68f0796fa698c6923791e0fa2b9b72ff74a8cc14c4f727614cb271d548878789

Analysis

max time kernel
124s
max time network
124s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
31/12/2023, 01:11

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

22994538bac717f0ed3783e582b4f67c.exe
Size

1.8MB
MD5

22994538bac717f0ed3783e582b4f67c
SHA1

68f0d2a20bf53730b323b7972d509f57275c8655
SHA256

68f0796fa698c6923791e0fa2b9b72ff74a8cc14c4f727614cb271d548878789
SHA512

f086d5cbb11cc63dd6a35f19ae48d20a7af7c0f97d0d97d1708ea18abdbb7d172ef5cc2e87f47f323bb040741c501abcc5fd5b844c4db8e99580c5364d7a9f28
SSDEEP

24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7NxqtAZ:SCqm2Jpr0nNM7Dus7NxBZ

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/2184-0-0x0000000000400000-0x00000000005BA000-memory.dmp	upx
behavioral1/files/0x00270000000142a1-5.dat	upx
behavioral1/memory/2184-740-0x0000000000400000-0x00000000005BA000-memory.dmp	upx

Drops desktop.ini file(s) 1 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	22994538bac717f0ed3783e582b4f67c.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\System\Ole DB\oledbvbs.inc.exe	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\button-highlight.png	22994538bac717f0ed3783e582b4f67c.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Chagos	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\7-Zip\Lang\kk.txt.exe	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\instrument.dll.exe	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\cloud_Thumbnail.bmp	22994538bac717f0ed3783e582b4f67c.exe
File opened for modification	C:\Program Files\7-Zip\Lang\el.txt	22994538bac717f0ed3783e582b4f67c.exe
File opened for modification	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPCEXT.DLL	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsen.xml.exe	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\mshwjpn.dll	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\nb-NO\tipresx.dll.mui	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\servertool.exe.exe	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkClientCP.exe	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\TipBand.dll	22994538bac717f0ed3783e582b4f67c.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\LICENSE	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\ShapeCollector.exe.mui.exe	22994538bac717f0ed3783e582b4f67c.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\bin\prism-d3d.dll	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\tabskb.dll.mui	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationLeft_SelectionSubpicture.png.exe	22994538bac717f0ed3783e582b4f67c.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Sakhalin	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Stucco.gif.exe	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad.xml	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\Common Files\System\ado\msado21.tlb.exe	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-previous-static.png.exe	22994538bac717f0ed3783e582b4f67c.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Casey	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\7-Zip\Lang\pt-br.txt.exe	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BlackRectangle.bmp	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\TipRes.dll.mui.exe	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_rightarrow.png	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ur.pak.exe	22994538bac717f0ed3783e582b4f67c.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\bin\jar.exe	22994538bac717f0ed3783e582b4f67c.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Macquarie	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-previous-static.png	22994538bac717f0ed3783e582b4f67c.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Casablanca	22994538bac717f0ed3783e582b4f67c.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Nome	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Copenhagen.exe	22994538bac717f0ed3783e582b4f67c.exe
File opened for modification	C:\Program Files\7-Zip\Lang\fur.txt	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\Common Files\System\Ole DB\es-ES\sqloledb.rll.mui	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\WhiteDot.png	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\DVD Maker\ja-JP\DVDMaker.exe.mui	22994538bac717f0ed3783e582b4f67c.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkServerCP	22994538bac717f0ed3783e582b4f67c.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Copenhagen	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\Microsoft.Ink.dll.exe	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\mshwLatin.dll.mui.exe	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\Common Files\System\msadc\msadcf.dll	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationUp_ButtonGraphic.png.exe	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jsoundds.dll.exe	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\TipBand.dll.mui.exe	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_zh_CN.properties.exe	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\7-Zip\Lang\ro.txt.exe	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\NavigationButtonSubpicture.png	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\local_policy.jar.exe	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Danmarkshavn.exe	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Yellowknife.exe	22994538bac717f0ed3783e582b4f67c.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Almaty	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\7-Zip\Lang\hr.txt.exe	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Monet.jpg.exe	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOMessageProvider.dll.exe	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_jpn.xml	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Menominee.exe	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-highlight.png	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Santiago.exe	22994538bac717f0ed3783e582b4f67c.exe
File created	C:\Program Files\Common Files\System\ado\msado15.dll	22994538bac717f0ed3783e582b4f67c.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jfr.dll	22994538bac717f0ed3783e582b4f67c.exe

C:\Users\Admin\AppData\Local\Temp\22994538bac717f0ed3783e582b4f67c.exe
"C:\Users\Admin\AppData\Local\Temp\22994538bac717f0ed3783e582b4f67c.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:2184

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7-zip32.dll.exe

Filesize
1.8MB

MD5
53d28d21e624b44f8e60bf8c33190762

SHA1
5cccd3e4d8223106ce7e39de9ef5b69e1d5f5789

SHA256
1828b521e685664f4c01c39c7998001e170b2356ea622b94cede4179690987cc

SHA512
eacf80ba8d4d55e4f3991fdd71a95ba1b79d7e79582586a3cd763db583fd3c0a2c2b34fdd80a649dc2eb59a60208b912103245a980849875a8c8d11811b9e0de

Download Submit
memory/2184-0-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download
memory/2184-740-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads