Overview

overview

3

Static

static

1

jar-infect...er.zip

windows7-x64

1

jar-infect...er.zip

windows10-2004-x64

1

jar-infect...ib.dll

windows7-x64

1

jar-infect...ib.dll

windows10-2004-x64

1

jar-infect...er.exe

windows7-x64

1

jar-infect...er.exe

windows10-2004-x64

1

jar-infect...config

windows7-x64

3

jar-infect...config

windows10-2004-x64

3

jar-infect...ll.dll

windows7-x64

1

jar-infect...ll.dll

windows10-2004-x64

1

jar-infect...ck.dll

windows7-x64

1

jar-infect...ck.dll

windows10-2004-x64

1

jar-infect...rs.dll

windows7-x64

1

jar-infect...rs.dll

windows10-2004-x64

1

jar-infect...ry.dll

windows7-x64

1

jar-infect...ry.dll

windows10-2004-x64

1

jar-infect...rs.dll

windows7-x64

1

jar-infect...rs.dll

windows10-2004-x64

1

jar-infect...fe.dll

windows7-x64

1

jar-infect...fe.dll

windows10-2004-x64

1

jar-infect...ns.dll

windows7-x64

1

jar-infect...ns.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    107s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2023, 16:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    jar-infection-scanner/JarInfectionScanner.exe

  • Size

    25KB

  • MD5

    f953be311c44ef80366ec2acf8e2afdc

  • SHA1

    215bc84d8d6d93b47e4c164d5eb9a65290f9a557

  • SHA256

    94fbc2ed1a96f78ef82c8b452c2c445cb9d882eec2a8cdbe637595452e9e6980

  • SHA512

    7a1be2551dfc0f3f82f3990607df12f6b796cd6ce16b53eb79e469bd5efc4b9bed674a5c16ff8ce65fb185264689d8471d5232ef8049e59f72b2581168926531

  • SSDEEP

    384:asSxezDbi7bmT1xwjvdBmd5UEGLQP5fGfIYiPWsav8JN77hh3wJI8S:asSSSKRxdAGUgYiPz3hRwXS

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\jar-infection-scanner\JarInfectionScanner.exe
    "C:\Users\Admin\AppData\Local\Temp\jar-infection-scanner\JarInfectionScanner.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2012
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch&plcid=0x409&o1=.NETFramework,Version=v4.8&processName=JarInfectionScanner.exe&platform=0009&osver=5&isServer=0&shimver=4.0.30319.0
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2024
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2024 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:1140

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3c1c153e7264201753d88078ac714318

    SHA1

    c0ba2cb933806db782c8314af87f8f09d3cf1f25

    SHA256

    c6e66fa28b49584743a475c58abacf3b208dd2768c70f3727b0e4833c8852973

    SHA512

    3027861029e89d37c85290dfff5258039724bbb8d94e4e11d57f32d98e88c02c7bbd24c0044faa7366e7b2a961dbeede238be23932f9c9ae6088b0cbc1d60d8c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    be9b0e10dfe248ee563bc46d797451a8

    SHA1

    75a658ca9fb23e69e92f42769e71e102b99b9f4d

    SHA256

    3b34b250e5c2a19b0d7885e2a017300eb46f0191eef41ed9bf20c39d61739e3a

    SHA512

    5f554ce841b122072b4b67032bc92d8bc24ce5cafd1bced2ff0ce7ebf1dec191fb407f1c23782eb943e8c4c67ef68a300c3e0f085ea936afdf052699466d75de

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    91d5f2cb282c897dcdb4cce845bae49f

    SHA1

    fae46421eb79aeae431aa83d18290073383a9c6a

    SHA256

    0815e27ef9e7a61cefa0034b3ad91641a653a42e0601427031263953ad321bee

    SHA512

    b9c0672943c5ba745599b8d64031ec0c43790d06dca06a3243c81dc1de7b0048838609c422ae35cc519fc279acbc0d1d9afd914e214bd9562f7d7cd3c9623cc8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    883db7be2cefe6a129d49851fc66ea96

    SHA1

    bc016b2af2296c54b5507dfc5753b0bf155e73ca

    SHA256

    c8ab1c16ae624dc74fa6927089d926a09c1921debc79a0f67105938b56416f6a

    SHA512

    5a22b61967002c86dccb893067b9bd4d7067dd91b4c5a60b9d060d8fa449228666857240a377c9c6596da2e13de142b173c8a74c36db45c012894c08b7ab257a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e75bad602bb5e8b4c06d1ee64b44a94a

    SHA1

    b8b0efff3a4001197771736d2c73930fc262884f

    SHA256

    c3f25a1f665d10156d910a8f3ecb3f09b3bb4726166007d90431c8c7cff9443d

    SHA512

    212dcd33b44bbd92bec8ea6213b58dcbf2f41da447590327f8642df6ef26e39fdfca0b31b686af4520e00916347d9e415210f11cfb5cace144959cc61fc117f3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    40f1e2e42ae435f9eb7a590e345ce14f

    SHA1

    cdc9586f7e9727f96aae65fdce02c381a55a46c8

    SHA256

    4f81717d3d6173316ecc96064ecb9eb4451e5a75dcc035e4c4b6842356bc9aba

    SHA512

    ff487a810bde4af79522b43c242f37382f1de80ed11362825688b2af942ea43ef9cc1f8c51be54bf48b765d8e1cba74717ca5f361dc1f49f7d984f21e65f21e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7eee74c29936da2f0b3a2027d7fa3db7

    SHA1

    451fb81e1f6b29f47618b60ecd400ca54c4fcb1f

    SHA256

    f804360c672920926041e631e25118d8df0817b7e98c9692f6ec4d1d4fce344c

    SHA512

    57440f146d582928f91d483520ab2ff27270f004f6a50757235324d312eb0046d1d1d4be0871f3cc8dbad779b002d41a87259e5af822229c4fdb8f6c88429d70

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4d5ea899f6f940a6b1ccefa1550776a2

    SHA1

    2fd4edd148874909fd7eb4a9e82f84412f461cd8

    SHA256

    54b539c0185f6af881d6aecc253914a95b282f4701e260c4d5a81a834141bc41

    SHA512

    c0322b4dd7a101798ee5eb2a5667aba9b48048d62016a5d1b3306c056c8a219a2666d38a3ea8cc160b6b161b268ac345e9a6ec3d6ac42d7271dd5f721c8fedd2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    478c8d7d62e328644401d96a3ce24363

    SHA1

    57d9b8f7b57463f0bcb49ba24b088d8080b1a9bc

    SHA256

    f36c11044b3af1ef7148e3426da4aa8b3f0bcddf3c800c60478fff1844bdd5aa

    SHA512

    687d9c39ebef011382025450460d4706c57f07579669b5ec968e3b5cac6dca6a44d40ebfcdbc04266bc5506df8fd48bac3498bd2e1044a64248244d8c43ea2c4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5788140e25d94e4ccb5d7deec2f0c4f5

    SHA1

    7955477cc85278a9d05a9b4ef4d84539326b7d48

    SHA256

    5ce88e9567a2a32750458c489c41dc9a39f94c1b22dd91d0da863812062198a1

    SHA512

    d114d9fdaa07bc24d02aa15df66ead429b76c66c72bc398e618ed42f69d12180e6a7d1ea1523748386272081d4f7e3d06fe64969d62feee9825692228bc7c061

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NMXH1C0L\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar7E5C.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\SICKNFIC.txt
    Filesize

    600B

    MD5

    db4d60f8b3f20eed24e44c73135fcf83

    SHA1

    3274da8ff4a88ec1947c75a664499b2c1d8d1107

    SHA256

    a12ca7ba8abab1dcd8ec6a568d5815071a129e9222f93686a1cdd00e61997c01

    SHA512

    de9489f4187d067fa2727c3bb7043bad1c0671b440495b8e7386a1f4a3b13079218a963ed78f59ccbb4613dccb37e88ef5ab8585bce2844e11d6b23b19606271

    Download Submit