aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b

Analysis

max time kernel
150s
max time network
120s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
30/05/2024, 01:32

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
Size

83KB
MD5

d1f65cca2b8ae6f6af68be8bd758327a
SHA1

d9d5cb5f057c3238809e4283243aeaeec6a7a278
SHA256

aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b
SHA512

0fee0a24ff78e10c693b682b58b4c795089ec4148c04c0bc92cb0e1117c35ec2e4cf8c1dca32a5003177d180a5ad522ac12b25d17a6151e41a12cbfdc9fd27f1
SSDEEP

1536:W7Z9pApQESOHepOHe8G+6E65dyGdykNdNBKv:69WpQE0zG

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3482) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrusash.dat.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\1047x576_91n92.png.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jcmd.exe.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Java\jre7\bin\ktab.exe.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Windows NT\TableTextService\TableTextServiceDaYi.txt.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\es-ES\RSSFeeds.html.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\ant-javafx.jar.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-views_zh_CN.jar.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_ffd27a_256x240.png.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libremap_plugin.dll.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Windows Media Player\fr-FR\wmpnetwk.exe.mui.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\FrameworkList.xml.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\7-Zip\Lang\ta.txt.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\7-Zip\readme.txt.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\IPSEventLogMsg.dll.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\softedges.png.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Internet Explorer\F12Resources.dll.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Spades\fr-FR\ShvlRes.dll.mui.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Engine.dll.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libimage_plugin.dll.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libmjpeg_plugin.dll.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\stream_extractor\libarchive_plugin.dll.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\ja-JP\css\settings.css.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\9.png.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_foggy.png.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ConvertInkStore.exe.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPCEXT.DLL.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\title_trans_notes.wmv.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\kcms.dll.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\visualization\libgoom_plugin.dll.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\daisies.png.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Oslo.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\VideoLAN\VLC\locale\am_ET\LC_MESSAGES\vlc.mo.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\de-DE\js\highDpiImageSwap.js.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\atl.dll.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Currie.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.filetransfer_5.0.0.v20140827-1444.jar.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-swing-tabcontrol.xml.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Java\jre7\lib\psfont.properties.ja.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Microsoft Games\Purble Place\es-ES\PurblePlace.exe.mui.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\System.Net.Resources.dll.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_few-showers.png.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbytools.jar.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-api_zh_CN.jar.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationProvider.dll.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Windows Sidebar\en-US\Sidebar.exe.mui.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\osppobjs-spp-plugin-manifest-signed.xrm-ms.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\Passport_PAL.wmv.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\bn.pak.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\es-419.pak.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-windows_zh_CN.jar.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToNotesBackground_PAL.wmv.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Java\jre7\lib\zi\MST7MDT.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Kuala_Lumpur.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\menu_style_default_Thumbnail.png.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-highlight.png.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Ceuta.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Catamarca.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.nl_ja_4.4.0.v20140623020002.jar.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt_0.11.101.v20140818-1343.jar.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-loaders.xml.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Seyes.emf.tmp	aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe

C:\Users\Admin\AppData\Local\Temp\aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe
"C:\Users\Admin\AppData\Local\Temp\aba4f715f1b793c04de9b8b2a79607c833a7e44b4def03f53fd8b8798ea7f21b.exe"
1⤵
- Drops file in Program Files directory
PID:2348

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3691908287-3775019229-3534252667-1000\desktop.ini.tmp

Filesize
83KB

MD5
14a4ef7080a7cf9984391d806dc28207

SHA1
c0069a46ad8c730b7ca232ba72c666ee31c652b2

SHA256
d162e999f94cdb0cc44a5da60bf2a5eb25f4a1fde5e2fd324cce80587aff53f0

SHA512
ff34e60713bbf7871cd2b2fc52ca38a17336980314a744ecb4db4c4b5ccc9385121997fae75fe4e4fd9d26377d4997a33731fe8e44be8eea7384a8f53feecbfd

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
92KB

MD5
9a75f0e743acb17278592887ced67280

SHA1
380efc3912c7c23af8595e65b967572c73f16872

SHA256
b7eb7391d6a7bb55df0e0aa894ed6925fed7cd4844892f2b2767199898d9fab9

SHA512
70547067afc9d34bbfb3c19688db9222ee96b0011efb9f1cbc12d1e3df07b3a9588fac2dc3c22f698b6c2c29aca955a7679026ec5f027c75f40ffc570f0046a3

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads