e6e46ac397ec0a5a1a46ae1ddf90abff6604e9bf3476a87166cd888a524bae93

Analysis

max time kernel
119s
max time network
129s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
06-03-2024 03:53

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b671d4ef59f175d1a72e1ff20698a63f.exe
Size

307KB
MD5

b671d4ef59f175d1a72e1ff20698a63f
SHA1

3d70da2c31501ea6f8612c4c0b1519a175e7adec
SHA256

e6e46ac397ec0a5a1a46ae1ddf90abff6604e9bf3476a87166cd888a524bae93
SHA512

8626008f6a95d446457d14f3f373dc862af8382e262886dba70c38ac8b62eadb54d71035a8f1589d096973f121b5ef86d49944ed185e325887fa1b792fde1f1c
SSDEEP

3072:amLAx97O5+TyiRGpZql/FKx1tkW1C/u4TrUE9g1N/3d4SbZswGOZIRGYt4ngX+Wg:n+TyiE8+aqCjToXVpGOZcc

Score

6^/10

Malware Config

Signatures

Drops desktop.ini file(s) 6 IoCs

description	ioc	Process
File created	\??\c:\$Recycle.Bin\S-1-5-21-778096762-2241304387-192235952-1000\desktop.ini	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\$Recycle.Bin\S-1-5-21-778096762-2241304387-192235952-1000\desktop.ini	b671d4ef59f175d1a72e1ff20698a63f.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	b671d4ef59f175d1a72e1ff20698a63f.exe
File created	\??\c:\Program Files\desktop.ini	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\desktop.ini	b671d4ef59f175d1a72e1ff20698a63f.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\vignettemask25.png	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\nl.pak	b671d4ef59f175d1a72e1ff20698a63f.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\hwritalm.dat	b671d4ef59f175d1a72e1ff20698a63f.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\ipschs.xml	b671d4ef59f175d1a72e1ff20698a63f.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\MainMenuButtonIcon.png	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationUp_ButtonGraphic.png	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationLeft_ButtonGraphic.png	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\bin\javadoc.exe	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\CST6	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\7-Zip\Lang\ko.txt	b671d4ef59f175d1a72e1ff20698a63f.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\keypadbase.xml	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Scene_loop.wmv	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\Google\Chrome\Application\106.0.5249.119\WidevineCdm\_platform_specific\win_x64\widevinecdm.dll	b671d4ef59f175d1a72e1ff20698a63f.exe
File created	\??\c:\Program Files\Internet Explorer\perfcore.dll	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Matamoros	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.console_5.5.0.165303\feature.xml	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_INTRO_BG_PAL.wmv	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Push\push_title.png	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\Internet Explorer\D3DCompiler_47.dll	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\db\bin\sysinfo	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgeCalls.h	b671d4ef59f175d1a72e1ff20698a63f.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\en-US\split.avi	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Graph.emf	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\Common Files\System\msadc\msaddsr.dll	b671d4ef59f175d1a72e1ff20698a63f.exe
File created	\??\c:\Program Files\Common Files\System\msadc\msdaprsr.dll	b671d4ef59f175d1a72e1ff20698a63f.exe
File created	\??\c:\Program Files\Common Files\System\Ole DB\sqlxmlx.rll	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightItalic.ttf	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\javafx.properties	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Juneau	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base.xml	b671d4ef59f175d1a72e1ff20698a63f.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\mshwjpn.dll	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\accessibility.properties	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Mazatlan	b671d4ef59f175d1a72e1ff20698a63f.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\es-ES\tipresx.dll.mui	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainBackground_PAL.wmv	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\Common Files\System\msadc\it-IT\msadcor.dll.mui	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\Common Files\System\Ole DB\msdasqlr.dll	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\bin\extcheck.exe	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\scenesscroll.png	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\7-Zip\7-zip.dll	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\en-US\mshwLatin.dll.mui	b671d4ef59f175d1a72e1ff20698a63f.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers.xml	b671d4ef59f175d1a72e1ff20698a63f.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\symbase.xml	b671d4ef59f175d1a72e1ff20698a63f.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationUp_ButtonGraphic.png	b671d4ef59f175d1a72e1ff20698a63f.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols.xml	b671d4ef59f175d1a72e1ff20698a63f.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-image-mask.png	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\bin\unpack.dll	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr\default.jfc	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Rangoon	b671d4ef59f175d1a72e1ff20698a63f.exe
File created	\??\c:\Program Files\Internet Explorer\jsdbgui.dll	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\Internet Explorer\perf_nt.dll	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Palmer	b671d4ef59f175d1a72e1ff20698a63f.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationLeft_SelectionSubpicture.png	b671d4ef59f175d1a72e1ff20698a63f.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationUp_ButtonGraphic.png	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationLeft_SelectionSubpicture.png	b671d4ef59f175d1a72e1ff20698a63f.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\203x8subpicture.png	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\hi.pak	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Postage_VideoInset.png	b671d4ef59f175d1a72e1ff20698a63f.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationLeft_ButtonGraphic.png	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXEV.DLL	b671d4ef59f175d1a72e1ff20698a63f.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Pretty_Peacock.jpg	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Soft Blue.htm	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\Common Files\System\msadc\it-IT\msadcfr.dll.mui	b671d4ef59f175d1a72e1ff20698a63f.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\NavigationLeft_ButtonGraphic.png	b671d4ef59f175d1a72e1ff20698a63f.exe

C:\Users\Admin\AppData\Local\Temp\b671d4ef59f175d1a72e1ff20698a63f.exe
"C:\Users\Admin\AppData\Local\Temp\b671d4ef59f175d1a72e1ff20698a63f.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:2208

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\osetup.dll

Filesize
5.8MB

MD5
d1ff2f95016d26d495801db6213a82f6

SHA1
95eba1d22ca691efc8655909b4e06f75efa76401

SHA256
1388ae99ef2a293bc07196cff5d8a245f73f69e2631c008aa4d7932fcc9a4c3d

SHA512
5b289afc76126b2b9f6d9ebb5122a7efe1270ec4bc123aae0b9369f76a485adddec3e48be3f015104cdac69a3fbedd596f10f7f1a3efe100a88a926b14c5107d

Download Submit
C:\Program Files\Java\jdk1.7.0_80\jre\bin\t2k.dll

Filesize
5B

MD5
b5b682b742431a52ea8b17c72ad9c572

SHA1
326320f469235708c59f678c9a7357dca552d306

SHA256
30d9045a9f172208b13161d1f5204e5787e5e07bfbb4f490d0041b03b7f44f76

SHA512
4e1bd7cc616b3115baf6be7ebd29fe2d1123bc0f25464865a0cf9207b0344fba70747a5ce6f00e8d9c696881f6db1e12f81736bc748b6f2b60bf84c681a49163

Download Submit
memory/2208-0-0x0000000000400000-0x000000000040A000-memory.dmp

Filesize
40KB

Download
memory/2208-21-0x0000000000400000-0x000000000040A000-memory.dmp

Filesize
40KB

Download
memory/2208-231-0x0000000000400000-0x000000000040A000-memory.dmp

Filesize
40KB

Download
memory/2208-1076-0x0000000000400000-0x000000000040A000-memory.dmp

Filesize
40KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads