610bce46162ef33ab1af1e3962e720374f3505064de9fd92c9ed9f1f0b2c8e91

Analysis

Target

DHL SHIPPING DOCUMENT.jar
Size

103KB
MD5

20e131d47d02df6ee39aef32a059b841
SHA1

7a015f20fd4249787ea9c0593f786837913e340e
SHA256

610bce46162ef33ab1af1e3962e720374f3505064de9fd92c9ed9f1f0b2c8e91
SHA512

fd91579f9485d2cc3c579783300149a5ff2ab0b68218de3c9852a63a45127f4bb3073d1b6d0d113344d1db5abea985e5eca7c66d4fb091ad96f13e9271dbb621

Score

4^/10

Drops file in Program Files directory 12 IoCs

Processes:

java.exe

description	ioc	process
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\symbols\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\dll\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\symbols\dll\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\symbols\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\symbols\dll\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\dll\ntdll.pdb	java.exe

C:\ProgramData\Oracle\Java\javapath\java.exe
java -jar "C:\Users\Admin\AppData\Local\Temp\DHL SHIPPING DOCUMENT.jar"
1⤵
- Drops file in Program Files directory
PID:3892

memory/3892-114-0x0000000002960000-0x0000000002BD0000-memory.dmp

Filesize
2.4MB

Download
memory/3892-115-0x0000000000DF0000-0x0000000000DF1000-memory.dmp

Filesize
4KB

Download
memory/3892-118-0x0000000002BE0000-0x0000000002BF0000-memory.dmp

Filesize
64KB

Download
memory/3892-119-0x0000000002BF0000-0x0000000002C00000-memory.dmp

Filesize
64KB

Download
memory/3892-120-0x0000000002C00000-0x0000000002C10000-memory.dmp

Filesize
64KB

Download
memory/3892-117-0x0000000002BD0000-0x0000000002BE0000-memory.dmp

Filesize
64KB

Download