Overview

overview

10

Static

static

3

CrystalDec...ed.dll

windows10-1703-x64

1

KFlauncher.exe

windows10-1703-x64

10

PROPAMAT/A...rk.dll

windows10-1703-x64

1

PROPAMAT/C...et.dll

windows10-1703-x64

1

PROPAMAT/C...ne.dll

windows10-1703-x64

1

PROPAMAT/C...ce.dll

windows10-1703-x64

1

PROPAMAT/C...ms.dll

windows10-1703-x64

1

PROPAMAT/E_Mail.dll

windows10-1703-x64

1

PROPAMAT/E_Net.dll

windows10-1703-x64

1

PROPAMAT/FlDTE.dll

windows10-1703-x64

1

PROPAMAT/F...on.dll

windows10-1703-x64

1

PROPAMAT/F...on.dll

windows10-1703-x64

1

PROPAMAT/F...PE.dll

windows10-1703-x64

1

PROPAMAT/F...es.dll

windows10-1703-x64

1

PROPAMAT/F...PE.dll

windows10-1703-x64

1

PROPAMAT/F...nt.dll

windows10-1703-x64

1

PROPAMAT/F...rk.dll

windows10-1703-x64

1

jre/lib/ex...rn.jar

windows10-1703-x64

7

jre/lib/ext/sunec.jar

windows10-1703-x64

7

jre/lib/ex...er.jar

windows10-1703-x64

7

jre/lib/ex...11.jar

windows10-1703-x64

7

jre/lib/javaws.jar

windows10-1703-x64

7

jre/lib/jce.jar

windows10-1703-x64

7

jre/lib/jfr.jar

windows10-1703-x64

7

jre/lib/jfxswt.jar

windows10-1703-x64

7

jre/lib/jsse.jar

windows10-1703-x64

7

jre/lib/ma...nt.jar

windows10-1703-x64

7

jre/lib/plugin.jar

windows10-1703-x64

7

jre/lib/resources.jar

windows10-1703-x64

7

jre/lib/rt.jar

windows10-1703-x64

7

jre/lib/se...cy.jar

windows10-1703-x64

7

jre/lib/se...cy.jar

windows10-1703-x64

7

Analysis

  • max time kernel
    274s
  • max time network
    623s
  • platform
    windows10-1703_x64
  • resource
    win10-20240611-en
  • resource tags

    arch:x64arch:x86image:win10-20240611-enlocale:en-usos:windows10-1703-x64system
  • submitted
    30-06-2024 18:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    jre/lib/ext/sunpkcs11.jar

  • Size

    244KB

  • MD5

    2e33d8f1fbeb9239c6ffc0d36de772d1

  • SHA1

    3f881e3b34693a96cd3d9e20d6aeabae98757359

  • SHA256

    938c497e97e893d0b9325522475ad9fb2c365a4af832ed180b570c3e4e6fd559

  • SHA512

    db9a5b0f269bbfc9cb712d8bf170414d649cd72f0deeccdc3a4d742430e2e29e203f7e462d2df8f9ec2c82723a8a56ff8fd409cdcbe66547c798b15370b8db65

  • SSDEEP

    6144:dKtThM4XbBG7v3jUAbE0MEIynrI25ENN/kv1Pv:dKphM4X1G7PjlbE0MxHLbC

Score
7/10
discovery

Malware Config

Signatures

  • Modifies file permissions 1 TTPs 1 IoCs
    discovery
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\jre\lib\ext\sunpkcs11.jar
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4416
    • C:\Windows\system32\icacls.exe
      C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
      2⤵
      • Modifies file permissions
      PID:2304

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp
    Filesize

    46B

    MD5

    7a44f1f5f4e9d34e8977285a9749add1

    SHA1

    1850e793722a1dc1212efade1f222a487f61883f

    SHA256

    bafcb85bd2b86e6b7b169aad814100e12be8d16624c8623e0543c8809cd50512

    SHA512

    8cadce6382ca651469f7ac655fdca4054142c5f2379a6f1dd070de4b92eebc86e5536d26818a5f6acbefe439c0d75f4afe1539e1d02a3dc64737842b527ddfbb

    Download Submit
  • memory/4416-2-0x000001EDE2DF0000-0x000001EDE3060000-memory.dmp
    Filesize

    2.4MB

    Download
  • memory/4416-12-0x000001EDE14E0000-0x000001EDE14E1000-memory.dmp
    Filesize

    4KB

    Download
  • memory/4416-13-0x000001EDE2DF0000-0x000001EDE3060000-memory.dmp
    Filesize

    2.4MB

    Download