Managed XDR

defence.jar — malware analysis report

File info

Filename
defence.jar
File type
Zip archive data, at least v2.0 to extract
File size
264.6 KB
First seen
Last seen

Environment

win7/x86 en

Hashes

SHA1
f9ac7d1d4da64d8c091d7ceaf10f7821b16d8984
SHA256
db3fb63eed88ae5c2427e47f2767fca1282f7a41f7f4a3e171aabf73ffaaf07d
MD5
6f67a1bd9295efef3a2695929b2d0b7b

Signatures

Privilege Escalation

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Discovery

T1033 recon_beacon: The process has sent information about the computer over the network

Command and Control

T1071.001 recon_beacon: The process has sent information about the computer over the network

Other

suricata_alert: Malicious traffic detected
creates_in_programdata: Creates files in the ProgramData directory