6217334c9c36d7e8b905d6598ea190d8cb5ed7c183218a25f0e6297284ebb319

Analysis

max time kernel
122s
max time network
123s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
25/12/2023, 22:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3eb40b9816d2ea473abcdacd143c571d.exe
Size

369KB
MD5

3eb40b9816d2ea473abcdacd143c571d
SHA1

4330878d979c9a82252c55e87c19637d7bf37e07
SHA256

6217334c9c36d7e8b905d6598ea190d8cb5ed7c183218a25f0e6297284ebb319
SHA512

52a788182a9b6ba543dbdcdfa1ed16ae46caa22cc5c838f2e644cc070f7848129132eab4e5db9e598d3839c5a45d3d78dab9d59591c51656c5edb600fcd89f21
SSDEEP

6144:He+fAz16PHy4mir6ideW83gPZ4Jgk/e3ocVRM9egLQa4T1FUZ3ogcNql/xAbQI8q:++Iz16fDr6isWyuZ46k/e3ocVRM9egLO

Score

6^/10

Malware Config

Signatures

Drops desktop.ini file(s) 6 IoCs

description	ioc	Process
File created	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	3eb40b9816d2ea473abcdacd143c571d.exe
File created	\??\c:\Program Files\desktop.ini	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\desktop.ini	3eb40b9816d2ea473abcdacd143c571d.exe
File created	\??\c:\$Recycle.Bin\S-1-5-21-3601492379-692465709-652514833-1000\desktop.ini	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\$Recycle.Bin\S-1-5-21-3601492379-692465709-652514833-1000\desktop.ini	3eb40b9816d2ea473abcdacd143c571d.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\vignettemask25.png	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_pt_BR.jar	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\Common Files\System\msadc\handsafe.reg	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DissolveAnother.png	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-image-mask.png	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsNotesBackground.wmv	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\bin\j2pcsc.dll	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaSansRegular.ttf	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\7-Zip\Lang\sl.txt	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\Common Files\System\ado\msader15.dll	3eb40b9816d2ea473abcdacd143c571d.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\1047x576black.png	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\Internet Explorer\jsdbgui.dll	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\bin\tnameserv.exe	3eb40b9816d2ea473abcdacd143c571d.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Sports\ParentMenuButtonIcon.png	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\bin\rmiregistry.exe	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\7-Zip\7-zip32.dll	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\7-Zip\Lang\ps.txt	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\ipshrv.xml	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\ShadesOfBlue.jpg	3eb40b9816d2ea473abcdacd143c571d.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToScenesBackground.wmv	3eb40b9816d2ea473abcdacd143c571d.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationRight_SelectionSubpicture.png	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\db\bin\dblook	3eb40b9816d2ea473abcdacd143c571d.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\de-DE\mip.exe.mui	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_INTRO_BG.wmv	3eb40b9816d2ea473abcdacd143c571d.exe
File created	\??\c:\Program Files\Internet Explorer\F12Resources.dll	3eb40b9816d2ea473abcdacd143c571d.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\en-US\TipRes.dll.mui	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\Common Files\System\msadc\it-IT\msadcor.dll.mui	3eb40b9816d2ea473abcdacd143c571d.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\circleround_selectionsubpicture.png	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_specialocc_Thumbnail.bmp	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationLeft_ButtonGraphic.png	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\en-US.pak	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\bin\javah.exe	3eb40b9816d2ea473abcdacd143c571d.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\de-DE\TipTsf.dll.mui	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\MSInfo\msinfo32.exe	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\1047x576_91n92.png	3eb40b9816d2ea473abcdacd143c571d.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToScenesBackground_PAL.wmv	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\ffjcext.zip	3eb40b9816d2ea473abcdacd143c571d.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\ipsfin.xml	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\db\bin\ij	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_es.jar	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Peacock.htm	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Shorthand.emf	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\Common Files\System\msadc\en-US\msaddsr.dll.mui	3eb40b9816d2ea473abcdacd143c571d.exe
File created	\??\c:\Program Files\Common Files\System\msadc\handsafe.reg	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationRight_ButtonGraphic.png	3eb40b9816d2ea473abcdacd143c571d.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\de-DE\TipBand.dll.mui	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\Common Files\System\msadc\msadcor.dll	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationUp_SelectionSubpicture.png	3eb40b9816d2ea473abcdacd143c571d.exe
File created	\??\c:\Program Files\Common Files\System\ado\fr-FR\msader15.dll.mui	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\background.png	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\colorcycle.png	3eb40b9816d2ea473abcdacd143c571d.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Travel\Passport.wmv	3eb40b9816d2ea473abcdacd143c571d.exe
File created	\??\c:\Program Files\Internet Explorer\perfcore.dll	3eb40b9816d2ea473abcdacd143c571d.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\hwrdeush.dat	3eb40b9816d2ea473abcdacd143c571d.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationLeft_SelectionSubpicture.png	3eb40b9816d2ea473abcdacd143c571d.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationUp_SelectionSubpicture.png	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\Internet Explorer\ielowutil.exe	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\bin\jstatd.exe	3eb40b9816d2ea473abcdacd143c571d.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\tipresx.dll.mui	3eb40b9816d2ea473abcdacd143c571d.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\tipresx.dll	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Monet.jpg	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_selectionsubpicture.png	3eb40b9816d2ea473abcdacd143c571d.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Sports\highlight.png	3eb40b9816d2ea473abcdacd143c571d.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationRight_SelectionSubpicture.png	3eb40b9816d2ea473abcdacd143c571d.exe

C:\Users\Admin\AppData\Local\Temp\3eb40b9816d2ea473abcdacd143c571d.exe
"C:\Users\Admin\AppData\Local\Temp\3eb40b9816d2ea473abcdacd143c571d.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:2372

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\osetup.dll

Filesize
2.5MB

MD5
771df044979bcfc32c3777694f48dbb3

SHA1
dfcebc297f26149ff02c28d00ed827e9cc4f0018

SHA256
cbdf71e9c521d8ed9815c71a3ed8d81b71448abe16e381d3d03576259ab0c36a

SHA512
2c2787d1cbd1e90c4fa72841a3a67f6601be93aebee35c3228c7efbd26925e6d8ea47dc6852fedfbcc9cd1aee785429ab27e4d465ee21586f023e0e5b22c649b

Download Submit
C:\Program Files\Java\jdk1.7.0_80\db\bin\stopNetworkServer

Filesize
5KB

MD5
6b99099c6a9b959f824e420676fe3dc8

SHA1
ba9e3b5f2f7f710d263272019be5bf5db33bf614

SHA256
34d5d8dc208ef8c73bb46fb3002fa22b8954d52a4e53be3c56b9801aeab56918

SHA512
dfe061ddec4106e68c8ea789009b0e6bf7d27072bebd0bdb724e4ccadd215b9122b04198bbc362753e2b35af16d993ddf89b44b29bb79c0e7a16eeb97f3b3d26

Download Submit
C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_pl.jar

Filesize
5B

MD5
b5b682b742431a52ea8b17c72ad9c572

SHA1
326320f469235708c59f678c9a7357dca552d306

SHA256
30d9045a9f172208b13161d1f5204e5787e5e07bfbb4f490d0041b03b7f44f76

SHA512
4e1bd7cc616b3115baf6be7ebd29fe2d1123bc0f25464865a0cf9207b0344fba70747a5ce6f00e8d9c696881f6db1e12f81736bc748b6f2b60bf84c681a49163

Download Submit
memory/2372-0-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download
memory/2372-611-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads