5986bdc417013c5f07eb2c4617204e2467fadbb6af4a9d57032b89ee3b3897eb

Analysis

max time kernel
121s
max time network
134s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
25/12/2023, 01:20

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

20097c22b58c36abba580fac86319ac3.exe
Size

1.8MB
MD5

20097c22b58c36abba580fac86319ac3
SHA1

ff3863b3f9bcd03d2914f3a2584829d110d829f8
SHA256

5986bdc417013c5f07eb2c4617204e2467fadbb6af4a9d57032b89ee3b3897eb
SHA512

4a6fa9f1567351358b686035719b54e2c6818545d1eae525e73e39056eb71644ea661e04fe9b98e55bfa0e8b2aab830d2f768c04bcfcc804d4e123052717a36f
SSDEEP

24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7NxqUkHz:SCqm2Jpr0nNM7Dus7Nx2T

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/files/0x00300000000139f5-5.dat	upx
behavioral1/memory/1040-0-0x0000000000400000-0x00000000005BA000-memory.dmp	upx
behavioral1/memory/1040-720-0x0000000000400000-0x00000000005BA000-memory.dmp	upx

Drops desktop.ini file(s) 1 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	20097c22b58c36abba580fac86319ac3.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToScenesBackground.wmv.exe	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\javap.exe.exe	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\rmid.exe.exe	20097c22b58c36abba580fac86319ac3.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Faroe	20097c22b58c36abba580fac86319ac3.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\plugin.properties	20097c22b58c36abba580fac86319ac3.exe
File opened for modification	C:\Program Files\7-Zip\readme.txt	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationLeft_ButtonGraphic.png	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Tirane.exe	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\DVD Maker\Shared\DissolveAnother.png.exe	20097c22b58c36abba580fac86319ac3.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\es-419.pak	20097c22b58c36abba580fac86319ac3.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\chrome.VisualElementsManifest.xml	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\java-rmi.exe.exe	20097c22b58c36abba580fac86319ac3.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Sofia	20097c22b58c36abba580fac86319ac3.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.beans_1.2.200.v20140214-0004.jar	20097c22b58c36abba580fac86319ac3.exe
File opened for modification	C:\Program Files\7-Zip\Lang\gu.txt	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\Common Files\System\Ole DB\sqloledb.rll.exe	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Title_Page_Ref_PAL.wmv.exe	20097c22b58c36abba580fac86319ac3.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jli.dll	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Rarotonga.exe	20097c22b58c36abba580fac86319ac3.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\feature.properties	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\nl-NL\tipresx.dll.mui	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\reflect.png.exe	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_selectionsubpicture.png	20097c22b58c36abba580fac86319ac3.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Miquelon	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\ECLIPSE_.SF.exe	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\Microsoft.Ink.dll.exe	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe.exe	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationRight_SelectionSubpicture.png.exe	20097c22b58c36abba580fac86319ac3.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Seoul	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Filters\msgfilt.dll.exe	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_mainImage-mask.png.exe	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\Internet Explorer\networkinspection.dll.exe	20097c22b58c36abba580fac86319ac3.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\cursors.properties	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Honolulu.exe	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.services.nl_ja_4.4.0.v20140623020002.jar.exe	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\Internet Explorer\F12.dll	20097c22b58c36abba580fac86319ac3.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_fr.jar	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Sand_Paper.jpg.exe	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\dotsdarkoverlay.png.exe	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationUp_SelectionSubpicture.png.exe	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationLeft_SelectionSubpicture.png	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_plain_Thumbnail.bmp.exe	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\lv.pak.exe	20097c22b58c36abba580fac86319ac3.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\HST10	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.httpcomponents.httpcore_4.2.5.v201311072007.jar.exe	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\blackbars60.png	20097c22b58c36abba580fac86319ac3.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Rome	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer.httpclient4_1.0.800.v20140827-1444.jar.exe	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\TabIpsps.dll	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\et-EE\tipresx.dll.mui.exe	20097c22b58c36abba580fac86319ac3.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaTypewriterRegular.ttf	20097c22b58c36abba580fac86319ac3.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Vostok	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.commands.nl_zh_4.4.0.v20140623020002.jar.exe	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\Common Files\System\msadc\en-US\msaddsr.dll.mui	20097c22b58c36abba580fac86319ac3.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.components.ui_5.5.0.165303.jar	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationLeft_ButtonGraphic.png.exe	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\Java\jdk1.7.0_80\include\classfile_constants.h.exe	20097c22b58c36abba580fac86319ac3.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Scoresbysund	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychartplugin_5.5.0.165303.jar.exe	20097c22b58c36abba580fac86319ac3.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.ds_1.4.200.v20131126-2331.jar	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.components.ui.zh_CN_5.5.0.165303.jar.exe	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.property.nl_zh_4.4.0.v20140623020002.jar.exe	20097c22b58c36abba580fac86319ac3.exe
File created	C:\Program Files\7-Zip\Lang\cs.txt.exe	20097c22b58c36abba580fac86319ac3.exe
File opened for modification	C:\Program Files\7-Zip\Lang\mk.txt	20097c22b58c36abba580fac86319ac3.exe

C:\Users\Admin\AppData\Local\Temp\20097c22b58c36abba580fac86319ac3.exe
"C:\Users\Admin\AppData\Local\Temp\20097c22b58c36abba580fac86319ac3.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:1040

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7-zip32.dll.exe

Filesize
87KB

MD5
0d4efe46c917e1ec8cd7c12fa6a1159e

SHA1
3b1a9968c9517790a8171092bf8a081ec665a933

SHA256
50446a90bc5bac43dd9af3eeac25aa89359d420679c4b2a9ae88dbadadb3ecd5

SHA512
7d521d3797043f7263fe0d428bf3856b5b901c7c239e31adf7d105b24943c85af3af2e23f5703cb592cac3bbdded9dcfd23c18ca0cb2c7623e3f110c6314fb01

Download Submit
memory/1040-0-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download
memory/1040-720-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads