Overview

overview

5

Static

static

1

MinecraftI...er.exe

windows7-x64

3

MinecraftI...er.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    71s
  • max time network
    76s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    08/07/2023, 00:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    MinecraftInstaller.exe

  • Size

    32.2MB

  • MD5

    d03193d3a30ceb126904df28abc953bc

  • SHA1

    9ad806e2ebe4a6f6dd2d48cec1b598505d6e53ea

  • SHA256

    df166846ab3a86b2a797e81ee48377ee5dfb8a2f3091e6344816cfd63316e72b

  • SHA512

    a51d29b1eb3936fa3447aafe365dcee28f18fd6509cfe5d83e66b5ab7f1e0029ef8367c1203944ec93e1289570cc42b656d2c74b35e003b841f43efd336987eb

  • SSDEEP

    393216:Abekuyo9nMK50UGRXLePuq2ZWy/c5zFviMKe2OHmwv9CsTmsueFFza9y:jZn/G4Gqk1cWe2iTVCMue3

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 5 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\MinecraftInstaller.exe
    "C:\Users\Admin\AppData\Local\Temp\MinecraftInstaller.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:2244
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2244 -s 1128
      2⤵
      • Program crash
      PID:2252
  • C:\Windows\explorer.exe
    "C:\Windows\explorer.exe"
    1⤵
      PID:2172
    • C:\Windows\system32\AUDIODG.EXE
      C:\Windows\system32\AUDIODG.EXE 0x5cc
      1⤵
      • Suspicious use of AdjustPrivilegeToken
      PID:2988

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2244-54-0x0000000000980000-0x00000000029BE000-memory.dmp

      Filesize

      32.2MB

      Download

    • memory/2244-55-0x0000000007050000-0x0000000007212000-memory.dmp

      Filesize

      1.8MB

      Download

    • memory/2244-57-0x0000000006B60000-0x0000000006BA0000-memory.dmp

      Filesize

      256KB

      Download