3d677c417ff8c15a41f3e0a9d4f407bc5497d452ba8d88ee76f161829fdc119d

Analysis

max time kernel
120s
max time network
19s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
22/07/2024, 12:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b3154e8617068646668ddacd786d8360N.exe
Size

66KB
MD5

b3154e8617068646668ddacd786d8360
SHA1

fd583d1445d83dcc8cf7b9150ba0d2d074469dd0
SHA256

3d677c417ff8c15a41f3e0a9d4f407bc5497d452ba8d88ee76f161829fdc119d
SHA512

e456782c39d82ca86aa0e76a3f85a0ade651e3b7c4503f7034294804ae572c0b136978269f1193da97c795455e94716e294daa6a5b661177e554c859be251f8a
SSDEEP

1536:W7ZNLpApCZrt8PWGoPWGANdN+hEwHwDvZvr:6NLWpCZIzjwHwp

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (310) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_postage_Thumbnail.bmp.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationUp_SelectionSubpicture.png.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\fr.pak.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_heb.xml.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Stars.htm.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\am.pak.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\sv.pak.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\babypink.png.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\mshwjpnr.dll.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\sv-SE\tipresx.dll.mui.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\HandPrints.jpg.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\Common Files\System\msadc\msaddsr.dll.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_INTRO_BG_PAL.wmv.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\join.avi.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\Common Files\System\msadc\adcjavas.inc.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\720x480icongraphic.png.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\TipTsf.dll.mui.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\TipRes.dll.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\Common Files\System\msadc\msadcfr.dll.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\DVD Maker\Shared\Parity.fx.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrdeush.dat.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\cloud_Thumbnail.bmp.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationLeft_SelectionSubpicture.png.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationRight_ButtonGraphic.png.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\PassportMask_PAL.wmv.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\id.pak.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\InkObj.dll.mui.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.MOF.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_glass.png.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationRight_SelectionSubpicture.png.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_selectionsubpicture.png.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\203x8subpicture.png.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\gu.pak.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\zh-changjei.xml.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\DVD Maker\fr-FR\DVDMaker.exe.mui.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\DVD Maker\SecretST.TTF.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_PreComp_MATTE_PAL.wmv.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\7-Zip\Lang\tr.txt.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\Common Files\System\msadc\es-ES\msadcfr.dll.mui.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\Common Files\System\msadc\fr-FR\msadcfr.dll.mui.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Filters\VISFILT.DLL.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Orange Circles.htm.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\Common Files\System\de-DE\wab32res.dll.mui.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationUp_ButtonGraphic.png.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\tipresx.dll.mui.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\Common Files\System\wab32res.dll.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Title_Page_Ref_PAL.wmv.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\TipRes.dll.mui.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\DVD Maker\it-IT\DVDMaker.exe.mui.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\blackbars80.png.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\7-Zip\Lang\et.txt.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Filters\msgfilt.dll.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\IPSEventLogMsg.dll.mui.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\scene_button_style_default_Thumbnail.bmp.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\7-Zip\Lang\ca.txt.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\tabskb.dll.mui.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSFrontendENU.dll.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_INTRO_BG.wmv.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\tipresx.dll.mui.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainBackground_PAL.wmv.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyScenesBackground_PAL.wmv.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_SelectionSubpictureB.png.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\Common Files\System\Ole DB\ja-JP\msdasqlr.dll.mui.tmp	b3154e8617068646668ddacd786d8360N.exe
File created	C:\Program Files\Common Files\System\Ole DB\sqloledb.rll.tmp	b3154e8617068646668ddacd786d8360N.exe

C:\Users\Admin\AppData\Local\Temp\b3154e8617068646668ddacd786d8360N.exe
"C:\Users\Admin\AppData\Local\Temp\b3154e8617068646668ddacd786d8360N.exe"
1⤵
- Drops file in Program Files directory
PID:2488

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2212144002-1172735686-1556890956-1000\desktop.ini.tmp

Filesize
67KB

MD5
d840c6c85dccffd680b2b03a51c84d05

SHA1
a51acf59bf1583d955da0b447028b529dfa08a39

SHA256
f11cdcc0a435e8ff0ffc4e93ae083a8b5bf2186f924fa6323ec466443d449ce2

SHA512
075dbc7658b1a3e49787264aa35562c97ebe3c4377d9a1589e4afb475557853c64f11eb822d12b0d90a0b918e3a8f8a33a73778e1e467ea283c9ca6852dfd9ac

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
76KB

MD5
a68b603044f7b275d35f7ce9cf211f65

SHA1
a17e3cea0b7eb185e8bd41f57153a076026d76a0

SHA256
65b762f7f44d730eeb4ae0d2cf2e218cb6cba77d4461139ef90dd37e9d6e8dfc

SHA512
c0fd832fe53de90b36418ae8cd62e54915cd21d915b6539fffafd6876a328ea0a314e47829a4d23fbc4a2e2bb21e546cef8d8350c683b3d85e99e4284a6a01f5

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads