Overview

overview

10

Static

static

10

your hot s...le.jar

windows7-x64

3

your hot s...le.jar

windows10-2004-x64

6

Analysis

  • max time kernel
    599s
  • max time network
    601s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27/01/2025, 19:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    your hot sexy stub to send to people.jar

  • Size

    639KB

  • MD5

    0c0b1c4664d79734ae680bf8ea542a9b

  • SHA1

    46e41de70f1e946f26d1c80240605d693fc74fb0

  • SHA256

    a0655c2fc499d24fb6b24a09f127c17c4864324d43c8f129c33e42cc68bf987c

  • SHA512

    1d649a7b490e1870c0799e2a65dfcb20c18bdd5438caa874150828e1786c258746f427ebcd3f5685c957c271d8f6e7e8d374fba73fe203a1cdca6b49ca8c57a7

  • SSDEEP

    12288:GvbtQZ/fP5krp4VlYVo3gK/3RT+BCWN+JLggtSR8N3uuk2B0Sp7DAW:GvBQZZkV4jb3gKJuj+JMenuu5BHp7DAW

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs
  • Views/modifies file attributes 1 TTPs 1 IoCs
    defense_evasion

Processes

  • C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
    java -jar "C:\Users\Admin\AppData\Local\Temp\your hot sexy stub to send to people.jar"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2864
    • C:\Windows\SYSTEM32\attrib.exe
      attrib +H C:\Users\Admin\AppData\Roaming\Microsoft\.tmp\1738005567914.tmp
      2⤵
      • Views/modifies file attributes
      PID:4812
    • C:\Windows\SYSTEM32\cmd.exe
      cmd.exe /c "REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v Home /d "C:\Program Files\Java\jre-1.8\bin\javaw.exe -jar C:\Users\Admin\AppData\Roaming\Microsoft\.tmp\1738005567914.tmp" /f"
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:540
      • C:\Windows\system32\reg.exe
        REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v Home /d "C:\Program Files\Java\jre-1.8\bin\javaw.exe -jar C:\Users\Admin\AppData\Roaming\Microsoft\.tmp\1738005567914.tmp" /f
        3⤵
        • Adds Run key to start application
        PID:4508

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Microsoft\.tmp\1738005567914.tmp
    Filesize

    639KB

    MD5

    0c0b1c4664d79734ae680bf8ea542a9b

    SHA1

    46e41de70f1e946f26d1c80240605d693fc74fb0

    SHA256

    a0655c2fc499d24fb6b24a09f127c17c4864324d43c8f129c33e42cc68bf987c

    SHA512

    1d649a7b490e1870c0799e2a65dfcb20c18bdd5438caa874150828e1786c258746f427ebcd3f5685c957c271d8f6e7e8d374fba73fe203a1cdca6b49ca8c57a7

    Download Submit

  • memory/2864-2-0x000002BEA0D80000-0x000002BEA0FF0000-memory.dmp

    Filesize

    2.4MB

    Download

  • memory/2864-15-0x000002BEA0D60000-0x000002BEA0D61000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2864-18-0x000002BEA1000000-0x000002BEA1010000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2864-17-0x000002BEA0FF0000-0x000002BEA1000000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2864-28-0x000002BEA1050000-0x000002BEA1060000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2864-27-0x000002BEA1040000-0x000002BEA1050000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2864-26-0x000002BEA1030000-0x000002BEA1040000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2864-23-0x000002BEA1020000-0x000002BEA1030000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2864-22-0x000002BEA1010000-0x000002BEA1020000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2864-30-0x000002BEA1060000-0x000002BEA1070000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2864-32-0x000002BEA1070000-0x000002BEA1080000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2864-37-0x000002BEA1080000-0x000002BEA1090000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2864-36-0x000002BEA0D80000-0x000002BEA0FF0000-memory.dmp

    Filesize

    2.4MB

    Download

  • memory/2864-39-0x000002BEA1090000-0x000002BEA10A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2864-44-0x000002BEA0D60000-0x000002BEA0D61000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2864-46-0x000002BEA1000000-0x000002BEA1010000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2864-45-0x000002BEA0FF0000-0x000002BEA1000000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2864-48-0x000002BEA1010000-0x000002BEA1020000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2864-49-0x000002BEA1020000-0x000002BEA1030000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2864-52-0x000002BEA0D60000-0x000002BEA0D61000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2864-53-0x000002BEA1030000-0x000002BEA1040000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2864-54-0x000002BEA1040000-0x000002BEA1050000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2864-55-0x000002BEA1050000-0x000002BEA1060000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2864-56-0x000002BEA1060000-0x000002BEA1070000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2864-57-0x000002BEA0D60000-0x000002BEA0D61000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2864-58-0x000002BEA0D60000-0x000002BEA0D61000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2864-61-0x000002BEA0D60000-0x000002BEA0D61000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2864-62-0x000002BEA1070000-0x000002BEA1080000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2864-63-0x000002BEA1080000-0x000002BEA1090000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2864-65-0x000002BEA1090000-0x000002BEA10A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2864-69-0x000002BEA0D60000-0x000002BEA0D61000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2864-70-0x000002BEA0D60000-0x000002BEA0D61000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2864-74-0x000002BEA0D60000-0x000002BEA0D61000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2864-76-0x000002BEA0D60000-0x000002BEA0D61000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2864-80-0x000002BEA0D60000-0x000002BEA0D61000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2864-85-0x000002BEA0D60000-0x000002BEA0D61000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2864-107-0x000002BEA10A0000-0x000002BEA10B0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2864-114-0x000002BEA0D60000-0x000002BEA0D61000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2864-119-0x000002BEA0D60000-0x000002BEA0D61000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2864-123-0x000002BEA10A0000-0x000002BEA10B0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2864-176-0x000002BEA10B0000-0x000002BEA10C0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2864-196-0x000002BEA10B0000-0x000002BEA10C0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2864-324-0x000002BEA10C0000-0x000002BEA10D0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2864-567-0x000002BEA10D0000-0x000002BEA10E0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2864-577-0x000002BEA10D0000-0x000002BEA10E0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2864-631-0x000002BEA10E0000-0x000002BEA10F0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2864-636-0x000002BEA10F0000-0x000002BEA1100000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2864-657-0x000002BEA10F0000-0x000002BEA1100000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2864-676-0x000002BEA1100000-0x000002BEA1110000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2864-695-0x000002BEA1100000-0x000002BEA1110000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2864-708-0x000002BEA1110000-0x000002BEA1120000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2864-728-0x000002BEA1110000-0x000002BEA1120000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2864-912-0x000002BEA1120000-0x000002BEA1130000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2864-1025-0x000002BEA1130000-0x000002BEA1140000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2864-1044-0x000002BEA1130000-0x000002BEA1140000-memory.dmp

    Filesize

    64KB

    Download