Overview

overview

10

Static

static

10

Sorillus/Sorillas.jar

windows7-x64

1

Sorillus/Sorillas.jar

windows10-2004-x64

1

Sorillus/Start.bat

windows7-x64

7

Sorillus/Start.bat

windows10-2004-x64

7

Sorillus/j...e.html

windows7-x64

3

Sorillus/j...e.html

windows10-2004-x64

3

Sorillus/j...64.dll

windows7-x64

1

Sorillus/j...64.dll

windows10-2004-x64

1

Sorillus/j...64.dll

windows7-x64

1

Sorillus/j...64.dll

windows10-2004-x64

1

Sorillus/j...64.dll

windows7-x64

1

Sorillus/j...64.dll

windows10-2004-x64

1

Sorillus/j...-0.dll

windows10-2004-x64

1

Sorillus/j...-0.dll

windows10-2004-x64

1

Sorillus/j...-0.dll

windows10-2004-x64

1

Sorillus/j...-0.dll

windows10-2004-x64

1

Sorillus/j...-0.dll

windows10-2004-x64

1

Sorillus/j...-0.dll

windows10-2004-x64

1

Sorillus/j...-0.dll

windows10-2004-x64

1

Sorillus/j...-0.dll

windows10-2004-x64

1

Sorillus/j...-0.dll

windows10-2004-x64

1

Sorillus/j...-0.dll

windows10-2004-x64

1

Sorillus/j...-0.dll

windows10-2004-x64

1

Sorillus/j...-0.dll

windows10-2004-x64

1

Sorillus/j...-0.dll

windows10-2004-x64

1

Sorillus/j...-0.dll

windows10-2004-x64

1

Sorillus/j...-0.dll

windows10-2004-x64

1

Sorillus/j...-0.dll

windows10-2004-x64

1

Sorillus/j...-0.dll

windows10-2004-x64

1

Sorillus/j...-1.dll

windows10-2004-x64

1

Sorillus/j...-0.dll

windows10-2004-x64

1

Sorillus/j...-0.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20250207-en
  • resource tags

    arch:x64arch:x86image:win7-20250207-enlocale:en-usos:windows7-x64system
  • submitted
    02/03/2025, 17:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Sorillus/jre1.8.0_361/Welcome.html

  • Size

    955B

  • MD5

    b292ae0fb1b4f20a7d0f8791af97db50

  • SHA1

    476fecd1d9b61151a1ff622454c8095e41ca5178

  • SHA256

    b95219f315577a786ea61060252b1fcd8bbf1266003f3f045c5d1fe612dbe87b

  • SHA512

    1bc45e9453f70abf7625c3a0f6506c22cb3de10ca4005a97df460b14a174c0484e0994af63978151cf5436edaf77519151dd9a0606764e2426707457b13828a7

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Sorillus\jre1.8.0_361\Welcome.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2136
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2136 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2872

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    71KB

    MD5

    83142242e97b8953c386f988aa694e4a

    SHA1

    833ed12fc15b356136dcdd27c61a50f59c5c7d50

    SHA256

    d72761e1a334a754ce8250e3af7ea4bf25301040929fd88cf9e50b4a9197d755

    SHA512

    bb6da177bd16d163f377d9b4c63f6d535804137887684c113cc2f643ceab4f34338c06b5a29213c23d375e95d22ef417eac928822dfb3688ce9e2de9d5242d10

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a62332bf19aa87990bfb68cfa012ecc9

    SHA1

    0ed5cf9171f074c64d137b0a268fba4acf00f4f9

    SHA256

    6d2df58554adcce805690f2664a7ac6969d1e33532b9bb1b9dc80dfad937f67b

    SHA512

    fe6ce0a00a509adf4f3832a08bfd6524eee708f58011cddb34c4152f966cefacb6643efb9b35c401a4d16e1f767bb7739243d8f6aa4c4c658ea5d48a4974f64f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    dba06f635f313e704be9458d7d1e2ba2

    SHA1

    057bb8afaecd63dbb4c8aacb5daa996c24e1843d

    SHA256

    f76f723faa2183cdce311d54752ba842bcce362768ec53d6166feb3e1a7da954

    SHA512

    34c44e472ae56690f2a4d3ce5094ef90ffcc80e5dd1ae484f20ad541289928e2ee22c9ad6487017b0adc4923a48acce0545f70b54a7fae614ef5388ec64562b5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5355e5f05baed23d8ab7bd4e8ddc9013

    SHA1

    e23c0a632750a7b34e9e7efc156e09346a270d6b

    SHA256

    8c7f4bfb41ebf72d73206b56eb87396685f4b982073fec2af0de4213ea54904a

    SHA512

    8fef93805325d697989c603d4bd06dce9d98c52909270d832ed7658a9ac3103d206bb6574e27e36b96242371908505910ab54dbb0f07874e1d9c7c6a06602ade

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f0187bf8633bd6aaad25102ac9ada718

    SHA1

    c56cb355a198279c13a2b9358c3c440ccb67b101

    SHA256

    5534998b6954e341a4f679c2302b9531c5b3bdc04af399a8852accd5293354fc

    SHA512

    31befd841d50d1fa0aaea8ea5743ada9370aea1e330176a415a7c20819a42636c878cc2d1f49c9aeee813d3f13d07a5d32a8f408da00afb20b5d051d62aba819

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    86efbc27aebfa95769374ca5bdb068fd

    SHA1

    5d91eb624197a25bd3d36731d3b5cb352f89122b

    SHA256

    238ed070d5d1b0f121571e62b9a7f8a34fed4d284b8b703c8b925fc00c01c7aa

    SHA512

    68509506adff47f30ce37e744fbde223ed7b080329cdc7aab194cc61ae1096db0c63a412784dded53f5e8948156e5d7666cf5817ec6948073949504b6f155b01

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    27858d3410b34cde3de94a9bdbc8f3bd

    SHA1

    a3be5f73c67606d1b1a63d076e0b91fc05fae8b7

    SHA256

    88cbf08b4357b500e844ed9ab6a4116f510ba58613c07a4331346423e27b6042

    SHA512

    9ef8e398f19842eaaed1576c66574cf4bdafa1377133cf0b2a6cb55665f372cd572f2d1f3893eaf32dbf699c31e6ad0e6a73f4dcc8a12b388d9946f770874edb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    3b8e9a04111d1ce76342b9473f028309

    SHA1

    552e95541bdbc2599b824e5b29ebd544223f1842

    SHA256

    c56430bcb4ab39fa830c9381a97f8badd1775e63416db80dff96136c4128058c

    SHA512

    a0ecc8e1730fd51938b4b5bda7d8d9e37b6d5a894dcf84c24358e0e61c8d37d1496412d116f58b235bff961e5b86c9e21d43f98efb846d844a611ab478595790

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    880fb26c2f393d89e9e5d7df26ad804c

    SHA1

    51233e32668dd6cb9ddf39488a4dbebb0a6e699a

    SHA256

    ca2cc8b9275d925d6ded36f0b5c52b49c7170a7acb5fa1ff53ebaec9bd5eeac6

    SHA512

    3b4d60fd0ff79a60f02e5145d46f8e8844d7701f535b748c629b053c3247151125a0b8ff66abecc9a1564cd9778ea864cd80169a39d5724556ffefdc5fb8a147

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    fda294442789de41beaf388f093c2b7c

    SHA1

    e3c887a4003c62230481af0471bb5d00e23a2eb8

    SHA256

    9d86d8a1ea0712aae14fa5a98c3fde2a578aaf3af7cfe7448341c04574c5ee87

    SHA512

    89233f3274def784bc84a0455ad227aed17137d5ed5693de4b669992cbbc7e96e9603493878e3e82b43e040b6fb35d22430c5bad201c0f1633ffa9f67fdcd017

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e4293addbabd9261dd0623dcf4a0d10a

    SHA1

    bc00372662ac236c464d753b42c96db093206865

    SHA256

    5e6a68e716d09093a886c7d5807063b6d8f2b92f303c8475fa713bbb0fd64c66

    SHA512

    cbf04f40ac239bf7e16debca3f2af98f0aac55f1934436356a484402e2a3d9dd456c28260297fcb5008ebba137466c3c66389875fccd4f08f02643649e7d995d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8e1a0d8eeea002231afadfe961413ace

    SHA1

    dc1698e9bf9cf1b1706ae8834c0c3b4ea5babbf9

    SHA256

    4e8101cae07db3ea1cacea7654706a061d0ba8c7dca844f7285ec240429d8d15

    SHA512

    62e2afd3f45d7f377e0e0c5be0d3100e897f27ac0bf12bacaca154b7e5f78d5ce6c7e1a71b5171d2e2b01ba37e8b0fe2b22654346b0dc9eb89533c7bcea88670

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a9951594bc153c244af09f8d3e7b17c5

    SHA1

    6dbbfc9091af306692ae83af3f749106cab7c20a

    SHA256

    668e4caf1b1103170c5ed1432bc768bb5b1ccc55c251bf7cff7daa85e615dc91

    SHA512

    2f0cebe94c885bc51be153ec2343d3fe4fda97eb0030c15ee643c8149ff3a81a5c3b5df4dbba49350ddbacebf3373f04e1c8caaf5f66202193947c2ccd88546c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    7ec3419299a6025244d73620748c7dd5

    SHA1

    d0234cb27492a7691f0edb15efd78f803d6b00db

    SHA256

    3fd14b43abc1f9b7d02cf93ee6d6b01f1d96460395c58ed3c54b89ed51df3236

    SHA512

    3c2e76cf9ae3444704aff5df93ca47b902cf948628650b29fe5077dfaf5c1bfc19166117811bc33a32c80d6306b9175003b08fbbf9ad5ccaa1a794d30930859f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    206be41167e325b68b180919f8c1f23a

    SHA1

    249a0a81391694ea7845de2a40b1948ce24986c7

    SHA256

    0c091717b8f3bcb7063b6616d77cbcee01b305c0fd75892e5f09d0a7139f8315

    SHA512

    26145ca11464107b66aa35ab3e145eb288fa83c3833e9a6e2eabfe21318c7e51d569ab2b5969a4f1ff78b5352034c4dabaec084bad236a00449b386aee16909f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    03714b3790f996c832e104ae02696764

    SHA1

    2c8708c5deaea50de804bf8291e7ed5b7fa4ec1c

    SHA256

    5874bf846a5f90f26f9a696e547f9a35376152aa903e73fb731ee3ff57c20fbd

    SHA512

    3cefa7989acd076cb0bd6102efd0e77153536245aa35ae83e71277dab21efaec96fbe3a2653dde62f8aed203753cc39d9a67ee2f5961c3d04c3519b8df3d8d42

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    207c50671ef1ceb6a0d3dfae2d04c948

    SHA1

    fe2f3b3d1989a8738e3a0e1ecfd2abacb814a098

    SHA256

    1a6bf5ea77725f1863be903cc6fd79df115e5af44bc336542b621dd5c1a802a2

    SHA512

    5a41a67e254cf6a31896e11b9e708b82d2ed17e244a86fe3a2eff65cbc6b25c4ae10647788d05a8a3f70d9ee1c6f8f3bd29a81e672f6850f50c04ef250c9cd96

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    17c0c48e0f0d4bab3dd0e0a6ec7aef79

    SHA1

    cca8ad30252ba839f30c261e57c50384c922f048

    SHA256

    77430dcfcb9d6291683540e9df6f3177de8b20d1e1642bc60c45febd85174934

    SHA512

    6a1a669475cfb18f2abcea1d704b9ec453eac5e4563118f7ada6e81cf8ef2f80586a2eb60fc1bd7fb1824e2519dd6f3796a43444040ea2d964b9e5bfb2a53e7d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab1410.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1501.tmp
    Filesize

    183KB

    MD5

    109cab5505f5e065b63d01361467a83b

    SHA1

    4ed78955b9272a9ed689b51bf2bf4a86a25e53fc

    SHA256

    ea6b7f51e85835c09259d9475a7d246c3e764ad67c449673f9dc97172c351673

    SHA512

    753a6da5d6889dd52f40208e37f2b8c185805ef81148682b269fff5aa84a46d710fe0ebfe05bce625da2e801e1c26745998a41266fa36bf47bc088a224d730cc

    Download Submit