cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b

Analysis

max time kernel
150s
max time network
120s
platform
windows7_x64
resource
win7-20240419-en
resource tags

arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
submitted
02/05/2024, 03:44

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
Size

93KB
MD5

cf0f6e96925d1d6ba0974a76d5920e3d
SHA1

497c4d9bb872ffbf2327fab080836802e6adbdfa
SHA256

cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b
SHA512

fe2556a7e6e60ff7089e0f330a92a44d9918e9665a40ba8191a3046b18f9b147d39660ce1d5023910e4878c529cd5979d979c887de24769063321dd370384c40
SSDEEP

1536:W7ZrpApojOPG0PGQJwFJwkpe+eTDPfFpsJOfFpsJCAdCjHKP76I:6rWpcOPxPke+e3fFpsJOfFpsJbgEh

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3503) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\MSInfo\it-IT\msinfo32.exe.mui.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Eirunepe.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.nl_zh_4.4.0.v20140623020002.jar.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\ja\System.Xml.Linq.Resources.dll.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\librawvid_plugin.dll.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\QRCode.pmp.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\TipRes.dll.mui.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_mru_on_win7.css.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Java\jre7\bin\tnameserv.exe.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\VideoLAN\VLC\lua\playlist\bbc_co_uk.luac.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\fr-FR\css\currency.css.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\ja-JP\js\picturePuzzle.js.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\System.Web.Entity.Design.Resources.dll.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\liboggspots_plugin.dll.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\15x15dot.png.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\psfontj2d.properties.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.zh_CN_5.5.0.165303.jar.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\JoinExpand.mp2.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\System.IO.Log.Resources.dll.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\System.Data.Services.resources.dll.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\39.png.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\fr-FR\css\localizedSettings.css.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Bear_Formatted_MATTE2_PAL.wmv.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.contenttype_3.4.200.v20140207-1251.jar.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\VideoLAN\VLC\locale\ta\LC_MESSAGES\vlc.mo.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\VideoLAN\VLC\locale\zu\LC_MESSAGES\vlc.mo.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_diagonals-thick_18_b81900_40x40.png.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_s.png.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jps.exe.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\hprof.dll.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\InkObj.dll.mui.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-charts.xml.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-host-views.jar.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Checkers\ChkrRes.dll.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\d3d11\libdirect3d11_filters_plugin.dll.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_rainy.png.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\System.Web.Entity.Resources.dll.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Yellowknife.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\VideoLAN\VLC\lua\intf\telnet.luac.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-new_partly-cloudy.png.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\cryptocme2.sig.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Page.wmv.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.jobs_3.6.0.v20140424-0053.jar.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Windows Defender\es-ES\MsMpRes.dll.mui.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\clock.js.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_dot.png.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\it-IT\js\settings.js.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Java\jre7\lib\jce.jar.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Port_of_Spain.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\ja-JP\css\settings.css.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\es-ES\js\library.js.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\16.png.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Java\jre7\bin\jfxmedia.dll.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Java\jre7\lib\management\jmxremote.access.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Tarawa.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Java\jre7\release.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libgradfun_plugin.dll.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\fr-FR\css\picturePuzzle.css.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.databinding.nl_zh_4.4.0.v20140623020002.jar.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-actions.xml.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationLeft_ButtonGraphic.png.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.nl_ja_4.4.0.v20140623020002.jar.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-attach.xml.tmp	cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe

C:\Users\Admin\AppData\Local\Temp\cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe
"C:\Users\Admin\AppData\Local\Temp\cc07206f3b6e7a9bf6b57f5ae5fa5c6f9a0c2b149bfc830db65d0234642d1a4b.exe"
1⤵
- Drops file in Program Files directory
PID:2320

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-481678230-3773327859-3495911762-1000\desktop.ini.tmp

Filesize
93KB

MD5
82047198aaa709c71186faf2e5356268

SHA1
189777698e646852f70e50ef35ab03836fd1d362

SHA256
94f1fdccbbef1c62323f856a40be922a59ca0643f35c2fdfb15e6c0010be8fd1

SHA512
e4b2948fb791af4eda532ec0486d5490d2561dae914f5a911c973260b81d5e50c29b4120d70a48c415e64d907755df3de0f2f6951e613cdda49a92d875477527

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
102KB

MD5
78fba4fb661a08d7709f8294432b9cfd

SHA1
dbc013644209f68ddc572d11f762ff31d2351fe5

SHA256
f4a8bd251b41ebe20ebb7ed8378112fbe632b5482b04d836571c16bf41329ccb

SHA512
aa38e9b55a3005da66ab85f1d9129353c6c1be57d66abdc677cf0b3ee1db3c1ed70c4e68f15827883df426de4ae506820a1fb000eb1a94fa531c3c01d4931f1a

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads