Resubmissions

01-04-2023 22:09

230401-1247vaed9x 10

01-04-2023 22:05

230401-1zjs5aed7x 10

01-04-2023 22:01

230401-1xfcxsed6t 10

Analysis

  • max time kernel
    27s
  • max time network
    65s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    01-04-2023 22:01

General

  • Target

    Minecraft.exe

  • Size

    3.3MB

  • MD5

    0501b8eb39f00dcaa3c89ccec2fbde17

  • SHA1

    cb7b82a5d02a2b5ea9c16b5083015c832b556405

  • SHA256

    161ba4c1b21cd20b15573f0ccfc4a5cbab8dedd94c722cd60afb8551d8d91dc2

  • SHA512

    4ab6a3fd31c7551578f07ada264bb93a22eb16f75fdbcfaecf4c0861535a2f631082da5f6003ff9f57fda231e783cbf200caa6a6d6bdefbe08d64f33c67855b3

  • SSDEEP

    49152:FyFWKUkiGqdO+huQ0Mm5aIHdkQ3qBge6jXdTv8JGo2WEWxm5PMdFH0U7T0f6mfb+:FmUkifdnI3eo8Uo2WElEk+

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Minecraft.exe
    "C:\Users\Admin\AppData\Local\Temp\Minecraft.exe"
    1⤵
      PID:1156
    • C:\Windows\explorer.exe
      "C:\Windows\explorer.exe"
      1⤵
        PID:1912
      • C:\Windows\system32\AUDIODG.EXE
        C:\Windows\system32\AUDIODG.EXE 0x528
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:1856

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads