51a2b32805d812c7e6751db7f96ec55ecbcd8ba2f11255b7dc1e14c217ca4296

Analysis

Target

1BhmQQkiR5BrTs5yBLUVwWjLMfQhv4xjUX.jar
Size

82KB
MD5

d10be3b2f79d96289b9dd6b5c490958f
SHA1

1ae1890ecfc07b2e3439b175de489d500a787fa4
SHA256

51a2b32805d812c7e6751db7f96ec55ecbcd8ba2f11255b7dc1e14c217ca4296
SHA512

85958379f4338bbd33eafde3c39b3135620b1e3cb11416e750ad82c4df6b882cdde6107c73af3f89d83190265377424bf030c04b31161390352cbbbf1fd73c09

Score

4^/10

Drops file in Program Files directory 12 IoCs

Processes:

java.exe

description	ioc	process
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\symbols\dll\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\dll\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\symbols\dll\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\symbols\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\symbols\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\dll\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\jvm.pdb	java.exe

C:\ProgramData\Oracle\Java\javapath\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\1BhmQQkiR5BrTs5yBLUVwWjLMfQhv4xjUX.jar
1⤵
- Drops file in Program Files directory
PID:808

memory/808-114-0x0000000002E80000-0x00000000030F0000-memory.dmp

Filesize
2.4MB

Download
memory/808-115-0x0000000000D20000-0x0000000000D21000-memory.dmp

Filesize
4KB

Download
memory/808-116-0x00000000030F0000-0x0000000003100000-memory.dmp

Filesize
64KB

Download
memory/808-117-0x0000000000D20000-0x0000000000D21000-memory.dmp

Filesize
4KB

Download
memory/808-119-0x0000000003110000-0x0000000003120000-memory.dmp

Filesize
64KB

Download
memory/808-120-0x0000000003120000-0x0000000003130000-memory.dmp

Filesize
64KB

Download
memory/808-118-0x0000000003100000-0x0000000003110000-memory.dmp

Filesize
64KB

Download
memory/808-121-0x0000000000D20000-0x0000000000D21000-memory.dmp

Filesize
4KB

Download