SmartHawk

1.2

低危

63 个模型检测该样本为恶意！

重新分析

下载样本

0d6d4214646a80b3f89cd990418aeb05d2bc21dccf8bc03f085fbc45c20fe779

0d6d4214646a80b3f89cd990418aeb05d2bc21dccf8bc03f085fbc45c20fe779.exe

分析耗时

144s

引擎	描述	特征	威胁分数	可能家族	检测耗时
DACN	基于动态分析和胶囊网络的可视化恶意软件检测	API调用、DLL以及注册表的修改情况	0.12	Unknown	0.07s
FACILE	利用改进的层次胶囊网络对二进制恶意软件图像进行识别分类	二进制图像映射为的灰度图像	1.00	Unknown	0.04s
IMCLNet	轻量化深度卷积网络模型实现恶意软件家族检测	原始二进制映射而成的可视化图像	0.59	Unknown	0.22s
MFGraph	利用静态特征构建图网络以检测恶意软件	原始二进制PE文件的静态特征节点	0.00	Unknown	0.00s

查杀引擎	查杀结果	查杀时间	查杀版本
Alibaba	Worm:Win32/Agent.6b58a759	20190527	0.3.0.5
Avast	Win32:SillyP2P-X [Wrm]	20230512	22.11.7701.0
Baidu	None	20190318	1.0.0.2
CrowdStrike	win/malicious_confidence_100% (W)	20220812	1.0
McAfee	GenericRXIJ-LO!882DAA7B34D7	20230512	6.0.6.653
Tencent	Trojan.Win32.Small.p	20230513	1.0.0.1

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手，可以帮您分析和解读恶意软件报告。请随时向我提问！

🔍 主要威胁分析

⚡ 行为特征

🛡️ 防护建议

🔧 技术手段

🎯 检测方法

🤖

Static Analysis
Strings

PE Compile Time

2004-05-07 07:02:15

PE Imphash

27f21db1a40f044cb2ea9aa7f88716f6

Sections

Name	Virtual Address	Virtual Size	Size of Raw Data	Entropy
.text\x00eb	0x00001000	0x00005b50	0x00006000	7.848091401438236
.rdata	0x00007000	0x000009ac	0x00001000	3.7370867281067
.data\x00eb	0x00008000	0x00003478	0x00002000	3.4292108023403616
.rsrc\x00eb	0x0000c000	0x00000958	0x00001000	2.492413503122149
.z\x00\x00\\x00U	0x0000d000	0x00000da4	0x00001000	0.6034496551498164
.jbfhr	0x0000e000	0x00000400	0x00001000	2.061127104708464
.VHuG	0x0000f000	0x00000bcb	0x00001000	0.8311497314370737
.iZaM\x00eb	0x00010000	0x00000d85	0x00001000	0.6222843134491175
.tjnoy\x00b	0x00011000	0x00000400	0x00001000	2.1404370624438807
.FCX\x00Feb	0x00012000	0x000007da	0x00001000	0.999751642800421

Resources

Name	Offset	Size	Language	Sub-language	File type
RT_ICON	0x0000c408	0x00000128	LANG_SPANISH	SUBLANG_SPANISH_MODERN	None
RT_ICON	0x0000c408	0x00000128	LANG_SPANISH	SUBLANG_SPANISH_MODERN	None
RT_GROUP_ICON	0x0000c530	0x00000022	LANG_SPANISH	SUBLANG_SPANISH_MODERN	None
RT_VERSION	0x0000c558	0x000003fc	LANG_SPANISH	SUBLANG_SPANISH_MODERN	None

Imports

Library KERNEL32.dll:

• 0x407010 FindClose

• 0x407014 FindNextFileA

• 0x407018 GetModuleHandleA

• 0x40701c GetStringTypeW

• 0x407020 GetStringTypeA

• 0x407024 GetModuleFileNameA

• 0x407028 GetWindowsDirectoryA

• 0x40702c FindFirstFileA

• 0x407030 Sleep

• 0x407034 HeapFree

• 0x407038 HeapAlloc

• 0x40703c GetStartupInfoA

• 0x407040 GetCommandLineA

• 0x407044 GetVersion

• 0x407048 ExitProcess

• 0x40704c HeapDestroy

• 0x407050 HeapCreate

• 0x407054 VirtualFree

• 0x407058 VirtualAlloc

• 0x40705c HeapReAlloc

• 0x407060 GetLastError

• 0x407064 CloseHandle

• 0x407068 WriteFile

• 0x40706c ReadFile

• 0x407070 TerminateProcess

• 0x407074 GetCurrentProcess

• 0x407078 UnhandledExceptionFilter

• 0x40707c FreeEnvironmentStringsA

• 0x407080 FreeEnvironmentStringsW

• 0x407084 WideCharToMultiByte

• 0x407088 GetEnvironmentStrings

• 0x40708c GetEnvironmentStringsW

• 0x407090 SetHandleCount

• 0x407094 GetStdHandle

• 0x407098 GetFileType

• 0x40709c RtlUnwind

• 0x4070a0 SetStdHandle

• 0x4070a4 FlushFileBuffers

• 0x4070a8 CreateFileA

• 0x4070ac SetFilePointer

• 0x4070b0 GetCPInfo

• 0x4070b4 GetACP

• 0x4070b8 GetOEMCP

• 0x4070bc GetProcAddress

• 0x4070c0 LoadLibraryA

• 0x4070c4 SetEndOfFile

• 0x4070c8 MultiByteToWideChar

• 0x4070cc LCMapStringA

• 0x4070d0 LCMapStringW

• 0x4070d4 CreateDirectoryA

Library USER32.dll:

• 0x4070dc MessageBoxA

Library ADVAPI32.dll:

• 0x407000 RegSetValueExA

• 0x407004 RegCloseKey

• 0x407008 RegOpenKeyA

L!This program cannot be run in DOS mode.
/<kRkRkR
^iRYjR\gRXWR
AlRkS\RDiRTjRRichkR
.rdata
@.data
@.jbfhr
`.VHuG
@.iZaM
@.tjnoy
^-YODO
c\]9eyX5
yy3K/J
 WZ#aNU.
'?\/h[5
`b64tf
*-r]B6xGz
MAFf8@>M%!O+6l(
|7=<,7
)fdARJ
-R?OMhV3D86
{/mn/hI;p
6)7G7~lug[
TZg9gHL
ue+Nrdfu
GQACdWa
u3>UP
#w>J-ZF
6s3=e%
t'A[y] &2
[5zCC@iN:m
Opz%bzLD
=Q},6w
,.6s|a
oSW*82K
`e>R42G
W4f.;jvn2Ww:7/s
X?mL\&6
I?'?GL
?Ob#4m{
0EU&E*@
> d8i?l
xh[&K
>RTWHyf
pNQJ_ )
MlOLOa
z1oT-Y
;e9S<eRKYs
T>bDG7?q
96g7:.W
!eP.Lc
0ww+rT
1m'li{
9jRi"+}g
Os8.`^-
Hg}}rv=gO8.
c(p~~P#?8WR_)
Ti!jROfg
X\lM43]
.MCO%:
\`l#E>Ja^Py^
wr8LD9
=#8?(>jA
$ja kkZXs
*XpT B8N
>$-YO,
n;/S77k2 z
-(nIPN
'?m)%>{
3Fu-cPG
04N_-oS&u
fpJ@+ GW275
s^I,6T9f
1/9i`g
~;'z:_z
#81\+5
HZG[gj
'@,4'}teN
@{C#B\
Dn1[TF<
nh/=f~LD
u+$NrKt
{bCg*}
QT[{ rIdZYL+
~>J8Q?l
#q\&y
E^ab'D^$G.
TU: Bf"^L+
rh.0T0pWOr
muA=O{
[_3P}Z3E
k$'A3dy
YSFGn
'kTJLPm
$vEn7m:T1Hf0%=?
yqGd[c
^gBB7h(
oV^pTZo
 )8)lgz
A9rz^pT.w~
G;Ia^-,
TQnWcdg
T@2C4$Ai\D
J{f-S
%D"iCfuG8Gnf
3n0Dk~
(BxFRRo'~;*'6B]
_[]"3o1
s"KPUXw
:yN">=
{4[R'u
y731]"nN{
>J+9?j
TYJ8B%0
4j,dB{
\w<I&1
404."LA'oKWH+D@
vNL3M/*T
P8Ddb6
Xw~7F=
..^Y'jZF+=
8CZ*C@Ea(
6EZ.m~B
r7SDo[k&EQ
lqfpu
R'1WI/~Ca:
$xA 6)
xPz1<{(b
'?4GdZ`GI
1#Ntnd{3fjElP7
ZqSW;)8Ev
S'e y}
2(+dD-l
EA^#2w
mtNdnd{qZ
pJ_)s`(x
D9_O@`Pq,V
:dc4rR$Xb
7#<}P&{l
!P4f.8
+8{3eaJKvNTP)
--AZ&Q=8
2Y@OEYgq+}{dO
s3S=G Um*EaxyyY8N
#NC1V=l
lK>(tYb876SBd
!Sy,Pd{1_fTh&#
!F9=e8<
t>L{B#
P20g?iPjE
v:WF!zI
!?C,fcQB
`pH>CRYn s?Q~9
h`Yc!Gb^!^
%`$n^fi*){
dDBJpv
<5Ms2cdYE8E!k
4/}N}\
T' 6/S?
L~ifki8<n
P4'1mEP
|E8=y`
l9oSW="
DR~a~zy
R!9\JV6r
3}O-/"0~
}7o8|Klwb 
og`W8K'
`rtvun0
w%Ea:n'(>-o`C
hO\4'd\7#
-cVp}[pDZp'lz
82qFd,YOF
VkV5oXU!q'
"1>L$A
+9cD'0D/hA
:{pT7gl^*
[L&naiH+
6u7Z}
G9^Pt1
4j8u{NQwROLW
zNt%K`FY
6X~!_w38XNa+
TDPRM56
2bK)(t?Z
w~=[2j
g8>caQA(^
sC,/9W
\kl#p5!_-/2
aG=>s:
RTl;c4n.Rd9
EtzC<3."
Gd0FO&
N|:$7b'
^ZcgY@
ll;+}1
TMRwW"ge
~aA%(I7J
0w?`i/@5>x
^pTy1lJ>JacQk
$|YP~7
a bc88
<Gj`WGJ|
&<wM\i(l423VNNB&GSzR~mM9MY*OZq*v
Bm~C"
d6KwAB
8DMD>q}X
Y05p>m
nk w{t
JR@$EO8g
I'v&#E]
0NI/6Wd(B8l*L
m#E9[@
{s_LMzI
7&R64
7HgkJ,4~V
{oZWl{}!e
ckTX=?*U
J+Uk81
iW:wzLDQ(Lw
 "oD&d{9X,
_W[F$FNztd\
)MXlG[3
0OLc:r<'d{
wYnQM68l.H
Rm@G#1au
$i^g;w
$IGoGVF!
<(k(o?0E`
Wns$7p
b#aG\[
nc1E^X
Z/S3,#
w~7G!-s
 jahd:<@{
WP/aTM
EuHOkGL`
E^pTV_V9*/
Xka^tJLoG
<H>L}iWu@O
{C#a%Z=i/
.>ps]j
6qw.m9T-x
E\,d?W
>J]SYR+M"
WevS='v
]P6k[L
p/!3|&0ai=7[
+=K/#VS
Z4'nF<F~A I
xfih{8
f#Bp!Mkym@QPX
w~;0WY)7J&*
KHP'0,_+4
1*4'|8l
EOa<,+V
_O,&l!@qM
cZYhey
fRY- Sh{`}`w{7
3Ei+][
"T?a/T
g +{aZs
e0a#F.,
THi7o7
roqTZ"j
fP-b5^
('?m)/
z?2d1c#14
`?,4&C
3?9E8,V
2X?>$},
W%^ac
 uv7`L
Rab1%Q
tE=#0)zY
fv);e'6QpUq
<H06aPp
ropTZg
l\ym#E
Ja^ed%YS
I1eqj#
8%?m,j!
_W^`rk^zk}o
#t_$usKh
WW:jm6
gh[}";
\,4'A|
@(,FSHK:KB
vdXZ-B
O8),`EfFL*TY;1/?
|w~7Ko6=
?qUM*.hs
 }gx1j}T
k cgOWD4
e%UB9'1Hu)a(
3n*vC\knj
sdm1 A!<+
E2lCaL)
oK_s'u
&$yk f(0.T2Us6<;
$3b8r1c
2<EdkC5Hcg4xGB;>4
EjCo+}:k
_9j{:xNSfr
a0c^Oh
'`b+X${
wB!"8/
g}pW94'LNa
8&}h"TXZv3wC9Q,#
c#<jN:
r7vd^[V$`Y
v'WId,6J
U9OsoEPc
^!v*[ c
C+!ZTzFoR
7`BA3tM
&>7S?@
m^43&m]s0
V-"@_7
%i&:e^-Y
#95euW2#dw:h}8S
UP9].1&M1
07Bfn^
1[Mi;}=<c
Xr:en:R
n32bVzZ!
'?mI'5/;p"7AYZV;5^83
 K8CC3
GS YIUx4
#;;?A*$
&L nqhu
^U+(y-
e_zD TA@
B&EM;@80
^f0]TWHOf
>7iUH>
s]%hxh]sHQ
4};'r7y+
q,L{bo`o8
|ccE3M$lT
oYOeo?
Wo@!SI|
LM46+ >S7
"nNKwtL9mE
oS?k;~iq.
WoSx(:D2>)Zj
+dZG-?i
^0Tct'BC
_L$NK 
98<7EP)8
:}oVN.
?4#c1J>Ja^Ij,
q54&h#Y
?36}`JI~^
a#?+Q(Hf0
/{'?m%VlN
s`&{;[+55
&W:xGr
GWNj]I
z*O}=F
:,H6i#A
}sX|LD?
-n-Ig+Qd'?mO3[3#z&1
&Nr,&F*E
^J&tc?$
@H$N!k~RA
ZQWlzpE_-Yy
AowCVLEV
Hu\E1'Z
j1~6bFk
'@BSzpR
Ul4S[`
_@nSrE
#xNa,L
TH7'6fkN
vNL*<a?V
t`@W`\'E5CUN 
5M!V!jejg
R7u6#UMd{
P&n% 2W
m!8%8_lh;+{m
Y%D96JN
8)cCZu6q
hE^'[8C=[GU6d"
4h+4r,fU b
EPl;=a
8}9VH=%
4[Nbk]3T
m!8%8_lh;+}hE[
@"1s%4MpA]
,&4`ZG
8G:Ik'T1c"v
[LGB7`
;9|x3]
0DL.^k|[U
lhLN&yJi
[dG8|8q
iBtJ;xG6lC
3]LU)Q2R
P`T2*E
ut.]6mY
td{i[Ydjo2
xG{fvCWS
S[EI`pQ
K3Ij4F+HI
+%ZLzF
Mq/P3LTe
"Jj$<V-wZ
9s2ioB\,*T
lWkt>J
lX8&;1<LC0Oj
Oe\c2sP`L
UC_7Bv
"Sc/X3
OEhVG_pTa,Z'yW
^/YOX6\
7Pz\PF<ajID*O$
EgR~p'?
^Pq*Ea`6
k3y5\3$S[\_K 
A<U[R2FK<h
#dUMQg-ekAT
~x`WG8
T[,4S,
sJ)%]O:5D
ADy }8
6#FIN
_wV9+}
2+}zH>
oh.!{II
I9lCWOQOMw
_hr3g7T'g
nh4gr}Wo2
w[Xh#M2ni}KFJi
z[Mzp*cp
3  FH>
<XN8J*8
0kILE8
=#<(c*j
3n>_b~Lt
&5\<ju
&>JaYO,9
QNAk\9*(+
[L!.GB1TD
3B^0G7cA>S)
pOT/SHm,6
>y-XO,YC
eAa~$_|k
he&NrbNNz*E&
6bw?[~x|gz
9.o;(k3}b
nxCWz`
1;}qi`mY_
m)) zLH8{"
MgeC~z3[K
5F5xS;Hp,>=
1^c~)<
T1}c0C
PYizQab
{W2a51T{co6
z:O0N/
N(*|Zez
}O_,GG{
<xiv^p"mLD[
'l.z5rC9|
wMH}^abUv[MD]>Sw
dhg'<P
SLSBclO
_O^s?+
.-F7?70Uz90S
N+.)f\
Iqh[2oS
#RhH)w2
h"}gpduFO.HzCf
&lj/]<h/Pn0]*EN$5
@1g43D
=3lnPA(_
@j(EE2
${#:TU{iBR!
 Y)*C}90
3?;EP
ZzFfH%F
;KelOD!]5v
N#Rl_(Xa7<&
K.l/]<N
OEg7'G
{QZ3P oq 
jynrlp^,O
LBwm6Pex
w )m9X&
E&tg?2gN*
<cl`P8.]U-D&@
lBI2AiJPw
zEoF_uH'?m7
T/Uo8r67
1%ps|
~JZYIY
&EaY\[D
:t*!0`%+
`zzk@$
Y^0TZG8s
+P:aBH
PiZff.4'BC
L(+%k#)
 #VO}w
`h````
ppxxxx
(null)
runtime error 
TLOSS error
SING error
DOMAIN error
- unable to initialize heap
- not enough space for lowio initialization
- not enough space for stdio initialization
- pure virtual function call
- not enough space for _onexit/atexit table
- unable to open console device
- unexpected heap error
- unexpected multithread lock error
- not enough space for thread data
abnormal program termination
- not enough space for environment
- not enough space for arguments
- floating point not loaded
Microsoft Visual C++ Runtime Library
Runtime Error!
Program: 
<program name unknown>
GetLastActivePopup
GetActiveWindow
MessageBoxA
user32.dll
GetWindowsDirectoryA
GetModuleFileNameA
GetModuleHandleA
FindClose
FindNextFileA
FindFirstFileA
KERNEL32.dll
MessageBoxA
USER32.dll
RegCloseKey
RegSetValueExA
RegOpenKeyA
ADVAPI32.dll
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetLastError
CloseHandle
WriteFile
ReadFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
SetStdHandle
FlushFileBuffers
CreateFileA
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
SetEndOfFile
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
CreateDirectoryA
Winamp 5.0 (full version).exe
Winamp 3 (full version).exe
Winamp 3.5 (full version).exe
Update Photoshop 7.0 to Photoshop 9.16 (Its Work!).exe
Update Photoshop 8.0 to Photoshop 9.5 (Its Work!).exe
WinAce 3.85 (with Serial).exe
Download Accelerator Plus (DAP) (full version with serial).exe
RealOne Player (Full version).exe
BsPlayer v3.exe
WinRar v6.11 (with crack).exe
WinRar 4 (with crack).exe
ContaWin 2000 (full version).exe
WinZip 9.exe
DivX 7.2 freeware.exe
3D Studio R8 (It's Work!!).exe
VirtualDub 2.1.4.exe
MSN messenger 6.3.exe
Hacha Profesional Edition.exe
Simpsons pack guiones (Temporada 2004).exe
Mazinkaiser pack fondos de escritorio.exe
Mazinkaiser comics pack.exe
Juegos JAVA para NOKIA.exe
Capitulos ineditos de DragonBall Z jamas emitidos.exe
Pack Tonos y Logos para Nokia.exe
Nero 7.5.1.0 (cracked!).exe
Pack Photoshop CS 8 plugins.exe
3D Movie Maker.exe
Silent Hill.exe
PSEmu.exe
RM2GBA.exe
WAV2MP3.exe
GBAEmu.exe
GameCube Emulator.exe
Pack 50 Juegos PS2.exe
Pack 25 Juegos GameCube.exe
Resident Evil for GameCube.exe
Visual Basic 6.exe
Visual C.exe
Visual Studio (full).exe
mugen (full).exe
Fuck my fat ass.avi.exe
German extreme violation.mpg.exe
Sexo con una menor.exe
Pedofilia pack 37 pics.exe
Follada brutal coo roto.exe
Lolita Pack 20 Pics.exe
Puta come mierda.exe
Solo para Maricas.exe
No lo Descargues.exe
Dont Download.exe
humor.exe
Dont Touch.exe
Hentai.exe
Matrix Wallpapers.exe
Terminator 3 Wallpapers.exe
Hentai Evangelion Poker.exe
Shinchan screen saver.scr
Hentai Shizuka clit.exe
a pelo.exe
Chenoa en cueros.exe
WinAmp skings and plugins.exe
FlashGet Max acceleration (Experimental).exe
VMIntel386.exe
C:\Gusanillo QueBonito@Compartir.es
Hola tio! soy el gusanillo
como va eso?
Error in zip file
El archivo tiene un formato desconocido o est daado
Zip message
El archivo zip no ha podido ser abierto
probablemente este daado
SOFTWARE\Microsoft\Windows\CurrentVersion\Run
 256mb 32bit
VMIntel386
/Intelx386
/VMIntel386.exe
Pack sex very hot nude young girl porn erotic private pussy rape clitoris suck chicas fotos culos tetas coos mamadas corridas sister hermana amigas friends lesbianas mujeres desnudas putas guarras hentai.exe
EMULE.EXE
config/shareddir.dat
012345: :
SOFTWARE\Kazaa\LocalContent
012345:%s
DisableSharing
SOFTWARE\Kazaa\UserDetails
QueBonito@Compartir.es
012345: :
SOFTWARE\IMesh\Client\LocalContent
012345:%s
DisableSharing
SOFTWARE\IMesh\Client\UserDetails
QueBonito@Compartir.es
33333330
{{{{{{{3
{{{{{{{33
{{{{{{{330
{{{{{{{330
{{{{{{{330
3333333
33?030
33333333
wwwwwwwwwww
DDDDDD@
DDDDDDGpw
DDDDDDGpw
DDDDDDDDDDD
wwwwwwwwwww
DDDpp@
PPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPP
;M/[[V[3@#swJ
e[6UE{[
+\Y2@/I
zK<PBByh/[3)
?[R0dc:kC@
6/.!m=[
S8ytMV3
;ItE_3
_Zoy#[3m}*@*
o[LS]e/[*DL
Eyt [3m*
&0[2mZY
KJIOk@
KIhR'@
UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU[@3[/
33333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333
|b})$O
^-YODO
c\]9eyX5
yy3K/J
 WZ#aNU.
'?\/h[5
`b64tf
*-r]B6xGz
MAFf8@>M%!O+6l(
|7=<,7
)fdARJ
-R?OMhV3D86
KJIOk@
UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU
(null)
         (((((                  H
VS_VERSION_INFO
StringFileInfo
0c0a04b0
Comments
Microsoft
CompanyName
Microsoft
FileDescription
Microsoft
FileVersion
1, 0, 0, 1
InternalName
Microsoft
LegalCopyright
Copyright 
LegalTrademarks
Debido a que es un Gusano, no creo oportuno rellenar este cuadro. jejeje
OriginalFilename
Microsoft
PrivateBuild
Microsoft
ProductName
Microsoft
ProductVersion
1, 0, 0, 1
SpecialBuild
Microsoft
VarFileInfo
Translation

Process Tree

Hosts

IP
114.114.114.114

DNS

Name	Response	Post-Analysis Lookup
dns.msftncsi.com	A 131.107.255.255	131.107.255.255
dns.msftncsi.com	AAAA fd3e:4f5a:5b81::1	131.107.255.255

TCP

No TCP connections recorded.

UDP

Source	Source Port	Destination	Destination Port
192.168.56.101	53179	224.0.0.252	5355
192.168.56.101	49642	224.0.0.252	5355
192.168.56.101	137	192.168.56.255	137
192.168.56.101	61714	114.114.114.114	53
192.168.56.101	56933	114.114.114.114	53
192.168.56.101	138	192.168.56.255	138

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Name	b51ed4211b96c67e_terminator 3 wallpapers.exe
Filepath	C:\Windows\Intelx386\Terminator 3 Wallpapers.exe
Size	7.1MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`9afecd13ae80b5a4d63c3578972feaad`
SHA1	`02443a7bfdfba22e767bdb54c9d0daea0b89900d`
SHA256	`b51ed4211b96c67e80dffc1873522f738a91e7b35a5b9cc5be6f7a39198ed7fa`
CRC32	`C3B40D17`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	ed1281182aab1e9d_hentai.exe
Filepath	C:\Windows\Intelx386\Hentai.exe
Size	3.1MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`b1cc04b1789e2d21e2cb8c92eb082edb`
SHA1	`ca2d572693b53ea19506f99ea4c37f52597a816d`
SHA256	`393f6e9bcfe9ab2697fe8021789beccdf2ba549832b85d178fe1ea83d00b0870`
CRC32	`F9789BBE`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	9d62e28d12e5b27e_pack 25 juegos gamecube.exe
Filepath	C:\Windows\Intelx386\Pack 25 Juegos GameCube.exe
Size	6.9MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`cd21c755668b300aebbd56e34c9be81d`
SHA1	`9533f09cda0c69140bcff6533182181f539df42e`
SHA256	`9d62e28d12e5b27eba69d670f4409a488e66ce45d8ef471bf1dd9eb9ac1846f1`
CRC32	`21AA84B2`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	9ba2e797e2a9d497_hentai.exe
Filepath	C:\Windows\Intelx386\Hentai.exe
Size	4.6MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`5e311b8d5626430772e5e92b8c767c97`
SHA1	`c289e46f413b4969658bafad007d3e616902e823`
SHA256	`adf8b413c919503c5ab9a2bb0eb692e1951c9781539289240e414add0e26ba1c`
CRC32	`89B971FA`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	6f71cbc01932b8e1_hentai.exe
Filepath	C:\Windows\Intelx386\Hentai.exe
Size	1.9MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`2b3feed54415ebda8e4654d5e56ab165`
SHA1	`e48afb8b80f723edd874db98b719e12faee2aaf3`
SHA256	`cdaef03b911dc9f942a4403b64f01b2e0d9f5ea682aebdd508910897dc328944`
CRC32	`167CE3CD`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	b2cab1400d431173_hentai evangelion poker.exe
Filepath	C:\Windows\Intelx386\Hentai Evangelion Poker.exe
Size	804.0KB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`6488d15239730d4977ffe6b4c823fe4e`
SHA1	`0a5b744a27a85b8169d523f72908cf3d1f816e11`
SHA256	`43183eb8fafe91eecc702c28c3e9c29cf1024a747724f317c721cd9383d27826`
CRC32	`C8893653`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	8359ec0b5921698b_winamp 3 (full version).exe
Filepath	C:\Windows\Intelx386\Winamp 3 (full version).exe
Size	8.8MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`d7d2970f1a14e2f59d2f26b931007a18`
SHA1	`e8986233e3ac805218f5d7461997f46a3cb186d6`
SHA256	`8359ec0b5921698b84e7dbfc413ec71909456743fe9947a7849e96694fbaa6ac`
CRC32	`433EAAE9`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	738153b7f113413d_hentai.exe
Filepath	C:\Windows\Intelx386\Hentai.exe
Size	2.5MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`9eb4f45fa39087af7f03870528c67a2b`
SHA1	`06135699aa307f4e654bc3b7cd3972c1bf635b6a`
SHA256	`c72d98360280c0ee9b9e0f86c7e64418d34fe75ee4ae2727fd52b18b5a44cabe`
CRC32	`D2190001`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	e2c9fe6c9919975a_lolita pack 20 pics.exe
Filepath	C:\Windows\Intelx386\Lolita Pack 20 Pics.exe
Size	6.8MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`e61bf51e187ff054fbc6dbede92f963f`
SHA1	`1d1c20423d638f9df8290cd90f2b9aba0da2b274`
SHA256	`e2c9fe6c9919975a72cfd5ee394850829d5bcea9a6704957bbacc15f818e39b8`
CRC32	`A47FBC92`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	cc7149bb2e5ef3cb_mazinkaiser pack fondos de escritorio.exe
Filepath	C:\Windows\Intelx386\Mazinkaiser pack fondos de escritorio.exe
Size	7.2MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`a36ad92b9570f4d292cfd2e6fdfe005c`
SHA1	`6a7ae403e79853c65a0e3eeeba4200cd4a8e0298`
SHA256	`cc7149bb2e5ef3cb1ea01698659bf3ec5fc9233bc39f2c75a6af7ec780c6d0a6`
CRC32	`16E0641B`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	59af7568695dab5c_pedofilia pack 37 pics.exe
Filepath	C:\Windows\Intelx386\Pedofilia pack 37 pics.exe
Size	7.7MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`0ffaa14f14d5bd99df0acb374065ebf3`
SHA1	`041410e384022f9aa20705d23d5e74bda9a7950c`
SHA256	`59af7568695dab5cb9702e03bbe5e82be76b5d5c382daf89357690841a0bf9ea`
CRC32	`719FFE87`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	e168a950b437af9f_silent hill.exe
Filepath	C:\Windows\Intelx386\Silent Hill.exe
Size	6.9MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`3fa63b9def25f42f03fb5ea737023eb2`
SHA1	`0a91f05d4c9e4b66526fad1734670ea3f55ac60e`
SHA256	`e168a950b437af9fa1131742bee50c063bd3738968615bbde2e54dfc9794283b`
CRC32	`65066028`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	1cd556fda704f5d8_terminator 3 wallpapers.exe
Filepath	C:\Windows\Intelx386\Terminator 3 Wallpapers.exe
Size	776.0KB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`343833097bf9c4d384af20f5142de588`
SHA1	`81ddbc4a3d02379350596e2a87cc71b4e7dd0909`
SHA256	`98a88803c3b885b24c2aefd4059b811479934907689ab752c28ec0715fd3ed77`
CRC32	`0A737DFF`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	97cb7a0499506cc1_virtualdub 2.1.4.exe
Filepath	C:\Windows\Intelx386\VirtualDub 2.1.4.exe
Size	9.0MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`a945c34184cb6de97520851f8ac93acd`
SHA1	`16f0ef7e89d8090e8dd289c4f09dfd2e31eb66aa`
SHA256	`97cb7a0499506cc1144a6de0cdfc0ed5636cbfac44df94692bbb12a68a9c9b1e`
CRC32	`2AF3C869`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	2b30389e17ce0065_resident evil for gamecube.exe
Filepath	C:\Windows\Intelx386\Resident Evil for GameCube.exe
Size	6.9MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`ab47c2e705b2e086def49a5fa9cba0f9`
SHA1	`6fdef87cd38551877a9bb0c266b7c3f12cfc8543`
SHA256	`2b30389e17ce0065f1c8db2b5cdf4b7b059ada6d44d440954d4b5c87c6ea4585`
CRC32	`AA5579F7`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	956f4d5ad2edbb54_hentai evangelion poker.exe
Filepath	C:\Windows\Intelx386\Hentai Evangelion Poker.exe
Size	1.9MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`8c2030865b407ce06ab1396c968686ea`
SHA1	`9d8546b7983f8686552cec99fd6013e232e27d80`
SHA256	`84d7468979c18d8566d2ef3a93bfa83659235b7ed2a82572b746a7d037b973c4`
CRC32	`78D6C10F`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	e9778de356d2df23_terminator 3 wallpapers.exe
Filepath	C:\Windows\Intelx386\Terminator 3 Wallpapers.exe
Size	2.2MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`e4b5bc4b1f93574e2b9cdb57c2f095e2`
SHA1	`f626913f8d24f9acf5ecfb987779e6dfef52058c`
SHA256	`98680626a5f5dc829baf66558157ff34b63ccc49c77546ed131f015cee1c2b19`
CRC32	`DB965E1F`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	e3c3ffea769b2878_contawin 2000 (full version).exe
Filepath	C:\Windows\Intelx386\ContaWin 2000 (full version).exe
Size	7.8MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`88cb28c4861e6365ba331b81a40033cd`
SHA1	`4aebb3e0e18448e330bec7889a0aea0409f14c48`
SHA256	`e3c3ffea769b2878ff7409634156f3e6f93129e4309602f456f8c031b1dc5258`
CRC32	`807D4AA3`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	e465a402bbf6878f_terminator 3 wallpapers.exe
Filepath	C:\Windows\Intelx386\Terminator 3 Wallpapers.exe
Size	4.9MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`095b0fca0fcd4f90ad0573b5a99a240b`
SHA1	`546e5d27f56b6da6314c8639ff714f02818cd791`
SHA256	`7fe3de270b5601f62bec27ccd2e6b002f3c7bfcf98ec8b4c7a2684184bde4be1`
CRC32	`28CDFEEF`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	87d994d0eec2d95a_matrix wallpapers.exe
Filepath	C:\Windows\Intelx386\Matrix Wallpapers.exe
Size	2.4MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`07fb2eece6ed19fd3b2caeb501749a81`
SHA1	`c53da22358f318f07e78a60ecea6395e88f5ce1c`
SHA256	`6096dee6d77f15933935a6ab1161fad400b6eaee6775dad46e7ba1aec7646d5f`
CRC32	`E3740DE0`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	27585871d53616b1_visual c.exe
Filepath	C:\Windows\Intelx386\Visual C.exe
Size	6.8MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`2952911736f0b456cc2603d8a3062879`
SHA1	`ea32a2eea74e8e13a238f8ff4f1b5deb23407f92`
SHA256	`27585871d53616b1e07284f9b298fa7ea94453ca280ec09fe85f048afdc088ec`
CRC32	`E519EDAE`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	15a0826f2a8e81a1_pack 50 juegos ps2.exe
Filepath	C:\Windows\Intelx386\Pack 50 Juegos PS2.exe
Size	6.9MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`43068f1ed10a17f0714f889937fd9ca9`
SHA1	`96129df1db2ab0347bc44d33339fab5782051e8f`
SHA256	`15a0826f2a8e81a1af53bb2e76f5a96c4a2f51187bf1635d3ac0a47b569e860d`
CRC32	`835EF862`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	19045d982d305375_german extreme violation.mpg.exe
Filepath	C:\Windows\Intelx386\German extreme violation.mpg.exe
Size	6.8MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`b2161c1bf63b298c11ae4fbaa4fd40a8`
SHA1	`25eb98f78c5f792d812b56d239ca8b7ac9a9384a`
SHA256	`19045d982d3053750646e368e0c55c87270681dbf7852f2f3dae960cfeb5350a`
CRC32	`9662F8F1`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	bc3b9b414cfab2df_dont touch.exe
Filepath	C:\Windows\Intelx386\Dont Touch.exe
Size	6.8MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`5ed92951a17e8acfb1c17ef1427da83a`
SHA1	`514928498b1b3b6d4d9cf0968840ce28206d5a2f`
SHA256	`bc3b9b414cfab2df897e61d736cd39bedf2cf6e99f0f4de07066f48eaab5c573`
CRC32	`978F37F4`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	d2e44a8d3349b0a0_hentai.exe
Filepath	C:\Windows\Intelx386\Hentai.exe
Size	1.2MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`48b64a5a39727e1d02fea73b561f6862`
SHA1	`0bd9e6eb89b7d1d99d6fd9fe06f4b008a1948648`
SHA256	`2d4e0c27136650bb4528a7139b03677cb1aab0464856f545cc01bc0102c832c2`
CRC32	`EB3765E9`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	1fd177d432ff90f5_matrix wallpapers.exe
Filepath	C:\Windows\Intelx386\Matrix Wallpapers.exe
Size	7.5MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`a0488adee19228039c151fa9b9fdc142`
SHA1	`bfc163b1f44e47c6ed84c83b7ff888e19cae61e5`
SHA256	`a6c50fd9134fe5f8ffdf78fdd4fabeeb5f915f94e329a347da95ca2c4b5a570b`
CRC32	`A3A6F372`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	3622afd6fa60a793_hentai.exe
Filepath	C:\Windows\Intelx386\Hentai.exe
Size	5.1MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`d3e91c0f84473984e56bba59fbca800d`
SHA1	`9f4d6672094165958d188dfcaa1417ad79a3d36c`
SHA256	`065fb4cc979026007bd233de83b55db1b24895dde7b331081c4c3ae1d64eb16e`
CRC32	`905F0A5F`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	e46ca5488b2ef423_visual studio (full).exe
Filepath	C:\Windows\Intelx386\Visual Studio (full).exe
Size	6.8MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`1589daaa8fc7ae18f389d744885c444b`
SHA1	`a8f5484e982c1dafac01a89790239df5c7255746`
SHA256	`e46ca5488b2ef423d4dd30be671b3819e36024aa48f435792a7ee52a27261432`
CRC32	`115FE36E`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	b8fdbaa8b830d0b6_winrar 4 (with crack).exe
Filepath	C:\Windows\Intelx386\WinRar 4 (with crack).exe
Size	9.0MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`0f07975fa4a061547d2fc5863b84d016`
SHA1	`e6c4439ea5c4485795ad0161f0c4b9b69e748678`
SHA256	`b8fdbaa8b830d0b62396a2fe23b95b4d49bb16bd55f28b189f10ac363246a22e`
CRC32	`D630B121`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	dcd2b5c1594fcdc7_hentai evangelion poker.exe
Filepath	C:\Windows\Intelx386\Hentai Evangelion Poker.exe
Size	336.0KB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`86df7d69ebca92312a9272424cb5d208`
SHA1	`f1dfd86747c2c6c6156ecd364d7339a7dd34d56c`
SHA256	`c59bc120d9c052fba9afc11cd99029d6d29ccd743d01dcc3be3096ccec7e7703`
CRC32	`9403133E`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	3ee665e3046c9033_psemu.exe
Filepath	C:\Windows\Intelx386\PSEmu.exe
Size	6.9MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`343daebd3b36cbf0a3f312898e9c3e4c`
SHA1	`1ce02bc13ad274e61497bd75e410b0dcb8dbe1bd`
SHA256	`3ee665e3046c90335ecf3fa57983ad43679ae76890bcdb7ca565ce1bd867dc01`
CRC32	`7B08A780`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	751f2607ed557e55_terminator 3 wallpapers.exe
Filepath	C:\Windows\Intelx386\Terminator 3 Wallpapers.exe
Size	112.0KB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`80968ee54206227bdcdadd749727a07f`
SHA1	`f354d49af2e6a98b481b03a161ebadbad827a625`
SHA256	`b2c02c656b26da9a505b84f6cad6ee5eb0cf30c3fb26dbdc373d6a34c708dd2c`
CRC32	`97A5549C`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	cb67bb94d94dca36_update photoshop 8.0 to photoshop 9.5 (it磗 work!).exe
Filepath	C:\Windows\Intelx386\Update Photoshop 8.0 to Photoshop 9.5 (It磗 Work!).exe
Size	8.5MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`d68c50f50329da73b85cfffaf8c61778`
SHA1	`76726e7376efdee9ed402210851820ccd4e83eb4`
SHA256	`cb67bb94d94dca36d2ca49e70a8e4555544c480bb65f7209f3767746ba8a1230`
CRC32	`E7454535`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	be6ba73e4fb694a7_gbaemu.exe
Filepath	C:\Windows\Intelx386\GBAEmu.exe
Size	6.9MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`1f738e7979d33969f7e58773216969ce`
SHA1	`9944ca17a81fb30e652555b3b0091597c312a780`
SHA256	`be6ba73e4fb694a79aa642d41fc444497d464dc49529ca9106736e918cf4773b`
CRC32	`9AF01BE0`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	70b04f2b31f06c9f_3d movie maker.exe
Filepath	C:\Windows\Intelx386\3D Movie Maker.exe
Size	6.9MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`7d3b6b241ae81703e5caa1b8f40e5a6e`
SHA1	`bc09f726028e20683cbc632eae37c8a3cb7f4703`
SHA256	`70b04f2b31f06c9f194ea363aff6f01c52893e756ad0f8c5e81571685438b90f`
CRC32	`F3F0D5F3`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	f96addc3e0897ac7_matrix wallpapers.exe
Filepath	C:\Windows\Intelx386\Matrix Wallpapers.exe
Size	4.8MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`1d833ffd1e880fe7309ab696dffff152`
SHA1	`dc14b5d78ced5941238e884ce8f914f06e33f0ce`
SHA256	`31b79f1b9d6a6fd4465fb611a396cbbdc9e0bfe56f87eb961d3fc916a052aeef`
CRC32	`41278A6C`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	e5429bbf4ef6fd22_pack tonos y logos para nokia.exe
Filepath	C:\Windows\Intelx386\Pack Tonos y Logos para Nokia.exe
Size	8.3MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`1d88690a59395438ff16e6de099d156c`
SHA1	`0cd7a541b1d8cbec5f9641d2dfb16e48a2cb9585`
SHA256	`e5429bbf4ef6fd22e0f095c8491eca4f350d3f61452fb9bfe90d94286fdaaacb`
CRC32	`A53C373C`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	4c78a008fba3e3eb_winace 3.85 (with serial).exe
Filepath	C:\Windows\Intelx386\WinAce 3.85 (with Serial).exe
Size	10.4MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`8ea6d3ea15159c97fe3fe1a2d0061d19`
SHA1	`5efc43ff13e8a63a371e9537161612da37ec27a1`
SHA256	`4c78a008fba3e3eb296dae3aab5878a9be472714aae0a039b726189200514595`
CRC32	`D92B0FD0`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	c0b79c887e4bb281_sexo con una menor.exe
Filepath	C:\Windows\Intelx386\Sexo con una menor.exe
Size	7.4MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`faf7dc9a6fdc9b517b9f72a88a07e1b5`
SHA1	`1d0133211a8e3422af89584cb2737e831bc3405a`
SHA256	`c0b79c887e4bb2819b089bf8bfab46d6340e238db026eb33aba0033d9f305add`
CRC32	`AB897944`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	b3bda5c0fb3f97d4_hentai evangelion poker.exe
Filepath	C:\Windows\Intelx386\Hentai Evangelion Poker.exe
Size	3.0MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`1d05d7dbf78dfac122b82354a7217a58`
SHA1	`92b56b4aff1ed02a267401f6c7e9d733a2441fe9`
SHA256	`08715df08773dfc2bd3b536e2929d38bbf5ca4fe5d882e2e8d3b91d016163ca4`
CRC32	`E2407FAD`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	a30afaace5785747_winamp 5.0 (full version).exe
Filepath	C:\Windows\Intelx386\Winamp 5.0 (full version).exe
Size	10.0MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`f447fe27cc6a54ff08718cafb25630a6`
SHA1	`04d5b93dc1a8917151b5be4cf410aa51b23907d6`
SHA256	`a30afaace5785747ee84cf00975da37f2cfa184c8cbcf96930a3a14d7fc96dfb`
CRC32	`77E3CE0C`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	9a478024a80769c3_winrar v6.11 (with crack).exe
Filepath	C:\Windows\Intelx386\WinRar v6.11 (with crack).exe
Size	9.1MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`a164eba37b5fdbb9de0bdf5466907b08`
SHA1	`2a41d4c62b65b12c81593fe01aa53562f3b4785d`
SHA256	`9a478024a80769c33b0e80813f99799ec53c01bd2500d466e11643e1ee6ab1ce`
CRC32	`699E206F`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	72e9c4e88f168d03_realone player (full version).exe
Filepath	C:\Windows\Intelx386\RealOne Player (Full version).exe
Size	7.9MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`6739fdccb9db54462c288f7df386209f`
SHA1	`57780e9bf2d39cea1fead0ffc7b6161d458ca2c0`
SHA256	`72e9c4e88f168d03bad1f9a96bcc6f26f28364b3d206ec088da4474cc1cdc081`
CRC32	`A90F2777`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	46a2b1c2683e880e_matrix wallpapers.exe
Filepath	C:\Windows\Intelx386\Matrix Wallpapers.exe
Size	3.3MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`a294ee5adf320d41b25c7732c5510694`
SHA1	`455cf7809255f30b8c7909ba0e24c1c642ad5ca6`
SHA256	`e3f29e9a5a6e8c46da65a61565292b735b884e7586cafbb23f4d6170c991b093`
CRC32	`BCD1E332`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	6d35634e49c45a70_nero 7.5.1.0 (cracked!).exe
Filepath	C:\Windows\Intelx386\Nero 7.5.1.0 (cracked!).exe
Size	12.9MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`00ff64426d715a8a853f9a5f3afb095e`
SHA1	`048d0cd81856f687440329319d95f5104a5c720a`
SHA256	`6d35634e49c45a70211c8f9209bc016dbba6a6abcab64e2428f2e546d0db07c9`
CRC32	`0A22F8B5`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	6ca8ebf26698aa76_terminator 3 wallpapers.exe
Filepath	C:\Windows\Intelx386\Terminator 3 Wallpapers.exe
Size	4.1MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`59e4d4de36e97e7ff1e197540c95fb37`
SHA1	`58dfa265e58d0ebb77e9b245e14f91379b85a2d7`
SHA256	`6c31fa82c9e856bf2fe84f0baf48e0c3a46797e8ffd52a541f11d0310c747a61`
CRC32	`BD8B4A44`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	94bbb0ca58c5c115_terminator 3 wallpapers.exe
Filepath	C:\Windows\Intelx386\Terminator 3 Wallpapers.exe
Size	1.7MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`b637eb44a9109753bb5480fa50855206`
SHA1	`c54ae9063d28a71df5a7e2920c3c7e888dfdafef`
SHA256	`dc946c37d7160b9f74f087945b1ce0a68f8c2fbc8999e342d50223effa7d2575`
CRC32	`E20C8338`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	d9c1982e31ea5d73_hacha profesional edition.exe
Filepath	C:\Windows\Intelx386\Hacha Profesional Edition.exe
Size	7.3MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`9f3d3af5884dcd7bd39a2c9551a1e34f`
SHA1	`337fa34addd011cf38ff52b0b2b89e405d0069ce`
SHA256	`d9c1982e31ea5d738ef8c4d3a5ce9d0c2ab894154b677632f111747a80b6fb07`
CRC32	`5DF1AB20`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	1e71b1ea7f0b9f1b_pack photoshop cs 8 plugins.exe
Filepath	C:\Windows\Intelx386\Pack Photoshop CS 8 plugins.exe
Size	10.3MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`1a7503613a87c5844c939ea2aad4aa6f`
SHA1	`aaf8d2e7ca12c15fa6ec281b1d7351819bfa22b2`
SHA256	`1e71b1ea7f0b9f1bd0a4fb84bebf5ccfe66353ea9c63b86efe141e8b76b5f8d9`
CRC32	`21CF2EC5`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	db3fcafd44bba8d0_winzip 9.exe
Filepath	C:\Windows\Intelx386\WinZip 9.exe
Size	8.6MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`72f032c897ac4003a75953160c4baf56`
SHA1	`87c2eab1f7499828890f322b147b2277e85b2c5a`
SHA256	`db3fcafd44bba8d073af12f44be0137e4d36b425cebc3e7a4a27d221a9b1e5f6`
CRC32	`460034A6`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	8efa7b9bdeeb5b32_terminator 3 wallpapers.exe
Filepath	C:\Windows\Intelx386\Terminator 3 Wallpapers.exe
Size	6.7MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`7c752def44613d3067b0af72aebb3496`
SHA1	`63c8616c47d99d0ff0f4bc89f4e82586c525605b`
SHA256	`0036d84022754de78b4ed55dfdb0f006f6be331315343c18beb928e7524cce02`
CRC32	`7C996959`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	e9cf7a993b0afa9d_winamp 3.5 (full version).exe
Filepath	C:\Windows\Intelx386\Winamp 3.5 (full version).exe
Size	9.2MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`997cae642310dc3201a012e8da3ec610`
SHA1	`3abde9e4b6793e0c0f01558867b2a90d0082ece2`
SHA256	`e9cf7a993b0afa9de5a70ec6df64c1ce157a7d4ab3fb9bd8f278d54df33ac6a0`
CRC32	`43109CE3`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	6675b25043cde86f_bsplayer v3.exe
Filepath	C:\Windows\Intelx386\BsPlayer v3.exe
Size	9.0MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`613de677aed2abdf4793df8421bd89f9`
SHA1	`a617259d8bd5abb1c3c8cac96153cc342d16aebd`
SHA256	`6675b25043cde86f83f33c68d205055f849e5c8a9d744324142843de4f1c1aa2`
CRC32	`48558356`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	6eed3ecdcadec203_matrix wallpapers.exe
Filepath	C:\Windows\Intelx386\Matrix Wallpapers.exe
Size	6.6MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`e3b913f69d8cd4ed5dc6cdacd25cd399`
SHA1	`178e4f83dc3de8a4c0633860a6bf6680daf1a6c4`
SHA256	`4e6ed33b8d5fca1332b0cd2d3fd6c1f40da6a28df12fd0d21c303b7bfaf64aa1`
CRC32	`695F2C66`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	50c3af10d19fd629_matrix wallpapers.exe
Filepath	C:\Windows\Intelx386\Matrix Wallpapers.exe
Size	5.6MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`95f9bb11d6681c8b9008e27232c5b1ed`
SHA1	`1c212f62feebc5e876b4c6d098c875e69e4409e0`
SHA256	`d5f091dc105533430024e3d682ed6ee68d6ea768fd616b22d1cb581086d2d698`
CRC32	`5E240802`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	1579d14c90aca0ea_hentai evangelion poker.exe
Filepath	C:\Windows\Intelx386\Hentai Evangelion Poker.exe
Size	2.5MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`3e23f7c31804855ec17ec0f8a24188b7`
SHA1	`08913564c184f6dcadf5c2d4a405e59f9db74673`
SHA256	`a44639ad83a775597249ec18436dd0a3cbb73159c941da3106fe67250f3c77a1`
CRC32	`9DD15FB9`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	dea8b745c8ae7fde_humor.exe
Filepath	C:\Windows\Intelx386\humor.exe
Size	6.8MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`2b5f15a527bdfea20c5570909fac752f`
SHA1	`0fa8f3fda08c799081be838fe6173a3f8e9ca6e6`
SHA256	`dea8b745c8ae7fdecdc2cc863ed912f307ed549b25e5873b38023b91a8709865`
CRC32	`53274394`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	411600fe87bc7f47_follada brutal co駉 roto.exe
Filepath	C:\Windows\Intelx386\Follada brutal co駉 roto.exe
Size	10.1MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`52585a14e3f64749dafbae13491a9c25`
SHA1	`1f822ed414b321bd38372564f92552309bcf300e`
SHA256	`411600fe87bc7f4725d2740bd52ab8491c259157a04cb252497ac39f972c1d2d`
CRC32	`90DEB5B5`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	d496fb02e9461351_3d studio r8 (it's work!!).exe
Filepath	C:\Windows\Intelx386\3D Studio R8 (It's Work!!).exe
Size	15.5MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`a64663d9272df83cb0344a4b99a745c5`
SHA1	`31921bbd74bcc00d2c4b8bb5b5d518acd4e9ac49`
SHA256	`d496fb02e9461351ca74b240f015037349c3cff6382ff405d703d57b9e4e2a1e`
CRC32	`44054D55`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	168dda0b900dd4a1_matrix wallpapers.exe
Filepath	C:\Windows\Intelx386\Matrix Wallpapers.exe
Size	3.9MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`57137f1ab661acd85b84bdd356322ad3`
SHA1	`e16c6fe01ea566a7e4e101174d6d103637211412`
SHA256	`c77ca89625f4425cbb421350570fe7f1318a78c6e1a74e78c0bc1b40b2e94716`
CRC32	`B88147FE`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	7860dae2cbc8663b_puta come mierda.exe
Filepath	C:\Windows\Intelx386\Puta come mierda.exe
Size	6.8MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`3ec500337b312c62ac4feb00136114a9`
SHA1	`d79b196edeef20852e3cfec3c82f670542a40584`
SHA256	`7860dae2cbc8663b853a51bb6f529176ced5d223d914ee3bfffa8f3df09000f0`
CRC32	`9D0BC6CA`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	8b27748ae25858ec_terminator 3 wallpapers.exe
Filepath	C:\Windows\Intelx386\Terminator 3 Wallpapers.exe
Size	6.0MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`d6f37b21d4a67ef16b7967c2497949a9`
SHA1	`fdf2f59207940dd67cc6472513b73967852f1842`
SHA256	`05aea94497ce6c1504b48c02a9a04e2728a70f7524bd81e021c368cc90dc2e6c`
CRC32	`EDAC8F62`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	33d155eb3db09af9_hentai evangelion poker.exe
Filepath	C:\Windows\Intelx386\Hentai Evangelion Poker.exe
Size	3.5MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`0c74cf0d140bc05c601fad4a75baf0ca`
SHA1	`c7dae4791b2c72d1b8997fed6caee535efb19afc`
SHA256	`a1514aeacd78ad43017e5b8b1dc0f9bd6bf54e95dc1969b5a24e8f35d3aec0b1`
CRC32	`672618B3`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	53f8d660e4989ef5_terminator 3 wallpapers.exe
Filepath	C:\Windows\Intelx386\Terminator 3 Wallpapers.exe
Size	2.9MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`e78ef12c3163b6e26b24a50629e2cf8a`
SHA1	`c00d50eb797a8c8a9d92edd24c39885bf4c6b320`
SHA256	`32a12a7176ae53c4bc76d81d86f5ba894f8f17906364e8884e00d0c5683d0428`
CRC32	`1E63A93C`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	3c9486d1ee24ac09_gamecube emulator.exe
Filepath	C:\Windows\Intelx386\GameCube Emulator.exe
Size	6.8MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`95c1576bd01cfdcd30b154c137431d30`
SHA1	`dc27823dbca6259cda736e8aa1cdd862fa74b308`
SHA256	`3c9486d1ee24ac09dfd638313c8c156bb5ada884488d43ae8ecd995f1270d853`
CRC32	`FC53311D`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	490985b38a8f17b5_terminator 3 wallpapers.exe
Filepath	C:\Windows\Intelx386\Terminator 3 Wallpapers.exe
Size	1.2MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`0dff76376ccbc489335627200bf9abec`
SHA1	`5b3f17becc6ef6feb30b7db8fa424804419ad513`
SHA256	`5c8acfaee6c2c4cb8196b64d1070034094453b76b93ec59c66c170951ed7b93c`
CRC32	`3AED870F`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	704853e5086d4c18_solo para maricas.exe
Filepath	C:\Windows\Intelx386\Solo para Maricas.exe
Size	6.8MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`819808467d5bf6509c94d518ff11822e`
SHA1	`a651c2788201282de120b1c12dd459ffd07b0ad3`
SHA256	`704853e5086d4c18adbc088a29644a57a4ece8f7fde40fbc778d7ddf8a31788f`
CRC32	`1AC35D4B`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	b6e42d6612cc6721_hentai.exe
Filepath	C:\Windows\Intelx386\Hentai.exe
Size	592.0KB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`f6a2112ad9904886b1aebd3ee9b86cab`
SHA1	`cc0b2dae4266fe77cabf831fa3f65794b22d075c`
SHA256	`8c0acf754453c5e853117b2e12eb85973843ee3e578ccc605ba66930095fd689`
CRC32	`C97A3F2B`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	433c167ff482dc2e_fuck my fat ass.avi.exe
Filepath	C:\Windows\Intelx386\Fuck my fat ass.avi.exe
Size	6.8MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`df0f77a21cad7ed3e2d3b5153996e0b2`
SHA1	`c2e8591876e356a65ba58f2641471ef19972d099`
SHA256	`433c167ff482dc2e69254e79bbe58311f7acb95354e61632593ae6cff9735166`
CRC32	`CC76DE17`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	4877273e4db1b209_update photoshop 7.0 to photoshop 9.16 (it磗 work!).exe
Filepath	C:\Windows\Intelx386\Update Photoshop 7.0 to Photoshop 9.16 (It磗 Work!).exe
Size	8.4MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`e79ee7757db1c170e24ea9ccad4fbea4`
SHA1	`4e6538c19673f7eb0624dba4b0b043432e102306`
SHA256	`4877273e4db1b2096dae9ca5fb007c8f87d9c392caf3b5de1a4b068533dec0c8`
CRC32	`0FF297F0`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	af7b539d23920da3_hentai.exe
Filepath	C:\Windows\Intelx386\Hentai.exe
Size	6.1MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`d79aba1cbd6457dc4d27c97d9f4c911c`
SHA1	`fe7055e936732eb3635415b83c4fc283645ee504`
SHA256	`d76cfb599b5a7692a765556ac8ba5264db97eec7db068b027a76c8f663f2d0bc`
CRC32	`62F196B6`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	74703e955339e656_download accelerator plus (dap) (full version with serial).exe
Filepath	C:\Windows\Intelx386\Download Accelerator Plus (DAP) (full version with serial).exe
Size	7.9MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`19c3e0c0aa1ba5c9eb320898561028df`
SHA1	`ca61f768f1ff3bae608c280bf850e3f3fb890c40`
SHA256	`74703e955339e656b59742b78bf109864ac7dfac17e644c4a0429185bc681242`
CRC32	`7C578132`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	3be4f021acf30b34_divx 7.2 freeware.exe
Filepath	C:\Windows\Intelx386\DivX 7.2 freeware.exe
Size	7.7MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`e774412229262ac66eeeb8c9c2c96a50`
SHA1	`9a67eb5aecf0cd36b11123be0c32a26983632cd5`
SHA256	`3be4f021acf30b349c487cbfe6c48195b93f63538ff98e0d4e0a47c10f46c791`
CRC32	`6723A5B8`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	da97911eed94d580_hentai.exe
Filepath	C:\Windows\Intelx386\Hentai.exe
Size	3.7MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`9f4d52d7f4b2279b638501b2e1efd28b`
SHA1	`d91f1aea359b77ddedc86bdfc2ad1981c6b2de0a`
SHA256	`f1978c5405f352fdc08440977fc1d8bffba2c9602b768cc58d3e68fa92481c7f`
CRC32	`FCB14C26`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	46955c10196af306_hentai.exe
Filepath	C:\Windows\Intelx386\Hentai.exe
Size	6.8MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`0ac126d76656918cb49296c019aafd17`
SHA1	`abcab143c84279a55e77f96ee03353ab8c0a2b08`
SHA256	`c928e748e625e404973714ffb1a19e35593faaa0996bf754bd2c60c6624853e6`
CRC32	`85ECFBBB`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	0df76bd81f2d4abe_mugen (full).exe
Filepath	C:\Windows\Intelx386\mugen (full).exe
Size	6.8MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`4ced4ecddf8ec8dd0d20dc6e85d5a2cc`
SHA1	`d0be6c4e1b9709bcb67d504a99269e7b5f803612`
SHA256	`0df76bd81f2d4abe1deaf571d9274236e8ed91b4c77a0c525ba8e0ea0f33608b`
CRC32	`697B3064`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	3682dbfb999b7e98_no lo descargues.exe
Filepath	C:\Windows\Intelx386\No lo Descargues.exe
Size	6.8MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`8aa472bb3e8971fd4cb1dc6d67c650ba`
SHA1	`2718366d8ac0241607838b158c736dabbc605374`
SHA256	`3682dbfb999b7e9865221e449df0026bf4d19fe3ba08bb117d71f9b1bff448e9`
CRC32	`5AF75B00`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	2aa8aaa5cacc4b68_mazinkaiser comics pack.exe
Filepath	C:\Windows\Intelx386\Mazinkaiser comics pack.exe
Size	7.1MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`8c1a0fc539a099e51631dc62c91e0311`
SHA1	`2bfb2921f77385412a321954d400343165a5c1db`
SHA256	`2aa8aaa5cacc4b6884f44fe8c51b3dc5362883f83434f0d8de93df587255fc20`
CRC32	`60725B97`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	03888b941c7647b2_msn messenger 6.3.exe
Filepath	C:\Windows\Intelx386\MSN messenger 6.3.exe
Size	8.6MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`461d1d83d39796f236de5425ded0b013`
SHA1	`7ec85046adeb912d437448697312bc9a31f2713e`
SHA256	`03888b941c7647b240666e31097272c8c02fc34bd4fc3c48c80be1a9317fb8e0`
CRC32	`70CA4D17`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	043f7192cdd8adb4_dont download.exe
Filepath	C:\Windows\Intelx386\Dont Download.exe
Size	6.8MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`a87032e771f19c32b51c23442c5c42fb`
SHA1	`dea2d37a69769e55dd9583849e70c072152aa06f`
SHA256	`043f7192cdd8adb4e5f8c9b520b2e843de0660bfe977033df7269d084bd75104`
CRC32	`1199A4EC`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	50b347be865a67c0_hentai evangelion poker.exe
Filepath	C:\Windows\Intelx386\Hentai Evangelion Poker.exe
Size	1.2MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`d73f51bec630d76fb826ead303921169`
SHA1	`2b2ecb2e35382ef43b85557adf632de587377044`
SHA256	`9f6ee0e1d247c081c3d35fa60609afebe77d50ff6c20473bfcff6563646c1587`
CRC32	`3176E35E`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	09102b1a69c36d35_simpsons pack guiones (temporada 2004).exe
Filepath	C:\Windows\Intelx386\Simpsons pack guiones (Temporada 2004).exe
Size	7.2MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`3aa1be75958a2b0ebeeeaf9ccebd0642`
SHA1	`fcde11106c8280b9f09ff34e1a6eec95355f2353`
SHA256	`09102b1a69c36d35cc3cfaa735e2106228bcd70584732f51116f78942ad0efb5`
CRC32	`E07A5C00`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	5a8655028b3a0b71_wav2mp3.exe
Filepath	C:\Windows\Intelx386\WAV2MP3.exe
Size	6.8MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`309424183ec1d4f1baaae2414063e077`
SHA1	`557f7a3a42d288b2d13a6370275121c5401cee96`
SHA256	`5a8655028b3a0b712e3447e12bc36c341befd89a49fea520a5ab2d1c1a332880`
CRC32	`8F56AC27`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	946e46e08846f6ed_capitulos ineditos de dragonball z jamas emitidos.exe
Filepath	C:\Windows\Intelx386\Capitulos ineditos de DragonBall Z jamas emitidos.exe
Size	11.7MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`153f7b3dde325b1cbaf429942311fc53`
SHA1	`7ff467cbc3ab3e7a0411090217a0ca57f66222ef`
SHA256	`946e46e08846f6ed4cef34cb04ae054a438c5fab4f05b0c7dd90a4c3e82cb1ac`
CRC32	`D663FCF1`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	bb2534f687359f83_visual basic 6.exe
Filepath	C:\Windows\Intelx386\Visual Basic 6.exe
Size	6.8MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`5a8210e238fee0fdfbe92b3e73ac6e43`
SHA1	`32f97e1524ff9f97474e3897ca3083d3371652b8`
SHA256	`bb2534f687359f83af3bf90f85597475e88f3b968e473d4fa4a3fd74e23e123f`
CRC32	`7416A92C`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	a30be673e277b4e6_rm2gba.exe
Filepath	C:\Windows\Intelx386\RM2GBA.exe
Size	6.8MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`360837a58113d38a7992f8f24af6d0da`
SHA1	`ac019703a1f573918d1cc39994488400705c61af`
SHA256	`a30be673e277b4e696f00e7d45cf0dd4789a8b85908818eb8e5d870146236319`
CRC32	`2FCDD33D`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Name	494230095cb2f207_juegos java para nokia.exe
Filepath	C:\Windows\Intelx386\Juegos JAVA para NOKIA.exe
Size	7.4MB
Processes	2160 (None)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`52b50b94df3a8762e51bf462ec8f43f7`
SHA1	`1856e35002a17406766094b1c84cb7f93b24ffec`
SHA256	`494230095cb2f2077c2b5e052e6d7cf5843204e8e99f72637332d71f3c18b99c`
CRC32	`45D98014`
ssdeep	`None`
Yara	None matched
VirusTotal	Search for analysis

Sorry! No dropped buffers.

ALYac	GenPack:Generic.Malware.SNm!hid!!prn!.846BA504
APEX	Malicious
AVG	Win32:SillyP2P-X [Wrm]
AhnLab-V3	Worm/Win32.SillyP2P.R3740
Alibaba	Worm:Win32/Agent.6b58a759
Antiy-AVL	Worm[P2P]/Win32.Small
Arcabit	GenPack:Generic.Malware.SNm!hid!!prn!.846BA504
Avast	Win32:SillyP2P-X [Wrm]
Avira	TR/Dropper.Gen
BitDefender	GenPack:Generic.Malware.SNm!hid!!prn!.846BA504
BitDefenderTheta	Gen:NN.ZexaF.36196.@R3@ae54qSU
Bkav	W32.AIDetectMalware
ClamAV	Win.Worm.Sillyp2p-7194313-0
CrowdStrike	win/malicious_confidence_100% (W)
Cybereason	malicious.b34d73
Cylance	unsafe
Cynet	Malicious (score: 100)
Cyren	W32/Xiquitir.A.gen!Eldorado
DeepInstinct	MALICIOUS
DrWeb	Win32.HLLW.Xiquit
ESET-NOD32	Win32/Agent.NIQ
Elastic	malicious (high confidence)
Emsisoft	GenPack:Generic.Malware.SNm!hid!!prn!.846BA504 (B)
F-Secure	Trojan.TR/Dropper.Gen
FireEye	Generic.mg.882daa7b34d738aa
Fortinet	W32/Parite.C
GData	Win32.Worm.SillyP2P.A
Google	Detected
Gridinsoft	Trojan.Win32.Agent.bot!s1
Ikarus	Trojan.Dropper
Jiangmin	TrojanDropper.Daws.iei
K7AntiVirus	Trojan ( 005568151 )
K7GW	Trojan ( 0000da801 )
Kaspersky	HEUR:Trojan.Win32.Generic
Lionic	Trojan.Win32.Daws.tqYe
MAX	malware (ai score=86)
Malwarebytes	Generic.Trojan.Malicious.DDS
MaxSecure	Trojan.Malware.121218.susgen
McAfee	GenericRXIJ-LO!882DAA7B34D7
McAfee-GW-Edition	GenericRXIJ-LO!882DAA7B34D7
MicroWorld-eScan	GenPack:Generic.Malware.SNm!hid!!prn!.846BA504
Microsoft	Worm:Win32/Agent
NANO-Antivirus	Trojan.Win32.Daws.fxqgqr
Paloalto	generic.ml
Panda	Trj/Genetic.gen
Rising	Worm.Agent!1.9D8A (CLASSIC)
SUPERAntiSpyware	Trojan.Agent/Gen-MSFake[All]
Sangfor	Trojan.Win32.Save.a
SentinelOne	Static AI - Malicious PE
Sophos	W32/Systro-AB

section	.text\x00eb
section	.data\x00eb
section	.rsrc\x00eb
section	.z\x00\x00\\x00U
section	.jbfhr
section	.VHuG
section	.iZaM\x00eb
section	.tjnoy\x00b
section	.FCX\x00Feb