Analysis

  • max time kernel
    134s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    22/02/2024, 20:49

General

  • Target

    Minecraft Launcher.exe

  • Size

    1.6MB

  • MD5

    689568710a8ab5c54dcba95acd2e3b53

  • SHA1

    9739db03da71e8b79b7cecaf8908975d37a26a73

  • SHA256

    28148908befb0382c4c3f629c1a5f9a4f93b09855968e444de78d95c6dad86a4

  • SHA512

    701871548f4dd7f3c00f601e0a4c3f9b9cbf28fc6b98a4adedc7f861dd253dbba3dfb91d2edd5d589944fde935c184d0049e4ea7c760feb8e218878d031bf056

  • SSDEEP

    49152:7NY/oae1UgHrnRAST8XrhaRY0T+nqO4P4dj:q/BWrn3T8hiVT+ne4dj

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Minecraft Launcher.exe
    "C:\Users\Admin\AppData\Local\Temp\Minecraft Launcher.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2828
    • C:\Program Files\Java\jre7\bin\javaw.exe
      "C:\Program Files\Java\jre7\bin\javaw.exe" -Xms256m -Xmx512m -jar "C:\Users\Admin\AppData\Local\Temp\Minecraft Launcher.exe"
      2⤵
      • Suspicious use of SetWindowsHookEx
      PID:2660

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\imageio6947493915902510601.tmp

          Filesize

          344B

          MD5

          d141cc8e71a3351f1aacb88a74b45fa4

          SHA1

          323cb27d8b7772b4b928a00706d4efe3b1104f52

          SHA256

          2788675e062e1111ead50a9a05971a7c11fe6246a89f571cf9f59ed68c72bb17

          SHA512

          315dfcf01f450b907f2cdfc9661db728789ec2440dd6985d914d024bd3c0798e602f7e230e60a8ffee8f39c95de68477d3b4def580a292e263d48bc23babae09

        • memory/2660-62-0x0000000001B70000-0x0000000001B71000-memory.dmp

          Filesize

          4KB

        • memory/2660-11-0x0000000001B70000-0x0000000001B71000-memory.dmp

          Filesize

          4KB

        • memory/2660-21-0x0000000001B70000-0x0000000001B71000-memory.dmp

          Filesize

          4KB

        • memory/2660-24-0x0000000001B70000-0x0000000001B71000-memory.dmp

          Filesize

          4KB

        • memory/2660-26-0x0000000001B70000-0x0000000001B71000-memory.dmp

          Filesize

          4KB

        • memory/2660-28-0x0000000001B70000-0x0000000001B71000-memory.dmp

          Filesize

          4KB

        • memory/2660-30-0x0000000001CE0000-0x0000000001CEA000-memory.dmp

          Filesize

          40KB

        • memory/2660-31-0x0000000001CE0000-0x0000000001CEA000-memory.dmp

          Filesize

          40KB

        • memory/2660-10-0x0000000002810000-0x0000000005810000-memory.dmp

          Filesize

          48.0MB

        • memory/2660-34-0x0000000001B70000-0x0000000001B71000-memory.dmp

          Filesize

          4KB

        • memory/2660-105-0x0000000002080000-0x000000000208A000-memory.dmp

          Filesize

          40KB

        • memory/2660-104-0x0000000002080000-0x000000000208A000-memory.dmp

          Filesize

          40KB

        • memory/2660-103-0x0000000002080000-0x000000000208A000-memory.dmp

          Filesize

          40KB

        • memory/2660-176-0x0000000002810000-0x0000000005810000-memory.dmp

          Filesize

          48.0MB

        • memory/2660-179-0x0000000001CE0000-0x0000000001CEA000-memory.dmp

          Filesize

          40KB

        • memory/2660-181-0x0000000001CE0000-0x0000000001CEA000-memory.dmp

          Filesize

          40KB

        • memory/2660-183-0x0000000002080000-0x000000000208A000-memory.dmp

          Filesize

          40KB

        • memory/2660-185-0x0000000002080000-0x000000000208A000-memory.dmp

          Filesize

          40KB

        • memory/2660-250-0x0000000002080000-0x000000000208A000-memory.dmp

          Filesize

          40KB

        • memory/2828-0-0x0000000000400000-0x0000000000416000-memory.dmp

          Filesize

          88KB