Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

1

MavenBuilder.jar

windows7-x64

1

MavenBuilder.jar

windows10-2004-x64

6

Analysis

  • max time kernel
    86s
  • max time network
    78s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24/08/2024, 10:07 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    MavenBuilder.jar

  • Size

    2.1MB

  • MD5

    376394c56d388e58e9f7829fc7f322e4

  • SHA1

    7b86c4ad2b608c8b9f96151de343c7a81f94a607

  • SHA256

    5d7976bf99be502e7be886efc49e856c18a1044f8f07f04e126a1ca6c4d859db

  • SHA512

    408f0c1df8ed54c957b017bff7ffb6be2ad85908558587bab2e368d09e30f157e88c465c98b5f41e6e3aaccfaf46dba0d09f5ceeec64d309bcde582cef1ac54e

  • SSDEEP

    24576:X75bTEtGYmz21748pVEpHiaSvITYU+D8fgOxh/lC44TXnUpOmIZUrm1vIGIZU1y4:X75VxKnoHiF5U/fL3wX7msUrm1v23yoA

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 4 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\MavenBuilder.jar
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1888
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=4128,i,13995403245988825027,7033610968827661507,262144 --variations-seed-version --mojo-platform-channel-handle=4104 /prefetch:8
    1⤵
      PID:3168

    Network

    • flag-us
      DNS
      8.8.8.8.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      8.8.8.8.in-addr.arpa
      IN PTR
      Response
      8.8.8.8.in-addr.arpa
      IN PTR
      dnsgoogle
    • flag-us
      DNS
      209.205.72.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      209.205.72.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      81.144.22.2.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      81.144.22.2.in-addr.arpa
      IN PTR
      Response
      81.144.22.2.in-addr.arpa
      IN PTR
      a2-22-144-81deploystaticakamaitechnologiescom
    • flag-us
      DNS
      14.160.190.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      14.160.190.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      95.221.229.192.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      95.221.229.192.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      43.58.199.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      43.58.199.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      26.165.165.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      26.165.165.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      206.23.85.13.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      206.23.85.13.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      172.214.232.199.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      172.214.232.199.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      48.229.111.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      48.229.111.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      73.144.22.2.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      73.144.22.2.in-addr.arpa
      IN PTR
      Response
      73.144.22.2.in-addr.arpa
      IN PTR
      a2-22-144-73deploystaticakamaitechnologiescom
    • flag-us
      DNS
      discord.com
      java.exe
      Remote address:
      8.8.8.8:53
      Request
      discord.com
      IN A
      Response
      discord.com
      IN A
      162.159.135.232
      discord.com
      IN A
      162.159.128.233
      discord.com
      IN A
      162.159.136.232
      discord.com
      IN A
      162.159.138.232
      discord.com
      IN A
      162.159.137.232
    • flag-us
      DNS
      232.135.159.162.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      232.135.159.162.in-addr.arpa
      IN PTR
      Response
    • 162.159.135.232:443
      discord.com
      tls
      java.exe
      1.1kB
       5.0kB
       9
      10
    • 162.159.135.232:443
      discord.com
      tls
      java.exe
      1.7kB
       2.1kB
       8
      6
    • 162.159.135.232:443
      discord.com
      tls
      java.exe
      1.3kB
       2.1kB
       7
      6
    • 8.8.8.8:53
      8.8.8.8.in-addr.arpa
      dns
      66 B
       90 B
       1
      1

      DNS Request

      8.8.8.8.in-addr.arpa

    • 8.8.8.8:53
      209.205.72.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      209.205.72.20.in-addr.arpa

    • 8.8.8.8:53
      81.144.22.2.in-addr.arpa
      dns
      70 B
       133 B
       1
      1

      DNS Request

      81.144.22.2.in-addr.arpa

    • 8.8.8.8:53
      14.160.190.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      14.160.190.20.in-addr.arpa

    • 8.8.8.8:53
      95.221.229.192.in-addr.arpa
      dns
      73 B
       144 B
       1
      1

      DNS Request

      95.221.229.192.in-addr.arpa

    • 8.8.8.8:53
      43.58.199.20.in-addr.arpa
      dns
      71 B
       157 B
       1
      1

      DNS Request

      43.58.199.20.in-addr.arpa

    • 8.8.8.8:53
      26.165.165.52.in-addr.arpa
      dns
      72 B
       146 B
       1
      1

      DNS Request

      26.165.165.52.in-addr.arpa

    • 8.8.8.8:53
      206.23.85.13.in-addr.arpa
      dns
      71 B
       145 B
       1
      1

      DNS Request

      206.23.85.13.in-addr.arpa

    • 8.8.8.8:53
      172.214.232.199.in-addr.arpa
      dns
      74 B
       128 B
       1
      1

      DNS Request

      172.214.232.199.in-addr.arpa

    • 8.8.8.8:53
      48.229.111.52.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      48.229.111.52.in-addr.arpa

    • 8.8.8.8:53
      73.144.22.2.in-addr.arpa
      dns
      70 B
       133 B
       1
      1

      DNS Request

      73.144.22.2.in-addr.arpa

    • 8.8.8.8:53
      discord.com
      dns
      java.exe
      57 B
       137 B
       1
      1

      DNS Request

      discord.com

      DNS Response

      162.159.135.232
      162.159.128.233
      162.159.136.232
      162.159.138.232
      162.159.137.232

    • 8.8.8.8:53
      232.135.159.162.in-addr.arpa
      dns
      74 B
       136 B
       1
      1

      DNS Request

      232.135.159.162.in-addr.arpa

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1888-2-0x00000262AEE40000-0x00000262AF0B0000-memory.dmp

      Filesize

      2.4MB

      Download

    • memory/1888-18-0x00000262AD650000-0x00000262AD651000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1888-34-0x00000262AF0B0000-0x00000262AF0C0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-36-0x00000262AF0C0000-0x00000262AF0D0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-35-0x00000262AD650000-0x00000262AD651000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1888-39-0x00000262AF0D0000-0x00000262AF0E0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-41-0x00000262AF0E0000-0x00000262AF0F0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-44-0x00000262AF0F0000-0x00000262AF100000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-46-0x00000262AD650000-0x00000262AD651000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1888-48-0x00000262AEE40000-0x00000262AF0B0000-memory.dmp

      Filesize

      2.4MB

      Download

    • memory/1888-50-0x00000262AF100000-0x00000262AF110000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-51-0x00000262AF0B0000-0x00000262AF0C0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-54-0x00000262AF0C0000-0x00000262AF0D0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-55-0x00000262AF110000-0x00000262AF120000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-56-0x00000262AF0D0000-0x00000262AF0E0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-59-0x00000262AF120000-0x00000262AF130000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-58-0x00000262AF0E0000-0x00000262AF0F0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-61-0x00000262AF130000-0x00000262AF140000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-64-0x00000262AF140000-0x00000262AF150000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-67-0x00000262AF150000-0x00000262AF160000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-66-0x00000262AF0F0000-0x00000262AF100000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-69-0x00000262AF160000-0x00000262AF170000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-71-0x00000262AF170000-0x00000262AF180000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-77-0x00000262AF190000-0x00000262AF1A0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-76-0x00000262AF180000-0x00000262AF190000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-75-0x00000262AF100000-0x00000262AF110000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-79-0x00000262AF110000-0x00000262AF120000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-82-0x00000262AF120000-0x00000262AF130000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-83-0x00000262AF1A0000-0x00000262AF1B0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-84-0x00000262AF130000-0x00000262AF140000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-85-0x00000262AF140000-0x00000262AF150000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-86-0x00000262AF150000-0x00000262AF160000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-87-0x00000262AF160000-0x00000262AF170000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-88-0x00000262AF170000-0x00000262AF180000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-89-0x00000262AF180000-0x00000262AF190000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-90-0x00000262AF190000-0x00000262AF1A0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-92-0x00000262AF1B0000-0x00000262AF1C0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-96-0x00000262AF1C0000-0x00000262AF1D0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-95-0x00000262AF1A0000-0x00000262AF1B0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-99-0x00000262AF1D0000-0x00000262AF1E0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-101-0x00000262AF1E0000-0x00000262AF1F0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-105-0x00000262AF200000-0x00000262AF210000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-104-0x00000262AF1F0000-0x00000262AF200000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-107-0x00000262AF210000-0x00000262AF220000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-109-0x00000262AF220000-0x00000262AF230000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-112-0x00000262AF230000-0x00000262AF240000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-114-0x00000262AF240000-0x00000262AF250000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-117-0x00000262AF250000-0x00000262AF260000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-116-0x00000262AF1B0000-0x00000262AF1C0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-119-0x00000262AF1C0000-0x00000262AF1D0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-121-0x00000262AF1D0000-0x00000262AF1E0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-122-0x00000262AF260000-0x00000262AF270000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-124-0x00000262AF1E0000-0x00000262AF1F0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-125-0x00000262AF200000-0x00000262AF210000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-127-0x00000262AF210000-0x00000262AF220000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-130-0x00000262AF270000-0x00000262AF280000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-129-0x00000262AF220000-0x00000262AF230000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-132-0x00000262AF230000-0x00000262AF240000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-133-0x00000262AF240000-0x00000262AF250000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-135-0x00000262AF250000-0x00000262AF260000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-138-0x00000262AF260000-0x00000262AF270000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-139-0x00000262AF280000-0x00000262AF290000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-142-0x00000262AF290000-0x00000262AF2A0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-146-0x00000262AF2A0000-0x00000262AF2B0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-145-0x00000262AF270000-0x00000262AF280000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-148-0x00000262AF280000-0x00000262AF290000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-149-0x00000262AD650000-0x00000262AD651000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1888-151-0x00000262AF290000-0x00000262AF2A0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-154-0x00000262AF2B0000-0x00000262AF2C0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-153-0x00000262AF2A0000-0x00000262AF2B0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-160-0x00000262AF2C0000-0x00000262AF2D0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-164-0x00000262AF2D0000-0x00000262AF2E0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-166-0x00000262AF2B0000-0x00000262AF2C0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-167-0x00000262AF2E0000-0x00000262AF2F0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-171-0x00000262AF2F0000-0x00000262AF300000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-173-0x00000262AF300000-0x00000262AF310000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-177-0x00000262AF2C0000-0x00000262AF2D0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-178-0x00000262AF310000-0x00000262AF320000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-180-0x00000262AF2D0000-0x00000262AF2E0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-182-0x00000262AF2E0000-0x00000262AF2F0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-184-0x00000262AF320000-0x00000262AF330000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-186-0x00000262AF2F0000-0x00000262AF300000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-188-0x00000262AF330000-0x00000262AF340000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-192-0x00000262AF300000-0x00000262AF310000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-194-0x00000262AF340000-0x00000262AF350000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-197-0x00000262AF350000-0x00000262AF360000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-199-0x00000262AF310000-0x00000262AF320000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-202-0x00000262AF360000-0x00000262AF370000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-206-0x00000262AF370000-0x00000262AF380000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-205-0x00000262AF320000-0x00000262AF330000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-208-0x00000262AF380000-0x00000262AF390000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-211-0x00000262AF390000-0x00000262AF3A0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-210-0x00000262AF330000-0x00000262AF340000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-213-0x00000262AF3A0000-0x00000262AF3B0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-215-0x00000262AF3B0000-0x00000262AF3C0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-217-0x00000262AF340000-0x00000262AF350000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-221-0x00000262AF3D0000-0x00000262AF3E0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-220-0x00000262AF350000-0x00000262AF360000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-219-0x00000262AF3C0000-0x00000262AF3D0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-223-0x00000262AF3E0000-0x00000262AF3F0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/1888-304-0x00000262AD650000-0x00000262AD651000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1888-317-0x00000262AD650000-0x00000262AD651000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1888-318-0x00000262AD650000-0x00000262AD651000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1888-323-0x00000262AD650000-0x00000262AD651000-memory.dmp

      Filesize

      4KB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.