Overview

overview

7

Static

static

3

mmc-develop-win32.zip

windows10-1703-x64

1

MultiMC/MultiMC.exe

windows10-1703-x64

3

MultiMC/Qt5Core.dll

windows10-1703-x64

3

MultiMC/Qt5Gui.dll

windows10-1703-x64

3

MultiMC/Qt...rk.dll

windows10-1703-x64

3

MultiMC/Qt5Svg.dll

windows10-1703-x64

3

MultiMC/Qt...ts.dll

windows10-1703-x64

3

MultiMC/Qt5Xml.dll

windows10-1703-x64

3

MultiMC/ic...on.dll

windows10-1703-x64

3

MultiMC/im...if.dll

windows10-1703-x64

3

MultiMC/im...ns.dll

windows10-1703-x64

3

MultiMC/im...co.dll

windows10-1703-x64

3

MultiMC/im...eg.dll

windows10-1703-x64

3

MultiMC/im...vg.dll

windows10-1703-x64

3

MultiMC/im...mp.dll

windows10-1703-x64

3

MultiMC/ja...ck.jar

windows10-1703-x64

7

MultiMC/ja...ch.jar

windows10-1703-x64

7

MultiMC/li...ix.dll

windows10-1703-x64

3

MultiMC/li...++.dll

windows10-1703-x64

3

MultiMC/li....dll.a

windows10-1703-x64

3

MultiMC/li...ip.dll

windows10-1703-x64

3

MultiMC/li...ow.dll

windows10-1703-x64

3

MultiMC/libeay32.dll

windows10-1703-x64

3

MultiMC/li...-1.dll

windows10-1703-x64

3

MultiMC/libssp-0.dll

windows10-1703-x64

3

MultiMC/li...-6.dll

windows10-1703-x64

3

MultiMC/li...-1.dll

windows10-1703-x64

3

MultiMC/pl...ws.dll

windows10-1703-x64

3

MultiMC/qt.conf

windows10-1703-x64

3

MultiMC/ssleay32.dll

windows10-1703-x64

3

MultiMC/zlib1.dll

windows10-1703-x64

3

Analysis

  • max time kernel
    192s
  • max time network
    197s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-en
  • resource tags

    arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
  • submitted
    28-08-2024 19:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    MultiMC/jars/JavaCheck.jar

  • Size

    1KB

  • MD5

    758622097653aa7a3b1c3fb4196f3405

  • SHA1

    b5c67ed45e67e6a88464965ddc6c7738a971a37a

  • SHA256

    ff9e319df157430b359256d87e1df3c4b95c1475a5c1a10d3b9bc962adfa6de0

  • SHA512

    33b6e2c7ce689fd83674dff89d871fb06f809ff0b7257041995680993263e1fa0e36a0b468e5d9ad5a9e877fd68dce3853abd2207aed17a949749110a09ca201

Score
7/10
discovery

Malware Config

Signatures

  • Modifies file permissions 1 TTPs 1 IoCs
    discovery
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
    java -jar C:\Users\Admin\AppData\Local\Temp\MultiMC\jars\JavaCheck.jar
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2400
    • C:\Windows\system32\icacls.exe
      C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
      2⤵
      • Modifies file permissions
      PID:4744

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp
    Filesize

    46B

    MD5

    0149970997f360743108bf47fe42aca8

    SHA1

    5aecf7b36f8c5de928154e05891e8d16e62e6ca8

    SHA256

    7b4039cc3268295bb3f69849ce28d25fddf3eb743e4df26770c497f7aa7f1d18

    SHA512

    edeec0999d24bde432388cc2f9a8a962b06f5036093a916e2d1ca2386031f6bbceddb76f11a60926c8a7c445c0d96bb195d1881fb78312a0827352855e6e5dab

    Download Submit
  • memory/2400-2-0x000002211A780000-0x000002211A9F0000-memory.dmp
    Filesize

    2.4MB

    Download
  • memory/2400-12-0x000002211A760000-0x000002211A761000-memory.dmp
    Filesize

    4KB

    Download
  • memory/2400-13-0x000002211A780000-0x000002211A9F0000-memory.dmp
    Filesize

    2.4MB

    Download