5b01ec788e35a13f72a8f6b541565def1c44111557e88280f7207dc867c87669

Analysis

max time kernel
120s
max time network
18s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
19-07-2024 20:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
Size

62KB
MD5

0693f8405360bbb3ba8b0d6fd6c28ca0
SHA1

06df6f157749fccc6e734657aac48fe60f138640
SHA256

5b01ec788e35a13f72a8f6b541565def1c44111557e88280f7207dc867c87669
SHA512

7fca9381c7edfa6381232dbc79b26a53a386d84d4fec097c7d89a39582ca8a7c85da7d712c8f30586401d3f388d702b64de609ea290c07a6e26ae807b4844095
SSDEEP

384:GBt7Br5xjL9AgA71FbhvuNBNsjLKoWFKryoWFKrRYKYzfZdfZycTEvd5BvhzaM91:W7BlpppARFbhWJq5ovYcTEXBwzEXBw6

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (406) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\7-Zip\Lang\mng.txt.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrcatsh.dat.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwresmlm.dat.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-border.png.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\lv.pak.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\7-Zip\Lang\uz.txt.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu\oskmenubase.xml.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Month_Calendar.emf.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\Common Files\System\msadc\msdarem.dll.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_travel_Thumbnail.bmp.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\15x15dot.png.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\7-Zip\Lang\da.txt.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\7-Zip\Lang\ru.txt.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred.xml.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Memo.emf.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\Common Files\System\Ole DB\msxactps.dll.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\ConvertInitialize.nfo.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\Google\Chrome\Application\chrome_proxy.exe.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\pack200.exe.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\Common Files\System\Ole DB\sqlxmlx.rll.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainBackground.wmv.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\NextMenuButtonIcon.png.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationRight_SelectionSubpicture.png.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\Internet Explorer\msdbg2.dll.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\Internet Explorer\Timeline.cpu.xml.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\Common Files\System\msadc\en-US\msadcer.dll.mui.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_VideoInset.png.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_postage_Thumbnail.bmp.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\bn.pak.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\DVD Maker\de-DE\OmdProject.dll.mui.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationUp_ButtonGraphic.png.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ca.pak.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Filters\VISFILT.DLL.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrenalm.dat.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\TipBand.dll.mui.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\720x480icongraphic.png.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPOBJS.DLL.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\Common Files\System\ado\en-US\msader15.dll.mui.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationUp_ButtonGraphic.png.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsen.xml.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\th-TH\tipresx.dll.mui.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationLeft_ButtonGraphic.png.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_glass_Thumbnail.bmp.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\mip.exe.mui.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\Common Files\System\Ole DB\ja-JP\oledb32r.dll.mui.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_highlights_Thumbnail.bmp.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\Internet Explorer\perf_nt.dll.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\DVD Maker\Shared\Filters.xml.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ru.pak.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\7-Zip\Lang\sq.txt.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-delete.avi.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\ja-jp.xml.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\Common Files\System\Ole DB\oledbvbs.inc.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\content-foreground.png.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\1047x576black.png.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\extcheck.exe.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_ca.xml.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\ShapeCollector.exe.mui.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\MSInfo\es-ES\msinfo32.exe.mui.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-shadow.png.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\7-Zip\Lang\sk.txt.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\tabskb.dll.mui.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
File created	C:\Program Files\DVD Maker\PipeTran.dll.tmp	0693f8405360bbb3ba8b0d6fd6c28ca0N.exe

C:\Users\Admin\AppData\Local\Temp\0693f8405360bbb3ba8b0d6fd6c28ca0N.exe
"C:\Users\Admin\AppData\Local\Temp\0693f8405360bbb3ba8b0d6fd6c28ca0N.exe"
1⤵
- Drops file in Program Files directory
PID:2152

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2212144002-1172735686-1556890956-1000\desktop.ini.tmp

Filesize
62KB

MD5
e4950d54ce062d9122eec0ce8fc59f0a

SHA1
cd355352525f364ce77ecea069d878ef1e1b193c

SHA256
7a779868694a771106c65c95da203c3dc2c71133c291a7c14fc68389a711e01c

SHA512
2cef7d41e4032ed3905b6cb96e8de97c6bb2d274ea66203f35c07e1bf8fb4fdc4ff052c7224a68ba0d4cfb74b8c067775027d0abfe10fe1004f1d7cb3afb0de9

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
71KB

MD5
b6b0eceb77e8c8169397145091b9743c

SHA1
58952634f13ae4ea213cc05ff5601e3adee404b0

SHA256
18c1a09349d6266770af324c83520da606e684fa19ce18f8d97a520ca1e356df

SHA512
f1977b0ef23ef8012c443abf9dd90bea531652dea9a750323f7d4b359a9a08b8fdd6680fc93e2916fc6f01b16e379a27689a383ee284c7364c9dd39309b8c94b

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads