Overview

overview

7

Static

static

1

Aristois-Free.jar

windows7-x64

1

Aristois-Free.jar

windows10-1703-x64

7

Aristois-Free.jar

windows10-2004-x64

7

Analysis

  • max time kernel
    388s
  • max time network
    1593s
  • platform
    windows10-1703_x64
  • resource
    win10-20230220-es
  • resource tags

    arch:x64arch:x86image:win10-20230220-eslocale:es-esos:windows10-1703-x64systemwindows
  • submitted
    12/04/2023, 13:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Aristois-Free.jar

  • Size

    6.6MB

  • MD5

    a20386aae57b3314aa608af93d576d0b

  • SHA1

    5685e5fc2e57f8116e3ef9da77110c7f6800a5c1

  • SHA256

    dd126dd177dadab5ee1d6f0697a2b5ffd2b9869ea7bfb4d0c65fa38265664dfa

  • SHA512

    20571bbfe24e15dbc8f51fce92b7847dfcee6d91ac59e9ac7b3f2508c59e6715075179b0c0b46a988c5ee1e9d1aa95a2b5cc9806d1968a85344af6c07130b5ac

  • SSDEEP

    196608:0QcYTnwEffNczykIbzP1XeaNAd+1blTRLkqSCfH:nrzflDkaPAd8dJkqSoH

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\ProgramData\Oracle\Java\javapath\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\Aristois-Free.jar
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:4180

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\lwjglAdmin\3.3.1-SNAPSHOT\glfw.dll
    Filesize

    357KB

    MD5

    dad976fafd111ceedc7a473932e9da8f

    SHA1

    3c0e8e7fcbc854a87219fbbfd181c2cc76018144

    SHA256

    f61949c469c54a5f4e5a8e1668255b919ee1237f1e568acf4127dda0abcdc9a8

    SHA512

    64801d4d34f130b5ee33d2df3a266e2aed981265d13c6552ab73418471398c49cab9a617647b64298c1de432d078f1a7b830d4330980e7ef10dd15a1d18bda11

    Download Submit

  • \Users\Admin\AppData\Local\Temp\lwjglAdmin\3.3.1-SNAPSHOT\glfw.dll
    Filesize

    357KB

    MD5

    dad976fafd111ceedc7a473932e9da8f

    SHA1

    3c0e8e7fcbc854a87219fbbfd181c2cc76018144

    SHA256

    f61949c469c54a5f4e5a8e1668255b919ee1237f1e568acf4127dda0abcdc9a8

    SHA512

    64801d4d34f130b5ee33d2df3a266e2aed981265d13c6552ab73418471398c49cab9a617647b64298c1de432d078f1a7b830d4330980e7ef10dd15a1d18bda11

    Download Submit

  • \Users\Admin\AppData\Local\Temp\lwjglAdmin\3.3.1-SNAPSHOT\lwjgl.dll
    Filesize

    446KB

    MD5

    78b8212a157e985fa9d9ee9eaab033bd

    SHA1

    0c9b501520c20055ba77bbd8cae4895fcb1cfa40

    SHA256

    1cbc8a197aea7eee710735a57a8cae6c0953ad1fe2cb6e17c2e5afebeb93b5ec

    SHA512

    180dd20b04643d42195a30c28d455c923f395977f7dcb66b1ace85e99c1e3c00906542221092bf6d5465a5fc451d7523df862ab2bc050da3a136a6f635706d80

    Download Submit

  • memory/4180-126-0x0000000002590000-0x0000000002591000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4180-127-0x0000000002590000-0x0000000002591000-memory.dmp

    Filesize

    4KB

    Download