Overview

overview

10

Static

static

10

testingprank.jar

windows7-x64

1

testingprank.jar

windows10-2004-x64

6

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250217-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250217-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02/03/2025, 00:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    testingprank.jar

  • Size

    1.2MB

  • MD5

    8fc2a2aef6de485dfe67368540b044f6

  • SHA1

    834f7ccd64b2706207c54c791cee8fbd4efa58a9

  • SHA256

    7782cbdf77627890ad47465420b60609ac766314200db8aed313743c50264233

  • SHA512

    bfff8ae72a2293be3d4eb2a3172d7e18d477342e5a4f397f0ffa93c9c416974cc16d0af924f9ea8a1766a7a4827680a082653748b59397043b342efc22d70b6e

  • SSDEEP

    24576:bXeQWSpM4sX/ggfe/GvV418utZXopD4B+hS2MXt3VBk7QAUy1xwj8kSXVXu7:LeQWSpM5oA94WufoW2O1AUgx/kSm

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs
  • Views/modifies file attributes 1 TTPs 1 IoCs
    defense_evasion

Processes

  • C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\testingprank.jar
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4916
    • C:\Windows\SYSTEM32\attrib.exe
      attrib +H C:\Users\Admin\AppData\Roaming\Microsoft\.tmp\1740873792469.tmp
      2⤵
      • Views/modifies file attributes
      PID:4580
    • C:\Windows\SYSTEM32\cmd.exe
      cmd.exe /c "REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v Home /d "C:\Program Files\Java\jre-1.8\bin\javaw.exe -jar C:\Users\Admin\AppData\Roaming\Microsoft\.tmp\1740873792469.tmp" /f"
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:3664
      • C:\Windows\system32\reg.exe
        REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v Home /d "C:\Program Files\Java\jre-1.8\bin\javaw.exe -jar C:\Users\Admin\AppData\Roaming\Microsoft\.tmp\1740873792469.tmp" /f
        3⤵
        • Adds Run key to start application
        PID:4004

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Microsoft\.tmp\1740873792469.tmp
    Filesize

    1.2MB

    MD5

    8fc2a2aef6de485dfe67368540b044f6

    SHA1

    834f7ccd64b2706207c54c791cee8fbd4efa58a9

    SHA256

    7782cbdf77627890ad47465420b60609ac766314200db8aed313743c50264233

    SHA512

    bfff8ae72a2293be3d4eb2a3172d7e18d477342e5a4f397f0ffa93c9c416974cc16d0af924f9ea8a1766a7a4827680a082653748b59397043b342efc22d70b6e

    Download Submit

  • memory/4916-2-0x0000020737750000-0x00000207379C0000-memory.dmp

    Filesize

    2.4MB

    Download

  • memory/4916-17-0x00000207379D0000-0x00000207379E0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4916-16-0x00000207379C0000-0x00000207379D0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4916-19-0x00000207379E0000-0x00000207379F0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4916-21-0x00000207379F0000-0x0000020737A00000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4916-24-0x0000020737A00000-0x0000020737A10000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4916-25-0x0000020737A10000-0x0000020737A20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4916-27-0x0000020737A20000-0x0000020737A30000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4916-29-0x0000020735E50000-0x0000020735E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4916-32-0x0000020737A30000-0x0000020737A40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4916-36-0x0000020737A40000-0x0000020737A50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4916-39-0x0000020735E50000-0x0000020735E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4916-40-0x0000020737750000-0x00000207379C0000-memory.dmp

    Filesize

    2.4MB

    Download

  • memory/4916-41-0x00000207379C0000-0x00000207379D0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4916-42-0x00000207379D0000-0x00000207379E0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4916-44-0x00000207379E0000-0x00000207379F0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4916-47-0x0000020735E50000-0x0000020735E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4916-48-0x00000207379F0000-0x0000020737A00000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4916-49-0x0000020737A00000-0x0000020737A10000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4916-50-0x0000020735E50000-0x0000020735E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4916-51-0x0000020737A10000-0x0000020737A20000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4916-52-0x0000020737A20000-0x0000020737A30000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4916-53-0x0000020735E50000-0x0000020735E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4916-57-0x0000020737A30000-0x0000020737A40000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4916-58-0x0000020737A40000-0x0000020737A50000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4916-60-0x0000020735E50000-0x0000020735E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4916-78-0x0000020735E50000-0x0000020735E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4916-79-0x0000020735E50000-0x0000020735E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4916-80-0x0000020735E50000-0x0000020735E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4916-84-0x0000020735E50000-0x0000020735E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4916-88-0x0000020735E50000-0x0000020735E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4916-91-0x0000020735E50000-0x0000020735E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4916-94-0x0000020735E50000-0x0000020735E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4916-95-0x0000020735E50000-0x0000020735E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4916-96-0x0000020737A50000-0x0000020737A60000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4916-97-0x0000020735E50000-0x0000020735E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4916-103-0x0000020735E50000-0x0000020735E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4916-106-0x0000020735E50000-0x0000020735E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4916-107-0x0000020735E50000-0x0000020735E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4916-108-0x0000020735E50000-0x0000020735E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4916-112-0x0000020737A50000-0x0000020737A60000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4916-114-0x0000020735E50000-0x0000020735E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4916-117-0x0000020735E50000-0x0000020735E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4916-119-0x0000020735E50000-0x0000020735E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4916-123-0x0000020735E50000-0x0000020735E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4916-127-0x0000020735E50000-0x0000020735E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4916-128-0x0000020735E50000-0x0000020735E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4916-132-0x0000020735E50000-0x0000020735E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4916-129-0x0000020735E50000-0x0000020735E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4916-133-0x0000020735E50000-0x0000020735E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4916-134-0x0000020735E50000-0x0000020735E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4916-137-0x0000020735E50000-0x0000020735E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4916-139-0x0000020735E50000-0x0000020735E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4916-142-0x0000020735E50000-0x0000020735E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4916-144-0x0000020735E50000-0x0000020735E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4916-147-0x0000020735E50000-0x0000020735E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4916-149-0x0000020735E50000-0x0000020735E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4916-152-0x0000020735E50000-0x0000020735E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4916-155-0x0000020735E50000-0x0000020735E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4916-161-0x0000020737A60000-0x0000020737A70000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4916-175-0x0000020737A60000-0x0000020737A70000-memory.dmp

    Filesize

    64KB

    Download