Analysis
-
max time kernel
121s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
25-12-2023 05:18
Static task
static1
Behavioral task
behavioral1
Sample
0766c4c26fcb1f4769b2a7a3aeb501b4.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
0766c4c26fcb1f4769b2a7a3aeb501b4.exe
Resource
win10v2004-20231215-en
General
-
Target
0766c4c26fcb1f4769b2a7a3aeb501b4.exe
-
Size
140KB
-
MD5
0766c4c26fcb1f4769b2a7a3aeb501b4
-
SHA1
d8e00b4b6b819731841f63ad19e397fb0948f84e
-
SHA256
156c3a74b50681eace55a55f3736b303ddac90b16ac7761d916940f5747a5a81
-
SHA512
d8788d344bbb7df13fe5b67c7ee9722eb11cb0aed7f22c04bea6b8cd66928215ab083fab824f6148cc3b67412dfc94f3389d293960fa127606445d709e19781f
-
SSDEEP
1536:aaqR4ON/tQi99rtuUXKIs4/18bz/uf3YTpIPzo6TtxY9UzGbreOTeY+TGx7Wac/I:a2i99xNKkOzyIT2PzfTyRSO5+TyiacA
Malware Config
Signatures
-
Drops desktop.ini file(s) 6 IoCs
description ioc Process File created \??\c:\$Recycle.Bin\S-1-5-21-3427588347-1492276948-3422228430-1000\desktop.ini 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\$Recycle.Bin\S-1-5-21-3427588347-1492276948-3422228430-1000\desktop.ini 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File created \??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File created \??\c:\Program Files\desktop.ini 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\desktop.ini 0766c4c26fcb1f4769b2a7a3aeb501b4.exe -
Drops file in Program Files directory 64 IoCs
description ioc Process File created \??\c:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToNotesBackground_PAL.wmv 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Damascus 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\com.jrockit.mc.rcp.product_root_5.5.0.165303 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\jre\bin\javacpl.exe 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Danmarkshavn 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File created \??\c:\Program Files\Common Files\Microsoft Shared\ink\en-US\tipresx.dll.mui 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File created \??\c:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\baseAltGr_rtl.xml 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\DismountUninstall.mpg 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File created \??\c:\Program Files\DVD Maker\Shared\DvdStyles\Travel\play-background.png 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File created \??\c:\Program Files\Internet Explorer\en-US\F12.dll.mui 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\Common Files\Microsoft Shared\Filters\VISFILT.DLL 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\Common Files\Microsoft Shared\ink\ipsnor.xml 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\Common Files\Microsoft Shared\OFFICE14\CsiSoap.dll 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File created \??\c:\Program Files\Common Files\System\msadc\de-DE\msadcfr.dll.mui 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File created \??\c:\Program Files\Internet Explorer\perf_nt.dll 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\jre\bin\JavaAccessBridge-64.dll 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File created \??\c:\Program Files\Common Files\Microsoft Shared\ink\FlickAnimation.avi 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File created \??\c:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\IPSEventLogMsg.dll.mui 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File created \??\c:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSFrontendENU.dll 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File created \??\c:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationLeft_SelectionSubpicture.png 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationRight_SelectionSubpicture.png 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File created \??\c:\Program Files\Common Files\Microsoft Shared\ink\lv-LV\tipresx.dll.mui 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File created \??\c:\Program Files\Common Files\System\msadc\es-ES\msadcor.dll.mui 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-highlight.png 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File created \??\c:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-split.avi 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\Common Files\Microsoft Shared\ink\zh-CN\tipresx.dll.mui 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dushanbe 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\Common Files\Microsoft Shared\ink\de-DE\mip.exe.mui 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\AST4 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File created \??\c:\Program Files\Common Files\System\msadc\en-US\msadcor.dll.mui 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\DVD Maker\Shared\DvdStyles\Performance\userContent_16x9_imagemask.png 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-shadow.png 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\1047x576black.png 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\PYCC.pf 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File created \??\c:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsScenesBackground_PAL.wmv 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File created \??\c:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMainMask_PAL.wmv 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\rarrow.gif 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\7-Zip\Lang\ku-ckb.txt 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File created \??\c:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\tipresx.dll.mui 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\Common Files\Microsoft Shared\ink\lv-LV\tipresx.dll.mui 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\Common Files\System\msadc\es-ES\msdaprsr.dll.mui 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File created \??\c:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationRight_SelectionSubpicture.png 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\topnav.gif 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\db\lib\derby.war 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\jre\bin\jfxmedia.dll 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Srednekolymsk 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File created \??\c:\Program Files\Common Files\Microsoft Shared\ink\en-US\IPSEventLogMsg.dll.mui 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\Common Files\Microsoft Shared\ink\InkDiv.dll 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File created \??\c:\Program Files\Common Files\System\msadc\en-US\msaddsr.dll.mui 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\DVD Maker\de-DE\OmdProject.dll.mui 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\Google\Chrome\Application\106.0.5249.119\optimization_guide_internal.dll 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_zh_TW.properties 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\Common Files\Microsoft Shared\ink\de-DE\InkObj.dll.mui 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File created \??\c:\Program Files\Common Files\Microsoft Shared\ink\pl-PL\tipresx.dll.mui 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\Common Files\Microsoft Shared\VC\msdia90.dll 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationUp_SelectionSubpicture.png 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\DVD Maker\Shared\DvdStyles\Travel\Passport_PAL.wmv 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_leftarrow.png 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File created \??\c:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-background.png 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File created \??\c:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationUp_SelectionSubpicture.png 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu.xml 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File created \??\c:\Program Files\Common Files\Microsoft Shared\ink\hwrfralm.dat 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File opened for modification \??\c:\Program Files\Common Files\Microsoft Shared\OFFICE14\Csi.dll 0766c4c26fcb1f4769b2a7a3aeb501b4.exe File created \??\c:\Program Files\Common Files\System\msadc\de-DE\msdaprsr.dll.mui 0766c4c26fcb1f4769b2a7a3aeb501b4.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
5.7MB
MD5078981441fce31da3cf3266708037da6
SHA11c2b215e59b0b954bf9c1fcb0947f00e0655b599
SHA25658d7ed13fb5be32ad7eec01c8a8f45a44bac8f5901677aa194664891cc533559
SHA5128dc8d2d7c39e1d519be350a58113e8378c9ff244accaaf6c620ee7252ba88c8caaf89474ea24c3515627feaaa037c56dd678601dc9214c37b70db099bc907eef
-
C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser_5.5.0.165303.jar
Filesize5B
MD5b5b682b742431a52ea8b17c72ad9c572
SHA1326320f469235708c59f678c9a7357dca552d306
SHA25630d9045a9f172208b13161d1f5204e5787e5e07bfbb4f490d0041b03b7f44f76
SHA5124e1bd7cc616b3115baf6be7ebd29fe2d1123bc0f25464865a0cf9207b0344fba70747a5ce6f00e8d9c696881f6db1e12f81736bc748b6f2b60bf84c681a49163