6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f

Resubmissions

15-06-2022 10:54

220615-mzmccsdgel 10

15-06-2022 10:49

220615-mwxzpagfb4 10

15-06-2022 10:44

220615-ms8a9agef6 10

Analysis

max time kernel
160s
max time network
165s
platform
windows10-2004_x64
resource
win10v2004-20220414-en
submitted
15-06-2022 10:49

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
Size

54KB
MD5

057d8c68bf4ce08bda3f9bd96c04bd25
SHA1

60428ec831ff15fe3e5019e8517af06da1196b96
SHA256

6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f
SHA512

87a48943600a1d5782edaf76fd422d3d66e571a2f907dc99dddded81e25275b8fb332e04f79078d90d2a7abcdcc95c7dc10244ef91c3f272b9bbbbd180db17a4

Score

6^/10

Malware Config

Signatures

Drops desktop.ini file(s) 3 IoCs

Processes:

6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe

description	ioc	process
File opened for modification	C:\$Recycle.Bin\S-1-5-21-1081944012-3634099177-1681222835-1000\desktop.ini	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\desktop.ini	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Office16\1033\DataServices\DESKTOP.INI	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe

Drops file in Program Files directory 64 IoCs

Processes:

6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe

description	ioc	process
File opened for modification	C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-core-timezone-l1-1-0.dll	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_classic_win7.css	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-host-remote.xml	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\89.0.4389.114\Locales\de.pak	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Java\jdk1.8.0_66\jre\bin\keytool.exe	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\osknav\osknavbase.xml	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Common Files\microsoft shared\MSInfo\de-DE\msinfo32.exe.mui	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Java\jdk1.8.0_66\bin\javapackager.exe	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusR_Grace-ppd.xrm-ms	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Colors\Red Orange.xml	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_SubTrial4-ppd.xrm-ms	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Licenses16\O365ProPlusR_Subscription1-ppd.xrm-ms	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\7-Zip\7-zip32.dll	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\7-Zip\Lang\nb.txt	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\config\ModuleAutoDeps\org-netbeans-modules-options-api.xml	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-bootstrap.xml	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\jp2launcher.exe	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Licenses16\PowerPointR_OEM_Perp-pl.xrm-ms	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Fonts\Georgia.xml	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Integration\C2RManifest.osmmui.msi.16.en-us.xml	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Licenses16\Publisher2019R_Retail-ul-oob.xrm-ms	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.bg-bg.dll	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Common Files\microsoft shared\ClickToRun\concrt140.dll	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.emf.ecore_2.10.1.v20140901-1043.jar	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\platform\update_tracking\org-netbeans-modules-options-api.xml	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-api_zh_CN.jar	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\license.html	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\fxplugins.dll	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Licenses16\HomeBusinessR_OEM_Perp4-pl.xrm-ms	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Licenses16\VisioProO365R_SubTrial-pl.xrm-ms	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Common Files\System\msadc\en-US\msaddsr.dll.mui	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\license.html	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64_3.103.1.v20140903-1947.jar	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\89.0.4389.114\Locales\sk.pak	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.attach_5.5.0.165303.jar	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Licenses16\Outlook2019VL_MAK_AE-pl.xrm-ms	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Office15\pkeyconfig-office.xrm-ms	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Common Files\microsoft shared\ink\ja-JP\tabskb.dll.mui	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\89.0.4389.114\chrome_pwa_launcher.exe	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\MANIFEST.MF	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.mbeanbrowser_5.5.0.165303.jar	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt_0.11.101.v20140818-1343.jar	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\7-Zip\Lang\ku.txt	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\CompressPush.gif	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Java\jdk1.8.0_66\jre\lib\jce.jar	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Document Themes 16\Theme Fonts\Tw Cen MT.xml	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Licenses16\MondoR_Subscription-ppd.xrm-ms	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\jdwp.dll	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Client\AppVLP.exe	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Common Files\microsoft shared\MSInfo\en-US\msinfo32.exe.mui	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\META-INF\MANIFEST.MF	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Java\jdk1.8.0_66\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-utilities_ja.jar	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\JavaAccessBridge-64.dll	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Microsoft Office\PackageManifests\AppXManifest.common.16.xml	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVIsvApi.dll	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Licenses16\ExcelR_Grace-ppd.xrm-ms	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Licenses16\O365HomePremR_SubTest4-ul-oob.xrm-ms	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\lib\management\jmxremote.password.template	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\lib\psfontj2d.properties	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Integration\C2RManifest.DCF.DCF.x-none.msi.16.x-none.xml	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Common Files\System\ado\msado27.tlb	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\ECLIPSE_.RSA	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
File opened for modification	C:\Program Files\Java\jdk1.8.0_66\lib\missioncontrol\plugins\org.eclipse.jetty.servlet_8.1.14.v20131031.jar	6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe

C:\Users\Admin\AppData\Local\Temp\6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe
"C:\Users\Admin\AppData\Local\Temp\6c39c5f5d143700d4ad43b0aa7fb6a51e77817060467cf3462ef037176e1f50f.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:4232

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads