Analysis
-
max time kernel
150s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
01/06/2024, 20:05
Static task
static1
Behavioral task
behavioral1
Sample
335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe
Resource
win10v2004-20240508-en
General
-
Target
335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe
-
Size
81KB
-
MD5
2106eedc6b545e7032704eb9f0985082
-
SHA1
52575bf2f84f5f63099105a50ce7a06955cdf367
-
SHA256
335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149
-
SHA512
bfd61d5abce899f968469b56b9460daacd1bfc41e8616ec58e3ca4e184a5af90ad6b294dcb647381809476b20a0654d6d1b4cb60e232a4b2acfae7c29cb7d4b1
-
SSDEEP
1536:W7ZhA7pApvOsOKjC0YSilpFpfkJOM2kJOMIsKsc696EB:6e7WpXYvndEB
Malware Config
Signatures
-
Renames multiple (3505) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Program Files directory 64 IoCs
description ioc Process File created C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationUp_ButtonGraphic.png.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\HST.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\EST5EDT.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-print.xml_hidden.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Microsoft Office\Office14\AUTHZAX.DLL.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\tipresx.dll.mui.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Common Files\System\msadc\en-US\msdaprsr.dll.mui.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\title_stripe.png.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Mozilla Firefox\api-ms-win-core-timezone-l1-1-0.dll.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Windows Media Player\it-IT\wmplayer.exe.mui.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_classic_win7.css.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Java\jre7\bin\jabswitch.exe.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Java\jre7\lib\classlist.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Java\jre7\lib\zi\Pacific\Galapagos.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\authplay.dll.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\PreviousMenuButtonIcon.png.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\pack200.exe.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychart.ui.ja_5.5.0.165303.jar.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\VideoLAN\VLC\skins\skin.catalog.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\16.png.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\fontmanager.dll.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\MST.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Java\jre7\lib\zi\America\Nipigon.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-last-quarter_partly-cloudy.png.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Windows Media Player\ja-JP\WMPSideShowGadget.exe.mui.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\rtscom.dll.mui.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Google\Chrome\Application\106.0.5249.119\vk_swiftshader.dll.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\de\WindowsFormsIntegration.resources.dll.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libheadphone_channel_mixer_plugin.dll.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\VideoLAN\VLC\plugins\codec\libtextst_plugin.dll.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_kor.xml.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Internet Explorer\pdm.dll.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\VideoLAN\VLC\locale\ps\LC_MESSAGES\vlc.mo.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cayenne.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_rest.png.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_setid_plugin.dll.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_over.png.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\logo.png.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_SelectionSubpictureB.png.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Java\jre7\lib\deploy\messages_de.properties.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Java\jre7\lib\zi\Pacific\Enderbury.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Java\jre7\lib\zi\Asia\Kolkata.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Java\jre7\lib\zi\Europe\Zurich.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libcache_block_plugin.dll.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\VideoLAN\VLC\plugins\video_filter\libcolorthres_plugin.dll.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_m.png.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\7-Zip\Lang\cs.txt.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_matte.wmv.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Internet Explorer\sqmapi.dll.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Java\jre7\lib\deploy\messages_ko.properties.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Java\jre7\lib\zi\America\Creston.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\VideoLAN\VLC\locale\pt_PT\LC_MESSAGES\vlc.mo.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\VideoLAN\VLC\plugins\access\libattachment_plugin.dll.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Windows Journal\es-ES\JNTFiltr.dll.mui.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\feature.properties.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.core_5.5.0.165303.jar.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-impl_ja.jar.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\6.png.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_ef8c08_256x240.png.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\VideoLAN\VLC\plugins\codec\libdmo_plugin.dll.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\de-DE\clock.html.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\settings.js.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\it-IT\js\highDpiImageSwap.js.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\button-highlight.png.tmp 335a14460f174dcf198d57bb6eeb70a80083bf2f4a2680925afe72789276f149.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
81KB
MD52e675dbe4960175560443cd756638281
SHA123f55902bcb493e0fa4d13833e1d0038b6aa721b
SHA2566f17f709ecf9779af5ed15a997c545ba242cc130f1ab29d1682a87899215519e
SHA512a488624a4e98881bf450c30939a4d21f231426bac8795b0e76741f8853484c8827119fad01067220eacc23ea1317d0aa62ee19aec0da239b1960cbb970abdd5b
-
Filesize
90KB
MD5032bf8161918ec30b9656196ca73e17d
SHA1009d47466f14eda19f758dbb401768e598ea6b16
SHA256f75cd40ae1215f098bea596bfbd2765448a2c0997513aad1c57e0394381ba525
SHA51213ea4236a9d09c57f21278e39efe9a0c16d001a43705030a7c3f335359c34996f4650dad1af5f483acf974112fa5407621dde795b7183eeda4bab17fe6ab02d8