ddc47102e52e2c2945148bf64ffbf4c069134988d0df772ae6dbd1966ed9ebe8

Analysis

max time kernel
119s
max time network
120s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
14-02-2024 13:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9bce75cda15c943aab45faa14f6bf04b.exe
Size

348KB
MD5

9bce75cda15c943aab45faa14f6bf04b
SHA1

cef9dc82354a7f6b23182fcb18447c4d59521fcb
SHA256

ddc47102e52e2c2945148bf64ffbf4c069134988d0df772ae6dbd1966ed9ebe8
SHA512

3a76fa625622554908957cc1d27eb6b046dcc7d2fb56f59d84a9339cc9bfc7dc7bc4b5523cf53ab1a16375f8711589b7b363ed8e5bbebd33f2251b30accec5e9
SSDEEP

6144:HO+TyiE8+aqCjToXVpGOZcWixTmAcThAkZThMTM7:JXEkqeolrix1c60yY

Score

6^/10

Malware Config

Signatures

Drops desktop.ini file(s) 6 IoCs

description	ioc	Process
File created	\??\c:\$Recycle.Bin\S-1-5-21-3818056530-936619650-3554021955-1000\desktop.ini	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\$Recycle.Bin\S-1-5-21-3818056530-936619650-3554021955-1000\desktop.ini	9bce75cda15c943aab45faa14f6bf04b.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	9bce75cda15c943aab45faa14f6bf04b.exe
File created	\??\c:\Program Files\desktop.ini	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\Program Files\desktop.ini	9bce75cda15c943aab45faa14f6bf04b.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\bin\java.exe	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\es-ES\InputPersonalization.exe.mui	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\InputPersonalization.exe.mui	9bce75cda15c943aab45faa14f6bf04b.exe
File created	\??\c:\Program Files\Common Files\System\en-US\wab32res.dll.mui	9bce75cda15c943aab45faa14f6bf04b.exe
File created	\??\c:\Program Files\Common Files\System\Ole DB\en-US\oledb32r.dll.mui	9bce75cda15c943aab45faa14f6bf04b.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Push\pushplaysubpicture.png	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\Program Files\Internet Explorer\Timeline.cpu.xml	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\db\bin\ij	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\hwrfralm.dat	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\da.pak	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaSansDemiBold.ttf	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\Program Files\7-Zip\Lang\is.txt	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\it-IT\tipresx.dll.mui	9bce75cda15c943aab45faa14f6bf04b.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Pretty_Peacock.jpg	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\Program Files\Common Files\System\msadc\it-IT\msdaremr.dll.mui	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Bear_Formatted_MATTE2_PAL.wmv	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationRight_ButtonGraphic.png	9bce75cda15c943aab45faa14f6bf04b.exe
File created	\??\c:\Program Files\Internet Explorer\en-US\iedvtool.dll.mui	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\en-US\TipBand.dll.mui	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\tipresx.dll.mui	9bce75cda15c943aab45faa14f6bf04b.exe
File created	\??\c:\Program Files\Common Files\System\ado\adovbs.inc	9bce75cda15c943aab45faa14f6bf04b.exe
File created	\??\c:\Program Files\Internet Explorer\perfcore.dll	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\fontconfig.bfc	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\ConvertInkStore.exe	9bce75cda15c943aab45faa14f6bf04b.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_ca.xml	9bce75cda15c943aab45faa14f6bf04b.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\chapters-static.png	9bce75cda15c943aab45faa14f6bf04b.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\pagecurl.png	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\pt-PT.pak	9bce75cda15c943aab45faa14f6bf04b.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\it-IT\tabskb.dll.mui	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\Program Files\Common Files\System\msadc\fr-FR\msdaprsr.dll.mui	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\Program Files\Common Files\System\Ole DB\en-US\oledb32r.dll.mui	9bce75cda15c943aab45faa14f6bf04b.exe
File created	\??\c:\Program Files\DVD Maker\it-IT\WMM2CLIP.dll.mui	9bce75cda15c943aab45faa14f6bf04b.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationLeft_ButtonGraphic.png	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\bin\jfxmedia.dll	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\bin\sunec.dll	9bce75cda15c943aab45faa14f6bf04b.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\mraut.dll	9bce75cda15c943aab45faa14f6bf04b.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\content-foreground.png	9bce75cda15c943aab45faa14f6bf04b.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationUp_ButtonGraphic.png	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\bin\javah.exe	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\MSInfo\ja-JP\msinfo32.exe.mui	9bce75cda15c943aab45faa14f6bf04b.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\babyblue.png	9bce75cda15c943aab45faa14f6bf04b.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Performance\redmenu.png	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Push\push_title.png	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\chrome.7z	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\sk.pak	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\Program Files\7-Zip\Lang\ar.txt	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\tabskb.dll.mui	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\Program Files\DVD Maker\SecretST.TTF	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationUp_SelectionSubpicture.png	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\bin\jpeg.dll	9bce75cda15c943aab45faa14f6bf04b.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\tipresx.dll.mui	9bce75cda15c943aab45faa14f6bf04b.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\en-US\micaut.dll.mui	9bce75cda15c943aab45faa14f6bf04b.exe
File created	\??\c:\Program Files\DVD Maker\DVDMaker.exe	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-image-mask.png	9bce75cda15c943aab45faa14f6bf04b.exe
File created	\??\c:\Program Files\Internet Explorer\DiagnosticsTap.dll	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\Program Files\Common Files\System\msadc\it-IT\msadcer.dll.mui	9bce75cda15c943aab45faa14f6bf04b.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsScenesBackground.wmv	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\it-IT\TipRes.dll.mui	9bce75cda15c943aab45faa14f6bf04b.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\MSInfo\ja-JP\msinfo32.exe.mui	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Dotted_Lines.emf	9bce75cda15c943aab45faa14f6bf04b.exe
File opened for modification	\??\c:\Program Files\Common Files\System\ado\msado20.tlb	9bce75cda15c943aab45faa14f6bf04b.exe
File created	\??\c:\Program Files\Common Files\System\ado\msado21.tlb	9bce75cda15c943aab45faa14f6bf04b.exe
File created	\??\c:\Program Files\Common Files\System\Ole DB\ja-JP\oledb32r.dll.mui	9bce75cda15c943aab45faa14f6bf04b.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationUp_SelectionSubpicture.png	9bce75cda15c943aab45faa14f6bf04b.exe

C:\Users\Admin\AppData\Local\Temp\9bce75cda15c943aab45faa14f6bf04b.exe
"C:\Users\Admin\AppData\Local\Temp\9bce75cda15c943aab45faa14f6bf04b.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:2476

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\osetup.dll

Filesize
5.9MB

MD5
241a69e5e7a7ff5c5dfd6927f4e99ecb

SHA1
84030f4f534339a0b3a95793342c92747dd15ace

SHA256
6a946590bf4ac3b8e52b365c45bc4d35378816822d0078f1c8cc4354312c7827

SHA512
19439435a809c32c954614d6e92c097d2ea4f36abb07b1dff083898a8e5bde78f6eb73af3cc615d935f430bd597d5c86c12b0f5f4efff6065eebe451bbe7fd47

Download Submit
C:\Program Files\Java\jdk1.7.0_80\db\bin\sysinfo

Filesize
5KB

MD5
8dad98db128eeb1f927350bc7a8fd87e

SHA1
5cdbb67a83d04237fb2095ef4592c11aade84bf7

SHA256
c9b982f369226ae99d82f8428815220208805b8024caeef8a3b03971383c9eeb

SHA512
91c7d71a3d718d27cb70832e735e06ea305637986ea0b3faf19de8d367b58d9e90d42e956e2bdc7a43eaadeb6b460f88fddcc3ea203c413311784fd7f5e6f7b2

Download Submit
C:\Program Files\Java\jdk1.7.0_80\jre\bin\dtplugin\deployJava1.dll

Filesize
5B

MD5
b5b682b742431a52ea8b17c72ad9c572

SHA1
326320f469235708c59f678c9a7357dca552d306

SHA256
30d9045a9f172208b13161d1f5204e5787e5e07bfbb4f490d0041b03b7f44f76

SHA512
4e1bd7cc616b3115baf6be7ebd29fe2d1123bc0f25464865a0cf9207b0344fba70747a5ce6f00e8d9c696881f6db1e12f81736bc748b6f2b60bf84c681a49163

Download Submit
memory/2476-0-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download
memory/2476-658-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads