a3058738b647df6472d0e2bdd49ee2e3a535facfaf57bae534fead3e98126bbd

Analysis

max time kernel
119s
max time network
124s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
26/12/2023, 12:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6eac95e9171ccf1010823db206847946.exe
Size

2.8MB
MD5

6eac95e9171ccf1010823db206847946
SHA1

387aa0ad3a8e47552a3628c5cbccaa422a8b5ac4
SHA256

a3058738b647df6472d0e2bdd49ee2e3a535facfaf57bae534fead3e98126bbd
SHA512

0277e0fff34262b0fbe69de5d04700e893e504dfd2ade3cb68f283040a992f295d95e951ecb91ac4aa6376e7e753654b59e70f11e80cc29a039b42c8ac5a4794
SSDEEP

24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7NxqUkHE6pQPxQ2JyP2r5mJV91s:SCqm2Jpr0nNM7Dus7Nx2kCqm2Jpr0nQ

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/2952-0-0x0000000000400000-0x00000000005BA000-memory.dmp	upx
behavioral1/files/0x0034000000016247-5.dat	upx
behavioral1/memory/2952-294-0x0000000000400000-0x00000000005BA000-memory.dmp	upx

Drops desktop.ini file(s) 1 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	6eac95e9171ccf1010823db206847946.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\NavigationButtonSubpicture.png.exe	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Wrinkled_Paper.gif	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\ja-jp.xml	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\zh-changjei.xml	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipssrl.xml	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\join.avi	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\InputPersonalization.exe.mui.exe	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\ShapeCollector.exe.mui	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\System\Ole DB\fr-FR\oledb32r.dll.mui.exe	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\System\ja-JP\wab32res.dll.mui	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\TipBand.dll.mui	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\rtscom.dll.mui	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\decorative_rule.png	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationRight_SelectionSubpicture.png.exe	6eac95e9171ccf1010823db206847946.exe
File opened for modification	C:\Program Files\7-Zip\7z.exe	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\7-Zip\Lang\af.txt.exe	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\mshwgst.dll.exe	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\es-ES\MSTTSLoc.dll.mui	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\System\msadc\fr-FR\msadcfr.dll.mui	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.MOF.exe	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\CompleteRedo.xps.exe	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\TitleButtonSubpicture.png.exe	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\System\ado\it-IT\msader15.dll.mui.exe	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyNotesBackground_PAL.wmv.exe	6eac95e9171ccf1010823db206847946.exe
File opened for modification	C:\Program Files\7-Zip\Lang\cs.txt	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Filters\VISFILT.DLL.exe	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\TipRes.dll.mui.exe	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\baseAltGr_rtl.xml	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_mainImage-mask.png.exe	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_INTRO_BG_PAL.wmv	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\specialoccasion.png.exe	6eac95e9171ccf1010823db206847946.exe
File opened for modification	C:\Program Files\7-Zip\Lang\mng.txt	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\7-Zip\Lang\sr-spl.txt.exe	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe.exe	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\ea.xml	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrdeulm.dat	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\InkObj.dll.mui	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\InputPersonalization.exe.mui	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\mshwLatin.dll.mui	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\specialoccasion.png	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Memo.emf	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationUp_ButtonGraphic.png.exe	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ConvertInkStore.exe	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\tabskb.dll.mui.exe	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ru-RU\tipresx.dll.mui	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\System\Ole DB\es-ES\msdasqlr.dll.mui.exe	6eac95e9171ccf1010823db206847946.exe
File opened for modification	C:\Program Files\7-Zip\Lang\ga.txt	6eac95e9171ccf1010823db206847946.exe
File opened for modification	C:\Program Files\7-Zip\Lang\sr-spc.txt	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\Microsoft Shared\MSInfo\es-ES\msinfo32.exe.mui.exe	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Seyes.emf.exe	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationRight_SelectionSubpicture.png	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\1047_576black.png	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\1047x576black.png.exe	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationRight_SelectionSubpicture.png.exe	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\System\msadc\ja-JP\msadcfr.dll.mui	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\System\msadc\msdaprsr.dll	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\MainMenuButtonIcon.png	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\title_stripe.png.exe	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\ParentMenuButtonIconSubpict.png	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini.exe	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\ShadesOfBlue.jpg	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\tipskins.dll	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll.exe	6eac95e9171ccf1010823db206847946.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Roses.jpg.exe	6eac95e9171ccf1010823db206847946.exe

C:\Users\Admin\AppData\Local\Temp\6eac95e9171ccf1010823db206847946.exe
"C:\Users\Admin\AppData\Local\Temp\6eac95e9171ccf1010823db206847946.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:2952

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7-zip32.dll.exe

Filesize
2.8MB

MD5
a5b9ab10e9aac695d12d62a97a864436

SHA1
48a361bfd8b0cc86c964fbb7f747f6e0162ec864

SHA256
99a8558188eb988a6f47dcb2a979dadddbff3bba0f4f7242ed9feecc12613076

SHA512
80e2decca261298181a11c6c7f06d8d65800240783630814f1341cb6d441a10bb60799c8788cb8d2df1c6adb5433ccb680f6c6ace44ea72d928e487a93e96451

Download Submit
memory/2952-0-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download
memory/2952-294-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads