Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

BurpLoader...17.jar

windows7-x64

1

BurpLoader...17.jar

windows10-2004-x64

7

Resubmissions

06/08/2024, 09:57

240806-lzcbqawelj 1

19/11/2023, 10:26

231119-mghw8ahe55 7

Analysis

  • max time kernel
    64s
  • max time network
    69s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231023-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19/11/2023, 10:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    BurpLoaderKeygen117.jar

  • Size

    36KB

  • MD5

    a3b1b3be59e6d3d374a2d3344213e6c7

  • SHA1

    3d0e27962c83c8db2955fa79c27256442c0bcb55

  • SHA256

    dcdf28acf360554a5a98d78f403c96ccea500be24b27d02b020e142820637c0a

  • SHA512

    6cb93d2af6aa1c62bd8f94c0a7e192cc08ad092724753999c92e8569c9bd76bf8ad254d6eca757decaa7922f7a806143118b90d806de80f3c36eae5e8b8bbe64

  • SSDEEP

    768:yG6uWNygZJbmjwB4HC8tyPAR8N4x3kWDuWYkfLb:yGbWNfJbmjSwNY4x9DuQf/

Score
7/10
discovery

Malware Config

Signatures

  • Modifies file permissions 1 TTPs 1 IoCs
    discovery
  • Drops file in Program Files directory 12 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\BurpLoaderKeygen117.jar
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4796
    • C:\Windows\system32\icacls.exe
      C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
      2⤵
      • Modifies file permissions
      PID:2740
    • C:\Program Files\Java\jre-1.8\bin\java.exe
      "C:\Program Files\Java\jre-1.8\bin\java.exe" -version
      2⤵
        PID:704

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp
      Filesize

      46B

      MD5

      4d42eb83a46bf020e725d5bd2ddd7adc

      SHA1

      b3abf9f4aa4d6127c7708634e820c845fe77ec67

      SHA256

      e4534e07a7ea867674a3f223439729b347bbe53e11defb58538fe792d4b50531

      SHA512

      87b55b03092dcf58b0cad031a3273322397563336a44cf00a548d56dc9f1fffbc9cfa28ae772754b21d4bfe719c093467f8eba83b8dc511f66bd2d3d5751c37d

      Download Submit

    • memory/704-26-0x0000024226AD0000-0x0000024227AD0000-memory.dmp

      Filesize

      16.0MB

      Download

    • memory/704-53-0x0000024226AD0000-0x0000024227AD0000-memory.dmp

      Filesize

      16.0MB

      Download

    • memory/704-24-0x0000024225200000-0x0000024225201000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4796-31-0x000001807FCA0000-0x000001807FCA1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4796-30-0x000001807FCA0000-0x000001807FCA1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4796-4-0x00000180015A0000-0x00000180025A0000-memory.dmp

      Filesize

      16.0MB

      Download

    • memory/4796-45-0x00000180015A0000-0x00000180025A0000-memory.dmp

      Filesize

      16.0MB

      Download

    • memory/4796-48-0x0000018001820000-0x0000018001830000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4796-49-0x0000018001840000-0x0000018001850000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4796-50-0x0000018001850000-0x0000018001860000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4796-51-0x0000018001860000-0x0000018001870000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4796-52-0x00000180015A0000-0x00000180025A0000-memory.dmp

      Filesize

      16.0MB

      Download

    • memory/4796-14-0x000001807FCA0000-0x000001807FCA1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4796-54-0x00000180015A0000-0x00000180025A0000-memory.dmp

      Filesize

      16.0MB

      Download