Overview
overview
10Static
static
10steveAImod.zip
windows7-x64
3steveAImod.zip
windows10-2004-x64
1READMEPLEASE.txt
windows7-x64
1READMEPLEASE.txt
windows10-2004-x64
1assets/fab...bg.scr
windows7-x64
7assets/fab...bg.scr
windows10-2004-x64
9assets/min...r.json
windows7-x64
3assets/min...r.json
windows10-2004-x64
3assets/min...r.json
windows7-x64
3assets/min...r.json
windows10-2004-x64
3assets/min...s.json
windows7-x64
3assets/min...s.json
windows10-2004-x64
3assets/min...r.json
windows7-x64
3assets/min...r.json
windows10-2004-x64
3assets/min...m.json
windows7-x64
3assets/min...m.json
windows10-2004-x64
3assets/min...n.json
windows7-x64
3assets/min...n.json
windows10-2004-x64
3assets/min...p.json
windows7-x64
3assets/min...p.json
windows10-2004-x64
3assets/min...l.json
windows7-x64
3assets/min...l.json
windows10-2004-x64
3assets/min...n.json
windows7-x64
3assets/min...n.json
windows10-2004-x64
3assets/min...e.json
windows7-x64
3assets/min...e.json
windows10-2004-x64
3assets/min...w.json
windows7-x64
3assets/min...w.json
windows10-2004-x64
3assets/min...e.json
windows7-x64
3assets/min...e.json
windows10-2004-x64
3assets/min...w.json
windows7-x64
3assets/min...w.json
windows10-2004-x64
3General
-
Target
steveAImod.zip
-
Size
148.0MB
-
Sample
240727-q2a9nasbkr
-
MD5
85b2363170e0d8f0562d911be4dc20e1
-
SHA1
db9d20369367a977b403b8be91d9fbdc5e52f8b7
-
SHA256
74c92e72eafcc33932dd2ca1a72e17ae730311c06c326794bb0b252ce09713eb
-
SHA512
5b3e666c9fb1cd69768d1d2ca5af7a2bf0490f6865279ac019a2b94f2a3c2143350e88daceae83511a073a2de94c7ddb4a9e58437412331e1e0127bc401328df
-
SSDEEP
3145728:MheluO6utTSWGeuyheluO6utTSWGeuNUWbqyPheluO6utTSWGeuV:MM3F3GWM3F3GZWyPM3F3GB
Behavioral task
behavioral1
Sample
steveAImod.zip
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
steveAImod.zip
Resource
win10v2004-20240709-en
Behavioral task
behavioral3
Sample
READMEPLEASE.txt
Resource
win7-20240705-en
Behavioral task
behavioral4
Sample
READMEPLEASE.txt
Resource
win10v2004-20240709-en
Behavioral task
behavioral5
Sample
assets/fabric-optional/0b/internal-bug/main-menu-bg.scr
Resource
win7-20240708-en
Behavioral task
behavioral6
Sample
assets/fabric-optional/0b/internal-bug/main-menu-bg.scr
Resource
win10v2004-20240709-en
Behavioral task
behavioral7
Sample
assets/minecraft/blockstates/acacia_trapdoor.json
Resource
win7-20240704-en
Behavioral task
behavioral8
Sample
assets/minecraft/blockstates/acacia_trapdoor.json
Resource
win10v2004-20240709-en
Behavioral task
behavioral9
Sample
assets/minecraft/blockstates/trapdoor.json
Resource
win7-20240708-en
Behavioral task
behavioral10
Sample
assets/minecraft/blockstates/trapdoor.json
Resource
win10v2004-20240709-en
Behavioral task
behavioral11
Sample
assets/minecraft/models/block/acacia_leaves.json
Resource
win7-20240708-en
Behavioral task
behavioral12
Sample
assets/minecraft/models/block/acacia_leaves.json
Resource
win10v2004-20240709-en
Behavioral task
behavioral13
Sample
assets/minecraft/models/block/acacia_trapdoor.json
Resource
win7-20240704-en
Behavioral task
behavioral14
Sample
assets/minecraft/models/block/acacia_trapdoor.json
Resource
win10v2004-20240709-en
Behavioral task
behavioral15
Sample
assets/minecraft/models/block/acacia_trapdoor_bottom.json
Resource
win7-20240704-en
Behavioral task
behavioral16
Sample
assets/minecraft/models/block/acacia_trapdoor_bottom.json
Resource
win10v2004-20240709-en
Behavioral task
behavioral17
Sample
assets/minecraft/models/block/acacia_trapdoor_open.json
Resource
win7-20240708-en
Behavioral task
behavioral18
Sample
assets/minecraft/models/block/acacia_trapdoor_open.json
Resource
win10v2004-20240709-en
Behavioral task
behavioral19
Sample
assets/minecraft/models/block/acacia_trapdoor_top.json
Resource
win7-20240708-en
Behavioral task
behavioral20
Sample
assets/minecraft/models/block/acacia_trapdoor_top.json
Resource
win10v2004-20240709-en
Behavioral task
behavioral21
Sample
assets/minecraft/models/block/activator_rail.json
Resource
win7-20240705-en
Behavioral task
behavioral22
Sample
assets/minecraft/models/block/activator_rail.json
Resource
win10v2004-20240704-en
Behavioral task
behavioral23
Sample
assets/minecraft/models/block/activator_rail_on.json
Resource
win7-20240704-en
Behavioral task
behavioral24
Sample
assets/minecraft/models/block/activator_rail_on.json
Resource
win10v2004-20240709-en
Behavioral task
behavioral25
Sample
assets/minecraft/models/block/activator_rail_on_raised_ne.json
Resource
win7-20240708-en
Behavioral task
behavioral26
Sample
assets/minecraft/models/block/activator_rail_on_raised_ne.json
Resource
win10v2004-20240709-en
Behavioral task
behavioral27
Sample
assets/minecraft/models/block/activator_rail_on_raised_sw.json
Resource
win7-20240704-en
Behavioral task
behavioral28
Sample
assets/minecraft/models/block/activator_rail_on_raised_sw.json
Resource
win10v2004-20240709-en
Behavioral task
behavioral29
Sample
assets/minecraft/models/block/activator_rail_raised_ne.json
Resource
win7-20240705-en
Behavioral task
behavioral30
Sample
assets/minecraft/models/block/activator_rail_raised_ne.json
Resource
win10v2004-20240704-en
Behavioral task
behavioral31
Sample
assets/minecraft/models/block/activator_rail_raised_sw.json
Resource
win7-20240704-en
Behavioral task
behavioral32
Sample
assets/minecraft/models/block/activator_rail_raised_sw.json
Resource
win10v2004-20240704-en
Malware Config
Targets
-
-
Target
steveAImod.zip
-
Size
148.0MB
-
MD5
85b2363170e0d8f0562d911be4dc20e1
-
SHA1
db9d20369367a977b403b8be91d9fbdc5e52f8b7
-
SHA256
74c92e72eafcc33932dd2ca1a72e17ae730311c06c326794bb0b252ce09713eb
-
SHA512
5b3e666c9fb1cd69768d1d2ca5af7a2bf0490f6865279ac019a2b94f2a3c2143350e88daceae83511a073a2de94c7ddb4a9e58437412331e1e0127bc401328df
-
SSDEEP
3145728:MheluO6utTSWGeuyheluO6utTSWGeuNUWbqyPheluO6utTSWGeuV:MM3F3GWM3F3GZWyPM3F3GB
Score3/10 -
-
-
Target
READMEPLEASE.txt
-
Size
37B
-
MD5
9402fb1961b142cc7ff5555417b73d5f
-
SHA1
c5a0ca40af85c2fa56eea4688901291480118f32
-
SHA256
002d336b07a5fd5d523817bc177b21f4bf34bccfaca75178de8f49488f59e6ca
-
SHA512
2336dd4e8090335070b2f4c00845dfa16f61978423b64b034c0c0d46bde697c71fe8fa3c6accdbd45aa7bc0e46c1791c7a9251eac67ba828adf3c63a3304ac59
Score1/10 -
-
-
Target
assets/fabric-optional/0b/internal-bug/main-menu-bg.scr
-
Size
46.5MB
-
MD5
4030faa11ec8559803476d0a7a2a5b0e
-
SHA1
022b3b40c919ec24e68a89d86ed0019d9409616f
-
SHA256
5a83bb14b440ff66de68a38a9c27882b6eb60957eb4c180490ab776a57690750
-
SHA512
6bcfcd74000a41f26efadf6c0f1acf8a206c5bc176fc06d83ae9a7e249c9401cca9f6be973cce94f3510fd6922325dabaf2a12d8388f25597bb52cc96b20d139
-
SSDEEP
786432:Auc1JRKmxgpgPQOo1QtIbxLa2j6+s7LWB75zuPNi1J4EcmRW8IuLIijPtImZ1666:WVxgp8bkiIpa2qHWB75iVWBTRW6j6ult
Score9/10-
Enumerates VirtualBox DLL files
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
-
-
Target
assets/minecraft/blockstates/acacia_trapdoor.json
-
Size
1KB
-
MD5
9d7366d6f5bb14c631473a924015189c
-
SHA1
b7fdb837d20d0523aba0d5a51a489eff3c712558
-
SHA256
ccf2aec0eb3fcb5cc718bd7e4737ab03171588cb200d515029c9fef60b0a469c
-
SHA512
37a70dc919781d507c60bcc2281aa9ebb3c8cfd79aac44b55092f80fb8c9d47996dae5430bc491453a105a6e3eeaac65f2362c1bcd3415c2b0a2d1b60f84d45c
Score3/10 -
-
-
Target
assets/minecraft/blockstates/trapdoor.json
-
Size
1KB
-
MD5
8e87b83e74abf424cf0044b3724e974a
-
SHA1
f7701003f14b8e30cf31d12b04ffa64244efa8b6
-
SHA256
6706a725784582f23138c20f098a0367f9e8ba4ee3c4a2112ba16cce7770a4ba
-
SHA512
489445ef86efa6188223f5c3744bbcafdb3d3a02689e08d2ac2a9393864f96545b8efec19f6568a551c7d73b656f1a06216f38e18a9f4c4d51bf35b71da24e8b
Score3/10 -
-
-
Target
assets/minecraft/models/block/acacia_leaves.json
-
Size
5KB
-
MD5
bac2953bccdcb04a51bcbeb45b3e3639
-
SHA1
aebf016e1d0166e4b5f3c3a5563545fb9dee0fa3
-
SHA256
bf38c242ce4d27145019ebce11ce73b92545b36c9907be4945391fc2a3442b36
-
SHA512
39638c470a6de94437c9d2897fc6c947c71e83baa4b45a12ff5ef26e9dffd5b86a18458bc82cf1e7c4ea35f7a07d7714876a719731c92678c67192ae27e43a76
-
SSDEEP
96:fNqWo4CJRcd8CRcTnvR9ZPJRcM9CRcuHnRcV0xnRccD0R9NJVR9HFGyR+beRRcxa:fNqWoRJGd8CGTnv3ZPJGM9CGuHnGV0x8
Score3/10 -
-
-
Target
assets/minecraft/models/block/acacia_trapdoor.json
-
Size
7KB
-
MD5
e8878be6eb1e70368fd0d2bafae907ac
-
SHA1
2322c33bf2e539b6367afe45203e267885de900d
-
SHA256
b5c240e462ba8d4f0e40bf1826f63459e2aad6f01b7c0da24397a76974718d1a
-
SHA512
a5f766c5330f2f50d637f9f14cbc1782e5aa651da37931a41bfa28c19a7f493e7966d18dcc899b285d5f177e101a253f77490b69f4e38c0ffbfe6ddafa650ff3
-
SSDEEP
192:fgYA1BcFsjJ2rtIFvoquUGu7sf+hyuB+ssjXYEQUf:4YA1l/sjIW
Score3/10 -
-
-
Target
assets/minecraft/models/block/acacia_trapdoor_bottom.json
-
Size
8KB
-
MD5
80007541e1369f45e702b3e02b50bfaf
-
SHA1
92ea4750f692a157fca7faf48515754dad16eef0
-
SHA256
50987fe1b8b8bb2805f08d15eef65c271c3b598c3180fb45eb9eecb5a0562846
-
SHA512
0edc8494015f91a9bef1f72d674515b16c6b04d3a9edb1a86474b5678c7c00a2be4dadf87b0dff47864a05f15d9846f58b4b4fbb732ac837f0af6f47b5b2fde2
-
SSDEEP
192:fgYA1B6V9cmII91QyQ+7SxlC87SxHGoLen0yKbDbXtz//EQ6l5:4YA103CsSxPSx1A
Score3/10 -
-
-
Target
assets/minecraft/models/block/acacia_trapdoor_open.json
-
Size
8KB
-
MD5
46a51af9ba7d558459c21616aa751a00
-
SHA1
be87fc4b473d269eef6e052df54c94981ee4cf71
-
SHA256
fcfac66279c5319aafe2b65e78edfee7389a482fb2ad70029f73bff20bb408c3
-
SHA512
e51533a2b65683ccb38718688c068313120f58b575fefb28f2485fc49157f48a5e5fe96caec8b7c8c57a61bf22f47d4ea8f28d21f00a0ccbe1fb82ffee2dba66
-
SSDEEP
192:fgYA1s9OQLCXx4dRcBDZsI1Giq1F49mU470e4paA4HuIrbdVB7XfxHEQU5:4YA1rDXs0V1w1wue
Score3/10 -
-
-
Target
assets/minecraft/models/block/acacia_trapdoor_top.json
-
Size
8KB
-
MD5
53ed01de6c7a239ae17f1d3e0bc9287c
-
SHA1
c951a6ecd52feb5fcbd21c4f84f39cc1be9f8d12
-
SHA256
7ba9482fa3a6d1762e860902adf51f0173c9943824916ba23b8f26cee491b6d3
-
SHA512
165f710261edd99cfbb9927d0989ea87d42ac88fcf598718cbf28356bc530a627bd7ad41787b23adbac431f40fb991bee5abdde3a3f9c4c45e95115b91a27cae
-
SSDEEP
192:fgYA1W9aqXL/F4gJ4dyRRi7SxWns7SxGG4Fw43E4Rf4TS4QuI+46nS4kzEQU5:4YA1FGvgSx9SxHlse
Score3/10 -
-
-
Target
assets/minecraft/models/block/activator_rail.json
-
Size
40KB
-
MD5
3e53a00f6ef1e5f2a41c5b3986a293e4
-
SHA1
eaf2f066958fc82a36b54b48417a9daad7cefcdd
-
SHA256
30ec84736d432d983c7b9e7dea3e0fef23eac2d0369683c95d02ec07b915f892
-
SHA512
0d4fcea3a37515cba975e7b93222c8e707dcbd840956bc45fc6f10bfbab518f8ec7be63fb52967c8ec47adaaa5ea930a6581674112acd08bae5935f7295f5ba9
-
SSDEEP
192:fEgmtphznwJbDS7B/Rdj2yUOJKm2yUOJRX2yUOJ2K2yUOJt62yUOJSl2yUOJCW2r:8gmtKgOBhBZBkBEgtgtgihDl57
Score3/10 -
-
-
Target
assets/minecraft/models/block/activator_rail_on.json
-
Size
40KB
-
MD5
1386f282da4f91b388455466190e8460
-
SHA1
9d573701d5d593e8b99d22603027228699227077
-
SHA256
5b236a4b375855499d0df68260960be2ec954a0c02f6986ff22d1c51c9a557bf
-
SHA512
dec13628b7061c06830a192620a7a5f435a55ca67cac45e83c4a3847af5dca7134b35fbae4d9147b38f86b170907d481317b560f58b7dc668dafcc4d9333f382
-
SSDEEP
192:fEg7tphznwJbDS7B/Rdj2yUOJKm2yUOJRX2yUOJ2K2yUOJt62yUOJSl2yUOJCW2X:8g7tKgOBhBZBkBEgtgJgihDl57
Score3/10 -
-
-
Target
assets/minecraft/models/block/activator_rail_on_raised_ne.json
-
Size
77KB
-
MD5
b50dd8f93ebf958774c76e90aceddfd0
-
SHA1
f4f3ad168d0339f64a4f9302ebdc55165f726c0d
-
SHA256
8180a662e6790ece1aee772b5e0cdc662bd1036fa33937402975c7d5a805bb51
-
SHA512
d30c95f97e17b655c85d2f67dea22188797f384495f584d715f0a3e2a71aa651dd8a41015a5a0ac4155225f9f4e3ff414c9b84d4ec5559d9983abf5f2337b19a
-
SSDEEP
384:8d7tcmgmwmumVmIm0CiHTBiAb8HOBqH/B9HwBqxBdH4Bq3btLBLJxh1lnlFtHjXa:8d7tfl
Score3/10 -
-
-
Target
assets/minecraft/models/block/activator_rail_on_raised_sw.json
-
Size
58KB
-
MD5
4eb55bfac42f729f22a186853be42fa3
-
SHA1
20903abd3ec9c0b47d6448e2f1bc99ca1df94597
-
SHA256
d68f384eefdfd9be21fb43d578196c9cb0396c01eb184488cc1adb59397e76ac
-
SHA512
5009092fb885733b1fa56a4dbaf30132a0f7f189c1a2072892da95c2cc16c20840c17d68c5e3b4912fe350481ccd25fe8e302cbf826bdc0efb08f36d0c6f5f5e
-
SSDEEP
384:vdf7AejAjkjjjVj5jCm1mJmXm6mslmdy16vMToDpHJjO6utBtByTcCwJL:vdf7AyT
Score3/10 -
-
-
Target
assets/minecraft/models/block/activator_rail_raised_ne.json
-
Size
77KB
-
MD5
7231cb1d87f8ed4eb3396c1029f93831
-
SHA1
883a5bf4f107c316b1d4c9ae3279acde2a3a3205
-
SHA256
d4ca63dc717f8c4b45f2af22a4e8b3dacf07e0f91e0a3df5c1b9723bc23fc035
-
SHA512
751ca6fdd4d3eec0e908cb2c9b6206d7cf495d49faf8daaee315081f53e875c334446f6f6716774fb02bf5415eeccbf138b0f6bb72248ee0abcf20d6dd59e556
-
SSDEEP
384:8dmtcmgmwmumVmIm4DxHTB8HOBbH/B8HwBmHxBsH4Bq3btLBLJxh1lnlFtHjXT/I:8dmtMafi
Score3/10 -
-
-
Target
assets/minecraft/models/block/activator_rail_raised_sw.json
-
Size
58KB
-
MD5
c83c79a0f68809cc0b746f8521cb19a3
-
SHA1
51bb890ad09e46ca1595a98a2749fe1b46de8f19
-
SHA256
49941f86f45fc680ba407879a9cbf10aec100a23ea25032604466851d6808181
-
SHA512
3949062c320323f0a8b2e09f4b023b88cf93d8463461793cf9576b99447d06ad67898fed0082e5be6f4814253f87d1ab83ed88a0eed68896df67a32ab15d8a92
-
SSDEEP
384:vdfmAejAjkjjjVj5jCmJmnmImlmLemVy16vMToDpHJjO6utBtByTcCwJ2p:vdfmAaup
Score3/10 -
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
2Hidden Files and Directories
2Modify Registry
1Virtualization/Sandbox Evasion
1