70ab7342f846095d69e534c055876a7a727c4f58bee484b9e7424673ab7669c7

Analysis

max time kernel
120s
max time network
120s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
21-07-2024 02:20

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

4d8304cac606261c2e12b8534da74490N.exe
Size

85KB
MD5

4d8304cac606261c2e12b8534da74490
SHA1

7ce91083af69622fdc1a60d682b53b6ee63367cf
SHA256

70ab7342f846095d69e534c055876a7a727c4f58bee484b9e7424673ab7669c7
SHA512

e01f0c9ab37e1973dee3a4036e011162bc18bf00b01c9902a9855d24db5ec8a2c653f01628ec3fa4248ff8077b434c4b43ff8da259d343a65dceb25bacd12994
SSDEEP

1536:W7ZDpApYbWjIoPyPoLzV7c6Sh1XC8XNyc8XNyt:6DWpQXNylXNyt

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (2877) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.core_5.5.0.165303.jar.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler_ja.jar.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Mozilla Firefox\browser\features\[email protected]	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\System.RunTime.Serialization.Resources.dll.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu\oskmenubase.xml.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Minsk.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\sunmscapi.dll.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.registry_3.5.400.v20140428-1507.jar.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\highlight.png.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\MEIPreload\manifest.json.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Asuncion.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\SkipConnect.gif.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\notes-static.png.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\MANIFEST.MF.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Australia\Hobart.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Microsoft Games\FreeCell\it-IT\FreeCell.exe.mui.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\White_Chocolate.jpg.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\ECLIPSE_.SF.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Creston.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\locale\updater_zh_CN.jar.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-heapwalker.jar.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Java\jre7\bin\deploy.dll.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Java\jre7\lib\fontconfig.properties.src.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT-12.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\curtains.png.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\mojo_core.dll.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\15x15dot.png.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\1047x576_91n92.png.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Beirut.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-text.xml.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Java\jre7\bin\dt_shmem.dll.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\dicjp.dll.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-delete.avi.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\epl-v10.html.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\optimization_guide_internal.dll.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\kcms.dll.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Microsoft Games\FreeCell\FreeCellMCE.png.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.ComponentModel.DataAnnotations.dll.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_VideoInset.png.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\feature.properties.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\7-Zip\Lang\fr.txt.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.repository.nl_zh_4.4.0.v20140623020002.jar.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\System.Windows.Presentation.resources.dll.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Notebook.jpg.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\MST.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationRight_ButtonGraphic.png.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-core-kit_ja.jar.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-ui_ja.jar.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Andorra.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationRight_ButtonGraphic.png.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk_1.0.300.v20140407-1803.jar.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_SelectionSubpicture.png.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-editor-mimelookup.xml.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Microsoft Games\Purble Place\PurblePlaceMCE.png.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Mozilla Firefox\mozglue.dll.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Common Files\System\Ole DB\it-IT\msdasqlr.dll.mui.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-previous-static.png.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Vancouver.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.addons.swt.nl_ja_4.4.0.v20140623020002.jar.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler.xml.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Microsoft Office\Office14\1033\Mso Example Intl Setup File B.txt.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainBackground_PAL.wmv.tmp	4d8304cac606261c2e12b8534da74490N.exe
File created	C:\Program Files\Java\jre7\bin\decora-sse.dll.tmp	4d8304cac606261c2e12b8534da74490N.exe

C:\Users\Admin\AppData\Local\Temp\4d8304cac606261c2e12b8534da74490N.exe
"C:\Users\Admin\AppData\Local\Temp\4d8304cac606261c2e12b8534da74490N.exe"
1⤵
- Drops file in Program Files directory
PID:2348

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2958949473-3205530200-1453100116-1000\desktop.ini.tmp

Filesize
85KB

MD5
d8cdf97d605664b3c8ba5ab79949c354

SHA1
6adcf93fb34b43fe423146dc1c32926d0944d664

SHA256
d93896091e39af0acf03e991b12bf90696b1e8f97528f55eed639f7f6225009d

SHA512
32e8a7688f6dbc3fad216ddfb042d514abd0fb51039d3e1fe99e30b3f67115ab5f373f22ebf8fd2b915f865620df7347608621f493b257043aed5e602c89e85c

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
94KB

MD5
864eab825bc0d438365d968212ccb8d2

SHA1
f306c011a4fbfe5a11a906227c6d3dbef4545d32

SHA256
87fea8dc9fbe09a5730dfef50fd9c6fd856a9ca9a93924623bd0b2a8ae87a70e

SHA512
9b5118352256f204495be596c0defa51030b6e0b9cc87676a87ae00ed6b6537aa1b4f0c0581d42bd49b65df9902f4dc21c4417bec634d22b755144dbd9b581fe

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads