Overview

overview

7

Static

static

4

TIB_js-stu...86.exe

windows11-21h2-x64

7

dropins/ec...t.html

windows11-21h2-x64

1

dropins/ec...0.html

windows11-21h2-x64

1

dropins/ec...e.html

windows11-21h2-x64

1

dropins/ec...47.jar

windows11-21h2-x64

7

dropins/ec...47.jar

windows11-21h2-x64

7

dropins/ec...47.jar

windows11-21h2-x64

7

dropins/ec...47.jar

windows11-21h2-x64

7

dropins/ec...47.jar

windows11-21h2-x64

7

dropins/ec...47.jar

windows11-21h2-x64

7

dropins/ec...47.jar

windows11-21h2-x64

7

dropins/ec...47.jar

windows11-21h2-x64

7

dropins/ec...47.jar

windows11-21h2-x64

7

dropins/ec...47.jar

windows11-21h2-x64

7

dropins/ec...47.jar

windows11-21h2-x64

7

dropins/ec...47.jar

windows11-21h2-x64

7

features/j...ws.jar

windows11-21h2-x64

7

features/j...ce.jar

windows11-21h2-x64

7

features/j...fr.jar

windows11-21h2-x64

7

features/j...wt.jar

windows11-21h2-x64

7

features/j...se.jar

windows11-21h2-x64

7

features/j...nt.jar

windows11-21h2-x64

7

features/j...in.jar

windows11-21h2-x64

7

features/j...es.jar

windows11-21h2-x64

7

features/j...rt.jar

windows11-21h2-x64

7

features/o...0.html

windows11-21h2-x64

1

features/o...e.html

windows11-21h2-x64

1

features/o...0.html

windows11-21h2-x64

1

features/o...e.html

windows11-21h2-x64

1

features/o...t.html

windows11-21h2-x64

1

features/o...0.html

windows11-21h2-x64

1

features/o...e.html

windows11-21h2-x64

1

Analysis

  • max time kernel
    139s
  • max time network
    156s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240508-en
  • resource tags

    arch:x64arch:x86image:win11-20240508-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    22-05-2024 09:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dropins/eclipse/plugins/org.eclipse.core.boot.nl_it_4.2.0.v20130724060447.jar

  • Size

    1KB

  • MD5

    c4583d7d8f1a36299f191d7716daac92

  • SHA1

    3e02e8d1d0e0d8ecbc8310e164fcd65c9d398ecb

  • SHA256

    1653aeca0d29482e2e0e51fdbdf82502ab6bdf51cb799ad1f6cf011f7fe2d41f

  • SHA512

    c62d98654dcce911afd6d588b1804b5bd8f824b737aa48e4a0883301f83c0d33504c71b2a02c89777992a2e8c522152f1e8d3648a2c6d44bd827608fb5093e60

Score
7/10
discovery

Malware Config

Signatures

  • Modifies file permissions 1 TTPs 1 IoCs
    discovery
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\dropins\eclipse\plugins\org.eclipse.core.boot.nl_it_4.2.0.v20130724060447.jar
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1044
    • C:\Windows\system32\icacls.exe
      C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
      2⤵
      • Modifies file permissions
      PID:4820

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp
    Filesize

    46B

    MD5

    026434ae88ad3a6cd9cb096fa64c8688

    SHA1

    273ec02e18d9756e92970bf4bec6266b4193c02f

    SHA256

    c578e51835c517094db30cf11c29c3ab6138b9a1fe446b9744fb65e461dcf728

    SHA512

    1c954d02c2e7e7c27895712ffad7e1c8d64db1e64f6ff766a109075557bcda2c49bf355f949828942f97b6ed2c8e112272f0dcd02c0b6bca09e1309463ebe5ae

    Download Submit

  • memory/1044-2-0x000001FBD7DD0000-0x000001FBD8040000-memory.dmp

    Filesize

    2.4MB

    Download

  • memory/1044-12-0x000001FBD64F0000-0x000001FBD64F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1044-13-0x000001FBD7DD0000-0x000001FBD8040000-memory.dmp

    Filesize

    2.4MB

    Download