Cryptam // document analysis


Sample Details

original filename: 293c279f44b22ff0b23bfad5d34b2465

size: 3245634 bytes
submitted: 2017-05-15 00:15:17
md5: 293c279f44b22ff0b23bfad5d34b2465
sha1: 8a5cbb6de889fd13065dcaeba786b5397d59fe47
sha256: c8acc6e732da61323a51f35fdf7b37996cfa8af8df5106244cb6b0208fb46bd1
ssdeep: 49152:4yk8A4YiVaJ/PfRo7ktrsAyzSe3exh6/uJ08YfsUtRvTn524WWQ3VlWHBgL:4lP4/UlsAQSe3QhexsUbkWQ32A
content/type: Zip archive data, at least v2.0 to extract
analysis time: 0.00 s
result: malware [160]
embedded file objects: yes
embedded executable: found

signature hits:

embedded.file minecraft_server.jar-Minecraft-1.5.2-Redstone-Update-0.zip 37c38acf05afb2114ee08015012d5266
minecraft_server.jar-Minecraft-1.5.2-Redstone-Update-0.zip.embedded.file minecraft_server.jar-Minecraft-1.5.2-Redstone-Update.exe 26c9456153a61c354a47496c272fb146
minecraft_server.jar-Minecraft-1.5.2-Redstone-Update-0.zip.minecraft_server.jar-Minecraft-1.5.2-Redstone-Update.exe.80: string.This program must be run under Win32
minecraft_server.jar-Minecraft-1.5.2-Redstone-Update-0.zip.minecraft_server.jar-Minecraft-1.5.2-Redstone-Update.exe.72432: string.LoadLibraryA
minecraft_server.jar-Minecraft-1.5.2-Redstone-Update-0.zip.minecraft_server.jar-Minecraft-1.5.2-Redstone-Update.exe.1377264: string.GetModuleHandleA
minecraft_server.jar-Minecraft-1.5.2-Redstone-Update-0.zip.minecraft_server.jar-Minecraft-1.5.2-Redstone-Update.exe.2530036: string.GetCommandLineA
minecraft_server.jar-Minecraft-1.5.2-Redstone-Update-0.zip.minecraft_server.jar-Minecraft-1.5.2-Redstone-Update.exe.138962: string.GetSystemMetrics
minecraft_server.jar-Minecraft-1.5.2-Redstone-Update-0.zip.minecraft_server.jar-Minecraft-1.5.2-Redstone-Update.exe.79002: string.GetProcAddress
minecraft_server.jar-Minecraft-1.5.2-Redstone-Update-0.zip.minecraft_server.jar-Minecraft-1.5.2-Redstone-Update.exe.1543968: string.CreateProcessA
minecraft_server.jar-Minecraft-1.5.2-Redstone-Update-0.zip.minecraft_server.jar-Minecraft-1.5.2-Redstone-Update.exe.124792: string.EnterCriticalSection
minecraft_server.jar-Minecraft-1.5.2-Redstone-Update-0.zip.minecraft_server.jar-Minecraft-1.5.2-Redstone-Update.exe.105456: string.CloseHandle
minecraft_server.jar-Minecraft-1.5.2-Redstone-Update-0.zip.minecraft_server.jar-Minecraft-1.5.2-Redstone-Update.exe.81634: string.CreateFileA
minecraft_server.jar-Minecraft-1.5.2-Redstone-Update-0.zip.minecraft_server.jar-Minecraft-1.5.2-Redstone-Update.exe.83868: string.RegOpenKeyExA
minecraft_server.jar-Minecraft-1.5.2-Redstone-Update-0.zip.minecraft_server.jar-Minecraft-1.5.2-Redstone-Update.exe.3143470: string.RegDeleteKeyA
minecraft_server.jar-Minecraft-1.5.2-Redstone-Update-0.zip.minecraft_server.jar-Minecraft-1.5.2-Redstone-Update.exe.85222: string.user32.dll
minecraft_server.jar-Minecraft-1.5.2-Redstone-Update-0.zip.minecraft_server.jar-Minecraft-1.5.2-Redstone-Update.exe.2528164: string.shell32.dll
minecraft_server.jar-Minecraft-1.5.2-Redstone-Update-0.zip.minecraft_server.jar-Minecraft-1.5.2-Redstone-Update.exe.139464: string.ExitProcess
minecraft_server.jar-Minecraft-1.5.2-Redstone-Update-0.zip.minecraft_server.jar-Minecraft-1.5.2-Redstone-Update.exe.1375272: string.CreateWindowExA


Strings

raw strings

Dropped Files

minecraft_server.jar-Minecraft-1.5.2-Redstone-Update-0.zip at zip
md5: 37c38acf05afb2114ee08015012d5266
sha1: 38fa561d7c40bd1f09dd0ec0a3e694c2eacc5565
sha256: c0797594f222216e4a34cc347ad95a05cd0fe4c7d617fea8a14369b6f426596d
view strings

minecraft_server.jar-Minecraft-1.5.2-Redstone-Update.exe at zip
md5: 26c9456153a61c354a47496c272fb146
sha1: 597e19fed2d6fd8f7d6501a43eb4a5acf519e7ba
sha256: ab0d2778cdfd1daacda04122503daedc31358498272552f4809861f14319dbbe
view strings