1d4002fa695a053ec1f14e16e7c18cd1ee9adbb594f706e9895924c9efc58bfb

Analysis

max time kernel
149s
max time network
131s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
31/12/2023, 19:00

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

3ace2057fd05ca249638b6d264dd2177.exe
Size

2.8MB
MD5

3ace2057fd05ca249638b6d264dd2177
SHA1

61604e6fcd080a9d14c12b7f966b157b251898a4
SHA256

1d4002fa695a053ec1f14e16e7c18cd1ee9adbb594f706e9895924c9efc58bfb
SHA512

53914c9eeaca193fb31f9e9784aa01f4e1b3061b761da3f64ee9cfef85d218581627f262e1c760cdbf96dc4ca1130f48a855476e28bd4032a0b22d16417c68b8
SSDEEP

24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7NxqUkHE6pQPxQ2JyP2r5mJV91l:SCqm2Jpr0nNM7Dus7Nx2kCqm2Jpr0np

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/2172-0-0x0000000000400000-0x00000000005BA000-memory.dmp	upx
behavioral1/files/0x0032000000015c9b-5.dat	upx
behavioral1/memory/2172-202-0x0000000000400000-0x00000000005BA000-memory.dmp	upx

Drops desktop.ini file(s) 1 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	3ace2057fd05ca249638b6d264dd2177.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Services\verisign.bmp.exe	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\1047x576black.png	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\15x15dot.png	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-correct.avi.exe	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\Common Files\System\Ole DB\sqloledb.dll.exe	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_MATTE_PAL.wmv	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\1047x576_91n92.png.exe	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationRight_SelectionSubpicture.png.exe	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationLeft_SelectionSubpicture.png	3ace2057fd05ca249638b6d264dd2177.exe
File opened for modification	C:\Program Files\7-Zip\Lang\ko.txt	3ace2057fd05ca249638b6d264dd2177.exe
File opened for modification	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_matte.wmv.exe	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationLeft_ButtonGraphic.png.exe	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\specialmainsubpicture.png.exe	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\7-Zip\Lang\af.txt.exe	3ace2057fd05ca249638b6d264dd2177.exe
File opened for modification	C:\Program Files\7-Zip\Lang\eu.txt	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Connectivity.gif	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-next-static.png	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonSubpicture.png	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\InputPersonalization.exe.mui.exe	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyScenesBackground.wmv	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Dot.png	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationUp_SelectionSubpicture.png.exe	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\15x15dot.png	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationLeft_SelectionSubpicture.png.exe	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\DVD Maker\es-ES\DVDMaker.exe.mui	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\DVD Maker\Pipeline.dll	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\babyblue.png	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\highlight.png.exe	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\Common Files\Microsoft Shared\MSInfo\fr-FR\msinfo32.exe.mui	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\HandPrints.jpg	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOMessageProvider.dll.exe	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\IPSEventLogMsg.dll.exe	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\Common Files\Services\verisign.bmp	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-previous-static.png	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationLeft_ButtonGraphic.png	3ace2057fd05ca249638b6d264dd2177.exe
File opened for modification	C:\Program Files\7-Zip\Lang\sa.txt	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_SelectionSubpicture.png.exe	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationUp_ButtonGraphic.png.exe	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\tr-TR\tipresx.dll.mui.exe	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\Common Files\System\msadc\msdarem.dll.exe	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_notes-txt-background.png	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_INTRO_BG_PAL.wmv	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\7-Zip\7-zip32.dll.exe	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\ShapeCollector.exe.mui	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\micaut.dll.mui	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\Common Files\System\ado\en-US\msader15.dll.mui	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\Common Files\System\ado\msadox28.tlb	3ace2057fd05ca249638b6d264dd2177.exe
File opened for modification	C:\Program Files\7-Zip\Lang\sk.txt	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwruklm.dat.exe	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\Common Files\System\msadc\msadcfr.dll.exe	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainBackground_PAL.wmv	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\15x15dot.png	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Page.wmv	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\Content.xml	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\InkObj.dll.exe	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\tabskb.dll.mui	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\zh-CN\tipresx.dll.mui	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToNotesBackground.wmv.exe	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationLeft_SelectionSubpicture.png	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-join.avi	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\tipskins.dll.exe	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\Common Files\System\msadc\adcvbs.inc.exe	3ace2057fd05ca249638b6d264dd2177.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-next-static.png.exe	3ace2057fd05ca249638b6d264dd2177.exe

C:\Users\Admin\AppData\Local\Temp\3ace2057fd05ca249638b6d264dd2177.exe
"C:\Users\Admin\AppData\Local\Temp\3ace2057fd05ca249638b6d264dd2177.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:2172

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7-zip32.dll.exe

Filesize
2.8MB

MD5
9a48964ca6294fe303f34fe265185d79

SHA1
5d6e4d5b790cbdc63863e21f718bf3bfbea37956

SHA256
eb27a55c33ccda7590b181cbbee3d8f31e3ae673452681be673e9744a723e745

SHA512
442651a83233be453f789b7706e3b56421da22f51c9c0eac474b9bafc9f99e9945e8bd77918e365d63868ef7060ffec3f65ce95c2b01b36fd8bdcf9fbb5f8158

Download Submit
memory/2172-0-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download
memory/2172-202-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads