Overview

overview

3

Static

static

1

Mizunos 16...2).zip

windows7-x64

1

Mizunos 16...2).zip

windows10-2004-x64

1

Mizunos 16...05.zip

windows7-x64

1

Mizunos 16...05.zip

windows10-2004-x64

1

assets/min...e.json

windows7-x64

3

assets/min...e.json

windows10-2004-x64

3

assets/min...e.json

windows7-x64

3

assets/min...e.json

windows10-2004-x64

3

assets/min...b.json

windows7-x64

3

assets/min...b.json

windows10-2004-x64

3

assets/min...s.json

windows7-x64

3

assets/min...s.json

windows10-2004-x64

3

assets/min...b.json

windows7-x64

3

assets/min...b.json

windows10-2004-x64

3

assets/min...b.json

windows7-x64

3

assets/min...b.json

windows10-2004-x64

3

assets/min...b.json

windows7-x64

3

assets/min...b.json

windows10-2004-x64

3

assets/min...e.json

windows7-x64

3

assets/min...e.json

windows10-2004-x64

3

assets/min...e.json

windows7-x64

3

assets/min...e.json

windows10-2004-x64

3

assets/min...b.json

windows7-x64

3

assets/min...b.json

windows10-2004-x64

3

assets/min...b.json

windows7-x64

3

assets/min...b.json

windows10-2004-x64

3

assets/min...f.json

windows7-x64

3

assets/min...f.json

windows10-2004-x64

3

assets/min...b.json

windows7-x64

3

assets/min...b.json

windows10-2004-x64

3

assets/min...e.json

windows7-x64

3

assets/min...e.json

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    08/01/2024, 22:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    assets/minecraft/blockstates/acacia_fence_gate.json

  • Size

    1KB

  • MD5

    2f6b37229e74e969e47967f0c9cc41d2

  • SHA1

    dc93beaf28bb733b934524e7fd27a625128c0fd8

  • SHA256

    f5462264bf2ad727585c81869edb95255155524d81abe13af4ea9f63e5bc68cc

  • SHA512

    68b4560ce70c9c6ee829a3f5d90199b27d065825373e1a974e6a83841754d4d66a6ee74e38ab0bae86ccfdca39cf2aaec46e24c0ad76c42c575adf7b3baf9e20

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 9 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\assets\minecraft\blockstates\acacia_fence_gate.json
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2868
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\assets\minecraft\blockstates\acacia_fence_gate.json
      2⤵
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:2580
      • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
        "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\assets\minecraft\blockstates\acacia_fence_gate.json"
        3⤵
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of SetWindowsHookEx
        PID:3016

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    3dd2f0e466f208a8bacf8bd428ccf57f

    SHA1

    afa0a640b9d8b83d439d6e0613789a4bd8fcb6fc

    SHA256

    9e089f5546a1943873e3fec483b868a784e2af74544d1bebed739abb8983a767

    SHA512

    4d61d30a179c3a6161f369e73c22115aa55b27775797a90d08b418d1d5eb2c7d0d8a9f1d1bec8f6de5e4e7f237994a5b943bc37469e158857db7b72c52b9e2df

    Download Submit