38cc9a10dbcc39bf2e656b01ab3bc7624d97ca818804b74e5e0399cc52735e99

Analysis

max time kernel
120s
max time network
17s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
21/07/2024, 20:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0b5fb9e153f0cb537d28d10c842f5310N.exe
Size

96KB
MD5

0b5fb9e153f0cb537d28d10c842f5310
SHA1

5122d5a47bb0305596b9a6b917a1c5cb4830f17f
SHA256

38cc9a10dbcc39bf2e656b01ab3bc7624d97ca818804b74e5e0399cc52735e99
SHA512

36e9839b86a2078e99a4b04450d559a418f2fbc0e10ada346507cbc5eb04036494d740122fbffe669980fc143fc597ffc2546971565f5daf68204bef56f844b5
SSDEEP

3072:6e7WpP9oVLQthbYY9oVLQthbUvRIWI83B1:RqAZIWIy1

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (2854) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbytools.jar.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Bahia.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\feature.xml.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\plugin.properties.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.base_4.0.200.v20141007-2301.jar.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-ui_zh_CN.jar.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_VideoInset.png.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Montevideo.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Monaco.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-api-progress.jar.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Microsoft Games\More Games\it-IT\MoreGames.dll.mui.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Common Files\System\msadc\es-ES\msdaremr.dll.mui.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPTSFrame.png.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-profiler.jar.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\micaut.dll.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Backgammon\de-DE\bckgzm.exe.mui.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Africa\Abidjan.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Tongatapu.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\de\System.Data.DataSetExtensions.Resources.dll.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Miquelon.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Mozilla Firefox\firefox.exe.sig.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\vk_swiftshader_icd.json.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\es\UIAutomationProvider.resources.dll.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_PreComp_MATTE_PAL.wmv.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ja.pak.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\feature.xml.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaireMCE.png.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\WindowsFormsIntegration.resources.dll.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\7-Zip\Lang\id.txt.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\org-openide-filesystems.jar.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Indian\Reunion.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Microsoft Games\Chess\desktop.ini.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.di_1.4.0.v20140414-1837.jar.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Madeira.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Java\jre7\lib\images\cursors\win32_MoveDrop32x32.gif.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Mozilla Firefox\updater.exe.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Common Files\System\msadc\it-IT\msdaremr.dll.mui.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Java\jre7\bin\jaas_nt.dll.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Antarctica\Troll.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\ECLIPSE_.SF.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\cacerts.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Chicago.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationRight_ButtonGraphic.png.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-settings.jar.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Manaus.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\trusted.libraries.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.historicaldata_5.5.0.165303.jar.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-jvmstat.jar.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Microsoft Games\Purble Place\es-ES\PurblePlace.exe.mui.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\DVD Maker\WMM2CLIP.dll.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Port_Moresby.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.expressions_3.4.600.v20140128-0851.jar.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Java\jre7\lib\security\trusted.libraries.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Argentina\San_Luis.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Guatemala.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Microsoft Games\Mahjong\desktop.ini.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Notes_loop.wmv.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Vienna.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Internet Explorer\DiagnosticsTap.dll.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Argentina\La_Rioja.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Java\jre7\lib\zi\WET.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Java\jre7\bin\jdwp.dll.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe
File created	C:\Program Files\Common Files\System\Ole DB\es-ES\msdasqlr.dll.mui.tmp	0b5fb9e153f0cb537d28d10c842f5310N.exe

C:\Users\Admin\AppData\Local\Temp\0b5fb9e153f0cb537d28d10c842f5310N.exe
"C:\Users\Admin\AppData\Local\Temp\0b5fb9e153f0cb537d28d10c842f5310N.exe"
1⤵
- Drops file in Program Files directory
PID:2568

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3551809350-4263495960-1443967649-1000\desktop.ini.tmp

Filesize
96KB

MD5
b0373962451a82e5a51e43fcb506cf30

SHA1
ef1cacdafd95846dc174ace0d8c7f2e26ea506b7

SHA256
ca0c6261a6107bf52f6fda14f29d7f1c3e14ce4d9aa9fd07d0811afd03111450

SHA512
50cfdf1506eaa944a8ce4042d96831d2c9b3040614998974b58224a87fdaac965e70cd5697610959d43181ed1f8f90c465d856dd765616fd7ab6d3b77abd03f8

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
105KB

MD5
1e2bcdcab4546146a2917f105ab569c2

SHA1
2215be576973b5b3fc9fa8a50464f25bedeb7260

SHA256
2bd97cd6b19598445b53a0c278a1ea0d9950357599cf409b32528e9e7fae9147

SHA512
3c788ca88cb3778c17c04a8ee17f79c32040f5f838bd6dfb9858227c5f6c5863beeee2bcca4ebb989f5edc843453f8e1b8f07094c0ae5ad39499ff28372743f3

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads