Overview

overview

7

Static

static

3

android-st...ws.exe

windows11-21h2-x64

7

$_32_/jre/...64.dll

windows11-21h2-x64

1

$_32_/jre/...64.dll

windows11-21h2-x64

1

$_32_/jre/...64.dll

windows11-21h2-x64

1

$_32_/jre/...ch.dll

windows11-21h2-x64

1

$_32_/jre/...wt.dll

windows11-21h2-x64

1

$_32_/jre/...em.dll

windows11-21h2-x64

1

$_32_/jre/...et.dll

windows11-21h2-x64

1

$_32_/jre/...er.dll

windows11-21h2-x64

1

$_32_/jre/...pe.dll

windows11-21h2-x64

1

$_32_/jre/...of.dll

windows11-21h2-x64

1

$_32_/jre/...nt.dll

windows11-21h2-x64

1

$_32_/jre/...sc.dll

windows11-21h2-x64

1

$_32_/jre/...11.dll

windows11-21h2-x64

1

$_32_/jre/...nt.dll

windows11-21h2-x64

1

$_32_/jre/...ch.exe

windows11-21h2-x64

1

$_32_/jre/...mi.exe

windows11-21h2-x64

1

$_32_/jre/...va.dll

windows11-21h2-x64

1

$_32_/jre/...va.exe

windows11-21h2-x64

1

$_32_/jre/...mo.dll

windows11-21h2-x64

1

$_32_/jre/...aw.exe

windows11-21h2-x64

1

$_32_/jre/...wt.dll

windows11-21h2-x64

1

$_32_/jre/...wp.dll

windows11-21h2-x64

1

$_32_/jre/...js.exe

windows11-21h2-x64

1

$_32_/jre/...li.dll

windows11-21h2-x64

1

$_32_/jre/...eg.dll

windows11-21h2-x64

1

$_32_/jre/...dt.dll

windows11-21h2-x64

1

$_32_/jre/...nd.dll

windows11-21h2-x64

1

$_32_/jre/...ds.dll

windows11-21h2-x64

1

$_32_/lib/....1.jar

windows11-21h2-x64

7

$_32_/lib/....3.jar

windows11-21h2-x64

7

$_32_/lib/....1.jar

windows11-21h2-x64

7

Analysis

  • max time kernel
    71s
  • max time network
    100s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240221-en
  • resource tags

    arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    07/03/2024, 20:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $_32_/lib/asm-all-7.0.1.jar

  • Size

    349KB

  • MD5

    0377ec7c0221fd9512ce0a236fa653ac

  • SHA1

    77aac078db2af4f2de8441c3bfc48495f64cb889

  • SHA256

    7bf4fff54b04191569b111c83bb62e4b82dda3a1deea7e6ab7e4826994badaa8

  • SHA512

    e1e72a671cba939af053f1e6e7b5ba0a6887cb7687468a1f193468e49b504904afcaadbf5bf099210cad9a57f2d2464f669c100489b4d775280af38fab3d04ea

  • SSDEEP

    6144:8a1uy9b1eYKx4UyPRPo7KuGyVumYJ3nqx8C+pHkZu8nyT:83yaYmp6RQ7KuhVumm6SEZxnyT

Score
7/10
discovery

Malware Config

Signatures

  • Modifies file permissions 1 TTPs 1 IoCs
    discovery
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\$_32_\lib\asm-all-7.0.1.jar
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:240
    • C:\Windows\system32\icacls.exe
      C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
      2⤵
      • Modifies file permissions
      PID:4008

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp
    Filesize

    46B

    MD5

    ad62b083bafaf51f11ebc910281c06b5

    SHA1

    284465cfd526cb8355641a312f6b50b7b669663d

    SHA256

    7e69074b604186e36083460974b73d25cf26170837121e62633e6f79a783bbf0

    SHA512

    0c97cd0baa5e8d78b43237a81ea9139e874ee45fb1055ce23fdaa7df4689ddf3437ea8cd4dc488e520382975aceb877696ea25034f479cb40a0071ee36f0f755

    Download Submit

  • memory/240-4-0x000001D4918B0000-0x000001D4928B0000-memory.dmp

    Filesize

    16.0MB

    Download

  • memory/240-12-0x000001D491890000-0x000001D491891000-memory.dmp

    Filesize

    4KB

    Download