d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044

Analysis

max time kernel
152s
max time network
168s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
03-12-2022 12:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
Size

127KB
MD5

8fa7b0284586a0d09d11323259f0c034
SHA1

9e7659140bcca2d27ff31a868c76c8e10747d50f
SHA256

d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044
SHA512

87a3f309ec6db7316bfe9ef561b5ffde05995405f33bb4ef09ce8219edce2523e43d0dcc7f2d87a5136b89749404d81e18b978aeb6feedce737536f28b148c1c
SSDEEP

3072:ynEOqF1O4UPfX4jWUPBwccolKInTXbJC97V8S8JnSv:wo1kPf+WqBqrInrk9QFSv

Score

6^/10

Malware Config

Signatures

Drops desktop.ini file(s) 4 IoCs

description	ioc	Process
File created	\??\c:\$Recycle.Bin\S-1-5-21-2386679933-1492765628-3466841596-1000\desktop.ini	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\$Recycle.Bin\S-1-5-21-2386679933-1492765628-3466841596-1000\desktop.ini	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File created	\??\c:\Program Files\desktop.ini	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\Program Files\desktop.ini	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File opened for modification	\??\c:\Program Files\Common Files\microsoft shared\ink\fr-FR\InputPersonalization.exe.mui	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File created	\??\c:\Program Files\Common Files\System\msadc\adcvbs.inc	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\Program Files\7-Zip\Lang\eo.txt	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\Program Files\Common Files\microsoft shared\ClickToRun\AppVIsvSubsystemController.dll	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File created	\??\c:\Program Files\Common Files\microsoft shared\ink\de-DE\TipRes.dll.mui	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\Program Files\Common Files\microsoft shared\ink\en-US\InkObj.dll.mui	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File created	\??\c:\Program Files\Common Files\microsoft shared\ink\he-IL\tipresx.dll.mui	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\Program Files\Common Files\microsoft shared\ClickToRun\AppVClientIsv.man	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File created	\??\c:\Program Files\Common Files\System\msadc\msadce.dll	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\Program Files\Common Files\System\Ole DB\msdaosp.dll	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File created	\??\c:\Program Files\Common Files\System\Ole DB\msdatl3.dll	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File created	\??\c:\Program Files\Common Files\System\Ole DB\sqlxmlx.rll	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\Program Files\Common Files\microsoft shared\ink\et-EE\tipresx.dll.mui	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\Program Files\Common Files\System\ado\ja-JP\msader15.dll.mui	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\Program Files\Google\Chrome\Application\89.0.4389.114\chrome.exe.sig	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\Program Files\Common Files\microsoft shared\ClickToRun\AppVIsvVirtualization.dll	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File created	\??\c:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main.xml	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\Program Files\Common Files\microsoft shared\OFFICE16\LICLUA.EXE	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\Program Files\Common Files\System\ado\msadomd28.tlb	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.kk-kz.dll	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\Program Files\Common Files\microsoft shared\ink\ipskor.xml	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\Program Files\Common Files\microsoft shared\ink\ko-KR\tipresx.dll.mui	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\Program Files\Common Files\System\Ole DB\fr-FR\msdasqlr.dll.mui	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.sk-sk.dll	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\Program Files\Common Files\microsoft shared\ink\ThirdPartyNotices.MSHWLatin.txt	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File created	\??\c:\Program Files\Common Files\microsoft shared\ink\de-DE\tabskb.dll.mui	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\Program Files\Common Files\microsoft shared\ink\it-IT\TipTsf.dll.mui	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File created	\??\c:\Program Files\Common Files\System\ado\adovbs.inc	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File created	\??\c:\Program Files\Common Files\microsoft shared\ink\hwrlatinlm.dat	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\Program Files\Common Files\microsoft shared\MSInfo\de-DE\msinfo32.exe.mui	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File created	\??\c:\Program Files\Common Files\Services\verisign.bmp	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\Program Files\Google\Chrome\Application\89.0.4389.114\default_apps\gmail.crx	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File created	\??\c:\Program Files\Common Files\microsoft shared\ink\it-IT\rtscom.dll.mui	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\Program Files\Common Files\System\ado\msado28.tlb	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File created	\??\c:\Program Files\Common Files\microsoft shared\ink\ja-JP\InkObj.dll.mui	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File created	\??\c:\Program Files\Common Files\microsoft shared\ink\et-EE\tipresx.dll.mui	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\Program Files\Common Files\microsoft shared\ink\ja-JP\InputPersonalization.exe.mui	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\Program Files\Common Files\System\ado\msado20.tlb	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File created	\??\c:\Program Files\Common Files\System\ado\msado27.tlb	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\Program Files\Common Files\System\msadc\es-ES\msdaprsr.dll.mui	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\Program Files\Common Files\System\msadc\it-IT\msadcor.dll.mui	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-environment-l1-1-0.dll	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\Program Files\Common Files\microsoft shared\ClickToRun\InspectorOfficeGadget.exe	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File created	\??\c:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main\base.xml	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\main.xml	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\Program Files\7-Zip\Lang\be.txt	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\Program Files\Common Files\microsoft shared\ink\de-DE\InkObj.dll.mui	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\Program Files\Common Files\microsoft shared\ink\de-DE\rtscom.dll.mui	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File created	\??\c:\Program Files\Common Files\System\msadc\msadcor.dll	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\Program Files\7-Zip\Lang\uz.txt	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\Program Files\7-Zip\Lang\hi.txt	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\Program Files\Common Files\microsoft shared\ink\ipsfra.xml	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File created	\??\c:\Program Files\Common Files\System\ado\msador28.tlb	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File created	\??\c:\Program Files\Common Files\System\msadc\en-US\msadcer.dll.mui	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\Program Files\7-Zip\Lang\bg.txt	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File created	\??\c:\Program Files\Common Files\microsoft shared\ink\en-US\mshwLatin.dll.mui	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\Program Files\Common Files\System\ado\msader15.dll	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File opened for modification	\??\c:\Program Files\7-Zip\Lang\af.txt	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File created	\??\c:\Program Files\Common Files\microsoft shared\ink\zh-TW\tipresx.dll.mui	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File created	\??\c:\Program Files\Common Files\microsoft shared\ink\fr-FR\InkObj.dll.mui	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File created	\??\c:\Program Files\Common Files\microsoft shared\ink\ipsesp.xml	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File created	\??\c:\Program Files\Common Files\System\Ole DB\en-US\msdasqlr.dll.mui	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File created	\??\c:\Program Files\Common Files\microsoft shared\ink\nl-NL\tipresx.dll.mui	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
File created	\??\c:\Program Files\Common Files\microsoft shared\ink\de-DE\InkObj.dll.mui	d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe

C:\Users\Admin\AppData\Local\Temp\d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe
"C:\Users\Admin\AppData\Local\Temp\d0390422657906e2627735512ad4854cda86ff822b3d2f1da36648a07f8f9044.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:3688

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads