a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8

Analysis

max time kernel
150s
max time network
123s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
04/07/2024, 01:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
Size

94KB
MD5

f4704169a51f7d56c6bf7fd4764a2dd6
SHA1

47157b32141fcde8f7df56f39ac2243a7c15f09e
SHA256

a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8
SHA512

bbffab974ed2b2f09826614908f4f1e76cafe6755ffd3195dc28a3ba4701333f25556f4c9f73e268371ffd104823c9f060002dda0330b0f105cc96f38e10b941
SSDEEP

1536:W7ZhA7pApMaxB4b0CYJ97lEVqNR7Yge+eJG/x/HfFpsJOfFpsJb:6e7WpMaxeb0CYJ97lEYNR73e+eKZHfFW

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3438) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-masterfs-nio2.xml.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-keymap_ja.jar.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Java\jre7\lib\security\javafx.policy.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\IpsMigrationPlugin.dll.mui.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Common Files\Microsoft Shared\MSInfo\ja-JP\msinfo32.exe.mui.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Common Files\System\msadc\it-IT\msdaprsr.dll.mui.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToScenesBackground.wmv.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.alert.ja_5.5.0.165303.jar.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Belize.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libmft_plugin.dll.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-hot.png.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Amman.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.operations_2.4.0.v20131119-0908.jar.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.nl_ja_4.4.0.v20140623020002.jar.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-settings_ja.jar.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Windows Mail\es-ES\msoeres.dll.mui.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Common Files\System\msadc\ja-JP\msadcer.dll.mui.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Microsoft Games\More Games\de-DE\MoreGames.dll.mui.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Windows Journal\de-DE\jnwdui.dll.mui.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\VideoLAN\VLC\uninstall.exe.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-profiler.xml.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Java\jre7\lib\zi\WET.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_m.png.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\7-Zip\Lang\pt.txt.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\ShadesOfBlue.jpg.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.swt_0.12.100.v20140530-1436.jar.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.reconciler.dropins_1.1.200.v20131119-0908.jar.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-core.xml.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-utilities_zh_CN.jar.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\VideoLAN\VLC\locale\eu\LC_MESSAGES\vlc.mo.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libflacsys_plugin.dll.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Havana.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_a52_plugin.dll.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\xjc.exe.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Chisinau.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-javahelp.xml.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\shatter.png.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Guam.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Microsoft Games\More Games\ja-JP\MoreGames.dll.mui.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_settings.png.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\de\System.Data.Services.Client.resources.dll.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\VideoLAN\VLC\locale\nn\LC_MESSAGES\vlc.mo.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Internet Explorer\DiagnosticsTap.dll.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+9.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.swt.nl_ja_4.4.0.v20140623020002.jar.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Java\jre7\lib\zi\Atlantic\Canary.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Backgammon\it-IT\bckgzm.exe.mui.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\redmenu.png.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationLeft_ButtonGraphic.png.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\feature.xml.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Java\jre7\lib\zi\Africa\Lagos.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\System.Data.Linq.Resources.dll.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_ko_KR.jar.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\ssv.dll.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Bangkok.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\Microsoft.Build.Utilities.v3.5.resources.dll.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Miquelon.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Chita.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Common Files\System\ado\msado25.tlb.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Java\jdk1.7.0_80\include\jni.h.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\feature.xml.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\plugin.properties.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\Java\jre7\lib\jfr.jar.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
File created	C:\Program Files\VideoLAN\VLC\axvlc.dll.tmp	a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe

C:\Users\Admin\AppData\Local\Temp\a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe
"C:\Users\Admin\AppData\Local\Temp\a68154a68904d3dc56223cc8b292d14d4f16320da23740c8541130c3fe22a0b8.exe"
1⤵
- Drops file in Program Files directory
PID:2308

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2721934792-624042501-2768869379-1000\desktop.ini.tmp

Filesize
94KB

MD5
7f5ee8e3a61e0d9b2e78db41637dbe25

SHA1
d984e42959970fec4760ceb9f2d2ac426cf7b7df

SHA256
4323b8753f6681acfab0664ccee116bf653c4721523fa81d2bd3491b27e7bd67

SHA512
74f54df9c0a293991d1dea88fe61f6b30e8a1ac3cd334ad5b843304355d5fe19b281d5eb9a803f97f6566e214346f09a8c978839afb438b1aa97d9cc5c16d2b4

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
103KB

MD5
810f69c41f64730f2b90909fd08a61dc

SHA1
f431520a445db2acd10ae7f2ec66ae3677a8fe89

SHA256
2e965827ccc5ae50285d1a133dcc7c82e7cd4f35f6216d06837fe16d489c1dc5

SHA512
28f53757c7a02a8324a274d3cbd260575accf0cb912d600274b1822a33d4825b18e0bf8967aeddf64138488934453bee7d974a652e37dbfba11db576e85ae9b8

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads