d0681ce0ce1b200da11c542c7ffed8b2eb3839a20ea017da57b8515869e00599

Analysis

max time kernel
147s
max time network
127s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
13-01-2024 22:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

599b52c8b0de3f7cc3184aae5901eb78.exe
Size

1.8MB
MD5

599b52c8b0de3f7cc3184aae5901eb78
SHA1

cb5faf992a7f468c1344e9b55584d62ddb2d01f0
SHA256

d0681ce0ce1b200da11c542c7ffed8b2eb3839a20ea017da57b8515869e00599
SHA512

7856c75d043899e77fde2b448774a13c16d11a63db3ed0906511f1637ead119e893b897aa10b76b051b9b75d3b88c9119b7602dce01cd1be23724c25db38b996
SSDEEP

24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7NxqUkHT:SCqm2Jpr0nNM7Dus7Nx2z

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/2224-0-0x0000000000400000-0x00000000005BA000-memory.dmp	upx
behavioral1/files/0x0035000000016312-5.dat	upx
behavioral1/memory/2224-804-0x0000000000400000-0x00000000005BA000-memory.dmp	upx

Drops desktop.ini file(s) 1 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	599b52c8b0de3f7cc3184aae5901eb78.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui.configuration_5.5.0.165303.jar.exe	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler.jar.exe	599b52c8b0de3f7cc3184aae5901eb78.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_CopyNoDrop32x32.gif	599b52c8b0de3f7cc3184aae5901eb78.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp_5.5.0.165303\feature.xml	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\eclipse.inf.exe	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\3RDPARTY.exe	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_Buttongraphic.png	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\scenesscroll.png.exe	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationRight_SelectionSubpicture.png	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\Passport_PAL.wmv.exe	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationLeft_SelectionSubpicture.png.exe	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\ECLIPSE_.SF.exe	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64.nl_ja_4.4.0.v20140623020002.jar.exe	599b52c8b0de3f7cc3184aae5901eb78.exe
File opened for modification	C:\Program Files\7-Zip\Lang\gl.txt	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\zh-changjei.xml	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\management-agent.jar.exe	599b52c8b0de3f7cc3184aae5901eb78.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.jsp.jasper.registry_1.0.300.v20130327-1442.jar	599b52c8b0de3f7cc3184aae5901eb78.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jfr.dll	599b52c8b0de3f7cc3184aae5901eb78.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\indxicon.gif	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationLeft_SelectionSubpicture.png	599b52c8b0de3f7cc3184aae5901eb78.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\THIRDPARTYLICENSEREADME.txt	599b52c8b0de3f7cc3184aae5901eb78.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.services_3.4.0.v20140312-2051.jar	599b52c8b0de3f7cc3184aae5901eb78.exe
File opened for modification	C:\Program Files\7-Zip\Lang\da.txt	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_uparrow.png	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BlackRectangle.bmp.exe	599b52c8b0de3f7cc3184aae5901eb78.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\diagnostic-command-16.png	599b52c8b0de3f7cc3184aae5901eb78.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-openide-util-enumerations.xml_hidden	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\blackbars80.png.exe	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\am.pak.exe	599b52c8b0de3f7cc3184aae5901eb78.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.batik.util.gui_1.7.0.v200903091627.jar	599b52c8b0de3f7cc3184aae5901eb78.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application-views_ja.jar	599b52c8b0de3f7cc3184aae5901eb78.exe
File opened for modification	C:\Program Files\7-Zip\Lang\fur.txt	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsptb.xml.exe	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_INTRO_BG_PAL.wmv	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyrun.jar.exe	599b52c8b0de3f7cc3184aae5901eb78.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.transport.ecf_1.1.0.v20140408-1354.jar	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Chuuk.exe	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\Welcome.html.exe	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Pontianak.exe	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Chisinau.exe	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-text.xml.exe	599b52c8b0de3f7cc3184aae5901eb78.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\epl-v10.html	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding_1.4.2.v20140729-1044.jar.exe	599b52c8b0de3f7cc3184aae5901eb78.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help_3.6.0.v20130326-1254.jar	599b52c8b0de3f7cc3184aae5901eb78.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\EST5EDT	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Palmer.exe	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64.nl_zh_4.4.0.v20140623020002.jar.exe	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll.exe	599b52c8b0de3f7cc3184aae5901eb78.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Adak	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\micaut.dll.mui	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationLeft_ButtonGraphic.png.exe	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\Internet Explorer\D3DCompiler_47.dll.exe	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jstat.exe.exe	599b52c8b0de3f7cc3184aae5901eb78.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-threaddump_ja.jar	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Maldives.exe	599b52c8b0de3f7cc3184aae5901eb78.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ext_5.5.0.165303.jar	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ml.pak.exe	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-queries.jar.exe	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Title_Page_Ref_PAL.wmv	599b52c8b0de3f7cc3184aae5901eb78.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-heapdump_ja.jar	599b52c8b0de3f7cc3184aae5901eb78.exe
File opened for modification	C:\Program Files\Java\jre7\bin\jaas_nt.dll	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\MANIFEST.MF.exe	599b52c8b0de3f7cc3184aae5901eb78.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_basestyle.css.exe	599b52c8b0de3f7cc3184aae5901eb78.exe

C:\Users\Admin\AppData\Local\Temp\599b52c8b0de3f7cc3184aae5901eb78.exe
"C:\Users\Admin\AppData\Local\Temp\599b52c8b0de3f7cc3184aae5901eb78.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:2224

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7-zip32.dll.exe

Filesize
1.7MB

MD5
b7777da32baadba6d5a133789be628dc

SHA1
8caa3fa559ebe77bea050d8963c262736e005563

SHA256
052c07a6fb7b2a7d3e8a9d049e06cf9da5cfe380b5768353326b275b630ceb47

SHA512
14086ea6b0936563c8d0a8959e9d526abc935327db32001a743bd4fd9009d0d55e31b1bc2ffbce213eed70e22454afc17a50c64dbdf1bd4ac786c1fac02fc625

Download Submit
memory/2224-0-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download
memory/2224-804-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads