9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1

Analysis

max time kernel
150s
max time network
122s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
29/06/2024, 00:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
Size

64KB
MD5

4d079b2af55ad4cf1d8a67f9d1c7efc5
SHA1

a69e4c613451b8d447a81fe3a1d498b77e1b428a
SHA256

9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1
SHA512

73db819f77de559b342e564662b66b88e70a2f157783395f1a80771ff5b3911e26155e268aad533ba2767d9de3f76a8d48cd926dfb9800d759ebb0aaf9ef6384
SSDEEP

768:W7BlpppARFbhWJq5nosMosToFRaKAJu3hh4RaKAJu3hhY:W7ZppApF5noZo4oRhChS

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3500) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Windows Media Player\es-ES\wmlaunch.exe.mui.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\7-Zip\Lang\gl.txt.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\VideoLAN\VLC\skins\fonts\FreeSansBold.ttf.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\VideoLAN\VLC\lua\modules\sandbox.luac.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Windows Sidebar\ja-JP\Sidebar.exe.mui.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\TipTsf.dll.mui.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\pl.pak.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\updater.jar.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_snow.png.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrdeulm.dat.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Funafuti.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libwave_plugin.dll.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiling_ja.jar.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\25.png.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Title_Page_Ref.wmv.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Havana.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Macau.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+6.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\feature.properties.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Java\jre7\bin\policytool.exe.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\System.Data.Services.resources.dll.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\it-IT\css\flyout.css.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee100.tlb.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Bear_Formatted_RGB6_PAL.wmv.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Bogota.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Recife.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Java\jre7\lib\zi\HST.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-first-quarter_partly-cloudy.png.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Dot.png.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Darwin.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.nl_zh_4.4.0.v20140623020002.jar.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-loaders.xml.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler-common.xml.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirect3d11_plugin.dll.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base.xml.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_videoinset.png.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.nl_ja_4.4.0.v20140623020002.jar.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\PresentationBuildTasks.resources.dll.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Windows Media Player\ja-JP\WMPSideShowGadget.exe.mui.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\settings.js.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Vostok.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.ecore.change_2.10.0.v20140901-1043.jar.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-awt.jar.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-options-api.xml.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs-nio2_zh_CN.jar.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\spu\libmosaic_plugin.dll.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libswscale_plugin.dll.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\7-Zip\Lang\yo.txt.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrdeslm.dat.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf_3.4.0.v20140827-1444.jar.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\CST6.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-util.xml.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\VideoLAN\VLC\lua\sd\icecast.luac.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\VideoLAN\VLC\skins\skin.catalog.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\es-ES\js\calendar.js.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\FlickLearningWizard.exe.mui.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\1047x576black.png.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jvisualvm.exe.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\it-IT\css\calendar.css.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Helsinki.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.swt.nl_ja_4.4.0.v20140623020002.jar.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Java\jre7\lib\deploy\messages_de.properties.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
File created	C:\Program Files\Java\jre7\lib\zi\Africa\Accra.tmp	9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe

C:\Users\Admin\AppData\Local\Temp\9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe
"C:\Users\Admin\AppData\Local\Temp\9382fb6bc68cbad54f393f79665b7d696e2711c31b883564611d5fb00cb645d1.exe"
1⤵
- Drops file in Program Files directory
PID:1244

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3691908287-3775019229-3534252667-1000\desktop.ini.tmp

Filesize
64KB

MD5
3dfc2d698f4a8fa1860d9def33a3e315

SHA1
e26cdc10d3cdbf7ac90cccc151bfd312a6000cd2

SHA256
9c7c2bf1b679729e0bfd1f86eb98b8249b27f41f05f7cc152db84793db0f55b9

SHA512
4f55449c9144a8c45a18340822eafcfba46ed2faab9f6618ae228d7c0310e755612031a021a3483f51ac73677c99add88844e530c6c57a7856d1e3da9c456ebb

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
73KB

MD5
c2fc151410550246a47de94a0e79fe63

SHA1
a3e77dca62d5d0b07531ffe034032e89aa5ca85e

SHA256
a894df753fab9a2aa33b229fa80e2fd3d0ef412519ab2c7a4cf133140364ab53

SHA512
a8439105e1162215030c55218a71c82ade522010078a2b58bf6bc073b660f3f4d9e4841de5e55b3339917ceb8d2e933a9e657789bde9ed22c3332fc3c9ff87fa

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads