412479677216932766db7c912ffd9dd356a19e771e33f510f4b64a8b56d1c812

Analysis

max time kernel
117s
max time network
119s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
30/12/2023, 03:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0c92bce122497ee0d6d5bb5147c910b8.exe
Size

348KB
MD5

0c92bce122497ee0d6d5bb5147c910b8
SHA1

a7d41b9b60547d8409c1b377988af9f2f4efb040
SHA256

412479677216932766db7c912ffd9dd356a19e771e33f510f4b64a8b56d1c812
SHA512

11fd050567627ec869497326274ba8f2915a86eef2b844d3b3329ba937148b4f9a8004048f32cc5ba2d2a287780e56afd49c09a1cbc5cbd5c627fe37b6d5a575
SSDEEP

6144:HO+TyiE8+aqCjToXVpGOZcWixTmAcThAkZThMTM9:JXEkqeolrix1c60y+

Score

6^/10

Malware Config

Signatures

Drops desktop.ini file(s) 6 IoCs

description	ioc	Process
File opened for modification	\??\c:\Program Files\desktop.ini	0c92bce122497ee0d6d5bb5147c910b8.exe
File created	\??\c:\$Recycle.Bin\S-1-5-21-3627615824-4061627003-3019543961-1000\desktop.ini	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\$Recycle.Bin\S-1-5-21-3627615824-4061627003-3019543961-1000\desktop.ini	0c92bce122497ee0d6d5bb5147c910b8.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	0c92bce122497ee0d6d5bb5147c910b8.exe
File created	\??\c:\Program Files\desktop.ini	0c92bce122497ee0d6d5bb5147c910b8.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationUp_ButtonGraphic.png	0c92bce122497ee0d6d5bb5147c910b8.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainBackground.wmv	0c92bce122497ee0d6d5bb5147c910b8.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\en-US\rtscom.dll.mui	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\ipsjpn.xml	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\GreenBubbles.jpg	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\ShadesOfBlue.jpg	0c92bce122497ee0d6d5bb5147c910b8.exe
File created	\??\c:\Program Files\Common Files\System\ado\msadox.dll	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\Internet Explorer\Timeline_is.dll	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightDemiItalic.ttf	0c92bce122497ee0d6d5bb5147c910b8.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\en-US\ShapeCollector.exe.mui	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\Common Files\System\ado\es-ES\msader15.dll.mui	0c92bce122497ee0d6d5bb5147c910b8.exe
File created	\??\c:\Program Files\Common Files\System\msadc\de-DE\msaddsr.dll.mui	0c92bce122497ee0d6d5bb5147c910b8.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DissolveAnother.png	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\Google\Chrome\Application\106.0.5249.119\nacl_irt_x86_64.nexe	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\en-US\split.avi	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\sv-SE\tipresx.dll.mui	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationLeft_SelectionSubpicture.png	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\Internet Explorer\images\bing.ico	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\bin\dt_socket.dll	0c92bce122497ee0d6d5bb5147c910b8.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\es-ES\tabskb.dll.mui	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\es-ES\TipBand.dll.mui	0c92bce122497ee0d6d5bb5147c910b8.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_LOOP_BG_PAL.wmv	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\1047x576_91n92.png	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\reflect.png	0c92bce122497ee0d6d5bb5147c910b8.exe
File created	\??\c:\Program Files\Common Files\System\msadc\ja-JP\msadcor.dll.mui	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\chapters-static.png	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Page_PAL.wmv	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\db\lib\derbynet.jar	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\en-US\ShapeCollector.exe.mui	0c92bce122497ee0d6d5bb5147c910b8.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\blackbars60.png	0c92bce122497ee0d6d5bb5147c910b8.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationUp_SelectionSubpicture.png	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\sunjce_provider.jar	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationUp_SelectionSubpicture.png	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationUp_SelectionSubpicture.png	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationUp_ButtonGraphic.png	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\Internet Explorer\jsdebuggeride.dll	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\bin\kinit.exe	0c92bce122497ee0d6d5bb5147c910b8.exe
File created	\??\c:\Program Files\DVD Maker\ja-JP\WMM2CLIP.dll.mui	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\mainimage-mask.png	0c92bce122497ee0d6d5bb5147c910b8.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\NavigationRight_SelectionSubpicture.png	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Genko_2.emf	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\Common Files\System\ado\msado20.tlb	0c92bce122497ee0d6d5bb5147c910b8.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\circleround_glass.png	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\bin\jabswitch.exe	0c92bce122497ee0d6d5bb5147c910b8.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-back-static.png	0c92bce122497ee0d6d5bb5147c910b8.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Title_Page_Ref_PAL.wmv	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\15x15dot.png	0c92bce122497ee0d6d5bb5147c910b8.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationUp_ButtonGraphic.png	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\7-Zip\Lang\ps.txt	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Cave_Drawings.gif	0c92bce122497ee0d6d5bb5147c910b8.exe
File created	\??\c:\Program Files\DVD Maker\de-DE\OmdProject.dll.mui	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_fr.properties	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\7-Zip\Lang\cy.txt	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\7-Zip\Lang\ta.txt	0c92bce122497ee0d6d5bb5147c910b8.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\et-EE\tipresx.dll.mui	0c92bce122497ee0d6d5bb5147c910b8.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationUp_SelectionSubpicture.png	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\Google\Chrome\Application\chrome_proxy.exe	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\7-Zip\descript.ion	0c92bce122497ee0d6d5bb5147c910b8.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_heb.xml	0c92bce122497ee0d6d5bb5147c910b8.exe
File created	\??\c:\Program Files\Common Files\System\msadc\de-DE\msdaremr.dll.mui	0c92bce122497ee0d6d5bb5147c910b8.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_videoinset.png	0c92bce122497ee0d6d5bb5147c910b8.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\photograph.png	0c92bce122497ee0d6d5bb5147c910b8.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\en-US\tabskb.dll.mui	0c92bce122497ee0d6d5bb5147c910b8.exe

C:\Users\Admin\AppData\Local\Temp\0c92bce122497ee0d6d5bb5147c910b8.exe
"C:\Users\Admin\AppData\Local\Temp\0c92bce122497ee0d6d5bb5147c910b8.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:2540

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\osetup.dll

Filesize
132KB

MD5
86026cc09e1409d4cf427875830fd7b6

SHA1
6de3157aad979c6f2f5d557b264c48046ed252c1

SHA256
554a5df063a9f92658c161c2b55c4e3385d5758f83507d41a662069e142d3eda

SHA512
2ca102faa699b358559a80702793bd52e5c9d91a0b5002584754dc026da08af2de1aff1db69ab05e5a6251163d89dcd5df29a231f64fd422dc9c099189d073a1

Download Submit
C:\Program Files\Java\jdk1.7.0_80\jre\bin\deploy.dll

Filesize
5B

MD5
b5b682b742431a52ea8b17c72ad9c572

SHA1
326320f469235708c59f678c9a7357dca552d306

SHA256
30d9045a9f172208b13161d1f5204e5787e5e07bfbb4f490d0041b03b7f44f76

SHA512
4e1bd7cc616b3115baf6be7ebd29fe2d1123bc0f25464865a0cf9207b0344fba70747a5ce6f00e8d9c696881f6db1e12f81736bc748b6f2b60bf84c681a49163

Download Submit
memory/2540-0-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download
memory/2540-606-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads