Overview

overview

7

Static

static

1

1.20.1 Opt...ds.zip

windows11-21h2-x64

1

mods/Bette....1.jar

windows11-21h2-x64

7

mods/Gamma...20.jar

windows11-21h2-x64

7

mods/InGam....2.jar

windows11-21h2-x64

7

mods/OptiF...I6.jar

windows11-21h2-x64

7

mods/Rrls-...ic.jar

windows11-21h2-x64

7

mods/archi...ic.jar

windows11-21h2-x64

7

mods/cloth...ic.jar

windows11-21h2-x64

7

mods/entit...20.jar

windows11-21h2-x64

7

mods/essen...-1.jar

windows11-21h2-x64

7

mods/fabri....1.jar

windows11-21h2-x64

7

mods/fast-...20.jar

windows11-21h2-x64

7

mods/lazyd....3.jar

windows11-21h2-x64

7

mods/litem....0.jar

windows11-21h2-x64

7

mods/lithi....2.jar

windows11-21h2-x64

7

mods/lunad...20.jar

windows11-21h2-x64

7

mods/malil....0.jar

windows11-21h2-x64

7

mods/modme....1.jar

windows11-21h2-x64

7

mods/optif...25.jar

windows11-21h2-x64

7

mods/repla...13.jar

windows11-21h2-x64

7

mods/repla....1.jar

windows11-21h2-x64

7

mods/starl...6f.jar

windows11-21h2-x64

7

mods/voice...16.jar

windows11-21h2-x64

7

mods/world...15.jar

windows11-21h2-x64

7

Analysis

  • max time kernel
    1375s
  • max time network
    1173s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240221-en
  • resource tags

    arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    14-03-2024 10:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    mods/litematica-fabric-1.20.1-0.15.0.jar

  • Size

    887KB

  • MD5

    3c6cfceae8a7db2c5508c829953bdb17

  • SHA1

    c33e1c0a498d67d3b404d4f025340f6e8dcdc013

  • SHA256

    60a04ee2632ecd3eb6407d158b9af48a197fd53c7787e4004b519ddbc7ad8be6

  • SHA512

    db5fcd60a656110bb8f8847e0feb0272ac7104a12a9abe1b6f4670c2cb6ce4a166593b6e342b7c9bb1af8b98df4b5100bfb4e836eaf814681a4bec88d2f1f649

  • SSDEEP

    12288:uvhxBvJC+NxKl2XCszmCJI2+qFzPgifEjI/mgzhY6V6BJ5u9DmHeihyONmUovNWB:oXC+NIlAa2I2zz4YuBukpyONV5ePehSm

Score
7/10
discovery

Malware Config

Signatures

  • Modifies file permissions 1 TTPs 1 IoCs
    discovery
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\mods\litematica-fabric-1.20.1-0.15.0.jar
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:344
    • C:\Windows\system32\icacls.exe
      C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
      2⤵
      • Modifies file permissions
      PID:2184

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp
    Filesize

    46B

    MD5

    9a0746e4aae70f41ed6c6c25693cd2b9

    SHA1

    5621779eb5c534da9964beb894b227dbe11bf10e

    SHA256

    6dc5b758bc1305c4c8fed5accce16fa1f157e04f4db6abf725caae3e9f4ad5ee

    SHA512

    7832e2f5e7ec0e3b8b6a00dd7abc8cfc8b3f27d569ebe5ba4e9d9d6d7146a387b236462bc80c11ac0771b3c6ffae69b1d84840b1007cc03e6260a3c792556467

    Download Submit

  • memory/344-8-0x000001CFDA170000-0x000001CFDB170000-memory.dmp

    Filesize

    16.0MB

    Download

  • memory/344-11-0x000001CFD88F0000-0x000001CFD88F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/344-13-0x000001CFDA170000-0x000001CFDB170000-memory.dmp

    Filesize

    16.0MB

    Download