C:\Users\Michael\source\repos\EasyMCRemover\EasyMCRemover\obj\Release\EasyMCRemover.pdb
Static task
static1
1 signatures
General
-
Target
EasyMC_Setup_v1.6.14_x64.dmg
-
Size
84.6MB
-
MD5
29c1a0d1b9193348e6485b09479060b6
-
SHA1
bb17d4969ba3564c9bba72e740b9b698f096ae53
-
SHA256
b8aa5acd01a83a80352474398023b9a3ffccddefecdf14bc904eee8b034a13eb
-
SHA512
919e180e6e2eb2437d24e51f9567a873255b42fa280c7cbde2dd34ee348d334da8fa6991ad94265bca9969312a82d886e1efb931d59e027fa5667af129b75550
-
SSDEEP
1572864:UVjuJyQxMSm2TLlau3bQi2yI4twrD2wEaZtGxr98Iq:UVjuoQx1m2TpJsi234twrD2wEaZtGxB
Score
3/10
Malware Config
Signatures
-
Unsigned PE 3 IoCs
Checks for missing Authenticode signature.
resource unpack001/EasyMC Launcher 1.6.14/EasyMC Launcher.app/Contents/7zip/win/ia32/7za.exe unpack001/EasyMC Launcher 1.6.14/EasyMC Launcher.app/Contents/7zip/win/x64/7za.exe unpack001/EasyMC Launcher 1.6.14/EasyMC Launcher.app/Contents/hostsremover/EasyMCHostsRemover.exe
Files
-
EasyMC_Setup_v1.6.14_x64.dmg.dmg macos
-
EasyMC Launcher 1.6.14/.DS_Store
-
EasyMC Launcher 1.6.14/.VolumeIcon.icns
-
EasyMC Launcher 1.6.14/EasyMC Launcher.app/Contents/7zip/linux/x64/7za.elf linux x64
-
EasyMC Launcher 1.6.14/EasyMC Launcher.app/Contents/7zip/mac/x64/7za.macho macos arch:x64
-
EasyMC Launcher 1.6.14/EasyMC Launcher.app/Contents/7zip/win/ia32/7za.exe.exe windows:4 windows x86 arch:x86
b06a5d19aad48d0a521642c823535f92
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Imports
oleaut32
VariantCopy
SysAllocStringLen
SysAllocString
SysFreeString
SysStringLen
VariantClear
user32
CharPrevExA
CharUpperW
advapi32
OpenProcessToken
GetFileSecurityW
SetFileSecurityW
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
msvcrt
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
_XcptFilter
_exit
_onexit
__dllonexit
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_except_handler3
_beginthreadex
exit
_ftol
realloc
memset
strlen
wcscmp
wcsstr
strcmp
memmove
fputs
fputc
fflush
fgetc
fclose
_iob
free
_CxxThrowException
malloc
memcmp
_purecall
memcpy
__CxxFrameHandler
_isatty
_fileno
kernel32
CreateEventW
SetEvent
ResetEvent
CreateSemaphoreW
ReleaseSemaphore
InitializeCriticalSection
ResumeThread
SetFileAttributesW
WaitForSingleObject
InterlockedIncrement
VirtualFree
VirtualAlloc
GetOEMCP
LocalFileTimeToFileTime
SetConsoleMode
GetConsoleMode
GetVersionExW
SetFileApisToOEM
GetCommandLineW
GetConsoleScreenBufferInfo
SetConsoleCtrlHandler
DeleteCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
GetProcessTimes
OpenEventW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
SetProcessAffinityMask
WaitForMultipleObjects
EnterCriticalSection
LeaveCriticalSection
GetStdHandle
GetSystemTimeAsFileTime
FileTimeToDosDateTime
DosDateTimeToFileTime
IsProcessorFeaturePresent
GlobalMemoryStatus
GetSystemInfo
GetProcessAffinityMask
FileTimeToLocalFileTime
FileTimeToSystemTime
CompareFileTime
GetCurrentProcess
GetDiskFreeSpaceW
SetEndOfFile
WriteFile
GetLastError
MultiByteToWideChar
WideCharToMultiByte
FreeLibrary
LoadLibraryW
GetModuleFileNameW
LocalFree
FormatMessageW
CloseHandle
SetFileTime
CreateFileW
ReadFile
RemoveDirectoryW
MoveFileW
GetProcAddress
GetModuleHandleW
CreateDirectoryW
DeleteFileW
SetLastError
SetCurrentDirectoryW
GetCurrentDirectoryW
GetTempPathW
GetCurrentProcessId
GetTickCount
GetCurrentThreadId
FindClose
FindFirstFileW
FindNextFileW
GetModuleHandleA
GetFileAttributesW
GetFileInformationByHandle
GetLogicalDriveStringsW
GetFileSize
SetFilePointer
DeviceIoControl
SetThreadAffinityMask
Sections
.text Size: 653KB - Virtual size: 652KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 86KB - Virtual size: 86KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.sxdata Size: 512B - Virtual size: 4B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 28KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
EasyMC Launcher 1.6.14/EasyMC Launcher.app/Contents/7zip/win/x64/7za.exe.exe windows:4 windows x64 arch:x64
7a6629dd6fa4e45d85bb3c64b9e99ef8
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
oleaut32
SysStringLen
VariantClear
VariantCopy
SysAllocString
SysFreeString
SysAllocStringLen
user32
CharUpperW
CharPrevExA
advapi32
OpenProcessToken
SystemFunction036
GetFileSecurityW
SetFileSecurityW
RegOpenKeyExW
RegQueryValueExW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegCloseKey
msvcrt
_c_exit
_XcptFilter
_onexit
__dllonexit
??1type_info@@UEAA@XZ
?terminate@@YAXXZ
__C_specific_handler
_beginthreadex
exit
_isatty
realloc
memset
strlen
wcsstr
wcscmp
_exit
memmove
fflush
fputc
fputs
_iob
fgetc
fclose
free
_CxxThrowException
malloc
memcmp
_purecall
__CxxFrameHandler
memcpy
_cexit
__getmainargs
__initenv
_initterm
__setusermatherr
_commode
_fmode
__set_app_type
strcmp
kernel32
SetThreadAffinityMask
CreateEventW
SetEvent
ResetEvent
CreateSemaphoreW
ReleaseSemaphore
InitializeCriticalSection
GetVersionExW
SetFileTime
ResumeThread
WaitForSingleObject
VirtualFree
VirtualAlloc
GetOEMCP
LocalFileTimeToFileTime
GetConsoleMode
SetConsoleMode
SetFileApisToOEM
GetCommandLineW
GetConsoleScreenBufferInfo
SetConsoleCtrlHandler
GetProcessTimes
QueryPerformanceFrequency
QueryPerformanceCounter
DeleteCriticalSection
SetProcessAffinityMask
OpenEventW
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
WaitForMultipleObjects
LeaveCriticalSection
EnterCriticalSection
GetStdHandle
GetSystemTimeAsFileTime
FileTimeToDosDateTime
DosDateTimeToFileTime
IsProcessorFeaturePresent
GlobalMemoryStatusEx
GetSystemInfo
GetProcessAffinityMask
FileTimeToLocalFileTime
FileTimeToSystemTime
CompareFileTime
GetCurrentProcess
GetDiskFreeSpaceW
SetEndOfFile
WriteFile
ReadFile
GetLastError
MultiByteToWideChar
WideCharToMultiByte
FreeLibrary
LoadLibraryW
GetModuleFileNameW
LocalFree
FormatMessageW
CloseHandle
CreateFileW
SetFileAttributesW
RemoveDirectoryW
MoveFileW
GetProcAddress
GetModuleHandleW
CreateDirectoryW
DeleteFileW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetTempPathW
SetLastError
GetCurrentProcessId
GetTickCount
GetCurrentThreadId
GetFileInformationByHandle
FindClose
FindFirstFileW
FindNextFileW
GetModuleHandleA
GetFileAttributesW
GetLogicalDriveStringsW
DeviceIoControl
GetFileSize
SetFilePointer
Sections
.text Size: 887KB - Virtual size: 886KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 242KB - Virtual size: 241KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 30KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 59KB - Virtual size: 59KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
EasyMC Launcher 1.6.14/EasyMC Launcher.app/Contents/Frameworks/EasyMC Launcher Helper.app/Contents/Info.plist.xml
-
EasyMC Launcher 1.6.14/EasyMC Launcher.app/Contents/Frameworks/EasyMC Launcher Helper.app/Contents/MacOS/EasyMC Launcher Helper.macho macos arch:x64
-
EasyMC Launcher 1.6.14/EasyMC Launcher.app/Contents/Frameworks/EasyMC Launcher Helper.app/Contents/PkgInfo
-
EasyMC Launcher 1.6.14/EasyMC Launcher.app/Contents/Info.plist.xml
-
EasyMC Launcher 1.6.14/EasyMC Launcher.app/Contents/MacOS/EasyMC Launcher.macho macos arch:x64
-
EasyMC Launcher 1.6.14/EasyMC Launcher.app/Contents/PkgInfo
-
EasyMC Launcher 1.6.14/EasyMC Launcher.app/Contents/Resources/app-update.yml
-
EasyMC Launcher 1.6.14/EasyMC Launcher.app/Contents/Resources/app.asar
-
EasyMC Launcher 1.6.14/EasyMC Launcher.app/Contents/Resources/assets/assets.d.ts
-
EasyMC Launcher 1.6.14/EasyMC Launcher.app/Contents/Resources/assets/entitlements.mac.plist.xml
-
EasyMC Launcher 1.6.14/EasyMC Launcher.app/Contents/Resources/assets/icon.icns
-
EasyMC Launcher 1.6.14/EasyMC Launcher.app/Contents/Resources/assets/icon.ico
-
EasyMC Launcher 1.6.14/EasyMC Launcher.app/Contents/Resources/assets/icon.png.png
-
EasyMC Launcher 1.6.14/EasyMC Launcher.app/Contents/Resources/assets/icon.svg
-
EasyMC Launcher 1.6.14/EasyMC Launcher.app/Contents/Resources/assets/icons.icns
-
EasyMC Launcher 1.6.14/EasyMC Launcher.app/Contents/Resources/assets/images/grass_block.jpg.jpg
-
EasyMC Launcher 1.6.14/EasyMC Launcher.app/Contents/Resources/assets/images/microsoft.png.png
-
EasyMC Launcher 1.6.14/EasyMC Launcher.app/Contents/Resources/assets/images/mojang.png.png
-
EasyMC Launcher 1.6.14/EasyMC Launcher.app/Contents/Resources/icon.icns
-
EasyMC Launcher 1.6.14/EasyMC Launcher.app/Contents/hostsremover/EasyMCHostsRemover.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ