54528ac8eb7d5628b84b1d0158252c840db3c6c5478516543690378d70b8435a | Triage

Analysis

max time kernel
104s
max time network
180s
platform
windows10-2004_x64
resource
win10v2004-20220414-en
submitted
21-05-2022 01:05

Sharing

Report Analysis Logs

General

Target

Order List 1105202011.jar
Size

3KB
MD5

ac97bcf4c2a1e52c5f77a04b1ffd9514
SHA1

933df23b855fe31897593c651bea48874c3184f3
SHA256

b67f5dc6c190b29db9b70d589f0c97cdd82c2ad4c49b97390a061eecda5f3aa8
SHA512

a7754f2d8588df535f4d31aea3c29d6943919a39533157728c9d77ab134c7e601c872ba233cefd2b330aa2440ca186114d6eb39d0a2532498ae17900c9c7474b

Score

4^/10

Malware Config

Signatures

Drops file in Program Files directory 12 IoCs

Processes:

java.exe

description	ioc	process
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\symbols\dll\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\symbols\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\symbols\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\dll\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\symbols\dll\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\dll\ntdll.pdb	java.exe

C:\ProgramData\Oracle\Java\javapath\java.exe
java -jar "C:\Users\Admin\AppData\Local\Temp\Order List 1105202011.jar"
1⤵
- Drops file in Program Files directory
PID:4320

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4320-134-0x0000000002720000-0x0000000003720000-memory.dmp

Filesize
16.0MB

Download
memory/4320-162-0x0000000002720000-0x0000000003720000-memory.dmp

Filesize
16.0MB

Download
memory/4320-163-0x0000000002720000-0x0000000003720000-memory.dmp

Filesize
16.0MB

Download