3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a

Analysis

max time kernel
150s
max time network
121s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
12/05/2024, 21:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
Size

131KB
MD5

53e4eceb374c2fb53a3a4f1271bd4ee0
SHA1

e27ecfada880c15e95c1fd974b8fd5e189f7875e
SHA256

3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a
SHA512

75cc844a722e98e4de448a3acb4a2c3a2f43efcfe00d03386b1ebbc8a135cc52016eb5f78da471878b804ed3f3958483ca88f20c0460c918b349a57aaad16402
SSDEEP

1536:W7ZQpApjIZNdNnfFpsJOfFpsJ+n1k1jWk1jLgGYJ5OngGYJ5OI:6QWpkzlfFpsJOfFpsJ+n6jXhBhS

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3446) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-coredump.xml.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Java\jre7\lib\flavormap.properties.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Mozilla Firefox\freebl3.dll.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_SelectionSubpicture.png.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\bandwidth.png.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainBackground.wmv.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Guyana.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Brunei.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fontconfig.bfc.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\Welcome.html.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Choibalsan.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\glib-lite.dll.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\rightnav.gif.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\logger\libfile_logger_plugin.dll.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Argentina\San_Luis.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Mozilla Firefox\IA2Marshal.dll.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\System.Data.Entity.Resources.dll.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libadaptive_plugin.dll.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred.xml.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Java\jdk1.7.0_80\include\classfile_constants.h.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Mexico_City.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\locale\com-sun-tools-visualvm-modules-startup_zh_CN.jar.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\7-Zip\Lang\sw.txt.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\InkWatson.exe.mui.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Internet Explorer\F12.dll.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Stockholm.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs_ja.jar.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-templates_ja.jar.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Port_of_Spain.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libshm_plugin.dll.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_winxp_blu.css.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-oql_ja.jar.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Java\jre7\lib\deploy\messages.properties.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\VideoLAN\VLC\locale\ru\LC_MESSAGES\vlc.mo.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\requests\browse.json.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\mraut.dll.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.felix.gogo.command_0.10.0.v201209301215.jar.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\control\liboldrc_plugin.dll.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Windows Defender\MpSvc.dll.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\ParentMenuButtonIcon.png.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\header-background.png.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\15x15dot.png.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\unpack200.exe.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Denver.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\dnsns.jar.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Berlin.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\GMT.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.engine.nl_ja_4.4.0.v20140623020002.jar.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\PST8.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-windows.xml.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libcdda_plugin.dll.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\grid_(inch).wmf.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\artifacts.xml.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.repository.nl_zh_4.4.0.v20140623020002.jar.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.natives.nl_zh_4.4.0.v20140623020002.jar.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Microsoft Games\FreeCell\desktop.ini.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.util_8.1.14.v20131031.jar.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Mozilla Firefox\ipcclientcerts.dll.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\NextMenuButtonIcon.png.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jabswitch.exe.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\resources.jar.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Marquesas.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\MANIFEST.MF.tmp	3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe

C:\Users\Admin\AppData\Local\Temp\3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe
"C:\Users\Admin\AppData\Local\Temp\3bbc143b1cc04d5e1213852dfb89253e1a96eb6db2384dd9299719def5237a5a.exe"
1⤵
- Drops file in Program Files directory
PID:2416

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2737914667-933161113-3798636211-1000\desktop.ini.tmp

Filesize
132KB

MD5
d589839ef3cd5d0be220f9dbc14921cf

SHA1
89b4ce29d899db82083fdc3d28e69d98f7369426

SHA256
c216155b4d552add2a70ee5211d85be3d20f171d2cf71aa0b570d6836980798d

SHA512
1fc6b1634ea2e52271eaac4dc1321f956c2d4299a19888ef38adeb89fe972ccbd92aefe123be18482c4d9ba69664b0d9db91ac1d1986731bb4920a53613bfba9

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
141KB

MD5
89fabfc81d71a654e3590f3cb502ae75

SHA1
49c459ca74df0cdd0978e72773a065fa87423016

SHA256
12d27e03536641e8a3530e857dd08dca8261519375d858e109572767ac6b09f9

SHA512
4b203ff372f87e8d1bba9172007da74616f9d755814c7cf2496d31d15c25273367ac2c76c1b67fa31d4be60eb29b4c2b37f81c3be75df0896c04d297c227c2f2

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads