71d4b153af014ac81576fb91bb97ef6c4640f0486f98c2e4c9bb15b87fb9df58

Analysis

max time kernel
43s
max time network
49s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
19-12-2023 19:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

JavaSetup8u391.exe
Size

2.2MB
MD5

029ae246a9b5fd436a1b979e5f4aa54f
SHA1

4ab915f93bc2ea46eda2fcfbf037b956099ada45
SHA256

71d4b153af014ac81576fb91bb97ef6c4640f0486f98c2e4c9bb15b87fb9df58
SHA512

6c3140c1d8dca2be8ad8eb6360318a8cef78e4f31fbee635f0870e0d2bb0f1679948da3b98af1282fe8d586f9f7c3d3a82016f522a1d1447b1e59158146caf31
SSDEEP

49152:XKU/ESvdaU+c0/IVes7kJXBjYOMjUfkptVxOdxiyh:XKU/xvzg/IVeMjUu5C

Score

4^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
3076	JavaSetup8u391.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
3076	JavaSetup8u391.exe
3076	JavaSetup8u391.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 212 wrote to memory of 3076	212	JavaSetup8u391.exe	87
PID 212 wrote to memory of 3076	212	JavaSetup8u391.exe	87
PID 212 wrote to memory of 3076	212	JavaSetup8u391.exe	87

C:\Users\Admin\AppData\Local\Temp\JavaSetup8u391.exe
"C:\Users\Admin\AppData\Local\Temp\JavaSetup8u391.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:212
- C:\Users\Admin\AppData\Local\Temp\jds240615000.tmp\JavaSetup8u391.exe
  "C:\Users\Admin\AppData\Local\Temp\jds240615000.tmp\JavaSetup8u391.exe"
  2⤵
  - Executes dropped EXE
  - Suspicious use of SetWindowsHookEx
  PID:3076

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\jds240615000.tmp\JavaSetup8u391.exe

Filesize
1.5MB

MD5
a5d08c63ea726a53778be76253b2e172

SHA1
15a578aaece47daa845cd3308135a990e3a08008

SHA256
cc0cb81bdc581f8572817e80cfb7edc79df105ea3743a38a3cb6c14df84667c0

SHA512
8c793ebac418cfcee101853093a74f515a9994b1a10bb95bbaff677dc4882fc053a46416bf9b4601c0b22b4fe976f0949c2f57a00b736edb2f10321ac7b56d80

Download Submit
C:\Users\Admin\AppData\Local\Temp\jds240615000.tmp\JavaSetup8u391.exe

Filesize
1.8MB

MD5
e89fed992aa493511df2c76f6f649abc

SHA1
f9eec3dcbcf34824ad17e4afda615224bddab59a

SHA256
3e9b30c916e4a7003fd550a51c923018dfdaf78335021325e13433ff8521fe81

SHA512
f271ffd383888e323c304454b6626d307238582a8479176fcb7b5e8d6c40dfa0e3017bd434e890f44c913dd296a83e712a6bda03c0c1440c1e38da34afc3c1d3

Download Submit
C:\Users\Admin\AppData\Local\Temp\jusched.log

Filesize
155KB

MD5
cab319e959e98de5a9594f8dc9064344

SHA1
260dd9402062a3dfbf8552db96433067d79a2b42

SHA256
ad4aba76d93d8b1d97080f10627a5ec13dc6cfe6d6f5de83d861752392707d76

SHA512
590accb6637467c8dd9b0ff05ee066a8ae4df4676ca9665edc14afe9d75f753ac5e4c9990a0b83b65cf5f99972088df7cbb14250c80888219cb1ab72fd976d37

Download Submit
C:\Users\Admin\AppData\Local\Temp\jusched.log

Filesize
154KB

MD5
cf0d34ea5ff8b451ab2283b6e225b899

SHA1
1bdcde62ac51567db67445fe71677c61cd6551a5

SHA256
3d073ab0731bf04570e79cc198525dbcb72d57f285edc280a651403b0904777a

SHA512
a564ca575bb1bfbf4ad905290b315733196c4bdfa8f37512e3fa20a2badd487da754d09c1694c7b485f09d7f39c0605ee855d789ace2a042f8a314e5927718f9

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads