3ecc75bc438b90bf227dee2869aad5df858bdd6eab7f41b0af0b0b77b2091266

Analysis

max time kernel
117s
max time network
126s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
24/12/2023, 17:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

07afe851e7d7d861a6915d634069330f.exe
Size

1.8MB
MD5

07afe851e7d7d861a6915d634069330f
SHA1

84babc1253ddcf04ed35c93dce2aefec8095a19e
SHA256

3ecc75bc438b90bf227dee2869aad5df858bdd6eab7f41b0af0b0b77b2091266
SHA512

1a3317577be10702ddd08ef0cbf1865053a12c4d63f56d8fc19eb46922b3488855eca222ace17e9bb7f0b0b12cb45073cae9f1789721183f4ebd2c014ac0ec2d
SSDEEP

24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7NxqUkHe:SCqm2Jpr0nNM7Dus7Nx2+

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 4 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/828-0-0x0000000000400000-0x00000000005BA000-memory.dmp	upx
behavioral1/files/0x0031000000016fe9-5.dat	upx
behavioral1/memory/828-705-0x0000000000400000-0x00000000005BA000-memory.dmp	upx
behavioral1/memory/828-9220-0x0000000000400000-0x00000000005BA000-memory.dmp	upx

Drops desktop.ini file(s) 9 IoCs

description	ioc	Process
File created	C:\Program Files\Microsoft Games\Solitaire\desktop.ini	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Microsoft Games\SpiderSolitaire\desktop.ini	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Microsoft Games\Chess\desktop.ini	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Microsoft Games\FreeCell\desktop.ini	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Microsoft Games\Hearts\desktop.ini	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Microsoft Games\Mahjong\desktop.ini	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Microsoft Games\Purble Place\desktop.ini	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\desktop.ini	07afe851e7d7d861a6915d634069330f.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\WindowsBase.resources.dll	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\WriteCompare.mpa.exe	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkClientCP.bat.exe	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Miquelon.exe	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Kamchatka.exe	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\es\System.ServiceModel.Resources.dll	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Windows Journal\NBDoc.DLL	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\PreviousMenuButtonIcon.png	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\menu_style_default_Thumbnail.png	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-jvm.xml.exe	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-awt_zh_CN.jar.exe	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_lrg_sml.png.exe	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_LOOP_BG.wmv.exe	07afe851e7d7d861a6915d634069330f.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome.dll.sig	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-print_zh_CN.jar.exe	07afe851e7d7d861a6915d634069330f.exe
File opened for modification	C:\Program Files\Java\jre7\lib\zi\Africa\Khartoum	07afe851e7d7d861a6915d634069330f.exe
File opened for modification	C:\Program Files\Java\jre7\lib\zi\America\Cambridge_Bay	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\System.Data.Entity.Resources.dll	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\play-static.png	07afe851e7d7d861a6915d634069330f.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.nl_ja_4.4.0.v20140623020002.jar	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Java\jre7\lib\deploy\messages.properties.exe	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\System.IdentityModel.Selectors.Resources.dll	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\it-IT\settings.html	07afe851e7d7d861a6915d634069330f.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.preferences_3.5.200.v20140224-1527.jar	07afe851e7d7d861a6915d634069330f.exe
File opened for modification	C:\Program Files\Java\jre7\bin\zip.dll	07afe851e7d7d861a6915d634069330f.exe
File opened for modification	C:\Program Files\Microsoft Games\Multiplayer\Checkers\it-IT\chkrzm.exe.mui	07afe851e7d7d861a6915d634069330f.exe
File opened for modification	C:\Program Files\Java\jre7\lib\jvm.hprof.txt	07afe851e7d7d861a6915d634069330f.exe
File opened for modification	C:\Program Files\Java\jre7\lib\zi\Asia\Shanghai	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\VideoLAN\VLC\locale\bn_IN\LC_MESSAGES\vlc.mo.exe	07afe851e7d7d861a6915d634069330f.exe
File opened for modification	C:\Program Files\VideoLAN\VLC\locale\zu\LC_MESSAGES\vlc.mo	07afe851e7d7d861a6915d634069330f.exe
File opened for modification	C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libcache_read_plugin.dll	07afe851e7d7d861a6915d634069330f.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Maputo	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Sydney.exe	07afe851e7d7d861a6915d634069330f.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-print.jar	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\es-ES\js\settings.js.exe	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\22.png.exe	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\requests\playlist.json.exe	07afe851e7d7d861a6915d634069330f.exe
File opened for modification	C:\Program Files\VideoLAN\VLC\plugins\access\libdtv_plugin.dll	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Main_Gradient.png.exe	07afe851e7d7d861a6915d634069330f.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kamchatka	07afe851e7d7d861a6915d634069330f.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.transport.ecf_1.1.0.v20140408-1354.jar	07afe851e7d7d861a6915d634069330f.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-host.xml	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\La_Paz.exe	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\System.RunTime.Serialization.Resources.dll	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Windows Media Player\de-DE\WMPDMCCore.dll.mui.exe	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\de-DE\css\localizedSettings.css	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\shatter.png	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\about.html.exe	07afe851e7d7d861a6915d634069330f.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\epl-v10.html	07afe851e7d7d861a6915d634069330f.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-netbeans-core.xml	07afe851e7d7d861a6915d634069330f.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-charts_zh_CN.jar	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\icon.png.exe	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\it-IT\css\localizedSettings.css	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Common Files\System\msadc\adcjavas.inc	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.sun.el_2.2.0.v201303151357.jar.exe	07afe851e7d7d861a6915d634069330f.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.event_1.3.100.v20140115-1647.jar	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Classic.dll	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\Microsoft.Build.Conversion.v3.5.resources.dll	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\7.png.exe	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Windows Sidebar\de-DE\Sidebar.exe.mui	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Internet Explorer\IEShims.dll	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.update\platform.xml.exe	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-threaddump_ja.jar.exe	07afe851e7d7d861a6915d634069330f.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cancun.exe	07afe851e7d7d861a6915d634069330f.exe

C:\Users\Admin\AppData\Local\Temp\07afe851e7d7d861a6915d634069330f.exe
"C:\Users\Admin\AppData\Local\Temp\07afe851e7d7d861a6915d634069330f.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:828

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7-zip32.dll.exe

Filesize
878KB

MD5
044b0b12af044a99a7b8d7400205765b

SHA1
ad668ff7cef552b4e48180f7d2d048b4c1ffb7ca

SHA256
aa6afe47fb5eef6b37ddb903c0be1b5c07d2d35f53c8e3cd16548409b7c423bd

SHA512
0624f658ca9ee6bceb17462458fd6179eeb493b9f9a1dd2f9c3d70837d744c3adac238d0efed8342b24b1dc48721ab1d48b330a1215c5ff8cabbd4628ca868bd

Download Submit
memory/828-0-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download
memory/828-705-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download
memory/828-9220-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads