ba66b79ee30d7987deed54ef865df61d324bcd4a6d82782d8a7d2f96a9821c87

Analysis

max time kernel
43s
max time network
548s
platform
windows11-21h2_x64
resource
win11-20240426-en
resource tags

arch:x64arch:x86image:win11-20240426-enlocale:en-usos:windows11-21h2-x64system
submitted
09-06-2024 17:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

minecraftportable-main/client/minecraftstart.bat
Size

73B
MD5

30785f7aa6e52de3104aff1b65df9e17
SHA1

a8e1714c9002e1fea5589e2b863827983e54d5b6
SHA256

8b735d828307bc32da82bc12ce6b9dd5bc3556643f5ba84378d950de67bb8f0f
SHA512

fa0378842bdb64ae6c273915466c7dddcf25ea789698d12f5ca3ccc1e23a7d54350f3fa978c0bfd321d6513d25d68b4542ccc890614fdf1c162d471cee456d4a

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 3 IoCs

pid	Process
4592	Minecraft.exe
4592	Minecraft.exe
4592	Minecraft.exe

Suspicious use of WriteProcessMemory 9 IoCs

description	pid	Process	procid_target
PID 4732 wrote to memory of 4592	4732	cmd.exe	77
PID 4732 wrote to memory of 4592	4732	cmd.exe	77
PID 4732 wrote to memory of 4592	4732	cmd.exe	77
PID 4592 wrote to memory of 2408	4592	Minecraft.exe	78
PID 4592 wrote to memory of 2408	4592	Minecraft.exe	78
PID 4592 wrote to memory of 2408	4592	Minecraft.exe	78
PID 4592 wrote to memory of 5068	4592	Minecraft.exe	80
PID 4592 wrote to memory of 5068	4592	Minecraft.exe	80
PID 4592 wrote to memory of 5068	4592	Minecraft.exe	80

C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\minecraftstart.bat"
1⤵
- Suspicious use of WriteProcessMemory
PID:4732
- C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\bin\Minecraft.exe
  "C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\bin\Minecraft.exe" --workDir "C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\data\.minecraft"
  2⤵
  - Loads dropped DLL
  - Suspicious use of WriteProcessMemory
  PID:4592
- - C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\bin\Minecraft.exe
    "C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\bin\Minecraft.exe" --type=gpu-process --field-trial-handle=2160,10001995444436853331,4337947915463812105,131072 --enable-features=CastMediaRouteProvider --no-sandbox --log-file="C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\data\.minecraft\launcher_cef_log.txt" --log-severity=info --lang=en-US --launcherui --workdir="C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\data\.minecraft" --gpu-preferences=MAAAAAAAAADgACAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --log-file="C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\data\.minecraft\launcher_cef_log.txt" --mojo-platform-channel-handle=2168 /prefetch:2
    3⤵
    PID:2408
- - C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\bin\Minecraft.exe
    "C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\bin\Minecraft.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2160,10001995444436853331,4337947915463812105,131072 --enable-features=CastMediaRouteProvider --lang=en-US --service-sandbox-type=network --no-sandbox --log-file="C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\data\.minecraft\launcher_cef_log.txt" --log-severity=info --lang=en-US --launcherui --workdir="C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\data\.minecraft" --log-file="C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\data\.minecraft\launcher_cef_log.txt" --mojo-platform-channel-handle=2648 /prefetch:8
    3⤵
    PID:5068
- - C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\bin\Minecraft.exe
    "C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\bin\Minecraft.exe" --type=renderer --no-sandbox --log-file="C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\data\.minecraft\launcher_cef_log.txt" --field-trial-handle=2160,10001995444436853331,4337947915463812105,131072 --enable-features=CastMediaRouteProvider --lang=en-US --log-file="C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\data\.minecraft\launcher_cef_log.txt" --log-severity=info --launcherui --workdir="C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\data\.minecraft" --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2736 /prefetch:1
    3⤵
    PID:3336
- - C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\bin\Minecraft.exe
    "C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\bin\Minecraft.exe" --type=renderer --no-sandbox --log-file="C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\data\.minecraft\launcher_cef_log.txt" --field-trial-handle=2160,10001995444436853331,4337947915463812105,131072 --enable-features=CastMediaRouteProvider --lang=en-US --log-file="C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\data\.minecraft\launcher_cef_log.txt" --log-severity=info --launcherui --workdir="C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\data\.minecraft" --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=3 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2744 /prefetch:1
    3⤵
    PID:2524
- - C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\bin\Minecraft.exe
    "C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\bin\Minecraft.exe" --type=gpu-process --field-trial-handle=2160,10001995444436853331,4337947915463812105,131072 --enable-features=CastMediaRouteProvider --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-sandbox --log-file="C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\data\.minecraft\launcher_cef_log.txt" --log-severity=info --lang=en-US --launcherui --workdir="C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\data\.minecraft" --gpu-preferences=MAAAAAAAAADoACAwAAAAAAAAAAAAAAAAAABgAAAIAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --log-file="C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\data\.minecraft\launcher_cef_log.txt" --mojo-platform-channel-handle=1000 /prefetch:2
    3⤵
    PID:4452

C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{45BA127D-10A8-46EA-8AB7-56EA9078943C}
1⤵
PID:2928

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\bin\game\cef.pak

Filesize
512KB

MD5
787666b3ea098af1a37994b4ae3ee51d

SHA1
132db37b52cad075c2361080e3854fc85dad1d19

SHA256
25c7f1f57fe7bf3a0ec9c57594cf8650b69ba060c1bb6d980210fc0ec23467d6

SHA512
b01e1746c9c559d256075db8dd99989f38d62e5f15820b9ce9bc4eb7c62c73e61216ff412eab0809df6495736e8e5a1e90e09c376312254079c2d2239da90290

Download Submit
C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\bin\game\cef_100_percent.pak

Filesize
261KB

MD5
4cec40309dc9e4bf0f0cc915aeb6c9ac

SHA1
2da1b18943265f473f6b87b63132dbb2398ff487

SHA256
6267cb52b0ca5593cf402139e736eb4f1d6bc3f2eab4c6deb99934711050ef4f

SHA512
e684d4d735762e87c8556c164379f97f59b8b4077e2f4c49ae43610ca2a3994ad45839cf6edef4e741a4f1fb345413e4246fb5901dd52bd98c9a2f60866817c7

Download Submit
C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\bin\game\cef_200_percent.pak

Filesize
412KB

MD5
50a6d9ab74ebfaeda5baa28997149977

SHA1
1ad557cecf3d54a5fbe471ceab189d344fef347c

SHA256
c8f7697bdb4aa19722b975dd2126baf8c2edb5c0a58e2d64a6fefa4cbb8335ec

SHA512
31647191b432f82ff24a41a16abb77512bed2f3105791079d795304452e2bff89f618202023fd133cdc79f80d02647093edebca9e43c19cbd4d2bed4c8d35180

Download Submit
C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\bin\game\cef_extensions.pak

Filesize
576KB

MD5
322958cbd5d29a4694cdd21291159c1b

SHA1
45206d3c29dfa95a9a6bf0b03ef3ef6e5ee29821

SHA256
d3917fcfd8229ff287854bb4095462d84af03a5b21c2f6c80eb0d3cffd37101b

SHA512
53f99e8a320750ec7962881ef7d345df06eba8276d5c420572ef23c1e8aca2a30b5852bceb43b47ac58e57186254381ceb7cf61d4684c2d220d5d24618334a2b

Download Submit
C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\bin\game\chrome_elf.dll

Filesize
810KB

MD5
4c8f4689e087a9843a79d6ec923f00df

SHA1
e6e37e19a04a55944bdfba6f9359bbe0ea8402fc

SHA256
8753acc450280e1c5ef5a09dac46d1fd873f1e66d771affc4b4afbfa3d59e3c4

SHA512
30b205bb4b391b23a7bb15248daa42af3ec34225d169a0d70325ea7e1422d298ea3376962e689311074346dd7aec3579789748e3aaa17b04ab72de6c0a0fc5e0

Download Submit
C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\bin\game\chrome_elf.dll

Filesize
384KB

MD5
aff74691eab73963617ee6e4d6d54dc5

SHA1
2bfcefe5695bc8e2d35ecdada5cde2f0d4c059eb

SHA256
fcf19d5a02ea37060a80696d030c277a132b62567c599c9da824773b172f7d8c

SHA512
8cde792376bfb58c8a27ec86354bb3d5641d2df81877cde532b26983ccbfefaa4d5784f7adbb6dd0c33e6c845b1c5893dbf0a12aef57d1f13dd46b92a4e49e11

Download Submit
C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\bin\game\chrome_elf.dll

Filesize
576KB

MD5
2295ca2fd6de5d882659c277a7cfd1d6

SHA1
e398a2831315db58c3a74826b8c9d39ee4fb6a0c

SHA256
9f19b15957bb3b292a1518822daa52a333f992cf4812a3b422d692ea6cdb92b7

SHA512
71670f4bc55132dcb82b909ccea96851a6f226d78ea992ec0e58d243e662e73d8b6405eaa343af91adb1433324211e2cc875f78333c6e6a2eb29fc89112fe76c

Download Submit
C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\bin\game\chrome_elf.dll

Filesize
448KB

MD5
ec5e1eed4dbb6e7e929357ab2b6ecbd3

SHA1
fe4b53fadbe8c6bb1df7af26af315bfab2239394

SHA256
736768cad6725ab8e6d17b8607e6df60c97e61d46abb6dfa588160659c2cac4f

SHA512
3217cc9ac592df5d2a391fa6b861487da468ac88fa58da5d2cd4a679b44981fef28742b65f490e813350b220362424d7a044f9aa71684d5951e27aec04b2c04e

Download Submit
C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\bin\game\icudtl.dat

Filesize
512KB

MD5
1c841b7005bb9b121fd55ebe1b3d7f5d

SHA1
be0e907fb75043be49a11e7afdc4fc12a3f1d3bb

SHA256
50a829e702d7fe345c76c8f6c54695c5da523bf130c963fd50c01841149d3673

SHA512
42b354f6f1ef408918437d6ae500d18c238740dd4a75684c209ba5d5ceb83c993d4a0eedb01f704cdd14cdf4da9258fd9140ac1ac1ad19c93902940265c1f9c3

Download Submit
C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\bin\game\libEGL.dll

Filesize
315KB

MD5
e646266652e470489b912c39d4bbfacf

SHA1
fb5af43ba527f0b03f6e5db0dba870df7acecf77

SHA256
e2b31cbbbd97c2d098a44acd5e1c84e092f4bf4c535fe6ebc3703a78387c03a9

SHA512
fe5ca9d6dc63ca6982702072aa34ada2d43c3c781e1fac09e324b17b3ed05bb8d203c3c08c0fe4aaf8985781933a8a3f2cd8e4928b0fe567c46a8da46f481b3f

Download Submit
C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\bin\game\libGLESv2.dll

Filesize
2.1MB

MD5
6f801c6c1e95030271d1d0bf9b88fc6b

SHA1
9195bfc35aca70eec06e987f8e27be6965d446b6

SHA256
1a997de8c5ed77b905c868d6d43105037965acd588d5760e911ff45f3d6caa6b

SHA512
b366a2ab100d145d8ac36b718b612939195c42491938c21c23f2f82d1f56cefbb43388f586cccb2a187623fb6c7dcab81e47171ac69bd00bcf01943fb4da304e

Download Submit
C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\bin\game\libglesv2.dll

Filesize
448KB

MD5
29fd48babb62b5adb13b10fe4fcd25ff

SHA1
60db3d677b44a57ffc199f1a2bfa712435b3fe63

SHA256
c387361ef1403a31e6a17428eaa180560c5116770e9126fc397c9ca58ce9b11f

SHA512
130c458aa134ffa8df1faffdf79d68bd10d642f74b2be466a7dd2169f4a8fc5aabcfa44571b339253b0afeb27a2c79d1b2bf50713ebea8c0e67c2129b1799cae

Download Submit
C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\bin\game\locales\en-US.pak

Filesize
225KB

MD5
16a6914c9637812257e28b2cc4e6d809

SHA1
82212a642c90b51b8f67e517ee8782da841b658f

SHA256
8fe734f556d97e7c07d02e839a16565f7db88ca7091ca3903a9b153a68aaaf72

SHA512
6efbab68c8b036fd73951295a5f65718003deea46db838f6f263133452e09be45ce006246850facbb1922766f42c2ce1796722cecfcc8495921a7bcd9402a446

Download Submit
C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\bin\game\v8_context_snapshot.bin

Filesize
167KB

MD5
cdeec3342ce88d4de5426032a6bf6a53

SHA1
b36ec3c3b20a7a06ff282d696f12b51904b073a4

SHA256
ca88a3c7034da1de52d35823fba0fe80ba5376ab70cdc1841e6aaf25c1f5dd6e

SHA512
54874cd76589124b750fdae90be75e1acf374566d56352c15dbbee98c095aad0e56db142952a808b08e4817bf5f8e176ffdc4ff79110d8661ee4f7ede16b2ea9

Download Submit
C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\data\.minecraft\launcher_cef_log.txt

Filesize
173B

MD5
4f5d0f58429c4bc7498940adb3693487

SHA1
63f052999427542382637a212effe577b54baf59

SHA256
270717769e0eda4f68fbf4aa9bf76cd7e0882e5b541b5f6bf89ab6f6c060ec73

SHA512
ce3caa03e3002ae9defe0a5e2b163426ad24cf0bf5df1a893e7def417506ec289135083ab8a6ff436d758de8bd795810c16c5d644b04080d67e3030471515735

Download Submit
C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\data\.minecraft\launcher_settings.json

Filesize
128B

MD5
270ade77b4358d215f30e625a2b172f6

SHA1
c407dcca0525ba0bb9d9c5d63ac78f7aa03ae03a

SHA256
7afa6b9dacfb8d546c8f9c386601999232fa9aa6bcc9879503ab2433e053c3c5

SHA512
af56d5ec7d603284db4fe340f5f5fc00c48b0e3d065660cb3d40088e6c4c35675cb7eaa6504803a11120d49e40d7aeb0f5321aacef79e5b074369722056bcd62

Download Submit
C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\data\.minecraft\launcher_settings.json

Filesize
221B

MD5
8a23881e85f31469cb113eba9c313856

SHA1
6f74ca9ef06677d94a37755a1c1027842d4f1ef5

SHA256
62c719683d10e9eba4460e1dd1a990692bfe0629fc2c0d0cf6b1fc55fad03b55

SHA512
1b12846025d9f2d68e7cb42ba8e0a610a379a073ee19c10d07cbc727f767cf61119dd9731d4c5250311d77c3f4a141968053ff63e6486bd9d7b7e809408379f0

Download Submit
C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\data\.minecraft\webcache2\Cache\f_000006

Filesize
17KB

MD5
b806dbd86b5ea9b6b3c243dfc6a6a9f5

SHA1
c68dd66e884faac20f1d362e601fa363debc63d1

SHA256
d189420516181d1e2381ee6330ec3869bca2c4c8c197c3822819c76a8aba08f6

SHA512
7be623ddcb20533ee450d3df708efe07988b5ab67efcb4287a21d75fe2a1eb19e102dd980186487ae878f8fee4b345b8f0ef6e5a290dfd6937603ea3da080748

Download Submit
C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\data\.minecraft\webcache2\Network Persistent State

Filesize
194B

MD5
e9e8b480b2e5c91fa3572f0a6d4949f7

SHA1
36f6e62bfd0e5c3a2a5a11a183f98fd53731c57f

SHA256
727ff17c7670d111b8d91ed761537f848cfb6fc76d34b2b4d3a7ca3ef2a1eff2

SHA512
19957f4b3807b2fb0f17eb37fa1ebe0aa6fd871911cf80118f52b05d1f8d653f037812888b7504253706fb26f2162520e08158c2023ccfbb07b083901adcc704

Download Submit
C:\Users\Admin\AppData\Local\Temp\minecraftportable-main\client\data\.minecraft\webcache2\Network Persistent State~RFe5917a5.TMP

Filesize
59B

MD5
2800881c775077e1c4b6e06bf4676de4

SHA1
2873631068c8b3b9495638c865915be822442c8b

SHA256
226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974

SHA512
e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads