popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

20210616docusign.jar

  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6402 June 17, 2021, 5:48 p.m. June 17, 2021, 5:50 p.m.
Size 88.5KB
Type Zip archive data, at least v2.0 to extract
MD5 19fccaa759dbcdae8a35ad3f547442b7
SHA256 b3021f6951937c4a31a049003ab2dc87ceb6da8de1dbc451d8a690701081d40f
CRC32 9107FEF0
ssdeep 1536:2QHioKTSnJgjI5h0u7W8jetWVFXUBcJUt8mHIsXuiauO8AN1gCJ:2AbQ0PXYcJUK1FuO8ANLJ
Yara None matched

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
172.217.25.14 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

GlobalMemoryStatusEx

 1 1 0
Time & API Arguments Status Return Repeated

NtProtectVirtualMemory

 process_identifier: 1520
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
length: 2555904
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x00000000023e0000
process_handle: 0xffffffffffffffff
1 0 0
host 172.217.25.14
MicroWorld-eScan Java.Trojan.GenericGBA.29493
FireEye Java.Trojan.GenericGBA.29493
Cyren Java/Kryptik.F.gen!Eldorado
ESET-NOD32 multiple detections
Kaspersky HEUR:Trojan.Java.Agent.gen
BitDefender Java.Trojan.GenericGBA.29493
AegisLab Trojan.Script.Generic.4!c
Ad-Aware Java.Trojan.GenericGBA.29493
Emsisoft Java.Trojan.GenericGBA.29493 (B)
DrWeb Java.Siggen.491
McAfee-GW-Edition Java/Agent!4ACE236CAE14
Avira EXP/JAVA.SpyAgent.VPB.Gen
MAX malware (ai score=84)
Microsoft Trojan:Java/StrRat.B!MTB
ZoneAlarm HEUR:Trojan.Java.Agent.gen
GData Java.Trojan.Agent.FJYIC2
Cynet Malicious (score: 99)
Yandex Trojan.Etecer.bVydoM.32
Ikarus Trojan.Java.GenericGBA
Fortinet Java/Agent.R!tr.spy
count 3478 name heapspray process java.exe total_mb 869 length 262144 protection PAGE_READWRITE