Overview

overview

7

Static

static

1

079f1fbf7e...6e.jar

windows7-x64

1

079f1fbf7e...6e.jar

windows10-2004-x64

7

Analysis

  • max time kernel
    150s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07/03/2024, 15:34

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    079f1fbf7ec148c8eece562d7967f63f064bdde4b30308857491c544b5ea6e6e.jar

  • Size

    210KB

  • MD5

    5225acd214273b983646d32aa696bf7e

  • SHA1

    17d4950e478bacb5231db5f424f761ae810479e1

  • SHA256

    079f1fbf7ec148c8eece562d7967f63f064bdde4b30308857491c544b5ea6e6e

  • SHA512

    dc511070d07d9d73f5deab317dbc6a6e8c90593232abcf14b9f318dce4a49666fe9db7ba678f4d8e94d767dd75b689e73da69704890e7528afd36f44a04db465

  • SSDEEP

    6144:n/1PQO7WdB0oSJxlsGiPXCoRBLlo5z5t+YSxb:n/13yJSJxeGifCgBLlo5z5thq

Score
7/10
discovery

Malware Config

Signatures

  • Modifies file permissions 1 TTPs 1 IoCs
    discovery
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\079f1fbf7ec148c8eece562d7967f63f064bdde4b30308857491c544b5ea6e6e.jar
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4380
    • C:\Windows\system32\icacls.exe
      C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
      2⤵
      • Modifies file permissions
      PID:4456

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp
          Filesize

          46B

          MD5

          83acd0307c81c0615e1f93fc38bc81b1

          SHA1

          1067114b293ff8c0508dfbd8ab565c81c7c99124

          SHA256

          c84a0eca614beab6fb4cf0cbe9e83af3e261e370e1ec2227c77ce91e42f72866

          SHA512

          ff696807914dcbfa5e4eeb329c6e9e30d4e976b8296208c95a652a7d09030e74718623e3631cd0dc5abbe0b8dd2e2a372553efbd17b4f64dccfce419c841a1e4

          Download Submit

        • memory/4380-4-0x000001B262560000-0x000001B263560000-memory.dmp

          Filesize

          16.0MB

          Download

        • memory/4380-12-0x000001B260D70000-0x000001B260D71000-memory.dmp

          Filesize

          4KB

          Download