Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

Nurik/Crac...er.exe

windows10-2004-x64

5

Nurik/clie...36.ps1

windows10-2004-x64

1

Nurik/clie...4e.ps1

windows10-2004-x64

1

Nurik/clie...28.jar

windows10-2004-x64

7

Nurik/clie...17.jar

windows10-2004-x64

7

Nurik/clie....0.jar

windows10-2004-x64

7

Nurik/clie...10.jar

windows10-2004-x64

7

Nurik/clie....1.jar

windows10-2004-x64

7

Nurik/clie....5.jar

windows10-2004-x64

7

Nurik/clie....5.jar

windows10-2004-x64

7

Nurik/clie....3.jar

windows10-2004-x64

7

Nurik/clie...26.jar

windows10-2004-x64

7

Nurik/clie...pc.jar

windows10-2004-x64

7

Nurik/clie....9.jar

windows10-2004-x64

7

Nurik/clie....1.jar

windows10-2004-x64

7

Nurik/clie....0.jar

windows10-2004-x64

7

Nurik/clie....0.jar

windows10-2004-x64

7

Nurik/clie....3.jar

windows10-2004-x64

7

Nurik/clie....2.jar

windows10-2004-x64

7

Nurik/clie....1.jar

windows10-2004-x64

7

Nurik/clie...22.jar

windows10-2004-x64

7

Nurik/jdk/...vm.dll

windows10-2004-x64

1

Nurik/jdk/...en.dll

windows10-2004-x64

1

Nurik/jdk/...ge.dll

windows10-2004-x64

1

Nurik/jdk/...pi.dll

windows10-2004-x64

1

Nurik/jdk/...se.dll

windows10-2004-x64

1

Nurik/jdk/...40.dll

windows10-2004-x64

1

Nurik/jdk/..._1.dll

windows10-2004-x64

1

Nurik/jdk/...fy.dll

windows10-2004-x64

1

Nurik/jdk/...th.dll

windows10-2004-x64

1

Nurik/jdk/...64.dll

windows10-2004-x64

1

Nurik/jdk/bin/zip.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    581s
  • max time network
    612s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17/04/2024, 15:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Nurik/client_1_16_5/libraries/icu4j-66.1.jar

  • Size

    12.3MB

  • MD5

    667638ab9d9afa07e21e618e37662db7

  • SHA1

    72c7519b6d91f7a1f993bd44a99fe95d67211b27

  • SHA256

    5dcca993f67fd6c357774f498d49b7e189b1d9a2cfce050cb4ee1dd96c800f1a

  • SHA512

    bd8d716c1561169a74be4f932627921a186b008c964155692bede5e69491eab54109f6a40a2d14a16bdc221e27dbd5938d74743cc9e2e0b47dff933d7964b644

  • SSDEEP

    196608:MH5+RwaPfkDycFb/zGFTh2tE4Sb+g+CUR1hbtBXLcVLmd:MZ/a+ZiVg2WXhsLmd

Score
7/10
discovery

Malware Config

Signatures

  • Modifies file permissions 1 TTPs 1 IoCs
    discovery
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\Nurik\client_1_16_5\libraries\icu4j-66.1.jar
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3940
    • C:\Windows\system32\icacls.exe
      C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
      2⤵
      • Modifies file permissions
      PID:2688

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp
    Filesize

    46B

    MD5

    d1d9c7fed1ae95f6edd530e05b061f6c

    SHA1

    cbef1a3f665a24067274b6b4da51b8ff0d7701d1

    SHA256

    74022007a0e4de896684d773c69fff960fcc6e70eb01bb4c48c583f52e7fb983

    SHA512

    7d07586f3c2631c9c2d2748430651ff42ca4d0fff4ab72fba1c5705d83dc3a19eebae9ba7253d583a8c6194abdea1e80b4a05aa1b512cd492d326bea0d1d6ffd

    Download Submit

  • memory/3940-4-0x000002B206910000-0x000002B207910000-memory.dmp

    Filesize

    16.0MB

    Download

  • memory/3940-12-0x000002B2068F0000-0x000002B2068F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3940-15-0x000002B2068F0000-0x000002B2068F1000-memory.dmp

    Filesize

    4KB

    Download