Managed XDR

javaw.jar — malware analysis report

File info

Filename
javaw.jar
File type
Zip archive data, at least v2.0 to extract
File size
737.5 KB
First seen
Last seen

Environment

win7/x86 en

Hashes

SHA1
ca001251bb18329b5fa5a16085f2d2924e0a4688
SHA256
183f4902436f17fef0ac5a226b8a57d4b17795f2bdd4809af9423c884ed6ef6c
MD5
718ca8ea45b0782c8188cb2035d0aced

Signatures

Persistence

T1547.001 persistence_autorun: Makes itself run automatically on Windows startup

Privilege Escalation

T1547.001 persistence_autorun: Makes itself run automatically on Windows startup
T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Defense Evasion

T1564.001 stealth_file: Creates hidden or system files
T1134 opens_thread_token: Opens the access token associated with a thread
T1134 opens_process_token: Opens the access token associated with a process

Other

networkdyndns_checkip: Connects to a Dynamic DNS domain
creates_in_programdata: Creates files in the ProgramData directory