659273cb678c427ce7e3daeb21fb80192133b916b3756e917913ba41e5262c6c | Triage

Submit
Reports

Overview

overview

6

Static

static

MCDrink_1.1.jar

windows7-x64

1

MCDrink_1.1.jar

windows10-2004-x64

6

Resubmissions

01-02-2023 12:50

230201-p26j5afb4v 6

01-02-2023 12:47

230201-p1gjlsfb3y 1

Analysis

max time kernel
299s
max time network
304s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
01-02-2023 12:50

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

MCDrink_1.1.jar

Resource

win7-20220901-en

windows7-x64

0 signatures

300 seconds

Behavioral task

behavioral2

Sample

MCDrink_1.1.jar

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

300 seconds

Report Analysis Logs

General

Target

MCDrink_1.1.jar
Size

235KB
MD5

ec7eebb1a220cca1efa2ce26cf625d59
SHA1

29c2e651f9903a50d5009853994c70c1f1f1575b
SHA256

659273cb678c427ce7e3daeb21fb80192133b916b3756e917913ba41e5262c6c
SHA512

281f4721cfefdf8f502631eefa2c132a079c6301645277a0d18ccd6f3b78c01e0c99f56bc7f04f79c221e3d551310205ff14be546ee2a327b7f5adba7358c127
SSDEEP

6144:OfTZ5j8QnNHaGTL5tsw5wRBExmPfLEdv0V:OfTZRjN6UL3sCwRVPfL4v0V

Score

6^/10

discovery

Malware Config

Signatures

Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Scanning
T1046

Processes

C:\ProgramData\Oracle\Java\javapath\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\MCDrink_1.1.jar
1⤵
PID:1352

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1352-134-0x0000000002BD0000-0x0000000003BD0000-memory.dmp

Filesize
16.0MB

Download
memory/1352-142-0x0000000002BD0000-0x0000000003BD0000-memory.dmp

Filesize
16.0MB

Download

© 2018-2024

Terms | Privacy