Overview

overview

3

Static

static

3

Minecraft ...er.exe

windows7-x64

1

Minecraft ...er.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    72s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    26/05/2023, 01:19

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Minecraft Launcher.exe

  • Size

    4.4MB

  • MD5

    2a28218f9fb5c2cdf962197dfdcb2e60

  • SHA1

    7fce90f1e30040bf2a40fc13c0e0129212eb69df

  • SHA256

    d9ae1300013f6f5f8ba5c28f88b293b0e46b9198fc5b989deefd9bd4ce1fd693

  • SHA512

    6c29e88d7d19d3e89345f618b8cef3879575a76a6fd0543dfba5c3940d63af8b62c831eaa87041e6daa80a77e2397f82c8caffa15a7bb768a716e72f26f3747b

  • SSDEEP

    98304:lpAf4XRdKQPVeF8/YsarHUr1QnjraTLhCf8jAsy:lO2RLPVGNsarHd3a3hCf8jAsy

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Minecraft Launcher.exe
    "C:\Users\Admin\AppData\Local\Temp\Minecraft Launcher.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1544
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://adoptium.net/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1732
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1732 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:1860

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          62KB

          MD5

          3ac860860707baaf32469fa7cc7c0192

          SHA1

          c33c2acdaba0e6fa41fd2f00f186804722477639

          SHA256

          d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

          SHA512

          d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          62KB

          MD5

          3ac860860707baaf32469fa7cc7c0192

          SHA1

          c33c2acdaba0e6fa41fd2f00f186804722477639

          SHA256

          d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

          SHA512

          d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          d561ae70c47be20318a6794f34048e88

          SHA1

          f6f9b9f667c9e8ed85bf0fcbc86fe87af97eb0e3

          SHA256

          b29c4725d5abc1053b9b1d2c31dafea1836ec667ed7bb50a10baf16f6ccd8681

          SHA512

          b2d1b71e0ee1f918f5740a48c6d502bb97aca560c42a97b18059390d02131acbc94c8145f69de6d18f8f3853cfca7690f1e415a4a90b22577a9266ebdc62a5e4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          52ec6b16a710f6b87e5445b4b2379baf

          SHA1

          34f591fea99b8a12658a15eaf1cdc3c30e88d01a

          SHA256

          5e52026b9f0d9ebbaf137d46df612e78e9207761523707387d37d405e919547b

          SHA512

          15fa3a43f332a74114e0628fefc1490598adfedac660007858baf031eda599a29106b82468da72fdff6c3f3daaace6778110692c0536c28c382f09d7bb84d8a5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          50b52c5cdf27bb7eaea6e35d72465edb

          SHA1

          794194456eea90d74d77da81baae4e839a27bae8

          SHA256

          9b94fa4b180081b918ac6b4f5a6e25b143a7b5bdad609ddd86a1031f3df8cd90

          SHA512

          56d24a0e3321fe6cb0b1b55f3ca7adb81fb43127a505472475bbe12339419e6f2bffaa0a39b086941cd5a5878e3b10146d8776f35362d4fda0b29d891baf9564

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          68268808fe3d13d04b2a5a9407fd9e47

          SHA1

          626f8e8bc27a6ebbe48dcf64c563ade51f38c93e

          SHA256

          6809b44eee4921462ac35a11852b170e38a90bf1d911126b0d229c819eb2b349

          SHA512

          ac8c9570b9c8b6d64ebdd4471e9f39af460fb9f611eae04309e51dcebd5a492ff3c9f1a033fca2385911c427fcca1e501fde82f4397777cb8c96cd66763ae131

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          914b67a432413315e9fffad6344ff39b

          SHA1

          f7ac6b18742b02168c9ad38f24f46ed0c70cc991

          SHA256

          e0065aab3fbada35f619fb2961fa9d15ede2f3928a63ce66157ae858b01e2146

          SHA512

          c8d5eb0322a9e4b39283f628c63d4025df164f6b96df1ce656106dd81060111ea943b92d8b89bc74869418649cb607da045ef33a14cd3693e24ac5efa0715596

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          210bdc00c1870e5a8b01ebaefc09e663

          SHA1

          e4fa1a7a3726827659e938d1c0e7f58e9adfb3dc

          SHA256

          ea56165c560b59f2bd5f6464423fe7547b5c5246802a39a26292d22b6151cb1a

          SHA512

          4261da699d8d348c9c6c47c286f4786151758b132c097df5278447d0f5c526d4fd0b96c884572adc5f76a3a387bbac19e4a6429164ebb5a5844c58d1ffb525bc

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          2d52186f2e866ae5d035c77145d3a9eb

          SHA1

          bfe3ccb4b3865f63734f0cea70a44e011a063a18

          SHA256

          44b9bfb0077989c6d32ea053dc8a4850e27787a1f6847614381722688319a9ee

          SHA512

          04e0d4eb9dc3959a7d492842cae3fa40fbd35dda9f42d460fcf18d59fc96a92ce443ee977279901a2ed2447e6123b017f328beb60d19726714eb0b1369fe57f0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          1b4e0176786732715d3e6b14971c3a91

          SHA1

          bd421f0703b8f16c341c75ed4b8fb3778856f844

          SHA256

          70b043bfd3550ef64dfff2b05bb60e3eaa0c8bc81f56897e5a7683e0724de2a7

          SHA512

          a70e1efefdb85e575906a394f4b446c245663690d4c07c270edbf2e151d21b0ed62e30918f7fd281b18be408ec23c70eeb2316836951c0e0a0f083d9eaade00f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          a306c09bfe86479ce2243fa0cf4c98cb

          SHA1

          440db9ba52617e5ba60b5b4d054cc567cbf84d02

          SHA256

          6d79f7f9eab1eb3637cb9a36af4d72d283710f8fd50bc4a8ee97ecd4b1f81884

          SHA512

          7e26b7dbb5014272c21722437deb1ca8ab4741a08145a455e256570ccd2c4f79dc5facf726301aaad4abb2854d204498944bfb3017e578ad07805bca4862edb9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          fc54921cc34d4eed1aad5407f1a8e663

          SHA1

          0c7de379ff82e822e1475535d9279086f7575ddf

          SHA256

          121b54947a6411a02c64111afbb035b3aeaa7f45efa26129dcab711b8e163da2

          SHA512

          8be224f526dd11d4b0a9cf1449dc45ac0af1ef23e3d6c76f2ebd2b104a85a05bc8adb5e1e310e14d1d993b818a3581aec2e0fa2e41d81548d60c3afb67f8a691

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          c388bd77fd49e8de1c6cdfd8afa3995d

          SHA1

          4caed2bdb957e2fa6fc4ea7f333bc21390d5d7cd

          SHA256

          449ab2cffc8a32ba9816270e84f22e770bfe8b9b8da5f0324a86efb49671c60f

          SHA512

          2f3bbcd78c98c42ecf99c086b6db182b9a1469a7f339e6bb108a0e6220430ab0721628251dcdb07ae74bb089616795a84bb30f3c4127996d9898129a16853313

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          f7c3f0a7833a35959315e43375981c34

          SHA1

          1e486f686f7583b4c2a3d6766493456b27111476

          SHA256

          00f4f3b6dd0402d30bcd2790585f5528afa5380e73634f88b343bc5d1e7a8740

          SHA512

          a6ae14eb861128c08f3404c55d2636b74602040949d311af11c172525eb48faa5a61d70444235e2e9d9d88df7fde9a52fcd34cc23414ec6b9e2db97637c533c9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          e4e07ceb73e3f519430cdadbb98e1349

          SHA1

          e4089ef500685e512aa7f284d4d2c8aca9fb337b

          SHA256

          ba0d2936b5bc5a7cea5f759c22cdb8af98df680c073ff46f91613aa99a28c70c

          SHA512

          c3fee62d400e093dad91b26ac17cb98f8d1007853f8b82ce4357216727a2217956657bc6b358007c0bfda22e201a6496f4fc18d5b3c495c7711ab81f9d53a8c2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          ce3ffde81e5d2a58fe932a54c9aa9e61

          SHA1

          ac44b4c00efa162a6bb6b0f7957d01b715ae23dc

          SHA256

          f50e8e29369b3ce386de77502ab6827e1baa81b35de8e1e5b1d2611941aac891

          SHA512

          b3924c8c9fb4b57131323e26b51f04e5954f20ed62d11af6980d2f1d5d5da62de2af8791aa66fe2715b72cfdc06a01dd7a8c5ae60675156908e2beea795496f1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          104e14ced5036742f5110a4bd25121c2

          SHA1

          053e3133cd6b69e519f56b405688944d229b6eba

          SHA256

          b3f0069a5482b72745fb647ddeaf06416852f3f2619c63da60f423a7ef6683a1

          SHA512

          037c0a92f1eb45a989630cdcb2b4cb819de4b41235448e5dc4798c02c62d71240905be9317811e8d4b67920e58511f36c461c83911f45ecfb589a7429cfaf10a

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\jo5ozfo\imagestore.dat
          Filesize

          7KB

          MD5

          c88458897826aebe5aab08b3764085da

          SHA1

          863c09abbcac94c3f93263a7cf8725ff5aecc77b

          SHA256

          8b539e870f282d90a49a66be91976c702ff5d8373e7e8f4151b6f368c8669025

          SHA512

          de2a8200a7cd6bd80a3f887c352777e9cd50a1b710435b13ffcfaf5545b91081f6655e776cc5c03a6788808c46f813ac5a5d5cb66125bfd7d32d7154b459d3a5

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BA5D7P93\suggestions[1].en-US
          Filesize

          17KB

          MD5

          5a34cb996293fde2cb7a4ac89587393a

          SHA1

          3c96c993500690d1a77873cd62bc639b3a10653f

          SHA256

          c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

          SHA512

          e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TOS3MI7U\favicon-32x32[1].png
          Filesize

          2KB

          MD5

          df4253088bb850c76f81c91db284d4f7

          SHA1

          46e3e3c42a159f22038d86bf39fbde118c91dcbf

          SHA256

          590d33ce64b321c321644bc8c840c354257371f8c247f776b788a5ce2c9bbc72

          SHA512

          7804f8507d35adc2a3f65a4fb017bc50219fd2ee326693dfc5011cc9e22df61f50533ee7eb597133ac69e502683b7089df89735f03e11807a4724564061b0b22

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab44EF.tmp
          Filesize

          61KB

          MD5

          fc4666cbca561e864e7fdf883a9e6661

          SHA1

          2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

          SHA256

          10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

          SHA512

          c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar4766.tmp
          Filesize

          164KB

          MD5

          4ff65ad929cd9a367680e0e5b1c08166

          SHA1

          c0af0d4396bd1f15c45f39d3b849ba444233b3a2

          SHA256

          c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

          SHA512

          f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\K4M4RPYX.txt
          Filesize

          603B

          MD5

          d29f4968cc697c69a928df39bdfb5a5f

          SHA1

          69b3e5ae1b8e56ea8e6e31e8c5c14fba7376d250

          SHA256

          3c83b3ec6a6ff31c2011135e0cfe3b9529d5122a116297e801ec309e9f04ced9

          SHA512

          6017ffad03b14b84c79999b5feed83a83c7280db1ee16e18ff813626372d7c02247676b91ed05bb950b76407b7905349a7d5797fb3aef716fbb1dd86b3447523

          Download Submit

        • memory/1544-54-0x0000000000400000-0x0000000000421000-memory.dmp

          Filesize

          132KB

          Download