Analysis
-
max time kernel
150s -
max time network
157s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
30/12/2023, 11:21
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
1702574af607a6c91bc0967510b1927a.exe
Resource
win7-20231215-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
1702574af607a6c91bc0967510b1927a.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
3 signatures
150 seconds
General
-
Target
1702574af607a6c91bc0967510b1927a.exe
-
Size
410KB
-
MD5
1702574af607a6c91bc0967510b1927a
-
SHA1
b47eda86bec698a1260293d7c898d06c94fea2d8
-
SHA256
34be46188a9f92256e21219a4aef17c075d115edc82d541cbb7c7dd4cf822bd3
-
SHA512
1773a0eb31ae6322413b82667198bdf3ea36cd5c964553b4163fe869e0ec1fd7d328c892ec8c59a5ddc7b7ba4140853b236234fb102d1108367e4134263c9122
-
SSDEEP
6144:Vnn+TyiPihnV4WnULPEw9V3F4vmk4vWV916URzS1:V+XgV43TEw9V3F4vmk+WAURzS1
Score
6/10
Malware Config
Signatures
-
Drops desktop.ini file(s) 6 IoCs
description ioc Process File created \??\c:\$Recycle.Bin\S-1-5-21-1603059206-2004189698-4139800220-1000\desktop.ini 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\$Recycle.Bin\S-1-5-21-1603059206-2004189698-4139800220-1000\desktop.ini 1702574af607a6c91bc0967510b1927a.exe File created \??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini 1702574af607a6c91bc0967510b1927a.exe File created \??\c:\Program Files\desktop.ini 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\desktop.ini 1702574af607a6c91bc0967510b1927a.exe -
Drops file in Program Files directory 64 IoCs
description ioc Process File opened for modification \??\c:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\FlickLearningWizard.exe.mui 1702574af607a6c91bc0967510b1927a.exe File created \??\c:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\ea.xml 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Notes_loop.wmv 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-image-inset.png 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\af.pak 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\sunjce_provider.jar 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\7-Zip\Lang\co.txt 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\Common Files\Microsoft Shared\ink\de-DE\mshwLatin.dll.mui 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightRegular.ttf 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\jre\bin\gstreamer-lite.dll 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_de.properties 1702574af607a6c91bc0967510b1927a.exe File created \??\c:\Program Files\Common Files\Microsoft Shared\ink\TipRes.dll 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsScenesBackground.wmv 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXEV.DLL 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\DVD Maker\Shared\DvdStyles\Full\1047x576black.png 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\203x8subpicture.png 1702574af607a6c91bc0967510b1927a.exe File created \??\c:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\1047x576black.png 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_videoinset.png 1702574af607a6c91bc0967510b1927a.exe File created \??\c:\Program Files\DVD Maker\Shared\DvdStyles\Sports\sports_disc_mask.png 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\7-Zip\Lang\ky.txt 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\7-Zip\Lang\ps.txt 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\IPSEventLogMsg.dll.mui 1702574af607a6c91bc0967510b1927a.exe File created \??\c:\Program Files\Common Files\Microsoft Shared\ink\sv-SE\tipresx.dll.mui 1702574af607a6c91bc0967510b1927a.exe File created \??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Green Bubbles.htm 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\Common Files\Microsoft Shared\Stationery\grid_(inch).wmf 1702574af607a6c91bc0967510b1927a.exe File created \??\c:\Program Files\Common Files\System\it-IT\wab32res.dll.mui 1702574af607a6c91bc0967510b1927a.exe File created \??\c:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Scene_loop_PAL.wmv 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\7-Zip\Lang\lv.txt 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\7-Zip\Lang\pl.txt 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationLeft_ButtonGraphic.png 1702574af607a6c91bc0967510b1927a.exe File created \??\c:\Program Files\Common Files\System\Ole DB\msdaosp.dll 1702574af607a6c91bc0967510b1927a.exe File created \??\c:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-ImageMask.png 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgeCallbacks.h 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\Common Files\System\Ole DB\en-US\sqlxmlx.rll.mui 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\Common Files\Microsoft Shared\ink\hwrenalm.dat 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSLoc.dll.mui 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMainMask.wmv 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\bin\pack200.exe 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\Common Files\Microsoft Shared\ink\nb-NO\tipresx.dll.mui 1702574af607a6c91bc0967510b1927a.exe File created \??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Roses.htm 1702574af607a6c91bc0967510b1927a.exe File created \??\c:\Program Files\Common Files\Microsoft Shared\ink\es-ES\mip.exe.mui 1702574af607a6c91bc0967510b1927a.exe File created \??\c:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_postage_Thumbnail.bmp 1702574af607a6c91bc0967510b1927a.exe File created \??\c:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsNotesBackground_PAL.wmv 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\mr.pak 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\bin\jmap.exe 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\Common Files\Microsoft Shared\ink\en-US\InkObj.dll.mui 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_rightarrow.png 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationRight_SelectionSubpicture.png 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\include\jdwpTransport.h 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\7-Zip\Lang\va.txt 1702574af607a6c91bc0967510b1927a.exe File created \??\c:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_Buttongraphic.png 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationLeft_ButtonGraphic.png 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToScenesBackground.wmv 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\Google\Chrome\Application\chrome.exe 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Bear_Formatted_RGB6_PAL.wmv 1702574af607a6c91bc0967510b1927a.exe File created \??\c:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Perf_Scenes_Subpicture1.png 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\DVD Maker\DVDMaker.exe 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\DVD Maker\PipeTran.dll 1702574af607a6c91bc0967510b1927a.exe File opened for modification \??\c:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_ru.jar 1702574af607a6c91bc0967510b1927a.exe File created \??\c:\Program Files\Common Files\Microsoft Shared\ink\en-US\InkWatson.exe.mui 1702574af607a6c91bc0967510b1927a.exe File created \??\c:\Program Files\Common Files\Microsoft Shared\ink\it-IT\InkObj.dll.mui 1702574af607a6c91bc0967510b1927a.exe File created \??\c:\Program Files\Common Files\Microsoft Shared\ink\ipsplk.xml 1702574af607a6c91bc0967510b1927a.exe File created \??\c:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\mshwLatin.dll.mui 1702574af607a6c91bc0967510b1927a.exe File created \??\c:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\babypink.png 1702574af607a6c91bc0967510b1927a.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
2.7MB
MD564d60b1d675a013a5070de5c12b65069
SHA13d2be62180fd2f51245c4294e56fb2dca7a3b277
SHA2565e20d5fd2f1b519f3f530f7fbdd2dca35fe36b9199386327ff44ec900ef72ff0
SHA512dba07f3bd9bbb630792728459d515bcbd6db16f83782ea6560648796b8a1101d023f568f605d4e6cb7b282488d782d629e8a5e99bf702bbe51da4ce6e2fa86bd