ScreenShot
| Created | 2021.11.16 11:07 | Machine | s1_win7_x6402 |
| Filename | adal.jar | ||
| Type | Java archive data (JAR) | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 7 detected (Android, Jocker, GEN43293, a variant of Android, AndroidOS, Joker, origin, IBEX, Malicious, score) | ||
| md5 | 70b108c4541b2158a0ece7a7977e4a38 | ||
| sha256 | b968eb52482fb73c499d84251bae3fbd8af7205616c2368e1aecef85bebcf65b | ||
| ssdeep | 384:qKyaJ9Uumt1ymbOSLxfpxmV1sXNbiHoy0fhBax7RM9cz1s+xruEoPz09GSEFukZf:PDUHHOSLxhu2N2Iy+DrqjuN4Gtuir | ||
| imphash | |||
| impfuzzy | |||
Network IP location
Signature (6cnts)
| Level | Description |
|---|---|
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
| notice | File has been identified by 7 AntiVirus engines on VirusTotal as malicious |
| info | Checks amount of memory in system |
| info | Command line console output was observed |
| info | One or more processes crashed |
Rules (0cnts)
| Level | Name | Description | Collection |
|---|
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|