17c0a6244214deccb8c0e5892ea66864f337a3d47878075f8901e8054d9f406a

Analysis

max time kernel
128s
max time network
131s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
10-01-2024 09:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

503f09961e9c4e947f363d72ffd56540.exe
Size

1.8MB
MD5

503f09961e9c4e947f363d72ffd56540
SHA1

fc86ed56b4334d622d6f19f80a4d5d3bb6149a27
SHA256

17c0a6244214deccb8c0e5892ea66864f337a3d47878075f8901e8054d9f406a
SHA512

0478ecfe926ef0c4028ab03d56d12c5bf4e8ec85ec81d58ac59c0ce4f472562cdc8999d43e18f13071838730afc4159ac840db9c106cada038f4c36c40b7fa8f
SSDEEP

24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7NxqUkHZ:SCqm2Jpr0nNM7Dus7Nx25

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/3044-0-0x0000000000400000-0x00000000005BA000-memory.dmp	upx
behavioral1/files/0x0031000000015c04-5.dat	upx
behavioral1/memory/3044-232-0x0000000000400000-0x00000000005BA000-memory.dmp	upx

Drops desktop.ini file(s) 1 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	503f09961e9c4e947f363d72ffd56540.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationRight_ButtonGraphic.png	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\7-Zip\Lang\ru.txt.exe	503f09961e9c4e947f363d72ffd56540.exe
File opened for modification	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\osppobjs-spp-plugin-manifest-signed.xrm-ms	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\he-IL\tipresx.dll.mui.exe	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\7-Zip\Lang\az.txt.exe	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\Common Files\System\msadc\de-DE\msadcfr.dll.mui.exe	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push_title.png.exe	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\Common Files\System\msadc\es-ES\msdaremr.dll.mui.exe	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\pushplaysubpicture.png	503f09961e9c4e947f363d72ffd56540.exe
File opened for modification	C:\Program Files\7-Zip\Lang\mng2.txt	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\Common Files\System\Ole DB\ja-JP\oledb32r.dll.mui	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\Common Files\System\it-IT\wab32res.dll.mui	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\ea.xml.exe	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationRight_ButtonGraphic.png	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols.xml.exe	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\Common Files\Microsoft Shared\MSInfo\it-IT\msinfo32.exe.mui	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\content-foreground.png.exe	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationUp_SelectionSubpicture.png.exe	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\micaut.dll.mui.exe	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\Common Files\System\DirectDB.dll	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-border.png.exe	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Blue_Gradient.jpg	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrfrash.dat.exe	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsptb.xml	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\7-Zip\Lang\el.txt.exe	503f09961e9c4e947f363d72ffd56540.exe
File opened for modification	C:\Program Files\7-Zip\Lang\hr.txt	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred.xml.exe	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\7-Zip\7z.exe.exe	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\7-Zip\Lang\af.txt.exe	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\7-Zip\Lang\co.txt.exe	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSCommon.dll.exe	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\Common Files\System\en-US\wab32res.dll.mui.exe	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-next-static.png.exe	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXEV.DLL.exe	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\dicjp.bin.exe	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\IpsMigrationPlugin.dll.mui	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\blackbars60.png.exe	503f09961e9c4e947f363d72ffd56540.exe
File opened for modification	C:\Program Files\Common Files\Microsoft Shared\Filters\VISFILT.DLL	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe.exe	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\Common Files\System\ado\it-IT\msader15.dll.mui.exe	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web.xml.exe	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationLeft_SelectionSubpicture.png	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_LOOP_BG.wmv	503f09961e9c4e947f363d72ffd56540.exe
File opened for modification	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Music.emf	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Pretty_Peacock.jpg	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\MainMenuButtonIcon.png.exe	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationRight_SelectionSubpicture.png.exe	503f09961e9c4e947f363d72ffd56540.exe
File opened for modification	C:\Program Files\7-Zip\Lang\nl.txt	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\grid_(cm).wmf	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyNotesBackground_PAL.wmv.exe	503f09961e9c4e947f363d72ffd56540.exe
File opened for modification	C:\Program Files\7-Zip\7z.dll	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\InkObj.dll.mui.exe	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainBackground_PAL.wmv	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\mainimage-mask.png.exe	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\mainimage-mask.png	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationRight_ButtonGraphic.png	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\FlickLearningWizard.exe.mui	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\Common Files\System\Ole DB\sqloledb.rll	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyScenesBackground_PAL.wmv	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\mip.exe.mui.exe	503f09961e9c4e947f363d72ffd56540.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationUp_SelectionSubpicture.png.exe	503f09961e9c4e947f363d72ffd56540.exe
File opened for modification	C:\Program Files\7-Zip\Lang\da.txt	503f09961e9c4e947f363d72ffd56540.exe
File opened for modification	C:\Program Files\7-Zip\Lang\mng.txt	503f09961e9c4e947f363d72ffd56540.exe

C:\Users\Admin\AppData\Local\Temp\503f09961e9c4e947f363d72ffd56540.exe
"C:\Users\Admin\AppData\Local\Temp\503f09961e9c4e947f363d72ffd56540.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:3044

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7-zip32.dll.exe

Filesize
183KB

MD5
76c0c3572d69d8a7950dd85cbb9cee22

SHA1
c9cce409ac5d707fd8808b99625fedda9de49969

SHA256
39d555b351067c910fed021af9aa6408a2bd1f1ec5ba46843cfdcf8859b5a0c0

SHA512
213cd7adb0c03a48585093189b04dcf0e4996a4e17042c4540118284efd355f1f58228271049bcfb5fbc3a86b28d37d2dbfc868a265cbf1c390922f56949dd72

Download Submit
memory/3044-0-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download
memory/3044-232-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads