06294c11050e9e6aace9189e846ea9efb5540f5f709a8d25020d2c000de10630

Resubmissions

23/03/2025, 13:10

250323-qerywsvpv3 10

23/03/2025, 13:09

250323-qd156s1xdv 10

23/03/2025, 13:03

250323-qanqns1wav 10

23/03/2025, 12:58

250323-p7zzjavly4 10

Analysis

max time kernel
447s
max time network
448s
platform
windows11-21h2_x64
resource
win11-20250314-en
resource tags

arch:x64arch:x86image:win11-20250314-enlocale:en-usos:windows11-21h2-x64system
submitted
23/03/2025, 13:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

jarvis (1).jar
Size

639KB
MD5

375e0c326a3c26135513d18352145eb2
SHA1

44bbe6193f58750ef95812c43f162f14d0c2b068
SHA256

06294c11050e9e6aace9189e846ea9efb5540f5f709a8d25020d2c000de10630
SHA512

6e2e763bde862021e30f70a8108f768df7ca6a206b6fd8ace2c31235e506e1012e9df944361bce360186ffebb8236f98fe7f579d30ace29002c2b5409de28ce6
SSDEEP

12288:tL1WQ0/M2IDGL4nywW9fgY/9Rf+p8GN21NgYdSROn3qu02lISjDD0n:tLcQQYDW4ybfgYnip21SGnquplTjDD0n

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 42 IoCs

description	pid	Process
Token: SeIncreaseQuotaPrivilege	4348	wmic.exe
Token: SeSecurityPrivilege	4348	wmic.exe
Token: SeTakeOwnershipPrivilege	4348	wmic.exe
Token: SeLoadDriverPrivilege	4348	wmic.exe
Token: SeSystemProfilePrivilege	4348	wmic.exe
Token: SeSystemtimePrivilege	4348	wmic.exe
Token: SeProfSingleProcessPrivilege	4348	wmic.exe
Token: SeIncBasePriorityPrivilege	4348	wmic.exe
Token: SeCreatePagefilePrivilege	4348	wmic.exe
Token: SeBackupPrivilege	4348	wmic.exe
Token: SeRestorePrivilege	4348	wmic.exe
Token: SeShutdownPrivilege	4348	wmic.exe
Token: SeDebugPrivilege	4348	wmic.exe
Token: SeSystemEnvironmentPrivilege	4348	wmic.exe
Token: SeRemoteShutdownPrivilege	4348	wmic.exe
Token: SeUndockPrivilege	4348	wmic.exe
Token: SeManageVolumePrivilege	4348	wmic.exe
Token: 33	4348	wmic.exe
Token: 34	4348	wmic.exe
Token: 35	4348	wmic.exe
Token: 36	4348	wmic.exe
Token: SeIncreaseQuotaPrivilege	4348	wmic.exe
Token: SeSecurityPrivilege	4348	wmic.exe
Token: SeTakeOwnershipPrivilege	4348	wmic.exe
Token: SeLoadDriverPrivilege	4348	wmic.exe
Token: SeSystemProfilePrivilege	4348	wmic.exe
Token: SeSystemtimePrivilege	4348	wmic.exe
Token: SeProfSingleProcessPrivilege	4348	wmic.exe
Token: SeIncBasePriorityPrivilege	4348	wmic.exe
Token: SeCreatePagefilePrivilege	4348	wmic.exe
Token: SeBackupPrivilege	4348	wmic.exe
Token: SeRestorePrivilege	4348	wmic.exe
Token: SeShutdownPrivilege	4348	wmic.exe
Token: SeDebugPrivilege	4348	wmic.exe
Token: SeSystemEnvironmentPrivilege	4348	wmic.exe
Token: SeRemoteShutdownPrivilege	4348	wmic.exe
Token: SeUndockPrivilege	4348	wmic.exe
Token: SeManageVolumePrivilege	4348	wmic.exe
Token: 33	4348	wmic.exe
Token: 34	4348	wmic.exe
Token: 35	4348	wmic.exe
Token: 36	4348	wmic.exe

Suspicious use of SetWindowsHookEx 4 IoCs

pid	Process
2364	java.exe
2364	java.exe
2364	java.exe
2364	java.exe

Suspicious use of WriteProcessMemory 2 IoCs

description	pid	Process	procid_target
PID 2364 wrote to memory of 4348	2364	java.exe	80
PID 2364 wrote to memory of 4348	2364	java.exe	80

C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
java -jar "C:\Users\Admin\AppData\Local\Temp\jarvis (1).jar"
1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2364
- C:\Windows\System32\Wbem\wmic.exe
  wmic PROCESS GET Name,ProcessId,ExecutablePath /FORMAT:csv
  2⤵
  - Suspicious use of AdjustPrivilegeToken
  PID:4348

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\imageio7364379384280898387.tmp

Filesize
285B

MD5
ef476c8b505e76493f9b4becca60798d

SHA1
a9794161a879103f8ddf30b345a5df46afe8f9a3

SHA256
2819260b9546b0a8a7f52ecd59dca0f99cd991b320f1f6dd6895e0e69de1b540

SHA512
df99caf108854111920e2482bfc24f3e23b9e1070c1e6b2ce4826d63e480d79435d98cf9baa4069560926e4c1f07e62d26fb61c4a5867eef24a33d9f98b6daf3

Download Submit
memory/2364-2-0x0000016CDCDC0000-0x0000016CDD030000-memory.dmp

Filesize
2.4MB

Download
memory/2364-19-0x0000016CDD050000-0x0000016CDD060000-memory.dmp

Filesize
64KB

Download
memory/2364-25-0x0000016CDD080000-0x0000016CDD090000-memory.dmp

Filesize
64KB

Download
memory/2364-23-0x0000016CDD070000-0x0000016CDD080000-memory.dmp

Filesize
64KB

Download
memory/2364-21-0x0000016CDD060000-0x0000016CDD070000-memory.dmp

Filesize
64KB

Download
memory/2364-17-0x0000016CDD040000-0x0000016CDD050000-memory.dmp

Filesize
64KB

Download
memory/2364-15-0x0000016CDD030000-0x0000016CDD040000-memory.dmp

Filesize
64KB

Download
memory/2364-29-0x0000016CDD0A0000-0x0000016CDD0B0000-memory.dmp

Filesize
64KB

Download
memory/2364-27-0x0000016CDD090000-0x0000016CDD0A0000-memory.dmp

Filesize
64KB

Download
memory/2364-34-0x0000016CDB580000-0x0000016CDB581000-memory.dmp

Filesize
4KB

Download
memory/2364-36-0x0000016CDD0B0000-0x0000016CDD0C0000-memory.dmp

Filesize
64KB

Download
memory/2364-37-0x0000016CDB580000-0x0000016CDB581000-memory.dmp

Filesize
4KB

Download
memory/2364-38-0x0000016CDCDC0000-0x0000016CDD030000-memory.dmp

Filesize
2.4MB

Download
memory/2364-39-0x0000016CDD030000-0x0000016CDD040000-memory.dmp

Filesize
64KB

Download
memory/2364-41-0x0000016CDD040000-0x0000016CDD050000-memory.dmp

Filesize
64KB

Download
memory/2364-42-0x0000016CDD050000-0x0000016CDD060000-memory.dmp

Filesize
64KB

Download
memory/2364-43-0x0000016CDD060000-0x0000016CDD070000-memory.dmp

Filesize
64KB

Download
memory/2364-44-0x0000016CDD070000-0x0000016CDD080000-memory.dmp

Filesize
64KB

Download
memory/2364-45-0x0000016CDD080000-0x0000016CDD090000-memory.dmp

Filesize
64KB

Download
memory/2364-46-0x0000016CDD090000-0x0000016CDD0A0000-memory.dmp

Filesize
64KB

Download
memory/2364-47-0x0000016CDD0A0000-0x0000016CDD0B0000-memory.dmp

Filesize
64KB

Download
memory/2364-48-0x0000016CDD0B0000-0x0000016CDD0C0000-memory.dmp

Filesize
64KB

Download
memory/2364-53-0x0000016CDD0C0000-0x0000016CDD0D0000-memory.dmp

Filesize
64KB

Download
memory/2364-54-0x0000016CDD0D0000-0x0000016CDD0E0000-memory.dmp

Filesize
64KB

Download
memory/2364-55-0x0000016CDB580000-0x0000016CDB581000-memory.dmp

Filesize
4KB

Download
memory/2364-57-0x0000016CDD0E0000-0x0000016CDD0F0000-memory.dmp

Filesize
64KB

Download
memory/2364-62-0x0000016CDD0F0000-0x0000016CDD100000-memory.dmp

Filesize
64KB

Download
memory/2364-68-0x0000016CDD100000-0x0000016CDD110000-memory.dmp

Filesize
64KB

Download
memory/2364-76-0x0000016CDB580000-0x0000016CDB581000-memory.dmp

Filesize
4KB

Download
memory/2364-82-0x0000016CDB580000-0x0000016CDB581000-memory.dmp

Filesize
4KB

Download
memory/2364-83-0x0000016CDB580000-0x0000016CDB581000-memory.dmp

Filesize
4KB

Download
memory/2364-99-0x0000016CDD110000-0x0000016CDD120000-memory.dmp

Filesize
64KB

Download
memory/2364-101-0x0000016CDD120000-0x0000016CDD130000-memory.dmp

Filesize
64KB

Download
memory/2364-104-0x0000016CDD130000-0x0000016CDD140000-memory.dmp

Filesize
64KB

Download
memory/2364-106-0x0000016CDD140000-0x0000016CDD150000-memory.dmp

Filesize
64KB

Download
memory/2364-109-0x0000016CDD150000-0x0000016CDD160000-memory.dmp

Filesize
64KB

Download
memory/2364-111-0x0000016CDD0C0000-0x0000016CDD0D0000-memory.dmp

Filesize
64KB

Download
memory/2364-112-0x0000016CDD160000-0x0000016CDD170000-memory.dmp

Filesize
64KB

Download
memory/2364-115-0x0000016CDD0D0000-0x0000016CDD0E0000-memory.dmp

Filesize
64KB

Download
memory/2364-116-0x0000016CDD170000-0x0000016CDD180000-memory.dmp

Filesize
64KB

Download
memory/2364-125-0x0000016CDB580000-0x0000016CDB581000-memory.dmp

Filesize
4KB

Download
memory/2364-131-0x0000016CDD0E0000-0x0000016CDD0F0000-memory.dmp

Filesize
64KB

Download
memory/2364-132-0x0000016CDD180000-0x0000016CDD190000-memory.dmp

Filesize
64KB

Download
memory/2364-133-0x0000016CDB580000-0x0000016CDB581000-memory.dmp

Filesize
4KB

Download
memory/2364-141-0x0000016CDB580000-0x0000016CDB581000-memory.dmp

Filesize
4KB

Download
memory/2364-149-0x0000016CDD0F0000-0x0000016CDD100000-memory.dmp

Filesize
64KB

Download
memory/2364-150-0x0000016CDD190000-0x0000016CDD1A0000-memory.dmp

Filesize
64KB

Download
memory/2364-153-0x0000016CDD1A0000-0x0000016CDD1B0000-memory.dmp

Filesize
64KB

Download
memory/2364-152-0x0000016CDD100000-0x0000016CDD110000-memory.dmp

Filesize
64KB

Download
memory/2364-156-0x0000016CDD1B0000-0x0000016CDD1C0000-memory.dmp

Filesize
64KB

Download
memory/2364-155-0x0000016CDD110000-0x0000016CDD120000-memory.dmp

Filesize
64KB

Download
memory/2364-158-0x0000016CDD120000-0x0000016CDD130000-memory.dmp

Filesize
64KB

Download
memory/2364-159-0x0000016CDD1C0000-0x0000016CDD1D0000-memory.dmp

Filesize
64KB

Download
memory/2364-162-0x0000016CDD1D0000-0x0000016CDD1E0000-memory.dmp

Filesize
64KB

Download
memory/2364-161-0x0000016CDD130000-0x0000016CDD140000-memory.dmp

Filesize
64KB

Download
memory/2364-166-0x0000016CDD140000-0x0000016CDD150000-memory.dmp

Filesize
64KB

Download
memory/2364-167-0x0000016CDD1E0000-0x0000016CDD1F0000-memory.dmp

Filesize
64KB

Download
memory/2364-169-0x0000016CDD150000-0x0000016CDD160000-memory.dmp

Filesize
64KB

Download
memory/2364-170-0x0000016CDD1F0000-0x0000016CDD200000-memory.dmp

Filesize
64KB

Download
memory/2364-196-0x0000016CDD160000-0x0000016CDD170000-memory.dmp

Filesize
64KB

Download
memory/2364-198-0x0000016CDD170000-0x0000016CDD180000-memory.dmp

Filesize
64KB

Download
memory/2364-200-0x0000016CDD180000-0x0000016CDD190000-memory.dmp

Filesize
64KB

Download
memory/2364-201-0x0000016CDD190000-0x0000016CDD1A0000-memory.dmp

Filesize
64KB

Download
memory/2364-202-0x0000016CDD1A0000-0x0000016CDD1B0000-memory.dmp

Filesize
64KB

Download
memory/2364-203-0x0000016CDD1B0000-0x0000016CDD1C0000-memory.dmp

Filesize
64KB

Download
memory/2364-204-0x0000016CDD1C0000-0x0000016CDD1D0000-memory.dmp

Filesize
64KB

Download
memory/2364-205-0x0000016CDD1D0000-0x0000016CDD1E0000-memory.dmp

Filesize
64KB

Download
memory/2364-206-0x0000016CDD1E0000-0x0000016CDD1F0000-memory.dmp

Filesize
64KB

Download
memory/2364-210-0x0000016CDD1F0000-0x0000016CDD200000-memory.dmp

Filesize
64KB

Download
memory/2364-220-0x0000016CDD200000-0x0000016CDD210000-memory.dmp

Filesize
64KB

Download
memory/2364-226-0x0000016CDD210000-0x0000016CDD220000-memory.dmp

Filesize
64KB

Download
memory/2364-231-0x0000016CDD220000-0x0000016CDD230000-memory.dmp

Filesize
64KB

Download
memory/2364-236-0x0000016CDD250000-0x0000016CDD260000-memory.dmp

Filesize
64KB

Download
memory/2364-237-0x0000016CDD240000-0x0000016CDD250000-memory.dmp

Filesize
64KB

Download
memory/2364-240-0x0000016CDD200000-0x0000016CDD210000-memory.dmp

Filesize
64KB

Download
memory/2364-242-0x0000016CDD210000-0x0000016CDD220000-memory.dmp

Filesize
64KB

Download
memory/2364-243-0x0000016CDD260000-0x0000016CDD270000-memory.dmp

Filesize
64KB

Download
memory/2364-245-0x0000016CDD220000-0x0000016CDD230000-memory.dmp

Filesize
64KB

Download
memory/2364-249-0x0000016CDD250000-0x0000016CDD260000-memory.dmp

Filesize
64KB

Download
memory/2364-251-0x0000016CDD270000-0x0000016CDD280000-memory.dmp

Filesize
64KB

Download
memory/2364-255-0x0000016CDD280000-0x0000016CDD290000-memory.dmp

Filesize
64KB

Download
memory/2364-256-0x0000016CDD2A0000-0x0000016CDD2B0000-memory.dmp

Filesize
64KB

Download
memory/2364-258-0x0000016CDD260000-0x0000016CDD270000-memory.dmp

Filesize
64KB

Download
memory/2364-270-0x0000016CDD270000-0x0000016CDD280000-memory.dmp

Filesize
64KB

Download
memory/2364-271-0x0000016CDD280000-0x0000016CDD290000-memory.dmp

Filesize
64KB

Download
memory/2364-272-0x0000016CDD2A0000-0x0000016CDD2B0000-memory.dmp

Filesize
64KB

Download
memory/2364-273-0x0000016CDD2B0000-0x0000016CDD2C0000-memory.dmp

Filesize
64KB

Download
memory/2364-275-0x0000016CDD2C0000-0x0000016CDD2D0000-memory.dmp

Filesize
64KB

Download
memory/2364-307-0x0000016CDD2D0000-0x0000016CDD2E0000-memory.dmp

Filesize
64KB

Download
memory/2364-327-0x0000016CDD2E0000-0x0000016CDD2F0000-memory.dmp

Filesize
64KB

Download
memory/2364-347-0x0000016CDD2F0000-0x0000016CDD300000-memory.dmp

Filesize
64KB

Download
memory/2364-364-0x0000016CDD300000-0x0000016CDD310000-memory.dmp

Filesize
64KB

Download
memory/2364-397-0x0000016CDD310000-0x0000016CDD320000-memory.dmp

Filesize
64KB

Download
memory/2364-422-0x0000016CDD320000-0x0000016CDD330000-memory.dmp

Filesize
64KB

Download
memory/2364-436-0x0000016CDD330000-0x0000016CDD340000-memory.dmp

Filesize
64KB

Download
memory/2364-459-0x0000016CDD340000-0x0000016CDD350000-memory.dmp

Filesize
64KB

Download
memory/2364-510-0x0000016CDD350000-0x0000016CDD360000-memory.dmp

Filesize
64KB

Download
memory/2364-509-0x0000016CDD2C0000-0x0000016CDD2D0000-memory.dmp

Filesize
64KB

Download
memory/2364-512-0x0000016CDD360000-0x0000016CDD370000-memory.dmp

Filesize
64KB

Download
memory/2364-516-0x0000016CDD2D0000-0x0000016CDD2E0000-memory.dmp

Filesize
64KB

Download
memory/2364-517-0x0000016CDD2E0000-0x0000016CDD2F0000-memory.dmp

Filesize
64KB

Download
memory/2364-518-0x0000016CDD2F0000-0x0000016CDD300000-memory.dmp

Filesize
64KB

Download
memory/2364-519-0x0000016CDD370000-0x0000016CDD380000-memory.dmp

Filesize
64KB

Download
memory/2364-520-0x0000016CDD300000-0x0000016CDD310000-memory.dmp

Filesize
64KB

Download
memory/2364-521-0x0000016CDD310000-0x0000016CDD320000-memory.dmp

Filesize
64KB

Download