Cryptam // document analysis


Sample Details

original filename: minecraft_server.jar-Minecraft-1.5.2-Redstone-Update-0.zip

size: 3245604 bytes
submitted: 2017-05-14 23:52:01
md5: 37c38acf05afb2114ee08015012d5266
sha1: 38fa561d7c40bd1f09dd0ec0a3e694c2eacc5565
sha256: c0797594f222216e4a34cc347ad95a05cd0fe4c7d617fea8a14369b6f426596d
ssdeep: 49152:Q8kAY4K8hWtJ/RrAJGBJw8wb2S5QLDIJuJCS2Lautdb1vZkGgA63hh+dXeyc:Q9N4xyvw8S2S5eD0vaurCA63q0
content/type: Zip archive data, at least v2.0 to extract
analysis time: 0.00 s
result: malware [160]
embedded file objects: yes
embedded executable: found

signature hits:

embedded.file minecraft_server.jar-Minecraft-1.5.2-Redstone-Update.exe 26c9456153a61c354a47496c272fb146
minecraft_server.jar-Minecraft-1.5.2-Redstone-Update.exe.80: string.This program must be run under Win32
minecraft_server.jar-Minecraft-1.5.2-Redstone-Update.exe.72432: string.LoadLibraryA
minecraft_server.jar-Minecraft-1.5.2-Redstone-Update.exe.1377264: string.GetModuleHandleA
minecraft_server.jar-Minecraft-1.5.2-Redstone-Update.exe.2530036: string.GetCommandLineA
minecraft_server.jar-Minecraft-1.5.2-Redstone-Update.exe.138962: string.GetSystemMetrics
minecraft_server.jar-Minecraft-1.5.2-Redstone-Update.exe.79002: string.GetProcAddress
minecraft_server.jar-Minecraft-1.5.2-Redstone-Update.exe.1543968: string.CreateProcessA
minecraft_server.jar-Minecraft-1.5.2-Redstone-Update.exe.124792: string.EnterCriticalSection
minecraft_server.jar-Minecraft-1.5.2-Redstone-Update.exe.105456: string.CloseHandle
minecraft_server.jar-Minecraft-1.5.2-Redstone-Update.exe.81634: string.CreateFileA
minecraft_server.jar-Minecraft-1.5.2-Redstone-Update.exe.83868: string.RegOpenKeyExA
minecraft_server.jar-Minecraft-1.5.2-Redstone-Update.exe.3143470: string.RegDeleteKeyA
minecraft_server.jar-Minecraft-1.5.2-Redstone-Update.exe.85222: string.user32.dll
minecraft_server.jar-Minecraft-1.5.2-Redstone-Update.exe.2528164: string.shell32.dll
minecraft_server.jar-Minecraft-1.5.2-Redstone-Update.exe.139464: string.ExitProcess
minecraft_server.jar-Minecraft-1.5.2-Redstone-Update.exe.1375272: string.CreateWindowExA


Strings

raw strings

Dropped Files

minecraft_server.jar-Minecraft-1.5.2-Redstone-Update.exe at zip
md5: 26c9456153a61c354a47496c272fb146
sha1: 597e19fed2d6fd8f7d6501a43eb4a5acf519e7ba
sha256: ab0d2778cdfd1daacda04122503daedc31358498272552f4809861f14319dbbe
view strings