725ed7a69d3d5c99e4bd182b4719617545d40aef99a703f394710f77cffba6de

Analysis

max time kernel
150s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
19/05/2023, 06:40

Target

COPIA DE PAGO MT103.jar
Size

218KB
MD5

081311df816dcdf6da3c38a927654056
SHA1

5b78d1c6a07c7a5a7f9d8cd199c178064c3b0129
SHA256

725ed7a69d3d5c99e4bd182b4719617545d40aef99a703f394710f77cffba6de
SHA512

7c9b59259df589b6f9e7df18ef72df5c63503154997f168d61591d1aec81ad344d661f546100af769e60b26091d6e7e760097c8163fbfcfdf3245d9e75a928de
SSDEEP

6144:+l97T6KPuRIUn7oEixwY5k3L5u3tnUznLfLlIPlv:k97uMUnkxwFodnCn9IP1

Score

5^/10

Drops file in System32 directory 2 IoCs

description	ioc	Process
File created	C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\InstallService\{CB0C2D44-C832-4064-B9C5-881E4F267F8C}.catalogItem	svchost.exe
File created	C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\InstallService\{99591426-62DE-400E-833D-443D0F6E7B28}.catalogItem	svchost.exe

C:\ProgramData\Oracle\Java\javapath\java.exe
java -jar "C:\Users\Admin\AppData\Local\Temp\COPIA DE PAGO MT103.jar"
1⤵
PID:1688

C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k netsvcs -p
1⤵
- Drops file in System32 directory
PID:1616

memory/1688-143-0x0000000000590000-0x0000000000591000-memory.dmp

Filesize
4KB

Download
memory/1688-144-0x0000000000590000-0x0000000000591000-memory.dmp

Filesize
4KB

Download
memory/1688-153-0x0000000000590000-0x0000000000591000-memory.dmp

Filesize
4KB

Download
memory/1688-176-0x0000000000590000-0x0000000000591000-memory.dmp

Filesize
4KB

Download
memory/1688-178-0x0000000000590000-0x0000000000591000-memory.dmp

Filesize
4KB

Download
memory/1688-194-0x0000000000590000-0x0000000000591000-memory.dmp

Filesize
4KB

Download