Overview

overview

7

Static

static

3

SKlauncher 3.1.exe

windows7-x64

1

SKlauncher 3.1.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    597s
  • max time network
    583s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-es
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-eslocale:es-esos:windows10-2004-x64systemwindows
  • submitted
    12/06/2023, 00:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SKlauncher 3.1.exe

  • Size

    1.1MB

  • MD5

    021b53abfc25a261077282498e5726a0

  • SHA1

    ba7f38a28444504e6e8e1f995cc40ceb70ff6409

  • SHA256

    c3db9475c3ab6b53d8f6d711f587e5218c9b8d332229a208277bc0b27a24b620

  • SHA512

    484bb65ecb1ccd3e5472a27737fd2fa4471240aeefcf4bfdeaf4e49636cec9b3e43a5c2feb7134074c92af01f52a456b8074aca8269480e210cfa3b51acae81d

  • SSDEEP

    24576:7h1tjL2uma7hLQKaikK21SHCJ3ny+SGiPsGSa7tLC+/e0cUEcnr:sghMKai1viny6iPH5hF/e0m2r

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SKlauncher 3.1.exe
    "C:\Users\Admin\AppData\Local\Temp\SKlauncher 3.1.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:5064
    • C:\Program Files\Java\jre1.8.0_66\bin\javaw.exe
      "C:\Program Files\Java\jre1.8.0_66\bin\javaw.exe" -Xms32m -Xmx256m -jar "C:\Users\Admin\AppData\Local\Temp\SKlauncher 3.1.exe"
      2⤵
      • Loads dropped DLL
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:996
      • C:\Windows\SYSTEM32\reg.exe
        reg query "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /v AppsUseLightTheme
        3⤵
          PID:2948

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\flatlaf.temp\flatlaf-windows-x86_64-4163194143000.dll
      Filesize

      21KB

      MD5

      4ca3290a99adadde557930cd481d7539

      SHA1

      26034442a76131dd3d37c8f28b6e9bebc7c1fe7c

      SHA256

      dd130c68dc36bcedbe51a6b8ec3b3358a460d45952f6280e12331f48850b6b3b

      SHA512

      9341c60f92dd3f89f82555055924bdae6fcce1e4cd13a7dde5129ebdce04bae377292237a2ed6c3e7623b242e82b01c7ed1717af4d7db8ca473e9fd7b7b190d5

      Download Submit

    • C:\Users\Admin\AppData\Roaming\.minecraft\sklauncher-fx.jar
      Filesize

      14.2MB

      MD5

      a37550ae9979834eccb7bc9c58f19a5e

      SHA1

      ba48f442c1ae0df11df09979c8149aa978eee704

      SHA256

      e02c5a090f015d20eaa89c6bb4218b4d9013637d54d12f95050db506f00d1c72

      SHA512

      a449639d2eac97cbd6878fa539b69c7fa9128d0063c01aaacbb958172320f39eedd867277b48c2bf390c355d978dc4826d2dd51b75aeea4b976d9bb422303aef

      Download Submit

    • memory/996-220-0x0000000001870000-0x0000000001871000-memory.dmp

      Filesize

      4KB

      Download

    • memory/996-221-0x0000000001870000-0x0000000001871000-memory.dmp

      Filesize

      4KB

      Download

    • memory/996-175-0x0000000001870000-0x0000000001871000-memory.dmp

      Filesize

      4KB

      Download

    • memory/996-181-0x0000000001870000-0x0000000001871000-memory.dmp

      Filesize

      4KB

      Download

    • memory/996-184-0x0000000001870000-0x0000000001871000-memory.dmp

      Filesize

      4KB

      Download

    • memory/996-212-0x0000000001870000-0x0000000001871000-memory.dmp

      Filesize

      4KB

      Download

    • memory/996-213-0x0000000001870000-0x0000000001871000-memory.dmp

      Filesize

      4KB

      Download

    • memory/996-218-0x0000000001870000-0x0000000001871000-memory.dmp

      Filesize

      4KB

      Download

    • memory/996-144-0x0000000001870000-0x0000000001871000-memory.dmp

      Filesize

      4KB

      Download

    • memory/996-148-0x0000000001870000-0x0000000001871000-memory.dmp

      Filesize

      4KB

      Download

    • memory/996-222-0x0000000001870000-0x0000000001871000-memory.dmp

      Filesize

      4KB

      Download

    • memory/996-242-0x0000000001870000-0x0000000001871000-memory.dmp

      Filesize

      4KB

      Download

    • memory/996-247-0x0000000001870000-0x0000000001871000-memory.dmp

      Filesize

      4KB

      Download

    • memory/996-249-0x0000000001870000-0x0000000001871000-memory.dmp

      Filesize

      4KB

      Download

    • memory/996-267-0x0000000001870000-0x0000000001871000-memory.dmp

      Filesize

      4KB

      Download

    • memory/996-269-0x0000000001870000-0x0000000001871000-memory.dmp

      Filesize

      4KB

      Download

    • memory/996-275-0x0000000001870000-0x0000000001871000-memory.dmp

      Filesize

      4KB

      Download

    • memory/996-283-0x0000000001870000-0x0000000001871000-memory.dmp

      Filesize

      4KB

      Download

    • memory/5064-133-0x0000000000400000-0x000000000041C000-memory.dmp

      Filesize

      112KB

      Download