General
-
Target
MEAC_7.0_Stable_b1.zip
-
Size
2.8MB
-
Sample
240607-pn52fafh9v
-
MD5
4f2d3438defed2bcd64f9387c9ab0374
-
SHA1
bf740408da776b9eeecb47b89e057509067d9fe1
-
SHA256
341d4f9cd7407589f26462bd43a5bc82023f6bfe1b5f596e023bf7600faeacc6
-
SHA512
935794dadab0b607c34b5088de44fa443be0b23c7de2386dcfbc9afb47290b38d72f08c2ec5e611daeaaf1ca0d97641dd3bb8c78ad1643b66415c3a19553ed7f
-
SSDEEP
49152:B1QjLawkVZ5sbQlPTdZ94SPJ0OAyVPFy4JdvZQkEiGiLY5v5l+bX:Y25XlPTdwSx03spSeGL5vDsX
Malware Config
Targets
-
-
Target
Minecraft_External_AntiCheat-x64.exe
-
Size
1.4MB
-
MD5
c9a0dd27c7e4c0f6c8a3f7479178dfec
-
SHA1
95309ca7478d1186cae48382ffcfdc823732bf63
-
SHA256
e06b19e0e2fd37da183e2d9769f2a197aa6855547fccb212fda6ac4975a97702
-
SHA512
a66a1fefb4e0a182f0bd4e2b43f1b0888d8c7b1bea71a83195443a42cc46bbe2372b91d3ed950c17a943fd939ab4e728e72fc924c4cb546a6a113b7685375614
-
SSDEEP
24576:Ntt85mPOnILay9PGf/75oxB9GFuhoKI/dyuB40ZRJ9j0kld3:NU5mlLa0+fz5kjmPL/d/B40rJO
-
Nirsoft
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-