Overview

overview

3

Static

static

3

jAlarm.exe

windows7-x64

3

jAlarm.exe

windows10-2004-x64

3

jAlarm.jar

windows7-x64

1

jAlarm.jar

windows10-2004-x64

1

lib/jl1.0.jar

windows7-x64

1

lib/jl1.0.jar

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    18/09/2024, 21:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    jAlarm.exe

  • Size

    23KB

  • MD5

    ce84a5896299e7497b2ba4d839033429

  • SHA1

    6e83b6cb382e335259bd3a522b9762f832709dd3

  • SHA256

    d3c180c2f43f9fde9c8e19ed51a3090a9655f90fed0d57efbd285464e83ed311

  • SHA512

    56de055ce327e8fc29f60e5e4394ddc99e52d8d08b9471c4b1a1a9bc8b26629ebcbded5116a6d7be3056b7cff2a736ced650f2490eb8d5a810dd7b8c70c48b4d

  • SSDEEP

    384:tlzd1G38fQ971v3HRM8kcr07GIWstMcpPKUiw103ZQ7JtgkigKNT:tcOg3qViIWbc8Uiw+kY

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 62 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\jAlarm.exe
    "C:\Users\Admin\AppData\Local\Temp\jAlarm.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of WriteProcessMemory
    PID:2984
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://java.com/download
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2224
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2224 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2908

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    de4b4e1596d79df95eb9d7c77c9b4bae

    SHA1

    578d312480db29230a6cec3293884602330acb04

    SHA256

    23b3188935d310aafb7495d6e093f44ae0db640faca5c8f901d58354397b57a8

    SHA512

    5e020a93e9177c1d47352ce60e73843080601ed30a853c5225325d7d90e46b296fa0464b7785d0fd289591abe7482ef6ebaa5a708fb1016a8ec6f982bbfa2304

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    3152984d18e7662a9e238a6d25c80797

    SHA1

    e62a424583dfbb6470364e9db9f599d4260b35aa

    SHA256

    a209d26a502a3f0c7d7a77841299a90a73c8983daf877e8b49d3de2180fbec15

    SHA512

    c118036bd4a33c8898aa8312b444fe3353dde6f91eeecbae6b5c5ff842ff9b00532b14a66553a88fd26ec78242de039836ed7e8e87dce4082aaad8204f99db93

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4a6dc70a7b86f52ec98b64d54a0594e5

    SHA1

    82887fd49cb92b9153993e955ec7522d2890316f

    SHA256

    1d8bf3cc790929758e13f9719f7dad6410e322f631dc3f674b3559b99467a801

    SHA512

    f379abd6f555c5cd7eba950b5ca108d2c4f5aa4545f18bea9b0c2396ab1c555396c9705aa64c8478c700fa567175b2f4bf7e128fae46e4247f05dd4dd5ea3c96

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    22c33b989c4bece5442daff5c56076a4

    SHA1

    9636975012e8b5e6e559864f19148c092d5f1a24

    SHA256

    f83b7a1fbed6ec35cfd789ed1048019f7a64bb58145cee57f120a2911e1d1fbc

    SHA512

    1b83457c35dee0bd70432c59d952bed515761c277774e86c56e9412ef9501d0e892fd2e0dedb0e89d5ff4fa94fa7051d965ae5ed0a9430038282b46fb3464fee

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1c5a9d05b4d78ef3bf94ff9a9620474a

    SHA1

    0432d0d9199d207fd1fa017be0d49afbbd3064f6

    SHA256

    66f1e3d0c8e1f8afff697cd28845db6430f25c39fc0e0a2217d9f2c025eaec50

    SHA512

    b4a818027fa3633dc701a965644565285519f68bebe037765000be91f99e7223dae2ffe7feb967319ceddf1149a14df6d6d615f7926f3821568b8c925a0f4cf1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c16d8053312971ee983b5f8785110cec

    SHA1

    80f3049f89e836555d37c28bc1b59613988fda8c

    SHA256

    d4bfac4512173b55012423e9ec1ba896eda8a7ec905d625601e6c14a016ae663

    SHA512

    fa3b6b3da0134941d899dcfe85d4f76f103522ab2673e6a455d4960fd267ab75e87e9547813f157c2af96dd948909b69d694f4f354715067e347e020f0a59c01

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4be018f099863af33273e7c5eeacd152

    SHA1

    01fcf72fa5baa51ad77033ee0b822882757d12aa

    SHA256

    ef5fc492e07a5576161e9fe1210cc790091636de87ca7a4caa975a25d7921f92

    SHA512

    788ddea8e432b8cf730c8c06b6ed0fe588143fc9489b8ffc52adecbd8533c1689e35ca64fcf033415ed610c884a93cdca18cb2ee89f12f03fe55c2ef4dcb9fd7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ad2d6e91ebabe814d3f31042a39aa32a

    SHA1

    35062539054f83e54bfef413b3aa59781468ebb8

    SHA256

    0eaf892f21498a59c7656d1cd046bc24f7435de5b9896486b3cf430fb4f41c7f

    SHA512

    5bbd9bbd3efc4a49a99729a525a14f37201aa9fb84d069d81f4d0ebaf3ccbfac348fefd8ad7e03c24b2a317ebbff6ed0cafd3f79aa7284352369ddd82bd5892e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    83aa8d12ad32e1effea7ce6f8ee1c83c

    SHA1

    ccedd12113411de6d28a1238d398cc8b5d882fbd

    SHA256

    217644dde476d018f82faf285bb453e2051c3d67a5cc1bbf6b1e4ed84707af96

    SHA512

    3eca57aec84f722d88d81bd523512e204b130da1b46fb3b9977e0523edf9d2411b1fad4fe0acff46ebc670593a91755b00f50c6e16f1977cdb8a78608753140b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4f7e50fd3c248b4c89340fdf66f92e12

    SHA1

    d3234d4b815ef0c89b7feed5e6526a3ffb9cc383

    SHA256

    e35bb81ab3a476d1b82edb55640903c0b53132ad77eff7485ce0915a1e0e8c2a

    SHA512

    26ff107980bfa8bf28d3a1ed1e5572261fefcf516e49ec5efa5091cce6b2bb0b8e628a6c77a1bb5fe1ceea0265ea39cdd252fc4b669537411078d2975aa8de28

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cdb7adf80f20cad462bfa7a17e545f58

    SHA1

    629d12b475696f9f7d7ed5de15dac7f485a2ee0e

    SHA256

    42c27336496ee6f3f94827e823f7723c706fba447bf94d7eb2d737c98339937d

    SHA512

    623bf2143b9ad72da2d84cf4a53e87830e9eaa6fe23bba43a001b441c913a60a36cbae420e6452d8d82a115cbe81d56041a2f80d34710ee7d698b4b93ffc7787

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    51809e641096ddbcc7ff3203a79a1c7f

    SHA1

    4769dbf0b22519a53f9913cfcb6ec42bedcd45de

    SHA256

    231413ca6179ba5577ca3503d9c0f3e321a211dcc344f9522fbeefc0eb6586e7

    SHA512

    f93d1f5987d31249a454de6fb506311665365eb58effd67fb86d81cf038a3f15c370a06902720435c0fce2773b7f0a40740c5cd14ebe266919fe65eec82ec974

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    33972d66c6e2005d47a78402bfb83409

    SHA1

    3c0b19f09abe4e2945939c29c58335a6293609aa

    SHA256

    3b2722657de72528dcf0fcb0e6ad7df3c16bf760301cd0fb4f920d592e04efdb

    SHA512

    8775d039dc1c76e48de82fe917d2da68e671612e4441f61fc9ca83de533dd124c6d084d19387f699af133110add13363e4b2bf998a3fc115e382c1f26cda19cf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    84715db515ee88e9638c05e4798bfd8e

    SHA1

    e2be77ff13e2c41fa428fd7608766c95053c284f

    SHA256

    aa3283f48c915de52e07ffaf7c3c6a2761a01fdce1c104b12a6347c5328f9ec7

    SHA512

    59f4e94288c9ac6b471f902ffbeee2570578d5ecbf81698934213a909fbe7505c87c3e7a4d057d0b6632ad8b458ab39b425ebf79faa5b65f761a53273efcffda

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6844fd22a9e5617d0fc8c7cd9a48b1e8

    SHA1

    2d2374e144421b6d3b5ad4383dc432f37ca5035f

    SHA256

    95ea9125fce80c1dfd3906d7c83b0894ecc00e32246f833357bcb063f4e9936c

    SHA512

    ea04a9dbccc945a622e357f317d0849d0e9b8b10ca404e93d7c1755f0f651b72d08757b7f783b9a0e662894e78aa1369dd2be93b20adb1dd381097d49dafad07

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e59d651fe14ed81cbbcdbf8cc041c516

    SHA1

    a11851fa573f761308c8cb155d5293bf668be94e

    SHA256

    d5088bd0397a277ae84dc38bfe20a6fe5aa2dc30ef586e06dc2d79b7d0cdf769

    SHA512

    e540f11d5865aa99e2d0d1d0c01462ee175f357a9a2d83c3e8e75945b3908fd22821b53318fcb6c1d4a98a6628754aec89fcbb81ee598c4cf96a306bb3582269

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    af6267a5a17bdbc2c3ff654b77cbda27

    SHA1

    6b8dfe007f29f4310f6c38dc6f933c48258de90e

    SHA256

    785b77b36e18b3369209416f0d6a88015ae4ceb8ec7a1459245bd7ae3bc23c3d

    SHA512

    06a8c2f49a7e7ed60440df2b0446ed0da2c69bbbbdd8e916cf8eb33ab77a48d85567efdfc17717a8a74dcc335561da3d3741868cd1b6aa1a378463497aa0483c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    00561a7884acdd653904b6454c7eb583

    SHA1

    a38c35ef7bbf51b76f9628e32eb39c61baf69fc0

    SHA256

    c8f18f20c21d4f4d2486a455fa502047c416c04cd7a2e35b3d86dcb4b944f5a9

    SHA512

    a30ebff1d53c644b90954b652094d16d5d45ead40bedb20f2f09791534df65545c8121a535137ce128f9b07e7685e0aab6608f421217edd434a56811606efd88

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1f7598cb86337eb0925c12dc0d711e4f

    SHA1

    8d7b9b95b69999513accaf4237f1345fc231b3ff

    SHA256

    123766ba7cb484b31b398ef61847b29722e6548c03cae16d3ff153e7dcc35931

    SHA512

    6ed1f272745cb81539ee383ea67f7cbf5e515a096f1df84cb096c3be9e55b368fccc8e7817d1e946098952aed39206a62eafb686cf60709b010df02f636b8c20

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    77c78b4ef7682bc09f3225c41de1042f

    SHA1

    c9cf5549f99701bbe841da053339914af1d3eabf

    SHA256

    f3b373cd94a898cef2ffc82cbd4401b1a416e468abcfbbcfbd0a968990ec28de

    SHA512

    91f887e9e8ce8d7168df8a1dbca810f305c687899d59e51c3bd45eb6c10b9dad237196dca6af57b0cd8dc337b5fe0ce8f425bba536525cdc055c2973796f07fd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    3b14672adb1d091d5989ef6cfc0ddb64

    SHA1

    9266b481d347c17f19bab265ee5395cdd06172e1

    SHA256

    3a534dd72faf06e91e1863086f0eb446500daa52919ce59c326dd4383f3e0f5d

    SHA512

    4d87fc6d61d456443bd9861457fbc605af98f9f00ff607218a53c633cf2c78976e520fd149ebb6ab3fff2b9e5d7eddbd29deda873aeb92835bf43ee909e2e684

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\KO6QBCP8\www.java[1].xml
    Filesize

    398B

    MD5

    aaecb9c82168775724f91e139f3be12c

    SHA1

    eb09dce5dac88a63cfa3aa1c52364a94b0c5e3a4

    SHA256

    38a7e57f7d2075538afa7b77fab5d2c11ee6c21a7511a0ddb63f2a831f56a08f

    SHA512

    d4635e9a59b0343af464ea20815abc3cfb540008b1e10c5912dc67155680714d94bdd80632a20a0c6e148d447ad18768ffde3699747b55ff76a28b02e78f900d

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\KO6QBCP8\www.java[1].xml
    Filesize

    13B

    MD5

    c1ddea3ef6bbef3e7060a1a9ad89e4c5

    SHA1

    35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

    SHA256

    b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

    SHA512

    6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\ivwlua0\imagestore.dat
    Filesize

    1KB

    MD5

    19547ebbf281ddd864f5eedb740cc182

    SHA1

    448090ef7dbb616d29cedbf58866da4ab7c37df2

    SHA256

    260bf6485635ed766dbd368daa15dd6a201c88a8d35bbdd667df6a0cb8be1b30

    SHA512

    eed7eb05fef75794059c1b55588d65275f41594c010a13ea50945248e909fe737775c651ddf8bd76e216eb39321ce1f791ae9190cd97392f28d662d2274f94a4

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6XUZ2JLF\favicon[1].ico
    Filesize

    1KB

    MD5

    8e39f067cc4f41898ef342843171d58a

    SHA1

    ab19e81ce8ccb35b81bf2600d85c659e78e5c880

    SHA256

    872bad18b566b0833d6b496477daab46763cf8bdec342d34ac310c3ac045cefd

    SHA512

    47cd7f4ce8fcf0fc56b6ffe50450c8c5f71e3c379ecfcfd488d904d85ed90b4a8dafa335d0e9ca92e85b02b7111c9d75205d12073253eed681868e2a46c64890

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE31F.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE332.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/2984-0-0x0000000000400000-0x0000000000412000-memory.dmp

    Filesize

    72KB

    Download