6c5d2da0b0d4e2eff96f31d07d89771a61ba7a91e7abb49127a5c93396d3a910

Analysis

max time kernel
119s
max time network
122s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
12-03-2024 06:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c2b48aa5c7b7e083638d97ebe0439ff8.exe
Size

347KB
MD5

c2b48aa5c7b7e083638d97ebe0439ff8
SHA1

9ce4059751d284662102455875500910cd67aa43
SHA256

6c5d2da0b0d4e2eff96f31d07d89771a61ba7a91e7abb49127a5c93396d3a910
SHA512

b62cd6479c7f1a6f17690ba4be8e981341c59850e826bb110123b202b9f89d2652d7806b9eaf3eb95d3b27efbf3659c0d9468e1396697987ecef2bd72727c08c
SSDEEP

6144:HO+TyiE8+aqCjToXVpGOZcWixTmAcThAkZThMTMi:JXEkqeolrix1c60yF

Score

6^/10

Malware Config

Signatures

Drops desktop.ini file(s) 6 IoCs

description	ioc	Process
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File created	\??\c:\Program Files\desktop.ini	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File opened for modification	\??\c:\Program Files\desktop.ini	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File created	\??\c:\$Recycle.Bin\S-1-5-21-406356229-2805545415-1236085040-1000\desktop.ini	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File opened for modification	\??\c:\$Recycle.Bin\S-1-5-21-406356229-2805545415-1236085040-1000\desktop.ini	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	c2b48aa5c7b7e083638d97ebe0439ff8.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\whiteband.png	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File created	\??\c:\Program Files\Java\jdk1.7.0_80\jre\bin\server\classes.jsa	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File created	\??\c:\Program Files\DVD Maker\en-US\DVDMaker.exe.mui	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Travel\header-background.png	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\bin\idlj.exe	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\it-IT\TipBand.dll.mui	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\blackbars80.png	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Sports\highlight.png	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationLeft_ButtonGraphic.png	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\bin\wsdetect.dll	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\grid_(inch).wmf	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File created	\??\c:\Program Files\DVD Maker\fr-FR\DVDMaker.exe.mui	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\hwrdeulm.dat	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\ipschs.xml	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\ipskor.xml	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\nb-NO\tipresx.dll.mui	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationUp_SelectionSubpicture.png	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_selectionsubpicture.png	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\db\bin\setEmbeddedCP.bat	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File opened for modification	\??\c:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\SmallLogo.png	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\ShapeCollector.exe.mui	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols.xml	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\tipresx.dll.mui	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File opened for modification	\??\c:\Program Files\Common Files\System\msadc\it-IT\msadcfr.dll.mui	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\heart_glass_Thumbnail.bmp	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Performance\NextMenuButtonIconSubpictur.png	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Pets\rollinghills.png	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File created	\??\c:\Program Files\Internet Explorer\en-US\jsdbgui.dll.mui	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\bin\jfxmedia.dll	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_INTRO_BG_PAL.wmv	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File opened for modification	\??\c:\Program Files\7-Zip\Lang\pa-in.txt	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\zh-dayi.xml	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\hwruklm.dat	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\ipsjpn.xml	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\it-IT\InputPersonalization.exe.mui	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationUp_SelectionSubpicture.png	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationLeft_SelectionSubpicture.png	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\bin\eula.dll	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\security\javafx.policy	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\mraut.dll	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File opened for modification	\??\c:\Program Files\Common Files\System\msadc\fr-FR\msaddsr.dll.mui	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Travel\button-bullet.png	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File opened for modification	\??\c:\Program Files\Internet Explorer\en-US\iexplore.exe.mui	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File opened for modification	\??\c:\Program Files\Internet Explorer\F12Tools.dll	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\en-US\tipresx.dll.mui	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationLeft_ButtonGraphic.png	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\bin\unpack200.exe	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File opened for modification	\??\c:\Program Files\Google\Chrome\Application\106.0.5249.119\optimization_guide_internal.dll	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\hwrfrash.dat	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\hwruklm.dat	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\ipskor.xml	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\MSInfo\fr-FR\msinfo32.exe.mui	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\Common.fxh	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-image-mask.png	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationLeft_SelectionSubpicture.png	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File created	\??\c:\Program Files\Internet Explorer\en-US\ieinstal.exe.mui	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File opened for modification	\??\c:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_fr.properties	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File opened for modification	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\15x15dot.png	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File opened for modification	\??\c:\Program Files\7-Zip\History.txt	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\ink\en-US\IpsMigrationPlugin.dll.mui	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File created	\??\c:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\IpsMigrationPlugin.dll.mui	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File opened for modification	\??\c:\Program Files\Common Files\Microsoft Shared\Stationery\SoftBlue.jpg	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File created	\??\c:\Program Files\Common Files\System\wab32res.dll	c2b48aa5c7b7e083638d97ebe0439ff8.exe
File created	\??\c:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-back-static.png	c2b48aa5c7b7e083638d97ebe0439ff8.exe

C:\Users\Admin\AppData\Local\Temp\c2b48aa5c7b7e083638d97ebe0439ff8.exe
"C:\Users\Admin\AppData\Local\Temp\c2b48aa5c7b7e083638d97ebe0439ff8.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:300

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\osetup.dll

Filesize
5.9MB

MD5
d7b6d397ede1cdb1ea3059d90d9ce0a4

SHA1
edf912d9d425920a27791533ec424de5f8d462cc

SHA256
9ce530cd8e62bed23dd1eca6fd0dc446fab1921912e42088ae0c6bd4a05a03c9

SHA512
05ad397325ce14e85a79b210b2f60ad81a9a6e6fca199834ebd9a7511cb25847b2aab5e33f5328ec5a6186e7de5a6d435877ac46deba05b9dc6a5b81d6cd3186

Download Submit
C:\Program Files\Java\jdk1.7.0_80\jre\bin\deploy.dll

Filesize
5B

MD5
b5b682b742431a52ea8b17c72ad9c572

SHA1
326320f469235708c59f678c9a7357dca552d306

SHA256
30d9045a9f172208b13161d1f5204e5787e5e07bfbb4f490d0041b03b7f44f76

SHA512
4e1bd7cc616b3115baf6be7ebd29fe2d1123bc0f25464865a0cf9207b0344fba70747a5ce6f00e8d9c696881f6db1e12f81736bc748b6f2b60bf84c681a49163

Download Submit
memory/300-0-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download
memory/300-347-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download
memory/300-628-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads