c265f04f075e27e91611d7e88119823702801684bf39e48ca5c0a2232f994ece

Analysis

max time kernel
149s
max time network
143s
platform
windows10-2004_x64
resource
win10v2004-20250217-en
resource tags

arch:x64arch:x86image:win10v2004-20250217-enlocale:en-usos:windows10-2004-x64system
submitted
02/03/2025, 17:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Sorillus/Start.bat
Size

60B
MD5

70c54cd2b9eaaab7ee387b2fa0c0fb4a
SHA1

7b16e52597dd6c3bab3880a1ed3da030667802e7
SHA256

14748fda6836b077a0301788791753013e3a85f0a41b721c1d874c3f75140066
SHA512

20693336461355b51abdc62f674b03bf6d29c73101dcbc775692f60d185d84554d60b7f0467901f1923da0f66e508afea72165eae86f0fa477a372ffe492dc6c

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 1 IoCs

pid	Process
4244	java.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
4244	java.exe

Suspicious use of WriteProcessMemory 2 IoCs

description	pid	Process	procid_target
PID 1364 wrote to memory of 4244	1364	cmd.exe	88
PID 1364 wrote to memory of 4244	1364	cmd.exe	88

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\Sorillus\Start.bat"
1⤵
- Suspicious use of WriteProcessMemory
PID:1364
- C:\Users\Admin\AppData\Local\Temp\Sorillus\jre1.8.0_361\bin\java.exe
  jre1.8.0_361\bin\java.exe -jar -noverify Sorillas.jar
  2⤵
  - Loads dropped DLL
  - Suspicious use of SetWindowsHookEx
  PID:4244

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\Sorillus\.tmp\+JXF2418782446110130968.tmp

Filesize
164KB

MD5
8a36205bd9b83e03af0591a004bc97f4

SHA1
56c5c0d38bde4c1f1549dda43db37b09c608aad3

SHA256
4e147ab64b9fdf6d89d01f6b8c3ca0b3cddc59d608a8e2218f9a2504b5c98e14

SHA512
e96b43b0ca3fd7775d75a702f44cd1b0dfd325e1db317f7cba84efdf572571fe7594068f9132a937251aab8bd1f68783213677d4953aca197195fbe5db1f90d7

Download Submit
C:\Users\Admin\Sorillus\.tmp\+JXF2513392582562084782.tmp

Filesize
217KB

MD5
1bf71be111189e76987a4bb9b3115cb7

SHA1
40442c189568184b6e6c27a25d69f14d91b65039

SHA256
cf5f5184c1441a1660aa52526328e9d5c2793e77b6d8d3a3ad654bdb07ab8424

SHA512
cb18b69e98a194af5e3e3d982a75254f3a20bd94c68816a15f38870b9be616cef0c32033f253219cca9146b2b419dd6df28cc4ceeff80d01f400aa0ed101e061

Download Submit
C:\Users\Admin\Sorillus\.tmp\+JXF455043356294732740.tmp

Filesize
52KB

MD5
de2d73ffb31b036a481049751970e2ca

SHA1
5c26b381aa54a3336729cbaf4281620e03c34873

SHA256
5afafd11dad40cc06023a6a5c1a6793b1cb55720314a18d4352879d6214b014e

SHA512
f19bda9d9f355dab1ae3846c5e3a6535e59c529d0efe6204dd54000f3e088cf94099a1ccab94c0fadf7631385b94ca8c667f76c0556066ea49f06b2ac1479adb

Download Submit
C:\Users\Admin\Sorillus\.tmp\slfxblur4613911559652954850.dll

Filesize
14KB

MD5
7d98ecc5e5bc1b00731df7bd0c851abd

SHA1
15e4408f7d94b65c515b646d2e5953314b0e17c6

SHA256
fd7bf95651d114ff200322162e7b71f5090bb8632b506d45f8ea65bb0854635d

SHA512
d1b071e0a36cb2e94811fe49b7934ad9c66f3b03231c79d78a38bb31d486bbc1bcfee7fbac1ae617705165396bfad93f8d547d96300f1d9cfecbd03cb24bb569

Download Submit
memory/4244-2-0x000001DC00000000-0x000001DC00270000-memory.dmp

Filesize
2.4MB

Download
memory/4244-12-0x000001DC7B7E0000-0x000001DC7B7E1000-memory.dmp

Filesize
4KB

Download
memory/4244-18-0x000001DC7B7E0000-0x000001DC7B7E1000-memory.dmp

Filesize
4KB

Download
memory/4244-20-0x000001DC00270000-0x000001DC00280000-memory.dmp

Filesize
64KB

Download
memory/4244-22-0x000001DC00280000-0x000001DC00290000-memory.dmp

Filesize
64KB

Download
memory/4244-25-0x000001DC00290000-0x000001DC002A0000-memory.dmp

Filesize
64KB

Download
memory/4244-26-0x000001DC002A0000-0x000001DC002B0000-memory.dmp

Filesize
64KB

Download
memory/4244-28-0x000001DC002B0000-0x000001DC002C0000-memory.dmp

Filesize
64KB

Download
memory/4244-39-0x000001DC002C0000-0x000001DC002D0000-memory.dmp

Filesize
64KB

Download
memory/4244-49-0x000001DC002D0000-0x000001DC002E0000-memory.dmp

Filesize
64KB

Download
memory/4244-63-0x000001DC002E0000-0x000001DC002F0000-memory.dmp

Filesize
64KB

Download
memory/4244-66-0x000001DC002F0000-0x000001DC00300000-memory.dmp

Filesize
64KB

Download
memory/4244-68-0x000001DC00000000-0x000001DC00270000-memory.dmp

Filesize
2.4MB

Download
memory/4244-69-0x000001DC00300000-0x000001DC00310000-memory.dmp

Filesize
64KB

Download
memory/4244-72-0x000001DC00310000-0x000001DC00320000-memory.dmp

Filesize
64KB

Download
memory/4244-71-0x000001DC00270000-0x000001DC00280000-memory.dmp

Filesize
64KB

Download
memory/4244-76-0x000001DC00320000-0x000001DC00330000-memory.dmp

Filesize
64KB

Download
memory/4244-75-0x000001DC00280000-0x000001DC00290000-memory.dmp

Filesize
64KB

Download
memory/4244-79-0x000001DC00330000-0x000001DC00340000-memory.dmp

Filesize
64KB

Download
memory/4244-78-0x000001DC00290000-0x000001DC002A0000-memory.dmp

Filesize
64KB

Download
memory/4244-82-0x000001DC00340000-0x000001DC00350000-memory.dmp

Filesize
64KB

Download
memory/4244-81-0x000001DC002A0000-0x000001DC002B0000-memory.dmp

Filesize
64KB

Download
memory/4244-89-0x000001DC002C0000-0x000001DC002D0000-memory.dmp

Filesize
64KB

Download
memory/4244-88-0x000001DC00360000-0x000001DC00370000-memory.dmp

Filesize
64KB

Download
memory/4244-87-0x000001DC00350000-0x000001DC00360000-memory.dmp

Filesize
64KB

Download
memory/4244-86-0x000001DC002B0000-0x000001DC002C0000-memory.dmp

Filesize
64KB

Download
memory/4244-92-0x000001DC00370000-0x000001DC00380000-memory.dmp

Filesize
64KB

Download
memory/4244-91-0x000001DC002D0000-0x000001DC002E0000-memory.dmp

Filesize
64KB

Download
memory/4244-95-0x000001DC00380000-0x000001DC00390000-memory.dmp

Filesize
64KB

Download
memory/4244-94-0x000001DC002E0000-0x000001DC002F0000-memory.dmp

Filesize
64KB

Download
memory/4244-98-0x000001DC00390000-0x000001DC003A0000-memory.dmp

Filesize
64KB

Download
memory/4244-97-0x000001DC002F0000-0x000001DC00300000-memory.dmp

Filesize
64KB

Download
memory/4244-101-0x000001DC003A0000-0x000001DC003B0000-memory.dmp

Filesize
64KB

Download
memory/4244-100-0x000001DC00300000-0x000001DC00310000-memory.dmp

Filesize
64KB

Download
memory/4244-104-0x000001DC003B0000-0x000001DC003C0000-memory.dmp

Filesize
64KB

Download
memory/4244-103-0x000001DC00310000-0x000001DC00320000-memory.dmp

Filesize
64KB

Download
memory/4244-109-0x000001DC003C0000-0x000001DC003D0000-memory.dmp

Filesize
64KB

Download
memory/4244-108-0x000001DC00320000-0x000001DC00330000-memory.dmp

Filesize
64KB

Download
memory/4244-111-0x000001DC003D0000-0x000001DC003E0000-memory.dmp

Filesize
64KB

Download
memory/4244-110-0x000001DC00330000-0x000001DC00340000-memory.dmp

Filesize
64KB

Download
memory/4244-114-0x000001DC003E0000-0x000001DC003F0000-memory.dmp

Filesize
64KB

Download
memory/4244-113-0x000001DC00340000-0x000001DC00350000-memory.dmp

Filesize
64KB

Download
memory/4244-120-0x000001DC003F0000-0x000001DC00400000-memory.dmp

Filesize
64KB

Download
memory/4244-119-0x000001DC00360000-0x000001DC00370000-memory.dmp

Filesize
64KB

Download
memory/4244-118-0x000001DC00350000-0x000001DC00360000-memory.dmp

Filesize
64KB

Download
memory/4244-126-0x000001DC00410000-0x000001DC00420000-memory.dmp

Filesize
64KB

Download
memory/4244-125-0x000001DC00370000-0x000001DC00380000-memory.dmp

Filesize
64KB

Download
memory/4244-123-0x000001DC00400000-0x000001DC00410000-memory.dmp

Filesize
64KB

Download
memory/4244-128-0x000001DC00380000-0x000001DC00390000-memory.dmp

Filesize
64KB

Download
memory/4244-131-0x000001DC00430000-0x000001DC00440000-memory.dmp

Filesize
64KB

Download
memory/4244-130-0x000001DC00390000-0x000001DC003A0000-memory.dmp

Filesize
64KB

Download
memory/4244-129-0x000001DC00420000-0x000001DC00430000-memory.dmp

Filesize
64KB

Download
memory/4244-136-0x000001DC00440000-0x000001DC00450000-memory.dmp

Filesize
64KB

Download
memory/4244-135-0x000001DC003A0000-0x000001DC003B0000-memory.dmp

Filesize
64KB

Download
memory/4244-141-0x000001DC00450000-0x000001DC00460000-memory.dmp

Filesize
64KB

Download
memory/4244-140-0x000001DC003B0000-0x000001DC003C0000-memory.dmp

Filesize
64KB

Download
memory/4244-144-0x000001DC00460000-0x000001DC00470000-memory.dmp

Filesize
64KB

Download
memory/4244-143-0x000001DC003C0000-0x000001DC003D0000-memory.dmp

Filesize
64KB

Download
memory/4244-146-0x000001DC003D0000-0x000001DC003E0000-memory.dmp

Filesize
64KB

Download
memory/4244-147-0x000001DC00470000-0x000001DC00480000-memory.dmp

Filesize
64KB

Download
memory/4244-150-0x000001DC00480000-0x000001DC00490000-memory.dmp

Filesize
64KB

Download
memory/4244-149-0x000001DC003E0000-0x000001DC003F0000-memory.dmp

Filesize
64KB

Download
memory/4244-153-0x000001DC00490000-0x000001DC004A0000-memory.dmp

Filesize
64KB

Download
memory/4244-152-0x000001DC003F0000-0x000001DC00400000-memory.dmp

Filesize
64KB

Download
memory/4244-157-0x000001DC004A0000-0x000001DC004B0000-memory.dmp

Filesize
64KB

Download
memory/4244-156-0x000001DC00400000-0x000001DC00410000-memory.dmp

Filesize
64KB

Download
memory/4244-162-0x000001DC004B0000-0x000001DC004C0000-memory.dmp

Filesize
64KB

Download
memory/4244-161-0x000001DC00420000-0x000001DC00430000-memory.dmp

Filesize
64KB

Download
memory/4244-171-0x000001DC00430000-0x000001DC00440000-memory.dmp

Filesize
64KB

Download
memory/4244-170-0x000001DC004F0000-0x000001DC00500000-memory.dmp

Filesize
64KB

Download
memory/4244-169-0x000001DC004D0000-0x000001DC004E0000-memory.dmp

Filesize
64KB

Download
memory/4244-168-0x000001DC004E0000-0x000001DC004F0000-memory.dmp

Filesize
64KB

Download
memory/4244-167-0x000001DC004C0000-0x000001DC004D0000-memory.dmp

Filesize
64KB

Download
memory/4244-160-0x000001DC00410000-0x000001DC00420000-memory.dmp

Filesize
64KB

Download
memory/4244-176-0x000001DC00500000-0x000001DC00510000-memory.dmp

Filesize
64KB

Download
memory/4244-175-0x000001DC00440000-0x000001DC00450000-memory.dmp

Filesize
64KB

Download
memory/4244-179-0x000001DC00510000-0x000001DC00520000-memory.dmp

Filesize
64KB

Download
memory/4244-178-0x000001DC00450000-0x000001DC00460000-memory.dmp

Filesize
64KB

Download
memory/4244-181-0x000001DC00460000-0x000001DC00470000-memory.dmp

Filesize
64KB

Download
memory/4244-182-0x000001DC00520000-0x000001DC00530000-memory.dmp

Filesize
64KB

Download
memory/4244-183-0x000001DC7B7E0000-0x000001DC7B7E1000-memory.dmp

Filesize
4KB

Download
memory/4244-186-0x000001DC00530000-0x000001DC00540000-memory.dmp

Filesize
64KB

Download
memory/4244-185-0x000001DC00470000-0x000001DC00480000-memory.dmp

Filesize
64KB

Download
memory/4244-188-0x000001DC00480000-0x000001DC00490000-memory.dmp

Filesize
64KB

Download
memory/4244-189-0x000001DC00540000-0x000001DC00550000-memory.dmp

Filesize
64KB

Download
memory/4244-191-0x000001DC00490000-0x000001DC004A0000-memory.dmp

Filesize
64KB

Download
memory/4244-192-0x000001DC00550000-0x000001DC00560000-memory.dmp

Filesize
64KB

Download
memory/4244-194-0x000001DC004A0000-0x000001DC004B0000-memory.dmp

Filesize
64KB

Download
memory/4244-195-0x000001DC00560000-0x000001DC00570000-memory.dmp

Filesize
64KB

Download
memory/4244-198-0x000001DC00570000-0x000001DC00580000-memory.dmp

Filesize
64KB

Download
memory/4244-197-0x000001DC004B0000-0x000001DC004C0000-memory.dmp

Filesize
64KB

Download
memory/4244-202-0x000001DC004D0000-0x000001DC004E0000-memory.dmp

Filesize
64KB

Download
memory/4244-204-0x000001DC00580000-0x000001DC00590000-memory.dmp

Filesize
64KB

Download
memory/4244-203-0x000001DC004F0000-0x000001DC00500000-memory.dmp

Filesize
64KB

Download
memory/4244-201-0x000001DC004E0000-0x000001DC004F0000-memory.dmp

Filesize
64KB

Download
memory/4244-200-0x000001DC004C0000-0x000001DC004D0000-memory.dmp

Filesize
64KB

Download
memory/4244-208-0x000001DC00500000-0x000001DC00510000-memory.dmp

Filesize
64KB

Download
memory/4244-209-0x000001DC005A0000-0x000001DC005B0000-memory.dmp

Filesize
64KB

Download
memory/4244-207-0x000001DC00590000-0x000001DC005A0000-memory.dmp

Filesize
64KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads