Overview

overview

7

Static

static

1

Drop2Inventory.jar

windows7-x64

1

Drop2Inventory.jar

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21-05-2024 16:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Drop2Inventory.jar

  • Size

    105KB

  • MD5

    64313d2be3740f8a57675ce86722f3f3

  • SHA1

    0eb7cb1446c891c62726f4bef1eab92e5fc641b7

  • SHA256

    792f25c6af2d24a117643e15a6111e179e4240c76728de39646675f5cfda5611

  • SHA512

    a00af13442ccd5cf0a71abfa51ee33f44ed29b5f51dd3cf8a867373fe551b7c3283ccb200d7c997757029a8ad38f39cc4975141aa7e6990994aac40662b015f9

  • SSDEEP

    1536:i+R6fRn4HJLSGUErgdoq6VcunT+trl2BTev7arheibScYwmk7qJxRy:5R6f2RpUEMexKpkav7Aw/M7z

Score
7/10
discovery

Malware Config

Signatures

  • Modifies file permissions 1 TTPs 1 IoCs
    discovery
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\Drop2Inventory.jar
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:116
    • C:\Windows\system32\icacls.exe
      C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
      2⤵
      • Modifies file permissions
      PID:3200

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp
    Filesize

    46B

    MD5

    2d65ba68aeec20538a9d5aac0c20b51d

    SHA1

    daf0410c2d4e47b3ce9f991c33a26be970e0c983

    SHA256

    e7f9bfca83eccb2ea338709afbf87d2f6187e47f7173af46a6d0cd1eeb15ae86

    SHA512

    b0a73a7bb40f06515d93ed743d131730cf66a04a1f5180ef04e2da0c9d0ff054fb1c67ddae439fabae6e939b570d56f65e49ea74d87bcf1af109b0ce62547a61

    Download Submit

  • memory/116-2-0x0000029C4AF60000-0x0000029C4B1D0000-memory.dmp

    Filesize

    2.4MB

    Download

  • memory/116-12-0x0000029C49630000-0x0000029C49631000-memory.dmp

    Filesize

    4KB

    Download

  • memory/116-13-0x0000029C4AF60000-0x0000029C4B1D0000-memory.dmp

    Filesize

    2.4MB

    Download