Overview

overview

10

Static

static

1

UNILEVER P...df.jar

windows7-x64

1

UNILEVER P...df.jar

windows10-2004-x64

10

Analysis

  • max time kernel
    157s
  • max time network
    36s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    27/03/2023, 13:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    UNILEVER PURCHASE ORDER #076863 for acknowledgement.pdf.jar

  • Size

    220KB

  • MD5

    b63df0e1517233d0d5d60e5375b774b2

  • SHA1

    063aedab9fa8b4ef44dd8ca8f08e00496e21546a

  • SHA256

    0431faeccbeca99b242fe5d8464ad5fcc7a24a853df8424d9c49951911e4fdab

  • SHA512

    61bbef99c1ae4ffe32a89a0e8e2d586fc26c5fd9932b3a58f97ef99e7f18f968a67a6818f7160b0f74d140e2ca989f6d39845c906b9de8aab44430938afa17ce

  • SSDEEP

    6144:SZuvXdGeqfj20asN+YfalfNZCDtKJdtoe:YuvtfqfpxNhfQNMIbie

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\java.exe
    java -jar "C:\Users\Admin\AppData\Local\Temp\UNILEVER PURCHASE ORDER #076863 for acknowledgement.pdf.jar"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1700
    • C:\Program Files\Java\jre7\bin\java.exe
      "C:\Program Files\Java\jre7\bin\java.exe" -jar "C:\Users\Admin\UNILEVER PURCHASE ORDER #076863 for acknowledgement.pdf.jar"
      2⤵
        PID:860

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\UNILEVER PURCHASE ORDER #076863 for acknowledgement.pdf.jar
      Filesize

      220KB

      MD5

      b63df0e1517233d0d5d60e5375b774b2

      SHA1

      063aedab9fa8b4ef44dd8ca8f08e00496e21546a

      SHA256

      0431faeccbeca99b242fe5d8464ad5fcc7a24a853df8424d9c49951911e4fdab

      SHA512

      61bbef99c1ae4ffe32a89a0e8e2d586fc26c5fd9932b3a58f97ef99e7f18f968a67a6818f7160b0f74d140e2ca989f6d39845c906b9de8aab44430938afa17ce

      Download Submit

    • memory/860-99-0x00000000000B0000-0x00000000000B1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/860-102-0x00000000000B0000-0x00000000000B1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/860-103-0x00000000000B0000-0x00000000000B1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1700-63-0x0000000000120000-0x0000000000121000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1700-70-0x0000000000120000-0x0000000000121000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1700-75-0x0000000000120000-0x0000000000121000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1700-80-0x0000000000120000-0x0000000000121000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1700-88-0x0000000000120000-0x0000000000121000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1700-90-0x0000000000120000-0x0000000000121000-memory.dmp

      Filesize

      4KB

      Download