3de742860a1d593ba591dfd8be6b7093db97ae625ee7e99b5c4fc002784618df

Analysis

max time kernel
133s
max time network
127s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
26/12/2023, 03:46

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

5188ee57684f49027e7c46f5e171f749.exe
Size

1.8MB
MD5

5188ee57684f49027e7c46f5e171f749
SHA1

d11afeae6940b914498add34594ca6aa7f425e79
SHA256

3de742860a1d593ba591dfd8be6b7093db97ae625ee7e99b5c4fc002784618df
SHA512

69a2a149b8d79141fb99d9a227335fab6f5f1616b780c2068fd1405edf006129e7d498779d3e7209f90021b7982e32f8f2e5240e7275364f1cb0c450dad4e391
SSDEEP

24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7Nxqf:SCqm2Jpr0nNM7Dus7Nxi

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/2044-0-0x0000000000400000-0x00000000005BA000-memory.dmp	upx
behavioral1/files/0x0007000000016d3b-5.dat	upx
behavioral1/memory/2044-247-0x0000000000400000-0x00000000005BA000-memory.dmp	upx

Drops desktop.ini file(s) 1 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	5188ee57684f49027e7c46f5e171f749.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\symbase.xml.exe	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationRight_ButtonGraphic.png.exe	5188ee57684f49027e7c46f5e171f749.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\bin\wsdetect.dll	5188ee57684f49027e7c46f5e171f749.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\splash.gif	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\TipBand.dll.mui.exe	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\InkObj.dll.mui	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\zh-TW\tipresx.dll.mui.exe	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\Common Files\System\msadc\es-ES\msadcer.dll.mui	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationRight_ButtonGraphic.png.exe	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\1047x576black.png.exe	5188ee57684f49027e7c46f5e171f749.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Havana	5188ee57684f49027e7c46f5e171f749.exe
File opened for modification	C:\Program Files\7-Zip\Lang\be.txt	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Genko_1.emf.exe	5188ee57684f49027e7c46f5e171f749.exe
File opened for modification	C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee.dll	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrenclm.dat	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\Common Files\System\msadc\de-DE\msadcor.dll.mui.exe	5188ee57684f49027e7c46f5e171f749.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\bin\orbd.exe	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\libxml2.dll.exe	5188ee57684f49027e7c46f5e171f749.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Atikokan	5188ee57684f49027e7c46f5e171f749.exe
File opened for modification	C:\Program Files\7-Zip\Lang\mn.txt	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\sv-SE\tipresx.dll.mui	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\Common Files\System\Ole DB\it-IT\oledb32r.dll.mui.exe	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\Common Files\System\msadc\it-IT\msdaprsr.dll.mui.exe	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationRight_SelectionSubpicture.png	5188ee57684f49027e7c46f5e171f749.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\bin\keytool.exe	5188ee57684f49027e7c46f5e171f749.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaTypewriterRegular.ttf	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\micaut.dll.mui.exe	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\TipBand.dll.mui	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\button-highlight.png.exe	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\CircleSubpicture.png	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png.exe	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\DVD Maker\audiodepthconverter.ax.exe	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\DVD Maker\es-ES\DVDMaker.exe.mui	5188ee57684f49027e7c46f5e171f749.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\mr.pak	5188ee57684f49027e7c46f5e171f749.exe
File opened for modification	C:\Program Files\7-Zip\Lang\mk.txt	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\gstreamer-lite.dll.exe	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\Common Files\System\msadc\fr-FR\msadcfr.dll.mui	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-highlight.png	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\DVD Maker\de-DE\WMM2CLIP.dll.mui	5188ee57684f49027e7c46f5e171f749.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ca.pak	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jar.exe.exe	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_es.properties.exe	5188ee57684f49027e7c46f5e171f749.exe
File opened for modification	C:\Program Files\Common Files\Microsoft Shared\VC\msdia90.dll	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-over-DOT.png	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\dt_shmem.dll.exe	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\InkObj.dll.mui	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.MOF.exe	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\InkDiv.dll	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\zh-CN\tipresx.dll.mui.exe	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\Common Files\System\Ole DB\de-DE\sqloledb.rll.mui	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\Common Files\System\msadc\adcvbs.inc.exe	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_LOOP_BG.wmv.exe	5188ee57684f49027e7c46f5e171f749.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\bin\javacpl.exe	5188ee57684f49027e7c46f5e171f749.exe
File opened for modification	C:\Program Files\7-Zip\Lang\lv.txt	5188ee57684f49027e7c46f5e171f749.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\sunmscapi.jar	5188ee57684f49027e7c46f5e171f749.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Salta	5188ee57684f49027e7c46f5e171f749.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\bin\kcms.dll	5188ee57684f49027e7c46f5e171f749.exe
File opened for modification	C:\Program Files\Internet Explorer\SIGNUP\install.ins	5188ee57684f49027e7c46f5e171f749.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jli.dll	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\Common Files\System\fr-FR\wab32res.dll.mui.exe	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\7-Zip\Lang\fi.txt.exe	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-shadow.png.exe	5188ee57684f49027e7c46f5e171f749.exe
File opened for modification	C:\Program Files\InstallMerge.png	5188ee57684f49027e7c46f5e171f749.exe
File created	C:\Program Files\7-Zip\7z.dll.exe	5188ee57684f49027e7c46f5e171f749.exe

C:\Users\Admin\AppData\Local\Temp\5188ee57684f49027e7c46f5e171f749.exe
"C:\Users\Admin\AppData\Local\Temp\5188ee57684f49027e7c46f5e171f749.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:2044

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7-zip32.dll.exe

Filesize
381KB

MD5
2e6c5fa5421dc2472b426f9e20bb1a8d

SHA1
858ea62ed936482d0139a2a9f72f6471efb52c02

SHA256
cc29fe4d92038da803cb7fb2b12fd66ed619f330a923a3ff4914cd1c37061ed9

SHA512
1801fe226fe479c26e616e68d0f0b460565e81fc47485baf376f54c32c9e761b39dee0958b198be68a6b4388afd12e29070196f54475c8821831f0b6c6ac407f

Download Submit
memory/2044-0-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download
memory/2044-247-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads