64b591101e21036b7b51896e70b3d656c5b67f563c86957c2332330a9cde9f3e | Triage

Submit
Reports

Overview

overview

8

Static

static

1

SKlauncher 3.0.0.exe

windows7-x64

1

jre-8u361-...86.exe

windows7-x64

8

Sharing

General

Target

Sklauncher.zip
Size

55.2MB
Sample

230403-sv8yfsfe96
MD5

3d138abc220810f7975267a8e00b7e88
SHA1

06a011a823820aef6928b1336262e4247a130230
SHA256

64b591101e21036b7b51896e70b3d656c5b67f563c86957c2332330a9cde9f3e
SHA512

1bba999cd946a8a17583bf2bc66eeb437311e8f55c0557a86bc8928759f67c81171bf87b28f9060379871682ab2d8cae6eddb140ec4f6c028ec3c15aed99764d
SSDEEP

1572864:M3qswccaVeuTcnAbASwPLYetqKOY4Z7b3HUFJJKwGK:9swcX6H5MetqFY4t3H2JnGK

Score

8^/10

adware stealer

Static task

static1

Behavioral task

behavioral1

Sample

SKlauncher 3.0.0.exe

Resource

win7-20230220-es

windows7-x64

4 signatures

1800 seconds

Behavioral task

behavioral2

Sample

jre-8u361-windows-i586.exe

Resource

win7-20230220-es

windows7-x64

18 signatures

1800 seconds

Malware Config

Targets

- Target
  
  SKlauncher 3.0.0.exe
- Size
  
  1.2MB
- MD5
  
  32c7e3347f8e532e675d154eb07f4ccf
- SHA1
  
  5ca004745e2cdab497a7d6ef29c7efb25dc4046d
- SHA256
  
  107bb526c374d6fd9f45317c0c16e83ab50076f2bcd630caf3d6794596fae69b
- SHA512
  
  c82f3a01719f30cbb876a1395fda713ddba07b570bc188515b1b705e54e15a7cca5f71f741d51763f63aa5f40e00df06f63b341ed4db6b1be87b3ee59460dbe2
- SSDEEP
  
  24576:Dh199z42ojP6a7HJlF9eu5XFQZSIZeNGdmEE8H17UBcegl:R9zbgH3euNFQZr/oEE892cfl
Score

1^/10
behavioral1
- Target
  
  jre-8u361-windows-i586.exe
- Size
  
  56.4MB
- MD5
  
  ee8e770d45fca5f42c1acaa3958cff83
- SHA1
  
  2e45d36bbd1f68745fddfa457ce6444918f0fc41
- SHA256
  
  9f894ca1b76c6d504a5f62e71963f186527110c617215afa9fe061fc7793195f
- SHA512
  
  cbdb8ff5f3667ef15893c11408182001fae9d9b06b72e310ca7ced63b5f31d19a385978d19361c744f7c1205d730181a530754bffb3c371c50c524dede704785
- SSDEEP
  
  1572864:ekkq6rpoRMm9wJPENMUTGSBS0GEPLzXEaz:Mq6r8kCNMU6SUEPXtz
Score

8^/10

adware stealer
- Blocklisted process makes network request
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Install Root Certificate

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy