4355ff63b7d79c659fa159a25f8f1d5d77ae0c2816f1e6e12241ef3e1d3a2443

Submit
Reports

Overview

overview

Static

static

LovelyCraf....1.zip

windows7-x64

LovelyCraf....1.zip

windows10-2004-x64

LovelyCraf...ly.dll

windows7-x64

LovelyCraf...ly.dll

windows10-2004-x64

LovelyCraf...ap.exe

windows7-x64

LovelyCraf...ap.exe

windows10-2004-x64

LovelyCraf...ources

windows7-x64

LovelyCraf...ources

windows10-2004-x64

LovelyCraf...s.json

windows7-x64

LovelyCraf...s.json

windows10-2004-x64

LovelyCraf...s.json

windows7-x64

LovelyCraf...s.json

windows10-2004-x64

LovelyCraf...on.txt

windows7-x64

LovelyCraf...on.txt

windows10-2004-x64

LovelyCraf...n.json

windows7-x64

LovelyCraf...n.json

windows10-2004-x64

LovelyCraf...on.txt

windows7-x64

LovelyCraf...on.txt

windows10-2004-x64

LovelyCraf...on.txt

windows7-x64

LovelyCraf...on.txt

windows10-2004-x64

LovelyCraf...nk.xml

windows7-x64

LovelyCraf...nk.xml

windows10-2004-x64

LovelyCraf...bundle

windows7-x64

LovelyCraf...bundle

windows10-2004-x64

LovelyCraf...bundle

windows7-x64

LovelyCraf...bundle

windows10-2004-x64

LovelyCraf...bundle

windows7-x64

LovelyCraf...bundle

windows10-2004-x64

LovelyCraf...bundle

windows7-x64

LovelyCraf...bundle

windows10-2004-x64

LovelyCraf...bundle

windows7-x64

LovelyCraf...bundle

windows10-2004-x64

Analysis

max time kernel
91s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
01-12-2024 18:46

Sharing

Copy URL

Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

LovelyCraftPistonTrap_Win64_v.0.1.zip

Resource

win7-20240903-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

LovelyCraftPistonTrap_Win64_v.0.1.zip

Resource

win10v2004-20241007-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral3

Sample

LovelyCraftPistonTrap Win64 v.0.1-175/GameAssembly.dll

Resource

win7-20241010-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral4

Sample

LovelyCraftPistonTrap Win64 v.0.1-175/GameAssembly.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

LovelyCraftPistonTrap Win64 v.0.1-175/LovelyCraftPistonTrap.exe

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral6

Sample

LovelyCraftPistonTrap Win64 v.0.1-175/LovelyCraftPistonTrap.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral7

Sample

LovelyCraftPistonTrap Win64 v.0.1-175/LovelyCraftPistonTrap_Data/Resources/unity default resources

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

LovelyCraftPistonTrap Win64 v.0.1-175/LovelyCraftPistonTrap_Data/Resources/unity default resources

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

LovelyCraftPistonTrap Win64 v.0.1-175/LovelyCraftPistonTrap_Data/RuntimeInitializeOnLoads.json

Resource

win7-20240903-en

discovery

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral10

Sample

LovelyCraftPistonTrap Win64 v.0.1-175/LovelyCraftPistonTrap_Data/RuntimeInitializeOnLoads.json

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral11

Sample

LovelyCraftPistonTrap Win64 v.0.1-175/LovelyCraftPistonTrap_Data/ScriptingAssemblies.json

Resource

win7-20241023-en

discovery

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral12

Sample

LovelyCraftPistonTrap Win64 v.0.1-175/LovelyCraftPistonTrap_Data/ScriptingAssemblies.json

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral13

Sample

LovelyCraftPistonTrap Win64 v.0.1-175/LovelyCraftPistonTrap_Data/StreamingAssets/Android_version.txt

Resource

win7-20240708-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

LovelyCraftPistonTrap Win64 v.0.1-175/LovelyCraftPistonTrap_Data/StreamingAssets/Android_version.txt

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

LovelyCraftPistonTrap Win64 v.0.1-175/LovelyCraftPistonTrap_Data/StreamingAssets/UnityServicesProjectConfiguration.json

Resource

win7-20240903-en

discovery

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral16

Sample

LovelyCraftPistonTrap Win64 v.0.1-175/LovelyCraftPistonTrap_Data/StreamingAssets/UnityServicesProjectConfiguration.json

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral17

Sample

LovelyCraftPistonTrap Win64 v.0.1-175/LovelyCraftPistonTrap_Data/StreamingAssets/WindowsEditor_version.txt

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

LovelyCraftPistonTrap Win64 v.0.1-175/LovelyCraftPistonTrap_Data/StreamingAssets/WindowsEditor_version.txt

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

LovelyCraftPistonTrap Win64 v.0.1-175/LovelyCraftPistonTrap_Data/StreamingAssets/WindowsPlayer_version.txt

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

LovelyCraftPistonTrap Win64 v.0.1-175/LovelyCraftPistonTrap_Data/StreamingAssets/WindowsPlayer_version.txt

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

LovelyCraftPistonTrap Win64 v.0.1-175/LovelyCraftPistonTrap_Data/StreamingAssets/aa/AddressablesLink/link.xml

Resource

win7-20240903-en

discovery

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral22

Sample

LovelyCraftPistonTrap Win64 v.0.1-175/LovelyCraftPistonTrap_Data/StreamingAssets/aa/AddressablesLink/link.xml

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

LovelyCraftPistonTrap Win64 v.0.1-175/LovelyCraftPistonTrap_Data/StreamingAssets/aa/StandaloneWindow.bundle

Resource

win7-20240708-en

discovery

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral24

Sample

LovelyCraftPistonTrap Win64 v.0.1-175/LovelyCraftPistonTrap_Data/StreamingAssets/aa/StandaloneWindow.bundle

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral25

Sample

LovelyCraftPistonTrap Win64 v.0.1-175/LovelyCraftPistonTrap_Data/StreamingAssets/aa/StandaloneWindow.bundle

Resource

win7-20240903-en

discovery

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral26

Sample

LovelyCraftPistonTrap Win64 v.0.1-175/LovelyCraftPistonTrap_Data/StreamingAssets/aa/StandaloneWindow.bundle

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral27

Sample

LovelyCraftPistonTrap Win64 v.0.1-175/LovelyCraftPistonTrap_Data/StreamingAssets/aa/StandaloneWindows64/fonts_assets_all.bundle

Resource

win7-20240729-en

discovery

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral28

Sample

LovelyCraftPistonTrap Win64 v.0.1-175/LovelyCraftPistonTrap_Data/StreamingAssets/aa/StandaloneWindows64/fonts_assets_all.bundle

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral29

Sample

LovelyCraftPistonTrap Win64 v.0.1-175/LovelyCraftPistonTrap_Data/StreamingAssets/aa/StandaloneWindow.bundle

Resource

win7-20241010-en

discovery

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral30

Sample

LovelyCraftPistonTrap Win64 v.0.1-175/LovelyCraftPistonTrap_Data/StreamingAssets/aa/StandaloneWindow.bundle

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral31

Sample

LovelyCraftPistonTrap Win64 v.0.1-175/LovelyCraftPistonTrap_Data/StreamingAssets/aa/StandaloneWindow.bundle

Resource

win7-20240903-en

discovery

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral32

Sample

LovelyCraftPistonTrap Win64 v.0.1-175/LovelyCraftPistonTrap_Data/StreamingAssets/aa/StandaloneWindow.bundle

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Report Analysis Logs

General

Target

LovelyCraftPistonTrap_Win64_v.0.1.zip
Size

96.7MB
MD5

9c0382e7ffb95e1368cbb001d7e2f2ea
SHA1

3772667c6e327504b30b5abb2d129d60577ade43
SHA256

4355ff63b7d79c659fa159a25f8f1d5d77ae0c2816f1e6e12241ef3e1d3a2443
SHA512

6adb174c37ba9910d53074ec0136c180e8b86e62a76d35df65188ab2068641d9ab60458d8c8be24d6ba407b339909bae0ab4bb8fba90ba2f30acd1a4c28a0bbc
SSDEEP

3145728:uIS8wrHUXPME/MhBoxnQA8H9JflfJGBwpg1Hx9U+dmQ:w8UUfME/MboxwdJflheHsdQ

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: SeRestorePrivilege	3464	7zFM.exe
Token: 35	3464	7zFM.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
3464	7zFM.exe

Processes

C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\LovelyCraftPistonTrap_Win64_v.0.1.zip"
1⤵
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
PID:3464

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads