Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

9png/draw9patch.bat

windows7-x64

1

9png/draw9patch.bat

windows10-2004-x64

1

9png/lib/d...ch.jar

windows7-x64

1

9png/lib/d...ch.jar

windows10-2004-x64

1

9png/lib/s....1.jar

windows7-x64

1

9png/lib/s....1.jar

windows10-2004-x64

1

xUltimate-...pc.exe

windows7-x64

8

xUltimate-...pc.exe

windows10-2004-x64

8

去脚本�...��.url

windows7-x64

1

去脚本�...��.url

windows10-2004-x64

1

服务器软件.url

windows7-x64

1

服务器软件.url

windows10-2004-x64

1

Analysis

  • max time kernel
    42s
  • max time network
    45s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    26/11/2022, 23:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9png/lib/draw9patch.jar

  • Size

    48KB

  • MD5

    37ea996552e83283a81156fe29802fb4

  • SHA1

    3def476dd029d2c3e986fc88aca492760ff1a773

  • SHA256

    70d2991325cdd22f3a7b0bdc45abde6654de61a47cc914046d2ecc29348d1ef0

  • SHA512

    1ebc9956488330f2d5aab1c88c172633a882e16e19f0dbddc1a697451b2a8dab987fdeafd7c27aa68f940ba4eb43d368f579f06af1adb9b703cac6214ca5cef3

  • SSDEEP

    768:GEVx+GEBMnQfLbGJBDwc7XJrzpfiwmowHu8Bqu3CxiL7NvR2ovqCVpO0:GIEB54NzJr1fiwmoW7Bq6Cc7NZaCVE0

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Windows\system32\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\9png\lib\draw9patch.jar
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1916

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1916-54-0x000007FEFBCB1000-0x000007FEFBCB3000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1916-65-0x00000000020E0000-0x00000000050E0000-memory.dmp

    Filesize

    48.0MB

    Download

  • memory/1916-71-0x00000000003A0000-0x00000000003AA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/1916-70-0x00000000003A0000-0x00000000003AA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/1916-72-0x00000000020E0000-0x00000000050E0000-memory.dmp

    Filesize

    48.0MB

    Download

  • memory/1916-73-0x00000000003A0000-0x00000000003AA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/1916-74-0x00000000003A0000-0x00000000003AA000-memory.dmp

    Filesize

    40KB

    Download