9904f3d58a967aca7b4a74b182d930b380eb72d19f61cfefff86f65702c35385

Resubmissions

30/12/2022, 02:19

30/12/2022, 02:15

max time kernel
15s
max time network
53s
platform
windows10-2004_x64
resource
win10v2004-20221111-es
resource tags

arch:x64arch:x86image:win10v2004-20221111-eslocale:es-esos:windows10-2004-x64systemwindows
submitted
30/12/2022, 02:15

Target

TLauncher.exe
Size

5.2MB
MD5

1f73fb40bb5f2adfba15a2ff635e38f1
SHA1

a1d86b12e6776224a27cd86e50f9fddfed080da4
SHA256

9904f3d58a967aca7b4a74b182d930b380eb72d19f61cfefff86f65702c35385
SHA512

1e48fd4a01cbc005b99a8c2a21807f892e224ab0b9e16298683ecb7a64f30a7a9583853c2a9e7a0bdc0fa010e0d9a816d182126a379e64c4f016646ca89c813b
SSDEEP

98304:Cw8pCe+8AS5JWqKZt3RDYAR4126J7BnII1FkYUE2f2oTMcLb:v8p+I5JWbbhsU4126J9II1FkpEy24t

Score

1^/10

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
2960	javaw.exe
2960	javaw.exe

Suspicious use of WriteProcessMemory 2 IoCs

description	pid	Process	procid_target
PID 1112 wrote to memory of 2960	1112	TLauncher.exe	82
PID 1112 wrote to memory of 2960	1112	TLauncher.exe	82

C:\Users\Admin\AppData\Local\Temp\TLauncher.exe
"C:\Users\Admin\AppData\Local\Temp\TLauncher.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1112
- C:\Program Files\Java\jre1.8.0_66\bin\javaw.exe
  "C:\Program Files\Java\jre1.8.0_66\bin\javaw.exe" -jar "C:\Users\Admin\AppData\Local\Temp\TLauncher.exe"
  2⤵
  - Suspicious use of SetWindowsHookEx
  PID:2960

memory/2960-137-0x00000000032B0000-0x00000000042B0000-memory.dmp

Filesize
16.0MB

Download
memory/2960-165-0x00000000032B0000-0x00000000042B0000-memory.dmp

Filesize
16.0MB

Download
memory/2960-175-0x00000000032B0000-0x00000000042B0000-memory.dmp

Filesize
16.0MB

Download
memory/2960-186-0x00000000032B0000-0x00000000042B0000-memory.dmp

Filesize
16.0MB

Download
memory/2960-190-0x00000000032B0000-0x00000000042B0000-memory.dmp

Filesize
16.0MB

Download
memory/2960-192-0x00000000032B0000-0x00000000042B0000-memory.dmp

Filesize
16.0MB

Download