Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

6

asset_pack.jar

windows10-1703-x64

7

com.vector...ay.apk

windows10-1703-x64

3

config.arm64_v8a.jar

windows10-1703-x64

7

config.bn.jar

windows10-1703-x64

7

config.en.jar

windows10-1703-x64

7

config.gu.jar

windows10-1703-x64

7

config.hi.jar

windows10-1703-x64

7

config.kn.jar

windows10-1703-x64

7

config.mdpi.jar

windows10-1703-x64

7

config.mr.jar

windows10-1703-x64

7

config.ta.jar

windows10-1703-x64

7

config.te.jar

windows10-1703-x64

7

BlueStacks..._0.exe

windows10-1703-x64

4

BlueStacks..._0.exe

windows10-1703-x64

4

Analysis

  • max time kernel
    117s
  • max time network
    139s
  • platform
    windows10-1703_x64
  • resource
    win10-20240611-en
  • resource tags

    arch:x64arch:x86image:win10-20240611-enlocale:en-usos:windows10-1703-x64system
  • submitted
    08/09/2024, 14:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    asset_pack.jar

  • Size

    36.1MB

  • MD5

    644c43ea68494e0c3f8f27372c7a3164

  • SHA1

    463b18cd41a49afcb81c8a4396e32e37762947e5

  • SHA256

    b105798ba9aff5b994f1278cbd2a852f1fe26ce47b048ea99fc6bca48845962e

  • SHA512

    360e3510d0d8b8f2d9a7d1d829dff0a0ced690a2891275916ead8070e4226e6948629e58ed1b19f6b71594b7a4dddd7b78ff46168b8f27930ee5f27ec489a629

  • SSDEEP

    786432:Nbw8IZGDDntpfVggWj8oxolqtExvy18vZ2E5js53g5HjnZbRMlQIObyz:hegrtXMdxcyE5W3CZVIObyz

Score
7/10
discovery

Malware Config

Signatures

  • Modifies file permissions 1 TTPs 1 IoCs
    discovery
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\asset_pack.jar
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:5016
    • C:\Windows\system32\icacls.exe
      C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
      2⤵
      • Modifies file permissions
      PID:2208

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp
    Filesize

    46B

    MD5

    f960f7e5f962ceba44a9bc3a5b16cab3

    SHA1

    e48dc782961a31e57e4cfaabed6e0998e6008dfe

    SHA256

    32beba7f7fa790001177268f80fc498dfbc68c358582234b660f00df5abcba8f

    SHA512

    6c141d8ad4b555e14f51ea0bf5b78c95418312849d96e376fd06d1a3562e1888b0d945facf1528354882c04db14b0f191eaa88eac1b891246444bac43dd60d9d

    Download Submit

  • memory/5016-2-0x000001C78C7E0000-0x000001C78CA50000-memory.dmp

    Filesize

    2.4MB

    Download

  • memory/5016-12-0x000001C78AF40000-0x000001C78AF41000-memory.dmp

    Filesize

    4KB

    Download

  • memory/5016-13-0x000001C78C7E0000-0x000001C78CA50000-memory.dmp

    Filesize

    2.4MB

    Download