5595c1dc3d2e51a9aa52283e601b92abfd878a6ca694d548f0bda140d60d48cc

Resubmissions

11-06-2024 09:54

240611-lxjb9atbjj 10

11-06-2024 09:50

240611-ltxqgaselb 7

Analysis

max time kernel
147s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
11-06-2024 09:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5595c1dc3d2e51a9aa52283e601b92abfd878a6ca694d548f0bda140d60d48cc.jar
Size

481KB
MD5

11dec5e1d8b13456cd7e0ccb966fe12c
SHA1

0c5ea4abbafa47010d529b2736a54b09da4cad29
SHA256

5595c1dc3d2e51a9aa52283e601b92abfd878a6ca694d548f0bda140d60d48cc
SHA512

a397c58ea60d12a45b295d8a7e85f3d5973ce836c9df97f7b5194020e6043a62d74cf2d521d1ff2d523dc0d60b0eb1f648a08ccfc7bc83b4fa1b769528da638a
SSDEEP

12288:SVlCHKeQSPE4dP/I5FsRb5h3pCy1tEARGuJKcc:SHCHlrnIYxo0Gu4

Score

7^/10

discovery

Malware Config

Signatures

Modifies file permissions 1 TTPs 1 IoCs

discovery

File and Directory Permissions Modification

T1222

pid	Process
1728	icacls.exe

Suspicious use of WriteProcessMemory 2 IoCs

description	pid	Process	procid_target
PID 2160 wrote to memory of 1728	2160	java.exe	82
PID 2160 wrote to memory of 1728	2160	java.exe	82

C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\5595c1dc3d2e51a9aa52283e601b92abfd878a6ca694d548f0bda140d60d48cc.jar
1⤵
- Suspicious use of WriteProcessMemory
PID:2160
- C:\Windows\system32\icacls.exe
  C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
  2⤵
  - Modifies file permissions
  PID:1728

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

T1222

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp

Filesize
46B

MD5
75134d9c3108d8f3f975fcac03840caa

SHA1
6e2a8a4c9c9d2dbfcb3434f73313ef4c7261bf44

SHA256
fbca824b52930f8feb15a6115524f41c50f6394cf7418735f92a04db59fbc964

SHA512
1f79b36cf8f14ce7af455a0ddfe627bc642701a87282847a06dc65f131e93b2a0c81ca4e6cfafa1d1d172c8b0710f509945056fdfbd34083d446ba2ff5c36e16

Download Submit
memory/2160-2-0x0000023D00000000-0x0000023D00270000-memory.dmp

Filesize
2.4MB

Download
memory/2160-14-0x0000023D00270000-0x0000023D00280000-memory.dmp

Filesize
64KB

Download
memory/2160-16-0x0000023D00280000-0x0000023D00290000-memory.dmp

Filesize
64KB

Download
memory/2160-17-0x0000023D00290000-0x0000023D002A0000-memory.dmp

Filesize
64KB

Download
memory/2160-21-0x0000023D002A0000-0x0000023D002B0000-memory.dmp

Filesize
64KB

Download
memory/2160-22-0x0000023D002B0000-0x0000023D002C0000-memory.dmp

Filesize
64KB

Download
memory/2160-23-0x0000023D002C0000-0x0000023D002D0000-memory.dmp

Filesize
64KB

Download
memory/2160-29-0x0000023D002F0000-0x0000023D00300000-memory.dmp

Filesize
64KB

Download
memory/2160-31-0x0000023D00300000-0x0000023D00310000-memory.dmp

Filesize
64KB

Download
memory/2160-28-0x0000023D002E0000-0x0000023D002F0000-memory.dmp

Filesize
64KB

Download
memory/2160-27-0x0000023D002D0000-0x0000023D002E0000-memory.dmp

Filesize
64KB

Download
memory/2160-35-0x0000023D00320000-0x0000023D00330000-memory.dmp

Filesize
64KB

Download
memory/2160-34-0x0000023D00310000-0x0000023D00320000-memory.dmp

Filesize
64KB

Download
memory/2160-42-0x0000023D00350000-0x0000023D00360000-memory.dmp

Filesize
64KB

Download
memory/2160-41-0x0000023D00340000-0x0000023D00350000-memory.dmp

Filesize
64KB

Download
memory/2160-40-0x0000023D00330000-0x0000023D00340000-memory.dmp

Filesize
64KB

Download
memory/2160-39-0x0000023D00000000-0x0000023D00270000-memory.dmp

Filesize
2.4MB

Download
memory/2160-45-0x0000023D00360000-0x0000023D00370000-memory.dmp

Filesize
64KB

Download
memory/2160-44-0x0000023D00270000-0x0000023D00280000-memory.dmp

Filesize
64KB

Download
memory/2160-47-0x0000023D73A70000-0x0000023D73A71000-memory.dmp

Filesize
4KB

Download
memory/2160-50-0x0000023D00370000-0x0000023D00380000-memory.dmp

Filesize
64KB

Download
memory/2160-51-0x0000023D00380000-0x0000023D00390000-memory.dmp

Filesize
64KB

Download
memory/2160-49-0x0000023D00280000-0x0000023D00290000-memory.dmp

Filesize
64KB

Download
memory/2160-57-0x0000023D00290000-0x0000023D002A0000-memory.dmp

Filesize
64KB

Download
memory/2160-58-0x0000023D00390000-0x0000023D003A0000-memory.dmp

Filesize
64KB

Download
memory/2160-63-0x0000023D003A0000-0x0000023D003B0000-memory.dmp

Filesize
64KB

Download
memory/2160-62-0x0000023D002B0000-0x0000023D002C0000-memory.dmp

Filesize
64KB

Download
memory/2160-61-0x0000023D002A0000-0x0000023D002B0000-memory.dmp

Filesize
64KB

Download
memory/2160-67-0x0000023D003C0000-0x0000023D003D0000-memory.dmp

Filesize
64KB

Download
memory/2160-66-0x0000023D003B0000-0x0000023D003C0000-memory.dmp

Filesize
64KB

Download
memory/2160-65-0x0000023D002C0000-0x0000023D002D0000-memory.dmp

Filesize
64KB

Download
memory/2160-71-0x0000023D002E0000-0x0000023D002F0000-memory.dmp

Filesize
64KB

Download
memory/2160-72-0x0000023D002F0000-0x0000023D00300000-memory.dmp

Filesize
64KB

Download
memory/2160-73-0x0000023D003D0000-0x0000023D003E0000-memory.dmp

Filesize
64KB

Download
memory/2160-70-0x0000023D002D0000-0x0000023D002E0000-memory.dmp

Filesize
64KB

Download
memory/2160-78-0x0000023D003F0000-0x0000023D00400000-memory.dmp

Filesize
64KB

Download
memory/2160-77-0x0000023D003E0000-0x0000023D003F0000-memory.dmp

Filesize
64KB

Download
memory/2160-76-0x0000023D00300000-0x0000023D00310000-memory.dmp

Filesize
64KB

Download
memory/2160-79-0x0000023D00310000-0x0000023D00320000-memory.dmp

Filesize
64KB

Download
memory/2160-81-0x0000023D00400000-0x0000023D00410000-memory.dmp

Filesize
64KB

Download
memory/2160-80-0x0000023D00320000-0x0000023D00330000-memory.dmp

Filesize
64KB

Download
memory/2160-86-0x0000023D00340000-0x0000023D00350000-memory.dmp

Filesize
64KB

Download
memory/2160-85-0x0000023D00330000-0x0000023D00340000-memory.dmp

Filesize
64KB

Download
memory/2160-89-0x0000023D00430000-0x0000023D00440000-memory.dmp

Filesize
64KB

Download
memory/2160-88-0x0000023D00420000-0x0000023D00430000-memory.dmp

Filesize
64KB

Download
memory/2160-87-0x0000023D00410000-0x0000023D00420000-memory.dmp

Filesize
64KB

Download
memory/2160-92-0x0000023D73A70000-0x0000023D73A71000-memory.dmp

Filesize
4KB

Download
memory/2160-93-0x0000023D00350000-0x0000023D00360000-memory.dmp

Filesize
64KB

Download
memory/2160-95-0x0000023D00360000-0x0000023D00370000-memory.dmp

Filesize
64KB

Download
memory/2160-96-0x0000023D00370000-0x0000023D00380000-memory.dmp

Filesize
64KB

Download
memory/2160-97-0x0000023D00380000-0x0000023D00390000-memory.dmp

Filesize
64KB

Download
memory/2160-98-0x0000023D00390000-0x0000023D003A0000-memory.dmp

Filesize
64KB

Download
memory/2160-99-0x0000023D003A0000-0x0000023D003B0000-memory.dmp

Filesize
64KB

Download
memory/2160-103-0x0000023D00440000-0x0000023D00450000-memory.dmp

Filesize
64KB

Download
memory/2160-102-0x0000023D003C0000-0x0000023D003D0000-memory.dmp

Filesize
64KB

Download
memory/2160-101-0x0000023D003B0000-0x0000023D003C0000-memory.dmp

Filesize
64KB

Download
memory/2160-106-0x0000023D003D0000-0x0000023D003E0000-memory.dmp

Filesize
64KB

Download
memory/2160-108-0x0000023D00460000-0x0000023D00470000-memory.dmp

Filesize
64KB

Download
memory/2160-107-0x0000023D00450000-0x0000023D00460000-memory.dmp

Filesize
64KB

Download
memory/2160-111-0x0000023D003F0000-0x0000023D00400000-memory.dmp

Filesize
64KB

Download
memory/2160-112-0x0000023D00470000-0x0000023D00480000-memory.dmp

Filesize
64KB

Download
memory/2160-110-0x0000023D003E0000-0x0000023D003F0000-memory.dmp

Filesize
64KB

Download
memory/2160-117-0x0000023D00490000-0x0000023D004A0000-memory.dmp

Filesize
64KB

Download
memory/2160-116-0x0000023D00480000-0x0000023D00490000-memory.dmp

Filesize
64KB

Download
memory/2160-115-0x0000023D00400000-0x0000023D00410000-memory.dmp

Filesize
64KB

Download
memory/2160-119-0x0000023D00410000-0x0000023D00420000-memory.dmp

Filesize
64KB

Download
memory/2160-122-0x0000023D004A0000-0x0000023D004B0000-memory.dmp

Filesize
64KB

Download
memory/2160-121-0x0000023D00430000-0x0000023D00440000-memory.dmp

Filesize
64KB

Download
memory/2160-120-0x0000023D00420000-0x0000023D00430000-memory.dmp

Filesize
64KB

Download
memory/2160-124-0x0000023D004B0000-0x0000023D004C0000-memory.dmp

Filesize
64KB

Download
memory/2160-126-0x0000023D004C0000-0x0000023D004D0000-memory.dmp

Filesize
64KB

Download
memory/2160-130-0x0000023D004E0000-0x0000023D004F0000-memory.dmp

Filesize
64KB

Download
memory/2160-129-0x0000023D004D0000-0x0000023D004E0000-memory.dmp

Filesize
64KB

Download
memory/2160-132-0x0000023D004F0000-0x0000023D00500000-memory.dmp

Filesize
64KB

Download
memory/2160-134-0x0000023D00500000-0x0000023D00510000-memory.dmp

Filesize
64KB

Download
memory/2160-137-0x0000023D73A70000-0x0000023D73A71000-memory.dmp

Filesize
4KB

Download
memory/2160-138-0x0000023D73A70000-0x0000023D73A71000-memory.dmp

Filesize
4KB

Download
memory/2160-150-0x0000023D73A70000-0x0000023D73A71000-memory.dmp

Filesize
4KB

Download
memory/2160-151-0x0000023D73A70000-0x0000023D73A71000-memory.dmp

Filesize
4KB

Download
memory/2160-157-0x0000023D00440000-0x0000023D00450000-memory.dmp

Filesize
64KB

Download
memory/2160-158-0x0000023D00510000-0x0000023D00520000-memory.dmp

Filesize
64KB

Download
memory/2160-162-0x0000023D00520000-0x0000023D00530000-memory.dmp

Filesize
64KB

Download
memory/2160-161-0x0000023D00460000-0x0000023D00470000-memory.dmp

Filesize
64KB

Download
memory/2160-160-0x0000023D00450000-0x0000023D00460000-memory.dmp

Filesize
64KB

Download
memory/2160-165-0x0000023D00530000-0x0000023D00540000-memory.dmp

Filesize
64KB

Download
memory/2160-164-0x0000023D00470000-0x0000023D00480000-memory.dmp

Filesize
64KB

Download
memory/2160-168-0x0000023D00480000-0x0000023D00490000-memory.dmp

Filesize
64KB

Download
memory/2160-170-0x0000023D00540000-0x0000023D00550000-memory.dmp

Filesize
64KB

Download
memory/2160-171-0x0000023D00550000-0x0000023D00560000-memory.dmp

Filesize
64KB

Download
memory/2160-169-0x0000023D00490000-0x0000023D004A0000-memory.dmp

Filesize
64KB

Download
memory/2160-175-0x0000023D00560000-0x0000023D00570000-memory.dmp

Filesize
64KB

Download
memory/2160-174-0x0000023D004A0000-0x0000023D004B0000-memory.dmp

Filesize
64KB

Download
memory/2160-177-0x0000023D00570000-0x0000023D00580000-memory.dmp

Filesize
64KB

Download
memory/2160-176-0x0000023D004B0000-0x0000023D004C0000-memory.dmp

Filesize
64KB

Download
memory/2160-180-0x0000023D00580000-0x0000023D00590000-memory.dmp

Filesize
64KB

Download
memory/2160-179-0x0000023D004C0000-0x0000023D004D0000-memory.dmp

Filesize
64KB

Download
memory/2160-184-0x0000023D00590000-0x0000023D005A0000-memory.dmp

Filesize
64KB

Download
memory/2160-183-0x0000023D004E0000-0x0000023D004F0000-memory.dmp

Filesize
64KB

Download
memory/2160-182-0x0000023D004D0000-0x0000023D004E0000-memory.dmp

Filesize
64KB

Download
memory/2160-187-0x0000023D005A0000-0x0000023D005B0000-memory.dmp

Filesize
64KB

Download
memory/2160-186-0x0000023D004F0000-0x0000023D00500000-memory.dmp

Filesize
64KB

Download
memory/2160-190-0x0000023D00500000-0x0000023D00510000-memory.dmp

Filesize
64KB

Download
memory/2160-201-0x0000023D73A70000-0x0000023D73A71000-memory.dmp

Filesize
4KB

Download
memory/2160-203-0x0000023D73A70000-0x0000023D73A71000-memory.dmp

Filesize
4KB

Download
memory/2160-214-0x0000023D73A70000-0x0000023D73A71000-memory.dmp

Filesize
4KB

Download