General
-
Target
jre-7-windows-x64.exe
-
Size
20.3MB
-
Sample
240322-r7mqbafb2z
-
MD5
fad81d5c5ab9657cf469a84660602387
-
SHA1
f0957d48fc9fb27f86f784b33549e90905640595
-
SHA256
48bcc7986670ec7c4b66d813759b1cc463e5d3aa063a6ec730692f4a97da59ee
-
SHA512
8553456df231d9ebc85fc2eb787bf71a5a8a77cc0f6e29efc8d8b009e85550a29f4f565cf86e82fc5231aa4bcff35b1020336665d807d6120f86a126f20ce5df
-
SSDEEP
393216:JiVHmSlH/eOVLTawl/Npr8sTfh2nR23H9cus0YDn0z10yGti:JiVplfJeqxfhjX9cu6bZi
Static task
static1
Behavioral task
behavioral1
Sample
jre-7-windows-x64.exe
Resource
win10-20240221-en
Malware Config
Targets
-
-
Target
jre-7-windows-x64.exe
-
Size
20.3MB
-
MD5
fad81d5c5ab9657cf469a84660602387
-
SHA1
f0957d48fc9fb27f86f784b33549e90905640595
-
SHA256
48bcc7986670ec7c4b66d813759b1cc463e5d3aa063a6ec730692f4a97da59ee
-
SHA512
8553456df231d9ebc85fc2eb787bf71a5a8a77cc0f6e29efc8d8b009e85550a29f4f565cf86e82fc5231aa4bcff35b1020336665d807d6120f86a126f20ce5df
-
SSDEEP
393216:JiVHmSlH/eOVLTawl/Npr8sTfh2nR23H9cus0YDn0z10yGti:JiVplfJeqxfhjX9cu6bZi
Score8/10-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Browser Extensions
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2