General
-
Target
jre-8u281-windows-x64.exe
-
Size
79.7MB
-
Sample
210122-j4x17fr8s2
-
MD5
c6136758f1fec04a2f7f01249280c315
-
SHA1
5835e46596fe9f4dfe48fd5dd3947dc650d196ec
-
SHA256
27fd9a85f2b49ae6a11b15e36ab28c0493d5572357edf2990a65a2b56f1e1157
-
SHA512
045f33920fb3882d8f24c06e2179934601396636d2ddc360a2a6f03862e40b188506f8da530e4197e4a0e1c79cda48987e810425079377f357fbcf7950c6b030
Static task
static1
Behavioral task
behavioral1
Sample
jre-8u281-windows-x64.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
jre-8u281-windows-x64.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
jre-8u281-windows-x64.exe
-
Size
79.7MB
-
MD5
c6136758f1fec04a2f7f01249280c315
-
SHA1
5835e46596fe9f4dfe48fd5dd3947dc650d196ec
-
SHA256
27fd9a85f2b49ae6a11b15e36ab28c0493d5572357edf2990a65a2b56f1e1157
-
SHA512
045f33920fb3882d8f24c06e2179934601396636d2ddc360a2a6f03862e40b188506f8da530e4197e4a0e1c79cda48987e810425079377f357fbcf7950c6b030
Score10/10-
Registers COM server for autorun
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-