e3783f47268afdf51fca47e835b0dc7188c6c07784a32f2c2378f58b35931285

Analysis

max time kernel
147s
max time network
123s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
19/01/2024, 04:49

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

66bda8cf782f546970242dff6e1de41b.exe
Size

1.8MB
MD5

66bda8cf782f546970242dff6e1de41b
SHA1

30d9fd887b1f56b5e8742b0bc61698eb5e44d780
SHA256

e3783f47268afdf51fca47e835b0dc7188c6c07784a32f2c2378f58b35931285
SHA512

a51fb893f451fb62dbb5d0293dcac6b4ba88559a871d4b052d768ce18899c0034f09eb71a650e76292a56a1d425962bc26c2a8ac1cb269121e97514a0c8551b4
SSDEEP

24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7NxqUkH2:SCqm2Jpr0nNM7Dus7Nx2W

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/1280-0-0x0000000000400000-0x00000000005BA000-memory.dmp	upx
behavioral1/files/0x0007000000014a4b-5.dat	upx
behavioral1/memory/1280-670-0x0000000000400000-0x00000000005BA000-memory.dmp	upx

Drops desktop.ini file(s) 1 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	66bda8cf782f546970242dff6e1de41b.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrenalm.dat	66bda8cf782f546970242dff6e1de41b.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\New_York	66bda8cf782f546970242dff6e1de41b.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\asl-v20.txt	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Fiji.exe	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationRight_SelectionSubpicture.png.exe	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\NextMenuButtonIcon.png.exe	66bda8cf782f546970242dff6e1de41b.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\jce.jar	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\New_York.exe	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationUp_SelectionSubpicture.png.exe	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\fa.pak.exe	66bda8cf782f546970242dff6e1de41b.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\jmxremote.access	66bda8cf782f546970242dff6e1de41b.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Palau	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Filters\VISFILT.DLL.exe	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Graph.emf.exe	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\DvdTransform.fx.exe	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationUp_ButtonGraphic.png	66bda8cf782f546970242dff6e1de41b.exe
File opened for modification	C:\Program Files\7-Zip\Lang\mng.txt	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Berlin.exe	66bda8cf782f546970242dff6e1de41b.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Riga	66bda8cf782f546970242dff6e1de41b.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\invalid32x32.gif	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\Common Files\System\ado\msadrh15.dll	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationUp_ButtonGraphic.png	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-over-DOT.png	66bda8cf782f546970242dff6e1de41b.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\bin\JAWTAccessBridge-64.dll	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Tirane.exe	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\Common Files\System\Ole DB\sqlxmlx.dll.exe	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\header-background.png	66bda8cf782f546970242dff6e1de41b.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome.dll	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaSansRegular.ttf.exe	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\Common Files\System\Ole DB\sqlxmlx.dll	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\huemainsubpicture2.png	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Bahia_Banderas.exe	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Majuro.exe	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Seyes.emf	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_altgr.xml	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\mojo_core.dll.exe	66bda8cf782f546970242dff6e1de41b.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Sakhalin	66bda8cf782f546970242dff6e1de41b.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\GMT	66bda8cf782f546970242dff6e1de41b.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\asl-v20.txt	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\7-Zip\Lang\fa.txt.exe	66bda8cf782f546970242dff6e1de41b.exe
File opened for modification	C:\Program Files\7-Zip\Lang\gu.txt	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Yekaterinburg.exe	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\feature.xml.exe	66bda8cf782f546970242dff6e1de41b.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\feature.properties	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui.ja_5.5.0.165303.jar.exe	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\rollinghills.png	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\java.policy.exe	66bda8cf782f546970242dff6e1de41b.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Kentucky\Monticello	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Nome.exe	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Scene_loop.wmv.exe	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_notes-txt-background.png.exe	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyclient.jar.exe	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.ssl_1.1.0.v20140827-1444.jar.exe	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\TipTsf.dll.mui	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\babyblue.png	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_SelectionSubpictureA.png	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\Internet Explorer\en-US\F12Resources.dll.mui.exe	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\1047x576black.png	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ms.pak.exe	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Santo_Domingo.exe	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Qyzylorda.exe	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Bucharest.exe	66bda8cf782f546970242dff6e1de41b.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\AST4ADT	66bda8cf782f546970242dff6e1de41b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\date-span-16.png.exe	66bda8cf782f546970242dff6e1de41b.exe

C:\Users\Admin\AppData\Local\Temp\66bda8cf782f546970242dff6e1de41b.exe
"C:\Users\Admin\AppData\Local\Temp\66bda8cf782f546970242dff6e1de41b.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:1280

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7-zip32.dll.exe

Filesize
1.8MB

MD5
d8c25fd6fa6cebd153a8169a11f828d5

SHA1
af5942de0cb6fb7b7c29966eaa1e481ba986a36a

SHA256
2cd1e6fbf5bd5a8dbd275072f8780fce0ae53906a3487e9a2154ff6818503c27

SHA512
737d88825b9235f0f7e508de0ac0d50dd3c439231e7c5f12d899b004518ea21165d4fc3821e5e0401d41055afe482cb9176cb2ae5889986674bba62226e9d79b

Download Submit
memory/1280-0-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download
memory/1280-670-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads