General
-
Target
Minecraft.exe
-
Size
3.3MB
-
Sample
240417-qeskesac7s
-
MD5
0501b8eb39f00dcaa3c89ccec2fbde17
-
SHA1
cb7b82a5d02a2b5ea9c16b5083015c832b556405
-
SHA256
161ba4c1b21cd20b15573f0ccfc4a5cbab8dedd94c722cd60afb8551d8d91dc2
-
SHA512
4ab6a3fd31c7551578f07ada264bb93a22eb16f75fdbcfaecf4c0861535a2f631082da5f6003ff9f57fda231e783cbf200caa6a6d6bdefbe08d64f33c67855b3
-
SSDEEP
49152:FyFWKUkiGqdO+huQ0Mm5aIHdkQ3qBge6jXdTv8JGo2WEWxm5PMdFH0U7T0f6mfb+:FmUkifdnI3eo8Uo2WElEk+
Malware Config
Targets
-
-
Target
Minecraft.exe
-
Size
3.3MB
-
MD5
0501b8eb39f00dcaa3c89ccec2fbde17
-
SHA1
cb7b82a5d02a2b5ea9c16b5083015c832b556405
-
SHA256
161ba4c1b21cd20b15573f0ccfc4a5cbab8dedd94c722cd60afb8551d8d91dc2
-
SHA512
4ab6a3fd31c7551578f07ada264bb93a22eb16f75fdbcfaecf4c0861535a2f631082da5f6003ff9f57fda231e783cbf200caa6a6d6bdefbe08d64f33c67855b3
-
SSDEEP
49152:FyFWKUkiGqdO+huQ0Mm5aIHdkQ3qBge6jXdTv8JGo2WEWxm5PMdFH0U7T0f6mfb+:FmUkifdnI3eo8Uo2WElEk+
Score8/10-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Detected potential entity reuse from brand microsoft.
-