General

  • Target

    FyreMC-0.9.4-x64-Setup (1).exe

  • Size

    104.9MB

  • Sample

    240222-11fg4agb28

  • MD5

    f4bb541872d75e52e78c118f185256cf

  • SHA1

    1d9801bb31684e1123ef1a247998b26ed2e7ccc0

  • SHA256

    f01269f2d23a031b8123f8e01ec08876518f3f38f80155e0f5231eb0ee8bbd99

  • SHA512

    7c78b13a2ab39c31b7920861b57797c08d8465126df628726e1ce93b877e825e0c7aa8001dc2675c468b6269e8a898b59163d89822bbc73579c1aa7f0e34f871

  • SSDEEP

    1572864:tjPhyc6RWoZIDl7IduXILeKF3ihIwfyyuKUSiaN94BN493e/xzxBTIYDkCytP1Ey:tjZRhIQi5JwmZBCu/nBTNSP1EvBgWq

Score
7/10

Malware Config

Targets

    • Target

      FyreMC-0.9.4-x64-Setup (1).exe

    • Size

      104.9MB

    • MD5

      f4bb541872d75e52e78c118f185256cf

    • SHA1

      1d9801bb31684e1123ef1a247998b26ed2e7ccc0

    • SHA256

      f01269f2d23a031b8123f8e01ec08876518f3f38f80155e0f5231eb0ee8bbd99

    • SHA512

      7c78b13a2ab39c31b7920861b57797c08d8465126df628726e1ce93b877e825e0c7aa8001dc2675c468b6269e8a898b59163d89822bbc73579c1aa7f0e34f871

    • SSDEEP

      1572864:tjPhyc6RWoZIDl7IduXILeKF3ihIwfyyuKUSiaN94BN493e/xzxBTIYDkCytP1Ey:tjZRhIQi5JwmZBCu/nBTNSP1EvBgWq

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks