c04c486bbc16f196a406d36ce05f93a99adaa6a1677294ad33c6dc18584026ed

Analysis

max time kernel
122s
max time network
138s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
31/12/2023, 02:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
Size

1.8MB
MD5

2536cdb9e54b0cd8cd53d3d2f9dad64b
SHA1

ea4c40e4d2881646b8375b0c62b648f30731052e
SHA256

c04c486bbc16f196a406d36ce05f93a99adaa6a1677294ad33c6dc18584026ed
SHA512

2285ae5689900ae1bd1712cbd9f94208051e3ba811bb5ab5e20d110b243c817e60e11c7adbb6bec7543101d4487d9a062231d13b17063abb9b8182748e1302cc
SSDEEP

24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7Nxql:SCqm2Jpr0nNM7Dus7Nxg

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/1972-0-0x0000000000400000-0x00000000005BA000-memory.dmp	upx
behavioral1/files/0x00060000000186bd-5.dat	upx
behavioral1/memory/1972-633-0x0000000000400000-0x00000000005BA000-memory.dmp	upx

Drops desktop.ini file(s) 1 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\uk.pak.exe	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\7-Zip\Lang\da.txt.exe	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\FlickLearningWizard.exe.exe	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\rtscom.dll.exe	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\203x8subpicture.png.exe	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\vistabg.png	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationUp_SelectionSubpicture.png	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\mip.exe.mui	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\curtains.png	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationRight_ButtonGraphic.png.exe	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\sl.pak.exe	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\Internet Explorer\iediagcmd.exe	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsen.xml.exe	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyNotesBackground_PAL.wmv	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\203x8subpicture.png	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\scenesscroll.png	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\menu_style_default_Thumbnail.png	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File opened for modification	C:\Program Files\7-Zip\Lang\ps.txt	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\Common Files\System\ado\ja-JP\msader15.dll.mui	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-highlight.png	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\106.0.5249.119.manifest	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\notification_helper.exe	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File opened for modification	C:\Program Files\Common Files\Microsoft Shared\VC\msdia100.dll	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_precomp_matte.wmv.exe	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\hr.pak.exe	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VC\msdia90.dll.exe	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwresplm.dat	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\pl-PL\tipresx.dll.mui	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\Common Files\System\msadc\de-DE\msaddsr.dll.mui	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationLeft_SelectionSubpicture.png.exe	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\DVD Maker\ja-JP\OmdProject.dll.mui.exe	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\Common Files\System\msadc\fr-FR\msadcor.dll.mui	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push_title.png	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\ImportCompress.TTS.exe	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\Internet Explorer\iexplore.exe.exe	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\bin\pack200.exe	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_heb.xml.exe	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\keytool.exe.exe	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\bin\rmic.exe	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationLeft_ButtonGraphic.png.exe	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationLeft_ButtonGraphic.png	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationRight_ButtonGraphic.png	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\PassportMask_PAL.wmv.exe	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\TipRes.dll.mui.exe	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\sv-SE\tipresx.dll.mui.exe	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\button-highlight.png.exe	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\bin\serialver.exe	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\LICENSE.exe	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Dotted_Lines.emf.exe	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\Common Files\System\msadc\msdaprsr.dll.exe	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\DVD Maker\bod_r.TTF	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_VideoInset.png	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsNotesBackground_PAL.wmv.exe	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\Google\Chrome\Application\master_preferences.exe	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbytools.jar	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\Common Files\Microsoft Shared\MSInfo\ja-JP\msinfo32.exe.mui	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Hand Prints.htm	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationUp_SelectionSubpicture.png.exe	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\javadoc.exe.exe	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jstatd.exe.exe	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkServerCP.exe	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\TipBand.dll	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\mip.exe.mui	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-image-mask.png	2536cdb9e54b0cd8cd53d3d2f9dad64b.exe

C:\Users\Admin\AppData\Local\Temp\2536cdb9e54b0cd8cd53d3d2f9dad64b.exe
"C:\Users\Admin\AppData\Local\Temp\2536cdb9e54b0cd8cd53d3d2f9dad64b.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:1972

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7-zip32.dll.exe

Filesize
549KB

MD5
2e69bfa44015285d74497181a2737ae0

SHA1
4fd5ba83080d4568e86184df5a061b10af6c4fb1

SHA256
dfbf0bac59829bb8a58e2b679a98e9d450a6db5184dbf6446c3fbbdba19750a8

SHA512
ac1a33ffb85dca5279461ac641267c76974d2f6b8862532af67c9259a91507815285d7a23640b111d5f89df4427144065dc302d55ee2edaeb0eb48f6d72dfd4a

Download Submit
memory/1972-0-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download
memory/1972-633-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads