Overview

overview

10

Static

static

10

0d63eafe7f...99.exe

windows7-x64

8

0d63eafe7f...99.exe

windows10-2004-x64

8

$PLUGINSDI...ge.dll

windows7-x64

1

$PLUGINSDI...ge.dll

windows10-2004-x64

1

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

1921502319...4.xlam

windows7-x64

10

1921502319...4.xlam

windows10-2004-x64

1

27133b9541...e9.vbs

windows7-x64

8

27133b9541...e9.vbs

windows10-2004-x64

6

304278cfa0...1c.xls

windows7-x64

1

304278cfa0...1c.xls

windows10-2004-x64

1

365771facf...77.exe

windows7-x64

10

365771facf...77.exe

windows10-2004-x64

10

397900307d...0c.lnk

windows7-x64

3

397900307d...0c.lnk

windows10-2004-x64

8

3d390249d9...ab.lnk

windows7-x64

3

3d390249d9...ab.lnk

windows10-2004-x64

8

40e5adc952...73.xls

windows7-x64

1

40e5adc952...73.xls

windows10-2004-x64

1

746afcd799...69.xls

windows7-x64

1

746afcd799...69.xls

windows10-2004-x64

1

85af8304fd...9f.jar

windows7-x64

1

85af8304fd...9f.jar

windows10-2004-x64

7

984646a5a7...41.vbs

windows7-x64

10

984646a5a7...41.vbs

windows10-2004-x64

10

9c33e83331...ce.exe

windows7-x64

10

9c33e83331...ce.exe

windows10-2004-x64

10

9f07c02b13...b4.lnk

windows7-x64

3

9f07c02b13...b4.lnk

windows10-2004-x64

10

c0baec4eb2...f.xlam

windows7-x64

10

c0baec4eb2...f.xlam

windows10-2004-x64

1

Resubmissions

21-06-2024 17:47

240621-wdak4syenc 10

17-06-2024 01:02

240617-bd377swhrc 10

Analysis

  • max time kernel
    71s
  • max time network
    54s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17-06-2024 01:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    85af8304fde85bfbd5323012e0f79fab0045a85943454c7757dece03686b049f.jar

  • Size

    448KB

  • MD5

    5f44aa92cda88f8b88f783f5ce2df636

  • SHA1

    f791bc786571bfb36e94ed6a293fa22304a5df78

  • SHA256

    85af8304fde85bfbd5323012e0f79fab0045a85943454c7757dece03686b049f

  • SHA512

    446a86271230343e77530136293ff29467d4166f0b812fc6cc99f53a516e492b21f0fe48fdb033f78db8e7a1620c32c00264d995f948f023ea608cdc2ccb5559

  • SSDEEP

    12288:c75igiDyZEO28Cabb5Je8wUYFkGnwce4U:8EyWO28CaRJVwdFk2Yh

Score
7/10
discovery

Malware Config

Signatures

  • Modifies file permissions 1 TTPs 1 IoCs
    discovery
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\85af8304fde85bfbd5323012e0f79fab0045a85943454c7757dece03686b049f.jar
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4888
    • C:\Windows\system32\icacls.exe
      C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
      2⤵
      • Modifies file permissions
      PID:1744

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp
    Filesize

    46B

    MD5

    6826a1d71b508c5f217b6ea1672d5d5f

    SHA1

    3309d7bfc710d9fc68188cff49af75658afaef8b

    SHA256

    4f907d0ec21439c1b062051049a998b3a1c09baab569de78110150e5e78996dd

    SHA512

    98c7cb3c38e46665cdbbd7fd9c7ccb196ba07de6e37acd6cbaeae8fb6dbd75d4c4f58db870d5740008d2d71e2380fd3478fad39c6668c8302ac6daced555855e

    Download Submit
  • memory/4888-2-0x000002A6ABBE0000-0x000002A6ABE50000-memory.dmp
    Filesize

    2.4MB

    Download
  • memory/4888-12-0x000002A6ABBC0000-0x000002A6ABBC1000-memory.dmp
    Filesize

    4KB

    Download
  • memory/4888-14-0x000002A6ABE50000-0x000002A6ABE60000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-16-0x000002A6ABE60000-0x000002A6ABE70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-21-0x000002A6ABE80000-0x000002A6ABE90000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-20-0x000002A6ABE70000-0x000002A6ABE80000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-24-0x000002A6ABEA0000-0x000002A6ABEB0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-23-0x000002A6ABE90000-0x000002A6ABEA0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-27-0x000002A6ABEB0000-0x000002A6ABEC0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-28-0x000002A6ABEC0000-0x000002A6ABED0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-30-0x000002A6ABED0000-0x000002A6ABEE0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-36-0x000002A6ABF00000-0x000002A6ABF10000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-35-0x000002A6ABEF0000-0x000002A6ABF00000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-38-0x000002A6ABF10000-0x000002A6ABF20000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-34-0x000002A6ABEE0000-0x000002A6ABEF0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-45-0x000002A6ABF40000-0x000002A6ABF50000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-44-0x000002A6ABF30000-0x000002A6ABF40000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-43-0x000002A6ABF20000-0x000002A6ABF30000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-56-0x000002A6ABE50000-0x000002A6ABE60000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-55-0x000002A6ABF70000-0x000002A6ABF80000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-54-0x000002A6ABF60000-0x000002A6ABF70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-53-0x000002A6ABF50000-0x000002A6ABF60000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-52-0x000002A6ABBE0000-0x000002A6ABE50000-memory.dmp
    Filesize

    2.4MB

    Download
  • memory/4888-59-0x000002A6ABF80000-0x000002A6ABF90000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-58-0x000002A6ABE60000-0x000002A6ABE70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-63-0x000002A6ABF90000-0x000002A6ABFA0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-62-0x000002A6ABE80000-0x000002A6ABE90000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-61-0x000002A6ABE70000-0x000002A6ABE80000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-67-0x000002A6ABEA0000-0x000002A6ABEB0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-69-0x000002A6ABFB0000-0x000002A6ABFC0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-68-0x000002A6ABFA0000-0x000002A6ABFB0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-66-0x000002A6ABE90000-0x000002A6ABEA0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-70-0x000002A6ABBC0000-0x000002A6ABBC1000-memory.dmp
    Filesize

    4KB

    Download
  • memory/4888-75-0x000002A6ABFC0000-0x000002A6ABFD0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-74-0x000002A6ABEC0000-0x000002A6ABED0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-78-0x000002A6ABFD0000-0x000002A6ABFE0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-77-0x000002A6ABED0000-0x000002A6ABEE0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-73-0x000002A6ABEB0000-0x000002A6ABEC0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-82-0x000002A6ABFE0000-0x000002A6ABFF0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-81-0x000002A6ABF00000-0x000002A6ABF10000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-80-0x000002A6ABEF0000-0x000002A6ABF00000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-79-0x000002A6ABEE0000-0x000002A6ABEF0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-87-0x000002A6ABF10000-0x000002A6ABF20000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-88-0x000002A6ABFF0000-0x000002A6AC000000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-89-0x000002A6ABBC0000-0x000002A6ABBC1000-memory.dmp
    Filesize

    4KB

    Download
  • memory/4888-90-0x000002A6ABF20000-0x000002A6ABF30000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-92-0x000002A6ABF40000-0x000002A6ABF50000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-91-0x000002A6ABF30000-0x000002A6ABF40000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-94-0x000002A6ABF60000-0x000002A6ABF70000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-95-0x000002A6ABF70000-0x000002A6ABF80000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-96-0x000002A6ABF80000-0x000002A6ABF90000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-97-0x000002A6ABF90000-0x000002A6ABFA0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-100-0x000002A6AC000000-0x000002A6AC010000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-98-0x000002A6ABFA0000-0x000002A6ABFB0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-99-0x000002A6ABFB0000-0x000002A6ABFC0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-103-0x000002A6AC010000-0x000002A6AC020000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-102-0x000002A6ABFC0000-0x000002A6ABFD0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-106-0x000002A6AC020000-0x000002A6AC030000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-105-0x000002A6ABFD0000-0x000002A6ABFE0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-108-0x000002A6ABFE0000-0x000002A6ABFF0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-109-0x000002A6AC030000-0x000002A6AC040000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-111-0x000002A6ABFF0000-0x000002A6AC000000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-112-0x000002A6AC040000-0x000002A6AC050000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-114-0x000002A6AC050000-0x000002A6AC060000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-116-0x000002A6AC060000-0x000002A6AC070000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-118-0x000002A6AC070000-0x000002A6AC080000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-120-0x000002A6AC080000-0x000002A6AC090000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-124-0x000002A6AC0A0000-0x000002A6AC0B0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-123-0x000002A6AC090000-0x000002A6AC0A0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-126-0x000002A6AC000000-0x000002A6AC010000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-127-0x000002A6AC0B0000-0x000002A6AC0C0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-147-0x000002A6ABBC0000-0x000002A6ABBC1000-memory.dmp
    Filesize

    4KB

    Download
  • memory/4888-146-0x000002A6ABBC0000-0x000002A6ABBC1000-memory.dmp
    Filesize

    4KB

    Download
  • memory/4888-150-0x000002A6AC010000-0x000002A6AC020000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-151-0x000002A6AC0C0000-0x000002A6AC0D0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-153-0x000002A6AC020000-0x000002A6AC030000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-154-0x000002A6AC0D0000-0x000002A6AC0E0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-156-0x000002A6AC030000-0x000002A6AC040000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-157-0x000002A6AC0E0000-0x000002A6AC0F0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-160-0x000002A6AC0F0000-0x000002A6AC100000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-159-0x000002A6AC040000-0x000002A6AC050000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-164-0x000002A6AC100000-0x000002A6AC110000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-165-0x000002A6AC110000-0x000002A6AC120000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-163-0x000002A6AC050000-0x000002A6AC060000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-170-0x000002A6AC130000-0x000002A6AC140000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-169-0x000002A6AC120000-0x000002A6AC130000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-168-0x000002A6AC060000-0x000002A6AC070000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-172-0x000002A6AC070000-0x000002A6AC080000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-173-0x000002A6AC140000-0x000002A6AC150000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-178-0x000002A6AC160000-0x000002A6AC170000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-177-0x000002A6AC150000-0x000002A6AC160000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-176-0x000002A6AC080000-0x000002A6AC090000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-185-0x000002A6AC180000-0x000002A6AC190000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-184-0x000002A6AC170000-0x000002A6AC180000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-183-0x000002A6AC0A0000-0x000002A6AC0B0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-182-0x000002A6AC090000-0x000002A6AC0A0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-188-0x000002A6AC190000-0x000002A6AC1A0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-187-0x000002A6AC0B0000-0x000002A6AC0C0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-190-0x000002A6ABBC0000-0x000002A6ABBC1000-memory.dmp
    Filesize

    4KB

    Download
  • memory/4888-213-0x000002A6AC1A0000-0x000002A6AC1B0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-212-0x000002A6AC0C0000-0x000002A6AC0D0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-216-0x000002A6AC0D0000-0x000002A6AC0E0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4888-272-0x000002A6ABBC0000-0x000002A6ABBC1000-memory.dmp
    Filesize

    4KB

    Download