e02ef167f8c5fb589ab972f976ca7e2f02d21b9ffb3085630ac289c24c3bffb9

Analysis

max time kernel
315s
max time network
854s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
19-06-2024 17:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

BedrockLauncherSetup.exe
Size

42.7MB
MD5

2c504d1f25cac99a8e107d87cdec7450
SHA1

febc03aca60467646c8c8cbf950f8e532f7a5349
SHA256

e02ef167f8c5fb589ab972f976ca7e2f02d21b9ffb3085630ac289c24c3bffb9
SHA512

e730a2a06666956e4cc6ff3787e1125b10db1fc23efd5f3f2723f64c838a497df0b8ff9d71338f4d84acac18faa6198515b438946bf407fb68e00befeaa6398a
SSDEEP

786432:ePupYKnkRyccG5MbEGeiYmSct0rpH6EDNUN3GMl2mBLG7YMGV:UyrkRyS5UEBiY3dH65N2Ml99G7YV

Score

1^/10

Malware Config

Signatures

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2428	BedrockLauncherSetup.exe

C:\Users\Admin\AppData\Local\Temp\BedrockLauncherSetup.exe
"C:\Users\Admin\AppData\Local\Temp\BedrockLauncherSetup.exe"
1⤵
- Suspicious use of FindShellTrayWindow
PID:2428

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:3956

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\Downloads\AddStop.lnk

Filesize
938KB

MD5
179663cad4f078fef2d0bb623c1ecc04

SHA1
af3cb63479b49ed7ddb33dbf72cc6403610a3b1c

SHA256
8cb18aa59cd7454cf569265f27d9ba31b43634c277845d8f7aee943e182ec12c

SHA512
cadb15088968311c06f50d124259ca0acf23d4536350f37973e4f3aaf13d4893c6c2c1ee79e661e78de79486fd49e73cae9bb4d4399decd83d45d836489ec671

Download Submit
C:\Users\Admin\Downloads\BackupRestart.aifc

Filesize
804KB

MD5
11c1168f7e163658b6af01e847eea07e

SHA1
a7f7cd334dd5dd6b3152911662bd4fe3c470fc84

SHA256
0051c83645e7e7f6abbf295c34ec4b7e7e8be8aeaaa901c0345082a965a3a49b

SHA512
034564b564dcff99794d10414929e956125bbe818ee2ea2143bcb974e9918d0d0f811fe20847b0c761ae0f71e07e709c012dfc7db20e3b8ba3beea121a7ab406

Download Submit
C:\Users\Admin\Downloads\BlockMove.aif

Filesize
555KB

MD5
6d59360a8899494a009eba4e12d5aeb5

SHA1
5ce04ed1a7332a66bc98952b04b3baf14a93a388

SHA256
40bad05e175f60167f6a9cc043177afe507ee80b261ae21314ec2873d485b652

SHA512
1e6a2bf5fbb7a095b67641efd1fdf6e75addbf60cc6f39e10d1b92d0594029785e22939de9f82b73a83ab1bd97f8e5ae947e66ef5ce40cfaed0dadfb7dac7697

Download Submit
C:\Users\Admin\Downloads\CloseUpdate.search-ms

Filesize
1.4MB

MD5
225291664ee7886d5b9409debbd55f29

SHA1
cab0e0a21ed9aa988664dca17e2c69d3e85f5ce2

SHA256
88df8b9f21a0781a5e46ae4f067e2b905b31a5e8dfc37a78fde4f95b57fa2991

SHA512
5ab18aa15ff8f7850f7332c1e78fb238369ef341004efdf52118604b85995b4a6346a5fb9254d8de4f9acdfc6cdf108d8df9650a76c2560a2b7c376830e910e3

Download Submit
C:\Users\Admin\Downloads\CompressExport.sys

Filesize
516KB

MD5
f00fcdc7f5dcab6c46fceeccdfed00eb

SHA1
d6881537c3e19a060885512785379638a16061ed

SHA256
73820e40029e8fd945f43158ac4f43dec8e5a5eb8dece306327335da6c5dc54a

SHA512
701f0d01a1a66181729c68ccc00be678294485b0279b2599e7a752574e91e8f301daee57354b96da9bbc9be8321b6aab9e8f6d8e97334f2b895c41efa9453499

Download Submit
C:\Users\Admin\Downloads\ConvertSplit.midi

Filesize
765KB

MD5
28567ba4cb113f44a4211fb1843f28bb

SHA1
59e0216135aec9f7648fc0e3ffc86d1684db04a6

SHA256
76d866abfab3f1ebc1d5e450fb8415b7d7e68b41fbd9deda0523332bc3fbfe8c

SHA512
0510e5acac885cdf80ccd5e6040e437e6b40b5096c958e8730ce29b96bea7eccaba69e92682822ffaecf796dc9e8718cca8c3117d7cea54b22823dec73e94064

Download Submit
C:\Users\Admin\Downloads\DebugGrant.pdf

Filesize
574KB

MD5
d7f17c19fa32bfb37a0b88e3db43c4c8

SHA1
4d7feeca8d14d6dd84cde74e0081d60910669802

SHA256
f3e6595b677b3724f2ad1b266b00e9f42dff7fa21d5c19995b38c7f7dbd2913e

SHA512
6682c81532938f86d900423ee5757560b179302b99d854669cf8dbcbbf05e8afbf1d7bb3a6609a647d2e6867e1688ca96a1438827dfc5f93c08f2950b87261af

Download Submit
C:\Users\Admin\Downloads\EditOpen.wvx

Filesize
612KB

MD5
f6e5ff997d3c7d5d3ef4062252e0dcc9

SHA1
c1493688dca1cbf0626e73d38da623ad7d9afedd

SHA256
651305598ba7689a67af3ff5a92c707aeb00fbdc455101ca7d286da38d4fba88

SHA512
c94982802eecb5d051eea2825006e8713d2b5a4706f456d5edf87f43f8157e42c8e499ba2bbd48bc10a66914ff7a0af41e51d8a50702453a1cace7260fe3432d

Download Submit
C:\Users\Admin\Downloads\FindSync.mpeg2

Filesize
459KB

MD5
247152d93900e807f2f31e12dc7d18f3

SHA1
f68db3422ea62fd5eb187bb7fffa37f81dc32cc1

SHA256
75d6c7d48572a3dd4d5230261c257345af0824516cb263df0d2bdf03ffd2aa13

SHA512
388a614a899123137e24f7e74965c7eaa2f0a9cb346ee6c37feed7c1df8ee1e62c2ab27e6f6d915a9d08780fa2d7507067cb1b2de77e3abd864a995313355771

Download Submit
C:\Users\Admin\Downloads\GrantStart.vstm

Filesize
861KB

MD5
939c6acf33abd70bbbff3b0ff8c1f4c7

SHA1
023f37bbbd587a33bd9a54ee43be857e06eb26bc

SHA256
36340040befadf63bbc7b5e63134f1f3c889614bdbd5664383087d29116a7af7

SHA512
24c45db83933b0d79cad881526e3fa081f3fe1c020c7c6cfa367e64147fb52b06b94bda00588065318fc9cf1664b1adb2ad4b4998a0299742b19f7905a567e4e

Download Submit
C:\Users\Admin\Downloads\LockRequest.bmp

Filesize
1014KB

MD5
131f23721f552fb8bb98a3671d90588c

SHA1
b5a52ab2c25d6207962754a6ccaae1565075833c

SHA256
7873bac932452c04aeb96d6cf75cc9a8f59b7295daad5874bbd8969e79c5bd47

SHA512
535aad6d20b8c5eda8503458d6fdea3d8c64fa751eae54a70b457995c2364a710946cfd985547cfcbb11f2546e84a4323b13f14869575928a4ad72c30f8d95b5

Download Submit
C:\Users\Admin\Downloads\MoveSync.easmx

Filesize
880KB

MD5
f9a9f73bf56a105121658d2b3d649ac8

SHA1
13672994cd32b5113e7291f6c36cc8f53fe59287

SHA256
775c11eb2feacc3cc8c5fe8879da3247b62e6b47c8b088fb51498caa672fa068

SHA512
c8a591d72ec8ce3ec04c17bdf5b69b1eb792e08a7495bd465366a416055826d9dc8fb6adcd8a209e3c8ab0955c3314dc21917e8719c233880b98644dd02bc44c

Download Submit
C:\Users\Admin\Downloads\NewSet.3gp

Filesize
670KB

MD5
4414628302d1fd53f2d872afd8077811

SHA1
b75892e6bc82f308b0342fd904025de8ddf86449

SHA256
82f0f6d2733910d0a460b5337617b1971f0cbeb4d634e7cb6c12bb858d13901e

SHA512
975671f88e3e4903800509c081b04c561b644d2b0a6ed1af9961a38ae8f6f06251440a6513fa64757a33664e795518d55ac0d1b83ce666ad638a0986d765319f

Download Submit
C:\Users\Admin\Downloads\PingRepair.mpeg

Filesize
976KB

MD5
e02705cff229ebfa8a4ccabb0cfa8314

SHA1
3c88540631762f6de23c777c0b9cfbee2b7ffbfb

SHA256
a2ca80e3308625b30afdf1ee736c89bdb5e9083c9953d997116b63a6864481ef

SHA512
a44a362b4e8bc340998ac7249c2f1b91081d2e08e00bf9b5c1afa1cc16f3ebb7364b8d4f80ba8567d7f751458dc8321384348f1fda4d5f66c6617aac59ef8cf4

Download Submit
C:\Users\Admin\Downloads\PopResize.wvx

Filesize
593KB

MD5
4c8e62b42d2da9850d6d6f0697590136

SHA1
072e5ebc965330dd119f254f3a6e4dfc81965765

SHA256
59d20a55524e7bf7c9c1f5fccc891cc97249b5ddbec07ecf727db159d2756b81

SHA512
213ca0743ade8399bd22dac64d300137fbb5069753265ed82312a944b85b5daa61a10ade199de43b7ed7c038e6b95c4d082ad35c2733c4b83b1e4327b8fef6b3

Download Submit
C:\Users\Admin\Downloads\ProtectCompare.xla

Filesize
497KB

MD5
d9e15c095f36b2336574b71baabddb2c

SHA1
a54931ef13d337ef1d7db8a4fcf8638c34b6c46a

SHA256
460ff2473b55197eec78553d4a5af7a01f8f81f9e783717f86367dfa589c550a

SHA512
11f11512828eb9bdabe55664d3e0108fed4497060a05f924a4e0857faaf08dd29cc5605728895dbaebdae89b6e612ec1108613f7da32e443b5ab5d4783b2a8a0

Download Submit
C:\Users\Admin\Downloads\ProtectExpand.wvx

Filesize
1.0MB

MD5
7c5a82cea871a49beb5eeadb02ec6990

SHA1
bcacb3c4980deee9fdd869227958b1a5998801b6

SHA256
390aa525135a18d5455c30e9fa9bd7504f055be37862c27411c31471a98c9b5e

SHA512
a2ad1d2de21003ac874af3096efde15a2396b503d7749cb19bbe755559064a58a62d6cb8067955fd0571c34160501207b1121b646824fee5f4d44e9db264fd0d

Download Submit
C:\Users\Admin\Downloads\RegisterResume.cab

Filesize
536KB

MD5
5c5307176576b9f4bfe7664c0094206c

SHA1
eb7ae4f70042d97c4bd709c9fcc4a814df976548

SHA256
40c12659938a69eec27899ea68037dcde13aef2fe61d634d33b1e16620a3f34a

SHA512
6dcb291bb56dd9139ab70a24f6f0f9ee3be0dfe52263d5778749a1b3fc202db5638e046d569bf3cd77549dcbf9d5d6b334834bcade4146cafeda80e40243e526

Download Submit
C:\Users\Admin\Downloads\RepairRevoke.docm

Filesize
650KB

MD5
fa9cc1605cbb552104670342859e9732

SHA1
9704d01e313886c6f27ae55c2f87153971ebd55b

SHA256
2ab905d827f8b54c0acc879ba1435ba5c1b899a295d895c59ff10423e0f3f807

SHA512
d16876c67224a217668f93bcffbcce68fbb5e87726c5930e3d66f1885958a9b9d2bf31323838ad49d88ea9f4d34fd7f1f8e8e8f58e04f907462269652f5c2899

Download Submit
C:\Users\Admin\Downloads\RepairSearch.vsdx

Filesize
402KB

MD5
c86848bd43635b839cf0f3501f567249

SHA1
21ec7317fa3823ceef84a5fa8eb2636013fc4cbb

SHA256
1287276c74e12a232cd9ac03ae866ef7f7933dfebc411084629b832f825c22df

SHA512
0e15447a61bdcf9682b0f4e50e19ebc939891991345f9ed2c12af88ec1714ab32cfb0d5fc272efd1c1421cb7cece67cadc4a80b7f7724b5259c1ffe1b343108c

Download Submit
C:\Users\Admin\Downloads\ResetCopy.eps

Filesize
899KB

MD5
c69440f45d67acd72dacfacbb7766a37

SHA1
1ac8e22caf6abee608fc7f298f1f8090a9048086

SHA256
8f798e1788281e66940ee8bf640442073457a1744abe7748ddc14d4fac256798

SHA512
c91e6c34fa2f4843decc685ac9c78816143d605a6920c1f5c5a82a2ad27ee98b7710e7516677dc342f10a04f2837027c726eef34f84dfbc8b813eca2e158a66e

Download Submit
C:\Users\Admin\Downloads\ResetInvoke.fon

Filesize
995KB

MD5
9c2f7faf6963bd6f93e7af32b79c12f0

SHA1
8f405a17551073c58c21163f4d3344be2c510acd

SHA256
d0fc16f30943f380e14505b60d3bd66b24048cea07da3fcec8fcd6d86976b48c

SHA512
44ffcc6ea7f20956bf5273c49d5d18a709859a9ee385611ec6bc4ef7d9f0913724c11d34f8ee3a0e1ea1f5b6683ee14826d18cfafc09c73fc72a3dbd827701ed

Download Submit
C:\Users\Admin\Downloads\ResolveInvoke.mpv2

Filesize
631KB

MD5
4f3a71e85cf41626973cfbfc2f0ceec3

SHA1
49e2009afac308c79513a0de1dcafe3770a728fe

SHA256
b96c6b6c13cca9cd861df7617a082ad1b24b26cc46acebf8dcba74ecd5b47a49

SHA512
18aefd697bed0973b2dc232a16f1c2d548b6ff3e0354fa272baf5d51e95d4f2632cb8ed23e9b04112740f0584541f89a76fc65c78349f4d5391e1a10335ceb44

Download Submit
C:\Users\Admin\Downloads\RestartGrant.ogg

Filesize
478KB

MD5
ff6b430cb9a70c2cc86ceb383dcc2ab6

SHA1
47fbbaec17a374be82defe4a73f2ec521fd38dfb

SHA256
5c4533e8f4a8da3b87589bfaca67d775eb02d8f55d9cc657c4ec193f4ce5cbd8

SHA512
f5ac770d93d19788e33c5215bc963bd93c744c8a535b50a8bd0ca2dd8b88fb5d914e8a68a5c3f849d92c549522ee4bdd2495e19edb8cb3752ad8dc539cddfcb5

Download Submit
C:\Users\Admin\Downloads\RestartLimit.asf

Filesize
689KB

MD5
b4a072d034ab862e1f897d2c500d9755

SHA1
d9265874d7bebb99222b0e451e62aa8e60e30e99

SHA256
6480e6f1aa5360bcd4e2fdfff05e097ecb83415e4a8929ffdd3b0ab30892502e

SHA512
e85b8bbbda1a4c194360079ea0ce536a503b4c6b5b259daa2f6b2425f7737ab3f5e88c4ba5feedff92ea3d2c0a32cacb726085de1529637d10e62f4bf79ff31e

Download Submit
C:\Users\Admin\Downloads\SplitUnblock.png

Filesize
823KB

MD5
5bd4eb1e46ad16693e3a8f003c58dabb

SHA1
62c849779150d3277db10361992fdc1060557e99

SHA256
6a5c3cd6886818f1eebafb2f09e407574de1f517b99eebe90907f0060953ff80

SHA512
94a87273666ea4dde780af8cd369a23e38e1a2f641ba6e063590b4d23b704ffc1dbaf5b9bda806fc796146a6f6b717af37adda7f1b0077afb377ee59c2f9aca6

Download Submit
C:\Users\Admin\Downloads\StepConvertFrom.m4a

Filesize
708KB

MD5
4062337aa89e2656f76b9ff768886ec5

SHA1
675349dda624252b9fc57566671a80df86240d34

SHA256
f6f06b96ff6a4440db311af35a6c5d6245073c38841b237ac7093ea31a39efa2

SHA512
6c38fd4babf0dbf3c5f70b440bb4f6ff00c330674bdd708cf9129415442d682522ac31ac1b8f5313fdc4f6981a14eaf85f903a91cff63f05325538e5ce670028

Download Submit
C:\Users\Admin\Downloads\StepRestart.bmp

Filesize
363KB

MD5
f80ff4e0dcc0ad71cb18e684b7cc52be

SHA1
9d122335d52423ce27ee0eff47f58f5d9c36c175

SHA256
22f5ca88f8e20e9210ba9e74f473efe9ea0cbbdef164789e6de4546e9e7f8de0

SHA512
3a2baef5dc81a90fdb3a1d02cb321b99fd1a07b056c5cc905d4460c8464bf93ccf52e127f577afcb283f947f484c6fa7d3365b927fe3597bdb2b70243032619e

Download Submit
C:\Users\Admin\Downloads\SubmitConvertFrom.doc

Filesize
727KB

MD5
222c596daa9fe1e534367e323ca7cc0b

SHA1
0c3168f6d42d4946ee103beeab1e78b15dda60e0

SHA256
d7087b30b410ff7152073ee88851ede81b4438b0137525b219a7fba8fb8374bb

SHA512
b25898377461d842c5cb75bd48e456afc344f4217b05274807cb63534d95b85711458fa65a7db48e4189ded183efe471403a9fb1cf0386dfb641f99efcd5e453

Download Submit
C:\Users\Admin\Downloads\SubmitTrace.aiff

Filesize
842KB

MD5
6408f066033a805201dfe18c9341c321

SHA1
83cbe74f6ba3887bb59bf293b0f735ab05282140

SHA256
13b419dbfce6a94a9ff049877bce05da0eb94638a811479fafdb3a2553190cf5

SHA512
731a1c9fde985790d5537e840b4e695b0bf8207964e43b677c50ec9c4eba9d49fba2c0844543128d6a28fcdcd6be7293ad0fc46c0986b1c000aa8d0862f27487

Download Submit
C:\Users\Admin\Downloads\TraceRepair.ico

Filesize
1.0MB

MD5
9d3d691de84f3eab00010b8da4f56581

SHA1
f63097cb3b5eb5600ec11dd50a4fcfeb66615502

SHA256
2115f24bb35131da16ccc4851a0a879a2dfaaca7b3f5ea700a469268a5dc649f

SHA512
a699584871140b10ecb7594c0460ee000970ce378e89259b4f717ddde9cfb02113c76e21a8bdf9abc5712b7b794301decfc3588223a8af4bcd7a1bc1ac6ad271

Download Submit
C:\Users\Admin\Downloads\UnlockPop.pub

Filesize
382KB

MD5
4d1c48141b5cb45781d9b864ea6e4917

SHA1
bdb4b0932c3e633bfae76befe4116fb5d10d2322

SHA256
4e9d49e72b7b01313d9dae5176b751e2619a7a3ba7b5db90f80f73afad8761e5

SHA512
5e726b0357181d4d366925bfd903f83f622748e5d9f8049136cd4aa3ce97d3bff1994f7505b8b0a888c82ca11feb6047bb5866a5fa38fef67a42aa3fd0642883

Download Submit
C:\Users\Admin\Downloads\UnprotectSplit.mp4

Filesize
746KB

MD5
90fd1fe58b64300e98901d259610c133

SHA1
7830058cf937fed34a5c82b66a699d9dac169b16

SHA256
2bb3d8cb92bae13029907d5a8b69671d04e81992164a6667dbe27a6576f0cd14

SHA512
4427c554c8ed02ce14a13e7b610cd0a09b4d08fe9e066b17b5cc99c1d48bec670a3df436f2f38120b90a2b209d1db6f8360943ef511737ea0442c3c1fc6992d7

Download Submit
C:\Users\Admin\Downloads\UpdateFormat.jpeg

Filesize
785KB

MD5
80473c71721093f025d1f4ae97feaaf7

SHA1
75553cf8b6ca0c928945138ff32f06bd68c749bd

SHA256
3cd1a0c02351a9b6309a1f5736660e3f0177476d23abc4c6b4d6bd74248f535c

SHA512
19edafaad49c846b6f3b00c24b7a600295b1a8cf69171c3846f16eb20056a26954d27bcfb1be0fd644ca690232e9a7b750634a2a967c54074b392db45f5bfa60

Download Submit
C:\Users\Admin\Downloads\UseCompress.ico

Filesize
421KB

MD5
465a4427e32457685ceedfa2b5e7f801

SHA1
a50c082eecc1399ca5f706bee058966d92e4b54d

SHA256
8d5c017bccc8a7df05f3f9fae38db30798e75b7f5b60e7a21919294b23bdfd7e

SHA512
25c47dda312c73f9b3334ee071e8d483bd5c160aed099a1143466f1f194ced6dbe8803e893b060ef03ada3aef3588c793f2b5b2f0cac405364208eaffab344ee

Download Submit
C:\Users\Admin\Downloads\UseDeny.m4v

Filesize
957KB

MD5
97e88ae03698be29842cf5e6a9fade21

SHA1
87b6be6531f4c33bb70853de673ec6e364105b46

SHA256
9847f4c09cbff88870063e80937c3c38a87427b8342dc3c7186616d28b99d3bc

SHA512
acea0348f3a581309a169d30be63b7a77639511576a98922b77b0a4ec6f4395b18f3376b1cc35c2f1d304d4b9bbcfdf2356af52d32bd86fd00fa92b5a8917a86

Download Submit
C:\Users\Admin\Downloads\WatchRequest.xltm

Filesize
440KB

MD5
53b735c7b80a2990d74a5d44d37df480

SHA1
9d4902a3dac08762957d01524995f245b66fe1f7

SHA256
c62023c99d14c5dff8efb86767ee8603bb844835fbf0739277f67c047d61a3c6

SHA512
0de9b6209cc7b7194db33876358e69cad6da06a20c2e1d60efaf8c1071f09b163eb609f7c59dc97428c97e68aacdd5446771b96994c2f922bd5d1012d9715147

Download Submit
C:\Users\Admin\Downloads\WatchTest.mpeg2

Filesize
919KB

MD5
a81b6b322bc7ab010d26a84603e72337

SHA1
db9a5602462d0e2f4b557b98ed3e597e83ecd329

SHA256
dec577ec628125bb274b0e41cb7e78f1b3f7c3782ffaf127164a627bcce342dc

SHA512
e081991efa17d96f759530c51fa74fcc4e337e8733bc7374dde46dfd4c4553f8b79092649a48f0292381d800f218c742ccc110e28e592439748a2e6029dc1882

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads