0c6f11c28f676fe10da60dc08f610e28d815b7fd27ed7c672eda6a6ae668408f

Analysis

max time kernel
120s
max time network
19s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
20-07-2024 06:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5e80b0941d737f077110496e7d12d330N.exe
Size

67KB
MD5

5e80b0941d737f077110496e7d12d330
SHA1

2585133c916595633228ed9af6630618f3bbe5ad
SHA256

0c6f11c28f676fe10da60dc08f610e28d815b7fd27ed7c672eda6a6ae668408f
SHA512

e4fff4328951c73203872f7665b8c01a2594df96e670a55ec0a8667efea0054e8640dc363ed960ca844d17549dd882e9fb55aeaca5f90122951d7bd3d78efcc5
SSDEEP

1536:p7ZhA7dAp1++PJHJXA/OsIZfzc3/Q8Lvy:Te76WQSo6vy

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (323) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\tipresx.dll.mui.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Garden.jpg.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\heart_glass_Thumbnail.bmp.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\7-Zip\Lang\de.txt.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\7-Zip\Lang\ga.txt.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\IPSEventLogMsg.dll.mui.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\TipBand.dll.mui.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Pretty_Peacock.jpg.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationLeft_ButtonGraphic.png.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\fil.pak.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\7-Zip\Lang\kaa.txt.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\Common Files\System\msadc\it-IT\msadcor.dll.mui.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-imageMask.png.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_VideoInset.png.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passportcover.png.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\DVD Maker\DVDMaker.exe.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\auxbase.xml.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\tipresx.dll.mui.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\sk.pak.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\resources.pak.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\tipresx.dll.mui.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\DVD Maker\de-DE\WMM2CLIP.dll.mui.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\blackbars60.png.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\redmenu.png.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_INTRO_BG.wmv.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\rtscom.dll.mui.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\FormatGrant.mp4.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\cs.pak.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\7-Zip\Lang\ar.txt.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\7-Zip\License.txt.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsdan.xml.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\title_trans_scene.wmv.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Music.emf.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\Common Files\System\Ole DB\msdatl3.dll.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\720x480icongraphic.png.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToScenesBackground.wmv.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\720_480shadow.png.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\zh-TW.pak.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\TipRes.dll.mui.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\Microsoft.Ink.dll.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\he.pak.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\tipresx.dll.mui.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\af.pak.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ko.pak.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\IpsPlugin.dll.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\dotslightoverlay.png.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\reflect.png.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToNotesBackground.wmv.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\nb.pak.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\7-Zip\Lang\tt.txt.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Seyes.emf.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\7-Zip\Lang\sl.txt.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Shorthand.emf.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\Common Files\System\Ole DB\sqloledb.dll.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\Panel_Mask.wmv.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_PreComp_MATTE_PAL.wmv.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_200_percent.pak.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\7-Zip\Lang\hy.txt.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\kor-kor.xml.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Psychedelic.jpg.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Roses.htm.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Stars.htm.tmp	5e80b0941d737f077110496e7d12d330N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationRight_ButtonGraphic.png.tmp	5e80b0941d737f077110496e7d12d330N.exe

C:\Users\Admin\AppData\Local\Temp\5e80b0941d737f077110496e7d12d330N.exe
"C:\Users\Admin\AppData\Local\Temp\5e80b0941d737f077110496e7d12d330N.exe"
1⤵
- Drops file in Program Files directory
PID:2732

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2212144002-1172735686-1556890956-1000\desktop.ini.tmp

Filesize
67KB

MD5
495cb953ac753cf6ee0050526df11af0

SHA1
bf8931e8e607a7c4f57a6875da66c419643e1885

SHA256
68771e5eb32eb7cba5bddc8de1e625ce06377f6213a1163ff048293a1948a217

SHA512
a5708d6240918303869c4d0b53fece5cd003fb05ed5ab28edd49d3ab247756ff3b7a4e7d999554afb631431be45bb09cdeb6ea654b06de4af572d6625908b445

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
76KB

MD5
560ec6cc0e284dd06c511fb0d9acca43

SHA1
6b1cf37c7eabc0d212f27ae38012a7facc4c49d2

SHA256
cfe73cd30c8c21a904369d8de8fb8b21553cb987b6be056818698b91a2ab31d0

SHA512
9bd3bdacd0e07b643773ee9ea254b3c9bf0c2e2f592881dd56c85ca553c43b0c1d38d35189369dbc2aea0007b44990e981efb31a69fbbc431db00bb796ae29e8

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads