Overview

overview

1

Static

static

Notification.jar

windows7_x64

1

Notification.jar

windows10-2004_x64

1

Resubmissions

05-06-2022 12:13

220605-pd9a4seeak 1

17-10-2020 12:07

201017-dbljcedc5s 10

Analysis

  • max time kernel
    15s
  • max time network
    14s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    05-06-2022 12:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Notification.jar

  • Size

    157KB

  • MD5

    8035ca2a6a358805d67efd00e2738626

  • SHA1

    233d40497d566d0480aadea37a6e3062234a17fc

  • SHA256

    51fb9721d665f58eb5c41cc4a2a75b112f505b18321e532dac33a3139770c207

  • SHA512

    a31fc4df88a9511d1c558877fbb2aa31e15ab1566a5f031f737ea0a49a917721d8e86f213290230eefa058ade3ad2f88491c3bfb306a2e0a4221a6f91ede26e6

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\ProgramData\Oracle\Java\javapath\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\Notification.jar
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2736
    • C:\Program Files\Java\jre1.8.0_66\bin\javaw.exe
      "C:\Program Files\Java\jre1.8.0_66\bin\javaw.exe" -jar C:\Users\Admin\AppData\Local\Temp\ed8a9804.tmp
      2⤵
        PID:4420

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\.oracle_jre_usage\90737d32e3aba4b.timestamp
      Filesize

      50B

      MD5

      dbfe07f0b6896d652a745ac344d4edc0

      SHA1

      11242118e29f07637f1dc3d297d1522dda82fee0

      SHA256

      2854b81bd61fc440520ae649c5e877fc7163df95cda39e3f692a81dacdb08433

      SHA512

      aaf321d0b29991907ffb668b729604f4658fc3eed498e41d0cecdce36e444ddcc052baf9404aa303d6ba7b82222395ab36a3631c66124ad69e20bc96d16740ac

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\ed8a9804.tmp
      Filesize

      157KB

      MD5

      8035ca2a6a358805d67efd00e2738626

      SHA1

      233d40497d566d0480aadea37a6e3062234a17fc

      SHA256

      51fb9721d665f58eb5c41cc4a2a75b112f505b18321e532dac33a3139770c207

      SHA512

      a31fc4df88a9511d1c558877fbb2aa31e15ab1566a5f031f737ea0a49a917721d8e86f213290230eefa058ade3ad2f88491c3bfb306a2e0a4221a6f91ede26e6

      Download Submit

    • memory/2736-138-0x00000000031F0000-0x00000000041F0000-memory.dmp

      Filesize

      16.0MB

      Download

    • memory/2736-154-0x00000000031F0000-0x00000000041F0000-memory.dmp

      Filesize

      16.0MB

      Download

    • memory/2736-166-0x00000000031F0000-0x00000000041F0000-memory.dmp

      Filesize

      16.0MB

      Download

    • memory/2736-181-0x00000000031F0000-0x00000000041F0000-memory.dmp

      Filesize

      16.0MB

      Download

    • memory/2736-193-0x00000000031F0000-0x00000000041F0000-memory.dmp

      Filesize

      16.0MB

      Download

    • memory/2736-204-0x00000000031F0000-0x00000000041F0000-memory.dmp

      Filesize

      16.0MB

      Download