Analysis

  • max time kernel
    60s
  • max time network
    121s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    26-06-2022 02:36

General

  • Target

    366b43e3e4dd953359cd850c121da83fd77f92ebecfcc399eee0aaf5737f8531.jar

  • Size

    679KB

  • MD5

    72d04333cf384e3ef3fcfaf3133b6578

  • SHA1

    d6a20ddbba85e640890bcd88f30589977377ece9

  • SHA256

    366b43e3e4dd953359cd850c121da83fd77f92ebecfcc399eee0aaf5737f8531

  • SHA512

    05cb6ae9eb754faea6eaa7825427d58be9139bb9b0861707471f165b9bf6f866063a1bf4a399727dbdc32aa76a8925ef0672ed3ef5a0311056948bc6907d978d

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\ProgramData\Oracle\Java\javapath\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\366b43e3e4dd953359cd850c121da83fd77f92ebecfcc399eee0aaf5737f8531.jar
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4204
    • C:\Program Files\Java\jre1.8.0_66\bin\java.exe
      "C:\Program Files\Java\jre1.8.0_66\bin\java.exe" -jar C:\Users\Admin\AppData\Local\Temp\_0.094041311238203143459851587386288503.class
      2⤵
        PID:1000

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\.oracle_jre_usage\90737d32e3aba4b.timestamp

      Filesize

      50B

      MD5

      a5bd9e8c8b380a95ffe54e37fcc1b0ae

      SHA1

      a62092d30cde873fb9cd29db54b7c3a928579c60

      SHA256

      79f95870ea8f7f57e458d958c473fb436c0f223d9801bdcc030ff6fe66029e84

      SHA512

      360d35751568b19e9458a37f65f8a3e335c2d23183b8591ca8f8527744a6861444f7895548a33c699230550cae9da36c94b876d9c90a9947336b0b18c1bb2253

    • C:\Users\Admin\AppData\Local\Temp\_0.094041311238203143459851587386288503.class

      Filesize

      241KB

      MD5

      781fb531354d6f291f1ccab48da6d39f

      SHA1

      9ce4518ebcb5be6d1f0b5477fa00c26860fe9a68

      SHA256

      97d585b6aff62fb4e43e7e6a5f816dcd7a14be11a88b109a9ba9e8cd4c456eb9

      SHA512

      3e6630f5feb4a3eb1dac7e9125ce14b1a2a45d7415cf44cea42bc51b2a9aa37169ee4a4c36c888c8f2696e7d6e298e2ad7b2f4c22868aaa5948210eb7db220d8

    • memory/4204-132-0x0000000003320000-0x0000000004320000-memory.dmp

      Filesize

      16.0MB

    • memory/4204-140-0x0000000003320000-0x0000000004320000-memory.dmp

      Filesize

      16.0MB

    • memory/4204-146-0x0000000003320000-0x0000000004320000-memory.dmp

      Filesize

      16.0MB

    • memory/4204-147-0x0000000003320000-0x0000000004320000-memory.dmp

      Filesize

      16.0MB

    • memory/4204-148-0x0000000003320000-0x0000000004320000-memory.dmp

      Filesize

      16.0MB

    • memory/4204-149-0x0000000003320000-0x0000000004320000-memory.dmp

      Filesize

      16.0MB

    • memory/4204-152-0x0000000003320000-0x0000000004320000-memory.dmp

      Filesize

      16.0MB

    • memory/4204-168-0x0000000003320000-0x0000000004320000-memory.dmp

      Filesize

      16.0MB