Overview

overview

10

Static

static

10

robux.jar

windows7-x64

1

robux.jar

windows10-2004-x64

6

Analysis

  • max time kernel
    148s
  • max time network
    139s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-11-2024 07:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    robux.jar

  • Size

    11.7MB

  • MD5

    4ac4a7e055d8124aa3e86b0fbf7f4c96

  • SHA1

    38094b0c571b491f4dedf181561d5e50e4d3ca30

  • SHA256

    def26eff69c14a0d4e02b23e19956a0020290100c4c13a7dcec1f33a3b39ccbe

  • SHA512

    014a4815759642b0e93ea980b4fe721cce343f4e4dbb99666740af7ac8d166ff7562d14567a8d13224a09d76ecf3147e18a031c163a13f87d2b04bd3c25ed846

  • SSDEEP

    196608:74vLKMnNjMwJh4/SnSUpSsjiIhA9q7QQz5sG6ERvPb8K8Hd6NkvKiEoqrsmIg:S5MwJyNUIyN7tq2Rb8PHEaCE1mIg

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs
  • Views/modifies file attributes 1 TTPs 1 IoCs
    evasion

Processes

  • C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\robux.jar
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4512
    • C:\Windows\SYSTEM32\attrib.exe
      attrib +H C:\Users\Admin\AppData\Roaming\Microsoft\.tmp\1732348261269.tmp
      2⤵
      • Views/modifies file attributes
      PID:3964
    • C:\Windows\SYSTEM32\cmd.exe
      cmd.exe /c "REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v Home /d "C:\Program Files\Java\jre-1.8\bin\javaw.exe -jar C:\Users\Admin\AppData\Roaming\Microsoft\.tmp\1732348261269.tmp" /f"
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:2772
      • C:\Windows\system32\reg.exe
        REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v Home /d "C:\Program Files\Java\jre-1.8\bin\javaw.exe -jar C:\Users\Admin\AppData\Roaming\Microsoft\.tmp\1732348261269.tmp" /f
        3⤵
        • Adds Run key to start application
        PID:2824

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Microsoft\.tmp\1732348261269.tmp
    Filesize

    11.7MB

    MD5

    4ac4a7e055d8124aa3e86b0fbf7f4c96

    SHA1

    38094b0c571b491f4dedf181561d5e50e4d3ca30

    SHA256

    def26eff69c14a0d4e02b23e19956a0020290100c4c13a7dcec1f33a3b39ccbe

    SHA512

    014a4815759642b0e93ea980b4fe721cce343f4e4dbb99666740af7ac8d166ff7562d14567a8d13224a09d76ecf3147e18a031c163a13f87d2b04bd3c25ed846

    Download Submit

  • memory/4512-2-0x000002239C9C0000-0x000002239CC30000-memory.dmp

    Filesize

    2.4MB

    Download

  • memory/4512-15-0x000002239CC30000-0x000002239CC40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-17-0x000002239CC40000-0x000002239CC50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-20-0x000002239CC50000-0x000002239CC60000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-21-0x000002239CC60000-0x000002239CC70000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-24-0x000002239CC70000-0x000002239CC80000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-25-0x000002239CC80000-0x000002239CC90000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-28-0x000002239CC90000-0x000002239CCA0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-29-0x000002239CCA0000-0x000002239CCB0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-35-0x000002239CCB0000-0x000002239CCC0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-38-0x000002239B1B0000-0x000002239B1B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4512-51-0x000002239CC30000-0x000002239CC40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-50-0x000002239CCF0000-0x000002239CD00000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-49-0x000002239CD10000-0x000002239CD20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-48-0x000002239CD00000-0x000002239CD10000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-47-0x000002239CCE0000-0x000002239CCF0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-46-0x000002239CCD0000-0x000002239CCE0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-45-0x000002239CCC0000-0x000002239CCD0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-44-0x000002239C9C0000-0x000002239CC30000-memory.dmp

    Filesize

    2.4MB

    Download

  • memory/4512-59-0x000002239CC50000-0x000002239CC60000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-58-0x000002239CD30000-0x000002239CD40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-64-0x000002239CC70000-0x000002239CC80000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-63-0x000002239CD50000-0x000002239CD60000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-62-0x000002239CD40000-0x000002239CD50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-61-0x000002239CC60000-0x000002239CC70000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-57-0x000002239CD20000-0x000002239CD30000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-56-0x000002239CC40000-0x000002239CC50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-73-0x000002239CD70000-0x000002239CD80000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-72-0x000002239CC90000-0x000002239CCA0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-69-0x000002239CD60000-0x000002239CD70000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-77-0x000002239CD80000-0x000002239CD90000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-76-0x000002239CCA0000-0x000002239CCB0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-68-0x000002239CC80000-0x000002239CC90000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-79-0x000002239CCB0000-0x000002239CCC0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-80-0x000002239CD90000-0x000002239CDA0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-89-0x000002239CDA0000-0x000002239CDB0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-88-0x000002239CD10000-0x000002239CD20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-87-0x000002239CD00000-0x000002239CD10000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-86-0x000002239CCE0000-0x000002239CCF0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-85-0x000002239CCD0000-0x000002239CCE0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-84-0x000002239CCC0000-0x000002239CCD0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-98-0x000002239CDC0000-0x000002239CDD0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-101-0x000002239CDD0000-0x000002239CDE0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-97-0x000002239CD30000-0x000002239CD40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-107-0x000002239CDF0000-0x000002239CE00000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-106-0x000002239CDE0000-0x000002239CDF0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-113-0x000002239CD70000-0x000002239CD80000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-115-0x000002239CE20000-0x000002239CE30000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-116-0x000002239CD80000-0x000002239CD90000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-114-0x000002239CE10000-0x000002239CE20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-110-0x000002239CE00000-0x000002239CE10000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-109-0x000002239CD60000-0x000002239CD70000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-105-0x000002239CD50000-0x000002239CD60000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-104-0x000002239CD40000-0x000002239CD50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-96-0x000002239CD20000-0x000002239CD30000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-94-0x000002239CCF0000-0x000002239CD00000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-95-0x000002239CDB0000-0x000002239CDC0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-119-0x000002239B1B0000-0x000002239B1B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4512-122-0x000002239CE30000-0x000002239CE40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-121-0x000002239CD90000-0x000002239CDA0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-126-0x000002239CE40000-0x000002239CE50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-125-0x000002239CDA0000-0x000002239CDB0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-129-0x000002239CE50000-0x000002239CE60000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-128-0x000002239CDB0000-0x000002239CDC0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-133-0x000002239CDC0000-0x000002239CDD0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-134-0x000002239CE60000-0x000002239CE70000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-136-0x000002239B1B0000-0x000002239B1B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4512-137-0x000002239CDD0000-0x000002239CDE0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-138-0x000002239CE70000-0x000002239CE80000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-140-0x000002239CDE0000-0x000002239CDF0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-141-0x000002239CDF0000-0x000002239CE00000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-142-0x000002239CE80000-0x000002239CE90000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-145-0x000002239CE90000-0x000002239CEA0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-148-0x000002239CEA0000-0x000002239CEB0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-147-0x000002239CE00000-0x000002239CE10000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-149-0x000002239B1B0000-0x000002239B1B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4512-151-0x000002239CE10000-0x000002239CE20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-152-0x000002239CEB0000-0x000002239CEC0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-155-0x000002239CE20000-0x000002239CE30000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-156-0x000002239CEC0000-0x000002239CED0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-158-0x000002239CE30000-0x000002239CE40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-159-0x000002239CED0000-0x000002239CEE0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-161-0x000002239CE40000-0x000002239CE50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-162-0x000002239CEE0000-0x000002239CEF0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-165-0x000002239CE50000-0x000002239CE60000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-166-0x000002239CEF0000-0x000002239CF00000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-167-0x000002239CE60000-0x000002239CE70000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-169-0x000002239CE70000-0x000002239CE80000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-170-0x000002239CF00000-0x000002239CF10000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-173-0x000002239CE80000-0x000002239CE90000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-174-0x000002239CF10000-0x000002239CF20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-176-0x000002239CE90000-0x000002239CEA0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-177-0x000002239CF20000-0x000002239CF30000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-179-0x000002239CEA0000-0x000002239CEB0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-182-0x000002239CEB0000-0x000002239CEC0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-183-0x000002239CF30000-0x000002239CF40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-185-0x000002239CEC0000-0x000002239CED0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-186-0x000002239CF40000-0x000002239CF50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-187-0x000002239B1B0000-0x000002239B1B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4512-189-0x000002239CED0000-0x000002239CEE0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4512-190-0x000002239CF50000-0x000002239CF60000-memory.dmp

    Filesize

    64KB

    Download