Overview

overview

8

Static

static

3

EasyMC_Set...64.exe

windows7-x64

7

EasyMC_Set...64.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

1

$PLUGINSDI...er.dll

windows10-2004-x64

1

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

7zip/linux/x64/7za

ubuntu-18.04-amd64

3

7zip/mac/x64/7za

macos-10.15-amd64

1

7zip/win/ia32/7za.exe

windows7-x64

1

7zip/win/ia32/7za.exe

windows10-2004-x64

1

7zip/win/x64/7za.exe

windows7-x64

1

7zip/win/x64/7za.exe

windows10-2004-x64

1

EasyMC Launcher.exe

windows7-x64

7

EasyMC Launcher.exe

windows10-2004-x64

7

LICENSES.c...m.html

windows7-x64

1

LICENSES.c...m.html

windows10-2004-x64

1

d3dcompiler_47.dll

windows7-x64

1

d3dcompiler_47.dll

windows10-2004-x64

1

ffmpeg.dll

windows7-x64

1

ffmpeg.dll

windows10-2004-x64

1

hostsremov...er.exe

windows7-x64

8

hostsremov...er.exe

windows10-2004-x64

8

libEGL.dll

windows7-x64

1

libEGL.dll

windows10-2004-x64

1

libGLESv2.dll

windows7-x64

1

libGLESv2.dll

windows10-2004-x64

1

resources/elevate.exe

windows7-x64

1

resources/elevate.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    140s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02/02/2024, 01:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    hostsremover/EasyMCHostsRemover.exe

  • Size

    13KB

  • MD5

    dff1888306d5036e9e831d62d16412ab

  • SHA1

    2597f86a16af51f61f7b4754fe290a9969e85abe

  • SHA256

    136b6ddebbd837f775a10425fc0a6eaf4a46d32473f372208873cfeb2f64a28a

  • SHA512

    c2f984340c6d01531151b6ff58d2e5b47740b3faf309bc28c6349c4dd2b1e8715e24a69ee238380bd3ffc52e7922cf6c9a0c1ab685f449dc7e13054383b1de62

  • SSDEEP

    192:wRT2kZJ9fs4yjyjLwxx/VUXfIF8KYc3qvUjaMmk/m:wRTd5fs4yGAx/V4fIFlYc3qsU0

Score
8/10

Malware Config

Signatures

  • Drops file in Drivers directory 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\hostsremover\EasyMCHostsRemover.exe
    "C:\Users\Admin\AppData\Local\Temp\hostsremover\EasyMCHostsRemover.exe"
    1⤵
    • Drops file in Drivers directory
    PID:4380

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4380-0-0x0000000000AA0000-0x0000000000AA8000-memory.dmp

    Filesize

    32KB

    Download

  • memory/4380-1-0x0000000074890000-0x0000000075040000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/4380-2-0x0000000005840000-0x0000000005DE4000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/4380-3-0x0000000005330000-0x00000000053C2000-memory.dmp

    Filesize

    584KB

    Download

  • memory/4380-4-0x0000000005500000-0x0000000005510000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4380-5-0x00000000054D0000-0x00000000054DA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/4380-8-0x0000000074890000-0x0000000075040000-memory.dmp

    Filesize

    7.7MB

    Download