198c817204d7e72e30f7c7778d88c24898e653e54a08bc9ee9e9ecbbe8e79732

Analysis

max time kernel
143s
max time network
148s
platform
windows10-1703_x64
resource
win10-20220901-en
resource tags

arch:x64arch:x86image:win10-20220901-enlocale:en-usos:windows10-1703-x64system
submitted
14-02-2023 16:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

MultiMC/ssleay32.dll
Size

287KB
MD5

fd268b5a640106c279aaecb65a2af5fc
SHA1

bf60d46ecec6c8d1f8e6ee9d1b474e7b71bcbc3e
SHA256

23b83a41105cac582258abcff6ac59f0f3edd7ac05b7a50dc52df0980a7e9e02
SHA512

e5103a1e5b4194eb7d8fc225d3b88633440c288ca0b6daf56c586827cd6d5fcb4eb7b542435d3d7a0b88dfa6d9f336a88ed0b73bebad7e71beea9d8ad0b8d2e6
SSDEEP

6144:1g0GNp9uM1U2G8XDgVKJfFdBRQ5SCsygSsqHsmLv/j/aiJSpyBflGZbQ/q9k+INV:ep9uM1U2G8XDgoJfFdBm5SCsyRsqMmLX

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2172 wrote to memory of 2124	2172	rundll32.exe	15
PID 2172 wrote to memory of 2124	2172	rundll32.exe	15
PID 2172 wrote to memory of 2124	2172	rundll32.exe	15

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\MultiMC\ssleay32.dll,#1
1⤵
- Suspicious use of WriteProcessMemory
PID:2172
- C:\Windows\SysWOW64\rundll32.exe
  rundll32.exe C:\Users\Admin\AppData\Local\Temp\MultiMC\ssleay32.dll,#1
  2⤵
  PID:2124

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2124-120-0x0000000000000000-mapping.dmp

Download
memory/2124-122-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-123-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-124-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-121-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-125-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-126-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-127-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-128-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-130-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-131-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-129-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-132-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-133-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-135-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-136-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-134-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-138-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-140-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-141-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-139-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-143-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-145-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-144-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-142-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-137-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-146-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-147-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-149-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-150-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-152-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-151-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-148-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-153-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-155-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-154-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-156-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-157-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-158-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-160-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-159-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-161-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-162-0x0000000004350000-0x000000000448A000-memory.dmp

Filesize
1.2MB

Download
memory/2124-164-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-165-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-166-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-168-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-167-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-170-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-171-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-169-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download
memory/2124-172-0x0000000077D50000-0x0000000077EDE000-memory.dmp

Filesize
1.6MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads