570a97e56c761afa2e8c4742efe9fc23bc5a08b7e9dc69740b52fff9edff5bcb

Analysis

max time kernel
163s
max time network
130s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
09/03/2024, 20:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

bcc505bad4abaf306ed46a185ba70007.exe
Size

1.8MB
MD5

bcc505bad4abaf306ed46a185ba70007
SHA1

186adc38a568b374b3a5d994888edcd964268853
SHA256

570a97e56c761afa2e8c4742efe9fc23bc5a08b7e9dc69740b52fff9edff5bcb
SHA512

a6e3bed974661ff976bca35d354b620661209fb403d96bb2627980019aa831570e915642c9c7146da27985a70ec71eeae79aba0a6448ed685568498eddcdba2d
SSDEEP

24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7NxqUkHS:SCqm2Jpr0nNM7Dus7Nx2y

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/2616-0-0x0000000000400000-0x00000000005BA000-memory.dmp	upx
behavioral1/files/0x002b000000015622-5.dat	upx
behavioral1/memory/2616-755-0x0000000000400000-0x00000000005BA000-memory.dmp	upx

Drops desktop.ini file(s) 1 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	bcc505bad4abaf306ed46a185ba70007.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File opened for modification	C:\Program Files\7-Zip\Lang\gl.txt	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\ea-sym.xml.exe	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsrom.xml.exe	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Ndjamena.exe	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+6.exe	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\1423861258748.profile.gz.exe	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-back-over-select.png.exe	bcc505bad4abaf306ed46a185ba70007.exe
File opened for modification	C:\Program Files\GetMount.gif	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\af.pak.exe	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.ui.zh_CN_5.5.0.165303.jar.exe	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\Common Files\System\msadc\adcvbs.inc.exe	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\DVD Maker\Shared\Common.fxh.exe	bcc505bad4abaf306ed46a185ba70007.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\bin\java-rmi.exe	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\rmiregistry.exe.exe	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.event_1.3.100.v20140115-1647.jar.exe	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\7-Zip\Uninstall.exe.exe	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\split.avi.exe	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationRight_ButtonGraphic.png.exe	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ja.pak.exe	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-1.exe	bcc505bad4abaf306ed46a185ba70007.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.jsp.jasper.registry_1.0.300.v20130327-1442.jar	bcc505bad4abaf306ed46a185ba70007.exe
File opened for modification	C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOInstallerUI.dll	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\th-TH\tipresx.dll.mui.exe	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\vulkan-1.dll.exe	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Enderbury.exe	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\vintage.png.exe	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\fa.pak.exe	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\mr.pak.exe	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Srednekolymsk.exe	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.widgets.nl_zh_4.4.0.v20140623020002.jar.exe	bcc505bad4abaf306ed46a185ba70007.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Scoresbysund	bcc505bad4abaf306ed46a185ba70007.exe
File opened for modification	C:\Program Files\7-Zip\Lang\tk.txt	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Tanspecks.jpg.exe	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\Common Files\System\Ole DB\it-IT\sqloledb.rll.mui	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_SelectionSubpicture.png.exe	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationLeft_SelectionSubpicture.png	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\tnameserv.exe.exe	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Dawson_Creek.exe	bcc505bad4abaf306ed46a185ba70007.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.nl_zh_4.4.0.v20140623020002.jar	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Bears.jpg.exe	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwresmlm.dat	bcc505bad4abaf306ed46a185ba70007.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\bin\jmap.exe	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\rmic.exe.exe	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Nairobi.exe	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Faroe.exe	bcc505bad4abaf306ed46a185ba70007.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\ECLIPSE_.SF	bcc505bad4abaf306ed46a185ba70007.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.win32.nl_ja_4.4.0.v20140623020002.jar	bcc505bad4abaf306ed46a185ba70007.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-netbeans-core.xml	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Roses.jpg.exe	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\colorcycle.png	bcc505bad4abaf306ed46a185ba70007.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\bin\tnameserv.exe	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Paramaribo.exe	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Niue.exe	bcc505bad4abaf306ed46a185ba70007.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.contexts_1.3.100.v20140407-1019.jar	bcc505bad4abaf306ed46a185ba70007.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\bin\native2ascii.exe	bcc505bad4abaf306ed46a185ba70007.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\olh.htm	bcc505bad4abaf306ed46a185ba70007.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.property.nl_zh_4.4.0.v20140623020002.jar	bcc505bad4abaf306ed46a185ba70007.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.commands_5.5.0.165303.jar	bcc505bad4abaf306ed46a185ba70007.exe
File opened for modification	C:\Program Files\7-Zip\Lang\lv.txt	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsesp.xml.exe	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\mainimage-mask.png	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\shatter.png.exe	bcc505bad4abaf306ed46a185ba70007.exe
File opened for modification	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Blanc-Sablon	bcc505bad4abaf306ed46a185ba70007.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\St_Johns.exe	bcc505bad4abaf306ed46a185ba70007.exe

C:\Users\Admin\AppData\Local\Temp\bcc505bad4abaf306ed46a185ba70007.exe
"C:\Users\Admin\AppData\Local\Temp\bcc505bad4abaf306ed46a185ba70007.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:2616

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7-zip32.dll.exe

Filesize
1.8MB

MD5
6b42281236bb719d1eca340100d5a7bf

SHA1
9ab97a66584b7dc16e8b7d74125b8bf586d62a8d

SHA256
8dc71b9efde24142b3905fd9ca20c642751c74ce7507a987402e1d4a72d2dd84

SHA512
7c450604f297221a17d83d8c10a85ecd5cf49521fead6730d8731e94795118eae312ac2f72480f53e169c84218a8e706d9dfe357289d3142fab4c254d8991b90

Download Submit
memory/2616-0-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download
memory/2616-755-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads