cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb

Analysis

max time kernel
151s
max time network
127s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
06/07/2024, 03:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
Size

63KB
MD5

1ba736588183de99e538b6df3068c705
SHA1

f8f651b5278c41a16cd6111f70d43db037ceefce
SHA256

cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb
SHA512

270482a6c8f62b496fe87ace7df1de5a49eec9ee82f056c06f0641ecedb71851a29ed996ef68b60fef449025ecdfe76f46ab508f54de30897050323729ac162c
SSDEEP

768:W7BlpNLpARFbhblkYlkrt8PWGoPWGqMs1MsR5nd5nyQG+QGCUXqb:W7ZNLpApCZrt8PWGoPWGANdNyko

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (340) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\ink\dicjp.dll.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\micaut.dll.mui.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred.xml.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Common Files\System\wab32res.dll.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMain_PAL.wmv.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\7-Zip\7-zip.dll.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Roses.jpg.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOMessageProvider.dll.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\7-Zip\Lang\sr-spl.txt.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Soft Blue.htm.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrusalm.dat.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\dotslightoverlay.png.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\1047x576black.png.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\7-Zip\Lang\sa.txt.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Cave_Drawings.gif.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Common Files\System\Ole DB\en-US\sqloledb.rll.mui.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_PreComp_MATTE_PAL.wmv.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationUp_SelectionSubpicture.png.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ur.pak.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\TipTsf.dll.mui.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push_item.png.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\fil.pak.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\7-Zip\Lang\uz.txt.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\mshwgst.dll.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Common Files\System\Ole DB\en-US\msdasqlr.dll.mui.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Common Files\System\Ole DB\de-DE\msdasqlr.dll.mui.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationRight_ButtonGraphic.png.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Scene_loop.wmv.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\TitleButtonSubpicture.png.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-ImageMask.png.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationRight_ButtonGraphic.png.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\grid_(cm).wmf.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\InputPersonalization.exe.mui.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee100.tlb.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_VideoInset.png.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\sr.pak.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\FlickLearningWizard.exe.mui.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrenalm.dat.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsrom.xml.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Common Files\System\Ole DB\fr-FR\oledb32r.dll.mui.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\DVD Maker\en-US\WMM2CLIP.dll.mui.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\pt-PT.pak.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\correct.avi.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred\oskpredbase.xml.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\imjplm.dll.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Common Files\System\msadc\fr-FR\msadcer.dll.mui.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\PassportMask.wmv.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\WidevineCdm\_platform_specific\win_x64\widevinecdm.dll.sig.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Memo.emf.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\DVD Maker\Shared\Common.fxh.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-back-static.png.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Notes_loop_PAL.wmv.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_scrapbook_Thumbnail.bmp.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\delete.avi.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\auxbase.xml.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Common Files\System\msadc\ja-JP\msdaremr.dll.mui.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\scrapbook.png.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\et.pak.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\join.avi.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\micaut.dll.mui.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Common Files\System\msadc\ja-JP\msaddsr.dll.mui.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ml.pak.tmp	cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe

C:\Users\Admin\AppData\Local\Temp\cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe
"C:\Users\Admin\AppData\Local\Temp\cfecffd67f68b57c5d2f0033b49666f94a9f9d5de0db4f28edd8df0f66e18adb.exe"
1⤵
- Drops file in Program Files directory
PID:2336

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2212144002-1172735686-1556890956-1000\desktop.ini.tmp

Filesize
63KB

MD5
3499d47cdc97b9e61e408561783f028b

SHA1
d30f0788f88d1b7b6af3d024827dd1911891eb8e

SHA256
076f1143af3bf1223d90f39e7e3de1eaf460ea717328a020d0a4bf01e53a228c

SHA512
b4c12f50c4a5d464788f7b574c0cebb70bb5e915f6c402be25f34201075cf4cb8c8651980ddc6f47e3876961be8b6b9eb8b3a2b4e3e513e10877bf3b6b6ebd01

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
72KB

MD5
1d6995a0bfb6584d9b997aca38b8914a

SHA1
7e772edf166d5fdc5227596f0ddfebf017da57ce

SHA256
710105442e7651a86ed81952646f5f5cdca23617bf4b7470a06d81efa725e40b

SHA512
6c7011c45a9081d804b78c120a95efa767673983371397e77fcbc105955001be0e734d59ba14547ad40180efff9fc10241e509db0f5b258dd7b6203cabfc363b

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads