5e6d4f975696b41fac564a5d15359f93e3644f9342cb75979214369150f912f6

Analysis

max time kernel
161s
max time network
129s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
26-12-2023 13:38

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

72d9824bc31790580625345c55c6e5bd.exe
Size

1.8MB
MD5

72d9824bc31790580625345c55c6e5bd
SHA1

56c565bd4e74b1d0318f3e2e8d93b80b6897cfd8
SHA256

5e6d4f975696b41fac564a5d15359f93e3644f9342cb75979214369150f912f6
SHA512

a5c9adde9eaaf9239efda82b5190d0501d2c1d891be8548def8925cf025b328ec1779fcd3e24a2ab02ab668c483b0dd2cc4b95e1bff3dc81f2d24683973d8f79
SSDEEP

24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7NxqUkHW:SCqm2Jpr0nNM7Dus7Nx22

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/2980-0-0x0000000000400000-0x00000000005BA000-memory.dmp	upx
behavioral1/files/0x0007000000018b5d-5.dat	upx
behavioral1/memory/2980-535-0x0000000000400000-0x00000000005BA000-memory.dmp	upx

Drops desktop.ini file(s) 1 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	72d9824bc31790580625345c55c6e5bd.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\ink\IpsMigrationPlugin.dll	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\whiteband.png.exe	72d9824bc31790580625345c55c6e5bd.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\libEGL.dll	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\Internet Explorer\en-US\jsprofilerui.dll.mui.exe	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\ExportStart.xlsx.exe	72d9824bc31790580625345c55c6e5bd.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\af.pak	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\ShapeCollector.exe.mui.exe	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrdeslm.dat	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\IPSEventLogMsg.dll.mui	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\DVD Maker\es-ES\OmdProject.dll.mui.exe	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Dotted_Lines.emf	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\1047x576black.png.exe	72d9824bc31790580625345c55c6e5bd.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\fi.pak	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\Internet Explorer\F12Resources.dll	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Csi.dll.exe	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\Common Files\System\Ole DB\de-DE\sqlxmlx.rll.mui.exe	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMain_PAL.wmv.exe	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-split.avi.exe	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\button-overlay.png.exe	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\NextMenuButtonIconSubpictur.png.exe	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\Internet Explorer\en-US\networkinspection.dll.mui.exe	72d9824bc31790580625345c55c6e5bd.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\mojo_core.dll	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\tipresx.dll.mui	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwritalm.dat	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\Common Files\System\msadc\de-DE\msaddsr.dll.mui	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\Common Files\System\msadc\ja-JP\msadcfr.dll.mui.exe	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\videowall.png	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\WidevineCdm\LICENSE.exe	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\7-Zip\Lang\ko.txt.exe	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsdeu.xml	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\Common Files\System\msadc\es-ES\msadcfr.dll.mui.exe	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationRight_SelectionSubpicture.png	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\Internet Explorer\en-US\jsdbgui.dll.mui.exe	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\auxbase.xml	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrlatinlm.dat	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\Common Files\System\msadc\de-DE\msaddsr.dll.mui.exe	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationRight_ButtonGraphic.png	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\tipresx.dll.mui	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\PreviousMenuButtonIcon.png.exe	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToNotesBackground_PAL.wmv.exe	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Wrinkled_Paper.gif.exe	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\cloud_Thumbnail.bmp	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\kn.pak.exe	72d9824bc31790580625345c55c6e5bd.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\bin\ktab.exe	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\pagecurl.png	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\ParentMenuButtonIconSubpict.png	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\blackbars60.png.exe	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationLeft_ButtonGraphic.png.exe	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_Buttongraphic.png	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_PreComp_MATTE_PAL.wmv.exe	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\15x15dot.png.exe	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationRight_SelectionSubpicture.png	72d9824bc31790580625345c55c6e5bd.exe
File opened for modification	C:\Program Files\7-Zip\Lang\el.txt	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\Common Files\System\fr-FR\wab32res.dll.mui	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-background.png.exe	72d9824bc31790580625345c55c6e5bd.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\bin\tnameserv.exe	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Roses.htm.exe	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\TipBand.dll	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\1047x576black.png	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\Internet Explorer\en-US\DiagnosticsTap.dll.mui	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\DebugPing.mp4.exe	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\Internet Explorer\perf_nt.dll.exe	72d9824bc31790580625345c55c6e5bd.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\bin\javaw.exe	72d9824bc31790580625345c55c6e5bd.exe
File created	C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\msinfo32.exe.mui.exe	72d9824bc31790580625345c55c6e5bd.exe

C:\Users\Admin\AppData\Local\Temp\72d9824bc31790580625345c55c6e5bd.exe
"C:\Users\Admin\AppData\Local\Temp\72d9824bc31790580625345c55c6e5bd.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:2980

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7-zip32.dll.exe

Filesize
891KB

MD5
7f031b36da8296fc501c6dc74eaace73

SHA1
5577c662ea090c4e16bd94d1368f572fd8549973

SHA256
d5383242515e0986d5b17edd9d2b89f32a70aa263666639dfbce89fc631da92d

SHA512
d3c0afec8748ff4faf56649e99913d7b094d362a171dfa57dcb0357c93ad9fc2c03e7d0cd16a5f3e6b4083a21c432a4170d33211b378d1d2628df0dc78408137

Download Submit
memory/2980-0-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download
memory/2980-535-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads