e52a8d0337bae656b01cb76c03975ac3d75ac4984c028ba2a6531396dea6dddd

Analysis

max time kernel
146s
max time network
144s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
05/03/2024, 23:52

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

jre-8u401-windows-x64.exe
Size

64.4MB
MD5

af1d24091758f1e02d51dc5f5297c932
SHA1

dc3f98dded6c1f1e363db6752c512e01ac9433f3
SHA256

e52a8d0337bae656b01cb76c03975ac3d75ac4984c028ba2a6531396dea6dddd
SHA512

8d4264a6b17f7bbfd533b11ec30d7754a960a9f2fbef10c9977b620051c5538d8eb6080ea78e070904c7c52a6ce998736fad2037f6389ad4c5c0ce3f1d09e756
SSDEEP

1572864:v7p5VFBCjL4FwlRN2Adn3aQrJlPVYIcBO7:vGTW63aEiIcBS

Score

4^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
3112	jre-8u401-windows-x64.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
3112	jre-8u401-windows-x64.exe
3112	jre-8u401-windows-x64.exe

Suspicious use of WriteProcessMemory 2 IoCs

description	pid	Process	procid_target
PID 2376 wrote to memory of 3112	2376	jre-8u401-windows-x64.exe	91
PID 2376 wrote to memory of 3112	2376	jre-8u401-windows-x64.exe	91

C:\Users\Admin\AppData\Local\Temp\jre-8u401-windows-x64.exe
"C:\Users\Admin\AppData\Local\Temp\jre-8u401-windows-x64.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2376
- C:\Users\Admin\AppData\Local\Temp\jds240601390.tmp\jre-8u401-windows-x64.exe
  "C:\Users\Admin\AppData\Local\Temp\jds240601390.tmp\jre-8u401-windows-x64.exe"
  2⤵
  - Executes dropped EXE
  - Suspicious use of SetWindowsHookEx
  PID:3112

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\jds240601390.tmp\jre-8u401-windows-x64.exe

Filesize
2.6MB

MD5
a27a2ab32a33a52011d60940ca223ae1

SHA1
2784812b95eb0fe17a559809d7de2cade8ec9a18

SHA256
dfdd711d7e2bd1fbcfbbe889eb32f3ceb6667e75b137b1a9f9b66c2adc493436

SHA512
9af094f159d53c9bb19804fd44b2c3ea7b42413a661330e4ca8f4fbebf15ab4f666cab99b2c5ad2d3faa31be812744b258e6f6d1e094578dd0abf665709dbf74

Download Submit
C:\Users\Admin\AppData\Local\Temp\jds240601390.tmp\jre-8u401-windows-x64.exe

Filesize
2.9MB

MD5
7dc16a45b683c2c941b2887598cf4105

SHA1
3924acd8bf6ec5c31456cfa8f56b15cb8b8db4f4

SHA256
9332b0ca7cc19ade4c424f8a20104141a1a517a37809956d4d2806ac5a92c9da

SHA512
b9628daa78e6933ea7e65e8fb8a1b5b4517386751c6143c99baa4df24e58e08f5372a157e651b9be1e5830ca824d9e25e4061982d9758348c676deab0937fb36

Download Submit
C:\Users\Admin\AppData\Local\Temp\jusched.log

Filesize
156KB

MD5
b96bb8fd790b7b2cb2177a7453e02b81

SHA1
d26feb3b5e4d41325f07887529ea10d4830b6dae

SHA256
cd922fb714ebbb7eb7f4edfe277ad3dcf7eb2ec0f63890cd2c8cf34d56c7a4ae

SHA512
7d03ccfec49ca0209b09d3f54cc5e4e9e73770d30088f7f83f03df81a0975dcb3a998942992cd7a42bb7b3123a67a2cfe80a5298ee96c98459a95b78d12ab28c

Download Submit
C:\Users\Admin\AppData\Local\Temp\jusched.log

Filesize
154KB

MD5
b1c415139f0972946465662372043b61

SHA1
4989962d4fcc575de70ab95d79297243e13f39c6

SHA256
4eb9228a2d12951f46b63f56412c6e78968ee95f08834822f36bc3677f677007

SHA512
380439ef8ae3e95f7526188807b84c1678df9d8c668c7ccd88696dd79ac03609f10497d53e6551c64fe71cc02a974a5e20dc4baa3b03ee30130eb55516aa28d9

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads