Recommended action: No obvious malicious behavior was observed in this sandbox run.
Why this verdict: No strong indicators were observed.
Important: This report should not say a file is absolutely safe. A better phrase is: no obvious malicious behavior was observed in this sandbox run.
VirusTotal: Unavailable/error from CAPE: Unable to complete connection to VirusTotal. Status code: 429
Manual lookup: Open SHA256 in VirusTotal
This report only uses VirusTotal detection counts if they are present in the CAPE JSON. A link alone is not the same as a local detection result.
| File name | UserProfileCleanup.exe |
|---|---|
| File type | PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows |
| Size | 49152 |
| MD5 | e603eaa9f312ca5bfc095146ebbc2f88 |
| SHA1 | 31e2eab31d3007bf56534f179ff475a6b8454fd6 |
| SHA256 | ffa1ea47b0ca932a22dec7d7ed954b3b30f95ff7275086692d00db7dcd785007 |
| VirusTotal lookup | Open SHA256 in VirusTotal |
| Task ID | 11 |
|---|---|
| Started | 2026-06-15 19:06:02 |
| Ended | 2026-06-15 19:06:36 |
| Duration | 34 seconds |
| Package | exe |
| Route | none |
| Machine | cuckoo1 |
| CAPE score | 0 |
| CAPE status | Failed |
| Digital signature | Guest signer check failed: File not found: C:\Users\IT\AppData\Local\Temp\11\UserProfileCleanup.exe |
| Severity | Confidence | Signature | Meaning |
|---|---|---|---|
| 3 | 80% | static_pe_anomaly | Anomalous binary characteristics |
| Observed item | Count |
|---|---|
| Executed commands / child processes | 0 |
| File writes | 0 |
| File deletes | 0 |
| Registry writes | 0 |
| Created services | 0 |
| Started services | 0 |
| CAPE payload-like items | 0 |
| CAPE extracted configs | 0 |
| Dropped/related files captured | 0 |
No CAPE payload-like items were extracted.
None observed.No network activity recorded in this report.
Generated 2026-06-15T19:07:01 from /opt/CAPEv2/storage/analyses/11/reports/report.json