Overview

overview

7

Static

static

3

SKlauncher 3.1.exe

windows7-x64

3

SKlauncher 3.1.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    76s
  • max time network
    152s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    10/06/2023, 04:55

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    SKlauncher 3.1.exe

  • Size

    1.1MB

  • MD5

    021b53abfc25a261077282498e5726a0

  • SHA1

    ba7f38a28444504e6e8e1f995cc40ceb70ff6409

  • SHA256

    c3db9475c3ab6b53d8f6d711f587e5218c9b8d332229a208277bc0b27a24b620

  • SHA512

    484bb65ecb1ccd3e5472a27737fd2fa4471240aeefcf4bfdeaf4e49636cec9b3e43a5c2feb7134074c92af01f52a456b8074aca8269480e210cfa3b51acae81d

  • SSDEEP

    24576:7h1tjL2uma7hLQKaikK21SHCJ3ny+SGiPsGSa7tLC+/e0cUEcnr:sghMKai1viny6iPH5hF/e0m2r

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SKlauncher 3.1.exe
    "C:\Users\Admin\AppData\Local\Temp\SKlauncher 3.1.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1620
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://adoptium.net/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1528
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1528 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:1004

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          62KB

          MD5

          b5fcc55cffd66f38d548e8b63206c5e6

          SHA1

          79db08ababfa33a4f644fa8fe337195b5aba44c7

          SHA256

          7730df1165195dd5bb6b40d6e519b4ce07aceb03601a77bca6535d31698d4ca1

          SHA512

          aaa17175e90dbca04f0fa753084731313e70119fef7d408b41ff4170116ab24eaee0bd05dca2cc43464b1ee920819e5ce6f6e750d97e3c4fc605f01e7ff9c649

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          62KB

          MD5

          b5fcc55cffd66f38d548e8b63206c5e6

          SHA1

          79db08ababfa33a4f644fa8fe337195b5aba44c7

          SHA256

          7730df1165195dd5bb6b40d6e519b4ce07aceb03601a77bca6535d31698d4ca1

          SHA512

          aaa17175e90dbca04f0fa753084731313e70119fef7d408b41ff4170116ab24eaee0bd05dca2cc43464b1ee920819e5ce6f6e750d97e3c4fc605f01e7ff9c649

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          511f76fe89d29760ec34927f69d49d08

          SHA1

          2682e84aabcbc604f3b2c72a58aed0ff7336895d

          SHA256

          ca987b2f936ae2c1d7572694ab514fa318caec3506f0146da583ddc26dce28cf

          SHA512

          884133d0f0632ce54c80bb5888ec93b0cc1eb37de29592f6bbd803905f6f790d9ade2aef64395c799efb4b9839713ff40ab0455a7e79c7168ba61cea651de33b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          2a208de64305c82d2e9f41d0a8bc863e

          SHA1

          1667960a695642e7d8af87c844c2c0c7fb126081

          SHA256

          7ca5ed6e9c7ff2123e23c7dcfd6fbcd9bb12caa6ac8115958d4c6d5cdaa4b8a3

          SHA512

          fcd044701c313d6d4a69aaae0c3596fade9167e039ba560483cafc0a8379d7cca0d309c4116a9dd755e5347d3d6a0e80ca8f354144c152f3ffce4c0f74953f0a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          ef8a03ec3e3779e843ae89ec00508897

          SHA1

          f245bcb3d91d53b04db3279b2cb07cd1723bc5cc

          SHA256

          a4f8d72ea005b50f1fd074ca16c0ec400db10957ba49f889acb939845db4ed8a

          SHA512

          f0146ecbf7ea22690e3d250504c92c9b322213b90d30018fe869bab669d9fa77f2c5037e57aa21aa9cfe6d94a6959748b464149f4c7591c0de2352fbdf1cd789

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          384653cecf8dead3984841ed9649c3fa

          SHA1

          01e7ce1d3d32203a70724aa4f49b866c31c49c8b

          SHA256

          a9b1b7303c4f0718777b4bae9cbbd60bca1f1b1b1d36742ec84866370f9387c6

          SHA512

          ed2b000821a0fe7e9c2d539df2d6fb23002d84336b0b5d352c6d10669d0fa5d650509f7c94c295780a6cb3077228e04ac0ce6eef5c4841552aca56dfa01b1eb0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          5bf2715a9fb8f91fafab64d89e403ed3

          SHA1

          438c82bf821d7189de8f60ca0ad5d0310045aebe

          SHA256

          8ed22a8617358220a9170d12dd4c49db733a2603cd00aa77c477111baa000509

          SHA512

          ee104544b09384f4e66df5f308db167022487854fa4c16e85ccdddf1fc7183a164e6f8ad057ef0dd3d90c69c8ed7bfa0ee92a9907e36bfcde4f63fce3ca86ce9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          fdf34f3458e1fbe87f35f303785b30e8

          SHA1

          5b2549ad2dafa08e24be67543214c7dc806357c7

          SHA256

          30b57ddbc54c7ac082abf4f5d8973b841b43ba9fc7ab7c504d71e7f2f861ccf0

          SHA512

          599dafe25e229a269f8ae861b0abd29a5c33092a4872a1a7d83120c99c5c89878db487cdd1587d8123b9865f7b2bc8418fbc3df699c868f98b43642197b37f60

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          af0c12f1d3685cb9ba4d4e1e94c2bc4b

          SHA1

          f2c19438f59b8a10d30b38955fb92dc3172b2764

          SHA256

          5bbe09e12cdfcc44bbf9d56ff91a55bc85042d3dec8ae8ea82da187261faa6bb

          SHA512

          b23f834f82ea06dbe5dc88d9355d81fa9f3c4dd7686fe79f10889fc2d1e43a5131e21fd664f5b980115f6b70a88fad548d6dcc553169114fd349908ec958e66c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          79f53ded919bec4c69fdcd359ca81444

          SHA1

          b73dd653fd163fbe5010102a3e91bb2dcb1d83ad

          SHA256

          9dad227ed689d278f7af0ec58074e48e93b3ead99fdeeadb69fb9dfd559430df

          SHA512

          256623fee84d5fbf3d7eb7234183d35555215dabdcdc8b22ed4dde39001fabce1de085d136c5c25d27e15ac59fb7accf2082dfbe249aa02e55402fe6d0581fe8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          91fd39d09b0ec0562004a30a37d837f4

          SHA1

          d81d6a566399e580e7b4cbc274d375554272b0b6

          SHA256

          961a747b736b924eb457ce79f7f4c126f3668a4842c694cf2e976064926b96dc

          SHA512

          b37ec4be8f8a56822be37588b3625aca4574e67c6ee78072fe476596b7656210cbcd6d7177a70dd1a41b1dfce5e24099f8bde878af97de0a4b468075857e373e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          bb7e0b02567905480b196269ed799616

          SHA1

          f20e0960c96e6aa6f61797e17aa55bab2bfb064d

          SHA256

          b6b7a6284c5cb590480d74879f4b8c252d68397221ef81b26970ec8d4a0643a1

          SHA512

          97337a56c9b79ed1e62122a420b472c67ad3d14ee0086625f670c8d4dae96dce1e9b24a968825dc0cf6e1df42fa62af66f6646d22187596976e36b15a8030520

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          522e5f6c3d754b26c51037a661ec1be1

          SHA1

          d945f156087ba51dc3f85d9b312414f0c11d3877

          SHA256

          0815e5923c4077fb4c95173660ccd6cf670a1fd80bf477b6b05dc9e096aeac17

          SHA512

          e24b2e55ffa432da3466be6f9b74cde6470f19ad42d6cbea3ab8a720b82ab1ce0942fb20857e5c049d6fa48ec60cdf3ede758e3a9bc4b16943ec7dd7961d0045

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          bd41a57762e5490e67894a00a4471327

          SHA1

          fd8c67153dd07cae5b09846a03fd273cc09ae4bf

          SHA256

          0c0b69c5530918f6ccc3572efdbb6172ec0753cb8faa61a236424f26935a7ed1

          SHA512

          77e532c2099649a57c733b62c05ffbaebc507044e1f04b75bba6272b66c795d30b2cb0d7cb250cb55d190085815ee173ad48a5e9308d4eb15020f0c696fac967

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          3c893767e43880b06d01e57b5d5dc036

          SHA1

          be2de9923868a392e964456f226e87e4fd24308a

          SHA256

          66f2567c948f747f79137d8f054ffb150a74b152d2eac08791a4e9c6576b8dd1

          SHA512

          ff97aee8409f0aa326bbb1f4e958047e7a8a682c98ba4b3628ac035e0d301e54da4ce562c65142c64f953fe0bb915646ebd63d29b10e86101153040b5e5c53c9

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\62yy7f8\imagestore.dat
          Filesize

          7KB

          MD5

          249306605ab538b3d810508023141d20

          SHA1

          db42a6b1b590f46b58da0d6206d8f7d3405f952b

          SHA256

          beea4c37814fb24e09b65d20c56a6c7039d00fcf6edc485af3864141daa7e158

          SHA512

          512df642b1db6e83b03395cfa8414252a3681f5c50a75d664f78636d3be705564b0fdd014c8bb02f94a959f9ff341896ce0f74a6cd159f645f7e5d1a11220e48

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T22XS5WA\suggestions[1].en-US
          Filesize

          17KB

          MD5

          5a34cb996293fde2cb7a4ac89587393a

          SHA1

          3c96c993500690d1a77873cd62bc639b3a10653f

          SHA256

          c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

          SHA512

          e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VQ77JNZF\favicon-32x32[1].png
          Filesize

          2KB

          MD5

          df4253088bb850c76f81c91db284d4f7

          SHA1

          46e3e3c42a159f22038d86bf39fbde118c91dcbf

          SHA256

          590d33ce64b321c321644bc8c840c354257371f8c247f776b788a5ce2c9bbc72

          SHA512

          7804f8507d35adc2a3f65a4fb017bc50219fd2ee326693dfc5011cc9e22df61f50533ee7eb597133ac69e502683b7089df89735f03e11807a4724564061b0b22

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab7E66.tmp
          Filesize

          61KB

          MD5

          fc4666cbca561e864e7fdf883a9e6661

          SHA1

          2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5

          SHA256

          10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b

          SHA512

          c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\37WML529.txt
          Filesize

          599B

          MD5

          fd465205beb8beb737ee7e312dd11931

          SHA1

          14afb91168ba6542fc163873535638adffa6ac18

          SHA256

          59347887b93067b617c6ddecad539f64a311c62d58ac5fe8acaf80fc54365e77

          SHA512

          ac2d0097452f26bb7c3ec29e2a8f0f26ddd08a24fd6e88d393880fd36fb9b7732f82f7043e8a6e1c31444381b335d58432ab6c5b212f5b8b66a56eb1e2be5908

          Download Submit

        • memory/1620-54-0x0000000000400000-0x000000000041C000-memory.dmp

          Filesize

          112KB

          Download