Overview

overview

7

Static

static

SKlauncher 3.0.exe

windows7-x64

1

SKlauncher 3.0.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    152s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    02/01/2023, 01:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SKlauncher 3.0.exe

  • Size

    1.2MB

  • MD5

    32c7e3347f8e532e675d154eb07f4ccf

  • SHA1

    5ca004745e2cdab497a7d6ef29c7efb25dc4046d

  • SHA256

    107bb526c374d6fd9f45317c0c16e83ab50076f2bcd630caf3d6794596fae69b

  • SHA512

    c82f3a01719f30cbb876a1395fda713ddba07b570bc188515b1b705e54e15a7cca5f71f741d51763f63aa5f40e00df06f63b341ed4db6b1be87b3ee59460dbe2

  • SSDEEP

    24576:Dh199z42ojP6a7HJlF9eu5XFQZSIZeNGdmEE8H17UBcegl:R9zbgH3euNFQZr/oEE892cfl

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SKlauncher 3.0.exe
    "C:\Users\Admin\AppData\Local\Temp\SKlauncher 3.0.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1144
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://adoptium.net/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1360
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1360 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:588

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    839b9b566178dc38381a60226514150b

    SHA1

    21b852891c62f03400067beea988823f771425bb

    SHA256

    9b6e61013ddf00749498b8211a9e28c0253f0ad5f0cc76a0d371adfaece97587

    SHA512

    338b9e600ea5371e0d50e17eb27e7b7ebe018377e5a5a28c2af35350cb37ef1084a4898b5726d04a313f15bdf274b44de661ca39aeae61acf61bb4e28d1ec2da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    3717280fdb7d65fc2cb9b10054618699

    SHA1

    06dd6dd7d61f13734da9cd58ac6524eb89a9fe46

    SHA256

    89a2a4b94247b1a5a1c341e773ae3d0d71739dcab3ba0c3c79a0ec3f939ae48a

    SHA512

    0da56cf0092e7a1c237110c6f051a6fadfd551a33442ddea646932c3c227c972fde5bd2862c607dcafc5fe91e8b275e0f18759e32a14793de9771161bf333a4d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    bcfdd295818873b2bcf47f44b9ed4ef2

    SHA1

    495accf4b428769c657cda1b0955d09a0c4a65fe

    SHA256

    07697d671f1fe467a780ceb606795350e6e8ad23701c19e78b682e39f2648a32

    SHA512

    8a9a2236427f271d56e8e026a7964d4d5646bf2ef1f4679ad127df5b0b98105020a3b67d5cd07759c2838a0cf87e7304cbf34d3eb2d08e1dfb5fdfe6b8f0ebfe

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    61be6a70e93c8e82b197510d6797af80

    SHA1

    ff0b91b05f33e48071730fe39fc8a84a0f93c7f4

    SHA256

    cc3fd167b128398eb1fee02bd0c8fbff9ae7423f9f3c18df433a81a99f1c444b

    SHA512

    73adcc2c16146f565694d3ecb5cbdab6167e276bf21deee47f8aee27e51cc0768ebb3826cefd6038395166546c2f234b57f6d2c03f21f6bc7aab9ed63015f912

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\try74lz\imagestore.dat
    Filesize

    2KB

    MD5

    01e0454f8661e9fdb06d2d028f7c8aa8

    SHA1

    620ae37f6750b150487679f2b3e7aa882edb5af8

    SHA256

    ae36afc06520e90f09a4787325d6f45526a3a451b4b52e8a082490fe82a20d27

    SHA512

    e6f602a0b9e19587d0bf49ed5a39291f1368961bcdaaa53cd2965cc91e7dc211f75fac2dc5fbfa9c83936f754246de0c49b78e9d5e0e39a8f9ff92c8a434dfac

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\KS5BP6Q4.txt
    Filesize

    608B

    MD5

    3eea3076d8d85a0642efd95a2d6f4c77

    SHA1

    df868ad36a551a55f7742cf488f1090c9be5abfc

    SHA256

    ee6818cebdcbbb8391ba30db4ee832c7a04ff54819c4e70642bcab23bc71b280

    SHA512

    4ee07c1243ff13ac0037696cd4fadf1d33f5ffd2196ccdb6476dd69a4ddc2680e6098c1f3c4d39a00216fb9d848a00cff516f8096483eae8ad2dfe2983c7eb79

    Download Submit

  • memory/1144-54-0x0000000076041000-0x0000000076043000-memory.dmp

    Filesize

    8KB

    Download