General

  • Target

    MEAC_7.0_Stable_b1.zip

  • Size

    2.8MB

  • Sample

    240607-pn52fafh9v

  • MD5

    4f2d3438defed2bcd64f9387c9ab0374

  • SHA1

    bf740408da776b9eeecb47b89e057509067d9fe1

  • SHA256

    341d4f9cd7407589f26462bd43a5bc82023f6bfe1b5f596e023bf7600faeacc6

  • SHA512

    935794dadab0b607c34b5088de44fa443be0b23c7de2386dcfbc9afb47290b38d72f08c2ec5e611daeaaf1ca0d97641dd3bb8c78ad1643b66415c3a19553ed7f

  • SSDEEP

    49152:B1QjLawkVZ5sbQlPTdZ94SPJ0OAyVPFy4JdvZQkEiGiLY5v5l+bX:Y25XlPTdwSx03spSeGL5vDsX

Score
9/10

Malware Config

Targets

    • Target

      Minecraft_External_AntiCheat-x64.exe

    • Size

      1.4MB

    • MD5

      c9a0dd27c7e4c0f6c8a3f7479178dfec

    • SHA1

      95309ca7478d1186cae48382ffcfdc823732bf63

    • SHA256

      e06b19e0e2fd37da183e2d9769f2a197aa6855547fccb212fda6ac4975a97702

    • SHA512

      a66a1fefb4e0a182f0bd4e2b43f1b0888d8c7b1bea71a83195443a42cc46bbe2372b91d3ed950c17a943fd939ab4e728e72fc924c4cb546a6a113b7685375614

    • SSDEEP

      24576:Ntt85mPOnILay9PGf/75oxB9GFuhoKI/dyuB40ZRJ9j0kld3:NU5mlLa0+fz5kjmPL/d/B40rJO

    Score
    9/10
    • Nirsoft

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

MITRE ATT&CK Enterprise v15

Tasks