: Added new file to list with pid 2676 and path C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\russian porn horse public titts .rar.exe
2025-12-27 09:19:47,015 [analyzer] DEBUG: Loaded monitor into process with pid 1796
2025-12-27 09:19:47,062 [analyzer] INFO: Added new file to list with pid 2676 and path C:\ProgramData\Microsoft\Network\Downloader\black gang bang lingerie licking feet .avi.exe
2025-12-27 09:19:47,125 [analyzer] INFO: Added new file to list with pid 2676 and path C:\ProgramData\Microsoft\RAC\Temp\brasilian porn bukkake hot (!) femdom  (Ashley,Melissa).zip.exe
2025-12-27 09:19:47,187 [analyzer] INFO: Added new file to list with pid 2676 and path C:\ProgramData\Microsoft\Search\Data\Temp\russian fetish bukkake full movie .avi.exe
2025-12-27 09:19:47,296 [analyzer] INFO: Added new file to list with pid 2676 and path C:\ProgramData\Microsoft\Windows\Templates\xxx voyeur cock gorgeoushorny  (Tatjana).avi.exe
2025-12-27 09:19:47,375 [analyzer] INFO: Added new file to list with pid 2676 and path C:\ProgramData\Microsoft\Windows\Templates\swedish handjob beast several models feet .mpg.exe
2025-12-27 09:19:47,890 [analyzer] INFO: Added new file to list with pid 2676 and path C:\tmpf7a_02\lesbian [milf] hotel .zip.exe
2025-12-27 09:19:48,030 [analyzer] INFO: Added new file to list with pid 2676 and path C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\danish porn gay public .mpeg.exe
2025-12-27 09:19:48,108 [analyzer] INFO: Added new file to list with pid 2676 and path C:\Users\Administrator\AppData\Local\Temp\trambling full movie boots  (Jenna,Sylvia).mpg.exe
2025-12-27 09:19:48,171 [analyzer] INFO: Added new file to list with pid 2676 and path C:\Users\Administrator\AppData\Local\Temp\mozilla-temp-files\hardcore girls fishy  (Sandy,Curtney).avi.exe
2025-12-27 09:19:48,217 [analyzer] INFO: Added new file to list with pid 2676 and path C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\xxx masturbation cock granny .zip.exe
2025-12-27 09:19:48,437 [analyzer] INFO: Added new file to list with pid 2676 and path C:\Users\Administrator\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\fucking [milf] titts mistress .mpg.exe
2025-12-27 09:19:48,515 [analyzer] INFO: Added new file to list with pid 2676 and path C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\IEDownloadHistory\tyrkish horse horse lesbian hole .mpeg.exe
2025-12-27 09:19:48,578 [analyzer] INFO: Added new file to list with pid 2676 and path C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Templates\italian handjob blowjob girls redhair .mpeg.exe
2025-12-27 09:19:48,671 [analyzer] INFO: Added new file to list with pid 2676 and path C:\Users\Administrator\Downloads\lesbian hot (!) hole  (Britney,Liz).mpeg.exe
2025-12-27 09:19:48,733 [analyzer] INFO: Added new file to list with pid 2676 and path C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Templates\russian handjob trambling lesbian .zip.exe
2025-12-27 09:19:48,796 [analyzer] INFO: Added new file to list with pid 2676 and path C:\ProgramData\Microsoft\Network\Downloader\blowjob licking .mpg.exe
2025-12-27 09:19:48,828 [analyzer] INFO: Added new file to list with pid 2676 and path C:\ProgramData\Microsoft\RAC\Temp\swedish kicking hardcore hidden hole .mpeg.exe
2025-12-27 09:19:48,937 [analyzer] INFO: Added new file to list with pid 2676 and path C:\ProgramData\Microsoft\Windows\Templates\german sperm uncut .mpeg.exe
2025-12-27 12:22:48,927 [analyzer] INFO: Analysis timeout hit, terminating analysis.
2025-12-27 12:22:50,959 [analyzer] INFO: Terminating remaining processes before shutdown.
2025-12-27 12:22:50,974 [lib.api.process] INFO: Successfully terminated process with pid 2676.
2025-12-27 12:22:50,974 [lib.api.process] INFO: Successfully terminated process with pid 1796.
2025-12-27 12:22:55,788 [analyzer] WARNING: Too many files: c:\users\administrator\downloads\lesbian hot (!) hole  (britney,liz).mpeg.exe
2025-12-27 12:22:55,788 [analyzer] WARNING: Too many files: c:\program files\common files\microsoft shared\swedish horse trambling catfight  (sylvia).mpg.exe
2025-12-27 12:22:55,788 [analyzer] WARNING: Too many files: c:\users\administrator\appdata\roaming\microsoft\windows\templates\italian handjob blowjob girls redhair .mpeg.exe
2025-12-27 12:22:55,788 [analyzer] INFO: Analysis completed.

Cuckoo Log

2025-12-27 13:17:08,761 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:09,793 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:10,819 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:12,143 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:13,197 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:14,411 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:15,470 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:16,678 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:17,701 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:18,749 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:19,963 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:20,981 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:22,001 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:23,115 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:24,152 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:25,197 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:26,237 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:27,273 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:28,326 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:29,358 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:30,406 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:31,430 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:32,449 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:33,480 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:34,499 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:35,520 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:36,550 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:37,588 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:38,607 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:39,632 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:40,658 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:41,682 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:42,719 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:43,743 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:44,804 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:45,881 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:46,926 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:48,266 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:49,552 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:50,686 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:51,929 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:52,969 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:54,019 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:55,058 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:56,099 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:57,144 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:58,186 [cuckoo.core.scheduler] DEBUG: Task #7269372: no machine available yet
2025-12-27 13:17:59,226 [cuckoo.core.scheduler] INFO: Task #7269372: acquired machine win7x6427 (label=win7x6427)
2025-12-27 13:17:59,227 [cuckoo.core.resultserver] DEBUG: Now tracking machine 192.168.168.227 for task #7269372
2025-12-27 13:17:59,600 [cuckoo.auxiliary.sniffer] INFO: Started sniffer with PID 2892481 (interface=vboxnet0, host=192.168.168.227)
2025-12-27 13:18:00,311 [cuckoo.machinery.virtualbox] DEBUG: Starting vm win7x6427
2025-12-27 13:18:01,192 [cuckoo.machinery.virtualbox] DEBUG: Restoring virtual machine win7x6427 to vmcloak
2025-12-27 13:19:20,847 [cuckoo.core.guest] INFO: Starting analysis #7269372 on guest (id=win7x6427, ip=192.168.168.227)
2025-12-27 13:19:21,852 [cuckoo.core.guest] DEBUG: win7x6427: not ready yet
2025-12-27 13:19:26,888 [cuckoo.core.guest] INFO: Guest is running Cuckoo Agent 0.10 (id=win7x6427, ip=192.168.168.227)
2025-12-27 13:19:27,009 [cuckoo.core.guest] DEBUG: Uploading analyzer to guest (id=win7x6427, ip=192.168.168.227, monitor=latest, size=6660546)
2025-12-27 13:19:28,601 [cuckoo.core.resultserver] DEBUG: Task #7269372: live log analysis.log initialized.
2025-12-27 13:19:29,641 [cuckoo.core.resultserver] DEBUG: Task #7269372 is sending a BSON stream
2025-12-27 13:19:30,019 [cuckoo.core.resultserver] DEBUG: Task #7269372 is sending a BSON stream
2025-12-27 13:19:30,866 [cuckoo.core.resultserver] DEBUG: Task #7269372: File upload for 'shots/0001.jpg'
2025-12-27 13:19:30,890 [cuckoo.core.resultserver] DEBUG: Task #7269372 uploaded file length: 133498
2025-12-27 13:19:32,534 [cuckoo.core.resultserver] DEBUG: Task #7269372 is sending a BSON stream
2025-12-27 13:19:43,278 [cuckoo.core.guest] DEBUG: win7x6427: analysis #7269372 still processing
2025-12-27 13:19:58,386 [cuckoo.core.guest] DEBUG: win7x6427: analysis #7269372 still processing
2025-12-27 13:20:13,506 [cuckoo.core.guest] DEBUG: win7x6427: analysis #7269372 still processing
2025-12-27 13:20:28,609 [cuckoo.core.guest] DEBUG: win7x6427: analysis #7269372 still processing
2025-12-27 13:20:43,699 [cuckoo.core.guest] DEBUG: win7x6427: analysis #7269372 still processing
2025-12-27 13:20:58,800 [cuckoo.core.guest] DEBUG: win7x6427: analysis #7269372 still processing
2025-12-27 13:21:13,957 [cuckoo.core.guest] DEBUG: win7x6427: analysis #7269372 still processing
2025-12-27 13:21:29,153 [cuckoo.core.guest] DEBUG: win7x6427: analysis #7269372 still processing
2025-12-27 13:21:44,348 [cuckoo.core.guest] DEBUG: win7x6427: analysis #7269372 still processing
2025-12-27 13:21:59,723 [cuckoo.core.guest] DEBUG: win7x6427: analysis #7269372 still processing
2025-12-27 13:22:15,167 [cuckoo.core.guest] DEBUG: win7x6427: analysis #7269372 still processing
2025-12-27 13:22:30,557 [cuckoo.core.guest] DEBUG: win7x6427: analysis #7269372 still processing
2025-12-27 13:22:45,654 [cuckoo.core.guest] DEBUG: win7x6427: analysis #7269372 still processing
2025-12-27 13:22:49,572 [cuckoo.core.resultserver] DEBUG: Task #7269372: File upload for 'curtain/1766834569.13.curtain.log'
2025-12-27 13:22:49,576 [cuckoo.core.resultserver] DEBUG: Task #7269372 uploaded file length: 36
2025-12-27 13:22:50,670 [cuckoo.core.resultserver] DEBUG: Task #7269372: File upload for 'sysmon/1766834570.66.sysmon.xml'
2025-12-27 13:22:50,970 [cuckoo.core.resultserver] DEBUG: Task #7269372 uploaded file length: 18891072
2025-12-27 13:22:51,130 [cuckoo.core.resultserver] DEBUG: Task #7269372: File upload for 'files/89f4618175bebe0b_black gang bang lingerie licking feet .avi.exe'
2025-12-27 13:22:51,155 [cuckoo.core.resultserver] DEBUG: Task #7269372 uploaded file length: 1586228
2025-12-27 13:22:51,165 [cuckoo.core.resultserver] DEBUG: Task #7269372: File upload for 'files/a44a490b0ae6f032_lingerie full movie hole upskirt  (tatjana).avi.exe'
2025-12-27 13:22:51,175 [cuckoo.core.resultserver] DEBUG: Task #7269372 uploaded file length: 733885
2025-12-27 13:22:51,183 [cuckoo.core.resultserver] DEBUG: Task #7269372: File upload for 'files/389e26be5544b2a5_beast hot (!)  (jade).mpeg.exe'
2025-12-27 13:22:51,227 [cuckoo.core.resultserver] DEBUG: Task #7269372: File upload for 'files/a87c9077cb6edee3_lingerie sleeping high heels .avi.exe'
2025-12-27 13:22:51,247 [cuckoo.core.resultserver] DEBUG: Task #7269372: File upload for 'files/cfd52a7d2b92109d_lingerie full movie glans 40+  (janette).avi.exe'
2025-12-27 13:22:51,265 [cuckoo.core.resultserver] DEBUG: Task #7269372 uploaded file length: 431036
2025-12-27 13:22:51,283 [cuckoo.core.resultserver] DEBUG: Task #7269372 uploaded file length: 683597
2025-12-27 13:22:51,291 [cuckoo.core.resultserver] DEBUG: Task #7269372 uploaded file length: 2029977
2025-12-27 13:22:51,306 [cuckoo.core.resultserver] DEBUG: Task #7269372: File upload for 'files/cb7b9267d9762d76_german sperm uncut .mpeg.exe'
2025-12-27 13:22:51,309 [cuckoo.core.resultserver] DEBUG: Task #7269372: File upload for 'files/c486e8d46ad7592d_tyrkish horse horse lesbian hole .mpeg.exe'
2025-12-27 13:22:51,323 [cuckoo.core.resultserver] DEBUG: Task #7269372 uploaded file length: 310177
2025-12-27 13:22:51,326 [cuckoo.core.resultserver] DEBUG: Task #7269372: File upload for 'files/6334c10d5403be3a_danish porn gay public .mpeg.exe'
2025-12-27 13:22:51,329 [cuckoo.core.resultserver] DEBUG: Task #7269372 uploaded file length: 339848
2025-12-27 13:22:51,331 [cuckoo.core.resultserver] DEBUG: Task #7269372 uploaded file length: 179967
2025-12-27 13:22:51,338 [cuckoo.core.resultserver] DEBUG: Task #7269372: File upload for 'files/d9ebda174e6bc831_xxx voyeur cock gorgeoushorny  (tatjana).avi.exe'
2025-12-27 13:22:51,361 [cuckoo.core.resultserver] DEBUG: Task #7269372 uploaded file length: 1430475
2025-12-27 13:22:51,383 [cuckoo.core.resultserver] DEBUG: Task #7269372: File upload for 'files/2e211396ca0b0a74_trambling full movie boots  (jenna,sylvia).mpg.exe'
2025-12-27 13:22:51,422 [cuckoo.core.resultserver] DEBUG: Task #7269372 uploaded file length: 2090669
2025-12-27 13:22:51,489 [cuckoo.core.resultserver] DEBUG: Task #7269372: File upload for 'files/9fc21a0067b03a46_swedish handjob beast several models feet .mpg.exe'
2025-12-27 13:22:51,801 [cuckoo.core.resultserver] DEBUG: Task #7269372 uploaded file length: 1813590
2025-12-27 13:22:54,554 [cuckoo.core.resultserver] DEBUG: Task #7269372: File upload for 'files/969fa454a9734f3b_mssrv.exe'
2025-12-27 13:22:54,561 [cuckoo.core.resultserver] DEBUG: Task #7269372 uploaded file length: 141764
2025-12-27 13:22:54,564 [cuckoo.core.resultserver] DEBUG: Task #7269372: File upload for 'files/3f0d51cd181f81da_italian cumshot sperm uncut boots .zip.exe'
2025-12-27 13:22:54,589 [cuckoo.core.resultserver] DEBUG: Task #7269372 uploaded file length: 710348
2025-12-27 13:22:54,593 [cuckoo.core.resultserver] DEBUG: Task #7269372: File upload for 'files/526e83e1b3eee075_russian handjob trambling lesbian .zip.exe'
2025-12-27 13:22:54,621 [cuckoo.core.resultserver] DEBUG: Task #7269372 uploaded file length: 259477
2025-12-27 13:22:54,624 [cuckoo.core.resultserver] DEBUG: Task #7269372: File upload for 'files/2c672262fc8b02b8_lesbian [milf] hotel .zip.exe'
2025-12-27 13:22:54,664 [cuckoo.core.resultserver] DEBUG: Task #7269372 uploaded file length: 1568566
2025-12-27 13:22:55,205 [cuckoo.core.resultserver] DEBUG: Task #7269372: File upload for 'files/04b24429d2845fd3_swedish kicking hardcore hidden hole .mpeg.exe'
2025-12-27 13:22:55,240 [cuckoo.core.resultserver] DEBUG: Task #7269372 uploaded file length: 1157590
2025-12-27 13:22:55,251 [cuckoo.core.resultserver] DEBUG: Task #7269372: File upload for 'files/ec0e798a3f886581_blowjob licking .mpg.exe'
2025-12-27 13:22:55,262 [cuckoo.core.resultserver] DEBUG: Task #7269372: File upload for 'files/f934693a9b329ac8_black kicking fucking [bangbus] mistress .zip.exe'
2025-12-27 13:22:55,265 [cuckoo.core.resultserver] DEBUG: Task #7269372 uploaded file length: 590077
2025-12-27 13:22:55,314 [cuckoo.core.resultserver] DEBUG: Task #7269372 uploaded file length: 1997650
2025-12-27 13:22:55,327 [cuckoo.core.resultserver] DEBUG: Task #7269372: File upload for 'files/edb863761c3d74d4_fucking [milf] titts mistress .mpg.exe'
2025-12-27 13:22:55,341 [cuckoo.core.resultserver] DEBUG: Task #7269372 uploaded file length: 1093159
2025-12-27 13:22:55,363 [cuckoo.core.resultserver] DEBUG: Task #7269372: File upload for 'files/c6f225776fd6735f_tyrkish cumshot gay girls black hairunshaved .rar.exe'
2025-12-27 13:22:55,388 [cuckoo.core.resultserver] DEBUG: Task #7269372 uploaded file length: 1847066
2025-12-27 13:22:55,419 [cuckoo.core.resultserver] DEBUG: Task #7269372: File upload for 'files/692d1c0a1b155d9b_russian porn horse public titts .rar.exe'
2025-12-27 13:22:55,448 [cuckoo.core.resultserver] DEBUG: Task #7269372 uploaded file length: 2065738
2025-12-27 13:22:55,500 [cuckoo.core.resultserver] DEBUG: Task #7269372: File upload for 'files/c26ba256e198ee21_hardcore girls fishy  (sandy,curtney).avi.exe'
2025-12-27 13:22:55,682 [cuckoo.core.resultserver] DEBUG: Task #7269372 uploaded file length: 2145993
2025-12-27 13:22:55,696 [cuckoo.core.resultserver] DEBUG: Task #7269372: File upload for 'files/7e4e7a77fe9db84a_russian fetish bukkake full movie .avi.exe'
2025-12-27 13:22:55,737 [cuckoo.core.resultserver] DEBUG: Task #7269372 uploaded file length: 1917743
2025-12-27 13:22:55,751 [cuckoo.core.resultserver] DEBUG: Task #7269372: File upload for 'files/cd355d67bd9534be_brasilian porn bukkake hot (!) femdom  (ashley,melissa).zip.exe'
2025-12-27 13:22:55,814 [cuckoo.core.resultserver] DEBUG: Task #7269372 had connection reset for <Context for LOG>
2025-12-27 13:22:55,816 [cuckoo.core.resultserver] DEBUG: Task #7269372 uploaded file length: 1117583
2025-12-27 13:22:55,823 [cuckoo.core.resultserver] DEBUG: Task #7269372: File upload for 'files/77c8eb7dc132536c_xxx masturbation cock granny .zip.exe'
2025-12-27 13:22:55,839 [cuckoo.core.resultserver] DEBUG: Task #7269372 uploaded file length: 305285
2025-12-27 13:22:57,886 [cuckoo.core.guest] INFO: win7x6427: analysis completed successfully
2025-12-27 13:22:57,900 [cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Redsocks
2025-12-27 13:22:57,926 [cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Sniffer
2025-12-27 13:22:59,132 [cuckoo.machinery.virtualbox] INFO: Successfully generated memory dump for virtual machine with label win7x6427 to path /srv/cuckoo/cwd/storage/analyses/7269372/memory.dmp
2025-12-27 13:22:59,138 [cuckoo.machinery.virtualbox] DEBUG: Stopping vm win7x6427
2025-12-27 13:25:01,600 [cuckoo.core.resultserver] DEBUG: Stopped tracking machine 192.168.168.227 for task #7269372
2025-12-27 13:25:02,168 [cuckoo.core.scheduler] DEBUG: Released database task #7269372
2025-12-27 13:25:02,321 [cuckoo.core.scheduler] INFO: Task #7269372: analysis procedure completed

Signatures

Yara rules detected for file (4 events)

description	(no description)	rule	DebuggerException__SetConsoleCtrl
description	Create or check mutex	rule	win_mutex
description	Affect system registries	rule	win_registry
description	Affect private profile	rule	win_files_operation

The executable uses a known packer (1 event)

packer

Pelles C 3.00, 4.00, 4.50 EXE (X86 CRT-LIB)

Creates executable files on the filesystem (28 events)

file	C:\ProgramData\Microsoft\Network\Downloader\black gang bang lingerie licking feet .avi.exe
file	C:\ProgramData\Templates\swedish handjob beast several models feet .mpg.exe
file	C:\Users\All Users\Microsoft\RAC\Temp\swedish kicking hardcore hidden hole .mpeg.exe
file	C:\Users\Administrator\AppData\Local\Temp\trambling full movie boots (Jenna,Sylvia).mpg.exe
file	C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\IEDownloadHistory\tyrkish horse horse lesbian hole .mpeg.exe
file	C:\Users\Administrator\AppData\Local\Temp\mozilla-temp-files\hardcore girls fishy (Sandy,Curtney).avi.exe
file	C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\russian porn horse public titts .rar.exe
file	C:\Program Files\DVD Maker\Shared\tyrkish cumshot gay girls black hairunshaved .rar.exe
file	C:\tmpf7a_02\lesbian [milf] hotel .zip.exe
file	C:\Program Files\Microsoft Office\Templates\1033\ONENOTE\14\Notebook Templates\lingerie sleeping high heels .avi.exe
file	C:\ProgramData\Microsoft\RAC\Temp\brasilian porn bukkake hot (!) femdom (Ashley,Melissa).zip.exe
file	C:\Program Files\Windows Sidebar\Shared Gadgets\black kicking fucking [bangbus] mistress .zip.exe
file	C:\Users\Administrator\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\fucking [milf] titts mistress .mpg.exe
file	C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\danish porn gay public .mpeg.exe
file	C:\Users\Administrator\Downloads\lesbian hot (!) hole (Britney,Liz).mpeg.exe
file	C:\Program Files (x86)\Common Files\microsoft shared\beast hot (!) (Jade).mpeg.exe
file	C:\Windows\mssrv.exe
file	C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Templates\italian handjob blowjob girls redhair .mpeg.exe
file	C:\ProgramData\Microsoft\Windows\Templates\xxx voyeur cock gorgeoushorny (Tatjana).avi.exe
file	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\italian cumshot sperm uncut boots .zip.exe
file	C:\Program Files\Windows Journal\Templates\lingerie full movie hole upskirt (Tatjana).avi.exe
file	C:\Users\All Users\Microsoft\Network\Downloader\blowjob licking .mpg.exe
file	C:\Program Files\Microsoft Office\Templates\lingerie full movie glans 40+ (Janette).avi.exe
file	C:\Users\All Users\Microsoft\Windows\Templates\german sperm uncut .mpeg.exe
file	C:\Program Files\Common Files\Microsoft Shared\swedish horse trambling catfight (Sylvia).mpg.exe
file	C:\Users\Administrator\Templates\russian handjob trambling lesbian .zip.exe
file	C:\Users\Administrator\AppData\Local\Temporary Internet Files\xxx masturbation cock granny .zip.exe
file	C:\ProgramData\Microsoft\Search\Data\Temp\russian fetish bukkake full movie .avi.exe

Searches running processes potentially to identify processes for sandbox evasion, code injection or memory dumping (3 events)

Time & API	Arguments	Status	Return
Process32NextW Dec. 27, 2025, 10:19 a.m.	snapshot_handle: 0x00000124 process_name: pythonw.exe process_identifier: 2852	1	1
Process32NextW Dec. 27, 2025, 10:19 a.m.	snapshot_handle: 0x00000124 process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 2676	1	1
Process32NextW Dec. 27, 2025, 10:23 a.m.	snapshot_handle: 0x00000124 process_name: wevtutil.exe process_identifier: 788	1	1

Repeatedly searches for a not-found process, you may want to run a web browser during analysis (50 out of 199 events)

Time & API	Arguments	Status	Return	Repeated
Process32NextW Dec. 27, 2025, 10:19 a.m.	snapshot_handle: 0x00000124 process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 2676		0	0
Process32NextW Dec. 27, 2025, 10:19 a.m.	snapshot_handle: 0x000002cc process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 1796		0	0
Process32NextW Dec. 27, 2025, 10:19 a.m.	snapshot_handle: 0x000002bc process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:19 a.m.	snapshot_handle: 0x000002bc process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:19 a.m.	snapshot_handle: 0x000002bc process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:19 a.m.	snapshot_handle: 0x000002bc process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:19 a.m.	snapshot_handle: 0x000002dc process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:20 a.m.	snapshot_handle: 0x000002dc process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:20 a.m.	snapshot_handle: 0x000002dc process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:20 a.m.	snapshot_handle: 0x000002dc process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:20 a.m.	snapshot_handle: 0x000002dc process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:20 a.m.	snapshot_handle: 0x000002dc process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:20 a.m.	snapshot_handle: 0x000002dc process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:20 a.m.	snapshot_handle: 0x000002dc process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:20 a.m.	snapshot_handle: 0x0000026c process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:20 a.m.	snapshot_handle: 0x0000026c process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:20 a.m.	snapshot_handle: 0x0000026c process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:20 a.m.	snapshot_handle: 0x0000026c process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:20 a.m.	snapshot_handle: 0x0000026c process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:20 a.m.	snapshot_handle: 0x0000026c process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:20 a.m.	snapshot_handle: 0x0000026c process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:20 a.m.	snapshot_handle: 0x0000026c process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:20 a.m.	snapshot_handle: 0x0000026c process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:20 a.m.	snapshot_handle: 0x0000026c process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:20 a.m.	snapshot_handle: 0x0000026c process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:20 a.m.	snapshot_handle: 0x0000026c process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:20 a.m.	snapshot_handle: 0x0000026c process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:20 a.m.	snapshot_handle: 0x0000026c process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:20 a.m.	snapshot_handle: 0x0000026c process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:20 a.m.	snapshot_handle: 0x00000284 process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:20 a.m.	snapshot_handle: 0x00000284 process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:20 a.m.	snapshot_handle: 0x00000284 process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:20 a.m.	snapshot_handle: 0x00000284 process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:20 a.m.	snapshot_handle: 0x00000284 process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:20 a.m.	snapshot_handle: 0x00000284 process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:20 a.m.	snapshot_handle: 0x00000284 process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:20 a.m.	snapshot_handle: 0x00000284 process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:21 a.m.	snapshot_handle: 0x00000284 process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:21 a.m.	snapshot_handle: 0x00000284 process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:21 a.m.	snapshot_handle: 0x00000284 process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:21 a.m.	snapshot_handle: 0x00000288 process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:21 a.m.	snapshot_handle: 0x00000288 process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:21 a.m.	snapshot_handle: 0x00000288 process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:21 a.m.	snapshot_handle: 0x00000288 process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:21 a.m.	snapshot_handle: 0x00000288 process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:21 a.m.	snapshot_handle: 0x00000288 process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:21 a.m.	snapshot_handle: 0x00000288 process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:21 a.m.	snapshot_handle: 0x00000288 process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:21 a.m.	snapshot_handle: 0x000002dc process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0
Process32NextW Dec. 27, 2025, 10:21 a.m.	snapshot_handle: 0x000002dc process_name: ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe process_identifier: 580		0	0

A process attempted to delay the analysis task. (1 event)

description

ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe tried to sleep 1352 seconds, actually delayed analysis time by 1352 seconds

Enumerates services, possibly for anti-virtualization (1 event)

Time & API	Arguments	Status	Return	Repeated
EnumServicesStatusA Dec. 27, 2025, 10:19 a.m.	service_handle: 0x0055c9b0 service_type: 48 service_status: 1		0	0

Installs itself for autorun at Windows startup (1 event)

reg_key

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\mssrv32

reg_value

C:\Windows\mssrv.exeÿ`u?è$VÿÂ??:SÙUÊlwÙUè$Va:Sà"VÄSèú¡õqø;ª8ûxÿõq¡w¤v>þÿÿÿª8w¢4wà"VabØ"V0ü7.³vSà"VÃ@\ýÂÄà"VØþâ@

Creates known WinSxsBot/Sfone Worm files, registry keys and/or mutexes (1 event)

mutex

mutex666

File has been identified by 13 AntiVirus engine on IRMA as malicious (13 events)

G Data Antivirus (Windows)	Virus: Gen:Variant.Application.Fragtor.4684 (Engine A), Win32.Worm.Sfone.B (Engine B)
Avast Core Security (Linux)	Win32:Agent-URR [Trj]
C4S ClamAV (Linux)	Win.Malware.Eclz-9953021-0
Trend Micro SProtect (Linux)	WORM_AGENT.JM
Trellix (Linux)	W32/Generic.worm.f virus
WithSecure (Linux)	Trojan.TR/Spy.Gen
eScan Antivirus (Linux)	Gen:Variant.Application.Fragtor.4684(DB)
ESET Security (Windows)	Win32/Agent.CP worm
Sophos Anti-Virus (Linux)	W32/Sfone-A
DrWeb Antivirus (Linux)	Win32.HLLW.Siggen.1607
ClamAV (Linux)	Win.Malware.Eclz-9953021-0
Bitdefender Antivirus (Linux)	Gen:Variant.Application.Fragtor.4684
Kaspersky Standard (Windows)	Worm.Win32.Agent.cp

Screenshots

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action	VT	Location
No hosts contacted.

Browser recommendation

File ae4ad33b74ca7e07_black cum lingerie hidden 50+ .zip.exe

Summary Download Resubmit sample

Score

Autosubmit

Feedback

Information on Execution

Analyzer Log

Cuckoo Log

Signatures

Feedback

Summary
Download Resubmit sample