IOC Report
dn-compiled-module.jar

loading gif

Files

File Path
Type
Category
Malicious
dn-compiled-module.jar
Java archive data (JAR)
initial sample
 malicious
C:\ProgramData\Oracle\Java\.oracle_jre_usage\b5820291038aa69c.timestamp
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\hsperfdata_user\7460
data
dropped
C:\jar\.data\img\5314-windows_102509.png
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
dropped
C:\jar\.data\img\Computer_PC_Monitor_1906.png
PNG image data, 256 x 256, 8-bit/color RGB, non-interlaced
dropped
C:\jar\.data\img\Icon.png
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
dropped
C:\jar\.data\img\PuTTY_icon_128px.png
PNG image data, 128 x 128, 8-bit colormap, non-interlaced
dropped
C:\jar\.data\img\T678V.png
PNG image data, 190 x 190, 8-bit/color RGBA, non-interlaced
dropped
C:\jar\.data\img\exe.png
PNG image data, 128 x 128, 8-bit colormap, non-interlaced
dropped
C:\jar\.data\img\favicon.jpg
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
dropped
C:\jar\.data\img\lightning_icon_155196.png
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
dropped
C:\jar\.data\img\photo_2024-02-29_19-36-11.jpg
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 883x883, components 1
dropped
C:\jar\.data\img\photo_2024-03-03_12-40-06.jpg
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 256x256, components 3
dropped
C:\jar\.data\img\photo_2024-03-04_18-39-39.jpg
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1000x1000, components 3
dropped
C:\jar\.data\img\trophy_jewelry_winner_win_treasure_gift_blue_diamond_game_icon_262398.png
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
dropped
C:\jar\.inc\jurl.phb
data
dropped
C:\jar\.packages\app.pkg
ASCII text
dropped
C:\jar\.packages\httpclient.pkg
ASCII text, with CRLF line terminators
dropped
C:\jar\.packages\jurl.pkg
ASCII text, with CRLF line terminators
dropped
C:\jar\.system\application.conf
ASCII text, with CRLF line terminators
dropped
C:\jar\.theme\style.fx.css
ASCII text
dropped
C:\jar\App.phb
data
dropped
C:\jar\Async.phb
data
dropped
C:\jar\Dialog.phb
data
dropped
C:\jar\Files.phb
data
dropped
C:\jar\JPHP-INFO\sdk\php\desktop\HotKeyManager.phb
data
dropped
C:\jar\JPHP-INF\.bootstrap
PHP script, ASCII text, with CRLF, LF line terminators
dropped
C:\jar\JPHP-INF\launcher.conf
ASCII text, with CRLF line terminators
dropped
C:\jar\META-INF\MANIFEST.MF
ASCII text, with CRLF line terminators
dropped
C:\jar\action\ActionsSupport.phb
data
dropped
C:\jar\action\ActionsSupportTrait.phb
data
dropped
C:\jar\action\Animation.phb
data
dropped
C:\jar\action\Collision.phb
data
dropped
C:\jar\action\Element.phb
data
dropped
C:\jar\action\Geometry.phb
data
dropped
C:\jar\action\Media.phb
data
dropped
C:\jar\action\Score.phb
data
dropped
C:\jar\app\forms\MainForm.behaviour
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\jar\app\forms\MainForm.conf
ASCII text, with CRLF line terminators
dropped
C:\jar\app\forms\MainForm.fxml
XML 1.0 document, ASCII text, with very long lines (883), with CRLF line terminators
dropped
C:\jar\app\forms\MainForm.phb
data
dropped
C:\jar\app\modules\AppModule.behaviour
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\jar\app\modules\AppModule.module
JSON data
dropped
C:\jar\app\modules\AppModule.phb
data
dropped
C:\jar\app\modules\MainModule.behaviour
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\jar\app\modules\MainModule.module
JSON data
dropped
C:\jar\app\modules\MainModule.phb
data
dropped
C:\jar\behaviour\SetTextBehaviour.phb
data
dropped
C:\jar\behaviour\StreamLoadableBehaviour.phb
data
dropped
C:\jar\behaviour\custom\AutoDestroyBehaviour.phb
data
dropped
C:\jar\behaviour\custom\BlinkAnimationBehaviour.phb
data
dropped
C:\jar\behaviour\custom\BloomEffectBehaviour.phb
data
dropped
C:\jar\behaviour\custom\CameraSnapBehaviour.phb
data
dropped
C:\jar\behaviour\custom\CameraTargetBehaviour.phb
data
dropped
C:\jar\behaviour\custom\ChatterAnimationBehaviour.phb
data
dropped
C:\jar\behaviour\custom\ColorAdjustEffectBehaviour.phb
data
dropped
C:\jar\behaviour\custom\CursorBindBehaviour.phb
data
dropped
C:\jar\behaviour\custom\DraggingBehaviour.phb
data
dropped
C:\jar\behaviour\custom\DraggingFormBehaviour.phb
data
dropped
C:\jar\behaviour\custom\DropShadowEffectBehaviour.phb
data
dropped
C:\jar\behaviour\custom\EscapeShutdownBehaviour.phb
data
dropped
C:\jar\behaviour\custom\FadeAnimationBehaviour.phb
data
dropped
C:\jar\behaviour\custom\GameEntityBehaviour.phb
data
dropped
C:\jar\behaviour\custom\GameSceneBehaviour.phb
data
dropped
C:\jar\behaviour\custom\GaussianBlurEffectBehaviour.phb
data
dropped
C:\jar\behaviour\custom\GlowEffectBehaviour.phb
data
dropped
C:\jar\behaviour\custom\GridMovementBehaviour.phb
data
dropped
C:\jar\behaviour\custom\InnerShadowEffectBehaviour.phb
data
dropped
C:\jar\behaviour\custom\KeyInputRuleBehaviour.phb
data
dropped
C:\jar\behaviour\custom\LightingEffectBehaviour.phb
data
dropped
C:\jar\behaviour\custom\LimitedMovementBehaviour.phb
data
dropped
C:\jar\behaviour\custom\PulseAnimationBehaviour.phb
data
dropped
C:\jar\behaviour\custom\RandomMovementAnimationBehaviour.phb
data
dropped
C:\jar\behaviour\custom\ReflectionEffectBehaviour.phb
data
dropped
C:\jar\behaviour\custom\RotateAnimationBehaviour.phb
data
dropped
C:\jar\behaviour\custom\ScaleAnimationBehaviour.phb
data
dropped
C:\jar\behaviour\custom\SepiaToneEffectBehaviour.phb
data
dropped
C:\jar\behaviour\custom\VibrationAnimationBehaviour.phb
data
dropped
C:\jar\behaviour\custom\WatchMakerBehaviour.phb
data
dropped
C:\jar\behaviour\custom\WidgetFormBehaviour.phb
data
dropped
C:\jar\behaviour\custom\WrapScreenBehaviour.phb
data
dropped
C:\jar\bundle\http\HttpAsyncResponse.phb
data
dropped
C:\jar\bundle\http\HttpChecker.phb
data
dropped
C:\jar\bundle\http\HttpClient.phb
data
dropped
C:\jar\bundle\http\HttpDownloader.phb
data
dropped
C:\jar\bundle\http\HttpResponse.phb
data
dropped
C:\jar\bundle\jurl\jURL.phb
data
dropped
C:\jar\bundle\jurl\jURLAbortException.phb
data
dropped
C:\jar\bundle\jurl\jURLDownloader.phb
data
dropped
C:\jar\bundle\jurl\jURLException.phb
data
dropped
C:\jar\bundle\jurl\jURLFile.phb
data
dropped
C:\jar\bundle\zip\ZipFileScript.phb
data
dropped
C:\jar\cURLFile.phb
data
dropped
C:\jar\facade\Async.phb
data
dropped
C:\jar\facade\Json.phb
data
dropped
C:\jar\jfoenix-custom.fx.css
ASCII text, with CRLF line terminators
dropped
C:\jar\php\framework\FrameworkPackageLoader.phb
data
dropped
C:\jar\php\framework\Logger.phb
data
dropped
C:\jar\php\gui\AbstractFormWrapper.phb
data
dropped
C:\jar\php\gui\UXButtonWrapper.phb
data
dropped
C:\jar\php\gui\UXCheckboxWrapper.phb
data
dropped
C:\jar\php\gui\UXDatePickerWrapper.phb
data
dropped
C:\jar\php\gui\UXFlatButtonWrapper.phb
data
dropped
C:\jar\php\gui\UXHyperlinkWrapper.phb
data
dropped
C:\jar\php\gui\UXImageAreaWrapper.phb
data
dropped
C:\jar\php\gui\UXImageViewWrapper.phb
data
dropped
C:\jar\php\gui\UXLabelExWrapper.phb
data
dropped
C:\jar\php\gui\UXLabelWrapper.phb
data
dropped
C:\jar\php\gui\UXLabeledWrapper.phb
data
dropped
C:\jar\php\gui\UXListViewWrapper.phb
data
dropped
C:\jar\php\gui\UXMaterialDatePickerWrapper.phb
data
dropped
C:\jar\php\gui\UXMaterialTimePickerWrapper.phb
data
dropped
C:\jar\php\gui\UXNodeWrapper.phb
data
dropped
C:\jar\php\gui\UXPaginationWrapper.phb
data
dropped
C:\jar\php\gui\UXScrollPaneWrapper.phb
data
dropped
C:\jar\php\gui\UXTabPaneWrapper.phb
data
dropped
C:\jar\php\gui\UXTableViewWrapper.phb
data
dropped
C:\jar\php\gui\UXTitledPaneWrapper.phb
data
dropped
C:\jar\php\gui\UXToggleButtonWrapper.phb
data
dropped
C:\jar\php\gui\UXWebViewWrapper.phb
data
dropped
C:\jar\php\gui\framework\AbstractFactory.phb
data
dropped
C:\jar\php\gui\framework\AbstractForm.phb
data
dropped
C:\jar\php\gui\framework\AbstractFormArea.phb
data
dropped
C:\jar\php\gui\framework\AbstractModule.phb
data
dropped
C:\jar\php\gui\framework\AbstractPrototype.phb
data
dropped
C:\jar\php\gui\framework\AbstractScript.phb
data
dropped
C:\jar\php\gui\framework\Application.phb
data
dropped
C:\jar\php\gui\framework\ApplicationTrait.phb
data
dropped
C:\jar\php\gui\framework\DataUtils.phb
data
dropped
C:\jar\php\gui\framework\EventBinder.phb
data
dropped
C:\jar\php\gui\framework\GUI.phb
data
dropped
C:\jar\php\gui\framework\Instances.phb
data
dropped
C:\jar\php\gui\framework\Preloader.phb
data
dropped
C:\jar\php\gui\framework\ScriptEvent.phb
data
dropped
C:\jar\php\gui\framework\StandaloneFactory.phb
data
dropped
C:\jar\php\gui\framework\View.phb
data
dropped
C:\jar\php\gui\framework\behaviour\PositionableBehaviour.phb
data
dropped
C:\jar\php\gui\framework\behaviour\TextableBehaviour.phb
data
dropped
C:\jar\php\gui\framework\behaviour\ValuableBehaviour.phb
data
dropped
C:\jar\php\gui\framework\behaviour\custom\AbstractBehaviour.phb
data
dropped
C:\jar\php\gui\framework\behaviour\custom\AnimationBehaviour.phb
data
dropped
C:\jar\php\gui\framework\behaviour\custom\BehaviourLoader.phb
data
dropped
C:\jar\php\gui\framework\behaviour\custom\BehaviourManager.phb
data
dropped
C:\jar\php\gui\framework\behaviour\custom\EffectBehaviour.phb
data
dropped
C:\jar\php\gui\framework\behaviour\custom\FactoryBehaviourManager.phb
data
dropped
C:\jar\php\gui\framework\behaviour\custom\FormBehaviourManager.phb
data
dropped
C:\jar\php\gui\framework\behaviour\custom\ModuleBehaviourManager.phb
data
dropped
C:\jar\php\gui\framework\event\AbstractEventAdapter.phb
data
dropped
C:\jar\php\gui\framework\event\AbstractEventType.phb
data
dropped
C:\jar\php\gui\framework\event\ClickEventAdapter.phb
data
dropped
C:\jar\php\gui\framework\event\KeydownEventAdapter.phb
data
dropped
C:\jar\php\gui\framework\event\KeyupEventAdapter.phb
data
dropped
C:\jar\php\gui\framework\event\MousedownEventAdapter.phb
data
dropped
C:\jar\php\gui\framework\event\MouseupEventAdapter.phb
data
dropped
C:\jar\php\gui\framework\event\ScrollEventAdapter.phb
data
dropped
C:\jar\php\gui\framework\functions.phb
data
dropped
C:\jar\php\gui\layout\UXFragmentPaneWrapper.phb
data
dropped
C:\jar\script\DirectoryChooserScript.phb
data
dropped
C:\jar\script\FileChooserScript.phb
data
dropped
C:\jar\script\FileScript.phb
data
dropped
C:\jar\script\HotKeyScript.phb
data
dropped
C:\jar\script\JsoupScript.phb
data
dropped
C:\jar\script\MacroScript.phb
data
dropped
C:\jar\script\MailScript.phb
data
dropped
C:\jar\script\MediaPlayerScript.phb
data
dropped
C:\jar\script\PrinterScript.phb
data
dropped
C:\jar\script\RobotScript.phb
data
dropped
C:\jar\script\ScoreScript.phb
data
dropped
C:\jar\script\SystemTrayScript.phb
data
dropped
C:\jar\script\TimerScript.phb
data
dropped
C:\jar\script\storage\AbstractStorage.phb
data
dropped
C:\jar\script\storage\IniStorage.phb
data
dropped
C:\jar\script\support\NodeHelper.phb
data
dropped
C:\jar\script\support\ScriptHelpers.phb
data
dropped
C:\jar\timer\AccurateTimer.phb
data
dropped
There are 165 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
 malicious
C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_749031\java.exe
java.exe -jar "C:\Users\user\Desktop\dn-compiled-module.jar"
 malicious
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
 malicious
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
 malicious
C:\Windows\System32\7za.exe
7za.exe x -y -oC:\jar "C:\Users\user\Desktop\dn-compiled-module.jar"
C:\Windows\SysWOW64\icacls.exe
C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M

URLs

Name
IP
Malicious
http://77.91.77.145/?v=3&event=
unknown
http://java.oracle.com/
unknown
http://javafx.com/fxml/1
unknown
http://site.com/
unknown
https://github.com/TsSaltan/DevelNext-jURL/releases/latest
unknown
http://www.oracle.com/technetwork/java/javase/documentation/index.html
unknown
http://bugreport.sun.com/bugreport/
unknown
http://javafx.com/javafx/8
unknown

Memdumps

Base Address
Regiontype
Protect
Malicious
2910000
trusted library allocation
page execute and read and write
150D0000
heap
page read and write
D8E000
stack
page read and write
155A0000
heap
page read and write
13C0000
heap
page read and write
C3C000
stack
page read and write
153EF000
unkown
page read and write
4A5E000
trusted library allocation
page read and write
4A84000
trusted library allocation
page read and write
15196000
heap
page read and write
2900000
unkown
page read and write
1547D000
unkown
page read and write
A30000
heap
page read and write
4A1D000
trusted library allocation
page read and write
C8C000
stack
page read and write
F48000
heap
page read and write
FB0000
heap
page read and write
12FD000
stack
page read and write
1513F000
heap
page read and write
D90000
heap
page read and write
1340000
heap
page read and write
2963000
trusted library allocation
page execute and read and write
4A00000
trusted library allocation
page read and write
1542D000
stack
page read and write
D3E000
stack
page read and write
910000
heap
page read and write
29AA000
trusted library allocation
page execute and read and write
FFE000
stack
page read and write
F64000
heap
page read and write
28FA000
unkown
page read and write
13B5000
heap
page read and write
1550E000
unkown
page read and write
15186000
heap
page read and write
14F7D000
stack
page read and write
4A54000
trusted library allocation
page read and write
EF0000
heap
page read and write
4A23000
trusted library allocation
page read and write
1504D000
stack
page read and write
1560000
heap
page read and write
4A66000
trusted library allocation
page read and write
14A90000
trusted library allocation
page read and write
14EF4000
heap
page read and write
4A10000
trusted library allocation
page read and write
4A27000
trusted library allocation
page read and write
F10000
heap
page read and write
A5A000
heap
page read and write
BFE000
stack
page read and write
133E000
stack
page read and write
BBE000
stack
page read and write
1360000
heap
page read and write
89D000
stack
page read and write
296A000
trusted library allocation
page execute and read and write
FE6000
heap
page read and write
1509E000
unkown
page read and write
281E000
stack
page read and write
29B1000
trusted library allocation
page execute and read and write
1500E000
unkown
page read and write
2DE0000
heap
page read and write
1370000
trusted library allocation
page read and write
11C0000
heap
page read and write
8F0000
heap
page read and write
4A21000
trusted library allocation
page read and write
154BD000
stack
page read and write
F30000
heap
page read and write
4A56000
trusted library allocation
page read and write
1568000
heap
page read and write
286E000
stack
page read and write
F3B000
heap
page read and write
2952000
trusted library allocation
page execute and read and write
28AD000
stack
page read and write
13B0000
heap
page read and write
A2E000
stack
page read and write
A40000
heap
page read and write
1390000
trusted library allocation
page read and write
295B000
trusted library allocation
page execute and read and write
14F2C000
stack
page read and write
3100000
trusted library allocation
page read and write
294A000
trusted library allocation
page execute and read and write
3000000
heap
page read and write
B7F000
stack
page read and write
85D000
stack
page read and write
1539D000
stack
page read and write
185F000
stack
page read and write
CF0000
heap
page read and write
4910000
trusted library allocation
page read and write
294E000
trusted library allocation
page execute and read and write
F4C000
stack
page read and write
175E000
stack
page read and write
EF5000
heap
page read and write
A48000
heap
page read and write
2912000
trusted library allocation
page execute and read and write
4A32000
trusted library allocation
page read and write
14FBD000
stack
page read and write
There are 83 hidden memdumps, click here to show them.