Overview

overview

3

Static

static

1

MultiMC/MultiMC.exe

windows10-1703-x64

1

MultiMC/Qt5Core.dll

windows10-1703-x64

3

MultiMC/Qt5Gui.dll

windows10-1703-x64

3

MultiMC/Qt...rk.dll

windows10-1703-x64

3

MultiMC/Qt5Svg.dll

windows10-1703-x64

3

MultiMC/Qt...ts.dll

windows10-1703-x64

3

MultiMC/Qt5Xml.dll

windows10-1703-x64

3

MultiMC/ic...on.dll

windows10-1703-x64

1

MultiMC/im...ds.dll

windows10-1703-x64

1

MultiMC/im...if.dll

windows10-1703-x64

1

MultiMC/im...ns.dll

windows10-1703-x64

1

MultiMC/im...co.dll

windows10-1703-x64

1

MultiMC/im...p2.dll

windows10-1703-x64

1

MultiMC/im...eg.dll

windows10-1703-x64

1

MultiMC/im...vg.dll

windows10-1703-x64

1

MultiMC/im...mp.dll

windows10-1703-x64

1

MultiMC/im...bp.dll

windows10-1703-x64

1

MultiMC/ja...ck.jar

windows10-1703-x64

1

MultiMC/ja...ch.jar

windows10-1703-x64

1

MultiMC/li...ic.dll

windows10-1703-x64

3

MultiMC/libeay32.dll

windows10-1703-x64

1

MultiMC/li...-1.dll

windows10-1703-x64

3

MultiMC/libnbt++.dll

windows10-1703-x64

3

MultiMC/li...ow.dll

windows10-1703-x64

3

MultiMC/libssl32.dll

windows10-1703-x64

1

MultiMC/li...-6.dll

windows10-1703-x64

3

MultiMC/li...-1.dll

windows10-1703-x64

1

MultiMC/pl...ws.dll

windows10-1703-x64

1

MultiMC/ssleay32.dll

windows10-1703-x64

1

MultiMC/updater.exe

windows10-1703-x64

1

MultiMC/zlib1.dll

windows10-1703-x64

3

Analysis

  • max time kernel
    47s
  • max time network
    71s
  • platform
    windows10-1703_x64
  • resource
    win10-20220901-en
  • resource tags

    arch:x64arch:x86image:win10-20220901-enlocale:en-usos:windows10-1703-x64system
  • submitted
    14-02-2023 16:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    MultiMC/Qt5Xml.dll

  • Size

    231KB

  • MD5

    1b4d68bd1ab6d7aa5d6581cf255127f1

  • SHA1

    48aa5b89658b17efefe442a0af4ddffefcf8e2f6

  • SHA256

    446208489be0f17f4468f21f877232c3f8488c90a5c177401bc365a5e95083f7

  • SHA512

    b1feaf8907c7d3fd84bf76873ee902be9da6209f137d3bba875f7ec579e92ba8a5253ebcc36f51939b7573d36bc30ec6f24b7317904917081eff6881ada6e402

  • SSDEEP

    6144:1wlgTK3MZNGV5afSrGmN37LIIyOXWqV0yUP+c/zQPfsLESW2Y:1wlgbZNGV5afSrGmN37LIIyOXWqV0yUW

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\MultiMC\Qt5Xml.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:368
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\MultiMC\Qt5Xml.dll,#1
      2⤵
        PID:2120
        • C:\Windows\SysWOW64\WerFault.exe
          C:\Windows\SysWOW64\WerFault.exe -u -p 2120 -s 684
          3⤵
          • Program crash
          PID:4620

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2120-117-0x0000000000000000-mapping.dmp

      Download

    • memory/2120-118-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-119-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-120-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-121-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-122-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-123-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-124-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-125-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-126-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-127-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-128-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-129-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-130-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-131-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-132-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-133-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-134-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-135-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-136-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-138-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-137-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-139-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-140-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-142-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-141-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-144-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-143-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-145-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-147-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-148-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-151-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-152-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-153-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-150-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-149-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-146-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-155-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-154-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-156-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-158-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-160-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-162-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-163-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-161-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-164-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-166-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-165-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-159-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-157-0x0000000077470000-0x00000000775FE000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/2120-167-0x0000000068880000-0x0000000068DAE000-memory.dmp

      Filesize

      5.2MB

      Download