4f0bed0dc2c5249acd72d1cb35c8accb1896b2a3f643a064fb80dec6450275f6

Analysis

max time kernel
149s
max time network
132s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
25-12-2023 04:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

04f99a1d8e9da45109920a6dcfd7e1a5.exe
Size

1.8MB
MD5

04f99a1d8e9da45109920a6dcfd7e1a5
SHA1

0f87eb2146b18f1ef7c32fa4500f7bb05e8b21b5
SHA256

4f0bed0dc2c5249acd72d1cb35c8accb1896b2a3f643a064fb80dec6450275f6
SHA512

ebbc362af5d2ba2d5e807b5f7d266b2103f49420735e84ca48c90d8e95851055467b5c2a84d5ae2beb28c1bc9fb6e49a08292e10e90cdd83b76ef794357ebb8d
SSDEEP

24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7NxqUkHA:SCqm2Jpr0nNM7Dus7Nx2g

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/1968-0-0x0000000000400000-0x00000000005BA000-memory.dmp	upx
behavioral1/files/0x0007000000015855-5.dat	upx
behavioral1/memory/1968-616-0x0000000000400000-0x00000000005BA000-memory.dmp	upx

Drops desktop.ini file(s) 1 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	04f99a1d8e9da45109920a6dcfd7e1a5.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\1047x576black.png.exe	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\DVD Maker\es-ES\DVDMaker.exe.mui.exe	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\mshwLatin.dll.mui	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dubai	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\pt-PT\tipresx.dll.mui.exe	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Oral	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Monterrey	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\Common Files\System\Ole DB\fr-FR\msdasqlr.dll.mui	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-border.png	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Malta.exe	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File opened for modification	C:\Program Files\7-Zip\Lang\ta.txt	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\bin\w2k_lsa_auth.dll	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\203x8subpicture.png	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\classes.jsa	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_elf.dll	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Manaus	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Berlin	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipscat.xml.exe	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\Common Files\System\msadc\msdarem.dll	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\am.pak.exe	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Tunis.exe	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+3.exe	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\7-Zip\Lang\zh-cn.txt.exe	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationRight_ButtonGraphic.png	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfxrt.jar	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\performance.png.exe	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\include\jawt.h	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_content-background.png	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\notification_helper.exe.exe	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\Google\Chrome\Application\chrome.VisualElementsManifest.xml.exe	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\Internet Explorer\IEShims.dll.exe	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\bin\decora-sse.dll	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\Common Files\System\ado\it-IT\msader15.dll.mui	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\Common Files\System\msadc\it-IT\msadcfr.dll.mui.exe	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\TipTsf.dll.mui.exe	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationLeft_ButtonGraphic.png.exe	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\en-US.pak	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\local_policy.jar	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipscsy.xml	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\Common Files\System\Ole DB\oledb32.dll	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jabswitch.exe.exe	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\Java\jdk1.7.0_80\include\jvmticmlr.h.exe	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\New_York	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Macquarie.exe	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationLeft_SelectionSubpicture.png	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Memories_buttonClear.png	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages.properties	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Whitehorse.exe	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\ko-kr.xml	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\Java\jdk1.7.0_80\README.html.exe	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\7-Zip\Lang\fa.txt.exe	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsen.xml.exe	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\Internet Explorer\en-US\F12.dll.mui	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_SelectionSubpicture.png	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jfxmedia.dll.exe	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Title_Page_Ref_PAL.wmv.exe	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\w2k_lsa_auth.dll.exe	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\ffjcext.zip.exe	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File opened for modification	C:\Program Files\7-Zip\Lang\co.txt	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\it-IT\MSTTSLoc.dll.mui.exe	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonInset_Alpha2.png.exe	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\videowall.png	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File opened for modification	C:\Program Files\7-Zip\7z.exe	04f99a1d8e9da45109920a6dcfd7e1a5.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\PreviousMenuButtonIcon.png	04f99a1d8e9da45109920a6dcfd7e1a5.exe

C:\Users\Admin\AppData\Local\Temp\04f99a1d8e9da45109920a6dcfd7e1a5.exe
"C:\Users\Admin\AppData\Local\Temp\04f99a1d8e9da45109920a6dcfd7e1a5.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:1968

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7-zip32.dll.exe

Filesize
1.4MB

MD5
e450c274793154a0c7bbf8f14bba06ca

SHA1
2d22cb12c8b098f2c302d6d06c876dcd44b8c74c

SHA256
cfa2b5c1e33e4a613a7c7e341573f0192fa6293b3c28b427cba85d7968c25be6

SHA512
b549d304a5ccb4662f6f420747fd35da4f2835ceede01dcc41b7c0562c2bc94a973becc40196a50a6bfa1397844bfdc7d9a6f5f13e72d7f7eee463610b5c1191

Download Submit
memory/1968-0-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download
memory/1968-616-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads