760abca33fe0458965a8facb9db7f0a5293f512d19fb0e5e7a44a8089e78bc85

Analysis

max time kernel
120s
max time network
16s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
21/07/2024, 15:10

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

dcba5f7fc66292e364fc866192af18f0N.exe
Size

59KB
MD5

dcba5f7fc66292e364fc866192af18f0
SHA1

234cbe3f5a2c7cdda569640ea67dcd5426c81e97
SHA256

760abca33fe0458965a8facb9db7f0a5293f512d19fb0e5e7a44a8089e78bc85
SHA512

1d143e41b67ae13a3ca65401ad67dbc11f5a428c5eb105012e268410aa026dbd8eaec711918413dd72367e8056a80f2adba0161f8898b9cf68da0cbdb511c2ef
SSDEEP

768:W7BlphA7pARFbhvOsTKnKqtUK4F46OK4F46oMA88bRyvkijaTpL:W7ZhA7pApvOsOKjv46Ov46MbRsja5

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3250) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\title_trans_scene.wmv.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-settings.xml.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Managua.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationRight_SelectionSubpicture.png.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.di.extensions_0.12.0.v20140417-2033.jar.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.nl_ja_4.4.0.v20140623020002.jar.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-tools_ja.jar.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Java\jre7\bin\awt.dll.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\requests\vlm.xml.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationLeft_SelectionSubpicture.png.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationUp_ButtonGraphic.png.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbynet.jar.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Shanghai.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Dot.png.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Singapore.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Samara.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Tehran.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\VideoLAN\VLC\locale\bn\LC_MESSAGES\vlc.mo.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Tokyo.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Mozilla Firefox\defaults\pref\channel-prefs.js.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Bishkek.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-awt.xml.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Microsoft Games\FreeCell\it-IT\FreeCell.exe.mui.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Microsoft Games\More Games\de-DE\MoreGames.dll.mui.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_output\libwasapi_plugin.dll.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\tabskb.dll.mui.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols.xml.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.application_5.5.0.165303.jar.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.w3c.css.sac_1.3.1.v200903091627.jar.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\DVD Maker\es-ES\OmdProject.dll.mui.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Bahia.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Winnipeg.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-plaf_ja.jar.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Africa\Casablanca.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\dialogs\mosaic_window.html.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings.nl_ja_4.4.0.v20140623020002.jar.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.garbagecollector.nl_ja_4.4.0.v20140623020002.jar.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Atlantic\Reykjavik.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libtwolame_plugin.dll.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\7-Zip\Lang\ja.txt.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\JAWTAccessBridge-64.dll.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\.lock.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libx26410b_plugin.dll.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Cuiaba.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Microsoft Office\Office14\MSOHEVI.DLL.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\UIAutomationClientsideProviders.resources.dll.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.nl_ja_4.4.0.v20140623020002.jar.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Common Files\System\Ole DB\de-DE\sqlxmlx.rll.mui.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\DVD Maker\fr-FR\WMM2CLIP.dll.mui.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Eucla.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Indiana\Vevay.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Sitka.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT-4.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\sv.pak.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\artifacts.xml.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\imap.jar.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Checkers\Chkr.dll.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\Microsoft.Build.Utilities.v3.5.resources.dll.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ko.pak.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\MET.tmp	dcba5f7fc66292e364fc866192af18f0N.exe
File created	C:\Program Files\Mozilla Firefox\api-ms-win-core-file-l1-2-0.dll.tmp	dcba5f7fc66292e364fc866192af18f0N.exe

C:\Users\Admin\AppData\Local\Temp\dcba5f7fc66292e364fc866192af18f0N.exe
"C:\Users\Admin\AppData\Local\Temp\dcba5f7fc66292e364fc866192af18f0N.exe"
1⤵
- Drops file in Program Files directory
PID:2384

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3450744190-3404161390-554719085-1000\desktop.ini.tmp

Filesize
59KB

MD5
5f3d55f5eb4edcfeda81df8189e03081

SHA1
c063e1d0f7e01825035d2da2d1db36f626e6104e

SHA256
5cecfd301c7e1a857ac8407567511983c8cee5be052520d653f92c2a70e3b1d4

SHA512
8725e07da75edeb9a5c21f402fd82a3a4998b020beffc55c84ef52092b5f9c3d0bcf543407b60a4f54c844e60816ce0b9cd17fa2b57c5ec38055474b07e62479

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
68KB

MD5
7f93962cfc2ee0e6046e4dce783c4ea4

SHA1
14f107d6846a0ddb395951fd8a83952146598a16

SHA256
f1b8961685ab3f9499b38366e0034bb1d8e43bb91eaa663089b9940cfea541c2

SHA512
effb51ecf702dc828bd43a65d421d72879fdf16232da30b4ceaa14ad91ffe3c037c98386c12ec1ee02946f49f1b254dc561c634d2352a3fbb11e722f7d6a381c

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads