Overview

overview

7

Static

static

3

Abyss-Over....3.exe

windows10-2004-x64

7

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

resources/...ho.vbs

windows10-2004-x64

1

resources/...er.jar

windows10-2004-x64

7

resources/elevate.exe

windows10-2004-x64

1

swiftshade...GL.dll

windows10-2004-x64

1

swiftshade...v2.dll

windows10-2004-x64

1

vk_swiftshader.dll

windows10-2004-x64

1

vulkan-1.dll

windows10-2004-x64

3

Abyss Overlay.exe

windows10-2004-x64

7

LICENSES.c...m.html

windows10-2004-x64

1

d3dcompiler_47.dll

windows10-2004-x64

1

ffmpeg.dll

windows10-2004-x64

1

libEGL.dll

windows10-2004-x64

1

libGLESv2.dll

windows10-2004-x64

1

resources/...ho.vbs

windows10-2004-x64

1

resources/...er.jar

windows10-2004-x64

7

resources/elevate.exe

windows10-2004-x64

1

swiftshade...GL.dll

windows10-2004-x64

1

swiftshade...v2.dll

windows10-2004-x64

1

vk_swiftshader.dll

windows10-2004-x64

1

vulkan-1.dll

windows10-2004-x64

1

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$PLUGINSDI...7z.dll

windows10-2004-x64

3

Uninstall ...ay.exe

windows10-2004-x64

7

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    1568s
  • max time network
    1581s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/06/2024, 20:24

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    resources/app.asar.unpacked/exec/key-sender.jar

  • Size

    58KB

  • MD5

    24fd393f2a7f765be9f036641173d0c1

  • SHA1

    01cb8d6dc0917f10d314ec251a0dd496e09993cc

  • SHA256

    0cc5de3bd2abb9cc7ec80d4666a356170e563ac67e476c3c1b5f5f7375a5c428

  • SHA512

    47268c5b15c863caee4e20dec094de9f48df3081c4bc5f4f89efaf1ff4cd37d2f9e03100dac5b2badd17e90f7c9a5434b7308db605c3859ed2a8d4383a487331

  • SSDEEP

    1536:YLWAljl5trHO1DAsnsbEbw+VPT/jCOyFHUv8j:YLWm55t6Sss4E+B/UVR

Score
7/10
discovery

Malware Config

Signatures

  • Modifies file permissions 1 TTPs 1 IoCs
    discovery
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\resources\app.asar.unpacked\exec\key-sender.jar
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3556
    • C:\Windows\system32\icacls.exe
      C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
      2⤵
      • Modifies file permissions
      PID:4120

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp
          Filesize

          46B

          MD5

          1e594d097fbf4038dc1340c686e08444

          SHA1

          544f52bce1cb8ae2755141881bb0fbcb6286504a

          SHA256

          dddc29057d417a7e5ca71ebf62b369b138dff5522b9702a37c24ee8056841533

          SHA512

          e75cde5c8ad0731c6eb75c45607e7e77779905dcdda7793709cb24926089ddcd265438e910eb154151adca49922fa566f925af6a0c32f333ca32606c9153c8fe

          Download Submit

        • memory/3556-2-0x000001D98B630000-0x000001D98B8A0000-memory.dmp

          Filesize

          2.4MB

          Download

        • memory/3556-12-0x000001D989D70000-0x000001D989D71000-memory.dmp

          Filesize

          4KB

          Download

        • memory/3556-13-0x000001D98B630000-0x000001D98B8A0000-memory.dmp

          Filesize

          2.4MB

          Download