Overview

overview

10

Static

static

10

Nurik 1.16...er.exe

windows7-x64

1

Nurik 1.16...er.exe

windows10-2004-x64

1

Nurik 1.16...36.ps1

windows7-x64

3

Nurik 1.16...36.ps1

windows10-2004-x64

3

Nurik 1.16...4e.ps1

windows7-x64

3

Nurik 1.16...4e.ps1

windows10-2004-x64

3

Nurik 1.16...28.jar

windows7-x64

1

Nurik 1.16...28.jar

windows10-2004-x64

7

Nurik 1.16...17.jar

windows7-x64

1

Nurik 1.16...17.jar

windows10-2004-x64

7

Nurik 1.16....0.jar

windows7-x64

1

Nurik 1.16....0.jar

windows10-2004-x64

7

Nurik 1.16...10.jar

windows7-x64

1

Nurik 1.16...10.jar

windows10-2004-x64

7

Nurik 1.16....1.jar

windows7-x64

1

Nurik 1.16....1.jar

windows10-2004-x64

7

Nurik 1.16....5.jar

windows7-x64

1

Nurik 1.16....5.jar

windows10-2004-x64

7

Nurik 1.16....5.jar

windows7-x64

1

Nurik 1.16....5.jar

windows10-2004-x64

7

Nurik 1.16....3.jar

windows7-x64

1

Nurik 1.16....3.jar

windows10-2004-x64

7

Nurik 1.16...26.jar

windows7-x64

1

Nurik 1.16...26.jar

windows10-2004-x64

7

Nurik 1.16...pc.jar

windows7-x64

1

Nurik 1.16...pc.jar

windows10-2004-x64

7

Nurik 1.16....9.jar

windows7-x64

1

Nurik 1.16....9.jar

windows10-2004-x64

7

Nurik 1.16....1.jar

windows7-x64

1

Nurik 1.16....1.jar

windows10-2004-x64

7

Nurik 1.16....0.jar

windows7-x64

1

Nurik 1.16....0.jar

windows10-2004-x64

7

Analysis

  • max time kernel
    135s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19-06-2024 16:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Nurik 1.16.5 crack/client/libraries/ca-fixer-1.0.jar

  • Size

    12KB

  • MD5

    d60563813a45da621d68efec7f960320

  • SHA1

    3f813ad3c719357fc9c6108101d26db0e44897bf

  • SHA256

    092e40e16ea9cdf4a4bc9bc44ba777a90003596301f26f53cb489a6bb04c390b

  • SHA512

    1d924fe749cf89a77dd6ab1af82a4fcb0ff022e64128b476a58d4f812f3429972cfc944bc06d570b081eea0143b45b9aa0f48c450b2121cd9b9407254e70b901

  • SSDEEP

    192:37Bf3IevearriOECkXZFVVCojMBsX2jOY4GvGrPlNRNISU9IMuVxNVx:39f3IevearzCZrJjz5Zn8SU9IMINx

Score
7/10
discovery

Malware Config

Signatures

  • Modifies file permissions 1 TTPs 1 IoCs
    discovery
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
    java -jar "C:\Users\Admin\AppData\Local\Temp\Nurik 1.16.5 crack\client\libraries\ca-fixer-1.0.jar"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2736
    • C:\Windows\system32\icacls.exe
      C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
      2⤵
      • Modifies file permissions
      PID:1540

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp
    Filesize

    46B

    MD5

    54c851eac79029dfb03656481de6c3ad

    SHA1

    fc023fc528fc67b5e2204ec9073e55a794db13fa

    SHA256

    0795491e535d439512b1260c140087fd42b3c3711378bb9cf535c261b4d90260

    SHA512

    aa44270edaac3c9ca761c10763bb6b55311f6c5578385c0e31becbe1b8cd005aab445623ff677eb24770f1782fe9d1ebb8b11516f27b3d771309bda517098a78

    Download Submit
  • memory/2736-2-0x0000020349C60000-0x0000020349ED0000-memory.dmp
    Filesize

    2.4MB

    Download
  • memory/2736-13-0x0000020348340000-0x0000020348341000-memory.dmp
    Filesize

    4KB

    Download
  • memory/2736-14-0x0000020349C60000-0x0000020349ED0000-memory.dmp
    Filesize

    2.4MB

    Download