d81f27a43b773757fc9677b41a2aec43efbcb10deb185c2190443249efa077a3

Analysis

max time kernel
150s
max time network
122s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
06/07/2024, 04:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3f06964b4c1cc6a163135618fe2b3510.exe
Size

52KB
MD5

3f06964b4c1cc6a163135618fe2b3510
SHA1

4534c6a8acca3d98a655b7b31c83f0581c737756
SHA256

d81f27a43b773757fc9677b41a2aec43efbcb10deb185c2190443249efa077a3
SHA512

e413b5e8322d55542c650943f8a9bce9daa1500b8bf0b124371e9f058648e93e9527e8aaf10bbdda89cb2fc084738ac5625807b0ae334bf6e4b00331816e112a
SSDEEP

768:W7BlpppARFbhHFoqAJwBqAJw70EXBwzEXBwg:W7ZppAp0

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3453) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightRegular.ttf.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.util_1.0.500.v20130404-1337.jar.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Java\jre7\bin\ktab.exe.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libdmo_plugin.dll.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainBackground_PAL.wmv.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Internet Explorer\en-US\jsprofilerui.dll.mui.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvmstat_ja.jar.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Microsoft Games\Minesweeper\it-IT\Minesweeper.exe.mui.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Common Files\System\ado\msado27.tlb.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\UTC.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Argentina\La_Rioja.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Swift_Current.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\System.Net.Resources.dll.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationLeft_SelectionSubpicture.png.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Microsoft Office\Office14\OLKFSTUB.DLL.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\UIAutomationProvider.resources.dll.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\VideoLAN\VLC\lua\playlist\bbc_co_uk.luac.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_srt_plugin.dll.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\7-Zip\7zFM.exe.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\klist.exe.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\wsdetect.dll.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\artifacts.xml.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\203x8subpicture.png.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libremap_plugin.dll.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\System.Web.Entity.Design.Resources.dll.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ar.pak.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Java\jre7\lib\zi\SystemV\YST9.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_srt_plugin.dll.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSLoc.dll.mui.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-javahelp.xml.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-multiview.xml.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-heapwalker_ja.jar.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\dblook.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Accra.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Berlin.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings.nl_ja_4.4.0.v20140623020002.jar.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ms.pak.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\System.Windows.Presentation.resources.dll.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\requests\playlist.json.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.databinding_1.6.200.v20140528-1422.jar.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\eula.dll.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Tunis.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Madrid.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkClientCP.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Common Files\System\ja-JP\wab32res.dll.mui.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\curtains.png.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_rgb.wmv.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.nl_zh_4.4.0.v20140623020002.jar.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Java\jre7\lib\net.properties.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\micaut.dll.mui.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\com.jrockit.mc.rcp.product_root_5.5.0.165303.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-core.xml.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-modules-appui.xml.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Damascus.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libgrain_plugin.dll.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\IpsMigrationPlugin.dll.mui.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Anchorage.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Bougainville.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Mozilla Firefox\fonts\TwemojiMozilla.ttf.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\VideoLAN\VLC\lua\playlist\liveleak.luac.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-loaders.xml.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationRight_SelectionSubpicture.png.tmp	3f06964b4c1cc6a163135618fe2b3510.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Asuncion.tmp	3f06964b4c1cc6a163135618fe2b3510.exe

C:\Users\Admin\AppData\Local\Temp\3f06964b4c1cc6a163135618fe2b3510.exe
"C:\Users\Admin\AppData\Local\Temp\3f06964b4c1cc6a163135618fe2b3510.exe"
1⤵
- Drops file in Program Files directory
PID:2116

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2737914667-933161113-3798636211-1000\desktop.ini.tmp

Filesize
52KB

MD5
f522fc36f346c0828531dd3a68b85148

SHA1
9c540798402e384f8c71c0917334322025d4a9bb

SHA256
43bf8e0c5cce47ca445625b05ebf644108befe3af284fb4719fdf1ffbdab1596

SHA512
5b76f5d94300ff72b5a765607e4affe2ce2073beaffbc0632f6470a01a57e17b54ce385e977f4954e9172e8b5b8b0cd102cd62318f001e3dd5a647414811c324

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
61KB

MD5
37a048ff511e832c6ce20091a3cf0b02

SHA1
b420ae693af86e0638708bed2c0f971356c2fefe

SHA256
a0c6fce41415519fd60d59f6aa70b63f3b5bf94635eaf7b4f8ae5b2423e8bf18

SHA512
f6604cd7a391aa97aa40658789454f653b7df6a21cc239f24f115ebf3580124119009e0d5056ad97b7f7c7ef18efd5212500bd70d71fe9aa7901c36cd3ecf040

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads