201224e9c42a85859010309c6d365050a31f4407ec99e2e77dba0be00270b681 | Triage

Analysis

max time kernel
60s
max time network
67s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
04/04/2023, 13:39

Sharing

Report Analysis Logs

General

Target

DroidJack_lib/quaqua.jar
Size

2.0MB
MD5

025ff87a7f70fd81f42f52f558ae8d83
SHA1

342be0d473fcd2ec159099beedfe084afc1852f7
SHA256

04c1725622ca16461436ef1d35d9992f82680997761fc76116e37f2347ee03d4
SHA512

cc195c0354dcd70eafff475d9fdea919b9f6548c95d0363c4ebf1d509b68a96a1c7da2438e1caba0e175547938e8da104626d9f34aa92f7766e6cb024494bc76
SSDEEP

49152:3mhLDeEPh+yzQajfFaWS+sroHA4vtZnsfXaUVJIDjnCNgkXVxK:wLDe0QEOKPnsfKUVJ7Nh2

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
1536	java.exe
1536	java.exe

C:\ProgramData\Oracle\Java\javapath\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\DroidJack_lib\quaqua.jar
1⤵
- Suspicious use of SetWindowsHookEx
PID:1536

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1536-148-0x0000000002960000-0x0000000002961000-memory.dmp

Filesize
4KB

Download
memory/1536-157-0x0000000002960000-0x0000000002961000-memory.dmp

Filesize
4KB

Download
memory/1536-158-0x0000000002960000-0x0000000002961000-memory.dmp

Filesize
4KB

Download
memory/1536-160-0x0000000002960000-0x0000000002961000-memory.dmp

Filesize
4KB

Download