Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

Qt6Core.dll

windows11-21h2-x64

8

Qt6Core5Compat.dll

windows11-21h2-x64

1

Qt6Gui.dll

windows11-21h2-x64

1

Qt6Network.dll

windows11-21h2-x64

1

Qt6Svg.dll

windows11-21h2-x64

1

Qt6Widgets.dll

windows11-21h2-x64

1

Qt6Xml.dll

windows11-21h2-x64

1

iconengine...on.dll

windows11-21h2-x64

1

imageformats/qgif.dll

windows11-21h2-x64

1

imageforma...ns.dll

windows11-21h2-x64

1

imageformats/qico.dll

windows11-21h2-x64

1

imageformats/qjp2.dll

windows11-21h2-x64

1

imageforma...eg.dll

windows11-21h2-x64

1

imageformats/qsvg.dll

windows11-21h2-x64

1

imageforma...mp.dll

windows11-21h2-x64

1

imageforma...bp.dll

windows11-21h2-x64

1

jars/JavaCheck.jar

windows11-21h2-x64

1

jars/NewLaunch.jar

windows11-21h2-x64

1

jars/NewLa...cy.jar

windows11-21h2-x64

1

libb2-1.dll

windows11-21h2-x64

1

libbrotlicommon.dll

windows11-21h2-x64

1

libbrotlidec.dll

windows11-21h2-x64

8

libbz2-1.dll

windows11-21h2-x64

1

libc++.dll

windows11-21h2-x64

1

libcmark.dll

windows11-21h2-x64

1

libdouble-...on.dll

windows11-21h2-x64

1

libfreetype-6.dll

windows11-21h2-x64

1

libglib-2.0-0.dll

windows11-21h2-x64

1

libgraphite2.dll

windows11-21h2-x64

1

libharfbuzz-0.dll

windows11-21h2-x64

1

libiconv-2.dll

windows11-21h2-x64

1

libicudt75.dll

windows11-21h2-x64

1

Analysis

  • max time kernel
    1466s
  • max time network
    1491s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240802-en
  • resource tags

    arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    06/08/2024, 15:03 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    jars/NewLaunch.jar

  • Size

    13KB

  • MD5

    4f847b63c68f68b602f224a6d6aba95b

  • SHA1

    06acaf7356d42d4285b4198033e84a95045e0f8d

  • SHA256

    047f563b6e6bbb5781c58e73b32e35b036328ddba2c3b25c7e215a4be8048082

  • SHA512

    d37053819f783cb5ce8a3d8cde88f7a98940d0d7061286c82f03fe7f2e3a4c39d9cff00f1261254620237880aeb4677b480397d7231dfedf67766fb582f2f648

  • SSDEEP

    192:1trD8FoDNpAjTrohKqlErnlTSbcjX1XReXyAjj8u8BeGnhAVf2i:jrD8iJpAvrvFDlBeGZi

Score
1/10

Malware Config

Signatures

Processes

  • C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\jars\NewLaunch.jar
    1⤵
      PID:3776

    Network

    • flag-us
      DNS
      19.229.111.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      19.229.111.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      19.229.111.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      19.229.111.52.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      79.190.18.2.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      79.190.18.2.in-addr.arpa
      IN PTR
      Response
      79.190.18.2.in-addr.arpa
      IN PTR
      a2-18-190-79deploystaticakamaitechnologiescom
    • flag-us
      DNS
      ctldl.windowsupdate.com
      Remote address:
      8.8.8.8:53
      Request
      ctldl.windowsupdate.com
      IN A
      Response
      ctldl.windowsupdate.com
      IN CNAME
      ctldl.windowsupdate.com.delivery.microsoft.com
      ctldl.windowsupdate.com.delivery.microsoft.com
      IN CNAME
      wu-b-net.trafficmanager.net
      wu-b-net.trafficmanager.net
      IN CNAME
      download.windowsupdate.com.edgesuite.net
      download.windowsupdate.com.edgesuite.net
      IN CNAME
      a767.dspw65.akamai.net
      a767.dspw65.akamai.net
      IN A
      2.18.190.79
      a767.dspw65.akamai.net
      IN A
      2.18.190.77
    • flag-us
      DNS
      login.live.com
      Remote address:
      8.8.8.8:53
      Request
      login.live.com
      IN A
      Response
      login.live.com
      IN CNAME
      login.msa.msidentity.com
      login.msa.msidentity.com
      IN CNAME
      www.tm.lg.prod.aadmsa.trafficmanager.net
      www.tm.lg.prod.aadmsa.trafficmanager.net
      IN CNAME
      prdv4a.aadg.msidentity.com
      prdv4a.aadg.msidentity.com
      IN CNAME
      www.tm.v4.a.prd.aadg.trafficmanager.net
      www.tm.v4.a.prd.aadg.trafficmanager.net
      IN A
      40.126.32.140
      www.tm.v4.a.prd.aadg.trafficmanager.net
      IN A
      40.126.32.138
      www.tm.v4.a.prd.aadg.trafficmanager.net
      IN A
      20.190.160.14
      www.tm.v4.a.prd.aadg.trafficmanager.net
      IN A
      40.126.32.133
      www.tm.v4.a.prd.aadg.trafficmanager.net
      IN A
      20.190.160.17
      www.tm.v4.a.prd.aadg.trafficmanager.net
      IN A
      40.126.32.134
      www.tm.v4.a.prd.aadg.trafficmanager.net
      IN A
      40.126.32.136
      www.tm.v4.a.prd.aadg.trafficmanager.net
      IN A
      40.126.32.72
    • flag-us
      DNS
      arc.msn.com
      Remote address:
      8.8.8.8:53
      Request
      arc.msn.com
      IN A
      Response
      arc.msn.com
      IN CNAME
      arc.trafficmanager.net
      arc.trafficmanager.net
      IN CNAME
      iris-de-prod-azsc-v2-frc.francecentral.cloudapp.azure.com
      iris-de-prod-azsc-v2-frc.francecentral.cloudapp.azure.com
      IN A
      20.199.58.43
    • flag-us
      DNS
      ocsp.digicert.com
      Remote address:
      8.8.8.8:53
      Request
      ocsp.digicert.com
      IN A
      Response
      ocsp.digicert.com
      IN CNAME
      ocsp.edge.digicert.com
      ocsp.edge.digicert.com
      IN CNAME
      fp2e7a.wpc.2be4.phicdn.net
      fp2e7a.wpc.2be4.phicdn.net
      IN CNAME
      fp2e7a.wpc.phicdn.net
      fp2e7a.wpc.phicdn.net
      IN A
      192.229.221.95
    • flag-us
      DNS
      140.32.126.40.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      140.32.126.40.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      43.58.199.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      43.58.199.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      arc.msn.com
      Remote address:
      8.8.8.8:53
      Request
      arc.msn.com
      IN A
      Response
      arc.msn.com
      IN CNAME
      arc.trafficmanager.net
      arc.trafficmanager.net
      IN CNAME
      iris-de-prod-azsc-v2-frc.francecentral.cloudapp.azure.com
      iris-de-prod-azsc-v2-frc.francecentral.cloudapp.azure.com
      IN A
      20.199.58.43
    • flag-us
      DNS
      ris.api.iris.microsoft.com
      Remote address:
      8.8.8.8:53
      Request
      ris.api.iris.microsoft.com
      IN A
      Response
      ris.api.iris.microsoft.com
      IN CNAME
      ris-prod.trafficmanager.net
      ris-prod.trafficmanager.net
      IN CNAME
      asf-ris-prod-neu-azsc.northeurope.cloudapp.azure.com
      asf-ris-prod-neu-azsc.northeurope.cloudapp.azure.com
      IN A
      20.234.120.54
    • flag-us
      DNS
      54.120.234.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      54.120.234.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      arc.msn.com
      Remote address:
      8.8.8.8:53
      Request
      arc.msn.com
      IN A
      Response
      arc.msn.com
      IN CNAME
      arc.trafficmanager.net
      arc.trafficmanager.net
      IN CNAME
      iris-de-prod-azsc-v2-neu.northeurope.cloudapp.azure.com
      iris-de-prod-azsc-v2-neu.northeurope.cloudapp.azure.com
      IN A
      20.223.35.26
    • flag-us
      DNS
      26.35.223.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      26.35.223.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      tse1.mm.bing.net
      Remote address:
      8.8.8.8:53
      Request
      tse1.mm.bing.net
      IN A
      Response
      tse1.mm.bing.net
      IN CNAME
      mm-mm.bing.net.trafficmanager.net
      mm-mm.bing.net.trafficmanager.net
      IN CNAME
      ax-0001.ax-msedge.net
      ax-0001.ax-msedge.net
      IN A
      150.171.27.10
      ax-0001.ax-msedge.net
      IN A
      150.171.28.10
    • flag-us
      DNS
      10.27.171.150.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      10.27.171.150.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      ctldl.windowsupdate.com
      Remote address:
      8.8.8.8:53
      Request
      ctldl.windowsupdate.com
      IN A
      Response
      ctldl.windowsupdate.com
      IN CNAME
      ctldl.windowsupdate.com.delivery.microsoft.com
      ctldl.windowsupdate.com.delivery.microsoft.com
      IN CNAME
      wu-b-net.trafficmanager.net
      wu-b-net.trafficmanager.net
      IN CNAME
      download.windowsupdate.com.edgesuite.net
      download.windowsupdate.com.edgesuite.net
      IN CNAME
      a767.dspw65.akamai.net
      a767.dspw65.akamai.net
      IN A
      2.18.190.79
      a767.dspw65.akamai.net
      IN A
      2.18.190.77
    • flag-us
      DNS
      ris.api.iris.microsoft.com
      Remote address:
      8.8.8.8:53
      Request
      ris.api.iris.microsoft.com
      IN A
      Response
      ris.api.iris.microsoft.com
      IN CNAME
      ris-prod.trafficmanager.net
      ris-prod.trafficmanager.net
      IN CNAME
      asf-ris-prod-neu-azsc.northeurope.cloudapp.azure.com
      asf-ris-prod-neu-azsc.northeurope.cloudapp.azure.com
      IN A
      20.234.120.54
    • 150.171.27.10:443
      tse1.mm.bing.net
      tls
      1.6kB
       7.2kB
       17
      15
    • 150.171.27.10:443
      tse1.mm.bing.net
      tls
      1.6kB
       7.2kB
       17
      15
    • 150.171.27.10:443
      tse1.mm.bing.net
      tls
      98.2kB
       2.8MB
       2053
      2047
    • 150.171.27.10:443
      tse1.mm.bing.net
      tls
      1.6kB
       7.2kB
       17
      15
    • 150.171.27.10:443
      tse1.mm.bing.net
      tls
      1.6kB
       7.2kB
       17
      15
    • 8.8.8.8:53
      19.229.111.52.in-addr.arpa
      dns
      144 B
       158 B
       2
      1

      DNS Request

      19.229.111.52.in-addr.arpa

      DNS Request

      19.229.111.52.in-addr.arpa

    • 8.8.8.8:53
      79.190.18.2.in-addr.arpa
      dns
      791 B
       2.3kB
       12
      12

      DNS Request

      79.190.18.2.in-addr.arpa

      DNS Request

      ctldl.windowsupdate.com

      DNS Response

      2.18.190.79
      2.18.190.77

      DNS Request

      login.live.com

      DNS Response

      40.126.32.140
      40.126.32.138
      20.190.160.14
      40.126.32.133
      20.190.160.17
      40.126.32.134
      40.126.32.136
      40.126.32.72

      DNS Request

      arc.msn.com

      DNS Response

      20.199.58.43

      DNS Request

      ocsp.digicert.com

      DNS Response

      192.229.221.95

      DNS Request

      140.32.126.40.in-addr.arpa

      DNS Request

      43.58.199.20.in-addr.arpa

      DNS Request

      arc.msn.com

      DNS Response

      20.199.58.43

      DNS Request

      ris.api.iris.microsoft.com

      DNS Response

      20.234.120.54

      DNS Request

      54.120.234.20.in-addr.arpa

      DNS Request

      arc.msn.com

      DNS Response

      20.223.35.26

      DNS Request

      26.35.223.20.in-addr.arpa

    • 8.8.8.8:53
      tse1.mm.bing.net
      dns
      275 B
       803 B
       4
      4

      DNS Request

      tse1.mm.bing.net

      DNS Response

      150.171.27.10
      150.171.28.10

      DNS Request

      10.27.171.150.in-addr.arpa

      DNS Request

      ctldl.windowsupdate.com

      DNS Response

      2.18.190.79
      2.18.190.77

      DNS Request

      ris.api.iris.microsoft.com

      DNS Response

      20.234.120.54

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3776-2-0x0000022800000000-0x0000022800270000-memory.dmp

      Filesize

      2.4MB

      Download

    • memory/3776-11-0x00000228715C0000-0x00000228715C1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3776-13-0x0000022800000000-0x0000022800270000-memory.dmp

      Filesize

      2.4MB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.