6b54bd7511aba6ade5d28dba71f557e0edb85a32ee4716545f81b6b566d00737

Analysis

max time kernel
116s
max time network
33s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
26/12/2023, 00:21

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
Size

1.8MB
MD5

4602bbf5a6b66095aa8fb64f5dd1f0f8
SHA1

05a3aac194cce55b2010109bbb18cb8156b1c91b
SHA256

6b54bd7511aba6ade5d28dba71f557e0edb85a32ee4716545f81b6b566d00737
SHA512

6a95f915e1ea4ea6538509fa414e85e80174462653f97342a35f7d90867e3365768541605865763c8bbf2690535dff07b8309ba400457729bdedb6eefdc16bf1
SSDEEP

24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7NxqUkH0:SCqm2Jpr0nNM7Dus7Nx2U

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/1624-0-0x0000000000400000-0x00000000005BA000-memory.dmp	upx
behavioral1/files/0x003000000001562f-5.dat	upx
behavioral1/memory/1624-359-0x0000000000400000-0x00000000005BA000-memory.dmp	upx

Drops desktop.ini file(s) 1 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\tipresx.dll.mui.exe	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_SelectionSubpicture.png	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\shatter.png	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-background.png	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\7-Zip\Lang\nn.txt.exe	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\Common Files\System\Ole DB\en-US\sqlxmlx.rll.mui.exe	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-previous-static.png	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File opened for modification	C:\Program Files\7-Zip\Lang\tk.txt	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\full.png.exe	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File opened for modification	C:\Program Files\7-Zip\Lang\kab.txt	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\7-Zip\Lang\tg.txt.exe	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\TipTsf.dll.mui.exe	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\Common Files\System\Ole DB\oledbvbs.inc	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\babyblue.png.exe	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\TabIpsps.dll.exe	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\InkObj.dll.mui	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\TipTsf.dll.mui	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-image-mask.png.exe	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push_title.png	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\tabskb.dll.mui.exe	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\7-Zip\Lang\sr-spl.txt.exe	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\To_Do_List.emf.exe	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\ShapeCollector.exe.mui	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationRight_ButtonGraphic.png.exe	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationLeft_ButtonGraphic.png	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Wrinkled_Paper.gif	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VC\msdia100.dll.exe	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee100.tlb.exe	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipscat.xml.exe	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\Common Files\System\ja-JP\wab32res.dll.mui.exe	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\layers.png	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File opened for modification	C:\Program Files\7-Zip\History.txt	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\InkObj.dll.mui	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\mshwjpnr.dll.exe	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Soft Blue.htm.exe	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred.xml	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\7-Zip\Lang\mng.txt.exe	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\FlickLearningWizard.exe.mui.exe	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\Common Files\System\msadc\msaddsr.dll.exe	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\7-Zip\Lang\an.txt.exe	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Connectivity.gif.exe	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ConvertInkStore.exe	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\Common Files\System\Ole DB\it-IT\oledb32r.dll.mui	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_precomp_matte.wmv.exe	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Notes_loop.wmv	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Soft Blue.htm	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\mshwLatin.dll.mui	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\TipRes.dll.mui	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationUp_ButtonGraphic.png.exe	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationUp_SelectionSubpicture.png.exe	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\7-Zip\Lang\sl.txt.exe	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\InputPersonalization.exe.mui.exe	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_SelectionSubpicture.png.exe	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\InkWatson.exe.mui.exe	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\pt-PT\tipresx.dll.mui	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-back-over-select.png.exe	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\pl-PL\tipresx.dll.mui	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File opened for modification	C:\Program Files\7-Zip\Lang\kaa.txt	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File opened for modification	C:\Program Files\7-Zip\Lang\sv.txt	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\Common Files\Microsoft Shared\MSInfo\de-DE\msinfo32.exe.mui.exe	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Notebook.jpg	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsesp.xml.exe	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\play-static.png	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationLeft_SelectionSubpicture.png.exe	4602bbf5a6b66095aa8fb64f5dd1f0f8.exe

C:\Users\Admin\AppData\Local\Temp\4602bbf5a6b66095aa8fb64f5dd1f0f8.exe
"C:\Users\Admin\AppData\Local\Temp\4602bbf5a6b66095aa8fb64f5dd1f0f8.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:1624

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7-zip32.dll.exe

Filesize
34KB

MD5
9dac6fda68996fd9a968dea60206d305

SHA1
3de019dc01e4724cdbfc365f7002752d0fa497a7

SHA256
97840e85b214fd508394187ecf848d392d1a43b0949209333afe175250765df1

SHA512
2bc0614dab4b4b8f0113967993ead7974d55d99da13d8e79f4d996f6492b42295642a4147568feb9c580aae279787d6fece66814f1d2d909306809f90af461a7

Download Submit
memory/1624-0-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download
memory/1624-359-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads