Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

jre-8u191-...64.exe

windows7-x64

7

jre-8u191-...64.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    152s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    31/12/2023, 00:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    jre-8u191-windows-x64.exe

  • Size

    71.2MB

  • MD5

    f6a5f7eff45dc936968920507d7ce8bd

  • SHA1

    ddebbd32ee2612114a9bec6e291e38b9b844c514

  • SHA256

    605d05442c1640530a8ca2938baafb785560aefa88dc8cd0b43261ef3ecfa4bd

  • SHA512

    98829c0e534c80653e121f30b44610cda9937309734a37230d6afd6ad1a39d321c30db67114d94c270e0dbf726f7601771b5690ad16da0acc60db9d01f5385cb

  • SSDEEP

    1572864:XlediXMBkmNFecMUQptv3y0gsUFhra0T1+KaoLF:XLPmze1JFpUO0TKOF

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\jre-8u191-windows-x64.exe
    "C:\Users\Admin\AppData\Local\Temp\jre-8u191-windows-x64.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3284
    • C:\Users\Admin\AppData\Local\Temp\jds240614859.tmp\jre-8u191-windows-x64.exe
      "C:\Users\Admin\AppData\Local\Temp\jds240614859.tmp\jre-8u191-windows-x64.exe"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:3988

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\jds240614859.tmp\jre-8u191-windows-x64.exe
    Filesize

    3.6MB

    MD5

    2e318a1e2e7e163380255bb6a03955ef

    SHA1

    0bbae0c001b22001af56c07ae1c58e12c08bd3e8

    SHA256

    c3507a05ee14ae62ec6f7b7714dd1f601f629a67efa53b4b865b5770d2d347da

    SHA512

    933100108d77a58bca9e7dc9b37df968fec4ae36aa591a352d9978ed93732dc354cba5868f636751f01526b7355d84a4147885f0cab3ea58ca872131b5d7851b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\jds240614859.tmp\jre-8u191-windows-x64.exe
    Filesize

    2.2MB

    MD5

    e2836431480bf99b0d7c43495103f79d

    SHA1

    de5398da39af7a299e64f141c02c1a0cd79f7364

    SHA256

    a22cdced3642144522a56516e4f1a68ce6ed19a6021814f787c0be579921afff

    SHA512

    7bb435962e01fdd10342db761f64abcec8b12e29409f51aa009887e129d1366669d38612c3b9c3905122da4b739be97871474cc9d808645d72046099c955b283

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\jusched.log
    Filesize

    128KB

    MD5

    8cdb12390bb1fa19fe3d6b8eca32fbfa

    SHA1

    c748df455be07283839da919b4313022ce33bfbc

    SHA256

    abeb8bc3cd1751aa393a44e49e6edba56d7b6a190244c6bde2fa851e641407c2

    SHA512

    e9c645e957f533d1a15682d87928b903f5d913eefe956b9a1e596a8cff8fedc36a567e3c98c9c5a0548a8c8716740e86ebd1fa5b96ddde1299b00f501a70827a

    Download Submit