Overview
overview
10Static
static
7ﱞﱞﱞï...ﱞﱞ
windows10_x64
1ﱞﱞﱞï...ﱞﱞ
windows10_x64
10ﱞﱞﱞï...ﱞﱞ
windows10_x64
3ﱞﱞﱞï...ﱞﱞ
windows10_x64
1ﱞﱞﱞï...ﱞﱞ
windows10_x64
1ﱞﱞﱞï...ﱞﱞ
windows10_x64
1ﱞﱞﱞï...ฺฺ
windows10_x64
1ﱞﱞﱞï...ฺฺ
windows10_x64
10ﱞﱞﱞï...ฺฺ
windows10_x64
3ﱞﱞﱞï...ฺฺ
windows10_x64
1ﱞﱞﱞï...ฺฺ
windows10_x64
1ﱞﱞﱞï...ฺฺ
windows10_x64
1General
-
Target
MINECRAFTHACK.zip.zip
-
Size
1.4MB
-
Sample
210422-vg1pbrcqnx
-
MD5
b7203300ed8fcdbeb0fca38117769211
-
SHA1
307aad4daa0c36da94734425cfb085d9969f8c54
-
SHA256
f352c5a50bd9731e4178ee590fbfbc154f61da150534fdb33bd5f667505181d1
-
SHA512
913c58802e528873a7497a3bc455d93ed5db8b303b5f2f92d531c60cb2494c844623f28658745e5bd31deed7495bac4ab7fdb1fa4d7d8e10e65395767a537be9
Static task
static1
Behavioral task
behavioral1
Sample
API-MS-Win-core-xstate-l2-1-0.dll
Resource
win10v20210408
Behavioral task
behavioral2
Sample
Launcher.exe
Resource
win10v20210410
Behavioral task
behavioral3
Sample
api-ms-win-crt-private-l1-1-0.dll
Resource
win10v20210408
Behavioral task
behavioral4
Sample
chrome_elf.dll
Resource
win10v20210410
Behavioral task
behavioral5
Sample
mtl_libovr.dll
Resource
win10v20210410
Behavioral task
behavioral6
Sample
qwindows.dll
Resource
win10v20210408
Behavioral task
behavioral7
Sample
API-MS-Win-core-xstate-l2-1-0.dll
Resource
win10v20210410
Behavioral task
behavioral8
Sample
Launcher.exe
Resource
win10v20210408
Behavioral task
behavioral9
Sample
api-ms-win-crt-private-l1-1-0.dll
Resource
win10v20210410
Behavioral task
behavioral10
Sample
chrome_elf.dll
Resource
win10v20210408
Behavioral task
behavioral11
Sample
mtl_libovr.dll
Resource
win10v20210410
Behavioral task
behavioral12
Sample
qwindows.dll
Resource
win10v20210410
Malware Config
Targets
-
-
Target
API-MS-Win-core-xstate-l2-1-0.dll
-
Size
19KB
-
MD5
4f50c180c41117cdce24eb15a989945c
-
SHA1
338ca08fab142f2e221975ad36e24622ff636dbb
-
SHA256
c251c228c2e5c551a4df1d06f123f475aa4a1c94350e46e50399f28a1a15e1cb
-
SHA512
11a39943cd2e66acf3c241cd5a03c164bb5f5e484075d6c6420cccead99d0b37b23d833e5995555f15e3d9ce977e388f56bea7210287abcfbe84f654acd992a7
Score1/10 -
-
-
Target
Launcher.exe
-
Size
444KB
-
MD5
38cf4f1737d4cad4cf5e86876e44d57b
-
SHA1
8d1a83c2602cc7eac603b7a1e5bab090ab0a8f4e
-
SHA256
869f7061d2efc0c704b62d63f63df79108a52e0ae5fc412897aa57146d5b5775
-
SHA512
8c388fff4b099839b5df3c15bcc82ff99450660f0ae73f63933cfc6476aeb3572eaa53df57ff30fc7362d6eecdcca2c84258569f02910338e8e67578e9fc74be
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Loads dropped DLL
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
-
-
Target
api-ms-win-crt-private-l1-1-0.dll
-
Size
69KB
-
MD5
50740f0bc326f0637c4166698298d218
-
SHA1
0c33cfe40edd278a692c2e73e941184fd24286d9
-
SHA256
adbb658dd1cbecaca7cc1322b51976f30b36ccf0a751f3bad1f29d350b192c9c
-
SHA512
f1331ab1d52fb681f51546168e9736e2f6163e0706955e85ac9e4544d575d50e6eacd90ea3e49cb8b69da34fe0b621b04661f0b6f09f7ce8ceca50308c263d03
Score3/10 -
-
-
Target
chrome_elf.dll
-
Size
791KB
-
MD5
99e9cafb3759b44c300ffca3cb452a4c
-
SHA1
4d1c0ec777c5a91571b8bae9cd64145a6553b15c
-
SHA256
100e5ab74b87bd6c85e9f7df4b452da23a2cc7033cde149d7f79e6007d4ca6f5
-
SHA512
6c605752a7f3652350fa02bc86ebed15c73562478160b94d564eaac961ae6d75967244a9e41193516c9adfe2e853a6d186de2a9a0c2054653868c41ce1c45299
Score1/10 -
-
-
Target
mtl_libovr.dll
-
Size
186KB
-
MD5
78df2cb7674cda9cbb5f343561e441ba
-
SHA1
3aade10dbf3c51233aa701ad1e12cd17a9dcb722
-
SHA256
2bd310f6f35a756a782bf6be42af297d50fdbca8ce7cb6bc0e2352e70134c67b
-
SHA512
ab5cd2dd701774d78cdf8fdef0a6eecb42ef72ea2ba013802322b141a531c5d182ffb2689607828833b4af97f5b703e8087d8566258989efb9885ebfcbf9ca7c
Score1/10 -
-
-
Target
qwindows.dll
-
Size
1.1MB
-
MD5
98154c945bd4f03456d4d6b7a12edf9b
-
SHA1
a90add5561c1d3f87b407303b769da569b2d742b
-
SHA256
eeff4fb35549b038bc9f46feaecd1e00832a1ab010b3a33754c8512f39e3cad1
-
SHA512
92fa865355a9ef75c6b46d261a5498f1a4f1d91ee98dea6e6a88149fd1dbc14291620ac7dbb317be76f4a9bae7d23f998a49dda42d009205e67e16e0eb36118c
Score1/10 -