Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

SKlauncher 3.0.exe

windows7-x64

1

SKlauncher 3.0.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    76s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    01/03/2023, 18:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SKlauncher 3.0.exe

  • Size

    1.2MB

  • MD5

    32c7e3347f8e532e675d154eb07f4ccf

  • SHA1

    5ca004745e2cdab497a7d6ef29c7efb25dc4046d

  • SHA256

    107bb526c374d6fd9f45317c0c16e83ab50076f2bcd630caf3d6794596fae69b

  • SHA512

    c82f3a01719f30cbb876a1395fda713ddba07b570bc188515b1b705e54e15a7cca5f71f741d51763f63aa5f40e00df06f63b341ed4db6b1be87b3ee59460dbe2

  • SSDEEP

    24576:Dh199z42ojP6a7HJlF9eu5XFQZSIZeNGdmEE8H17UBcegl:R9zbgH3euNFQZr/oEE892cfl

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SKlauncher 3.0.exe
    "C:\Users\Admin\AppData\Local\Temp\SKlauncher 3.0.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1808
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://adoptium.net/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2012
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2012 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:1236

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fa22aabc56b6c79a87ccd899de8c0ddb

    SHA1

    8ffe20df27dd664dfe0dc623f8120e6bf129c3e9

    SHA256

    f5fa253a8d9551a090ec99920598db6580d215a01882f05f54731b2ad206615a

    SHA512

    fb7ff5eea82bada7060f13e1d9f0ede09e68b4531eb37cc14822ec3f46966f1b70e650592d7e7a858117ab5708f662306a02c7fb8d96dd3aecc8b5c8e4653ce4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    832c647a8e6860b4e044f98b9e99eff8

    SHA1

    a482aab54615d0026d5c755e8699a727664d2eb9

    SHA256

    78dd33542ef840c1a2f7cb238fd96f6ddac6689351541165aa41bc866e14bd8d

    SHA512

    db664b436f337649f885248539584fd74dc6af29f4224da0c6d6aa69719246fa60027307c13a836c0015f64987ca6f83d32fbfe0a1823013d8273123ef2cb0af

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0a0a142fe57c9e7ce0192beffa94d937

    SHA1

    374a10b197bfe252776d5a0dc8f657cb878a7eef

    SHA256

    d9de49422e88b192024e1da4951b45896c88ef48e33d221122c37769fb7f5d1b

    SHA512

    ceefdd4f91bd8dee04af1fef7f6c2168b0f1b1fdf321b25ddcda2719e25ad8e0e13b1a89d7038e529d9d643a8772d1fd6039fff3f636a45942ca0b5713eab592

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    927e6433eddc7a2f994d4ca9d2935ec7

    SHA1

    a0f9de043b46b9ee5aa0a21b621ab5d421ad6e67

    SHA256

    d700b0e8655685d46a9f7fea76bbc2355a5fdddfeba17e0d1855df115b336f1a

    SHA512

    4017f16ccbd73f33ac2941b0da7289444ae6d0de9a5e558f37e6c6c774307ee7bfcfdc1f50d15346428ffab4fac23ff2897b6af440fd1777ebd28f6a48c34d59

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    24f80af4fc10cb9d53ffceb3e678b854

    SHA1

    5dc2a2608fab0203013d5fbe86eb30d98a7e0c6a

    SHA256

    2f297590dcc66ceafc5d09d99c853af4b376c9035a723a73f5576ae4ca97db96

    SHA512

    5b95a657610d50180497a7665db059facccca7a31cbc0771f6ebda28be73b4b1503a787f48fc57a95b3786aa07c3d9384a48f9ffd889fc94f7c348630c2c960a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    62bf6bd793e52a84f5f2b99c12460188

    SHA1

    4cb3ec8357235130a0c00dd14a965d846fe4be86

    SHA256

    dccfe7424dee0894766155e5fe09f5450429c4930383dfef2ca32c6c3c69a0ad

    SHA512

    1cf20c375887ba36a6a56d2f220d66235184552cc02f5f6b926ca9983113f1d3038fbf690c11d2d5c74b12d04f8af9cbe06640dc86de6c98082f80f9b2967a12

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    aaf419cea3a77991b6f23c8c9f0f2d2d

    SHA1

    8c35dd5b05403278e0c3cdfb43388abbae465bb7

    SHA256

    3e9fdfd238b0835e3bf2ed4977d57a4d476b944d5da6d0efe682507fbc9e84a6

    SHA512

    70240a589741706822d0d651917c2c29e84d6b1b9c216b5acd3e7270cc62b29738e2f3a741c31f3d9996202d845ffe4e8913f4e0bc41904e6a02b264a7fa1ac6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6fc667fc98afe90480fa3af0d9be3222

    SHA1

    d9dfd42a8b01a84984d9b2b1a724b854b12760b1

    SHA256

    22e030d581e937217ed01481934c11d3ae09dc44547911d01ad6fcb2799cb2cc

    SHA512

    9801a9f0de4bab4257b16c88c99307c3adb6fb9027b635ee41cec851a2613fe67599d229d6eb493328203a4df5cf0d3b2d23c354e34328df6adf7d3c3cb89763

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9e0f12e79d1d9f9d5825f2cfc82538d7

    SHA1

    656fbae9089ff5a743b3a42c185408e1fdd537e4

    SHA256

    789d52c6b7f74dced62d69e32adad1c11f3cdb554acd4b9863615182c788b6ba

    SHA512

    708465b22aaae1e08fba1cc1b95bbe7e0b5d15bbab326c16b6371a1019f444b4bc2c2be5a04a7cb088372eecb1b19e79efcf56bb6d83dc882c6e51fb955713c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b1a32f94ca0158378ee235cd4be8aae0

    SHA1

    b39de97c31690764e2282060e76e575f806fb5ac

    SHA256

    6e09616ad47d7f13c05a16d5945e8fb848f6acc99a0ec7717238f16cef85f926

    SHA512

    32ff30b7166d6278e5ad7435ac7cee434ee45c7366c3056d7e452b42c6bd89ad26e0b994075143ca93322af6e7e42b7a93e2f5ce4be719e2b24bc67eb7f99759

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\idyde9r\imagestore.dat
    Filesize

    7KB

    MD5

    f111130b1ba6cff6a8c2639cd121767d

    SHA1

    4ba3e8935cb9a2c20b29a6420256873b27968fed

    SHA256

    24c7351db462d63d05c591c2883b45990d434b38b591aa1312b295960e2e9689

    SHA512

    917a2119bb04e2801590258f07c2f1d4f3e1138eb948d89c7f8dba4278d0bcab26374e2b916897badce775b92ba45cbb5010d4d2f9665a287ac45d054b98359c

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KIMPJA9E\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NMXH1C0L\favicon-32x32[1].png
    Filesize

    2KB

    MD5

    dfb98b35bec083cddf7e575ccbc12efc

    SHA1

    f77c5e6f37aec582c5977a76691f992e3ebc3a05

    SHA256

    f053cec8f37df661ce13646ff5ecad7050bd50c4afb4f7ad12cd252577207e66

    SHA512

    17d2d675bc677f126fabab826b4fc79a05eece52cf586a97b7d8093dc402d0160f273fbf9d38978f01befc9f85a979208c2355cc0a4c129a2232ffa4554961ef

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab49BF.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4AAD.tmp
    Filesize

    161KB

    MD5

    73b4b714b42fc9a6aaefd0ae59adb009

    SHA1

    efdaffd5b0ad21913d22001d91bf6c19ecb4ac41

    SHA256

    c0cf8cc04c34b5b80a2d86ad0eafb2dd71436f070c86b0321fba0201879625fd

    SHA512

    73af3c51b15f89237552b1718bef21fd80788fa416bab2cb2e7fb3a60d56249a716eda0d2dd68ab643752272640e7eaaaf57ce64bcb38373ddc3d035fb8d57cd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar4BAA.tmp
    Filesize

    161KB

    MD5

    be2bec6e8c5653136d3e72fe53c98aa3

    SHA1

    a8182d6db17c14671c3d5766c72e58d87c0810de

    SHA256

    1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

    SHA512

    0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\10SSXQYV.txt
    Filesize

    600B

    MD5

    e746e3a3dac58b55f75b9c9f6800eb79

    SHA1

    f6e382a65b343d7ac96e148b9a4005d33648988a

    SHA256

    968af99767b5c5e593e6676290a7bcef92ace153c147a871da7ea39aee1dcbd7

    SHA512

    02327111272d6a8ac1491c7c81a4e84dcf672f322db6efb1a308af61ff2c5733df36033ffac674e7f6d698e8f2f6224d8f777fca5a73cb86a2dec77de3120c4c

    Download Submit

  • memory/1236-56-0x00000000012F0000-0x00000000012F2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1808-54-0x0000000000400000-0x0000000000435000-memory.dmp

    Filesize

    212KB

    Download

  • memory/2012-55-0x00000000027A0000-0x00000000027B0000-memory.dmp

    Filesize

    64KB

    Download