b34e02b688cf80afc44c3173d68b602ff2fed8eb46700eec0f0db535a1ab8c65 | Triage

Sharing

General

Target

Minecraft.zip
Size

11.0MB
Sample

240720-nps8layeqn
MD5

f843c6d12135b977b9dfa9a1fd20b129
SHA1

2f7700e0569fb7c301091c60c7dcbfa620c5bfe5
SHA256

b34e02b688cf80afc44c3173d68b602ff2fed8eb46700eec0f0db535a1ab8c65
SHA512

f54be550017248b9d3ea8b0d2e48aad27e5472d5eb910a81eea4eea9fc80c57f44e0ddb728f404b79c3f7a81d3c32bf8e70ccff0864d1b4b9b7dc1bd8ea5c750
SSDEEP

196608:Nel66vAE51cbbfxzvt3qA57IMWciABt7Bk1fEGAMIHg6DTdIxKVoWhz:Nb4Defxl3qA58M7Fk1fTAdTdIsVHhz

Score

8^/10

execution

Malware Config

Targets

- Target
  
  [Minecraft - Game PC].exe
- Size
  
  368KB
- MD5
  
  c2382a28bf44e7c192731c4de8280565
- SHA1
  
  8d4fdc701337d0b48e2842f1e53176b4b9e9a09e
- SHA256
  
  c8ca10f889807948a2a3e1b73874ffe1125004c929ada039ea04e3a944e4ab9f
- SHA512
  
  5a0e41dafe24f74cea04fed427a9665a81280e477f02d078f25a778a40752b96e2f1e8457719d3d3a67f7ea4ea5cb779bd1640e0cfb2b65d1d6d0216c3251595
- SSDEEP
  
  6144:VeBvNMIhP7ERrjTPhSVQBFD7sxBUXEe9OmGC0GoCwwgVQBFvk:2DgRrj4QB97sx0d9OmGAwwoQB1k
Score

8^/10

execution
- Command and Scripting Interpreter: PowerShell
  Run Powershell and hide display window.
  execution
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2