3949bd4b49668145ee123960c0f02e6ecd93257aae318953e9c878b5a819800f

Analysis

max time kernel
149s
max time network
131s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
25/12/2023, 09:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1496ba6c4eb4bd1b89e45b00ab069d4a.exe
Size

1.8MB
MD5

1496ba6c4eb4bd1b89e45b00ab069d4a
SHA1

7cc1b65273117880798b5179c5ac399d098c1fcc
SHA256

3949bd4b49668145ee123960c0f02e6ecd93257aae318953e9c878b5a819800f
SHA512

1ab375d5024f196fc7bd12fa5cd9a3c3ee566a812dbf13767d9ca210d4fef6911c99281ed3bb8d01aa15c5793ff3345fd40578a174e435b838207f448b58cb2b
SSDEEP

24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7Nxqo:SCqm2Jpr0nNM7Dus7Nxp

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/3040-0-0x0000000000400000-0x00000000005BA000-memory.dmp	upx
behavioral1/files/0x0032000000015e24-5.dat	upx
behavioral1/memory/3040-284-0x0000000000400000-0x00000000005BA000-memory.dmp	upx

Drops desktop.ini file(s) 1 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	1496ba6c4eb4bd1b89e45b00ab069d4a.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\tabskb.dll.mui	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\micaut.dll.mui	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\th.pak	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationUp_ButtonGraphic.png.exe	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToNotesBackground_PAL.wmv	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\7-Zip\readme.txt.exe	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File opened for modification	C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee.dll	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\split.avi	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationUp_ButtonGraphic.png.exe	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main.xml	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\Common Files\System\msadc\msdaprsr.dll.exe	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationLeft_ButtonGraphic.png.exe	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\Common Files\Microsoft Shared\MSInfo\es-ES\msinfo32.exe.mui.exe	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-correct.avi	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\Common Files\System\ado\msado26.tlb	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_INTRO_BG_PAL.wmv.exe	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\Common Files\System\msadc\it-IT\msadcer.dll.mui	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Roses.htm.exe	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\baseAltGr_rtl.xml.exe	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrespsh.dat	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\Common Files\System\Ole DB\ja-JP\oledb32r.dll.mui.exe	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\babyblue.png	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\7-Zip\Lang\uz.txt.exe	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\Common Files\System\msadc\msadds.dll	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\ShapeCollector.exe.mui	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationUp_SelectionSubpicture.png.exe	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File opened for modification	C:\Program Files\7-Zip\Lang\sk.txt	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\Common Files\System\Ole DB\es-ES\sqloledb.rll.mui	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsnld.xml.exe	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationLeft_SelectionSubpicture.png.exe	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationLeft_ButtonGraphic.png	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationLeft_ButtonGraphic.png	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationLeft_SelectionSubpicture.png	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\EnterDeny.m4a.exe	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\sl.pak	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\Common Files\Microsoft Shared\MSInfo\ja-JP\msinfo32.exe.mui	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\Common Files\System\ado\adojavas.inc.exe	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-highlight.png	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationUp_SelectionSubpicture.png	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File opened for modification	C:\Program Files\7-Zip\Lang\ca.txt	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\AssertRestart.nfo.exe	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\InputPersonalization.exe.mui	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-delete.avi.exe	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File opened for modification	C:\Program Files\Common Files\Microsoft Shared\Filters\msgfilt.dll	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\Common Files\System\ado\adojavas.inc	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Orange Circles.htm.exe	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\tabskb.dll.mui	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\Common Files\System\msadc\en-US\msadcor.dll.mui	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_LOOP_BG_PAL.wmv	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu.xml.exe	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File opened for modification	C:\Program Files\7-Zip\Lang\ro.txt	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\tipresx.dll.mui.exe	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\DVD Maker\de-DE\OmdProject.dll.mui.exe	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\Common Files\Microsoft Shared\MSInfo\msinfo32.exe	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Shorthand.emf	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\tipresx.dll.mui.exe	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\blackbars60.png	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\whitemask1047.png.exe	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\mshwLatin.dll.mui.exe	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_PreComp_MATTE_PAL.wmv.exe	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationUp_ButtonGraphic.png.exe	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\7-Zip\Lang\et.txt.exe	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\selection_subpicture.png.exe	1496ba6c4eb4bd1b89e45b00ab069d4a.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrdeush.dat.exe	1496ba6c4eb4bd1b89e45b00ab069d4a.exe

C:\Users\Admin\AppData\Local\Temp\1496ba6c4eb4bd1b89e45b00ab069d4a.exe
"C:\Users\Admin\AppData\Local\Temp\1496ba6c4eb4bd1b89e45b00ab069d4a.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:3040

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7-zip32.dll.exe

Filesize
792KB

MD5
bccfea5c167388a29f62b941928cd565

SHA1
03f2c452991ae680448d4aa3555f60ba5c5f397a

SHA256
2e298fc8147231311ec7c4fe28fa66d43e2eedda6ef0b700bef47c83dc4afa14

SHA512
1f6cee1e04ffcb68ee365277679310e478f2dad9afdd25aec689a23e391214e7bad451474b2cb32600accf3894c237ec15c9093d4b2d4e3b69275013b342df85

Download Submit
memory/3040-0-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download
memory/3040-284-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads