dbf956759961f6e5555ea288d2b1778a5931ec38cd17d913ea1a720957cff5ca

Analysis

max time kernel
120s
max time network
20s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
23/07/2024, 07:57

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

891576b0cc9ce77d4df8e2a22b756320N.exe
Size

94KB
MD5

891576b0cc9ce77d4df8e2a22b756320
SHA1

c418182d681f3664ecebc6b6b3980063d870f75b
SHA256

dbf956759961f6e5555ea288d2b1778a5931ec38cd17d913ea1a720957cff5ca
SHA512

b1fca3610d521f095a2f841df42374d8ecfc6d55c29bb4c946931adeb3fb0f67268953838989b22b3e50fa9336a1e27193b87aec00dab2304de763689a658f27
SSDEEP

1536:W7ZhA7pApH1d9oVLQthbqbY9oVLQthbq51Rn6b+W+V76uSskCIWI7I2IMhKuAG:6e7WpP9oVLQthbYY9oVLQthbUvRIWI8M

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (224) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\InputPersonalization.exe.mui.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VC\msdia90.dll.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\content-background.png.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\Common Files\System\Ole DB\msdasqlr.dll.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Soft Blue.htm.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\Common Files\System\Ole DB\ja-JP\oledb32r.dll.mui.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\InputPersonalization.exe.mui.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\NextMenuButtonIcon.png.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\tipresx.dll.mui.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\Common Files\System\Ole DB\fr-FR\sqloledb.rll.mui.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\Common Files\System\msadc\fr-FR\msaddsr.dll.mui.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_specialocc_Thumbnail.bmp.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrusash.dat.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\Common Files\System\msadc\es-ES\msdaprsr.dll.mui.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\et-EE\tipresx.dll.mui.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Shades of Blue.htm.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonInset_Alpha1.png.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_glass.png.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\mip.exe.mui.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOInstallerUI.dll.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOMessageProvider.dll.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\DVD Maker\bod_r.TTF.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\DVD Maker\offset.ax.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\DVD Maker\rtstreamsink.ax.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_matte.wmv.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationRight_ButtonGraphic.png.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\7-Zip\Lang\ext.txt.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\tipresx.dll.mui.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\Common Files\System\ado\msado26.tlb.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationLeft_ButtonGraphic.png.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\Common Files\System\msadc\en-US\msadcer.dll.mui.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_buttongraphic.png.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\TipRes.dll.mui.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\osppobjs-spp-plugin-manifest-signed.xrm-ms.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationRight_ButtonGraphic.png.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\Common Files\System\msadc\fr-FR\msdaprsr.dll.mui.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationUp_SelectionSubpicture.png.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\IpsMigrationPlugin.dll.mui.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\ea.xml.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Page.wmv.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\7-Zip\Lang\uz-cyrl.txt.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\tr-TR\tipresx.dll.mui.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\Common Files\System\Ole DB\it-IT\msdasqlr.dll.mui.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationUp_SelectionSubpicture.png.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\NavigationButtonSubpicture.png.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\7-Zip\Lang\he.txt.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\TabIpsps.dll.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\blackbars60.png.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\ShapeCollector.exe.mui.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\Common Files\System\msadc\msadcs.dll.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\DVD Maker\it-IT\WMM2CLIP.dll.mui.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\720x480blacksquare.png.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\7-Zip\Lang\sq.txt.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\Common Files\System\msadc\de-DE\msadcer.dll.mui.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\Common Files\System\Ole DB\ja-JP\sqloledb.rll.mui.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\whitemask1047.png.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationLeft_SelectionSubpicture.png.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrenclm.dat.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\Common Files\System\fr-FR\wab32res.dll.mui.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\DvdTransform.fx.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\de-DE\MSTTSLoc.dll.mui.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\DVD Maker\directshowtap.ax.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXEV.DLL.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE.tmp	891576b0cc9ce77d4df8e2a22b756320N.exe

C:\Users\Admin\AppData\Local\Temp\891576b0cc9ce77d4df8e2a22b756320N.exe
"C:\Users\Admin\AppData\Local\Temp\891576b0cc9ce77d4df8e2a22b756320N.exe"
1⤵
- Drops file in Program Files directory
PID:2448

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2212144002-1172735686-1556890956-1000\desktop.ini.tmp

Filesize
95KB

MD5
f9eeed1f4ee4afc02efa38ac4d34bead

SHA1
2b5b6f4168804262cce661e004fc67e7883573d7

SHA256
e6cfb6c320670a882f92d4e563b680555a2ab64e0ef1ec48a9c55f964e602713

SHA512
65c544a7a53f4efca066185533eea6c653c789be678c5a77b82efdef536d25b8a5ceb9b0c6f4b194dc66c0bf14b3dfad7c0c3bb62924a7a5ca1528e6c0752b8a

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
104KB

MD5
ccffab5bc7132d8db897190cc2643cc0

SHA1
000f3c1e1f68b4b9d3a9a416397930b0ca0f7648

SHA256
a0881456c1e84b28aa50d87a3601c1cc210e8e644ba153b15b6484fd1bd9b608

SHA512
89ab85f8a488419e29ee5635871eaa9fa0303a29a20f790fe3ad3cc7a1d321539d9631cf452fc099253f2d8993cdf8c904fb0261f51e2d061c433e38704bb1f8

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads