Overview

overview

7

Static

static

4

TIB_js-stu...86.exe

windows11-21h2-x64

7

dropins/ec...t.html

windows11-21h2-x64

1

dropins/ec...0.html

windows11-21h2-x64

1

dropins/ec...e.html

windows11-21h2-x64

1

dropins/ec...47.jar

windows11-21h2-x64

7

dropins/ec...47.jar

windows11-21h2-x64

7

dropins/ec...47.jar

windows11-21h2-x64

7

dropins/ec...47.jar

windows11-21h2-x64

7

dropins/ec...47.jar

windows11-21h2-x64

7

dropins/ec...47.jar

windows11-21h2-x64

7

dropins/ec...47.jar

windows11-21h2-x64

7

dropins/ec...47.jar

windows11-21h2-x64

7

dropins/ec...47.jar

windows11-21h2-x64

7

dropins/ec...47.jar

windows11-21h2-x64

7

dropins/ec...47.jar

windows11-21h2-x64

7

dropins/ec...47.jar

windows11-21h2-x64

7

features/j...ws.jar

windows11-21h2-x64

7

features/j...ce.jar

windows11-21h2-x64

7

features/j...fr.jar

windows11-21h2-x64

7

features/j...wt.jar

windows11-21h2-x64

7

features/j...se.jar

windows11-21h2-x64

7

features/j...nt.jar

windows11-21h2-x64

7

features/j...in.jar

windows11-21h2-x64

7

features/j...es.jar

windows11-21h2-x64

7

features/j...rt.jar

windows11-21h2-x64

7

features/o...0.html

windows11-21h2-x64

1

features/o...e.html

windows11-21h2-x64

1

features/o...0.html

windows11-21h2-x64

1

features/o...e.html

windows11-21h2-x64

1

features/o...t.html

windows11-21h2-x64

1

features/o...0.html

windows11-21h2-x64

1

features/o...e.html

windows11-21h2-x64

1

Analysis

  • max time kernel
    141s
  • max time network
    157s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240426-en
  • resource tags

    arch:x64arch:x86image:win11-20240426-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    22-05-2024 09:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dropins/eclipse/plugins/org.eclipse.core.commands.nl_it_4.2.0.v20130724060447.jar

  • Size

    1KB

  • MD5

    662fb3baceacfe00f83b5558786f9dd7

  • SHA1

    fe2b38fe6bd392138e5b850332ba720789a22619

  • SHA256

    d317fd3fd675047a3afbd4d73e080bb23ba7383490e8af03b18d8b07c49ba559

  • SHA512

    4b26fa0fc5a83f28e8d25c5f2f93321f86a499d5f7b9ae83ac7d77033666de0e10be668b5b661c1743a10e517770d81c305a03f4c5d65a290ba1cd90cc627349

Score
7/10
discovery

Malware Config

Signatures

  • Modifies file permissions 1 TTPs 1 IoCs
    discovery
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\dropins\eclipse\plugins\org.eclipse.core.commands.nl_it_4.2.0.v20130724060447.jar
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:5036
    • C:\Windows\system32\icacls.exe
      C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
      2⤵
      • Modifies file permissions
      PID:5108

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp
    Filesize

    46B

    MD5

    3d17e813711ab1a15b444bc942de8ba9

    SHA1

    66abb47d52726ac023e937e8dd718e7ee2bdfb40

    SHA256

    f91fc792a84770792115945defd997543a046c16145e15c702ea6db4e46a2c01

    SHA512

    926a38267bf007e2ed962e912f06e442a128eaf62294da04de7005be513f85af3b8b947348e36838ea7d21f1846f5ace22f1ef43723228704bd1ef2479c2291a

    Download Submit

  • memory/5036-2-0x000002B4DAD70000-0x000002B4DAFE0000-memory.dmp

    Filesize

    2.4MB

    Download

  • memory/5036-12-0x000002B4D9490000-0x000002B4D9491000-memory.dmp

    Filesize

    4KB

    Download

  • memory/5036-13-0x000002B4DAD70000-0x000002B4DAFE0000-memory.dmp

    Filesize

    2.4MB

    Download