9ca1bd17106147ac6d7d1094c0bc108d95c9bf21196cdc05005e0db61fcf5212 | Triage

Analysis

max time kernel
91s
max time network
157s
platform
windows10-2004_x64
resource
win10v2004-20220414-en
submitted
21-05-2022 01:03

Sharing

Report Analysis Logs

General

Target

Payment Swift TT0504202046584.jar
Size

7KB
MD5

9b55674a6b1e1e9ad2202a92258f6850
SHA1

5006270c815b6cf686605fc183f3121a02444a32
SHA256

b8cd61b7c44af573d903d6a3f8928f7d2775e354f42c1082ba2f3b3b2b43e244
SHA512

dbebab8bb10055f9ddd29458d5ae931aeadfb70fbb951d8c04bd706130a925c64122af474da3b51d05d06249f0e674156e96e089fc51fddf8dcb0015dfbb6762

Score

4^/10

Malware Config

Signatures

Drops file in Program Files directory 12 IoCs

Processes:

java.exe

description	ioc	process
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\symbols\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\dll\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\symbols\dll\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\dll\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\symbols\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\symbols\dll\ntdll.pdb	java.exe

C:\ProgramData\Oracle\Java\javapath\java.exe
java -jar "C:\Users\Admin\AppData\Local\Temp\Payment Swift TT0504202046584.jar"
1⤵
- Drops file in Program Files directory
PID:2640

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2640-134-0x00000000023D0000-0x00000000033D0000-memory.dmp

Filesize
16.0MB

Download
memory/2640-143-0x00000000023D0000-0x00000000033D0000-memory.dmp

Filesize
16.0MB

Download
memory/2640-144-0x00000000023D0000-0x00000000033D0000-memory.dmp

Filesize
16.0MB

Download