Analysis
-
max time kernel
128s -
max time network
132s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
23/02/2024, 09:50
Static task
static1
Behavioral task
behavioral1
Sample
SkyblockAddons-1.7.2-for-MC-1.8.9.jar
Resource
win7-20240221-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
SkyblockAddons-1.7.2-for-MC-1.8.9.jar
Resource
win10v2004-20240221-en
4 signatures
150 seconds
General
-
Target
SkyblockAddons-1.7.2-for-MC-1.8.9.jar
-
Size
3.9MB
-
MD5
4e2d828d8f1e34444dc5d6523442e583
-
SHA1
6ae0f2801a5ed6306718c0f9f80ebba422fad91d
-
SHA256
36219222dfc43c42a9edef1da9ed53442ae08c617c3e4a217de61d0b15910f45
-
SHA512
df06af5955b2c37af039c5e210d8103f5bd2551671777957bcbf82f4369b656f2c7277f0b99dee9567e330fd4f673e04306053f2afc91015fccd7512dea4d558
-
SSDEEP
98304:XwpzwLSSXprMBTfZAt6IjDrRPzJdr4c2Rhoq:XUDSZmKlXRPFKc2RL
Score
1/10
Malware Config
Signatures
-
Enumerates system info in registry 2 TTPs 2 IoCs
description ioc Process Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName chrome.exe Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS chrome.exe -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2624 wrote to memory of 2528 2624 chrome.exe 30 PID 2624 wrote to memory of 2528 2624 chrome.exe 30 PID 2624 wrote to memory of 2528 2624 chrome.exe 30
Processes
-
C:\Windows\system32\java.exejava -jar C:\Users\Admin\AppData\Local\Temp\SkyblockAddons-1.7.2-for-MC-1.8.9.jar1⤵PID:2348
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe"1⤵
- Enumerates system info in registry
- Suspicious use of WriteProcessMemory
PID:2624 -
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6989758,0x7fef6989768,0x7fef69897782⤵PID:2528
-