ScreenShot
| Created | 2023.12.15 18:22 | Machine | s1_win7_x6401 |
| Filename | Delivery_Data.jar | ||
| Type | Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, MSI Installer, Revision Number: {75E1D47A-2B8F-4CD2-918A-DEE44A729B53}, Number of Words: 0, Number of Pages: 200, Template: Intel;1033, Title: Controller Editor Setup, Subject: | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | file : mailcious | ||
| VT API (file) | 20 detected (Java, GenericGB, Strrat, Appjar, gen1, csrvpr, Detected, many, Eldorado, AppendedJar, ai score=81, AZAV) | ||
| md5 | eea444443394d25856661dc1cfbbff20 | ||
| sha256 | d1879df96e055b66accad594a3c75d0c133d6d01b2765a5f596b73a04f3c6abc | ||
| ssdeep | 12288:8V9LRFojziULeQ5kFYF40VSzq7gJ3+lCWpB:8DLRijx150YF40cFsCWpB | ||
| imphash | |||
| impfuzzy | |||
Network IP location
Signature (4cnts)
| Level | Description |
|---|---|
| danger | A potential heapspray has been detected. 758 megabytes was sprayed onto the heap of the java.exe process |
| warning | File has been identified by 20 AntiVirus engines on VirusTotal as malicious |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| info | Checks amount of memory in system |
Rules (2cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| info | Microsoft_Office_File_Zero | Microsoft Office File | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|