Summary

Score

Please notice: The scoring system is currently still in development and should be considered an alpha feature.

Autosubmit

Parent_Task_ID:7469965

Feedback

Expecting different results? Send us this analysis and we will inspect it. Click here

Information on Execution

2026-03-01 15:51:47,015 [analyzer] DEBUG: Starting analyzer from: C:\tmpf7a_02
2026-03-01 15:51:47,015 [analyzer] DEBUG: Pipe server name: \??\PIPE\xMSOgtjbqoKBOBmkSgIQpPuxQyGqmIG
2026-03-01 15:51:47,030 [analyzer] DEBUG: Log pipe server name: \??\PIPE\JjUlPdynHuObzFAyaC
2026-03-01 15:51:47,030 [analyzer] DEBUG: No analysis package specified, trying to detect it automagically.
2026-03-01 15:51:47,046 [analyzer] INFO: Automatically selected analysis package "exe"
2026-03-01 15:51:47,312 [analyzer] DEBUG: Started auxiliary module Curtain
2026-03-01 15:51:47,312 [analyzer] DEBUG: Started auxiliary module DbgView
2026-03-01 15:51:47,750 [analyzer] DEBUG: Started auxiliary module Disguise
2026-03-01 15:51:47,967 [analyzer] DEBUG: Loaded monitor into process with pid 504
2026-03-01 15:51:47,967 [analyzer] DEBUG: Started auxiliary module DumpTLSMasterSecrets
2026-03-01 15:51:47,967 [analyzer] DEBUG: Started auxiliary module Human
2026-03-01 15:51:47,967 [analyzer] DEBUG: Started auxiliary module InstallCertificate
2026-03-01 15:51:47,967 [analyzer] DEBUG: Started auxiliary module Reboot
2026-03-01 15:51:48,046 [analyzer] DEBUG: Started auxiliary module RecentFiles
2026-03-01 15:51:48,046 [analyzer] DEBUG: Started auxiliary module Screenshots
2026-03-01 15:51:48,062 [analyzer] DEBUG: Started auxiliary module Sysmon
2026-03-01 15:51:48,062 [analyzer] DEBUG: Started auxiliary module LoadZer0m0n
2026-03-01 15:51:48,203 [lib.api.process] ERROR: Failed to execute process from path u'C:\\Users\\ADMINI~1\\AppData\\Local\\Temp\\58ab976dffcb5230_adu.exe' with arguments ['bin\\inject-x64.exe', '--app', u'C:\\Users\\ADMINI~1\\AppData\\Local\\Temp\\58ab976dffcb5230_adu.exe', '--only-start', '--curdir', 'C:\\Users\\ADMINI~1\\AppData\\Local\\Temp'] (Error: Command '['bin\\inject-x64.exe', '--app', u'C:\\Users\\ADMINI~1\\AppData\\Local\\Temp\\58ab976dffcb5230_adu.exe', '--only-start', '--curdir', 'C:\\Users\\ADMINI~1\\AppData\\Local\\Temp']' returned non-zero exit status 1)

2026-03-01 16:51:49,478 [cuckoo.core.scheduler] INFO: Task #7469967: acquired machine win7x6427 (label=win7x6427)
2026-03-01 16:51:49,478 [cuckoo.core.resultserver] DEBUG: Now tracking machine 192.168.168.227 for task #7469967
2026-03-01 16:51:50,014 [cuckoo.auxiliary.sniffer] INFO: Started sniffer with PID 121020 (interface=vboxnet0, host=192.168.168.227)
2026-03-01 16:51:52,087 [cuckoo.machinery.virtualbox] DEBUG: Starting vm win7x6427
2026-03-01 16:51:52,756 [cuckoo.machinery.virtualbox] DEBUG: Restoring virtual machine win7x6427 to vmcloak
2026-03-01 16:52:06,694 [cuckoo.core.guest] INFO: Starting analysis #7469967 on guest (id=win7x6427, ip=192.168.168.227)
2026-03-01 16:52:07,701 [cuckoo.core.guest] DEBUG: win7x6427: not ready yet
2026-03-01 16:52:12,750 [cuckoo.core.guest] INFO: Guest is running Cuckoo Agent 0.10 (id=win7x6427, ip=192.168.168.227)
2026-03-01 16:52:12,858 [cuckoo.core.guest] DEBUG: Uploading analyzer to guest (id=win7x6427, ip=192.168.168.227, monitor=latest, size=6660546)
2026-03-01 16:52:14,663 [cuckoo.core.resultserver] DEBUG: Task #7469967: live log analysis.log initialized.
2026-03-01 16:52:15,546 [cuckoo.core.resultserver] DEBUG: Task #7469967 is sending a BSON stream
2026-03-01 16:52:16,812 [cuckoo.core.resultserver] DEBUG: Task #7469967: File upload for 'shots/0001.jpg'
2026-03-01 16:52:16,845 [cuckoo.core.resultserver] DEBUG: Task #7469967 uploaded file length: 133449
2026-03-01 16:52:17,028 [cuckoo.core.guest] WARNING: win7x6427: analysis #7469967 caught an exception
Traceback (most recent call last):
  File "C:/tmpf7a_02/analyzer.py", line 824, in <module>
    success = analyzer.run()
  File "C:/tmpf7a_02/analyzer.py", line 673, in run
    pids = self.package.start(self.target)
  File "C:\tmpf7a_02\modules\packages\exe.py", line 34, in start
    return self.execute(path, args=shlex.split(args))
  File "C:\tmpf7a_02\lib\common\abstracts.py", line 205, in execute
    "Unable to execute the initial process, analysis aborted."
CuckooPackageError: Unable to execute the initial process, analysis aborted.

2026-03-01 16:52:17,043 [cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Redsocks
2026-03-01 16:52:17,075 [cuckoo.core.plugins] DEBUG: Stopped auxiliary module: Sniffer
2026-03-01 16:52:18,471 [cuckoo.machinery.virtualbox] INFO: Successfully generated memory dump for virtual machine with label win7x6427 to path /srv/cuckoo/cwd/storage/analyses/7469967/memory.dmp
2026-03-01 16:52:18,473 [cuckoo.machinery.virtualbox] DEBUG: Stopping vm win7x6427
2026-03-01 16:52:26,701 [cuckoo.core.resultserver] DEBUG: Stopped tracking machine 192.168.168.227 for task #7469967
2026-03-01 16:52:26,701 [cuckoo.core.resultserver] DEBUG: Cancel <Context for LOG> for task 7469967
2026-03-01 16:52:27,042 [cuckoo.core.scheduler] DEBUG: Released database task #7469967
2026-03-01 16:52:27,054 [cuckoo.core.scheduler] INFO: Task #7469967: analysis procedure completed