Analysis Overview
SHA256
85e23a429634048a2e9addc808914c1c43083083f5e21f2bf3c39c49e5af38b5
Threat Level: No (potentially) malicious behavior was detected
The file appleskin-fabric-mc1.20.1-2.5.1.jar was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-10-20 17:23
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-10-20 17:23
Reported
2024-10-20 17:26
Platform
win11-20240802-en
Max time kernel
82s
Max time network
85s
Command Line
Signatures
Processes
C:\Program Files (x86)\Common Files\Oracle\Java\javapath\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\appleskin-fabric-mc1.20.1-2.5.1.jar
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
Network
| Country | Destination | Domain | Proto |
| GB | 104.86.110.96:443 | tcp | |
| GB | 92.123.128.194:443 | r.bing.com | tcp |
| GB | 92.123.128.194:443 | r.bing.com | tcp |
| GB | 92.123.128.194:443 | r.bing.com | tcp |
| GB | 92.123.128.194:443 | r.bing.com | tcp |
| GB | 92.123.128.194:443 | r.bing.com | tcp |
| GB | 92.123.128.194:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
Files
memory/4720-2-0x000001FC9D290000-0x000001FC9D500000-memory.dmp
memory/4720-11-0x000001FC9B970000-0x000001FC9B971000-memory.dmp
memory/4720-12-0x000001FC9D290000-0x000001FC9D500000-memory.dmp