Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

1

cmdline-to...er.bat

windows7-x64

1

cmdline-to...er.bat

windows10-2004-x64

1

cmdline-to...er.bat

windows7-x64

1

cmdline-to...er.bat

windows10-2004-x64

5

cmdline-to...nt.bat

windows7-x64

1

cmdline-to...nt.bat

windows10-2004-x64

1

cmdline-to...en.bat

windows7-x64

1

cmdline-to...en.bat

windows10-2004-x64

1

cmdline-to...ce.bat

windows7-x64

1

cmdline-to...ce.bat

windows10-2004-x64

1

cmdline-to...t2.bat

windows7-x64

1

cmdline-to...t2.bat

windows10-2004-x64

1

cmdline-to...er.bat

windows7-x64

1

cmdline-to...er.bat

windows10-2004-x64

1

cmdline-to...to.jar

windows7-x64

1

cmdline-to...to.jar

windows10-2004-x64

1

cmdline-to...ed.jar

windows7-x64

1

cmdline-to...ed.jar

windows10-2004-x64

1

cmdline-to...er.jar

windows7-x64

1

cmdline-to...er.jar

windows10-2004-x64

1

cmdline-to...ns.jar

windows7-x64

1

cmdline-to...ns.jar

windows10-2004-x64

1

cmdline-to...th.jar

windows7-x64

1

cmdline-to...th.jar

windows10-2004-x64

1

cmdline-to...er.jar

windows7-x64

1

cmdline-to...er.jar

windows10-2004-x64

1

cmdline-to...li.jar

windows7-x64

1

cmdline-to...li.jar

windows10-2004-x64

1

cmdline-to...es.jar

windows7-x64

1

cmdline-to...es.jar

windows10-2004-x64

1

cmdline-to...th.jar

windows7-x64

1

cmdline-to...th.jar

windows10-2004-x64

1

Resubmissions

29/06/2023, 14:46 UTC

230629-r5stjsdf66 5

29/06/2023, 14:43 UTC

230629-r3tm3aed4y 5

Analysis

  • max time kernel
    31s
  • max time network
    42s
  • platform
    windows7_x64
  • resource
    win7-20230621-en
  • resource tags

    arch:x64arch:x86image:win7-20230621-enlocale:en-usos:windows7-x64system
  • submitted
    29/06/2023, 14:46 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cmdline-tools/bin/profgen.bat

  • Size

    2KB

  • MD5

    06f9d03dc3d66563374e5fad1c712f25

  • SHA1

    809741477a45312fc53a1bd8332f4dbf82c5cd2b

  • SHA256

    c38ae27434593691b385df4a38ec264895c6243eaaed574f3956e55d46d4eab4

  • SHA512

    18676d09029f41862e9a5db968cccb362227d92e2a49c64f427b377b8ee7ad6442e555056f941cee2814e1ab677fbb134f807ad48b84b92314592551c40bf2d3

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\cmdline-tools\bin\profgen.bat"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1340
    • C:\Windows\system32\java.exe
      java.exe -version
      2⤵
        PID:1376
      • C:\Windows\system32\java.exe
        "java.exe" -classpath "C:\Users\Admin\AppData\Local\Temp\cmdline-tools\bin\..\lib\profgen-classpath.jar" com.android.tools.profgen.cli.MainKt
        2⤵
          PID:1864

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/1376-64-0x0000000000130000-0x0000000000131000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1376-65-0x0000000000130000-0x0000000000131000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1864-76-0x0000000000420000-0x0000000000421000-memory.dmp

        Filesize

        4KB

        Download

      • memory/1864-77-0x0000000000420000-0x0000000000421000-memory.dmp

        Filesize

        4KB

        Download

      We care about your privacy.

      This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.