Overview

overview

1

Static

static

cffd312ebf...ad.exe

windows7-x64

1

cffd312ebf...ad.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    227s
  • max time network
    292s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17/09/2022, 11:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cffd312ebf37c365468e2723119c0cbd31e4a877437edeb8ed9e96dcf1781ead.exe

  • Size

    18.1MB

  • MD5

    9d36ecd335803a89dae77eaa3adefbfd

  • SHA1

    cfb063520319ec8e933acd29a94eea2d6fba94f8

  • SHA256

    cffd312ebf37c365468e2723119c0cbd31e4a877437edeb8ed9e96dcf1781ead

  • SHA512

    c4a998e01cbe6a65be356ad90615be08ff9c73cafb0a3fe2820f901dbc147f22dfe698789df3519eee1fa9ba60092f11107c29da26c4b736a9af87316e60518d

  • SSDEEP

    393216:Qi3OyiMQyKRS+VJuHEJ6fKsOngG4k2woJuQFkyRmazVNEJNVb5DPEmWK:Qi3OeQ/RS+EPOngG4kZoFVRIn8m7

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\cffd312ebf37c365468e2723119c0cbd31e4a877437edeb8ed9e96dcf1781ead.exe
    "C:\Users\Admin\AppData\Local\Temp\cffd312ebf37c365468e2723119c0cbd31e4a877437edeb8ed9e96dcf1781ead.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:392
    • C:\Program Files\Java\jre1.8.0_66\bin\javaw.exe
      "C:\Program Files\Java\jre1.8.0_66\bin\javaw.exe" -jar "C:\Users\Admin\AppData\Local\Temp\cffd312ebf37c365468e2723119c0cbd31e4a877437edeb8ed9e96dcf1781ead.exe"
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:4952
      • C:\Program Files\Java\jre1.8.0_66\bin\javaw.exe
        "C:\Program Files\Java\jre1.8.0_66\bin\javaw.exe" -Djdk.attach.allowAttachSelf -XX:+DisableAttachMechanism -Dlauncher.stacktrace=false -Dlauncher.dev=false -Dlauncher.debug=false -Xmx256M -cp C:\Users\Admin\AppData\Local\Temp\cffd312ebf37c365468e2723119c0cbd31e4a877437edeb8ed9e96dcf1781ead.exe pro.gravit.launcher.oNeLANdhE3HoQi
        3⤵
          PID:4476

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\.oracle_jre_usage\90737d32e3aba4b.timestamp
      Filesize

      50B

      MD5

      e623f33b71bfaee8c9eaa1c223d6c72d

      SHA1

      8b2a9e5dcc217039ae9359e95bbae4361ad9652f

      SHA256

      a7ff6c0c6e5cd2439ccf50ca8a4aef133373ec97d2a650605ff40b0644ea1399

      SHA512

      bb0a1b2833e0da9a99471f8141cdd058072ade4e197a5aa45153f03a2358ba0058cea29ea564cb87da6d1ccaec82459f46f55bafac2db08b6e570e484bbb47fb

      Download Submit

    • memory/4476-160-0x0000000002940000-0x0000000003940000-memory.dmp

      Filesize

      16.0MB

      Download

    • memory/4476-171-0x0000000002940000-0x0000000003940000-memory.dmp

      Filesize

      16.0MB

      Download

    • memory/4952-135-0x00000000031F0000-0x00000000041F0000-memory.dmp

      Filesize

      16.0MB

      Download

    • memory/4952-148-0x00000000031F0000-0x00000000041F0000-memory.dmp

      Filesize

      16.0MB

      Download

    • memory/4952-159-0x00000000031F0000-0x00000000041F0000-memory.dmp

      Filesize

      16.0MB

      Download

    • memory/4952-172-0x00000000031F0000-0x00000000041F0000-memory.dmp

      Filesize

      16.0MB

      Download