6cac8f5e39a36c6318e58b602d81f5bcbf6f1d0ef6d693c4938f5ce371b2673d

Analysis

max time kernel
119s
max time network
120s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
25/12/2023, 08:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

10cc512c31c2c108467bd51bee3b97a9.exe
Size

1.9MB
MD5

10cc512c31c2c108467bd51bee3b97a9
SHA1

87baafae7d352f11abf2645764796887f4e2ab61
SHA256

6cac8f5e39a36c6318e58b602d81f5bcbf6f1d0ef6d693c4938f5ce371b2673d
SHA512

69720d08f61e4889738ace85a1f1bf5e76ee7e77356842ec78cab4d1e2113592f0f9916f2dfb23cd1e3f353fcae9d2930b9508be9cf720ce38e536f0ce6d9618
SSDEEP

24576:314wRv8HY4CaewsAjRhbF2dZXIBzwKdYVjp17Y:j8H9lljRhbuRKwpBY

Score

6^/10

Malware Config

Signatures

Drops desktop.ini file(s) 6 IoCs

description	ioc	Process
File created	\??\c:\Program Files\desktop.ini	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\desktop.ini	10cc512c31c2c108467bd51bee3b97a9.exe
File created	\??\c:\$Recycle.Bin\S-1-5-21-3818056530-936619650-3554021955-1000\desktop.ini	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\$Recycle.Bin\S-1-5-21-3818056530-936619650-3554021955-1000\desktop.ini	10cc512c31c2c108467bd51bee3b97a9.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	10cc512c31c2c108467bd51bee3b97a9.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File opened for modification	\??\c:\Program Files\Google\Chrome\Application\106.0.5249.119\106.0.5249.119.manifest	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Genko_2.emf	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyScenesBackground_PAL.wmv	10cc512c31c2c108467bd51bee3b97a9.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-border.png	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_jpn.xml	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\Internet Explorer\en-US\ieinstal.exe.mui	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\Internet Explorer\en-US\networkinspection.dll.mui	10cc512c31c2c108467bd51bee3b97a9.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationUp_ButtonGraphic.png	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\Google\Chrome\Application\106.0.5249.119\optimization_guide_internal.dll	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\db\bin\dblook.bat	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\ipsptb.xml	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\DVD Maker\en-US\DVDMaker.exe.mui	10cc512c31c2c108467bd51bee3b97a9.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationUp_SelectionSubpicture.png	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Travel\travel.png	10cc512c31c2c108467bd51bee3b97a9.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\es-ES\InkObj.dll.mui	10cc512c31c2c108467bd51bee3b97a9.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\IPSEventLogMsg.dll	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\Common Files\System\msadc\fr-FR\msdaprsr.dll.mui	10cc512c31c2c108467bd51bee3b97a9.exe
File created	\??\c:\Program Files\Common Files\System\msadc\msaddsr.dll	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationUp_SelectionSubpicture.png	10cc512c31c2c108467bd51bee3b97a9.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Performance\ParentMenuButtonIcon.png	10cc512c31c2c108467bd51bee3b97a9.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationLeft_SelectionSubpicture.png	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkServerCP.bat	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\Content.xml	10cc512c31c2c108467bd51bee3b97a9.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\micaut.dll	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\Common Files\System\msadc\fr-FR\msadcor.dll.mui	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\bin\sawindbg.dll	10cc512c31c2c108467bd51bee3b97a9.exe
File created	\??\c:\Program Files\Common Files\System\fr-FR\wab32res.dll.mui	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_pl.jar	10cc512c31c2c108467bd51bee3b97a9.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\whitevignette1047.png	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\bin\ssvagent.exe	10cc512c31c2c108467bd51bee3b97a9.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\it-IT\micaut.dll.mui	10cc512c31c2c108467bd51bee3b97a9.exe
File created	\??\c:\Program Files\Common Files\System\ado\en-US\msader15.dll.mui	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-backglow.png	10cc512c31c2c108467bd51bee3b97a9.exe
File created	\??\c:\Program Files\Common Files\System\ado\ja-JP\msader15.dll.mui	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\bin\JAWTAccessBridge-64.dll	10cc512c31c2c108467bd51bee3b97a9.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\es-ES\IPSEventLogMsg.dll.mui	10cc512c31c2c108467bd51bee3b97a9.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\ipsptb.xml	10cc512c31c2c108467bd51bee3b97a9.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\White_Chocolate.jpg	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\Common Files\System\msadc\it-IT\msadcer.dll.mui	10cc512c31c2c108467bd51bee3b97a9.exe
File created	\??\c:\Program Files\Common Files\System\Ole DB\ja-JP\sqloledb.rll.mui	10cc512c31c2c108467bd51bee3b97a9.exe
File created	\??\c:\Program Files\Internet Explorer\DiagnosticsTap.dll	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\TipRes.dll.mui	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\hwruksh.dat	10cc512c31c2c108467bd51bee3b97a9.exe
File created	\??\c:\Program Files\Common Files\System\msadc\fr-FR\msadcfr.dll.mui	10cc512c31c2c108467bd51bee3b97a9.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Push\push_title.png	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\7-Zip\7-zip32.dll	10cc512c31c2c108467bd51bee3b97a9.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\tipresx.dll.mui	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationLeft_ButtonGraphic.png	10cc512c31c2c108467bd51bee3b97a9.exe
File created	\??\c:\Program Files\DVD Maker\fr-FR\OmdProject.dll.mui	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-image-mask.png	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\TipRes.dll.mui	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\MSInfo\it-IT\msinfo32.exe.mui	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\Common Files\System\msadc\it-IT\msdaremr.dll.mui	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationUp_ButtonGraphic.png	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Sports\NavigationButtonSubpicture.png	10cc512c31c2c108467bd51bee3b97a9.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonInset_Alpha1.png	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationLeft_SelectionSubpicture.png	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\de-DE\InkObj.dll.mui	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad.xml	10cc512c31c2c108467bd51bee3b97a9.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\mainimage-mask.png	10cc512c31c2c108467bd51bee3b97a9.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\pagecurl.png	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\bin\wsdetect.dll	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Travel\button-highlight.png	10cc512c31c2c108467bd51bee3b97a9.exe
File opened for modification	\??\c:\Program Files\7-Zip\Lang\vi.txt	10cc512c31c2c108467bd51bee3b97a9.exe

C:\Users\Admin\AppData\Local\Temp\10cc512c31c2c108467bd51bee3b97a9.exe
"C:\Users\Admin\AppData\Local\Temp\10cc512c31c2c108467bd51bee3b97a9.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:1696

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\osetup.dll

Filesize
2.7MB

MD5
3ff8febec402a15d513ff436c67f7784

SHA1
159f4e6b092ea90c83b097f992e03cb6823613bd

SHA256
38314c62b0da0ace45d6d71bcf3a9f549f3df1793b0562869fe2481065809d0f

SHA512
6c5bc2b50f727ed3af3c54eaa28b1beae83902dc483ac9e5df7fc3b8a75ea899b49473f94709f79f42c5fe5e2c14ee9fab19d3ff2833af8af427acd826210466

Download Submit
C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_pwa_launcher.exe

Filesize
5B

MD5
b5b682b742431a52ea8b17c72ad9c572

SHA1
326320f469235708c59f678c9a7357dca552d306

SHA256
30d9045a9f172208b13161d1f5204e5787e5e07bfbb4f490d0041b03b7f44f76

SHA512
4e1bd7cc616b3115baf6be7ebd29fe2d1123bc0f25464865a0cf9207b0344fba70747a5ce6f00e8d9c696881f6db1e12f81736bc748b6f2b60bf84c681a49163

Download Submit
C:\Program Files\Java\jdk1.7.0_80\db\bin\stopNetworkServer

Filesize
5KB

MD5
6b99099c6a9b959f824e420676fe3dc8

SHA1
ba9e3b5f2f7f710d263272019be5bf5db33bf614

SHA256
34d5d8dc208ef8c73bb46fb3002fa22b8954d52a4e53be3c56b9801aeab56918

SHA512
dfe061ddec4106e68c8ea789009b0e6bf7d27072bebd0bdb724e4ccadd215b9122b04198bbc362753e2b35af16d993ddf89b44b29bb79c0e7a16eeb97f3b3d26

Download Submit
memory/1696-0-0x0000000000400000-0x000000000040A000-memory.dmp

Filesize
40KB

Download
memory/1696-544-0x0000000000400000-0x000000000040A000-memory.dmp

Filesize
40KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads