Overview

overview

10

Static

static

10

e767406858...fd.jar

windows7-x64

1

e767406858...fd.jar

windows10-2004-x64

7

Analysis

  • max time kernel
    148s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22-03-2024 03:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e7674068583ee9a44a19fbbf9f08281b53cb2b8a1533552421ea74f5829e5efd.jar

  • Size

    182KB

  • MD5

    f8121ad15a5e9951490c23860585d3e2

  • SHA1

    1e9c3d47a320448ef1061e11e3cae1b493bf9d83

  • SHA256

    e7674068583ee9a44a19fbbf9f08281b53cb2b8a1533552421ea74f5829e5efd

  • SHA512

    2ad3c451360a295702c94d316dbc9b402b73b946c024180e676daeb061caf1751dcc28a012e1907a4f733054121460ee193e6307f66db80de8d6aa41886cd4f5

  • SSDEEP

    3072:UeQPYwQe6BFfMX2b9SvCe9eo6HaZyhkS9Xj5HgmematQuxsxztXp:/3wO70X2b99rZX9crmuxSR5

Score
7/10
discovery

Malware Config

Signatures

  • Modifies file permissions 1 TTPs 1 IoCs
    discovery
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\e7674068583ee9a44a19fbbf9f08281b53cb2b8a1533552421ea74f5829e5efd.jar
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3292
    • C:\Windows\system32\icacls.exe
      C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
      2⤵
      • Modifies file permissions
      PID:2776

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp
    Filesize

    46B

    MD5

    57332a143e6eeefa1651a96e852a8e5c

    SHA1

    af9e5f558661051168fa6f5a9e480cd042c15a53

    SHA256

    262fcd2caea257e8fc24e392bb93d2a408b11340df8de2c1e948157ab14b7bf0

    SHA512

    d6d70389d2baccff7fc89916b857f734616b5898965c71baaa53adaaf18cc57cb8770ba920c2d8fc96af70a2124af4dc58de096a4218cf389e4c6c96c67465c0

    Download Submit
  • memory/3292-36-0x000001C9E9B90000-0x000001C9EAB90000-memory.dmp
    Filesize

    16.0MB

    Download
  • memory/3292-12-0x000001C9E9B70000-0x000001C9E9B71000-memory.dmp
    Filesize

    4KB

    Download
  • memory/3292-21-0x000001C9E9B90000-0x000001C9EAB90000-memory.dmp
    Filesize

    16.0MB

    Download
  • memory/3292-27-0x000001C9E9B90000-0x000001C9EAB90000-memory.dmp
    Filesize

    16.0MB

    Download
  • memory/3292-32-0x000001C9E9B70000-0x000001C9E9B71000-memory.dmp
    Filesize

    4KB

    Download
  • memory/3292-2-0x000001C9E9B90000-0x000001C9EAB90000-memory.dmp
    Filesize

    16.0MB

    Download
  • memory/3292-39-0x000001C9E9B70000-0x000001C9E9B71000-memory.dmp
    Filesize

    4KB

    Download
  • memory/3292-49-0x000001C9E9B70000-0x000001C9E9B71000-memory.dmp
    Filesize

    4KB

    Download
  • memory/3292-52-0x000001C9E9B90000-0x000001C9EAB90000-memory.dmp
    Filesize

    16.0MB

    Download
  • memory/3292-57-0x000001C9E9B70000-0x000001C9E9B71000-memory.dmp
    Filesize

    4KB

    Download
  • memory/3292-59-0x000001C9E9B70000-0x000001C9E9B71000-memory.dmp
    Filesize

    4KB

    Download
  • memory/3292-63-0x000001C9E9B70000-0x000001C9E9B71000-memory.dmp
    Filesize

    4KB

    Download