0b4aa4029d6f819b69daba2484e772631700c9b92fb0a7bdd86cd0d22b4b7363

Analysis

max time kernel
149s
max time network
121s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
29/12/2023, 18:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

008d3bfd552f908954b696e4fe7bd895.exe
Size

1.8MB
MD5

008d3bfd552f908954b696e4fe7bd895
SHA1

1dac9edde587a1f12334fe99c57b1e560d27388f
SHA256

0b4aa4029d6f819b69daba2484e772631700c9b92fb0a7bdd86cd0d22b4b7363
SHA512

f379b0e865071febcaaf76354dda489db2b5dd44885f724813384b829b854bf82b89ad5f26d816df019623cb33a5278b7e0afd4b721b145159d0f7e1a109d935
SSDEEP

24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7NxqUkHs:SCqm2Jpr0nNM7Dus7Nx2M

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/2116-0-0x0000000000400000-0x00000000005BA000-memory.dmp	upx
behavioral1/files/0x002f000000016cd7-5.dat	upx
behavioral1/memory/2116-288-0x0000000000400000-0x00000000005BA000-memory.dmp	upx

Drops desktop.ini file(s) 1 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	008d3bfd552f908954b696e4fe7bd895.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File opened for modification	C:\Program Files\7-Zip\Lang\pt-br.txt	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini.exe	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\Common Files\System\msadc\msdaprst.dll	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\button-overlay.png.exe	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonInset_Alpha1.png	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\FlickLearningWizard.exe.mui	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-highlight.png.exe	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Garden.htm	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\Common Files\System\msadc\msadco.dll.exe	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_MATTE_PAL.wmv.exe	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_ButtonGraphic.png	008d3bfd552f908954b696e4fe7bd895.exe
File opened for modification	C:\Program Files\BlockGrant.dwfx	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\NextMenuButtonIcon.png	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\es-ES\MSTTSLoc.dll.mui.exe	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\whiteband.png.exe	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_mainImage-mask.png.exe	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-border.png	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\vignettemask25.png.exe	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\DVD Maker\Shared\Filters.xml	008d3bfd552f908954b696e4fe7bd895.exe
File opened for modification	C:\Program Files\7-Zip\Lang\va.txt	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\OrangeCircles.jpg.exe	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\tipresx.dll.mui	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\Common Files\System\msadc\msdfmap.dll.exe	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\el.pak.exe	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\7-Zip\7zFM.exe.exe	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\7-Zip\7zG.exe.exe	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL.exe	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainBackground.wmv	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\highlight.png	008d3bfd552f908954b696e4fe7bd895.exe
File opened for modification	C:\Program Files\FormatEnable.csv	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\SmallLogo.png.exe	008d3bfd552f908954b696e4fe7bd895.exe
File opened for modification	C:\Program Files\7-Zip\descript.ion	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Tanspecks.jpg	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\correct.avi	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationRight_SelectionSubpicture.png.exe	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Wrinkled_Paper.gif.exe	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\Logo.png.exe	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\7-Zip\descript.ion.exe	008d3bfd552f908954b696e4fe7bd895.exe
File opened for modification	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\Common Files\System\Ole DB\msdatl3.dll.exe	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationUp_SelectionSubpicture.png.exe	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Bears.htm.exe	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\FlickLearningWizard.exe.mui.exe	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_glass_Thumbnail.bmp.exe	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\DVD Maker\it-IT\OmdProject.dll.mui.exe	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\it.pak.exe	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsplk.xml.exe	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_SelectionSubpictureA.png	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\NextMenuButtonIconSubpictur.png.exe	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\sports_disc_mask.png	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\mshwLatin.dll.mui	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\micaut.dll.mui.exe	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\Common Files\System\msadc\fr-FR\msaddsr.dll.mui	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-next-over-select.png	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Title_Page_Ref_PAL.wmv.exe	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\rtscom.dll.mui	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ro-RO\tipresx.dll.mui	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\Common Files\System\msadc\it-IT\msadcfr.dll.mui	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainBackground_PAL.wmv	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\Common Files\Microsoft Shared\MSInfo\fr-FR\msinfo32.exe.mui.exe	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\bandwidth.png	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\mip.exe.mui.exe	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\DVD Maker\Eurosti.TTF	008d3bfd552f908954b696e4fe7bd895.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_ButtonGraphic.png.exe	008d3bfd552f908954b696e4fe7bd895.exe

C:\Users\Admin\AppData\Local\Temp\008d3bfd552f908954b696e4fe7bd895.exe
"C:\Users\Admin\AppData\Local\Temp\008d3bfd552f908954b696e4fe7bd895.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:2116

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7-zip32.dll.exe

Filesize
1.4MB

MD5
636a516af5a23f5dcd47e19c8ed1ffbe

SHA1
05a95eed2b2cc1d7264bc00d044725b3003f5974

SHA256
8ec859aa40f389bad0fa6685de6bc6b898617242b63187bf8339748347317ae7

SHA512
2789b320eb813a30533e13b5d1c470c6133d67b356551b5e8702bf4066e2c91c274c5c76d9565d7197da9dcfdaf833cf381765c26316b88bddfff018657a2ad3

Download Submit
memory/2116-0-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download
memory/2116-288-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads