163edff5aec2819e87bde2bbb4369bef309bc395aaf0e5610235152844967631

Sharing

Copy URL

Twitter E-mail

General

Target

mmc-develop-win32.zip
Size

13.5MB
Sample

230228-16xzbsda4w
MD5

07e69bfeb5af8a4e190ecf7fbc7f1709
SHA1

44aaf39bb971d6534621b7507a676768d0f3591c
SHA256

163edff5aec2819e87bde2bbb4369bef309bc395aaf0e5610235152844967631
SHA512

b214030a95eeea4dcdc1d97c5f16e4dc193343f353b3e6ddfa3c4ce139099277dc0e4c05e0c5ba3e5d1497239fd2a7d1a210f84fac7cf1c9211833657a4de291
SSDEEP

393216:2y/mqGJGyinAqB81bhenaWIsjNnaBN9HP:2y/mHJG58NhM0NzRP

Score

8^/10

Malware Config

Targets

- Target
  
  mmc-develop-win32.zip
- Size
  
  13.5MB
- MD5
  
  07e69bfeb5af8a4e190ecf7fbc7f1709
- SHA1
  
  44aaf39bb971d6534621b7507a676768d0f3591c
- SHA256
  
  163edff5aec2819e87bde2bbb4369bef309bc395aaf0e5610235152844967631
- SHA512
  
  b214030a95eeea4dcdc1d97c5f16e4dc193343f353b3e6ddfa3c4ce139099277dc0e4c05e0c5ba3e5d1497239fd2a7d1a210f84fac7cf1c9211833657a4de291
- SSDEEP
  
  393216:2y/mqGJGyinAqB81bhenaWIsjNnaBN9HP:2y/mHJG58NhM0NzRP
Score

1^/10
behavioral1
- Target
  
  MultiMC/MultiMC.exe
- Size
  
  8.8MB
- MD5
  
  b140f2eddebb8f56f15148d64c762c2e
- SHA1
  
  966df1c26fc4f42657549cc35ce5012b9feb09ab
- SHA256
  
  798898fa1695d4144930e58d06529c76235248fd4912531224f57709e2b9466a
- SHA512
  
  e81588e459c9557e5b8b37d57b0b1b9b48b969b390891d7b709271c4161b1dcb3ed03b6210ec8a82a19047e27bab791804b243709369cbebefd5e045b4b7717c
- SSDEEP
  
  196608:F/cYoNpdLZMSv80t/HC+ReI3MhcdyyVfzxXz+5EoAT+SZpVJV0V8eJiVPVVOSBVs:+3XoM/H9FXz+6gkVJV0V8eJiVPVVOSBe
Score

8^/10

adware discovery persistence stealer
- Blocklisted process makes network request
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Modifies file permissions
  discovery
- Registers COM server for autorun
  persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
behavioral2
- Target
  
  MultiMC/Qt5Core.dll
- Size
  
  5.1MB
- MD5
  
  9c31c47941edd8aed4bb51a3be9c6ea2
- SHA1
  
  e83d8c04fec834086a018f8bff01b614ef6e3341
- SHA256
  
  79b83c43af99a9cb72a744ae2262c090227907907e8f2deb937cd4e1f0965e4d
- SHA512
  
  9763960a8118ab558e1a26abef275cddb323449608eb4f8518b82fa67d34ffc1d146f4f6b3e072317d8b0af5e95ca84bcdeca838ec150d4b3ef2e748c0a9d961
- SSDEEP
  
  98304:paO5O7s0XerbbAJIaKSA31cCvErDsNYWZSgkvDFPJsv6tWKFdu9CQlld0:BOoZX8O1cBdUSg8DNJsv6tWKFdu9CQZ
Score

3^/10
behavioral3
- Target
  
  MultiMC/Qt5Gui.dll
- Size
  
  5.4MB
- MD5
  
  03e5f50d7848d9cc2d8d00127ea6e706
- SHA1
  
  30a5fd241e9db476f11235d7a7d650ec23ac97e2
- SHA256
  
  047811d5fecb88e19c6e70aeabac7848599142cfe8aba1a01c0d130dd4f72452
- SHA512
  
  d41c80f85cfbe9779cccb3ad3825917044075b126c866aece157c6b85b418382394cb6a58cd5b2ea386659c042fcebe963131fb2d37ee80c684c1c9154eb9e31
- SSDEEP
  
  98304:TKTu1y8DX4YFi3UIK5f77kyB1ophScU22BhrwRD7e+1X+Q86o:TPTFbFdYhd86
Score

3^/10
behavioral4
- Target
  
  MultiMC/Qt5Network.dll
- Size
  
  1.5MB
- MD5
  
  a72dfd36b9b8c51de93f3c7cca5945ce
- SHA1
  
  1bb6dfcb892b74968f5b8ef26e0027842df20fbf
- SHA256
  
  41fafdcea112cb01edadc0b2c14995d4cf05e4b5fd101a6e196baaa614b228e8
- SHA512
  
  5a38b11928f1319dac7b75cfd8304610f75e0464f26bc44810458e14cc79ca9d1396f55c1c6405baf95e176755a50c8076bcf6b30d05e4fc95607f479b9f9dec
- SSDEEP
  
  49152:ZrURZC+3uELYy60bMcDrGBj3IfTt3yLorAnjhm:FK0+3uEUy6YMcDrGBz
Score

3^/10
behavioral5
- Target
  
  MultiMC/Qt5Svg.dll
- Size
  
  349KB
- MD5
  
  96934c8f93716fb4c5ab7433c3fcf660
- SHA1
  
  e411016b245b77813f8ea5ed9dc8dcf9403ac831
- SHA256
  
  adb44de5a537f5fadb9288e3852189f799ba7b95cef847f2198a8864ab6f063b
- SHA512
  
  bcd231289cf4900886a4a5c55c0584073da36d5dd823ebf6a59986932fdb1cf70ead079fcdc7e9cfd4837e6212eb7037a7b5b7b0704e073b06c6fc4f5dbbc97d
- SSDEEP
  
  6144:GCJ8N/2aVIOLZS5Qyk2MIwe8x1TB3JJ+Wd5J/LCW2V:GCJQ2arZS2yAG8x1TRjDL
Score

3^/10
behavioral6
- Target
  
  MultiMC/Qt5Widgets.dll
- Size
  
  6.2MB
- MD5
  
  501d23a2e5e2f8bb1564ac627f674bc0
- SHA1
  
  84934fea79b0e4c39afc325b48a3dbc64e6d98ef
- SHA256
  
  5c16112f7f7454e2e802f4a18e0b9a9a0086b9ae29bae35892d7d32f3fa81c94
- SHA512
  
  9282c422b289309f74c5af8a5b102791057607ea0e35f0bde41a64c4240cae3f1fac921c3271d55fd22e56a9934db6b535c114244a79debcf8185fc4c094163c
- SSDEEP
  
  98304:wNL3373gY4y8fcLwtFc94OLHa2QmqfbTI7N6WidvtjPvAsSo+AyNBVmcBNx2hXL/:a+yG+yFisM46BJqgxUVs3Xcu6
Score

3^/10
behavioral7
- Target
  
  MultiMC/Qt5Xml.dll
- Size
  
  221KB
- MD5
  
  f09bf12746b7821c7ab1e16ce41e9119
- SHA1
  
  f70368238133e02957e465ae1196f064da69680b
- SHA256
  
  dbdd63614097767943c585c09f08d346500683e308861f583b2589618d491d6a
- SHA512
  
  ff3dfbec1efb9dae085da3b38f1f7b3d59c289137bc18c8330a6ae95471eded0569669dbf9eb83ffb3be03803c6eb248f2999b963614c40719bc953138fe85d5
- SSDEEP
  
  3072:nn7BwPZm8TEGjKh+NPmuWFaDA1w1Bn6PJQD+B6TQtiPVSe00FUAuDl3DF+bDXW2b:uPdjKhY+uWFaDA1jeu6TQtiPWuPW2
Score

3^/10
behavioral8
- Target
  
  MultiMC/iconengines/qsvgicon.dll
- Size
  
  44KB
- MD5
  
  cbb708acdbcfd89e1de38e2c4aa9192a
- SHA1
  
  c9f658b429391876bbfdf8081b3e90d725bb2307
- SHA256
  
  8cb93b212c02fd6d222e985e629df698227323c43b7f0b71be3649aa8cb3cc2f
- SHA512
  
  2bd5a12c236ef1da3e8e002850595c101255e519b66a3a75e6f3a12bdebdd67b54b47b08028695eb8c571bc257f7241cce6351d3cf4d3fd4ed1176965eb02e0f
- SSDEEP
  
  768:xjf6bXA7t029ZxcVeA69Pz47e8J8J80IHN6n61/KWqYTfbiWS:EM5Oc41WW9ghWxbib
Score

1^/10
behavioral9
- Target
  
  MultiMC/imageformats/qgif.dll
- Size
  
  32KB
- MD5
  
  67598fc68a992f106bfad56b22cac886
- SHA1
  
  9285cea038e0f8f10125ca4b724c264b041f4da6
- SHA256
  
  000bbacc0fa451c61413e50b3ef63d3461da422b3425404d8952a52182121b6d
- SHA512
  
  04af56c60969090c4d09fc27fbb8c1d794ab4b6dc9ba3eadc842edca7f68788f7880ec0e533b63dde284511a456dee10814824795915ff492ca01e64e7b86429
- SSDEEP
  
  384:afrulhh3V/N8pXxdQLwfUOWcE7kX80HBFZuTRpIWvTCCz:yMR8ZE4u7qBEIW2Cz
Score

1^/10
behavioral10
- Target
  
  MultiMC/imageformats/qicns.dll
- Size
  
  45KB
- MD5
  
  3b48f732f811ea6ea4fcc18808a7df1e
- SHA1
  
  f924dbd2a760e8b259582a43a0797bda29b3d06f
- SHA256
  
  5da98ac16c329354b1b709b20fcf797f3fbdb8d3e834054568d2ff68e897851d
- SHA512
  
  a1c1eff1357be31172bc340c339ccd31dde7285db3fcbd5c10989af743a8936596b8252ffea1b52c6be6ea06f11b3845268f76e52289dc28896dd26ebf9d1c30
- SSDEEP
  
  768:naEh/izNdGh+UNit6OT80EyJ4kCsIusIGEWBNdk9:aEhfg/8KJjPmQWBNdk
Score

1^/10
behavioral11
- Target
  
  MultiMC/imageformats/qico.dll
- Size
  
  35KB
- MD5
  
  2c32188d9388b06ec91170e4461913ab
- SHA1
  
  082689789ff54cacf94b0f171c762df512c8a786
- SHA256
  
  63f7f73d9bd956ca55b80ce29d24c0a1da1a126885d45473e5779ca78a709dcb
- SHA512
  
  57286e87e9a013229db863c152d41b7af821b8afa7f84259f58f7089a947ca3771d526aada88212fcbb235209b6b504a489a5c43c4ba0b2a77e1f31e882e9262
- SSDEEP
  
  384:JUev3snLkJqIN1v5dqY3M1lNRa16NQkgcPkRu7xR3xr+i1AxwWTTVqI5SEwZY1:l2XqL0IexWkg0k0dR31fWdqqSEwZY1
Score

1^/10
behavioral12
- Target
  
  MultiMC/imageformats/qjpeg.dll
- Size
  
  246KB
- MD5
  
  c228c1486e203d48d9c7d84d0b631e15
- SHA1
  
  1ccdd75d6cd473d00aa17686ec98f509b1e8e360
- SHA256
  
  a55cb801a07932d263c980b14abdb464acd8150b9258260efdf535634bfe9811
- SHA512
  
  a649078738e69572276a37431c495582f933b04701deded8b5f6dd5b3c6d5b9d338ddb242b71659038d324ca74c2a8f2b229c7beba6f16ddea238f2bcbfae870
- SSDEEP
  
  6144:jutAUtpjvlyaX8XZ99bkBRSMArBPkfB917Wu:jutAavlqJMArBPkf
Score

1^/10
behavioral13
- Target
  
  MultiMC/imageformats/qsvg.dll
- Size
  
  28KB
- MD5
  
  7eb5b428de2fd5ce7f361bbf3d6aada4
- SHA1
  
  318acc5132492347727bde7ed70516150144b140
- SHA256
  
  c818b37d77c84e3a9963a761bae3eefc73cccd3485ee6cb1c085c670041e9c59
- SHA512
  
  681fb8a700aee5f44cf1f328c2fea157a98dab12e287f686d408584b5096ac262cb5cd2b2ff1f3c1b6e55d374ade2236118f41ec9c14fbec7014aae0683c1e5d
- SSDEEP
  
  384:0F2Z2Eg8ESscKYkiluz0RdysDv2IWsTmqK5J5:SqESTnDRbWH1J
Score

1^/10
behavioral14
- Target
  
  MultiMC/imageformats/qwbmp.dll
- Size
  
  26KB
- MD5
  
  8e1eb9386572d0c7e62e0230a67ff987
- SHA1
  
  0c26b03c95cacf4ee63aaff2e52e6d732b0aadbe
- SHA256
  
  e7bdd9c34a62b3b46d8e7d224be3f5f7607a27634a8a6fd4f85549869f2d1145
- SHA512
  
  370b990e8cb3652c87190dabbff8440a1fb58282d860ed25b9fb2aac7c1809df176c8d6a4f685ac843fddf52f08cc07c832382eb6ae55ef5c4f3da74adf7a9f9
- SSDEEP
  
  384:Ntm9jnAo9hvpbVDTs16ZHGg3FEE2IWgTrODw9:ejnAoHQzEWOOD
Score

1^/10
behavioral15
- Target
  
  MultiMC/jars/JavaCheck.jar
- Size
  
  1KB
- MD5
  
  f6a7baf52ec11806e4d0fd85b8dddc0b
- SHA1
  
  e9599f3a9abf70191f0cdee7f3dd6a30f4c3498d
- SHA256
  
  7cb6267607897efcd0687951ebfa8badef65a7641abb29cf8ee57bdede9f7275
- SHA512
  
  24866c25b8ae167db360d9d0a466a5a81e7809e721f22538ca3e42cb4af08bb0839f56010960df2cd02d92b3b0a71ae4e8e4832503a3e6e051a41f3a7263e9ba
Score

1^/10
behavioral16
- Target
  
  MultiMC/jars/NewLaunch.jar
- Size
  
  14KB
- MD5
  
  dec966f3b1098a1ef5f7aacdec75bcf2
- SHA1
  
  8a0f6dd04a86f0e5824fb5fbe62dce9f3c8d5dce
- SHA256
  
  cea8d059e8514f63ad51d9eb20500c3da90b1b0c2cd578b1021f8940b4445c0d
- SHA512
  
  ca1589cce5f392a33574dc93a25d4c18ec168db891c4daf5dd04f4cc3de3ff560719eef9d5565edc4f06f1d17bb7bd094fae9745f010acab9909f57ef28d4dfa
- SSDEEP
  
  384:fCoBnP8PB7GtjS9jbvewjAvIK7GO5XbAQpGl3R:qAPLsVbmRAK6OFbVpGlh
Score

1^/10
behavioral17
- Target
  
  MultiMC/libLauncher_iconfix.dll
- Size
  
  127KB
- MD5
  
  84acb289049b167366875f61b5596752
- SHA1
  
  523a7a2d0df5be5e1f0c99cd2c63e4d1db38afa7
- SHA256
  
  055f67a18e58c8637cb2cd8a58f9c05bb942521465954e18722564e0337776be
- SHA512
  
  99f35bf4f0418c0aac19d2e35e29708dc21011ee4adfdabb180c1deefeeb71f0cbaf953584d158c6d6de332a1d9480092de79b42ed0ed8420b3b49370aee7b9d
- SSDEEP
  
  3072:hUhA8S8fo6OjGyy1zWmC00TEUmIKOpS8aNx5tnzgp:KhA8S8fo6OjGJ1zWLTEUmIKOpS8aNx5Q
Score

3^/10
behavioral18
- Target
  
  MultiMC/libLauncher_nbt++.dll
- Size
  
  342KB
- MD5
  
  a8fd1d3ca86576af970775e814578dc0
- SHA1
  
  b600843f2c8ef110fcbb5dd5f57211bbe189056d
- SHA256
  
  0de8b725ff2074290b6c9f5f38a4650b84eaf299456c2dc5cd9e71b1e1962824
- SHA512
  
  48042b9b3f5e6471261f663351b86d5c231cc2158f71cb2cdc3bdc2f667a90175d908b7325b8ab156366eddf037baf788abd6555825a04b90f8f85cb44386cb8
- SSDEEP
  
  6144:eIUgcH0hzdJ8UOxWbc5sCDPB/Qll7a56FBTYb4Y7pHhW6dJjgGoo5Nheff1ByLca:eIUgcH0hGV/Qll7W
Score

3^/10
behavioral19
- Target
  
  MultiMC/libLauncher_nbt++.dll.a
- Size
  
  149KB
- MD5
  
  6c893ff18da6543d0de29b5b4958bac9
- SHA1
  
  9fe8e46e8f47274bdefc44d2ae5647648940ac32
- SHA256
  
  e9de6c05b3f2e1d9a5a7ccf2db0d651914c3fefbabb8e113f1322cc99cf5e93c
- SHA512
  
  7acbeb9225fa74be63d06b999dff1fcc54464519958587f8f8c035c7ca0619781736288346f1b8d4b2d81212b643a5cc7981c8b160254250a9ac9fed3c7eb6c4
- SSDEEP
  
  768:6Pr973mdgwgqQViHriaNUHOw757weHXSuF9ubkKTKuDTkDZ+mVRQDmfRrl7KqulN:ur973mLa6KrsoMMBlV857kYmi
Score

3^/10
behavioral20
- Target
  
  MultiMC/libLauncher_quazip.dll
- Size
  
  313KB
- MD5
  
  f8788af2b64f8dd7a3962719408f0861
- SHA1
  
  1ca888f4dab585b045c00b1cce8220845203b434
- SHA256
  
  cbbd6db578b0c46e510affb519cf189934e416dffa626064c3a91da0e9047341
- SHA512
  
  459f8147081a0f0ec76f2d4acef2b436f7f9f68fb5350147976eaf3c16bc31a1303d499f11eef0eb0dc62fe4a70f0dbe351a528e52c1f09984daa4602d48aca1
- SSDEEP
  
  6144:w2GqFejo44ffwqGOIq/2BPWt8RJhywVapRwT5yM:QqFBF0Oh6T
Score

3^/10
behavioral21
- Target
  
  MultiMC/libLauncher_rainbow.dll
- Size
  
  67KB
- MD5
  
  7d5bf320ae94e523f42e7970a8da3cc7
- SHA1
  
  8407d250a6474dd075bc7e8fc11887bd3552259f
- SHA256
  
  56e324a042caf4f3e9a78b5b50bffc1afbe93b95a041963cb4770bb206b33c88
- SHA512
  
  b499d9b866219f21347382aec31228b31108cc1a4e679bd9f5ce59407bf0b657818dc1d8c261082bccfe26136bf08918ebb8dca0a115e62bef5b604547c3d2ff
- SSDEEP
  
  768:3Eg24DKoyYH150BEexXfz2xGpsy/a2MaOtRd9P9mg8rO71:3FVD11ij11DM5hP7x
Score

3^/10
behavioral22
- Target
  
  MultiMC/libeay32.dll
- Size
  
  2.0MB
- MD5
  
  cbf108307adf8bd4bab6b128d07b9dfd
- SHA1
  
  69a2faf90356c46a19a2062e388217f94c195d47
- SHA256
  
  2f20c026052e5fa19cef41ffe0efcf24d8a0b72b111836b752c5a5233a3bba24
- SHA512
  
  aa4ce9a4a2fbba5c6d79b21c659319ce88b9fae853ab5192e48cbd384bb9211ce52de003bf784aaff0133740bc130675044ca72a1713607554558ead8162b8f0
- SSDEEP
  
  49152:ITREYq/BXaITiJ3AI9r5O55DPy5oEHTcdcFKFRMKMn/0Nq6D/V41G:ITREYq/BXtTiJ3AI9r5O55DPy5oEHXKP
Score

1^/10
behavioral23
- Target
  
  MultiMC/libgcc_s_dw2-1.dll
- Size
  
  117KB
- MD5
  
  fadde43c97607e4445a6f924d851f04e
- SHA1
  
  36c1aa0e1b6d4a322c350f5e502c10c64c203041
- SHA256
  
  f0614835136413217ed3baec9ba22aaac4c37956afcb0209f1f89b7676ae86bc
- SHA512
  
  66f5637419f88070838ed522defad9aa1b46dd4fd8cb045e0292742831520740d152795b6e99770f34061db596019ef3a342a956b541180e78d1c48b2703f42c
- SSDEEP
  
  1536:CxINSJvU82V9dUT4PsXQ+2Q4p2VtjByBzEj6zu3PEhOKeLTxaek:CzmpUkPsXQ+2zsBy9IPEh6Zaek
Score

3^/10
behavioral24
- Target
  
  MultiMC/libssp-0.dll
- Size
  
  18KB
- MD5
  
  d6859975aaf6d3aa92f2d50f6e9876a0
- SHA1
  
  d3cf8dd3f1ab9712e819a33b3827fe02e7732aa8
- SHA256
  
  17329c4c19e8f23cde9c99155eb3f8759f8d2383ad856c32a51b3b9fa2846811
- SHA512
  
  75acc3c020cd7138f5f5e3aac30c6d659a20c6f1bfe3635a6cebae13c4ea0a549994ca65b51f96b8f6042b0e2696e68762ec5a683fd25133729631cf6b43ad15
- SSDEEP
  
  192:dp7WMmYHrucAtBZgcVJRi15SDTiDLbjIq1W8WQjfHTjXtUxmj:/aM5aNMcV30VLbj9sJQ7HXQg
Score

3^/10
behavioral25
- Target
  
  MultiMC/libstdc++-6.dll
- Size
  
  1002KB
- MD5
  
  c283d446b34e75019b81d0981cb11f0d
- SHA1
  
  a6e146975dfc55b0659d09e25b9a69f7cff993dc
- SHA256
  
  f6530962659d0641236a42517a30dc55c4fcb7d30e942c3e820af343798a770d
- SHA512
  
  eb51969a79ee4501c955a81cec9f07e9a39007c1ea69c5021e03ebf3b640d949e19f6e0cd7af969e80ec60ea6b8477804fb76deec2704db503e72906103fea63
- SSDEEP
  
  24576:KSNHTild8LMw2g8XiGkMAZ0dP5Bd+1DT50v4H:7dLM8GkMAQBdih
Score

3^/10
behavioral26
- Target
  
  MultiMC/libwinpthread-1.dll
- Size
  
  48KB
- MD5
  
  d128ae39a79e5d196fc001907b5ec3d1
- SHA1
  
  71de74d0aa93903e0a169c88fd21e0c617f0660a
- SHA256
  
  4195ac1e3a4a8056de42c31d511e0e595772439adba96180b8953ef5f135f7a5
- SHA512
  
  5b32eb7e2f01fb17ed0c4434a525ae3056acddde75c32c5036c18b6f2ffa4cf80cfee9bab4c824ca313e6e33114ea0e761dc8f75db3bbbbe4319c079848a3c06
- SSDEEP
  
  768:NdOT5wjxqOfH36THnf/GcTuI4bOBxZXmVwDI7dTBhkSoFrg22222222222A26wiB:rE5wtqOfX6T/uDIm4xZ2WI7jhkSoFHij
Score

1^/10
behavioral27
- Target
  
  MultiMC/platforms/qwindows.dll
- Size
  
  1.4MB
- MD5
  
  56954e18add3156caba4489616e892dd
- SHA1
  
  36cc60e7da33ac88f4c3bb61f2ddf01d384a73ca
- SHA256
  
  8745fcf14809fccd3acb3e579993cad589a1203d0bd3cb1acd5d3a9bb0e92583
- SHA512
  
  2e72776f03af37bdbd280d475709e0d4f7c1d4f98ff6222b77f26e10c848732d1a2578482c3d51633477c7dbe77e2aed25c117744a958893fc048bb15ee574fc
- SSDEEP
  
  24576:aiKxMPHVBhiCphvSPkcnQXTHr31zvut7Z+rXOA7WIZETX3klg89Ypay:20p/JvutPjTX3klg89Ypay
Score

1^/10
behavioral28
- Target
  
  MultiMC/qt.conf
- Size
  
  1B
- MD5
  
  7215ee9c7d9dc229d2921a40e899ec5f
- SHA1
  
  b858cb282617fb0956d960215c8e84d1ccf909c6
- SHA256
  
  36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
- SHA512
  
  f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768
Score

3^/10
behavioral29
- Target
  
  MultiMC/ssleay32.dll
- Size
  
  435KB
- MD5
  
  2a9639d9287113b49a9bddb878c2938e
- SHA1
  
  c8a60c7d228c0d45640bc9b243281e32e37d3ca0
- SHA256
  
  0f4bb89e47492f2f6c43d851b0ec94f5d60738921efdcec0fb1a0b386904a126
- SHA512
  
  35e9231b4fc9f7841e764953d224e5b550de6d9e09758cafb7b92261fafdb6bec4e10aadd28d65ce0a87632eaa43c544be0c40731123dac695fc76c7dcd2ebb4
- SSDEEP
  
  6144:5qrg0lIeOMz+nhhNH72O8limm1bB/0Ya8QQZiHjDvzHXOi53EZL5hijSdg:B8lfm1bBzhZiHjzK9/IjCg
Score

1^/10
behavioral30
- Target
  
  MultiMC/zlib1.dll
- Size
  
  73KB
- MD5
  
  c7d4d685a0af2a09cbc21cb474358595
- SHA1
  
  b784599c82bb90d5267fd70aaa42acc0c614b5d2
- SHA256
  
  e96b397b499d9eaa3f52eaf496ca8941e80c0ad1544879ccadf02bf2c6a1ecfc
- SHA512
  
  fed2c126a499fae6215e0ef7d76aeec45b60417ed11c7732379d1e92c87e27355fe8753efed86af4f58d52ea695494ef674538192fac1e8a2a114467061a108b
- SSDEEP
  
  1536:+4nToIf2W/nkQRZHaamLQHoIOah7Vryh7IO4cZlIXw6Epb:bTBfHdRZH9mLQHuaBVGn4FXw6E1
Score

3^/10
behavioral31

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

T1060

Browser Extensions

T1176

Privilege Escalation

Defense Evasion

File Permissions Modification

T1222

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Targets

Blocklisted process makes network request

Downloads MZ/PE file

Executes dropped EXE

Loads dropped DLL

Modifies file permissions

Registers COM server for autorun

Adds Run key to start application

Enumerates connected drives

Installs/modifies Browser Helper Object

Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31