3bf5d88f51db0fc3f02b9281354c4b2ded1403d003aab4b8c196dc6962c2f66d

Analysis

max time kernel
174s
max time network
207s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
11/10/2023, 19:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
Size

46KB
MD5

b7a5c83868e2c1fdd0e32ccf4cbe7e70
SHA1

3de8aaf5301ba6549f6b5a7db6d8d0fa501dffd1
SHA256

3bf5d88f51db0fc3f02b9281354c4b2ded1403d003aab4b8c196dc6962c2f66d
SHA512

42ee22ec35e84094e93b512b46ad9b2a70aa3659825ca76b740bf462630280d1be53763b46af265e6debdf96738434526840b6414fb18e3d83fe9271367ee131
SSDEEP

768:W7BlphA7pARFbhOm0CAbLg++RkIZpFCpFFI/ME:W7ZhA7pApH1++RbCY

Score

4^/10

Malware Config

Signatures

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.pl-pl.dll.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\7-Zip\7z.exe.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\7-Zip\Lang\af.txt.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.nb-no.dll.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-runtime-l1-1-0.dll.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.kk-kz.dll.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.ro-ro.dll.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\7-Zip\Lang\en.ttt.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-filesystem-l1-1-0.dll.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-locale-l1-1-0.dll.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVScripting.dll.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.da-dk.dll.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.de-de.dll.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.hu-hu.dll.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\7-Zip\Lang\br.txt.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\7-Zip\Lang\ru.txt.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\7-Zip\Lang\sv.txt.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\7-Zip\Lang\nl.txt.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\ClearEnable.dot.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-heap-l1-1-0.dll.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.nl-nl.dll.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\7-Zip\7zFM.exe.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\7-Zip\Lang\ba.txt.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\7-Zip\Lang\hy.txt.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\7-Zip\Lang\lv.txt.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\7-Zip\Lang\ug.txt.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\7-Zip\License.txt.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\C2R64.dll.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RHeartbeatConfig.xml.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\7-Zip\Lang\es.txt.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\7-Zip\Lang\ext.txt.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\7-Zip\Lang\hu.txt.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.et-ee.dll.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.he-il.dll.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\7-Zip\Lang\ta.txt.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\7-Zip\Lang\eu.txt.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\7-Zip\Lang\fi.txt.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\7-Zip\Lang\sa.txt.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\7-Zip\Lang\pl.txt.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-convert-l1-1-0.dll.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.ar-sa.dll.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.zh-cn.dll.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\i640.cab.cat.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\7-Zip\7z.sfx.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\7-Zip\Lang\fr.txt.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\7-Zip\Lang\ku.txt.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\7-Zip\Lang\th.txt.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\7-Zip\Lang\zh-tw.txt.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-crt-string-l1-1-0.dll.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVCatalog.dll.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.id-id.dll.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\7-Zip\Lang\fa.txt.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\7-Zip\Lang\ja.txt.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\7-Zip\Lang\nb.txt.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\api-ms-win-core-processthreads-l1-1-1.dll.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVFileSystemMetadata.dll.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVIsvApi.dll.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.lt-lt.dll.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\ClientEventLogMessages.man.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\7-Zip\7z.dll.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\7-Zip\Lang\ast.txt.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\7-Zip\Lang\vi.txt.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\IntegratedOffice.exe.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
File created	C:\Program Files\7-Zip\Lang\fy.txt.tmp	b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe

C:\Users\Admin\AppData\Local\Temp\b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe
"C:\Users\Admin\AppData\Local\Temp\b7a5c83868e2c1fdd0e32ccf4cbe7e70_JC.exe"
1⤵
- Drops file in Program Files directory
PID:5000

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2344688013-2965468717-2034126-1000\desktop.ini.tmp

Filesize
47KB

MD5
026fce30184e5490e8c9cfdd9dc7b743

SHA1
627b4ff7f2e4b1a095398dd04109085a4c8aae3f

SHA256
758e770545b2b431a42d4e6e71c2727737414f4f798e5ab3edfa6f8d15e88e0f

SHA512
09e077714a956709ccad75641c4e1846896e29b961aedafa34cdb0e3491cd84f8b74262a5a295cc9dd0f589f58fdde1e7c85dafce323c79a202d4e964557feae

Download Submit
C:\odt\config.xml.tmp

Filesize
48KB

MD5
32d38b44aeb049b3f2e2c82be310abc2

SHA1
099694c5c34920e62980cc859e7a166fa43d500c

SHA256
daf05026a12ae145e8b7ed43542de6e49175228dc7438e6c0bfdf5ee7da4341b

SHA512
a3284ae9fa77fe7360f109a2c665e2dfc4406bfa61ca78fe96fb1204eee7d6a109da1432e9cdfee3c7a25753a05e36dd4bed6128f90e8bdb04ee6b1fe2755b82

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads