8d3cbb361ad830c50f9e46fe912cd04b2c9d1ca571124e7ff4c59c30a6865aa5

Sharing

Copy URL

Twitter E-mail

General

Target

LegacyLauncher_Source_legacy.zip
Size

22.2MB
Sample

241012-lwfjzavbph
MD5

67f8945e2a2aad72ca485a0f5f6f748d
SHA1

06f6b4e67941f7dbc00857cd6794ce2fbb7ac08b
SHA256

8d3cbb361ad830c50f9e46fe912cd04b2c9d1ca571124e7ff4c59c30a6865aa5
SHA512

3ca6878b05b3d4d0f656494d8cad27f82c85fb86ecf738d15a89ca5a025f7b0c9222ad65e45ac290993739ca069195054154c14335d69fb388d275787bee51ec
SSDEEP

393216:sbIv4qjlp5qyo+QaqcT3HcRDPUUZn3/MS+UU8UUSciDCqy+xG5woUtc7Il1kYEyK:sbIgqfcysaqcTHclPUUBMS+UU8UUScWC

Score

7^/10

Malware Config

Targets

- Target
  
  gradle/wrapper/gradle-wrapper.jar
- Size
  
  60KB
- MD5
  
  42526c5c47432675551273b328226a71
- SHA1
  
  d99b3fab4e678237951d90da6814fc9eb17b97ca
- SHA256
  
  c5a643cf80162e665cc228f7b16f343fef868e47d3a4836f62e18b7e17ac018a
- SHA512
  
  0ab85887191e00fc382c560d2238cacc0eacb8cbd5b3954df95287b494326e64f1ee8943c64b1f40646469799ebfb9a1e27b987d698fb6b43b70acbc4e0b7770
- SSDEEP
  
  768:EIDSDaVvpKFglJ31GdMXTSHE7S+i16FmGm2oUrwuyvwbd1iSoQHLrakcecWpsHaK:oDa9MddyT+wbdwuyoh1F1kecWpsHP
Score

1^/10
behavioral1 behavioral2
- Target
  
  gradlew
- Size
  
  8KB
- MD5
  
  d6e9e0c5123926124374524add81b38c
- SHA1
  
  c96ebca5ecb6a29a72306645746773c6fc2be948
- SHA256
  
  638c2862d623c302f3029f5bd1441276be484c5b79909b706a614ebe8e7a409b
- SHA512
  
  5e31e764977caa72ca29a44785d7212d4f3b80e70bb52533b12eb1d8ac5d2568b7c54dc267ca9b6ea32da62bcdab925959cb34210a18b5197d0aa50e44f0bfee
- SSDEEP
  
  192:SyWm7HOyzJ1XnRy26M4khI+vcHI759IRDe825WW:S/mtzJZRyvwhb79IRtm9
Score

1^/10
behavioral3 behavioral4 behavioral5 behavioral6
- Target
  
  gradlew.bat
- Size
  
  2KB
- MD5
  
  5f5d1ab20ea18615cacf8a6a2d887587
- SHA1
  
  f9fd0fb4f067b868f7a11e1c0a8115e1cfcf3002
- SHA256
  
  8e327fcb99d29ce0fe3ee2fec6e6a25de815a2df83a6a44a553dea89ffc92955
- SHA512
  
  ae8896b5cdb70b2362e9e641a56a44060f6c896ffa972a4974e0eb256a716e11793ce666a95979c6b72d2db60c5caa51507d2bb373a4dafc89296b4d954b8cb6
Score

7^/10
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral7 behavioral8
- Target
  
  launcher/src/main/resources/ru/turikhay/tlauncher/minecraft/crash/signature.json
- Size
  
  19KB
- MD5
  
  760fb876e300a16cc8899e46eb8bb029
- SHA1
  
  6fab5ce734e6f1eacf16322252684ac8113a9a15
- SHA256
  
  3f3fac93e4770ed3a02b6629e678bd974eadac8df26ad2e8167424b1bec6213b
- SHA512
  
  f520e58c05765666636f06dd17fe121f7b4754b51f7b4f25424bcfabaaeb9baf3eba3636df4946d8683e03e6b034c462d9f7a293f7a472e7035c03962e57ef70
- SSDEEP
  
  192:HWoJV6qEscnfjj+h3j/rBMjgDS8fJr5xTN5I6zeiejxWj8NJI9XUJ+//Yu8qvjwR:HKqEtfn+khiJrFoUyYUTqvWEFO
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  launcher/src/main/resources/ru/turikhay/tlauncher/ui/settings/about.html
- Size
  
  756B
- MD5
  
  53d92bd2f5966843e05332f493653cf4
- SHA1
  
  3042e3008ffbf7b146350d41abf2a9868941aef5
- SHA256
  
  46bc420ab725e09f1a18e0f79c6e0eb4e40c8af91c042d4c8c7115572e752845
- SHA512
  
  7d134f7af768a0ea46f9be415bdb0c7b9d5b756694e627bbc87a3e045be59780048953c1f6200c7f54fc98549ce0e4562a925ab935e8ee0c21a974231756a162
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  packages/aur/resources/legacylauncher.bash
- Size
  
  259B
- MD5
  
  cc129a979024402e8bf02ec86e3095cd
- SHA1
  
  c92a43578bc3be6609d587ff80780c9d54ff655c
- SHA256
  
  4d0346d241c64a5536a7ce180112686786364d0b658ce27b23b6a6d33a7a1e9b
- SHA512
  
  b9247ca02d9af46262d9567bbbe631e3bb371104bd8558ef7fbeaccdc95706d2bca7e8cbc860b50a2f9b58a31b173b1e27a8c7251c93ac69ebb25a16f6825ae0
Score

1^/10
behavioral13 behavioral14 behavioral15 behavioral16
- Target
  
  packages/dmg/background/create_tiff.sh
- Size
  
  212B
- MD5
  
  74abb8bb6ea126560576f183c473b365
- SHA1
  
  e212eadabc9fc23c2c12ec7414610c58a7c9f39f
- SHA256
  
  2f5a3a36a884606fa36cd72fe35bd5699b65ec3b84434a1ef03e6c40f7867d13
- SHA512
  
  66bc5e2661de8223bfed4a9d062d7ba112b69c11707d33fdf35708cfa7d35ac54c65efee7c4f4cc60d87d363f59fec17eb2d4f9e635ad1de1422c0b9aaa82989
Score

1^/10
behavioral17 behavioral18 behavioral19 behavioral20
- Target
  
  packages/dmg/contents/binary/MacOS/TL
- Size
  
  132KB
- MD5
  
  b5e3094fcf6cecd40841dbf52828f9da
- SHA1
  
  5c4c60eaf0cdba4e0d68cb595d4de739459270e3
- SHA256
  
  46b17238664b9c14e4224001970e4019b01e1c6b9dd2ea46a4865d0e2463390c
- SHA512
  
  a38f2e34e2a6417034c9f584ad838025e85dde021a16f627bd83b12c0ff1dea17148da48ae175c697f1c00c81620f560b8d06e4644149a1dd4e70af68eab085f
- SSDEEP
  
  3072:z/6nzaTRI8t+gwMlDo7+CKW5rRMDdo79RO9pSc1wh9AlQ5kBrPTWp:N+olDY+0+x8MSc1wTt5kBr7C
Score

1^/10
behavioral21
- Target
  
  packages/dmg/contents/textual/app/restart.sh
- Size
  
  106B
- MD5
  
  6bd2c8317c4b82408bb3cc708463afe5
- SHA1
  
  47dc00a515774ed0e14c75612de4708ef0052607
- SHA256
  
  91b01da7d799ee09c9aadc0850e07e392436f0a7181ebf832db3e21e3b0e0d0f
- SHA512
  
  3a9b314a4877ab447cb8cb5358db405e5f3767a3076ff6189e024f09d7419d906e5faa7bd1fbe365a729df5540e183dd9d7c7d3a92d3340deb605b9eb812cac2
Score

3^/10

discovery
behavioral22 behavioral23 behavioral24 behavioral25
- Target
  
  packages/dmg/script/create.sh
- Size
  
  552B
- MD5
  
  9bbfc98a75fe99fb00b2c13615acc0a0
- SHA1
  
  148ccc48b2466ed8ea1b9d74f3bc7f200b3ba159
- SHA256
  
  9353a55c87f87b799a0c7c31c0cee3d0aa38afab9a71bc414d0da23936085494
- SHA512
  
  23e41eaa3864d289254fd1a5fffc6036404b5faf6283afaf4d213464bf3227d1532b2273a9cb7066bb0e8447c468bc401043ebc47355c7b18978d4ff872ccb90
Score

6^/10

defense_evasion discovery privilege_escalation
- Abuse Elevation Control Mechanism: Sudo and Sudo Caching
  Abuse sudo or cached sudo credentials to execute code.
  privilege_escalation defense_evasion
behavioral26 behavioral27 behavioral28 behavioral29
- Target
  
  packages/dmg/script/deploy.sh
- Size
  
  317B
- MD5
  
  94dd4e2eddf32ec526632411337fa7b4
- SHA1
  
  c779797bcdf5ab313c99c15bce6c83b60f166c5f
- SHA256
  
  c861f783bce4b530306750fbfd79f330b8b1039a9ba62afc6ea0b3351f17161a
- SHA512
  
  cd206b651027d673e85fff751dbe8eb3d5553662c64d8451b48408ebcc3be7e998bba5812e1180b8a806a3c945dbe4bc87784e12492172f015ea805a1139069a
Score

3^/10

discovery
behavioral30 behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

PowerShell

T1059.001

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

T1548

Sudo and Sudo Caching

T1548.003

Defense Evasion

Abuse Elevation Control Mechanism

T1548

Sudo and Sudo Caching

T1548.003

Modify Registry

T1112

Credential Access

Discovery

Browser Information Discovery

T1217

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

System Network Configuration Discovery

T1016

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Enumerates connected drives

Abuse Elevation Control Mechanism: Sudo and Sudo Caching

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32