HKTL_SKINMINER.GA

This hacking tool arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. It may be manually installed by a user.

Arrival Details

This hacking tool arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

It may be manually installed by a user.

Other Details

This hacking tool does the following:

• Displays this the following when executed:
  
• Downloads a minecraft skin from http://skins.minecraft.net/MinecraftSkins/{file name}.png using the "Username" supplied by the user as file name when the "Preview" button is clicked
  • Saves the downloaded skin as %User Temp%\mcskin.png
  • Example:
    
• Saves the downloaded skin to the users preferred location and file name when "Save Skin" button is clicked
• Tries to upload the downloaded skin to the users minecraft account on https://minecraft.net/ using internet explorer when "Upload Skin" is clicked
• Displays the "Credits" window when the submenu "About" under the "Help" menu is clicked
  
• Displays the "Changelogs" window when the submenu "Change Log" under the "Help" menu is clicked
  
• Download a copy of its updated version when the submenu "Check for Updates" under the "Help" menu is clicked and choosing "Yes" on the dialog box
  
  • The updated copy is downloaded from https://dl.dropboxusercontent/s/apluu4mafvdxufv/Minecraft%20Skin%20Stealer.exe
  • The updated copy is saved as {Current Directory}\Minecraft Skin Stealer {Version}.exe
• Displays the "Help" window when the submenu "How to upload directly to Minecraft.net?" under the "Help" menu is clicked