Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
Mtcn_3259356251.jar

Overview

General Information

Sample name:Mtcn_3259356251.jar
Analysis ID:1524314
MD5:7fefa6601ba7798f5a92c4907a04d675
SHA1:a44d75a42ac89a7d5060578e681f20993eccb76f
SHA256:3dbba68c10b532ecbd126c1172717d7f6c63d3e3fc4978aa8f58a919269b6374
Infos:

Detection

Branchlock Obfuscator
Score:56
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Multi AV Scanner detection for submitted file
Yara detected Branchlock Obfuscator

Classification

Process Tree

  • System is w10x64_ra
  • 7za.exe (PID: 5564 cmdline: 7za.exe x -y -oC:\jar "C:\Users\user\Desktop\Mtcn_3259356251.jar" MD5: 77E556CDFDC5C592F5C46DB4127C6F4C)
    • conhost.exe (PID: 6496 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
  • cleanup

Yara Signatures

Initial Sample

SourceRuleDescriptionAuthorStrings
Mtcn_3259356251.jarJoeSecurity_BranchlockObfuscatorYara detected Branchlock ObfuscatorJoe Security

    Memory Dumps

    SourceRuleDescriptionAuthorStrings
    00000000.00000003.7023392945.00000000031B0000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_BranchlockObfuscatorYara detected Branchlock ObfuscatorJoe Security
      00000000.00000002.7023950005.00000000014F0000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_BranchlockObfuscatorYara detected Branchlock ObfuscatorJoe Security
        00000000.00000002.7024085039.0000000003185000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_BranchlockObfuscatorYara detected Branchlock ObfuscatorJoe Security
          00000000.00000003.7023068203.00000000030AF000.00000004.00000800.00020000.00000000.sdmpJoeSecurity_BranchlockObfuscatorYara detected Branchlock ObfuscatorJoe Security
            00000000.00000003.7023135764.00000000031B0000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_BranchlockObfuscatorYara detected Branchlock ObfuscatorJoe Security
              Click to see the 1 entries

              Sigma Signatures

              No Sigma rule has matched

              Suricata Signatures

              No Suricata rule has matched

              Joe Sandbox Signatures

              Click to jump to signature section

              Show All Signature Results

              AV Detection

              barindex
              Multi AV Scanner detection for submitted file
              Source: Mtcn_3259356251.jarReversingLabs: Detection: 23%
              Source: classification engineClassification label: mal56.evad.winJAR@2/6@0/0
              Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6496:120:WilError_03
              Source: C:\Windows\System32\7za.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers
              Source: Mtcn_3259356251.jarReversingLabs: Detection: 23%
              Source: unknownProcess created: C:\Windows\System32\7za.exe 7za.exe x -y -oC:\jar "C:\Users\user\Desktop\Mtcn_3259356251.jar"
              Source: C:\Windows\System32\7za.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
              Source: C:\Windows\System32\7za.exeSection loaded: 7z.dll

              Data Obfuscation

              barindex
              Yara detected Branchlock Obfuscator
              Source: Yara matchFile source: Mtcn_3259356251.jar, type: SAMPLE
              Source: Yara matchFile source: 00000000.00000003.7023392945.00000000031B0000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000000.00000002.7023950005.00000000014F0000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000000.00000002.7024085039.0000000003185000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000000.00000003.7023068203.00000000030AF000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000000.00000003.7023135764.00000000031B0000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
              Source: Yara matchFile source: 00000000.00000003.7020393491.00000000031B0000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY

              Mitre Att&ck Matrix

              ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
              Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
              DLL Side-Loading              		1
              Process Injection              		1
              Process Injection              		OS Credential Dumping1
              System Information Discovery              		Remote ServicesData from Local SystemData ObfuscationExfiltration Over Other Network MediumAbuse Accessibility Features
              CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
              DLL Side-Loading              		1
              DLL Side-Loading              		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable MediaJunk DataExfiltration Over BluetoothNetwork Denial of Service

              Screenshots

              Thumbnails

              This section contains all screenshots as thumbnails, including those not shown in the slideshow.


              windows-stand

              Antivirus, Machine Learning and Genetic Malware Detection

              Initial Sample

              SourceDetectionScannerLabelLink
              Mtcn_3259356251.jar24%ReversingLabsByteCode-JAVA.Trojan.Generic

              Dropped Files

              No Antivirus matches

              Unpacked PE Files

              No Antivirus matches

              Domains

              No Antivirus matches

              URLs

              No Antivirus matches

              Domains and IPs

              Contacted Domains

              No contacted domains info

              World Map of Contacted IPs

              No contacted IP infos

              General Information

              Joe Sandbox version:41.0.0 Charoite
              Analysis ID:1524314
              Start date and time:2024-10-02 17:15:50 +02:00
              Joe Sandbox product:CloudBasic
              Overall analysis duration:
              Hypervisor based Inspection enabled:false
              Report type:full
              Cookbook file name:defaultwindowsinteractivecookbook.jbs
              Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
              Number of analysed new started processes analysed:14
              Number of new started drivers analysed:0
              Number of existing processes analysed:0
              Number of existing drivers analysed:0
              Number of injected processes analysed:0
              Technologies:
              • EGA enabled
              Analysis Mode:stream
              Sample name:Mtcn_3259356251.jar
              Detection:MAL
              Classification:mal56.evad.winJAR@2/6@0/0
              Cookbook Comments:
              • Found application associated with file extension: .jar

              Warnings

              • Max analysis timeout: 600s exceeded, the analysis took too long
              • Behavior information exceeds normal sizes, reducing to normal. Report will have missing behavior information.
              • Exclude process from analysis (whitelisted): dllhost.exe, SIHClient.exe
              • Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, fe3cr.delivery.mp.microsoft.com
              • Not all processes where analyzed, report is missing behavior information
              • Report size getting too big, too many NtCreateFile calls found.
              • VT rate limit hit for: Mtcn_3259356251.jar

              Created / dropped Files

              C:\jar\Branchlock_R.class

              Download File
              Process:C:\Windows\System32\7za.exe
              File Type:compiled Java class data, version 52.0 (Java 1.8)
              Category:dropped
              Size (bytes):0
              Entropy (8bit):0.0
              Encrypted:false
              SSDEEP:
              MD5:7EFF90CE4473875ED907C63A331DFAB9
              SHA1:E2FA23737A10537CCB602B4896C720FFCEC7DBA2
              SHA-256:A472D6E4E41F96623F1A0FCB807A3FCAE9F92C0D3002DE1BD46E7EC13E0E5B4A
              SHA-512:9A0DE3D6C9FB30FBA77F4BDBD339E24558ACD97D420B383DD3ABA2A488C159F36E25ED5A73EB4BC76D397810B97FAED4E69FF7D1A864305472C1CB7B331C0DF4
              Malicious:false
              Reputation:unknown
              Preview:.......4.D...Branchlock_R......java/lang/Object......I...Ljava/lang/String;..: * ......Y..: *###. ......G..: *#######( ......K..: *################# ......Q..: *## .################## ......N..: (####### .####. .*######### ......A..: ########, .#. .#######. ......g..: #######, #######. ......k..: ######, #######. ......W..: (######. #######. .."...C...M..: #######. #######, ..&...S..: ######## (#######, ## ..)...Z..: ##########. ##### ..,...L..: #################################

              C:\jar\G\g.class

              Download File
              Process:C:\Windows\System32\7za.exe
              File Type:compiled Java class data, version 52.0 (Java 1.8)
              Category:dropped
              Size (bytes):0
              Entropy (8bit):0.0
              Encrypted:false
              SSDEEP:
              MD5:037E739995E8B416E026129647D286A4
              SHA1:DDDFE83319FEC5AC9EB2586A18B656B39DFED48A
              SHA-256:0C7FD6D596AF8DAE7CC27B441D37DA402D0BED40186117E2D2ABCB4E46B761CA
              SHA-512:2BAF2FEC517A24032C43CBF1F37E64BB6E6A25D1EF2535B1FD168455E8C2C753E0EA1ACA869D13391CD0EE30D131B6746CB9C8466225568B6462887D5227482E
              Malicious:false
              Reputation:unknown
              Preview:.......4.....G/g......java/lang/Throwable......J...Ljava/lang/Throwable;...X...[Ljava/lang/Object;...W...[Ljava/lang/String;...G..'(Ljava/lang/Object;C)Ljava/lang/String;...java/lang/String......valueOf..&(Ljava/lang/Object;)Ljava/lang/String;.............(IC)F...java/lang/Float...................h..;(ILjava/lang/Object;[Ljava/lang/Object;I)Ljava/lang/Object;.............java/lang/Number......floatValue...()F.... ....!...<clinit>...()V........................................................%...toCharArray...()[C..'.(....)............ .....getStackTrace.. ()[Ljava/lang/StackTraceElement;..../....0...java/lang/StackTraceElement..2...getMethodName...()Ljava/lang/String;..4.5..3.6...hashCode...()I..8.9....:........getClassName..=.5..3.>...1ee3..@...java/lang/Integer..B...parseInt...(Ljava/lang/String;I)I..D.E..C.F...042n..H......P..A...a57ca6..L...java/lang/System..N...gc..P.$..O.Q...<init

              C:\jar\G\g\v.class

              Download File
              Process:C:\Windows\System32\7za.exe
              File Type:compiled Java class data, version 52.0 (Java 1.8)
              Category:dropped
              Size (bytes):0
              Entropy (8bit):0.0
              Encrypted:false
              SSDEEP:
              MD5:02D3B0D2DEDAE0D07B1D3637023DDFBE
              SHA1:FEC3C69AA4608F38CEBF0E70C8A718C250BA383E
              SHA-256:E3900C715D8B01613A7C390D5614B2D9B6275DBA50C23FB5F52DCE471E0A8AB0
              SHA-512:10A4F020CC9E191F9129F7257D31EC462A44EB02118FABB0B233ABB032220AE744524B493BAF13A43264E0C21989E54B9A81E5B70A95B63E2204218618EA5E93
              Malicious:false
              Reputation:unknown
              Preview:.......4.>...G/g/v......java/io/File......X...[Ljava/lang/Object;...G...()Ljava/nio/file/Path;...toPath.............J...(C)Ljava/lang/Runtime;...java/lang/Runtime...................M..:(Ljava/lang/Object;[Ljava/lang/Object;I)Ljava/lang/Object;.............h...()Z...exists.............g...(II)V...java/lang/System.....;(ILjava/lang/Object;[Ljava/lang/Object;I)Ljava/lang/Object;.... ....!...<clinit>...()V...java/lang/Object..%.0A.J.&.....java/lang/Long..)...valueOf...(J)Ljava/lang/Long;..+.,..*.-..e..."....v...()Ljava/lang/String;...getName..3.2....4...<init>...(Ljava/net/URI;)V..6.7....8..'(Ljava/lang/String;Ljava/lang/String;)V..6.:....;...Code.............................=............*.................=..................2....................=............*.................=...................9.."W........#.$...=...&...........&Y...'...SY.../...S...........1.2...=............*..5........6.7...=............*+..9........6.:...=............*+,..<.......

              C:\jar\J.class

              Download File
              Process:C:\Windows\System32\7za.exe
              File Type:compiled Java class data, version 52.0 (Java 1.8)
              Category:dropped
              Size (bytes):1910
              Entropy (8bit):5.638416376646757
              Encrypted:false
              SSDEEP:
              MD5:5F3999F081E00C16A16CC2CF796CA9E2
              SHA1:C5EE23B6E8C4E98C449FAF28A5903C90DC27F296
              SHA-256:5D7A8BC53AC2B03DA99C979B81E82251621FA426797A4AE6762664307A3C5474
              SHA-512:BFF7859EA959A0D5900B44E9D9436174E3BD116D819B8160A7A2117E684570598B5E1CFDFE96A7561CC70720BD8986B3FD5D3D5E299C9AAC72363C4518E1D827
              Malicious:false
              Reputation:unknown
              Preview:.......4.d...J.....'java/lang/UnsupportedOperationException......X...[Ljava/lang/Object;...Ljava/lang/Throwable;...g..,(Ljava/lang/Throwable;)Ljava/lang/Throwable;...G/g...................C..:(Ljava/lang/Object;[Ljava/lang/Object;I)Ljava/lang/Object;.............java/lang/Throwable......G..;(Ljava/lang/Object;Ljava/lang/Object;[Ljava/lang/Object;I)V.............(FS)I...java/lang/Float......o..;(FLjava/lang/Object;[Ljava/lang/Object;I)Ljava/lang/Object;.............java/lang/Number.. ...intValue...()I..".#..!.$...a..Z(Ljava/nio/file/Path;Ljava/nio/file/Path;[Ljava/nio/file/CopyOption;I)Ljava/nio/file/Path;..+java/lang/reflect/InvocationTargetException..(...java/nio/file/Files..*...Z..p(Ljava/lang/Object;Ljava/lang/Object;Ljava/lang/Object;Ljava/lang/Object;[Ljava/lang/Object;I)Ljava/lang/Object;..,.-........java/nio/file/Path..0...[Ljava/nio/file/CopyOption;..2......v..H(Ljava/io/InputStream;Ljava/nio/file/Path;[Ljava/nio/file/CopyOption;S)J...longValue...()J..7.8..!.9...<init>...(Ljava

              C:\jar\META-INF\MANIFEST.MF

              Download File
              Process:C:\Windows\System32\7za.exe
              File Type:ASCII text
              Category:dropped
              Size (bytes):56
              Entropy (8bit):4.3223814310563275
              Encrypted:false
              SSDEEP:
              MD5:19D6F7BE6B9650BB8A7D123D9AF140CA
              SHA1:236DC438C740CA47CDAD38B4E8A11DC68C2BC617
              SHA-256:B259CA872262845D624924A7160E43705D1294E4F1BD76B9B002B96A731C2B13
              SHA-512:B49B5EEFF707E64906FE53283C92ADCE3F6429C7ECAD62F8401FB55423FD23B66E2DDFD7035978EBA681504C50563105F9282E72F4B90B45725F9FE39D169029
              Malicious:false
              Reputation:unknown
              Preview:Manifest-Version: 1.0.Main-Class: trower.Class-Path: ...

              C:\jar\X.class

              Download File
              Process:C:\Windows\System32\7za.exe
              File Type:compiled Java class data, version 52.0 (Java 1.8)
              Category:dropped
              Size (bytes):0
              Entropy (8bit):0.0
              Encrypted:false
              SSDEEP:
              MD5:93C681545707D0FA737F9E2CED053B53
              SHA1:2AAA1D469798B58E30A51CEB3572CFDDC8BBE6B4
              SHA-256:0E7085A7F954AB18345BC1E9660314D57039F46D56C5D1678CE2627433B1E593
              SHA-512:1A4AEBABE29ECE9A57F14362D6642225363D26B5DDB4098673B7803E42CAE13C0E0A593F89462C3BD049E4B106219847A6E407CCE64F77C1714CE03E0A17128B
              Malicious:false
              Reputation:unknown
              Preview:.......4.G...X......java/lang/Object......Ljava/lang/reflect/Field;...g..%(Ljava/lang/Class;I)Ljava/lang/Class;..$java/lang/CloneNotSupportedException.....+java/lang/reflect/InvocationTargetException......java/lang/Class......getInterfaces...()[Ljava/lang/Class;.......................getSuperclass...()Ljava/lang/Class;.............getName...()Ljava/lang/String;.............java/lang/String......hashCode...()I......... .."net/branchlock/layout/references/X.."...M...Ljava/lang/Throwable;..$.%..#.&...[Ljava/lang/Class;..(...S..M(Ljava/lang/Object;CLjava/lang/Object;[Ljava/lang/Object;I)Ljava/lang/Object;...java/lang/reflect/Method..,...java/lang/Character......valueOf...(C)Ljava/lang/Character;..0.1../.2...K..d(Ljava/lang/reflect/Method;Ljava/lang/Object;Ljava/lang/Object;Ljava/lang/Object;)Ljava/lang/Object;..4.5....6...java/lang/Number..8...longValue...()J..:.;..9.<...y...(JLjava/lang/Class;)Ljava/lang/reflect/Method;..>.?....@...java/lang/Throwable..B...W..q(Ljava/lang/Object;Ljava/lan

              C:\jar\_html__img src=_http_\__.class

              Download File
              Process:C:\Windows\System32\7za.exe
              File Type:compiled Java class data, version 52.0 (Java 1.8)
              Category:dropped
              Size (bytes):100
              Entropy (8bit):4.669051362478503
              Encrypted:false
              SSDEEP:
              MD5:D00A3614372F754698D56742CC828CCA
              SHA1:125839E99F42BFCB50591EBDD7F63D140137F105
              SHA-256:FF7E19C51ACFFC9536A95363BAA8907A1451DD47EF198FBB97F7CCCDCCEC7DB6
              SHA-512:62F21366D93775AAF8169B886AD12BCFDD1E90D2A9EAB032C42EAD71555EE3E79ACA623BFF71520B52966C43626937E8E701EDC8AA211CF7A554C77A8B77E3A0
              Malicious:false
              Reputation:unknown
              Preview:.......4.....<html><img src="http:\">......java/lang/Object......<init>...(Z)V......................

              C:\jar\g.class

              Download File
              Process:C:\Windows\System32\7za.exe
              File Type:compiled Java class data, version 52.0 (Java 1.8)
              Category:dropped
              Size (bytes):927
              Entropy (8bit):5.304923559398452
              Encrypted:false
              SSDEEP:
              MD5:FACE0D0C3AD39AECEF2880F36E156ADB
              SHA1:58C597221E34F1BA0735FF7D797C436073813E0C
              SHA-256:B5103DCB373D9C6461B76D27001B9596507678E28FFB198190CC886B408D4B78
              SHA-512:284882E7079145BC2FE291EB168F480B31308E3D79A637B8FCD5757899FE15B666DCC4C6EE96FD0A565907E0FAF278CE9CF779F29EE6828E18B9E1DBE13165C0
              Malicious:false
              Reputation:unknown
              Preview:.......4.@...G......java/io/BufferedReader......X...[Ljava/lang/Object;...J...(I)Z...java/awt/Desktop...................M..:(Ljava/lang/Object;[Ljava/lang/Object;I)Ljava/lang/Object;.............java/lang/Boolean......booleanValue...()Z.............<clinit>...()V...java/lang/Object....5G..k......java/lang/Long......valueOf...(J)Ljava/lang/Long;.. .!...."...^.......v...()Ljava/lang/String;...readLine..(.'....)...close..+......,...<init>...(Ljava/io/Reader;)V..../....0...g...(Ljava/lang/String;IC)I...java/lang/Integer..4..M(Ljava/lang/Object;ILjava/lang/Object;[Ljava/lang/Object;I)Ljava/lang/Object;....6....7...java/lang/Number..9...intValue...()I..;.<..:.=...Code.............................?..................2.......................?...&............Y......#SY...$..#S...........&.'...?............*..*..............?............*..-........../...?............*+..1........2.3...?............*..5....l..8..:..>.......

              C:\jar\net\branchlock\layout\references\F.class

              Download File
              Process:C:\Windows\System32\7za.exe
              File Type:compiled Java class data, version 52.0 (Java 1.8)
              Category:dropped
              Size (bytes):104
              Entropy (8bit):4.40421610287363
              Encrypted:false
              SSDEEP:
              MD5:7C0AAD60D9A887897B3563E37CFDAF48
              SHA1:BC4B3E861751C2AE4AF1FB1CF33B54016B9BE768
              SHA-256:3AAECB0973EDE808479C38A60BCF9BB263583251CED7B182C7114227A1E06794
              SHA-512:4E2EDC1E67F04297FE6F1D9EA3A2361A3C110509033FAE9689B9095005BEC5C02AC8247CC2A28FDDB023F3654CD3BB4D13E079C9F7C0EBB231F1B864562BFB76
              Malicious:false
              Reputation:unknown
              Preview:.......4...."net/branchlock/layout/references/F....."net/branchlock/layout/references/J.................

              C:\jar\net\branchlock\layout\references\J.class

              Download File
              Process:C:\Windows\System32\7za.exe
              File Type:compiled Java class data, version 52.0 (Java 1.8)
              Category:dropped
              Size (bytes):0
              Entropy (8bit):0.0
              Encrypted:false
              SSDEEP:
              MD5:C773134F2961F92EC4D4C7376A188EAC
              SHA1:4A8FB78B89671DBC2A8EF3F85C18B411C5738B60
              SHA-256:1057DC7DF9A7069EACF3AB5E1F3A811A40BFDF59959A012888C050020E68B13B
              SHA-512:A6B498A7420B7900CC1067D79EF965418A3A78B825539C197DE6C67A2DCE7A0076B07197E699231DF8E68FB8B0D806CFB2A52CF7F47050D8BDEF9BFDCD193A08
              Malicious:false
              Reputation:unknown
              Preview:.......4...."net/branchlock/layout/references/J....."net/branchlock/layout/references/Q.................

              C:\jar\net\branchlock\layout\references\Q.class

              Download File
              Process:C:\Windows\System32\7za.exe
              File Type:compiled Java class data, version 52.0 (Java 1.8)
              Category:dropped
              Size (bytes):104
              Entropy (8bit):4.40421610287363
              Encrypted:false
              SSDEEP:
              MD5:9C2C21B7B02F650876C7C0A37899F105
              SHA1:1B2C6B209B8998B40331B9F4CE4FE5C02DF613A5
              SHA-256:FF8259BD3D00DB0CE327ADED0877B44B74EEA9EB0D31D376CFC22769E1375F2A
              SHA-512:9CBC6EB8360CC32D53B1E057B8F85529EC5CDFE9C66343326BC7E3B67D7CD28FD7070EC1E4C13BEB72DE5B1354DD00DC04CFA176338E7C64B3F5E79B484E8EA0
              Malicious:false
              Reputation:unknown
              Preview:.......4...."net/branchlock/layout/references/Q....."net/branchlock/layout/references/F.................

              C:\jar\net\branchlock\layout\references\X.class

              Download File
              Process:C:\Windows\System32\7za.exe
              File Type:compiled Java class data, version 52.0 (Java 1.8)
              Category:dropped
              Size (bytes):0
              Entropy (8bit):0.0
              Encrypted:false
              SSDEEP:
              MD5:36002F883492B1165D7ECADBEAADAAB3
              SHA1:9E2409975E6CAF4DA213C1732EEAD2AE74FEF8DE
              SHA-256:53D903FEF00E7085BF4DF2F035F183F374C515B96FB20149C3F0FC8E607E1979
              SHA-512:25DA99F71370F160D2FE6756C5CCC1F6DC36725866CF7EB2A7A849F9031AED2D2D4EB59C109757C278F48F6B324FFDBF07C0A6D512D29636055C0A19AAF614E3
              Malicious:false
              Reputation:unknown
              Preview:.......4...."net/branchlock/layout/references/X......java/lang/Object......X...Ljava/lang/Throwable;...M..,(Ljava/lang/Throwable;)Ljava/lang/Throwable;.......................Code...StackMapTable.........................................!..............*...*................

              C:\jar\trower.class

              Download File
              Process:C:\Windows\System32\7za.exe
              File Type:compiled Java class data, version 52.0 (Java 1.8)
              Category:dropped
              Size (bytes):0
              Entropy (8bit):0.0
              Encrypted:false
              SSDEEP:
              MD5:94D2D24D45BEAA7FD21817EE2CC312B7
              SHA1:163E785BE441B119EF092F47AD74EA82372B4887
              SHA-256:83F60A7F33B6F42163EB90D03630B516A5F0575155E147EC66C216271F946CDB
              SHA-512:AFD9C52B7EB7B861232FD9A7FF4293F99A6F67EE23B7C178B110D43F4B3F54E46A520CA4E1AFF40E2C5A38E38354196C464BF731D6B218F951A6DE4CC6E62288
              Malicious:false
              Reputation:unknown
              Preview:.......4.....trower......java/lang/Object......h...I...G...Ljava/util/List;...W...[Ljava/lang/String;...v...X...[Ljava/lang/Object;...g...(I)Z...java/lang/Exception..... java/lang/InstantiationException......java/lang/NoSuchMethodException................G/g/v.........L..;(CLjava/lang/Object;[Ljava/lang/Object;I)Ljava/lang/Object;.............java/lang/Runtime............!...m..L(Ljava/lang/Object;Ljava/lang/Object;[Ljava/lang/Object;I)Ljava/lang/Object;..#.$....%...java/lang/Process..'.........V..:(Ljava/lang/Object;[Ljava/lang/Object;I)Ljava/lang/Object;..+.,....-...java/io/InputStream../...<init>...(Ljava/io/InputStream;)V..1.2..*.3...(Ljava/io/Reader;)V..1.5..).6...C..8.,....9...java/util/List..;...java/util/Iterator..=...java/lang/String..?...java/lang/Boolean..A...booleanValue...()Z..C.D..B.E...J..G...u..I.$....J...java/lang/Throwable..L..;(Ljava/lang/Object;Ljava/lang/Object;[Ljava/lang/Object;I)V....N....O.....$(Ljava/lang/String;Ljava/io/File;I)V..+java/lang/reflect/Invocation

              Static File Info

              General

              File type:Zip archive data, at least v2.0 to extract, compression method=deflate
              Entropy (8bit):4.757338922912221
              TrID:
              • Java Archive (13504/1) 62.80%
              • ZIP compressed archive (8000/1) 37.20%
              File name:Mtcn_3259356251.jar
              File size:150'182 bytes
              MD5:7fefa6601ba7798f5a92c4907a04d675
              SHA1:a44d75a42ac89a7d5060578e681f20993eccb76f
              SHA256:3dbba68c10b532ecbd126c1172717d7f6c63d3e3fc4978aa8f58a919269b6374
              SHA512:23f2d336dadbb462c5145518deab13e1ac73cd78aa98e5079d34f0a2a4965d785022dc824138f14cd63ab218c347dc8cf7df795f372021b5e74b99027066505f
              SSDEEP:384:TtEueLDrbKejfr2avpAoPOstr5JUxxx/mxeUly8bWct8A:REueLuUr2OhtfIxxexeUbbfd
              TLSH:B3E375DCF66798E13B0BFDF27B849A9624C56AFCD71B901145612E31C42C43CEE84DAA
              File Content Preview:PK..........*Y................META-INF/MANIFEST.MFUT...@..f.....M..LK-...K-*....R0.3..M...u.I,..R()./O-...t..K2......PK..AU..6...8...PK........Cg*Y............(...net/branchlock/layout/references/F.class;.o.>.....VF...............l.................b}7v.Fb

              File Icon

              Icon Hash:d08c8e8ea2868a54