75bd86d6d1e6d66066c095619ef1c9f7623b4f2b811d386bbfcc172d45e7503b

Analysis

max time kernel
120s
max time network
16s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
23/07/2024, 06:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
Size

56KB
MD5

78f35d62a1e1e6f0e5c7d07d7bb0a700
SHA1

acbe8bdf11dd86ebcb5877333046de7a0f134d12
SHA256

75bd86d6d1e6d66066c095619ef1c9f7623b4f2b811d386bbfcc172d45e7503b
SHA512

46d245a416436f4bff68ff5cea8ee8cddde4483877a2fe098d73944dfd3d6f44d8faf4580e7822c4b527c533fff2d3a2346fc1d9a6cf8f20beea3f6fe063ea13
SSDEEP

1536:W7ZppApB7tlJ5OvtlJ5OwF7CujdyGdyMMkPMkspqpy:6pWpB7tcttFOui

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3054) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64_3.103.1.v20140903-1947.jar.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Java\jre7\lib\ext\dnsns.jar.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\mraut.dll.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Metlakatla.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Backgammon\de-DE\bckgzm.exe.mui.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\whitevignette1047.png.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Godthab.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\whitemask1047.png.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\.lastModified.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-queries.xml.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_de_DE.jar.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Rankin_Inlet.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ro-RO\tipresx.dll.mui.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationLeft_ButtonGraphic.png.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Java\jre7\lib\fonts\LucidaBrightRegular.ttf.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\VideoLAN\VLC\locale\mk\LC_MESSAGES\vlc.mo.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\tabskb.dll.mui.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\ea.xml.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Boise.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\IpsMigrationPlugin.dll.mui.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\sl.pak.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\PST8PDT.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer.ssl_1.0.0.v20140827-1444.jar.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\PresentationCore.resources.dll.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_VideoInset.png.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Bangkok.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Guayaquil.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\MST7MDT.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.SF.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\7-Zip\Lang\ky.txt.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_INTRO_BG_PAL.wmv.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\micaut.dll.mui.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\System.IdentityModel.Selectors.Resources.dll.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationRight_ButtonGraphic.png.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Yekaterinburg.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\eclipse.inf.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\VideoLAN\VLC\lua\intf\dummy.luac.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_ButtonGraphic.png.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\kinit.exe.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-coredump.jar.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvmstat_zh_CN.jar.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Baghdad.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Mozilla Firefox\firefox.exe.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\es\UIAutomationClientsideProviders.resources.dll.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Common Files\System\msadc\msdaprst.dll.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.core_2.3.0.v20131211-1531.jar.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationUp_ButtonGraphic.png.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Sao_Paulo.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Minsk.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\7-Zip\Lang\sl.txt.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Filters\odffilt.dll.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-ui.xml.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Java\jre7\lib\classlist.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Sitka.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Riga.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\dialogs\offset_window.html.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Common Files\System\msadc\de-DE\msadcor.dll.mui.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\javafx-font.dll.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\7-Zip\Lang\cs.txt.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\sports_disc_mask.png.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\de\System.Windows.Presentation.resources.dll.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Common Files\System\msadc\msadcer.dll.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\WindowsBase.resources.dll.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-attach.jar.tmp	78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe

C:\Users\Admin\AppData\Local\Temp\78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe
"C:\Users\Admin\AppData\Local\Temp\78f35d62a1e1e6f0e5c7d07d7bb0a700N.exe"
1⤵
- Drops file in Program Files directory
PID:2120

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3450744190-3404161390-554719085-1000\desktop.ini.tmp

Filesize
57KB

MD5
01783316c0e32a7427d7c8ff2b7a905d

SHA1
07db8f012869e490553d00a738f414a18f04b37e

SHA256
b6d1164a62f4bd8ff1a4eb6169d5fdcd9c85d79b84ee908f2e1b07eccb316962

SHA512
74979421834c9f7908198589e3c706c5c688353f40ca642460e5f084aba09d3a00193634a3c6f2388e67112c9c1cc270759a745ac2c024a3399d2df1a0bf2a33

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
65KB

MD5
f7bc55d9a785bd38f3c316aefacab0a4

SHA1
a406ecf4755566824b84c22b85a68036b3683a45

SHA256
5559b83d985b8386576b0e7ef4646f8a3e072aa6c674e45e315b18cc69e48600

SHA512
1197b38d19d5859b1d1df590ab4c345332ff763c06f7da0b1f8048d90f4aee038f451ec893428d9047db55021837ba3b010d45e9eda5343ea8693f24a83f825c

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads