popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

TNWKX9Z3WCY9YXCB.jar

  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6402 June 18, 2021, 9:48 a.m. June 18, 2021, 10 a.m.
Size 119.3KB
Type Zip archive data, at least v2.0 to extract
MD5 082a3c07f697e6b1cd18ca2840f3a4df
SHA256 b2c0ed5a59226d8b39ff0423578bee2dec4a485f5f45a3feb96fcdc254e250ea
CRC32 5EA58551
ssdeep 3072:xLL1QdgJcWPKI5oEVgjgFRkyv12uQmNGxKXQ4lZjBv:xLL2Qca5oEYBy99Q2vXQwZ1
Yara None matched

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
172.217.25.14 Active Moloch

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

GlobalMemoryStatusEx

 1 1 0
Time & API Arguments Status Return Repeated

NtProtectVirtualMemory

 process_identifier: 7180
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
length: 2555904
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x00000000024a0000
process_handle: 0xffffffffffffffff
1 0 0
host 172.217.25.14
McAfee Artemis!082A3C07F697
Alibaba Trojan:JAVA/Adwind.f13b8a45
Arcabit Trojan.Generic.D2C57D32
Cyren Trojan.LUVQ-1
Symantec Trojan.Maljava
ESET-NOD32 a variant of Java/Adwind.AXP
TrendMicro-HouseCall TROJ_FRS.VSNTFG21
Cynet Malicious (score: 99)
Kaspersky HEUR:Trojan.Script.Generic
BitDefender Trojan.GenericKD.46497074
NANO-Antivirus Exploit.Script.Nemucod.dzzhbf
MicroWorld-eScan Trojan.GenericKD.46497074
Ad-Aware Trojan.GenericKD.46497074
Emsisoft Trojan.GenericKD.46497074 (B)
F-Secure Exploit.EXP/JAVA.Banload.MRAF.Gen
DrWeb Java.Dropper.46
TrendMicro TROJ_FRS.VSNTFG21
McAfee-GW-Edition BehavesLike.Downloader.cc
FireEye Trojan.GenericKD.46497074
Ikarus Trojan.Java.Adwind
GData Trojan.GenericKD.46497074
Avira EXP/JAVA.Banload.MRAF.Gen
AegisLab Trojan.Script.Generic.4!c
ZoneAlarm HEUR:Trojan.Script.Generic
MAX malware (ai score=82)
count 3548 name heapspray process java.exe total_mb 887 length 262144 protection PAGE_READWRITE