Overview

overview

7

Static

static

3

Setup_Mult....2.exe

windows7-x64

7

Setup_Mult....2.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    10-10-2023 23:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Setup_MultiMinecraft_Deluxe_v3.3.2.exe

  • Size

    60.9MB

  • MD5

    2882ed8a193f0626b73ba15c4f1154d6

  • SHA1

    904b78c79b999b38fe0d21aad18b0c68584198d0

  • SHA256

    ed8b75e3154e7767dd9cddae858a21cbadc76dc8e83a0c7d3e7bc34bca636c60

  • SHA512

    2868b376da214e9c6fa250bcadc37df31f8060cbbd4bcb0462e93aa0253b29dd1c4026c1ae67897b4285731cae9618047501bd39a43e984376947316980a9179

  • SSDEEP

    1572864:3QcIIb7jQKtw8bFpKsExBKHKiabK9X+Eer50ukw3:3Pz3QKtw8b4xBSKiiB0uR

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Setup_MultiMinecraft_Deluxe_v3.3.2.exe
    "C:\Users\Admin\AppData\Local\Temp\Setup_MultiMinecraft_Deluxe_v3.3.2.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    PID:1696

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\nsyAA25.tmp\nsDialogs.dll
    Filesize

    9KB

    MD5

    48f3e7860e1de2b4e63ec744a5e9582a

    SHA1

    420c64d802a637c75a53efc8f748e1aede3d6dc6

    SHA256

    6bf9cccd8a600f4d442efe201e8c07b49605ba35f49a4b3ab22fa2641748e156

    SHA512

    28716ddea580eeb23d93d1ff6ea0cf79a725e13c8f8a17ec9dfacb1fe29c7981ad84c03aed05663adc52365d63d19ec2f366762d1c685e3a9d93037570c3c583

    Download Submit