a985742aa72eea711233167de48e4d33cce04dece53b8182895e645dd85ac97a

Resubmissions

21-07-2021 23:07

210721-4c5n9ssv52 8

21-07-2021 23:06

210721-bm9hx52gs2 8

Analysis

max time kernel
47s
max time network
15s
platform
windows7_x64
resource
win7v20210408
submitted
21-07-2021 23:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

BrowserPrint-1.2.0.exe
Size

48.9MB
MD5

ee95ed90e3c8f1ae57a4a3b0fdbfb6a3
SHA1

8aab214c460a438c52a3fe5262e151013f45c10b
SHA256

a985742aa72eea711233167de48e4d33cce04dece53b8182895e645dd85ac97a
SHA512

dcc31c471ab9fc1cf231127f2d15d360c1cfb0405b905675285b01a8e8e311e772edfb146f4a91eb4d92f1801425346193ca0e9b1fbb465ec3f34dbfd0ffffb4

Score

8^/10

discovery

Malware Config

Signatures

Executes dropped EXE 3 IoCs

Processes:

BrowserPrint-1.2.0.tmpBrowserPrint.exejavaw.exe

pid process

1824 BrowserPrint-1.2.0.tmp
612 BrowserPrint.exe
864 javaw.exe

pid	process
1824	BrowserPrint-1.2.0.tmp
612	BrowserPrint.exe
864	javaw.exe

Loads dropped DLL 16 IoCs

Processes:

BrowserPrint-1.2.0.exeBrowserPrint-1.2.0.tmpBrowserPrint.exejavaw.exeWerFault.exe

pid	process
1020	BrowserPrint-1.2.0.exe
1824	BrowserPrint-1.2.0.tmp
1824	BrowserPrint-1.2.0.tmp
612	BrowserPrint.exe
612	BrowserPrint.exe
612	BrowserPrint.exe
864	javaw.exe
864	javaw.exe
864	javaw.exe
864	javaw.exe
864	javaw.exe
112	WerFault.exe
112	WerFault.exe
112	WerFault.exe
112	WerFault.exe
112	WerFault.exe

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in Program Files directory 64 IoCs

Processes:

BrowserPrint-1.2.0.tmp

description	ioc	process
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\lib\management\is-R6KDF.tmp	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\is-VN0P4.tmp	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\ZebraBrowserPrintDocsWebCodeExamples\docs\fonts\is-HFD8U.tmp	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\ZebraBrowserPrintDocsWebCodeExamples\docs\index_files\is-ORF9U.tmp	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\is-4QQC5.tmp	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\lib\deploy\is-3CKE5.tmp	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\lib\fonts\is-TRLGT.tmp	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\lib\ext\is-FAD4H.tmp	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\lib\is-U39OQ.tmp	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\ZebraBrowserPrintDocsWebCodeExamples\docs\index_files\is-F0PMR.tmp	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\is-MROPS.tmp	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\is-TQJ1J.tmp	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\is-5U4Q5.tmp	BrowserPrint-1.2.0.tmp
File opened for modification	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\ktab.exe	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\lib\deploy\is-6QVPA.tmp	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\lib\is-JMIAE.tmp	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\ZebraBrowserPrintDocsWebCodeExamples\sample\bootstrap\js\is-8C2H4.tmp	BrowserPrint-1.2.0.tmp
File opened for modification	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\dtplugin\npdeployJava1.dll	BrowserPrint-1.2.0.tmp
File opened for modification	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\java-rmi.exe	BrowserPrint-1.2.0.tmp
File opened for modification	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\mlib_image.dll	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\ZebraBrowserPrintDocsWebCodeExamples\docs\scripts\prettify\is-TU450.tmp	BrowserPrint-1.2.0.tmp
File opened for modification	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\t2k.dll	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\lib\fonts\is-NQSTU.tmp	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\ZebraBrowserPrintDocsWebCodeExamples\docs\index_files\is-4U4ON.tmp	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\is-HTBRU.tmp	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\is-AR5HE.tmp	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\lib\is-MSKGC.tmp	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\ZebraBrowserPrintDocsWebCodeExamples\docs\fonts\is-8UEAF.tmp	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\ZebraBrowserPrintDocsWebCodeExamples\docs\styles\is-37PKE.tmp	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\plugin2\is-5G7LG.tmp	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\is-71ECQ.tmp	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\is-CK91A.tmp	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\ZebraBrowserPrintDocsWebCodeExamples\docs\fonts\is-V78O0.tmp	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\ZebraBrowserPrintDocsWebCodeExamples\docs\index_files\is-1EPKU.tmp	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\ZebraBrowserPrintDocsWebCodeExamples\docs\styles\is-4MST5.tmp	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\ZebraBrowserPrintDocsWebCodeExamples\sample\bootstrap\css\is-TCCSF.tmp	BrowserPrint-1.2.0.tmp
File opened for modification	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\gstreamer-lite.dll	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\client\is-RM2LA.tmp	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\is-EVEJ3.tmp	BrowserPrint-1.2.0.tmp
File opened for modification	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\jawt.dll	BrowserPrint-1.2.0.tmp
File opened for modification	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\glib-lite.dll	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\is-HUVI4.tmp	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\ZebraBrowserPrintDocsWebCodeExamples\docs\index_files\is-FHMAD.tmp	BrowserPrint-1.2.0.tmp
File opened for modification	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\prism_common.dll	BrowserPrint-1.2.0.tmp
File opened for modification	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\npt.dll	BrowserPrint-1.2.0.tmp
File opened for modification	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\management.dll	BrowserPrint-1.2.0.tmp
File opened for modification	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\jfxmedia.dll	BrowserPrint-1.2.0.tmp
File opened for modification	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\jdwp.dll	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\is-IN6NA.tmp	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\is-9P0EL.tmp	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\ZebraBrowserPrintDocsWebCodeExamples\docs\fonts\is-8F504.tmp	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\ZebraBrowserPrintDocsWebCodeExamples\docs\scripts\prettify\is-26520.tmp	BrowserPrint-1.2.0.tmp
File opened for modification	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\BrowserPrint.exe	BrowserPrint-1.2.0.tmp
File opened for modification	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\wsdetect.dll	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\is-QS345.tmp	BrowserPrint-1.2.0.tmp
File opened for modification	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\jaas_nt.dll	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\is-MDKSI.tmp	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\is-EGQS1.tmp	BrowserPrint-1.2.0.tmp
File opened for modification	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\jsoundds.dll	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\lib\fonts\is-FJEL0.tmp	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\lib\is-90MTN.tmp	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\lib\images\cursors\is-LKEIN.tmp	BrowserPrint-1.2.0.tmp
File created	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\lib\is-6KFC9.tmp	BrowserPrint-1.2.0.tmp
File opened for modification	C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\sunec.dll	BrowserPrint-1.2.0.tmp

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

System Information Discovery
T1082
Program crash 1 IoCs

Processes:

WerFault.exe

pid pid_target process target process

112 864 WerFault.exe javaw.exe
Suspicious behavior: EnumeratesProcesses 7 IoCs

Processes:

BrowserPrint-1.2.0.tmpWerFault.exe

pid process

1824 BrowserPrint-1.2.0.tmp
1824 BrowserPrint-1.2.0.tmp
112 WerFault.exe
112 WerFault.exe
112 WerFault.exe
112 WerFault.exe
112 WerFault.exe
Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes:

WerFault.exe

description pid process

Token: SeDebugPrivilege 112 WerFault.exe
Suspicious use of FindShellTrayWindow 1 IoCs

Processes:

BrowserPrint-1.2.0.tmp

pid process

1824 BrowserPrint-1.2.0.tmp

pid	pid_target	process	target process
112	864	WerFault.exe	javaw.exe

pid	process
1824	BrowserPrint-1.2.0.tmp
1824	BrowserPrint-1.2.0.tmp
112	WerFault.exe
112	WerFault.exe
112	WerFault.exe
112	WerFault.exe
112	WerFault.exe

description	pid	process
Token: SeDebugPrivilege	112	WerFault.exe

pid	process
1824	BrowserPrint-1.2.0.tmp

Suspicious use of WriteProcessMemory 19 IoCs

Processes:

BrowserPrint-1.2.0.exeBrowserPrint-1.2.0.tmpBrowserPrint.exejavaw.exe

description	pid	process	target process
PID 1020 wrote to memory of 1824	1020	BrowserPrint-1.2.0.exe	BrowserPrint-1.2.0.tmp
PID 1020 wrote to memory of 1824	1020	BrowserPrint-1.2.0.exe	BrowserPrint-1.2.0.tmp
PID 1020 wrote to memory of 1824	1020	BrowserPrint-1.2.0.exe	BrowserPrint-1.2.0.tmp
PID 1020 wrote to memory of 1824	1020	BrowserPrint-1.2.0.exe	BrowserPrint-1.2.0.tmp
PID 1020 wrote to memory of 1824	1020	BrowserPrint-1.2.0.exe	BrowserPrint-1.2.0.tmp
PID 1020 wrote to memory of 1824	1020	BrowserPrint-1.2.0.exe	BrowserPrint-1.2.0.tmp
PID 1020 wrote to memory of 1824	1020	BrowserPrint-1.2.0.exe	BrowserPrint-1.2.0.tmp
PID 1824 wrote to memory of 612	1824	BrowserPrint-1.2.0.tmp	BrowserPrint.exe
PID 1824 wrote to memory of 612	1824	BrowserPrint-1.2.0.tmp	BrowserPrint.exe
PID 1824 wrote to memory of 612	1824	BrowserPrint-1.2.0.tmp	BrowserPrint.exe
PID 1824 wrote to memory of 612	1824	BrowserPrint-1.2.0.tmp	BrowserPrint.exe
PID 612 wrote to memory of 864	612	BrowserPrint.exe	javaw.exe
PID 612 wrote to memory of 864	612	BrowserPrint.exe	javaw.exe
PID 612 wrote to memory of 864	612	BrowserPrint.exe	javaw.exe
PID 612 wrote to memory of 864	612	BrowserPrint.exe	javaw.exe
PID 864 wrote to memory of 112	864	javaw.exe	WerFault.exe
PID 864 wrote to memory of 112	864	javaw.exe	WerFault.exe
PID 864 wrote to memory of 112	864	javaw.exe	WerFault.exe
PID 864 wrote to memory of 112	864	javaw.exe	WerFault.exe

C:\Users\Admin\AppData\Local\Temp\BrowserPrint-1.2.0.exe
"C:\Users\Admin\AppData\Local\Temp\BrowserPrint-1.2.0.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:1020

C:\Users\Admin\AppData\Local\Temp\is-U949L.tmp\BrowserPrint-1.2.0.tmp
"C:\Users\Admin\AppData\Local\Temp\is-U949L.tmp\BrowserPrint-1.2.0.tmp" /SL5="$40156,51020289,153088,C:\Users\Admin\AppData\Local\Temp\BrowserPrint-1.2.0.exe"
2⤵
- Executes dropped EXE
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of FindShellTrayWindow
- Suspicious use of WriteProcessMemory
PID:1824

C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\BrowserPrint.exe
"C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\BrowserPrint.exe"
3⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:612

C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\javaw.exe
"C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\.\jre\bin\javaw.exe" -classpath "C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\BrowserPrint.exe;lib\hidapi-1.1.jar;lib\ZebraImageConverter-1.2.0.jar;lib\ZebraJavaComLib-2.0.jar;lib\ZebraWebDriverInterface-1.2.0.jar;lib\ZebraWebDriverCore-0.9.8.jar;lib\slf4j-api-1.7.13.jar;lib\logback-classic-0.9.26.jar;lib\logback-core-0.9.26.jar" com.zebra.ds.webdriver.desktop.Main
4⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:864

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 864 -s 192
5⤵
- Loads dropped DLL
- Program crash
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:112

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\BrowserPrint.exe
MD5
97223936e852ccdf1feb5cdcc4834954

SHA1
a5bee9becf88faab6dade5110672b22b14762fd8

SHA256
e54d204b81b95466ff7195c563201c3547eae03fae08d531f3420f84c4db0fef

SHA512
54f7b85d641cf13363076c0997ac1514aad01b43bae4ea50fe3069cabee24358348cafd4a41c16f661ba874ba2f8cd0cb819180df9313495c4f0fbefe7e39a56

Download Submit
C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\client\jvm.dll
MD5
3ea890eb92277d00c33b1b95bf0ae363

SHA1
cbd99756f3a79f15805868be5e177dc122351f5c

SHA256
dcd4b8ba604ffa3c26b64a957b33f37939286cdb5d331cfdede997e38a6e916f

SHA512
e03eca9da3d8879385fb50db919f751bbc32ee57f1a19bdb725c2669d3818fb51bf0effe9b8b7499eb3dbd5bc91869b87a5b61f21d82694785176cb44b6ee8a4

Download Submit
C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\java.dll
MD5
b0a672c368fcd93030bda22bbcf5a704

SHA1
bc4edfe730143ae56fefb5e71b6d378c992286a4

SHA256
91af7593b939f7d64704f97bfa93cc89fbee1f13af8f5a8413ff475c8fdedd2d

SHA512
0308a2559ef86122a8aa4ba6b0aa1eba6062b4ebc90e02adb114c13c0c4d5928e32620ef4e1f067decea3a3cdcd8bcb244ffca6794614a829d968cff21d08452

Download Submit
C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\javaw.exe
MD5
4e022c0940633a9538892cb26b65bd0d

SHA1
2eaa5ddcedbcb0505dfab01ea77e742fdcf1fc66

SHA256
66df65ae4b5b7a5ab01a287c0e32b1ab8d94a8657d951946591dff07d74daf8a

SHA512
13fc11bd956be02c60989d21621fe4040f22aa6b17ac4146ab9d8985aabe82662f786a18d3c0a2308decf7f249d1e3b12883f28507f04aed81667957e46824a2

Download Submit
C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\javaw.exe
MD5
4e022c0940633a9538892cb26b65bd0d

SHA1
2eaa5ddcedbcb0505dfab01ea77e742fdcf1fc66

SHA256
66df65ae4b5b7a5ab01a287c0e32b1ab8d94a8657d951946591dff07d74daf8a

SHA512
13fc11bd956be02c60989d21621fe4040f22aa6b17ac4146ab9d8985aabe82662f786a18d3c0a2308decf7f249d1e3b12883f28507f04aed81667957e46824a2

Download Submit
C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\msvcr100.dll
MD5
bf38660a9125935658cfa3e53fdc7d65

SHA1
0b51fb415ec89848f339f8989d323bea722bfd70

SHA256
60c06e0fa4449314da3a0a87c1a9d9577df99226f943637e06f61188e5862efa

SHA512
25f521ffe25a950d0f1a4de63b04cb62e2a3b0e72e7405799586913208bf8f8fa52aa34e96a9cc6ee47afcd41870f3aa0cd8289c53461d1b6e792d19b750c9a1

Download Submit
C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\verify.dll
MD5
be0d5a12304f91dbddd43ca4e71db76b

SHA1
79e61f2ca096e76ab973b06ecf5b421a50e2818f

SHA256
88a943f8955eeb04c08083dd30ad2a2a503eeb0c0c166934698e414e7c7b2812

SHA512
4710b627ed278bdb69ebf97624dae05136b151b2b3826c5539c9d7e7daa5049da3c05bfd204e3bc6a2777b52a9c5a11d7ff6c6082c304780dc802ddf8423df01

Download Submit
C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\zip.dll
MD5
c48e496b9d614179829d5d2852283797

SHA1
47e6fc2963f6bed6ff7e28f0e54b37f18bb4fd72

SHA256
142e8506773a3bd185400b5bba50a13eed364188d52edf1bd66b5039c4cd024a

SHA512
d89e1c4ee867e693659b072173410f9f1058db31c58de272c4e4a76b367ef6aeb34a4dfca297e6c3c99cd834b9b45290e4243fa3265d153ef12dfa90934db406

Download Submit
C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\lib\i386\jvm.cfg
MD5
9aef14a90600cd453c4e472ba83c441f

SHA1
10c53c9fe9970d41a84cb45c883ea6c386482199

SHA256
9e86b24ff2b19d814bbaedd92df9f0e1ae86bf11a86a92989c9f91f959b736e1

SHA512
481562547bf9e37d270d9a2881ac9c86fc8f928b5c176e9baf6b8f7b72fb9827c84ef0c84b60894656a6e82dd141779b8d283c6e7a0e85d2829ea071c6db7d14

Download Submit
C:\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\lib\meta-index
MD5
91aa6ea7320140f30379f758d626e59d

SHA1
3be2febe28723b1033ccdaa110eaf59bbd6d1f96

SHA256
4af21954cdf398d1eae795b6886ca2581dac9f2f1d41c98c6ed9b5dbc3e3c1d4

SHA512
03428803f1d644d89eb4c0dcbdea93acaac366d35fc1356ccabf83473f4fef7924edb771e44c721103cec22d94a179f092d1bfd1c0a62130f076eb82a826d7cb

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-U949L.tmp\BrowserPrint-1.2.0.tmp
MD5
e0b435be990bf1d19374bae02e7b45f8

SHA1
3f614954b594b7a658f8aa297cc3e022874c995a

SHA256
b6bb2389248014fd3a5f09913503243c85dc95e9050880437a1d54690c79e528

SHA512
4cc403758ce85634fae79103cfe03545cfd932173118e2379b1131175f2d555b2abb23729406308e8ff53259d0f375a59f892833a277602e457c7757867dfd6e

Download Submit
C:\Users\Admin\AppData\Local\Temp\is-U949L.tmp\BrowserPrint-1.2.0.tmp
MD5
e0b435be990bf1d19374bae02e7b45f8

SHA1
3f614954b594b7a658f8aa297cc3e022874c995a

SHA256
b6bb2389248014fd3a5f09913503243c85dc95e9050880437a1d54690c79e528

SHA512
4cc403758ce85634fae79103cfe03545cfd932173118e2379b1131175f2d555b2abb23729406308e8ff53259d0f375a59f892833a277602e457c7757867dfd6e

Download Submit
\Program Files (x86)\Zebra Technologies\Zebra Browser Print\BrowserPrint.exe
MD5
97223936e852ccdf1feb5cdcc4834954

SHA1
a5bee9becf88faab6dade5110672b22b14762fd8

SHA256
e54d204b81b95466ff7195c563201c3547eae03fae08d531f3420f84c4db0fef

SHA512
54f7b85d641cf13363076c0997ac1514aad01b43bae4ea50fe3069cabee24358348cafd4a41c16f661ba874ba2f8cd0cb819180df9313495c4f0fbefe7e39a56

Download Submit
\Program Files (x86)\Zebra Technologies\Zebra Browser Print\BrowserPrint.exe
MD5
97223936e852ccdf1feb5cdcc4834954

SHA1
a5bee9becf88faab6dade5110672b22b14762fd8

SHA256
e54d204b81b95466ff7195c563201c3547eae03fae08d531f3420f84c4db0fef

SHA512
54f7b85d641cf13363076c0997ac1514aad01b43bae4ea50fe3069cabee24358348cafd4a41c16f661ba874ba2f8cd0cb819180df9313495c4f0fbefe7e39a56

Download Submit
\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\client\jvm.dll
MD5
3ea890eb92277d00c33b1b95bf0ae363

SHA1
cbd99756f3a79f15805868be5e177dc122351f5c

SHA256
dcd4b8ba604ffa3c26b64a957b33f37939286cdb5d331cfdede997e38a6e916f

SHA512
e03eca9da3d8879385fb50db919f751bbc32ee57f1a19bdb725c2669d3818fb51bf0effe9b8b7499eb3dbd5bc91869b87a5b61f21d82694785176cb44b6ee8a4

Download Submit
\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\java.dll
MD5
b0a672c368fcd93030bda22bbcf5a704

SHA1
bc4edfe730143ae56fefb5e71b6d378c992286a4

SHA256
91af7593b939f7d64704f97bfa93cc89fbee1f13af8f5a8413ff475c8fdedd2d

SHA512
0308a2559ef86122a8aa4ba6b0aa1eba6062b4ebc90e02adb114c13c0c4d5928e32620ef4e1f067decea3a3cdcd8bcb244ffca6794614a829d968cff21d08452

Download Submit
\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\java.dll
MD5
b0a672c368fcd93030bda22bbcf5a704

SHA1
bc4edfe730143ae56fefb5e71b6d378c992286a4

SHA256
91af7593b939f7d64704f97bfa93cc89fbee1f13af8f5a8413ff475c8fdedd2d

SHA512
0308a2559ef86122a8aa4ba6b0aa1eba6062b4ebc90e02adb114c13c0c4d5928e32620ef4e1f067decea3a3cdcd8bcb244ffca6794614a829d968cff21d08452

Download Submit
\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\java.dll
MD5
b0a672c368fcd93030bda22bbcf5a704

SHA1
bc4edfe730143ae56fefb5e71b6d378c992286a4

SHA256
91af7593b939f7d64704f97bfa93cc89fbee1f13af8f5a8413ff475c8fdedd2d

SHA512
0308a2559ef86122a8aa4ba6b0aa1eba6062b4ebc90e02adb114c13c0c4d5928e32620ef4e1f067decea3a3cdcd8bcb244ffca6794614a829d968cff21d08452

Download Submit
\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\javaw.exe
MD5
4e022c0940633a9538892cb26b65bd0d

SHA1
2eaa5ddcedbcb0505dfab01ea77e742fdcf1fc66

SHA256
66df65ae4b5b7a5ab01a287c0e32b1ab8d94a8657d951946591dff07d74daf8a

SHA512
13fc11bd956be02c60989d21621fe4040f22aa6b17ac4146ab9d8985aabe82662f786a18d3c0a2308decf7f249d1e3b12883f28507f04aed81667957e46824a2

Download Submit
\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\javaw.exe
MD5
4e022c0940633a9538892cb26b65bd0d

SHA1
2eaa5ddcedbcb0505dfab01ea77e742fdcf1fc66

SHA256
66df65ae4b5b7a5ab01a287c0e32b1ab8d94a8657d951946591dff07d74daf8a

SHA512
13fc11bd956be02c60989d21621fe4040f22aa6b17ac4146ab9d8985aabe82662f786a18d3c0a2308decf7f249d1e3b12883f28507f04aed81667957e46824a2

Download Submit
\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\javaw.exe
MD5
4e022c0940633a9538892cb26b65bd0d

SHA1
2eaa5ddcedbcb0505dfab01ea77e742fdcf1fc66

SHA256
66df65ae4b5b7a5ab01a287c0e32b1ab8d94a8657d951946591dff07d74daf8a

SHA512
13fc11bd956be02c60989d21621fe4040f22aa6b17ac4146ab9d8985aabe82662f786a18d3c0a2308decf7f249d1e3b12883f28507f04aed81667957e46824a2

Download Submit
\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\javaw.exe
MD5
4e022c0940633a9538892cb26b65bd0d

SHA1
2eaa5ddcedbcb0505dfab01ea77e742fdcf1fc66

SHA256
66df65ae4b5b7a5ab01a287c0e32b1ab8d94a8657d951946591dff07d74daf8a

SHA512
13fc11bd956be02c60989d21621fe4040f22aa6b17ac4146ab9d8985aabe82662f786a18d3c0a2308decf7f249d1e3b12883f28507f04aed81667957e46824a2

Download Submit
\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\javaw.exe
MD5
4e022c0940633a9538892cb26b65bd0d

SHA1
2eaa5ddcedbcb0505dfab01ea77e742fdcf1fc66

SHA256
66df65ae4b5b7a5ab01a287c0e32b1ab8d94a8657d951946591dff07d74daf8a

SHA512
13fc11bd956be02c60989d21621fe4040f22aa6b17ac4146ab9d8985aabe82662f786a18d3c0a2308decf7f249d1e3b12883f28507f04aed81667957e46824a2

Download Submit
\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\javaw.exe
MD5
4e022c0940633a9538892cb26b65bd0d

SHA1
2eaa5ddcedbcb0505dfab01ea77e742fdcf1fc66

SHA256
66df65ae4b5b7a5ab01a287c0e32b1ab8d94a8657d951946591dff07d74daf8a

SHA512
13fc11bd956be02c60989d21621fe4040f22aa6b17ac4146ab9d8985aabe82662f786a18d3c0a2308decf7f249d1e3b12883f28507f04aed81667957e46824a2

Download Submit
\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\msvcr100.dll
MD5
bf38660a9125935658cfa3e53fdc7d65

SHA1
0b51fb415ec89848f339f8989d323bea722bfd70

SHA256
60c06e0fa4449314da3a0a87c1a9d9577df99226f943637e06f61188e5862efa

SHA512
25f521ffe25a950d0f1a4de63b04cb62e2a3b0e72e7405799586913208bf8f8fa52aa34e96a9cc6ee47afcd41870f3aa0cd8289c53461d1b6e792d19b750c9a1

Download Submit
\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\verify.dll
MD5
be0d5a12304f91dbddd43ca4e71db76b

SHA1
79e61f2ca096e76ab973b06ecf5b421a50e2818f

SHA256
88a943f8955eeb04c08083dd30ad2a2a503eeb0c0c166934698e414e7c7b2812

SHA512
4710b627ed278bdb69ebf97624dae05136b151b2b3826c5539c9d7e7daa5049da3c05bfd204e3bc6a2777b52a9c5a11d7ff6c6082c304780dc802ddf8423df01

Download Submit
\Program Files (x86)\Zebra Technologies\Zebra Browser Print\jre\bin\zip.dll
MD5
c48e496b9d614179829d5d2852283797

SHA1
47e6fc2963f6bed6ff7e28f0e54b37f18bb4fd72

SHA256
142e8506773a3bd185400b5bba50a13eed364188d52edf1bd66b5039c4cd024a

SHA512
d89e1c4ee867e693659b072173410f9f1058db31c58de272c4e4a76b367ef6aeb34a4dfca297e6c3c99cd834b9b45290e4243fa3265d153ef12dfa90934db406

Download Submit
\Users\Admin\AppData\Local\Temp\is-U949L.tmp\BrowserPrint-1.2.0.tmp
MD5
e0b435be990bf1d19374bae02e7b45f8

SHA1
3f614954b594b7a658f8aa297cc3e022874c995a

SHA256
b6bb2389248014fd3a5f09913503243c85dc95e9050880437a1d54690c79e528

SHA512
4cc403758ce85634fae79103cfe03545cfd932173118e2379b1131175f2d555b2abb23729406308e8ff53259d0f375a59f892833a277602e457c7757867dfd6e

Download Submit
memory/112-93-0x0000000000000000-mapping.dmp

Download
memory/112-99-0x0000000000460000-0x0000000000461000-memory.dmp

Filesize
4KB

Download
memory/612-72-0x0000000000000000-mapping.dmp

Download
memory/864-80-0x0000000000000000-mapping.dmp

Download
memory/1020-60-0x0000000075451000-0x0000000075453000-memory.dmp

Filesize
8KB

Download
memory/1020-66-0x0000000000400000-0x000000000042C000-memory.dmp

Filesize
176KB

Download
memory/1824-63-0x0000000000000000-mapping.dmp

Download
memory/1824-67-0x0000000000240000-0x0000000000241000-memory.dmp

Filesize
4KB

Download
memory/1824-68-0x00000000744D1000-0x00000000744D3000-memory.dmp

Filesize
8KB

Download

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix ATT&CK v6

Replay Monitor

Loading Replay Monitor...

Downloads