376a50451a5fb7e3cd7df18ae1d0ddda046fe655bb62aa3399fd4c4a43ee9640

Analysis

max time kernel
120s
max time network
122s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
22/07/2024, 13:55

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

bbdddf8339bd49726b905eee83d297d0N.exe
Size

41KB
MD5

bbdddf8339bd49726b905eee83d297d0
SHA1

018d49eed5922caf32b93930bd076e3cae0d1add
SHA256

376a50451a5fb7e3cd7df18ae1d0ddda046fe655bb62aa3399fd4c4a43ee9640
SHA512

8b2172391263c67bd267f8c9b97fa9ba543ddeabbac3c699b215dff47cd98f03961d8d75556d21522a520b3b25177ec3cd19601da1163f503cfbebfd6ea652c9
SSDEEP

768:W7BlphA7pARFbhOm0CAbLg++PJHJzIWD+6/huEQhuEs:W7ZhA7pApH1++PJHJX18EQ8Es

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3192) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwritalm.dat.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\Panel_Mask.wmv.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\zipfs.jar.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\cursors.properties.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Samarkand.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Java\jre7\bin\pack200.exe.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Honolulu.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\7-Zip\Lang\hi.txt.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libcdda_plugin.dll.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.eclipse.nl_zh_4.4.0.v20140623020002.jar.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Checkers\en-US\chkrzm.exe.mui.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_travel_Thumbnail.bmp.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Novokuznetsk.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\auxbase.xml.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\imjplm.dll.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\setEmbeddedCP.bat.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr\profile.jfc.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.beans_1.2.200.v20140214-0004.jar.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Java\jre7\lib\security\trusted.libraries.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\7-Zip\Lang\io.txt.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Makassar.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.natives_1.1.100.v20140523-0116.jar.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Microsoft Games\Chess\es-ES\Chess.exe.mui.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Microsoft Games\SpiderSolitaire\it-IT\SpiderSolitaire.exe.mui.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Guyana.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\about.html.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\VideoLAN\VLC\COPYING.txt.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_shout_plugin.dll.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Common Files\System\Ole DB\oledbjvs.inc.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\ja\Microsoft.Build.Engine.resources.dll.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Curacao.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.batik.util.gui_1.7.0.v200903091627.jar.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-ui_ja.jar.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsfin.xml.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Shades of Blue.htm.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainBackground.wmv.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application-views_zh_CN.jar.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Microsoft Games\Chess\Chess.exe.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\dicjp.bin.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\localedata.jar.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Pohnpei.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.update.configurator_3.3.300.v20140518-1928.jar.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\UIAutomationClient.resources.dll.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\scenesscroll.png.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Internet Explorer\sqmapi.dll.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\META-INF\MANIFEST.MF.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.diagnostic.ja_5.5.0.165303.jar.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\de\UIAutomationClient.resources.dll.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationUp_SelectionSubpicture.png.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Los_Angeles.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.zh_CN_5.5.0.165303\feature.properties.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-attach.xml.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Irkutsk.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Mozilla Firefox\updater.ini.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\requests\status.json.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\DVD Maker\OmdBase.dll.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT+10.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Checkers\it-IT\chkrzm.exe.mui.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\DVD Maker\Pipeline.dll.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Nicosia.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\feature.properties.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.nl_zh_4.4.0.v20140623020002.jar.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.natives.nl_ja_4.4.0.v20140623020002.jar.tmp	bbdddf8339bd49726b905eee83d297d0N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-templates_zh_CN.jar.tmp	bbdddf8339bd49726b905eee83d297d0N.exe

C:\Users\Admin\AppData\Local\Temp\bbdddf8339bd49726b905eee83d297d0N.exe
"C:\Users\Admin\AppData\Local\Temp\bbdddf8339bd49726b905eee83d297d0N.exe"
1⤵
- Drops file in Program Files directory
PID:1080

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-940600906-3464502421-4240639183-1000\desktop.ini.tmp

Filesize
42KB

MD5
1776b5146a530642e3a65c4e4a6cb124

SHA1
12d36047b86561f6e09b3b4b9bd3b3756d2d1428

SHA256
12995e04f7aecb649cda48952a516ffb4e92a4b21500774ef4bc4fee81f55765

SHA512
f70c207e044969fced593b9b375c6bcc7249fcaac920da708d423f3eb57c95588a393b9862b83289d956983c31d1ece53d72bb69c5d12cacad890bf289833fdf

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
51KB

MD5
f02222921df8a7cea6db2f3a83ebed9a

SHA1
bc3877f4bf8881fb4fbd5a290e29d7dad666db77

SHA256
aa8169c86a8735d170f9c5d58fde03281f6e17f74bb5bed887e4472c42a1cb4c

SHA512
97347f9b3bd498f514c36e207987c112c162a317f6ff72f742859ee61433d31a462a4f72df504e39e7b1781df843d4cbc95f0181382a6fec08ded9ae91372250

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads