Overview

overview

3

Static

static

1

MultiMC/MultiMC.exe

windows10-1703-x64

1

MultiMC/Qt5Core.dll

windows10-1703-x64

3

MultiMC/Qt5Gui.dll

windows10-1703-x64

3

MultiMC/Qt...rk.dll

windows10-1703-x64

3

MultiMC/Qt5Svg.dll

windows10-1703-x64

3

MultiMC/Qt...ts.dll

windows10-1703-x64

3

MultiMC/Qt5Xml.dll

windows10-1703-x64

3

MultiMC/ic...on.dll

windows10-1703-x64

1

MultiMC/im...ds.dll

windows10-1703-x64

1

MultiMC/im...if.dll

windows10-1703-x64

1

MultiMC/im...ns.dll

windows10-1703-x64

1

MultiMC/im...co.dll

windows10-1703-x64

1

MultiMC/im...p2.dll

windows10-1703-x64

1

MultiMC/im...eg.dll

windows10-1703-x64

1

MultiMC/im...vg.dll

windows10-1703-x64

1

MultiMC/im...mp.dll

windows10-1703-x64

1

MultiMC/im...bp.dll

windows10-1703-x64

1

MultiMC/ja...ck.jar

windows10-1703-x64

1

MultiMC/ja...ch.jar

windows10-1703-x64

1

MultiMC/li...ic.dll

windows10-1703-x64

3

MultiMC/libeay32.dll

windows10-1703-x64

1

MultiMC/li...-1.dll

windows10-1703-x64

3

MultiMC/libnbt++.dll

windows10-1703-x64

3

MultiMC/li...ow.dll

windows10-1703-x64

3

MultiMC/libssl32.dll

windows10-1703-x64

1

MultiMC/li...-6.dll

windows10-1703-x64

3

MultiMC/li...-1.dll

windows10-1703-x64

1

MultiMC/pl...ws.dll

windows10-1703-x64

1

MultiMC/ssleay32.dll

windows10-1703-x64

1

MultiMC/updater.exe

windows10-1703-x64

1

MultiMC/zlib1.dll

windows10-1703-x64

3

Analysis

  • max time kernel
    70s
  • max time network
    75s
  • platform
    windows10-1703_x64
  • resource
    win10-20220901-en
  • resource tags

    arch:x64arch:x86image:win10-20220901-enlocale:en-usos:windows10-1703-x64system
  • submitted
    14/02/2023, 16:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    MultiMC/libssl32.dll

  • Size

    287KB

  • MD5

    fd268b5a640106c279aaecb65a2af5fc

  • SHA1

    bf60d46ecec6c8d1f8e6ee9d1b474e7b71bcbc3e

  • SHA256

    23b83a41105cac582258abcff6ac59f0f3edd7ac05b7a50dc52df0980a7e9e02

  • SHA512

    e5103a1e5b4194eb7d8fc225d3b88633440c288ca0b6daf56c586827cd6d5fcb4eb7b542435d3d7a0b88dfa6d9f336a88ed0b73bebad7e71beea9d8ad0b8d2e6

  • SSDEEP

    6144:1g0GNp9uM1U2G8XDgVKJfFdBRQ5SCsygSsqHsmLv/j/aiJSpyBflGZbQ/q9k+INV:ep9uM1U2G8XDgoJfFdBm5SCsyRsqMmLX

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\MultiMC\libssl32.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2188
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\MultiMC\libssl32.dll,#1
      2⤵
        PID:2092

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2092-122-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-125-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-126-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-129-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-132-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-133-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-136-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-137-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-140-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-142-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-143-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-144-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-145-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-147-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-148-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-146-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-149-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-150-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-151-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-152-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-141-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-139-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-138-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-135-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-134-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-131-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-130-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-128-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-127-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-153-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-154-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-156-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-155-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-157-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-124-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-158-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-123-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-159-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-160-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-121-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-161-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-162-0x0000000004E10000-0x0000000004F4A000-memory.dmp

      Filesize

      1.2MB

      Download

    • memory/2092-164-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-165-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-166-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-168-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-170-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-172-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-171-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-169-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2092-167-0x00000000779B0000-0x0000000077B3E000-memory.dmp

      Filesize

      1.6MB

      Download