Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

MinecraftOnly.exe

windows7-x64

3

MinecraftOnly.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    01/10/2024, 20:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    MinecraftOnly.exe

  • Size

    122KB

  • MD5

    6cb71501e49ec5869f32a71de6aeffa9

  • SHA1

    09dfbc52803b0e9d5e70bb7cf5aa5ece156912fd

  • SHA256

    b278381a97cfea52a408b9aae69e5c70aad3ed6dba8489783defcb6b9dead0d2

  • SHA512

    cda1c94d11edf769f81b8a0d02e2e2c12c699c7e4a31d795f2829cb0f0f70b85e5f0ce39757e5945e61920f374411f7f1c9af730d32ae0537112541b8ca4873d

  • SSDEEP

    3072:QAmiILynqeAT4EQst6Rdl25MdCXbwcPH:Ei2rH48t6k5GCMg

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 62 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\MinecraftOnly.exe
    "C:\Users\Admin\AppData\Local\Temp\MinecraftOnly.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of WriteProcessMemory
    PID:2512
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://java.com/ru/download/manual.jsp
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:348
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:348 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2548

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    914B

    MD5

    e4a68ac854ac5242460afd72481b2a44

    SHA1

    df3c24f9bfd666761b268073fe06d1cc8d4f82a4

    SHA256

    cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

    SHA512

    5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
    Filesize

    252B

    MD5

    8da3f9d720ca185124adcc4d6b4d241c

    SHA1

    84e0247bd75e89c1fad0f2b8d51e360b37fc0c83

    SHA256

    8e94ba099f173ad560b02a588296925e0626c4bdb92920a6ece06be11eb426eb

    SHA512

    a7cc8380d568310c87b922a4ad1a6b70e4b27476de68f00655b72b4ebe35ec220d6b5f057c4c6deabb8ef199418ce2d300589a07b02adbecd01efc806ffdf0bf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e4855ba22137dbba6074351340388675

    SHA1

    79746268ca1761ea9e2198dee3b829ba4322a3fb

    SHA256

    e5293fadc06e865e58e390acac7f3587d326c6f47aa69315966257537338b4c9

    SHA512

    54e198dabac6d8537b49b58b33c1f1c97fa6e000341ef34dde9d19df9e79d4b9d910c4ec64a2fd9b82cf76c21184eb66fa5922a75cecfb164db2a45d14febae7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b86659cc4f3f438a266c90c8d8412f68

    SHA1

    b62afcb545d63a77474f89499631f7279151af31

    SHA256

    9502f542bc69d4bd0511f490f234f0da6bdbc3a1bf27adeb411412f7a8801976

    SHA512

    57c338e30bdfa8a0cf947c666b9624677002c258447fc6fe6b19b2fc909cee7180e9684a56b4d32043d4e527dc1ac480aa564ce7ada26525f96b3f1367fc0384

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    dcc36b9312bb14ac5a235bbdb007fbbf

    SHA1

    a6f0f3ed9777db0320214da39b3413a4755c236f

    SHA256

    1c0c03ec6cbe67cf33d847195704d211766ad6d621e87f93003660dc27c58f70

    SHA512

    e3f08c423e2b912bae034d80d615194bc7c8fbd28e4425cd489e91cd69d3b226383c74214554ab1eea1636f82aee77793dc6d07057c4ea37c6c910d6a0e6253d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a72bfc2ad53c02fd102569986fa398d6

    SHA1

    d0035e625efba822fc4362c72c42406873e5cfc7

    SHA256

    114dd0fcee6ed3abc507209f3d2c07d1660e6289594c1101a2464ade46c0b6b0

    SHA512

    be5815c3306a9fa39b4c1f1be9bbc1a02e494ac8c3e616866aeb0fb5383c3f29ff804145f0e19c1c9a6606ca4f413271c5297292fa8ff67a4713efc815a551e2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a46009cd55d29e04f0adef008943901e

    SHA1

    61873eabc38eaebc95bf884054422b7f3d819d64

    SHA256

    dbac00d8300a4f0ed346e090d8560a3489e32653a5d8b5a318f47ec62d19bc40

    SHA512

    1a79876a837b7ae219527909c97b04280f80248896466086f6a24d91199454adf9b6afd57ed2b9d0521a8a3f18141e8bbe981c26daddf20dfbae67403283a9b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6eb63eb946f7c551a23960da8afba5cd

    SHA1

    38e4e42251633a04e1a3f9ed6b07b4307114b740

    SHA256

    6a767665de56673967ee6da561ee9762d1a72291478416709c0556bf88ccf6fc

    SHA512

    e417c8320610114f0b586ff007ac35300688d7ab01889b7da4fdf57656f34591d66a56299a4550028d06dc70dbbfa688fd038d8ce06a57ec4a5f19ad1b4a0aa9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    671f6abeefecec2a61b859ffaa778721

    SHA1

    ed4cb6f339d1c17a490704d3c2500636a3578471

    SHA256

    a56a1957e9a7cb61392a0d7e2fc103e8de16d4bad61ab64bbc735d3fd4c6704d

    SHA512

    0493bce1bf46bf0b966d760957cc8ad3d9a30b99fa04f4ce94a152983e0c93b1dd296d6c6f8f89735651fe09d9540f1106a894ced8b91b03a51dd39d86f23aeb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b1242e7f161eedd27f80db7309a6c79d

    SHA1

    0c4446fb3ee8851408d833ac67163062ecf178cd

    SHA256

    978804d5afc1750745e6bfb99615cf55c1e96bf762b9836dcb376e290ec8b934

    SHA512

    9e5bc7a77785ccd164e39c9768b8dceba717d76151aada664faff06a3071d1d002572f273b664013ab66020ceb9c99754581cf202d4e4a26bae06b988208c33d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b9d645520438dd85c71d967a60167de6

    SHA1

    aedb593fe428205e6929bb4cae436e1cac938fd3

    SHA256

    dc98684b3852a3d9464ec1fceb5a33ae37d95d46f5a7d797f1b83be257e59ab0

    SHA512

    1684ff10dcd9bd393cf0c93cb68f43be1df0ac63dd45e06af90fa78fea80bf2c187569a6d68aa6635da6a71fc70b9a72a5a28980fb20976a248d721297e1e0fb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4a22919239d7f14d87cc2dc6e5d1be59

    SHA1

    d24cf2b467a37493fe14454e4cd2b876cbbd8c9f

    SHA256

    b58262317011878a8a46675c8cf289925c6d030f9418203b047c60c0b926efb9

    SHA512

    dc7b1366147da00b9f67da127fdf95419ea1232aa1285e19d2ad1a8b6e0a3f9369ab086c8d8aa490ebaa4fe805d47487bfe595896f59a171d19fe6002e4fedfa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6845990bee565a5a8d084d2cb081efae

    SHA1

    4c490272cbdb525cce72935f079b8e917155982e

    SHA256

    f244f5adea2b81eb14e894f1fd764ce0890bbe9b8a5ed2869a7dd412cdf8496d

    SHA512

    be86bd801de312e7ae2b46833b82983151583979a12db30a45be988c6be05928c6f420ad7beef9d1a63f302001a78ef18c1f9ef66869d1d5bde84ce5ab832a30

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    933ba0a7bb09ac1eb83e3b7a39f56aaf

    SHA1

    29c6c93fb227a547697e63b0f4771bb1175fdaad

    SHA256

    0f7bee8ca6f24d7d040cbd8328db2c740237656307752e6b3464ee2e73c4654e

    SHA512

    c20b7c7b62a93551dea40f358212528d3ae5c6ad11201131941ef7280a29e01ce4aee8ce3912dd92ff1212515d788c187656d9bf179968fcef6836d26a4aa000

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    987544243a232cb17fd5231a351cdf63

    SHA1

    b0774a7465a5854080a3979c3fa489bb11ab4209

    SHA256

    715094637429bbb34996fb5229d9b156edf67a4bfbc513f9fbe88dcd9d5fe1c3

    SHA512

    d3b8a2a18abb260307d794176cb1dd638b2fe5b56dc69b5aa6b44e0995fecdf0c7f1a1fe94b6e02246fbb4a5f496fe6d65856dc96d49343958bc9bf72746c7a9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b5cbf29bdc32ecc3df7a88358b799766

    SHA1

    fc6cf0e511f3df5f32f3a273fa05b0e2594d0462

    SHA256

    10578707c03b71b427220029458982477fc3a6ddd91827f295926360fa480ebf

    SHA512

    a37fb9400081f04200db0023ff7120c794cbdcdde3890d0d23d736e1f301b0b2732d668375410d52a529a393484ec0ce9a28304ab8472f7e474d8c408844edbb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    67e9e7b999cee2b7dd03b304d48f10c5

    SHA1

    fe14b94e183dbfc970efe92d648f53688aef4a02

    SHA256

    cfd99ce774139aac18c893c95eee5787fe48a4eedab10c182ba52ea30a1d81d8

    SHA512

    648dd3c453f122b6151ea6f8660f1f3767aef2d2d79a2d1a88f171c6bbb5e73bf405802f3bd5ad09ffbf8d36800f8e989305bc8d096fb81dca060670f5a3d508

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ba19d1e273503a488fd2b83b5f6a2395

    SHA1

    1e964c6ae25993b28bdd0eb9633997a6255d3230

    SHA256

    7a9d64c8ee2e588568442ad17c48426200702dc268738013c8fdf6d0816c560c

    SHA512

    49b33c3f2df5dbd7abe6369f504b930d56287488a91e30cec5553f66ef7e22e364f0737ca7dc23301889fa0a33953d6e9354939495d568824c027c40215e9c75

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    4692a2d13fd3dd0871d39a5c63d364f6

    SHA1

    9d7d96dd31c9f370de8ca2aa10112840e5e00824

    SHA256

    d10bbdfb3bc36a8b01cb6db2a14ba38f3fd4fb3cf146b050fcaa9d0fb0a3bf16

    SHA512

    37ac145023884fb08f07f4895cd64b4533801476deefb8b6c4d0353056fff4a97eeffdc96d484b72f03d658c2cea199be31fad83713921b4e4a11124b6549073

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\442G1O6E\www.java[1].xml
    Filesize

    215B

    MD5

    002367cab59dd0817a9a32c5eb7be405

    SHA1

    54f54b703c3bbbc55b855fe881a5a96ecd848e1f

    SHA256

    1bb8cb0a12ea6df66f72280dd839862c27c536a58daf0d02f9eb2d1f624aa4df

    SHA512

    5a37c1ba303219af96d3d999f789a93cb0838b6d468574a3043205ff66c5a32f68c6b93a1df8d79187f0de256d28a4f363acd079b89f9f65c6f5b51116040020

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\442G1O6E\www.java[1].xml
    Filesize

    397B

    MD5

    f8a39364f588f6a96d6d6d73bf52ccf1

    SHA1

    afc88cbe80e1e6115765a93b1ef0c4588d4565cf

    SHA256

    9d3d11fb69a034d48d49c1c83c36ca1b6ced8349c953b0d0211b4a5def19a726

    SHA512

    567bba066eac707d5dd5aa312e22aa50d8c683a8d2d379a68ddf6761657704f9b206b80921110b0039d2b9d9c8e18e8ece1d23c33fe27687fa43af63ce3c1c6e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\442G1O6E\www.java[1].xml
    Filesize

    13B

    MD5

    c1ddea3ef6bbef3e7060a1a9ad89e4c5

    SHA1

    35e3224fcbd3e1af306f2b6a2c6bbea9b0867966

    SHA256

    b71e4d17274636b97179ba2d97c742735b6510eb54f22893d3a2daff2ceb28db

    SHA512

    6be8cec7c862afae5b37aa32dc5bb45912881a3276606da41bf808a4ef92c318b355e616bf45a257b995520d72b7c08752c0be445dceade5cf79f73480910fed

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\gsz3hkd\imagestore.dat
    Filesize

    1KB

    MD5

    8c87f9ff3cd599281915c48e5f9453dc

    SHA1

    381cbff7c38928a78c4e36797641cb5b9ae73a5d

    SHA256

    7c8de87fd3d9f45c2ae91d80cd8c538b4ad1662f75b71563ca93d5c830db210e

    SHA512

    0274dd445140a2d558d91f5b14928558ed2d215fec5d8a55492ca1f9f7fb40e1c37feffa0d402c42e17474b2ee587effa64c343e510d79cf12cbb07b95178a3e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K3VL8XEP\favicon[1].ico
    Filesize

    1KB

    MD5

    8e39f067cc4f41898ef342843171d58a

    SHA1

    ab19e81ce8ccb35b81bf2600d85c659e78e5c880

    SHA256

    872bad18b566b0833d6b496477daab46763cf8bdec342d34ac310c3ac045cefd

    SHA512

    47cd7f4ce8fcf0fc56b6ffe50450c8c5f71e3c379ecfcfd488d904d85ed90b4a8dafa335d0e9ca92e85b02b7111c9d75205d12073253eed681868e2a46c64890

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabC478.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE87F.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • memory/2512-0-0x0000000000400000-0x0000000000417000-memory.dmp

    Filesize

    92KB

    Download