Overview

overview

3

Static

static

1

MultiMC/MultiMC.exe

windows10-1703-x64

1

MultiMC/Qt5Core.dll

windows10-1703-x64

3

MultiMC/Qt5Gui.dll

windows10-1703-x64

3

MultiMC/Qt...rk.dll

windows10-1703-x64

3

MultiMC/Qt5Svg.dll

windows10-1703-x64

3

MultiMC/Qt...ts.dll

windows10-1703-x64

3

MultiMC/Qt5Xml.dll

windows10-1703-x64

3

MultiMC/ic...on.dll

windows10-1703-x64

1

MultiMC/im...ds.dll

windows10-1703-x64

1

MultiMC/im...if.dll

windows10-1703-x64

1

MultiMC/im...ns.dll

windows10-1703-x64

1

MultiMC/im...co.dll

windows10-1703-x64

1

MultiMC/im...p2.dll

windows10-1703-x64

1

MultiMC/im...eg.dll

windows10-1703-x64

1

MultiMC/im...vg.dll

windows10-1703-x64

1

MultiMC/im...mp.dll

windows10-1703-x64

1

MultiMC/im...bp.dll

windows10-1703-x64

1

MultiMC/ja...ck.jar

windows10-1703-x64

1

MultiMC/ja...ch.jar

windows10-1703-x64

1

MultiMC/li...ic.dll

windows10-1703-x64

3

MultiMC/libeay32.dll

windows10-1703-x64

1

MultiMC/li...-1.dll

windows10-1703-x64

3

MultiMC/libnbt++.dll

windows10-1703-x64

3

MultiMC/li...ow.dll

windows10-1703-x64

3

MultiMC/libssl32.dll

windows10-1703-x64

1

MultiMC/li...-6.dll

windows10-1703-x64

3

MultiMC/li...-1.dll

windows10-1703-x64

1

MultiMC/pl...ws.dll

windows10-1703-x64

1

MultiMC/ssleay32.dll

windows10-1703-x64

1

MultiMC/updater.exe

windows10-1703-x64

1

MultiMC/zlib1.dll

windows10-1703-x64

3

Analysis

  • max time kernel
    54s
  • max time network
    147s
  • platform
    windows10-1703_x64
  • resource
    win10-20220812-en
  • resource tags

    arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system
  • submitted
    14/02/2023, 16:59

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    MultiMC/imageformats/qjp2.dll

  • Size

    505KB

  • MD5

    60b07dc1529e6842f6b9e3cdbac80fce

  • SHA1

    fd9d6f1c1d2fe0f977b2d496667a9e18f627c6c0

  • SHA256

    fda79d187a4ad80ed94b10c96bc9f6dd650e9613e8bf2c2971ff57d4955d0e31

  • SHA512

    2dec5073892627cd5f2f0634bc942f14f0a3409adee5ce250201c32e6d68cfc829a8f739b7b3354e991ca94377febacd1cf13e521140f2b2a2c0f9016140ee3a

  • SSDEEP

    6144:8Ui1+Flceaq4r3UpdQtjMzVrkULlYFyiHg+epIGyjH87W4f0kBRSko6l92S4Rpds:I1Umea5weMz/YFy4bG/Kko6l92S

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\MultiMC\imageformats\qjp2.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2700
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\MultiMC\imageformats\qjp2.dll,#1
      2⤵
        PID:2912

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2912-117-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-118-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-119-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-120-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-121-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-122-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-123-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-124-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-125-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-126-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-127-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-128-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-129-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-130-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-131-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-132-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-134-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-133-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-135-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-136-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-137-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-138-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-139-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-140-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-141-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-142-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-145-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-144-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-143-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-146-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-148-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-147-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-149-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-150-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-151-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-152-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-154-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-153-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-155-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-157-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-156-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-158-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-159-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-160-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-163-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-164-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-166-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-165-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-162-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-161-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2912-167-0x0000000077840000-0x00000000779CE000-memory.dmp

      Filesize

      1.6MB

      Download