Overview

overview

1

Static

static

1

fabric-ins....2.exe

windows7-x64

1

fabric-ins....2.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    129s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    31/03/2023, 05:01

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    fabric-installer-0.10.2.exe

  • Size

    455KB

  • MD5

    542f292400579a171ac5bc10385d178c

  • SHA1

    1154d2f36ecfbd0a57c4b08c61b7c27d00402e94

  • SHA256

    da1f033a16381a3888c30846f6a91e2e663ca165add5c09e8f3cbd0d189a3284

  • SHA512

    d3ba3c674ac99f4f3e62db74cc189e78dd2291938d20d7733fcf6a61351f38e33b2e6f5d4c0a9115800ec24e155edd667d70d05a6a3c80720fc354817f123fbc

  • SSDEEP

    6144:OijIf0fdXQr3fXV8Dd73lOkoJ3tj0XpSYLLkOqSwVEPKIXnuerqh4syabpAyRo:OatADfXV2x/SfOhPKu0fu

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\fabric-installer-0.10.2.exe
    "C:\Users\Admin\AppData\Local\Temp\fabric-installer-0.10.2.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2040
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://fabricmc.net/wiki/player:tutorials:java:windows
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1092
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1092 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:1292

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          61KB

          MD5

          e71c8443ae0bc2e282c73faead0a6dd3

          SHA1

          0c110c1b01e68edfacaeae64781a37b1995fa94b

          SHA256

          95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

          SHA512

          b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          61KB

          MD5

          e71c8443ae0bc2e282c73faead0a6dd3

          SHA1

          0c110c1b01e68edfacaeae64781a37b1995fa94b

          SHA256

          95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

          SHA512

          b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          c3d1ff21abd1a29beeed8a449e4c4d26

          SHA1

          8141445e77685b42a7550033d7a3057659a2d526

          SHA256

          46ff711deb91d5fdb54e867f92a960495482a5c1a0d4082afacc9417b0c122f9

          SHA512

          e1996418eb7f78a2db0026117d4c56f7f003f133ef27c9ea280bc6e173a0a834f9e41a293f7791d119ecd19abf3c29031b1cfe36dc6fa1551ec22b224fa1758a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          d4601359a20ddc0bb34b854ef167761a

          SHA1

          55236a478bfb2d1306cde012857e13b4874b4c6a

          SHA256

          6f6b386ffc7845d4afca07c85381c45e2708314b531afd904b5b1f1a5b42227c

          SHA512

          31e983db5c25f636c309a7562bb411d5997d51772c6db11ee3a09df2909c042eb183071e9de68ad5d1f9d42ed705022e9bb3bdfdb875bb205ac1d9f8506524fb

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          b94d0aaf3270d4ff7c95b84d09445309

          SHA1

          a2bbfd0153deb2d86da2df38423579eacbc43344

          SHA256

          f3fb4f8ee7dff027b7760cc11babf8f5d52f2b9dae60c689ddf3de4d21b411b1

          SHA512

          59dd5852782e574271dde6fc491c77d810fdd43d623b415fedf3a90aef182ea20da08289bde78e80fbc46884a695c54426c040d9fdde4af1a3d64c650185f55e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          9fc81707c4f3c1eaf8e1df4ad0cda609

          SHA1

          7f8463589078a76caac54791ae1f5fb8327dd480

          SHA256

          49f5a9c67deca79f469296a0246df5d8ff16b0ed61dc6854557988bffeea4619

          SHA512

          d6e2089be2d256e6d0f1a432ce19c37cc260648718e44c9e0e0cf78594537da1682d14b0492c70e175ff18071c1ede2d937d8484431d4bedbfd39bf7e6942b7f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          6024d739c58f49cda8ce1f3292e46cb0

          SHA1

          3fe2238f7b60aac1d0e422a13852572d308a112e

          SHA256

          7cc4adf629e0280a3135dde74208320cc27652b2e90b8055c1ff842a3cfbf524

          SHA512

          1350197c80d594242b8037836f32c448b7c23e1b35c28ff9761629e869fb8be4e16b9d688a0ffe68cb501b3d5ba64a83ddb5cdbff4674f363c6d9ceeaf3b1176

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          6024d739c58f49cda8ce1f3292e46cb0

          SHA1

          3fe2238f7b60aac1d0e422a13852572d308a112e

          SHA256

          7cc4adf629e0280a3135dde74208320cc27652b2e90b8055c1ff842a3cfbf524

          SHA512

          1350197c80d594242b8037836f32c448b7c23e1b35c28ff9761629e869fb8be4e16b9d688a0ffe68cb501b3d5ba64a83ddb5cdbff4674f363c6d9ceeaf3b1176

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          3345d9b0a0c18ddbf7f507caa8d30251

          SHA1

          4b5b6db19799bb1924c159596c7f2fca35868715

          SHA256

          82d9b6889f9eae2fc1029c2746d0c768832820306b4b9086c53a472f3765dd77

          SHA512

          2443f9ffb068ae350254c2e46ea532695ee26cf924d2b8d6b3fff9e68256f7b2edeeb189ff195ac91e5f29f7db8b82c756ada1850d9c7fcadc5c72a2cd90e4f0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          abadb65612ac0b127a55c4ed2408cb85

          SHA1

          62a72f51a560cc84b6ed78f73e5907247717d83f

          SHA256

          91a7ab91a118d5347a1f9b4b256fd381b14dd81e2905a9eeec361fea8fd06ffd

          SHA512

          a3a84b178ab2c3b4cc46d1bd2a12626293b14a2f54458bde708dc3f4e4662cc7c676f0ff3632acb6d95c45d2b1011f201943d1be1e6810c32a27f1c59a8f9b1a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          6b28b3ab73e6588e118083027a7e96b8

          SHA1

          a82c5657461cc290b8a400c7a0d33aa248da7fa9

          SHA256

          b0fc4eaa8bb77b437ec725eb51fe91bef0bce4238a0dbfe246d4d17561629017

          SHA512

          a4779906e6ddb775067a69a83189455deeca97b68a40bdab722e219d59a1307d1615a1c98380f272d308cd110b16d2910895b9ba2a2be8e894fe6a3c93be8ef7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          bc6fd19f7d0bd17794aa284b436da181

          SHA1

          6b50fee40896db2e73cfd77fa6a5394e667a25ee

          SHA256

          2d447168be1fa4df8a987577e50b47e311ed5cb1773fdbd4ab2b0ef01b628d16

          SHA512

          491726618e0708c16c6ab1106bba29a46e8a8dcd5d0310c70edbe87ca249f388f529d0c5ac28a03b90f5c18558994cc0bc778a9e8c71c9708fa8cc4bb33e06f3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          458154d1dbcd106b0c90a06569ad411a

          SHA1

          d1a73450cf11c2ac83b9261ab69f363d4e5a2de5

          SHA256

          3d2e66de28daeac7cb4a48222afb51a0723db9b7044a0bc6aaa61057e348ec1a

          SHA512

          533e5cbef147890d1702025d003027921570f21b683c5a3af6f5f04b0b67e47b97493ca286e8cec349bf72456f7714a021df262d60e9240d9e6414dc559cba48

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          4cf8095985f6723c3487a1d6195a7cb1

          SHA1

          a3fef9f76c357b0e27529f7abcf32a8aaceb5d42

          SHA256

          6ac32c62badc8a83ccbe8e53a5bc301f3c7b106afeac8da4474a4ebfd3d88b5d

          SHA512

          77185e6b090f7968b6a8303af57bb723e8c9f8da602289e910cf7c9575af9bb78b14ebac32669d0729197d5e80ccb529cc4d09b4c60b3feb0af3e64a64d31d40

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          5b0b3c8260990d976cc9605752d9ab98

          SHA1

          807c462589fc76c74ad78ca92c96ab59920028bd

          SHA256

          69907f06f42eced3725f6bdf036addbbb6ec0b6ceb5045f0382e09068f214f15

          SHA512

          8f95848d093f2d191ba1d802bb8945646e36131c82d9313fd83b2b189ebddcd2ab92c5957ff458b8eef08e992c452f270c2b59de60a1eeccc730a35ea9f3fa29

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          81acd5dfb13fe086d16c6e2e102f2dac

          SHA1

          3444ce4253b5dc2f5309a8a389f262688a57cd8f

          SHA256

          bf8dd9cfbfd6d5e9bf30905b8e7e73e20495c9487f607a162fa695c07021403c

          SHA512

          620230829be12ebd0f55fa1640b68c304de7905f4684e78ee540c07f21b75be136bb4dd997fd7a189b47c5dc97ddfc6db838b6571b6e1d44208c042568132b3b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          65d634ffcadca4db1391138ebb01dfab

          SHA1

          575719b049754138d49b1cd77fe656d87e4d66a4

          SHA256

          0fa70f4d28fa42a90b4920a5bf84340772f5be49c6240a11211219c9c8917dbc

          SHA512

          38a81c3cc5f741b7f966829121d80076895033ebb22f014ae11f75cc6d6c22259c55131d4b0257770b97fea5cdfc68c5365e4d58f37a1bb1d031054eb157139a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          f07e817d58e31f8e407fd08bf4c85434

          SHA1

          17dc5df18d9562158441ca6cf1dcdaf0cb8d301b

          SHA256

          529d9b81fd4768ef5e63a6e12567bc85d9438d128b35ae938ad435dffb429435

          SHA512

          14abf6bac972475984413285d3f771a8776ef14b021d0933ba01b581b2bbd4e2ef69ef8e42bd5b106a00072879788bcba7fb0f9e158fe8f2555cd0846822e04a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          304B

          MD5

          43d8ab1042d1864aa0255dbc762e894f

          SHA1

          ba4d5a040e1218a92fbb2ab428dd0529c304556a

          SHA256

          d7a3931c15bab138d2edeb28e794e980bab0f9ae2fbbd45c2ccdf87d7f7cb95e

          SHA512

          52fe2a551bede3a3be439fbec3f2ec3ce07f71e044e08845679a38e4de03960ce3d10c9226fa80a0bbce775368fd9e2822c5b1c2a00acebe32b23cad772c7854

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\idyde9r\imagestore.dat
          Filesize

          102KB

          MD5

          8257a419629659a26d87cadca0a6a783

          SHA1

          e610ecf5f585dab18ee6f57a9ef31f5155f86efc

          SHA256

          d9d3fd71dbbc2dfacd4e2b2ae76b25d19c354dfeaa40e1acbf0267688d2e2318

          SHA512

          6e124c35a2e608a948600027b3b44fe9ebf29fa5acefe7fe3a802cbb1c6d412820e29fb73ab253ed9af92a702e7c61e468446c68bccf4985e66c76a7a234f907

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\idyde9r\imagestore.dat
          Filesize

          103KB

          MD5

          524c2ece07538486f5afe313f1994785

          SHA1

          41ac7fc2512ef4e1e9ad9d4fa16658acd75633fb

          SHA256

          f380fa564585d74bb4f28571b3b013582cf65c283216269de56f76f8f4702162

          SHA512

          2e5792d365fa685973faf27a562d58d04670a5ba5fd6864ee820be4d2ae98a8a315e6f617e6b1ec317f7c640910ba3bc454182d105245410ceeffbcaaeb590dc

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KIMPJA9E\favicon[2].ico
          Filesize

          98KB

          MD5

          94bed0e172b2d893f1a2e046ed9a9baf

          SHA1

          050d1b4d6752dd973ddb31beca55815e300180b7

          SHA256

          ad44b5a49faee0d955620c627d1710e662893688522e7051dfdae10b42984a27

          SHA512

          515e21806859deee755e617bf1ddb28b363b34e65b4cb6853764e6f53014d405184b6fdf333ae33722d8e7a69b8c93f401c5cacce0e217013237ffa475994fd7

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KIMPJA9E\suggestions[1].en-US
          Filesize

          17KB

          MD5

          5a34cb996293fde2cb7a4ac89587393a

          SHA1

          3c96c993500690d1a77873cd62bc639b3a10653f

          SHA256

          c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

          SHA512

          e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar483F.tmp
          Filesize

          161KB

          MD5

          be2bec6e8c5653136d3e72fe53c98aa3

          SHA1

          a8182d6db17c14671c3d5766c72e58d87c0810de

          SHA256

          1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

          SHA512

          0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\Z7NJJTRY.txt
          Filesize

          600B

          MD5

          8899e9f455f04b7eb65fac0dc9405a07

          SHA1

          0e8aef4374eac0ca0d8986f1eaf470068ddcd2f1

          SHA256

          3462223ee2f2c08816825ed982ca6fdf6add6ed7110d0c7c8ed184b15e7142f9

          SHA512

          2e2fcbf5710b5db07c1c3d9f183810a9a792c33e7682570252e1c4ccf65c4bb3c49f13a123d40695a137eac01d0beace515589d826cb59e891ce01a2c41dc704

          Download Submit