File name:

BigFishGamesFullKeygenUpdate08.2022.taiwebs.com.zip

Full analysis: https://app.any.run/tasks/6e4389da-adc4-4657-94c6-c6fa66b62fd7
Verdict: Malicious activity
Analysis date: August 24, 2023, 15:54:56
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:
MIME: application/zip
File info: Zip archive data, at least v1.0 to extract
MD5:

8A0378D76807577340DF5D976400147A

SHA1:

CB4FF13B3829C1F21094BEB5BA0F290D73512CCB

SHA256:

4FE436C72319D08988840F55D2ACA39B39536EE42126B1C3167BCDCEA5B4BA66

SSDEEP:

196608:s2EsRrCKpZl2sYmljlSBslvuxoTygDBsE2dyO/9cz8JJftTLGzg8qs+967RP4sPf:xHdl5jlg2vxjNJ2dyy0Q1tTi+96lAyf

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Application was dropped or rewritten from another process

      • kg.exe (PID: 3828)
      • kg.exe (PID: 3788)

  • SUSPICIOUS

    • Application launched itself

      • kg.exe (PID: 3828)

  • INFO

    • Executable content was dropped or overwritten

      • WinRAR.exe (PID: 3488)

    • Checks supported languages

      • kg.exe (PID: 3828)
      • kg.exe (PID: 3788)

    • Reads the computer name

      • kg.exe (PID: 3828)

    • Manual execution by a user

      • kg.exe (PID: 3828)
      • notepad.exe (PID: 312)

    • Reads the machine GUID from the registry

      • kg.exe (PID: 3828)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.zip | ZIP compressed archive (100)

EXIF

ZIP

ZipFileName: Big Fish Games Full Keygen Update 08.2022/
ZipUncompressedSize: -
ZipCompressedSize: -
ZipCRC: 0x00000000
ZipModifyDate: 2022:08:24 21:24:32
ZipCompression: None
ZipBitFlag: -
ZipRequiredVersion: 10
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
44
Monitored processes
4
Malicious processes
1
Suspicious processes
0

Behavior graph

Click at the process to see the details
start winrar.exe kg.exe no specs kg.exe no specs notepad.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
312"C:\Windows\system32\NOTEPAD.EXE" C:\Users\admin\Desktop\BigFishGamesFullKeygenUpdate08.2022.taiwebs.com\Big Fish Games Full Keygen Update 08.2022\options.iniC:\Windows\System32\notepad.exeexplorer.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Notepad
Exit code:
0
Version:
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\windows\system32\notepad.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\user32.dll
3488"C:\Program Files\WinRAR\WinRAR.exe" "C:\Users\admin\Desktop\BigFishGamesFullKeygenUpdate08.2022.taiwebs.com.zip"C:\Program Files\WinRAR\WinRAR.exe
explorer.exe
User:
admin
Company:
Alexander Roshal
Integrity Level:
MEDIUM
Description:
WinRAR archiver
Exit code:
0
Version:
5.91.0
Modules
Images
c:\program files\winrar\winrar.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\user32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shlwapi.dll
3788"C:\Users\admin\Desktop\BigFishGamesFullKeygenUpdate08.2022.taiwebs.com\Big Fish Games Full Keygen Update 08.2022\kg.exe" REGISTERC:\Users\admin\Desktop\BigFishGamesFullKeygenUpdate08.2022.taiwebs.com\Big Fish Games Full Keygen Update 08.2022\kg.exekg.exe
User:
admin
Integrity Level:
MEDIUM
Exit code:
0
Modules
Images
c:\windows\system32\ntdll.dll
c:\users\admin\desktop\bigfishgamesfullkeygenupdate08.2022.taiwebs.com\big fish games full keygen update 08.2022\kg.exe
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\usp10.dll
c:\windows\system32\comdlg32.dll
3828"C:\Users\admin\Desktop\BigFishGamesFullKeygenUpdate08.2022.taiwebs.com\Big Fish Games Full Keygen Update 08.2022\kg.exe" C:\Users\admin\Desktop\BigFishGamesFullKeygenUpdate08.2022.taiwebs.com\Big Fish Games Full Keygen Update 08.2022\kg.exeexplorer.exe
User:
admin
Integrity Level:
MEDIUM
Exit code:
3489660927
Modules
Images
c:\users\admin\desktop\bigfishgamesfullkeygenupdate08.2022.taiwebs.com\big fish games full keygen update 08.2022\kg.exe
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\ntdll.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\usp10.dll
c:\windows\system32\lpk.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\comdlg32.dll
Total events
4 975
Read events
4 933
Write events
41
Delete events
1

Modification events

(PID) Process:(3488) WinRAR.exeKey:HKEY_CLASSES_ROOT\Local Settings\MuiCache\178\52C64B7E
Operation:writeName:LanguageList
Value:
en-US
(PID) Process:(3488) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\ArcHistory
Operation:writeName:2
Value:
C:\Users\admin\Desktop\virtio_ivshmem_master_build.zip
(PID) Process:(3488) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\ArcHistory
Operation:writeName:1
Value:
C:\Users\admin\Desktop\Win7-KB3191566-x86.zip
(PID) Process:(3488) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\ArcHistory
Operation:writeName:0
Value:
C:\Users\admin\Desktop\phacker.zip
(PID) Process:(3488) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:name
Value:
120
(PID) Process:(3488) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:size
Value:
80
(PID) Process:(3488) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:type
Value:
120
(PID) Process:(3488) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:mtime
Value:
100
(PID) Process:(3488) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\Interface\MainWin
Operation:writeName:Placement
Value:
2C0000000000000001000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF42000000420000000204000037020000
(PID) Process:(3488) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\General
Operation:writeName:LastFolder
Value:
C:\Users\admin\Desktop
Executable files
1
Suspicious files
0
Text files
7
Unknown types
0

Dropped files

PID
Process
Filename
Type
3488WinRAR.exeC:\Users\admin\Desktop\BigFishGamesFullKeygenUpdate08.2022.taiwebs.com\Big Fish Games Full Keygen Update 08.2022\dummy_file
MD5:
SHA256:
3488WinRAR.exeC:\Users\admin\Desktop\BigFishGamesFullKeygenUpdate08.2022.taiwebs.com\Big Fish Games Full Keygen Update 08.2022\Donate_btc.txttext
MD5:EF8F62D62C3C46CB9BB6D597F56DCC82
SHA256:53497E49C34ACC24249D5DD77C1E443E9620D32C1ACC87FAF3F38A0ED98D546F
3488WinRAR.exeC:\Users\admin\Desktop\BigFishGamesFullKeygenUpdate08.2022.taiwebs.com\Big Fish Games Full Keygen Update 08.2022\how to use it2.bmpimage
MD5:6A7A2A6E6A41EBFB9EF7A3D665B78B79
SHA256:0BA07DD0145F9841A5BEDF6E1190BFF0AB33B519755C8CB418CBB8EE89F296A1
3488WinRAR.exeC:\Users\admin\Desktop\BigFishGamesFullKeygenUpdate08.2022.taiwebs.com\Big Fish Games Full Keygen Update 08.2022\GameList.TxTtext
MD5:519E8B3ED9F1E4554EB7102A6A7EEAF3
SHA256:95CC886519786F61D213097E8D3D4299EFB6133C46B8DED0AF71FFD398371597
3488WinRAR.exeC:\Users\admin\Desktop\BigFishGamesFullKeygenUpdate08.2022.taiwebs.com\Big Fish Games Full Keygen Update 08.2022\how to search a game_2.bmpimage
MD5:EFA3FF6FA9617B37C463FED7CA1E9BA8
SHA256:A9B9C4741A08B25DD9E79840D5EC85AAA22F4001FEF0EDDF1D6E5F3939D52F1B
3488WinRAR.exeC:\Users\admin\Desktop\BigFishGamesFullKeygenUpdate08.2022.taiwebs.com\Big Fish Games Full Keygen Update 08.2022\how to search a game_1.bmpimage
MD5:8CE88075DBD781AB0889EA0C265AB625
SHA256:731BCA823730358A73B79B3350A6D2CF010DB62BFF3AD5EC38A0E82D373F2B3D
3488WinRAR.exeC:\Users\admin\Desktop\BigFishGamesFullKeygenUpdate08.2022.taiwebs.com\Big Fish Games Full Keygen Update 08.2022\how to use it.bmpimage
MD5:3DC6083B7E8E6182614DDF170A0EBE62
SHA256:4FF32163274363D196F57DB2349B6039FA64698C267CC651B96A195B68D3CEB6
3488WinRAR.exeC:\Users\admin\Desktop\BigFishGamesFullKeygenUpdate08.2022.taiwebs.com\Big Fish Games Full Keygen Update 08.2022\kg.exeexecutable
MD5:AE0601DF9EAF9C2DE5A7119868D3740D
SHA256:B1EA033A9086E1DCDFB9D4FD55FEB79BC901F9E3230E9F37BD3D5D1FA4F79B3D
3488WinRAR.exeC:\Users\admin\Desktop\BigFishGamesFullKeygenUpdate08.2022.taiwebs.com\Big Fish Games Full Keygen Update 08.2022\options.initext
MD5:6183D45FB31991954BED1B4C77D3D4D8
SHA256:C22260A3865B45FCA050874C84067881CE79646FF0EE404952E22411535C9EB4
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
0
TCP/UDP connections
2
DNS requests
0
Threats
0

HTTP requests

No HTTP requests
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:137
whitelisted
4
System
192.168.100.255:138
whitelisted

DNS requests

No data

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
BigFishGamesFullKeygenUpdate08.2022.taiwebs.com.zip