Malware Analysis Report

2024-12-07 20:45

Sample ID 230627-rmjg6afc9t
Target InSeNaCoder1550ddc8jar.jar
SHA256 4e0f0e48af90b53ca2f5bfe07730901ca963655051f5fd4fba455933bc9a72ec
Tags
strrat persistence stealer trojan
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V6

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

4e0f0e48af90b53ca2f5bfe07730901ca963655051f5fd4fba455933bc9a72ec

Threat Level: Known bad

The file InSeNaCoder1550ddc8jar.jar was found to be: Known bad.

Malicious Activity Summary

strrat persistence stealer trojan

STRRAT

Drops startup file

Adds Run key to start application

Creates scheduled task(s)

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2023-06-27 14:18

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2023-06-27 14:18

Reported

2023-06-27 14:21

Platform

win7-20230621-en

Max time kernel

155s

Max time network

162s

Command Line

java -jar C:\Users\Admin\AppData\Local\Temp\InSeNaCoder1550ddc8jar.jar

Signatures

N/A

Processes

C:\Windows\system32\java.exe

java -jar C:\Users\Admin\AppData\Local\Temp\InSeNaCoder1550ddc8jar.jar

Network

Country Destination Domain Proto
US 8.8.8.8:53 repo1.maven.org udp
US 8.8.8.8:53 github.com udp
US 199.232.192.209:443 repo1.maven.org tcp
US 199.232.192.209:443 repo1.maven.org tcp
US 199.232.192.209:443 repo1.maven.org tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 8.8.8.8:53 github.com udp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 140.82.113.4:443 github.com tcp
US 8.8.8.8:53 github.com udp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp
US 140.82.112.3:443 github.com tcp

Files

memory/1420-63-0x0000000000330000-0x0000000000331000-memory.dmp

memory/1420-70-0x0000000000330000-0x0000000000331000-memory.dmp

memory/1420-71-0x0000000000330000-0x0000000000331000-memory.dmp

memory/1420-79-0x0000000000330000-0x0000000000331000-memory.dmp

memory/1420-84-0x0000000000330000-0x0000000000331000-memory.dmp

memory/1420-86-0x0000000000330000-0x0000000000331000-memory.dmp

memory/1420-91-0x0000000000330000-0x0000000000331000-memory.dmp

memory/1420-92-0x0000000000330000-0x0000000000331000-memory.dmp

memory/1420-95-0x0000000000330000-0x0000000000331000-memory.dmp

memory/1420-96-0x0000000000330000-0x0000000000331000-memory.dmp

memory/1420-129-0x0000000000330000-0x0000000000331000-memory.dmp

memory/1420-136-0x0000000000330000-0x0000000000331000-memory.dmp

Analysis: behavioral2

Detonation Overview

Submitted

2023-06-27 14:18

Reported

2023-06-27 14:21

Platform

win10v2004-20230621-en

Max time kernel

149s

Max time network

152s

Command Line

java -jar C:\Users\Admin\AppData\Local\Temp\InSeNaCoder1550ddc8jar.jar

Signatures

STRRAT

trojan stealer strrat

Drops startup file

Description Indicator Process Target
File created C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\InSeNaCoder1550ddc8jar.jar C:\Program Files\Java\jre1.8.0_66\bin\java.exe N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-922299981-3641064733-3870770889-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\InSeNaCoder1550ddc8jar = "\"C:\\Program Files\\Java\\jre1.8.0_66\\bin\\javaw.exe\" -jar \"C:\\Users\\Admin\\AppData\\Roaming\\InSeNaCoder1550ddc8jar.jar\"" C:\Program Files\Java\jre1.8.0_66\bin\java.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\InSeNaCoder1550ddc8jar = "\"C:\\Program Files\\Java\\jre1.8.0_66\\bin\\javaw.exe\" -jar \"C:\\Users\\Admin\\AppData\\Roaming\\InSeNaCoder1550ddc8jar.jar\"" C:\Program Files\Java\jre1.8.0_66\bin\java.exe N/A

Creates scheduled task(s)

persistence
Description Indicator Process Target
N/A N/A C:\Windows\system32\schtasks.exe N/A

Processes

C:\ProgramData\Oracle\Java\javapath\java.exe

java -jar C:\Users\Admin\AppData\Local\Temp\InSeNaCoder1550ddc8jar.jar

C:\Program Files\Java\jre1.8.0_66\bin\java.exe

"C:\Program Files\Java\jre1.8.0_66\bin\java.exe" -jar "C:\Users\Admin\InSeNaCoder1550ddc8jar.jar"

C:\Windows\SYSTEM32\cmd.exe

cmd /c schtasks /create /sc minute /mo 30 /tn Skype /tr "C:\Users\Admin\AppData\Roaming\InSeNaCoder1550ddc8jar.jar"

C:\Program Files\Java\jre1.8.0_66\bin\java.exe

"C:\Program Files\Java\jre1.8.0_66\bin\java.exe" -jar "C:\Users\Admin\AppData\Roaming\InSeNaCoder1550ddc8jar.jar"

C:\Windows\system32\schtasks.exe

schtasks /create /sc minute /mo 30 /tn Skype /tr "C:\Users\Admin\AppData\Roaming\InSeNaCoder1550ddc8jar.jar"

Network

Country Destination Domain Proto
NL 40.126.32.138:443 tcp
US 8.8.8.8:53 repo1.maven.org udp
US 8.8.8.8:53 github.com udp
US 199.232.192.209:443 repo1.maven.org tcp
US 199.232.192.209:443 repo1.maven.org tcp
US 199.232.192.209:443 repo1.maven.org tcp
US 140.82.114.3:443 github.com tcp
US 8.8.8.8:53 209.192.232.199.in-addr.arpa udp
US 8.8.8.8:53 3.114.82.140.in-addr.arpa udp
US 8.8.8.8:53 17.160.190.20.in-addr.arpa udp
US 52.182.143.211:443 tcp
SG 8.241.134.126:80 tcp
SG 8.241.134.126:80 tcp
SG 8.241.134.126:80 tcp
SG 8.241.134.126:80 tcp
US 192.229.221.95:80 tcp
US 8.8.8.8:53 62.13.109.52.in-addr.arpa udp
US 8.8.8.8:53 objects.githubusercontent.com udp
US 185.199.108.133:443 objects.githubusercontent.com tcp
US 8.8.8.8:53 8.3.197.209.in-addr.arpa udp
US 8.8.8.8:53 133.108.199.185.in-addr.arpa udp
US 8.8.8.8:53 23.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 86.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 171.39.242.20.in-addr.arpa udp

Files

memory/892-143-0x0000000000770000-0x0000000000771000-memory.dmp

memory/892-163-0x0000000000770000-0x0000000000771000-memory.dmp

memory/892-169-0x0000000000770000-0x0000000000771000-memory.dmp

memory/892-175-0x0000000000770000-0x0000000000771000-memory.dmp

memory/892-177-0x0000000000770000-0x0000000000771000-memory.dmp

memory/892-183-0x0000000000770000-0x0000000000771000-memory.dmp

memory/892-185-0x0000000000770000-0x0000000000771000-memory.dmp

memory/892-189-0x0000000000770000-0x0000000000771000-memory.dmp

memory/892-190-0x0000000000770000-0x0000000000771000-memory.dmp

memory/892-191-0x0000000000770000-0x0000000000771000-memory.dmp

memory/892-194-0x0000000000770000-0x0000000000771000-memory.dmp

memory/892-205-0x0000000000770000-0x0000000000771000-memory.dmp

memory/892-206-0x0000000000770000-0x0000000000771000-memory.dmp

memory/892-207-0x0000000000770000-0x0000000000771000-memory.dmp

memory/892-208-0x0000000000770000-0x0000000000771000-memory.dmp

memory/892-209-0x0000000000770000-0x0000000000771000-memory.dmp

memory/892-210-0x0000000000770000-0x0000000000771000-memory.dmp

memory/892-212-0x0000000000770000-0x0000000000771000-memory.dmp

C:\Users\Admin\InSeNaCoder1550ddc8jar.jar

MD5 d46ced619302d537e07481dfe8a1e7e1
SHA1 135311ed819821a8a5043a0141c192e7b121a459
SHA256 4e0f0e48af90b53ca2f5bfe07730901ca963655051f5fd4fba455933bc9a72ec
SHA512 e4a35e5868ab5d267165375093a929ed02fc00b1fa6d9ef6e922c2992347363727b4c3ec935cf0562a600bbb5d571033e1e849ed5c12fc87915e2c2f0e605911

C:\Users\Admin\lib\sqlite-jdbc-3.14.2.1.jar

MD5 b33387e15ab150a7bf560abdc73c3bec
SHA1 66b8075784131f578ef893fd7674273f709b9a4c
SHA256 2eae3dea1c3dde6104c49f9601074b6038ff6abcf3be23f4b56f6720a4f6a491
SHA512 25cfb0d6ce35d0bcb18527d3aa12c63ecb2d9c1b8b78805d1306e516c13480b79bb0d74730aa93bd1752f9ac2da9fdd51781c48844cea2fd52a06c62852c8279

C:\Users\Admin\lib\jna-platform-5.5.0.jar

MD5 2f4a99c2758e72ee2b59a73586a2322f
SHA1 af38e7c4d0fc73c23ecd785443705bfdee5b90bf
SHA256 24d81621f82ac29fcdd9a74116031f5907a2343158e616f4573bbfa2434ae0d5
SHA512 b860459a0d3bf7ccb600a03aa1d2ac0358619ee89b2b96ed723541e182b6fdab53aefef7992acb4e03fca67aa47cbe3907b1e6060a60b57ed96c4e00c35c7494

C:\Users\Admin\lib\jna-5.5.0.jar

MD5 acfb5b5fd9ee10bf69497792fd469f85
SHA1 0e0845217c4907822403912ad6828d8e0b256208
SHA256 b308faebfe4ed409de8410e0a632d164b2126b035f6eacff968d3908cafb4d9e
SHA512 e52575f58a195ceb3bd16b9740eadf5bc5b1d4d63c0734e8e5fd1d1776aa2d068d2e4c7173b83803f95f72c0a6759ae1c9b65773c734250d4cfcdf47a19f82aa

C:\Users\Admin\lib\system-hook-3.5.jar

MD5 e1aa38a1e78a76a6de73efae136cdb3a
SHA1 c463da71871f780b2e2e5dba115d43953b537daf
SHA256 2ddda8af6faef8bde46acf43ec546603180bcf8dcb2e5591fff8ac9cd30b5609
SHA512 fee16fe9364926ec337e52f551fd62ed81984808a847de2fd68ff29b6c5da0dcc04ef6d8977f0fe675662a7d2ea1065cdcdd2a5259446226a7c7c5516bd7d60d

C:\Users\Admin\.oracle_jre_usage\90737d32e3aba4b.timestamp

MD5 00a5015b5f42cfd90258225fd4cb8432
SHA1 1bf757f10eef4710c63782fb89c7aa120d469003
SHA256 ebffd495b0e5e220a83a3c31859b234a9fdee1215a8e062d828798f3a620f276
SHA512 b3dcae5730376cf266bb7fe45887b3e3f5e934669d6dfa770a18c4df9f5ecc99eecbfe21106524aac17dba808f393a1920bd7658fbc5ebd3eb170f307d68e773

memory/4708-237-0x0000000002CA0000-0x0000000002CA1000-memory.dmp

C:\Users\Admin\AppData\Roaming\InSeNaCoder1550ddc8jar.jar

MD5 d46ced619302d537e07481dfe8a1e7e1
SHA1 135311ed819821a8a5043a0141c192e7b121a459
SHA256 4e0f0e48af90b53ca2f5bfe07730901ca963655051f5fd4fba455933bc9a72ec
SHA512 e4a35e5868ab5d267165375093a929ed02fc00b1fa6d9ef6e922c2992347363727b4c3ec935cf0562a600bbb5d571033e1e849ed5c12fc87915e2c2f0e605911

C:\Users\Admin\AppData\Roaming\InSeNaCoder1550ddc8jar.jar

MD5 d46ced619302d537e07481dfe8a1e7e1
SHA1 135311ed819821a8a5043a0141c192e7b121a459
SHA256 4e0f0e48af90b53ca2f5bfe07730901ca963655051f5fd4fba455933bc9a72ec
SHA512 e4a35e5868ab5d267165375093a929ed02fc00b1fa6d9ef6e922c2992347363727b4c3ec935cf0562a600bbb5d571033e1e849ed5c12fc87915e2c2f0e605911