f51ca6542db98eeea3183702e264fcf17baa5c993f038dbba6f104bf17cda8ac

Resubmissions

06-08-2023 18:40

230806-xbac1adb7x 7

06-08-2023 18:33

230806-w7hhtabg46 4

Analysis

max time kernel
122s
max time network
253s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
06-08-2023 18:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Arial Launcher.jar
Size

34.9MB
MD5

fee896be967e03a5e61eb11adbe5d902
SHA1

e84f2a801014c312774a1fa84a6c994d9890c80a
SHA256

f51ca6542db98eeea3183702e264fcf17baa5c993f038dbba6f104bf17cda8ac
SHA512

a29e97b4dcedbefa936514c06101250926a055f27aeae9692ea5a81b46e9680783f36047c771d920d246329a0af76340a4f9b159ca8f91654a2de3a31882d647
SSDEEP

786432:THCezm9W+sX92y6UVf2CXL2l6sR8oNw4GaVso4segDJSC:A9sX36Uw8/4GwUsegZ

Score

4^/10

Malware Config

Signatures

Drops file in Program Files directory 12 IoCs

description	ioc	Process
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\dll\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\dll\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\symbols\dll\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\symbols\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\symbols\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\symbols\dll\ntdll.pdb	java.exe

Suspicious use of SetWindowsHookEx 4 IoCs

pid	Process
228	java.exe
228	java.exe
228	java.exe
228	java.exe

C:\ProgramData\Oracle\Java\javapath\java.exe
java -jar "C:\Users\Admin\AppData\Local\Temp\Arial Launcher.jar"
1⤵
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
PID:228

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/228-137-0x0000000002860000-0x0000000003860000-memory.dmp

Filesize
16.0MB

Download
memory/228-144-0x0000000000B40000-0x0000000000B41000-memory.dmp

Filesize
4KB

Download
memory/228-149-0x0000000000B40000-0x0000000000B41000-memory.dmp

Filesize
4KB

Download
memory/228-150-0x0000000002860000-0x0000000003860000-memory.dmp

Filesize
16.0MB

Download
memory/228-153-0x0000000002860000-0x0000000003860000-memory.dmp

Filesize
16.0MB

Download
memory/228-159-0x0000000000B40000-0x0000000000B41000-memory.dmp

Filesize
4KB

Download
memory/228-164-0x0000000000B40000-0x0000000000B41000-memory.dmp

Filesize
4KB

Download
memory/228-163-0x0000000000B40000-0x0000000000B41000-memory.dmp

Filesize
4KB

Download
memory/228-168-0x0000000000B40000-0x0000000000B41000-memory.dmp

Filesize
4KB

Download
memory/228-172-0x0000000002860000-0x0000000003860000-memory.dmp

Filesize
16.0MB

Download
memory/228-181-0x0000000002860000-0x0000000003860000-memory.dmp

Filesize
16.0MB

Download
memory/228-190-0x0000000002860000-0x0000000003860000-memory.dmp

Filesize
16.0MB

Download
memory/228-196-0x0000000000B40000-0x0000000000B41000-memory.dmp

Filesize
4KB

Download
memory/228-198-0x0000000000B40000-0x0000000000B41000-memory.dmp

Filesize
4KB

Download
memory/228-211-0x0000000000B40000-0x0000000000B41000-memory.dmp

Filesize
4KB

Download
memory/228-213-0x0000000002860000-0x0000000003860000-memory.dmp

Filesize
16.0MB

Download
memory/228-219-0x0000000002860000-0x0000000003860000-memory.dmp

Filesize
16.0MB

Download
memory/228-220-0x0000000002860000-0x0000000003860000-memory.dmp

Filesize
16.0MB

Download
memory/228-221-0x0000000002860000-0x0000000003860000-memory.dmp

Filesize
16.0MB

Download

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads