77764137aae515acd24ca1b6b59259b32a23c37b032af627a4f53502de4e3546

Analysis

max time kernel
120s
max time network
118s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
20/07/2024, 05:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

518ad9540023c360f98f3ea8a811c240N.exe
Size

80KB
MD5

518ad9540023c360f98f3ea8a811c240
SHA1

d5b423b8ba40ef3ecd4b40a1be1aba18651b8a43
SHA256

77764137aae515acd24ca1b6b59259b32a23c37b032af627a4f53502de4e3546
SHA512

fd859f5519ac9eb0c098eadac924a6bef99f2cb84262840c4aa3108d4ab586db32a75950e6bbbbf4df1d283f245f130e34172c70848d3024d61a45dc4deeadf9
SSDEEP

768:W7BlpDpARFbhYQkQjjIXYvPXzWPXzK3733uF4V7en5c5HChCrmhyEXBwzEXBw9:W7ZDpApYbWjIoPyPoLzV7c6ShQ

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3094) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-attach.jar.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-application-views.xml.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-uisupport_ja.jar.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Windows.Presentation.dll.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrdeush.dat.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Lord_Howe.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Tallinn.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Java\jre7\lib\management\management.properties.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Microsoft Games\More Games\en-US\MoreGames.dll.mui.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\VideoLAN\VLC\locale\sl\LC_MESSAGES\vlc.mo.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\java.exe.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jsadebugd.exe.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Java\jre7\bin\sunec.dll.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Common Files\System\Ole DB\en-US\sqloledb.rll.mui.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Yakutsk.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Java\jre7\bin\jdwp.dll.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\id.pak.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Gibraltar.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Java\jre7\lib\cmm\sRGB.pf.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\VideoLAN\VLC\locale\te\LC_MESSAGES\vlc.mo.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Common Files\System\Ole DB\de-DE\msdasqlr.dll.mui.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Notes_btn-back-static.png.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-back-static.png.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-jvm.xml.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh87.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Java\jre7\lib\zi\HST.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Common Files\System\msadc\fr-FR\msadcor.dll.mui.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Palau.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util-lookup_ja.jar.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\feature.xml.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\org-openide-filesystems_zh_CN.jar.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-ui_zh_CN.jar.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Dhaka.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\it-IT\MSTTSLoc.dll.mui.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationUp_SelectionSubpicture.png.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\LogoDev.png.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\libxslt.dll.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\de\System.IdentityModel.Resources.dll.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Checkers\ChkrRes.dll.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Microsoft Games\Purble Place\fr-FR\PurblePlace.exe.mui.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\1047x576black.png.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\javaws.policy.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Kolkata.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher_1.3.0.v20140415-2008.jar.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-uisupport.xml.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-modules-startup.xml.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_LOOP_BG_PAL.wmv.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationUp_SelectionSubpicture.png.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\javafx.policy.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\System.Data.Services.resources.dll.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Cape_Verde.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\MANIFEST.MF.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Monterrey.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-7.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\gtkTSFrame.png.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-coredump.xml.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvm_ja.jar.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Rainy_River.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\7-Zip\7-zip32.dll.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad.xml.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr\default.jfc.tmp	518ad9540023c360f98f3ea8a811c240N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Australia\Broken_Hill.tmp	518ad9540023c360f98f3ea8a811c240N.exe

C:\Users\Admin\AppData\Local\Temp\518ad9540023c360f98f3ea8a811c240N.exe
"C:\Users\Admin\AppData\Local\Temp\518ad9540023c360f98f3ea8a811c240N.exe"
1⤵
- Drops file in Program Files directory
PID:2260

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3294248377-1418901787-4083263181-1000\desktop.ini.tmp

Filesize
80KB

MD5
c575c4c2e368c56eee8adc341383de72

SHA1
f1b07407afa4a6aefd21d21f25b2eeae9d31652e

SHA256
1627005ba259b5710c17dcb01b851c06d7c5980acea3c70f1210a9f979eec4d2

SHA512
fb2086d198a51c953be691eb173c8392c5e317e984040142c3f1bd80650c141e7d1ad4bf722250a7dcbd5333aa482346d4a9e8066818950d98d7098298554fdd

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
89KB

MD5
9218bc2caf3d8bdce7ad9166239442fd

SHA1
8d993ab5968a8e838829d3d0db9b62e22300ddcf

SHA256
66e79286221c7eacb949bf10b9571e9bda54cd1357d21c6e4e49a44c333d5216

SHA512
823b2171ebb56f52c770f7b15285eb32ff8fe93ea4dc436c584440f875c9b6dd0470b1431ce379034387647868973f5b6a1a6ae97dcf376fbe597b3197bafba3

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads