Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

SKlauncher_3.0.exe

windows7-x64

3

SKlauncher_3.0.exe

windows10-2004-x64

7

Resubmissions

26/03/2023, 03:43

230326-d9xfmsfd52 7

26/03/2023, 03:41

230326-d88saafd48 1

26/03/2023, 03:36

230326-d5wzbafd44 7

26/03/2023, 03:32

230326-d32rsahc9y 7

26/03/2023, 03:27

230326-dz36fafd37 7

Analysis

  • max time kernel
    47s
  • max time network
    49s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    26/03/2023, 03:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SKlauncher_3.0.exe

  • Size

    1.2MB

  • MD5

    32c7e3347f8e532e675d154eb07f4ccf

  • SHA1

    5ca004745e2cdab497a7d6ef29c7efb25dc4046d

  • SHA256

    107bb526c374d6fd9f45317c0c16e83ab50076f2bcd630caf3d6794596fae69b

  • SHA512

    c82f3a01719f30cbb876a1395fda713ddba07b570bc188515b1b705e54e15a7cca5f71f741d51763f63aa5f40e00df06f63b341ed4db6b1be87b3ee59460dbe2

  • SSDEEP

    24576:Dh199z42ojP6a7HJlF9eu5XFQZSIZeNGdmEE8H17UBcegl:R9zbgH3euNFQZr/oEE892cfl

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Modifies Internet Explorer settings 1 TTPs 29 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SKlauncher_3.0.exe
    "C:\Users\Admin\AppData\Local\Temp\SKlauncher_3.0.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1108
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://adoptium.net/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1732
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1732 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:1712

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    77e7c171e73e32229b3443713df635ba

    SHA1

    360c97f6aa5198eb38bd5b507108d08aea62dac6

    SHA256

    e69e999629f5c1359f00c41efa6ae1f79e5faca2c256b4add77bdb5ca98b669e

    SHA512

    15b7458da8af76d875040a68411c4e6cfb65284010fd7589818c94e2a6fdb49da3ec765810b83bce38cdec0a0e35f77367a944e350419d6290e029218c62b4bc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    bf9a275c8bdc0b98bdd8906126455274

    SHA1

    ecfc7ef2cac835873a029fd5f37e87a93f4e76d6

    SHA256

    e031ac2240349039a3d41411b498e8aa1c937e32c59fd2ed6f286d1212f49cc1

    SHA512

    52c8cda6e0dc6eabdef1c56570ca48f176f600aaaaa314787f8c89aa3df8a28a66542336f6226655faac2e04893a7516e4aba4063d2cae2e10000bfe607c3529

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    cf7721496730b32c9dae2db67a5cf562

    SHA1

    7e92b5ca68b97eeb0e2dcd3778f4860c88bee59d

    SHA256

    8251fb9206336539f7aa41e100935dc69d8f7c34fe226e8d672292fd802eea30

    SHA512

    95db5f839f947df6f1dd37064960124eb2c4ccc18dbbeecdcffc2553f2eae6ca3b4ad85c443ce8e69091096bae5fcb6fd05905167174a8ad43da0b7085d6cb51

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ffb85234f8b9b33eebc918940952b7f7

    SHA1

    0fc226bfcd946914259406a892077ae47d23e51d

    SHA256

    652dba0f05b065994cb9d2f14317b3884a412e8ceed2605623fb63d111406e93

    SHA512

    ba5aa60bbb51a11f5ba31fc052f41fe1a936e77f593c9e68522f74ec8aa35d2245972dc6d1882d5a822a53c1ad252b47d27beaecdee34d7d6d26524345f51e2d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    31c304c13ba054d5e20c199c9679208e

    SHA1

    44e7d2b025df465614131e065327fb1c663b0abd

    SHA256

    132d4ef61270d15359ee68138be207b8dea7cb6a9cc0736314cb2e3af2cd72bc

    SHA512

    f1aa829da3babb5a986139c02a150fe772f02e31690a3ca51f6e0db08f216ff7b22710109f88d5e51f40162771ac1b9977f8a85c1f3f57c0217d116cb96b6fc2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c58f16a6fa713ffb49d97fe60b04fba5

    SHA1

    b2b2cdcf6d1ccd5925ae70c11f2182de04309f2d

    SHA256

    ec6bf72b9bb1aae261eac4af82c5718f9a098c4397d7db955f3ec6846fc86abe

    SHA512

    44130eb6d91e628fb28d37c604b9f3b62c75e8e4124bed44e29d7c13b7bc73be784a372e13f071218b1c58b9cc0a65eb00ed5fc17eac870e281f3c07c86816c3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ba62ad424bd76c0a949f7bb720af17f9

    SHA1

    ac860a0cac4167606a8f16a34ac63942fd850314

    SHA256

    4fef9612905ba1f2bde1501ef19402dee77bb8396c50d298e875b23c1c7ab3a3

    SHA512

    a42651d56687149fa4164e2fc699fe49028e5c54ba49733d1de68a37a4335d6b3bad87212f6d8463f159041cc0c24f16578ac27f2bcde62320c06d055629bda8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c68be54056383d31dbc794b855bd99d0

    SHA1

    ec15f50c043cb6190db03878275dbb7d48059a31

    SHA256

    0dfb4a8cea2930090c3919af6ec6f0553e454dd8db0b3d0812d4f66e4a08ec83

    SHA512

    35187e3efd3c9528e7ef1872d2d3509ab9bc58debb2d0239beca3503a6d7215c4445bf61cbdeca0fb3b88ba84ce3493b165ad1c20ba32a3d84a4c31114c9d4a1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4c18a62c2e94dd4c8b1e0f503e844999

    SHA1

    043a0e75e6c9f32f61a2753487adb9a4c089adcf

    SHA256

    b12df9e66bbd400157a959f63dad0fb8022e5ee2bd019683cb8313f2dd130f55

    SHA512

    d629d6a13558d15e13b572080299eb4a6e9c3da98ec26538401b879d3d3f336bb3f103952dd30bb32d4c976dd7bd2204446b938e76e03b697a5bf0efdd2640db

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d3a899218007169cffbe636f2bc18d58

    SHA1

    51aa25b5d514de7d9a0f4826fdaa47d4712b2c01

    SHA256

    b4c349fd6f39b6ed661e209c94a56318b039d01b9419dc70fdaeb55c862aa2a8

    SHA512

    77208a79d99985fd7453fde6b74f0efa0255602211e9d5d23243f30b83d44648e5d3a9f4585066f9d6fab37310f035c48b7b53e15ed038aa3b8448bf38df6db9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a8bb925c8449e5d3be9daf247cb059b4

    SHA1

    132d511902d776a33b73dfb2aa823e2b77183318

    SHA256

    ace9baa139583654ed0fd2882e90f1b63dc0188c0d9145d34ff04664bba0004e

    SHA512

    18a6041b81aa4660dbf79d7e3373c8e301ca48a4098665f360439bd67d74abcc0787236d14d2417ec381559f0e28c03eac859d96b5b63e9e5f915a500b7d2254

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    259820f483b519bcaee0b3f20bfbb647

    SHA1

    51722c5ec4301821da4c27c2edfffd9857ed2332

    SHA256

    70f15e9705e3f715f3c4e44b399809b66be1e5a614d280b19e4e370751abf454

    SHA512

    e986c42c528a1b66b61ed93ddde4f64cb29a4575477370d5411ee8f569347c87155a20c81cad47f443dc38d75554fb7de6a58a1e77afad1e3715c46515f2a43b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    1069b50168cb9d25be32b90184fde1e8

    SHA1

    fb0a3761701258843d9928fbd3eeb3bc17286eee

    SHA256

    62250d7187ebd3accb8145e19d5f5f81bbc68621aa719bb82de62c4593da62cd

    SHA512

    1832169e5fd5fb48a3e3ac5463bb299209840c513278b9daf898a33637a855cc7cde38dca0934b0bedd66e8eb7fd4297d60fa201593a16731aac4e739138dab9

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\idyde9r\imagestore.dat
    Filesize

    7KB

    MD5

    a877afff927170149dba2587da3dd159

    SHA1

    ea5e9c650aefc9268b9eb864e6f3dd2b43269b26

    SHA256

    459a270af19f03b654657992b91829bdb04244751c27d7828b43b7545c0d4a0f

    SHA512

    f69ac43484e04596450977dbeb631c3bb4a8fb5b3c0496694e63ab3736755b7d3e1a58fdbda84566dcc8497b09d1774c25e6241057e4cfc7199c96634457aeb8

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ACT9UUKV\favicon-32x32[1].png
    Filesize

    2KB

    MD5

    dfb98b35bec083cddf7e575ccbc12efc

    SHA1

    f77c5e6f37aec582c5977a76691f992e3ebc3a05

    SHA256

    f053cec8f37df661ce13646ff5ecad7050bd50c4afb4f7ad12cd252577207e66

    SHA512

    17d2d675bc677f126fabab826b4fc79a05eece52cf586a97b7d8093dc402d0160f273fbf9d38978f01befc9f85a979208c2355cc0a4c129a2232ffa4554961ef

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6385.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6627.tmp
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar66AB.tmp
    Filesize

    161KB

    MD5

    be2bec6e8c5653136d3e72fe53c98aa3

    SHA1

    a8182d6db17c14671c3d5766c72e58d87c0810de

    SHA256

    1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

    SHA512

    0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

    Download Submit

  • memory/1108-54-0x0000000000400000-0x0000000000435000-memory.dmp

    Filesize

    212KB

    Download