25c6c79dbf5b85ca60e0a9f88c7761c8904d4dc8ad1a3c71acf37aa6ccf5f9a2

Analysis

max time kernel
149s
max time network
122s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
09/07/2024, 02:43

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

22a12e1b43b029017b1f3875d3d38d10N.exe
Size

31KB
MD5

22a12e1b43b029017b1f3875d3d38d10
SHA1

ea1758c84394f8a4526a25812beab1b974facd2e
SHA256

25c6c79dbf5b85ca60e0a9f88c7761c8904d4dc8ad1a3c71acf37aa6ccf5f9a2
SHA512

70f3b9d1ce9514ed8ff133002bad5f741e84795578d6d5d560fbbada0245fb5faf2c33a7c95d319c68154dff22525148d36d25fd7cfa69c29ed4740fda8bcce8
SSDEEP

384:GBt7Br5xjL9AgA71FbhvuNBNUl9FHljFnl9FHljFK:W7BlpppARFbhlFlF/FlFK

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3797) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\ACETXT.DLL.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\7-Zip\Lang\pt-br.txt.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Whitehorse.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-uihandler.xml.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\VDK10.STP.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Athens.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Microsoft Games\More Games\ja-JP\MoreGames.dll.mui.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Mozilla Firefox\api-ms-win-crt-heap-l1-1-0.dll.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\WindowsFormsIntegration.dll.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\7-Zip\Lang\uk.txt.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\feature.properties.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui_3.106.0.v20140812-1751.jar.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-awt.xml.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_av1_plugin.dll.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\13.png.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\12.png.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_VideoInset.png.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Page.wmv.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\feature.properties.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libavi_plugin.dll.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Mozilla Firefox\api-ms-win-crt-process-l1-1-0.dll.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1253.TXT.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwresplm.dat.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipssve.xml.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\JdbcOdbc.dll.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Hebron.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\es-ES\css\calendar.css.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_top_right.png.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\en-US\gadget.xml.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\blackbars80.png.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\mlib_image.dll.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk_1.0.300.v20140407-1803.jar.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_dirac_plugin.dll.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\control\liboldrc_plugin.dll.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Windows Media Player\es-ES\WMPMediaSharing.dll.mui.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\fr-FR\gadget.xml.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\AUMProduct.aup.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\7-Zip\Lang\nl.txt.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\DVD Maker\fr-FR\WMM2CLIP.dll.mui.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.theme.nl_ja_4.4.0.v20140623020002.jar.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.win32.nl_ja_4.4.0.v20140623020002.jar.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files (x86)\Common Files\microsoft shared\ink\fr-FR\micaut.dll.mui.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jfxwebkit.dll.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\PST8PDT.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\.lock.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\es-ES\css\settings.css.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\VideoLAN\VLC\locale\ar\LC_MESSAGES\vlc.mo.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_highlight-soft_75_ffe45c_1x100.png.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\it-IT\css\cpu.css.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_foggy.png.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-api_ja.jar.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-core-output2.xml_hidden.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Kabul.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\VideoLAN\VLC\hrtfs\dodeca_and_7channel_3DSL_HRTF.sofa.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviewers.gif.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\System.Data.DataSetExtensions.Resources.dll.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_cdg_plugin.dll.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libadjust_plugin.dll.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\drag.png.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\orbd.exe.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh87.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Yerevan.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Microsoft Games\Chess\ChessMCE.lnk.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_partly-cloudy.png.tmp	22a12e1b43b029017b1f3875d3d38d10N.exe

C:\Users\Admin\AppData\Local\Temp\22a12e1b43b029017b1f3875d3d38d10N.exe
"C:\Users\Admin\AppData\Local\Temp\22a12e1b43b029017b1f3875d3d38d10N.exe"
1⤵
- Drops file in Program Files directory
PID:2316

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3294248377-1418901787-4083263181-1000\desktop.ini.tmp

Filesize
31KB

MD5
319f7b0398c18c66a9d73913fcb2db68

SHA1
08da63ee3c535beb2be28449eb8d9ace7dfdab51

SHA256
5e8beca7fe215c2df688102ffcdc3d72fafb133c8a3fac2c4aae6c906317ef4f

SHA512
5e4c4c52cea0539939bdbea6fbeec3f62c9128dff5ea68793cccb4ceeebaf32660b41355c6a1c0f1107a9075a3a82ab5ad2185d5b7ca8451eee092d31ee27157

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
40KB

MD5
6482ed85b7748680cdef52f6894bd970

SHA1
24aa14bba58574e81c9b3d4fd84f8c5ddfd45002

SHA256
14b0647690727512f6975e164d8ef2f3b24216dfcca4797a7a14bb3deb894fd1

SHA512
110cb9ae5f51fa6e3ff05cdb2a5d486c38dbf4676dce00a5b7d21c0aa052de26a59d33fd86a16fe3ecf79c2c96d0ef06b4add4de4475bd06bc142feacecfe328

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads