Overview

overview

3

Static

static

MultiMC/MultiMC.exe

windows10-1703-x64

3

MultiMC/Qt5Core.dll

windows10-1703-x64

3

MultiMC/Qt5Gui.dll

windows10-1703-x64

3

MultiMC/Qt...rk.dll

windows10-1703-x64

3

MultiMC/Qt5Svg.dll

windows10-1703-x64

3

MultiMC/Qt...ts.dll

windows10-1703-x64

3

MultiMC/Qt5Xml.dll

windows10-1703-x64

3

MultiMC/ic...on.dll

windows10-1703-x64

1

MultiMC/im...if.dll

windows10-1703-x64

1

MultiMC/im...ns.dll

windows10-1703-x64

1

MultiMC/im...co.dll

windows10-1703-x64

1

MultiMC/im...eg.dll

windows10-1703-x64

1

MultiMC/im...vg.dll

windows10-1703-x64

1

MultiMC/im...mp.dll

windows10-1703-x64

1

MultiMC/ja...ck.jar

windows10-1703-x64

1

MultiMC/ja...ch.jar

windows10-1703-x64

1

MultiMC/li...ix.dll

windows10-1703-x64

3

MultiMC/li...++.dll

windows10-1703-x64

3

MultiMC/li...ip.dll

windows10-1703-x64

3

MultiMC/li...ow.dll

windows10-1703-x64

3

MultiMC/libeay32.dll

windows10-1703-x64

1

MultiMC/li...-1.dll

windows10-1703-x64

3

MultiMC/libssp-0.dll

windows10-1703-x64

3

MultiMC/li...-6.dll

windows10-1703-x64

3

MultiMC/li...-1.dll

windows10-1703-x64

1

MultiMC/pl...ws.dll

windows10-1703-x64

1

MultiMC/ssleay32.dll

windows10-1703-x64

1

MultiMC/zlib1.dll

windows10-1703-x64

3

Analysis

  • max time kernel
    52s
  • max time network
    75s
  • platform
    windows10-1703_x64
  • resource
    win10-20220812-en
  • resource tags

    arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system
  • submitted
    05/01/2023, 01:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    MultiMC/libLauncher_rainbow.dll

  • Size

    67KB

  • MD5

    0a9b6d533e16eb5795bd8730bb61e060

  • SHA1

    5ae86c52d44ac0715e81d8ddd17f746a39c71e45

  • SHA256

    3bdb910a160dad572f40d744054585e7164b03065229bb6673832347ca82368e

  • SHA512

    fce04e1eb406c6b6dd161624df1fc4c5fad0d31c982e884183f0e217582240098fa9cc2682afb3ed825dab7602a4a26f4782fe00898746ef6e465897cfbcf66f

  • SSDEEP

    768:kEg24DKoyYH150BEexXfz2xGpsy/a2MaOtRd9P9mg8rO71:kFVD11ij11DM5hP7x

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\MultiMC\libLauncher_rainbow.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2708
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\MultiMC\libLauncher_rainbow.dll,#1
      2⤵
        PID:2748
        • C:\Windows\SysWOW64\WerFault.exe
          C:\Windows\SysWOW64\WerFault.exe -u -p 2748 -s 688
          3⤵
          • Program crash
          PID:64

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2748-116-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-117-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-118-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-119-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-121-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-120-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-122-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-123-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-124-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-125-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-126-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-127-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-129-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-128-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-130-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-132-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-133-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-134-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-131-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-135-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-136-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-137-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-138-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-139-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-140-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-141-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-142-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-144-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-146-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-147-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-149-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-152-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-153-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-155-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-154-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-151-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-156-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-158-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-159-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-161-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-160-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-157-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-162-0x0000000004380000-0x00000000048AF000-memory.dmp

      Filesize

      5.2MB

      Download

    • memory/2748-165-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-166-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-167-0x0000000004380000-0x00000000048AF000-memory.dmp

      Filesize

      5.2MB

      Download

    • memory/2748-150-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-169-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-171-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-170-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-148-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-145-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-143-0x0000000077AD0000-0x0000000077C5E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2748-172-0x0000000004380000-0x00000000048AF000-memory.dmp

      Filesize

      5.2MB

      Download

    • memory/2748-173-0x0000000061940000-0x0000000061EB5000-memory.dmp

      Filesize

      5.5MB

      Download

    • memory/2748-174-0x0000000063400000-0x0000000063415000-memory.dmp

      Filesize

      84KB

      Download