477b0286ea489f872a3f3f3b01cef1829098da69e7e386d4a41ecbe51542db32 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

ffdec_21.0...up.exe

windows7-x64

7

ffdec_21.0...up.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

ffdec.bat

windows7-x64

1

ffdec.bat

windows10-2004-x64

7

ffdec.exe

windows7-x64

3

ffdec.exe

windows10-2004-x64

7

ffdec.jar

windows7-x64

1

ffdec.jar

windows10-2004-x64

7

lib/JavactiveX.jar

windows7-x64

1

lib/JavactiveX.jar

windows10-2004-x64

1

lib/LZMA.jar

windows7-x64

1

lib/LZMA.jar

windows10-2004-x64

1

lib/avi.jar

windows7-x64

1

lib/avi.jar

windows10-2004-x64

1

lib/cmykjpeg.jar

windows7-x64

1

lib/cmykjpeg.jar

windows10-2004-x64

1

lib/ddsreader.jar

windows7-x64

1

lib/ddsreader.jar

windows10-2004-x64

1

lib/decimal.jar

windows7-x64

1

lib/decimal.jar

windows10-2004-x64

1

lib/ffdec_lib.jar

windows7-x64

1

lib/ffdec_lib.jar

windows10-2004-x64

1

lib/flamingo-6.2.jar

windows7-x64

1

lib/flamingo-6.2.jar

windows10-2004-x64

1

Analysis

max time kernel
105s
max time network
137s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
11/09/2024, 13:23

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ffdec_21.0.5_setup.exe

Resource

win7-20240903-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

ffdec_21.0.5_setup.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral3

Sample

$PLUGINSDIR/LangDLL.dll

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral4

Sample

$PLUGINSDIR/LangDLL.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral5

Sample

$PLUGINSDIR/StartMenu.dll

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral6

Sample

$PLUGINSDIR/StartMenu.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral7

Sample

$PLUGINSDIR/System.dll

Resource

win7-20240729-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral8

Sample

$PLUGINSDIR/System.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral9

Sample

$PLUGINSDIR/nsDialogs.dll

Resource

win7-20240704-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral10

Sample

$PLUGINSDIR/nsDialogs.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral11

Sample

ffdec.bat

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral12

Sample

ffdec.bat

Resource

win10v2004-20240802-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral13

Sample

ffdec.exe

Resource

win7-20240903-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral14

Sample

ffdec.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral15

Sample

ffdec.jar

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

ffdec.jar

Resource

win10v2004-20240802-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral17

Sample

lib/JavactiveX.jar

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral18

Sample

lib/JavactiveX.jar

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral19

Sample

lib/LZMA.jar

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

lib/LZMA.jar

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

lib/avi.jar

Resource

win7-20240729-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

lib/avi.jar

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

lib/cmykjpeg.jar

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

lib/cmykjpeg.jar

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

lib/ddsreader.jar

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

lib/ddsreader.jar

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

lib/decimal.jar

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

lib/decimal.jar

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

lib/ffdec_lib.jar

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

lib/ffdec_lib.jar

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

lib/flamingo-6.2.jar

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

lib/flamingo-6.2.jar

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

lib/ddsreader.jar
Size

7KB
MD5

8317cebf5d6b539b7c63d61522964f20
SHA1

2349473ed81dba7a0017d8431ed100849a5a3a81
SHA256

b64bd5bbb4bad9092c4f4109795c41ce513b24f1fad9f6886492d976482b1603
SHA512

47a53b15a24481d5241f251dddc318cfd3225b9ec74fdb1ef418b2716514aef25b2b4ec6caf6156dcc44d67d2ace7c07589af94018c0a689825377890cf50eb3
SSDEEP

192:dZPtFIcPBD/hUuITjG6DJgvXmFxq6I4Jis+G:bFFIqR/jCjBgvXkxBxJiO

Score

1^/10

Malware Config

Signatures

Processes

C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\lib\ddsreader.jar
1⤵
PID:1472

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1472-2-0x0000029B28CF0000-0x0000029B28F60000-memory.dmp

Filesize
2.4MB

Download
memory/1472-11-0x0000029B27500000-0x0000029B27501000-memory.dmp

Filesize
4KB

Download
memory/1472-12-0x0000029B28CF0000-0x0000029B28F60000-memory.dmp

Filesize
2.4MB

Download

© 2018-2025

Terms | Privacy