6ee591fa2cdb0df27177a8904e1a16687314d90a62f4c9ad04380307f1332736

Analysis

max time kernel
151s
max time network
140s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
26/12/2023, 11:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

69b0db900c3342e04345e2f3ba2d5c33.exe
Size

1.8MB
MD5

69b0db900c3342e04345e2f3ba2d5c33
SHA1

38fe867819a61d962cd16e74d566880ec5fb2266
SHA256

6ee591fa2cdb0df27177a8904e1a16687314d90a62f4c9ad04380307f1332736
SHA512

36b71ed7cb824914a55ddb25bcb201ee58a130837f325286b003ba135da832ae61473f8b1f3bff7f935b8e7acb071ab5ff7d58ba8b4918bcd519426504b9305b
SSDEEP

24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7NxqUkHA:SCqm2Jpr0nNM7Dus7Nx2g

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/1700-0-0x0000000000400000-0x00000000005BA000-memory.dmp	upx
behavioral1/files/0x0009000000015dd6-5.dat	upx
behavioral1/memory/1700-166-0x0000000000400000-0x00000000005BA000-memory.dmp	upx

Drops desktop.ini file(s) 1 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	69b0db900c3342e04345e2f3ba2d5c33.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationRight_ButtonGraphic.png.exe	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationLeft_SelectionSubpicture.png	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll.exe	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOMessageProvider.dll.exe	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Garden.jpg.exe	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\tipresx.dll.mui.exe	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwresplm.dat.exe	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\nb-NO\tipresx.dll.mui	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\DVD Maker\Eurosti.TTF.exe	69b0db900c3342e04345e2f3ba2d5c33.exe
File opened for modification	C:\Program Files\7-Zip\Lang\da.txt	69b0db900c3342e04345e2f3ba2d5c33.exe
File opened for modification	C:\Program Files\7-Zip\Lang\gu.txt	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passportcover.png	69b0db900c3342e04345e2f3ba2d5c33.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\WidevineCdm\manifest.json	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\7-Zip\readme.txt.exe	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_mainImage-mask.png	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\Common Files\System\msadc\es-ES\msadcer.dll.mui.exe	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_rgb.wmv.exe	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\mshwLatin.dll.mui	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\Common Files\System\Ole DB\de-DE\sqlxmlx.rll.mui	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\Common Files\System\es-ES\wab32res.dll.mui	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\scrapbook.png.exe	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\micaut.dll.mui.exe	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\Common Files\System\Ole DB\es-ES\oledb32r.dll.mui	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToScenesBackground.wmv	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\Common Files\System\msadc\handler.reg.exe	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\whitemask1047.png.exe	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_wer.dll.exe	69b0db900c3342e04345e2f3ba2d5c33.exe
File opened for modification	C:\Program Files\7-Zip\Lang\be.txt	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_rgb.wmv	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Pine_Lumber.jpg.exe	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationUp_SelectionSubpicture.png	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\title_stripe.png	69b0db900c3342e04345e2f3ba2d5c33.exe
File opened for modification	C:\Program Files\7-Zip\Lang\kab.txt	69b0db900c3342e04345e2f3ba2d5c33.exe
File opened for modification	C:\Program Files\7-Zip\Lang\va.txt	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Notes_btn-back-static.png.exe	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\tipresx.dll.mui.exe	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationUp_ButtonGraphic.png	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\fi.pak.exe	69b0db900c3342e04345e2f3ba2d5c33.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\sk.pak	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\7-Zip\Lang\ko.txt.exe	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\mshwLatin.dll.mui.exe	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationRight_SelectionSubpicture.png	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationLeft_ButtonGraphic.png	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\reflect.png.exe	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\7-Zip\License.txt.exe	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOInstaller.exe.exe	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationRight_SelectionSubpicture.png	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_specialocc_Thumbnail.bmp.exe	69b0db900c3342e04345e2f3ba2d5c33.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\cs.pak	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwresslm.dat.exe	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationLeft_SelectionSubpicture.png	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-previous-static.png.exe	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToNotesBackground.wmv	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\cs.pak.exe	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Month_Calendar.emf.exe	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\Common Files\System\ado\msador15.dll	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrcatlm.dat	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Notes_content-background.png.exe	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\203x8subpicture.png	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\mr.pak.exe	69b0db900c3342e04345e2f3ba2d5c33.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\WidevineCdm\_platform_specific\win_x64\widevinecdm.dll.sig	69b0db900c3342e04345e2f3ba2d5c33.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_100_percent.pak	69b0db900c3342e04345e2f3ba2d5c33.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPCEXT.DLL.exe	69b0db900c3342e04345e2f3ba2d5c33.exe

C:\Users\Admin\AppData\Local\Temp\69b0db900c3342e04345e2f3ba2d5c33.exe
"C:\Users\Admin\AppData\Local\Temp\69b0db900c3342e04345e2f3ba2d5c33.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:1700

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7-zip32.dll.exe

Filesize
91KB

MD5
d9dde57c7f3065f12964703f04c5315a

SHA1
b45c5a58c795ec11b2bc2df27868dac43639aef6

SHA256
a646a68cfb92bdd2140e9e2527b677c6463b489ca3a4b1f921db48a0d159f41c

SHA512
8ecc16f66769f857422e624b95bb91fe4e1d60d607031c09119762eb85257f53743bda3e4876d60dbb3301b7f7ec7dd6ddc198b579812704adf4cdf67f157485

Download Submit
memory/1700-0-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download
memory/1700-166-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads