5588700ef91120c52067e8b541c748c3d20ad8848a01349191993080b843f3fb

Analysis

max time kernel
118s
max time network
125s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
24/12/2023, 22:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

143866f94ece458dfd65cb553b9e49ca.exe
Size

128KB
MD5

143866f94ece458dfd65cb553b9e49ca
SHA1

aa001aeb57acace0a4ab62c01def7d4311a5c360
SHA256

5588700ef91120c52067e8b541c748c3d20ad8848a01349191993080b843f3fb
SHA512

ea0d4a718c171113e35c01a90d856eafe7c1a0d336d2cf77ce1f5e3d141dcc376ca336350992595c08f6f6954d05c27c96159b475a7a209276ab6d81c3960476
SSDEEP

1536:WInERoZ54OF/tQi99rtuUXKIs4/18bz/uf3YTpIPzo6TtxY9UzGbGz+DVrex1amk:BnEOei99xNKkOzyIT2PzfTyRNrex1amk

Score

6^/10

Malware Config

Signatures

Drops desktop.ini file(s) 6 IoCs

description	ioc	Process
File opened for modification	\??\c:\Program Files\desktop.ini	143866f94ece458dfd65cb553b9e49ca.exe
File created	\??\c:\$Recycle.Bin\S-1-5-21-3427588347-1492276948-3422228430-1000\desktop.ini	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\$Recycle.Bin\S-1-5-21-3427588347-1492276948-3422228430-1000\desktop.ini	143866f94ece458dfd65cb553b9e49ca.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	143866f94ece458dfd65cb553b9e49ca.exe
File created	\??\c:\Program Files\desktop.ini	143866f94ece458dfd65cb553b9e49ca.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\it-IT\InkObj.dll.mui	143866f94ece458dfd65cb553b9e49ca.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\Microsoft.Ink.dll	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\bin\wsdetect.dll	143866f94ece458dfd65cb553b9e49ca.exe
File created	\??\c:\Program Files\DVD Maker\ja-JP\DVDMaker.exe.mui	143866f94ece458dfd65cb553b9e49ca.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Page_PAL.wmv	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationUp_SelectionSubpicture.png	143866f94ece458dfd65cb553b9e49ca.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Full\dotsdarkoverlay.png	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\7-Zip\Lang\et.txt	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\zh-TW\tipresx.dll.mui	143866f94ece458dfd65cb553b9e49ca.exe
File created	\??\c:\Program Files\Common Files\System\ado\msado20.tlb	143866f94ece458dfd65cb553b9e49ca.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Circle_ButtonGraphic.png	143866f94ece458dfd65cb553b9e49ca.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\TipBand.dll.mui	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Bears.htm	143866f94ece458dfd65cb553b9e49ca.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\OrangeCircles.jpg	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\1047x576black.png	143866f94ece458dfd65cb553b9e49ca.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationRight_SelectionSubpicture.png	143866f94ece458dfd65cb553b9e49ca.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainBackground.wmv	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\Internet Explorer\msdbg2.dll	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\7-Zip\Lang\hy.txt	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\tabskb.dll.mui	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Volgograd	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\MANIFEST.MF	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMain.wmv	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\Google\Chrome\Application\106.0.5249.119\nacl_irt_x86_64.nexe	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\bin\javah.exe	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\date-span-16.png	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\es-ES\tabskb.dll.mui	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\ko-kr.xml	143866f94ece458dfd65cb553b9e49ca.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\TipRes.dll	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\ECLIPSE_.SF	143866f94ece458dfd65cb553b9e49ca.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\es-ES\TipRes.dll.mui	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Malta	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\AST4	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-14	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Port_Moresby	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.services.nl_ja_4.4.0.v20140623020002.jar	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.server_8.1.14.v20131031.jar	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll	143866f94ece458dfd65cb553b9e49ca.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_SelectionSubpicture.png	143866f94ece458dfd65cb553b9e49ca.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Travel\content-background.png	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\Internet Explorer\ie9props.propdesc	143866f94ece458dfd65cb553b9e49ca.exe
File created	\??\c:\Program Files\Common Files\System\de-DE\wab32res.dll.mui	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_LinkDrop32x32.gif	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+8	143866f94ece458dfd65cb553b9e49ca.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\mip.exe.mui	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\bin\javap.exe	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\charsets.jar	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\7-Zip\Lang\af.txt	143866f94ece458dfd65cb553b9e49ca.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\LightBlueRectangle.PNG	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-image-inset.png	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Eucla	143866f94ece458dfd65cb553b9e49ca.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationLeft_ButtonGraphic.png	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\pt-BR.pak	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\EST5EDT	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.update\platform.xml	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\7-Zip\Lang\mng.txt	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\Content.xml	143866f94ece458dfd65cb553b9e49ca.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\ipsplk.xml	143866f94ece458dfd65cb553b9e49ca.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Push\push_item.png	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui.configuration_5.5.0.165303.jar	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\journal.dll	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dili	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.nl_zh_4.4.0.v20140623020002.jar	143866f94ece458dfd65cb553b9e49ca.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationRight_SelectionSubpicture.png	143866f94ece458dfd65cb553b9e49ca.exe

C:\Users\Admin\AppData\Local\Temp\143866f94ece458dfd65cb553b9e49ca.exe
"C:\Users\Admin\AppData\Local\Temp\143866f94ece458dfd65cb553b9e49ca.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:2184

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\osetup.dll

Filesize
5.6MB

MD5
f1f040322b713c590b0b505d97137c51

SHA1
3c73d41267b344c9a25563a72bfa571650264ba6

SHA256
78e1c302d5957d119fe9e7a6e90ffa7a4f3834d1c4b16a2da7b24ef1184deeb5

SHA512
47bfa80563c6b3e12ace881a846804d7d3eafada0eaaee0bdbd0b87f05dc79fe82d9978ebb0ec8b254c9ae36325b1142884adcd9c303eeefe055de1fc6f4c314

Download Submit
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\mailapi.jar

Filesize
5B

MD5
b5b682b742431a52ea8b17c72ad9c572

SHA1
326320f469235708c59f678c9a7357dca552d306

SHA256
30d9045a9f172208b13161d1f5204e5787e5e07bfbb4f490d0041b03b7f44f76

SHA512
4e1bd7cc616b3115baf6be7ebd29fe2d1123bc0f25464865a0cf9207b0344fba70747a5ce6f00e8d9c696881f6db1e12f81736bc748b6f2b60bf84c681a49163

Download Submit
memory/2184-0-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download
memory/2184-234-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download
memory/2184-1566-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads