Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Resubmissions
27/12/2022, 23:39 UTC
221227-3nclsabh7y 127/12/2022, 23:35 UTC
221227-3k3c2agg92 627/12/2022, 23:31 UTC
221227-3hqw8abh6x 4Analysis
-
max time kernel
49s -
max time network
51s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
-
submitted
27/12/2022, 23:39 UTC
General
-
Target
LauncherFenix-Minecraft.jar
-
Size
56KB
-
MD5
7a61030e60da59eb48d5430a175c38d3
-
SHA1
e21779e2d453397c6a2bbc6090ac49de8f0fe1ea
-
SHA256
2e33e36c9517efe86251a2f4294d822b55f344d189c9606189757f4ad17af38e
-
SHA512
27b143872d411088186fdf8178d3c05710795ceffbe75f227469025d309f845c4db3ad91aad0fce1b01671ef271b9bf0445d083d3c5008af2b8daf688e81320a
-
SSDEEP
1536:Fqv6lGMWvA34iBJZd8HJa3SUwxq7R83taXb:EvXMUA3bJZdwJjU3F1Xb
Score
1/10
Malware Config
Signatures
-
Suspicious use of SetWindowsHookEx 2 IoCs
Processes
-
C:\Windows\system32\java.exejava -jar C:\Users\Admin\AppData\Local\Temp\LauncherFenix-Minecraft.jar1⤵
- Suspicious use of SetWindowsHookEx
Network
-
DNSwww.dropbox.comRemote address:8.8.8.8:53Requestwww.dropbox.comIN AResponsewww.dropbox.comIN CNAMEwww-env.dropbox-dns.comwww-env.dropbox-dns.comIN A162.125.8.18 -
DNSfiles.launcherfenix.com.arRemote address:8.8.8.8:53Requestfiles.launcherfenix.com.arIN AResponsefiles.launcherfenix.com.arIN A104.21.72.175files.launcherfenix.com.arIN A172.67.153.84
-
DNSlaunchermeta.mojang.comRemote address:8.8.8.8:53Requestlaunchermeta.mojang.comIN AResponselaunchermeta.mojang.comIN CNAMElauncher-meta-cdn.azureedge.netlauncher-meta-cdn.azureedge.netIN CNAMElauncher-meta-cdn.afd.azureedge.netlauncher-meta-cdn.afd.azureedge.netIN CNAMEstar-azureedge-prod.trafficmanager.netstar-azureedge-prod.trafficmanager.netIN CNAMEshed.dual-low.part-0039.t-0009.fdv2-t-msedge.netshed.dual-low.part-0039.t-0009.fdv2-t-msedge.netIN CNAMEpart-0039.t-0009.fdv2-t-msedge.netpart-0039.t-0009.fdv2-t-msedge.netIN A13.107.237.67part-0039.t-0009.fdv2-t-msedge.netIN A13.107.238.67
-
DNSprofile.launcherfenix.com.arRemote address:8.8.8.8:53Requestprofile.launcherfenix.com.arIN AResponseprofile.launcherfenix.com.arIN A172.67.153.84profile.launcherfenix.com.arIN A104.21.72.175
-
DNSiniciolauncherfx.tumblr.comRemote address:8.8.8.8:53Requestiniciolauncherfx.tumblr.comIN AResponseiniciolauncherfx.tumblr.comIN A74.114.154.22iniciolauncherfx.tumblr.comIN A74.114.154.18
-
GEThttp://iniciolauncherfx.tumblr.com/Remote address:74.114.154.22:80RequestGET / HTTP/1.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/535.14 (KHTML, like Gecko) JavaFX/2.2 Safari/535.14
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Cache-Control: no-cache
Pragma: no-cache
Host: iniciolauncherfx.tumblr.com
Connection: keep-alive
ResponseHTTP/1.1 302 Found
Server: openresty
Date: Tue, 27 Dec 2022 23:39:54 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-Rid: 95849d0e125657d5e45e951162747765
P3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
X-Frame-Options: deny
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15552001
Location: https://iniciolauncherfx.tumblr.com/
X-UA-Compatible: IE=Edge,chrome=1
X-UA-Device: desktop
Vary: X-UA-Device, Accept
-
DNSassets.tumblr.comRemote address:8.8.8.8:53Requestassets.tumblr.comIN AResponseassets.tumblr.comIN A192.0.77.40
-
DNSpx.srvcs.tumblr.comRemote address:8.8.8.8:53Requestpx.srvcs.tumblr.comIN AResponsepx.srvcs.tumblr.comIN A192.0.77.40
-
DNSstatic.tumblr.comRemote address:8.8.8.8:53Requeststatic.tumblr.comIN AResponsestatic.tumblr.comIN A192.0.77.40
-
162.125.8.18:443www.dropbox.comtls
-
162.125.8.18:443www.dropbox.comtls
-
162.125.8.18:443www.dropbox.comtls
-
104.21.72.175:443files.launcherfenix.com.artls
-
13.107.237.67:443launchermeta.mojang.comtls
-
74.114.154.22:80http://iniciolauncherfx.tumblr.com/http
HTTP Request
GET http://iniciolauncherfx.tumblr.com/HTTP Response
302 -
172.67.153.84:80profile.launcherfenix.com.ar
-
74.114.154.22:443iniciolauncherfx.tumblr.comtls
-
192.0.77.40:443assets.tumblr.comtls
-
192.0.77.40:443assets.tumblr.comtls
-
192.0.77.40:443px.srvcs.tumblr.comtls
-
192.0.77.40:443px.srvcs.tumblr.comtls
-
192.0.77.40:443static.tumblr.comtls
-
8.8.8.8:53www.dropbox.comdns
DNS Request
www.dropbox.com
DNS Response
162.125.8.18
-
8.8.8.8:53files.launcherfenix.com.ardns
DNS Request
files.launcherfenix.com.ar
DNS Response
104.21.72.175172.67.153.84
-
8.8.8.8:53launchermeta.mojang.comdns
DNS Request
launchermeta.mojang.com
DNS Response
13.107.237.6713.107.238.67
-
8.8.8.8:53profile.launcherfenix.com.ardns
DNS Request
profile.launcherfenix.com.ar
DNS Response
172.67.153.84104.21.72.175
-
8.8.8.8:53iniciolauncherfx.tumblr.comdns
DNS Request
iniciolauncherfx.tumblr.com
DNS Response
74.114.154.2274.114.154.18
-
8.8.8.8:53assets.tumblr.comdns
DNS Request
assets.tumblr.com
DNS Response
192.0.77.40
-
8.8.8.8:53px.srvcs.tumblr.comdns
DNS Request
px.srvcs.tumblr.com
DNS Response
192.0.77.40
-
8.8.8.8:53static.tumblr.comdns
DNS Request
static.tumblr.com
DNS Response
192.0.77.40
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
8KB
-
Filesize
48.0MB
-
Filesize
40KB
-
Filesize
40KB
-
Filesize
40KB
-
Filesize
40KB
-
Filesize
48.0MB
-
Filesize
40KB
-
Filesize
40KB
-
Filesize
40KB
-
Filesize
40KB
-
Filesize
40KB
-
Filesize
40KB