3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044

Analysis

max time kernel
149s
max time network
125s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
20/04/2024, 21:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
Size

72KB
MD5

6245a21f3f4b5192352b1a71bd24d1bf
SHA1

98723aaa6ae303a0d249843f5b79605cfbf4a246
SHA256

3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044
SHA512

ba22e4613b40b1261adb12fcb2e12767fc6c7feb7f9224d3d4ec8b51e99111ad350c9186bcc73c2a538d4b5b0b571a353aaafd8349233c89bbc700db5e46b24c
SSDEEP

1536:W7Z9pApQESOHepOHe8G+6E65TGAzEWzVNOx0ypIzIu73mYdE9aC3s9XL7EWzVNO6:69WpQEJAzEWzVNOx0ypIzIu73mYdE9dS

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (598) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwresslm.dat.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\sl-SI\tipresx.dll.mui.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.MOF.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-over-DOT.png.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationLeft_ButtonGraphic.png.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\7-Zip\Lang\ms.txt.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\7-Zip\Lang\si.txt.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\ja-jp.xml.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\rtscom.dll.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\1047x576black.png.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-highlight.png.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\ssvagent.exe.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Common Files\System\msadc\it-IT\msdaprsr.dll.mui.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\DVD Maker\es-ES\OmdProject.dll.mui.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\cloud_Thumbnail.bmp.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_CopyNoDrop32x32.gif.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsptb.xml.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\sv-SE\tipresx.dll.mui.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Common Files\Microsoft Shared\MSInfo\de-DE\msinfo32.exe.mui.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightItalic.ttf.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\ShapeCollector.exe.mui.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Common Files\System\ado\msado20.tlb.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\ja-jp-sym.xml.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrfrash.dat.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXEV.DLL.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\userContent_16x9_imagemask.png.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\Logo.png.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Internet Explorer\pdm.dll.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\InkObj.dll.mui.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\imjplm.dll.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_LOOP_BG_PAL.wmv.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationLeft_ButtonGraphic.png.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ta.pak.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\tnameserv.exe.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\7-Zip\Lang\cs.txt.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\7-Zip\Lang\pa-in.txt.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationRight_SelectionSubpicture.png.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationRight_ButtonGraphic.png.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\hi.pak.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad.xml.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationRight_SelectionSubpicture.png.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationRight_ButtonGraphic.png.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\7-Zip\Lang\sq.txt.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\TipTsf.dll.mui.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Common Files\System\msadc\ja-JP\msdaprsr.dll.mui.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Common Files\System\Ole DB\ja-JP\sqloledb.rll.mui.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\DVD Maker\fr-FR\DVDMaker.exe.mui.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr\default.jfc.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Common Files\System\ado\msado27.tlb.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Common Files\System\msadc\en-US\msaddsr.dll.mui.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationUp_ButtonGraphic.png.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Java\jdk1.7.0_80\include\jdwpTransport.h.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Common Files\System\ado\en-US\msader15.dll.mui.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\bg.pak.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ko.pak.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\7-Zip\Lang\bg.txt.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\tabskb.dll.mui.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\tipresx.dll.mui.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\lv-LV\tipresx.dll.mui.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationLeft_SelectionSubpicture.png.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\7-Zip\Lang\is.txt.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\TitleButtonSubpicture.png.tmp	3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe

C:\Users\Admin\AppData\Local\Temp\3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe
"C:\Users\Admin\AppData\Local\Temp\3d8b11d4dcd1c2056c7dc4847018c6bb0d79eaf0c35e2eaedbc443cf54346044.exe"
1⤵
- Drops file in Program Files directory
PID:2892

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-330940541-141609230-1670313778-1000\desktop.ini.tmp

Filesize
72KB

MD5
a87dc59803961e3dd3de130a365a39c7

SHA1
f7422b87bac7d50227acf300ad1865f40a987d8e

SHA256
41a99c821388226cb2d5676ee5cfa8a31569cea857b1dd5772d3c469620de58a

SHA512
6099077e8a745e37cfcc99bdf4a0f6b67c0afc7521cf5df477808ef9472b76414ea8d09490f1439c6fd3dfa2e89857684cc5557a7a07557663fe423b6e7e93a0

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
81KB

MD5
911fe47685e3cba30153a2b73ae9f163

SHA1
6234a8b364663162006284480992c60783ee41e7

SHA256
d48e75b34d431ad46bc3144c2bbc5466eb749d1a0561c8c780345cea9218bdc9

SHA512
26ae8aebfc41280c3233fd27574c02170b0110a4e1b55f703279784ed84cf96c1b566e6e81c986823212e54343a82ea45b2d612824fdb2fa57f6b6f397b2b2f6

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads