8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3

Analysis

max time kernel
150s
max time network
125s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
10-06-2024 14:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
Size

62KB
MD5

dea1c72890b2be5f646af9765aa9fead
SHA1

2d96d82fc1f930109ad50fbc0630c184f355cd5d
SHA256

8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3
SHA512

2a6b488cbafc769753c24ebd8c0696acaea58197150b62a98fa3bde55cc065a3d22db60663296b09deb6b8f41af9438f98456a31b95a37e79178adf55ff4f33a
SSDEEP

768:W7BlpDpARFbhYQkQjjIXYvPXzWPXzK3733uF4V7en5c5HChCrmhDps:W7ZDpApYbWjIoPyPoLzV7c6ShW

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (647) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\af.pak.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\alt-rt.jar.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\LINEAR_RGB.pf.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\7-Zip\Lang\bg.txt.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\7-Zip\Lang\tg.txt.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\tipresx.dll.mui.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\micaut.dll.mui.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Bear_Formatted_MATTE2_PAL.wmv.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\Alphabet.xml.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\tabskb.dll.mui.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\1047x576black.png.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\7-Zip\Lang\ro.txt.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred.xml.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Desktop.ini.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\15x15dot.png.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\rollinghills.png.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\te.pak.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbytools.jar.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Java\jdk1.7.0_80\include\classfile_constants.h.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\ja-jp.xml.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Peacock.htm.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Common Files\System\msadc\es-ES\msadcor.dll.mui.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\TitleButtonIcon.png.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\title_trans_notes.wmv.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\7-Zip\Lang\yo.txt.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Common Files\System\msadc\ja-JP\msadcer.dll.mui.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationRight_SelectionSubpicture.png.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jps.exe.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\ParentMenuButtonIconSubpict.png.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\kinit.exe.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\COPYRIGHT.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\tipresx.dll.mui.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\tipresx.dll.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationLeft_ButtonGraphic.png.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationLeft_SelectionSubpicture.png.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\sysinfo.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaTypewriterBold.ttf.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\7-Zip\Lang\ar.txt.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\DVD Maker\audiodepthconverter.ax.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_select-highlight.png.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationRight_SelectionSubpicture.png.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\ktab.exe.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Common Files\System\ja-JP\wab32res.dll.mui.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Common Files\System\msadc\adcjavas.inc.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\ktab.exe.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\meta-index.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\IpsMigrationPlugin.dll.mui.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\msvcr100.dll.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\shatter.png.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Internet Explorer\Timeline.cpu.xml.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\policytool.exe.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\7-Zip\Lang\zh-cn.txt.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\ShapeCollector.exe.mui.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\InputPersonalization.exe.mui.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrcatsh.dat.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Common Files\System\ado\de-DE\msader15.dll.mui.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Common Files\System\Ole DB\fr-FR\msdasqlr.dll.mui.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-image-mask.png.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\dblook.bat.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\7-Zip\Lang\ja.txt.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu.xml.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipssrb.xml.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Common Files\System\msadc\es-ES\msadcfr.dll.mui.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
File created	C:\Program Files\Common Files\System\msadc\msdaremr.dll.tmp	8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe

C:\Users\Admin\AppData\Local\Temp\8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe
"C:\Users\Admin\AppData\Local\Temp\8b71771750f2dfa69ead8ada455ca35ec29030e00e45a58af4a1f5006a1161b3.exe"
1⤵
- Drops file in Program Files directory
PID:2492

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-330940541-141609230-1670313778-1000\desktop.ini.tmp

Filesize
63KB

MD5
66a6973ff5495885e8f0f9720b1a53b1

SHA1
3d8c62bb03c0d2b8ae207a70929219cf6894d21a

SHA256
c000951d649c34e6ac6d77a32c668b477a8a3480c9fa008a68045cc54fcc67be

SHA512
da80f45beb5ce2b0e5fb45297108c89d8124f247f4e560428cef7e2832a5929ab1dcb3b1b3c9c72e0be231c6ab585c1c66989a5036763f6aadded64b1749280e

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
72KB

MD5
ac8c0024e4c228844adec565d042d56c

SHA1
e2b8e103760d8d31575b2b6b85c451ec4c4c803e

SHA256
b025f3a77f2b46f99aaf5435c8712407b50db6136d63d7f788694151d943bb3c

SHA512
8f739defcc2962f36a9058634bae0d8d915d269c1b07c21cc7f76b543c37275049b78598cfa8b5d5f58a41889c4a27806fdc6bb261f73d7b6d147a7847ed496b

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads