a5fa2336a6e9524a97d2998f1561a7905056c67f397f1a69c2da901c7a54d6b5

Analysis

max time kernel
118s
max time network
127s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
31/12/2023, 14:00

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

38fab21efff7a4a44ea9699b87eb10dc.exe
Size

1.8MB
MD5

38fab21efff7a4a44ea9699b87eb10dc
SHA1

4728775c2ffb3568c7c1817249cc7982be89c0eb
SHA256

a5fa2336a6e9524a97d2998f1561a7905056c67f397f1a69c2da901c7a54d6b5
SHA512

fe9c87e38e56815571a92646c794269f13d47eb41e11d414119915b41398b8c70d2aa0b32f5069f6b294206e021d14fc26f1e09518261150493cb5ac9d573ed2
SSDEEP

24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7NxqC:SCqm2Jpr0nNM7Dus7Nx7

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/2200-0-0x0000000000400000-0x00000000005BA000-memory.dmp	upx
behavioral1/files/0x0036000000015606-5.dat	upx
behavioral1/memory/2200-256-0x0000000000400000-0x00000000005BA000-memory.dmp	upx

Drops desktop.ini file(s) 1 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	38fab21efff7a4a44ea9699b87eb10dc.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base.xml	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-image-mask.png.exe	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\reflect.png.exe	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\highlight.png.exe	38fab21efff7a4a44ea9699b87eb10dc.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\include\jni.h	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\tipresx.dll.mui.exe	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\mshwLatin.dll.mui.exe	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\dicjp.bin	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwresmlm.dat	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\Common Files\System\msadc\it-IT\msdaremr.dll.mui	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\DVD Maker\Eurosti.TTF	38fab21efff7a4a44ea9699b87eb10dc.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\id.pak	38fab21efff7a4a44ea9699b87eb10dc.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\bin\klist.exe	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\To_Do_List.emf.exe	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-split.avi	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationLeft_SelectionSubpicture.png	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\header-background.png.exe	38fab21efff7a4a44ea9699b87eb10dc.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\sv.pak	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\javafx-font.dll.exe	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\Common Files\System\Ole DB\es-ES\msdasqlr.dll.mui.exe	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\dotsdarkoverlay.png.exe	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\colorcycle.png.exe	38fab21efff7a4a44ea9699b87eb10dc.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\bin\net.dll	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\LINEAR_RGB.pf.exe	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\msinfo32.exe.mui	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\Common Files\System\msadc\msdaprst.dll.exe	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\mainscroll.png.exe	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToScenesBackground.wmv.exe	38fab21efff7a4a44ea9699b87eb10dc.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\mr.pak	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\tabskb.dll.mui.exe	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_mainImage-mask.png	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jsound.dll.exe	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\Internet Explorer\en-US\jsdbgui.dll.mui.exe	38fab21efff7a4a44ea9699b87eb10dc.exe
File opened for modification	C:\Program Files\7-Zip\Lang\ne.txt	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Wrinkled_Paper.gif.exe	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\Common Files\Services\verisign.bmp.exe	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSLoc.dll	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\DVD Maker\SecretST.TTF.exe	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_LOOP_BG_PAL.wmv.exe	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-shadow.png.exe	38fab21efff7a4a44ea9699b87eb10dc.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\bin\instrument.dll	38fab21efff7a4a44ea9699b87eb10dc.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\currency.data	38fab21efff7a4a44ea9699b87eb10dc.exe
File opened for modification	C:\Program Files\7-Zip\Lang\sw.txt	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\tabskb.dll.mui	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\pt-BR\tipresx.dll.mui	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\Common Files\System\msadc\msaddsr.dll	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationLeft_ButtonGraphic.png	38fab21efff7a4a44ea9699b87eb10dc.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\WidevineCdm\LICENSE	38fab21efff7a4a44ea9699b87eb10dc.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\db\3RDPARTY	38fab21efff7a4a44ea9699b87eb10dc.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\bin\dtplugin\deployJava1.dll	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Genko_2.emf.exe	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Memo.emf.exe	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\he-IL\tipresx.dll.mui	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrdeush.dat	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\InputPersonalization.exe.mui	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\203x8subpicture.png	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\Java\jdk1.7.0_80\include\win32\jawt_md.h.exe	38fab21efff7a4a44ea9699b87eb10dc.exe
File opened for modification	C:\Program Files\7-Zip\Lang\eo.txt	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrcommonlm.dat.exe	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\tr-TR\tipresx.dll.mui.exe	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\whiteband.png.exe	38fab21efff7a4a44ea9699b87eb10dc.exe
File opened for modification	C:\Program Files\7-Zip\Lang\ba.txt	38fab21efff7a4a44ea9699b87eb10dc.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\TipBand.dll.mui	38fab21efff7a4a44ea9699b87eb10dc.exe

C:\Users\Admin\AppData\Local\Temp\38fab21efff7a4a44ea9699b87eb10dc.exe
"C:\Users\Admin\AppData\Local\Temp\38fab21efff7a4a44ea9699b87eb10dc.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:2200

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7-zip32.dll.exe

Filesize
126KB

MD5
1d09219d9224e2d36f0e9e3c9eef210a

SHA1
b7454b883711260eaf7e56b601b462ebe0540777

SHA256
9c35e3fc807de92933cf4e08a15f564457b2cda8dc27077c514179d6d7de4f30

SHA512
e1828a24e09a02303898c7cd3a11b1c826510aee46f2dff573c28d88d6e4ef5b37c2078cdeb07bd51d17ee51795f5318370660420c4d61f04b27cf283a6d8a78

Download Submit
memory/2200-0-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download
memory/2200-256-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads