5224af72ec56cf3d9bba7aac45a3456027a2238091ef6e3675c75b8039357dab

Analysis

max time kernel
154s
max time network
164s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
12/01/2024, 07:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

55cae890c3bcedfa589793684503d563.exe
Size

1.8MB
MD5

55cae890c3bcedfa589793684503d563
SHA1

f41e097c3b134619d9a24a74141958ece4abedf3
SHA256

5224af72ec56cf3d9bba7aac45a3456027a2238091ef6e3675c75b8039357dab
SHA512

2daac6230631df33adb4781e6c6ce27d00b64c086c4472b155473358370425c3be4c55e5b0c05ded07ef48fef0ed31b178be7541bba5be362b6764dc103d64e3
SSDEEP

24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7NxqUkH7:SCqm2Jpr0nNM7Dus7Nx2b

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral2/memory/2096-0-0x0000000000400000-0x00000000005BA000-memory.dmp	upx
behavioral2/files/0x0002000000022910-5.dat	upx
behavioral2/memory/2096-224-0x0000000000400000-0x00000000005BA000-memory.dmp	upx

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File opened for modification	C:\Program Files\Java\jdk-1.8\jre\bin\javafx_iio.dll	55cae890c3bcedfa589793684503d563.exe
File opened for modification	C:\Program Files\Java\jdk-1.8\jre\bin\msvcp140_2.dll	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Java\jre-1.8\bin\javaws.exe.exe	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Microsoft Office\root\Client\AppVLP.exe.exe	55cae890c3bcedfa589793684503d563.exe
File opened for modification	C:\Program Files\7-Zip\Lang\pa-in.txt	55cae890c3bcedfa589793684503d563.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\de.pak	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Java\jdk-1.8\jre\bin\javafx_iio.dll.exe	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Java\jdk-1.8\jre\lib\hijrah-config-umalqura.properties.exe	55cae890c3bcedfa589793684503d563.exe
File opened for modification	C:\Program Files\Microsoft Office\root\Client\C2R64.dll	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Java\jdk-1.8\jre\lib\security\javaws.policy.exe	55cae890c3bcedfa589793684503d563.exe
File opened for modification	C:\Program Files\7-Zip\Lang\vi.txt	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.da-dk.dll.exe	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\hu.pak.exe	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ur.pak.exe	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Java\jdk-1.8\jre\bin\api-ms-win-crt-convert-l1-1-0.dll.exe	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Java\jdk-1.8\jre\bin\w2k_lsa_auth.dll.exe	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Common Files\System\msadc\de-DE\msdaprsr.dll.mui	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Common Files\System\msadc\msdaprst.dll.exe	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\EnterCompress.css.exe	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\pt-PT.pak.exe	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\fsdefinitions\oskmenu\oskmenubase.xml	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe.exe	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Internet Explorer\ja-JP\ieinstal.exe.mui.exe	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Java\jdk-1.8\jre\lib\jfr.jar.exe	55cae890c3bcedfa589793684503d563.exe
File opened for modification	C:\Program Files\Java\jdk-1.8\jre\lib\sound.properties	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\tipresx.dll.exe	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\it.pak.exe	55cae890c3bcedfa589793684503d563.exe
File opened for modification	C:\Program Files\Java\jdk-1.8\bin\jjs.exe	55cae890c3bcedfa589793684503d563.exe
File opened for modification	C:\Program Files\Java\jre-1.8\lib\deploy\messages_it.properties	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Java\jre-1.8\lib\logging.properties.exe	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Common Files\System\msadc\en-US\msdaremr.dll.mui.exe	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\mshwgst.dll	55cae890c3bcedfa589793684503d563.exe
File opened for modification	C:\Program Files\Java\jdk-1.8\jre\lib\fonts\LucidaTypewriterBold.ttf	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Java\jdk-1.8\jre\lib\resources.jar.exe	55cae890c3bcedfa589793684503d563.exe
File opened for modification	C:\Program Files\Java\jre-1.8\legal\jdk\unicode.md	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Common Files\System\ado\msader15.dll.exe	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Common Files\System\ado\msado60.tlb.exe	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Common Files\microsoft shared\MSInfo\es-ES\msinfo32.exe.mui.exe	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\ipsptb.xml.exe	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\ru-RU\tipresx.dll.mui.exe	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Google\Chrome\Application\chrome_proxy.exe.exe	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Common Files\System\ado\fr-FR\msader15.dll.mui.exe	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Common Files\microsoft shared\ink\ipsfra.xml	55cae890c3bcedfa589793684503d563.exe
File opened for modification	C:\Program Files\Java\jdk-1.8\jre\lib\deploy\messages_pt_BR.properties	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Java\jdk-1.8\jre\lib\deploy\[email protected]	55cae890c3bcedfa589793684503d563.exe
File opened for modification	C:\Program Files\Java\jdk-1.8\jre\lib\ext\localedata.jar	55cae890c3bcedfa589793684503d563.exe
File opened for modification	C:\Program Files\Java\jre-1.8\lib\jce.jar	55cae890c3bcedfa589793684503d563.exe
File opened for modification	C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-timezone-l1-1-0.dll	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Microsoft Office\PackageManifests\AppXManifest.90160000-3101-0000-1000-0000000FF1CE.xml.exe	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.bg-bg.dll.exe	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\resources.pak.exe	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Java\jdk-1.8\jre\legal\jdk\lcms.md.exe	55cae890c3bcedfa589793684503d563.exe
File opened for modification	C:\Program Files\Java\jdk-1.8\jre\lib\security\policy\limited\US_export_policy.jar	55cae890c3bcedfa589793684503d563.exe
File opened for modification	C:\Program Files\Java\jdk-1.8\legal\javafx\icu_web.md	55cae890c3bcedfa589793684503d563.exe
File opened for modification	C:\Program Files\Java\jdk-1.8\legal\jdk\relaxngcc.md	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Microsoft Office\root\Client\api-ms-win-crt-process-l1-1-0.dll.exe	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\sk.pak.exe	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Java\jdk-1.8\jre\lib\fontconfig.properties.src.exe	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Microsoft Office\PackageManifests\AppXManifest.90160000-00E2-0000-1000-0000000FF1CE.xml.exe	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Common Files\microsoft shared\ClickToRun\C2RINTL.pt-br.dll.exe	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Common Files\microsoft shared\VGX\VGX.dll	55cae890c3bcedfa589793684503d563.exe
File opened for modification	C:\Program Files\Java\jdk-1.8\bin\javafxpackager.exe	55cae890c3bcedfa589793684503d563.exe
File opened for modification	C:\Program Files\Java\jdk-1.8\bin\rmid.exe	55cae890c3bcedfa589793684503d563.exe
File created	C:\Program Files\Java\jre-1.8\bin\dtplugin\npdeployJava1.dll.exe	55cae890c3bcedfa589793684503d563.exe

C:\Users\Admin\AppData\Local\Temp\55cae890c3bcedfa589793684503d563.exe
"C:\Users\Admin\AppData\Local\Temp\55cae890c3bcedfa589793684503d563.exe"
1⤵
- Drops file in Program Files directory
PID:2096

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7-zip32.dll

Filesize
1.8MB

MD5
403fab0c06a82e380af515fe11af0fb0

SHA1
6e4043d5424cd6c4c2ea3fe7625dbc9fe3281360

SHA256
a6a4fca133fe160a19debe01a9c9016dd7130a66f58e7f9f71bb9bcbbbc959df

SHA512
86dece18f10475cbe1b19d59ec630f6f5ae89c3191d7a067965c445b8a0f02752298e675a0268fc75684b85bdb24235a7d8cb1e9a56989e9bbad1ab365d515b5

Download Submit
memory/2096-0-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download
memory/2096-224-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads