dd5d8092772dc8ad79afb29eca53d269289e5b55f7480bb72e18ba95085c68b4

Analysis

max time kernel
141s
max time network
126s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
24-02-2024 14:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a220b21361680b7f9d868861e2c039b9.exe
Size

1.8MB
MD5

a220b21361680b7f9d868861e2c039b9
SHA1

a9c3567ffeea0523bf83b2af0ceaa331c277f4b0
SHA256

dd5d8092772dc8ad79afb29eca53d269289e5b55f7480bb72e18ba95085c68b4
SHA512

db6d4e893ca109a19c5fce6b76a00217663ce890aad4754f30993a8c49a0d6f67e08ffc71ff8c4153759b0960305f1ea546731e1cb27f7e345999e1f00a383e4
SSDEEP

24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7NxqUkHr:SCqm2Jpr0nNM7Dus7Nx2L

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/2224-0-0x0000000000400000-0x00000000005BA000-memory.dmp	upx
behavioral1/files/0x0035000000016ace-5.dat	upx
behavioral1/memory/2224-568-0x0000000000400000-0x00000000005BA000-memory.dmp	upx

Drops desktop.ini file(s) 1 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	a220b21361680b7f9d868861e2c039b9.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File opened for modification	C:\Program Files\7-Zip\Lang\nn.txt	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\7-Zip\Lang\tr.txt.exe	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.DLL.exe	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_VideoInset.png.exe	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Goose_Bay.exe	a220b21361680b7f9d868861e2c039b9.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kathmandu	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\HST.exe	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\MST7.exe	a220b21361680b7f9d868861e2c039b9.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\META-INF\MANIFEST.MF	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\TipBand.dll.exe	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\Common Files\System\ado\en-US\msader15.dll.mui	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_VideoInset.png	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Tarawa.exe	a220b21361680b7f9d868861e2c039b9.exe
File opened for modification	C:\Program Files\Common Files\Microsoft Shared\Filters\VISFILT.DLL	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSFrontendENU.dll.exe	a220b21361680b7f9d868861e2c039b9.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\sound.properties	a220b21361680b7f9d868861e2c039b9.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Accra	a220b21361680b7f9d868861e2c039b9.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\Beulah	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\7-Zip\Lang\nl.txt.exe	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\ShapeCollector.exe.mui	a220b21361680b7f9d868861e2c039b9.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\bin\apt.exe	a220b21361680b7f9d868861e2c039b9.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\bin\j2pcsc.dll	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kuching.exe	a220b21361680b7f9d868861e2c039b9.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Bissau	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Sydney.exe	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\7-Zip\Lang\et.txt.exe	a220b21361680b7f9d868861e2c039b9.exe
File opened for modification	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPCEXT.DLL	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\TipRes.dll.mui	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Moncton.exe	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrusash.dat.exe	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationUp_SelectionSubpicture.png	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_scrapbook_Thumbnail.bmp	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\Internet Explorer\en-US\F12.dll.mui.exe	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\extcheck.exe.exe	a220b21361680b7f9d868861e2c039b9.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Danmarkshavn	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.commands_5.5.0.165303.jar.exe	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwritalm.dat	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\InkWatson.exe.mui.exe	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\Common Files\System\msadc\ja-JP\msdaremr.dll.mui	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Notes_loop_PAL.wmv.exe	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\zh-TW.pak.exe	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jabswitch.exe.exe	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\javafx.properties.exe	a220b21361680b7f9d868861e2c039b9.exe
File opened for modification	C:\Program Files\7-Zip\Lang\af.txt	a220b21361680b7f9d868861e2c039b9.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.update\platform.xml	a220b21361680b7f9d868861e2c039b9.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.zh_CN_5.5.0.165303.jar	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\osppobjs-spp-plugin-manifest-signed.xrm-ms.exe	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\button-bullet.png	a220b21361680b7f9d868861e2c039b9.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\bin\decora-sse.dll	a220b21361680b7f9d868861e2c039b9.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\eclipse.inf	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\tabskb.dll.mui.exe	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_ButtonGraphic.png.exe	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationUp_ButtonGraphic.png	a220b21361680b7f9d868861e2c039b9.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\ECLIPSE_.SF	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\7-Zip\Lang\co.txt.exe	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\videowall.png	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\WindowsAccessBridge-64.dll.exe	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Boa_Vista.exe	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationRight_ButtonGraphic.png	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\hr.pak.exe	a220b21361680b7f9d868861e2c039b9.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\sv.pak	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Guadalcanal.exe	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\Common Files\System\Ole DB\it-IT\oledb32r.dll.mui	a220b21361680b7f9d868861e2c039b9.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Dot.png	a220b21361680b7f9d868861e2c039b9.exe

C:\Users\Admin\AppData\Local\Temp\a220b21361680b7f9d868861e2c039b9.exe
"C:\Users\Admin\AppData\Local\Temp\a220b21361680b7f9d868861e2c039b9.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:2224

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7-zip32.dll.exe

Filesize
1.8MB

MD5
4967e56f19b8988b58f2ce24162083b7

SHA1
1068319a761fb1dd9f37a4cfcb01eb96ad42d9fb

SHA256
6c79a7f45080faea4d4e5c96d6d3827ea7f476d632c17eb36d05ae92dcf9ffeb

SHA512
02eefdbc3495e638282b8f810266208a046d3445d78a34fd6ea178812f1c7c547ecba32f3a72271ac98f2d7a06555081b97c957a8590165b1009cafd8491c84e

Download Submit
memory/2224-0-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download
memory/2224-568-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads