Analysis
-
max time kernel
114s -
max time network
117s -
platform
windows10_x64 -
resource
win10v200217 -
submitted
06-04-2020 18:35
Static task
static1
Behavioral task
behavioral1
Sample
PAYMENT_119091031_JFR.jar
Resource
win7v200217
Behavioral task
behavioral2
Sample
PAYMENT_119091031_JFR.jar
Resource
win10v200217
General
-
Target
PAYMENT_119091031_JFR.jar
-
Size
426KB
-
MD5
27a541da018bec205bec18d5aa85978c
-
SHA1
78bbe6410bcb92dba2787f2c3d29c0f7db810b16
-
SHA256
f4b5451809e69cc848d835a918c59bb79d449a11daed519743fedb5545127c74
-
SHA512
a060639082b838b15ffa1c551955a506157952f1a4671683ed28b76dbfceea9c869025f388cc9c9c73b4fc5c41fcc2986c9cc75395c757eec3a3ee79a9413d24
Score
7/10
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
Processes:
java.exepid process 3896 java.exe -
Looks up external IP address via web service 1 IoCs
Uses a legitimate IP lookup service to find the infected system's external IP.
Processes:
flow ioc 12 bot.whatismyipaddress.com
Processes
-
C:\ProgramData\Oracle\Java\javapath\java.exejava -jar C:\Users\Admin\AppData\Local\Temp\PAYMENT_119091031_JFR.jarLoads dropped DLL
Network
MITRE ATT&CK Matrix
Replay Monitor
00:00
00:00
Loading data