Analysis
-
max time kernel
118s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
-
submitted
13-06-2024 20:28
General
-
Target
MinecraftInstaller (1).exe
-
Size
32.3MB
-
MD5
4f02ac057355b5dc73ea28aecd2d56b4
-
SHA1
32591cb75779a3e308a44e75a76f821e7dee11e0
-
SHA256
83a5f942b2a15eab4826ef1709ec6a7f9637a7ec0fce16585776848797307fa4
-
SHA512
9eb08f85559df6af9192bec8904097d4e43a832ba9e9cc1c7be1a366af8d103c3a6db3886f00927ae5eb62055fbc770c7b5a3d2a122a0b460b51136083015368
-
SSDEEP
393216:nbekuyo9nMK50UGRXLePuq2ZWy/c5zFviMKe2OHmwv9CsTmsueFFza9ye:6Zn/G4Gqk1cWe2iTVCMue3E
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\MinecraftInstaller (1).exe"C:\Users\Admin\AppData\Local\Temp\MinecraftInstaller (1).exe"1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2984 -s 10362⤵
- Program crash
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2984-0-0x000000007498E000-0x000000007498F000-memory.dmpFilesize
4KB
-
memory/2984-1-0x0000000000D30000-0x0000000002D86000-memory.dmpFilesize
32.3MB
-
memory/2984-2-0x0000000006E50000-0x0000000007012000-memory.dmpFilesize
1.8MB
-
memory/2984-4-0x0000000074980000-0x000000007506E000-memory.dmpFilesize
6.9MB
-
memory/2984-5-0x000000007498E000-0x000000007498F000-memory.dmpFilesize
4KB
-
memory/2984-6-0x0000000074980000-0x000000007506E000-memory.dmpFilesize
6.9MB