Overview

overview

7

Static

static

3

fabric-ins....0.exe

windows7-x64

1

fabric-ins....0.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    28/03/2024, 05:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fabric-installer-1.0.0.exe

  • Size

    437KB

  • MD5

    861e96fa83437f147809f4fafbb07f86

  • SHA1

    7a6dbd8c6f5300fe89a481832d3bb7244eb253eb

  • SHA256

    3863f9491bdc39a5f036c56fba310757779b616bdfb9b13e0748af2a4937a143

  • SHA512

    aac75fddcce15c9a2564112f1ea71ae616bea24a15593b0ce522def6a289dd6b2ddc4f2d23c323a9d71456918283fec97a7bb8a2bfe6f5794209f3cbdf691d81

  • SSDEEP

    6144:1AqhQt8C1lu3lRrszNnDthJNV/6KC5TfcAXok5OWgIhvpxH1K4syabpAM:48C1lu3TynwKC5TEAXRvhvpxHOfv

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\fabric-installer-1.0.0.exe
    "C:\Users\Admin\AppData\Local\Temp\fabric-installer-1.0.0.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2008
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://fabricmc.net/wiki/player:tutorials:java:windows
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2492
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2492 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2564

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    7dc5fbd65d5152c1b1c8978da4e39ab6

    SHA1

    900d078b2a83e8a3081126dd6f81e2d17601d682

    SHA256

    9576bde8ba632e05f81fe2350e986c89083a2e77b0e439f743047c8e7070bf1e

    SHA512

    1b3eee4a3669c97657c04b60df20e155f524183d88b5233730beda5c1fa170e12eeba265a1f89ce4769b694b41233e07880cff45b380e80f6dd24ac7f748993a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    0f6172f04f3f6501906f7166570bd927

    SHA1

    56e09b850c8de044489a50369ef568aa42888d49

    SHA256

    a8c93861017f482fa32ccd7e64645f534302183ac7718207fd0e5dfa95e1f73a

    SHA512

    32dd3460cd13f90d76ee61250b590488edb335718d2e555a65964f3671f1a23a1dd8c9f0c1e6a632f16041c7175c0312545d7e5b28708bade6240a6e6c3e4c2a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    5851c54937b1b7a96edb035eb5bb2bdd

    SHA1

    cccf77a141e3051ef6e173ae92ac0154e7eb9d17

    SHA256

    388a3e5723ab649ca59e153eaff8bbbe46b4fb212597ac81c68570fb57a89021

    SHA512

    0b8d2db1a873ffe59458e2a7020797e08615a1b3078b3d846b444b46640c552857232e3b36f5c8ca28535405fcd6859bcc880a49fffa27d43c03182cf7ca127f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    ddba4103c6a58260e01e4927413eaa4c

    SHA1

    35ea4862c3ee22aacac2eb61e5fdab8d35867b04

    SHA256

    bbb06b90b70a97d53d4b304792a9686a520b9b2af38266c7b198eacabe37c324

    SHA512

    d84afb67085cd52d58646a2d7efa2547a20c6cbba921d31d14f19b53d82813f514c57d54d4e1bb1b7972538ab98fa4743cc7f87a47c0acc77130e2d6cc98a540

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    02008dedd3ffb740c5e0673cf638a7e0

    SHA1

    5efc03e040c82baf1591e64c0e03b1a73cdf4b98

    SHA256

    8bb6c0ef3f697a6301121af428c3f730fc8e3473a37e0e731cb024722b86f226

    SHA512

    65a116a7d38d9cb5c60313d23dd05c17b215db692fd88b0311708177bccc45b706bbbbf5d09e5210d2358e843288129d6a0bfa55787f5e6de9d4e13a4db7d57f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    7e6a93d02f2934be41fe221b9685a15b

    SHA1

    fb129726bb9106d33790cc654357269a435e6d07

    SHA256

    7288f12a3855f1665277f614fc87aac027412ff23f4b32a7e42cfdf3f62f7513

    SHA512

    67019e5a2360f2d568f97071bb812f99fdb0a9d6e01fa8c190793e844cb71b0a32f91931852fd04dfa4fe62998f8f7ca0e5856bcd98931b92fe7feeb1c22f3ad

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    70d68d363b63058fa8ba86a384a07a14

    SHA1

    a5695405163258647074405a9cb7168af9707b52

    SHA256

    b1e7de67834468528079fdb307ce371529410423fedec3ca92c50940b967dd7a

    SHA512

    d96fa8f0ea8cde57a3c777818696c47945ba3b71159fef05b735d90d8b5d57c5b3220741090fed3ea308a2764e570550e4cebd86a9929bac67646bc05dbf8d32

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    323317df395b871d8a8c014f9b7e67b0

    SHA1

    ea44c2e4c6d4bca002bf38a6dbac9041ddb42d2d

    SHA256

    d32550c1380e3faa50b76beadcdd3b21d42526b735d0e826ab2f03d73af26536

    SHA512

    1fc1f67d2086e977c9eb8cf020e1069c052e6949d4da0b9762004826a3f550ac580bef0f5b371d43c2e69c263a6937b7e52bb07126e72ad85040e58541c5af53

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    102c703427e8a84f9beb6f32b4ee6275

    SHA1

    c30e156c9ae72c39477bee198c5ed7de9e2b62ac

    SHA256

    abffd4810d0210778b30de082b0ff97ab9fbcd15b414f2b95ff53eda248e8916

    SHA512

    a7487a6b4eb3f68bfc02d22e959b146300e9f6a05d5e24bf3acb32c7b4e435780f5cce57b8fd08db88760e211996b1039ed306ec7a1e5a347d9ae5237cbc0551

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    41c8ccb97700d8bcc17682ccd61618ca

    SHA1

    4d7880d6e606e1b39883f14a8ba6c76cd0512fd7

    SHA256

    811ce28e443bdab05e45e47a9c76edc99e5efe920833013fbfcc8eed330627d3

    SHA512

    318486fb425c16457f21689820116a3559c6caa1c2511af660064de454be9dfbfa0f25d8a9da54f045bb81034cc68bd3d4841dec84f133f2dcf26386684707de

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\jq7rho9\imagestore.dat
    Filesize

    99KB

    MD5

    bfa0c67b6b93744eadcf31e0cae4ece6

    SHA1

    6d8cedfa819b6b96667882b6e768f193fc2d96c5

    SHA256

    56fa80f39a84933da56d2cbbf82c516da2af9962ffe4f6cf1015e89af516f2e8

    SHA512

    fd96700f01968ea03e45773827faf94ea878cfdcf37af55697fda2347830531ef7def321ad9249ae62d2ef0ad55d684676acde9984072c985302e265f8797591

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OFFQJ7AH\favicon[1].ico
    Filesize

    98KB

    MD5

    94bed0e172b2d893f1a2e046ed9a9baf

    SHA1

    050d1b4d6752dd973ddb31beca55815e300180b7

    SHA256

    ad44b5a49faee0d955620c627d1710e662893688522e7051dfdae10b42984a27

    SHA512

    515e21806859deee755e617bf1ddb28b363b34e65b4cb6853764e6f53014d405184b6fdf333ae33722d8e7a69b8c93f401c5cacce0e217013237ffa475994fd7

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE486.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE557.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE499.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE56A.tmp
    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\~DFC72B625FB730C512.TMP
    Filesize

    16KB

    MD5

    7bc3100f8e436c8c680109da73ee1e0c

    SHA1

    fa4bd2048582042f7071191977349ef5e6a2125d

    SHA256

    120cd50164c937ae713dcf2f8a13fded27367c0f576da7df88f8542dc3297b49

    SHA512

    0ae8ef233cfd2c4171ebb1744d75fd05bf7a69e275adc00ce1a21c2a8ac05a0c3aa2318d242952c0df48ab65778de27206cc218468493b54bf3ce91e9f1a880d

    Download Submit