Overview

overview

7

Static

static

1

SKlauncher 3.0.exe

windows7-x64

1

SKlauncher 3.0.exe

windows10-2004-x64

7

Resubmissions

21/03/2023, 19:25

230321-x49csscg25 7

21/03/2023, 19:16

230321-xyt1xscf69 7

Analysis

  • max time kernel
    55s
  • max time network
    116s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    21/03/2023, 19:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SKlauncher 3.0.exe

  • Size

    1.2MB

  • MD5

    32c7e3347f8e532e675d154eb07f4ccf

  • SHA1

    5ca004745e2cdab497a7d6ef29c7efb25dc4046d

  • SHA256

    107bb526c374d6fd9f45317c0c16e83ab50076f2bcd630caf3d6794596fae69b

  • SHA512

    c82f3a01719f30cbb876a1395fda713ddba07b570bc188515b1b705e54e15a7cca5f71f741d51763f63aa5f40e00df06f63b341ed4db6b1be87b3ee59460dbe2

  • SSDEEP

    24576:Dh199z42ojP6a7HJlF9eu5XFQZSIZeNGdmEE8H17UBcegl:R9zbgH3euNFQZr/oEE892cfl

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SKlauncher 3.0.exe
    "C:\Users\Admin\AppData\Local\Temp\SKlauncher 3.0.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1712
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://adoptium.net/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1208
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1208 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:572

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b8d578e138ba97ff89d08eb8bdcaaae6

    SHA1

    2b9b470f8a21eb351c754701ddb9421f697a10a6

    SHA256

    768478bb3851e9e7a84b53e5522a14242c802d92921f18087a5ed7cf5f96fd19

    SHA512

    db79e02bab510306938b60eca55819e51a0394f20c12378482e371417b4dfbc5aba3402bf899c3e6c5563dda425292d54d1953bf3e3aa9c493e0ebbb60add784

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9dbfb25c52b1fc99c158bca361ff044f

    SHA1

    bb6056ecc624207cc9a68fadf6c866ffcf827fc5

    SHA256

    04326c5595af27725adbb34766ae1cdd535199b9c92cc376b90067fb9f573350

    SHA512

    30f20ff068cea77b91267906e204cfdd50dc32f9f6635d07c1a9bf4ce5879be7ef394cdb616aae9cc10cae6837c0416b3eee0f3ee42e239ff075efd281984948

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e43e4172797035b05d0c5488420eb70e

    SHA1

    ca367b281189848ba9f81d09f928ef146798aa68

    SHA256

    8b65d1e4ef39cad0898d579394512e4bf64e20bc21ff724b662e91741134da9e

    SHA512

    e901c75a37fc43d22f55faa9d4f0381da349723ee3ec0363ffb87fb4e013655634d2a21f4a9ec58caccb4f1bb035b4c3d0eddc552e537c8ee16e0fc96c7fc61a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6b5573e77b53ac9cbfe3ba32fb9e84ab

    SHA1

    a5ebc02664123919d973d2f3fd5061ab23cc3aea

    SHA256

    0461954a9f3815898d4b1d67107bf0a049c11dcfca9a93bce84565a0a814208a

    SHA512

    d348c136186c8ad3119a1de8031ea802412784b5123362843c62951400c96214ad577d4d0c64cc6ab6db83cf26fe3a9023681052caab0ca5099fa2f97e0dead4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9cb483decfad7a916a08b8499e7fcb4d

    SHA1

    84745f63d258275f5f9b4118b15c2e049d383bb0

    SHA256

    83d2852955da3c072bf021b5c8861d4066c58da569108ad0a518b827d7e1b8bf

    SHA512

    bd696450158f326e31ebe0702d2dbba865d64f03e6a1d81f2e45a86d66b29e6a3f2419b0c5393bcb8690adc36317fe8429b7821b1067f5c76561a68ec6237075

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6a1eece5293d5f7d9139babd76be9f23

    SHA1

    ca0a11aa6e8979f295da909d672a18acd39c47de

    SHA256

    a6589dda0ce058ce59ec5a48043ae5bc77275a254a4edf1ff844b011f711f6b0

    SHA512

    42e3ca52ec97bfdf4ca116a97b854ecd4d13e053542fd24a405e6957b805420ea084dc8ac2d4ea8553993e974c4310df86f071d723c54f513918260ab04b017c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8a8b5d69beb4a188cb316ebde97ebf5b

    SHA1

    7749bb2825b1b12487b2b2605f33a964045b1d76

    SHA256

    09add58cdd0921be1a41150b54a02cf43cd5b8be4b32ecd0dc133938581e5e2f

    SHA512

    58b2bbc8328eb933cbbe54a81fc85a5012b7c03ab4b262884377ea90bbbeaf8a2f7df16f74327c32ec7b0517c1f0054e596e7863537c665c90465aac402be40a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    61813f967aecbbd4919e6355684b1d38

    SHA1

    d90acacdee1f0f7fcbb923609c3ed260a4ac8a27

    SHA256

    8b10b2cc3fb21c89397bc82e9dabdf30b1d89ebae9066f61b9fdf4f8c6b04aee

    SHA512

    7608587a1c32700e2879e851d894e2334d619e4c7c2bf8b007e86f15acfe4a0a730954dbd7930acdc4fe38279768cbaf0d20c08ace9a9a07f1232ee95f1be6d4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1984dfa8923422908367b8a2a410603e

    SHA1

    34e040450c2a8b0f42b99b610690c423a7a99b8d

    SHA256

    9a2244c68d5bcc1de99b23307ebbd6cde6c0f037f497c720a32ad732ad29006f

    SHA512

    b18e1e55d7f8c25ebe35556ed49f6ebb5f7792fbdf230894a059a7d0b4470427c66573eafbf07dfd8b11687fa0d6a8df633d36efbae0c24b10a57a0dcc85bb86

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ee25d0d35853d101dd1ddcc5184c955d

    SHA1

    edd9d050ac546d801f49614cecdba1118a7db19d

    SHA256

    b2c46f35d134956080c772a661064340ae6e3364a22124ddb0e292a2d26689b7

    SHA512

    4564cff71b7f7a5ab90914b18d6702ea2060db80e070d994230cfc2aeb84d2cf60bcb3be21cb022dd448d89a2b2de0d9433eed4437e4336814568329f5645541

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    14388536b15c6415c5a43038baa17c9d

    SHA1

    6d8db15a4e24f4c45a85e79df81bd97cdc728d96

    SHA256

    c80b0152fc00e064459b78f9517171417c70774a3d97c5d8b164a1e9dda9650f

    SHA512

    012885c97651f48dc86e8ac8efee703d57d0547c6ebe04c57b078b02c5a6be6dde865b4847ab1daa664e10b27b712068b9d61cc5f9a8c96925050a5fb8d1407c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c8a52865cbb883d3758529a5f1c8e8fb

    SHA1

    36420a4b7121f881a1fc857190292c31714b7316

    SHA256

    c82f184b2ad41f1a582c00448e3e0e03721fcda700a03546ccaba56083c5d8b9

    SHA512

    3a5ee91dc20e1dae918fde29e65ff3546d0e0b1dee859f6a07db50bd6ee6f6bd57a4ec9cf3ca5f31b6363d5aaff7dc8bc55fe0e1c444d62ddc86b8f709e7dbd8

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\jo5ozfo\imagestore.dat
    Filesize

    7KB

    MD5

    4127dc871930800720d487b9f9cdc39a

    SHA1

    211aad5a947c6b9881012ebb5da6cfcc76ccdb31

    SHA256

    8f9b462f8a368a7ccbde468d0fb8e4d505e462fc321999eaf59f3884b4d478bd

    SHA512

    9985fa3bb5b1e1ca6aad2860b3cc6568329d6386a52612a613dda02a16ac31b70a24aa7609c0be6a54e0186d095579656233498acc7829b78292e15c45414318

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TOS3MI7U\favicon-32x32[1].png
    Filesize

    2KB

    MD5

    dfb98b35bec083cddf7e575ccbc12efc

    SHA1

    f77c5e6f37aec582c5977a76691f992e3ebc3a05

    SHA256

    f053cec8f37df661ce13646ff5ecad7050bd50c4afb4f7ad12cd252577207e66

    SHA512

    17d2d675bc677f126fabab826b4fc79a05eece52cf586a97b7d8093dc402d0160f273fbf9d38978f01befc9f85a979208c2355cc0a4c129a2232ffa4554961ef

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab50C2.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar54DC.tmp
    Filesize

    161KB

    MD5

    be2bec6e8c5653136d3e72fe53c98aa3

    SHA1

    a8182d6db17c14671c3d5766c72e58d87c0810de

    SHA256

    1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

    SHA512

    0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\~DF0A1F1F6A62F8A5AC.TMP
    Filesize

    16KB

    MD5

    f02bc44aa6d04ee86e9361df30aeba3e

    SHA1

    a675f11d1c7c56b6837bfee537b757a9e71cbec8

    SHA256

    c9750c198abb473d8c1cbf8047ca1f64a7949392d237cd3c43c7a858719d783a

    SHA512

    ffbce6116224115c4c5ebd4b4a9ff4049580557db7425432e047036efcf03c08577deb9bca81ab9c779d1848269007408d763beefce6d8bab4e011b275e5a040

    Download Submit

  • memory/1712-55-0x0000000000400000-0x0000000000435000-memory.dmp

    Filesize

    212KB

    Download

  • memory/1712-54-0x0000000000400000-0x0000000000435000-memory.dmp

    Filesize

    212KB

    Download