7557dcb1fac47da5a322a1e3956a02acb1f170ce9eb0d9e72a58130a5af9d0be

Analysis

max time kernel
142s
max time network
133s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
30/12/2023, 02:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
Size

1.8MB
MD5

0c4938b04fe90bb9c5cbd0f7c2c8d140
SHA1

2b21fdb999a917306b6fde86199abbec8a2e7fc5
SHA256

7557dcb1fac47da5a322a1e3956a02acb1f170ce9eb0d9e72a58130a5af9d0be
SHA512

d81ea481b0168515764dd3ea08965be76eadc4ed4755d35ca47f762351af694968407509f257f282a13a68e1a1154f0e4845435a7ad2d0be8bba86803947f494
SSDEEP

24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7NxqUkHx:SCqm2Jpr0nNM7Dus7Nx2R

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/1968-0-0x0000000000400000-0x00000000005BA000-memory.dmp	upx
behavioral1/files/0x0035000000014475-5.dat	upx
behavioral1/memory/1968-701-0x0000000000400000-0x00000000005BA000-memory.dmp	upx

Drops desktop.ini file(s) 1 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\cursors.properties.exe	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\Common Files\System\es-ES\wab32res.dll.mui.exe	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\Common Files\System\msadc\ja-JP\msdaremr.dll.mui.exe	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\DVD Maker\Shared\DissolveAnother.png.exe	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationRight_ButtonGraphic.png.exe	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-backglow.png	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\lv.pak	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\accessibility.properties	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee.dll.exe	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\tipresx.dll.mui	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSLoc.dll.mui	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_MATTE_PAL.wmv	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyNotesBackground_PAL.wmv.exe	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrenclm.dat	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrfrash.dat	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsrus.xml	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\ShapeCollector.exe.mui	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_MATTE_PAL.wmv.exe	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\Internet Explorer\en-US\DiagnosticsTap.dll.mui.exe	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\Internet Explorer\en-US\F12.dll.mui.exe	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\bin\apt.exe	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File opened for modification	C:\Program Files\7-Zip\Lang\gl.txt	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Garden.htm	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_altgr.xml.exe	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\Common Files\System\Ole DB\en-US\msdasqlr.dll.mui	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\Common Files\Microsoft Shared\MSInfo\it-IT\msinfo32.exe.mui.exe	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\micaut.dll.mui.exe	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_LOOP_BG_PAL.wmv	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\libGLESv2.dll	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\Internet Explorer\iediagcmd.exe.exe	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\bin\rmid.exe	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_fr.properties.exe	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\TipRes.dll.mui.exe	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\ja-jp.xml.exe	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrlatinlm.dat.exe	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\Common Files\System\msadc\es-ES\msadcor.dll.mui	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\default_apps\external_extensions.json.exe	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File opened for modification	C:\Program Files\7-Zip\Lang\an.txt	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\Common Files\System\msadc\it-IT\msdaprsr.dll.mui	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\full.png.exe	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\LogoBeta.png.exe	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\dnsns.jar	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\7-Zip\Lang\zh-tw.txt.exe	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\Common Files\System\msadc\fr-FR\msadcfr.dll.mui	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Title_Page_Ref_PAL.wmv	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\policytool.exe.exe	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\splash.gif	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\Common Files\System\msadc\adcjavas.inc	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Bear_Formatted_MATTE2_PAL.wmv.exe	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonSubpicture.png.exe	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\icudtl.dat.exe	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-backglow.png.exe	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\DVD Maker\sonicsptransform.ax	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\Internet Explorer\ieproxy.dll	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\bin\glass.dll	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\Common Files\System\Ole DB\ja-JP\msdasqlr.dll.mui.exe	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\Common Files\System\msadc\msdaprst.dll.exe	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\bear_formatted_matte2.wmv	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\NextMenuButtonIconSubpictur.png	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\Java\jdk1.7.0_80\README.html.exe	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\appletviewer.exe.exe	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\bin\unpack200.exe	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrfrash.dat.exe	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\pt-BR\tipresx.dll.mui	0c4938b04fe90bb9c5cbd0f7c2c8d140.exe

C:\Users\Admin\AppData\Local\Temp\0c4938b04fe90bb9c5cbd0f7c2c8d140.exe
"C:\Users\Admin\AppData\Local\Temp\0c4938b04fe90bb9c5cbd0f7c2c8d140.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:1968

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7-zip32.dll.exe

Filesize
753KB

MD5
dd91132020c88ec31cc183e687ecfe06

SHA1
af513af7fde5da35c7176ccbf999c34f0acf76ff

SHA256
d277074a99e59a9efa9a5e1a54e9ac29bfd2ae98f52b9aeb998f7333f6fdbe20

SHA512
722a23045712ffab1261da0ef5a52a6dfde4d94f0e62bc73adbcfba6f15fd341c0f1c45e6d2f56e10ce982288586ae8e56126e8b6c3ae5eed9ab515e4bb4f656

Download Submit
memory/1968-0-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download
memory/1968-701-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads