63a905f4b67e995bf96cd05f92e7b1d839e612d1243afec2ca55c53963ee6091

Analysis

max time kernel
140s
max time network
147s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
30-12-2023 09:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

13fac8553f1472bcbfe96382fc38b6d4.exe
Size

1.8MB
MD5

13fac8553f1472bcbfe96382fc38b6d4
SHA1

369a77bf10c84b4aef124d753cab3bdb54ba16cf
SHA256

63a905f4b67e995bf96cd05f92e7b1d839e612d1243afec2ca55c53963ee6091
SHA512

1ec140a59f083d09a6a347a2b062d0cefb9556b3471c74bd660a2fea583fc812d52f3d24aeef08091d43a991a1b4585df5b3bedc88042023a997c257566336b0
SSDEEP

24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7Nxqk:SCqm2Jpr0nNM7Dus7Nxh

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/1172-0-0x0000000000400000-0x00000000005BA000-memory.dmp	upx
behavioral1/files/0x000700000001604f-5.dat	upx
behavioral1/memory/1172-481-0x0000000000400000-0x00000000005BA000-memory.dmp	upx

Drops desktop.ini file(s) 1 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	13fac8553f1472bcbfe96382fc38b6d4.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ml.pak.exe	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\button-bullet.png	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrusalm.dat.exe	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Pretty_Peacock.jpg	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\15x15dot.png	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_selectionsubpicture.png	13fac8553f1472bcbfe96382fc38b6d4.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\nl.pak	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\layers.png.exe	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Filters\VISFILT.DLL.exe	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\Common Files\System\msadc\es-ES\msadcer.dll.mui.exe	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Trans_Notes_PAL.wmv.exe	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationLeft_ButtonGraphic.png.exe	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\106.0.5249.119.manifest.exe	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\fi.pak.exe	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_it.jar.exe	13fac8553f1472bcbfe96382fc38b6d4.exe
File opened for modification	C:\Program Files\7-Zip\Lang\io.txt	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll.exe	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\DVD Maker\Pipeline.dll.exe	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\colorcycle.png	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\softedges.png.exe	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_plain_Thumbnail.bmp.exe	13fac8553f1472bcbfe96382fc38b6d4.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\et.pak	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome.dll.sig.exe	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\7-Zip\Lang\ky.txt.exe	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\Internet Explorer\F12.dll	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\Internet Explorer\Timeline.dll.exe	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\optimization_guide_internal.dll.exe	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_SelectionSubpicture.png.exe	13fac8553f1472bcbfe96382fc38b6d4.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\bin\java-rmi.exe	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\Common Files\System\Ole DB\it-IT\oledb32r.dll.mui	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Shades of Blue.htm	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\Common Files\System\msadc\handler.reg.exe	13fac8553f1472bcbfe96382fc38b6d4.exe
File opened for modification	C:\Program Files\ExportUnregister.ADTS	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\Internet Explorer\MemoryAnalyzer.dll	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\Internet Explorer\en-US\networkinspection.dll.mui.exe	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\7-Zip\Lang\bn.txt.exe	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\tipresx.dll.mui	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\Common Files\System\Ole DB\sqlxmlx.rll	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\bear_formatted_rgb6.wmv	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\dotslightoverlay.png.exe	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-border.png.exe	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\1047x576_91n92.png.exe	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\Common Files\Microsoft Shared\MSInfo\it-IT\msinfo32.exe.mui	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\Common Files\System\ado\ja-JP\msader15.dll.mui.exe	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\DVD Maker\SecretST.TTF.exe	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Title_Page_Ref_PAL.wmv	13fac8553f1472bcbfe96382fc38b6d4.exe
File opened for modification	C:\Program Files\7-Zip\Lang\mk.txt	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrcommonlm.dat.exe	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyNotesBackground.wmv	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\d3dcompiler_47.dll.exe	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-correct.avi.exe	13fac8553f1472bcbfe96382fc38b6d4.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\v8_context_snapshot.bin	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_postage_Thumbnail.bmp.exe	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\tabskb.dll.mui	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\Common Files\System\msadc\msadcf.dll	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationUp_SelectionSubpicture.png	13fac8553f1472bcbfe96382fc38b6d4.exe
File opened for modification	C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOInstaller.config	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\rtscom.dll.mui.exe	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipssrl.xml	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\Common Files\System\msadc\en-US\msadcor.dll.mui	13fac8553f1472bcbfe96382fc38b6d4.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\pt-BR.pak	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\Internet Explorer\en-US\ieinstal.exe.mui	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\mshwLatin.dll.mui	13fac8553f1472bcbfe96382fc38b6d4.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\720x480icongraphic.png.exe	13fac8553f1472bcbfe96382fc38b6d4.exe

C:\Users\Admin\AppData\Local\Temp\13fac8553f1472bcbfe96382fc38b6d4.exe
"C:\Users\Admin\AppData\Local\Temp\13fac8553f1472bcbfe96382fc38b6d4.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:1172

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7-zip32.dll.exe

Filesize
1.8MB

MD5
8d063625cd78701d1ba24902dc6f5839

SHA1
d5f5d605ebec7e55052f764d215ef0c282895caa

SHA256
c3123a64027010732cfc09f091cc302da982b115be0c60e3c3ec30c54c782d21

SHA512
8eb787556e56e5e5a51c8eb3a30db5944267fcbf3eafeada07bc9c65ef30382b82eb560a93e049bfc5aa7cbcef86830ef74ee9c76e5101d3476fc244c9c08432

Download Submit
memory/1172-0-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download
memory/1172-481-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads