Overview

overview

10

Static

static

10

Installer.zip

windows11-21h2-x64

1

Adobe/da.pak

windows11-21h2-x64

3

Launcher S....1.exe

windows11-21h2-x64

7

chrome_100...nt.pak

windows11-21h2-x64

3

chrome_200...nt.pak

windows11-21h2-x64

3

ffmpeg.dll

windows11-21h2-x64

1

resources.pak

windows11-21h2-x64

3

resources/app.asar

windows11-21h2-x64

3

resources/elevate.exe

windows11-21h2-x64

1

d3dcompiler_47.dll

windows11-21h2-x64

1

lib/asm-all.jar

windows11-21h2-x64

7

lib/dn-com...le.jar

windows11-21h2-x64

7

lib/dn-php-sdk.jar

windows11-21h2-x64

7

lib/gson.jar

windows11-21h2-x64

7

lib/jfoenix.jar

windows11-21h2-x64

7

lib/jphp-a...rk.jar

windows11-21h2-x64

7

lib/jphp-core.jar

windows11-21h2-x64

7

lib/jphp-d...xt.jar

windows11-21h2-x64

7

lib/jphp-gui-ext.jar

windows11-21h2-x64

7

lib/jphp-g...xt.jar

windows11-21h2-x64

7

lib/jphp-json-ext.jar

windows11-21h2-x64

7

lib/jphp-j...xt.jar

windows11-21h2-x64

7

lib/jphp-runtime.jar

windows11-21h2-x64

7

lib/jphp-xml-ext.jar

windows11-21h2-x64

7

lib/jphp-zend-ext.jar

windows11-21h2-x64

7

lib/jphp-zip-ext.jar

windows11-21h2-x64

7

lib/jsoup.jar

windows11-21h2-x64

7

lib/slf4j-api.jar

windows11-21h2-x64

7

lib/slf4j-simple.jar

windows11-21h2-x64

7

lib/zt-zip.jar

windows11-21h2-x64

7

libG1LESv2.dll

windows11-21h2-x64

1

Analysis

  • max time kernel
    87s
  • max time network
    91s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240419-en
  • resource tags

    arch:x64arch:x86image:win11-20240419-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    02/05/2024, 13:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    lib/asm-all.jar

  • Size

    241KB

  • MD5

    f5ad16c7f0338b541978b0430d51dc83

  • SHA1

    2ea49e08b876bbd33e0a7ce75c8f371d29e1f10a

  • SHA256

    7fbffbc1db3422e2101689fd88df8384b15817b52b9b2b267b9f6d2511dc198d

  • SHA512

    82e6749f4a6956f5b8dd5a5596ca170a1b7ff4e551714b56a293e6b8c7b092cbec2bec9dc0d9503404deb8f175cbb1ded2e856c6bc829411c8ed311c1861336a

  • SSDEEP

    6144:p+30cnH7ihlQT+uRm0C/vL7cvRurEQ9oTo4/1pC:p+3VnYo+WkvsJuApo4/1k

Score
7/10
discovery

Malware Config

Signatures

  • Modifies file permissions 1 TTPs 1 IoCs
    discovery
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\lib\asm-all.jar
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2032
    • C:\Windows\system32\icacls.exe
      C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
      2⤵
      • Modifies file permissions
      PID:3396

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp
    Filesize

    46B

    MD5

    cb9e1ac067f716bd3d17f85a7cb13363

    SHA1

    8eddd659bf6df3a8a8aa1a392ccf26dfc2173477

    SHA256

    0b438abd4ba997c6cda47f3daadec9a1ba5392dcbd6f2c34eb6f4c02faf4f751

    SHA512

    2f5e6ebb2db855b6428820952cc6fbcb5fcb10aabaf1f622da4db8c7205948c4a3d9fe909b7bd01d67acff356e3f9592bbe795f66bb97469a81d33846d045792

    Download Submit

  • memory/2032-2-0x0000016A90610000-0x0000016A90880000-memory.dmp

    Filesize

    2.4MB

    Download

  • memory/2032-12-0x0000016A905F0000-0x0000016A905F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2032-13-0x0000016A90610000-0x0000016A90880000-memory.dmp

    Filesize

    2.4MB

    Download