Overview

overview

10

Static

static

10

Nursultan ...er.exe

windows7-x64

10

Nursultan ...er.exe

windows10-2004-x64

10

Nursultan ...pp.dll

windows7-x64

1

Nursultan ...pp.dll

windows10-2004-x64

1

Nursultan ....2.jar

windows7-x64

1

Nursultan ....2.jar

windows10-2004-x64

1

Nursultan ...32.dll

windows7-x64

3

Nursultan ...32.dll

windows10-2004-x64

3

Nursultan ...64.dll

windows7-x64

1

Nursultan ...64.dll

windows10-2004-x64

1

Nursultan ...64.dll

windows7-x64

3

Nursultan ...64.dll

windows10-2004-x64

1

Nursultan ...86.dll

windows7-x64

3

Nursultan ...86.dll

windows10-2004-x64

3

Nursultan ...x8.dll

windows7-x64

3

Nursultan ...x8.dll

windows10-2004-x64

3

Nursultan ...64.dll

windows7-x64

1

Nursultan ...64.dll

windows10-2004-x64

1

Nursultan ...aw.dll

windows7-x64

3

Nursultan ...aw.dll

windows10-2004-x64

3

Nursultan ...64.dll

windows7-x64

1

Nursultan ...64.dll

windows10-2004-x64

1

Nursultan ...ab.dll

windows7-x64

3

Nursultan ...ab.dll

windows10-2004-x64

3

Nursultan ...gl.dll

windows7-x64

3

Nursultan ...gl.dll

windows10-2004-x64

3

Nursultan ...64.dll

windows7-x64

1

Nursultan ...64.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    13s
  • max time network
    18s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    06/03/2025, 14:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Nursultan 1.12.2-1.16.5 Crack/java/natives/jinput-raw.dll

  • Size

    58KB

  • MD5

    0862d141de8b4dd93ac55cd4a1a78b69

  • SHA1

    4d982f408e815519c2289cd720c78338392a9887

  • SHA256

    0a8c0b47e173453bd92da224f73a6aff35b07c2db315abaf33e68edbdb147971

  • SHA512

    c070516f902082c3eda3f19fab6d6a6998442664f1b25d5d4c2229c03b7cac1a2a41d78b98474dfde3514bc206f5fb92e1949627e3e64052e0ed880e3f6a52ad

  • SSDEEP

    768:YxAM8x3LQmQhccHXx+LHfFCxMJvI/+q9c6LTZsTUkwS9/FE5HBXTWoJCRX:tDI3+jFWTLTiUknG5NT9JMX

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Nursultan 1.12.2-1.16.5 Crack\java\natives\jinput-raw.dll",#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2536
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Nursultan 1.12.2-1.16.5 Crack\java\natives\jinput-raw.dll",#1
      2⤵
      • System Location Discovery: System Language Discovery
      PID:2304

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads