793943e1de29fee53fa12317afeaf7e82a87f64777e17bfec19f03df487b78c3

Analysis

max time kernel
128s
max time network
127s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
30/12/2023, 04:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0dcf387e594d9d161c18a02daf82926d.exe
Size

1.8MB
MD5

0dcf387e594d9d161c18a02daf82926d
SHA1

60ac9326d6600405a24b0b03bac8c7435ba98f1f
SHA256

793943e1de29fee53fa12317afeaf7e82a87f64777e17bfec19f03df487b78c3
SHA512

278806ecb705ed56d6e668f3786ca91368e69be4ef8d6f4a2bdfbdfb523ff526b65d40e75d768708568503a7e4dedf9716b4f6771d07e0ddca78be16e2c68bbb
SSDEEP

24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7NxqUkHb:SCqm2Jpr0nNM7Dus7Nx27

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/3068-0-0x0000000000400000-0x00000000005BA000-memory.dmp	upx
behavioral1/files/0x0007000000015c13-5.dat	upx
behavioral1/memory/3068-613-0x0000000000400000-0x00000000005BA000-memory.dmp	upx

Drops desktop.ini file(s) 1 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	0dcf387e594d9d161c18a02daf82926d.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\7-Zip\Lang\ca.txt.exe	0dcf387e594d9d161c18a02daf82926d.exe
File opened for modification	C:\Program Files\7-Zip\Lang\hi.txt	0dcf387e594d9d161c18a02daf82926d.exe
File opened for modification	C:\Program Files\7-Zip\Lang\pa-in.txt	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\FlickLearningWizard.exe.mui.exe	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Bear_Formatted_RGB6_PAL.wmv	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\grid_(inch).wmf	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\IpsPlugin.dll.exe	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\15x15dot.png	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationUp_ButtonGraphic.png	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_photo_Thumbnail.bmp	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\bn.pak.exe	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\InkObj.dll.mui	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_Buttongraphic.png.exe	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\mshwLatin.dll	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers.xml	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\tipresx.dll.mui	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_SelectionSubpictureA.png.exe	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VC\msdia100.dll.exe	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\ShapeCollector.exe.mui.exe	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsfra.xml.exe	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_VideoInset.png	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\Internet Explorer\perf_nt.dll.exe	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ro-RO\tipresx.dll.mui	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\Common Files\System\Ole DB\de-DE\oledb32r.dll.mui.exe	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-next-static.png	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passport_mask_right.png	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\DVD Maker\Shared\Filters.xml.exe	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\Google\Chrome\Application\chrome.exe.exe	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Sand_Paper.jpg	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipskor.xml	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\Common Files\System\Ole DB\es-ES\msdasqlr.dll.mui.exe	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\Common Files\System\ado\msadomd.dll.exe	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\Common Files\System\msadc\en-US\msaddsr.dll.mui.exe	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsScenesBackground_PAL.wmv.exe	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\DvdTransform.fx.exe	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\scene_button_style_default_Thumbnail.bmp	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\FormatEnter.vsdx.exe	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\Internet Explorer\F12Tools.dll.exe	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\tabskb.dll.mui	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-split.avi.exe	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_SelectionSubpicture.png	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\vignettemask25.png	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\DVD Maker\fr-FR\OmdProject.dll.mui.exe	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\mshwjpn.dll	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\Common Files\System\wab32.dll	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrusalm.dat.exe	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\Common Files\System\msadc\de-DE\msadcor.dll.mui	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\softedges.png.exe	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\DVD Maker\fr-FR\DVDMaker.exe.mui	0dcf387e594d9d161c18a02daf82926d.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_100_percent.pak	0dcf387e594d9d161c18a02daf82926d.exe
File opened for modification	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\Common Files\System\msadc\fr-FR\msdaprsr.dll.mui	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_rgb.wmv.exe	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationUp_SelectionSubpicture.png	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\vistabg.png	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMainMask_PAL.wmv.exe	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\Common Files\System\Ole DB\sqloledb.dll.exe	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\Common Files\System\ado\msado27.tlb.exe	0dcf387e594d9d161c18a02daf82926d.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\mr.pak	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\Common Files\System\de-DE\wab32res.dll.mui	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\1047x576black.png.exe	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationRight_ButtonGraphic.png	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsScenesBackground_PAL.wmv	0dcf387e594d9d161c18a02daf82926d.exe
File created	C:\Program Files\7-Zip\Lang\id.txt.exe	0dcf387e594d9d161c18a02daf82926d.exe

C:\Users\Admin\AppData\Local\Temp\0dcf387e594d9d161c18a02daf82926d.exe
"C:\Users\Admin\AppData\Local\Temp\0dcf387e594d9d161c18a02daf82926d.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:3068

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7-zip32.dll.exe

Filesize
291KB

MD5
0e5ed23c1c0fedc507af28134086295f

SHA1
ae6c6868f8befcf7e9ddf062d71d22b4c74b1eb4

SHA256
fed991eff35a4ef2c8d61d4ad2f191c635758cf6b6dc2189eba735dc37d4ce2b

SHA512
c17af332520349f2dd232ca6adbc0b727c6d8ab60c84ac7cad9b3446f004461fd6c3134ff65f795d44fb442a1138b270f272426a2f96ab8e10aa54c5a61ac835

Download Submit
memory/3068-0-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download
memory/3068-613-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads