Analysis
-
max time kernel
150s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
02/06/2024, 22:36
Static task
static1
Behavioral task
behavioral1
Sample
5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe
Resource
win10v2004-20240226-en
General
-
Target
5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe
-
Size
91KB
-
MD5
741e1e6fb41e551d97866d7efd5207df
-
SHA1
ac06c7869562f7b9bebf0858a1465f1f3fb41149
-
SHA256
5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f
-
SHA512
4b2620ed8b1ebf1f9840e0de2569d4322978ccaaa7fc3b27f923365f41ce45e65c12594c155b54220885ab39551f5215c7102fc025bbf79c91cb89c202ed8e91
-
SSDEEP
1536:W7ZrpApojOPG0PGQJwFJwkpe+eTDPfFpsJOfFpsJCAdCjHKPNc:6rWpcOPxPke+e3fFpsJOfFpsJbgEO
Malware Config
Signatures
-
Renames multiple (3446) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Program Files directory 64 IoCs
description ioc Process File created C:\Program Files\Java\jre7\lib\zi\Etc\GMT-12.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\de\UIAutomationClientsideProviders.resources.dll.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\LogoBeta.png.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-lib-uihandler_zh_CN.jar.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-keymap_zh_CN.jar.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\sunec.jar.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychartplugin_5.5.0.165303.jar.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\win7Handle.png.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Java\jre7\lib\zi\America\Mexico_City.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Mozilla Firefox\firefox.exe.sig.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\HandPrints.jpg.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Java\jdk1.7.0_80\bin\wsgen.exe.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_it.properties.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\es-ES\css\settings.css.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_up.png.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\Microsoft.Build.Engine.resources.dll.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_mosaic_bridge_plugin.dll.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Windows Mail\WinMail.exe.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\de-DE\settings.html.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_up_BIDI.png.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.core.nl_zh_4.4.0.v20140623020002.jar.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Entity.Design.dll.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\VideoLAN\VLC\locale\ar\LC_MESSAGES\vlc.mo.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\es-ES\picturePuzzle.html.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\es-ES\css\RSSFeeds.css.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\InputPersonalization.exe.mui.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\DVD Maker\de-DE\OmdProject.dll.mui.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Java\jre7\bin\WindowsAccessBridge-64.dll.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\ja\System.Data.Services.Design.resources.dll.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Windows NT\TableTextService\TableTextServiceAmharic.txt.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\es-ES\settings.html.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationRight_ButtonGraphic.png.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-awt.xml.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-profiling.jar.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Java\jre7\bin\jfxwebkit.dll.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Java\jre7\lib\ext\localedata.jar.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\VideoLAN\VLC\plugins\demux\libsid_plugin.dll.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\fr-FR\settings.html.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\lt.pak.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\San_Juan.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.jobs_3.6.0.v20140424-0053.jar.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Microsoft Games\Multiplayer\Spades\shvlzm.exe.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_buttongraphic.png.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\fontconfig.properties.src.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\date-span-16.png.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ja_5.5.0.165303.jar.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\javacpl.cpl.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Taipei.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.diagnostic.ja_5.5.0.165303.jar.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\micaut.dll.mui.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\de\UIAutomationProvider.resources.dll.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_sun.png.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Java\jre7\lib\zi\MET.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\VideoLAN\VLC\lua\playlist\newgrounds.luac.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-attach.xml.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Puerto_Rico.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.nl_zh_4.4.0.v20140623020002.jar.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-applemenu_ja.jar.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_ffd27a_256x240.png.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_sse2_plugin.dll.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Windows Defender\MpClient.dll.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\icon.png.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\heart_glass_Thumbnail.bmp.tmp 5e4ab722fe710f6704c7557ed94cebb5a87b27caa18d4f3baf336a8846444c1f.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
91KB
MD5965cf30f0e2499f08869590569563458
SHA1fdf3f4496208d58fa84ec6fa1b764bcdbeafb2e3
SHA2565be5bb0788acb73d588e238d0944143fb056557d473f7c0b72eaeb6693c27bd4
SHA5122143b413662f0a364f2e7bfb5b89837ba5381dada352f070f88d1520b247301763de5ba3f194138ed43ae9db8b9c6802d2b06f2f7ac5dec1fc947df8cd1cba98
-
Filesize
100KB
MD5a087e3fb4e5ccb059ce60aa15538bb61
SHA116dfeb8d86ec68dc5b6de40cbf2471d623490c51
SHA2563f11b285d85dce103f75f4712a2dd0b76516c6d8c177d3678eccf94474daf5b3
SHA5125127efa28ced6ac2cffc3867cd9cdd4160b7b76b06cbc08ab9bd4d359d24e8982b5ed8a96a9448b0592003d31d9e86b09ef21d735788202c6ef7f54f02c14924