ab2648ed39ba3358dcb433b7a52a98e1d86dd42c6c541e3ef4d58c71aec20167

Analysis

max time kernel
133s
max time network
131s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
20-03-2024 01:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d79782235fee09583245db055ff135db.exe
Size

2.8MB
MD5

d79782235fee09583245db055ff135db
SHA1

15987386641d7eaaa9c577c7cae95ee4de746aed
SHA256

ab2648ed39ba3358dcb433b7a52a98e1d86dd42c6c541e3ef4d58c71aec20167
SHA512

70367501f1009b476681cf843d02caec29e0728c179a862a579915750bfd97eb39ff29234ba0271ece46c6c9569a59ddd63871e7efc59f48b9de7633657490a1
SSDEEP

24576:S6pQPxQ2JyP2r5mJV91xM7RpbwgIvs7NxqUkHE6pQPxQ2JyP2r5mJV91S:SCqm2Jpr0nNM7Dus7Nx2kCqm2Jpr0nO

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/2216-0-0x0000000000400000-0x00000000005BA000-memory.dmp	upx
behavioral1/files/0x0015000000012265-5.dat	upx
behavioral1/memory/2216-212-0x0000000000400000-0x00000000005BA000-memory.dmp	upx

Drops desktop.ini file(s) 1 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini	d79782235fee09583245db055ff135db.exe

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\ShapeCollector.exe.mui.exe	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\Common Files\System\Ole DB\de-DE\oledb32r.dll.mui	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\FlickLearningWizard.exe.mui	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\ko-kr.xml.exe	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_uparrow.png	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-image-inset.png	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\DVD Maker\en-US\DVDMaker.exe.mui	d79782235fee09583245db055ff135db.exe
File opened for modification	C:\Program Files\7-Zip\Lang\co.txt	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred.xml	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\Common Files\System\es-ES\wab32res.dll.mui	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\1047x576black.png	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\720x480icongraphic.png	d79782235fee09583245db055ff135db.exe
File opened for modification	C:\Program Files\7-Zip\Lang\sr-spc.txt	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\Common Files\System\msadc\fr-FR\msadcor.dll.mui	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_matte.wmv	d79782235fee09583245db055ff135db.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\WidevineCdm\LICENSE	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\1047x576black.png	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\mr.pak.exe	d79782235fee09583245db055ff135db.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_200_percent.pak	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\InkDiv.dll	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\InputPersonalization.exe.mui.exe	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\pt-BR\tipresx.dll.mui	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-back-static.png.exe	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ConvertInkStore.exe.exe	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\TitleButtonIcon.png.exe	d79782235fee09583245db055ff135db.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\notification_helper.exe	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-back-static.png	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-back-static.png.exe	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\DVD Maker\soniccolorconverter.ax.exe	d79782235fee09583245db055ff135db.exe
File opened for modification	C:\Program Files\7-Zip\readme.txt	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\tipskins.dll	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationRight_ButtonGraphic.png.exe	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\ParentMenuButtonIconSubpict.png.exe	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\Common Files\System\wab32.dll.exe	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationRight_SelectionSubpicture.png	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\blackbars60.png.exe	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationLeft_SelectionSubpicture.png	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\7-Zip\7z.dll.exe	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\7-Zip\Lang\es.txt.exe	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\InputPersonalization.exe.mui	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipskor.xml	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\babyblue.png	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationLeft_ButtonGraphic.png.exe	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationUp_SelectionSubpicture.png	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\vignettemask25.png.exe	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\mip.exe.mui.exe	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsptg.xml.exe	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\tabskb.dll.exe	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainBackground.wmv	d79782235fee09583245db055ff135db.exe
File opened for modification	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\id.pak	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\vulkan-1.dll.exe	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\mraut.dll	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\Common Files\System\msadc\it-IT\msdaprsr.dll.mui.exe	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\TitleButtonIcon.png	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationUp_ButtonGraphic.png	d79782235fee09583245db055ff135db.exe
File opened for modification	C:\Program Files\7-Zip\Lang\hu.txt	d79782235fee09583245db055ff135db.exe
File opened for modification	C:\Program Files\7-Zip\Lang\pt.txt	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\IPSEventLogMsg.dll.mui.exe	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\IpsMigrationPlugin.dll.mui.exe	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsfin.xml	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\background.png.exe	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\travel.png.exe	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\cloud_Thumbnail.bmp.exe	d79782235fee09583245db055ff135db.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\de.pak.exe	d79782235fee09583245db055ff135db.exe

C:\Users\Admin\AppData\Local\Temp\d79782235fee09583245db055ff135db.exe
"C:\Users\Admin\AppData\Local\Temp\d79782235fee09583245db055ff135db.exe"
1⤵
- Drops desktop.ini file(s)
- Drops file in Program Files directory
PID:2216

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\7-Zip\7-zip32.dll.exe

Filesize
2.8MB

MD5
c8145931a55237ca929ad608f7a290a8

SHA1
e6245d0b6190265640437d176164604df1b4951e

SHA256
c39e3e61c4aa32cc7ab342c03e81798e0c25ff367ee1c4d0bc128631273b8947

SHA512
ccac5a55f083e1b8adae47540bc41bd360f80d35356dd2eccd5b97127ae4204119f34beebe26247664b9f005370cb61464388e02562df0106d08c9025945fafa

Download Submit
memory/2216-0-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download
memory/2216-212-0x0000000000400000-0x00000000005BA000-memory.dmp

Filesize
1.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads