Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

6

asset_pack.jar

windows10-1703-x64

7

com.vector...ay.apk

windows10-1703-x64

3

config.arm64_v8a.jar

windows10-1703-x64

7

config.bn.jar

windows10-1703-x64

7

config.en.jar

windows10-1703-x64

7

config.gu.jar

windows10-1703-x64

7

config.hi.jar

windows10-1703-x64

7

config.kn.jar

windows10-1703-x64

7

config.mdpi.jar

windows10-1703-x64

7

config.mr.jar

windows10-1703-x64

7

config.ta.jar

windows10-1703-x64

7

config.te.jar

windows10-1703-x64

7

BlueStacks..._0.exe

windows10-1703-x64

4

BlueStacks..._0.exe

windows10-1703-x64

4

Analysis

  • max time kernel
    58s
  • max time network
    79s
  • platform
    windows10-1703_x64
  • resource
    win10-20240611-en
  • resource tags

    arch:x64arch:x86image:win10-20240611-enlocale:en-usos:windows10-1703-x64system
  • submitted
    08/09/2024, 14:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    config.mr.jar

  • Size

    32KB

  • MD5

    753763ee5b19220edc0977a26d5b0454

  • SHA1

    4ee7213f27731e879e2a270e743c44b1e79deb8c

  • SHA256

    d45ac9724c79432b56fe942b97071487ca62236fba97afe71c14291f37e932f4

  • SHA512

    7aa42dcf0361dd91f427a486ba9399dafb12639706287d1db576406fe4a4e74e17dceeb7a7be493882cd51cec9eddb224db81eace685785cc55fc5d4037b3f66

  • SSDEEP

    768:aOZOL0/9TQ37rFshdhJ1e1Tq384LW4BXy:aOZOL0/9TQLrFshdhigM4LW4BXy

Score
7/10
discovery

Malware Config

Signatures

  • Modifies file permissions 1 TTPs 1 IoCs
    discovery
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\config.mr.jar
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4536
    • C:\Windows\system32\icacls.exe
      C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
      2⤵
      • Modifies file permissions
      PID:4496

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp
    Filesize

    46B

    MD5

    04dd348813bd52124cf874297f4f53b0

    SHA1

    ec2341ec6c71e32a3f9201c46c5603ae854d0253

    SHA256

    cccada5adf2a615546b8b1bc23c9db00c326adc4ff2fe6eae8f3be79610ccd24

    SHA512

    e01e8be246a9bafdf54f730120b650c96830b0ba740bfe15fd391a8606a9ca658e8a3102fa1f19643c44e5c6d1028b10ca635d1537bb5ed71203d61efccaece1

    Download Submit

  • memory/4536-2-0x000001FF05FA0000-0x000001FF06210000-memory.dmp

    Filesize

    2.4MB

    Download

  • memory/4536-12-0x000001FF046F0000-0x000001FF046F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4536-13-0x000001FF05FA0000-0x000001FF06210000-memory.dmp

    Filesize

    2.4MB

    Download