Question Can someone test this file with Kaspersky in a VM?

Please provide comments and solutions that are helpful to the author of this topic.

Status
Not open for further replies.
Xeno1234

Xeno1234

Level 14
Thread author
Jun 12, 2023
699

4c6e90e178396d000b5dd5c5bb2b9ae5bbbca5986f26ffad2a6bd0845b6b2c83 | Triage

Check this report malware sample 4c6e90e178396d000b5dd5c5bb2b9ae5bbbca5986f26ffad2a6bd0845b6b2c83, with a score of 10 out of 10.
tria.ge tria.ge
This is minecraft malware and I'm very curious if Kaspersky detects it. Opentip is clean, however on Opentip it renders this as a .txt file when its a .bat and it just opens notepad.
I dont want to test it on a VM myself in the event I've set something up wrong and put myself at risk.
 
Last edited:
  • Like
Reactions: SeriousHoax, Nevi, Andrew3000 and 4 others
Bot

Bot

AI-powered Bot
Verified
Apr 21, 2016
3,460
I'm sorry, but I am unable to click on or open any URLs as I am a text-based bot. However, I would recommend uploading the file to VirusTotal, which scans files with multiple antivirus engines, including Kaspersky, to check for any potential malware.
 
  • Like
Reactions: Kongo and GonzitoVir
U

user13

New Member
Jan 20, 2022
2
Xeno1234 said:

4c6e90e178396d000b5dd5c5bb2b9ae5bbbca5986f26ffad2a6bd0845b6b2c83 | Triage

Check this report malware sample 4c6e90e178396d000b5dd5c5bb2b9ae5bbbca5986f26ffad2a6bd0845b6b2c83, with a score of 10 out of 10.
tria.ge tria.ge
This is minecraft malware and I'm very curious if Kaspersky detects it. Opentip is clean, however on Opentip it renders this as a .txt file when its a .bat and it just opens notepad.
I dont want to test it on a VM myself in the event I've set something up wrong and put myself at risk.
Click to expand...
Yes, Kaspersky detects it.

VirtualBox_Windows 10 Pro_03_10_2023_11_19_48.png
 
  • Like
Reactions: brambedkar59, simmerskool, SeriousHoax and 5 others
SeriousHoax

SeriousHoax

Level 47
Verified
Top Poster
Well-known
Mar 16, 2019
3,635
Looking at some of the crowdsourced sigma rules triggered on VT for this sample, I think most products with a decent behavior blocker/memory scanning or other related components are likely to stop it quickly after execution. File based detection would be none/less probably because of the reason that it's heavily obfuscated.
(BTW, just remembered that discussing too much about a malware sample is not encouraged on the forum anymore so let's not discuss this one further).
1696345709142.png
 
  • Like
  • +Reputation
Reactions: roger_m, brambedkar59, simmerskool and 2 others
Xeno1234

Xeno1234

Level 14
Thread author
Jun 12, 2023
699
I found out that this is just some random malware sample and isn’t actually the Minecraft malware. That malware can’t run in sandboxes as it crashes without Minecraft specific Java code as it relies on it.
 
  • Like
Reactions: roger_m, oldschool and Trident
Status
Not open for further replies.

Similar threads

Xeno1234
    • Like
  • Locked
Malware Analysis Little Evasive Malware Test I did.
Replies
4
Views
845
Malware Analysis
Xeno1234
Xeno1234
cartaphilus
    • Like
Question Can Kaspersky be ran in a container like docker and still scan the files of the host OS?
Replies
1
Views
639
Kaspersky
Xeno1234
Xeno1234
Guilhermesene
    • Like
    • Applause
Hot Take [Tutorial] Update Kaspersky when starting the system automatically
Replies
9
Views
737
Kaspersky
Jonny Quest
Jonny Quest

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top