7ca8451772dedc210e6e00e449c49ec90dd752ac0ca2b4c7179893fc4054b8c2

Analysis

max time kernel
150s
max time network
123s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
18/09/2023, 17:11

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

2d7cecd47ee5d554859264a361ab6dbf_JC.exe
Size

144KB
MD5

2d7cecd47ee5d554859264a361ab6dbf
SHA1

92345090d3f31a6585ecaa6a813f5a02cbc563ad
SHA256

7ca8451772dedc210e6e00e449c49ec90dd752ac0ca2b4c7179893fc4054b8c2
SHA512

e8690b77c7e57a795af1e4180bea2fa1f6e290f96f139029ccaa94445ca739326d0e0e6ff7d2d7e80b884ebe0d93a9484831e4d34338062a8d602b82d3821afc
SSDEEP

1536:W7ZNLpAp4sCtOz2OLOHepOHeasQDvjFKqX:6NLWp4sfz2OcsNqX

Score

4^/10

Malware Config

Signatures

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\zh-changjei.xml.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrenalm.dat.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\babyblue.png.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyNotesBackground.wmv.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationUp_ButtonGraphic.png.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_INTRO_BG_PAL.wmv.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipssrl.xml.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\mshwjpn.dll.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\javap.exe.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\tnameserv.exe.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\dt_shmem.dll.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\InkWatson.exe.mui.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\Common Files\System\Ole DB\fr-FR\sqloledb.rll.mui.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_ButtonGraphic.png.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\appletviewer.exe.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\pack200.exe.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\7-Zip\Lang\de.txt.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\7-Zip\Lang\mn.txt.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\FlickLearningWizard.exe.mui.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\rtscom.dll.mui.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\Common Files\System\msadc\de-DE\msadcfr.dll.mui.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\DVD Maker\Shared\DissolveNoise.png.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\15x15dot.png.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jps.exe.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\orbd.exe.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\rmid.exe.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\tipresx.dll.mui.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\rtscom.dll.mui.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\TipBand.dll.mui.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\imjplm.dll.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Dotted_Lines.emf.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\DVD Maker\en-US\DVDMaker.exe.mui.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_leftarrow.png.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Scene_loop_PAL.wmv.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\ApproveUnprotect.ini.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base.xml.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\Common Files\Microsoft Shared\MSInfo\es-ES\msinfo32.exe.mui.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationLeft_SelectionSubpicture.png.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\Internet Explorer\iexplore.exe.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\rmiregistry.exe.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\cloud_Thumbnail.bmp.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\layers.png.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-backglow.png.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\nb.pak.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\GroupMove.doc.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jdb.exe.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\7-Zip\7z.exe.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\7-Zip\Lang\ka.txt.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\Common Files\System\Ole DB\sqloledb.dll.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\bear_formatted_rgb6.wmv.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationLeft_SelectionSubpicture.png.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\ParentMenuButtonIconSubpict.png.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\es-419.pak.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-join.avi.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\ja-jp.xml.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\sk-SK\tipresx.dll.mui.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\de-DE\MSTTSLoc.dll.mui.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\huemainsubpicture2.png.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_highlights_Thumbnail.bmp.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\specialoccasion.png.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSEngine.dll.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\Common Files\System\msadc\fr-FR\msdaprsr.dll.mui.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe
File created	C:\Program Files\Common Files\System\msadc\ja-JP\msadcfr.dll.mui.tmp	2d7cecd47ee5d554859264a361ab6dbf_JC.exe

C:\Users\Admin\AppData\Local\Temp\2d7cecd47ee5d554859264a361ab6dbf_JC.exe
"C:\Users\Admin\AppData\Local\Temp\2d7cecd47ee5d554859264a361ab6dbf_JC.exe"
1⤵
- Drops file in Program Files directory
PID:2880

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-86725733-3001458681-3405935542-1000\desktop.ini.tmp

Filesize
144KB

MD5
178ea2e5fd1f06d229019ad850910414

SHA1
5b9003d95d72eac31f004c3753739d2b5346f18e

SHA256
019d65b00bb22c1facb1da33393e9db141e9a6db21f08c429686c04bec451d38

SHA512
13e7a03853069396f9b2b798116b2415e801bdb2df0e7ba0c69ca9673b3784cbac2668e488f051a9339bdc75e613a0b3d98118a2cfa5e94b85226976e9ac9768

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
153KB

MD5
fa0dd9165363f0b0abf1946ce3841c9f

SHA1
5758d225d181820712d93f4ac360c8dbdde788a4

SHA256
31c765338029b2c0d5e2e3b6fc49fd7017b39209e8ff22047d3996c547078819

SHA512
164551fb6c0976a3709377b892210da8a06f55d8985bab417a174b32cce22a53d9c429a7d7b4a33bceae864255225261c64333a915efefa5653d01b328116ed9

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads