Analysis
-
max time kernel
60s -
max time network
121s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
26-06-2022 02:36
Static task
static1
Behavioral task
behavioral1
Sample
366b43e3e4dd953359cd850c121da83fd77f92ebecfcc399eee0aaf5737f8531.jar
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
366b43e3e4dd953359cd850c121da83fd77f92ebecfcc399eee0aaf5737f8531.jar
Resource
win10v2004-20220414-en
General
-
Target
366b43e3e4dd953359cd850c121da83fd77f92ebecfcc399eee0aaf5737f8531.jar
-
Size
679KB
-
MD5
72d04333cf384e3ef3fcfaf3133b6578
-
SHA1
d6a20ddbba85e640890bcd88f30589977377ece9
-
SHA256
366b43e3e4dd953359cd850c121da83fd77f92ebecfcc399eee0aaf5737f8531
-
SHA512
05cb6ae9eb754faea6eaa7825427d58be9139bb9b0861707471f165b9bf6f866063a1bf4a399727dbdc32aa76a8925ef0672ed3ef5a0311056948bc6907d978d
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 2 IoCs
description pid Process procid_target PID 4204 wrote to memory of 1000 4204 java.exe 88 PID 4204 wrote to memory of 1000 4204 java.exe 88
Processes
-
C:\ProgramData\Oracle\Java\javapath\java.exejava -jar C:\Users\Admin\AppData\Local\Temp\366b43e3e4dd953359cd850c121da83fd77f92ebecfcc399eee0aaf5737f8531.jar1⤵
- Suspicious use of WriteProcessMemory
PID:4204 -
C:\Program Files\Java\jre1.8.0_66\bin\java.exe"C:\Program Files\Java\jre1.8.0_66\bin\java.exe" -jar C:\Users\Admin\AppData\Local\Temp\_0.094041311238203143459851587386288503.class2⤵PID:1000
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
50B
MD5a5bd9e8c8b380a95ffe54e37fcc1b0ae
SHA1a62092d30cde873fb9cd29db54b7c3a928579c60
SHA25679f95870ea8f7f57e458d958c473fb436c0f223d9801bdcc030ff6fe66029e84
SHA512360d35751568b19e9458a37f65f8a3e335c2d23183b8591ca8f8527744a6861444f7895548a33c699230550cae9da36c94b876d9c90a9947336b0b18c1bb2253
-
Filesize
241KB
MD5781fb531354d6f291f1ccab48da6d39f
SHA19ce4518ebcb5be6d1f0b5477fa00c26860fe9a68
SHA25697d585b6aff62fb4e43e7e6a5f816dcd7a14be11a88b109a9ba9e8cd4c456eb9
SHA5123e6630f5feb4a3eb1dac7e9125ce14b1a2a45d7415cf44cea42bc51b2a9aa37169ee4a4c36c888c8f2696e7d6e298e2ad7b2f4c22868aaa5948210eb7db220d8