Overview

overview

7

Static

static

3

SKlauncher 3.1.exe

windows7-x64

1

SKlauncher 3.1.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    85s
  • max time network
    152s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    08-06-2023 18:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SKlauncher 3.1.exe

  • Size

    1.1MB

  • MD5

    021b53abfc25a261077282498e5726a0

  • SHA1

    ba7f38a28444504e6e8e1f995cc40ceb70ff6409

  • SHA256

    c3db9475c3ab6b53d8f6d711f587e5218c9b8d332229a208277bc0b27a24b620

  • SHA512

    484bb65ecb1ccd3e5472a27737fd2fa4471240aeefcf4bfdeaf4e49636cec9b3e43a5c2feb7134074c92af01f52a456b8074aca8269480e210cfa3b51acae81d

  • SSDEEP

    24576:7h1tjL2uma7hLQKaikK21SHCJ3ny+SGiPsGSa7tLC+/e0cUEcnr:sghMKai1viny6iPH5hF/e0m2r

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SKlauncher 3.1.exe
    "C:\Users\Admin\AppData\Local\Temp\SKlauncher 3.1.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1276
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://adoptium.net/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1420
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1420 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:468

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1106df85208662b185dc3e249bf7c911

    SHA1

    666d1a21c75a08307e43b398b866c46bb9dc0219

    SHA256

    fe6867709458bb9827cc6307d175a3cc46e4be131cc16112298cab2128524c4a

    SHA512

    4a78212af5cf4a389244d16f64a220b9234440f4d2f3664c72db593a7030a731eac96c3b6756813a29de18af33d8d9193cc7eac55fb7e710513747889c741688

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6340efdcf6aebe3b9e6bf58761afde3f

    SHA1

    061c47514d7d88f31c14ddcbf21ac62a459b4eee

    SHA256

    64c9518c7a1ebd4f564befc3db9bb8339bad232ba6384e54ccb449c2c527cf04

    SHA512

    e24542845a614bdd207c90aae66c7b9154dde6980010b70ae963cd107c95c571fb2b301ab1aaffe915828815ea21c5b5e0b6674b77e707795ee7cd6b748cf064

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2201d2c871e2cc89e1bdf0d6448ff785

    SHA1

    7731f94c68169bf8241f274997cab05df613c69a

    SHA256

    3b99f6e16b570aa06706795f50d4a73ceb38b1f52b237d26ef6e5fdcc1904a4c

    SHA512

    91aaa1af01386b63629e2593803bf88249ba80e4a42813a4d7ed4e4254809862715df296e30214558e8a40e97888e7789bffdb901098641c3d8b30b3e2d9ad18

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9fb41fd6e79466e91bb8e80abafe62c9

    SHA1

    071a5a326035d3b62837e4292aa216b1357af53e

    SHA256

    4c72f44e7ef5ba79dd7be6ff9f4d115e5de914844d046b96c4c8388291551fd8

    SHA512

    116b5b517ab37d7abe2645cded9707298ba73dde838e47cd5f740874cf820dae607376ff062e084085d13efc98debdfcabf92bc75c1f9b6979d32ce55256b745

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    53b2408dd10129fa30e477b7913957c8

    SHA1

    6bf6a2292ee173877d699ed86796feeca40e8ae6

    SHA256

    9f1fc04d658b732d06a5c431c7e40708aed921f0d0eb458a2a1fec690ee6903b

    SHA512

    8dd5d5d009dbb992917ea2a41405fe0f4a71047067f3b0859d5caff47a4f9b8c554f5182a43b6ef22b6474cb5769a3ec945c801e8b508f5838143bd6cd6519e7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    51cb23ce808802b3252fd95806c00a7a

    SHA1

    684a4ed1ce257e0cc236ad645e42a0ff1a34e212

    SHA256

    2e169f14a6a4e6a928d20dacccd706bd7e1dbf6298e222a526a13400030dcea9

    SHA512

    336572d75e6edf5fb9ad3986d4e413e80e7829b1ef47934da35f3b2e6dd06044db1984985cf20b8a2544c4faf91d81ee93cfe06a649b68da0ad96ca5eaf6c542

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e0837615b25d75cd8ab6d44ec2678954

    SHA1

    df7d7bc76dc7366b0c27a214e6240309a966d349

    SHA256

    5043a48f4d1ea6e67310bcb3644f87309b3a66be80ffdff329d1f208a1173b4d

    SHA512

    4e09286b514028d50b078801ba22a8309335438aa71965cb3a8abbcbefa8b4c0756046e63c4dcac64107942bd6aac344648e02733b126a8869b04790414f5e4e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9322adb2ada0613963a01fbba3879f68

    SHA1

    2523522aa358687b3710391f5cbeb928fe6ddf25

    SHA256

    74479e138cafab0073fa8ea3a115387b545e743a4416fb06e6872901aa888a10

    SHA512

    aa4fd3b652ddf6c3251e06101848cb7c30c4e2bb720223ed0e9966cafbe265f72e2284ff1442c6d40b60bf2dc84112490b89882be456ab1941a6e3fc2262b040

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e668131b54c3558fda12b2d473892ee4

    SHA1

    fb08a84566280db58e8b9a741379b991e44da1bb

    SHA256

    c52acae17b15fee74fa00c2e8713dc50981f82d5c5112988b35f14ba4ac03559

    SHA512

    99f90c4bca0ec5ce924cf4e632acf618ca670264f7081ad59ce8c5231b73469c249e0720c487621e7e9f3192e0c335e98599fb3eeeeb51f6244d4850ed8f60f5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a9104518646dcebfcc6c5c6bae624f34

    SHA1

    48bd88fb5abca5b9fbd2b0a6f50c810a7314819d

    SHA256

    dba339a36efd9a0f8209523330a2b0ae5f0c51433b2f59f29f1d1dfc27e0d1f2

    SHA512

    629c944dce055f95480e021c51e5686014da124d37d7339426f2dd88037747979136f4b7f16bb1f60f9d17c0f572e334846c963524d54246c492512b216b28de

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ea50ed0cf0af1e762da9a88084b2d9be

    SHA1

    d5f8619bca55f6151ee3cc27b46cd53e1dc22ce9

    SHA256

    204c95267339d2f3faae8b70a8a978ed903163b6c5ff775e3fc5fb9dadc80997

    SHA512

    67faec925df001dddea94ac1a1bad235b0f1cf925fcbd528b4b2284981a21dc53ffd0a78d3c2f31f0cd8205c4afbfdd7f2a2f6c159afa266ed2a03bb9bbc6039

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    27f0a65e08cc97c6aabde6414736c1a7

    SHA1

    365d0d56e60c1178ece4d347138f59384f9fb181

    SHA256

    bae713de111a0d35acaa9d56e259aeaa2505da2914e2bf7e4d7ac6770fb54a22

    SHA512

    80e8e2ceaf5790b13c4c6dd777a391367d597670d0fd6d477e64a32ae28a41b0fc138b30e4745a5e3ee53c96ea6d59fd1c5cb43aa43133fe039318131f0d1c3c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    45ae306792de0d82367f66d14fde61b6

    SHA1

    93243d548b762ae01b1295de5f5a50ca9e0ac8d7

    SHA256

    93ea46a71087c1b180333c5ca471b71f149f161c14e53689eac8e8bb75508dae

    SHA512

    46baad1ada318e1da135637ed7368c35c23602a1341c0c3c0ce48b5d743e0d0098479d2e272ad8f95a95955056b87a8dd0df9865dc87c15569c5cfbd3ec4cb60

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b1583df42b5a1e6e935de687a10403dc

    SHA1

    3e476bdbb9a7d22905157b9b0892973172b92330

    SHA256

    c80bf68bb715f7a4a8e456c7be2be611faad1eb6729c840e382feee91f70bec4

    SHA512

    1c5b4f489a3d03876af6459cf5a55d3f60d6a659cf5788a4bb27176030f32a444ff4f1fc69ba0dae8f9649176862169a8571d296e964a523bed57cf00257ae3c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    23ea66bba979b9572e9c0be3373dd431

    SHA1

    622cd22995bec8d91b5a617f12284e039f725f8d

    SHA256

    16fd8c3356a4307846a15a3feed8002947ab7102ba5c8be37bab754784ab0853

    SHA512

    d0c295997de0683cc50b22fcd0317a93df7d510fc1a3a21ba4aa6077aaefbc33aa60b1941fbcdd4221a0ffc0489537d886f07d1473653aa88a2cacb61b6e2490

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\idyde9r\imagestore.dat
    Filesize

    7KB

    MD5

    1be5ce837a902caa56df2f3764095ca4

    SHA1

    ce982f9fe44b7dda976c351add7362a8d36e96c2

    SHA256

    ada1afc0626d47594462909b9c861acac03c9af27a57c5aca585b9eb841582bc

    SHA512

    2b8c4fb2261109d69798e484c6b09a735890ea1f9ebe75d907b8e0e32a2e4ca255c6c17f0cc5c4b5e9a837730e6c3b95ce1f71af92ebced66ca5341a5061acb4

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KIMPJA9E\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NMXH1C0L\favicon-32x32[1].png
    Filesize

    2KB

    MD5

    df4253088bb850c76f81c91db284d4f7

    SHA1

    46e3e3c42a159f22038d86bf39fbde118c91dcbf

    SHA256

    590d33ce64b321c321644bc8c840c354257371f8c247f776b788a5ce2c9bbc72

    SHA512

    7804f8507d35adc2a3f65a4fb017bc50219fd2ee326693dfc5011cc9e22df61f50533ee7eb597133ac69e502683b7089df89735f03e11807a4724564061b0b22

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab623F.tmp
    Filesize

    61KB

    MD5

    fc4666cbca561e864e7fdf883a9e6661

    SHA1

    2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

    SHA256

    10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

    SHA512

    c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab64B2.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6571.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\MCJ96WVE.txt
    Filesize

    600B

    MD5

    28f7694706d0148e28d3921f157e1370

    SHA1

    99914a653087dfafc2ccfdb3761ac497a8150c7b

    SHA256

    90e0fae9f34239b34aa62da2edf62711733a4d1dc907749cecc0a3b9d9d59445

    SHA512

    f2b5a6ca081691546de7a3bb7228aebb62e716fb979c48074c15c5d0a1470ec4b36348883ef2eb0d30b4f1c9b306ff3093d1b753ade06ba56484577d3507547e

    Download Submit

  • memory/1276-54-0x0000000000400000-0x000000000041C000-memory.dmp

    Filesize

    112KB

    Download

  • memory/1276-55-0x0000000000400000-0x000000000041C000-memory.dmp

    Filesize

    112KB

    Download