ba3064af7a45ab3ac91373237c51c4a155ae5cc941a9790d9f4d165da2cf56c7

Analysis

Target

11.jar
Size

101KB
MD5

5e745784abc1b967a777873bc1a601de
SHA1

f94bd99c14a6aeff9e25eb847a688c28f9c3e283
SHA256

ba3064af7a45ab3ac91373237c51c4a155ae5cc941a9790d9f4d165da2cf56c7
SHA512

180a5bea8e7613cda7373719f8534b1216702f87927b7d27528fabbfbef04b8d8d0024515414ca169f7d9adee28d013f06eee18881879cb8bdb00e7bee733897

Score

4^/10

Drops file in Program Files directory 12 IoCs

Processes:

java.exe

description	ioc	process
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\dll\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\symbols\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\dll\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\symbols\dll\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\symbols\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\symbols\dll\ntdll.pdb	java.exe

C:\ProgramData\Oracle\Java\javapath\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\11.jar
1⤵
- Drops file in Program Files directory
PID:3624

memory/3624-114-0x0000000002D00000-0x0000000002F70000-memory.dmp

Filesize
2.4MB

Download
memory/3624-115-0x00000000009B0000-0x00000000009B1000-memory.dmp

Filesize
4KB

Download
memory/3624-116-0x00000000009B0000-0x00000000009B1000-memory.dmp

Filesize
4KB

Download
memory/3624-119-0x0000000002F80000-0x0000000002F90000-memory.dmp

Filesize
64KB

Download
memory/3624-118-0x00000000009B0000-0x00000000009B1000-memory.dmp

Filesize
4KB

Download
memory/3624-117-0x0000000002F70000-0x0000000002F80000-memory.dmp

Filesize
64KB

Download
memory/3624-120-0x0000000002F90000-0x0000000002FA0000-memory.dmp

Filesize
64KB

Download
memory/3624-121-0x0000000002FA0000-0x0000000002FB0000-memory.dmp

Filesize
64KB

Download
memory/3624-122-0x0000000002FB0000-0x0000000002FC0000-memory.dmp

Filesize
64KB

Download
memory/3624-123-0x0000000002FC0000-0x0000000002FD0000-memory.dmp

Filesize
64KB

Download