8ea07077502eacce3b5c7d08f71abb1daee1fdc626548ba20953aa31e54c465e

Sharing

Copy URL

Twitter E-mail

General

Target

8ea07077502eacce3b5c7d08f71abb1daee1fdc626548ba20953aa31e54c465e
Size

184KB
Sample

220816-da42fabagl
MD5

105cead86022132e729c7ffe647128ce
SHA1

fa097b5de2d0685613840a855b7fd6b86b4e4a2c
SHA256

8ea07077502eacce3b5c7d08f71abb1daee1fdc626548ba20953aa31e54c465e
SHA512

211a1544757b61e98777422bfaefd088bd324591bc4c6e8d03c402edc7e91d93f51125a04f4aea6b815a0326a1df3ae84945dea64f0b7275ab84ceb4215e8f41

Score

7^/10

Malware Config

Targets

- Target
  
  ide-eval-resetter/lib/ide-eval-resetter-2.1.6.jar
- Size
  
  35KB
- MD5
  
  ce8c8fce38d697624be5eb5e468d0fb6
- SHA1
  
  7a6f5cb4a47cf4b1abeb0a1b0c2e1723f526e4ce
- SHA256
  
  931788327f56a61128cdb50c7af5479f043a9bd26d69f89bc4d1f2c33802f7c8
- SHA512
  
  251e51aec45d4a2f1f0c0713b114348157864b47d8cc01d7943753d7f7f7f8715333f76a2585a2f6d36a8611a8b2799ffeea4de19b83129f5638fbf58329dbe6
Score

1^/10
behavioral1 behavioral2
- Target
  
  JetBrains 2022 ??/??2????2099????????????/ja-netfilter-all/README.pdf
- Size
  
  54KB
- MD5
  
  8ce55044d4f07f14c10018313ae341f1
- SHA1
  
  a18cf7130c4e22ac068b3581f558162026884805
- SHA256
  
  2b6d5f0d5e1ffe4046007ad6cf37dd026d762feac08057a002013efa91ea566f
- SHA512
  
  fe61ac988375f739c2141e586745268c30a6690884ff2d65b10d7353eba760d46be5929b2efce36b9f80166e3b6e4ade67529ac044658a26ff6ec75750d165f1
Score

5^/10
- Drops file in System32 directory
behavioral3 behavioral4
- Target
  
  JetBrains 2022 ??/??2????2099????????????/ja-netfilter-all/ja-netfilter.jar
- Size
  
  44KB
- MD5
  
  c236899b331de76d8fc6d1bb0bad9c3d
- SHA1
  
  d120501b7ce795942795ca7ee8d1c05086bf6236
- SHA256
  
  431ad080b75fc001ff546ad935a4dab5b86bd6d1a0bb09d50742cb4162889d77
- SHA512
  
  2a952a93b9970a53bdf0adaafffe19feded91a743d8229cd5c98ba7deeddcdcc2cdc46ac96fe2c6027507c33503d8082d3c0807e17e698d4ffee775166d991b6
Score

1^/10
behavioral5 behavioral6
- Target
  
  JetBrains 2022 ??/??2????2099????????????/ja-netfilter-all/plugins-jetbrains/dns.jar
- Size
  
  4KB
- MD5
  
  4f3c516c1704a5569725246d57dd1ae7
- SHA1
  
  4e8693b5a7a3837cf7f6db0c4f1316f376d34721
- SHA256
  
  d1150b1831b112b93d74a34a10ce6c11606e0d2255d532c29f91f1d92b40a552
- SHA512
  
  f885fc751e9035944489578bb037f05521c6258c377c0c7bf8b8d10b799063e6e529c715ecebf9729724f0497f588803d7d463fbb70f5efbd73952624f60d08e
Score

1^/10
behavioral7 behavioral8
- Target
  
  JetBrains 2022 ??/??2????2099????????????/ja-netfilter-all/plugins-jetbrains/hideme.jar
- Size
  
  7KB
- MD5
  
  cdab6a30b0949a741f13935f5483c303
- SHA1
  
  729d00e4fa04ca49c00b5b6aa60706dfadd5644e
- SHA256
  
  fa14c735ab9fed3f3a5df0dc78a5d38ae0a146099ddc858197e9f528bd996c40
- SHA512
  
  bf155c0b062fe9c7c237f9b0329a155387b7294fae7c7ed73e41e9528f119ccc513855329f6e91e62106b589c8b215d981ed11f2f89c7e13c06fbdcf7d6d1ee8
Score

1^/10
behavioral9 behavioral10
- Target
  
  JetBrains 2022 ??/??2????2099????????????/ja-netfilter-all/plugins-jetbrains/mymap.jar
- Size
  
  4KB
- MD5
  
  b5e49c56f85542bc19b14af11eb10d60
- SHA1
  
  dc104acd2b3c83474f04b975f882a43017bbc2b2
- SHA256
  
  48f627919c46ec345119b05afbd18b2a443d47223533f21a64792302ffcd223d
- SHA512
  
  30430bb87e1201c17f760f822c4c670c7b283e9cde56a2737da2ab1531f7634bc2f0034e3eef11f91bc1af52f8a80f598e9233a289566e0d95e1f5d48d979f97
Score

1^/10
behavioral11 behavioral12
- Target
  
  JetBrains 2022 ??/??2????2099????????????/ja-netfilter-all/plugins-jetbrains/power.jar
- Size
  
  8KB
- MD5
  
  2ae0a1d9590200f509cdb432536b7b1c
- SHA1
  
  e1205c93dc1e7179e9e67e0d6f99a681d056a040
- SHA256
  
  56e4b4d756f0c3e98165fe0e86d03b5d3837202091ab60a9192202d1bb677023
- SHA512
  
  bc3ee20074212c53dcb6af6a710f1d7f93b4082433f48d9609818182539ba6767f4dd211503e5605b02a4608dac05de8e9ce0b55260162d30c801217063c4578
Score

1^/10
behavioral13 behavioral14
- Target
  
  JetBrains 2022 ??/??2????2099????????????/ja-netfilter-all/plugins-jetbrains/url.jar
- Size
  
  4KB
- MD5
  
  6b181e5b8255db4cd9beb1c6af5f420e
- SHA1
  
  b1bebbee8d98218db5794f596001b8b7427ae0c7
- SHA256
  
  ce5a83aee31153cca30274ac94467b316edea8cb28acf72f52f5a72d455b1b43
- SHA512
  
  26dabc145da4a987744ab86d600ab81482771fb8fc99933828104d4698f4dc407eb97281a36f01d5852fc2209d0092f10b7d23d62db8f7e456f8d2d0a108ce7a
Score

1^/10
behavioral15 behavioral16
- Target
  
  JetBrains 2022 ??/??2????2099????????????/ja-netfilter-all/scripts/install-all-users.vbs
- Size
  
  2KB
- MD5
  
  6a6e4e7d279a526064dff0fb601fb44e
- SHA1
  
  a8419c985311ba34dcf7fbd8530ddcb65250e7fe
- SHA256
  
  0188298a226d3ff1e4b705c7a20b0840c56d9a629e92c1020291bfa55f80ff78
- SHA512
  
  fac43849d700016e5c9749cb15e723d5dcb61fe2d61d52893f50b8e695e2e73903e36fbc9b3e4fbad2d69eaf1b055dc026deee26447ddbbfbbe02cd6a159c121
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral17 behavioral18
- Target
  
  JetBrains 2022 ??/??2????2099????????????/ja-netfilter-all/scripts/install-current-user.vbs
- Size
  
  1KB
- MD5
  
  7a84e049697625afcd239062b34b7bfc
- SHA1
  
  e20448f6f3dcbf8aa6b89363793959a7ce331cbd
- SHA256
  
  ecf08e4ef2d0123f3e5dde9b8c6d6d0787ec758f5a60eee9fb74b89ca563a179
- SHA512
  
  4977fcb57634dbee158bf4bf4c0e71241318a38a2c1d67a5656ce0450c95f21c1c60edc91fd83e5ac3b8e457e9aaa213856e0a55dd97b865304de5d444f693c4
Score

1^/10
behavioral19 behavioral20
- Target
  
  JetBrains 2022 ??/??2????2099????????????/ja-netfilter-all/scripts/install.sh
- Size
  
  3KB
- MD5
  
  a39586feddfc26b3193372ce44f48abc
- SHA1
  
  25fafe775fd3735b2506ef8286d5768c04e0b179
- SHA256
  
  3666798d273bacc4e8515296da6c0601e5ea2e69c6aceeb25afb5d450e62c00d
- SHA512
  
  a63f744231531d894983ff10822f11e37ea0ac8189981e19c7be52d7480a37b9800247dffec1072dfd21413cbab65f1abcf73633fef33d57556461aa890016be
Score

5^/10
- Writes file to tmp directory
  Malware often drops required files in the /tmp directory.
behavioral21 behavioral22 behavioral23 behavioral24
- Target
  
  JetBrains 2022 ??/??2????2099????????????/ja-netfilter-all/scripts/uninstall-all-users.vbs
- Size
  
  1KB
- MD5
  
  284ba51196a36f0bc8c316c2609d8bda
- SHA1
  
  74b2bb3d5c787014727ba972cafded3d32fcc326
- SHA256
  
  e7a39dfd129b3e06858c66ea2b222d18e5ca86f128981f2e383c80072cbe7e34
- SHA512
  
  1ba2e16a7105ff60f0cea535fccadd7e5e38db312ae4ffc8a501d118048171c992661dc00f9d85cf83ef639604c9fd66cf0f50e2674f3633389753689e9112b4
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral25 behavioral26
- Target
  
  JetBrains 2022 ??/??2????2099????????????/ja-netfilter-all/scripts/uninstall-current-user.vbs
- Size
  
  723B
- MD5
  
  7529cfdfdc594cd24fcbe0f9b65fdb03
- SHA1
  
  e531eb99552e930bc31ec3af3bd7e3a8c1318824
- SHA256
  
  681a5dc75d9a4249af46e3c79a50bfcb8c2cca98eb1b2232ac9d01e57b98c01e
- SHA512
  
  38b8097a50d952c31cfc6216a7029937ff818bafd0164d97e3f9a3635223c63e2f26174b6faaa5c08db05fce9d60618cf3ab532621ee5754ba1609897afc1162
Score

1^/10
behavioral27 behavioral28
- Target
  
  JetBrains 2022 ??/??2????2099????????????/ja-netfilter-all/scripts/uninstall.sh
- Size
  
  1KB
- MD5
  
  e3f187bb61526539c002a2303bc3325a
- SHA1
  
  d3831b8e1b914892f412dc86d5c79f89314e6cd1
- SHA256
  
  ae91ad30b493097d0704e97fb122d51f939b14d999267fdd0882058116bfed62
- SHA512
  
  cafd9ddcd2139d525a480d65a582aff6119c3f771e9472d2472d9b4b42c76d2b7851c4288e5177907579b5f5181e88586bc8f9e4aafaafb769a096656896c355
Score

5^/10
- Reads runtime system information
  Reads data from /proc virtual filesystem.
- Writes file to tmp directory
  Malware often drops required files in the /tmp directory.
behavioral29 behavioral30 behavioral31 behavioral32

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Drops file in System32 directory

Checks computer location settings

Writes file to tmp directory

Checks computer location settings

Reads runtime system information

Writes file to tmp directory

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32