Joe Sandbox Cloud Basic Analysis Report
Create Interactive Tour

Windows Analysis Report
craftbukkit-1.19.jar

Overview

General Information

Sample Name:craftbukkit-1.19.jar
Analysis ID:676905
MD5:97cf25386025399d99b687811dedad1f
SHA1:257c033c6de04bc793f9b76a4853de304ca7ee8c
SHA256:9d903af9c4cf6f3b0a0a1c493402545ab306da69bedc749c514c61e3048e14cd
Infos:

Detection

Score:3
Range:0 - 100
Whitelisted:false
Confidence:80%

Signatures

Sample execution stops while process was sleeping (likely an evasion)
Queries the volume information (name, serial number etc) of a device
Uses cacls to modify the permissions of files
Uses code obfuscation techniques (call, push, ret)
Creates a process in suspended mode (likely to inject code)
Contains functionality to query CPU information (cpuid)

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Process Tree

  • System is start
  • cmd.exe (PID: 6500 cmdline: C:\Windows\system32\cmd.exe /c 7za.exe x -y -oC:\jar "C:\Users\user\Desktop\craftbukkit-1.19.jar" MD5: 9D59442313565C2E0860B88BF32B2277)
    • 7za.exe (PID: 1428 cmdline: 7za.exe x -y -oC:\jar "C:\Users\user\Desktop\craftbukkit-1.19.jar" MD5: 77E556CDFDC5C592F5C46DB4127C6F4C)
  • cmd.exe (PID: 5624 cmdline: "C:\Windows\System32\cmd.exe" /c java.exe -jar "C:\Users\user\Desktop\craftbukkit-1.19.jar" org.bukkit.craftbukkit.bootstrap.Main >> C:\cmdlinestart.log 2>&1 MD5: 9D59442313565C2E0860B88BF32B2277)
    • conhost.exe (PID: 6308 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: C5E9B1D1103EDCEA2E408E9497A5A88F)
    • java.exe (PID: 7096 cmdline: java.exe -jar "C:\Users\user\Desktop\craftbukkit-1.19.jar" org.bukkit.craftbukkit.bootstrap.Main MD5: 8281414DAC699B2B3ED78096625071E5)
      • icacls.exe (PID: 4216 cmdline: C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M MD5: BD5694D5E2843F93882085800BF642BC)
        • conhost.exe (PID: 5288 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: C5E9B1D1103EDCEA2E408E9497A5A88F)
  • javaw.exe (PID: 6284 cmdline: "C:\Program Files (x86)\Java\jre1.8.0_291\bin\javaw.exe" -jar "C:\Users\user\Desktop\craftbukkit-1.19.jar" MD5: 06A0249651EC0977986DE87F7813F30C)
  • AcroRd32.exe (PID: 800 cmdline: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\user\Desktop\UOOJJOZIRH.pdf MD5: 0EAC436587F5A1BEF8AEB2E2381D2405)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

  • Spreading
  • Networking
  • System Summary
  • Data Obfuscation
  • Hooking and other Techniques for Hiding and Protection
  • Malware Analysis System Evasion
  • Anti Debugging
  • HIPS / PFW / Operating System Protection Evasion
  • Language, Device and Operating System Detection

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Source: C:\Windows\System32\7za.exeFile opened: C:\jar\META-INF\libraries\netty-common-4.1.77.Final.jar
Source: C:\Windows\System32\7za.exeFile opened: C:\jar\META-INF\libraries\netty-transport-native-epoll-4.1.77.Final-linux-x86_64.jar
Source: C:\Windows\System32\7za.exeFile opened: C:\jar\META-INF\libraries\netty-transport-classes-epoll-4.1.77.Final.jar
Source: C:\Windows\System32\7za.exeFile opened: C:\jar\META-INF\libraries\netty-resolver-4.1.77.Final.jar
Source: C:\Windows\System32\7za.exeFile opened: C:\jar\META-INF\libraries\netty-transport-4.1.77.Final.jar
Source: C:\Windows\System32\7za.exeFile opened: C:\jar\META-INF\libraries\netty-handler-4.1.77.Final.jar
Source: java.exe, 00000006.00000002.2010774642.0000000004600000.00000004.00000800.00020000.00000000.sdmp, javaw.exe, 0000000D.00000002.2351179741.0000000004800000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://bugreport.sun.com/bugreport/
Source: java.exe, 00000006.00000002.2010774642.0000000004600000.00000004.00000800.00020000.00000000.sdmp, javaw.exe, 0000000D.00000002.2351179741.0000000004800000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://java.oracle.com/
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_5125953\java.exeFile created: C:\Users\user\AppData\Local\Temp\hsperfdata_userJump to behavior
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_5125953\java.exeSection loaded: C:\Program Files (x86)\Java\jre1.8.0_291\bin\client\jvm.dll
Source: C:\Windows\System32\7za.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers
Source: classification engineClassification label: clean3.winJAR@13/81@0/0
Source: unknownProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c 7za.exe x -y -oC:\jar "C:\Users\user\Desktop\craftbukkit-1.19.jar"
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\7za.exe 7za.exe x -y -oC:\jar "C:\Users\user\Desktop\craftbukkit-1.19.jar"
Source: unknownProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c java.exe -jar "C:\Users\user\Desktop\craftbukkit-1.19.jar" org.bukkit.craftbukkit.bootstrap.Main >> C:\cmdlinestart.log 2>&1
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\cmd.exeProcess created: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_5125953\java.exe java.exe -jar "C:\Users\user\Desktop\craftbukkit-1.19.jar" org.bukkit.craftbukkit.bootstrap.Main
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_5125953\java.exeProcess created: C:\Windows\SysWOW64\icacls.exe C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
Source: C:\Windows\SysWOW64\icacls.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: unknownProcess created: C:\Program Files (x86)\Java\jre1.8.0_291\bin\javaw.exe "C:\Program Files (x86)\Java\jre1.8.0_291\bin\javaw.exe" -jar "C:\Users\user\Desktop\craftbukkit-1.19.jar"
Source: unknownProcess created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\user\Desktop\UOOJJOZIRH.pdf
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\7za.exe 7za.exe x -y -oC:\jar "C:\Users\user\Desktop\craftbukkit-1.19.jar"
Source: C:\Windows\System32\cmd.exeProcess created: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_5125953\java.exe java.exe -jar "C:\Users\user\Desktop\craftbukkit-1.19.jar" org.bukkit.craftbukkit.bootstrap.Main
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_5125953\java.exeProcess created: C:\Windows\SysWOW64\icacls.exe C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exeProcess created: unknown unknown
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5288:120:WilError_02
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6308:304:WilStaging_02
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6308:120:WilError_02
Source: craftbukkit-1.19.jarBinary or memory string: a.SlN
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exeFile created: C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeFnt16.lst.6872Jump to behavior
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_5125953\java.exeFile opened: C:\Program Files (x86)\Java\jre1.8.0_291\lib\i386\jvm.cfg
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: craftbukkit-1.19.jarStatic file information: File size 66733731 > 1048576
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_5125953\java.exeCode function: 6_2_0256B377 push 00000000h; mov dword ptr [esp], esp
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_5125953\java.exeCode function: 6_2_0256BB27 push 00000000h; mov dword ptr [esp], esp
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_5125953\java.exeCode function: 6_2_0256B907 push 00000000h; mov dword ptr [esp], esp
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_5125953\java.exeCode function: 6_2_0256A1DB push ecx; ret
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_5125953\java.exeCode function: 6_2_0256A1CA push ecx; ret
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_5125953\java.exeCode function: 6_2_0256C437 push 00000000h; mov dword ptr [esp], esp
Source: C:\Program Files (x86)\Java\jre1.8.0_291\bin\javaw.exeCode function: 13_2_0270BAC0 push 00000000h; mov dword ptr [esp], esp
Source: C:\Program Files (x86)\Java\jre1.8.0_291\bin\javaw.exeCode function: 13_2_0270B377 push 00000000h; mov dword ptr [esp], esp
Source: C:\Program Files (x86)\Java\jre1.8.0_291\bin\javaw.exeCode function: 13_2_0270BB27 push 00000000h; mov dword ptr [esp], esp
Source: C:\Program Files (x86)\Java\jre1.8.0_291\bin\javaw.exeCode function: 13_2_0270B310 push 00000000h; mov dword ptr [esp], esp
Source: C:\Program Files (x86)\Java\jre1.8.0_291\bin\javaw.exeCode function: 13_2_0270B8A0 push 00000000h; mov dword ptr [esp], esp
Source: C:\Program Files (x86)\Java\jre1.8.0_291\bin\javaw.exeCode function: 13_2_0270B907 push 00000000h; mov dword ptr [esp], esp
Source: C:\Program Files (x86)\Java\jre1.8.0_291\bin\javaw.exeCode function: 13_2_0270A1DB push ecx; ret
Source: C:\Program Files (x86)\Java\jre1.8.0_291\bin\javaw.exeCode function: 13_2_0270A1CA push ecx; ret
Source: C:\Program Files (x86)\Java\jre1.8.0_291\bin\javaw.exeCode function: 13_2_0270C437 push 00000000h; mov dword ptr [esp], esp
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_5125953\java.exeProcess created: C:\Windows\SysWOW64\icacls.exe C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
Source: java.exe, 00000006.00000003.1997631036.00000000159CC000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: com/sun/corba/se/impl/util/SUNVMCID.classPK
Source: java.exe, 00000006.00000003.1997631036.00000000159CC000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: &com/sun/corba/se/impl/util/SUNVMCID.classPK
Source: javaw.exe, 0000000D.00000002.2349458116.0000000000DFE000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: ,java/lang/VirtualMachineError
Source: java.exe, 00000006.00000003.1997631036.00000000159CC000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: org/omg/CORBA/OMGVMCID.classPK
Source: java.exe, 00000006.00000003.1997631036.00000000159CC000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: java/lang/VirtualMachineError.classPK
Source: java.exe, 00000006.00000002.2009459325.0000000000BA4000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: 2[Ljava/lang/VirtualMachineError;
Source: java.exe, 00000006.00000002.2009325585.0000000000B7B000.00000004.00000020.00020000.00000000.sdmp, javaw.exe, 0000000D.00000002.2349305065.0000000000DD8000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
Source: javaw.exe, 0000000D.00000002.2349458116.0000000000DFE000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: p[Ljava/lang/VirtualMachineError;
Source: C:\Windows\System32\7za.exeFile opened: C:\jar\META-INF\libraries\netty-common-4.1.77.Final.jar
Source: C:\Windows\System32\7za.exeFile opened: C:\jar\META-INF\libraries\netty-transport-native-epoll-4.1.77.Final-linux-x86_64.jar
Source: C:\Windows\System32\7za.exeFile opened: C:\jar\META-INF\libraries\netty-transport-classes-epoll-4.1.77.Final.jar
Source: C:\Windows\System32\7za.exeFile opened: C:\jar\META-INF\libraries\netty-resolver-4.1.77.Final.jar
Source: C:\Windows\System32\7za.exeFile opened: C:\jar\META-INF\libraries\netty-transport-4.1.77.Final.jar
Source: C:\Windows\System32\7za.exeFile opened: C:\jar\META-INF\libraries\netty-handler-4.1.77.Final.jar
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_5125953\java.exeMemory protected: page read and write | page guard
Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\7za.exe 7za.exe x -y -oC:\jar "C:\Users\user\Desktop\craftbukkit-1.19.jar"
Source: C:\Windows\System32\cmd.exeProcess created: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_5125953\java.exe java.exe -jar "C:\Users\user\Desktop\craftbukkit-1.19.jar" org.bukkit.craftbukkit.bootstrap.Main
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_5125953\java.exeProcess created: C:\Windows\SysWOW64\icacls.exe C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_5125953\java.exeQueries volume information: C:\Program Files (x86)\Java\jre1.8.0_291\bin\client\jvm.dll VolumeInformation
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_5125953\java.exeQueries volume information: C:\Users\user\AppData\Local\Temp\hsperfdata_user\7096 VolumeInformation
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_5125953\java.exeQueries volume information: C:\Program Files (x86)\Java\jre1.8.0_291\lib\resources.jar VolumeInformation
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_5125953\java.exeQueries volume information: C:\Program Files (x86)\Java\jre1.8.0_291\lib\rt.jar VolumeInformation
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_5125953\java.exeQueries volume information: C:\Program Files (x86)\Java\jre1.8.0_291\lib\jsse.jar VolumeInformation
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_5125953\java.exeQueries volume information: C:\Program Files (x86)\Java\jre1.8.0_291\lib\jce.jar VolumeInformation
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_5125953\java.exeQueries volume information: C:\Program Files (x86)\Java\jre1.8.0_291\lib\charsets.jar VolumeInformation
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_5125953\java.exeQueries volume information: C:\Program Files (x86)\Java\jre1.8.0_291\lib\jfr.jar VolumeInformation
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_5125953\java.exeQueries volume information: C:\Program Files (x86)\Java\jre1.8.0_291\lib\meta-index VolumeInformation
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_5125953\java.exeQueries volume information: C:\Program Files (x86)\Java\jre1.8.0_291\lib\resources.jar VolumeInformation
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_5125953\java.exeQueries volume information: C:\Program Files (x86)\Java\jre1.8.0_291\lib\rt.jar VolumeInformation
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_5125953\java.exeQueries volume information: C:\Program Files (x86)\Java\jre1.8.0_291\lib\jsse.jar VolumeInformation
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_5125953\java.exeQueries volume information: C:\Program Files (x86)\Java\jre1.8.0_291\lib\jce.jar VolumeInformation
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_5125953\java.exeQueries volume information: C:\Program Files (x86)\Java\jre1.8.0_291\lib\charsets.jar VolumeInformation
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_5125953\java.exeQueries volume information: C:\Program Files (x86)\Java\jre1.8.0_291\lib\jfr.jar VolumeInformation
Source: C:\Program Files (x86)\Java\jre1.8.0_291\bin\javaw.exeQueries volume information: C:\Program Files (x86)\Java\jre1.8.0_291\bin\java.dll VolumeInformation
Source: C:\Program Files (x86)\Java\jre1.8.0_291\bin\javaw.exeQueries volume information: C:\Program Files (x86)\Java\jre1.8.0_291\bin\client\jvm.dll VolumeInformation
Source: C:\Program Files (x86)\Java\jre1.8.0_291\bin\javaw.exeQueries volume information: C:\Program Files (x86)\Java\jre1.8.0_291\bin\java.dll VolumeInformation
Source: C:\Program Files (x86)\Java\jre1.8.0_291\bin\javaw.exeQueries volume information: C:\Program Files (x86)\Java\jre1.8.0_291\bin\java.dll VolumeInformation
Source: C:\Program Files (x86)\Java\jre1.8.0_291\bin\javaw.exeQueries volume information: C:\Users\user\AppData\Local\Temp\hsperfdata_user\6284 VolumeInformation
Source: C:\Program Files (x86)\Java\jre1.8.0_291\bin\javaw.exeQueries volume information: C:\Program Files (x86)\Java\jre1.8.0_291\lib\resources.jar VolumeInformation
Source: C:\Program Files (x86)\Java\jre1.8.0_291\bin\javaw.exeQueries volume information: C:\Program Files (x86)\Java\jre1.8.0_291\lib\rt.jar VolumeInformation
Source: C:\Program Files (x86)\Java\jre1.8.0_291\bin\javaw.exeQueries volume information: C:\Program Files (x86)\Java\jre1.8.0_291\lib\jsse.jar VolumeInformation
Source: C:\Program Files (x86)\Java\jre1.8.0_291\bin\javaw.exeQueries volume information: C:\Program Files (x86)\Java\jre1.8.0_291\lib\jce.jar VolumeInformation
Source: C:\Program Files (x86)\Java\jre1.8.0_291\bin\javaw.exeQueries volume information: C:\Program Files (x86)\Java\jre1.8.0_291\lib\charsets.jar VolumeInformation
Source: C:\Program Files (x86)\Java\jre1.8.0_291\bin\javaw.exeQueries volume information: C:\Program Files (x86)\Java\jre1.8.0_291\lib\jfr.jar VolumeInformation
Source: C:\Program Files (x86)\Java\jre1.8.0_291\bin\javaw.exeQueries volume information: C:\Program Files (x86)\Java\jre1.8.0_291\lib\meta-index VolumeInformation
Source: C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_5125953\java.exeCode function: 6_2_02560380 cpuid

Mitre Att&ck Matrix

Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
Valid AccountsWindows Management Instrumentation1
Services File Permissions Weakness		1
Services File Permissions Weakness		1
Masquerading		OS Credential Dumping1
Security Software Discovery		Remote ServicesData from Local SystemExfiltration Over Other Network MediumData ObfuscationEavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
Default AccountsScheduled Task/JobBoot or Logon Initialization Scripts11
Process Injection		1
Services File Permissions Weakness		LSASS Memory1
File and Directory Discovery		Remote Desktop ProtocolData from Removable MediaExfiltration Over BluetoothJunk DataExploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)1
Disable or Modify Tools		Security Account Manager21
System Information Discovery		SMB/Windows Admin SharesData from Network Shared DriveAutomated ExfiltrationSteganographyExploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
Local AccountsAt (Windows)Logon Script (Mac)Logon Script (Mac)11
Process Injection		NTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput CaptureScheduled TransferProtocol ImpersonationSIM Card SwapCarrier Billing Fraud
Cloud AccountsCronNetwork Logon ScriptNetwork Logon Script1
Obfuscated Files or Information		LSA SecretsRemote System DiscoverySSHKeyloggingData Transfer Size LimitsFallback ChannelsManipulate Device CommunicationManipulate App Store Rankings or Ratings

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 process2 2 Behavior Graph ID: 676905 Sample: craftbukkit-1.19.jar Startdate: 01/08/2022 Architecture: WINDOWS Score: 3 7 cmd.exe 2 2->7         started        9 cmd.exe 1 2->9         started        11 javaw.exe 2 2->11         started        13 AcroRd32.exe 25 2->13         started        process3 15 java.exe 5 7->15         started        17 conhost.exe 7->17         started        19 7za.exe 88 9->19         started        process4 21 icacls.exe 1 15->21         started        process5 23 conhost.exe 21->23         started       

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

No Antivirus matches

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
http://bugreport.sun.com/bugreport/0%URL Reputationsafe

Domains and IPs

Contacted Domains

No contacted domains info
NameSourceMaliciousAntivirus DetectionReputation
http://java.oracle.com/java.exe, 00000006.00000002.2010774642.0000000004600000.00000004.00000800.00020000.00000000.sdmp, javaw.exe, 0000000D.00000002.2351179741.0000000004800000.00000004.00000800.00020000.00000000.sdmpfalse
    		high
    http://bugreport.sun.com/bugreport/java.exe, 00000006.00000002.2010774642.0000000004600000.00000004.00000800.00020000.00000000.sdmp, javaw.exe, 0000000D.00000002.2351179741.0000000004800000.00000004.00000800.00020000.00000000.sdmpfalse
    • URL Reputation: safe
    		unknown

    World Map of Contacted IPs

    No contacted IP infos

    General Information

    Joe Sandbox Version:35.0.0 Citrine
    Analysis ID:676905
    Start date and time: 01/08/202220:54:542022-08-01 20:54:54 +02:00
    Joe Sandbox Product:CloudBasic
    Overall analysis duration:0h 6m 46s
    Hypervisor based Inspection enabled:false
    Report type:light
    Sample file name:craftbukkit-1.19.jar
    Cookbook file name:defaultwindowsinteractivecookbook.jbs
    Number of analysed new started processes analysed:19
    Number of new started drivers analysed:0
    Number of existing processes analysed:0
    Number of existing drivers analysed:0
    Number of injected processes analysed:0
    Technologies:
    • HCA enabled
    • EGA enabled
    • HDC enabled
    • AMSI enabled
    Analysis Mode:default
    Analysis stop reason:Timeout
    Detection:CLEAN
    Classification:clean3.winJAR@13/81@0/0
    EGA Information:Failed
    HDC Information:Failed
    HCA Information:
    • Successful, ratio: 100%
    • Number of executed functions: 0
    • Number of non-executed functions: 0
    Cookbook Comments:
    • Found application associated with file extension: .jar
    • Adjust boot time
    • Enable AMSI
    • Exclude process from analysis (whitelisted): BackgroundTransferHost.exe, rundll32.exe, WMIADAP.exe, backgroundTaskHost.exe, svchost.exe
    • Excluded IPs from analysis (whitelisted): 2.19.126.155, 2.19.126.141
    • Excluded domains from analysis (whitelisted): ris.api.iris.microsoft.com, client.wns.windows.com, fs.microsoft.com, login.live.com, slscr.update.microsoft.com, displaycatalog.mp.microsoft.com, img-prod-cms-rt-microsoft-com.akamaized.net, a1449.dscg2.akamai.net, nexusrules.officeapps.live.com, arc.msn.com
    • Execution Graph export aborted for target java.exe, PID 7096 because it is empty
    • Execution Graph export aborted for target javaw.exe, PID 6284 because it is empty
    • Not all processes where analyzed, report is missing behavior information
    • Report size getting too big, too many NtSetInformationFile calls found.

    Simulations

    Behavior and APIs

    No simulations

    Joe Sandbox View / Context

    IPs

    No context

    Domains

    No context

    ASNs

    No context

    JA3 Fingerprints

    No context

    Dropped Files

    No context

    Created / dropped Files

    C:\ProgramData\Oracle\Java\.oracle_jre_usage\cce3fe3b0d8d84da.timestamp

    Download File
    Process:C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_5125953\java.exe
    File Type:ASCII text, with CRLF line terminators
    Category:dropped
    Size (bytes):57
    Entropy (8bit):4.839395444285956
    Encrypted:false
    SSDEEP:3:oFj4I5vpNCzGIM:oJ5XCz9M
    MD5:3A6870095166E8ED46C1178EE78C10E8
    SHA1:9361EE2B61290A33F25F8EF4C377DE175324D0E9
    SHA-256:3888E139AE8EAFBDB82BB1252FED13B5BC760004803D067B46DA0554D1A00889
    SHA-512:A448C8E00566AFFEB3CA4133B74FC5885AB367A197DD2D7B4B481F5CA466FD9F706F445846449D85BFB7C91065A0F977148817723C46E75FEE0AF3A9EAA15415
    Malicious:false
    Preview:C:\Program Files (x86)\Java\jre1.8.0_291..1659412585841..

    C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeFnt16.lst.6872

    Download File
    Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
    File Type:PostScript document text
    Category:dropped
    Size (bytes):100680
    Entropy (8bit):5.198735236005732
    Encrypted:false
    SSDEEP:1536:feNgjRoaRlQShhp2VpMKRhWa11quVJzlzofqG9Z3ADWp1ttawvayjLp:G6jyaRlQShhp2VpMKRhWa11quVJa
    MD5:7077109515BD1FBF8EDB99EF26177642
    SHA1:5B69D757ED47A4CB08FD25CA697F01F19D05DBEC
    SHA-256:4965B1A9DBE3A95B647CDBF287F1CAFBA299BA98FCAFC459DC67BD2C255E411E
    SHA-512:79817D47F9CAC470E574CD7040754A70773D94BACD853D39F5AF0AB0DDFEE8BA273BF7485B9340BC10BB7EC198AB5701B2C0671F8ACA2B91DF392BDE0D563263
    Malicious:false
    Preview:%!Adobe-FontList 1.16.%Locale:0x409..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:Marlett.FamilyName:Marlett.StyleName:Regular.MenuName:Marlett.StyleBits:0.WeightClass:500.WidthClass:5.AngleClass:0.FullName:Marlett.WritingScript:Roman.WinName:Marlett.FileLength:27724.NameArray:0,Win,1,Marlett.NameArray:0,Mac,4,Marlett.NameArray:0,Win,1,Marlett.%EndFont..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:ArialMT.FamilyName:Arial.StyleName:Regular.MenuName:Arial.StyleBits:0.WeightClass:400.WidthClass:5.AngleClass:0.FullName:Arial.WritingScript:Roman.WinName:Arial.FileLength:1036584.NameArray:0,Win,1,Arial.NameArray:0,Mac,4,Arial.NameArray:0,Win,1,Arial.%EndFont..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:Arial-BoldMT.FamilyName:Arial.StyleName:Bold.MenuName:Arial.StyleBits:2.WeightClass:700.WidthClass:5.AngleClass:0.FullName:Arial Bold.WritingScript:Roman.WinName:Arial Bold.FileLength:980756.NameArray:0,Win,1,Arial.NameArray:0,Mac,4,Arial Bold.NameAr

    C:\Users\user\AppData\Local\Adobe\Acrobat\DC\AdobeSysFnt21.lst (copy)

    Download File
    Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
    File Type:PostScript document text
    Category:dropped
    Size (bytes):100680
    Entropy (8bit):5.198735236005732
    Encrypted:false
    SSDEEP:1536:feNgjRoaRlQShhp2VpMKRhWa11quVJzlzofqG9Z3ADWp1ttawvayjLp:G6jyaRlQShhp2VpMKRhWa11quVJa
    MD5:7077109515BD1FBF8EDB99EF26177642
    SHA1:5B69D757ED47A4CB08FD25CA697F01F19D05DBEC
    SHA-256:4965B1A9DBE3A95B647CDBF287F1CAFBA299BA98FCAFC459DC67BD2C255E411E
    SHA-512:79817D47F9CAC470E574CD7040754A70773D94BACD853D39F5AF0AB0DDFEE8BA273BF7485B9340BC10BB7EC198AB5701B2C0671F8ACA2B91DF392BDE0D563263
    Malicious:false
    Preview:%!Adobe-FontList 1.16.%Locale:0x409..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:Marlett.FamilyName:Marlett.StyleName:Regular.MenuName:Marlett.StyleBits:0.WeightClass:500.WidthClass:5.AngleClass:0.FullName:Marlett.WritingScript:Roman.WinName:Marlett.FileLength:27724.NameArray:0,Win,1,Marlett.NameArray:0,Mac,4,Marlett.NameArray:0,Win,1,Marlett.%EndFont..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:ArialMT.FamilyName:Arial.StyleName:Regular.MenuName:Arial.StyleBits:0.WeightClass:400.WidthClass:5.AngleClass:0.FullName:Arial.WritingScript:Roman.WinName:Arial.FileLength:1036584.NameArray:0,Win,1,Arial.NameArray:0,Mac,4,Arial.NameArray:0,Win,1,Arial.%EndFont..%BeginFont.Handler:WinTTHandler.FontType:TrueType.FontName:Arial-BoldMT.FamilyName:Arial.StyleName:Bold.MenuName:Arial.StyleBits:2.WeightClass:700.WidthClass:5.AngleClass:0.FullName:Arial Bold.WritingScript:Roman.WinName:Arial Bold.FileLength:980756.NameArray:0,Win,1,Arial.NameArray:0,Mac,4,Arial Bold.NameAr

    C:\Users\user\AppData\Local\Adobe\Acrobat\DC\IconCacheRdr65536.dat

    Download File
    Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
    File Type:data
    Category:dropped
    Size (bytes):192032
    Entropy (8bit):2.7071300997365824
    Encrypted:false
    SSDEEP:768:RFFFFFFFFFFFFFFFZF1F1F1F1FpFFFFFFFFFFFFFFFYFFFFFNwN9wxFFFFFUZEec:pGeSyoggpPB/3AYvYwg
    MD5:6282352CECF67AFFBD8C996193FB894F
    SHA1:E90978146204CEB53877511D1B668847EEA6D1FB
    SHA-256:C001F8FC882169555DC80A3E800DDAFE56FC0F052F36C20A66EAB2F451C42C40
    SHA-512:44DA168EDD11E4F9FC121C4B0787A7AE2EFCE053F23706B8C5910441D02F60830381F1953F345D9819FA71C7B9C5E021D14F7AEEE021CA3F05E01C18E4039261
    Malicious:false
    Preview:Adobe Acrobat Reader DC (32-bit) 21.0....?A12_SelectObject.................................................................................................................................................~~~@~~~ ........................................................................................~~~.~~~.~~~.....................................................................................~~~.~~~.~~~.~~~`................................................................................~~~.~~~.~~~.~~~.~~~`............................................................................~~~.~~~.~~~.~~~.~~~.~~~@........................................................................~~~.~~~.~~~.~~~.~~~.~~~.~~~0....................................................................~~~.~~~.~~~.~~~.~~~.~~~.~~~.~~~0................................................................~~~.~~~.~~~.~~~.~~~.~~~.~~~.~~~.~~~.............................................................~~~.~~~.~~~.~~~.~~~.~~~.~~~.~

    C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Reader\SOPHIA.json

    Download File
    Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
    File Type:ASCII text, with no line terminators
    Category:dropped
    Size (bytes):138
    Entropy (8bit):4.618665567327412
    Encrypted:false
    SSDEEP:3:YEH5chxs2H7GxvBxs2HOx9xJvDTHWeiXx6KIVVt7n/GzNLV6n:YEcZqxvHZOvGeII9n/2Nsn
    MD5:61B9442B9AE51963C59BB0F42B62ED45
    SHA1:CB911015F47E0C41DAE0BF2DB1768BE270BFEB82
    SHA-256:94B1E1C10431DE3CD1C52F13C18005740FABA26A843ACD0316CC9F8D760EED8A
    SHA-512:58F313EC6E716B74B9EB463166D96FD71EE5A886B2726D864593BF5AE79DCC3A0BA34ACB4DDD6F5BF3826B9DBBD01F3A53412175ABED2892DEDDDD5D1589F643
    Malicious:false
    Preview:{"all":[{"id":"TESTING","info":{"dg":"DG","sid":"TESTING"},"mimeType":"file","size":4,"ts":1623165260000}],"g_info":{"Version":"0.0.0.1"}}

    C:\Users\user\AppData\Roaming\Adobe\Acrobat\DC\Security\ES_session_store

    Download File
    Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
    File Type:data
    Category:dropped
    Size (bytes):10240
    Entropy (8bit):0.6787380389545353
    Encrypted:false
    SSDEEP:12:Uy4D8ilNd7+G2GZu6SlxypL/aij3g8KpPyC2lx8pSHSD3eUa:R4DdTd7H23nsL+zPyCH8Hi3eUa
    MD5:CA225ACEB850598088ED7739907DB242
    SHA1:41F63C0C93A95447F3A250A603A2AEB5FBBBCBE6
    SHA-256:D436E78D31CAE9FBEE0747713CA19E6F29E5557E842BE6B593EEEC3986A757DB
    SHA-512:82F5AD270638F26E6C82D4940C4A4A551CD87521943E4EC164F2C699D571115E7D82FE16FD81CEF624659BFD5B346CDDA535D8161BFEF29BC3BD85AAD8615E5A
    Malicious:false
    Preview: ...{.D.oGw.0g m....-......S....>)!.4. .....p..F..g.oN.j..\uz...H...E.{[.... ...Z4n`a|[....exx..._.*T"a.ke...I.t.....2...OU...7..9...WH..~.q..{E8.>..=.H./.3.nE.E...Y..~.*,...5.G.?..A.H.*.O}..&....X.(@.".sjE.k.......x...Q...Y.?^..'z.&.Q...~...F..u.5..9t.l.......H...0z.|.s...8.!t7.|?.5f...)9HVa.s...r..<...G&b\8......(..m..Jw.q$.+..)....TR...W...O.;p.^P...4.l.;6..0.....>s...$.%.Y..s_S..HS......I..W.A...+..Z..,nV...1..`....MZ...$4.6.>....._..)..JRL^..Og.T.m..K$.U..M...^.O.t..../@%..|lUq..L..'..{._.].&E.t...e....z8&..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

    C:\Users\user\AppData\Roaming\Adobe\Acrobat\DC\Security\ES_session_storei

    Download File
    Process:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
    File Type:data
    Category:dropped
    Size (bytes):24152
    Entropy (8bit):0.7538156757003647
    Encrypted:false
    SSDEEP:24:g2qc+UotRH+xD/cLEY977R9g2OlJluSCkT/EPnkm0L6I36ad0sak:gY+UoLWeZ7R9Z6VT/EPkPZqG0s
    MD5:3D7B93C8247740263EDB1E0752BD3C28
    SHA1:28BEA5C8ABC0569DF9CB07F360360BB950D81840
    SHA-256:A15E8B648C2470550AE9151E4353E8527BB984603C2F8E22C2F99532FF50A67E
    SHA-512:71C4CC1BB9166CF11DCD0965F37CEB6134E21BC670576902BF4855751E9A604289654EE0BA590EC5054A852A39B1D349C609FB5AB2822681214FA6DDC1C0C122
    Malicious:false
    Preview: .....]V.W<....2.<.?........O]$..zf.........=..t.@`M.sV..<wR==Yp....#Y9=.."X..../..rg.Bk..g.2}.k.....1>A..G...y6..I@.*.|.{R._.dp..\8l... d......C.gB.s...H....{...:.....J...l...B.8.{..#..^.<...L.]..Mx.pp.....r6.......$\.0 ..c..F..Hg*X..4...E....t*K....kj3Q&..5.n.l...fj...L1C.u..N..m."t.$...'.8\=<..v~..xmu:...r.].2...gg.....5]......2H.t;....K..)?e,y.ET...<....x..<.DL...L.......9.r...|.:x.....'..\...G.(....1*.3$eg|.IP.(i....H...B.j.!...d.?.m...X .m......<HI....8AP_...^_..My.H...7..U.w....#=.G......T...;...S./.MAFI..Nn..(.=f..B..b..8p....kY.{ezz...|..P).q=...c.....P..,......7...MT..j..dN..L......8.V....0.c...{'.0.._&........@sUJ.Aw.lG..P..@>.eQ5tF.9...]n.!.k9..L]je.........................................................................................................................................................................................................................................................................................................

    C:\cmdlinestart.log

    Download File
    Process:C:\Windows\System32\cmd.exe
    File Type:ASCII text, with CRLF line terminators
    Category:modified
    Size (bytes):1100
    Entropy (8bit):4.907004292192806
    Encrypted:false
    SSDEEP:12:rPyWygrG6qKqccwHjo2RL3y4RQb0wI/J0BEaHEa6Ea+OaqZaqZaIwT/J6Ea02lEs:b5LrPBcwHjo5MdUyPZPZ5w/tMtA4wy
    MD5:9FB765513A10246FCFB38E9882880211
    SHA1:A18636B62DEB0449F192652A426C3F5C76D71A1E
    SHA-256:C4984AA2374A687CC31FF3A91315887D67A8220B5B6A856E4A14649EAA01ED28
    SHA-512:6D66A22AC31C784DBABDDC933987F56D13A17201B1D8121302FB24A15A92EB3D1983FD40808AE2A497F795E455A7AE6DB4719650D6CAA61DE6A95452FA137E10
    Malicious:false
    Preview:Error: A JNI error has occurred, please check your installation and try again..Exception in thread "main" java.lang.UnsupportedClassVersionError: org/bukkit/craftbukkit/bootstrap/Main has been compiled by a more recent version of the Java Runtime (class file version 61.0), this version of the Java Runtime only recognizes class file versions up to 52.0...at java.lang.ClassLoader.defineClass1(Native Method)...at java.lang.ClassLoader.defineClass(Unknown Source)...at java.security.SecureClassLoader.defineClass(Unknown Source)...at java.net.URLClassLoader.defineClass(Unknown Source)...at java.net.URLClassLoader.access$100(Unknown Source)...at java.net.URLClassLoader$1.run(Unknown Source)...at java.net.URLClassLoader$1.run(Unknown Source)...at java.security.AccessController.doPrivileged(Native Method)...at java.net.URLClassLoader.findClass(Unknown Source)...at java.lang.ClassLoader.loadClass(Unknown Source)...at sun.misc.Launcher$AppClassLoader.loadClass(Unknown Source)...at java.lang.Class

    C:\jar\META-INF\MANIFEST.MF

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:ASCII text, with CRLF line terminators
    Category:dropped
    Size (bytes):111
    Entropy (8bit):4.860532530621061
    Encrypted:false
    SSDEEP:3:ZLCAWIzBExR81JAdDIGB7koQ2bDhAqRwAAE7Mcwv:1KItMHDVYl2bW9EIf
    MD5:BA6F8CBEB6A3DBCD39ECDBD715FE23D8
    SHA1:78657536FE8827E89EEF781F50B3BBB05A25767D
    SHA-256:713DBA912C67C80A2BDE846A91F00F88A8221D9490C6EA580887DB85B115E778
    SHA-512:1F5CB11270C092C46EE89F28E43C32893B9D032BA8D1E89679437CAD8B4A525FA248E0EB184809483667692441F0538604F4437CCC47A3A98C14FCA615897D57
    Malicious:false
    Preview:Manifest-Version: 1.0..Created-By: Plexus Archiver 4.2.1..Main-Class: org.bukkit.craftbukkit.bootstrap.Main....

    C:\jar\META-INF\libraries.list

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:ASCII text
    Category:dropped
    Size (bytes):6116
    Entropy (8bit):4.81087437239395
    Encrypted:false
    SSDEEP:96:FSHlr3Ifdr6NqtHFK/7OqVEsR6/YNUutwAepRooJ1q772+N6oP+CDKMLUtlCmgNC:LrxK/nVbA/0UutwAepRoKIPHoMY/CTV6
    MD5:8F6C155C1ADD0246901C5FE743037C0B
    SHA1:4007D4D03DF4AE0F377AC89F4A932DC4E373745B
    SHA-256:42905D0FCCADC7C70592D2DDD031459C0A3284D44FC7B8E98D28F3F3A677F6D5
    SHA-512:C69629772302C3F36CA34DD4136AB74A53115BA2D8A0521C970BF4F5F4E5FFB2491620AF4E7432119DA40FEC747A269392CD5EC1208290F643FC8718AAF69DD7
    Malicious:false
    Preview:1263369b59e29c943918de11d6d6152e2ec6085ce63e5710516f8c67d368e4bc *asm-9.3.jar.0297d142778ffd2e6e77b7aa70a3d1b7986e6c364fd7005b507fb8492ebf0a8e *authlib-3.5.41.jar.edc4926aa4b49010f6e7ac46efd623fb38f9517344d26f6251d79a26a9738c0b *brigadier-1.0.18.jar.09390b2c48b6b50803c945bd5780eb6250f2eb5a1be4db0a7ca777d76efe9b15 *bukkit-1.19-R0.1-SNAPSHOT.jar.ff10785ac2a357ec5de9c293cb982a2cbb605c0309ea4cc1cb9b9bc6dbe7f3cb *checker-qual-3.12.0.jar.e599d5318e97aa48f42136a2927e6dfa4e8881dff0e6c8e3109ddbbff51d7b7d *commons-codec-1.11.jar.961b2f6d87dbacc5d54abf45ab7a6e2495f89b75598962d8c723cea9bc210908 *commons-io-2.11.0.jar.50f11b09f877c294d56f24463f47d28f929cf5044f648661c0f0cfbae9a2f49c *commons-lang-2.6.jar.d919d904486c037f8d193412da0c92e22a9fa24230b9d67a57855c5c31c7e94e *commons-lang3-3.12.0.jar.d1990b4801ee970f211dd507d0f7f299e86af36f6330da83cfba87a8ddf4076d *datafixerupper-5.0.28.jar.cd5257c08a246cf8628817ae71cb822be192ef91f6881ca4a3fcff4f1de1cff3 *error_prone_annotations-2.7.1.jar.a171ee4c734dd2da8

    C:\jar\META-INF\libraries\asm-9.3.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Java archive data (JAR)
    Category:dropped
    Size (bytes):122176
    Entropy (8bit):7.964734625770607
    Encrypted:false
    SSDEEP:3072:QCFKHzRCXTaFC2tBAFTvGFm9cWP0vh5b1VS53CQOQtn:HFKNCjOC2ETvyhW855p+tn
    MD5:E1C3B96035117AB516FFE0DE9BD696E0
    SHA1:8E6300EF51C1D801A7ED62D07CD221ACA3A90640
    SHA-256:1263369B59E29C943918DE11D6D6152E2EC6085CE63E5710516F8C67D368E4BC
    SHA-512:04362F50A2B66934C2635196BF8E6BD2ADBE4435F312D1D97F4733C911E070F5693941A70F586928437043D01D58994325E63744E71886AE53A62C824927A4D4
    Malicious:false
    Preview:PK..........A.................META-INF/......PK..............PK..........A.................META-INF/MANIFEST.MF...n.0......gl....q(...PE..7.B]........V...z..fgv.Z..y.....32dwi2kt%.....3..}.....3..{.....fdV,..%4.'R....&.`...."g..c..Bl0...TH..)...K....FX..3...8.'a.V.}FV.".Cv...E.F.._ll....7.sm..O..p......i/.....8.4!.....i.T..1t...2.x,6}.$x/.).......'+8.)/......._.'{....o..g.I.|.PK..p...........PK..........A.................module-info.class;.o.>...S.^F......T...|v.FF....t........$...\a.fF.VK=c=.F...D....Ta.6.j}.j}.j...F.i.a.......T...F.6_.....L.0....$..X...X.<...(..'X......PK..,...........PK..........A.................org/..PK..............PK..........A.................org/objectweb/..PK..............PK..........A.................org/objectweb/asm/..PK..............PK..........A.............)...org/objectweb/asm/AnnotationVisitor.class...s.U..'II......`)"Ih.....`Z.Fj...>..&Y..f7n6..t..t|.q&..8#)#3.....9ww..T&/..{....s.........M8...._}`...j.j7.e..C+t|o.i;..

    C:\jar\META-INF\libraries\authlib-3.5.41.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v1.0 to extract
    Category:dropped
    Size (bytes):104806
    Entropy (8bit):7.8482716271435855
    Encrypted:false
    SSDEEP:1536:k6mCoGuKZAyqx6aB5Vq5VaFdn3XXZyXLxWAOiguXZfozpdXYF/X76Qj7O48d3AFQ:33ofmZq/B5Vq50P358MafoYlY3AXe
    MD5:B3376F3B8A0F44DA7ECA682FE934BDE7
    SHA1:9E05CB6A5F3504235A190AD11EA8981B2CBB901E
    SHA-256:0297D142778FFD2E6E77B7AA70A3D1B7986E6C364FD7005B507FB8492EBF0A8E
    SHA-512:132CC4E4042D893C7B9EE68E3FCCC586203B4552CC1D2DCD5405177D3A5235693D6F1339B2B9BA44D47CC9254CEA08C55496E4DB3514221330C94E2EE88DD835
    Malicious:false
    Preview:PK.........R.T................META-INF/..PK.........R.T................META-INF/MANIFEST.MF.M..LK-...K-*...R0.3......PK.........R.T................com/..PK.........R.T................com/mojang/..PK.........R.T................com/mojang/authlib/..PK.........R.T[,B.........2...com/mojang/authlib/BaseAuthenticationService.class...J.@.E.k.Dc... .."....Vp..E...8........+....G./.e]...w/.....z..0.$..A.0...a\.V.._.*/..h.5.;B0...8"..W.....[.-9W....2...].........6....=.5....m..R.I..7........0...[B.vmc.#w.\.I.:.K....X*#9..8.{`x..z.a.T4........3...qO...PK.........R.T................com/mojang/authlib/exceptions/..PK.........R.T........5...9...com/mojang/authlib/exceptions/UserMigratedException.class..OO.0........Q.Q..!.w ..........h.dlf....D.....2....D..I..}.o....W.M......-..q.K..Sw...g...S<Y.!....g.m9l{b(.@r...d.7.#..C.r.'o..I.B.;.sn.d..<..Kb..4Cu..m.7..G>.E..Mi..R...@....].}.....1.v.....C.+.q;....#)C..Z..sO.<Z.......8..`L...Qh......g..,..&C..y...TJy.!..d....V}^..

    C:\jar\META-INF\libraries\brigadier-1.0.18.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v1.0 to extract
    Category:dropped
    Size (bytes):77116
    Entropy (8bit):7.896521936876858
    Encrypted:false
    SSDEEP:1536:S6SMaonM2rDPn98A8nDPKD1YG7vo+Kflt:YQMADCpzKD1YAvo+8
    MD5:5ABFDCE5DCEC9CE29769B28AA455A6FB
    SHA1:C1EF1234282716483C92183F49BEF47B1A89BFA9
    SHA-256:EDC4926AA4B49010F6E7AC46EFD623FB38F9517344D26F6251D79A26A9738C0B
    SHA-512:FDB8715EB462B1D6EF16B81D9223499D549C3C6DA90D476B696DF14608A4D5BF55292822225957F198483C652CA7C54330909AAC8C1DDE79115C5256E299F867
    Malicious:false
    Preview:PK........UiwR................META-INF/..PK........UiwR................META-INF/MANIFEST.MF.M..LK-...K-*...R0.3......PK........UiwR................com/..PK........UiwR................com/mojang/..PK........UiwR................com/mojang/brigadier/..PK........UiwR............ ...com/mojang/brigadier/exceptions/..PK........UiwR"..-........K...com/mojang/brigadier/exceptions/Dynamic3CommandExceptionType$Function.class..MJ.A.._.d&.#x.!......]~@..0d_..C....t.2Ws..<T0..A$..E...+.s.....W).)......!,ng.oY..r..,D...q.f.[e}..emr^...........Z.....ql.~.yk.&;-..x7o*....}..O.|..:..L7N.....g.........G.O..M...bQ.p..A..9...af.......PK........UiwR.s.........B...com/mojang/brigadier/exceptions/Dynamic2CommandExceptionType.class.T.N.A.=_[ZZ.....@Q.m..............L..l..mv....O.......C...-.......~.9..3........,..n'..t.w...n.Q..@.Y5...%.O`&........m..c...mK....'=..f....*XN].B.5k.jJ. w..T.^a.m..4.e...z..l7...."!.d..Lx.9'...!Vt..0\6m..eU..)*.....C4..k*....;&.o.'.j-.+..o3.x/.....R...x4.=....}

    C:\jar\META-INF\libraries\bukkit-1.19-R0.1-SNAPSHOT.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v1.0 to extract
    Category:dropped
    Size (bytes):1392413
    Entropy (8bit):7.902867901286255
    Encrypted:false
    SSDEEP:24576:pl+Cs/rjlx9zEVjxV6OkpPFi/kbAXnJgm/NRg88SIF17ev+QLKUxhxzepGB:pgCs/3REVW3P8/kwJgm/NRgeI70Yq6p4
    MD5:F45008ADD33A9F5D9EA60BFB117896D5
    SHA1:0844AD637FFE3F3112F7B51AF4D0AD35AF5056E8
    SHA-256:09390B2C48B6B50803C945BD5780EB6250F2EB5A1BE4DB0A7CA777D76EFE9B15
    SHA-512:79F7712806CF0529043422A8CF930CCE557ADAAD3231758E0C100BDCC6E45354EDF228FA1F26687EFA19289CF75E2116FCAEF3265A1F81B19A7C58C7C716BC42
    Malicious:false
    Preview:PK........,X.T................META-INF/PK........,X.T....>...<.......META-INF/MANIFEST.MF.M..LK-...K-*...R0.3..r,-..M,.L...O).I..K.M.R./J.K*...,......PK........,X.T................org/PK........,X.T................org/bukkit/PK........,X.T................org/bukkit/advancement/PK........,X.T................org/bukkit/attribute/PK........,X.T................org/bukkit/block/PK........,X.T................org/bukkit/block/banner/PK........,X.T................org/bukkit/block/data/PK........,X.T................org/bukkit/block/data/type/PK........,X.T................org/bukkit/block/structure/PK........,X.T................org/bukkit/boss/PK........,X.T................org/bukkit/command/PK........,X.T................org/bukkit/command/defaults/PK........,X.T................org/bukkit/configuration/PK........,X.T................org/bukkit/configuration/file/PK........,X.T............'...org/bukkit/configuration/serialization/PK........,X.T................org/bukkit/conversations/PK........,

    C:\jar\META-INF\libraries\checker-qual-3.12.0.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Java archive data (JAR)
    Category:dropped
    Size (bytes):208835
    Entropy (8bit):7.379322071044374
    Encrypted:false
    SSDEEP:1536:cPx0Q6OOKmhpkxW1VuattcLwwxleKp9iDiW9UAmNPnZALgqcGnv1FzhS6VlVrIFV:1Kw1VHttLK4KBW9rkPnaLgVGvfYwVYrH
    MD5:AB1AE0E2F2F63601597A5A96FCA8A54F
    SHA1:D5692F0526415FCC6DE94BB5BFBD3AFD9DD3B3E5
    SHA-256:FF10785AC2A357EC5DE9C293CB982A2CBB605C0309EA4CC1CB9B9BC6DBE7F3CB
    SHA-512:FF20C424E130C31C30B4F4F5B4374F8F98F94DDAE2B123F3C213F147BE6B3DE57854EE5651B02DD97D352C1C1DF2A8BFEEF73D5307A71372F46A6002EAB24D78
    Malicious:false
    Preview:PK........]..R................META-INF/......PK..............PK........]..R................META-INF/MANIFEST.MF..[o.0........HKJ2.vT}X.>t*..v{.Lr.Z8v..-..;&.J.\.no.....5...i.J..@**...a...h..MCw""...FR.;B&^....d,...........\..!J.>.S.P..?.>..G............+.\..N....Y...`..+.u.H...d.Z.....K.DC.^,....wp.8....K!3!.~.....3......HR..,*.q6..=.v;..{.Kw..1.R.."R..Q....6.y.s...m!Ky..#E.Q.2U..b9.uj.....I.q...uV(!1..*.ef.N..c..u.......Mb&.....l~.N..,O...q..^...AX..l.vq.?....OS.,.UXP.ad...uZTC~:..3..v8.S....F.,.L...]..@...tNy..>..c"..cP..U....I..AC.*..l..+E..;.+..#..,..]..x..C}).p.:.Hh]c.S..QUn.S}i..).m..`.}Td|...i.m.....jmTy.r.%B..#...q.T.1.lE..aY?.t...|.$.@....]n.e..?.S..^do...W.l1.2..../`..~h.]...ys.L.>.:5....v..N..w`.u.1H.....y{3v......hG..;;vn3......$...q.........^..L)...VB%..8.)...C.../...%srw5.<......s/..;."9.>yC/...0.....w;.._PK..[o.d........PK.........O.R................META-INF/LICENSE.txteR_o.0...S..I...=.....F02.Y.......6...wG.V.$$.....9.u...\}.....T.

    C:\jar\META-INF\libraries\commons-codec-1.11.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v1.0 to extract
    Category:dropped
    Size (bytes):335042
    Entropy (8bit):7.898650127965718
    Encrypted:false
    SSDEEP:6144:tzFs9WAXxUzCSoLxr6/bCmJrXPXkCS4RGRm1ZdtDdJb2DKCG:tzO9IzcB6/br7cORGRmrrbOtG
    MD5:567159B1AE257A43E1391A8F59D24CFE
    SHA1:3ACB4705652E16236558F0F4F2192CC33C3BD189
    SHA-256:E599D5318E97AA48F42136A2927E6DFA4E8881DFF0E6C8E3109DDBBFF51D7B7D
    SHA-512:D9586162B257386B5871E7E9AE255A38014A9EFAEEF5148DE5E40A3B0200364DAD8516BDDD554352AA2E5337BEC2CC11DF88C76C4FDDE96A40F3421AA60650D7
    Malicious:false
    Preview:PK.........FQK... .....N......META-INF/MANIFEST.MF.\[o.6.~... .ah.X....2.!.2,E..M......,i......n.D.<...&1.O...%1{.Y....%.....E.Ft...4....4.X....}..`G..oWQ.y..|........_..K.................d.O.L...`qr..{....5./E...."......r.M.A.-...I..&!{d4........~}~.......$ ..].<.4.$..cIA.+)....i..c..q.......+......}.\.Fh.~!E;)OR.W..xP.DEH..h..<(..*....rpD.mA.t.._.l......;.........x.....x...ph....h.X". ...8.\.P..x:.."...%.+G@....M...e;...1]/.... ..i.......|O`.a=.1a........N.g\?;..`....p./3.|)..........0@.......1...x.B.GA.../.L.T.n..N.jK(K.~*.;..8-h..4.B.........n..WEC.b....+pz..)+..{......%.=....N..].O..w...p..g...`.mP)........\Cb]jI..~3.....C-...Ok<..w.....f.S..q..|....&...Q}.k<. .z.;.J.uy3.)./..h).8.K.q....'`...Uj..A.eOG.......>.|..dQ.t.\..)!.=;b{.}6a... pt...hV.!&........y...T]..Q.=.s1w..g(...y..;k.~Z.jnr!N.c.q...+.:W...;.%.t....n.5..A.=$.C....V..L|.oW?.....>.U....X...Y/..F\......~:...uv...ne^..m.cr.{%`...R.!.<8.r0_....K..N.cI..jl.v+tz....u.J.>..G...

    C:\jar\META-INF\libraries\commons-io-2.11.0.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v2.0 to extract
    Category:dropped
    Size (bytes):327135
    Entropy (8bit):7.923604489259355
    Encrypted:false
    SSDEEP:6144:UrBoCnU0+1j/OjXrf50ynaZ13lybiOmQ+CEEArHs2M1mX2TKYGGh82ajQe+yw:2oCnU0+hnZLOm7CH4Hs5mXmKYGer3
    MD5:3B4B7CCFAECEEAC240B804839EE1A1CA
    SHA1:A2503F302B11EBDE7EBC3DF41DAEBE0E4EEA3689
    SHA-256:961B2F6D87DBACC5D54ABF45AB7A6E2495F89B75598962D8C723CEA9BC210908
    SHA-512:5BD78EED456EDE30119319C5BED8E3E4C443B6FD7BDB3A7A5686647BD83094D0C3E2832A7575CFB60E4EF25F08106B93476939D3ADCFECF5533CC030B3039E10
    Malicious:false
    Preview:PK........Hy6Pk.a)............META-INF/MANIFEST.MF.U.n.@.}...X.P%.^c.i....%...(./..VY.{.I..c..-...l.9s9..H>g....6\...p...i&X.%....[.:..#t.PO......|...D...3T....S..A..3M....X9..[0..{..f..X.H..^x..`...,...UiF4.......,.h".\...Kb"..:.D......*..`.....I..*...H..2u.UU.S&....f.....j...P..&..z.......&..L..d..5..hP....h.1..n.e..^.'jnWD3.. |..Ld....P68....._.......Ju...m...B./.m.6E.t,.*c:..V.u..H*\..f...2...w.`..... D.@w{...*..09;.E..3..d...I.rCo5......*...f~*..t....k...k....Y1.0.f.1c..dw.../.k[....I.........e...J...e....q.[..8..[.'CS.....r?}.n7.4"........B..,..g.|.g...SN.68..........=.../%w;..y.c9Is=...y..e.l...8...<O.x.5. .!.x..p.....'.s.l\j.n..D.?.N......~*w...w.....I.....?.m.....$....F.IT..g..\./..n..PK........Hy6P................META-INF/PK........Hy6P................org/PK........Hy6P................org/apache/PK........Hy6P................org/apache/commons/PK........Hy6P................org/apache/commons/io/PK........Hy6P............!...o

    C:\jar\META-INF\libraries\commons-lang-2.6.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v1.0 to extract
    Category:dropped
    Size (bytes):284220
    Entropy (8bit):7.94847674828362
    Encrypted:false
    SSDEEP:6144:0QyyUK6j4lplvLt3UnSXGn1N5YzKrRFOo0mf2KjCciWZMPh:0zol3vLxqSX4vYsI6lCc0h
    MD5:4D5C1693079575B362EDF41500630BBD
    SHA1:0CE1EDB914C94EBC388F086C6827E8BDEEC71AC2
    SHA-256:50F11B09F877C294D56F24463F47D28F929CF5044F648661C0F0CFBAE9A2F49C
    SHA-512:4A5A3DBE4941C645E2CCA068CCA5C1882CFE988B02E7CD981D1E51784900767D1DEAB0E0E0566F559C9FCABB4A180E436D5BB948902D4F4106F37360466AFB42
    Malicious:false
    Preview:PK.........->................META-INF/PK.........->.^.VH...........META-INF/MANIFEST.MF.TKo.@..[.....V...M".z..J...B..e=.M.]kw...wl....pA.|.....*FG.3Z....U...;+.j....).u.`W.EA...M.....[M.8.5....m.a.`.e.....J..f..Po.D.0z=.}o.f...I...SE.v.g..h.#..o0.#c;0] .eB........uT.N.A..c.(..@U....d(U.....C..oV..W...J0...J......>.KSa.H.R...K....b...C...&.8D.._.[.o.lxqY....A...#.8_.%.u..H.xF.u.Q...b\..$fIe.:.....i.N...'(..va.-.P.9.>....1I..:..a3l]_.wIG..."}..U....W....Gc.."_..V.K...n.o....19........[.e.Fc.Z.z......A..8..-n.....V..~..%..[.&..X..I%.6 ..X..bq,.7].v.Z..b.J..S..p.Ph.?u.K.9%@...X.-F@.f.........@....;R..p.....X?.w5.3.o.....f`......w......=...PK.........->................org/PK.........->................org/apache/PK.........->................org/apache/commons/PK.........->................org/apache/commons/lang/PK.........->............ ...org/apache/commons/lang/builder/PK.........->................org/apache/commons/lang/enum/PK.........->..............

    C:\jar\META-INF\libraries\commons-lang3-3.12.0.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v2.0 to extract
    Category:dropped
    Size (bytes):587402
    Entropy (8bit):7.928552551034422
    Encrypted:false
    SSDEEP:12288:+ckjxCcwZ/O05RmbNxmLhmckii9z2B19dCk:ACcEOqENQEvUBlF
    MD5:19FE50567358922BDAD277959EA69545
    SHA1:C6842C86792FF03B9F1D1FE2AAB8DC23AA6C6F0E
    SHA-256:D919D904486C037F8D193412DA0C92E22A9FA24230B9D67A57855C5C31C7E94E
    SHA-512:FBDBC0943CB3498B0148E86A39B773F97C8E6013740F72DBC727FAEABEA402073E2CC8C4D68198E5FC6B08A13B7700236292E99D4785F2C9989F2E5FAC11FD81
    Malicious:false
    Preview:PK........Hy6P9..............META-INF/MANIFEST.MF.UMo.0..G...8......T.Z.JT.V..q&.......$@..m.F.yo....*y..z.@..d.4.....D@..R...[.-r.P6..Qq..!}*..s..P.....<.9..*..O_.....#.S.Z..].&...c..Hib.....vF-......A.@....8h..lU%...........XE&@.".X*C.CBMv......%7.$....]jU...7Pa..4F.JO}....ZW.h...9.i0rfmbZ..b..".\..{S..:....~.K[..V.Da.w.v.St..7..y....8.^.P........Td..e..3.aX...>5.E#.B....E.:....7..*...).........>...*,.h....x..Z.?VTO2...=.Q.fX.;..z.......5....Z\o....P.>]....\...r'..c........t.]9.q.9kg.>........y.u.J......8.hu...A.qu...I.......~k.....zn*.r$J....S...!|.r...v.<G..+A5.. .g .R....C.]./.{5'..9.....A..w1...,J%;.. O...uJ...........H...........'.f.y...mai}..4...(!..X....R8..i".!.Z/...........z.N...o\...Y...U.6.8.d.B.D:.r..].u..PK........Hy6P................META-INF/PK........Hy6P................org/PK........Hy6P................org/apache/PK........Hy6P................org/apache/commons/PK........Hy6P................org/apache/commons/lang3/PK........Hy6P.

    C:\jar\META-INF\libraries\datafixerupper-5.0.28.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v1.0 to extract
    Category:dropped
    Size (bytes):684966
    Entropy (8bit):7.925632484553855
    Encrypted:false
    SSDEEP:12288:tz4xiI84rXWmEOdGfAYhOaEGF9aW2fbjQKfAKHA/90hmmkkATduiSQKo4:t/4rmm94HrBF9bmbio+kARtSpo4
    MD5:B9BE462C07ECDE5118EF532767C643CC
    SHA1:E2157E236E529AFF80A5FC3CCB506E56D46B130B
    SHA-256:D1990B4801EE970F211DD507D0F7F299E86AF36F6330DA83CFBA87A8DDF4076D
    SHA-512:A44E96E6100A8EC8482E9B02075DF28FF005ECE74345D5D1A8BDFE1339E9FE3846BB96D46B7D0BCFAB50B7C1287991115F6C1E1873E6735EB0FAB0276C5E571B
    Malicious:false
    Preview:PK........IL.T................META-INF/..PK........IL.T................META-INF/MANIFEST.MF.M..LK-...K-*...R0.3......PK........EL.T................com/..PK........FL.T................com/mojang/..PK........FL.T................com/mojang/datafixers/..PK........FL.T3y.;0......./...com/mojang/datafixers/TypeRewriteRule$Seq.class.W[W.W..Nn#a@D.B.....V[.PZ..i.(Pl...a.....L@z......<./<....].......l...CH4.|....;g.......1...N...nx..f.y%.+F,841.F-.O.fhV....:..&.I..(....5...i.t5Hb.4..d....iK.....^.fbqh.....1...{me.4B...}..P....dlA5C+...3<.I.R...j2..]L...BR...6..s..$.).....Y...J.....0T...iZIM.....!.Sh..2...;.S.C2v....pBk...N....`.."..-J...a.....&...C..rR..$C..5.k8.N.-.Ih..G..z...D....<.-... ....5k.s.KH...=%.X<(...!.Q%A.....3...I....?f....0.H8*.#....C..:.TS.aq.N.*.......b>...?!..3..WF..18L:.>.F..z*..u\.....yM]`.^....%....0 c.C...UiW.u.....G...8%c.#d...e8R.-...z..2.p..T.....+..VN...3...AP...q<G...*.........x^..2.Aa.."6...G.K+:.-.........1..M"..3ER.T.h.q..b.b....h^k.,

    C:\jar\META-INF\libraries\error_prone_annotations-2.7.1.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v1.0 to extract
    Category:dropped
    Size (bytes):14835
    Entropy (8bit):7.191368329340793
    Encrypted:false
    SSDEEP:192:CBYeUodpDPLBfiqPluK1UL+qFMDqgHQAjO/XM+TOCHw8/KNweg7:CBYLoDbdfhP2Fgo0WV/b7
    MD5:5260E1257140BED1936991931CFF5ED8
    SHA1:458D9042F7AA6FA9A634DF902B37F544E15AACAC
    SHA-256:CD5257C08A246CF8628817AE71CB822BE192EF91F6881CA4A3FCFF4F1DE1CFF3
    SHA-512:32747ED9ABB289DA6EC8F3ACB3A3BE47C1271323847C8E3C1E9F58E9FC4A211221BDAF988990E8EC97BDBA3986927EC81CF9D3F3B5939FFF8CBDFB0EC7AFC7FE
    Malicious:false
    Preview:PK...........R................META-INF/PK...........R................META-INF/MANIFEST.MFE....0.D..C~ .. .[.&T<y...m0.-....[..:3.1..p....8..VmL%EW2M6..{.%.>..Z.h2.....3..`,".uL.V........Q...R.K.Y....P.....?Y7[7.......5......{;S].B..PK...B.H........PK...........R................com/PK...........R................com/google/PK...........R................com/google/errorprone/PK...........R............"...com/google/errorprone/annotations/PK...........R............-...com/google/errorprone/annotations/concurrent/PK...........R............<...com/google/errorprone/annotations/CanIgnoreReturnValue.class.PMK.1.}.mW.W......../.J..Pi......MJ6[._....G....a...y..M......-N"t#.E8f.$...=HE.....rm,M.UV...f!V.c.J;Y.L.r....q.I.K..Q.p%t../..&........9..99..V....+.O..%yr.9N..C.f.2....E..^.o^...21Jf.0.`.O.....<7&W..Zc..h..-y......|A.c8........p.h....^.n...w^. t.....C.p..oPK...rs.........PK...........R............=...com/google/errorprone/annotations/IncompatibleModifiers.class...J.1

    C:\jar\META-INF\libraries\failureaccess-1.0.1.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Java archive data (JAR)
    Category:dropped
    Size (bytes):4617
    Entropy (8bit):6.737341103801703
    Encrypted:false
    SSDEEP:96:6nc3+Tkadi8HKcL9CpLPu6+Lh61QyBcajLHtlqekr7ztyldIag4m85Bx:gc3+WTzpMyBcctlqGgZCBx
    MD5:091883993EF5BFA91DA01DCC8FC52236
    SHA1:1DCF1DE382A0BF95A3D8B0849546C88BAC1292C9
    SHA-256:A171EE4C734DD2DA837E4B16BE9DF4661AFAB72A41ADAF31EB84DFDAF936CA26
    SHA-512:F8D59B808D6BA617252305B66D5590937DA9B2B843D492D06B8D0B1B1F397E39F360D5817707797B979A5BF20BF21987B35333E7A15C44ED7401FEA2D2119CAE
    Malicious:false
    Preview:PK........&gsM................META-INF/MANIFEST.MF......Mo.0...........e;.\...,.Z$E.n....8Z...G...QV.;l>.H>.K.Zr-W.|....FO.d.pp.E.../..+.....&'......YL.R..F<.3V.(O.1.Q.mOS.gW.)....m.....V..S.......%....h..T..u...gR{.z8...u...s...g..}......E..Mq...y..Z..T...q...(......D.^.x..\.dNq....!l}.J.CK..dV.%.-..U.D..{. u.:.<.1.^......K-.....l..JR..~.......mPJ.&bI>j.....g...c5.:.B:..W...j..[.".L4..R}.*......9?S.._La.}.y..P.#....M.....Y.v.*.`..1..z...&W)....l~.0.&.`........Gt.n........_..3......z5.].l.@...E...+...ex..._v...oQC.;..I'2.j......y.V.3...6I^.DI:..`8.._AZ.f.?+..'y.....Wt..N/.F.F.{.7...|<za..t<&.Wc....C.O..8......PK...nk.O...%...PK........&gsM................META-INF/..PK..............PK........&gsM................META-INF/maven/..PK..............PK........&gsM............ ...META-INF/maven/com.google.guava/..PK..............PK........&gsM................META-INF/maven/com.google.guava/failureaccess/..PK..............PK........&gsM............<...META-INF/maven/

    C:\jar\META-INF\libraries\fastutil-8.5.6.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Java archive data (JAR)
    Category:dropped
    Size (bytes):23565248
    Entropy (8bit):7.918869008648572
    Encrypted:false
    SSDEEP:393216:gbld1YH1RpwPrepmziPIbXxByOF6lJ7i2Sa0Sj3y:4PCRpwymziKxF6Hi3SLy
    MD5:BEC1B59636691CF60269A28FBD5E072E
    SHA1:76F95700418A68FBC4AC050525261F05DC681CA1
    SHA-256:5021369BDC72E2CA24222D036C9B35C9733DC9C082A0891C4DBA5A583663F30B
    SHA-512:BDF452094B5B384DD2B933EDE0741DB22ECDE828C08808C7F43E9148160DA988DB8BBF8C5CBCAC5DE28396CB328FA71E64F465E9412058753DCFC75FC9741E11
    Malicious:false
    Preview:PK..........-S................META-INF/......PK..............PK..........-S................META-INF/MANIFEST.MF.M..0...H...C.H..6...r.F{h.U....uK...U..;..hb{..zLf.z...?v..{......b.(p...`G,h..XV.....d.Q....).8E{.E%h.:.E..._.K..d r{....2..[H...Dv.d.\Q.2.79..c.r...vS..A..`A2.....(@.7.R.4'.....b.:........>.YW...f.."Z....[u4g.../M..Y].L..:.c9..7.........E8}...UIN...sN.....h@`\?.h.,.IR.`....G.t..k........FZE..G.....Z...3@3.z.....P...z..im....L....0.u...2,.wA...~r]..m^.b..*....k...S.......?F.Yn..}..~W|F..}zQ.s.tF{..N.y`k+.).5.~..z_...eZv..5.C.J.sp.%.........ZLA.}lL....|..]..b......m.........t.7....y{..`.......`.'}8...X..w...Iwg.....~...h.y...3. .On....hI.-~.....#....Y.i.H.......m>..........n..........E....(..p......_PK............PK..........-S................it/..PK..............PK..........-S................it/unimi/..PK..............PK..........-S................it/unimi/dsi/..PK..............PK..........-S................it/unimi/dsi/fastutil/

    C:\jar\META-INF\libraries\gson-2.8.9.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Java archive data (JAR)
    Category:dropped
    Size (bytes):258075
    Entropy (8bit):7.86221320168447
    Encrypted:false
    SSDEEP:6144:mgn0WOOUZUBGvC+XHDMa+f9DB24I3fKJfd2RszIyXi:mmXOOpwC+X9+f9DZfs2IyS
    MD5:E67627F67E03301092DC7DE0A2D7CEF8
    SHA1:8A432C1D6825781E21A02DB2E2C33C5FDE2833B9
    SHA-256:D3999291855DE495C94C743761B8AB5176CFEABE281A5AB0D8E8D45326FD703E
    SHA-512:46501E4DD34C9A6F33FF63AEEEC45B049579365C5273490E5DFD5EA4EFFAECED907D0FC728204C619AA136E867AD826204582FF9BA3080D06693C1C675C8473F
    Malicious:false
    Preview:PK........{g]S................META-INF/MANIFEST.MF.....TQo.0.~.....a..8...".eh*..*[.s.^.;......$...k......K*.....A..d.E..:S..B.\..@.D...S.o.7.r..%#].*.H.y....`.7b2....J..C...l8<...G.hP..T@0U.Rf/.T.1..`ma.0.}(..<.....Q.......u.....W.o<...}....G.....@..=............c.?.<==.Z[..Y(..........V.*.......G.[.nh.M.G..~.\C:..+.6gr..9H.{s...#".^..x....V.e.Z..#B.....X.1.......6~?. \?.^.[.......]..,..,.f._=..jl.......}.V({........d.4*[.=....V...y.U.....mpK.#...8.8._.D.F m.c....xI.?.6.......J.,..2'.....!.M...@..:..i...$.M......NT}eT.S/.".ae.)^..n..P&..`...F.:.:.,i...yn.....~(%b..@FxC}2.....?..gC.q..PK..uEr.?.......PK........{g]S................META-INF/PK........vg]S................com/PK........vg]S................com/google/PK........wg]S................com/google/gson/PK........wg]S................com/google/gson/stream/PK........vg]S................com/google/gson/reflect/PK........wg]S................com/google/gson/internal/PK........wg]S............!...com

    C:\jar\META-INF\libraries\guava-31.0.1-jre.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Java archive data (JAR)
    Category:dropped
    Size (bytes):2974216
    Entropy (8bit):7.886368788539054
    Encrypted:false
    SSDEEP:49152:NScdDul0hTPa+VB5HtMQjP23PUM69tuTNwHVk4znE34fFPdytK1mXxtpCArZQ17y:EchuGdyANMQGd69Epu64znbN2D
    MD5:BB811CA86CBA6506CCA5D415CD5559A7
    SHA1:119EA2B2BC205B138974D351777B20F02B92704B
    SHA-256:D5BE94D65E87BD219FB3193AD1517BAA55A3B88FC91D21CF735826AB5AF087B9
    SHA-512:C8D8AA38E6FB04C409C37922EFCBBE182F65156A853F691D8381D56EEA208ADF22F7A28873BB7895210E41857DD4411AAF952682A2692051220E281910D0798F
    Malicious:false
    Preview:PK........bz;S................META-INF/MANIFEST.MF.....VMs.0..3...ph....J.1.!.L&.H3I.KOB^...r%........../0...ow%MY,.....2.H.............G..G..h e........w&L...s.>.\.....^....C.T......b.N7_3...........>....+....]...M..0@..)( ,........b.....Y0S.."b..>..R#Ba..Lk.-r.....(...@.z.~.Xt..)J..D..n.J..y.1..\7.f...n...X.n.0..b...:...S.0..*U....v'.......Ffe...BE...V^.L%o...Y}&.$s.....>/.h&1.^A3.Y.....*..F...?+.M....%.$w"Oa....*..8O.....m(.ciX&.`...6.P.Va..(<fL.. E.a....v@w0r.DB.n)W..1+......;.....S. 6.jj..u...K.GG....-..KN...J...c..Y.....Sf.(.,..[.s.Oa.`......y..D....N..^.%.yHe......D....&...x.T..h6;...}...H.C..|R...H".F,a..9i..6.....g....<).................Y....]......g....z.>:v.Tq.....R.n..Gx.@.0.^!C..F.q..v._.q...,u.12...x..Nq...,5...w*.8#|>.g.G.......A.....t.Y..{.e...C.4...w)C..[.b&......v..}]...PK..c.w#........PK........bz;S................META-INF/..PK..............PK........bz;S................META-INF/maven/..PK..............PK........bz;S........

    C:\jar\META-INF\libraries\httpclient-4.5.13.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v1.0 to extract
    Category:dropped
    Size (bytes):780321
    Entropy (8bit):7.923180926731671
    Encrypted:false
    SSDEEP:12288:NmjM46szuytdXV3UaftwJEAV4+bcYroWxk11cg+p9OB3p:NUM4hHdF37VdA6qrookUBEp
    MD5:40D6B9075FBD28FA10292A45A0DB9457
    SHA1:E5F6CAE5CA7ECAAC1EC2827A9E2D65AE2869CADA
    SHA-256:6FE9026A566C6A5001608CF3FC32196641F6C1E5E1986D1037CCDBD5F31EF743
    SHA-512:3567739186E551F84CAD3E4B6B270C5B8B19ABA297675A96BCDFF3663FF7D20D188611D21F675FE5FF1BFD7D8CA31362070910D7B92AB1B699872A120AA6F089
    Malicious:false
    Preview:PK.........CQ...#............META-INF/MANIFEST.MF...N. ...I..n...-1.mK.f..nzj.|]..i(.x...f..x..B8]B....F{.I.f..lm...".Mz...'.Z...6.zct:.h.FoSH....}.6%}82.Y.....Th..|q...-Y>.h.j...+.3p.h_...c.).89$..l...)....:...[.U&4.x.S7l...g....T.6........l..:u.q.f.w.|...\...'N:X.e...H......7PK.....#........PK.........CQ................META-INF/PK.........cCQ................org/PK.........cCQ................org/apache/PK.........cCQ................org/apache/http/PK.........CQ................org/apache/http/client/PK.........CQ................org/apache/http/client/utils/PK.........CQ................org/apache/http/client/entity/PK.........CQ................org/apache/http/client/params/PK.........CQ................org/apache/http/client/config/PK.........CQ............ ...org/apache/http/client/protocol/PK.........CQ................org/apache/http/client/methods/PK.........CQ................org/apache/http/cookie/PK.........CQ................org/apache/http/cookie/params/PK

    C:\jar\META-INF\libraries\httpcore-4.4.14.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v1.0 to extract
    Category:dropped
    Size (bytes):328436
    Entropy (8bit):7.886870737546168
    Encrypted:false
    SSDEEP:6144:w8YeQxGFmCf6F9B17YnWRViQbNWSIucj1k+2wA3jeTEHcwjrnLWN05:w1x+mCf2pbiny+2wA3jePwfnLWa5
    MD5:2B3991EDA121042765A5EE299556C200
    SHA1:9DD1A631C082D92ECD4BD8FD4CF55026C720A8C1
    SHA-256:F956209E450CB1D0C51776DFBD23E53E9DD8DB9A1298ED62B70BF0944BA63B28
    SHA-512:F16A652F4A7B87DBF7CB16F8590D54A3F719C4C7B2F8883CE59DB2D73BE4701B64F2CA8A2C45ACA6A5DBEADDEEDFF0C280A03722F70C076E239B645FAA54EFF9
    Malicious:false
    Preview:PK.........zQ.. BM...........META-INF/MANIFEST.MF.R.N.0.}_....o..:.u...#(<...Li/....].1...%...}...sO.Lf+..~.]eJ.....E.C..0c.x...btkL9RE..}..d<.......Q...x.D.....).....b................a....?,[....K..*.;..J.ha.4..je..t.j)..o..6<.......^.<F.O..).....W......A...........N.....K....vf.u../..I.n.tg.t.Y],Ao.Q.F!..G}D/..,..#z..s8k.j..`.H.3 ..4r...$:%=..&.D.:.9._..=R..p...so}....PK.... BM.......PK.........zQ................META-INF/PK.........zQ................org/PK.........zQ................org/apache/PK.........zQ................org/apache/http/PK.........zQ................org/apache/http/util/PK.........zQ................org/apache/http/ssl/PK.........zQ................org/apache/http/entity/PK.........zQ................org/apache/http/params/PK.........zQ................org/apache/http/config/PK.........zQ................org/apache/http/impl/PK.........zQ................org/apache/http/impl/entity/PK.........zQ................org/apache/http/impl/bootstrap/PK.........

    C:\jar\META-INF\libraries\j2objc-annotations-1.3.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v1.0 to extract
    Category:dropped
    Size (bytes):8781
    Entropy (8bit):7.306932985468355
    Encrypted:false
    SSDEEP:192:Z6XofCki4/RcMgS+JFEGFDOMHfYqzQzKRosZDrjq:Zuof/cnFFEuOMHfY3eo+q
    MD5:5FA4EC4EC0C5AA70AF8A7D4922DF1931
    SHA1:BA035118BC8BAC37D7EFF77700720999ACD9986D
    SHA-256:21AF30C92267BD6122C0E0B4D20CCCB6641A37EAF956C6540EC471D584E64A7B
    SHA-512:51EA975179F809CB260751D11A513881B643BF016D15949BCB63B57D3C8868A2197E0620CCBAA5739E032797EC6FAA3AA6D64606E999FCE32930314780CA4115
    Malicious:false
    Preview:PK........:y2J................META-INF/PK........9y2J...jm...........META-INF/MANIFEST.MF.M..LK-...K-*...R0.3..r,J..,K-B...V..+.$x..J3sJt.*..J..srx...R.KRS.B.........e.y..z.z...).^). ;,......x.x..PK........:y2J................com/PK........:y2J................com/google/PK........:y2J................com/google/j2objc/PK........:y2J................com/google/j2objc/annotations/PK........:y2J.{..........3...com/google/j2objc/annotations/AutoreleasePool.class.P.J.@..6.F..*^<..Co...S...HJ.{. .0....$.B_...C...V$...0...||......}.#.....n...".#.1."E.....".K.p.5...-d-.E^Yj#..e.p....D.q.s.22....P..>.....*M.z%..?..}x.0....,.....|.q7="c.v...?..V2]....).Z..T.<.:S..+.../b..<.a.6...R.p.........6.l~..........3..6.m..n.".a..PK........:y2J...(.......6...com/google/j2objc/annotations/J2ObjCIncompatible.class...J.1..'..j...C<..G..z*..W.lSA<H..e.lR.l.........,....o..y.x}..k8.`.....4F..%..)I....&.....Sa.....X..'q.mV..l.~{Z....s....P%tJ.O.r1K..!P[.Ub..z.P.....T"..E..=...?...M.E#..}.b.....@

    C:\jar\META-INF\libraries\javabridge-1.2.24.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v1.0 to extract
    Category:dropped
    Size (bytes):6053
    Entropy (8bit):7.256367864253654
    Encrypted:false
    SSDEEP:96:cx4hx3nUoAEVhkUD3EOkYJhufLRqts3/cK8nfCs9zrAw2vlR7GCLLBOqyfgs9m:cEtUlEVBD3E5YW9MIcK8ftVbieWzyb8
    MD5:636482F086E794F2CB227672828392FA
    SHA1:0C876796229B2EF5120F186EAB5ACC870699D3B9
    SHA-256:B5F8871A1799B36E27A5F2AD8A4B47DB39210031C967B794707B92E9E3F8598E
    SHA-512:77D7C33EC8828DC7501CE4A48AAC2AEC0688BCAC8D81CF37A9185EBEC5EEE391A2D09E2651DF61CDBD7C8BEA36E726E53D63B7D5A3E5B0BEC404DF768E1FAE6C
    Malicious:false
    Preview:PK.........[.R................META-INF/..PK.........[.R................META-INF/MANIFEST.MF.M..LK-...K-*...R0.3......PK.........[.R................com/..PK.........[.R................com/mojang/..PK.........[.R................com/mojang/bridge/..PK.........[.R.9.Y............com/mojang/bridge/Bridge.class.S.N.Q.]..ig.\*r).r.WZ..%&....j.I..t8..C.L............j$....;.Q.... .>....Yg..........\......1!.L6.nR..22.KN.$..RP.BR.e..T.-.f......[e.k3O....3Lh..Y.6xm.P...uQ0y..W.].N.!4m.....?.^a..Zk..]3j....{.WL..4K.....w.....Qg....g.@Y....C2.>.....g.|..%\ah.m...J.6[.mm.k.;y..GMxQ.U.y.j..o..)....|...DLE.m..g..b.}*......n.S*..u.7p.t....*.:...QJ.!t..B+.\.......0.%G....=......]h....0.a..V.Y....v.!R.6...N...P.F..zY.p.i.y..M...T-E.....|...'..#....T/..2.............^$O=...=d#.E_3.KB....|o0..?]...}..!H./s.C.'s............J`..C.h..'8H.!..&...1...#N.....~..s...H...FS.+.~..Xh..{..2..0.. 92..........7.s.;...].)..8Q.)..&a.$.%o.9..t..1..Q#}.....q........#..H.[...PK.........[

    C:\jar\META-INF\libraries\javax.inject-1.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Java archive data (JAR)
    Category:dropped
    Size (bytes):2497
    Entropy (8bit):6.97534517607407
    Encrypted:false
    SSDEEP:48:bmf5BiHFbWPpF6kbosVPnaEjjTkKmPRJpkT7+PYE7BtKmOdoPL7sjb4+9xhjFrBX:bmf502qRsxnagURJZYghdLo34wxhjFrN
    MD5:289075E48B909E9E74E6C915B3631D2E
    SHA1:6975DA39A7040257BD51D21A231B76C915872D38
    SHA-256:91C77044A50C481636C32D916FD89C9118A72195390452C81065080F957DE7FF
    SHA-512:E126B7CCF3E42FD1984A0BEEF1004A7269A337C202E59E04E8E2AF714280D2F2D8D2BA5E6F59481B8DCD34AAF35C966A688D0B48EC7E96F102C274DC0D3B381E
    Malicious:false
    Preview:PK.........M;................javax/....PK.........M;................javax/inject/PK.........M;................javax/inject/Inject.class...N.1..OA...P.0.,H.8q....'.....We.!%.C.C..\..>.....Lb..6.~....?._..p......@m...J.@=4SJ..T...E...f...j....J.2....9...L|.W.....}.....9..4...d='... y.:.~;...x.N..3.a.c..8#&..|..?.K.U.f.G.$...7.-.,.....C>|......@c.....Ua.nb-....2.*ao..T..c..............c.....PK...5;8........PK.........M;................javax/inject/Named.class..MK.@...iS...zR/E/...U..j...l.l .-..z.....i.F..a...y...k....{!.!Z!..L........(;....vrEhu..r:.=.+o...h.."..mD..U....p.x.t...C..$..'...N9u.WF.5.2...p...{y.3..G..f.vBH$H...17:}.0L^...........U...@8^...C.X]~L.!@C.5..%B).KX.."...m.....,`.`..PK...)j/........PK.........M;................javax/inject/Provider.class;.o.>...C..v..v.nF.....F...M...D...t}......kF........TF.V......M...Z;l...K..S.2s..y....2SR..@*..DAT.~f.H.>L..A.. 6F.F.&..`d.:....g......bg....PK...D.P........PK.........M;..........

    C:\jar\META-INF\libraries\jcl-over-slf4j-1.7.32.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v1.0 to extract
    Category:dropped
    Size (bytes):16630
    Entropy (8bit):7.760502015989389
    Encrypted:false
    SSDEEP:384:wCXCNX9qlwGuIUtnc1B0AI2nK5mlNgxjmMjCn+:/EX931F5ig8MG+
    MD5:8788169F5D5BE6550EFC75D3BFFFC82C
    SHA1:32C060250BCC5282CDBC1FD7008C12EB4EBAD00E
    SHA-256:60F3BDA5922E3912889CCA1311D1B227753610BF60CB4E5E914E8B2EAA0326B4
    SHA-512:55B0678CBE5359D7FABCEC55F305997170B0D45264B5CC0577CC9137AC2388A459B86C5438B5850D6E7247D3A00486F83F4B7E305B0EB756A52D3E5C5466DDBD
    Malicious:false
    Preview:PK........Ho.R................META-INF/PK........Go.R...^...........META-INF/MANIFEST.MF}Q[O.0.~_....@.....\.q2%...L..........&c.....J..,.+..W.E7.o[#.6..}......:..5.@s....QJ..P@K..5......;.#.G;c>$........<..i..u.?.U...$......P8{....SuHn..z9...?.D%)...*4..O_.z..T.w...%...h..6.p&.m.)..c..PxH....&...=9.._.+...n...xn..|.\C.....'K..4..}:...YFE..j.....m..1....SI.dF..c.c.....9.S.........]...m..q..mWP..*...C3w.......-...PK.........n.R................META-INF/services/PK.........n.R................org/PK.........n.R................org/apache/PK.........n.R................org/apache/commons/PK.........n.R................org/apache/commons/logging/PK.........n.R............ ...org/apache/commons/logging/impl/PK........Go.R..I........7...META-INF/services/org.apache.commons.logging.LogFactory%N.j.0...~...E.M.l%%C.P....Y.`.N..D.o..9{eVc.*.1r..........1.>.......1..p..?..X.L..u..2W....{..6.D...8.)........Mby.|....^J.J..f^..ub..j....5..x.n......f3Jj....CP...vlE.J..!w.P.rz

    C:\jar\META-INF\libraries\jline-2.12.1.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Java archive data (JAR)
    Category:dropped
    Size (bytes):213911
    Entropy (8bit):7.930024191699608
    Encrypted:false
    SSDEEP:6144:XxZfAUXDw+3mmUWA/4gQbM3uLggldlTGVUvN:J1g/4NLbDjvN
    MD5:96E04A388FFFF0ADEE6C2CE64612A7A1
    SHA1:6995A145068FDC69D291E597531A414311100E72
    SHA-256:C31F1DCF2CEF46F8A6F8AEA8AE5C295CC96910E8F8EA4C40291695D64D2E940F
    SHA-512:4D7E542EC267740E5A5061DB0D08E8C262B7ED6580CE4B4039149FEFED7ACB2ED8756B6B3FF4185BA991C892ED2030BEE2281D364DB16EA746786E7582A1FABF
    Malicious:false
    Preview:PK.........IF................META-INF/......PK..............PK.........IF................META-INF/MANIFEST.MF.R.n.0.}G...<mSq ]V.(.K..U.V..^'.n...-_....I.RE.....s|.].-.>.....9.x.G?..8.<..El g...f-...q..>.M....(G.mO0.MxF..Vq...F.Q._......oc.xp.......^....C.g....Jg0...K79.3.e.8Z.R.d.Q.....?..-t..<....F..._.......Gw...2Tf.........B..3..$<.}...N.F.?..}....|9q.jC....>YZ..+S...j.N....o.i6..........,@#iW..|<..v.X..............me..{..I......w.X..";p...Ygj(<2o..g.e+...f..AI..@E:.A.c.9.)..8z.Z-.b.q'.f...N.&8.j...5...w-LM.}wE%i.N.>*..^..(...PK.........u...PK.........IF................jline/..PK..............PK.........IF................jline/AnsiWindowsTerminal.classuS]O.Q.=.-]X.Z.*XPDAX.+"*.Y..b.....-.\Rv....).._x..J#....(..vY....=w..3...~..0.u.IL..FF..".'.f.<U...V<S1'....*.$..|.=^)XP...aZ....e..x...gH.:f...m.nq^.hf<wl~0.a...}o.s.y.0..f....N.r..[...wv..!.9;o.vMG....yG.eH.K.od..=a..Sw.;'.2KT2j..C.6.d.t.1.E....W'.L.h..9...%N..2....y/...... /X.}.c..=a[..(,.-.R

    C:\jar\META-INF\libraries\jna-5.10.0.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Java archive data (JAR)
    Category:dropped
    Size (bytes):1756400
    Entropy (8bit):7.988233179625981
    Encrypted:false
    SSDEEP:49152:craOor+vqKp74/ZDt24ffZ7Eg9QLYtM/KUA4TTuz1:c+OiwqKOZDDXl39TtM/dVuh
    MD5:2B884B01AD2F62D4F5DD11387A8BF799
    SHA1:7CF4C87DD802DB50721DB66947AA237D7AD09418
    SHA-256:E335C10679F743207D822C5F7948E930319835492575A9DBA6B94F8A3B96FCC8
    SHA-512:7DAF6A8605AFFF8BFC564B73B1A09EC8384F3ED2A5970F5E29AC3AC52336808E3CB2A083A22E8E00A6DA8913B6DFDC093B92BA18A4F6F9FFAFBD70006E308FA6
    Malicious:false
    Preview:PK..........hS................META-INF/....PK..........hS.v.DN...Y.......META-INF/MANIFEST.MF...r.0....;pLg..N....q|h..:.kF..D-HT....w.. ..N{...~Z....%.=.J.G...~...p..eL.+88./.#.6..$.....M.\....t.m.#.d..8.......a8.%.{..(u.P..j....w$a{..>Eq........X...lH...B^:7wK.....X.t..D.q...:sLo;.61P..1....'O.YR.J9'8GC.=.]{.~8... .o.....}...-.......H.ZL.kPT.8.:./l+.|+...h+BF.P..BQ....?wLB.N....k.gRp...........B...j..N......:..L.{B...3..>.p.'....'..~8p.._..Mj...z.W".9u.)F.b.i...S|b.S1I.......5!."../.s.8..B\;..w.....au...H..._>6.!..v....B..:.P....82.0(...P.A!.VIJ.@.....,.s.Iv.r.%`..J.pI.0.Tm.T...*.9.BK.~V..@.R/......*.%..F.6.iU.O..nT.18!.;3..uU..\;...r..H.....!.^X%-.^...r..V.=..".V........DU.._9O.F!'_#*!.A.........gU.....>.V.$..v.......X...}.J.....:....su.U5..{..[......@...=...6(..R.e.H.9Gth..<...%.@.z.%~........;.!"T.tn.N......#x..F=.D..v...;F..,.....-.Vf.aP@..."......^ .w+.]yA7n....PK..........hS................com/PK..........hS.............

    C:\jar\META-INF\libraries\jna-platform-5.10.0.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Java archive data (JAR)
    Category:dropped
    Size (bytes):1343495
    Entropy (8bit):7.87709545673593
    Encrypted:false
    SSDEEP:24576:cG1z6kFGf0h1DpYuANNi1uPJlXMXeMWlz/MHG3Dj2S2xiQg3rn:cGt6kQeuZNcMYB3HW3214vrn
    MD5:C1AB841070C388EC32B77CDC05F084FB
    SHA1:FBED7D9669DBA47714AD0D4F4454290A997AEE69
    SHA-256:1F71AFD977051BF0109EF5E3767D4E2AFD777BE894D89788CC0F38AD68F6A16F
    SHA-512:BC8BFD5A5C9A8A145EA789AC946DC3EE6E9B7F5B721733567DF8A1AFF0A8499D6B1434306226004BC8BC58FE41EC1FC8A99D5420301682B72F379AE526BFA4E5
    Malicious:false
    Preview:PK..........hS................META-INF/....PK..........hS................META-INF/MANIFEST.MF..[o.0...#.;X}j....E...(.06h5..N.sh.:..8.|..\.(d.^........+.=}..K..d..0....r...gx8..0.;..Rz....Y.+...d...Qj....g..Wa.-..2.{4...+..a2...=k..~e\v.>.N....bD&P.2.:$......".H"L_Z.r%.../9Y..K..yN.1..?...n.....:..=...z....w..;Z..*..+i.&..'...U... ?d..t.r.%FI...E.V....k!...5.....R:...cz......cslM..m.7....lz|.hz\..tm........{\ou........X....5....(........Z..s....../..N...-...Q.9.f...?.._..J..>[...=CY..SU..}.1..i~$;..s.A.^G...........^u.C..?PK..........hS................com/PK..........hS................com/sun/PK..........hS................com/sun/jna/PK..........hS................com/sun/jna/platform/PK..........hS................com/sun/jna/platform/dnd/PK..........hS................com/sun/jna/platform/linux/PK..........hS................com/sun/jna/platform/mac/PK..........hS................com/sun/jna/platform/unix/PK..........hS................com/sun/jna/platform/un

    C:\jar\META-INF\libraries\jopt-simple-5.0.4.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Java archive data (JAR)
    Category:dropped
    Size (bytes):78146
    Entropy (8bit):7.857780359932374
    Encrypted:false
    SSDEEP:1536:XIrb/221iUnPcVlb5ANSEJb6d8xcB7rF3WcMNxzFnS4k+/3dxn1NQ3HMdul68tlR:XKbXPcVlb5AhJbXcrF3Wxvpk+/tt3mHT
    MD5:EB0D9DFFE9B0EDDEAD68FE678BE76C49
    SHA1:4FDAC2FBE92DFAD86AA6E9301736F6B4342A3F5C
    SHA-256:DF26CC58F235F477DB07F753BA5A3AB243EBE5789D9F89ECF68DD62EA9A66C28
    SHA-512:CBC27E0B6DA6AE4B6245353D6626D2E3C171C3026A555FA21E8EF61B30714E286DB85086D1A57C167016E8A7F07BE2A243E34B3AB504B1877806F3BCEC5DF986
    Malicious:false
    Preview:PK.........Q.J................META-INF/MANIFEST.MF....mROo.0.............bd3q.T....6m...W..1;.....D........"A....J.pC.M%e9....l6.O'...e..5.4\...0.....m..$H.Rr.....!|..i.lS.Dkr"...&..r..".^.(.UE.u..$...C6,.a A..*......r..u.X."..D..a...T}F....;..R......V).=..T...Z...M...?....:A.Oe.....8.n.......n.HV.J...j.h....{.UR.pK.#).....M.,...k.x0?.U...........e=x|.KJ...U..8.^..PK....7.F...9...PK.........Q.J................META-INF/..PK..............PK.........Q.J................META-INF/maven/..PK..............PK.........Q.J............"...META-INF/maven/net.sf.jopt-simple/..PK..............PK.........Q.J................META-INF/maven/net.sf.jopt-simple/jopt-simple/..PK..............PK.........Q.J............<...META-INF/maven/net.sf.jopt-simple/jopt-simple/pom.propertiesM... ..........M.N........C..`..ut}..Q$....H.Pg..........Cs>.nZ.<Z...%.........T'.".>.....qj.n.H...g.uW......[......PK.....y.......PK.........Q.J............5...META-INF/maven/net.sf.jopt-simple/jopt-simple/pom.x

    C:\jar\META-INF\libraries\json-simple-1.1.1.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Java archive data (JAR)
    Category:dropped
    Size (bytes):23931
    Entropy (8bit):7.820586216803312
    Encrypted:false
    SSDEEP:384:pE/9KaHb7YefTGVQ1FSksRHOYP942kV+h+VoNOMY4QpEO+omGdMPPvD4d2fPgxds:ps9KaHb7Ye77fgOYP9iAlNO0QSOAGdMP
    MD5:5CC2C478D73E8454B4C369CEE66C5BC7
    SHA1:C9AD4A0850AB676C5C64461A05CA524CDFFF59F1
    SHA-256:4E69696892B88B41C55D49AB2FDCC21EEAD92BF54ACC588C0050596C3B75199C
    SHA-512:F8798BFBCC8AB8001BAF90CE47EC2264234DC1DA2D4AA97FDCDC0990472A6B5A5A32F828E776140777D598A99D8A0C0F51C6D0767AE1A829690AB9200AE35742
    Malicious:false
    Preview:PK.........t@................META-INF/MANIFEST.MF....uR.n.0..G.?X9...4..P.E."Q.Z..$.$vd.....(B..o3o.7..^.6....Rd(&.....+.M../90[N.$I.Q.2zN-..k..l...H..<....K.J*..gRT]U...+.B...&S.y....H....s.J..r...8+^....1m......; RUa..:\......'$".l.~~M7.K..6V.s#n....4..J;D!.RIY.PH..GK...7........./b.O.rz....m.C..-.T.oh......z..@..M..2i......N..s.......n....>.!2..?&.Q..~.PK..."..=... ...PK.........t@................META-INF/..PK..............PK.........t@................META-INF/maven/..PK..............PK.........t@............*...META-INF/maven/com.googlecode.json-simple/..PK..............PK.........t@............6...META-INF/maven/com.googlecode.json-simple/json-simple/..PK..............PK.........t@............D...META-INF/maven/com.googlecode.json-simple/json-simple/pom.propertiesU.... ..w...2W..B..:.....0.b-.'O-....t..WH@....W yi..O....kK.B....4.wCB..:Mz...<..Js..*..d.3O.....w..}....`:.......a3.....PK....n........PK.........t@............=...META-INF/maven/com.googleco

    C:\jar\META-INF\libraries\jsr305-3.0.2.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v1.0 to extract
    Category:dropped
    Size (bytes):19936
    Entropy (8bit):7.511003282285897
    Encrypted:false
    SSDEEP:384:ryPbH105/su/xBbxi9hjroa9QG3Y2Wzxv9JMrRuuWPyEQoT49Mozkd1qQsFuHSdx:rimrliZro6pQZdGI+K83GK
    MD5:DD83ACCB899363C32B07D7A1B2E4CE40
    SHA1:25EA2E8B0C338A877313BD4672D3FE056EA78F0D
    SHA-256:766AD2A0783F2687962C8AD74CEECC38A28B9F72A2D085EE438B7813E928D0C7
    SHA-512:BB09DB62919A50FA5B55906013BE6CA4FC7ACB2E87455FAC5EAF9EDE2E41CE8BBAFC0E5A385A561264EA4CD71BBBD3EF5A45E02D63277A201D06A0AE1636F804
    Malicious:false
    Preview:PK.........V.J................META-INF/PK.........V.J.-..b...s.......META-INF/MANIFEST.MFuR.n.0..'.....R.-..:..1s..Ri.*..-.o...../....;...|...Li.E...]gZ..3..t.xaZ`....3..!.i.4.I....2.h.S&4...".....HA.=CRe~..._~......#S.^.....V.dM.....v..LT...S..]..5.......^b..a...%.&...8.v...... ......5...B_R.1h.BdSA!..A...0...u.u!..k..If.z .......v.x....3..U.,..c/j.....T..T..s.?.Z....T.._.K.)rj..6.6.+.G.\g..1...O.^AB*&@.....].....S....8p....PK.........V.J................javax/PK.........V.J................javax/annotation/PK.........V.J................javax/annotation/concurrent/PK.........V.J................javax/annotation/meta/PK.........V.Ji.x.".......#...javax/annotation/CheckForNull.class...NB1...r;.7.P1....v....9*..e9.R.i.....\..>.q0FH...i..3.......!6<.zX.....q?...$P<.P..~.k}....l...n.@.5U..N:e.@`.|..Z.'_........#..o.uR..1...K..@i...I..U.........vMr....H..$...K.U8..^.&h..\}.g.If.Z..bk.LW...QQ?Pa......>.......v.B'.;...EY@ .;..J#.g.Y.8...q.c}.....9]",c..Vr|-._PK.......

    C:\jar\META-INF\libraries\listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v1.0 to extract
    Category:dropped
    Size (bytes):2199
    Entropy (8bit):6.982753432883988
    Encrypted:false
    SSDEEP:48:9fuqHmUQb1rbNeuTIbEMONxXwukojcooT:JuqHbmNxIb5FYc7T
    MD5:D094C22570D65E132C19CEA5D352E381
    SHA1:B421526C5F297295ADEF1C886E5246C39D4AC629
    SHA-256:B372A037D4230AA57FBEFFDEF30FD6123F9C0C2DB85D0ACED00C91B974F33F99
    SHA-512:C5987A979174CBACAE2E78B319F080420CC71BCDBCF7893745731EEB93C23ED13BFF8D4599441F373F3A246023D33DF03E882DE3015EE932A74A774AFDD0782F
    Malicious:false
    Preview:PK.........}+M=?qNb...l.......META-INF/MANIFEST.MF.M..LK-...K-*...R0.3..r.JM,IM.u..Rp,HL.HU.M,K.S0.3..;.f.e....2..!B).^). #,....M.u....sRu..y.x..PK..=?qNb...l...PK.........}+M................META-INF/PK.........}+M................META-INF/maven/PK.........}+M............ ...META-INF/maven/com.google.guava/PK.........}+M............1...META-INF/maven/com.google.guava/listenablefuture/PK..........!.y...........8...META-INF/maven/com.google.guava/listenablefuture/pom.xml.V.o.6.~._A.i...5+.#p\.E......[...@..I.;...$..ggm......G.+.z...N.}..b..P.SK..g.>.....T7.`......}.y?..E..............x...%z...x..Gv.%.......?<.C.=.v.k....E.h~0..H....<.!?.....g'Wg..({S...DW..,.l.i.....th....u%L.ZcZ........&.q.e.'C...JY,...\...W.....uY....g.K\%.G...6..-../....ac?.).&..J....%...w.,b.V...w....Toc*0ZMe.=.k.NX9.9..O.1..)...V.v......*.K.w@3v.a.".&w......r..Q.p.R...$..lV.E..Dv.i.`.;z.f......m.4....;..P*3&8.'0.C;.....|.J.....D...70:b.G.}..F...4.'.f..^J.2 W.L..lp.d=vRt;.....n.c..%.I..#..

    C:\jar\META-INF\libraries\log4j-api-2.17.0.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v1.0 to extract
    Category:dropped
    Size (bytes):301776
    Entropy (8bit):7.910275982910905
    Encrypted:false
    SSDEEP:6144:vxKnzDEt1rfKVrPhA/l5svOAnYKCSffaZUjYRgas1zPSP3VNMOkYd1k0aKnHO:vMfEt1e5hA/leOtz0oblUSP3jMHYdnVu
    MD5:935FCBD8C8273C0A4F1652DE53493050
    SHA1:BBD791E9C8C9421E45337C4FE0A10851C086E36C
    SHA-256:AB9CADC80E234580E3F3C8C18644314FCCD4B3CD3F7085D4E934866CB561B95D
    SHA-512:6391788510D015AE2D94527B942CF49A9518E8628932E0A08A1D8A46297499F9CD8A81F7DD99409F69BEB06E844F9FC33B6C5C403786202CB3FACE9E182A5496
    Malicious:false
    Preview:PK........"..S/.......\.......META-INF/MANIFEST.MF.VMo.@..[...8T../..>.8....D..R.....m..].!......!v..d........l..4.......".].%...9c..18..Q.......@...Af...xr...6i..$s....#.n....N...Y.g..~d....9zv..sT._B..X....<..n.:=.m[.-K..(....J.1.....+v.k..\ds.#+&.T6L..LA...T.....@c... .cA.....W..x...Ya.R.\H...R,.0=,..k..iP..@.#.1 f*[.S..X......;.B..2.<..Y.......6k.A.E...y...<9..@.#x#..IH...pe_@.DU...H=i.k...0......I...@........>......'.g._...tm.T.Z....).cT.JR.o.L...&V.4j...D..T.2..k..a{.\...+Sgy.:.."..#...*.x.e..J.#O.;....yJ...l.9...1....rUY~...w."OA..o.S5............i;.M..6O....1.H ....m..dd..I.,t.Q.,..."RcG..7..p,....`....+.."Of....s8..G\K..;*....i.....k..kn...<p..b4.%.-v..4zv..z..Eey'.~7.|.14...A..W7j..6-y"\xe.....t'.{..-.F......T..g^{..9..i.Z.......sh....l.&O..+[...n.e..W.5....PK../.......\...PK........"..S................META-INF/PK...........S................org/PK...........S................org/apache/PK...........S................org/apac

    C:\jar\META-INF\libraries\log4j-core-2.17.0.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v1.0 to extract
    Category:dropped
    Size (bytes):1789339
    Entropy (8bit):7.896007485355997
    Encrypted:false
    SSDEEP:49152:aTzpTDUE7i5YgFsb3TSd7JhPZwlnemykp/aH4:aTJobYF3udZCbyq
    MD5:DA06F4AB7FAEBC965AE04D0BA92BE715
    SHA1:FE6E7A32C1228884B9691A744F953A55D0DD8EAD
    SHA-256:65C33DC9B24A5E5F6CACAE62680641582894749C7BF16C951032EF92F3E12A60
    SHA-512:E28FA0F1CBAC0D925055B4C89DE3C1F7293A001574B8479B7AE912DFF051ED35477847509D70586A3B7637F0F529F701235766ABDFC755F261A2AAF6DC2A70B8
    Malicious:false
    Preview:PK........9..S..%....nM......META-INF/MANIFEST.MF.\[o..~70.a..".<.g.M...[.d.."N...P...#[..]|..9..!%^5.}.X"?....#R.$O......e..|=_F'..wM.I..K..............}D.....+..Sq.:.......?.V.IT?.=..cv..o$.....N..u._...(f%.>IZ/.=...5....|..B...m.mB70..../.W/^.^-.f..."...kR..a.....O..f.....-.].%u.C{..`..{>...+M).....5-..$-.....OL.......QH|........P..e0...@H^gt....../.MY.|^..bi.C\.a.....Iz.}. .Z>dit....#..L....X.7............p.....R'..@......8.s@\>v(..De...\%.....d.=.h......-.....s-|0.'c.&.Z\. ...9.L.C}...&.....N.E.........w.bF...U.2#u...x....;<E).g_.Bh\/..E.(....H.20...y..h.TeS.LV.......y..s....;.M.:...=....VG+G.~i..d1.*.M.|,j.?..7Y%.k.-].).8.VN....z-."X....m.fDY.%....)JrX..J.]W./K.R.=uq..qY.SN..8a,._QUu...L.....twj.....Z..L^.R.%%.t.qJ.W........I...#...].,cy../+`...T.`eQ....:.D1....C<.Xu. .[FS^.....d{K.8M`.*T.M...7.T....Nu./.U....R..r.6...pGZ.q.f....q.....Ljj...q........^..3....X=.....n.. D...W0E0..5..K.+`.8vR$.'....`T....=.....0.......j..i.7+....[...OP.6\...

    C:\jar\META-INF\libraries\log4j-iostreams-2.17.0.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v1.0 to extract
    Category:dropped
    Size (bytes):49446
    Entropy (8bit):7.874736873024968
    Encrypted:false
    SSDEEP:1536:jA1fIbRXAe08s6ltJ/twRreJ/IIuxWvxqAbpUHAQ:m8smt3KWvxqUs
    MD5:BDCCC1923D88FCD2720B1738ED13478D
    SHA1:223215EA8F9B1A946716B4DCFA5E26D2D845376C
    SHA-256:7A27C31FDD736B232BB9DDDC3B76328F2C063C5CC2F4946D9E9417B567460E72
    SHA-512:E7C430CCA24C9A7B9DC0F702B66BE7C19D8E5FA5B353A40DCD028374408C2896D463524DED9B3443ED64583DEA5BEC33ECB174DCE99EF1C1F38BB545008D9709
    Malicious:false
    Preview:PK........r..S..&,............META-INF/MANIFEST.MF.UMo.@..[..Xq..)^lC.8.!.ZA .0.*.Pm...........? |F.d.y...1e)_........#..M...a....*......rIY.g.BF....d4.>.C.6.oz..'O...X.(X...E..4*..?...%.D..<.V..#2.....5aJOE...B.x..uz-....i..,..R.4*@%i(.5..74.?....d.u..n.T2)R._2..2J5....4...b`..,e.H..X.=.o5.J.....&G.W..R[.,xA..T._...4~...\.......A.Fy..)/..,.IB..<........U..l.....\.5..'.s...*...z.....4....n.....U..v.....i.B..9~..z ...Y.....B....#..~..p.M.....TuA....7]...#.m..w...R.`F.....sj'...*@..g..c.Ve..D.bI.^...D.3..m..Z$.9.....PN..=........lQ..B/...U..2m-kZ....:t*.\..#...%..k;.....n.w..N..'..5.I.14g2.m......n.|...6B.........H.<.9.r..../e...;....-s\mm.X`.o./.^%.K..............C..k....PK....&,........PK........r..S................META-INF/PK........q..S................org/PK........q..S................org/apache/PK........q..S................org/apache/logging/PK........q..S................org/apache/logging/log4j/PK........r..S................org/apache/logging/log4

    C:\jar\META-INF\libraries\log4j-slf4j18-impl-2.17.0.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v1.0 to extract
    Category:dropped
    Size (bytes):21244
    Entropy (8bit):7.837803793066488
    Encrypted:false
    SSDEEP:384:fNqgH6nWWPQswjNeIkHPZJbD7KLc7rciffLg0ZTEDsa:fNqgaWWxwmHhVWLNirgUwsa
    MD5:E1F844AA6B0E5EB646EE8EDDAC69011B
    SHA1:BD7F6C0B9224DD214AFB4E684957E2349B529A8D
    SHA-256:40BB460CE600AABF832BE01141D07ED439FE288140AAFAE4FDC391D682E9CF43
    SHA-512:99EEA70960ABBE3F672CFDB9DD235BDFB4ABC0AE0C9CF3B3AE95D91F5C61800639756A0412426696D92F2316980F2F178994DCD83D229C288DF4207F996BA0AB
    Malicious:false
    Preview:PK........r..SK...............META-INF/MANIFEST.MF.U]o.0.}...`.0..1$..R...NP..a.=LnbR.!.....M. |u.....s.....DlA.i.."a<r....K#?..y4J.......V[....{.....*<......;0,\.r#w.....#Y...l.C..,.....N.E..l.l.../...{s..8...7.$.....>..i..e.7-..kCp.K.I"!.H&.0.......6O...Ab77E............z,..W.rdFCJ.:!...p...3.^.U..q..l|.t.f..1%.+.\Vz.R..T~[....Juo.k.K.$@...q.b.a.s.Z.....J.^..O.......U..........2A.>D}b!.0=<......@.....z.\..w....+.e..r..X.%R.....i..K.A;#."...j+..]gz.....FO.I..==.TJ.....|.]eT...1..w~TES....=...PU.....}..n.z...U8.Lv.@].O.b.e..q....a;.M.[g-r....v..U.^d.x..2....yG....E.....0}.`....KP.....]m._.gV.Qr.kLm...._.5...sH(7..6)...u.}.i.y.lC7.7X.V..m.m........N..e..2f....4Fw...*C.O.GKP_P"..?)E..Y...0h..Pw........p...l..p...+..Y.j../.x.`...v.....@Ar.q........?PK..K...........PK........r..S................META-INF/PK........r..S................org/PK........r..S................org/apache/PK........r..S................org/apache/logging/PK........r..S..........

    C:\jar\META-INF\libraries\logging-1.0.0.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v1.0 to extract
    Category:dropped
    Size (bytes):15343
    Entropy (8bit):7.679232485773333
    Encrypted:false
    SSDEEP:384:duehxQTzumWWhP6jRcJUacYZZ+TUI+bxaX2KBpf+wZ7:stTzumTcj1acqMTUbxaGwZ7
    MD5:DA749ABBFC663E228464AB6B34B97072
    SHA1:F6CA3B2EEE0B80B384E8ED93D368FAECB82DFB9B
    SHA-256:B2F5D129244F7A90973623CB683BECFCCD0E23B2AC3ADEC028F259F27B0A5400
    SHA-512:842623C6FF44FC09D90DBDA14CDD0DDED9C2975E55186789F5A9524412693624FE8195108AAC52C34D8F3D21300C9F1867B5D6EFF6FAEA8CC2CE3BED4B928FE9
    Malicious:false
    Preview:PK.........n3T................META-INF/..PK.........n3T................META-INF/MANIFEST.MF.M..LK-...K-*...R0.3......PK.........n3T................META-INF/org/..PK.........n3T................META-INF/org/apache/..PK.........n3T................META-INF/org/apache/logging/..PK.........n3T............"...META-INF/org/apache/logging/log4j/..PK.........n3T............'...META-INF/org/apache/logging/log4j/core/..PK.........n3T................META-INF/org/apache/logging/log4j/core/config/..PK.........n3T............6...META-INF/org/apache/logging/log4j/core/config/plugins/..PK.........n3T...sh.......G...META-INF/org/apache/logging/log4j/core/config/plugins/Log4j2Plugins.dat}.1..0....":.A$.!.S.....t...%.=$PS..3.....(......E....6h.Q.?..e~.L.w............O.L._..p..h.iB.O3..PK.........n3T................com/..PK.........n3T................com/mojang/..PK.........n3T................com/mojang/logging/..PK.........n3T`wl;....1...#...com/mojang/logging/LogUtils$1.class}R[o.A.=.m...k+X.......Q

    C:\jar\META-INF\libraries\maven-artifact-3.8.5.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v1.0 to extract
    Category:dropped
    Size (bytes):58077
    Entropy (8bit):7.828449855104005
    Encrypted:false
    SSDEEP:768:X+irgfUrGdGEcgEaQdGbvFdydTzXwW/XNncN4dSg2xawlVbMQP87ADxll/If0oUW:3g+daZvfuzdcN4BgawvxFlRIfNUqr
    MD5:CE473B0D9FBFD10FE147F03FE8707D67
    SHA1:4433F50C07DEBEFAED0553BD0068F4F48D449313
    SHA-256:91172BC294D6EAB02FC9F45F4EA01FD0E418962D128CF489ABEA7B6957D988EE
    SHA-512:9F7936F9039E22DDCB21C75BBA295A54FB40CF25184BC42CA4AFCAB03848894D74978DA86B076B11BFA4E9388ABC0201AF8AD5F3E26C34A4C216FCD6182EBA32
    Malicious:false
    Preview:PK.........[eT................META-INF/PK.........[eT2.gd............META-INF/MANIFEST.MF...j.0.F..~.....R(.K.....-.Wc%.s..8.{.%..`.W..H.Q..5..R.9Hff..K.yjI...i..<e.....c...tG}.X...Z.;....6..bf.od.....C.>0.y...3.{......{..>I..*"a"g...M.3[?4,.....N?....p.,........<..N..We8].X.(B.a..k.VZ}.PK.........[eT................org/PK.........[eT................org/apache/PK.........[eT................org/apache/maven/PK.........[eT................org/apache/maven/artifact/PK.........[eT............"...org/apache/maven/artifact/handler/PK.........[eT............#...org/apache/maven/artifact/metadata/PK.........[eT............%...org/apache/maven/artifact/repository/PK.........[eT............,...org/apache/maven/artifact/repository/layout/PK.........[eT................org/apache/maven/artifact/repository/metadata/PK.........[eT............#...org/apache/maven/artifact/resolver/PK.........[eT............*...org/apache/maven/artifact/resolver/filter/PK.........[eT............%...org/apache/ma

    C:\jar\META-INF\libraries\maven-builder-support-3.8.5.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v1.0 to extract
    Category:dropped
    Size (bytes):14298
    Entropy (8bit):7.6955640259552345
    Encrypted:false
    SSDEEP:192:10uhr2NA4i8o23fS7NxdRcNg8vo/Fa2wRGuvYlmgM6yWIOC+UVvVweh6:K8rciffLgo/hwRhQlmgMRJOGVvVweh6
    MD5:FE19C6661C964CE89508900565C8524C
    SHA1:941DD5BBAAA1B2134510E7B3C6175911D0BBECCA
    SHA-256:A205EAA76609AE0039BF38FE9A9C024C646EDED05D176EFFBEF524F04A2C2761
    SHA-512:F4FB564FF404475BC7125E234424161F57FE8D2E87041E30B383F1F026755BCB3C4C9A4DB56C6AE24BE1145B3E3E79B6E26114FE6C9D58C93CC56AB04E6F28FA
    Malicious:false
    Preview:PK.........[eT................META-INF/PK.........[eT?.Nc....S.......META-INF/MANIFEST.MF..Q..0.......6...7...!Rz..Z.......T. #z.p.9...\..;OO.:it.K. ...[..^....S(..5l.T....Z....jZ...ITZ.e#..q)T....?.i..;...Z....o.Q....!5LHH.u.=..yL.<;.A...=Z..9......I..PK.........[eT................org/PK.........[eT................org/apache/PK.........[eT................org/apache/maven/PK.........[eT................org/apache/maven/building/PK.........[eT................META-INF/maven/PK.........[eT............ ...META-INF/maven/org.apache.maven/PK.........[eT............6...META-INF/maven/org.apache.maven/maven-builder-support/PK.........[eT....t...........META-INF/DEPENDENCIES.....0.E...@v....._pE..q+..M+1.......#.~&.H.%i.2*$CFF#.......K...d.LK...KZ!T.B.?....!9..........+.....`.PK.........[eT...m...^,......META-INF/LICENSE.Z[s...~...r.Si...4i...CiD.n&..%. ..... ...=....dw.VM.5I........E/...u.:.^<..?.u.t....B.Mv........<.h7...W....\.6sc.....z....~Z...J..Y]-.7..xws'>

    C:\jar\META-INF\libraries\maven-model-3.8.5.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v1.0 to extract
    Category:dropped
    Size (bytes):215280
    Entropy (8bit):7.965385786350336
    Encrypted:false
    SSDEEP:6144:9Yd2ti4PlvA34mj030Ny6CK/MXvNj8tOElY+dbO96:+Us4PlvCj0EM6R/MXSlY+Jv
    MD5:3BE24835BB2379D50201F4D5958D643C
    SHA1:A22C2ED76CBD2F78120D9C653F89E15123D473FE
    SHA-256:7C9EEB30AC1941EA9BDF76C08C162ED98C005913E5BFF66DE3F1027A304546DC
    SHA-512:3D831C9D61C1D2697D4FCC76112154BF82BFFF7514A71FF6D42D72351093956A7EF1F9C54F9D81E9D58B81DFF0510618ECA4C751A0D3FCAD023E448E81BA0FE7
    Malicious:false
    Preview:PK.........[eT................META-INF/PK.........[eT.U'....?.......META-INF/MANIFEST.MF.....0....{...F..x.A. DJ.c;...Eo.....].8..9._H.5t...w.l..bE.i.4`...W..$..w..p.....7".[J........'...K[..Q.:<...w..o.7..6..h.....Q7.d.A..<{Nt........P$...Ww.......PK.........[eT................org/PK.........[eT................org/apache/PK.........[eT................org/apache/maven/PK.........[eT................org/apache/maven/model/PK.........[eT................org/apache/maven/model/io/PK.........[eT................org/apache/maven/model/io/xpp3/PK.........[eT................org/apache/maven/model/merge/PK.........[eT................META-INF/maven/PK.........[eT............ ...META-INF/maven/org.apache.maven/PK.........[eT............,...META-INF/maven/org.apache.maven/maven-model/PK.........[eT+.W.............META-INF/DEPENDENCIES..Ok.0.............:..e.?w7Q...6..t..S.f....~.'I)..\B)x..FJtA........RM.|pg,...CK.+8.....5...y...X.d..17&..r..aY...v..F...[hX........X.)y.Ty.r?..D.......

    C:\jar\META-INF\libraries\maven-model-builder-3.8.5.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v1.0 to extract
    Category:dropped
    Size (bytes):195825
    Entropy (8bit):7.877687555780388
    Encrypted:false
    SSDEEP:3072:Sb+z8GUsKFA+H8QZt/cNKpIOllve/GzbCPh5gC3tA9c/wtXNpfrhVG8:tYzHft/cNK64TWhuatA9//dVG8
    MD5:D861F5D9BECA40772A2B072E5D616156
    SHA1:D719E354056FCF486CD2300CCE3D1A422349FD38
    SHA-256:6BCD688B4700BC0D9046C531C316E75674F53B345D4432D6A7F62812B2424BEF
    SHA-512:6ACAC8264C12CBA18B9F39357F14B62CAD0D7F236EBAF6EFEAE854816FC89EE6C172949E01197A171C294D65E65385B4BBAAC1FAF608BA83BC2A49EDCDAA5C6B
    Malicious:false
    Preview:PK.........[eT................META-INF/PK.........[eTX......O.......META-INF/MANIFEST.MF..a..0........l....4...H..pg..&s...T. #.t.....\&.....S.D..+J.M..A....P^c......J..JKt.....|KI.b.*U.[#....".(.....C....I....?5,.5.=#~H...(Y.]i|.../..`...`o./?.GM..PK.........[eT................META-INF/sisu/PK.........[eT................org/PK.........[eT................org/apache/PK.........[eT................org/apache/maven/PK.........[eT................org/apache/maven/model/PK.........[eT............ ...org/apache/maven/model/building/PK.........[eT............#...org/apache/maven/model/composition/PK.........[eT............#...org/apache/maven/model/inheritance/PK.........[eT............%...org/apache/maven/model/interpolation/PK.........[eT................org/apache/maven/model/io/PK.........[eT................org/apache/maven/model/locator/PK.........[eT............"...org/apache/maven/model/management/PK.........[eT................org/apache/maven/model/merge/PK.........[eT.........

    C:\jar\META-INF\libraries\maven-repository-metadata-3.8.5.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v1.0 to extract
    Category:dropped
    Size (bytes):28416
    Entropy (8bit):7.841079979851324
    Encrypted:false
    SSDEEP:768:nttirg/8tU0kFocrlI1k91K74gACaJtc2AA79Q5A1KW/IHE1AKd:mq8+21bvACaJtF/7e6Ph
    MD5:642853A3B5BEDF41EFEBBDAE953398A2
    SHA1:A9CF3FF3E565DEDD8231C05F4CCB6B61E6215A82
    SHA-256:24D89A1B23DC0427AC67895A741802FD23897BDF135D87FE586D718B38A3E924
    SHA-512:FCF328B3AABC32E64E924ACEA095D9A39AD554FF25462BBCCBBA4A80A334AC543FA58CD45E4D676606FA97556A7FB1F855E3D194FECF86B67B7B35759B5E7599
    Malicious:false
    Preview:PK.........[eT................META-INF/PK.........[eT.H.....g.......META-INF/MANIFEST.MF.....@....0/.RF..4.....>.c-...:..}.X..<.....}..US..L.U.$...a.o....#.KqR.)...d.$g[..?. F..PXIz..t..M.....J...FZ...J.:..q.5?...lg...75.%.".71...M.l=!...sl......(.C.Q<..*..g../PK.........[eT................org/PK.........[eT................org/apache/PK.........[eT................org/apache/maven/PK.........[eT................org/apache/maven/artifact/PK.........[eT............%...org/apache/maven/artifact/repository/PK.........[eT................org/apache/maven/artifact/repository/metadata/PK.........[eT............1...org/apache/maven/artifact/repository/metadata/io/PK.........[eT............6...org/apache/maven/artifact/repository/metadata/io/xpp3/PK.........[eT................META-INF/maven/PK.........[eT............ ...META-INF/maven/org.apache.maven/PK.........[eT............:...META-INF/maven/org.apache.maven/maven-repository-metadata/PK.........[eT...%....).......META-INF/DEPENDENCIES..O

    C:\jar\META-INF\libraries\maven-resolver-api-1.6.3.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v2.0 to extract
    Category:dropped
    Size (bytes):149251
    Entropy (8bit):7.832486705446093
    Encrypted:false
    SSDEEP:3072:SfkaNSsAO2rUVsyggPbB1m/16Oi09AoxqqhrufoFhtx:Sfk2a7isyjPbROi0fIq8fSZ
    MD5:C1F8B0046B6219EF49DBD73638CE33E2
    SHA1:5EE235AA5AC5994B5DC847F8E78FFE9D77DD55D7
    SHA-256:D0B28ED944058BA4F9BE4B54C25D6D5269CC4F3F3C49AA450D4DC2F7E0D552F6
    SHA-512:002CB75F6E07B27108E79A4D37D94FA882E89A2DB30DD2AC69ECF0907CC548E13F579EBFBB5C019DA6DF4A950E3420B69DAC3D49AE94B5646B7968EF7EA811CA
    Malicious:false
    Preview:PK........qh.R..g.W....+......META-INF/MANIFEST.MF.Z.n.8... .@..a..8.]l.H.....I.6.....r.%.f,.>Jr.<..Jq.Q.{.oH..-ZN.>...G3....8.JNE...!L&.:a?.^..\..D.B.<.....q.F|%.;7...(gw"..J.v~{uxpQ.8.GoD....-..s..r....aK.g...T3&U....6..4b...X&sm.,[g.H....E.S<...t\@.G.b3...|.......)..r##.2...-.+.}V*.~...&R-.z.<_f'.....%[le.!.{*;...^~._..A.5.yA.u:. .1`e......zx0^.HNK.aU..8C.J..4..F....-.....g..6..xRG...9a.e.2.fd.J/.rT.GP..sy..0.6..-..|VZQD.\fb......./5....r..DD$ .p,..^.+Z......r.zR.,.I.wqNE...O`...Ey.ak.b.5..'..W.4l...M.Z\QL..8<...,..GC8t"...a.l&.B.Ne..<9....J..5_...?.\h..<....{.._.D/.x..4...,NE.er...u..N...w.'.....;.....z..!..4..\..Q+._..R..S.......L.R..F..@...<7..1{...#.7..P.S...gHQ..B..1W1L...q.L.o1..<....xW..w.q...1R...........H~|...............Z..Z]...Z.*...n.)........j..P#..zy.zM.jK.5...S`Q..m......z)....~..L.....}&<.f.....u..<...d.T.K0.7v.. K.i.....m.8...E........|E.>`.%.|.%.h.`l5.Y[.MQd.'........Q=O3.q..Mt.%Z ..B....`.........2[Y%n..Y.?.[...JL.7$Q^...#

    C:\jar\META-INF\libraries\maven-resolver-connector-basic-1.7.3.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v2.0 to extract
    Category:dropped
    Size (bytes):45777
    Entropy (8bit):7.891413839652913
    Encrypted:false
    SSDEEP:768:kxk1qZCC/eirgbFekNtOFD+BZk6lMzy+Erf2b2ena114nRCzsimwfo9wrcj:duD/HEtSDUZ5lF+Erf2b2enaAszsse
    MD5:C73F00574FA73F7D1C0842050ABF765A
    SHA1:ACE036615CA70D065CBF4966EA6EB1076565D902
    SHA-256:29BEB02541ADB82873D7BDEED2AAEA03EAF3123720DBD1B5D96D058849364C66
    SHA-512:4FC57582B1D47E3F5EF9C45C5BE95BEB44EDBBB44F19654B611A0807191738F90BF9AC8023718092EBE3C2164F87BFAC9CB64AB1A17A359514F44683E7914C5F
    Malicious:false
    Preview:PK........4..S.g.Y.....'......META-INF/MANIFEST.MF.Z.n.8... .@..a...n..[$...M..q...[...-.6m....S...U.{....~CI.l.nr..d...r...!Wr"l..].+.:f?....\..D.Be<...If.8fC.....LNx..;au.....R".a......<Wq"zo...\f...3b....E~...&@Ut...HaYn.....zcnE....yf...gy.Sl.zC.....8.6.>_.h&.)..o.....x.72..bk...c%..J.....D..ig.eK{|tt.._..I..z...........]..K..F.t.A..nY.a._.?...."...U.*..}.M....$..F...'qd.P...<....._...ow7..Xq......J..{...V..9..y....4.M...Oq.9_./}..8i.4/.D...s..9Y..?...:.x.qD8.&]....a.:...8.<nC.%Az.im.KY;..X.i..C.....#......EL>u3...Wv.....~...<.p.....|&;."...+.<....3.<.7Q...'..*...o......;.W.....xc..l..c../..D&.0.....C.;.F.....P......N#..D..X<ffb......r..v<.u....lw..ca2\............f\..I&S.../r.)Gg...c.v......Y .|H........]~.Z.l...tL(r`/.. E.3.V.*..s.C..)'.d...M.c.....w.op..B.97(...y..5........b.p.SM.D..M..e...Q.[..~...+.w...S. .G......f..Fr5.......FkH._:'...=..}:.g....z.t#....`.f....V.T...PB.{1.X,..6...`.^o.".A...t.Jg..........G@..o.W$.=V[b.g.$(.

    C:\jar\META-INF\libraries\maven-resolver-impl-1.6.3.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v2.0 to extract
    Category:dropped
    Size (bytes):179555
    Entropy (8bit):7.916564125655002
    Encrypted:false
    SSDEEP:3072:ohlR2d9LRQG1SjTQbVQs+MWhzaLkWsZ2q6R78+ooNwYX9cKxLVJKr:oR2b+sSGpWhzQvq6GYNHBxLWr
    MD5:2145B5EB9DDD8BDF9F3171122C703D4B
    SHA1:2714FFE60BD71259A41B3E4816122504B5F2DB93
    SHA-256:17AAEBE6E3E59DF8CB5B4EC210196F7084637312B9BC4FF14CB77AD1AE3C381B
    SHA-512:EF011E67152290379DA6DB1CE256B70DC436EB1596D58C38EE5BF9DF65FBE75ED2DDC7768F6C61901C8CB83AF88C42AD0B7BF24AD1775949EB4522511825280D
    Malicious:false
    Preview:PK........qh.RjT.`....Q+......META-INF/MANIFEST.MF...n.8.........k;..n. @.'m..m..m.{?..D.).GJv.'.W).1.{..!%J.h....2....32.T..3Y.w..W..8<.N...Lf4.d.+..;&C.d...Oh..{f.X2M6....s...`&.|.Y.g...2.&$.2..B..).&fm2......L.@...*..g..|..>].h..).........{.#&..w.,1).]R(I^._tN.....4.....h.Z....H.$......^..?..{...}.:^.h.....w.-........`.`...\.....+...b.&.jF>(..i.a.F...6..B.......Vr..Z..J..J..{..g..6p.......4..F*.'J%.....(;Y:.O;.|...}...m.@..1.1.{QKp^.pF...~/.5...TI..T&.k[_..u..V$e......eS.u..V.6.D.-....>............."Qk..~[.M...).iRsi2*...H).'...t..U...>..@\.{....o...+%XW..-...LY47y.W...V.u..y..LSi0......j..".$.*.....z....p.=I..<OAo...m.Z.t..@..Gy..O..A...(....h...6S+...v.m_r.[......{..."....7....<=,.........9.7.B<.gk.uM....L..>>.<...wzC.tt..Y...=...'K&.......h....K)....x_.v...,N;.j.t.j....h%.9....d0.\wN2...%..2. ..,..F.4.t)..g..........3-i....?...!K...2.y.Rd<.i...B..4.)E.....M.c..>%......k..S.9#_5X...^.?.......,f.....$r8\....Z..Z.C....$..i.......g....J.A..T

    C:\jar\META-INF\libraries\maven-resolver-provider-3.8.5.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v1.0 to extract
    Category:dropped
    Size (bytes):67173
    Entropy (8bit):7.918070762218047
    Encrypted:false
    SSDEEP:1536:V6XeA2SZwXMyEOcuIAof+mzJNb/lPrZQmYcAWnfK:kiSZync5Aof+mzjlPr+FcAWi
    MD5:9021A5EBBABC4A591BAB0331589F6614
    SHA1:91F423A4584F2FC7F45CAC5B0B58EDC33C077249
    SHA-256:4B9F827EFB393696431978DC0354651F1A95D4C52BA07C92D830EFE5DC9B1012
    SHA-512:D0EF4AFC8D0322051E6EADEA776261AC79ADA28915E0EF3FB3C37D39BF776D1F4CE853674C10537803BB94A76A4011A01408ACB670C486CD7877603E15BE76F7
    Malicious:false
    Preview:PK.........[eT................META-INF/PK.........[eT........i.......META-INF/MANIFEST.MF.....@....0/.RF .,...Q..5.....}.X..<........Tc...mGF..6.wnZ..j..d.9.1d|@..uTs....-...$..r.......-..I.W-....!$-..(M...".L....7...'%Y*.l.Lb...-r....3"M..U.%=...p....Gp....PK.........[eT................META-INF/sisu/PK.........[eT................org/PK.........[eT................org/apache/PK.........[eT................org/apache/maven/PK.........[eT................org/apache/maven/repository/PK.........[eT............%...org/apache/maven/repository/internal/PK.........[eT................META-INF/maven/PK.........[eT............ ...META-INF/maven/org.apache.maven/PK.........[eT............8...META-INF/maven/org.apache.maven/maven-resolver-provider/PK.........[eT...............META-INF/DEPENDENCIES.X[S.:.~......s..3z....@K.z^;..8...Jv...gu.c;.m(.6.f...z.]i.".Q..N...E..9_14c..3&".4.s./.F..K...J.`34W2.%3.)]1.2.H.S...~.\..K........o]...)D.i...B.J....N.s...tB.*..k..P....}(b.,.....E.g

    C:\jar\META-INF\libraries\maven-resolver-spi-1.6.3.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v2.0 to extract
    Category:dropped
    Size (bytes):38411
    Entropy (8bit):7.702109659613118
    Encrypted:false
    SSDEEP:768:8WpfGwWSirgIhVMYPr3gM8ER5khfkQwKdb3iBNqkWieAQ591Lwm:xfRSlC4MM8A5+MQxdb3iBNqkQZ15
    MD5:39CCBA873CF05B2B5405D24A55133A37
    SHA1:176425F73FE768BF9CDB8B5A742E7A00C1D8D178
    SHA-256:17441A39045AC19BC4A8068FB7284FACEBF6337754BF2BF8F26A76B5F98ED108
    SHA-512:2972B721213BFEE654460468B2A2AA50546D7F1957BE40D955728875AF3A9801F8D78A2F796E832B9332D1F90FFB5CCB651289E7B5C8A175628B21B13594DF43
    Malicious:false
    Preview:PK........qh.R...".....'......META-INF/MANIFEST.MF.Z.n.8....w |..bl...t....8i.4n.qw...X..m3.H.)9u.`_...(...;.D..v...9.G.....\.py.7a.4....}..w....y.d..8d}>....\.x..[....7..{..N....X9.=......s..6.f.SPK.......eV..........c"crE.c\....Z$..u..N..d.K:}....#.......d"......]7.A.kh...['..U.6...^u_.......$.g.......b.m..t.....e...............I.y.)4..?...f".#..:5..ue....{n.{g ..E.U...W....l.......)..,#..v.'.........-....L...H..9.."..{4/.:n...j.z.jo.!f..+....f".P..P.....\}\...#....fBMml..O.......Vtz..P*./..7.]!.FR....[?...w|..|p...O.__.h-..\(3..!.#.L.X...Ku....M.[G..~.5Ca.D6(iZG.(.[7...M....\f..h....R.N2..S......\./..>$0.".O..E....+IV..E6$..42...Rt:.YmP..k./..x.q..>..W9....|j.5...|J...Z).g.o......!....'.P...| QB.q..pAh..Xu..F.I.>.%g.@..>....n..B..z..y.-.kS........E3z..}<0..x,^._..y.u....3.Y.&..|J%....Th-...W`<^g..].J.i.f....nq..%N.5.....r..B..8...>.%.i.`..B...(.O).........z.e.S.r<4E..e..../2.NM...R.O.mU...V.V{........^.DuQ..@.|.F....#>..1J1....Z.....A

    C:\jar\META-INF\libraries\maven-resolver-transport-http-1.7.3.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v2.0 to extract
    Category:dropped
    Size (bytes):42580
    Entropy (8bit):7.8870021852331424
    Encrypted:false
    SSDEEP:768:/28B86/irgyO4maHtuwh8ULZJiQKCXb7wL6rBpK24BlTxJsp1880ATv11d:fBWfFm6RJJWCXbq61wxPsJ9
    MD5:DA0FB93034859A03F9E7BAF4215E4BEC
    SHA1:8B094A65725C6E427E2F834E0C5049410E13A114
    SHA-256:558CBDF4D76F7CF3699B59FB22FD65614870E19B42983585B42CE84F336B348F
    SHA-512:0D8081D03EC050C2EE2C3FC9BD81FCF0D3FF5EA8288FCFEE14FCC4AC58BB9C4457F035F280DDB776D5DA95E07B1A5ECCDF20AC7E3802AF4BC49A4BA907A6F842
    Malicious:false
    Preview:PK........4..S8O.......&......META-INF/MANIFEST.MF.Z.n.8... .@..a.u.n{.-..h.M...-v...h..D.H....*.=Fq.u..$J.h7...<...9.G.+9.6;.].+.:b..^..]..D.Be<...^f.8b......L.y..;au.......B..]......*N........=e...k..X.f.B[.i#.e..j....4..G...............N.L.`...t.C.'.b..Lz|.....)w...{....FFBY<.9u....e.J....q"...Sm....]. .0)...7W..O..<..f./h.JG.d...-.....z.o.....ZU.6G...).3......kl..=.J.{..6.......t.V..</..:m.rP....T.<...=......oy4..l}..kO....n.(...6.6.AR..[XG.x.M7.zQ"a.-.^D.ac9.F..l.c.m9.dR..Os]. W.T..:...'....*.a.2[.............X..!.....LG...R.C..]X..P.0...cO:.@.t_...N......H..|.B.}._t#....#........n......3k/.......>.5..,..b'.'..X&.0G'....S.;..../^.T......N#W/E..X<bfl....c.r..t<.]...c.<v..#a2.......'..A...\..q&S.../r.).....c.v..J...I!.|H........]~.V.....tD(.*/.._ E.S.V.*..s.C..)'..Z..9..0.|*.....|..g..!mB.<....in.N...H.......&9..z.5*p.3T&.AE...[r..D..x.....!.H..^....Y.)....v..E.yt..d...V..#{...l.S.OW........0."|...y0.X,..6...`.^.n.. J.i.q........I....

    C:\jar\META-INF\libraries\maven-resolver-util-1.6.3.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v2.0 to extract
    Category:dropped
    Size (bytes):168856
    Entropy (8bit):7.879244533019242
    Encrypted:false
    SSDEEP:3072:2+Y7uU1MDhAC+2V2eSSvphLW+2EHxDo5lKtMyCgyw37GDuhi0fqoTOD3B:Ku1DhAC+s3VNxs7KbywrGe/y3B
    MD5:71D7FEA851A889AAE2CFD632E96D01C1
    SHA1:07D5A6879037B34C61C2F527DFCFB59084E86ED0
    SHA-256:CDCAD9355B625743F40E4CEAD9A96353404E010C39C808D23B044BE331AFA251
    SHA-512:45BD05EEE2E2E606155916EC06EFDB62E4A147AF7ED0BB0B443B2A71B72576FEC8E0CED0EEE3AE3C86778198DE227C1C7FE5D423CFF0B96BA382FB563239694A
    Malicious:false
    Preview:PK........qh.R.T.X|....*......META-INF/MANIFEST.MF.Z.n.8... .@..a.u.n.....4q.&i........@K.."}$..y.{........R.d..... .........!.|.=..i.<".._..]...r&-.@<..`GdH.L.Sm.....1..i..[....Y!3...I5_X'.J....)..........0j.)..2d..{d.f.e.UzE..X....N..rXTz0TY.H.h.+Sz....X?.E.u..>..e..I...c&%.GJ.....Xp9?If........C).....C.2.7W..O.....o..$..V.X...V.a.+.._...,...V.2S..|..Z...>P..{...-.dX:8.}.)...U..w7G.2..T..S..g....j{..<U........s..#rO..[_2.7F..,.|aX.2;c.x.U=I....z. ..n..OK]..lr.1.r..i.L5]......Y.:..6....~.~(l|. '..T..6.nr.h&..=.K.6u..DA4.....w..Up....jc.B`k.).3v<..2}t.....J..5.....O.......E..QK&..&....t.@.1.).'I ...:9...O.;5f....<Or..`.$....`F.N.-....~Qh@9<.!...I.....4.a@.`.E.O..EF..|.,kxC....rj......h^).G1.2...K...%c ...K.S.5.dW.5. ...Q.9#_4X...^.?-.....4c..... rX.....hM.hu......bq..F...)=.......s...I.s.w.6..A......2..]'#%.]-......K..9...f_.N..i.t..L.M.....Jz9....M...% i.....}7..q..B,..."...\&.G.m...n$0..`X.....7..>..."\.....z.f ..r:VE@t..f....-rF.T..{#.AN.

    C:\jar\META-INF\libraries\mysql-connector-java-8.0.29.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Java archive data (JAR)
    Category:dropped
    Size (bytes):2519547
    Entropy (8bit):7.968375109915642
    Encrypted:false
    SSDEEP:49152:CFkPue7OJdYRvqH2B+CrqAj8UNOWU2bkhWQ+AiUtErVv+7LdS8/NCyQND/HOuDRC:3FOPYRyH20WqAjHkhWQ+AiUtErVCZS8t
    MD5:D2C24E4B4AE8957CD7EDFF37AE833D37
    SHA1:016BFFFDA393AC4FE56F0985F1F035B37D3FC48F
    SHA-256:D4E32D2A6026B5ACC00300B73A86C28FB92681AE9629B21048EE67014C911DB6
    SHA-512:3EABD70F9A947918F434A44923A8E3FF4C3FBC93E6C90F4992C94D804860EF3D09F09FB4FBF905D53A39B51AAB965ECFD65F2FF2AA105387B3C8F49C18D7713C
    Malicious:false
    Preview:PK..........hT................META-INF/....PK..........hT..z.X...........META-INF/MANIFEST.MF.V.o.0.~G..@y.*5.I;u..C...u.4M.....83..&#...@(.....}.....x..[S..?.TLd.`.B..:......@..Y..|o)).4....'......."x.Mb.i..2..k`8..q]...PT..SN.[3RA.?..t....,mU..9..uY,.".:...4.4...yx.?}...,.D...~.l.AZh~.....x....t.....!0S.,...x..c....,...bj._qJ]l.TU..gq.....[.vT.k!.".$...h..[..>]..H.M....}....>b..'..m...v5...z.....d.w.D).....S..Z..eI.T.....R.9...KK....&&wT.F^...X.sS....x...+(K%..[.b.#.K.\..x..*.B&u0...v+g..x...K...|P^7.I....g.......5..p.7p.M..;s_o2...x,.r$.....u..<.,...[....1.0....PSgS*5bPa_..O.|3vk..e.J.,dC.<.&I=}.9..#..<W..lp.P..Wp...l...s.f..#...*.u...G.:..i....Q.m.|.f.Z.75f....Y.2s..|"D.i...QJI!..W}...|.S.R.OG...c...O.x..l.<{..7..D...c.......#8..)]...U;`.J-z-.ViB..a.@....c...S.&....!u.Rd...3..v..XKN9....\}D.x7k.....;+...6.Cyn.oK......5.;..IjZ.....1.#{.G/{.e...4....0...0.3....;D.h...C......F.........uN*...PK..........hT................META-INF/services/PK.

    C:\jar\META-INF\libraries\netty-buffer-4.1.77.Final.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v1.0 to extract
    Category:dropped
    Size (bytes):303738
    Entropy (8bit):7.955099193403225
    Encrypted:false
    SSDEEP:6144:89ebnCzs/nNi1FMvvyOPRU6hL1lb58DAcOxV4oU0nXaBEKrwRKjh0sWU:8tz+Ni1Foc6hZcD2rU2XIZ3h0sL
    MD5:E4D870093F5464A55EC314B909EF9C03
    SHA1:D97571F99E5E739D86824D0DF99F35D295276B5F
    SHA-256:41B7DDC4DD124C7E75AF33A13A426FDA4E1EC87C387CD234971E7DF4C0B51C26
    SHA-512:1DD3FED4151605EBF87D10E150B691116BDBD11AA5D33BDB53A926E1111DBB859F546832B28E488E46092F5E1470E50341AA1286B250A65C499C8B0A3D0DA51C
    Malicious:false
    Preview:PK........1M.T.\T....{.......META-INF/MANIFEST.MF.T.n.@..#..+.U....@.#.IJ.D.EI.K....M..ww...;.)...p1..{3o..O.Q)8..........l..r..0^xz.<+.!f....{].).f.0...+8iU.+pU..c.0..F.-.,..%...U.d....+.y....d..V,.:H.2.Y...%....0L.B(.K.1...*...l..c..H`.E..5s`...fIJ6..Q8.l\....S.SL..pO.c...r~>.W8Q...........j.E...8...s.....AT^....^.*..xw.[..x....7.K..}p....R%.1I0....*H.A?......lp.m?...%...4...6..3.....Ny=...F..y....,...U..>x..Udo..^..h..IZ;.v..w.%.YX.d.....L...:^H<.j..,S&;.q..r>..P.U.GH1'.$p...@....j...7Ta'j.>.wP..C..Ix.....e!....V....S.`.RR.......X..q...{...v..xF.1+...2pQ/...p.^F.Gbr...#F.)....4.c...:.4..Cr....%.d..._.#.vcAxH....6.ME...a.A...z....y-.....+..\...S..j].>.._PK...\T....{...PK........1M.T................META-INF/PK......../M.T................io/PK......../M.T................io/netty/PK......../M.T................io/netty/buffer/PK......../M.T................io/netty/buffer/search/PK.........M.T................META-INF/native-image/PK.........M.T.............

    C:\jar\META-INF\libraries\netty-codec-4.1.77.Final.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v1.0 to extract
    Category:dropped
    Size (bytes):337017
    Entropy (8bit):7.912451017131988
    Encrypted:false
    SSDEEP:6144:NrLu6PwY8adFmh/Bbam+9YZlQ3N3aHMNC55Iw5vJUE49:dLJwUQ/ByzAHoC5G4hUE49
    MD5:7DF4D0E74385504A639ED8C9FFBF8336
    SHA1:4EFC5F59335301D6BA0D7CD31DD10651119B03C8
    SHA-256:84E4E01DD5B345311E971289B5BC08C0DFD6054A28D16853F0416943C9A3E458
    SHA-512:E0D752E1ECE8E1463E0F9880F66429F902C166D3A7018D97E91C972F4AC2E0DE7884F996AA39325D77EC6DE286B83AD3F303CE30B46B726F86BCB8415D6B61EC
    Malicious:false
    Preview:PK........EM.T.P..............META-INF/MANIFEST.MF.WMo.8..#..,..V".d.3..0..J..U5..e.+.q.....C..~_;.(.@.0....y....H.0c..L......E.u..eLZb.a..`#..].nT.h.....`...P.s...q..D.,$M...0..+.5..H2.....<......D........4.y.b...;g.JPF8x.%..C)..(g:Q..3")C.VVQ%.az.A./.c..........4i...bx.....K.?.....I..Sks3..^__1..M.Vz...{....}|..B....y.E.,..v.\......../.R8*.l.m1BR....{b,....b(.p....W..0.T....V.a.......w..*....M..\.*..=B/)[..I.)...(m.'Bgd..S.aB..I.M....A.....53J......$"..=....!}.B..}.s.2y.:.6-",..I.46....]w~.O....y....D0..0*.-t...O..<...$R....).$.x..<:l(..@.e9X.-.`.]4.s"..e.._..8..cP..I.!.l.Ts..I.t.$LJwp..X.H.*r.i..F...M|+O].4.@x..Z.\5.......4DvL.2.BM&.....2#......b.a....@.OsUH....z.m.....te...2......gD.$...e5...QP...s..cc..s...G.r....g.MD#....l....k.......v.2....'....]w..8[=..N.....l-...s7c/J..r.;.n....E.?._...l...z..~.V=.m.kY....S.....f.. .......d.<..n..}q.....|.v.xj.8 Z.......T.&A?cG4.[....>......Nq.x.......^...l...Vpq..\.S>.Ou(o.k.......Ces.........k.7..X.T*.

    C:\jar\META-INF\libraries\netty-common-4.1.77.Final.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Java archive data (JAR)
    Category:dropped
    Size (bytes):653053
    Entropy (8bit):7.859985992394068
    Encrypted:false
    SSDEEP:12288:VnHHP6xIBd1lTvKSZm5pefKJSBjvo+6A7AOsczCFIJhjEh:xnPckzVKD0BrwMIITjEh
    MD5:C0FE65266D70074E8A82E48DB581A848
    SHA1:EA0FC20F4E6178966B9D62017B7FCB83DFE0E713
    SHA-256:40DD9B5EF14878F050A1F7F4D5647D53473F134E349665B47243BDE56DE7A51F
    SHA-512:92C4B6AB13152B0261200F72E6EE0F2FB598346A25495549EABDCB01AE8D6DFB9E0E9B4E4D8B8142F850BFCD303BADDF537F0AE554FE7EC0D7ECA27A14C4EC47
    Malicious:false
    Preview:PK........+M.T................META-INF/......PK..............PK........*M.T................META-INF/MANIFEST.MF.VMO.@..G..X.PA.o....q.J%*@..^z....YX...........\.......0j..G_.:.&e1....RC...O..[.5...._.N.(..{'..4D..I.J_.k.......0rj.`...,..of...>0Q...cJ.^........>V.*c.a5.!...V.Ea)#.4.....;A.0.Xi.D....eE.d.MjE...{..|.....r.".)S.M...../....`.}...h>.sQ.9..6....]...].EI...|.(.,6.x"t[.].....<u.R.G'....Y...E..yJ@M.dT.... I....$i._>.%N:|..mt...[..........Z.....)<V...=H_.A.k!.DN...B9yh....9.s...".......$.......@..t/f.'w +...`}.!Z..Uk.w\c.+.wB.g.dG.o1O....H..x......Mx<..[b[ y...G.@.xv.y....#..J.W<NOVY.......)h.^..x^..A..D<.gAH...i..S...n..v......y..{..G.,D.$...)C.+.p8........l=>;.D.{s....6....~...B....E.).......xo'......C.9.g?..D9....E......Yb..V.k..u,I0X..,...)...@..7K..6^z..W...xi..../.<Ov.g9|]....Y......t....5.[{Z...x............R6......+.].p.....U.O...O.C.Sq.w.'{.O.y..D..[....PK..,t..<.......PK........+M.T................io/..PK........

    C:\jar\META-INF\libraries\netty-handler-4.1.77.Final.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v1.0 to extract
    Category:dropped
    Size (bytes):528268
    Entropy (8bit):7.912527673606657
    Encrypted:false
    SSDEEP:12288:urG+J+AVGNU3obdvogY9bRn+lD735+/6V4:u5+3NU6ZczyD7M/6V4
    MD5:A11C1FFACEF7002473EFF817F4907041
    SHA1:47A81089DE03635A27F509F3E4E13386AE1DB275
    SHA-256:7911BECD4850FF3FC3D93B4BE7C468A2F6444FB48C17EEC03C807856FAF11E0A
    SHA-512:15DDF0084F5565252FE0ABEDFFC229C628B13148FBC619C0257443502906B45B44E68B70A6A9E10E9CA1EEA45D30849C127455F5FF12CA46734AD2F68E5237D0
    Malicious:false
    Preview:PK........RM.T...1............META-INF/MANIFEST.MF.WMs.8..S..Pq..UX|$0...f...L%..$..=l...E..d..~[.1_6..\...u.........O0Vh5&}.k6..9(..>...0&/...;S...l|K...W...e....0E.])...tj.,.-...o..-.. ,Id.A....9d..6.?.%"$!.J..t.....K(6.@b1.I.&.c.Lq ..Ns-...@Z.K....ai..5uz.1y...9.`.1..*.?..(>...E.\b...r..,a<...+.u.}z..xy{.......j>.hQ.c..e#.h.~.B.C....o.1Q...'*...uHAD.Bl.h...n..W.2.s...xP.S.....&.M{5....z.....".........=..8.....6E.6U..O.@..a....2..NgC.d.kJ..X.3@...*Q....].~g.n..Lf.~DN.....Q.f+&v.3l.:~d.F...@VX.P....-K.90..r..?..e.8..Y.].s.}..)R..6~.[.8.....d...lf.P.?Z....+...sXi.q....-yJ=..5E....[.O..*qz........Rke...SN/K].G.WX.....fp.S.W......g.{sHG7.'y..co. .....g3.....)..B.[..8...F.fNo.S....@..!.Y%.1.Y.w......s..L...........@p...DH..1.v*(.m.Z.f|...xv.....}.N..n..5.Z.1.b?..H....^.?....k..R..>w..@HX.".{..A....W...o.@kS......H...(....A.6.L.q...I^.j~^B.)$..J.sB....p.aI].s P..;.. .g...Ts.t......w.....-..'L5...w=....,F~ ...|}..~..W...UeLg.....4`......'.Sw

    C:\jar\META-INF\libraries\netty-resolver-4.1.77.Final.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v1.0 to extract
    Category:dropped
    Size (bytes):37776
    Entropy (8bit):7.828352975706178
    Encrypted:false
    SSDEEP:768:q2mhUw1P0c0y99koJHqFTAWvbRzIJ3ID5A8:q2mhzP0c0y99bJHqFTfvbRzqIFA8
    MD5:ED36D0E6F0696B6D676387B499A0F403
    SHA1:4A239DBF8D8BB5F98AA51462C35011C0516395FD
    SHA-256:0161CFE9544B3656ED0DE67D8937828101859E94BCD0CAAF58D21AC7011EABD4
    SHA-512:0F9907D0727D4BBC7D39390D2AEF514B04E8F5705DA8D387754B749F449002E208618D5574E091C04E4DD6C6A02EF1D735B635D795CE3DFDF1FB604239D00884
    Malicious:false
    Preview:PK........5M.Tc..~...T.......META-INF/MANIFEST.MF.T]o.0.}G.?Xy..D..Fi.xh;&..T..^.0..Mpk|3...w.P..h.%...\.s=.Fe.|...Sh...~.u.,4,.x.i1|P^C.....w....l.uY.TC......5..a.1a.p.#..........*.2.~........S.>.eV,....2.YQ.....XTz.fl)..SF<j`../X.6C.Ka$..G..9.$..VlR+.p..(=..L..0-..9..0..T..}..TI0.J........5.....h.n.]oz}5..O...-.~.|D.8z...y.G|8..W].)...M..V..I.p..P....;.Dgq|........q|.L........(..M..7...v..:a...&....H_....B>..u..Wz.j.....kw...o..D#Kk..5.....tW....]-.....0.4..P.F.We..1R....%.9P......b..*....z.%.7h....n...RY..(..J+O.@.+.0.()`.qp..d.6..+q?..G......D..*J1.....A?.N.....4z.../9..4 ......z.X.{..`..fx.<AG&....3sQ.+....i`.V.d}3Yix.>W........'.......i"..PK..c..~...T...PK........5M.T................META-INF/PK........4M.T................io/PK........4M.T................io/netty/PK........4M.T................io/netty/resolver/PK........5M.T................META-INF/maven/PK........5M.T................META-INF/maven/io.netty/PK........5M.T............'...META-INF

    C:\jar\META-INF\libraries\netty-transport-4.1.77.Final.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v1.0 to extract
    Category:dropped
    Size (bytes):480832
    Entropy (8bit):7.892174643726806
    Encrypted:false
    SSDEEP:6144:JxsPiFW0/ybak7MgGHR9vQDsHcyZZWDns8hmaPKNnFoKtWSFB2TwG1WAnw0zb7lO:0P63/ypYzR9vnHcyrAssMDcc2Uww8kAE
    MD5:FBECFCB90B7E178DFD0795D3A4B24B54
    SHA1:2A3373BBD20D520C821F210BD5EE886788512043
    SHA-256:034CDF7D81FEAAD9977C3D8B4FC05611952BC9861DFB9085B8962E2C1DE582AA
    SHA-512:958DDA791E227D9B05A0E35009724D7E1030F3C122D4660A37DDB5392160F7108EEB807ED43FEF7C9BF488808CF936FC9B6AA1B72E21C4A93AA569855E01734A
    Malicious:false
    Preview:PK........<M.T..4.>...........META-INF/MANIFEST.MF.VMo.<......r.. Vjwm..=l]_.C[.k....".VE.+....G..|..K..|.|..V.....7.N.....w;..\.......G.5...x.2|.....v>.&..}.'..}._.1.0L..#g........*.g..3.'&.\w;L.2...Cy..e.."W)K.Wc..b...P..2b....t.r......#...=J..].1.%.hR+.p...Px.SL..bZ..;.<b....s.E.FI0.lf..n4.>??s..9..v:....\_^.=\EI(....e>A.h..Q..oy......V.8.}..e....tb..F8O4T. .......}......v...8...h..t...(.~.Y...W8.-*..{..R..........^.'1m..Y.v..r..}'...~oP[Xp...Mho.Y.~.&.s.F....Q.kM..KEo5$.M[.q:Uf......r..q.(....C.B.HE.H.....L......~o.{..x.y.}.{..../....=QZyR......$.vt.;zs.<..,......=.g.~..yD.#.4....8>=...}r........D.hl.qA.FI.7r&....U.R.zk{..T..h..e...t.z...u..#.1...a>.4... e.:..fj..W....i..qc6..5k.R.W.......Fg.a..59.9.#.S..(6..{7b..d..lCn.kC..O.r(.....:.).A.R.g=..u.....6...k.._.m. .W......`...^J-k.....C..`."<.*7v..Z+..O...Sx....?...5.{O..Q......PK....4.>.......PK........<M.T................META-INF/PK........9M.T................io/PK........9M.T................io

    C:\jar\META-INF\libraries\netty-transport-classes-epoll-4.1.77.Final.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v1.0 to extract
    Category:dropped
    Size (bytes):139612
    Entropy (8bit):7.939188588352908
    Encrypted:false
    SSDEEP:3072:SoXhFvstsupmg+bGyfaQfNWEp65NigEE/qNBtyGMj06d0z:bz+mdbGyfbfEPNi+/qNBwn9M
    MD5:BD1F350EFA67B42A61A6E0EE36DFCE5E
    SHA1:DD70DBCCBCF98382223A59044F3C08D8E9920CAD
    SHA-256:0593FB942D7D57AADCC22360A238DCFAC9F29013A20201EF49CC392B0DD2AAF9
    SHA-512:46838EDD6169ED4F93D1CEE079600095995DC9E5FA1E62B4B21C54EFC5BAD4D1518D4FC21A7F355F0EA4D9A057015E96FB09E6A709574E41118B0C66A2395AF3
    Malicious:false
    Preview:PK........79.T................META-INF/MANIFEST.MF.UMo.0..#..,.."....A...+...j..ae..q1v.v....8|.]h..p..y.1%2..........n.q;/$.A9..0..'!!...*...l...o$..l8(....u.R..w...y6.!.....+.s...-.......M...63..y..>-......iC.cX!R."V.*....:.b..$...`2.<f...R..4.X0.l.kI+6..RX.l\.N.1'.F:-..{L......n.2.u...<...ED.\a.0\......@....~n......i...%..O..Dc...:g...n6........x..2!]p.J.......Cf.6(2.)...4...........Z.[.xOF.j...jw.....pw.u/B.....q.ku<.....<U.......]L.,..[.5.[....i...F.)..:...9.V.../.i...6.y...N......&.#...J..D+^....!1.T.(v08.O...R..S.......RQ.@...X-K..}.......nJa.>{rU(OU-.O.u.v.h&..-.y....G.[......DH.P..N...e(p0I.u..h}.c..4h.m.D...n5.c.eB...i.'q7:.F.Yt.....^..^.(t. .......{...n[.k..S.~m..p.O`..Z.;.}..]..g........s.z{..6GF.2..F.d...M(...Y.Z...?...v../.......4...PK..............PK........79.T................META-INF/PK........69.T................io/PK........69.T................io/netty/PK........69.T................io/netty/channel/PK........79.T................io/netty/channe

    C:\jar\META-INF\libraries\netty-transport-native-epoll-4.1.77.Final-linux-aarch_64.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v1.0 to extract
    Category:dropped
    Size (bytes):39226
    Entropy (8bit):7.953462956275818
    Encrypted:false
    SSDEEP:768:pNlEKaSWBpqBRHSX5lO5ATJooWxKVMD237rDE3Z7hgw74JV2/:pNlExBpIFSCzAmaLrDyZVgw7L
    MD5:6FA1BD9AEFBBA5FD8D8D87871259B79A
    SHA1:5F051599CED83E119DDEDA891F471C0613721E5C
    SHA-256:118AD3C04F7169C7893A4D909558C37FFAED15E4B549F2C25B864E2F966ECCE8
    SHA-512:186DFB3A8B9C0AD6FA512C90F44550346421960CE903263BDD963B148008D3337FCB54FA4283A62B22AB75ECF9690F9E3E35E5050979D5E6A131050871CF441E
    Malicious:false
    Preview:PK........e9.T.0.nv...........META-INF/MANIFEST.MF.T.o.0.~G......vH..........je{..r...5..v`...8.J....$.ww..TZ....Op^..Y*z..x].X..2.K>..@.f....;i}..$3:.@2..n......r...XD0.L..U.C..g...p...B.{a.....*veK'......]NV.`.a.V.t..l-5...|2.J.*Y.n.T..U.*......m.%.R4..T.n......O......L....".2..P.F.....r.??0.h.......y.l.[!+.J..V.i.}2..f.#.5R..........6..../...T\^.;.#Z.M.7..9.@.......K....H....?....a..T..fG:.....o.E...7.Z*....-:g....yp..*.>....^....Z.r....c....&.))+...<....Vv@.o..'......G......:..w;wN..Q.7..o.HO...7G49k..DcV.K/zi.O.dg.|T...m\>...fd_...bA..5...6s...jq`.hO...6.t.. <..zKc.'....S.=....~.vn...E..u..6.....=.z.m..../..J..g.a<..x.o.E....PK...0.nv.......PK........e9.T................META-INF/PK........d9.T................META-INF/native/PK........e9.T................META-INF/maven/PK........e9.T................META-INF/maven/io.netty/PK........e9.T............5...META-INF/maven/io.netty/netty-transport-native-epoll/PK........\9.T2G..........%...META-IN

    C:\jar\META-INF\libraries\netty-transport-native-epoll-4.1.77.Final-linux-x86_64.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v1.0 to extract
    Category:dropped
    Size (bytes):37633
    Entropy (8bit):7.959551754974258
    Encrypted:false
    SSDEEP:384:TmqADlf+KhG7y/KRyWx+8a0LE/30ONT6Gwr+F7xxLgzo5EjdsGnyl3fZqP28Lu1q:6DEKs7o2+8a0LERBJR9+zoZdlP8iE
    MD5:22EE04F87827D906B08130CA9709346D
    SHA1:8D10E9E138DAC52172DD83229BDC89197100C723
    SHA-256:5965ED3DD2558BFC017CCD765698FB2801D0C0D54900779D033D23959171A435
    SHA-512:F8BDA0A01EDD7BC5ACE036C959C27848524218867723A8E10AFD6CE287FE04BCD13E65FFA0BBE984135E9CCD836D0556D307EECDC82904CC785A78A3360F602D
    Malicious:false
    Preview:PK........M9.T..2u...........META-INF/MANIFEST.MF.T.o.0.~G......vH....C.Q..P.......A.:..v....8.J....$.ww..LZ..../p^...T...IY.(....%_.``.....Y8i}..$s:.@2..n......r...XD0.L..U.C..g...<w...B.{f.....*ve+'K..+t..'+......f:.+VJMcj+...B..V.[!.q...X.0.B.<....Y.2.Jx..\..K....8..i..._.W.....h[.......~.=...'X.B..I..n...*@.['.=..tr;.?.y....?..G./.k.m..C+._...;.....w.F4D..ov....=.O..DR.4..u."...^.........8..t.9:>..}....?.o:.T4&./Z.-..'.......4t.z.k...VXj.........a.4....r.. .b#[.!..i....NO.O'.EKC.........9.nD.....)#=..j....XcD&...^z.K.~.%;{G.2.l..|7#.B...s*7./..d~.....>FV...e{...........8d.-.5.6+2lvO...F.~.vn...y..u..6..o....z.m........-...x<i.....a...PK....2u.......PK........M9.T................META-INF/PK........L9.T................META-INF/native/PK........M9.T................META-INF/maven/PK........M9.T................META-INF/maven/io.netty/PK........M9.T............5...META-INF/maven/io.netty/netty-transport-native-epoll/PK........H9.T..v.........%...META-INF

    C:\jar\META-INF\libraries\netty-transport-native-unix-common-4.1.77.Final.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v1.0 to extract
    Category:dropped
    Size (bytes):43213
    Entropy (8bit):7.842924651315546
    Encrypted:false
    SSDEEP:768:BdAxCMa+R1Sxydxow0/VfPAlxM1cLdfqwXFGEmrtqgxwLH+0z1PDfjhVTRteedOt:BOCMa+RsxywRqdLkwVG1Zw+ev2
    MD5:EF57AA3B1AC55FAFDDAB78AA2F4DF581
    SHA1:C95D53486414B3270D08057957C5DA8E0C37E4EB
    SHA-256:108D27F325FA9CE9A914FA53638FBEEB1A384148FB3A13389BD09A5E38E4AC1E
    SHA-512:1053B94F7326B1273172A3BD381BB67A9829FC7EEACAF7974AF2F883CF083E334697FF24FFD97E57E67156BF3B13398D105AE26689808057F38CA60DE47F7F81
    Malicious:false
    Preview:PK........jM.T>T1.k...z.......META-INF/MANIFEST.MF.T]o.0.}G....0..8$.m..C....*t/{.Lr!n.;..(.~.I.B........q......m...4."".m;.... .a..Co.M....1.....T......'._...s)..])....c..SQN-ML2>WLm.:.qJb..\h..HR".)....4..N.42.Xo$..i.,.:...B..j.4>.a.c...Sc....z...`q.T..............m.o..&.K.8...U.M.m...m7.4......,..xf..MD.T9.....2m.K.....W..&.l....5zSkG...)....d_.^..?=...[...E...R..&.%.!6U...../l.~$.r...].5.._.m..t[..8eB@f.P.3.e...3...{.9..\.P8..\..T`t.v.h.../{..............sE*..*h.M....".!.e..w......>zsn...z.)@w.V..../.og...b.A.b...f.u.3)..X/..:.l..v.\....3>9......[..%n..ud..&8.w....P?w?.z].+..........0.I.z..;@Fl...02..%...&.C.b_.....v>...M.~.O^....oN./PK..>T1.k...z...PK........jM.T................META-INF/PK........iM.T................io/PK........iM.T................io/netty/PK........iM.T................io/netty/channel/PK........iM.T................io/netty/channel/unix/PK........jM.T................META-INF/maven/PK........jM.T................META-INF/maven/io.netty/PK....

    C:\jar\META-INF\libraries\org.eclipse.sisu.inject-0.3.5.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v1.0 to extract
    Category:dropped
    Size (bytes):379348
    Entropy (8bit):7.915097271883942
    Encrypted:false
    SSDEEP:6144:7YWD7r7R+i60dCoyAcKCvwF5WTFMNEwVMBAwJQ5UhZIuHAas8Qr:7YWD7geCowC5WTiewVMDQRpvr
    MD5:1B296B0DDD911ED3750B3DF93B395CD5
    SHA1:D4265DD4F0F1D7A06D80DF5A5F475D5FF9C17140
    SHA-256:C5994010BCDCE1D2BD603A4D50C47191DDBD7875D1157B23AAA26D33C82FDA13
    SHA-512:F4790768C0D958B3429A3241ABB15F9BB6E2FD7F43A5E034DDE6A3A6820E6941C00F10AD084D5C38F8EDC144E7ACBEA7BA3DC8952F01DAB41E443803DB2A4EFC
    Malicious:false
    Preview:PK.........,S................META-INF/PK.........,S..^.k...a.......META-INF/MANIFEST.MF.VMs.0..3...pjg....b.C..N..i..!/..Yr%..................X.u.o0Vh....[w..$.?..e!$.sY...k.\....&.I...A&..O....u......'K......6.B..wS+T,..3grh.n.O...>.g....._ ....C.r.Ki.;..d*.....sa z.......J..RP.$........[.E..\...,...`Cby.......H..n.v=._..:.3E.4c..u. :S..T..hv.<.>.......2.G.|2.\...h.Yr~5..p.R....q.yU.....\.....;"s..{.K......h..l..oP.6!). s..2~.....mQ*.f....7.c....2.n=...Lc...v....P..^wN!t!T..D....q.I>.U..A..q6.5..H.X.A..6o......PR.q..9.iX..\._.....n.g:.....*2..c..y>......~...g.3.&3.V..p.d*...@.(...HA......w..]B[0+.#........~.......}..i}-.....s..pga..R5..n=1..{.mX...'.cp.m.g.....W.s8.....X......~"S....2q.<.[.4\.Dtr..=4.l.....lR(..Q..bZg....S.m.84y..W.<?^.....HZ..4..!..XO.y>...i..P..l.j.C....j|a)U......><]..j...O....iM...yN+. ....v.y..8.Z{......+^P...G.9.a/.G}zMG.q.N....|..A..V.k.uo.9...[,r..@.$)^.BF.... '..g0..W...PK.........,S................org/PK

    C:\jar\META-INF\libraries\oshi-core-5.8.5.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v2.0 to extract
    Category:dropped
    Size (bytes):879623
    Entropy (8bit):7.938427613520685
    Encrypted:false
    SSDEEP:12288:CzI876kE5XmJ6zhG+HzbbyVnjFv9Mh1k7g2021RWB17MCRg0WYuzIyVlrPAho2:CGksbr3W7uh1E021RwpRn8zI8Whj
    MD5:D9136523E32958EA5F192D18B5EF283C
    SHA1:1D0EC654D820741327F5A9229D513732A4B7CE50
    SHA-256:FE16BD8836EECF3D152585C2151322273B68237D13F223E662E0DB959DD13680
    SHA-512:2311C6921ED78176A2259038144E843140B225A28E5BD3F7B1E20F695F19C94C601134240EBF2D185D11A3DBC58403D5297CAC9F93DD18B0867B504D523FD962
    Malicious:false
    Preview:PK..........xS................META-INF/MANIFEST.MF.Y[o.6.~...@.aH.K..8q..h..[..-.t+...h..$z$....;G.[....%.H..;w...4.....'...xN\....V2.Y`....s...w.1O..........x.....#..../.O5..\.lN.Zq......tSg...!3....:d..u.p.@......7...l........i...%..s.s....7.c.v]{<%...d2w'.0..H.\i.wO...;<..k..{.J.K...M.<..l...M...<.6...._^\..K.x..}#......>?K.2..O>=.o...jc....7.VDk..<.D..{...tV.z.r.ti.m..........`.|r1sg....D.....1.K..)....xc{T......gvL.I../..(."..Q.{..'.'...X$w......P.)..YK...F(.P.^.T.8. .Q@.LK...jDT..U.9..D,.r3"....H...xTk&.........,DS..^(..+.Q.^[...#...!,..;($..w"....|.1....l..*UHgb...WZ..''....;.H'.(.^x.J.jdOo...@...+.......5[J..31...........'..A......Nc....5..}.>..$.u....O.U...3.=Vi..'avJ...N...om.`....I.p{?'I..[.../..Y...aq.....Nh^.......%Y@j.k...R..TB..i.....<..0.(.io..m.........L.'...v....ip....n.......OJ,4>9h...E.."+T.R.'....fG..]C:...k~....[..2.DC...:.2.9kl...f & .lD..U..A.;.H.N&...Jb.GL...\.(f./1.[...u..........,-......BY(..#. .y..0..$c..

    C:\jar\META-INF\libraries\plexus-interpolation-1.26.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Java archive data (JAR)
    Category:dropped
    Size (bytes):85348
    Entropy (8bit):7.795826989332706
    Encrypted:false
    SSDEEP:1536:+fEkfKDlp6fEDCAI2xlz53p9wRwj2tGXZ1XKOszWR9lnd:+fbf6lp6bd2xR559w2j7Z1Cyd
    MD5:1049AE9F5CD8CF618ABF5BC5805E6B94
    SHA1:25B919C664B79795CCDE0EDE5CEE0FD68B544197
    SHA-256:B3B5412CE17889103EA564BCDFCF9FB3DFA540344FFEAC6B538A73C9D7182662
    SHA-512:6C3B40442ADF721D325EE9CBF935D758223A04B3BD8E0F3B60FDB652175C1CA65A6010F7EA8288617FFA73CB1F19D2737C79C403D343B285E0F9AFB1729CAA60
    Malicious:false
    Preview:PK........M..N................META-INF/MANIFEST.MF.....TMo.0..#..,.+*mLH........B...........)].B{B..7o..0.......@....._.]...3c'..X..p...\.....n...........]D.w....l.u..K.~.....N.~.d*a...i..".~W..!.......b,..I..5.I..Y.&......|.U..l......8$.k..........i".".S.Z.c,"H.T..zMY..P...,.Mk<..ogC/.>..[.'....A.t....|.Z....<!W.Q..m.s.:..E.s.,[.s+...\..Jt...^.8......w..H&l.))........Li.Mq.,9..^......@..!..b...[....Eu....`.=.;r.Zo.`..4....T.~ t\E........y..Lo*.O..|J..Xb.n._h.....r...k..'7..5.}.Z.8o.@.........kw./.........h.A.z1.J.8..f..........i.....WJ..].s<8>.k../.~.<..kOPK...;."........PK........MQ.N................META-INF/..PK..............PK........MQ.N................META-INF/maven/..PK..............PK........MQ.N............#...META-INF/maven/org.codehaus.plexus/..PK..............PK........MQ.N............8...META-INF/maven/org.codehaus.plexus/plexus-interpolation/..PK..............PK........M..N............F...META-INF/maven/org.codehaus.plexus/plexus-interpol

    C:\jar\META-INF\libraries\plexus-utils-3.3.0.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v1.0 to extract
    Category:dropped
    Size (bytes):263253
    Entropy (8bit):7.9565600946226605
    Encrypted:false
    SSDEEP:6144:VwLgfVMxyWmyU2z6djrzrAF26TDe382fsvKtWv:qLgdMxdmyUFxrAF2IDA8lvKgv
    MD5:3AE76FF0195ADA460D495EFE1FB50D17
    SHA1:CF43B5391DE623B36FE066A21127BAEF82C64022
    SHA-256:76D174792540E2775AF94D03D10FB2D3C776E2CD0AC0EBF427D3E570072BB9CE
    SHA-512:A93038005CD9793476C913BEAEA7C8C170D1853DDDF39BF6794AD6446165EAF538C2C3C2314BAA9D919D6B0BDA78E5EA3CD987D5DBACF8E3B98E315BCFA7DB64
    Malicious:false
    Preview:PK..........KO....Y...`.......META-INF/MANIFEST.MF.M..LK-...K-*...R0.3..r*..).u..R.H-*K....z.d..........r9..&.....:.$&g.*.&...).....r.r..PK......Y...`...PK..........KO................META-INF/PK..........KO................org/PK..........KO................org/codehaus/PK..........KO................org/codehaus/plexus/PK..........KO................org/codehaus/plexus/util/PK..........KO................org/codehaus/plexus/util/io/PK..........KO................org/codehaus/plexus/util/xml/PK..........KO............"...org/codehaus/plexus/util/xml/pull/PK..........KO............$...org/codehaus/plexus/util/reflection/PK..........KO............'...org/codehaus/plexus/util/introspection/PK..........KO................org/codehaus/plexus/util/cli/PK..........KO............#...org/codehaus/plexus/util/cli/shell/PK..........KO................org/codehaus/plexus/util/dag/PK..........KO................licenses/PK..........KO................META-INF/maven/PK..........KO............#...META-INF/ma

    C:\jar\META-INF\libraries\protobuf-java-3.19.4.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Java archive data (JAR)
    Category:dropped
    Size (bytes):1681869
    Entropy (8bit):7.956936168121539
    Encrypted:false
    SSDEEP:24576:tQ71ZrlWj2n17D+ldC1vwb5fj4GPFKH8Ck/Ld4XRKsK/qCCDoifYxlXCT7eD6nSd:+m41PN1vwFfj4EmXgqCCDoifYxG0Pd
    MD5:1697B144988CBE6529FD3C4AD56FE882
    SHA1:748E4E0B9E4FA6B9B1FE65690AA04A9DB56CFC4D
    SHA-256:E8F524C2AD5965AAE31B0527BF9D4E3BC19B0DFBA8C05AEF114FCCC7F057C94D
    SHA-512:6BE2FF0EC2AA2A9D81D0A7E6C9AD9A54D806A85B06114A0B8C41D7182F118C9306E766BD8BD3F156E53C404142981D82ECC09D91C278FDA1793DBF72408AADC3
    Malicious:false
    Preview:PK..........<T................META-INF/MANIFEST.MF....}.Mo.@.....V.*"e..(.F....T(..DU.^..U..w?h....P...mg.W.;k.e...o`.D...%qt.........g.......R.j..s_..B.t.....P..h8.L..q2..C......s....G:Ii...S...!#\..+8...B...0.vGiK4@6.b..,|Y..D..ps`.+<......?.,.h.4.Xg.p.@A..8..pM..e)...........\.)..R..].......s..z........<.v..(...z.......@.......T=..mo.....T..1.Sp....R..;7........].a...m;.+.,..a.-.p..1....' k..M...Q..:..^j4.n.x.....-|.i.8...s.z.v......Oa.......W.>6...U.?.O/..%.y..tA>.J2.Y.N.L6.t?tOo.{...........D.....,..?I?&.4I..Q...PK...+U.....R...PK..........<T................META-INF/..PK..............PK..........<T................META-INF/maven/..PK..............PK..........<T............#...META-INF/maven/com.google.protobuf/..PK..............PK..........<T............1...META-INF/maven/com.google.protobuf/protobuf-java/..PK..............PK..........<T............?...META-INF/maven/com.google.protobuf/protobuf-java/pom.properties5....0...{."..a..t....Y? .Z.M........GV.<...

    C:\jar\META-INF\libraries\slf4j-api-1.8.0-beta4.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v1.0 to extract
    Category:dropped
    Size (bytes):44213
    Entropy (8bit):7.8381634171276096
    Encrypted:false
    SSDEEP:768:ZU+bZ8T4E15CLi/e9xqrwKpJbB63K1aTO8Zbjkuh+E3bz61tieZu3IW2vH:ZUCVC/uxupC3rTPZ/kuMmbzCLAE
    MD5:E8147675316A5BC78D1BA5D8CDB9E578
    SHA1:83B0359D847EE053D745BE7EC0D8E9E8A44304B4
    SHA-256:602B712329C84B4A83C40464F4FDFD0FE4238C53EF397139A867064739DBF4E0
    SHA-512:255CAB5BF744FC38D9C39625A50913EE3DAE1ABC47945362E63D58B029053F9B669D1F0D5A5EC89ABF294FA25FBE92FEB0A249060F74B3D40213646554EE5C35
    Malicious:false
    Preview:PK..........SN................META-INF/PK..........SN~.DtR...........META-INF/MANIFEST.MF...N.0..........(..i.N...)..*][.n....0..x...8..4... .x.&.J.....7l.K0..D....I..j!.}........ }oPpa.9.-?.S...........T..A....1w..Xu.P.2n,-.....,...8..2..V._&|4%...OA..!D...{.x.2.].L....G/U.-.Y.mI........T.69....4.l.-...f.(iG[....T...^..1y.>7....n .v...+.%7JV.!.;.....N+c.-]...I..<`>.n{s.I....{.k.B;..e.~.u&...W..:.%D;.{?PK..........SN................META-INF/versions/PK..........SN................META-INF/versions/9/PK..........SN................org/PK..........SN................org/slf4j/PK..........SN................org/slf4j/event/PK..........SN................org/slf4j/helpers/PK..........SN................org/slf4j/spi/PK..........SN.......,...%...META-INF/versions/9/module-info.classU.An.@.E..i...dz..L@.....j.J9A.....4)Ys........Z.-}.O....s8.x...6...s.r&t7z..y........o.E.D...T..X.+....D>.!.3...d./'k.............V......_..|r.eS...\q..Lf).J....J-....o<.<k.u[G..._.-....N

    C:\jar\META-INF\libraries\snakeyaml-1.30.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Java archive data (JAR)
    Category:dropped
    Size (bytes):331605
    Entropy (8bit):7.860912004159446
    Encrypted:false
    SSDEEP:6144:C4fnOnNdMmabXXEX5UIlQW5a9YOY8lMJP1RM4jt573MJDH7:H2ELbXXE+1VKp1RBjz73MJz7
    MD5:BA063B8EF3A8BFD591A1B56451166B14
    SHA1:8FDE7FE2586328AC3C68DB92045E1C8759125000
    SHA-256:F43A4E40A946B8CDFD0321BC1C9A839BC3F119C57E4CA84FB87C367F51C8B2B3
    SHA-512:B00F52326CAE804D0DBB48C0ED7F3A98CDEBBCE9B145F685C616E4049B65183A18E98CA29B7B0275971F9ECE52138D0015BB9771902532084CB2CC07A264CFC6
    Malicious:false
    Preview:PK.........S................META-INF/MANIFEST.MF.....UMo.0..G...8.@jB.Z..8P.C+..e....M..".......}NhZA..E...x</oN.].T./..r.X...8S<!....GY...I ..X;...dd...4.Yd.T..+..2.{.;....n...2.G.s.........bU..."1.^a....d(h.r1....VyVJ..a..Y.P..{..L.......D..J.A.............m.=M./...;........(......}k-.\_..7..5.../..\..D.Q....s..l.YE...gk.Lc.O.P.+.7d]y.....4w....a.$..d.4OR.nW@.....Y.xU.)..x....WP...hv......... L.P1...e.AZ..2%.L..1.G..y.C.^h.)@..bS...i........c9.y..AP....._|V|...@E..i...S..........oNZ.rEe.-.....<....P...rN{C...".:..G Oe.....|...^...5j...{.'.V.g...J.5.N.\.M.....{.3..T...rM.....S......>...l\L;.....h......v.....;...vh...PK......c.......PK.........S................META-INF/..PK..............PK.........S................META-INF/maven/..PK..............PK.........S................META-INF/maven/org.yaml/..PK..............PK.........S............"...META-INF/maven/org.yaml/snakeyaml/..PK..............PK.........S............0...META-INF/maven/

    C:\jar\META-INF\libraries\sqlite-jdbc-3.36.0.3.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Zip archive data, at least v2.0 to extract
    Category:dropped
    Size (bytes):9731064
    Entropy (8bit):7.991055975482359
    Encrypted:true
    SSDEEP:196608:xUmN8NAl7yIvEbGopi1YvoBdaoAizANsZfadOI4IxcQ1b4c3Jzj4OW4uH544q:xTNzlOIYpeYwfaoAiM+f7I531P9jRR4q
    MD5:F56CAC7AFB2EB1B994F5C06B358827A2
    SHA1:7FA71C4DFAB806490CB909714FB41373EC552C29
    SHA-256:AF3A3376391E186A0FED63ECD414B72A882BF452667B490A0BE3ABF85B637D3F
    SHA-512:32E789A0DD37C848E927F3AFA7FA1820163C165830CE01E9F341F6E01733B3311D034D004030541D6FC574AE54204C39C96D0D68F9DD4C88094147CF32A2681F
    Malicious:false
    Preview:PK...........S<......-.......META-INF/MANIFEST.MF...n.0.E......%..a.2.../..i......aB.*I....J....f...sG.%...XG...R.%.X.G3....cI..^..Y...d..B.yV.F.q4m...Q..U..^...uz...R.V.}.[(.6.v.#.b......BB-.[.Z."A cT.E.}..Y..Xx:K...5.5.@.O....[.......=...tF.\.n.A.....{zu.)...~.x..a.......a6.Z.i............p.g=1.'..v..}c..cle.Q..9q..p98...a7E....6.>..o>.=j....W'.............8".6pZ..........0>....:..8..(@.mM............$..'w9.K`qeQ..H.l.W.$....?;....Z......s.G?....J..WW...$~.s..,O."..#..y....PK...........S................META-INF/PK...........R................org/PK...........S................org/sqlite/PK...........S................org/sqlite/core/PK...........R................org/sqlite/native/PK...........R................org/sqlite/native/DragonFlyBSD/PK...........R............&...org/sqlite/native/DragonFlyBSD/x86_64/PK.........a.S................org/sqlite/native/FreeBSD/PK........L..S................org/sqlite/native/FreeBSD/x86/PK.........a.S............"...org/sqlite/nativ

    C:\jar\META-INF\main-class

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:ASCII text, with no line terminators
    Category:dropped
    Size (bytes):27
    Entropy (8bit):3.6339740759971573
    Encrypted:false
    SSDEEP:3:NAqRwAyL:WLL
    MD5:441BB581457801A7FC33986652E2E92D
    SHA1:726013FEB79A1E6CF1535E230B9AF9A4CA8846F4
    SHA-256:4EE7570B5EB6F0306DA64F7832A650E74A6AE6711B729E4F7D0ED545E4962F47
    SHA-512:9129625F695A20CB849C07871B0851EA92C3818AA06C839B8DFDA3982652B5D51F69A9628D4EE098148309D8C8750FFF267C1BEAE7690952101E83BE88F8C0A4
    Malicious:false
    Preview:org.bukkit.craftbukkit.Main

    C:\jar\META-INF\versions.list

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:ASCII text
    Category:dropped
    Size (bytes):101
    Entropy (8bit):4.697111236421945
    Encrypted:false
    SSDEEP:3:4Q8mcxlQ6DEQ0C904odmDT3FrQDSU5lbG/:4QBeDcS5oMmDn5lbG/
    MD5:12B6E57C20BF9B9734260F563BF05345
    SHA1:9C29A3BF216695239EAF7B3E6BC1B9F22511A012
    SHA-256:B9683E228D6E5F16C24ED454B6FB6B0C74C742B88805525E980726A9DC1397E6
    SHA-512:C7359D8BE986AB6C9AB3A13F69FE13CB7C565732D52253563F53D54D98963A1B6486B861BFD51B3B47EDD009FB3A2586FE768CA4E8D1AA237AA15D201312A8C6
    Malicious:false
    Preview:a4597ebc9b49925f490faf7116c9188d90047a741ed314e50cf108d5f0bb8f44 *craftbukkit-1.19-R0.1-SNAPSHOT.jar.

    C:\jar\META-INF\versions\craftbukkit-1.19-R0.1-SNAPSHOT.jar

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:Java archive data (JAR)
    Category:dropped
    Size (bytes):15664779
    Entropy (8bit):7.892567413814785
    Encrypted:false
    SSDEEP:393216:xi9A8QcgS1mmwP0a431I/RycSoiTDwtrCBW+q:xi9AjcgAoV431IZHd9tHZ
    MD5:CB0B564DB014C24164BF40693AC400CF
    SHA1:2CD821BB9F5815B73338AD2E1FCAA8B9597912E1
    SHA-256:A4597EBC9B49925F490FAF7116C9188D90047A741ED314E50CF108D5F0BB8F44
    SHA-512:7E63DE50ED583B297555937AFD998FB498087A91643803F952F9947B7898194D54196791380EC521EC8132F2A571F8B061810C7B32C42F007DF3A16B186670DC
    Malicious:false
    Preview:PK........wp.T................META-INF/......PK..............PK........wp.T................META-INF/MANIFEST.MF.....0.E.$..?P.@QY.......q0.}.v...*.0j.5.g.A.......FW.2..h.n..j.....$.Jv.z..a.../..Wy....d..9...a.m......f;..U.........9..H..$..(.\.".1.N7.D/.7.Y.=.M.4i..'2.z=hs..qt..VvF-F.E.B.x..fD#.C.}...PK../9Nb........PK........wp.T................com/..PK..............PK........wp.T................com/mojang/..PK..............PK........wp.T................com/mojang/brigadier/..PK..............PK........wp.T................com/mojang/brigadier/CommandDispatcher$1.class.T]O.A.=..J.E*BA@.-..dA.....I..<.L.c;..mv..~.........I.....@.hj....9..{g.........)..u{.[U...*.H....^.V.t..3j.I......w........#./.4=i...I...8."..|.\y...(.]...Rn........1Lt..F/C....a...|aD.z..t...P.}.E.{...*C.kRz+.(b..0..L.}?.k.. CH.`.t..\.).p=.\`...Ko3.].[.Q....a\e..k...R...0...c...U.4+...F.zR..m..>Q.cJQ....C.q...;^g.?...%."...F.....q...d..&^...4d.F.....C..v.U...S.5..1.X.b.K.=.j4....S).....a8u.

    C:\jar\org\bukkit\craftbukkit\bootstrap\Main$FileEntry.class

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:compiled Java class data, version 61.0
    Category:dropped
    Size (bytes):2352
    Entropy (8bit):5.336325167306116
    Encrypted:false
    SSDEEP:48:PKwC+GwQQ5hTFdwzgw/brPkb+HwOIwA8Jw3l91tN+GbIp1/lf2uwboncihP3a:vsrPJ3Ql/byFybonhP3a
    MD5:E4C9882121B40F14EDE0DAD22CC75A22
    SHA1:E57B9469F7E9043B43C1612A708B0D8114366D18
    SHA-256:8D49D6ECCA511720F737D706E1160A7D9E6335A1CBC553C4AACC002836B6F7FB
    SHA-512:496443FFA9F743C06164A424659A060B85372808D59E31CCE045D7423B0459494D9AD7034DBE0DB52EB561F371FE65F4FDE26EF3249E20973E4B58709A0E7DD9
    Malicious:false
    Preview:.......=.h../org/bukkit/craftbukkit/bootstrap/Main$FileEntry......java/lang/Record......Main.java..%org/bukkit/craftbukkit/bootstrap/Main.....%java/lang/invoke/MethodHandles$Lookup......java/lang/invoke/MethodHandles......Lookup...FileEntry...hash...Ljava/lang/String;...id...path...<init>..9(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)V...()V...........................................this..1Lorg/bukkit/craftbukkit/bootstrap/Main$FileEntry;...parseLine..E(Ljava/lang/String;)Lorg/bukkit/craftbukkit/bootstrap/Main$FileEntry;... ..!...java/lang/String..#...split..'(Ljava/lang/String;)[Ljava/lang/String;..%.&..$.'...java/lang/IllegalStateException..)...java/lang/StringBuilder..+...Malformed library entry: ..-...(Ljava/lang/String;)V..../..,.0...append..-(Ljava/lang/String;)Ljava/lang/StringBuilder;..2.3..,.4...toString...()Ljava/lang/String;..6.7..,.8..*.0...[Ljava/lang/String;..;...substring...(I)Ljava/lang/String;..=.>..$.?.........A...line...fields...hash;id;path..E...........

    C:\jar\org\bukkit\craftbukkit\bootstrap\Main$ResourceParser.class

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:compiled Java class data, version 61.0
    Category:dropped
    Size (bytes):535
    Entropy (8bit):5.177910230447568
    Encrypted:false
    SSDEEP:12:qcwHzxkRNIagR1PzwHqGb7c8YvWFvryp39tN52i8W:qcwHdkGDzwHHwTvWyp39tNf8W
    MD5:E33D18D3556F3437C157B543FF55E943
    SHA1:A7E8A2C252E4C544549F517E114AC6C3DC498B6E
    SHA-256:4E59751CDE879F977B4884EAA60FB6D3FECB5E5E4327F781E2B8FF04457375E7
    SHA-512:C88C1529FABEA6A6EABCF97AE2D247F85B42421FEB9248B0762E88FFF59D22AE7A7FAF023C69F352C7197387FECB2F44BE0AFF22C3DDF6409BF91A16B965E595
    Malicious:false
    Preview:.......=....4org/bukkit/craftbukkit/bootstrap/Main$ResourceParser.....(<T:Ljava/lang/Object;>Ljava/lang/Object;...java/lang/Object......Main.java..%org/bukkit/craftbukkit/bootstrap/Main......Ljava/lang/FunctionalInterface;...ResourceParser...parse..,(Ljava/io/BufferedReader;)Ljava/lang/Object;...(Ljava/io/BufferedReader;)TT;...java/lang/Exception......Exceptions...Signature...InnerClasses...SourceFile...RuntimeVisibleAnnotations...NestHost............................................................................................

    C:\jar\org\bukkit\craftbukkit\bootstrap\Main$Thrower.class

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:compiled Java class data, version 61.0
    Category:dropped
    Size (bytes):1018
    Entropy (8bit):5.160669451471204
    Encrypted:false
    SSDEEP:24:7wHFvDzwHIcAwHvwH7wMwH3Sulj/bdtNje+9Wn7/I3k4:7wpfwopwPwbwMwXlttNjdWzWk4
    MD5:2E5AD07E3437EC8E16ECD920AE103776
    SHA1:359EAF0840D2810BDEA616C866DE27D31700917F
    SHA-256:8E4B961162E6429D1768DC9BBB3AEDF727BA09D55206FBF1303571ED6580ECAB
    SHA-512:BDC547EA57D69A4A4F53FDD5B268F16269235FCE58B7E447A44D532537754035466BD7A67008FA952A0D2F7C4831CF4287D8F40797F608AEED2502F12F303A40
    Malicious:false
    Preview:.......=.'..-org/bukkit/craftbukkit/bootstrap/Main$Thrower.....+<T:Ljava/lang/Throwable;>Ljava/lang/Object;...java/lang/Object......Main.java..%org/bukkit/craftbukkit/bootstrap/Main......Thrower...INSTANCE../Lorg/bukkit/craftbukkit/bootstrap/Main$Thrower;..MLorg/bukkit/craftbukkit/bootstrap/Main$Thrower<Ljava/lang/RuntimeException;>;...<clinit>...()V...<init>............................this..4Lorg/bukkit/craftbukkit/bootstrap/Main$Thrower<TT;>;...sneakyThrow...(Ljava/lang/Throwable;)V...(Ljava/lang/Throwable;)V^TT;...java/lang/Throwable......exception...Ljava/lang/Throwable;...Signature...Code...LineNumberTable...LocalVariableTable...LocalVariableTypeTable...Exceptions...InnerClasses...SourceFile...NestHost. .......................................#...........Y............ .......................A........*......... ...........!.................".............................H........+...... ...........!...........................".................#...................$....................

    C:\jar\org\bukkit\craftbukkit\bootstrap\Main.class

    Download File
    Process:C:\Windows\System32\7za.exe
    File Type:compiled Java class data, version 61.0
    Category:dropped
    Size (bytes):11259
    Entropy (8bit):5.846335550561552
    Encrypted:false
    SSDEEP:192:kSxU/Nmnqtz+RaWwlpsWk/EHElur4HaLnTRL79lChN:kSxGDow/sWk/EkAkHaLV1sn
    MD5:1D64B5D8DC345A470B74495E47E94E56
    SHA1:3E6061D65B66A074E94F0D34BA89B07197643FFA
    SHA-256:2A44DB2ACDD01F34D5F427FE814E5C22CF0F5AE23377FA4068FB3473141CD1F6
    SHA-512:297A0A5289CC5019A5F6FD09E6FCAE60E9938E66EC1B3159FE07D3247D94E761241E635F9612E37BE2D2879B032305BF2C631F79B6445AF3208095A27CA304A1
    Malicious:false
    Preview:.......=....%org/bukkit/craftbukkit/bootstrap/Main......java/lang/Object......Main.java../org/bukkit/craftbukkit/bootstrap/Main$FileEntry.....4org/bukkit/craftbukkit/bootstrap/Main$ResourceParser.....-org/bukkit/craftbukkit/bootstrap/Main$Thrower.....%java/lang/invoke/MethodHandles$Lookup......java/lang/invoke/MethodHandles......Lookup...FileEntry...ResourceParser...Thrower...<init>...()V.............this..'Lorg/bukkit/craftbukkit/bootstrap/Main;...main...([Ljava/lang/String;)V........run.............argv...[Ljava/lang/String;...java/lang/Exception.."...main-class..$..,(Ljava/io/BufferedReader;)Ljava/lang/Object;..&...java/io/BufferedReader..(...readLine...()Ljava/lang/String;..*.+..).,...-..,(Ljava/io/BufferedReader;)Ljava/lang/String;../.."java/lang/invoke/LambdaMetafactory..1...metafactory...(Ljava/lang/invoke/MethodHandles$Lookup;Ljava/lang/String;Ljava/lang/invoke/MethodType;Ljava/lang/invoke/MethodType;Ljava/lang/invoke/MethodHandle;Ljava/lang/invoke/MethodType;)Ljava/lang/invoke

    Static File Info

    General

    File type:Zip archive data, at least v2.0 to extract
    Entropy (8bit):7.999405422787212
    TrID:
    • Java Archive (13504/1) 62.80%
    • ZIP compressed archive (8000/1) 37.20%
    File name:craftbukkit-1.19.jar
    File size:66733731
    MD5:97cf25386025399d99b687811dedad1f
    SHA1:257c033c6de04bc793f9b76a4853de304ca7ee8c
    SHA256:9d903af9c4cf6f3b0a0a1c493402545ab306da69bedc749c514c61e3048e14cd
    SHA512:82c9f7315bcd11a58d5ebcae71ba34e4d582cd00e3f06b2ce00526e3a86b74276fb93db2e70c59e72e1ce0f5639feb4bfdc12c14587596f43676fc8d74c98a93
    SSDEEP:1572864:eL/sAHwPR/qzPbSLvxcvvmpdhhVDikFTeasqCfU7Y:eL/HK/qbbSLxrPhhVDikZjsqwU7Y
    TLSH:7CE73316F936D5596F2FBAE1E0241D62400D09493A7AFCB2F708536C33EF9DC62B2598
    File Content Preview:PK.........@.T.Z{zh...o.......META-INF/MANIFEST.MF-....@......!?p.J......=.X.rW.(...B.7...,l.FV.Z24x..W&.G.}2.w~.......p..........2T}.tl.8.J..=...J/...b..PK.........@.T................META-INF/PK.........@.T................META-INF/libraries/PK.........@.

    File Icon

    Icon Hash:d28c8e8ea2868ad6

    Network Behavior

    No network behavior found

    Statistics

    Behavior

    Click to jump to process

    System Behavior

    General

    Target ID:0
    Start time:20:55:26
    Start date:01/08/2022
    Path:C:\Windows\System32\cmd.exe
    Wow64 process (32bit):false
    Commandline:C:\Windows\system32\cmd.exe /c 7za.exe x -y -oC:\jar "C:\Users\user\Desktop\craftbukkit-1.19.jar"
    Imagebase:0x7ff70ecc0000
    File size:280064 bytes
    MD5 hash:9D59442313565C2E0860B88BF32B2277
    Has elevated privileges:true
    Has administrator privileges:true
    Programmed in:C, C++ or other language
    Reputation:moderate
    There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

    General

    Target ID:1
    Start time:20:55:27
    Start date:01/08/2022
    Path:C:\Windows\System32\7za.exe
    Wow64 process (32bit):true
    Commandline:7za.exe x -y -oC:\jar "C:\Users\user\Desktop\craftbukkit-1.19.jar"
    Imagebase:0x740000
    File size:289792 bytes
    MD5 hash:77E556CDFDC5C592F5C46DB4127C6F4C
    Has elevated privileges:true
    Has administrator privileges:true
    Programmed in:C, C++ or other language
    Reputation:high
    Show Windows behavior

    File Activities


    General

    Target ID:3
    Start time:20:55:55
    Start date:01/08/2022
    Path:C:\Windows\System32\cmd.exe
    Wow64 process (32bit):false
    Commandline:"C:\Windows\System32\cmd.exe" /c java.exe -jar "C:\Users\user\Desktop\craftbukkit-1.19.jar" org.bukkit.craftbukkit.bootstrap.Main >> C:\cmdlinestart.log 2>&1
    Imagebase:0x7ff70ecc0000
    File size:280064 bytes
    MD5 hash:9D59442313565C2E0860B88BF32B2277
    Has elevated privileges:true
    Has administrator privileges:true
    Programmed in:C, C++ or other language
    Reputation:moderate
    Show Windows behavior

    File Activities


    General

    Target ID:4
    Start time:20:55:55
    Start date:01/08/2022
    Path:C:\Windows\System32\conhost.exe
    Wow64 process (32bit):false
    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Imagebase:0x7ff6a8820000
    File size:885760 bytes
    MD5 hash:C5E9B1D1103EDCEA2E408E9497A5A88F
    Has elevated privileges:true
    Has administrator privileges:true
    Programmed in:C, C++ or other language
    Reputation:moderate
    There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

    General

    Target ID:6
    Start time:20:55:56
    Start date:01/08/2022
    Path:C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_5125953\java.exe
    Wow64 process (32bit):true
    Commandline:java.exe -jar "C:\Users\user\Desktop\craftbukkit-1.19.jar" org.bukkit.craftbukkit.bootstrap.Main
    Imagebase:0x840000
    File size:245536 bytes
    MD5 hash:8281414DAC699B2B3ED78096625071E5
    Has elevated privileges:true
    Has administrator privileges:true
    Programmed in:Java
    Reputation:low
    Show Windows behavior

    File Activities


    General

    Target ID:8
    Start time:20:55:57
    Start date:01/08/2022
    Path:C:\Windows\SysWOW64\icacls.exe
    Wow64 process (32bit):true
    Commandline:C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
    Imagebase:0xc00000
    File size:29696 bytes
    MD5 hash:BD5694D5E2843F93882085800BF642BC
    Has elevated privileges:true
    Has administrator privileges:true
    Programmed in:C, C++ or other language
    Reputation:low
    There is hidden Windows Behavior. Click on Show Windows Behavior to show it.

    General

    Target ID:9
    Start time:20:55:57
    Start date:01/08/2022
    Path:C:\Windows\System32\conhost.exe
    Wow64 process (32bit):false
    Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
    Imagebase:0x7ff6a8820000
    File size:885760 bytes
    MD5 hash:C5E9B1D1103EDCEA2E408E9497A5A88F
    Has elevated privileges:true
    Has administrator privileges:true
    Programmed in:C, C++ or other language
    Reputation:moderate

    General

    Target ID:13
    Start time:20:56:25
    Start date:01/08/2022
    Path:C:\Program Files (x86)\Java\jre1.8.0_291\bin\javaw.exe
    Wow64 process (32bit):true
    Commandline:"C:\Program Files (x86)\Java\jre1.8.0_291\bin\javaw.exe" -jar "C:\Users\user\Desktop\craftbukkit-1.19.jar"
    Imagebase:0x870000
    File size:246048 bytes
    MD5 hash:06A0249651EC0977986DE87F7813F30C
    Has elevated privileges:false
    Has administrator privileges:false
    Programmed in:C, C++ or other language
    Reputation:low
    Show Windows behavior

    File Activities


    General

    Target ID:15
    Start time:20:56:38
    Start date:01/08/2022
    Path:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
    Wow64 process (32bit):true
    Commandline:C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\user\Desktop\UOOJJOZIRH.pdf
    Imagebase:0xa60000
    File size:3141816 bytes
    MD5 hash:0EAC436587F5A1BEF8AEB2E2381D2405
    Has elevated privileges:false
    Has administrator privileges:false
    Programmed in:C, C++ or other language
    Show Windows behavior

    File Activities


    Disassembly

    No disassembly