Overview

overview

1

Static

static

1

TLauncher.exe

windows7-x64

1

TLauncher.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    79s
  • max time network
    81s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    18/04/2023, 22:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    TLauncher.exe

  • Size

    6.3MB

  • MD5

    b82fd01133bb349374867e4955c10954

  • SHA1

    33a147a39e7d9a87bf8b03bb30616f6047dd3b6e

  • SHA256

    aa30f82966feed87eb9b6ae96c16ef9a22cb3d1a1821e393af3ed9211c7df981

  • SHA512

    5a31664244fc4f4243c6b964c67e69ea06721fa6b8fc256f611ce2a7fc9af566f4972aa02a33568d54f27d9145b2feb504bb2573c166bf76686db001a113b07e

  • SSDEEP

    196608:2HXkz5bJzEpjlElIiOnnuAv5lWlRzoj7JSA:7NZlannuoWlRy1

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 35 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\TLauncher.exe
    "C:\Users\Admin\AppData\Local\Temp\TLauncher.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:848
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://java-for-minecraft.com/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1696
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1696 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:1488

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    61KB

    MD5

    e71c8443ae0bc2e282c73faead0a6dd3

    SHA1

    0c110c1b01e68edfacaeae64781a37b1995fa94b

    SHA256

    95b0a5acc5bf70d3abdfd091d0c9f9063aa4fde65bd34dbf16786082e1992e72

    SHA512

    b38458c7fa2825afb72794f374827403d5946b1132e136a0ce075dfd351277cf7d957c88dc8a1e4adc3bcae1fa8010dae3831e268e910d517691de24326391a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    da719b1ec5b77a90fb14086868d84c0b

    SHA1

    58dcd8112c0b7e5cd6d4d27ea48f080d3f6ba9f3

    SHA256

    f8236df12787925d465c8ff77168e34c77444b7e5fd149b8f14fc84b17503426

    SHA512

    b5ce9f068c7584fc7caf68951956f8eb41aeba2d5aac29bca9250f9fc114b721201e3fc8f5399d6b4f1ef016e57f8122ebb8f46ff0449fafa18bf6d6e5393036

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7575d6d87aeab05e9fb2a305f92033db

    SHA1

    0a63ac1637e7f2d0fcb27cd1a5185156776b3ae4

    SHA256

    6236d0a0c588b78bfb500de7b529073e9477a09074ac37ee7eb2dfcff4e7b5ab

    SHA512

    67609a64885142bb0d79d06b5804de0b255abba8e53dbbdb6b3f59183e1d84cfbe8e6f99aac29cb18fa701fb6d13dc0fcf30f19c8ab9bf57bce117f3416520ac

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4a8629a6cf5b711f8367232d5e26682e

    SHA1

    28c5f7d162e9e8f98239870f978a9a02e69bb390

    SHA256

    46c242d93b311c1af3225d7963e1aad5709cc9067ec8b3997f89b7bce3496d99

    SHA512

    a5f1562e9047d4303d0bbe38f9963c271fbf56f4e6591151811f27740609e659555f0835aab457e93cb4e5605f1439f8279190acc4e1de5119e8a4728ab0e0d5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7d40188ea41bb9c9740cfa71998d73ac

    SHA1

    29bfafce6981c699c04351bd733989e51f94e5d2

    SHA256

    aa85b7d23a1233a7568bb342a171301cce1b610300b90caca62c636c8fb14bde

    SHA512

    61464ae63725d0775ce6e2b270c0c49089925d54c7ea9222d7d26ca6a3d8c3d213948e6d37a38009bb96224e565a658ffec440082aad29b98c5ba2ca55933df9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    b53a80c77aad221327fd99ab1adad512

    SHA1

    bc6f3aae722c51b47fc20847aa7e173d5ffd39ca

    SHA256

    48787d82abb8baaf4dca2069a88dff915fbce0e256bae3526ba36f3d96b01c96

    SHA512

    5c2bc5c1ec8ffb599750e4e2a8a403f88bc59d8983989c66bb8d090529414c62087de339b2b7e78a77ebb3e6c55b668c5a7c8349defbe917c639facef0c8a8f0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4060e223767128e49e3dc9fe849dc140

    SHA1

    44586d783c31c8670f7c9fca48e460d19c3817f6

    SHA256

    8dc08db7b1fae518599773d13a385d53e121b37d3b1e5689324bdcdd07b23f47

    SHA512

    d5ce8b208387f68c820cdf796bbaa3747c352a6a7a80850a521414364ba0725f27e2bab743379e5464b5576bb1e5a168f4c1bff46adb640d88034ee346c7e150

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d388efad636ed56fe52ac394b10b3211

    SHA1

    c84063c7d03d51cd9c0f8745eff153e51f31d6b1

    SHA256

    a21d2da0900f3620252fc9024dd2dcc3210b9ed023a197294a82d4c50190d487

    SHA512

    fcafc9e31d59ef083cc7973b446852560f5786362ad95eb36d30444c8622e32730c4cee4ac5b0cdd1eeabd284b63addb95a708c777cd7893397c325c5cb8d141

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    55827693285f64ec226a0657696a6b6f

    SHA1

    a9f4f13a7f34801c539217b903fd26e4c3b5f9eb

    SHA256

    7d1124ed440046ee206a223605c0afe550ee656f1f1392f753c4565ed72cca1e

    SHA512

    9f53fc3fe2df4407bf88ef4ec0a49ed5478ae2f8287772660ba10e7440fa47b2ef7a88152b7eb98edc770ad5652544a1b1361e1c2c4a072977698cde73d9a6b9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    86c49a804ce738d8982c841acf734bf8

    SHA1

    bd1d4bd74d8fe9abc8329179835ab22cfaf7f684

    SHA256

    dbd3f46868113cff4402a440cad9e53b36dcd8c3569a2f8753005658ee48f0d1

    SHA512

    e3bdae9361468958ad4a44e27f21dfe6003ae8243c456a20ef0074a4bc2cc71494059af3409f518b958520b79fc0fe897c22fb9a3ed42c69c71cad1dfe2a9516

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabD99F.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD9B1.tmp
    Filesize

    161KB

    MD5

    73b4b714b42fc9a6aaefd0ae59adb009

    SHA1

    efdaffd5b0ad21913d22001d91bf6c19ecb4ac41

    SHA256

    c0cf8cc04c34b5b80a2d86ad0eafb2dd71436f070c86b0321fba0201879625fd

    SHA512

    73af3c51b15f89237552b1718bef21fd80788fa416bab2cb2e7fb3a60d56249a716eda0d2dd68ab643752272640e7eaaaf57ce64bcb38373ddc3d035fb8d57cd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarDB3F.tmp
    Filesize

    161KB

    MD5

    be2bec6e8c5653136d3e72fe53c98aa3

    SHA1

    a8182d6db17c14671c3d5766c72e58d87c0810de

    SHA256

    1919aab2a820642490169bdc4e88bd1189e22f83e7498bf8ebdfb62ec7d843fd

    SHA512

    0d1424ccdf0d53faf3f4e13d534e12f22388648aa4c23edbc503801e3c96b7f73c7999b760b5bef4b5e9dd923dffe21a21889b1ce836dd428420bf0f4f5327ff

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\~DF0C27E40CAC05202B.TMP
    Filesize

    16KB

    MD5

    139f8a32d5496afd2fb7e96ffe6c9890

    SHA1

    7cf8e7ad14ba8efc10c6d2900f13bc7f28c2118f

    SHA256

    fb0c03d3424e71b7eba32c8cf985fbe7d45b5f3b1a5b2705b178933817ebbc52

    SHA512

    e91d59311ab50a0ed3fa621237328da48a8c00a4fbd89f9017dbb5e2d1416b7813979ac752905277abeb76645515b32386246e047749b5be2767e8cef2e4e127

    Download Submit

  • memory/848-54-0x0000000000400000-0x0000000000417000-memory.dmp

    Filesize

    92KB

    Download