popup
Summary | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Delivery_Data.jar

Malicious Library MSOffice File
  1. Resubmit sample
Category Machine Started Completed
FILE s1_win7_x6401 Dec. 15, 2023, 6:13 p.m. Dec. 15, 2023, 6:22 p.m.
Size 644.9KB
Type Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Revision Number: {75E1D47A-2B8F-4CD2-918A-DEE44A729B53}, Number of Words: 0, Number of Pages: 200, Template: Intel;1033, Title: Controller Editor Setup, Subject: Controller Editor Setup, Keywords: Installer, MSI, Database, Author: Native Instruments, Comments: All rights reserved, Name of Creating Application: InstallAware, Security: 0
MD5 eea444443394d25856661dc1cfbbff20
SHA256 d1879df96e055b66accad594a3c75d0c133d6d01b2765a5f596b73a04f3c6abc
CRC32 9A557767
ssdeep 12288:8V9LRFojziULeQ5kFYF40VSzq7gJ3+lCWpB:8DLRijx150YF40cFsCWpB
Yara
  • Malicious_Library_Zero - Malicious_Library
  • Microsoft_Office_File_Zero - Microsoft Office File

Name Response Post-Analysis Lookup
No hosts contacted.
IP Address Status Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Time & API Arguments Status Return Repeated

GlobalMemoryStatusEx

 1 1 0
Time & API Arguments Status Return Repeated

NtProtectVirtualMemory

 process_identifier: 2560
stack_dep_bypass: 0
stack_pivoted: 0
heap_dep_bypass: 1
length: 2555904
protection: 64 (PAGE_EXECUTE_READWRITE)
base_address: 0x0000000002690000
process_handle: 0xffffffffffffffff
1 0 0
MicroWorld-eScan Java.Trojan.GenericGB.29423
FireEye Java.Trojan.GenericGB.29423
McAfee JAVA/Strrat.b
VIPRE Java.Trojan.GenericGB.29423
Symantec Trojan.Appjar!gen1
Avast Java:Malware-gen [Trj]
Kaspersky HEUR:Trojan.Java.Generic
BitDefender Java.Trojan.GenericGB.29423
NANO-Antivirus Exploit.Zip.Heuristic-java.csrvpr
Emsisoft Java.Trojan.GenericGB.29423 (B)
Ikarus Trojan.Java.Spy
Google Detected
Arcabit Java.Trojan.GenericGB.D72EF [many]
ZoneAlarm HEUR:Trojan.Java.Generic
GData Java.Trojan.GenericGB.29582
Varist Java/Agent.R.gen!Eldorado
ALYac Exploit.AppendedJar.4.Gen
MAX malware (ai score=81)
Fortinet Java/Agent.AZAV!tr
AVG Java:Malware-gen [Trj]
count 3033 name heapspray process java.exe total_mb 758 length 262144 protection PAGE_READWRITE