Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

SKlauncher 3.0.0.exe

windows7-x64

1

SKlauncher 3.0.0.exe

windows10-2004-x64

7

Resubmissions

31/03/2023, 11:05

230331-m6xrnsag7v 7

31/03/2023, 11:02

230331-m5h7wsag6z 7

Analysis

  • max time kernel
    396s
  • max time network
    394s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    31/03/2023, 11:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SKlauncher 3.0.0.exe

  • Size

    1.2MB

  • MD5

    32c7e3347f8e532e675d154eb07f4ccf

  • SHA1

    5ca004745e2cdab497a7d6ef29c7efb25dc4046d

  • SHA256

    107bb526c374d6fd9f45317c0c16e83ab50076f2bcd630caf3d6794596fae69b

  • SHA512

    c82f3a01719f30cbb876a1395fda713ddba07b570bc188515b1b705e54e15a7cca5f71f741d51763f63aa5f40e00df06f63b341ed4db6b1be87b3ee59460dbe2

  • SSDEEP

    24576:Dh199z42ojP6a7HJlF9eu5XFQZSIZeNGdmEE8H17UBcegl:R9zbgH3euNFQZr/oEE892cfl

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SKlauncher 3.0.0.exe
    "C:\Users\Admin\AppData\Local\Temp\SKlauncher 3.0.0.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1744
    • C:\Program Files\Java\jre1.8.0_66\bin\javaw.exe
      "C:\Program Files\Java\jre1.8.0_66\bin\javaw.exe" -Xms32m -Xmx256m -jar "C:\Users\Admin\AppData\Local\Temp\SKlauncher 3.0.0.exe"
      2⤵
      • Loads dropped DLL
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:4584
      • C:\Windows\SYSTEM32\cmd.exe
        cmd /c reg query HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize /v AppsUseLightTheme
        3⤵
        • Suspicious use of WriteProcessMemory
        PID:3208
        • C:\Windows\system32\reg.exe
          reg query HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize /v AppsUseLightTheme
          4⤵
            PID:1388

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\flatlaf.temp\flatlaf-windows-x86_64-4142164046000.dll
      Filesize

      9KB

      MD5

      697d496ac9f5aaab8ae025322358c61e

      SHA1

      2043eac8cdcc2e24b854af1eacd77a5f2a395a27

      SHA256

      a7273a4cf48ab3413f2c186cc95a3367a73ce99f8d45329383219d4cc27003aa

      SHA512

      b6702cd49a3af9f97f697565136f140692af9f8b271e672f2e91c920a23212b778583786f2377078117113647926338614a92c4a2423318b7a21ba2fe3a89838

      Download Submit

    • C:\Users\Admin\AppData\Roaming\.minecraft\sklauncher-fx.jar
      Filesize

      14.5MB

      MD5

      5d07975f396dc1cfbbb7c85926e6cb3a

      SHA1

      990307bcbe268445a1ffd007e45cbed4afe4f336

      SHA256

      4a99710f158f6b1b9f7efa6140906f94b2e4f1d3c00d5ae9b3020c8fd98d8d9b

      SHA512

      0af4c95de5490dcf130aa76d4c60fad89fb906fef37880a45718576c100f44ac651dec0745074a7ee10b1e7ea849d3e7227a936a607c86f7148845274d06dab4

      Download Submit

    • memory/1744-133-0x0000000000400000-0x0000000000435000-memory.dmp

      Filesize

      212KB

      Download

    • memory/4584-225-0x00000000013D0000-0x00000000013D1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4584-242-0x00000000013D0000-0x00000000013D1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4584-185-0x00000000013D0000-0x00000000013D1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4584-213-0x00000000013D0000-0x00000000013D1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4584-217-0x00000000013D0000-0x00000000013D1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4584-151-0x00000000013D0000-0x00000000013D1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4584-232-0x00000000013D0000-0x00000000013D1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4584-170-0x00000000013D0000-0x00000000013D1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4584-255-0x00000000013D0000-0x00000000013D1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4584-257-0x00000000013D0000-0x00000000013D1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4584-258-0x00000000013D0000-0x00000000013D1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4584-260-0x00000000013D0000-0x00000000013D1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4584-263-0x00000000013D0000-0x00000000013D1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4584-264-0x00000000013D0000-0x00000000013D1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4584-285-0x00000000013D0000-0x00000000013D1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4584-146-0x00000000013D0000-0x00000000013D1000-memory.dmp

      Filesize

      4KB

      Download