Overview

overview

8

Static

static

8

FastVerCode.dll

windows7-x64

1

FastVerCode.dll

windows10-2004-x64

3

ICSharpCod...ib.dll

windows7-x64

1

ICSharpCod...ib.dll

windows10-2004-x64

1

Interop.ADODB.dll

windows7-x64

1

Interop.ADODB.dll

windows10-2004-x64

1

Interop.ADOX.dll

windows7-x64

1

Interop.ADOX.dll

windows10-2004-x64

1

Interop.ADQX.dll

windows7-x64

8

Interop.ADQX.dll

windows10-2004-x64

8

Interop.ADQX64.dll

windows7-x64

1

Interop.ADQX64.dll

windows10-2004-x64

1

Interop.JPO.dll

windows7-x64

1

Interop.JPO.dll

windows10-2004-x64

3

Interop.JRO.dll

windows7-x64

1

Interop.JRO.dll

windows10-2004-x64

1

QQռ...��.exe

windows7-x64

8

QQռ...��.exe

windows10-2004-x64

8

UUWiseHelper.dll

windows7-x64

1

UUWiseHelper.dll

windows10-2004-x64

3

dl.dll

windows7-x64

1

dl.dll

windows10-2004-x64

1

edithtm/in...�.html

windows7-x64

1

edithtm/in...�.html

windows10-2004-x64

1

edithtm/in...x.html

windows7-x64

1

edithtm/in...x.html

windows10-2004-x64

1

edithtm/js...on.asp

windows7-x64

3

edithtm/js...on.asp

windows10-2004-x64

3

edithtm/js....1.jar

windows7-x64

1

edithtm/js....1.jar

windows10-2004-x64

1

edithtm/js....4.jar

windows7-x64

1

edithtm/js....4.jar

windows10-2004-x64

1

Analysis

  • max time kernel
    33s
  • max time network
    42s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    26-11-2022 18:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    edithtm/jsp/lib/commons-fileupload-1.2.1.jar

  • Size

    56KB

  • MD5

    5ad1ab0c8a813b45fe9014f54a341a2a

  • SHA1

    fd968960d004ba8863a2e7b9c88f260aa588c22d

  • SHA256

    1619d9e6f8d1f7d6239d572b1655984a8a965149ceba7d02f861802a6e3af7df

  • SHA512

    cb63335809b1c5299e805459b65b69022944d1326953ab8db50c9d5114a7ba8b4fc414710acb24d92e2bce1ccbc7d0f85e6c341592159da6c54e96b73159e297

  • SSDEEP

    768:z1FVFm0rpeH+6MkxofN+dcuvSe13t4uPU2lzOeT6EzF/wnvZsAFQ3m8Az1l1irg9:3VRQe36K0cAT6uNll6O8szmx1mC9HV

Score
1/10

Malware Config

Signatures

Processes

  • C:\Windows\system32\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\edithtm\jsp\lib\commons-fileupload-1.2.1.jar
    1⤵
      PID:788

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/788-54-0x000007FEFBD91000-0x000007FEFBD93000-memory.dmp
      Filesize

      8KB

      Download
    • memory/788-64-0x0000000002150000-0x0000000005150000-memory.dmp
      Filesize

      48.0MB

      Download