Analysis
-
max time kernel
136s -
max time network
164s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
-
submitted
23-02-2024 20:04
General
-
Target
Mindustry.exe
-
Size
584KB
-
MD5
07f788dd556b612fd064a73913f82bfc
-
SHA1
3abe2d614dc63ca4d6b9907d36d5c35bd54cf020
-
SHA256
f9afb4ade0ba4d8cd758fabdb9cd76af2c72b59130140604b29cf02295b74569
-
SHA512
68de704e7248e647744a44c5cc46b08c97f5c80ae73e009b6c45367dd6691bb331b6d3cf7a0d4503c60be1361f59c734499c77ba1ea5b5b8448a44d5d3385e38
-
SSDEEP
12288:cPpWdd4P5jtbIHMavP0JLk2KgszHpaHwZMTVLzRBYkd2pA7okT1KP:cPpWdd4P5jtbIHMavP0JLk2KgszHpaQE
Malware Config
Signatures
-
Checks computer location settings 2 TTPs 1 IoCs
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL 2 IoCs
-
Checks processor information in registry 2 TTPs 2 IoCs
Processor information is often read in order to detect sandboxing environments.
Processes
-
C:\Users\Admin\AppData\Local\Temp\Mindustry.exe"C:\Users\Admin\AppData\Local\Temp\Mindustry.exe"1⤵
- Checks computer location settings
- Loads dropped DLL
- Checks processor information in registry
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
277KB
MD5ce15f741c8cace2c5383c24d8ccf9f56
SHA17ceff058738cd18b47528cf20246261cb1dd99fb
SHA256725f2feba2b45504a693381de5581c448f84d6453a5fe6f3224f90865bf02189
SHA512fa1bc74f66c0c1dfd6da818ef65dfd4ddcc42e3877bc85b0ff090d89c98ae4697649a0f806758fa34339541b75f6b8b1a5bfc8a912ad0b32c3f9ab9b881d3d8e
-
Filesize
2.4MB
MD5266a50b05160ec7d3162a9b1e2dc3256
SHA1d6dea436759164a37406333ddb3e5bc462d25e78
SHA256e2b56d39567bc6085fb7e1acfb42a9550efe58ab30892bbed6e0280335ed27ec
SHA5126921cd2b2c977f8b1e469b6d63a010585d6454c9a5cf4049c2ec64491437d42462faad40f26cac7629c6156d9b8f3dc9381cabaef9ec4a18455cc97336da3ba1
-
Filesize
16.0MB
-
Filesize
16.0MB
-
Filesize
16.0MB
-
Filesize
800KB
-
Filesize
2.5MB
-
Filesize
800KB
-
Filesize
2.5MB