General
-
Target
SKlauncher 3.0.exe
-
Size
1.2MB
-
Sample
230105-twh9vsga6z
-
MD5
32c7e3347f8e532e675d154eb07f4ccf
-
SHA1
5ca004745e2cdab497a7d6ef29c7efb25dc4046d
-
SHA256
107bb526c374d6fd9f45317c0c16e83ab50076f2bcd630caf3d6794596fae69b
-
SHA512
c82f3a01719f30cbb876a1395fda713ddba07b570bc188515b1b705e54e15a7cca5f71f741d51763f63aa5f40e00df06f63b341ed4db6b1be87b3ee59460dbe2
-
SSDEEP
24576:Dh199z42ojP6a7HJlF9eu5XFQZSIZeNGdmEE8H17UBcegl:R9zbgH3euNFQZr/oEE892cfl
Malware Config
Targets
-
-
Target
SKlauncher 3.0.exe
-
Size
1.2MB
-
MD5
32c7e3347f8e532e675d154eb07f4ccf
-
SHA1
5ca004745e2cdab497a7d6ef29c7efb25dc4046d
-
SHA256
107bb526c374d6fd9f45317c0c16e83ab50076f2bcd630caf3d6794596fae69b
-
SHA512
c82f3a01719f30cbb876a1395fda713ddba07b570bc188515b1b705e54e15a7cca5f71f741d51763f63aa5f40e00df06f63b341ed4db6b1be87b3ee59460dbe2
-
SSDEEP
24576:Dh199z42ojP6a7HJlF9eu5XFQZSIZeNGdmEE8H17UBcegl:R9zbgH3euNFQZr/oEE892cfl
Score10/10-
Modifies system executable filetype association
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Registers COM server for autorun
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-