d579d247fb8b365978590eb2c8f1f04ffc5cd3140d21816abe70f577c742d0fd

Analysis

max time kernel
120s
max time network
15s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
22/07/2024, 06:08

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

6ec99aa0ed9f635122d589dac4cca360N.exe
Size

48KB
MD5

6ec99aa0ed9f635122d589dac4cca360
SHA1

8356fdb7692103f0a07f7d97b377698a6b4c10b8
SHA256

d579d247fb8b365978590eb2c8f1f04ffc5cd3140d21816abe70f577c742d0fd
SHA512

21c7137437763acdc212aec2e0c681cc36f0cbbfd6a30a0fe572e29df6aca6a30abedd68593246707c11b4b22e4ca6e060ceceb64df2589e028cdc3fec71d65e
SSDEEP

384:yBs7Br5xjL8AgA71FbhvhwMF1XxXmYz0EkYz0EexyVxy:/7BlpQpARFbhtF1XxXmYz0EkYz0EE

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3235) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Denver.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-loaders.xml.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\720x480icongraphic.png.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationLeft_SelectionSubpicture.png.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\access-bridge-64.jar.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-sa.jar.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\TipRes.dll.mui.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_highlights_Thumbnail.bmp.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4-dark.css.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-progress-ui.xml.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Argentina\San_Luis.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Mozilla Firefox\api-ms-win-crt-filesystem-l1-1-0.dll.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\InkObj.dll.mui.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Common Files\System\Ole DB\es-ES\msdasqlr.dll.mui.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Antarctica\Troll.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Microsoft Office\Office14\OLKFSTUB.DLL.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\System.Data.Linq.Resources.dll.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\DVD Maker\DVDMaker.exe.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationLeft_ButtonGraphic.png.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passport.png.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_it.jar.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Moncton.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Managua.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\requests\status.xml.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\7-Zip\readme.txt.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\flavormap.properties.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-outline_ja.jar.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-explorer.jar.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Boise.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\System.Data.Entity.Resources.dll.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\VideoLAN\VLC\lua\playlist\cue.luac.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_content-background.png.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationLeft_ButtonGraphic.png.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_buttongraphic.png.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.SF.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.ibm.icu_52.1.0.v201404241930.jar.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\SoftBlue.jpg.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationRight_ButtonGraphic.png.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.zh_CN_5.5.0.165303.jar.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Common Files\System\msadc\de-DE\msdaremr.dll.mui.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationLeft_SelectionSubpicture.png.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.equinox.nl_zh_4.4.0.v20140623020002.jar.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\VideoLAN\VLC\lua\playlist\anevia_streams.luac.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-previous-static.png.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Internet Explorer\JSProfilerCore.dll.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_travel_Thumbnail.bmp.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\YST9.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-jvm.jar.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sa_zh_CN.jar.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.core.nl_ja_4.4.0.v20140623020002.jar.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\InputPersonalization.exe.mui.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Internet Explorer\iedvtool.dll.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Paris.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core.jar.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Java\jre7\lib\deploy\messages.properties.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jstat.exe.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\sunec.jar.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-execution.xml.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Magadan.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-lib-profiler-charts.jar.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\La_Paz.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\css\main.css.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-queries_zh_CN.jar.tmp	6ec99aa0ed9f635122d589dac4cca360N.exe

C:\Users\Admin\AppData\Local\Temp\6ec99aa0ed9f635122d589dac4cca360N.exe
"C:\Users\Admin\AppData\Local\Temp\6ec99aa0ed9f635122d589dac4cca360N.exe"
1⤵
- Drops file in Program Files directory
PID:2988

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2958949473-3205530200-1453100116-1000\desktop.ini.tmp

Filesize
48KB

MD5
db92371dac410aa06b04b3c7463fbbb3

SHA1
92782769f649db60ed4dc9768816832265d6bb9b

SHA256
a11503fa651939cf024404e4af9b7000063600ce011d1861cca0838da642f953

SHA512
10f730cf6c154875436990c9baeebed1b18c6377b3c54526286ad044d5fabd109a2bbfe32a9bab14309c15a63c8dd0491c722d02e5db0229fe976a6e8058d1ce

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
57KB

MD5
56ed0ac6817a034ac1afd030ebd39b18

SHA1
88e5d5324121a5527e0df1b59e6e4a8dde932377

SHA256
da29354b9d96d8a752cfd8b11b37633993cd0f1f2dfefc40feabe2be84860e27

SHA512
f577f07376df341be9edbd1f358edcbec61991f8e5d8150e701347944171e794cb935c2cce32dcada47ac192a27e65bf32a9f0c6439a265a862298366e626f02

Download Submit
memory/2988-0-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download
memory/2988-654-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads