General
-
Target
jdk-8u191-windows-i586.exe
-
Size
197.3MB
-
Sample
241117-krx3sazqdn
-
MD5
50cfd28a3a3243bc5e9be096a3b9fd97
-
SHA1
bc8f26edb5d1b6d93459405da76bc52c9b882e69
-
SHA256
a92fce986622e9846b93e396a7eda6214e7f7ea90860794c934f423c10813622
-
SHA512
859e7cc427a5ea990dd3b5301d0bb68aceac9b32f62363d5d21ed90ad45a7a7912d201dc276786bfcfb18a8683776623c7b78c4ad06c4f8002033bfaa6e8855e
-
SSDEEP
6291456:TRcAp+FfSMhbAOo8ZycQv15tZ8YpG+sdjjceHAk8iaKmh:TRcAp4SWAURo5MAHojjjHEiaT
Static task
static1
Behavioral task
behavioral1
Sample
jdk-8u191-windows-i586.exe
Resource
win11-20241007-en
Malware Config
Targets
-
-
Target
jdk-8u191-windows-i586.exe
-
Size
197.3MB
-
MD5
50cfd28a3a3243bc5e9be096a3b9fd97
-
SHA1
bc8f26edb5d1b6d93459405da76bc52c9b882e69
-
SHA256
a92fce986622e9846b93e396a7eda6214e7f7ea90860794c934f423c10813622
-
SHA512
859e7cc427a5ea990dd3b5301d0bb68aceac9b32f62363d5d21ed90ad45a7a7912d201dc276786bfcfb18a8683776623c7b78c4ad06c4f8002033bfaa6e8855e
-
SSDEEP
6291456:TRcAp+FfSMhbAOo8ZycQv15tZ8YpG+sdjjceHAk8iaKmh:TRcAp4SWAURo5MAHojjjHEiaT
Score7/10-
A potential corporate email address has been identified in the URL: SofiaSansExtraCondenseditalwght@1800
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Blocklisted process makes network request
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Legitimate hosting services abused for malware hosting/C2
-