6c957bf09be6ed02c895d856f75d4322629125d2232c81e801f7f28721a2e4c6

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240611-en
resource tags

arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
submitted
03/07/2024, 10:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

jpf2setup.exe
Size

3.5MB
MD5

7305a651ccb3dfe7ac9342c50abafbd5
SHA1

3745d1b3ca2c14d33fbdfc87d3cb03455cc56f67
SHA256

e3c113bff784c2fc6f8e233d6694f62cba0b0c938383a0611ecee5b4e5aeb058
SHA512

f863bbbffb0c140be706293794c5a0b2b325a42d1c9452b7a81886b148d1f04443c1711a2afa09700204578e548766f2d87afb4e537505838a476a4870cc32b2
SSDEEP

98304:DK75/R5dxdgVNVTvZnRDu2DPg67iqnjgIBj2UfAROwlBkQ44:DSzdxdgVPvZnR/06mCgIZWDkQP

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
2240	Setup.exe

Loads dropped DLL 1 IoCs

pid	Process
2240	Setup.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2796 wrote to memory of 2240	2796	jpf2setup.exe	82
PID 2796 wrote to memory of 2240	2796	jpf2setup.exe	82
PID 2796 wrote to memory of 2240	2796	jpf2setup.exe	82

C:\Users\Admin\AppData\Local\Temp\jpf2setup.exe
"C:\Users\Admin\AppData\Local\Temp\jpf2setup.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2796
- C:\Users\Admin\AppData\Local\Temp\~jpf2setup.TMP\Setup.exe
  "C:\Users\Admin\AppData\Local\Temp\~jpf2setup.TMP\Setup.exe"
  2⤵
  - Executes dropped EXE
  - Loads dropped DLL
  PID:2240

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\~jpf2setup.TMP\Program Files\jpf.exe

Filesize
525KB

MD5
3275738d252045c37a5c63fe476bc55e

SHA1
1902bdb75e6a905f6e99e81e2c01085fab1c6646

SHA256
cd07aa43d7e9ca0e39272fa25c070e1e64fa57d06dce4a8673971220106c8931

SHA512
be4a035d4d47747d2043a590d8a5a325a6e96bb4ab9f31531172e3e07d2a25a14d2e12e3f4859c8baece8724d658713c8a249b940eee3b901081ad96b6133c1a

Download Submit
C:\Users\Admin\AppData\Local\Temp\~jpf2setup.TMP\Program Files\langfile2.dll

Filesize
25KB

MD5
1b0d11a8b16f0ba4f0b4d582e2bbaeb7

SHA1
5e23bb8183126ac9a2405cea82b3c938800ab1b9

SHA256
477fa87ca035b4d7c773cb98e143ec857528254f8c932ac4f820d5659d9fdc54

SHA512
925e4ae26f83d77842cd138edea1a10d66e15b09e440ad53b2b4dcaf7020909409f3797fe2772b8d79a2d2ba2bd4b4c7021dd7b7aa741edefc18bbcce6ef19c8

Download Submit
C:\Users\Admin\AppData\Local\Temp\~jpf2setup.TMP\Setup.exe

Filesize
545KB

MD5
08da7c1e474a7bcafae287b94be836e8

SHA1
3938d5b885e7e28b5e99db78600534d7499f883c

SHA256
7fee7ee701fcf2b181e9004d82740d67c86623083dd02abaccaf4621e9726932

SHA512
2e0d5d304fef5d5d74dc333012542221652c0143b5aac8442a98573ca1e22dfb23f05bb4998cb9d461960a06158a76a48e31992643ac76daa2fb4176f59104de

Download Submit
C:\Users\Admin\AppData\Local\Temp\~jpf2setup.TMP\Translation\Jetico Personal Firewall\cn\langFile.txt

Filesize
46KB

MD5
34215a4f38c67257dba12465de5f1451

SHA1
2df7bf70e5d1e47a3e89658258b0975b9f22dfe6

SHA256
76f865928dad9157cc434be388e41666929d6c91312eb06d34746c3359ba9f20

SHA512
53f2232d06c699b96ba0df436371e88e3b916f3bf6a56def8565982e3104355a67acae4e0c77c9a204c85a55303637f09ce35084fa8805111a0e7f59795acd75

Download Submit
C:\Users\Admin\AppData\Local\Temp\~jpf2setup.TMP\Translation\Jetico Personal Firewall\cn_tr\langFile.txt

Filesize
47KB

MD5
d15c43874a20d19c19b0a12d41ad1f05

SHA1
9b69f84e846726b2cec336ae0b18a2c76fa13e29

SHA256
0f8c7f0f0a2e22fc7498a7e5cce35ff6064bc89483c4debe15593f381b3a2e04

SHA512
b1f5e5bc7eca8d73c8d5d54369e74854a7c8f1aba712d89cea7954e43c386e5ce600fef1e3b304a2345d44602225f02a15fd7ab747f499e83f7c23c210224180

Download Submit
C:\Users\Admin\AppData\Local\Temp\~jpf2setup.TMP\Translation\Jetico Personal Firewall\de\langFile.txt

Filesize
53KB

MD5
224202b28bdbb78e7f43ca1f29b584b9

SHA1
54278e78007ce3e0f02fe4f4d9f664f6624ab8e4

SHA256
4ef5f0434eaba4e4e1e79d1b1ac97bcc82fae60fdac438a1790cc0e6934fbe16

SHA512
2dc9271fdc53366988965fe30404a57c2f4a525105bf1b3c482cdfc12ba2a75b1afc8c63e3e98fab865e061f21294988188212c9d0166245c612237bb001f8dd

Download Submit
C:\Users\Admin\AppData\Local\Temp\~jpf2setup.TMP\Translation\Jetico Personal Firewall\en\langFile.txt

Filesize
48KB

MD5
83b0ec93dba405aecc8b5d6397d1677d

SHA1
de453f61dd4d2a29dda2e4b3489cd91773d824fb

SHA256
25c5fc8f61a31a60f8a83adf818a73beb75cfa5802f2a1461cae47e9b58fbca3

SHA512
dc9267b123724d1e0db751fb8a3ba77751b43f163825ab626fa68b623d6a1ea17eb37aa81b0253c3d4a69b23112b6bfc0274af78e71a89736f1c69fc78339d7d

Download Submit
C:\Users\Admin\AppData\Local\Temp\~jpf2setup.TMP\Translation\Jetico Personal Firewall\es\langFile.txt

Filesize
52KB

MD5
e5fff5ac22fa385319bdee602dd7a724

SHA1
8de4fd764ceea6f6456266a7a12c8e6f4bcc62f9

SHA256
1e9098b0d6ba5c21c4e5be56ad4fe973840e7b31861a1228768824a3abc6ec07

SHA512
3d89e6fd53f84e011260a90daeb67e0012f2fa96e821c79ddaa3d55bd46ff071d5443985ce502fc019267b571f1b68f48585cec03f4c2fbbb150c6f217e0b915

Download Submit
C:\Users\Admin\AppData\Local\Temp\~jpf2setup.TMP\Translation\Jetico Personal Firewall\fr\langFile.txt

Filesize
51KB

MD5
82e1dd74a26a6254152f63faaa83d244

SHA1
0d8b2d818e2774004bc5269e933b17f6e02d31e0

SHA256
06a4c09be236d7c0f1978c21774da6db2c0d68eca8dba15bdd5607b5ab8e8e21

SHA512
6a96732b77cc20d49739aa31823b7ed6f72d4932a35ad18b44c4d78e416e4d75297309d2d92e9d1cb66ac8414821ae535de16c2239b6dc935de87659ea68aca0

Download Submit
C:\Users\Admin\AppData\Local\Temp\~jpf2setup.TMP\Translation\Jetico Personal Firewall\it\langFile.txt

Filesize
52KB

MD5
7ab3bfc421ab1f60f0a591bedd97a323

SHA1
5b473e3c2065bfa7b6416c06bd163d2cf8ba9ca9

SHA256
f49f3657682a1d58b3372f38741e29408c94417c14846441f0dfa93b3e58095c

SHA512
f259c9d7a7fbdba5a6ee87a869bc6b5e0150477f5d0d0599d80e96926fb1049cdcd5a6b539ffb1a2897eeb9e4152babd0296a4709c59876d93ba814b71a5c921

Download Submit
C:\Users\Admin\AppData\Local\Temp\~jpf2setup.TMP\Translation\Jetico Personal Firewall\ja\langFile.txt

Filesize
61KB

MD5
627a9bf26deab232addf1d1f6a8d5496

SHA1
67315dfe45238f43ace56609b065fbeae5a76ab3

SHA256
74fcf7144058bc469c15604b2de5571b205f7833e1796c117d1e1711aa287287

SHA512
23eac9ad9379c6b41761c06999deaccc064ea51dce6f6560e4503e701f14176978b5c5fbf8540f7e9275c484c2042a595d5e392edfb5e78fa984549704471878

Download Submit
C:\Users\Admin\AppData\Local\Temp\~jpf2setup.TMP\Translation\Jetico Personal Firewall\nl\langFile.txt

Filesize
50KB

MD5
15b48f662264b5f4b7d78bad5060c25c

SHA1
cf3b6d59befe7f652c5e3e2e8ca896581ca65d4f

SHA256
3af7bc4c28304f7bace7b80e3cdb858404337b259adc34240ee1c2555fa60647

SHA512
d09c9bbfb17662ec410e021c123672ffaf3717351e4bf5b9565e8c9ee879644ee7a1078aad0d3e82c539d868931f677c0e559cad37d3d3834447ceeb7e008149

Download Submit
C:\Users\Admin\AppData\Local\Temp\~jpf2setup.TMP\Translation\Jetico Personal Firewall\pl\langFile.txt

Filesize
49KB

MD5
cc8a73b535b51aff05a52f0bf8e09659

SHA1
3cd5e7895bf8e89883bef4b9fd5f737b573c3afe

SHA256
00b53814a0109db6b103945d5bd5add86d0ec5139e280a825baa17d3bd50a8db

SHA512
0347694e6677dac5b378375e3d35743fef14a7a111d71dc4c39b874ba015ac8bfe3d9e03e24eac669f87ed8910e4f3df41bf6f0aaa95d39d78a15faa53b44daf

Download Submit
C:\Users\Admin\AppData\Local\Temp\~jpf2setup.TMP\Translation\Jetico Personal Firewall\pt_br\langFile.txt

Filesize
51KB

MD5
21ca02b9d12e007d5cffdbf8216ba7fd

SHA1
1ea1addea08b49e26625f0fa96d124d6beec912c

SHA256
81bff08d0d7e2abfa0797d19040aa50b5cf743384681ead8577fd48edc5c202b

SHA512
878f9ce7207ad5e85a00b506b097d18abcc88714be8be69f1aab6b693896a201c468bd44f93f1d65e41fa0d4a9bcdbe86ce5f8060d30773ea2bfdfa41e313c1c

Download Submit
C:\Users\Admin\AppData\Local\Temp\~jpf2setup.TMP\Translation\Jetico Personal Firewall\ro\langFile.txt

Filesize
49KB

MD5
5872d331a22a2e6e83716d179e23160b

SHA1
b81ece8ab9026326e3cd2bdc4b5f0d2827ed542e

SHA256
1beccb75a7aed02c92460979417777142b244b522819ae7d908ef4a8616f056c

SHA512
a8c6723d6dfe53ade46cddf7a2764f15b9dafdf27a1e5afe3c329cf381719ad91b863b5fbd2480b40fe505dbf69fafe1b4b21d9ab8a9a04f3b1793ff572a63d5

Download Submit
C:\Users\Admin\AppData\Local\Temp\~jpf2setup.TMP\Translation\Jetico Personal Firewall\ru\langFile.txt

Filesize
66KB

MD5
6b88761f525b99f30d766d78f0b482bf

SHA1
7953f9442f7b217f8628f57fe977c3c79d777e87

SHA256
d37ce699052e3c2d550a0b7fcfa6d71f86f7a8c49713a0ab4b05d31235813fa1

SHA512
55b0eae1195e056cf77017f73afa204de93d5637a864db1dc567c0f9d4864004f48bd11270acef021e7ed701e06e58e8e9f4e5833b4b7f2f471059ac959acab2

Download Submit
C:\Users\Admin\AppData\Local\Temp\~jpf2setup.TMP\Translation\Jetico Personal Firewall\tr\langFile.txt

Filesize
50KB

MD5
5103f1b0386a523b9c3d059dd4e72585

SHA1
dba2b3ab87b2d46ba76a501be0558c5af94fde93

SHA256
4b7fdfecdfb5d58163904604a15fa3a0a552f5a73928982520dd4923b2b19362

SHA512
1a20f593004e4281dcb45806590d73eee9de9ea85c84d1168c9289f103d1419e24e21e28c1166956b97f7829fda79e447e65ce5c854a49e547f68c6134b4b9e5

Download Submit
C:\Users\Admin\AppData\Local\Temp\~jpf2setup.TMP\Translation\Jetico Personal Firewall\ua\langFile.txt

Filesize
64KB

MD5
a46faaf04747ba10a9cbf1c84d41d429

SHA1
7644f7bc375b75fa1d99356c9235888dc27dee78

SHA256
18a05fdf1392c0534f2db368cb77fed87f48be7e4b650199e66f5af1d34cc9d1

SHA512
85db058d2b5c33a06e593df06e577ebe2852206644e78dcc97b9a8ee2d424327ea425fd42245fdd0bdfef066c3529f98727bfc615e853e3e4cf27fde8383d1db

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads