Overview

overview

10

Static

static

5210afa456...e2.jar

windows7_x64

10

5210afa456...e2.jar

windows10-2004_x64

4

Analysis

  • max time kernel
    151s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-en-20220112
  • submitted
    05-02-2022 15:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5210afa4567b98fb3f8aee513206b5fd466d3afe01dd576a2bee4a623f2cdae2.jar

  • Size

    5KB

  • MD5

    1159c8fa61d9bf42b67dfe721c73843d

  • SHA1

    ccd1312f6a444492301674d7cf2a45995dd86e0b

  • SHA256

    5210afa4567b98fb3f8aee513206b5fd466d3afe01dd576a2bee4a623f2cdae2

  • SHA512

    693ddc434d47ad594b36771b6b410e71cae4d45f57b7475db1ba657ae0b77a60159963ca65135bf730e54b687accff6caf4622bbbad8a0895e545c4b500c33c2

Score
4/10

Malware Config

Signatures

  • Drops file in Program Files directory 12 IoCs
  • Drops file in Windows directory 1 IoCs
  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Modifies data under HKEY_USERS 45 IoCs

Processes

  • C:\ProgramData\Oracle\Java\javapath\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\5210afa4567b98fb3f8aee513206b5fd466d3afe01dd576a2bee4a623f2cdae2.jar
    1⤵
    • Drops file in Program Files directory
    PID:808
  • C:\Windows\system32\MusNotifyIcon.exe
    %systemroot%\system32\MusNotifyIcon.exe NotifyTrayIcon 13
    1⤵
    • Checks processor information in registry
    PID:2328
  • C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe -k NetworkService -p
    1⤵
    • Drops file in Windows directory
    • Modifies data under HKEY_USERS
    PID:368

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/808-134-0x00000000031A0000-0x00000000122A0000-memory.dmp
    Filesize

    241.0MB

    Download
  • memory/808-135-0x00000000011E0000-0x00000000011E1000-memory.dmp
    Filesize

    4KB

    Download
  • memory/808-162-0x00000000011E0000-0x00000000011E1000-memory.dmp
    Filesize

    4KB

    Download