Analysis

  • max time kernel
    123s
  • max time network
    129s
  • platform
    windows10_x64
  • resource
    win10-en-20211104
  • submitted
    07/12/2021, 15:33

General

  • Target

    DOCUMENTS FOR SHIPMENTS PDF XLS.jar

  • Size

    284KB

  • MD5

    651a47b5e2e3638430e6148e79a7e23b

  • SHA1

    c8aaea1eaace67c045413c445d17c71af3e8c0fa

  • SHA256

    bb3be9616c4b23e2f5cda17b56b8656a5d71f643fdf545056c97a242b69a6115

  • SHA512

    3f680a9e80eff306ad4386991b33fe1d171eec0d8c1ad3f1e8c4d9322275f049befa0ada6cb53e8f01cda3809bb29e454cdade59c22ae20cfc53add056ff2324

Score
4/10

Malware Config

Signatures

  • Drops file in Program Files directory 12 IoCs

Processes

  • C:\ProgramData\Oracle\Java\javapath\java.exe
    java -jar "C:\Users\Admin\AppData\Local\Temp\DOCUMENTS FOR SHIPMENTS PDF XLS.jar"
    1⤵
    • Drops file in Program Files directory
    PID:2580

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2580-118-0x0000000002A00000-0x0000000002C70000-memory.dmp

          Filesize

          2.4MB

        • memory/2580-119-0x0000000002A00000-0x0000000002C70000-memory.dmp

          Filesize

          2.4MB

        • memory/2580-120-0x0000000000A00000-0x0000000000A01000-memory.dmp

          Filesize

          4KB

        • memory/2580-123-0x0000000002C90000-0x0000000002CA0000-memory.dmp

          Filesize

          64KB

        • memory/2580-121-0x0000000002C70000-0x0000000002C80000-memory.dmp

          Filesize

          64KB

        • memory/2580-122-0x0000000002C80000-0x0000000002C90000-memory.dmp

          Filesize

          64KB

        • memory/2580-124-0x0000000002CA0000-0x0000000002CB0000-memory.dmp

          Filesize

          64KB

        • memory/2580-125-0x0000000002CB0000-0x0000000002CC0000-memory.dmp

          Filesize

          64KB

        • memory/2580-126-0x0000000002CC0000-0x0000000002CD0000-memory.dmp

          Filesize

          64KB

        • memory/2580-127-0x0000000002CD0000-0x0000000002CE0000-memory.dmp

          Filesize

          64KB

        • memory/2580-128-0x0000000002CE0000-0x0000000002CF0000-memory.dmp

          Filesize

          64KB