Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

svhi1wt5.jar

windows7-x64

7

svhi1wt5.jar

windows10-2004-x64

7

Analysis

  • max time kernel
    1799s
  • max time network
    1560s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    13/05/2024, 18:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    svhi1wt5.jar

  • Size

    2.3MB

  • MD5

    c3233eb0f0216752a546ae6ca551ff37

  • SHA1

    66cffb233e75078558750b2b5717b448fc2a9e29

  • SHA256

    000cb4373ce83f5e828b4ed209ae85ef97a819f0d6724e27a930be7c0f589107

  • SHA512

    be4f13994490e38d031d2d1d7675e7e87e77778f619b7f77c5e7c04e1cfd566aa074ec0488cc68c5625b4492ae60ddf6e31667783a07e80d15ee2e6b221e1c6f

  • SSDEEP

    49152:vEDD8ICikBd0+gU2qw+mSUTgy+PI1FLVTxBE7a9S:vk85BYH+7Uky9FYES

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Windows\system32\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\svhi1wt5.jar
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:2800

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\212b11ee-4eb3d461.dll
    Filesize

    5KB

    MD5

    732880711c61a96f90ce86da9b6c6b02

    SHA1

    5a1506124a768c6e61c7fe2629374432f2aa4327

    SHA256

    3fac7db73b105c20465e965f0a68682166f341dfe624f7c630755e8846b8d992

    SHA512

    e6eea645106f21d90e867f2086656ab91905e4c301bca075304cc35feff9f1e5635966f5652329ebe08f880f550d2e2e0c8079beb48c96deb9438a89d1ec3954

    Download Submit

  • memory/2800-34-0x00000000025C0000-0x0000000002622000-memory.dmp

    Filesize

    392KB

    Download

  • memory/2800-13-0x00000000001E0000-0x00000000001EA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2800-21-0x0000000000180000-0x0000000000181000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2800-25-0x0000000000180000-0x0000000000181000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2800-35-0x00000000025C0000-0x0000000002622000-memory.dmp

    Filesize

    392KB

    Download

  • memory/2800-2-0x0000000002C20000-0x0000000002E90000-memory.dmp

    Filesize

    2.4MB

    Download

  • memory/2800-14-0x00000000001E0000-0x00000000001EA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2800-37-0x00000000025C0000-0x0000000002622000-memory.dmp

    Filesize

    392KB

    Download

  • memory/2800-41-0x0000000000180000-0x0000000000181000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2800-43-0x0000000002C20000-0x0000000002E90000-memory.dmp

    Filesize

    2.4MB

    Download

  • memory/2800-45-0x00000000001E0000-0x00000000001EA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2800-44-0x00000000001E0000-0x00000000001EA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2800-46-0x0000000000180000-0x0000000000181000-memory.dmp

    Filesize

    4KB

    Download