Overview

overview

7

Static

static

4

TIB_js-stu...86.exe

windows11-21h2-x64

7

dropins/ec...t.html

windows11-21h2-x64

1

dropins/ec...0.html

windows11-21h2-x64

1

dropins/ec...e.html

windows11-21h2-x64

1

dropins/ec...47.jar

windows11-21h2-x64

7

dropins/ec...47.jar

windows11-21h2-x64

7

dropins/ec...47.jar

windows11-21h2-x64

7

dropins/ec...47.jar

windows11-21h2-x64

7

dropins/ec...47.jar

windows11-21h2-x64

7

dropins/ec...47.jar

windows11-21h2-x64

7

dropins/ec...47.jar

windows11-21h2-x64

7

dropins/ec...47.jar

windows11-21h2-x64

7

dropins/ec...47.jar

windows11-21h2-x64

7

dropins/ec...47.jar

windows11-21h2-x64

7

dropins/ec...47.jar

windows11-21h2-x64

7

dropins/ec...47.jar

windows11-21h2-x64

7

features/j...ws.jar

windows11-21h2-x64

7

features/j...ce.jar

windows11-21h2-x64

7

features/j...fr.jar

windows11-21h2-x64

7

features/j...wt.jar

windows11-21h2-x64

7

features/j...se.jar

windows11-21h2-x64

7

features/j...nt.jar

windows11-21h2-x64

7

features/j...in.jar

windows11-21h2-x64

7

features/j...es.jar

windows11-21h2-x64

7

features/j...rt.jar

windows11-21h2-x64

7

features/o...0.html

windows11-21h2-x64

1

features/o...e.html

windows11-21h2-x64

1

features/o...0.html

windows11-21h2-x64

1

features/o...e.html

windows11-21h2-x64

1

features/o...t.html

windows11-21h2-x64

1

features/o...0.html

windows11-21h2-x64

1

features/o...e.html

windows11-21h2-x64

1

Analysis

  • max time kernel
    138s
  • max time network
    158s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240426-en
  • resource tags

    arch:x64arch:x86image:win11-20240426-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    22-05-2024 09:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dropins/eclipse/plugins/org.eclipse.core.databinding.beans.nl_it_4.2.0.v20130724060447.jar

  • Size

    1KB

  • MD5

    9733a52d5667743fa56f4e0cb601e0a6

  • SHA1

    c1225f8a573c75f4039f70fc196d80ec3d757caa

  • SHA256

    76e6ea4c058ad9be88bdf689faab57f2e883a8dd54b4d91f7ed8d450c6b8f0a1

  • SHA512

    73323aecc74e391579acab9e5fdcc62bf644fb582b6d6e82322786412f3bcbbe1b5971b7f96f28a6fdeaf72454006f0f2b5619f8a339fe10ecfa48abf9893107

Score
7/10
discovery

Malware Config

Signatures

  • Modifies file permissions 1 TTPs 1 IoCs
    discovery
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\dropins\eclipse\plugins\org.eclipse.core.databinding.beans.nl_it_4.2.0.v20130724060447.jar
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:684
    • C:\Windows\system32\icacls.exe
      C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
      2⤵
      • Modifies file permissions
      PID:1596

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp
    Filesize

    46B

    MD5

    f9e32a556f56989d968ebe59da12fd2b

    SHA1

    164fd755ed0e8b8aeb67806e7345e92c1ad15420

    SHA256

    5c53eb0689cd9fc7df608eb37e9872abea093ce5316b1fc21aa3cb294333a8ef

    SHA512

    e4f8ee52ab228a377d1e4c74efa15136485f32cd876adec58d59efdb27cb2a034f4955ba50aa7e35da78181d85667ebd5e1fc34216ab920fc9e6fdcad7c61bcc

    Download Submit

  • memory/684-2-0x000001A79BC00000-0x000001A79BE70000-memory.dmp

    Filesize

    2.4MB

    Download

  • memory/684-12-0x000001A79A310000-0x000001A79A311000-memory.dmp

    Filesize

    4KB

    Download

  • memory/684-13-0x000001A79BC00000-0x000001A79BE70000-memory.dmp

    Filesize

    2.4MB

    Download