bbe4814c82a272ae38696ef369767c34c7bb6032f252b0745a504a937160a0d9

Analysis

max time kernel
120s
max time network
18s
platform
windows7_x64
resource
win7-20240705-en
resource tags

arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
submitted
21-07-2024 10:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b037dbb1d15b6287bcb9b090c5fa3410N.exe
Size

30KB
MD5

b037dbb1d15b6287bcb9b090c5fa3410
SHA1

4d9f2a3584b6b1bd3c54ee453cb40668e940a046
SHA256

bbe4814c82a272ae38696ef369767c34c7bb6032f252b0745a504a937160a0d9
SHA512

4e21b6cee4a04eb98697b1fc48debe1ffeb6093d3ccf8a4c2745152b216b1e1548b2f459fefdddcc4f0f57cb3fcc148cfc68dca8c07d8bcdbb482beac4ba7e23
SSDEEP

192:tACUADIY0Br5xjL/FAgAQmP1oynLb22v7b22vx1IuhUbUZ+2HPaIuhUbUZ+2HPcd:GBt7Br5xjL9AgA71Fbhv7bhvYYjYH1wn

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3443) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.text.nl_zh_4.4.0.v20140623020002.jar.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\Microsoft.Build.Utilities.v3.5.resources.dll.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\VideoLAN\VLC\locale\gu\LC_MESSAGES\vlc.mo.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\SmallLogoCanary.png.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-uihandler_ja.jar.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler-ui.xml.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\DVD Maker\soniccolorconverter.ax.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\blacklist.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Chita.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.observable.nl_zh_4.4.0.v20140623020002.jar.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Java\jre7\lib\fonts\LucidaSansRegular.ttf.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Mozilla Firefox\crashreporter.ini.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\VideoLAN\VLC\lua\playlist\anevia_streams.luac.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\mshwLatin.dll.mui.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Internet Explorer\en-US\eula.rtf.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-7.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Vienna.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\license.html.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Australia\Broken_Hill.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\es\System.IO.Log.Resources.dll.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_chroma\librv32_plugin.dll.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-10.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Conversion.v3.5.dll.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Beirut.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hr-HR\tipresx.dll.mui.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\InkWatson.exe.mui.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-overlay.png.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\java.exe.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\javafx-font.dll.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\Beulah.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.property.nl_zh_4.4.0.v20140623020002.jar.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\7-Zip\Lang\sv.txt.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Atlantic\Canary.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler_zh_CN.jar.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\7-Zip\Lang\hi.txt.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\SmallLogoBeta.png.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Windows.Presentation.dll.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\baseAltGr_rtl.xml.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\full.png.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Mozilla Firefox\removed-files.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\button-highlight.png.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Common Files\System\msadc\msdaprst.dll.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jmc.ini.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Irkutsk.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\feature.properties.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\day-of-week-16.png.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.http.jetty_3.0.200.v20131021-1843.jar.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-ui_ja.jar.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Filters\msgfilt.dll.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libttml_plugin.dll.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Extensions\external_extensions.json.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\libGLESv2.dll.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\ij.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\de\UIAutomationClient.resources.dll.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\vignettemask25.png.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\feature.properties.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.ibm.icu_52.1.0.v201404241930.jar.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ms.pak.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dili.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationUp_SelectionSubpicture.png.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\navSubpicture.png.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\instrument.dll.tmp	b037dbb1d15b6287bcb9b090c5fa3410N.exe

C:\Users\Admin\AppData\Local\Temp\b037dbb1d15b6287bcb9b090c5fa3410N.exe
"C:\Users\Admin\AppData\Local\Temp\b037dbb1d15b6287bcb9b090c5fa3410N.exe"
1⤵
- Drops file in Program Files directory
PID:2780

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3502430532-24693940-2469786940-1000\desktop.ini.tmp

Filesize
30KB

MD5
19896b03017228ea5ebf4f3af29bb155

SHA1
15421637b880016dbc61c6ba74e6428c7990eeae

SHA256
1356fa497ddc7eb2eb6e87f523eb43a0ce9869a8620b058b148ca6fa3f76b05c

SHA512
6da1d0f7f7ef709152729da12e538e13a998d1ed4a77b0c314700fab3d02917f7979061f4e3d9385608428ee9ef36f01e5df0929a57380cb565afb6e4dfe0036

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
39KB

MD5
9dafc663a95fdbfa774c9ff7fdf2315f

SHA1
36d9ceecd222a6925b8218af6bba84eed23499d4

SHA256
e40e9eabea6992df4d86ead8b39894e858e89ae3cd77e51d1965000a03b0dc38

SHA512
2f103d792e690130ae9501823d74d8d1f596d757e0f915773f35534b5b4c789f6611e51d6e2658df49ea7488362f1094ebc3bcacf8eda81879d02dc2469f823c

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads