Overview

overview

3

Static

static

1

MultiMC/MultiMC.exe

windows10-1703-x64

1

MultiMC/Qt5Core.dll

windows10-1703-x64

3

MultiMC/Qt5Gui.dll

windows10-1703-x64

3

MultiMC/Qt...rk.dll

windows10-1703-x64

3

MultiMC/Qt5Svg.dll

windows10-1703-x64

3

MultiMC/Qt...ts.dll

windows10-1703-x64

3

MultiMC/Qt5Xml.dll

windows10-1703-x64

3

MultiMC/ic...on.dll

windows10-1703-x64

1

MultiMC/im...ds.dll

windows10-1703-x64

1

MultiMC/im...if.dll

windows10-1703-x64

1

MultiMC/im...ns.dll

windows10-1703-x64

1

MultiMC/im...co.dll

windows10-1703-x64

1

MultiMC/im...p2.dll

windows10-1703-x64

1

MultiMC/im...eg.dll

windows10-1703-x64

1

MultiMC/im...vg.dll

windows10-1703-x64

1

MultiMC/im...mp.dll

windows10-1703-x64

1

MultiMC/im...bp.dll

windows10-1703-x64

1

MultiMC/ja...ck.jar

windows10-1703-x64

1

MultiMC/ja...ch.jar

windows10-1703-x64

1

MultiMC/li...ic.dll

windows10-1703-x64

3

MultiMC/libeay32.dll

windows10-1703-x64

1

MultiMC/li...-1.dll

windows10-1703-x64

3

MultiMC/libnbt++.dll

windows10-1703-x64

3

MultiMC/li...ow.dll

windows10-1703-x64

3

MultiMC/libssl32.dll

windows10-1703-x64

1

MultiMC/li...-6.dll

windows10-1703-x64

3

MultiMC/li...-1.dll

windows10-1703-x64

1

MultiMC/pl...ws.dll

windows10-1703-x64

1

MultiMC/ssleay32.dll

windows10-1703-x64

1

MultiMC/updater.exe

windows10-1703-x64

1

MultiMC/zlib1.dll

windows10-1703-x64

3

Analysis

  • max time kernel
    48s
  • max time network
    60s
  • platform
    windows10-1703_x64
  • resource
    win10-20220812-en
  • resource tags

    arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system
  • submitted
    14/02/2023, 16:59

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    MultiMC/imageformats/qicns.dll

  • Size

    46KB

  • MD5

    5fb2087dc766e4429fc1efabea767304

  • SHA1

    2d3738655ee1de41eeaa25e20e1d6d6b27fb136a

  • SHA256

    b24c87e104f50f785499d2d396abddb02449be1d5f07184cc135843a47f62206

  • SHA512

    c4358d8904c08d030f457d0c011b520c2b1fa4be98aabe580fe7bff30af0bbdb563dc0d432809d84a61a167a2970424dd06f401617f06f7f2eb6b3d6a7504f5a

  • SSDEEP

    768:bOTM3DoBSXLgUoJlYzAVn6yJxgHPCbHlz+w:CS0EbHKlYzAVnVJxgHPCblz

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\MultiMC\imageformats\qicns.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2588
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\MultiMC\imageformats\qicns.dll,#1
      2⤵
        PID:2444

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2444-118-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-119-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-120-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-121-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-122-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-123-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-124-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-126-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-128-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-130-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-131-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-132-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-134-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-136-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-138-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-139-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-137-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-140-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-135-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-142-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-144-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-145-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-147-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-146-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-148-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-143-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-149-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-141-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-150-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-152-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-151-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-153-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-154-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-155-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-133-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-129-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-127-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-125-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-156-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-157-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-158-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-159-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-160-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-161-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-162-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-164-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-166-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-167-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-165-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-163-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2444-168-0x0000000077660000-0x00000000777EE000-memory.dmp

      Filesize

      1.6MB

      Download