2a255e4b24bb20cdd28ec47d406aa759f08d568226955825f098e064fae9a5d8

Sharing

Copy URL

Twitter E-mail

General

Target

COVA-dependabot-maven-cova-com.fasterxml.jackson.core-jackson-databind-2.9.10.8.zip
Size

137.1MB
Sample

220102-vb3y7safa7
MD5

dbc11d6c660e3f88724b693751065b09
SHA1

d6319d33d1dc69729e2b8379f5ed85f4240d1c1c
SHA256

2a255e4b24bb20cdd28ec47d406aa759f08d568226955825f098e064fae9a5d8
SHA512

0774ef170411d6876ef4bed86ad0c4dd0917bf3887cdb3edf703cdff0ab0f14e306fa26cc7a5f386d6b4f82490d55852ecc5e6e9493e5b70ac488f36e950d797

Score

10^/10

Malware Config

Targets

- Target
  
  COVA-dependabot-maven-cova-com.fasterxml.jackson.core-jackson-databind-2.9.10.8/cova/localLibs/z3-4.5.0-x64-win/bin/python/z3/z3poly.py
- Size
  
  1KB
- MD5
  
  5dacc8d87e832fc60c6fa57acd9df67c
- SHA1
  
  4afaf3bf451d88ae403b50d15d6109bdcea51c5b
- SHA256
  
  dcd0c530344384b0eb7009ac99491da316d3e8d56d9220a3d364c2ae953ec2ae
- SHA512
  
  47fe96a4524157016888f4c8f046d08fb28726b4d21e0197c0767a4f7b291bfecb24f01032791848bb4172f2323c1cf60b642200d0f71e31dbe99a464ca40524
Score

1^/10
behavioral1 behavioral2
- Target
  
  COVA-dependabot-maven-cova-com.fasterxml.jackson.core-jackson-databind-2.9.10.8/cova/localLibs/z3-4.5.0-x64-win/bin/python/z3/z3poly.pyc
- Size
  
  1KB
- MD5
  
  86fdb6f209ae1da53101488b9dc4461a
- SHA1
  
  4f708c8bcceb9efd324874e2356549d65f43b644
- SHA256
  
  1e9e6d31673fb014f0fffcfaaf7298b239c0f657315b41ccf0cfdadf09f3aece
- SHA512
  
  a2b3d2c77edc96a45f8cb558cb0a6ae0b3217384e9095d26b0673b1ec6b1cfeb299c415e4a7cbad3d66b05ecc246825746772574923a3fe06e6646d98953bcac
Score

1^/10
behavioral3 behavioral4
- Target
  
  COVA-dependabot-maven-cova-com.fasterxml.jackson.core-jackson-databind-2.9.10.8/cova/localLibs/z3-4.5.0-x64-win/bin/python/z3/z3printer.py
- Size
  
  41KB
- MD5
  
  04e22d9cf72656b9e4948f2f3d5fd2ea
- SHA1
  
  74a15e6896b028c59f867bb7b5a16023a4120203
- SHA256
  
  db75449231183fb849d11dfa8b01433b5469bfad9e42a5f91152d838910b49f5
- SHA512
  
  da7eb64a07f9ecc8656b4a1bade0584c0242f5f8a63be1e51e93d2de6fe807f8fa1d72cc4eb85995ac7cc9206ee42c2f82de6b0cba7830ef03ff4a7d16785a54
Score

1^/10
behavioral5
- Target
  
  COVA-dependabot-maven-cova-com.fasterxml.jackson.core-jackson-databind-2.9.10.8/cova/localLibs/z3-4.5.0-x64-win/bin/python/z3/z3printer.pyc
- Size
  
  47KB
- MD5
  
  f98fc03770acb913e60f9abc40922341
- SHA1
  
  208343a65f0cf2166763f1dc4580091756072262
- SHA256
  
  9576845f7312d3c7f84c9c4ddef917cb31e4f8c8d2bb6414d6ab1bf16bfbdc31
- SHA512
  
  bc7d94c72e8c9088d5202f0dcaa6c051e2b0d52a0563e6e8468ffbd05c0f57eb88c307bb864ea6dd350c408c840c7ee271b615ace2165c475631bb1604cdf624
Score

1^/10
behavioral6
- Target
  
  COVA-dependabot-maven-cova-com.fasterxml.jackson.core-jackson-databind-2.9.10.8/cova/localLibs/z3-4.5.0-x64-win/bin/python/z3/z3rcf.py
- Size
  
  4KB
- MD5
  
  b600213f421ab931035502ce99dac7c1
- SHA1
  
  cdb17d250811adc8e0bbee85fc6d69b4c11b68e9
- SHA256
  
  8f101d116ea85aaaae5f01d9af320b5e9b7d5a5e46647fb402da947e227be09d
- SHA512
  
  8237d01e5c144191eb81d4306b7ba6f25a568429582d477319974ed9bccf76792a4d40c2ce93a92209b963bde02cb0088b08067c28b825b31094a8f2c43e6dcf
Score

1^/10
behavioral7
- Target
  
  COVA-dependabot-maven-cova-com.fasterxml.jackson.core-jackson-databind-2.9.10.8/cova/localLibs/z3-4.5.0-x64-win/bin/python/z3/z3rcf.pyc
- Size
  
  7KB
- MD5
  
  d6f6c281eb24e3da693541aa3f552b45
- SHA1
  
  856c7cdd32530f2cd462f17bcf719d4564447537
- SHA256
  
  cebe625b2ee1922bbb0b67a583782fc10d6995facd5b26998fc75f0fb546666e
- SHA512
  
  0e5ad03442fdf9ef1061825e5022784a4d94cad041e131aa2d3f379d91d4bc0780b513cb4e674f6f8aeb705ca2ccfc181342d05a207f666f0fba9656ec6e294c
Score

1^/10
behavioral8 behavioral9
- Target
  
  COVA-dependabot-maven-cova-com.fasterxml.jackson.core-jackson-databind-2.9.10.8/cova/localLibs/z3-4.5.0-x64-win/bin/python/z3/z3types.py
- Size
  
  3KB
- MD5
  
  8cc7dcccda02d7a0620fe6f9c5a3fb4d
- SHA1
  
  4cb1ad8bfda229c6b196be1932ad0084b630de61
- SHA256
  
  07fff2d3f442b3cecf16193b9540a0ae9a8e2f25a73f5b5569c55cb52fdc6d69
- SHA512
  
  44aa48d8ba5d6fb0e56e6bf92a75074767ddedafafddf29d744ffba420f619a9d65ab6661a061e978dfcd115416f5516e135e6cefea80587585a2db442afeb29
Score

1^/10
behavioral10 behavioral11
- Target
  
  COVA-dependabot-maven-cova-com.fasterxml.jackson.core-jackson-databind-2.9.10.8/cova/localLibs/z3-4.5.0-x64-win/bin/python/z3/z3types.pyc
- Size
  
  11KB
- MD5
  
  b02d72b9a76c8f68b4fd9f5f6f9c1076
- SHA1
  
  21a209d4591510324a60098bd1a8bc2d3c3e5481
- SHA256
  
  1bea434b2bc8662cda4fdaaea4998292b76c45b422b0ee7cfb66af6c7c203742
- SHA512
  
  1475319a54940180933aa4305f35ee7523f5a161ed316d5648acfaef223dad88c51673e14031e2a669d5f790e842db84e38162277593af383dbcebc3db291568
Score

10^/10
- Suspicious use of NtCreateProcessExOtherParentProcess
behavioral12 behavioral13
- Target
  
  COVA-dependabot-maven-cova-com.fasterxml.jackson.core-jackson-databind-2.9.10.8/cova/localLibs/z3-4.5.0-x64-win/bin/python/z3/z3util.py
- Size
  
  11KB
- MD5
  
  c38ec0fe82db97ce0a6b251ca1a66a70
- SHA1
  
  9ef24cdae79a970dba34872e346208ed684436e3
- SHA256
  
  99d571f68bbe198bb9a78ce4cf514e9978a953f8b33a19cace925d56e1cd12d6
- SHA512
  
  c4a43d5d12b8ebbb45e19ba6676300f3283767ba50fba309c9035b0e405493413eceaa1844d96bce2595fe695429065f61a5ee8695908788a7bf1b8ba596e246
Score

3^/10
behavioral14 behavioral15
- Target
  
  COVA-dependabot-maven-cova-com.fasterxml.jackson.core-jackson-databind-2.9.10.8/cova/localLibs/z3-4.5.0-x64-win/bin/python/z3/z3util.pyc
- Size
  
  12KB
- MD5
  
  b658aa06eda0cdec1a54bc31e8638b33
- SHA1
  
  a3686cf3a9c3a0b526ba087551af331c64288302
- SHA256
  
  2d8b3e25c4cf7018d738ad2253b258b758af246face1ec7770a15562ce13aa23
- SHA512
  
  357ecd448dd5b9c7f7d3e05cc49190cd9251837e0b40679c9c794d729bc3e003194fad85c219723c518dfbb627913ac43018863f7f144647dfaa474f680c06d5
Score

3^/10
behavioral16 behavioral17
- Target
  
  COVA-dependabot-maven-cova-com.fasterxml.jackson.core-jackson-databind-2.9.10.8/cova/localLibs/z3-4.5.0-x64-win/bin/vcomp110.dll
- Size
  
  121KB
- MD5
  
  a24611da798edd02242ae618050c4ef4
- SHA1
  
  28b29814033d3921939cbc96f8aec6234401f8d2
- SHA256
  
  f48c9f347c0fba69247f1c85569a21e0d6282ac02469366c79588f896d57b277
- SHA512
  
  ce86a35f2e29b130cf4ad4312c3f920758a2a4837d8e725f7d95ededcc8156387576b3a782c4603b6f229b403d0d1929b43e384fe95a3eb6c799d350b2a5a223
Score

3^/10
behavioral18 behavioral19
- Target
  
  COVA-dependabot-maven-cova-com.fasterxml.jackson.core-jackson-databind-2.9.10.8/cova/localLibs/z3-4.5.0-x64-win/bin/z3.exe
- Size
  
  11.0MB
- MD5
  
  4b72a402cd82993481fcb4a8a478c7f7
- SHA1
  
  b075342bb0635c850101d440606faa2200c81e54
- SHA256
  
  9307083bfcd0846829c7f37b9e781c724097f8bedb3c766dc921887024b3d9f1
- SHA512
  
  f47f971af7af689288b7d862f2e9fe007f4a133af852c2c5b393fa57b749aabce8ff76c2e08f8087090ae0575afcc68a29876818fbf51f3613fc1c7380796154
Score

3^/10
behavioral20 behavioral21
- Target
  
  COVA-dependabot-maven-cova-com.fasterxml.jackson.core-jackson-databind-2.9.10.8/cova/localLibs/z3-4.5.0-x64-win/include/z3++.h
- Size
  
  108KB
- MD5
  
  a50e02fc651b86743ba7cc5762403b09
- SHA1
  
  345ae4a40d50a2b3145cb3f8ade42fc76c9be96f
- SHA256
  
  848a1c85cc2cdad8e72285ee52e20c03b32d668c9f6b3e62bf65177737fda310
- SHA512
  
  fe6a15bb8a50be660573d52b10c3c93360d7e47c5d203b8ee478e4144219aedf99bff6189387e66d5fe95f5d97c7bbf6690a7dc5d453b1cbcdb9c1b999ceb9c6
Score

3^/10
behavioral22 behavioral23
- Target
  
  COVA-dependabot-maven-cova-com.fasterxml.jackson.core-jackson-databind-2.9.10.8/cova/src/test/resources/androidPlatforms/android-25/android.jar
- Size
  
  33.0MB
- MD5
  
  94055f3d235bdeffa70111cf224a7dee
- SHA1
  
  712a0312fe844a21a1b3812fa960c363a1578984
- SHA256
  
  74edee3a14e30ceafae591bf1e45c22bec76ebe3b3e8c556203d4cbe0fa1863d
- SHA512
  
  18d7aeb6be2380106c07b5fe133e22b5065e41841481bdb5e0707d6d294622edd5418d19c6840a9ebd23596d1dc59bd7c6814dd95df20cdcee51a74a73537e54
Score

3^/10
behavioral24 behavioral25
- Target
  
  COVA-dependabot-maven-cova-com.fasterxml.jackson.core-jackson-databind-2.9.10.8/cova/src/test/resources/androidPlatforms/android-26/android.jar
- Size
  
  25.2MB
- MD5
  
  a1a00b9dc450fa3484f1e57aeb85aed4
- SHA1
  
  18eaee6ff2a1c15c603daafb41277ea9376f30b5
- SHA256
  
  cdc1846376a14b0370cc63454a129606b4a52cc50ada75ef0d4cf956b1ad2daa
- SHA512
  
  944ade0c2211a4e20c291d5f55424d471d26e1577fc8a6f39b031b780e1fdde26876627f1279d68401a434e58bc88dfc5b75a4f3c61fd9ac47575f737f288115
Score

3^/10
behavioral26 behavioral27
- Target
  
  COVA-dependabot-maven-cova-com.fasterxml.jackson.core-jackson-databind-2.9.10.8/cova/src/test/resources/androidPlatforms/android-27/android.jar
- Size
  
  28.2MB
- MD5
  
  58d24644f15afa3a038ad78075c6e7ba
- SHA1
  
  eef427ae8ddf45923e199ef329cc834bd9115182
- SHA256
  
  aac4e12f1fd2dede4b8970de3c6a54eddc3e0fa098bf749dc5d6efe5d6e9c4d7
- SHA512
  
  062514c0936d22edab0464060a715c31adf3a2a521b49e811374d4facbf1b9f8adf4c35fd5366f62ee75cc4512329598eb207f94a6d5202f156711aa6609d5d3
Score

3^/10
behavioral28 behavioral29
- Target
  
  COVA-dependabot-maven-cova-com.fasterxml.jackson.core-jackson-databind-2.9.10.8/cova_logo.pdf
- Size
  
  131KB
- MD5
  
  8b531734b3466fc0fffc4edc4fd77021
- SHA1
  
  9b4975e9032c7c558d14533b5b88daef87e59241
- SHA256
  
  33a8f30c131890d4830a6dfc8294bf1164ac0c5a5f5cd005f900ba5b5afe2ed1
- SHA512
  
  6d087785d03442e179f0d62c63e3645eda16fcd59c54f097903bac73a0e4b84d94835d45aa5f9f208889d41e1297f6ce5a4848baa2ad7be94f60047833f37018
Score

3^/10
behavioral30 behavioral31
- Target
  
  COVA-dependabot-maven-cova-com.fasterxml.jackson.core-jackson-databind-2.9.10.8/longversion.pdf
- Size
  
  409KB
- MD5
  
  4955d61051c1a4e1670a90583f043eaf
- SHA1
  
  7efecbedd12ce39edb8442e60fabaef264070842
- SHA256
  
  4a7449f00046b82c612125c73221b40af3a54250189847c7f1cb43a99873f3d4
- SHA512
  
  9d95b42c2e3b3b202bb3d1a2de48aff5a32135d7372fb5aadef1792c2047ad39754cdcabb550608c99171a786be8da2483d70ed0864d489a3f4a2669b60956d9
Score

3^/10
behavioral32

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Targets

Suspicious use of NtCreateProcessExOtherParentProcess

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32