Overview

overview

1

Static

static

ATLauncher.exe

windows10-1703-x64

1

Analysis

  • max time kernel
    56s
  • max time network
    179s
  • platform
    windows10-1703_x64
  • resource
    win10-20220812-en
  • resource tags

    arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system
  • submitted
    02-02-2023 12:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ATLauncher.exe

  • Size

    10.4MB

  • MD5

    f09a1d73abc2f425f7544bbf7ea5aa42

  • SHA1

    40282f8210619adeca62b4fc710f257072bd8f42

  • SHA256

    73bb616fc4fdad4ee3be7b449de0d07f3769a2f5f0be639f08e1867528c30106

  • SHA512

    83e1cecfa6608ae99785e608b3456b5ec8b51cbdc8b8b9da744e5f1552b1560badff29808156eb5fdeaabaded9c724bc13e46ba85644e694cd830cbdcce91372

  • SSDEEP

    196608:xcVrSS1JQ94rKB1D6yl2wRsGeWkV09bQcb1xOdvDGldn:y91JQqrKrD6tw3fkVI4g

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ATLauncher.exe
    "C:\Users\Admin\AppData\Local\Temp\ATLauncher.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2076
    • C:\Program Files\Java\jre1.8.0_66\bin\javaw.exe
      "C:\Program Files\Java\jre1.8.0_66\bin\javaw.exe" -Xms168m -Xmx3367m -Djna.nosys=true -classpath "C:\Users\Admin\AppData\Local\Temp\ATLauncher.exe;lib\ATLauncher-3.3.1.4.jar;lib\authlib-1.5.21.jar;lib\gson-2.8.5.jar;lib\xz-1.8.jar;lib\base64-2.3.9.jar;lib\discord-rpc-1.6.2.jar;lib\jopt-simple-5.0.4.jar;lib\zt-zip-1.13.jar;lib\google-analytics-java-2.0.8.jar;lib\okhttp-4.0.1.jar;lib\sentry-1.7.24.jar;lib\gettext-lib-1.1.0.jar;lib\log4j-core-2.12.0.jar;lib\log4j-api-2.12.0.jar;lib\murmur-1.0.0.jar;lib\commons-lang3-3.9.jar;lib\guava-17.0.jar;lib\httpclient-4.5.9.jar;lib\commons-codec-1.11.jar;lib\jsr305-2.0.1.jar;lib\commons-io-2.4.jar;lib\jcl-over-slf4j-1.7.26.jar;lib\slf4j-api-1.7.26.jar;lib\okio-2.2.2.jar;lib\kotlin-stdlib-1.3.40.jar;lib\jackson-core-2.9.9.jar;lib\antlr4-runtime-4.7.2.jar;lib\kotlin-stdlib-common-1.3.40.jar;lib\annotations-13.0.jar;lib\httpcore-4.4.11.jar;lib\antlr4-annotations-4.7.2.jar" com.atlauncher.App
      2⤵
      • Suspicious use of SetWindowsHookEx
      PID:2908

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2076-120-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2076-121-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2076-122-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2076-123-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2076-124-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2076-126-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2076-125-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2076-127-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2076-129-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2076-128-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2076-130-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2076-131-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2076-132-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2076-133-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2076-134-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2076-135-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2076-136-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2076-137-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2076-139-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2076-138-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2076-141-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2076-140-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2076-142-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2076-143-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2076-144-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2076-145-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2076-146-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2076-147-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2076-148-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2076-149-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2076-150-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2076-151-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2076-152-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2076-153-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2076-154-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2076-155-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2076-156-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2076-158-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2076-157-0x00000000771D0000-0x000000007735E000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2908-159-0x0000000000000000-mapping.dmp

    Download

  • memory/2908-164-0x0000000002E80000-0x0000000003E80000-memory.dmp

    Filesize

    16.0MB

    Download

  • memory/2908-171-0x0000000002E80000-0x0000000003E80000-memory.dmp

    Filesize

    16.0MB

    Download