9dda6cfb9cda016c6e01779d2f0477d5af965ec07aaadf6594712d48f75a86f4 | Triage

Submit
Reports

Overview

overview

7

Static

static

1

mc-bots-1.2.5.jar

windows7-x64

1

mc-bots-1.2.5.jar

windows10-2004-x64

7

Resubmissions

18/03/2023, 01:17

230318-bnpgsscg5y 7

18/03/2023, 01:14

230318-bl2pcacg5s 1

Sharing

General

Target

mc-bots-1.2.5.jar
Size

11.5MB
Sample

230318-bnpgsscg5y
MD5

4540f7b1bf517198d3c1f6c4610a8f00
SHA1

ed8fc6acd74ba8c85c8675888bd8b6facd8e22e7
SHA256

9dda6cfb9cda016c6e01779d2f0477d5af965ec07aaadf6594712d48f75a86f4
SHA512

06fd5d51e7896cab749d8df3692a80a27bd51348a052925b3fb99a68f474bab5a9f11de80a8551e2162863be7b2f79d986a6637fe7aab01aa52e37826b73093f
SSDEEP

196608:hvFO3aYf4KPwsyLLzxiHe6g+ha73DmnxW4FfnF/mh5dYi5pSQExspy/PAtrZ:HO3aKwsyLLzxKez+U3iVfnpmh/9pSHsn

Score

7^/10

discovery persistence

Static task

static1

Behavioral task

behavioral1

Sample

mc-bots-1.2.5.jar

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

mc-bots-1.2.5.jar

Resource

win10v2004-20230220-en

discovery persistence

windows10-2004-x64

20 signatures

150 seconds

Malware Config

Targets

- Target
  
  mc-bots-1.2.5.jar
- Size
  
  11.5MB
- MD5
  
  4540f7b1bf517198d3c1f6c4610a8f00
- SHA1
  
  ed8fc6acd74ba8c85c8675888bd8b6facd8e22e7
- SHA256
  
  9dda6cfb9cda016c6e01779d2f0477d5af965ec07aaadf6594712d48f75a86f4
- SHA512
  
  06fd5d51e7896cab749d8df3692a80a27bd51348a052925b3fb99a68f474bab5a9f11de80a8551e2162863be7b2f79d986a6637fe7aab01aa52e37826b73093f
- SSDEEP
  
  196608:hvFO3aYf4KPwsyLLzxiHe6g+ha73DmnxW4FfnF/mh5dYi5pSQExspy/PAtrZ:HO3aKwsyLLzxKez+U3iVfnpmh/9pSHsn
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Modifies system executable filetype association
  persistence
- Registers COM server for autorun
  persistence
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks system information in the registry
  System information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Change Default File Association

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence

© 2018-2025

Terms | Privacy