69cea105159a1b866483e883e190257144f0a989b0e2ac43d91329517d1ba44f

Analysis

max time kernel
154s
max time network
125s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
31/12/2023, 04:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

27fef151a5684f71baccff8587c1958d.exe
Size

1.8MB
MD5

27fef151a5684f71baccff8587c1958d
SHA1

de884a59e0ad8cf158e57167a5bc21b8cdc83074
SHA256

69cea105159a1b866483e883e190257144f0a989b0e2ac43d91329517d1ba44f
SHA512

ca07034936e41754c01183b234e3449ac0b3ff95ff0d15000a5b174b0fc9b3d85d129618cec1d80364bc3ddbcbea2a9ea021030f8fd1638d7d25a0f78bfd1c72
SSDEEP

24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7NxqUkHt:SCqm2Jpr0nNM7Dus7Nx2N

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/2860-0-0x0000000000400000-0x00000000005BA000-memory.dmp	upx
behavioral1/files/0x0007000000015c51-5.dat	upx
behavioral1/memory/2860-715-0x0000000000400000-0x00000000005BA000-memory.dmp	upx

Drops desktop.ini file(s) 1 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	27fef151a5684f71baccff8587c1958d.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\7-Zip\Lang\es.txt.exe	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-highlight.png	27fef151a5684f71baccff8587c1958d.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\nb.pak	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationLeft_SelectionSubpicture.png.exe	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-next-static.png	27fef151a5684f71baccff8587c1958d.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\eventlog_provider.dll	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.DLL.exe	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\rtscom.dll.mui.exe	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\TipTsf.dll.mui.exe	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\decorative_rule.png.exe	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\Internet Explorer\MemoryAnalyzer.dll	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\InkObj.dll.mui	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrusash.dat.exe	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\Common Files\System\msadc\en-US\msaddsr.dll.mui	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationRight_ButtonGraphic.png.exe	27fef151a5684f71baccff8587c1958d.exe
File opened for modification	C:\Program Files\7-Zip\7z.sfx	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\mshwLatin.dll.mui	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyScenesBackground_PAL.wmv.exe	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\sl.pak.exe	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\tipresx.dll.mui	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsptb.xml.exe	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\Common Files\System\msadc\es-ES\msdaprsr.dll.mui.exe	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\header-background.png	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationLeft_SelectionSubpicture.png	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Extensions\external_extensions.json.exe	27fef151a5684f71baccff8587c1958d.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ru.pak	27fef151a5684f71baccff8587c1958d.exe
File opened for modification	C:\Program Files\7-Zip\Lang\bn.txt	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Shorthand.emf.exe	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrdeush.dat.exe	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\IPSEventLogMsg.dll.mui.exe	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\Common Files\System\msadc\en-US\msadcfr.dll.mui.exe	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\babyblue.png	27fef151a5684f71baccff8587c1958d.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome.dll	27fef151a5684f71baccff8587c1958d.exe
File opened for modification	C:\Program Files\Common Files\Microsoft Shared\Filters\odffilt.dll	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\MSInfo\ja-JP\msinfo32.exe.mui.exe	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwritash.dat.exe	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\Common Files\System\ado\msado28.tlb	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_buttongraphic.png.exe	27fef151a5684f71baccff8587c1958d.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\bn.pak	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\Internet Explorer\ieinstal.exe.exe	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\7-Zip\Lang\mk.txt.exe	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\Common Files\System\fr-FR\wab32res.dll.mui	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationLeft_ButtonGraphic.png.exe	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push.png	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\FlickLearningWizard.exe.mui	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_VideoInset.png.exe	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-back-static.png	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF.exe	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Garden.jpg.exe	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Monet.jpg.exe	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu\oskmenubase.xml.exe	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\pushplaysubpicture.png.exe	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationRight_ButtonGraphic.png.exe	27fef151a5684f71baccff8587c1958d.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\hi.pak	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrdeush.dat	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\Common Files\System\ado\msado15.dll.exe	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_SelectionSubpictureA.png	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\203x8subpicture.png	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\DVD Maker\de-DE\OmdProject.dll.mui.exe	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\DVD Maker\directshowtap.ax	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\Internet Explorer\pdmproxy100.dll	27fef151a5684f71baccff8587c1958d.exe
File opened for modification	C:\Program Files\7-Zip\Lang\ca.txt	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationLeft_ButtonGraphic.png	27fef151a5684f71baccff8587c1958d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationLeft_SelectionSubpicture.png	27fef151a5684f71baccff8587c1958d.exe

C:\Users\Admin\AppData\Local\Temp\27fef151a5684f71baccff8587c1958d.exe
"C:\Users\Admin\AppData\Local\Temp\27fef151a5684f71baccff8587c1958d.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:2860

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7-zip32.dll.exe

Filesize
1.8MB

MD5
be2f23ec310b6f5e75f7faf0d215b851

SHA1
c720a4f22fd59ce5cb8bc7749c832db53090bafb

SHA256
cc14160876a37958c22e64d4c644353bb37783540092af446ef15b98aaf7fa21

SHA512
b9c435f19de826717bfefea19e3ea76b15d88a4df79d6b75f827fad3ba29485706c6473eec4668c26956823dd94afec405c2f72d6f2be84160c21f564bb1bfe4

Download Submit
memory/2860-0-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download
memory/2860-715-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads