fdf2ca562c8c0b7e1405eda1a8afa1b08d48f5d6388e396ff251c1f3fb44e2a7

Analysis

max time kernel
142s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
14/07/2023, 16:11

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

JavaSetup8u371.exe
Size

2.2MB
MD5

c89932b8954036c952dd7bbefe67222d
SHA1

0d88ef2436585870f6280653207c696d499c0f24
SHA256

fdf2ca562c8c0b7e1405eda1a8afa1b08d48f5d6388e396ff251c1f3fb44e2a7
SHA512

7bca2f5573e9d5d2b39b9e7d6e0acdee374c9d476ffdabfc257f98f7e5c9b6872e2234db111dd2f2a81b271d7099d42f9445aae69a7f0ae966c7d212a313ef5c
SSDEEP

49152:5vU/dkUJ4qvwaDYfonsNJEuWlyOMjUfkptVxEcb7VN:5vU/ddZQfonsbjUu5z

Score

4^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
3520	JavaSetup8u371.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
3520	JavaSetup8u371.exe
3520	JavaSetup8u371.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 3024 wrote to memory of 3520	3024	JavaSetup8u371.exe	85
PID 3024 wrote to memory of 3520	3024	JavaSetup8u371.exe	85
PID 3024 wrote to memory of 3520	3024	JavaSetup8u371.exe	85

C:\Users\Admin\AppData\Local\Temp\JavaSetup8u371.exe
"C:\Users\Admin\AppData\Local\Temp\JavaSetup8u371.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:3024
- C:\Users\Admin\AppData\Local\Temp\jds240612718.tmp\JavaSetup8u371.exe
  "C:\Users\Admin\AppData\Local\Temp\jds240612718.tmp\JavaSetup8u371.exe"
  2⤵
  - Executes dropped EXE
  - Suspicious use of SetWindowsHookEx
  PID:3520

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\jds240612718.tmp\JavaSetup8u371.exe

Filesize
1.9MB

MD5
9f1058aeb94f4fc8161ab0472219e535

SHA1
212f7ce57c1e95d051b915f91ada834ade274642

SHA256
83cf56aec1c332779a23a690ece029572a7f4e8c46149948a69f0e78529da1a5

SHA512
aed7bffb3ad530d0bdb49c53ac86d7c142cda21c6d492c5bf59e8c3c2c373af49296c00a30fdd5f0965a30ae0ab11b73b8196defb2d017c4ff10315d53d98c9c

Download Submit
C:\Users\Admin\AppData\Local\Temp\jds240612718.tmp\JavaSetup8u371.exe

Filesize
1.9MB

MD5
9f1058aeb94f4fc8161ab0472219e535

SHA1
212f7ce57c1e95d051b915f91ada834ade274642

SHA256
83cf56aec1c332779a23a690ece029572a7f4e8c46149948a69f0e78529da1a5

SHA512
aed7bffb3ad530d0bdb49c53ac86d7c142cda21c6d492c5bf59e8c3c2c373af49296c00a30fdd5f0965a30ae0ab11b73b8196defb2d017c4ff10315d53d98c9c

Download Submit
C:\Users\Admin\AppData\Local\Temp\jusched.log

Filesize
267KB

MD5
ac5368cd5a48aeb7ffc0fd885b0f8533

SHA1
421c0a913a60f079f7d9d87237628846a0ecf4f3

SHA256
39d31d989c0927ec75db955e99134883924a47eaa58a294dd29d19b6cc2d4690

SHA512
a229a5b6af3a9676b33613ae1a471aa9b8cb5afe8da25002f40c8419e534be164664266ec3207faa21cb33f080cb98e1dfbba16c99541285141d24e6d6244d28

Download Submit
C:\Users\Admin\AppData\Local\Temp\jusched.log

Filesize
268KB

MD5
a23133a1ed5db1bf75a58068aab6336b

SHA1
aa1ad0f443a8c34ddf9cc2c9cfe10c8676fa62c7

SHA256
bcce1715ace7e7f43c85af83a9226d13f6703bb530dd83990f27d38f80e067b6

SHA512
9d3b150d27dc5d34c863c2f2b2747d1baec418d7fd617d23ad76cc244d5b17d342857427dca294feeb5f827bb8ed2ce1dc4a081e93918a1030aadcbd5043cf3b

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads