Overview

overview

7

Static

static

3

SKlauncher 3.0.0.exe

windows7-x64

1

SKlauncher 3.0.0.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    05/06/2023, 15:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SKlauncher 3.0.0.exe

  • Size

    1.2MB

  • MD5

    32c7e3347f8e532e675d154eb07f4ccf

  • SHA1

    5ca004745e2cdab497a7d6ef29c7efb25dc4046d

  • SHA256

    107bb526c374d6fd9f45317c0c16e83ab50076f2bcd630caf3d6794596fae69b

  • SHA512

    c82f3a01719f30cbb876a1395fda713ddba07b570bc188515b1b705e54e15a7cca5f71f741d51763f63aa5f40e00df06f63b341ed4db6b1be87b3ee59460dbe2

  • SSDEEP

    24576:Dh199z42ojP6a7HJlF9eu5XFQZSIZeNGdmEE8H17UBcegl:R9zbgH3euNFQZr/oEE892cfl

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 40 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 12 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SKlauncher 3.0.0.exe
    "C:\Users\Admin\AppData\Local\Temp\SKlauncher 3.0.0.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1728
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://adoptium.net/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:636
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:636 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:1420

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    34c06b28ce0028b769e6dde75e9e1581

    SHA1

    e2516b1397de8dca4bb29bc69c3654b702e70096

    SHA256

    0ebfcb5d9894d54fc936fbd7d4ade308fe89f40db288c7989f9c4d94d7fad0c9

    SHA512

    02da1e94c070ddaf48de23a52b79c2b86cfb10fbb3a20e54f50af76e6748af45ee5f908e1c7f921c64b747176592f15dfc76a5f5451ee3b2fb14786230fa56dc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f00b084f25bf5324141ae48994138d8d

    SHA1

    6110528834fd09a37a171aad8f2af077d8b51217

    SHA256

    da5638cdaa93003c8515aab25a036c58e5f0e889c4816b9815411d30bda3ec76

    SHA512

    1c29818e41e3b6c4abdc9f84783fba4a69af2b3f6a46a3725b59011ccf94c7c2e375838d1518496c1c8dacefcf428622f2506fad43e0d218f79cdacb51ec3983

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    8ceae100e3c577b865c7e2ba7b234478

    SHA1

    4824e111b5da19452cd5934de005c3989066a8fc

    SHA256

    e3944b54ee5d2e8c77e76b423d4353afe48d6e0fa8fd9fd80d110373f34f8fce

    SHA512

    f74cdf037dfa4204e475b8e21e76920918106fe8b0077b8f66aba96e862e6f3a31f3277a30753db8226f4d8385aa5c76043800112e595c069c4c178622a997c1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9e0e6cc99fa3460459ff95d988acccbd

    SHA1

    a07d5af405dca973619344e5308d850a2d6f2022

    SHA256

    39c9badb72ca07dfc933286bd0d3ac91957553959cb85ccbcbf56d5e2d0c4270

    SHA512

    536259f766d5540924e2e94aea8a7c218a1e52307623375aaae47fe8478b767fd11f18ea4f16572fbbb6fd53f3ce1bcde6aa91cfe880becf86bdea893729ea59

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    89ec5e4a7c3ffdd788b2b3e848fdd0c2

    SHA1

    cb5a162bf66de8314e5569ff5fe1eb6c2574d085

    SHA256

    b60b45fd31d1a20a7a8979ab01d2a2952b322694a81aed967c6a8080fa4edf62

    SHA512

    8ecec55b8e45ef415be3e8607173efd7f79d914397e600262985e2d513c7efca26236c67bc41c25dd9f00569b6f42ad1bab63214687c3ca3617b15af88cdad1a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bf45e9b8dc1e1503ca12602cfe8730b8

    SHA1

    bf50943302ce8c32b0488f12e3eaaa7e4c049ee1

    SHA256

    931d2cba944384e64ccfdae6e04f53bc7aa9fc11d4cf96cbf20a40a63c55f1b1

    SHA512

    63181b327ffb70fd1b2b3452698c7364d1fce681e02081ef7692e86e8edb5c21a74368ea52477646e91e27add1f26fde4efda0e6a76e8563272ff3bbdf7025b6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a0181e0afa5041e33a8e3041fa4d0797

    SHA1

    8b627586cb6b13429fa1f99a633e4e790774819d

    SHA256

    3e5dd573a3afaf852479d3e98447f57622a4a1b3469cf89497c94a249d3bb80e

    SHA512

    d1822b906bee93f628ea95dcc65268ddc896e572c1b1d1de6db5f5923af57f0faeada90aae8e36f0be3736066911ac9333b6875a53680171dc33c3fe3703b5e9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ffb180d38326b53dcb06e6c9b7ff44f3

    SHA1

    247043411c43571f71dab49fc818ea24cfa66b76

    SHA256

    ffa8930ad2604c52c67d4a9f4232a19398ab4c7e3415e9009e3e3332144bebc8

    SHA512

    47e6308b81b6b960f7ad989876559bd1d179a7460f4a31d78f3d353cb1c37a33fe083404f45db9cfbb2c41926ebe8688fa40cfe44540ae91c56276bfa1dba701

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6f68605276769903a264d19b77a54e6b

    SHA1

    1d9aa3d4005906bbfff8ec19a7f4003688199d8d

    SHA256

    b92fe0727ddd8b46c554e987c39c21267180dcaa328320d06a8f71d3671eb73c

    SHA512

    37b1a8476e94d6774086ece2651a3007f5f38683eda8d83909a82068c593727c1948eb322a8b5532ebde6391e41954b50de8cbeb81ac223c445b86114774a8b7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6e01f2a31ce45c38c11f5d4192aae0c5

    SHA1

    0e90d78fd3a36698a0fd9bd8127b445812759270

    SHA256

    34d0fa43ebc75f104e0afbbbf72726ab5555ed98d0b925008d6401307192708c

    SHA512

    99cca6c1d758af28c5a33cbed220beddf242eb149a420bd87b5405d2061616988faaca728802a14d22b0a9c1bf27697889da400122c1a7fe51f633fb438c67e4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e1dfe6fa520cd36025acc978d9a601e3

    SHA1

    5f4ed669bd649d7e8ecd2031d451204e52889c43

    SHA256

    6b63381f442efc424d36e5c3874867b4731d7c3c20bba8116bcfa5be4e94373f

    SHA512

    5c053ff36c0423d90a50309d9eba952331e64df1e7e855fd5c99a5e97c965f2869bc911a492ee6242554eb7d23a34e68d8ab1b33b882b6e4bcfcde7933a7d7df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    152ac8f324f60c1b33cba41bf6e826ab

    SHA1

    dbeef5648cee4ccfb9a6a46a4a29bf8729eea81d

    SHA256

    61f46419e32a2090e2203fafd32c9ea18c29a14c633e2114178a053ca3fb4b5e

    SHA512

    0524faed9db122a384065888074bafa3f80da88cc8c5c8c438bb0784feae92b776e711dff9dba57be5296e9825de1b555aa6ed11a4a33ccdca2392081203eb77

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d2c8148b8fd53e1c3d4f4fa8b3dcafeb

    SHA1

    5024fbda9f39b2aee6ffa346d8d32b8bee118454

    SHA256

    92b1e73153b3b3d1ef5904251b22bfe640e1771e5a4fbd0c62655bc3c31ccc87

    SHA512

    f0bdc835a9a52a4597894777856924da18eee767d4f0256a972ddaf3c5bbdde7d5c28028a5c669c40d726efda0511fab3923eb9e09703e89ab1b27522620f057

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\z62wpf5\imagestore.dat
    Filesize

    7KB

    MD5

    3580d646e14c468f4594cc2c9068ed15

    SHA1

    63d7be86a423d8500e84c4da2de0e8b6730e97c4

    SHA256

    9d0d80589500f6e0f16731287ac4dbadcf6b532311e7382ef9af714a1e0518c2

    SHA512

    4b01a920290d9d5505733a9c02127c72d3bc939ad0f1aa96ce4ecd2e019ecf450bb9eace3ba4ef2bcf61e345113a3a31f8d7dc1c55aece803bde6c1e1899550c

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\03S7L47X\framework-aba9a139625d94cb4f9a[1].js
    Filesize

    138KB

    MD5

    e1dac52c245ffcb07a84366c03e33d88

    SHA1

    09fd61c7ad9fa0fdd6a87e33912ed915bb32cb00

    SHA256

    6dfa2214b83346304aa14203fdb4a93693f2a95c7772418cb7704c99ddf178c0

    SHA512

    6d37d9ac9c3cec68b6e5b6e3cfc1ae372f10db44b13034e170ff619daa9d964e6753a20668f75bf77095fe740d4385ea9ed7b2c0c02009d5997b31d20c9c4c7e

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\03S7L47X\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CMIDRLTB\favicon-32x32[1].png
    Filesize

    2KB

    MD5

    df4253088bb850c76f81c91db284d4f7

    SHA1

    46e3e3c42a159f22038d86bf39fbde118c91dcbf

    SHA256

    590d33ce64b321c321644bc8c840c354257371f8c247f776b788a5ce2c9bbc72

    SHA512

    7804f8507d35adc2a3f65a4fb017bc50219fd2ee326693dfc5011cc9e22df61f50533ee7eb597133ac69e502683b7089df89735f03e11807a4724564061b0b22

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CMIDRLTB\webpack-runtime-6c33457e357c7200b1df[1].js
    Filesize

    10KB

    MD5

    20c0c9045c6a686554c94814f7bb84a7

    SHA1

    5ffa39d1d9bd2c94b4943b4d59820769c5ffc1e0

    SHA256

    e3e7f00214e2201222206c8d942d148a1e7870e4425132af9f4815fa1d75160e

    SHA512

    43ac7238c10b7afd9d1d8ba5a594768254064964b3bca87cbf6fd55242f7ba005cc3803567baef637e0167bc3f8a3080c8c394af2928361d71c857e46f040d7c

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KTB503AZ\app-f20088622a7fed86b799[1].js
    Filesize

    245KB

    MD5

    ebe63d23030710797100eca942b53e04

    SHA1

    6e43447590109a966f417a410d2b7d8a80f48c9e

    SHA256

    ca4fbfbb0941d40ae9428f2c4859e3b835b894eb4bdcb681280cf173d03cff10

    SHA512

    60f98fa9a6d4cd40edf085f3f53130ca9b1e54ebd4efe1f5b4b7ad164c7a86833178423fbc30151395988524dae7ce651b81f87550ccc751b6cdbee27cd24b24

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UOYUJSME\gtm[1].js
    Filesize

    165KB

    MD5

    f9ba9bb207f599de5cafb5638438785b

    SHA1

    7a558426ea9367c3dc29993ca527eb7056822526

    SHA256

    7cb81c490da8dc620239fe002ce1ab419a04c9919ae0ebb01c9ab5e3f99fc30d

    SHA512

    5c990f8f77401063ce0877eb5f712da9bc8b4a5e5ca12560da6632dfc32fc897cd91f4eff05f314a753f9ce66024043e32a8d7acd30d7e7fe4f782c5a2db93e1

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UOYUJSME\js[1].js
    Filesize

    235KB

    MD5

    bbfaed04d54cd1e7564d64ea4cbb28ca

    SHA1

    bc652a5547b0596166c470c637416bb7b10e6682

    SHA256

    bc0be4da7d152db6a02d1eb6f48f6951350bd57718bcc4c9e47396c9517db057

    SHA512

    e2bdb1c5347bbea09e2d29ac6d44a45a2f9980ad17a70e6441c90a584e3ba9df9d1ae16aa313064abe9e3342eff35024aeea4d8166db2a2b41b14a9c82df7f25

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA7F6.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA983.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\JOXYAPSY.txt
    Filesize

    602B

    MD5

    ecf3e8425241fae80a0c5053a00647fa

    SHA1

    82f4d4cc665fd6eafb88d3bef359ae0b485edb60

    SHA256

    ceabc396057654c9238ebc7aa51d30402c1480758e27ac756b915f2ffaf25f90

    SHA512

    8207c2f27b10af8c5ce00af8d322fe49ab0a62783f70cc0655f1b19b0394e933d6a437dc9b0205cfccf8b7d3ccd0446fe34689ee66eeb4e8b040a10e4a94d543

    Download Submit

  • memory/1728-54-0x0000000000400000-0x0000000000435000-memory.dmp

    Filesize

    212KB

    Download

  • memory/1728-56-0x0000000000400000-0x0000000000435000-memory.dmp

    Filesize

    212KB

    Download