57e8cb376230802d28388425591c80e8ae67ecebdae17eee60e22098d85319c9

Analysis

max time kernel
51s
max time network
58s
platform
windows10-1703_x64
resource
win10-20220812-en
resource tags

arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system
submitted
22-08-2022 07:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Minecraft alt Gen V2/Compilers/MinGW64/bin/windres.exe
Size

1.4MB
MD5

656ea3e44dd98bdddfa28689f433222e
SHA1

866428a060d29bdacbe3d46e6234f815ba276bf4
SHA256

4757d9fc9e1342cfe0387ec0477fcf1996876a266a7eae7a820144c89e4a3a8b
SHA512

fb2e478829fa6e5b99959cf6cebb937e1228a16fc13515e2267833d25096e47c8659daf154273bb84a9c717560f0a9be66de1b3bb4e41659e3c378f60df3e95d

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 9 IoCs

Processes:

windres.execmd.exegcc.exe

description	pid	process	target process
PID 936 wrote to memory of 1504	936	windres.exe	cmd.exe
PID 936 wrote to memory of 1504	936	windres.exe	cmd.exe
PID 936 wrote to memory of 1504	936	windres.exe	cmd.exe
PID 1504 wrote to memory of 1732	1504	cmd.exe	gcc.exe
PID 1504 wrote to memory of 1732	1504	cmd.exe	gcc.exe
PID 1504 wrote to memory of 1732	1504	cmd.exe	gcc.exe
PID 1732 wrote to memory of 2020	1732	gcc.exe	cc1.exe
PID 1732 wrote to memory of 2020	1732	gcc.exe	cc1.exe
PID 1732 wrote to memory of 2020	1732	gcc.exe	cc1.exe

C:\Users\Admin\AppData\Local\Temp\Minecraft alt Gen V2\Compilers\MinGW64\bin\windres.exe
"C:\Users\Admin\AppData\Local\Temp\Minecraft alt Gen V2\Compilers\MinGW64\bin\windres.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:936

C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\Minecraft alt Gen V2\Compilers\MinGW64\bin\gcc" -E -xc -DRC_INVOKED -
2⤵
- Suspicious use of WriteProcessMemory
PID:1504

C:\Users\Admin\AppData\Local\Temp\Minecraft alt Gen V2\Compilers\MinGW64\bin\gcc.exe
"C:\Users\Admin\AppData\Local\Temp\Minecraft alt Gen V2\Compilers\MinGW64\bin\gcc" -E -xc -DRC_INVOKED -
3⤵
- Suspicious use of WriteProcessMemory
PID:1732

C:\Users\Admin\AppData\Local\Temp\Minecraft alt Gen V2\Compilers\MinGW64\libexec\gcc\x86_64-w64-mingw32\4.9.2\cc1.exe
"C:/Users/Admin/AppData/Local/Temp/Minecraft alt Gen V2/Compilers/MinGW64/bin/../libexec/gcc/x86_64-w64-mingw32/4.9.2/cc1.exe" "-E" "-quiet" "-iprefix" "C:/Users/Admin/AppData/Local/Temp/Minecraft alt Gen V2/Compilers/MinGW64/bin/../lib/gcc/x86_64-w64-mingw32/4.9.2/" "-D_REENTRANT" "-D" "RC_INVOKED" "-" "-mtune=generic" "-march=x86-64"
4⤵
PID:2020

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/936-120-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/936-121-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/936-122-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/936-123-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/936-124-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/936-125-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/936-126-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/936-127-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/936-128-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/936-129-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/936-131-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/936-130-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/936-132-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/936-133-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/936-134-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/936-135-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/1504-136-0x0000000000000000-mapping.dmp

Download
memory/1504-137-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/1504-138-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/1504-139-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/1504-140-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/1504-141-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/1504-142-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/1732-143-0x0000000000000000-mapping.dmp

Download
memory/1732-144-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/1732-145-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/1732-146-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/1732-147-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/1732-148-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/1732-149-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/1732-150-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/1732-151-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/1732-152-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/2020-153-0x0000000000000000-mapping.dmp

Download
memory/2020-154-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/2020-155-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/2020-156-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/2020-157-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/2020-158-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/2020-159-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/2020-160-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/2020-161-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/2020-162-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/2020-163-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/2020-164-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/2020-166-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/2020-165-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/2020-167-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/2020-169-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/2020-168-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/2020-170-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/2020-171-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/2020-172-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/2020-174-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/2020-173-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/2020-175-0x0000000077A90000-0x0000000077C1E000-memory.dmp

Filesize
1.6MB

Download
memory/2020-176-0x0000000000400000-0x0000000001149000-memory.dmp

Filesize
13.3MB

Download