e34014b3eab2272cdcd65c897d669a4156cb4937a4f558c022a33cadb7baeb56 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

TLauncher.lnk

windows7-x64

3

TLauncher.lnk

windows10-2004-x64

8

Sharing

General

Target

TLauncher.lnk
Size

1KB
Sample

230206-y4qq5aba4w
MD5

d857b472e0e44470f3a6476a340559b5
SHA1

ef3096f7619f4b35afeba3d325e2bd4fd5dc5065
SHA256

e34014b3eab2272cdcd65c897d669a4156cb4937a4f558c022a33cadb7baeb56
SHA512

33a7844d85726489cb1626e5790c925305b8676e1a6362418f1b55503e0f0a9b5e8862b1c5067648e1f499dc08d5f943891c4be9dd50dad1083727bc4feb8153

Score

8^/10

discovery spyware stealer upx

Static task

static1

Behavioral task

behavioral1

Sample

TLauncher.lnk

Resource

win7-20220812-en

windows7-x64

6 signatures

1800 seconds

Behavioral task

behavioral2

Sample

TLauncher.lnk

Resource

win10v2004-20221111-en

discovery spyware stealer upx

windows10-2004-x64

17 signatures

1800 seconds

Malware Config

Targets

- Target
  
  TLauncher.lnk
- Size
  
  1KB
- MD5
  
  d857b472e0e44470f3a6476a340559b5
- SHA1
  
  ef3096f7619f4b35afeba3d325e2bd4fd5dc5065
- SHA256
  
  e34014b3eab2272cdcd65c897d669a4156cb4937a4f558c022a33cadb7baeb56
- SHA512
  
  33a7844d85726489cb1626e5790c925305b8676e1a6362418f1b55503e0f0a9b5e8862b1c5067648e1f499dc08d5f943891c4be9dd50dad1083727bc4feb8153
Score

8^/10

discovery spyware stealer upx
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Peripheral Device Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

discoveryspywarestealerupx

© 2018-2024

Terms | Privacy