Overview
overview
8Static
static
1Burpy-main.zip
windows7-x64
1Burpy-main.zip
windows10-2004-x64
1Burpy-main...en.jar
windows7-x64
1Burpy-main...en.jar
windows10-2004-x64
7Burpy-main...tup.sh
ubuntu-18.04-amd64
3Burpy-main...tup.sh
debian-9-armhf
4Burpy-main...tup.sh
debian-9-mips
7Burpy-main...tup.sh
debian-9-mipsel
7Burpy-main...up.ps1
windows7-x64
3Burpy-main...up.ps1
windows10-2004-x64
8Burpy-main...pro.sh
ubuntu-18.04-amd64
1Burpy-main...pro.sh
debian-9-armhf
1Burpy-main...pro.sh
debian-9-mips
1Burpy-main...pro.sh
debian-9-mipsel
1Burpy-main/keygen.jar
windows7-x64
1Burpy-main/keygen.jar
windows10-2004-x64
7Burpy-main/loader.jar
windows7-x64
1Burpy-main/loader.jar
windows10-2004-x64
7Analysis
-
max time kernel
146s -
max time network
125s -
platform
windows10-2004_x64 -
resource
win10v2004-20240611-en -
resource tags
arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system -
submitted
29-06-2024 17:13
Static task
static1
Behavioral task
behavioral1
Sample
Burpy-main.zip
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
Burpy-main.zip
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
Burpy-main/BurpLoaderKeygen.jar
Resource
win7-20240611-en
Behavioral task
behavioral4
Sample
Burpy-main/BurpLoaderKeygen.jar
Resource
win10v2004-20240611-en
Behavioral task
behavioral5
Sample
Burpy-main/Linux_setup.sh
Resource
ubuntu1804-amd64-20240611-en
Behavioral task
behavioral6
Sample
Burpy-main/Linux_setup.sh
Resource
debian9-armhf-20240611-en
Behavioral task
behavioral7
Sample
Burpy-main/Linux_setup.sh
Resource
debian9-mipsbe-20240418-en
Behavioral task
behavioral8
Sample
Burpy-main/Linux_setup.sh
Resource
debian9-mipsel-20240418-en
Behavioral task
behavioral9
Sample
Burpy-main/Windows_setup.ps1
Resource
win7-20240221-en
Behavioral task
behavioral10
Sample
Burpy-main/Windows_setup.ps1
Resource
win10v2004-20240508-en
Behavioral task
behavioral11
Sample
Burpy-main/burpsuite_pro.sh
Resource
ubuntu1804-amd64-20240611-en
Behavioral task
behavioral12
Sample
Burpy-main/burpsuite_pro.sh
Resource
debian9-armhf-20240611-en
Behavioral task
behavioral13
Sample
Burpy-main/burpsuite_pro.sh
Resource
debian9-mipsbe-20240418-en
Behavioral task
behavioral14
Sample
Burpy-main/burpsuite_pro.sh
Resource
debian9-mipsel-20240418-en
Behavioral task
behavioral15
Sample
Burpy-main/keygen.jar
Resource
win7-20240611-en
Behavioral task
behavioral16
Sample
Burpy-main/keygen.jar
Resource
win10v2004-20240611-en
Behavioral task
behavioral17
Sample
Burpy-main/loader.jar
Resource
win7-20240508-en
Behavioral task
behavioral18
Sample
Burpy-main/loader.jar
Resource
win10v2004-20240508-en
General
-
Target
Burpy-main/BurpLoaderKeygen.jar
-
Size
29KB
-
MD5
56a0eef3a96bf373db1298bc6cb63158
-
SHA1
f9fb9175a901f4fede20b9d61eb4fadafdd1feea
-
SHA256
1e288c686963eafc34411d4f94265eb1809492ab57a474848669eb3285a2afb3
-
SHA512
d6165e567c80cd04c2506f285d48fb3e2dd6d46e4eda3b9bf76c2ea585ac446807ccabc02c4f8a6bede36a8ac1d1737eab3840cfdc703123daeccd526593f492
-
SSDEEP
768:ccLie6lYEKyYSfk8tyPAR8NVgJMvtWHw1QgHpA:NLie6lYEKyYSfkwNY+MvtuWQgG
Malware Config
Signatures
-
Modifies file permissions 1 TTPs 1 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
Processes:
java.exepid process 4732 java.exe 4732 java.exe -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
java.exedescription pid process target process PID 4732 wrote to memory of 4512 4732 java.exe icacls.exe PID 4732 wrote to memory of 4512 4732 java.exe icacls.exe PID 4732 wrote to memory of 4940 4732 java.exe java.exe PID 4732 wrote to memory of 4940 4732 java.exe java.exe
Processes
-
C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exejava -jar C:\Users\Admin\AppData\Local\Temp\Burpy-main\BurpLoaderKeygen.jar1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:4732 -
C:\Windows\system32\icacls.exeC:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M2⤵
- Modifies file permissions
PID:4512 -
C:\Program Files\Java\jre-1.8\bin\java.exe"C:\Program Files\Java\jre-1.8\bin\java.exe" -version2⤵PID:4940
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestampFilesize
46B
MD5b4f96f771615811283df249bda94ddaf
SHA11c5eb50c1b78631029ffb6970db829e5f42b0bff
SHA2561e3b6bf069ac99ded6cc22abc5e0c3c32775be8d57dddc13e7889b83b34e8935
SHA512a75955603c90cfcefdf8111e966da0c1c77ec4fb2694800a84ba6a80a512debc66ebf2365413a55bdc78b26ba95762eac9562457db2d389303e1c22361b24584
-
memory/4732-108-0x000001931B6D0000-0x000001931B6E0000-memory.dmpFilesize
64KB
-
memory/4732-132-0x000001931B6B0000-0x000001931B6C0000-memory.dmpFilesize
64KB
-
memory/4732-79-0x000001931B5C0000-0x000001931B5D0000-memory.dmpFilesize
64KB
-
memory/4732-19-0x000001931B560000-0x000001931B570000-memory.dmpFilesize
64KB
-
memory/4732-87-0x000001931B670000-0x000001931B680000-memory.dmpFilesize
64KB
-
memory/4732-22-0x000001931B570000-0x000001931B580000-memory.dmpFilesize
64KB
-
memory/4732-26-0x000001931B590000-0x000001931B5A0000-memory.dmpFilesize
64KB
-
memory/4732-27-0x000001931B5A0000-0x000001931B5B0000-memory.dmpFilesize
64KB
-
memory/4732-29-0x000001931B5B0000-0x000001931B5C0000-memory.dmpFilesize
64KB
-
memory/4732-31-0x000001931B5C0000-0x000001931B5D0000-memory.dmpFilesize
64KB
-
memory/4732-34-0x000001931B5D0000-0x000001931B5E0000-memory.dmpFilesize
64KB
-
memory/4732-37-0x000001931B5E0000-0x000001931B5F0000-memory.dmpFilesize
64KB
-
memory/4732-136-0x000001931B6F0000-0x000001931B700000-memory.dmpFilesize
64KB
-
memory/4732-135-0x000001931B6E0000-0x000001931B6F0000-memory.dmpFilesize
64KB
-
memory/4732-134-0x000001931B6D0000-0x000001931B6E0000-memory.dmpFilesize
64KB
-
memory/4732-58-0x000001931B5F0000-0x000001931B600000-memory.dmpFilesize
64KB
-
memory/4732-57-0x000001931B2E0000-0x000001931B550000-memory.dmpFilesize
2.4MB
-
memory/4732-61-0x000001931B550000-0x000001931B560000-memory.dmpFilesize
64KB
-
memory/4732-62-0x000001931B600000-0x000001931B610000-memory.dmpFilesize
64KB
-
memory/4732-65-0x000001931B610000-0x000001931B620000-memory.dmpFilesize
64KB
-
memory/4732-64-0x000001931B560000-0x000001931B570000-memory.dmpFilesize
64KB
-
memory/4732-69-0x000001931B620000-0x000001931B630000-memory.dmpFilesize
64KB
-
memory/4732-67-0x000001931B570000-0x000001931B580000-memory.dmpFilesize
64KB
-
memory/4732-68-0x000001931B580000-0x000001931B590000-memory.dmpFilesize
64KB
-
memory/4732-71-0x000001931B590000-0x000001931B5A0000-memory.dmpFilesize
64KB
-
memory/4732-73-0x000001931B630000-0x000001931B640000-memory.dmpFilesize
64KB
-
memory/4732-72-0x000001931B5A0000-0x000001931B5B0000-memory.dmpFilesize
64KB
-
memory/4732-75-0x000001931B5B0000-0x000001931B5C0000-memory.dmpFilesize
64KB
-
memory/4732-76-0x000001931B640000-0x000001931B650000-memory.dmpFilesize
64KB
-
memory/4732-80-0x000001931B650000-0x000001931B660000-memory.dmpFilesize
64KB
-
memory/4732-17-0x000001931B550000-0x000001931B560000-memory.dmpFilesize
64KB
-
memory/4732-15-0x000001931B2C0000-0x000001931B2C1000-memory.dmpFilesize
4KB
-
memory/4732-23-0x000001931B580000-0x000001931B590000-memory.dmpFilesize
64KB
-
memory/4732-86-0x000001931B660000-0x000001931B670000-memory.dmpFilesize
64KB
-
memory/4732-84-0x000001931B2C0000-0x000001931B2C1000-memory.dmpFilesize
4KB
-
memory/4732-91-0x000001931B680000-0x000001931B690000-memory.dmpFilesize
64KB
-
memory/4732-90-0x000001931B5E0000-0x000001931B5F0000-memory.dmpFilesize
64KB
-
memory/4732-94-0x000001931B690000-0x000001931B6A0000-memory.dmpFilesize
64KB
-
memory/4732-98-0x000001931B5F0000-0x000001931B600000-memory.dmpFilesize
64KB
-
memory/4732-99-0x000001931B6A0000-0x000001931B6B0000-memory.dmpFilesize
64KB
-
memory/4732-102-0x000001931B600000-0x000001931B610000-memory.dmpFilesize
64KB
-
memory/4732-103-0x000001931B6B0000-0x000001931B6C0000-memory.dmpFilesize
64KB
-
memory/4732-104-0x000001931B610000-0x000001931B620000-memory.dmpFilesize
64KB
-
memory/4732-105-0x000001931B6C0000-0x000001931B6D0000-memory.dmpFilesize
64KB
-
memory/4732-2-0x000001931B2E0000-0x000001931B550000-memory.dmpFilesize
2.4MB
-
memory/4732-107-0x000001931B620000-0x000001931B630000-memory.dmpFilesize
64KB
-
memory/4732-113-0x000001931B2C0000-0x000001931B2C1000-memory.dmpFilesize
4KB
-
memory/4732-114-0x000001931B630000-0x000001931B640000-memory.dmpFilesize
64KB
-
memory/4732-115-0x000001931B6E0000-0x000001931B6F0000-memory.dmpFilesize
64KB
-
memory/4732-121-0x000001931B640000-0x000001931B650000-memory.dmpFilesize
64KB
-
memory/4732-122-0x000001931B650000-0x000001931B660000-memory.dmpFilesize
64KB
-
memory/4732-124-0x000001931B660000-0x000001931B670000-memory.dmpFilesize
64KB
-
memory/4732-125-0x000001931B670000-0x000001931B680000-memory.dmpFilesize
64KB
-
memory/4732-126-0x000001931B680000-0x000001931B690000-memory.dmpFilesize
64KB
-
memory/4732-127-0x000001931B6F0000-0x000001931B700000-memory.dmpFilesize
64KB
-
memory/4732-128-0x000001931B690000-0x000001931B6A0000-memory.dmpFilesize
64KB
-
memory/4732-131-0x000001931B6A0000-0x000001931B6B0000-memory.dmpFilesize
64KB
-
memory/4732-85-0x000001931B5D0000-0x000001931B5E0000-memory.dmpFilesize
64KB
-
memory/4732-133-0x000001931B6C0000-0x000001931B6D0000-memory.dmpFilesize
64KB
-
memory/4940-56-0x000001CC01D70000-0x000001CC01FE0000-memory.dmpFilesize
2.4MB
-
memory/4940-52-0x000001CC00480000-0x000001CC00481000-memory.dmpFilesize
4KB
-
memory/4940-42-0x000001CC01D70000-0x000001CC01FE0000-memory.dmpFilesize
2.4MB