Automated Malware Analysis IOC Report for

Processes

Path

Cmdline

Malicious

C:\Users\user\Desktop\CakeView.exe

"C:\Users\user\Desktop\CakeView.exe"

Details

Is windows:	false
Is dropped:	false
PID:	5744
Target ID:	0
Parent PID:	3964
Name:	CakeView.exe
Path:	C:\Users\user\Desktop\CakeView.exe
Commandline:	"C:\Users\user\Desktop\CakeView.exe"
Size:	2254336
MD5:	E1773CB30C0917178D415442FF691FA7
Time:	13:21:51
Date:	06/04/2025
Reason:	newprocess
Reputation:	low
Is admin:	true
Is elevated:	true
Modulebase:	0x7ff73cff0000
Modulesize:	2494464
Wow64:	false

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary
PE file has an executable .text section and no other executable section	System Summary
Sample might require command line arguments	System Summary	Command and Scripting Interpreter
URLs found in memory or binary data	Networking
PE file contains a valid data directory to section mapping	System Summary
PE file contains a debug data directory	System Summary
Contains modern PE file flags such as dynamic base (ASLR) or NX	Compliance, System Summary
PE file contains a mix of data directories often seen in goodware	System Summary
PE file imports many functions	System Summary
PE file has a big raw section	System Summary
PE file has a high image base, often used for DLLs	System Summary
Submission file is bigger than most known malware samples	System Summary

URLs

Name

Malicious

https://wiki.prowrestlingmods.io/https://discord.gg/ctUmSTueV3materialeditor.exePlease

unknown

https://prowrestlingmods.io

unknown

https://wiki.prowrestlingmods.io/

unknown

https://www.patreon.com/PWModsSysCore::Assets::VCTexture

unknown

https://discord.gg/ctUmSTueV3

unknown

https://www.patreon.com/PWMods

unknown

Memdumps

Base Address

Regiontype

Protect

Malicious

Download

2B522109000

heap

page read and write

7FF73CFF0000

unkown

page readonly

2B52210B000

heap

page read and write

7FF73D0D0000

unkown

page readonly

F3D97BC000

stack

page read and write

7FF73CFF1000

unkown

page execute read

7FF73D203000

unkown

page write copy

7FF73D0CC000

unkown

page readonly

2B521F90000

heap

page read and write

7FF73D20A000

unkown

page write copy

7FF73CFF0000

unkown

page readonly

7FF73D243000

unkown

page readonly

7FF73D203000

unkown

page write copy

7FF73CFF1000

unkown

page execute read

F3D9AFE000

stack

page read and write

7FF73D243000

unkown

page readonly

F3D9BFE000

stack

page read and write

7FF73D0CC000

unkown

page read and write

2B522070000

heap

page read and write

7FF73D209000

unkown

page read and write

F3D9CFE000

stack

page read and write

2B522100000

heap

page read and write

There are 12 hidden memdumps, click here to show them.

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
CakeView.exe

Processes

URLs

Memdumps

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC ReportCakeView.exe

Processes

URLs

Memdumps

IOC Report
CakeView.exe