Analysis
-
max time kernel
150s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
08/06/2024, 02:16
Static task
static1
Behavioral task
behavioral1
Sample
1d4dac3e90b40b91d0184fa4f6823540.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1d4dac3e90b40b91d0184fa4f6823540.exe
Resource
win10v2004-20240508-en
General
-
Target
1d4dac3e90b40b91d0184fa4f6823540.exe
-
Size
81KB
-
MD5
1d4dac3e90b40b91d0184fa4f6823540
-
SHA1
513e5f69de8d99054153ffb0c679a64a0f2e2e19
-
SHA256
4bf897677e2e9dfd45bb61bc33f503afb53f8edbf7b17bbdf7060ecb8bc3aee8
-
SHA512
2b0461d5b700dd0899a2d67a1f6b8bbcf112da47c5595a5b14ab2a916b2113f818fd852b33984643db629ff11d6ad88d8aec159b6d057d8427cb0d8ff5c80968
-
SSDEEP
1536:W7ZDpApYbWjIlE77ufL2e+efZwZQ/8S/8A:6DWpwE7oL2e+efZwZ08i8A
Malware Config
Signatures
-
Renames multiple (3516) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Program Files directory 64 IoCs
description ioc Process File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Funafuti.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.components.ui.zh_CN_5.5.0.165303.jar.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.bidi_0.10.0.v20130327-1442.jar.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-outline_ja.jar.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-editor-mimelookup.jar.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-selector-api.xml.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Utilities.v3.5.dll.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Common Files\Microsoft Shared\Filters\offfiltx.dll.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_vc1_plugin.dll.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Windows Journal\fr-FR\jnwmon.dll.mui.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Windows NT\TableTextService\TableTextServiceYi.txt.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)grayStateIcon.png.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\VideoLAN\VLC\plugins\access\libshm_plugin.dll.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\PST8PDT.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Mozilla Firefox\api-ms-win-core-file-l2-1-0.dll.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\System.Speech.resources.dll.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Windows Journal\de-DE\jnwmon.dll.mui.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dhaka.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.event_1.3.100.v20140115-1647.jar.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-loaders.jar.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libcache_read_plugin.dll.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Windows Mail\WinMail.exe.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\info.png.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Puerto_Rico.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-charts.jar.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Microsoft Games\Mahjong\es-ES\Mahjong.exe.mui.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\UIAutomationTypes.resources.dll.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\VideoLAN\VLC\lua\http\images\Back-48.png.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Windows Defender\es-ES\MpEvMsg.dll.mui.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_rainy.png.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\splashscreen.dll.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\VideoLAN\VLC\plugins\misc\libgnutls_plugin.dll.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Windows NT\TableTextService\TableTextServiceSimplifiedZhengMa.txt.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_down.png.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Java\jre7\lib\cmm\sRGB.pf.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPBlue.png.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-windows_zh_CN.jar.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\de\System.Data.DataSetExtensions.Resources.dll.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Windows Media Player\ja-JP\WMPMediaSharing.dll.mui.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_rest.png.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-last-quarter_partly-cloudy.png.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkClientCP.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification.ja_5.5.0.165303.jar.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-settings.xml.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\sk-SK\tipresx.dll.mui.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-back-over-select.png.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Internet Explorer\jsprofilerui.dll.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\feature.properties.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.security.ui_1.1.200.v20130626-2037.jar.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.nl_zh_4.4.0.v20140623020002.jar.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-lib-uihandler_ja.jar.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Java\jre7\lib\security\trusted.libraries.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\masterix.gif.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-remote_ja.jar.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Java\jre7\lib\zi\Africa\Nairobi.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Microsoft Games\Hearts\HeartsMCE.png.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\VideoLAN\VLC\lua\http\images\Other-48.png.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\base-docked.png.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\SmallLogoBeta.png.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-tabcontrol_ja.jar.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\System.Net.Resources.dll.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe File created C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\css\calendar.css.tmp 1d4dac3e90b40b91d0184fa4f6823540.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
82KB
MD517a92d5405c73a285d3fb1d1c5d9556c
SHA1d61451de495514dd9047ecc98143c497dc0504a7
SHA256256ac31f04a501145d798fe5870ba452edff961ddcaf0c835682b5fe8d3c6952
SHA512b227e6808398aa9926a91b26c91f71568821c6fcdac6a6f807ada7f48dd90ce1c37f70dc0051183cd9f51d572165d82ce4b22606c655d9a906db57a9cce11c07
-
Filesize
91KB
MD52e3a55799bb339bd67110e9e9dddc785
SHA1ac74ef2989f112309cfc0172a2a64f5f5c1a1c8b
SHA2565135375abb79670a25510b6f9ceb2afd5c56b3a7e2a247e07ecc7de286822dd7
SHA5124c1fd371fea1a4c6a837d2eebe2a8081d41ff8378ff97822ae2613a939b2f755ae3259d06fc543ec8b9420045e842b2ca130a8e8893ff90d313f037c9f0a709d