Overview

overview

7

Static

static

1

Hael9-1.8....er.jar

windows7-x64

1

Hael9-1.8....er.jar

windows10-2004-x64

7

Hael9-1.8.6/gradlew

ubuntu-18.04-amd64

1

Hael9-1.8.6/gradlew

debian-9-armhf

1

Hael9-1.8.6/gradlew

debian-9-mips

1

Hael9-1.8.6/gradlew

debian-9-mipsel

1

Hael9-1.8....ew.bat

windows7-x64

1

Hael9-1.8....ew.bat

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    20-04-2024 21:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Hael9-1.8.6/gradlew.bat

  • Size

    2KB

  • MD5

    0ea6d812cf51675a8503fe23ae178996

  • SHA1

    8751d7831ca6cd1cad48e1475a79596b54b48994

  • SHA256

    f4f428c5626b3d90cef3bd4e7fd3ad3ea5760442db8c09d586b5bfe031dbe5e3

  • SHA512

    ea052888a8e361670cd7051c6313fc838f579a54288ed391361954f413df699c119236e7371149939045cd3aef48458d4991beed579e3cc1230e3bee1273de8f

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\Hael9-1.8.6\gradlew.bat"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2184
    • C:\Windows\system32\java.exe
      java.exe -version
      2⤵
        PID:560
      • C:\Windows\system32\java.exe
        "java.exe" "-Dorg.gradle.appname=gradlew" -classpath "C:\Users\Admin\AppData\Local\Temp\Hael9-1.8.6\\gradle\wrapper\gradle-wrapper.jar" org.gradle.wrapper.GradleWrapperMain
        2⤵
          PID:2668

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/560-4-0x00000000026E0000-0x00000000056E0000-memory.dmp
        Filesize

        48.0MB

        Download
      • memory/560-11-0x0000000000350000-0x0000000000351000-memory.dmp
        Filesize

        4KB

        Download
      • memory/560-12-0x0000000000350000-0x0000000000351000-memory.dmp
        Filesize

        4KB

        Download
      • memory/2668-22-0x0000000002580000-0x0000000005580000-memory.dmp
        Filesize

        48.0MB

        Download
      • memory/2668-23-0x0000000002150000-0x0000000002151000-memory.dmp
        Filesize

        4KB

        Download
      • memory/2668-26-0x0000000002150000-0x0000000002151000-memory.dmp
        Filesize

        4KB

        Download
      • memory/2668-48-0x0000000002150000-0x0000000002151000-memory.dmp
        Filesize

        4KB

        Download
      • memory/2668-52-0x0000000002150000-0x0000000002151000-memory.dmp
        Filesize

        4KB

        Download