Overview

overview

7

Static

static

3

assets/obj...36.ps1

windows11-21h2-x64

6

assets/obj...3b.png

windows11-21h2-x64

3

assets/obj...4e.ps1

windows11-21h2-x64

6

bin/EaglerGradle

windows11-21h2-x64

1

bin/EaglerGradle.bat

windows11-21h2-x64

1

lib/Eagler....0.jar

windows11-21h2-x64

1

lib/authli...25.jar

windows11-21h2-x64

1

lib/codecj...23.jar

windows11-21h2-x64

1

lib/codecw...23.jar

windows11-21h2-x64

1

lib/common...10.jar

windows11-21h2-x64

1

lib/common....1.jar

windows11-21h2-x64

1

lib/common....5.jar

windows11-21h2-x64

1

lib/common....5.jar

windows11-21h2-x64

1

lib/common....3.jar

windows11-21h2-x64

1

lib/fastut....0.jar

windows11-21h2-x64

1

lib/gson-2.8.0.jar

windows11-21h2-x64

1

lib/guava-21.0.jar

windows11-21h2-x64

1

lib/httpcl....3.jar

windows11-21h2-x64

1

lib/httpco....2.jar

windows11-21h2-x64

1

lib/icu4j-....2.jar

windows11-21h2-x64

1

lib/jinput-2.0.5.jar

windows11-21h2-x64

1

lib/jna-4.4.0.jar

windows11-21h2-x64

7

lib/jopt-s....3.jar

windows11-21h2-x64

1

lib/jsr305-3.0.1.jar

windows11-21h2-x64

1

lib/jutils-1.0.0.jar

windows11-21h2-x64

1

lib/librar...23.jar

windows11-21h2-x64

1

lib/librar...24.jar

windows11-21h2-x64

1

lib/log4j-....1.jar

windows11-21h2-x64

1

lib/log4j-....1.jar

windows11-21h2-x64

1

lib/lwjgl-...09.jar

windows11-21h2-x64

1

lib/lwjgl_...09.jar

windows11-21h2-x64

1

lib/netty-...al.jar

windows11-21h2-x64

1

Analysis

  • max time kernel
    14s
  • max time network
    144s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240802-en
  • resource tags

    arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    25/08/2024, 01:16

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    bin/EaglerGradle.bat

  • Size

    3KB

  • MD5

    262461c4fa0b8d38780c9eeae49d890c

  • SHA1

    f7334c0663ef8bdf3abd819f17e642c6e78f05d8

  • SHA256

    6b0e35d3203daceb09addce99ddd295044d9526bc40e617627758d43f2f59f86

  • SHA512

    ddcc57e5333c3e606ccfb6c0fe68629936c9d1854edd11054a9f1450852d84139441c42e70140223a6e21c9a77f112079f60efd49304104c8e0ce1d1c618798b

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\bin\EaglerGradle.bat"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2464
    • C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
      java.exe -version
      2⤵
        PID:3640
      • C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
        "java.exe" "-Djava.library.path=versions/1.12/1.12-natives" -classpath "C:\Users\Admin\AppData\Local\Temp\lib\EaglerGradle-1.0.0.jar;C:\Users\Admin\AppData\Local\Temp\lib\patchy-1.1.jar;C:\Users\Admin\AppData\Local\Temp\lib\oshi-core-1.1.jar;C:\Users\Admin\AppData\Local\Temp\lib\jna-4.4.0.jar;C:\Users\Admin\AppData\Local\Temp\lib\platform-3.4.0.jar;C:\Users\Admin\AppData\Local\Temp\lib\icu4j-core-mojang-51.2.jar;C:\Users\Admin\AppData\Local\Temp\lib\jopt-simple-5.0.3.jar;C:\Users\Admin\AppData\Local\Temp\lib\codecjorbis-20101023.jar;C:\Users\Admin\AppData\Local\Temp\lib\codecwav-20101023.jar;C:\Users\Admin\AppData\Local\Temp\lib\libraryjavasound-20101123.jar;C:\Users\Admin\AppData\Local\Temp\lib\librarylwjglopenal-20100824.jar;C:\Users\Admin\AppData\Local\Temp\lib\soundsystem-20120107.jar;C:\Users\Admin\AppData\Local\Temp\lib\netty-all-4.1.9.Final.jar;C:\Users\Admin\AppData\Local\Temp\lib\guava-21.0.jar;C:\Users\Admin\AppData\Local\Temp\lib\commons-lang3-3.5.jar;C:\Users\Admin\AppData\Local\Temp\lib\commons-io-2.5.jar;C:\Users\Admin\AppData\Local\Temp\lib\commons-codec-1.10.jar;C:\Users\Admin\AppData\Local\Temp\lib\jinput-2.0.5.jar;C:\Users\Admin\AppData\Local\Temp\lib\jutils-1.0.0.jar;C:\Users\Admin\AppData\Local\Temp\lib\gson-2.8.0.jar;C:\Users\Admin\AppData\Local\Temp\lib\authlib-1.5.25.jar;C:\Users\Admin\AppData\Local\Temp\lib\commons-compress-1.8.1.jar;C:\Users\Admin\AppData\Local\Temp\lib\httpclient-4.3.3.jar;C:\Users\Admin\AppData\Local\Temp\lib\commons-logging-1.1.3.jar;C:\Users\Admin\AppData\Local\Temp\lib\httpcore-4.3.2.jar;C:\Users\Admin\AppData\Local\Temp\lib\fastutil-7.1.0.jar;C:\Users\Admin\AppData\Local\Temp\lib\log4j-api-2.8.1.jar;C:\Users\Admin\AppData\Local\Temp\lib\log4j-core-2.8.1.jar;C:\Users\Admin\AppData\Local\Temp\lib\lwjgl-2.9.4-nightly-20150209.jar;C:\Users\Admin\AppData\Local\Temp\lib\lwjgl_util-2.9.4-nightly-20150209.jar;C:\Users\Admin\AppData\Local\Temp\lib\jsr305-3.0.1.jar;C:\Users\Admin\AppData\Local\Temp\lib\vecmath-1.5.2.jar;C:\Users\Admin\AppData\Local\Temp\lib\1.12.jar" Start
        2⤵
          PID:2572

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp
        Filesize

        46B

        MD5

        3d15f4e4bd79d4e816da94ed40893407

        SHA1

        38e333724ed0ace90924c99103cf4c4dacbe1a08

        SHA256

        cabe30e41f7303234b0fc97023286ed5c4ff66e4b6ea0195c7296aaebcc164cc

        SHA512

        cefee369306a4ffadac189fd705580f97825afdd05ac0e93c9b13cead58c88d389cfcb6d7d308c22e98556959e7ebdba272a7856aa097b631778f5497141fb82

        Download Submit

      • memory/2572-16-0x0000019F24B00000-0x0000019F24D70000-memory.dmp

        Filesize

        2.4MB

        Download

      • memory/2572-27-0x0000019F23210000-0x0000019F23211000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2572-28-0x0000019F24B00000-0x0000019F24D70000-memory.dmp

        Filesize

        2.4MB

        Download

      • memory/3640-2-0x0000021CD48A0000-0x0000021CD4B10000-memory.dmp

        Filesize

        2.4MB

        Download

      • memory/3640-12-0x0000021CD2FA0000-0x0000021CD2FA1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3640-13-0x0000021CD48A0000-0x0000021CD4B10000-memory.dmp

        Filesize

        2.4MB

        Download