Overview

overview

4

Static

static

1

jre-8u421-...64.exe

windows7-x64

4

jre-8u421-...64.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    1565s
  • max time network
    1568s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    20/07/2024, 00:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    jre-8u421-windows-x64.exe

  • Size

    65.8MB

  • MD5

    44212e8e9e46a94ab90d0ef4405fce7b

  • SHA1

    a123299a54411ec6c479c2701a53452ede431138

  • SHA256

    53898fddd0b8d2c1b60db92b0810f4861b614c4ede149718266a129e29aab779

  • SHA512

    1f7244f97264af95120bc883e114c77e3672263b0075ff8abc8f64e18edaa53e63f75089386d1e95dad479f3ee6a9acb50d41734eb0a6e388167a006e945a367

  • SSDEEP

    1572864:JIhmIZZVcFBjO1kBJY0JNhQjQNSEkNt1lLG5a95GBol8Gfgs9:JBIZZVcFwqJh/yQUE+LegGKgq

Score
4/10

Malware Config

Signatures

  • Executes dropped EXE 2 IoCs
  • Loads dropped DLL 2 IoCs
  • Modifies Internet Explorer settings 1 TTPs 1 IoCs
    adwarespyware
  • Modifies system certificate store 2 TTPs 2 IoCs
    evasionspywaretrojan
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\jre-8u421-windows-x64.exe
    "C:\Users\Admin\AppData\Local\Temp\jre-8u421-windows-x64.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1460
    • C:\Users\Admin\AppData\Local\Temp\jds259437634.tmp\jre-8u421-windows-x64.exe
      "C:\Users\Admin\AppData\Local\Temp\jds259437634.tmp\jre-8u421-windows-x64.exe"
      2⤵
      • Executes dropped EXE
      • Modifies Internet Explorer settings
      • Modifies system certificate store
      • Suspicious use of SetWindowsHookEx
      PID:2076

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\jusched.log
    Filesize

    1KB

    MD5

    72ae32d85f74f16bf9746c8d2420ee02

    SHA1

    022bb08f31ba7a897d968a8807b82c4bc63958e2

    SHA256

    02891b44dc6048a5a9bda21f72099cea224ad71cdf8680e4d37b98d9084c4df4

    SHA512

    c19e8868d192d43668d8ea920c0e93974bb70f607bcfa0df48f9b61f6084aeb461c84171e1522ea1c2237d938de947b20aac259a2ba508e235e590f9e6a1230a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\jusched.log
    Filesize

    5KB

    MD5

    c70580a41eeb655e11de0f1eaade5e81

    SHA1

    586ae7551c4ac0af12f1aecfc4894cc18a60f9b9

    SHA256

    ab8a8df0430de7d78782d39703ed7d51429597fe31fe7cfc47ae76697bea66f3

    SHA512

    1d25de7aa44553133499f8fc86cbd9f25374dea660c58029d16adcc74047f87fef99bb6e189894d0dab6263f98eb993f8a1dd4f1b7d68da704568eb8a702459c

    Download Submit