f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1

Analysis

max time kernel
150s
max time network
118s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
12-05-2024 05:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
Size

89KB
MD5

926819d9a7dd51405f50014bbcba75bc
SHA1

41a72e1cb2d7f40998e14748c5cc4ed41ee32dce
SHA256

f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1
SHA512

131836dd5b901d110279e33c09afd0109928638888b6816e8944f7026b9e283f6f77f712b9aaf0d9d84ffc1362b509f735a758cdbdce3ff0a212cc4ddeedbdcb
SSDEEP

1536:W7ZhA7pApMaxB4b0CYJ97lEVqNR7Yge+eJG/x/aJaKJawHCHD:6e7WpMaxeb0CYJ97lEYNR73e+eKZp

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3427) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\VideoLAN\VLC\lua\http\requests\browse.json.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\ja-JP\RSSFeeds.html.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-io-ui.jar.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiling_zh_CN.jar.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Java\jre7\bin\ktab.exe.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Java\jre7\lib\deploy\splash.gif.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\VideoLAN\VLC\Documentation.url.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Irkutsk.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Urumqi.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-threaddump.xml.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libtransform_plugin.dll.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\visualization\libglspectrum_plugin.dll.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Common Files\System\msadc\msadcs.dll.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\1047x576black.png.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\locale\jfluid-server_zh_CN.jar.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Java\jre7\bin\net.dll.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\fr-FR\clock.html.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\London.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Chagos.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\alert_obj.png.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Microsoft Games\FreeCell\en-US\FreeCell.exe.mui.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_mmx_plugin.dll.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Ulaanbaatar.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Spades\fr-FR\shvlzm.exe.mui.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\ja\System.Data.Entity.Design.Resources.dll.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\micaut.dll.mui.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationLeft_SelectionSubpicture.png.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-back-static.png.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\attach.dll.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-execution.xml.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libdcp_plugin.dll.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_av1_plugin.dll.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Jamaica.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Java\jre7\lib\zi\Antarctica\Davis.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\es\PresentationBuildTasks.resources.dll.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\NextMenuButtonIcon.png.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.services_1.1.0.v20140328-1925.jar.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sampler_ja.jar.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-filesystems.xml.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-application.xml.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_dirac_plugin.dll.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_foggy.png.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Windows Journal\fr-FR\NBMapTIP.dll.mui.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Windows Media Player\fr-FR\WMPSideShowGadget.exe.mui.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Windows Media Player\it-IT\wmpnssci.dll.mui.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Common Files\System\msadc\es-ES\msdaremr.dll.mui.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Common Files\System\msadc\msdaremr.dll.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationLeft_ButtonGraphic.png.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiler_ja.jar.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Athens.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_mpjpeg_plugin.dll.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw120.png.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\whitemenu.png.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\javap.exe.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Yellowknife.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Java\jre7\lib\jfr\default.jfc.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Enderbury.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\IpsMigrationPlugin.dll.mui.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\booklist.gif.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\VideoLAN\VLC\locale\sq\LC_MESSAGES\vlc.mo.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Windows Journal\de-DE\jnwmon.dll.mui.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Iqaluit.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Prague.tmp	f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe

C:\Users\Admin\AppData\Local\Temp\f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe
"C:\Users\Admin\AppData\Local\Temp\f7a1560b678ed5fab3f5022cead638948fd5f5d2d0db48fead482b1bfd4db4f1.exe"
1⤵
- Drops file in Program Files directory
PID:1460

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-1298544033-3225604241-2703760938-1000\desktop.ini.tmp

Filesize
89KB

MD5
73b47d0fab23206667a231067d873273

SHA1
26dea4bda27cb0de1a028c739c4d7d90b7e562ed

SHA256
d7b0ce41827d9af4fecb2e40d6c65a41910a47d02b5dfe5d9289bb0d5f63523f

SHA512
a350de74e8b8ab8d2ea7ab048a681ef260abea5c48686a06506897680e9220f586c454a3c64486563156674e455942f1633717fb845e154a18b81be5eed9014c

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
98KB

MD5
8c37bac0182f7828b6a0a71f38ea8f26

SHA1
63c983dc668f73540436675ab793587cb01e4646

SHA256
23ddcae76c5b27795b7c515362f772193a34bb182fde9cb9bcebfab5f4041e52

SHA512
047a1fa9f93a71740dd98682e6b8e71f035074a8e17bb05bf9e7874e105e3386cf0e78e7853c87c17de9d1f1a05734697c3c76e409beb379cdc6a5ed41c0bfe2

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads