Overview

overview

7

Static

static

394-202007...AS.jar

windows7_x64

1

394-202007...AS.jar

windows10_x64

7

Analysis

  • max time kernel
    88s
  • max time network
    137s
  • platform
    windows10_x64
  • resource
    win10
  • submitted
    09-07-2020 06:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    394-20200707-10-STRONGAS.jar

  • Size

    426KB

  • MD5

    f7d2e3baf446952c84c783d8dcb4ffb8

  • SHA1

    ed5ae96da0f0a2a7f5ec6bd76de124b494f6f09f

  • SHA256

    e2e7bb79269c7b3367b4ea7f96587a9bfc501d88b446181d13070788ba9bf543

  • SHA512

    e7f34108476bd26e45aa88574e69922ddb5a83b6149a69b513b8321f739bae330665f737bd5702d4a16878eed86903e641535ed86f47c5d3f9818e933c4f8d44

Score
7/10
spyware

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spyware
  • Looks up external IP address via web service 1 IoCs

    Uses a legitimate IP lookup service to find the infected system's external IP.

Processes

  • C:\ProgramData\Oracle\Java\javapath\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\394-20200707-10-STRONGAS.jar
    1⤵
    • Loads dropped DLL
    PID:4092

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\jna-63116079\jna150141889112168680.dll
    Download Submit

  • \Users\Admin\AppData\Local\Temp\sqlite-3.8.11.2-97a28dba-1971-4b30-821f-6b52b81f2bce-sqlitejdbc.dll
    Download Submit