Overview

overview

10

Static

static

10

Alex-2023-...2).zip

windows7-x64

1

Alex-2023-...2).zip

windows10-2004-x64

1

037f9434e8...53.ps1

windows7-x64

1

037f9434e8...53.ps1

windows10-2004-x64

1

05194b34f8...d4.exe

windows7-x64

1

05194b34f8...d4.exe

windows10-2004-x64

1

1285e648ef...9709ff

ubuntu-18.04-amd64

3

159fbb0d04...783614

windows7-x64

1

159fbb0d04...783614

windows10-2004-x64

1

1db1c4bf74...e85efd

ubuntu-18.04-amd64

1

1db1c4bf74...e85efd

debian-9-armhf

1

1db1c4bf74...e85efd

debian-9-mips

1

1db1c4bf74...e85efd

debian-9-mipsel

1

29dd920ac1...e5.zip

windows7-x64

1

29dd920ac1...e5.zip

windows10-2004-x64

1

2001.exe

windows7-x64

9

2001.exe

windows10-2004-x64

9

2bb60b1a8a...21.exe

windows7-x64

10

2bb60b1a8a...21.exe

windows10-2004-x64

10

6698f8ffb7...880c94

windows7-x64

1

6698f8ffb7...880c94

windows10-2004-x64

1

6c109d098a...8e.exe

windows7-x64

10

6c109d098a...8e.exe

windows10-2004-x64

10

70d176272e...ef.exe

windows7-x64

1

70d176272e...ef.exe

windows10-2004-x64

1

742d89c0c1...a1.exe

windows7-x64

9

742d89c0c1...a1.exe

windows10-2004-x64

9

75cd1339c8...bc.zip

windows7-x64

1

75cd1339c8...bc.zip

windows10-2004-x64

1

Dimples#1337.jar

windows7-x64

1

Dimples#1337.jar

windows10-2004-x64

7

832e563eb3...0cee4c

windows7-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01-01-2024 13:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Dimples#1337.jar

  • Size

    12KB

  • MD5

    19b897189026d49c29a1a303002e54e5

  • SHA1

    f12cd214c788b106911375d9493b8ea56f66a7d0

  • SHA256

    6bb94a0e12a66ba7bd5423e56ee2ebe98fcd6dbd863e7010046a8696e79e2202

  • SHA512

    f4e739e60ef616d04fad8f34e39fab2ea4cc11e7410a692688af16cf4ffda1e491fb2e9812e2ad6dbd8e4f5fc006c3faa1ca0342c3494619664be324f5dbfc83

  • SSDEEP

    384:JgqZQndriK1tx9SjbP6peJzb8lbXJQTmj:mqOdpx9sbzZAj6Tmj

Score
7/10
discovery

Malware Config

Signatures

  • Modifies file permissions 1 TTPs 1 IoCs
    discovery
  • Drops file in Program Files directory 12 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\Dimples#1337.jar
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1356
    • C:\Windows\system32\icacls.exe
      C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
      2⤵
      • Modifies file permissions
      PID:3584

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp
    Filesize

    46B

    MD5

    de2f3da1c8c913ea5df05aef00bb1110

    SHA1

    c256c53c275b11bd2c6005ddc3c206d4a52577a0

    SHA256

    a0c06c6134eed607fe0c394673ee6494802a70ded24320c69da061826a04f6f2

    SHA512

    00b2079f8e7995892f52c517d2814d87b617440191ac50e1a3eb272b8a053a0b900c9f6ff2d511ab0c5c74a84c7623f1debfa5264878e303b6b91aa89b00ec88

    Download Submit

  • memory/1356-4-0x0000018237B80000-0x0000018238B80000-memory.dmp

    Filesize

    16.0MB

    Download

  • memory/1356-11-0x00000182363A0000-0x00000182363A1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1356-17-0x00000182363A0000-0x00000182363A1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1356-24-0x0000018237B80000-0x0000018238B80000-memory.dmp

    Filesize

    16.0MB

    Download

  • memory/1356-25-0x0000018237E00000-0x0000018237E10000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1356-26-0x0000018237B80000-0x0000018238B80000-memory.dmp

    Filesize

    16.0MB

    Download