b56008cb24ff28395c5e24d1e2c300343a0fabaae054e85967760468dd0f3eb0

Analysis

max time kernel
120s
max time network
16s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
15/07/2024, 08:49

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b4456864a8c13adeeacd74f7662c3f60N.exe
Size

72KB
MD5

b4456864a8c13adeeacd74f7662c3f60
SHA1

a8040b83bc4eade6de980bae3f7a889870c229f0
SHA256

b56008cb24ff28395c5e24d1e2c300343a0fabaae054e85967760468dd0f3eb0
SHA512

7a5257f54c087da591e4ac4b56cb71c7205afe4c4aa4fc32a5240cb4c9309f4c154e4e9dea228aa87e2b4a70571cd76477e46271650bd6584f309e9178f513c8
SSDEEP

1536:W7ZhA7pApMaxB4b0CYJ97lEVqNR7Yge+ejy0Wjy0WY:6e7WpMaxeb0CYJ97lEYNR73e+eGGY

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (313) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\tabskb.dll.mui.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_selectionsubpicture.png.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\Common Files\System\msadc\it-IT\msadcfr.dll.mui.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\play-static.png.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\et.pak.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\hi.pak.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\InputPersonalization.exe.mui.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\mshwLatin.dll.mui.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Pretty_Peacock.jpg.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\Common Files\System\ado\msado20.tlb.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\DVD Maker\SecretST.TTF.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\ApproveImport.mpeg.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Bear_Formatted_MATTE2_PAL.wmv.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-previous-static.png.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\scene_button_style_default_Thumbnail.bmp.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationUp_SelectionSubpicture.png.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_INTRO_BG.wmv.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\7-Zip\Lang\vi.txt.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\7-Zip\Lang\es.txt.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\rtscom.dll.mui.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationUp_ButtonGraphic.png.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ms.pak.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\th.pak.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\7-Zip\readme.txt.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\AssertRead.vstm.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\InkWatson.exe.mui.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web.xml.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\pushplaysubpicture.png.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\7-Zip\7-zip.chm.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\mshwjpnr.dll.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Cave_Drawings.gif.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_SelectionSubpictureA.png.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\gu.pak.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\7-Zip\Lang\sq.txt.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationLeft_ButtonGraphic.png.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-ImageMask.png.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\vistabg.png.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\d3dcompiler_47.dll.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrfrash.dat.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\Common Files\System\msadc\de-DE\msadcer.dll.mui.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\ConnectNew.odt.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\DVD Maker\it-IT\DVDMaker.exe.mui.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-border.png.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\tipresx.dll.mui.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\TipRes.dll.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\fr-FR\MSTTSLoc.dll.mui.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\Common Files\System\ado\msader15.dll.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\ShapeCollector.exe.mui.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\SoftBlue.jpg.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\sports_disc_mask.png.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_INTRO_BG.wmv.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push.png.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\FlickLearningWizard.exe.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\Common Files\System\msadc\es-ES\msdaprsr.dll.mui.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-back-static.png.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\huemainsubpicture2.png.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Genko_1.emf.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\Common Files\System\ado\msado15.dll.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\Common Files\System\Ole DB\msdaosp.dll.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\203x8subpicture.png.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\7-Zip\Lang\is.txt.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\mip.exe.mui.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Roses.jpg.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationRight_ButtonGraphic.png.tmp	b4456864a8c13adeeacd74f7662c3f60N.exe

C:\Users\Admin\AppData\Local\Temp\b4456864a8c13adeeacd74f7662c3f60N.exe
"C:\Users\Admin\AppData\Local\Temp\b4456864a8c13adeeacd74f7662c3f60N.exe"
1⤵
- Drops file in Program Files directory
PID:2544

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2212144002-1172735686-1556890956-1000\desktop.ini.tmp

Filesize
72KB

MD5
737a8fd5cca5c1e1c2f3583708bb9d8d

SHA1
c85af6b77bece3aa53a5c10b582831ab5e76f0ac

SHA256
d586585aa6b0bfb473b48d96e0b2cb56b5bbfe303f8975a6810f3382ca25ec8e

SHA512
75902e236d391069490a316f6740de53b0998faa98745039c0176272c323cdda00d614e4a268c8eadd8f767fd261375bb0e07dfda8f019fcc92202c5358cc057

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
81KB

MD5
662b87cbfa0477519b63fe456b9c8901

SHA1
b122cf9b938a059030757800f01c05bf5c96e88b

SHA256
2ef122541e5ddf4f8b54571618ac9a2679d9466baf959cc8bcc0d58b583db952

SHA512
05d1a960024e23d92c20cc0580ed6e018847865cd46991a3d37859eea8275fbb9dc00408b94a28a32889694e7155f13b994d1d8110948fd3f35c6f756a741bd8

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads