45102bd9f367f66c29cdb23e5199c6fb961adb5d79812dc7d494e827aa5fd1bd

Analysis

max time kernel
119s
max time network
124s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
31-12-2023 03:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

261233d263f51979f5ed7661dc9a9cd5.exe
Size

1.8MB
MD5

261233d263f51979f5ed7661dc9a9cd5
SHA1

6bae498f75104fee50871eddc153de88d5cd3010
SHA256

45102bd9f367f66c29cdb23e5199c6fb961adb5d79812dc7d494e827aa5fd1bd
SHA512

4e485f505a19b6700bb4368d7f2734fd68b80e6855aaad22224c78817a793b11734233e6d3edbb6b106185d1b0346396a85909c14ae78e1dc25e99105d2ca839
SSDEEP

24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7Nxq2:SCqm2Jpr0nNM7Dus7NxL

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/2580-0-0x0000000000400000-0x00000000005BA000-memory.dmp	upx
behavioral1/files/0x0034000000016247-5.dat	upx
behavioral1/memory/2580-306-0x0000000000400000-0x00000000005BA000-memory.dmp	upx

Drops desktop.ini file(s) 1 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	261233d263f51979f5ed7661dc9a9cd5.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\System\msadc\fr-FR\msadcfr.dll.mui	261233d263f51979f5ed7661dc9a9cd5.exe
File opened for modification	C:\Program Files\7-Zip\Lang\af.txt	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\micaut.dll.mui.exe	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\ja-jp-sym.xml	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\System\Ole DB\oledbvbs.inc	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\TipRes.dll.mui.exe	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationUp_SelectionSubpicture.png.exe	261233d263f51979f5ed7661dc9a9cd5.exe
File opened for modification	C:\Program Files\BackupUpdate.vb	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\osppobjs-spp-plugin-manifest-signed.xrm-ms.exe	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\correct.avi.exe	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\Microsoft Shared\MSInfo\de-DE\msinfo32.exe.mui.exe	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\System\msadc\msadcer.dll.exe	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\DVD Maker\OmdProject.dll.exe	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\fr-FR\MSTTSLoc.dll.mui.exe	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\System\msadc\adcjavas.inc	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\System\msadc\es-ES\msdaremr.dll.mui	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\System\msadc\msdaremr.dll.exe	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\7-Zip\Lang\fa.txt.exe	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VC\msdia100.dll.exe	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\et-EE\tipresx.dll.mui	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrcommonlm.dat.exe	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ru-RU\tipresx.dll.mui.exe	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\7-Zip\7-zip.dll.exe	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\7-Zip\Lang\et.txt.exe	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\7-Zip\Lang\tk.txt.exe	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\System\Ole DB\en-US\sqlxmlx.rll.mui	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\System\Ole DB\msxactps.dll	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\pagecurl.png	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\colorcycle.png.exe	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\7-Zip\Lang\da.txt.exe	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrenalm.dat	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsptb.xml	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\System\ado\es-ES\msader15.dll.mui	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\System\msadc\ja-JP\msadcer.dll.mui	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationUp_ButtonGraphic.png	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\7-Zip\Lang\sv.txt.exe	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_heb.xml	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad\osknumpadbase.xml.exe	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\7-Zip\Lang\sr-spl.txt.exe	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\7-Zip\Lang\va.txt.exe	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\InkWatson.exe.mui.exe	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Shades of Blue.htm.exe	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\mip.exe.mui	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_jpn.xml	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\TipTsf.dll.mui	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_precomp_matte.wmv.exe	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\7-Zip\Lang\ba.txt.exe	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Bears.jpg	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Green Bubbles.htm.exe	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\lv-LV\tipresx.dll.mui.exe	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\tpcps.dll	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\System\msadc\en-US\msadcer.dll.mui	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\203x8subpicture.png.exe	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\7-Zip\7z.exe.exe	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\7-Zip\Lang\mr.txt.exe	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\keypadbase.xml	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSEngine.dll.exe	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationLeft_SelectionSubpicture.png.exe	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationRight_SelectionSubpicture.png	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\7-Zip\Lang\nn.txt.exe	261233d263f51979f5ed7661dc9a9cd5.exe
File opened for modification	C:\Program Files\7-Zip\Lang\th.txt	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\mip.exe.mui	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols.xml.exe	261233d263f51979f5ed7661dc9a9cd5.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\FlickLearningWizard.exe.mui	261233d263f51979f5ed7661dc9a9cd5.exe

C:\Users\Admin\AppData\Local\Temp\261233d263f51979f5ed7661dc9a9cd5.exe
"C:\Users\Admin\AppData\Local\Temp\261233d263f51979f5ed7661dc9a9cd5.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:2580

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7-zip32.dll.exe

Filesize
560KB

MD5
a02a74c3161558c059848b4b4b61b451

SHA1
53f50762036a861274581bde4caed9829ec0d952

SHA256
8ef6bc23fed35b898752ac1761800a7e72d1f9cc9118b197fd16a71024178859

SHA512
877959a7deb9aad587c3d46b11c0f7f80bbe312b57661f5761def071996ebc7bff2ad4f7682718eca0564d8bc65ce6435de7dfe7640a5b41cd70e8b88d905b9c

Download Submit
memory/2580-0-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download
memory/2580-306-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads