File name:

Final Twitch God 2021 v1.2 (Vip Pro Edition) Cracked .zip

Full analysis: https://app.any.run/tasks/a9fe994f-5ab3-4e29-ab25-2730a3614cb3
Verdict: Malicious activity
Analysis date: April 27, 2024, 17:57:00
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Indicators:
MIME: application/zip
File info: Zip archive data, at least v2.0 to extract, compression method=deflate
MD5:

F1791887ADB542920DC9C8C82E76CAB1

SHA1:

16482A3074028317EFDAC7E3FF13C93364E5F706

SHA256:

D1EA8553C28E247E0587D6ECAB0C6B41D57DC289184440152A456F5C660D6B67

SSDEEP:

24576:tG+e9IUvVeWjwR3xJ1EMLpqx5e3rXSkfOLvSrnO:tG+e9IUvVeWjwR3xJ1lqx5e3rXSkmrS6

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Drops the executable file immediately after the start

      • WinRAR.exe (PID: 3972)

  • SUSPICIOUS

    • Reads the Internet Settings

      • Final Twitch God 2021 v1.2 (Vip Pro Edition) Cracked [In4.Bz].exe (PID: 1024)

    • Reads settings of System Certificates

      • Final Twitch God 2021 v1.2 (Vip Pro Edition) Cracked [In4.Bz].exe (PID: 1024)

    • Adds/modifies Windows certificates

      • Final Twitch God 2021 v1.2 (Vip Pro Edition) Cracked [In4.Bz].exe (PID: 1024)

  • INFO

    • Reads the computer name

      • Final Twitch God 2021 v1.2 (Vip Pro Edition) Cracked [In4.Bz].exe (PID: 1024)
      • wmpnscfg.exe (PID: 1432)

    • Checks supported languages

      • Final Twitch God 2021 v1.2 (Vip Pro Edition) Cracked [In4.Bz].exe (PID: 1024)
      • wmpnscfg.exe (PID: 1432)

    • Reads the machine GUID from the registry

      • Final Twitch God 2021 v1.2 (Vip Pro Edition) Cracked [In4.Bz].exe (PID: 1024)

    • Manual execution by a user

      • Final Twitch God 2021 v1.2 (Vip Pro Edition) Cracked [In4.Bz].exe (PID: 1024)
      • wmpnscfg.exe (PID: 1432)
      • taskmgr.exe (PID: 1988)

    • Executable content was dropped or overwritten

      • WinRAR.exe (PID: 3972)

    • Create files in a temporary directory

      • Final Twitch God 2021 v1.2 (Vip Pro Edition) Cracked [In4.Bz].exe (PID: 1024)

    • Reads Environment values

      • Final Twitch God 2021 v1.2 (Vip Pro Edition) Cracked [In4.Bz].exe (PID: 1024)

    • Reads the software policy settings

      • Final Twitch God 2021 v1.2 (Vip Pro Edition) Cracked [In4.Bz].exe (PID: 1024)

    • Creates files or folders in the user directory

      • Final Twitch God 2021 v1.2 (Vip Pro Edition) Cracked [In4.Bz].exe (PID: 1024)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.zip | ZIP compressed archive (100)

EXIF

ZIP

ZipRequiredVersion: 20
ZipBitFlag: 0x0008
ZipCompression: Deflated
ZipModifyDate: 2021:06:29 10:05:10
ZipCRC: 0x6f97988c
ZipCompressedSize: 241675
ZipUncompressedSize: 691712
ZipFileName: [In4.Bz] Final Twitch God 2021 v1.2 (Vip Pro Edition) Cracked [In4.Bz]/Final Twitch God 2021 v1.2 (Vip Pro Edition) Cracked [In4.Bz].exe
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
36
Monitored processes
4
Malicious processes
1
Suspicious processes
0

Behavior graph

Click at the process to see the details
start winrar.exe final twitch god 2021 v1.2 (vip pro edition) cracked [in4.bz].exe wmpnscfg.exe no specs taskmgr.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
1024"C:\Users\admin\Desktop\[In4.Bz] Final Twitch God 2021 v1.2 (Vip Pro Edition) Cracked [In4.Bz]\Final Twitch God 2021 v1.2 (Vip Pro Edition) Cracked [In4.Bz].exe" C:\Users\admin\Desktop\[In4.Bz] Final Twitch God 2021 v1.2 (Vip Pro Edition) Cracked [In4.Bz]\Final Twitch God 2021 v1.2 (Vip Pro Edition) Cracked [In4.Bz].exe
explorer.exe
User:
admin
Company:
Pooria Sharaffodin www.BabaTools.com
Integrity Level:
MEDIUM
Description:
Final Twitch God 2021 v1.2 (Vip Pro Edition)
Version:
1.2.0.0
Modules
Images
c:\users\admin\desktop\[in4.bz] final twitch god 2021 v1.2 (vip pro edition) cracked [in4.bz]\final twitch god 2021 v1.2 (vip pro edition) cracked [in4.bz].exe
c:\windows\system32\ntdll.dll
c:\windows\system32\mscoree.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\microsoft.net\framework\v4.0.30319\mscoreei.dll
1432"C:\Program Files\Windows Media Player\wmpnscfg.exe"C:\Program Files\Windows Media Player\wmpnscfg.exeexplorer.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Windows Media Player Network Sharing Service Configuration Application
Exit code:
0
Version:
12.0.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\program files\windows media player\wmpnscfg.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
1988"C:\Windows\system32\taskmgr.exe" /4C:\Windows\System32\taskmgr.exeexplorer.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Windows Task Manager
Exit code:
1
Version:
6.1.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\windows\system32\taskmgr.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
3972"C:\Program Files\WinRAR\WinRAR.exe" "C:\Users\admin\AppData\Local\Temp\Final Twitch God 2021 v1.2 (Vip Pro Edition) Cracked .zip"C:\Program Files\WinRAR\WinRAR.exe
explorer.exe
User:
admin
Company:
Alexander Roshal
Integrity Level:
MEDIUM
Description:
WinRAR archiver
Version:
5.91.0
Modules
Images
c:\program files\winrar\winrar.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\comdlg32.dll
Total events
8 399
Read events
8 358
Write events
40
Delete events
1

Modification events

(PID) Process:(3972) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\Interface\Themes
Operation:writeName:ShellExtBMP
Value:
(PID) Process:(3972) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\Interface\Themes
Operation:writeName:ShellExtIcon
Value:
(PID) Process:(3972) WinRAR.exeKey:HKEY_CLASSES_ROOT\Local Settings\MuiCache\182\52C64B7E
Operation:writeName:LanguageList
Value:
en-US
(PID) Process:(3972) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\ArcHistory
Operation:writeName:3
Value:
C:\Users\admin\Desktop\phacker.zip
(PID) Process:(3972) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\ArcHistory
Operation:writeName:2
Value:
C:\Users\admin\Desktop\Win7-KB3191566-x86.zip
(PID) Process:(3972) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\ArcHistory
Operation:writeName:1
Value:
C:\Users\admin\Desktop\curl-8.5.0_1-win32-mingw.zip
(PID) Process:(3972) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\ArcHistory
Operation:writeName:0
Value:
C:\Users\admin\AppData\Local\Temp\Final Twitch God 2021 v1.2 (Vip Pro Edition) Cracked .zip
(PID) Process:(3972) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:name
Value:
120
(PID) Process:(3972) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:size
Value:
80
(PID) Process:(3972) WinRAR.exeKey:HKEY_CURRENT_USER\Software\WinRAR\FileList\FileColumnWidths
Operation:writeName:type
Value:
120
Executable files
2
Suspicious files
1
Text files
2
Unknown types
1

Dropped files

PID
Process
Filename
Type
3972WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa3972.44998\[In4.Bz] Final Twitch God 2021 v1.2 (Vip Pro Edition) Cracked [In4.Bz]\readme.txttext
MD5:30C23A2F33F1CBD4332658880680576F
SHA256:7C4794996515EE2C8644F9CA6189ED33DA65D0D6A6A948B682016F61736F249E
3972WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa3972.44998\[In4.Bz] Final Twitch God 2021 v1.2 (Vip Pro Edition) Cracked [In4.Bz]\Newtonsoft.Json.dllexecutable
MD5:CBD6029ABAA8E977D3B7435C6F70DD0E
SHA256:0EDFAC6BE11732DDD99DB66821EE47408C2DC1E9BED68E5EF9A8E130C565B79B
1024Final Twitch God 2021 v1.2 (Vip Pro Edition) Cracked [In4.Bz].exeC:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4E3E4B05E877647EF3D7B912F256A94Cbinary
MD5:29F1C1B26D92E893B6E6852AB708CCE1
SHA256:8B05B68CC659E5ED0FCB38F2C942FBFD200E6F2FF9F85D63C6994EF5E0B02701
1024Final Twitch God 2021 v1.2 (Vip Pro Edition) Cracked [In4.Bz].exeC:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4E3E4B05E877647EF3D7B912F256A94Cbinary
MD5:2596F993191735BA1B6DBDF30C48BF0C
SHA256:38661CE7181CB9A7362BC7F7214712E5888F49CDC00F055D96B23433AB2B0429
3972WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa3972.44998\[In4.Bz] Final Twitch God 2021 v1.2 (Vip Pro Edition) Cracked [In4.Bz]\settings.txttext
MD5:A443A76E6B6604A39BC6BC706E73DD08
SHA256:BC548B362DFAF123863AFCF72D50E66429FE844FD6DF6D62E5BB2570FEA45872
3972WinRAR.exeC:\Users\admin\AppData\Local\Temp\Rar$DRa3972.44998\[In4.Bz] Final Twitch God 2021 v1.2 (Vip Pro Edition) Cracked [In4.Bz]\Final Twitch God 2021 v1.2 (Vip Pro Edition) Cracked [In4.Bz].exeexecutable
MD5:C38151E14E72C13054AE16636BEC5E0D
SHA256:F6236859A2510BFECF82DCE6D83D07F5CACEB021D187E4A5418366878002C4F8
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
1
TCP/UDP connections
18
DNS requests
7
Threats
0

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
1024
Final Twitch God 2021 v1.2 (Vip Pro Edition) Cracked [In4.Bz].exe
GET
200
2.23.197.184:80
http://x2.i.lencr.org/
unknown
unknown
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4
System
192.168.100.255:137
whitelisted
4
System
192.168.100.255:138
whitelisted
1088
svchost.exe
224.0.0.252:5355
unknown
1024
Final Twitch God 2021 v1.2 (Vip Pro Edition) Cracked [In4.Bz].exe
199.59.243.225:443
www.babatools.com
AMAZON-02
US
unknown
1024
Final Twitch God 2021 v1.2 (Vip Pro Edition) Cracked [In4.Bz].exe
2.23.197.184:80
x2.i.lencr.org
CW Vodafone Group PLC
GB
unknown
1024
Final Twitch God 2021 v1.2 (Vip Pro Edition) Cracked [In4.Bz].exe
192.99.69.204:443
www.babaproxy.com
OVH SAS
CA
unknown
1024
Final Twitch God 2021 v1.2 (Vip Pro Edition) Cracked [In4.Bz].exe
146.75.118.214:443
api.twitch.tv
FASTLY
US
unknown
1024
Final Twitch God 2021 v1.2 (Vip Pro Edition) Cracked [In4.Bz].exe
3.162.34.14:443
static-cdn.jtvnw.net
US
unknown

DNS requests

Domain
IP
Reputation
www.babatools.com
  • 199.59.243.225
malicious
x2.i.lencr.org
  • 2.23.197.184
unknown
www.babaproxy.com
  • 192.99.69.204
unknown
dns.msftncsi.com
  • 131.107.255.255
shared
api.twitch.tv
  • 146.75.118.214
whitelisted
static-cdn.jtvnw.net
  • 3.162.34.14
whitelisted

Threats

No threats detected
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
Final Twitch God 2021 v1.2 (Vip Pro Edition) Cracked .zip