831d77640b05c3c1a05ccc76c88aeecfbf045020aea2cb8167394c8031697b65

Analysis

max time kernel
120s
max time network
127s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
25/12/2023, 22:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3fbe4154819f4235714bc0ec7a646d0c.exe
Size

1.8MB
MD5

3fbe4154819f4235714bc0ec7a646d0c
SHA1

c2dd2959abd7c6ef64b511ca99e1d57272cdf0d1
SHA256

831d77640b05c3c1a05ccc76c88aeecfbf045020aea2cb8167394c8031697b65
SHA512

166c589c527c06eb1b209866598dc882db659902d8c3f014186e427a9776e0fc126bd8034824926b7b2c0e89fcb5add208c300a6091f466e34aa125a109179a7
SSDEEP

24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7NxqO:SCqm2Jpr0nNM7Dus7Nxv

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/2188-0-0x0000000000400000-0x00000000005BA000-memory.dmp	upx
behavioral1/files/0x0033000000016047-5.dat	upx
behavioral1/memory/2188-538-0x0000000000400000-0x00000000005BA000-memory.dmp	upx

Drops desktop.ini file(s) 1 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	3fbe4154819f4235714bc0ec7a646d0c.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ro.pak.exe	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationLeft_ButtonGraphic.png	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\TitleButtonSubpicture.png.exe	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationUp_SelectionSubpicture.png.exe	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\bandwidth.png	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationUp_ButtonGraphic.png.exe	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\micaut.dll.mui.exe	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\tipresx.dll.mui.exe	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\ja-jp-sym.xml	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\Common Files\System\Ole DB\de-DE\msdasqlr.dll.mui.exe	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\dotslightoverlay.png	3fbe4154819f4235714bc0ec7a646d0c.exe
File opened for modification	C:\Program Files\7-Zip\Lang\sr-spl.txt	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationUp_ButtonGraphic.png	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_buttongraphic.png	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\NextMenuButtonIconSubpictur.png	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\7-Zip\Lang\si.txt.exe	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\mip.exe.mui.exe	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipshrv.xml.exe	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\DVD Maker\OmdBase.dll.exe	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationRight_SelectionSubpicture.png	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\HandPrints.jpg	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\dicjp.bin	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base.xml.exe	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationUp_ButtonGraphic.png.exe	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsjpn.xml.exe	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\it-IT\MSTTSLoc.dll.mui.exe	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToScenesBackground.wmv	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\7-Zip\Lang\tt.txt.exe	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\dicjp.bin.exe	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\Common Files\System\msadc\de-DE\msadcfr.dll.mui.exe	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-image-inset.png.exe	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\imjplm.dll.exe	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\sr-Latn-CS\tipresx.dll.mui.exe	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\Common Files\System\ado\msado28.tlb	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_videoinset.png.exe	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\White_Chocolate.jpg.exe	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols.xml	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\ja-JP\MSTTSLoc.dll.mui	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\ParentMenuButtonIcon.png.exe	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\mshwLatin.dll.mui.exe	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\Common Files\System\Ole DB\fr-FR\msdasqlr.dll.mui	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\Common Files\System\ado\de-DE\msader15.dll.mui.exe	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\Common Files\System\msadc\de-DE\msaddsr.dll.mui	3fbe4154819f4235714bc0ec7a646d0c.exe
File opened for modification	C:\Program Files\7-Zip\7z.exe	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\InkObj.dll.mui.exe	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationLeft_SelectionSubpicture.png.exe	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainBackground_PAL.wmv	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\tabskb.dll.mui.exe	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_precomp_matte.wmv.exe	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\DVD Maker\rtstreamsink.ax.exe	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-highlight.png	3fbe4154819f4235714bc0ec7a646d0c.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\am.pak	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\micaut.dll.mui	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web\webbase.xml.exe	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ro-RO\tipresx.dll.mui	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSEngine.dll	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Trans_Notes_PAL.wmv	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\Passport.wmv	3fbe4154819f4235714bc0ec7a646d0c.exe
File opened for modification	C:\Program Files\7-Zip\Lang\sa.txt	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VC\msdia100.dll.exe	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\IpsMigrationPlugin.dll	3fbe4154819f4235714bc0ec7a646d0c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\tipresx.dll.mui.exe	3fbe4154819f4235714bc0ec7a646d0c.exe

C:\Users\Admin\AppData\Local\Temp\3fbe4154819f4235714bc0ec7a646d0c.exe
"C:\Users\Admin\AppData\Local\Temp\3fbe4154819f4235714bc0ec7a646d0c.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:2188

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7-zip32.dll.exe

Filesize
1.8MB

MD5
20644dbf302cb83d0c0796ac6a288095

SHA1
dc9cd4495fe488e91021691287f43e06e5bda1e2

SHA256
259a8d0622c5fefdc15e6c6c9e2708e2dc9db4ea52bbd0bd4deded42f0f3951e

SHA512
77db9fed0e90acb116176440cc3c3b304bc7619c85534786e0d480cabd23e30ef863e75d847efc01a97e8989537bbe46b17b300c5f4ec98abb3c3099ef94a50d

Download Submit
memory/2188-0-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download
memory/2188-538-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads