meteor-client-1.21.5-6.jar
- Filename:
- meteor-client-1.21.5-6.jar
- md5:
- 35d979d25d756da688673cd128af6603
- sha1:
- 078b775a05632fb27017d39069165fd04756b09c
- sha256:
- 81a754175f1610712c7b33a281b5719212481d9b0f7d3ec945db341da5d828f6
- Filetype:
- Zip archive data, at least v2.0 to extract, compre ...
- Size (Bytes):
- 4609406
- Classification:
- malicious
- Indexed:
- Sun Apr 20 2025 01:04:52 GMT+0000 (5 months ago)
- Last modified:
- Sun Apr 20 2025 10:38:12 GMT+0000 (5 months ago)
Sample information
0
Antivirus detections0
IDS alerts2
Processes0
Http events0
Contacted hosts0
DNS Requests5.8
Score
Current activity of this Sample
Blacklist timeline
First seen: Sun Apr 20 2025 01:15:04 GMT+0000
Last seen: Sun Apr 20 2025 05:15:18 GMT+0000
Period: 4 hours
Last seen: Sun Apr 20 2025 05:15:18 GMT+0000
Period: 4 hours
Hashes
In depth details
Dates
Developers can check API Specification here:
Request:
curl -H "Authorization: Bearer <API_KEY>" https://api.maltiverse.com/sample/81a754175f1610712c7b33a281b5719212481d9b0f7d3ec945db341da5d828f6
Request:
Alternatively you can use Maltiverse Python3 Library:
import requests
import json
url = 'https://api.maltiverse.com/sample/81a754175f1610712c7b33a281b5719212481d9b0f7d3ec945db341da5d828f6'
response = requests.get(url)
print(json.dumps(response.json(), indent=4, sort_keys=True))
Request:
$url = 'https://api.maltiverse.com/sample/81a754175f1610712c7b33a281b5719212481d9b0f7d3ec945db341da5d828f6'
$headers = @{Authorization=("Bearer {0}" -f "<API_KEY>")}
$response = Invoke-RestMethod $url -Headers $headers
Write-Output $response
Response:
{
"blacklist": [
{
"count": 1,
"description": "Generic Malware",
"first_seen": "2025-04-20 01:15:04",
"last_seen": "2025-04-20 05:15:18",
"ref": [
1
],
"source": "Hybrid-Analysis"
}
],
"classification": "malicious",
"creation_time": "2025-04-20 01:04:52",
"filename": [
"meteor-client-1.21.5-6.jar"
],
"filetype": "Zip archive data, at least v2.0 to extract, compre ...",
"is_alive": false,
"is_cdn": false,
"is_cnc": false,
"is_distributing_malware": false,
"is_hosting": false,
"is_iot_threat": false,
"is_known_attacker": false,
"is_known_scanner": false,
"is_mining_pool": false,
"is_open_proxy": false,
"is_phishing": false,
"is_sinkhole": false,
"is_storing_phishing": false,
"is_tor_node": false,
"is_vpn_node": false,
"md5": "35d979d25d756da688673cd128af6603",
"modification_time": "2025-04-20 10:38:12",
"process_list": [
{
"commandline": "-jar \"C:\\meteor-client-1.21.5-6.jar\"",
"name": "javaw.exe",
"normalizedpath": "%PROGRAMFILES%\\Java\\jre-1.8\\bin\\javaw.exe",
"sha256": "800ed0aaa1d2cbe08703d80121c8bc57b96f6e55c550a06bc064c85df0bbd206",
"uid": "00000000-00000108"
},
{
"commandline": "%ALLUSERSPROFILE%\\Oracle\\Java\\.oracle_jre_usage /grant \"everyone\":(OI)(CI)M",
"name": "icacls.exe",
"normalizedpath": "%WINDIR%\\system32\\icacls.exe",
"sha256": "ff5f1b30f739e7a6f0debcc3d8069efef1beedab53f722274d5abf7f104977eb",
"uid": "00000000-00010832"
}
],
"score": 5.8,
"scoring_executed_time": "2025-04-20 10:38:11",
"sha1": "078b775a05632fb27017d39069165fd04756b09c",
"sha256": "81a754175f1610712c7b33a281b5719212481d9b0f7d3ec945db341da5d828f6",
"size": 4609406,
"type": "sample"
}
Process list
- uid
- 00000000-00000108
- commandline
- -jar "C:\meteor-client-1.21.5-6.jar"
- name
- javaw.exe
- normalizedpath
- %PROGRAMFILES%\Java\jre-1.8\bin\javaw.exe
- sha256
- 800ed0aaa1d2cbe08703d80121c8bc57b96f6e55c550a06bc064c85df0bbd206
- uid
- 00000000-00010832
- commandline
- %ALLUSERSPROFILE%\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
- name
- icacls.exe
- normalizedpath
- %WINDIR%\system32\icacls.exe
- sha256
- ff5f1b30f739e7a6f0debcc3d8069efef1beedab53f722274d5abf7f104977eb