97188b82e9056193362fe13d73a3b7be5fea6f1a62902ba203a542f2ef066e5f

Analysis

max time kernel
149s
max time network
127s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
30/12/2023, 00:50

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

091ae6f4c97ea47c7366b1ad33d30394.exe
Size

1.8MB
MD5

091ae6f4c97ea47c7366b1ad33d30394
SHA1

618fd342185f8c156710415d22e50f5a962d5cde
SHA256

97188b82e9056193362fe13d73a3b7be5fea6f1a62902ba203a542f2ef066e5f
SHA512

42c7db7838db2550344a81ec7045bba74571b122f82200c01119e883973b9b4358e9b7f89edf6e5f32297705c6ad8763cbbeec0a2c483521b2191adf697ab790
SSDEEP

24576:N6pQPxQ2JyP2r5mJV91xM7RpbwgIvQ7NxqWLCvN:NCqm2Jpr0nNM7DuQ7Nxo1

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/2596-0-0x0000000000400000-0x00000000005BB000-memory.dmp	upx
behavioral1/files/0x0034000000015c00-5.dat	upx
behavioral1/memory/2596-287-0x0000000000400000-0x00000000005BB000-memory.dmp	upx

Drops desktop.ini file(s) 1 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	091ae6f4c97ea47c7366b1ad33d30394.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrdeush.dat	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\InkObj.dll.mui.exe	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\Common Files\System\msadc\fr-FR\msadcfr.dll.mui	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationLeft_SelectionSubpicture.png	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-highlight.png	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\DVD Maker\de-DE\DVDMaker.exe.mui	091ae6f4c97ea47c7366b1ad33d30394.exe
File opened for modification	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\1047x576_91n92.png.exe	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-previous-static.png.exe	091ae6f4c97ea47c7366b1ad33d30394.exe
File opened for modification	C:\Program Files\7-Zip\readme.txt	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\InputPersonalization.exe.mui	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationLeft_ButtonGraphic.png.exe	091ae6f4c97ea47c7366b1ad33d30394.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\MEIPreload\manifest.json	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\InputPersonalization.exe.mui.exe	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\Common Files\System\msadc\de-DE\msdaprsr.dll.mui.exe	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Pretty_Peacock.jpg	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\Common Files\System\Ole DB\en-US\sqloledb.rll.mui	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationLeft_SelectionSubpicture.png.exe	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Stucco.gif.exe	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad.xml.exe	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrcatlm.dat.exe	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationRight_ButtonGraphic.png.exe	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationUp_SelectionSubpicture.png	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\DVD Maker\Shared\Filters.xml	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\DVD Maker\sonicsptransform.ax.exe	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\ShapeCollector.exe.mui.exe	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\Common Files\System\ado\fr-FR\msader15.dll.mui	091ae6f4c97ea47c7366b1ad33d30394.exe
File opened for modification	C:\Program Files\7-Zip\Lang\br.txt	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Stars.htm	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\InkObj.dll.mui	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\Common Files\System\Ole DB\oledb32r.dll	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\Common Files\System\msadc\es-ES\msadcfr.dll.mui	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\7-Zip\Lang\ne.txt.exe	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\7-Zip\Lang\va.txt.exe	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationRight_SelectionSubpicture.png.exe	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\split.avi	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ru-RU\tipresx.dll.mui.exe	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_INTRO_BG_PAL.wmv.exe	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\DVD Maker\audiodepthconverter.ax	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsptb.xml.exe	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\Common Files\System\msadc\msadce.dll.exe	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\softedges.png.exe	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOInstaller.exe.exe	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\uk-UA\tipresx.dll.mui	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\Common Files\System\Ole DB\oledb32.dll.exe	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\navSubpicture.png.exe	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_SelectionSubpictureB.png.exe	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\720x480icongraphic.png.exe	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\7-Zip\Lang\an.txt.exe	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\msinfo32.exe.mui.exe	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSFrontendENU.dll	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\Common Files\System\Ole DB\en-US\oledb32r.dll.mui.exe	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\7-Zip\Lang\fi.txt.exe	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\IPSEventLogMsg.dll.mui.exe	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrusash.dat	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\th-TH\tipresx.dll.mui	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_selectionsubpicture.png.exe	091ae6f4c97ea47c7366b1ad33d30394.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\tr.pak	091ae6f4c97ea47c7366b1ad33d30394.exe
File opened for modification	C:\Program Files\7-Zip\7zG.exe	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\ShapeCollector.exe.mui.exe	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Dot.png	091ae6f4c97ea47c7366b1ad33d30394.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationLeft_SelectionSubpicture.png.exe	091ae6f4c97ea47c7366b1ad33d30394.exe

C:\Users\Admin\AppData\Local\Temp\091ae6f4c97ea47c7366b1ad33d30394.exe
"C:\Users\Admin\AppData\Local\Temp\091ae6f4c97ea47c7366b1ad33d30394.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:2596

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7-zip32.dll.exe

Filesize
1.8MB

MD5
21afb718521ecb948a2ba7a2fd9264f7

SHA1
9027d0fc467f6d68d4c7852ce0ed3ef8ae750c00

SHA256
27ca429e14258de1680008546549fe601563e3895b665f6d6466605a9a0fd4dd

SHA512
36190d4b90a6a081c0dc116b79251092086a2f927d0d2b1f8adb987f33b6d46e7c40aa0fd5d663de48b248022d0089876ea30d77d3afa665650b3e7b0f3d1e32

Download Submit
memory/2596-0-0x0000000000400000-0x00000000005BB000-memory.dmp

Filesize
1.7MB

Download
memory/2596-287-0x0000000000400000-0x00000000005BB000-memory.dmp

Filesize
1.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads