da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec

Analysis

max time kernel
29s
max time network
30s
platform
windows7_x64
resource
win7v20210410
submitted
15-05-2021 14:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
Size

880KB
MD5

ba92eb82a0d8e11e398699805443ddfb
SHA1

1be55fa2dfb0d523160a96294f15f08d5af65808
SHA256

da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec
SHA512

24e59f57f059e683abf567c77b78d7899888c8c8f419aa1429e2d22b6c01b6d835a7d532d4c58e0a075dc9b41bd959df3c06f1239fd32ccbd071e672275764f3

Score

6^/10

Malware Config

Signatures

Drops desktop.ini file(s) 6 IoCs

description	ioc	Process
File created	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File created	\??\c:\Program Files\desktop.ini	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\desktop.ini	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File created	\??\c:\$Recycle.Bin\S-1-5-21-2513283230-931923277-594887482-1000\desktop.ini	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\$Recycle.Bin\S-1-5-21-2513283230-931923277-594887482-1000\desktop.ini	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File opened for modification	\??\c:\Program Files\7-Zip\Lang\lij.txt	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\7-Zip\Lang\lv.txt	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_rtl.xml	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationUp_SelectionSubpicture.png	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\numbase.xml	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Seyes.emf	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationRight_SelectionSubpicture.png	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationLeft_ButtonGraphic.png	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\Google\Chrome\Application\89.0.4389.114\Locales\el.pak	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred\oskpredbase.xml	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_matte.wmv	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationLeft_ButtonGraphic.png	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\heart_glass_Thumbnail.bmp	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File created	\??\c:\Program Files\Internet Explorer\pdm.dll	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\1047x576black.png	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\Google\Chrome\Application\89.0.4389.114\VisualElements\SmallLogoDev.png	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationRight_ButtonGraphic.png	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\bin\attach.dll	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Tiki.gif	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Scene_loop_PAL.wmv	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\shatter.png	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\Google\Chrome\Application\89.0.4389.114\Locales\en-GB.pak	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\db\bin\startNetworkServer	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\resources.jar	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\en-US\rtscom.dll.mui	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\OFFICE14\Csi.dll	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File created	\??\c:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSLoc.dll.mui	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\IPSEventLogMsg.dll	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\ipsita.xml	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyScenesBackground.wmv	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\navSubpicture.png	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Dot.png	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationLeft_SelectionSubpicture.png	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_precomp_matte.wmv	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Performance\NextMenuButtonIconSubpictur.png	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\tipresx.dll.mui	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\Common Files\System\ado\msadrh15.dll	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Travel\selection_subpicture.png	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\Internet Explorer\D3DCompiler_47.dll	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\Internet Explorer\jsdebuggeride.dll	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee90.tlb	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationLeft_SelectionSubpicture.png	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationUp_SelectionSubpicture.png	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Travel\button-highlight.png	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\San_Juan	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainBackground_PAL.wmv	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File created	\??\c:\Program Files\Internet Explorer\jsprofilerui.dll	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\bin\orbd.exe	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\en-US\InputPersonalization.exe.mui	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\tr-TR\tipresx.dll.mui	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Bears.htm	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationRight_ButtonGraphic.png	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_babypink_Thumbnail.bmp	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Sports\PreviousMenuButtonIcon.png	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\7-Zip\Lang\hu.txt	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\7-Zip\Lang\ja.txt	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationUp_ButtonGraphic.png	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Full\dotsdarkoverlay.png	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationLeft_SelectionSubpicture.png	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\en-US\IpsMigrationPlugin.dll.mui	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File created	\??\c:\Program Files\Common Files\System\msadc\msadcs.dll	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\Google\Chrome\Application\89.0.4389.114\Locales\ru.pak	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
File opened for modification	\??\c:\Program Files\Google\Chrome\Application\89.0.4389.114\Locales\sl.pak	da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe

C:\Users\Admin\AppData\Local\Temp\da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe
"C:\Users\Admin\AppData\Local\Temp\da2d8650452e6d1f8eaaaadac6b9ff015c99615d4e0b97ede0d462f1ed91f3ec.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:1756

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1756-59-0x0000000075FE1000-0x0000000075FE3000-memory.dmp

Filesize
8KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads