Analysis

  • max time kernel
    146s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29-12-2023 01:58

General

  • Target

    827c3d5ba4711d93931b11cbe27854c0.jar

  • Size

    218KB

  • MD5

    827c3d5ba4711d93931b11cbe27854c0

  • SHA1

    f1fb8c24ca14f16c9de0dba5de099e3030b14d3b

  • SHA256

    34f8e073235ed6822c7362606a72546b0313c401f4a2a46e28d7242d4c745dda

  • SHA512

    1f34c7dd62dd5e508f381cdd73faced92b42b7c9fd860a8dd37456612152f8bbe855d677cad4fd2999e32531c36169ded58355b1cf4a686a185f51ffb382ed2c

  • SSDEEP

    6144:/rAMqiBDwJx71TFd3iaJqYjSj51Kd9pcqfjW:kdiaP1T/iwM/K9uYW

Score
7/10

Malware Config

Signatures

  • Modifies file permissions 1 TTPs 1 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\827c3d5ba4711d93931b11cbe27854c0.jar
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4468
    • C:\Windows\system32\icacls.exe
      C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
      2⤵
      • Modifies file permissions
      PID:1436

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp

    Filesize

    46B

    MD5

    02eb0e00486c7866f9454aee64db84a0

    SHA1

    761a6c06b6e931f034a9b534e1d8a9b79859ede8

    SHA256

    facc868c427ecaf5ab9a29fa4dba1c4f744edd9bd143bf1716b5607ab2869bd3

    SHA512

    cf4e077979775fab6d00cd3bb4e0c8d7d41876a3b6b37bdc92c9fe78edb8769a15caafb650de3515956c7dcbeeee76213f21678d32a3bace3bd3bb9665e39aa6

  • memory/4468-75-0x0000019CFA1B0000-0x0000019CFA1B1000-memory.dmp

    Filesize

    4KB

  • memory/4468-47-0x0000019C80000000-0x0000019C81000000-memory.dmp

    Filesize

    16.0MB

  • memory/4468-18-0x0000019C80000000-0x0000019C81000000-memory.dmp

    Filesize

    16.0MB

  • memory/4468-23-0x0000019C80000000-0x0000019C81000000-memory.dmp

    Filesize

    16.0MB

  • memory/4468-76-0x0000019CFA1B0000-0x0000019CFA1B1000-memory.dmp

    Filesize

    4KB

  • memory/4468-39-0x0000019C80000000-0x0000019C81000000-memory.dmp

    Filesize

    16.0MB

  • memory/4468-40-0x0000019CFA1B0000-0x0000019CFA1B1000-memory.dmp

    Filesize

    4KB

  • memory/4468-79-0x0000019C80000000-0x0000019C81000000-memory.dmp

    Filesize

    16.0MB

  • memory/4468-53-0x0000019CFA1B0000-0x0000019CFA1B1000-memory.dmp

    Filesize

    4KB

  • memory/4468-83-0x0000019CFA1B0000-0x0000019CFA1B1000-memory.dmp

    Filesize

    4KB

  • memory/4468-67-0x0000019C80000000-0x0000019C81000000-memory.dmp

    Filesize

    16.0MB

  • memory/4468-71-0x0000019C80000000-0x0000019C81000000-memory.dmp

    Filesize

    16.0MB

  • memory/4468-70-0x0000019CFA1B0000-0x0000019CFA1B1000-memory.dmp

    Filesize

    4KB

  • memory/4468-72-0x0000019CFA1B0000-0x0000019CFA1B1000-memory.dmp

    Filesize

    4KB

  • memory/4468-73-0x0000019CFA1B0000-0x0000019CFA1B1000-memory.dmp

    Filesize

    4KB

  • memory/4468-4-0x0000019C80000000-0x0000019C81000000-memory.dmp

    Filesize

    16.0MB

  • memory/4468-32-0x0000019C80000000-0x0000019C81000000-memory.dmp

    Filesize

    16.0MB

  • memory/4468-12-0x0000019CFA1B0000-0x0000019CFA1B1000-memory.dmp

    Filesize

    4KB

  • memory/4468-65-0x0000019CFA1B0000-0x0000019CFA1B1000-memory.dmp

    Filesize

    4KB

  • memory/4468-81-0x0000019CFA1B0000-0x0000019CFA1B1000-memory.dmp

    Filesize

    4KB

  • memory/4468-84-0x0000019C80000000-0x0000019C81000000-memory.dmp

    Filesize

    16.0MB

  • memory/4468-85-0x0000019CFA1B0000-0x0000019CFA1B1000-memory.dmp

    Filesize

    4KB

  • memory/4468-87-0x0000019CFA1B0000-0x0000019CFA1B1000-memory.dmp

    Filesize

    4KB

  • memory/4468-88-0x0000019C80000000-0x0000019C81000000-memory.dmp

    Filesize

    16.0MB

  • memory/4468-90-0x0000019CFA1B0000-0x0000019CFA1B1000-memory.dmp

    Filesize

    4KB

  • memory/4468-92-0x0000019CFA1B0000-0x0000019CFA1B1000-memory.dmp

    Filesize

    4KB

  • memory/4468-93-0x0000019C80000000-0x0000019C81000000-memory.dmp

    Filesize

    16.0MB

  • memory/4468-94-0x0000019CFA1B0000-0x0000019CFA1B1000-memory.dmp

    Filesize

    4KB

  • memory/4468-95-0x0000019C80000000-0x0000019C81000000-memory.dmp

    Filesize

    16.0MB

  • memory/4468-96-0x0000019CFA1B0000-0x0000019CFA1B1000-memory.dmp

    Filesize

    4KB

  • memory/4468-100-0x0000019C80000000-0x0000019C81000000-memory.dmp

    Filesize

    16.0MB

  • memory/4468-105-0x0000019C80000000-0x0000019C81000000-memory.dmp

    Filesize

    16.0MB

  • memory/4468-104-0x0000019CFA1B0000-0x0000019CFA1B1000-memory.dmp

    Filesize

    4KB

  • memory/4468-106-0x0000019C80000000-0x0000019C81000000-memory.dmp

    Filesize

    16.0MB