2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f

Analysis

max time kernel
150s
max time network
124s
platform
windows7_x64
resource
win7-20240705-en
resource tags

arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
submitted
09/07/2024, 20:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
Size

51KB
MD5

be0be87b345bb13082632c2da0d9ca3f
SHA1

ed5894a79e1edf94bdc30c1b4b98a5a8446389c7
SHA256

2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f
SHA512

049976adf13f9e69e63d5ad23e96a17e3a698b9c60432cbd33e9614c27980a2b225e702d0c0126238202068281d74ec384049ba8cd2e3375cd01f2b6f14a6665
SSDEEP

384:yBs7Br5xjL8AgA71FbhvgYJfPg7JDYJfPg7J8SqS9CDdeKCDdeO:/7BlpQpARFbhIYJIJDYJIJwd8dn

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3156) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jre7\lib\zi\America\Indiana\Tell_City.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\VideoLAN\VLC\locale\mn\LC_MESSAGES\vlc.mo.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Common Files\Microsoft Shared\MSInfo\es-ES\msinfo32.exe.mui.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\DVD Maker\en-US\OmdProject.dll.mui.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr.jar.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-favorites.xml.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Java\jre7\lib\cmm\sRGB.pf.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Tegucigalpa.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\VideoLAN\VLC\locale\ca\LC_MESSAGES\vlc.mo.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationRight_ButtonGraphic.png.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\prism-d3d.dll.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Grand_Turk.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-util.xml.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-favorites.jar.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Almaty.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT+2.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\tzmappings.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\eclipse_update_120.jpg.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSLoc.dll.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\jawt.lib.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\de\WindowsBase.resources.dll.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-ui.jar.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Java\jre7\lib\zi\GMT.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationProvider.dll.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\dialogs\equalizer_window.html.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-execution.jar.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Chatham.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\javac.exe.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.widgets_1.0.0.v20140514-1823.jar.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-loaders.jar.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\VideoLAN\VLC\locale\uz\LC_MESSAGES\vlc.mo.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationLeft_ButtonGraphic.png.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\blackbars80.png.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jrunscript.exe.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Ulaanbaatar.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\ct.sym.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.ds_1.4.200.v20131126-2331.jar.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Mozilla Firefox\plugin-container.exe.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Notebook.jpg.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationLeft_ButtonGraphic.png.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Java\jdk1.7.0_80\include\jvmticmlr.h.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\day-of-week-16.png.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\org-netbeans-core-windows_visualvm.jar.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\CsiSoap.dll.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_ButtonGraphic.png.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Java\jre7\bin\policytool.exe.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Backgammon\de-DE\bckgRes.dll.mui.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\af.pak.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-coredump_ja.jar.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs_zh_CN.jar.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Common Files\System\msadc\es-ES\msadcfr.dll.mui.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_wer.dll.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationRight_SelectionSubpicture.png.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\1423861240389.profile.gz.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-heapwalker.jar.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Java\jre7\lib\deploy\messages_zh_TW.properties.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libcompressor_plugin.dll.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\15x15dot.png.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsNotesBackground.wmv.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Ashgabat.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\VideoLAN\VLC\locale\gl\LC_MESSAGES\vlc.mo.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols.xml.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyNotesBackground_PAL.wmv.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\TipBand.dll.mui.tmp	2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe

C:\Users\Admin\AppData\Local\Temp\2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe
"C:\Users\Admin\AppData\Local\Temp\2ecb670edec0f2510a511c31f4464d4824623375234868165c26e67aa155a75f.exe"
1⤵
- Drops file in Program Files directory
PID:2692

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2660163958-4080398480-1122754539-1000\desktop.ini.tmp

Filesize
52KB

MD5
8ee37ee25253b88a04be1ea9e0abef9a

SHA1
840ca530099241d2b8fd3b7e183c9cde2effa432

SHA256
2a23a531b240130b8ade9b1ada760e4e0cc61dff7b7341cd484415c35087bbba

SHA512
04d1ea8707c95c4912d29ffd9c8a5a896684578a34dd5cce969dcb304219da78e620ee957e8290651ed61e821bf3e3bb63e19679ddc6d7ea656ddafab7a6939f

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
61KB

MD5
239272bf02c5565b35d1cd51bd02561d

SHA1
7e8da265277989cd3dca49f37fc21e1c2555e805

SHA256
c9a62fc9bb692a17d3b13bcdf1e89c8f66e5a888dd9e6b3a382f0739bfec20c5

SHA512
a67d9c012262051052bda47dc3580b0040b0e4f2120abbcaf027a1b6b78174508914ac7f613f04f099ba48b2f4a9a033eb9426afa692932c142a8409dba90ec4

Download Submit
memory/2692-0-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads