Overview

overview

3

Static

static

3

mmc-develop-win32.zip

windows10-1703-x64

1

MultiMC/MultiMC.exe

windows10-1703-x64

1

MultiMC/Qt5Core.dll

windows10-1703-x64

3

MultiMC/Qt5Gui.dll

windows10-1703-x64

3

MultiMC/Qt...rk.dll

windows10-1703-x64

3

MultiMC/Qt5Svg.dll

windows10-1703-x64

3

MultiMC/Qt...ts.dll

windows10-1703-x64

3

MultiMC/Qt5Xml.dll

windows10-1703-x64

3

MultiMC/ic...on.dll

windows10-1703-x64

1

MultiMC/im...if.dll

windows10-1703-x64

1

MultiMC/im...ns.dll

windows10-1703-x64

1

MultiMC/im...co.dll

windows10-1703-x64

1

MultiMC/im...eg.dll

windows10-1703-x64

1

MultiMC/im...vg.dll

windows10-1703-x64

1

MultiMC/im...mp.dll

windows10-1703-x64

1

MultiMC/ja...ck.jar

windows10-1703-x64

1

MultiMC/ja...ch.jar

windows10-1703-x64

1

MultiMC/li...ix.dll

windows10-1703-x64

3

MultiMC/li...++.dll

windows10-1703-x64

3

MultiMC/li....dll.a

windows10-1703-x64

3

MultiMC/li...ip.dll

windows10-1703-x64

3

MultiMC/li...ow.dll

windows10-1703-x64

3

MultiMC/libeay32.dll

windows10-1703-x64

1

MultiMC/li...-1.dll

windows10-1703-x64

3

MultiMC/libssp-0.dll

windows10-1703-x64

3

MultiMC/li...-6.dll

windows10-1703-x64

3

MultiMC/li...-1.dll

windows10-1703-x64

1

MultiMC/pl...ws.dll

windows10-1703-x64

1

MultiMC/qt.conf

windows10-1703-x64

3

MultiMC/ssleay32.dll

windows10-1703-x64

1

MultiMC/zlib1.dll

windows10-1703-x64

1

Analysis

  • max time kernel
    70s
  • max time network
    83s
  • platform
    windows10-1703_x64
  • resource
    win10-20230915-en
  • resource tags

    arch:x64arch:x86image:win10-20230915-enlocale:en-usos:windows10-1703-x64system
  • submitted
    19-09-2023 06:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    MultiMC/libLauncher_nbt++.dll.a

  • Size

    149KB

  • MD5

    d33b558ef7bd4d8617686ba972d581eb

  • SHA1

    962320c340596f5e91d05453a2ee3047d687f563

  • SHA256

    41d0787573ac821be0ce45bcaddc77440a1bb1b9cb077b3c86c39b75b1404b11

  • SHA512

    78d633527999e39f810a619d1a7935455631911cc020a75d05718748d2a511f2a01489fa05d3ff8611abde14d9e66beb96d3f514222e5ba95b800a20c8bd5b0a

  • SSDEEP

    768:DPr973mNxRtPpcfyqL/8Jm3dW0aNfGannAcDutKuKTDGhi4DvA492TSAiAiTHT41:Dr973mP9aKrcRZBgEoo57vYmu

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\MultiMC\libLauncher_nbt++.dll.a
    1⤵
    • Modifies registry class
    PID:836
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:2364

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads