Overview

overview

10

Static

static

10

testingprank.jar

windows7-x64

1

testingprank.jar

windows10-2004-x64

6

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250217-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250217-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/03/2025, 23:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    testingprank.jar

  • Size

    1.2MB

  • MD5

    8fc2a2aef6de485dfe67368540b044f6

  • SHA1

    834f7ccd64b2706207c54c791cee8fbd4efa58a9

  • SHA256

    7782cbdf77627890ad47465420b60609ac766314200db8aed313743c50264233

  • SHA512

    bfff8ae72a2293be3d4eb2a3172d7e18d477342e5a4f397f0ffa93c9c416974cc16d0af924f9ea8a1766a7a4827680a082653748b59397043b342efc22d70b6e

  • SSDEEP

    24576:bXeQWSpM4sX/ggfe/GvV418utZXopD4B+hS2MXt3VBk7QAUy1xwj8kSXVXu7:LeQWSpM5oA94WufoW2O1AUgx/kSm

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs
  • Views/modifies file attributes 1 TTPs 1 IoCs
    defense_evasion

Processes

  • C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\testingprank.jar
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4008
    • C:\Windows\SYSTEM32\attrib.exe
      attrib +H C:\Users\Admin\AppData\Roaming\Microsoft\.tmp\1740873274675.tmp
      2⤵
      • Views/modifies file attributes
      PID:4580
    • C:\Windows\SYSTEM32\cmd.exe
      cmd.exe /c "REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v Home /d "C:\Program Files\Java\jre-1.8\bin\javaw.exe -jar C:\Users\Admin\AppData\Roaming\Microsoft\.tmp\1740873274675.tmp" /f"
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:3320
      • C:\Windows\system32\reg.exe
        REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v Home /d "C:\Program Files\Java\jre-1.8\bin\javaw.exe -jar C:\Users\Admin\AppData\Roaming\Microsoft\.tmp\1740873274675.tmp" /f
        3⤵
        • Adds Run key to start application
        PID:4356

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Microsoft\.tmp\1740873274675.tmp
    Filesize

    1.2MB

    MD5

    8fc2a2aef6de485dfe67368540b044f6

    SHA1

    834f7ccd64b2706207c54c791cee8fbd4efa58a9

    SHA256

    7782cbdf77627890ad47465420b60609ac766314200db8aed313743c50264233

    SHA512

    bfff8ae72a2293be3d4eb2a3172d7e18d477342e5a4f397f0ffa93c9c416974cc16d0af924f9ea8a1766a7a4827680a082653748b59397043b342efc22d70b6e

    Download Submit

  • memory/4008-2-0x000001D11E6D0000-0x000001D11E940000-memory.dmp

    Filesize

    2.4MB

    Download

  • memory/4008-14-0x000001D11E6B0000-0x000001D11E6B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4008-17-0x000001D11E940000-0x000001D11E950000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4008-18-0x000001D11E950000-0x000001D11E960000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4008-20-0x000001D11E960000-0x000001D11E970000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4008-24-0x000001D11E980000-0x000001D11E990000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4008-23-0x000001D11E970000-0x000001D11E980000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4008-26-0x000001D11E990000-0x000001D11E9A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4008-28-0x000001D11E9A0000-0x000001D11E9B0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4008-30-0x000001D11E9B0000-0x000001D11E9C0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4008-37-0x000001D11E9C0000-0x000001D11E9D0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4008-35-0x000001D11E6D0000-0x000001D11E940000-memory.dmp

    Filesize

    2.4MB

    Download

  • memory/4008-41-0x000001D11E9D0000-0x000001D11E9E0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4008-42-0x000001D11E6B0000-0x000001D11E6B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4008-43-0x000001D11E940000-0x000001D11E950000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4008-44-0x000001D11E950000-0x000001D11E960000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4008-47-0x000001D11E960000-0x000001D11E970000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4008-49-0x000001D11E980000-0x000001D11E990000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4008-48-0x000001D11E970000-0x000001D11E980000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4008-52-0x000001D11E6B0000-0x000001D11E6B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4008-53-0x000001D11E990000-0x000001D11E9A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4008-55-0x000001D11E9A0000-0x000001D11E9B0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4008-56-0x000001D11E9B0000-0x000001D11E9C0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4008-61-0x000001D11E9C0000-0x000001D11E9D0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4008-62-0x000001D11E9D0000-0x000001D11E9E0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4008-74-0x000001D11E6B0000-0x000001D11E6B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4008-79-0x000001D11E6B0000-0x000001D11E6B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4008-82-0x000001D11E6B0000-0x000001D11E6B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4008-83-0x000001D11E6B0000-0x000001D11E6B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4008-84-0x000001D11E6B0000-0x000001D11E6B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4008-88-0x000001D11E6B0000-0x000001D11E6B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4008-90-0x000001D11E6B0000-0x000001D11E6B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4008-96-0x000001D11E6B0000-0x000001D11E6B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4008-101-0x000001D11E6B0000-0x000001D11E6B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4008-106-0x000001D11E9E0000-0x000001D11E9F0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4008-109-0x000001D11E6B0000-0x000001D11E6B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4008-112-0x000001D11E6B0000-0x000001D11E6B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4008-113-0x000001D11E6B0000-0x000001D11E6B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4008-118-0x000001D11E9E0000-0x000001D11E9F0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4008-120-0x000001D11E6B0000-0x000001D11E6B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4008-134-0x000001D11E6B0000-0x000001D11E6B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4008-131-0x000001D11E6B0000-0x000001D11E6B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4008-136-0x000001D11E9F0000-0x000001D11EA00000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4008-135-0x000001D11E6B0000-0x000001D11E6B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4008-137-0x000001D11E6B0000-0x000001D11E6B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4008-140-0x000001D11E6B0000-0x000001D11E6B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4008-142-0x000001D11E6B0000-0x000001D11E6B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4008-150-0x000001D11E6B0000-0x000001D11E6B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4008-152-0x000001D11E6B0000-0x000001D11E6B1000-memory.dmp

    Filesize

    4KB

    Download