Overview

overview

10

Static

static

10

8dd3b1a814...83.jar

windows7-x64

1

8dd3b1a814...83.jar

windows10-2004-x64

7

Analysis

  • max time kernel
    143s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01-03-2024 05:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8dd3b1a8146a6e777fa6b3e9f69071058aa73f756876c88f4c8e9be17e4a6483.jar

  • Size

    209KB

  • MD5

    288df8ebedd13b531e74c5f9ce730b2c

  • SHA1

    5560f86aa3370b500a71837494da09ba7ba35516

  • SHA256

    8dd3b1a8146a6e777fa6b3e9f69071058aa73f756876c88f4c8e9be17e4a6483

  • SHA512

    d017ebfdff1765759a66006785ed51024ef14b615090368aaff2c92e4b2bfcdc25e41ee3f146eecb51b724b50b7e5ec6d10584cea427e1a34bf6a86ff293364d

  • SSDEEP

    6144:qEw8tJIH//nRBnmszyNRJAVdjifpuHPqVmyKd:qE5t6XbmsCudjifyeKd

Score
7/10
discovery

Malware Config

Signatures

  • Modifies file permissions 1 TTPs 1 IoCs
    discovery
  • Drops file in Program Files directory 12 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\8dd3b1a8146a6e777fa6b3e9f69071058aa73f756876c88f4c8e9be17e4a6483.jar
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of WriteProcessMemory
    PID:1896
    • C:\Windows\system32\icacls.exe
      C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
      2⤵
      • Modifies file permissions
      PID:4976
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4020 --field-trial-handle=3088,i,14310325015283915034,7660943942870463106,262144 --variations-seed-version /prefetch:8
    1⤵
      PID:2148

    Network

    MITRE ATT&CK Matrix ATT&CK v13

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp
      Filesize

      46B

      MD5

      10c9a645997d58f470c4fec16eebbd9f

      SHA1

      9e7fa5d81a0ba97fb658c3a125beb0fcf63f5f35

      SHA256

      e6f2aaa2f242d7afcac589d6363627b621e38c1aa43b6862dca211d29ac919cd

      SHA512

      6d314627ef0209ab3b1a348115cf279d6a03f441948fb4d86f842c1e5ed908aa3d1d5856295e4be75b215acaab3ba5a7bfd48225646661370ffebc67b4e80798

      Download Submit
    • memory/1896-2-0x0000014895690000-0x0000014896690000-memory.dmp
      Filesize

      16.0MB

      Download
    • memory/1896-12-0x0000014894020000-0x0000014894021000-memory.dmp
      Filesize

      4KB

      Download