4310180a365f9d1498f421037f5cf3c5704152aa302711cfeb46a5f794b814c8

Analysis

max time kernel
169s
max time network
134s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
07/01/2024, 21:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

49c45b3fff47c51dd26faba9dad24ded.exe
Size

1.8MB
MD5

49c45b3fff47c51dd26faba9dad24ded
SHA1

181fa5fa3548a35d2f6a5c0eddcaca9c2d8959da
SHA256

4310180a365f9d1498f421037f5cf3c5704152aa302711cfeb46a5f794b814c8
SHA512

216f166df2cb31fc44ae6865b4a973028fb68a923a55591734029a09d168bf302694821299d52c93460e6e4e046e500a348ac5939babcb8287814ca1d0d42bf6
SSDEEP

24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7NxqB:SCqm2Jpr0nNM7Dus7NxE

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/1444-0-0x0000000000400000-0x00000000005BA000-memory.dmp	upx
behavioral1/files/0x0007000000016d71-5.dat	upx
behavioral1/memory/1444-701-0x0000000000400000-0x00000000005BA000-memory.dmp	upx

Drops desktop.ini file(s) 1 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	49c45b3fff47c51dd26faba9dad24ded.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\System\Ole DB\sqlxmlx.dll	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Tiki.gif	49c45b3fff47c51dd26faba9dad24ded.exe
File opened for modification	C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\tipresx.dll.mui.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\es-419.pak.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\7-Zip\7-zip.chm.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\kor-kor.xml	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\DVD Maker\OmdBase.dll	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\NavigationButtonSubpicture.png	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonInset_Alpha1.png	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\GreenBubbles.jpg.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\DVD Maker\Eurosti.TTF	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationRight_ButtonGraphic.png.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\Common Files\System\ado\de-DE\msader15.dll.mui	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationRight_ButtonGraphic.png	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\Internet Explorer\en-US\iedvtool.dll.mui.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\bin\javadoc.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\ssv.dll.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\7-Zip\Lang\ku-ckb.txt.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\tipresx.dll.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\Common Files\System\Ole DB\fr-FR\oledb32r.dll.mui	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\lv.pak.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyrun.jar.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\Java\jdk1.7.0_80\include\jni.h.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\attach.dll.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\Common Files\Services\verisign.bmp	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationUp_ButtonGraphic.png	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\cs.pak.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Page_PAL.wmv	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationRight_ButtonGraphic.png.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\bin\wsdetect.dll	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\th.pak.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\bin\jvisualvm.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\libxml2.dll.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\ShapeCollector.exe.mui.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsfra.xml	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\Common Files\System\msadc\msdaremr.dll.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\Internet Explorer\ielowutil.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipscsy.xml.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationLeft_SelectionSubpicture.png	49c45b3fff47c51dd26faba9dad24ded.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\id.pak	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Tanspecks.jpg.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\DVD Maker\ja-JP\DVDMaker.exe.mui.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\et.pak.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jsadebugd.exe.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrdeslm.dat.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsdan.xml	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSEngine.dll.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\7-Zip\Lang\sa.txt.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\ja-jp.xml	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passport_mask_left.png.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationRight_ButtonGraphic.png.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\DVD Maker\WMM2CLIP.dll	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\vulkan-1.dll.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File opened for modification	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.DLL	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\Common Files\System\msadc\ja-JP\msdaprsr.dll.mui	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\shatter.png.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationLeft_SelectionSubpicture.png	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_buttongraphic.png.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgeCallbacks.h.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Hand Prints.htm.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\ParentMenuButtonIcon.png.exe	49c45b3fff47c51dd26faba9dad24ded.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-previous-over-select.png.exe	49c45b3fff47c51dd26faba9dad24ded.exe

C:\Users\Admin\AppData\Local\Temp\49c45b3fff47c51dd26faba9dad24ded.exe
"C:\Users\Admin\AppData\Local\Temp\49c45b3fff47c51dd26faba9dad24ded.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:1444

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7-zip32.dll.exe

Filesize
1.1MB

MD5
47744706d9b1424ac39bbb9bdf6d683f

SHA1
40711365d27877e38eeb3fa52162aa19d7e0d206

SHA256
a479d3b4cd75cda7e97e303162ed8b2f733efbe617ee324ad9cbf54193af088a

SHA512
a4ccb586f709ece79e1f2f1c47cc78745999244fca515fb576f35cd56ceecc513637b92a05e85cdf6af5cf64ac3dfe4e3c229371ce5ba5e5f021fc99e5e84a6a

Download Submit
memory/1444-0-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download
memory/1444-701-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads