6dfeadbd0411202222726bad50f62547246494d82acb1cb8a2a9448541cf3823

Analysis

max time kernel
56s
max time network
62s
platform
windows7_x64
resource
win7-20230220-en
resource tags

arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
submitted
22/04/2023, 21:24

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Minecraft.exe
Size

1.6MB
MD5

046a78d20889a0b96b84646b2e59729f
SHA1

607ecb749d947d8289fac8073f2764b94acf6b98
SHA256

6dfeadbd0411202222726bad50f62547246494d82acb1cb8a2a9448541cf3823
SHA512

7a38ab0fe23baa5a5edef05ce299a33e37a924225d8322d0f1cb7a1e5a0deae83199e52ef8371fc7489e87f99064d497658098539575b0d650beed4d979261fe
SSDEEP

49152:7NtWy+NF1xMO1UgHrnRAST8XrhaRY0T+nqO4P4s:Jzsbrn3T8hiVT+ne4s

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 4 IoCs

pid	Process
1504	javaw.exe
1504	javaw.exe
1504	javaw.exe
1504	javaw.exe

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1428 wrote to memory of 1504	1428	Minecraft.exe	28
PID 1428 wrote to memory of 1504	1428	Minecraft.exe	28
PID 1428 wrote to memory of 1504	1428	Minecraft.exe	28
PID 1428 wrote to memory of 1504	1428	Minecraft.exe	28

C:\Users\Admin\AppData\Local\Temp\Minecraft.exe
"C:\Users\Admin\AppData\Local\Temp\Minecraft.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1428
- C:\Program Files\Java\jre7\bin\javaw.exe
  "C:\Program Files\Java\jre7\bin\javaw.exe" -Xms256m -Xmx512m -jar "C:\Users\Admin\AppData\Local\Temp\Minecraft.exe"
  2⤵
  - Suspicious use of SetWindowsHookEx
  PID:1504

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1428-54-0x0000000000400000-0x0000000000416000-memory.dmp

Filesize
88KB

Download
memory/1504-64-0x0000000000340000-0x0000000000341000-memory.dmp

Filesize
4KB

Download
memory/1504-81-0x0000000000340000-0x0000000000341000-memory.dmp

Filesize
4KB

Download
memory/1504-84-0x0000000000340000-0x0000000000341000-memory.dmp

Filesize
4KB

Download
memory/1504-87-0x00000000003B0000-0x00000000003BA000-memory.dmp

Filesize
40KB

Download
memory/1504-88-0x00000000003B0000-0x00000000003BA000-memory.dmp

Filesize
40KB

Download
memory/1504-92-0x00000000003D0000-0x00000000003DA000-memory.dmp

Filesize
40KB

Download
memory/1504-94-0x0000000000340000-0x0000000000341000-memory.dmp

Filesize
4KB

Download
memory/1504-93-0x00000000003D0000-0x00000000003DA000-memory.dmp

Filesize
40KB

Download
memory/1504-108-0x0000000000340000-0x0000000000341000-memory.dmp

Filesize
4KB

Download
memory/1504-110-0x0000000000340000-0x0000000000341000-memory.dmp

Filesize
4KB

Download
memory/1504-111-0x0000000000340000-0x0000000000341000-memory.dmp

Filesize
4KB

Download
memory/1504-113-0x0000000000340000-0x0000000000341000-memory.dmp

Filesize
4KB

Download
memory/1504-116-0x0000000000340000-0x0000000000341000-memory.dmp

Filesize
4KB

Download
memory/1504-117-0x0000000000340000-0x0000000000341000-memory.dmp

Filesize
4KB

Download
memory/1504-120-0x0000000000340000-0x0000000000341000-memory.dmp

Filesize
4KB

Download
memory/1504-122-0x0000000000340000-0x0000000000341000-memory.dmp

Filesize
4KB

Download
memory/1504-130-0x0000000000340000-0x0000000000341000-memory.dmp

Filesize
4KB

Download
memory/1504-135-0x0000000000340000-0x0000000000341000-memory.dmp

Filesize
4KB

Download
memory/1504-145-0x00000000003B0000-0x00000000003BA000-memory.dmp

Filesize
40KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads