91450c079b924cdbe85c774ac414ee8824cb4182764c51c11c7f0a6fcf11b800

Analysis

Target

customers copy.jar
Size

88KB
MD5

eea14a16697f39254b109e80476df4ce
SHA1

b165b2f689c77bdd872aff204a2549a144ea2671
SHA256

91450c079b924cdbe85c774ac414ee8824cb4182764c51c11c7f0a6fcf11b800
SHA512

09a9c2891b022f07d6e31bcf393816a36bd6ab26559eb58fee1e3fa61adb9941162592f422fc9302fb9b2d8feac2bdd676bf011c00583403b2333ef010ee283f

Score

4^/10

Drops file in Program Files directory 12 IoCs

Processes:

java.exe

description	ioc	process
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\symbols\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\symbols\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\symbols\dll\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\dll\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\symbols\dll\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\dll\ntdll.pdb	java.exe

C:\ProgramData\Oracle\Java\javapath\java.exe
java -jar "C:\Users\Admin\AppData\Local\Temp\customers copy.jar"
1⤵
- Drops file in Program Files directory
PID:572

memory/572-114-0x00000000028E0000-0x0000000002B50000-memory.dmp

Filesize
2.4MB

Download
memory/572-115-0x0000000000DB0000-0x0000000000DB1000-memory.dmp

Filesize
4KB

Download
memory/572-119-0x0000000002B50000-0x0000000002B60000-memory.dmp

Filesize
64KB

Download
memory/572-120-0x0000000002B60000-0x0000000002B70000-memory.dmp

Filesize
64KB

Download
memory/572-121-0x0000000000DB0000-0x0000000000DB1000-memory.dmp

Filesize
4KB

Download
memory/572-122-0x0000000002B70000-0x0000000002B80000-memory.dmp

Filesize
64KB

Download
memory/572-125-0x0000000002B80000-0x0000000002B90000-memory.dmp

Filesize
64KB

Download
memory/572-126-0x0000000002B90000-0x0000000002BA0000-memory.dmp

Filesize
64KB

Download
memory/572-127-0x0000000002BA0000-0x0000000002BB0000-memory.dmp

Filesize
64KB

Download