popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Arrival_7036PDF.jar

MSOffice File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 Nov. 10, 2021, 9:37 a.m. Nov. 10, 2021, 9:42 a.m.
Size 1.8MB
Type Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.3, MSI Installer, Title: Installation Database, Subject: Python 3.5 biopython-1.66, Author: The Biopython Contributors, Template: Intel;1033, Revision Number: {640F74A9-847A-4040-9F77-9C37184BC0A4}, Number of Words: 2, Number of Pages: 200, Name of Creating Application: Python MSI Library
MD5 1aec13cf9b79fd1858bbe91b6281f568
SHA256 00bd0269ec2f055542bc8117597194a1502cc090595751438a4c642180f3ef7b
CRC32 5F22578E
ssdeep 49152:g8mrwM5tl1mPM5IWV8ba9tb0f4N8fnEuA25iWrKy:z8/1mPM5V8ban0f68fnEupP
Yara
  • Microsoft_Office_File_Zero - Microsoft Office File

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

GlobalMemoryStatusEx

 1 1 0
Time & API Arguments Status Return Repeated

NtProtectVirtualMemory

 process_identifier: 2768
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
length: 2555904
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x0000000002590000
process_handle: 0xffffffffffffffff
1 0 0
FireEye Exploit.AppendedJar.2.Gen
ALYac Exploit.AppendedJar.2.Gen
Cyren Java/Kryptik.F.gen!Eldorado
Symantec Trojan.Appjar!gen1
Avast Java:Malware-gen [Trj]
Kaspersky HEUR:Trojan.Java.Agent.gen
BitDefender Exploit.AppendedJar.2.Gen
Emsisoft Exploit.AppendedJar.2.Gen (B)
GData Exploit.AppendedJar.2.Gen
McAfee Adwind-FELN.jar!0C8DB92413E5
MAX malware (ai score=89)
Yandex Trojan.Etecer.bVydoM.32
Fortinet Java/GenericGB.29230!tr
AVG Java:Malware-gen [Trj]
count 3101 name heapspray process java.exe total_mb 775 length 262144 protection PAGE_READWRITE