Overview

overview

7

Static

static

1

SKlauncher 3.0.exe

windows7-x64

1

SKlauncher 3.0.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    113s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    19-03-2023 01:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SKlauncher 3.0.exe

  • Size

    1.2MB

  • MD5

    32c7e3347f8e532e675d154eb07f4ccf

  • SHA1

    5ca004745e2cdab497a7d6ef29c7efb25dc4046d

  • SHA256

    107bb526c374d6fd9f45317c0c16e83ab50076f2bcd630caf3d6794596fae69b

  • SHA512

    c82f3a01719f30cbb876a1395fda713ddba07b570bc188515b1b705e54e15a7cca5f71f741d51763f63aa5f40e00df06f63b341ed4db6b1be87b3ee59460dbe2

  • SSDEEP

    24576:Dh199z42ojP6a7HJlF9eu5XFQZSIZeNGdmEE8H17UBcegl:R9zbgH3euNFQZr/oEE892cfl

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SKlauncher 3.0.exe
    "C:\Users\Admin\AppData\Local\Temp\SKlauncher 3.0.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1580
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://adoptium.net/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1144
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1144 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:764

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b8f380f414057ae6e383ef2642a440f1

    SHA1

    3c00eb7963ffc457fba8ca36a345d30b3a864c25

    SHA256

    54691045b0708b5f3670f2f4e007e2e5774c8552613dae03ecd9c5bc82673a66

    SHA512

    2ad53d31738261d5864ebbeca5138ac6ad280bf0130efddcb64d3d4ac9353187b81a8de6b52dd8eb553afd00cc1ed50aba527fe39e7357578e8c8cf91c709f03

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1c537b86faf9d4cc7808e20d27dc232a

    SHA1

    43781aa98b50f18acd71fa10c8c63ec7a9e53264

    SHA256

    a188bf858339282d2fe5b306d6a1d152bb0b5757d76559b86c715c19fde5870b

    SHA512

    60548bd84ba5c2db7c60f34ba587d5d5badf53eea936e4201798b21f4f73aee71ce1719a60fe69ec48fd9445eac024bcd10740c666d30caa203dcdf6783de6f0

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    27296d80d9a09b4ba34aec9167cc2037

    SHA1

    8349bc1a6b5baa55f63e10ae58de2b860a961544

    SHA256

    1e695f2ba75ae5136031cf6a21d3dac467e29b07c8ae13021cf50261c141b16e

    SHA512

    0adf27a96bbd0cf46bc451994e3953b7746c0c79f9c2402ff5abc3de94094d1d68c49ec747659b06d51ca693266a1f6caaa64f49147ad2ed6ab58ebd784f2ce2

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7e81a23fde90d2d223d9ea9404ac1b44

    SHA1

    f3396095fe910635462ee31e62776ba1976529ce

    SHA256

    56eb918e975fd14ee25d19b67171e23319357ed3610623e19cbdfdfa20452c45

    SHA512

    64b2d9c975546eb9a49d7e24fde828d62f10ce20fb8059a0412fd488f6bde054510d32ce77054663c6c58e6362fd580dcde00a04bbe63a3ea0a2702da9350bef

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f5b3cf1b038e3dbec1d9effb8ed8f2a0

    SHA1

    df3046fccc3ba47bac1de9651e360f43b04e5ae4

    SHA256

    c6c8bf220ebc1789d2e1dbe9427f050c46a333059f5a52ce28a19e3795162b22

    SHA512

    ba0941d27aff6e63aa2f80c6d0f674e08dec5d72f07f3eaf27679ec101d3c35b834c52e2bc7c1470d5523981e41a2defc071ed4815cee860b035628da4e2d555

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    56c62222746af7c9c7591f155ffda784

    SHA1

    169c4ebb7cb87769eab2cf3d11858b10f9fafcfb

    SHA256

    c367966cba82ee3df9dd78497733a1e62e798eebeaac7354baaba01d5f5263c4

    SHA512

    88558208851261b2c460e86a0a650191317a4638af16c5d54bac503382e5acd4dd98a4d406ac105cca6956654873119f6c059953ddc0977a477cdce6dd214bc4

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9d187b33943aa5b7bdd31d2957f0d27b

    SHA1

    e8c46be5a038e9a47ef937d8c7f47de51eeaadef

    SHA256

    1189c051fbfbcbd3f8e9d96da66c539497f2adbacfe24b95c68a1252ff8db6b6

    SHA512

    aead8652f54ab8aaa3fc9b46ff6282fc65a3845d846d6506e9dccc513772d0ffefc393574b9fb5316a1f8be906fe177228c3a896b9bd8c364ecc0e9942898e41

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d29b3bd5b91471134e8a081e7a2124fd

    SHA1

    d20c6daaefd1d3eb2f3ed556fa530d34ad8d8bf8

    SHA256

    c79d4c5b4c3ea5a1ab458cdcaf1b992de62719eb061115501b2b9b60a6e175e3

    SHA512

    fcae3b01bbb78d67b7b5a28344661849ff455b9cc5b6cc11f869fcf0e046a0e86a5b154aa906c3b431ffc81423b58a055dbb858e37e81d5aeca118cd095f0bf4

    Download Submit
  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e6b4e55a1ee5129c787cee5b8a61785b

    SHA1

    5078dc18ef5a4dbbc3efdecaa681917f9350a512

    SHA256

    60ae4344e039093fc7e89230720f480f2d123dfb9a2be6885ad237714c782e89

    SHA512

    6af2b7c04ab32f93a1da969043f8da7c701d42ee869519215ad6c3e1a88cf586afa5f29d0bd0e863babe2dc1c10612ebe06dfa6122953dcb5703b68082bcad82

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\62yy7f8\imagestore.dat
    Filesize

    7KB

    MD5

    42d2f14890231046ac57b2f00d2efe2b

    SHA1

    436b1407a620cc45526d8832520d957804507c7b

    SHA256

    1e49d46c9ca570bc80be311966ec92cc8cccf76560ab64bedba29df0c5314e08

    SHA512

    1e61b83318388854a0cfefecedc9c184b140b7f969b1c6cbb613945b966bf21174137fe0e09e9e3f5cff702cb2460259a32437967ec48c12fb03d2aba955ad26

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BJWXLGAS\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit
  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VQ77JNZF\favicon-32x32[1].png
    Filesize

    2KB

    MD5

    dfb98b35bec083cddf7e575ccbc12efc

    SHA1

    f77c5e6f37aec582c5977a76691f992e3ebc3a05

    SHA256

    f053cec8f37df661ce13646ff5ecad7050bd50c4afb4f7ad12cd252577207e66

    SHA512

    17d2d675bc677f126fabab826b4fc79a05eece52cf586a97b7d8093dc402d0160f273fbf9d38978f01befc9f85a979208c2355cc0a4c129a2232ffa4554961ef

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\Tar70C5.tmp
    Filesize

    161KB

    MD5

    be2bec6e8c5653136d3e72fe53c98aa3

    SHA1

    a8182d6db17c14671c3d5766c72e58d87c0810de

    SHA256

    1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

    SHA512

    0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

    Download Submit
  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\KVI5SX6V.txt
    Filesize

    608B

    MD5

    33b20559a507008d6ee57f26c5f5c1e9

    SHA1

    6e66b7caef664273c96724e95465a43724f3a422

    SHA256

    62db3345b8426b7fad816c47ccc199315a8a08f38ebe9b968e80cf6a60c1dfdb

    SHA512

    10d837c9aa3e0b05d783e784eb169364da420d0ce58e5202be431e15b12b8a06762a90d1a60ebc33fc678366486e66b5ae413efc9fbbb8da81fa069f600dfc88

    Download Submit
  • memory/1580-54-0x0000000000400000-0x0000000000435000-memory.dmp
    Filesize

    212KB

    Download