35da5e1d14be5ab52a9130d72241b76a99b3a60850b0825bd9d9468001051b16

Analysis

max time kernel
120s
max time network
16s
platform
windows7_x64
resource
win7-20240705-en
resource tags

arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
submitted
16-07-2024 01:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

46be54da9d7c3719b6368e37c121c8a0N.exe
Size

120KB
MD5

46be54da9d7c3719b6368e37c121c8a0
SHA1

7a8067053c93642745b4bd5530b3249a0ac1a09c
SHA256

35da5e1d14be5ab52a9130d72241b76a99b3a60850b0825bd9d9468001051b16
SHA512

b25a38a7de84be8256170fe26ca858910c18174f752ba1040137841ec4db9be2475bf5744e2e96687d91b8b128f94a6953a344e8dd71074649acdc2c65317fa2
SSDEEP

768:W7BlpQpARFbh2UM/zX1vqX1vLFgjfoA9wHpyc3ctuMpAbALeksSstPKWcGaIFR5s:W7ZQpApR5C+332nhnz

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (2846) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\jre\LICENSE.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-spi-actions_zh_CN.jar.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Hovd.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Java\jre7\lib\zi\SystemV\MST7.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Common Files\System\msadc\ja-JP\msadcfr.dll.mui.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-border.png.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\dragHandle.png.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-javahelp.xml.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Mozilla Firefox\browser\features\[email protected]	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\de\System.Web.Entity.Resources.dll.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Hand Prints.htm.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\DVD Maker\Shared\Filters.xml.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Abstractions.dll.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\java.exe.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\mix.gif.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\MEIPreload\preloaded_data.pb.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dubai.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Singapore.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\epl-v10.html.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.commands_0.10.2.v20140424-2344.jar.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Africa\Nairobi.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\curtains.png.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\uk.pak.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT-13.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Java\jre7\bin\net.dll.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Tashkent.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-modules_zh_CN.jar.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\accessibility.properties.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Jamaica.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-masterfs.jar.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipshrv.xml.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Common Files\System\ado\adojavas.inc.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Java\jre7\bin\t2k.dll.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Microsoft Games\Purble Place\es-ES\PurblePlace.exe.mui.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\7-Zip\7-zip.chm.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-back-static.png.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\af.pak.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Cape_Verde.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Broken_Hill.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\toc.gif.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.sat4j.pb_2.3.5.v201404071733.jar.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Notes_btn-back-static.png.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_videoinset.png.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Internet Explorer\iediagcmd.exe.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.nl_ja_4.4.0.v20140623020002.jar.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\README.txt.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Australia\Currie.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Microsoft Games\Hearts\en-US\Hearts.exe.mui.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrenclm.dat.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\bn.pak.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-sampler.xml.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\META-INF\MANIFEST.MF.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.ecore.xmi_2.10.1.v20140901-1043.jar.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Java\jre7\lib\jfr\default.jfc.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Indian\Mahe.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Common Files\System\msadc\it-IT\msdaremr.dll.mui.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\navSubpicture.png.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Mendoza.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\win7TSFrame.png.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-execution.jar.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe
File created	C:\Program Files\Mozilla Firefox\libEGL.dll.tmp	46be54da9d7c3719b6368e37c121c8a0N.exe

C:\Users\Admin\AppData\Local\Temp\46be54da9d7c3719b6368e37c121c8a0N.exe
"C:\Users\Admin\AppData\Local\Temp\46be54da9d7c3719b6368e37c121c8a0N.exe"
1⤵
- Drops file in Program Files directory
PID:2084

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2660163958-4080398480-1122754539-1000\desktop.ini.tmp

Filesize
120KB

MD5
3ab4433ac706a2ec3e75e308791b14bf

SHA1
c1877d4a8ca81eacc6dfee4529d573842bb561c1

SHA256
36077c60ae79380c82630399305381ff17e7b71e9c1266a2ceba5f697c861e36

SHA512
943a50a5d77af34a529fc47f9df51ea03ebd08ef33d4012403831c65daf7d114dc8182a07d6b9a27e9f7842afffe7277995fb126a3185ef07f489bc5df06ac01

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
129KB

MD5
f255dc4d017677076f2106fd1e480721

SHA1
6e71998de507a5f002088f7715a0959b60aca7f4

SHA256
a8bbdd635c63044b14875d54b7d9de5a7a381ebfd9079fbc2e1e04c1e23b95dc

SHA512
c98f200e7d30806140deb5a2235e4a02070bb6cfa4fbb5bd9d2860c0e30214c76041df41f14b3d9d4719eb33ce2615415b10f8b59889846c64db52968b0c1098

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads