Category | Machine | Started | Completed |
---|---|---|---|
FILE | s1_win7_x6402 | Nov. 1, 2023, 9:55 a.m. | Nov. 1, 2023, 9:57 a.m. |
-
-
unpack200.exe "C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\unpack200.exe" "C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\lib\crs-agent.jar.p2" "C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\lib\crs-agent.jar"
2404 -
unpack200.exe "C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\unpack200.exe" "C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\lib\charsets.jar.p2" "C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\lib\charsets.jar"
2432 -
unpack200.exe "C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\unpack200.exe" "C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\lib\jsse.jar.p2" "C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\lib\jsse.jar"
1648 -
unpack200.exe "C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\unpack200.exe" "C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\lib\ext\jaccess.jar.p2" "C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\lib\ext\jaccess.jar"
1652 -
unpack200.exe "C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\unpack200.exe" "C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\lib\ext\sunpkcs11.jar.p2" "C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\lib\ext\sunpkcs11.jar"
1196 -
unpack200.exe "C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\unpack200.exe" "C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\lib\ext\openjsse.jar.p2" "C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\lib\ext\openjsse.jar"
1844 -
unpack200.exe "C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\unpack200.exe" "C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\lib\ext\legacy8ujsse.jar.p2" "C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\lib\ext\legacy8ujsse.jar"
1020 -
unpack200.exe "C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\unpack200.exe" "C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\lib\ext\cldrdata.jar.p2" "C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\lib\ext\cldrdata.jar"
2120 -
unpack200.exe "C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\unpack200.exe" "C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\lib\ext\access-bridge-64.jar.p2" "C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\lib\ext\access-bridge-64.jar"
2576 -
unpack200.exe "C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\unpack200.exe" "C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\lib\ext\sunmscapi.jar.p2" "C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\lib\ext\sunmscapi.jar"
2516 -
unpack200.exe "C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\unpack200.exe" "C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\lib\rt.jar.p2" "C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\lib\rt.jar"
3036 -
windowslauncher.exe "C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\windowslauncher.exe" "-Xshare:dump"
2788
-
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\mlib_image.dll |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\jsoundds.dll |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\w2k_lsa_auth.dll |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834935-5-app\jwutils_win32.dll |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\unpack.dll |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\jsdt.dll |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\zip.dll |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\pack200.exe |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\sunmscapi.dll |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\j2pcsc.dll |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\dt_shmem.dll |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\jawt.dll |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\JavaAccessBridge-64.dll |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\jsound.dll |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\jli.dll |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\nio.dll |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\unpack200.exe |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\fontmanager.dll |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\j2pkcs11.dll |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\npt.dll |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\net.dll |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\jdwp.dll |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\java.dll |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834935-5-app\SimpleService.exe |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\windowslauncher.exe |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\JAWTAccessBridge-64.dll |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\awt.dll |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\server\jvm.dll |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\jjs.exe |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\jaas_nt.dll |
file | C:\ProgramData\JWrapper-Remote Access\JWrapper-Windows64JRE-00084000053-complete\bin\Remote Access.exe |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\hprof.dll |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\dt_socket.dll |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\freetype.dll |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\splashscreen.dll |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\management.dll |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\java-rmi.exe |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834935-5-app\jwutils_win64.dll |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\verify.dll |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\msvcr100.dll |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\sunec.dll |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\javaw.exe |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\lcms.dll |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\java.exe |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\jpeg.dll |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\WindowsAccessBridge-64.dll |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\bin\instrument.dll |
host | 146.70.149.61 |
file | C:\ProgramData\JWrapper-Remote Access\JWrapperTemp-1698834936-6-app\lib\ext\jaccess.jar.p2 |
Skyhigh | Artemis |
Cylance | unsafe |
K7AntiVirus | Trojan ( 005acd7b1 ) |
K7GW | Trojan ( 005acd7b1 ) |
Kaspersky | not-a-virus:HEUR:RemoteAdmin.Win64.Remsim.gen |
Rising | Hacktool.Remsim!8.180EE (CLOUD) |
Sophos | Generic Reputation PUA (PUA) |
Zillya | Tool.Remsim.Win64.1 |
Jiangmin | RemoteAdmin.Remsim.b |
ZoneAlarm | not-a-virus:HEUR:RemoteAdmin.Win64.Remsim.gen |
McAfee | Artemis!065F0871B602 |
DeepInstinct | MALICIOUS |
MaxSecure | Trojan.Malware.207043384.susgen |