Overview

overview

8

Static

static

1

Eaglercraf...d.html

windows10-ltsc 2021-x64

8

Eaglercraf...d.html

windows11-21h2-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    EaglercraftX_1.8_u40_Offline_Signed.html

  • Size

    17.4MB

  • Sample

    250107-zlt69sznan

  • MD5

    58830af4cc8ab5a99282a32a566a968a

  • SHA1

    ad5e73cbbaec3b5f8e60b6620ac88e0e8ccb569f

  • SHA256

    a62dfd1bb7465e6eafbbe5e005368ffe656765bfb168ffde82654183e9335d67

  • SHA512

    9c364e43541bcb108bf427993df714a952ad2f877f551048a02225926c3fa06580c5d436aaab1eea1ea279334c17c0c514001acd277e630f582c981c9d5ab19d

  • SSDEEP

    49152:oifpWP5TD8gMEjr6mFwyf6ECFeCvgYrx9Z0Zax3T08oo1lAgUMc14cLywnjxKbSg:7

Score
8/10
steamdefense_evasiondiscoverypersistencephishing

Malware Config

Targets

    • Target

      EaglercraftX_1.8_u40_Offline_Signed.html

    • Size

      17.4MB

    • MD5

      58830af4cc8ab5a99282a32a566a968a

    • SHA1

      ad5e73cbbaec3b5f8e60b6620ac88e0e8ccb569f

    • SHA256

      a62dfd1bb7465e6eafbbe5e005368ffe656765bfb168ffde82654183e9335d67

    • SHA512

      9c364e43541bcb108bf427993df714a952ad2f877f551048a02225926c3fa06580c5d436aaab1eea1ea279334c17c0c514001acd277e630f582c981c9d5ab19d

    • SSDEEP

      49152:oifpWP5TD8gMEjr6mFwyf6ECFeCvgYrx9Z0Zax3T08oo1lAgUMc14cLywnjxKbSg:7

    Score
    8/10
    steamdefense_evasiondiscoverypersistencephishing

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Detected potential entity reuse from brand STEAM.

      phishingsteam
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks