8e6b88ddc84303c16d28f9baaa83ddf4a6e7796405525aedf2c048873d60668d

Analysis

max time kernel
120s
max time network
121s
platform
windows7_x64
resource
win7-20240705-en
resource tags

arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
submitted
22-07-2024 10:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9a06c557efa8b7e448b337e09bb3bbe0N.exe
Size

54KB
MD5

9a06c557efa8b7e448b337e09bb3bbe0
SHA1

888904ed432595ee881308a33413623cebe70e3d
SHA256

8e6b88ddc84303c16d28f9baaa83ddf4a6e7796405525aedf2c048873d60668d
SHA512

c00597e0b085afa03a6c8459b582123bcf79d990cb87d0953acab1d82d6118a3eeff2ea92ee331681b8c1bbedd0ecbe58b86d4149a778b8a1715dcaac67024ba
SSDEEP

384:GBt7Br5xjL9AgA71FbhvuNBNsjLKoWFKryoWFKrxAa2a//S+NQKZX+NQKZ7pt:W7BlpppARFbhWJmAa2aFo7pt

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3097) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Microsoft Games\Minesweeper\en-US\Minesweeper.exe.mui.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\attach.dll.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\splashscreen.dll.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-spi-quicksearch_ja.jar.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Samarkand.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee.dll.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\include\jawt.h.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2iexp.dll.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.expressions_3.4.600.v20140128-0851.jar.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_partstyle.css.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\VideoLAN\VLC\locale\lo\LC_MESSAGES\vlc.mo.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\tipresx.dll.mui.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\kinit.exe.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Hebron.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libbluray-awt-j2se-1.3.2.jar.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\CsiSoap.dll.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationLeft_ButtonGraphic.png.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Java\jre7\lib\psfont.properties.ja.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationRight_ButtonGraphic.png.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\de\System.IdentityModel.Resources.dll.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr\default.jfc.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.nl_zh_4.4.0.v20140623020002.jar.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_flat_10_000000_40x100.png.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\TipBand.dll.mui.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkClientCP.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\eula.dll.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Mozilla Firefox\vcruntime140.dll.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BlackRectangle.bmp.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-templates_zh_CN.jar.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Tbilisi.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.VisualC.STLCLR.dll.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToScenesBackground.wmv.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-lib-uihandler.xml.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup_zh_CN.jar.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.app.nl_zh_4.4.0.v20140623020002.jar.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.engine.nl_ja_4.4.0.v20140623020002.jar.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-editor-mimelookup.jar.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\nl.pak.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\te.pak.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Internet Explorer\jsprofilerui.dll.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Gaza.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\VideoLAN\VLC\locale\mk\LC_MESSAGES\vlc.mo.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipscsy.xml.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\PYCC.pf.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler_ja.jar.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\cursors.properties.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder_5.5.0.165303.jar.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\System.Xml.Linq.Resources.dll.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\mobile.html.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Common Files\System\Ole DB\en-US\msdasqlr.dll.mui.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\stopNetworkServer.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Majuro.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\EnterSearch.pps.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.operations.nl_zh_4.4.0.v20140623020002.jar.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-javahelp.xml.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Noumea.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Java\jre7\lib\zi\HST.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.Runtime.dll.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\System.Web.Entity.Resources.dll.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\curtains.png.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\203x8subpicture.png.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Rangoon.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-multitabs_zh_CN.jar.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jstat.exe.tmp	9a06c557efa8b7e448b337e09bb3bbe0N.exe

C:\Users\Admin\AppData\Local\Temp\9a06c557efa8b7e448b337e09bb3bbe0N.exe
"C:\Users\Admin\AppData\Local\Temp\9a06c557efa8b7e448b337e09bb3bbe0N.exe"
1⤵
- Drops file in Program Files directory
PID:2708

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3502430532-24693940-2469786940-1000\desktop.ini.tmp

Filesize
54KB

MD5
a69dbf232575f1cf91a517c31b21fa8c

SHA1
185d513b07c9b2df7bdb202e6ce4a597fe54469f

SHA256
bf1cc2f2d00142a1d0c52368d8f5edae9ed7adac727538deb544410e399c46e0

SHA512
07b95e85a82ac1fde55e5601d8a32c00a95578c7d928e57a069a787f2e336a42b24d7392f5b17cae5300ad6b51e5204f939765fde98c5b8387d6b60997157253

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
63KB

MD5
3ab01d3e166bcb1192b28fac44962afd

SHA1
646e4d3976cad6a2ffc3496c65af5192dd646c4f

SHA256
08cb04697ac58d9635eccab47b61b08acae89e37417aafcce4c618dd59d03d1d

SHA512
4254a69557929ce7a9d3d9a678911205068639286d8a83ec2fd6cce3394c53da53858d95cdb9c61928c220839d87208e213e2cfef72cb2c56cbf30a868de73b4

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads