Overview

overview

8

Static

static

1

jre-8u361-...64.exe

windows7-x64

8

jre-8u361-...64.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    143s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18-03-2023 03:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    jre-8u361-windows-x64.exe

  • Size

    62.1MB

  • MD5

    e70de386ebc763932a181fc37a2ad042

  • SHA1

    18e76e452b289ae2fc167667b55a81b11ec2693f

  • SHA256

    419328f3a2325b1dc27f710abd73e232e9deac47915b4dba61a697b925b5b83d

  • SHA512

    a45cb9c665a867042d0d52f085d095ac774c3f9b10febd858b26d2c899f7c2b5024586156ec572be384b226a8efc44d6757bbbc920843ce58119345bea155a0d

  • SSDEEP

    1572864:UYXYUrHHqj4AY8QOl+Kx1RwayO59accVL9NJ9fM4X:UYXYUrHqxl+KxzwayFTVL99l

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\jre-8u361-windows-x64.exe
    "C:\Users\Admin\AppData\Local\Temp\jre-8u361-windows-x64.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1560
    • C:\Users\Admin\AppData\Local\Temp\jds240554390.tmp\jre-8u361-windows-x64.exe
      "C:\Users\Admin\AppData\Local\Temp\jds240554390.tmp\jre-8u361-windows-x64.exe"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:4020

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\jds240554390.tmp\jre-8u361-windows-x64.exe
    Filesize

    61.7MB

    MD5

    e920cf3e63612868ed4b6cd9612bae77

    SHA1

    ef64fb46f8e955430d6fbd3778ff03e4c1f0e1b0

    SHA256

    a45104f8bf9a356b538f74aec9c7d25b92bef2d8e97cc27ed6d7232294a8ed82

    SHA512

    b02af44d9a87e06b0309e842d550b54b92575ba36a3ea74184bba40d4665751d91c8547ddd9c1c009d413f56829f7fcc604592ba51118c916cd1e039930571b2

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\jds240554390.tmp\jre-8u361-windows-x64.exe
    Filesize

    61.7MB

    MD5

    e920cf3e63612868ed4b6cd9612bae77

    SHA1

    ef64fb46f8e955430d6fbd3778ff03e4c1f0e1b0

    SHA256

    a45104f8bf9a356b538f74aec9c7d25b92bef2d8e97cc27ed6d7232294a8ed82

    SHA512

    b02af44d9a87e06b0309e842d550b54b92575ba36a3ea74184bba40d4665751d91c8547ddd9c1c009d413f56829f7fcc604592ba51118c916cd1e039930571b2

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\jusched.log
    Filesize

    267KB

    MD5

    91f3510b0992fc53c4a17cf4349cc73b

    SHA1

    4af2f5b799aea0551532e2ca04e53e93491a812e

    SHA256

    47e5cfc8ef972bbacf16c67d6f9fb0d162714e9b52e18eea294196eaf8e9d18a

    SHA512

    c4f06757a58a00200094c6f8d78d9c2731f69f203cb8b166db89a67350bf042e26a43a36e222a613c270721b59fbbf9cd8937f0cb784a77cf6a4114eccb4cf30

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\jusched.log
    Filesize

    267KB

    MD5

    f80b765e75a4470ccf9018c8677a7772

    SHA1

    0cf71a081ea624ef557b3252e920d1a26deced05

    SHA256

    180204f81f6f4029f9457682d6451b1b80e46e7adce474276772930c7775d576

    SHA512

    9981145be3bb148c8b02f3c1e68d1d869f9fd2e556376eee56b0fafb683da33be8a4f44465554e861a81445b31bfbdec4ab4b71d91beb40d4b80d6085623c144

    Download Submit
  • memory/4020-244-0x000001E874850000-0x000001E874A5C000-memory.dmp
    Filesize

    2.0MB

    Download
  • memory/4020-247-0x000001E874850000-0x000001E874A5C000-memory.dmp
    Filesize

    2.0MB

    Download
  • memory/4020-256-0x000001E874850000-0x000001E874A5C000-memory.dmp
    Filesize

    2.0MB

    Download
  • memory/4020-257-0x000001E874850000-0x000001E874A5C000-memory.dmp
    Filesize

    2.0MB

    Download