936cee4941ca401e556ece5206dc4d9fc70c3660aaecf27cdb6c4d1ca5252ee3

Analysis

max time kernel
361s
max time network
1596s
platform
windows10-1703_x64
resource
win10-20231215-en
resource tags

arch:x64arch:x86image:win10-20231215-enlocale:en-usos:windows10-1703-x64system
submitted
02-02-2024 11:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

JavaSetup8u401.exe
Size

2.2MB
MD5

6b561cdbb5c764d8b7d1b2dd583e1fdb
SHA1

e6ab66aa100f8a04b183d188193c693d01122f76
SHA256

936cee4941ca401e556ece5206dc4d9fc70c3660aaecf27cdb6c4d1ca5252ee3
SHA512

9aa375f24e3b63937c2d9b0231d356a395b81438dbf723af712c61baa87d3760319b977fdf8e060f1f38a2a5a12d302e3aa21826d3d0b4983d7a48e4e3ac1d1e
SSDEEP

49152:I5+BbeAO/bUnGrDWJzXs3yIqbCq6Pn+OMjUfkptVx8yijdYL:I5+BSX/bRraJbs3yIq7jUu5hL

Score

4^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
4496	JavaSetup8u401.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
4496	JavaSetup8u401.exe
4496	JavaSetup8u401.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 32 wrote to memory of 4496	32	JavaSetup8u401.exe	23
PID 32 wrote to memory of 4496	32	JavaSetup8u401.exe	23
PID 32 wrote to memory of 4496	32	JavaSetup8u401.exe	23

C:\Users\Admin\AppData\Local\Temp\JavaSetup8u401.exe
"C:\Users\Admin\AppData\Local\Temp\JavaSetup8u401.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:32
- C:\Users\Admin\AppData\Local\Temp\jds240613484.tmp\JavaSetup8u401.exe
  "C:\Users\Admin\AppData\Local\Temp\jds240613484.tmp\JavaSetup8u401.exe"
  2⤵
  - Executes dropped EXE
  - Suspicious use of SetWindowsHookEx
  PID:4496

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\jds240613484.tmp\JavaSetup8u401.exe

Filesize
622KB

MD5
61dc0d9fb159ade118ce138e70e6ed86

SHA1
4fcd3b5476d0ccb214f518a5f29167ae13451f2b

SHA256
0c5c87363707d52dfc0b7af7d90547882cd38e73450645283fe61eacec33ff3b

SHA512
dfc3be9d2e049b1eaf7c010b37decfc02c49a04148fcbfa42ab32f26c9bade4cf2a0f954f2cbc37a81a4fc33656f3e37ded86ffd9eb37aeb240e4da917002a97

Download Submit
C:\Users\Admin\AppData\Local\Temp\jds240613484.tmp\JavaSetup8u401.exe

Filesize
431KB

MD5
9fa5f0223f07f5e881b71090ac9d29ce

SHA1
2e94f39a72397841910581c24c065a0f4c55dbbb

SHA256
598158436af39c93eba04716b594a4627c6bb21e4d87945f601763f40d26078b

SHA512
eb3a347f9d826fb5b2ef3b82e977c48b17ccb910a65d1be8c90b1355ccaf3a1c4d4b52a64e1b6747698eb3c3b9b2a5f4b01cb5a80821cb77ac91676a78ebcfd5

Download Submit
C:\Users\Admin\AppData\Local\Temp\jusched.log

Filesize
157KB

MD5
bbd61bf36ce1268a87ff5688ecabbcaf

SHA1
d78d45bfd7992bc2aa5ee238432567aff9c99c5f

SHA256
c4e9c0918ace9f1d3777ace96db2b4fd5f1f912c9decf80730d9eeeb82170f33

SHA512
4822287e4dabfc292296b7566da2c796e34c8f339dc301ba4ed4be08d81450f0131b20474ec2a4c5a0f694369e60debde82991dfdac7f6694f252ee244bc5b41

Download Submit
C:\Users\Admin\AppData\Local\Temp\jusched.log

Filesize
155KB

MD5
2f66be264a6bcc65b424d2a851b0f5b7

SHA1
5f7f6cd4195bd400510bfd25ce85678f1f1f7d7a

SHA256
4a40472fd02f70ad434835d830463431153d8b04f454b9ffe212cbdd1e1b9f6c

SHA512
790e82504e7f8554c59cadd726c410a5271c860eead900eca024bd37cf8abff1b1c677c104166aa581fb57879beff5c78c38601586256de84cb3b9c96b5fc2d8

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads