776b9990b6bda6227288f24f0323c98a0b83720eea0f3a395bf51dc11ad5824d

Analysis

max time kernel
120s
max time network
18s
platform
windows7_x64
resource
win7-20240705-en
resource tags

arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
submitted
14/07/2024, 21:55

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
Size

74KB
MD5

2a74cfe0f69b98c3db124ba4afaf8fa0
SHA1

31c52cca2deff9b8db4ed6ee66ae949a1c62c7e8
SHA256

776b9990b6bda6227288f24f0323c98a0b83720eea0f3a395bf51dc11ad5824d
SHA512

af878c9aad131108f9bbdf2ee058f9d6720be5286f041416e0c187f7cc8f77e85c8dc9dea686b5440379e656fcc5cd1a975bb4c05e126ad60d880e0ce1192908
SSDEEP

1536:W7ZDpApYbWjIoPyPoLzV7c6ShZJ99J9ks:6DWprs

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3227) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\java_crw_demo.dll.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Auckland.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Mozilla Firefox\default-browser-agent.exe.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Yakutsk.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.historicaldata_5.5.0.165303.jar.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.felix.gogo.runtime_0.10.0.v201209301036.jar.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.app_1.3.200.v20130910-1609.jar.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\PresentationFramework.resources.dll.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\7-Zip\Lang\sr-spc.txt.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\InkObj.dll.mui.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Inuvik.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Cape_Verde.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.repository_2.3.0.v20131211-1531.jar.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Extensions.Design.dll.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-previous-static.png.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Internet Explorer\en-US\ieinstal.exe.mui.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\EST5.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\YST9.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\MET.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.security_8.1.14.v20131031.jar.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Indian\Maldives.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Microsoft Games\FreeCell\FreeCellMCE.lnk.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.artifact.repository.nl_ja_4.4.0.v20140623020002.jar.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Java\jre7\lib\fontconfig.properties.src.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Chisinau.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libscte27_plugin.dll.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-image-mask.png.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fontconfig.properties.src.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Ashgabat.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\feature.properties.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\7-Zip\Lang\pt-br.txt.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Java\jre7\THIRDPARTYLICENSEREADME-JAVAFX.txt.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\es\WindowsFormsIntegration.resources.dll.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-10.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-visual_ja.jar.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Port_Moresby.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\VideoLAN\VLC\lua\playlist\koreus.luac.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\blackbars80.png.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMainMask_PAL.wmv.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-swing-tabcontrol.xml.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT-4.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\7-Zip\Lang\gl.txt.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_MATTE_PAL.wmv.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\css\blafdoc.css.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Roses.htm.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\fa.pak.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Mazatlan.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\extcheck.exe.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.util_8.1.14.v20131031.jar.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-sampler.jar.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Java\jre7\lib\fontconfig.bfc.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrcatsh.dat.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\mshwjpnr.dll.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\MEIPreload\preloaded_data.pb.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Internet Explorer\MemoryAnalyzer.dll.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\button-highlight.png.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_es.jar.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.di.extensions_0.12.0.v20140417-2033.jar.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Johannesburg.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Mozilla Firefox\api-ms-win-crt-string-l1-1-0.dll.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\native2ascii.exe.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Stucco.gif.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_VideoInset.png.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler_ja.jar.tmp	2a74cfe0f69b98c3db124ba4afaf8fa0N.exe

C:\Users\Admin\AppData\Local\Temp\2a74cfe0f69b98c3db124ba4afaf8fa0N.exe
"C:\Users\Admin\AppData\Local\Temp\2a74cfe0f69b98c3db124ba4afaf8fa0N.exe"
1⤵
- Drops file in Program Files directory
PID:2368

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3502430532-24693940-2469786940-1000\desktop.ini.tmp

Filesize
75KB

MD5
5840a3992ea818e60f8220eece791a23

SHA1
1d0b1e537de76043f985800d4069e31212d75bd4

SHA256
e87a7370363fc869d06c09b4213768f747aa663790e4448546617330bcc755f1

SHA512
854145f72500349fc428c2edf0d284686db4fb4f96a3053c1cccdd3f84861395ccfd0b8cd66904e912c01da3e59a35aa6da69c8594ea43a24219de9412f5eb20

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
83KB

MD5
ceba068c618f7fad0560ca5e602c0808

SHA1
d0865d35486c522c238e1bf55833aeebe93de8fa

SHA256
dab9fca1734bc81f9cfe38ecf648b603c98f92b73bfc6e9dd49523a1a7a618ee

SHA512
c2d9c35373d92c69b88e69927e2baa0a84c1242d607ffd5b625345c0973947e1e519d1300f4d88a13514357e203a64cecdd0318ce5ef4eabd9fcc8ce13ee01fa

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads