d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d

Analysis

max time kernel
150s
max time network
121s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
11-05-2024 03:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
Size

106KB
MD5

6a61e780dc8761c100dbfd430087b9d8
SHA1

56258acb817368683598c4c02cece0b0972467f2
SHA256

d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d
SHA512

34f4448ce9520cd39ab00b404abdcd3fbff8aa019761e1114ed85614599e97877349ddf963fe9aabbb2a3782a53028fe9b25f89e46a7058e9314d2dfa133a291
SSDEEP

768:W7BlpQpARFbh2UM/zX1vqX1vLFB5W5pYJIJDYJIJOO6O2lpHiJOP25LqrH5HiJO9:W7ZQpApjIWe+eoO6O2lpiMZiMjj/

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (606) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\7-Zip\Lang\mk.txt.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\tipresx.dll.mui.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrenalm.dat.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\meta-index.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\kcms.dll.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\sunmscapi.jar.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Common Files\System\Ole DB\en-US\oledb32r.dll.mui.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationRight_SelectionSubpicture.png.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Internet Explorer\Timeline.dll.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\javah.exe.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\keytool.exe.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\ij.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\7-Zip\Lang\et.txt.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwruksh.dat.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Common Files\System\msadc\de-DE\msaddsr.dll.mui.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Common Files\System\msadc\msdfmap.dll.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_100_percent.pak.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\java_crw_demo.dll.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\tipresx.dll.mui.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationUp_ButtonGraphic.png.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_scrapbook_Thumbnail.bmp.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\content-background.png.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\es.pak.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_pt_BR.jar.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\vulkan-1.dll.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad.xml.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_VideoInset.png.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Perf_Scenes_Subpicture1.png.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\title_trans_scene.wmv.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome.dll.sig.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\hu.pak.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\tipresx.dll.mui.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\FlickLearningWizard.exe.mui.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\default_apps\external_extensions.json.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_zh_CN.properties.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\zh-TW\tipresx.dll.mui.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\OrangeCircles.jpg.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\TitleButtonIcon.png.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationLeft_SelectionSubpicture.png.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\deploy.dll.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\7-Zip\7zFM.exe.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Common Files\System\msadc\msdaprst.dll.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Common Files\System\Ole DB\de-DE\oledb32r.dll.mui.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Internet Explorer\Timeline.cpu.xml.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Notes_content-background.png.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\de.pak.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\7-Zip\Lang\gu.txt.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\mshwLatin.dll.mui.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\tabskb.dll.mui.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Roses.jpg.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_RGB_PAL.wmv.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\el.pak.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgeCalls.h.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\tipresx.dll.mui.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Hand Prints.htm.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Common Files\System\Ole DB\en-US\sqlxmlx.rll.mui.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\whitemask1047.png.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\PreviousMenuButtonIcon.png.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\es-419.pak.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\ea-sym.xml.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\Common Files\System\msadc\it-IT\msadcfr.dll.mui.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push_item.png.tmp	d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe

C:\Users\Admin\AppData\Local\Temp\d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe
"C:\Users\Admin\AppData\Local\Temp\d51fa0f8ee5116dfc926f25574eea26991dd662566815a06fd715df99a4c7f0d.exe"
1⤵
- Drops file in Program Files directory
PID:2848

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-330940541-141609230-1670313778-1000\desktop.ini.tmp

Filesize
106KB

MD5
b73f69c9175f70507e6e0774525fcd8f

SHA1
23bc8f8fbb716faec5e41b2d9755c19f7986ae63

SHA256
9dbcf7f51b9fe0d543606cf5da1a22ae20af3115d371db56a7e9db4693480029

SHA512
48b47120e68d1c7888cd95dcb6335702cc58effa5150c40fa7a0301141ca19065fafa3227e2474668832a761a17f615db3d17f955cc9692c999a41c5c366fe57

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
115KB

MD5
749e94bd233cf3bb1aae0c8a49c9e4d8

SHA1
5ae8888ff9b4b67c11101bd103a158cfebcacfe1

SHA256
0bfcef10fa339b02bb668189334f742bcbc257e766670da61a3adba760d0519f

SHA512
e4e073c6fb5e5c5026ccacae1635be6f559fcb9ef5e45ae7fe13a382b2149b0eb0e48dc864ecf5d68e372e3f43e86d6d659ac81fc2cdc1ce1a5c27846a635203

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads