Heavily Obfuscated JAR Drops Adwind RAT

VTI SCORE: 91/100

Dynamic Analysis Report

Classification: Hacktool, Trojan

fd86a9b0f3bcd1dc2b061bb7a77b3871cb6d101505218f763221ee9945e69bf3 (SHA256)

Bissell New PO.qrypted.jar

Java Archive

Created at 2018-07-19 09:49:00

Notifications (2/2)

Due to a WHOIS service error, no query could be made to get WHOIS data of any contacted domain.

The operating system was rebooted during the analysis.

YARA Information

Applied On	Sample Files, PCAP File, Created Files, Modified Files, Process Dumps
Number of YARA matches	0

Function Logfile

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".

Notifications (2/2)

YARA Information

Before

After