91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784

Analysis

max time kernel
150s
max time network
126s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
31/05/2024, 00:35

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
Size

69KB
MD5

ee18366aa37b1a3b7ff1c3d64ae2db49
SHA1

8959914f207f2b15d7376c8de6bf1ce85784e521
SHA256

91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784
SHA512

52d85ac57d258428be8ba85f3b280e50700425ede2b14a28ae3af81faf36c1e038b1a2a91a486ca5a62723b416e30a3a3bc7db2925c47390e5030e8950c8c869
SSDEEP

1536:W7ZppApUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFsAcEhW:6pWpUFpEhLfyBtPf50FWkFpPDze/qFs3

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (525) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\button-highlight.png.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\sunmscapi.dll.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\TipBand.dll.mui.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\th-TH\tipresx.dll.mui.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\Common Files\System\ado\es-ES\msader15.dll.mui.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToScenesBackground_PAL.wmv.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\Internet Explorer\pdm.dll.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\7-Zip\7-zip32.dll.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\7-Zip\Lang\ka.txt.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\Common Files\System\Ole DB\it-IT\sqlxmlx.rll.mui.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\DVD Maker\es-ES\WMM2CLIP.dll.mui.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationRight_ButtonGraphic.png.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\1047x576black.png.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\es-419.pak.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\dicjp.bin.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\Common Files\System\msadc\es-ES\msadcor.dll.mui.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-background.png.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\blackbars80.png.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\Internet Explorer\F12.dll.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\InkObj.dll.mui.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\Common Files\System\msadc\msadco.dll.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainBackground_PAL.wmv.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_SelectionSubpicture.png.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationLeft_ButtonGraphic.png.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\7-Zip\Lang\sr-spl.txt.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\Common Files\System\ado\msado27.tlb.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\play-static.png.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\pushplaysubpicture.png.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\Logo.png.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\splashscreen.dll.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\7-Zip\Lang\th.txt.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\Common Files\System\msadc\msadcor.dll.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\Common Files\System\msadc\msdfmap.dll.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationUp_SelectionSubpicture.png.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\7-Zip\Lang\cy.txt.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\dicjp.dll.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrfralm.dat.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\dotslightoverlay.png.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\SmallLogo.png.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jrunscript.exe.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_ko_KR.jar.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\libxml2.dll.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\mshwLatin.dll.mui.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToScenesBackground.wmv.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Bear_Formatted_RGB6_PAL.wmv.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationRight_SelectionSubpicture.png.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationRight_SelectionSubpicture.png.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationLeft_SelectionSubpicture.png.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push_title.png.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\javaw.exe.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\classes.jsa.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\7-Zip\7zFM.exe.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Pretty_Peacock.jpg.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-back-static.png.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToScenesBackground_PAL.wmv.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\ij.bat.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\IPSEventLogMsg.dll.mui.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\TipTsf.dll.mui.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationUp_SelectionSubpicture.png.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\Google\Chrome\Application\chrome_proxy.exe.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\et.pak.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\pt-PT.pak.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\idlj.exe.tmp	91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe

C:\Users\Admin\AppData\Local\Temp\91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe
"C:\Users\Admin\AppData\Local\Temp\91e6337a61f3853e31c93f3856177a3aab4a129224dfe7e918fdc819d2f77784.exe"
1⤵
- Drops file in Program Files directory
PID:1152

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-330940541-141609230-1670313778-1000\desktop.ini.tmp

Filesize
70KB

MD5
5f6b5de418533120d71af3bad6c855d0

SHA1
67ef999dcc9f5ec00bee48767de18d8f62043ad9

SHA256
e563eb893af70dae8dd2c414a476166a3282aa3d10d5e7a83aef6b1310698436

SHA512
b8f54ad732402773567a600e3eb28551178a30802b0a9ef34239c1e253c9f0f3986abb2ca910f4805e49e2b4e8ab240fa3f6959453e8f1e51f50922bf3135286

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
79KB

MD5
c17c06a2ba845d78d71349bef8771ccd

SHA1
ee3d489d34e7020d05cc5bea63bc4afa81dd66c9

SHA256
83324897148535d689eaede281c9686ac735c69076275e110e8f4ee117d93114

SHA512
a409f0ebf3ab244036a72a9b7b5cff1a388074ad634867fa952e2281e1f6669929cd6b1ceb4a5a6ba654c7555abc5a076a4e2f4d37a40e2d5d81f0a1f34402c7

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads