Overview

overview

7

Static

static

1

SKlauncher 3.0.exe

windows7-x64

1

SKlauncher 3.0.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    108s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    19-03-2023 01:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SKlauncher 3.0.exe

  • Size

    1.2MB

  • MD5

    32c7e3347f8e532e675d154eb07f4ccf

  • SHA1

    5ca004745e2cdab497a7d6ef29c7efb25dc4046d

  • SHA256

    107bb526c374d6fd9f45317c0c16e83ab50076f2bcd630caf3d6794596fae69b

  • SHA512

    c82f3a01719f30cbb876a1395fda713ddba07b570bc188515b1b705e54e15a7cca5f71f741d51763f63aa5f40e00df06f63b341ed4db6b1be87b3ee59460dbe2

  • SSDEEP

    24576:Dh199z42ojP6a7HJlF9eu5XFQZSIZeNGdmEE8H17UBcegl:R9zbgH3euNFQZr/oEE892cfl

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SKlauncher 3.0.exe
    "C:\Users\Admin\AppData\Local\Temp\SKlauncher 3.0.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1888
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://adoptium.net/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:856
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:856 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:1196

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d79cc6ee48b135271a0a5d163f921b50

    SHA1

    0d3c4a7ba9592ea65d6482bea28ad20ffe0a8d35

    SHA256

    5c61a38fe92b3ccdb83de1de51323498be0c28f0544e06d8a174786cbadea75e

    SHA512

    617ff0ea4f26fb61862933f5fb3f5d56533674b63ab3da0b6168498b16ccf453c3f63d71350e3cd740385ae86e87905b1af0774157e86f8bca4986074dfb6440

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    2f85eb904be31139666543c11992c261

    SHA1

    9168fd41f9159f46ad3b4610459234f5e71bd3e5

    SHA256

    aff55cfab2e7209db74874bdc695255a19220017dcd6ffefc012927e30192a3f

    SHA512

    14ccd3c624bf0f40db4a0b48e096b92f7b27c7772560601b484264a1cc3f9353786038f32f5ae85a5b9ad0f29bc9792f78d2e91d070130dce2265e551441ba55

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d55077f8cb06c73b34f86a906a395c68

    SHA1

    83c8b92ff9949cfba6277c9b389023d9f95646db

    SHA256

    262e34da8210d23415e4f2ceea57197fa05bc13f14ccb39fd40fba434f75de3f

    SHA512

    18ecd4ce3b8c05ce9273240ab06854f434572edd2ee1c02b860bddb7538fd1528351b12689fb2aed8ef5ab90515de009fc8aa487cd2cc8f56b05af840e56b0f0

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9b07cdfde3528a2457661ec013c2cf01

    SHA1

    3c7815f07ea3925330a18fd5eeee6bad8cb361f8

    SHA256

    6fa83992a5777390e3c9c7af741262f8f0de237820c79577de4438f3163ff4a8

    SHA512

    aed5a4190d120b11480ae7a59ad9e625d8a4be4b05cd0e5f02dbf1099038b1f32d46565fb1733e69f5f84ee165023d16ebf350f26fab749c329a10576fb4195b

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    06594ad73ea93cb9df6ef5764323139d

    SHA1

    81e97b1a7905280a73d092cb1c16a0abe8973252

    SHA256

    7b189343e1c11b04f84c52055966555123db58939bf445eb136c259886095199

    SHA512

    503cfdac0bd584da1186f05e4d805c80c9c2a189463b976628e4f453ba8d1a698c6c5abe7918517317a2bad6e7db0c729434b285cdac066f3e4082595ac712af

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bbabe265a0081374d138c06b6aa1b8e7

    SHA1

    c4d4526f6edb921125a6ab85f5d1760b0448740d

    SHA256

    7cfab4804a0c2147761ac81c04a6fa04632b6e202afcf7538258a75865f93e68

    SHA512

    6b27b7b7509a50b36343d9559f48e2d9de065fda200201c0b69d62f1839b9b25e93a5e2c2efc083dd0acff2f6deb100e1e35083d81765642777281eca9f9b675

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    37995a204916140b02821ecc0042dd8d

    SHA1

    3ad7f14395e58af74390b02becca6a198659465c

    SHA256

    a1f5b2618be000bae78043e86de4e6be8963085b120ae667fee0d1ddf068b9d0

    SHA512

    52bbbd44678a87202ef3dc97405aea765bbe571fe5e9021c1ecbd3f649cbeae0c1ed666dc30018650eaff6c4ad5fba27f3948ded11e7dbfaa2208b92d2e535a1

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5afadc1aa0ce665ff0b45ee28fb5cbd4

    SHA1

    34e9c17be3ffeb4de3b833d1ff3ee2b0c6c2a474

    SHA256

    8d93e423995fe65a9e3283b2594cd34e6e24e09dbf4594e9d629c5b3e64b2c2b

    SHA512

    d547bf2fa5d558d9d1f5a55f0abbc80087752b65d30267d001f8bb3165153d4154d679a55ccb8c69c1e3d28b762fc83080b1668d85ac1d699106b6ae4b40186c

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4484e7872a9353ff887bb1f4763fad34

    SHA1

    0bac34dc4221232cbd52f230529897e3a37ff4cf

    SHA256

    fbf696734c2216e40446d09a1aa9c7ae7a38ddeff8f0853a6353cfd62d059bbd

    SHA512

    b6710b114dec98e0358b222a6c835de5245bba62f91c7a2265d0e1cb933333e648ba9adb86125b09140e894b405f380f58d43f96f4cfa8fc83521b0c6530c7ad

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    fb1cc58f3c463d1be992828e0789081b

    SHA1

    7d5c70ad3a8a97e70b41e3d9c3cd97748341f8b7

    SHA256

    fc48f2824ddee9a0f00bc9d5c95d8acde5873cf995b409ffac61f8b9f913ca1f

    SHA512

    62b30c9752ff701b3d8cefe79c98b800b26481bff63c69354992002f241f10e43f4b9161b111ee2d4d864d9ab7d0bf61705179fd754c91504a3b9ff2dbf0eee3

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    877955c149bafeeb27bc351a64b1d9b1

    SHA1

    c604a27df5c110d6d08f9290a36f7be6e83f8899

    SHA256

    4cf6c00368e592992b6f5373b1afc6739cd65c1248420e61606c17832c3e3194

    SHA512

    2e90365e5b65cbe91dc50fc6b326c6dfd6a3d2055ec5a4736419cd90cf96ea7b003d895f5b9583685125608f0db31efc3ab5eec3abc4e277fafd932680554a38

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e30ebcf01e6a902cbc7a18c75c8072b2

    SHA1

    b40f8b3adb229e9b2fc8868b5a766c904b9012ab

    SHA256

    97769e96c5e90d842c092d462dbde72700d6367cd042ee8f05759b9e5d4ab2c4

    SHA512

    f214457bf292f9b63a87da1d3e25217b028098d5967d79ac5c8cc9b19bc05700933f2e136b9842866ec2b7d85c4c1490102841b246299f043c76b82dca8bf653

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\62yy7f8\imagestore.dat
    Filesize

    7KB

    MD5

    3f77618a1ab93a4e7c95a53380d52a7b

    SHA1

    d1522547024ecb78990cbdc3559d21d4b9e85e0c

    SHA256

    943164ec1df228ece38ff4a5fcc26a337b0278c7492f343bab969d96cd244fd4

    SHA512

    4cf1fc1e1be4825adf7ace2e269805983f5b7fa9c5bc6fade0cc6f891b22df19dc3edc444d00caf284f6322b92deccb73b7b721573dced82f6319132a7a442f3

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BJWXLGAS\favicon-32x32[1].png
    Filesize

    2KB

    MD5

    dfb98b35bec083cddf7e575ccbc12efc

    SHA1

    f77c5e6f37aec582c5977a76691f992e3ebc3a05

    SHA256

    f053cec8f37df661ce13646ff5ecad7050bd50c4afb4f7ad12cd252577207e66

    SHA512

    17d2d675bc677f126fabab826b4fc79a05eece52cf586a97b7d8093dc402d0160f273fbf9d38978f01befc9f85a979208c2355cc0a4c129a2232ffa4554961ef

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VQ77JNZF\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\CabECE0.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\TarF16B.tmp
    Filesize

    161KB

    MD5

    be2bec6e8c5653136d3e72fe53c98aa3

    SHA1

    a8182d6db17c14671c3d5766c72e58d87c0810de

    SHA256

    1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

    SHA512

    0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

    Download Submit
  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\0S0FQGPF.txt
    Filesize

    604B

    MD5

    6daf7dcd3d293298d876e6a541b94c79

    SHA1

    dcefc829b2baa3a946ed37f3c17da2f5eaed7098

    SHA256

    de20d48aa0219a6b7ca2aea60cadde285cec0d7b0fcfd21a45f117e505ad2d6f

    SHA512

    f6ee3dd244c6d45eb2e3854315512a95762c53f2d15c81fa5e9ffa687e92a15c17e59bf22c7bfb3c62822ab6c0c940600deb9abf9a3a8d771ccf6e7c2e264e61

    Download Submit
  • memory/1888-54-0x0000000000400000-0x0000000000435000-memory.dmp
    Filesize

    212KB

    Download
  • memory/1888-58-0x0000000000400000-0x0000000000435000-memory.dmp
    Filesize

    212KB

    Download