62229e0f4da3175320dff7b4783a373c6ede87d20ca8caff6b21a3674610509c

Analysis

max time kernel
124s
max time network
138s
platform
windows10_x64
resource
win10-en-20210920
submitted
19-10-2021 14:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

PAYMENT SLIP .jar
Size

184KB
MD5

98f7c08f8008f97e210bfc4d00dbe4a1
SHA1

30f02ead4606acf7ffb8a9b3a1f2423475c3ff2e
SHA256

62229e0f4da3175320dff7b4783a373c6ede87d20ca8caff6b21a3674610509c
SHA512

3cc83e48aa36129876fef5b734efdc7aa35197b36fcc66840c4605dadab5b61159269a71e33425bb1c2f3bda2ae0f49666dca619fb399a10f7dd647c7cb94564

Score

4^/10

Malware Config

Signatures

Drops file in Program Files directory 12 IoCs

Processes:

java.exe

description	ioc	process
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\dll\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\symbols\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\symbols\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\symbols\dll\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\symbols\dll\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\dll\ntdll.pdb	java.exe

C:\ProgramData\Oracle\Java\javapath\java.exe
java -jar "C:\Users\Admin\AppData\Local\Temp\PAYMENT SLIP .jar"
1⤵
- Drops file in Program Files directory
PID:3608

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3608-115-0x00000000030A0000-0x0000000003310000-memory.dmp

Filesize
2.4MB

Download
memory/3608-116-0x00000000030A0000-0x0000000003310000-memory.dmp

Filesize
2.4MB

Download
memory/3608-117-0x0000000001100000-0x0000000001101000-memory.dmp

Filesize
4KB

Download
memory/3608-123-0x0000000003320000-0x0000000003330000-memory.dmp

Filesize
64KB

Download
memory/3608-122-0x0000000003310000-0x0000000003320000-memory.dmp

Filesize
64KB

Download
memory/3608-124-0x0000000001100000-0x0000000001101000-memory.dmp

Filesize
4KB

Download
memory/3608-125-0x0000000001100000-0x0000000001101000-memory.dmp

Filesize
4KB

Download
memory/3608-126-0x0000000003330000-0x0000000003340000-memory.dmp

Filesize
64KB

Download
memory/3608-129-0x0000000003350000-0x0000000003360000-memory.dmp

Filesize
64KB

Download
memory/3608-128-0x0000000003340000-0x0000000003350000-memory.dmp

Filesize
64KB

Download
memory/3608-130-0x0000000003360000-0x0000000003370000-memory.dmp

Filesize
64KB

Download
memory/3608-131-0x0000000003370000-0x0000000003380000-memory.dmp

Filesize
64KB

Download
memory/3608-133-0x0000000003390000-0x00000000033A0000-memory.dmp

Filesize
64KB

Download
memory/3608-132-0x0000000003380000-0x0000000003390000-memory.dmp

Filesize
64KB

Download
memory/3608-134-0x00000000033A0000-0x00000000033B0000-memory.dmp

Filesize
64KB

Download
memory/3608-137-0x00000000033B0000-0x00000000033C0000-memory.dmp

Filesize
64KB

Download
memory/3608-140-0x0000000001100000-0x0000000001101000-memory.dmp

Filesize
4KB

Download