6386808fd9f7757cf79d3baf32007894375107d0137626d91b9ce84266e0ee99

Analysis

max time kernel
149s
max time network
144s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
19-01-2024 12:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

67a348265de6da63327b3ebc15c1f914.exe
Size

1.8MB
MD5

67a348265de6da63327b3ebc15c1f914
SHA1

633312061bd6c79f19ea0425076cd8b936c53fc2
SHA256

6386808fd9f7757cf79d3baf32007894375107d0137626d91b9ce84266e0ee99
SHA512

2cd5f6d2a7fdbbbc16217a2b9fff0c6ff36b5495b1102db447bc0cf3f4ccdd213a0d63a9ea38084ad7cf2f38a0f6ce5004e3609c3ad66434a1904c4ff7675eed
SSDEEP

24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7Nxqv:SCqm2Jpr0nNM7Dus7Nxq

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/2172-0-0x0000000000400000-0x00000000005BA000-memory.dmp	upx
behavioral1/files/0x0036000000016cd7-5.dat	upx
behavioral1/memory/2172-669-0x0000000000400000-0x00000000005BA000-memory.dmp	upx

Drops desktop.ini file(s) 1 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	67a348265de6da63327b3ebc15c1f914.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Fortaleza.exe	67a348265de6da63327b3ebc15c1f914.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\EST	67a348265de6da63327b3ebc15c1f914.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.ui_5.5.0.165303.jar	67a348265de6da63327b3ebc15c1f914.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net.win32.x86_64.nl_zh_4.4.0.v20140623020002.jar	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Bucharest.exe	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\7-Zip\Lang\lt.txt.exe	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\rtscom.dll.mui.exe	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\title_trans_scene.wmv.exe	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationUp_ButtonGraphic.png.exe	67a348265de6da63327b3ebc15c1f914.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.nl_zh_4.4.0.v20140623020002.jar	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\Common Files\System\ado\msadrh15.dll	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jstat.exe.exe	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\amd64\jvm.cfg.exe	67a348265de6da63327b3ebc15c1f914.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Eirunepe	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\videowall.png.exe	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightItalic.ttf.exe	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Eirunepe.exe	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\Common Files\System\ado\it-IT\msader15.dll.mui	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\Common Files\System\msadc\de-DE\msdaremr.dll.mui.exe	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\Common Files\System\msadc\msadce.dll.exe	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainBackground_PAL.wmv.exe	67a348265de6da63327b3ebc15c1f914.exe
File opened for modification	C:\Program Files\7-Zip\Lang\zh-tw.txt	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\kn.pak.exe	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationLeft_ButtonGraphic.png	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\dt_socket.dll.exe	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hr-HR\tipresx.dll.mui	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\Common Files\System\DirectDB.dll.exe	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\bear_formatted_matte2.wmv	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\1047x576black.png.exe	67a348265de6da63327b3ebc15c1f914.exe
File opened for modification	C:\Program Files\7-Zip\Lang\sr-spl.txt	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsrom.xml.exe	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\tnameserv.exe.exe	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Managua.exe	67a348265de6da63327b3ebc15c1f914.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Vostok	67a348265de6da63327b3ebc15c1f914.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Kosrae	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Simferopol.exe	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\feature.xml.exe	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.ja_5.5.0.165303.jar.exe	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\tipresx.dll.mui	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\Common Files\System\msadc\de-DE\msadcor.dll.mui.exe	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\LightBlueRectangle.PNG.exe	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-backglow.png.exe	67a348265de6da63327b3ebc15c1f914.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\bin\java-rmi.exe	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\7-Zip\Lang\kk.txt.exe	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\Common Files\System\ado\adojavas.inc.exe	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\Common Files\System\msadc\fr-FR\msdaremr.dll.mui.exe	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jabswitch.exe.exe	67a348265de6da63327b3ebc15c1f914.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Vilnius	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.zh_CN_5.5.0.165303\feature.properties.exe	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\TipTsf.dll.mui	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\Common Files\System\msadc\msdaprsr.dll.exe	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\Internet Explorer\DiagnosticsTap.dll.exe	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Miquelon.exe	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Memo.emf.exe	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\DVD Maker\sonicsptransform.ax	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\fa.pak.exe	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Shanghai.exe	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.batik.util_1.7.0.v201011041433.jar.exe	67a348265de6da63327b3ebc15c1f914.exe
File opened for modification	C:\Program Files\7-Zip\Lang\tt.txt	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationUp_SelectionSubpicture.png	67a348265de6da63327b3ebc15c1f914.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Norfolk	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\EST5.exe	67a348265de6da63327b3ebc15c1f914.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\COPYRIGHT.exe	67a348265de6da63327b3ebc15c1f914.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\La_Paz	67a348265de6da63327b3ebc15c1f914.exe

C:\Users\Admin\AppData\Local\Temp\67a348265de6da63327b3ebc15c1f914.exe
"C:\Users\Admin\AppData\Local\Temp\67a348265de6da63327b3ebc15c1f914.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:2172

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7-zip32.dll.exe

Filesize
1.8MB

MD5
b2e594750c3fa18d1224d6092dc5d6e3

SHA1
590cc81cf0f08ebc7d3040459e1b640c5e2df817

SHA256
ef3f9eb7e03759d910bdd02007cc61dba0bf11e56068516050b4d9b4782924a0

SHA512
361fd9e49efb718231746a40ad9adbef6011955868aa111067324a784fb4884f91045fde1fd2bc86ca83e3cd52b617b7a54ab11b4e0a04733b7dff45f0fcc80a

Download Submit
memory/2172-0-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download
memory/2172-669-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads