75645a9886a9554c95463978b55b04b5bad1d84aae37d57588b01d3ae4b570f3

Analysis

max time kernel
182s
max time network
138s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
16/03/2024, 03:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ccefb67101f353b914306afbf95738e3.exe
Size

1.8MB
MD5

ccefb67101f353b914306afbf95738e3
SHA1

488e682b0a0bd67b16452f9a0c2f93175fa17112
SHA256

75645a9886a9554c95463978b55b04b5bad1d84aae37d57588b01d3ae4b570f3
SHA512

56b57caee40d2ef35bcdfb442a2e96205400afdc7c7f8df3d7eb2be0a7b10ce558dc2d5e310ce3865369a88b644a147d98f4c372b6d66b49398098dcffebe2e4
SSDEEP

24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7Nxqz:SCqm2Jpr0nNM7Dus7Nx6

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/2420-0-0x0000000000400000-0x00000000005BA000-memory.dmp	upx
behavioral1/files/0x002b000000012265-5.dat	upx
behavioral1/memory/2420-127-0x0000000000400000-0x00000000005BA000-memory.dmp	upx

Drops desktop.ini file(s) 1 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	ccefb67101f353b914306afbf95738e3.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\System\ado\msadox.dll	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\System\msadc\msadds.dll.exe	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\tipresx.dll.mui	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSLoc.dll.mui	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\OrangeCircles.jpg	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Filters\offfiltx.dll.exe	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\FlickLearningWizard.exe.mui	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\InkObj.dll.mui.exe	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\TipBand.dll.mui.exe	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\split.avi.exe	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\tipresx.dll.mui.exe	ccefb67101f353b914306afbf95738e3.exe
File opened for modification	C:\Program Files\7-Zip\Lang\ba.txt	ccefb67101f353b914306afbf95738e3.exe
File opened for modification	C:\Program Files\7-Zip\Lang\tt.txt	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\InkObj.dll.mui	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\th-TH\tipresx.dll.mui.exe	ccefb67101f353b914306afbf95738e3.exe
File opened for modification	C:\Program Files\7-Zip\Lang\sl.txt	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\mip.exe.mui.exe	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\mshwLatin.dll.mui	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsdeu.xml	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\System\msadc\msdaprst.dll	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\DVD Maker\SecretST.TTF	ccefb67101f353b914306afbf95738e3.exe
File opened for modification	C:\Program Files\7-Zip\Lang\fi.txt	ccefb67101f353b914306afbf95738e3.exe
File opened for modification	C:\Program Files\7-Zip\Lang\hu.txt	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipscht.xml	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\mip.exe.mui	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\7-Zip\Lang\bg.txt.exe	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\rtscom.dll.mui	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipshrv.xml	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\tipresx.dll.mui	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main.xml.exe	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\System\msadc\de-DE\msaddsr.dll.mui.exe	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainBackground.wmv	ccefb67101f353b914306afbf95738e3.exe
File opened for modification	C:\Program Files\7-Zip\Lang\az.txt	ccefb67101f353b914306afbf95738e3.exe
File opened for modification	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXEV.DLL	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\sr-Latn-CS\tipresx.dll.mui.exe	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\System\msadc\es-ES\msadcer.dll.mui	ccefb67101f353b914306afbf95738e3.exe
File opened for modification	C:\Program Files\7-Zip\Lang\sq.txt	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF.exe	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\MSInfo\msinfo32.exe	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Psychedelic.jpg	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsnld.xml	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\System\Ole DB\fr-FR\sqloledb.rll.mui	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\System\Ole DB\ja-JP\sqlxmlx.rll.mui	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\System\Ole DB\msxactps.dll.exe	ccefb67101f353b914306afbf95738e3.exe
File opened for modification	C:\Program Files\7-Zip\Lang\eu.txt	ccefb67101f353b914306afbf95738e3.exe
File opened for modification	C:\Program Files\7-Zip\Lang\th.txt	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\System\msadc\ja-JP\msadcor.dll.mui.exe	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\7-Zip\License.txt.exe	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Orange Circles.htm.exe	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Seyes.emf	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_kor.xml.exe	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\TipBand.dll.mui	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_leftarrow.png.exe	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\7-Zip\Lang\fa.txt.exe	ccefb67101f353b914306afbf95738e3.exe
File opened for modification	C:\Program Files\7-Zip\Lang\sa.txt	ccefb67101f353b914306afbf95738e3.exe
File opened for modification	C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee90.tlb	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\System\msadc\it-IT\msaddsr.dll.mui	ccefb67101f353b914306afbf95738e3.exe
File opened for modification	C:\Program Files\7-Zip\7-zip.chm	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Green Bubbles.htm	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\mip.exe.mui.exe	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\imjplm.dll.exe	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\micaut.dll.mui.exe	ccefb67101f353b914306afbf95738e3.exe
File created	C:\Program Files\Common Files\System\msadc\adcvbs.inc	ccefb67101f353b914306afbf95738e3.exe
File opened for modification	C:\Program Files\7-Zip\Lang\ku-ckb.txt	ccefb67101f353b914306afbf95738e3.exe

C:\Users\Admin\AppData\Local\Temp\ccefb67101f353b914306afbf95738e3.exe
"C:\Users\Admin\AppData\Local\Temp\ccefb67101f353b914306afbf95738e3.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:2420

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7-zip32.dll.exe

Filesize
1.8MB

MD5
f85d3a1aff79bbc33424c9a4f2135f1f

SHA1
9f34a73f6804cc269489a79a20d98b422ceb77c4

SHA256
c10933376163266b7c1e268026a15cc1e8280263094d417fb7bd316eeede4c1d

SHA512
7ece0b5605c0507e9ba181dc4aafffe007a9c8b5f2b1be3af8d08e63b419926bb9196a0e06d1cf02558c2895b07c33e705ff8782fc35dd200e59282ca4a72a0a

Download Submit
memory/2420-0-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download
memory/2420-127-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads