Overview

overview

8

Static

static

TLauncher.exe

windows7-x64

8

TLauncher.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    91s
  • max time network
    102s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-es
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-eslocale:es-esos:windows10-2004-x64systemwindows
  • submitted
    28/12/2022, 11:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    TLauncher.exe

  • Size

    5.2MB

  • MD5

    1f73fb40bb5f2adfba15a2ff635e38f1

  • SHA1

    a1d86b12e6776224a27cd86e50f9fddfed080da4

  • SHA256

    9904f3d58a967aca7b4a74b182d930b380eb72d19f61cfefff86f65702c35385

  • SHA512

    1e48fd4a01cbc005b99a8c2a21807f892e224ab0b9e16298683ecb7a64f30a7a9583853c2a9e7a0bdc0fa010e0d9a816d182126a379e64c4f016646ca89c813b

  • SSDEEP

    98304:Cw8pCe+8AS5JWqKZt3RDYAR4126J7BnII1FkYUE2f2oTMcLb:v8p+I5JWbbhsU4126J9II1FkpEy24t

Score
4/10

Malware Config

Signatures

  • Drops file in Program Files directory 12 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\TLauncher.exe
    "C:\Users\Admin\AppData\Local\Temp\TLauncher.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2156
    • C:\Program Files\Java\jre1.8.0_66\bin\javaw.exe
      "C:\Program Files\Java\jre1.8.0_66\bin\javaw.exe" -jar "C:\Users\Admin\AppData\Local\Temp\TLauncher.exe"
      2⤵
      • Drops file in Program Files directory
      • Suspicious use of SetWindowsHookEx
      PID:3708

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3708-142-0x0000000002B20000-0x0000000003B20000-memory.dmp

    Filesize

    16.0MB

    Download