Overview

overview

10

Static

static

Minecraft ....0.exe

windows7_x64

10

Minecraft ....0.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Minecraft_Dungeons_v1.0-v1.5.0.rar

  • Size

    1.3MB

  • Sample

    210329-5dqyz7yhp6

  • MD5

    fd93a05e09df497b0ecc14bbb25dd7b2

  • SHA1

    5df1a5d7ae174878e600e785c4e03b8c0951e17a

  • SHA256

    296d38386d3176443601f1494db4a8dbec3254d4a7625ca25233016b9387d6d6

  • SHA512

    28e06fd6da9b8ded9613fd95ab8d420419d902a99900abfc6213bd42e6046406fa0b33e6d11ce86f09dc51ec04cd277f4aa5595b624b64ceb5a4a91f3419b42b

Score
10/10
r77rootkitspywarestealer

Malware Config

Targets

    • Target

      Minecraft Dungeons v1.0-v1.5.0.exe

    • Size

      1.3MB

    • MD5

      7500541e652d09f6be348ceb12b890ec

    • SHA1

      dabc37870b4a050c440f69daab481c49b5910148

    • SHA256

      d40f5e1c9a29042f8414cf2aedce4624df56a434880dcb6fbc7e25b4601ed4b1

    • SHA512

      b4432c5f882e1a0d54d3c2cd5b4cd904b09668aa7e1d4f75f512062ca91e190e6c9c246ed2225554c7781022c7b41e1864439a1b5781c67ec929b42ef4c206c9

    Score
    10/10
    r77rootkitspywarestealer

    • r77

      r77 is an open-source, userland rootkit.

      rootkitr77

    • r77 rootkit payload

      Detects the payload of the r77 rootkit.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks