Overview

overview

7

Static

static

3

ffdec_21.0...up.exe

windows7-x64

7

ffdec_21.0...up.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

ffdec.bat

windows7-x64

1

ffdec.bat

windows10-2004-x64

7

ffdec.exe

windows7-x64

3

ffdec.exe

windows10-2004-x64

7

ffdec.jar

windows7-x64

1

ffdec.jar

windows10-2004-x64

7

lib/JavactiveX.jar

windows7-x64

1

lib/JavactiveX.jar

windows10-2004-x64

1

lib/LZMA.jar

windows7-x64

1

lib/LZMA.jar

windows10-2004-x64

1

lib/avi.jar

windows7-x64

1

lib/avi.jar

windows10-2004-x64

1

lib/cmykjpeg.jar

windows7-x64

1

lib/cmykjpeg.jar

windows10-2004-x64

1

lib/ddsreader.jar

windows7-x64

1

lib/ddsreader.jar

windows10-2004-x64

1

lib/decimal.jar

windows7-x64

1

lib/decimal.jar

windows10-2004-x64

1

lib/ffdec_lib.jar

windows7-x64

1

lib/ffdec_lib.jar

windows10-2004-x64

1

lib/flamingo-6.2.jar

windows7-x64

1

lib/flamingo-6.2.jar

windows10-2004-x64

1

Analysis

  • max time kernel
    148s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/09/2024, 13:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    lib/cmykjpeg.jar

  • Size

    88KB

  • MD5

    d81f8ff9a1f01f36a33801810a9836da

  • SHA1

    95d9cd2deebf49ef0fd1f7ed9a87ae7ca2ce082a

  • SHA256

    0ae56cee0cca3f2c54593b08dd2f450f6f8fea5dd9054b9949b9f08f34e98b5a

  • SHA512

    2d9682317a06c6c58c8b25f3854131039172b6d4ad65fbe34c8d3d3ff5c73383604c667cb190e2b855bfc8e8a3069bcc64b56e40c13c59002bc786b4d8d8b5c2

  • SSDEEP

    1536:1qK53R6tXC7Wd/IklG8EnDKGu4DOM1WF0TzduVomomLF:1qSh6tXC8/jG82Hu4DOkWF0vduemoy

Score
1/10

Malware Config

Signatures

Processes

  • C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\lib\cmykjpeg.jar
    1⤵
      PID:1000

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1000-2-0x0000020E9E040000-0x0000020E9E2B0000-memory.dmp

      Filesize

      2.4MB

      Download

    • memory/1000-11-0x0000020E9C7B0000-0x0000020E9C7B1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1000-12-0x0000020E9E040000-0x0000020E9E2B0000-memory.dmp

      Filesize

      2.4MB

      Download