Overview

overview

7

Static

static

1

Launcher.exe

windows7-x64

7

Launcher.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    30s
  • max time network
    116s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    01-03-2023 10:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Launcher.exe

  • Size

    13.5MB

  • MD5

    766f368c59aac2939012beeacc8d5e9f

  • SHA1

    c178cd6927751b512b65461e53573a93dc56df34

  • SHA256

    eb140a89f01010f6348e485dcd4324252ddc06926cc1a30aa0d7ac6095f0edbb

  • SHA512

    7c5bfb0fabde8e1e708529718ebc7b73998fa3bfe9239b3adfad3798722fa45a693049f9cae9642073504d9b0c94b042790b10200ebb30b360c1bedb84fe67ab

  • SSDEEP

    393216:AqHUSGRf+yV374G4T56KjjjjjOdG6RECr3HwEQ:jHLGRmq85TwCw5r3m

Score
7/10
agilenet

Malware Config

Signatures

  • Obfuscated with Agile.Net obfuscator 12 IoCs

    Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

    agilenet
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Launcher.exe
    "C:\Users\Admin\AppData\Local\Temp\Launcher.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1708

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1708-54-0x00000000003B0000-0x000000000112A000-memory.dmp
    Filesize

    13.5MB

    Download
  • memory/1708-55-0x0000000000350000-0x0000000000370000-memory.dmp
    Filesize

    128KB

    Download
  • memory/1708-56-0x0000000000380000-0x00000000003A0000-memory.dmp
    Filesize

    128KB

    Download
  • memory/1708-57-0x0000000001240000-0x000000000129A000-memory.dmp
    Filesize

    360KB

    Download
  • memory/1708-58-0x00000000014F0000-0x0000000001508000-memory.dmp
    Filesize

    96KB

    Download
  • memory/1708-59-0x00000000016B0000-0x00000000016C0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/1708-60-0x00000000016C0000-0x00000000016DE000-memory.dmp
    Filesize

    120KB

    Download
  • memory/1708-61-0x00000000016E0000-0x000000000170A000-memory.dmp
    Filesize

    168KB

    Download
  • memory/1708-62-0x00000000059C0000-0x0000000005B02000-memory.dmp
    Filesize

    1.3MB

    Download
  • memory/1708-63-0x0000000005050000-0x0000000005090000-memory.dmp
    Filesize

    256KB

    Download
  • memory/1708-64-0x0000000001BE0000-0x0000000001BF0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/1708-65-0x00000000064D0000-0x000000000652A000-memory.dmp
    Filesize

    360KB

    Download
  • memory/1708-68-0x0000000005050000-0x0000000005090000-memory.dmp
    Filesize

    256KB

    Download
  • memory/1708-69-0x0000000006B30000-0x0000000006B5C000-memory.dmp
    Filesize

    176KB

    Download
  • memory/1708-70-0x0000000006710000-0x000000000672A000-memory.dmp
    Filesize

    104KB

    Download
  • memory/1708-71-0x0000000006D90000-0x0000000006D9A000-memory.dmp
    Filesize

    40KB

    Download
  • memory/1708-72-0x0000000006E00000-0x0000000006E08000-memory.dmp
    Filesize

    32KB

    Download
  • memory/1708-73-0x0000000009DA0000-0x0000000009DA8000-memory.dmp
    Filesize

    32KB

    Download
  • memory/1708-74-0x0000000009EF0000-0x0000000009F16000-memory.dmp
    Filesize

    152KB

    Download
  • memory/1708-75-0x0000000009F20000-0x0000000009F2A000-memory.dmp
    Filesize

    40KB

    Download
  • memory/1708-76-0x0000000009F80000-0x0000000009F94000-memory.dmp
    Filesize

    80KB

    Download
  • memory/1708-77-0x0000000009FE0000-0x0000000009FFE000-memory.dmp
    Filesize

    120KB

    Download
  • memory/1708-81-0x0000000005050000-0x0000000005090000-memory.dmp
    Filesize

    256KB

    Download
  • memory/1708-82-0x0000000005050000-0x0000000005090000-memory.dmp
    Filesize

    256KB

    Download
  • memory/1708-83-0x0000000005050000-0x0000000005090000-memory.dmp
    Filesize

    256KB

    Download