cfdace4d2aa40a226f876f8de2fa1c04d3defc161dcee8be705cc62464e0ad23

Analysis

max time kernel
178s
max time network
190s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
02/02/2023, 13:39

Target

485096d3585435a174bac6a0d43140c4c8a0ca79.jar
Size

263KB
MD5

4b798fe8fc253c99025a61d3a5eadb02
SHA1

485096d3585435a174bac6a0d43140c4c8a0ca79
SHA256

cfdace4d2aa40a226f876f8de2fa1c04d3defc161dcee8be705cc62464e0ad23
SHA512

7946a4d771e9dddd4534f0acb3f6828d90ac494b4abcd88a412205a7e327c6ca16c4b8bc20285feee91777b8cf71f812871104dc5a1897c55a3ab46f5edd58b5
SSDEEP

3072:Cl8K+b2aeiVH6EN8zDWe4b1CHJmVIoXsdXYRYSt+ohoLfvKQ9l5m4DKxRfhWsTn4:CmDVDDCJmGoXsdokS0K05m7RfpTKhz9

Score

4^/10

Drops file in Program Files directory 12 IoCs

description	ioc	Process
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\symbols\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\dll\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\dll\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\symbols\dll\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\symbols\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\symbols\dll\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\jvm.pdb	java.exe

C:\ProgramData\Oracle\Java\javapath\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\485096d3585435a174bac6a0d43140c4c8a0ca79.jar
1⤵
- Drops file in Program Files directory
PID:2488

memory/2488-136-0x00000000023F0000-0x00000000033F0000-memory.dmp

Filesize
16.0MB

Download
memory/2488-142-0x00000000023F0000-0x00000000033F0000-memory.dmp

Filesize
16.0MB

Download
memory/2488-144-0x00000000023F0000-0x00000000033F0000-memory.dmp

Filesize
16.0MB

Download
memory/2488-151-0x00000000023F0000-0x00000000033F0000-memory.dmp

Filesize
16.0MB

Download
memory/2488-152-0x00000000023F0000-0x00000000033F0000-memory.dmp

Filesize
16.0MB

Download