33dbb85983b95b6219d9801685f2d973b8f6fd908e3bfeb1ad94518e1d1dc9de

Analysis

max time kernel
164s
max time network
127s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
25-12-2023 18:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

34deae57bdaaeac6a211b491516d12d3.exe
Size

1.8MB
MD5

34deae57bdaaeac6a211b491516d12d3
SHA1

b4635650f91f0842f583172bd5557e45286b31a7
SHA256

33dbb85983b95b6219d9801685f2d973b8f6fd908e3bfeb1ad94518e1d1dc9de
SHA512

1a8d25c41388f7d294bd8e80baf8afe949d7bcb45307f8b5470a253d685b45cb17f77b758c1373a9df9089db08636a1ad93216ff810a989fa23af82534229fd3
SSDEEP

24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7NxqUkH1:SCqm2Jpr0nNM7Dus7Nx2V

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/2684-0-0x0000000000400000-0x00000000005BA000-memory.dmp	upx
behavioral1/files/0x0035000000015c9a-5.dat	upx
behavioral1/memory/2684-400-0x0000000000400000-0x00000000005BA000-memory.dmp	upx

Drops desktop.ini file(s) 1 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	34deae57bdaaeac6a211b491516d12d3.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File opened for modification	C:\Program Files\7-Zip\Lang\uk.txt	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Monet.jpg	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\bear_formatted_matte2.wmv	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationLeft_ButtonGraphic.png.exe	34deae57bdaaeac6a211b491516d12d3.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\bin\verify.dll	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\Common Files\System\msadc\it-IT\msdaprsr.dll.mui	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\106.0.5249.119.manifest.exe	34deae57bdaaeac6a211b491516d12d3.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\bin\dtplugin\deployJava1.dll	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\7-Zip\7z.dll.exe	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPCEXT.DLL.exe	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\ShapeCollector.exe.mui.exe	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\Common Files\System\ado\es-ES\msader15.dll.mui.exe	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-ImageMask.png.exe	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationUp_ButtonGraphic.png.exe	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPOBJS.DLL.exe	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\auxbase.xml	34deae57bdaaeac6a211b491516d12d3.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Extensions\external_extensions.json	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrcommonlm.dat	34deae57bdaaeac6a211b491516d12d3.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\bin\java.dll	34deae57bdaaeac6a211b491516d12d3.exe
File opened for modification	C:\Program Files\7-Zip\Lang\co.txt	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ta.pak.exe	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\vi.pak.exe	34deae57bdaaeac6a211b491516d12d3.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\jce.jar	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe.exe	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\Common Files\System\ado\fr-FR\msader15.dll.mui.exe	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-highlight.png.exe	34deae57bdaaeac6a211b491516d12d3.exe
File opened for modification	C:\Program Files\7-Zip\Lang\lt.txt	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\White_Chocolate.jpg	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\IpsMigrationPlugin.dll.mui	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred.xml.exe	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwresmlm.dat.exe	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_INTRO_BG_PAL.wmv.exe	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\Common Files\System\msadc\es-ES\msdaremr.dll.mui.exe	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\Common Files\System\msadc\msadcer.dll.exe	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Notes_loop.wmv	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationRight_ButtonGraphic.png	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\startNetworkServer.bat.exe	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\logging.properties.exe	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\15x15dot.png	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\tabskb.dll.mui	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_sv.properties.exe	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ConvertInkStore.exe	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\navSubpicture.png.exe	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Title_Page_Ref.wmv	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_highlights_Thumbnail.bmp	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightDemiBold.ttf.exe	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\TipBand.dll.mui.exe	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\Common Files\Services\verisign.bmp.exe	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\Common Files\System\msadc\msadcer.dll	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_Buttongraphic.png	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationRight_ButtonGraphic.png.exe	34deae57bdaaeac6a211b491516d12d3.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_it.jar	34deae57bdaaeac6a211b491516d12d3.exe
File opened for modification	C:\Program Files\7-Zip\Lang\sw.txt	34deae57bdaaeac6a211b491516d12d3.exe
File opened for modification	C:\Program Files\7-Zip\Lang\yo.txt	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\mainimage-mask.png.exe	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_buttongraphic.png.exe	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\he.pak.exe	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\Common Files\System\en-US\wab32res.dll.mui	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToScenesBackground.wmv.exe	34deae57bdaaeac6a211b491516d12d3.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\fa.pak	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\javacpl.exe.exe	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\jce.jar.exe	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Genko_2.emf	34deae57bdaaeac6a211b491516d12d3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-highlight.png	34deae57bdaaeac6a211b491516d12d3.exe

C:\Users\Admin\AppData\Local\Temp\34deae57bdaaeac6a211b491516d12d3.exe
"C:\Users\Admin\AppData\Local\Temp\34deae57bdaaeac6a211b491516d12d3.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:2684

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7-zip32.dll.exe

Filesize
1.4MB

MD5
73c2622a78daf840d11df9f076be5d74

SHA1
ef47ffb6c4feba517bfce9fe3eecb3fa6cb6c37a

SHA256
2a825e6914b288202f89d42dee09ae62e561906d2d0f8f9ed4d64ab57ef16f2c

SHA512
85b3fb906673b04857769b387eaed0aac0615403156cf1c110220ab98850b9c85c0088eb47ec42b46f7e35393b7e6b1d5df9436a08f2c238d37883f636da4950

Download Submit
memory/2684-0-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download
memory/2684-400-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads