a0ccd22997892f6576df3e827a99335229faa9a0f08cf0a11684211c7a3696ae

Analysis

max time kernel
122s
max time network
129s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
09-03-2024 22:38

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

bcfccabce752943f2fecad3ba5bff778.exe
Size

2.8MB
MD5

bcfccabce752943f2fecad3ba5bff778
SHA1

0595fd9b262d08bf87302977d95707668094735c
SHA256

a0ccd22997892f6576df3e827a99335229faa9a0f08cf0a11684211c7a3696ae
SHA512

248df139cdbf9e064fa70d8166222f5ae655206284313933ca4d98c0e7ee9332bfce36cf260c3c52f879ac37945c20b79e63f1209fb888bbb60ab95f95bd04a8
SSDEEP

24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7NxqUkHE6pQPxQ2JyP2r5mJV91C:SCqm2Jpr0nNM7Dus7Nx2kCqm2Jpr0n+

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/1732-0-0x0000000000400000-0x00000000005BA000-memory.dmp	upx
behavioral1/files/0x000b0000000140f7-5.dat	upx
behavioral1/memory/1732-262-0x0000000000400000-0x00000000005BA000-memory.dmp	upx

Drops desktop.ini file(s) 1 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	bcfccabce752943f2fecad3ba5bff778.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Bear_Formatted_RGB6_PAL.wmv.exe	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\mainimage-mask.png	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\layers.png.exe	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\grid_(cm).wmf.exe	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\ea.xml.exe	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\micaut.dll.mui	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\zh-dayi.xml	bcfccabce752943f2fecad3ba5bff778.exe
File opened for modification	C:\Program Files\7-Zip\7-zip.chm	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\tipresx.dll.mui.exe	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\micaut.dll.mui	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationRight_ButtonGraphic.png.exe	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\TipBand.dll	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\tipresx.dll.mui.exe	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\tipresx.dll.mui	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrcatlm.dat.exe	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\pl-PL\tipresx.dll.mui	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\System\Ole DB\es-ES\sqlxmlx.rll.mui	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\System\ado\msader15.dll	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\System\msadc\ja-JP\msdaremr.dll.mui	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\7-Zip\Lang\uz-cyrl.txt.exe	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\rtscom.dll.mui.exe	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationLeft_ButtonGraphic.png	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_ButtonGraphic.png.exe	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\TipBand.dll.mui	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyNotesBackground_PAL.wmv.exe	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\Microsoft Shared\MSInfo\fr-FR\msinfo32.exe.mui	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsrom.xml.exe	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationRight_SelectionSubpicture.png.exe	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\tipresx.dll.mui	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\TipRes.dll.mui	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\TipTsf.dll.mui.exe	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hr-HR\tipresx.dll.mui	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\IPSEventLogMsg.dll.mui	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\pagecurl.png	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationUp_SelectionSubpicture.png	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE.exe	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-delete.avi	bcfccabce752943f2fecad3ba5bff778.exe
File opened for modification	C:\Program Files\7-Zip\Lang\th.txt	bcfccabce752943f2fecad3ba5bff778.exe
File opened for modification	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\micaut.dll.mui.exe	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\InkObj.dll.mui	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\micaut.dll	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\System\msadc\de-DE\msdaremr.dll.mui.exe	bcfccabce752943f2fecad3ba5bff778.exe
File opened for modification	C:\Program Files\7-Zip\Lang\be.txt	bcfccabce752943f2fecad3ba5bff778.exe
File opened for modification	C:\Program Files\7-Zip\Lang\mng.txt	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToNotesBackground_PAL.wmv.exe	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\title_stripe.png	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\System\msadc\it-IT\msadcor.dll.mui.exe	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\DvdTransform.fx	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\7-Zip\7zFM.exe.exe	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\msinfo32.exe.mui	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\kor-kor.xml	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_heb.xml	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\nl-NL\tipresx.dll.mui	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\System\ado\en-US\msader15.dll.mui.exe	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\System\ado\msado28.tlb	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\DVD Maker\PipeTran.dll.exe	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\7-Zip\Lang\ps.txt.exe	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Month_Calendar.emf	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationLeft_ButtonGraphic.png	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_leftarrow.png	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\1047x576black.png	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\mshwgst.dll	bcfccabce752943f2fecad3ba5bff778.exe
File created	C:\Program Files\Common Files\System\ado\it-IT\msader15.dll.mui	bcfccabce752943f2fecad3ba5bff778.exe

C:\Users\Admin\AppData\Local\Temp\bcfccabce752943f2fecad3ba5bff778.exe
"C:\Users\Admin\AppData\Local\Temp\bcfccabce752943f2fecad3ba5bff778.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:1732

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7-zip32.dll.exe

Filesize
2.8MB

MD5
0f1e351c1e09dc8a74ca7fcb32944a7f

SHA1
750383731ff205b01bc9c5dc949132d21dc91e83

SHA256
9d2a63a9dc4ad3120ffd93cfa8d879b3ef607e300faadf6d60a190823642691b

SHA512
958a34e4663db07cfe6bb2db6070d6060235f22850be210e9268a7733faed43a8218af1ea7c51433bacd56eec8fbacdba22262cd2ec3429490821fd5e5f70fb9

Download Submit
memory/1732-0-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download
memory/1732-262-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads