671385830c158f28394ff56af6532e76d99355cfa0bb9d9e8e0cbf79beb95287

Analysis

max time kernel
133s
max time network
126s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
01-02-2024 13:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

86f2b9907f39a5dc7b362dcd0dc5f824.exe
Size

1.8MB
MD5

86f2b9907f39a5dc7b362dcd0dc5f824
SHA1

f32acbf514a82ae1e7283a6aae59c7877823cd10
SHA256

671385830c158f28394ff56af6532e76d99355cfa0bb9d9e8e0cbf79beb95287
SHA512

1f7e097dbf9fea40c65e1f8b24cab3f5dd45cbe1a3ec81c1e3b5931f713f50f00bd37a75b2c7ea38f892b3dae9648b666b360e9a1bc349fb8aef34e9d77edbf1
SSDEEP

24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7NxqF:SCqm2Jpr0nNM7Dus7NxY

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/1724-0-0x0000000000400000-0x00000000005BA000-memory.dmp	upx
behavioral1/files/0x0033000000016047-5.dat	upx
behavioral1/memory/1724-763-0x0000000000400000-0x00000000005BA000-memory.dmp	upx

Drops desktop.ini file(s) 1 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	86f2b9907f39a5dc7b362dcd0dc5f824.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\whitemask1047.png	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup-impl_zh_CN.jar.exe	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-editor-mimelookup.jar.exe	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ur.pak.exe	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightRegular.ttf	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Marengo.exe	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File opened for modification	C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\Beulah	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrdeush.dat	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\dsn.jar	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\FlickLearningWizard.exe.exe	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-keyring-impl.xml	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwritalm.dat.exe	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\720x480icongraphic.png	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\Internet Explorer\en-US\jsdbgui.dll.mui	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-tools.jar	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\IpsMigrationPlugin.dll.mui	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\jsse.jar.exe	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.application.ja_5.5.0.165303.jar.exe	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.zh_CN_5.5.0.165303.jar	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-javahelp_ja.jar	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Dotted_Lines.emf	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-next-static.png.exe	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\CsiSoap.dll.exe	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\1047x576black.png	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fontconfig.properties.src.exe	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Samara.exe	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-netbeans-core.xml	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-attach.xml.exe	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Tallinn.exe	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\background.png.exe	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Jujuy	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Saipan	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\license.html.exe	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_mru_on_win7.css	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\de.pak.exe	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\1047x576black.png	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\DVD Maker\de-DE\OmdProject.dll.mui.exe	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Luxembourg.exe	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome.dll.sig.exe	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings_0.10.200.v20140424-2042.jar.exe	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Casey.exe	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.jsp.jasper.registry_1.0.300.v20130327-1442.jar	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\orb.idl.exe	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Havana.exe	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.updatechecker.nl_ja_4.4.0.v20140623020002.jar.exe	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\Java\jre7\lib\zi\Africa\Casablanca.exe	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Curacao	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\Internet Explorer\en-US\jsprofilerui.dll.mui.exe	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh87.exe	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOInstallerUI.dll.exe	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Riga	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-lib-uihandler.xml_hidden	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File opened for modification	C:\Program Files\Java\jre7\lib\ext\zipfs.jar	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\sk.pak	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome.exe.sig.exe	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\license.html	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin_2.0.100.v20131209-2144.jar	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler_ja.jar	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\circle_glass_Thumbnail.bmp	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_pwa_launcher.exe	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.updatechecker.nl_zh_4.4.0.v20140623020002.jar	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-output2_ja.jar.exe	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\tipskins.dll.exe	86f2b9907f39a5dc7b362dcd0dc5f824.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_LOOP_BG_PAL.wmv	86f2b9907f39a5dc7b362dcd0dc5f824.exe

C:\Users\Admin\AppData\Local\Temp\86f2b9907f39a5dc7b362dcd0dc5f824.exe
"C:\Users\Admin\AppData\Local\Temp\86f2b9907f39a5dc7b362dcd0dc5f824.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:1724

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7-zip32.dll.exe

Filesize
1.8MB

MD5
9134b68e629143bd0dd4ca60d0b00675

SHA1
deb057b8cd52acee2ce42e6c5da613f353403c7f

SHA256
522bb46d6c7d62adee1a363c2364a7842ab187940a132d15ed5ab1aaee323d46

SHA512
18d651f0b58d3848612ae47550ab7b7e147a2de36f5c241c4a2101bf8f34891654abd03c5846c18337c720b90d18f247e7bf2b979f89e92eb197ad4803e1ef18

Download Submit
memory/1724-0-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download
memory/1724-763-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads