c3db9475c3ab6b53d8f6d711f587e5218c9b8d332229a208277bc0b27a24b620

Analysis

max time kernel
151s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20230220-es
resource tags

arch:x64arch:x86image:win10v2004-20230220-eslocale:es-esos:windows10-2004-x64systemwindows
submitted
15/06/2023, 20:12

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

SKlauncher 3.1.exe
Size

1.1MB
MD5

021b53abfc25a261077282498e5726a0
SHA1

ba7f38a28444504e6e8e1f995cc40ceb70ff6409
SHA256

c3db9475c3ab6b53d8f6d711f587e5218c9b8d332229a208277bc0b27a24b620
SHA512

484bb65ecb1ccd3e5472a27737fd2fa4471240aeefcf4bfdeaf4e49636cec9b3e43a5c2feb7134074c92af01f52a456b8074aca8269480e210cfa3b51acae81d
SSDEEP

24576:7h1tjL2uma7hLQKaikK21SHCJ3ny+SGiPsGSa7tLC+/e0cUEcnr:sghMKai1viny6iPH5hF/e0m2r

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 1 IoCs

pid	Process
4984	javaw.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
4984	javaw.exe
4984	javaw.exe

Suspicious use of WriteProcessMemory 2 IoCs

description	pid	Process	procid_target
PID 5092 wrote to memory of 4984	5092	SKlauncher 3.1.exe	80
PID 5092 wrote to memory of 4984	5092	SKlauncher 3.1.exe	80

C:\Users\Admin\AppData\Local\Temp\SKlauncher 3.1.exe
"C:\Users\Admin\AppData\Local\Temp\SKlauncher 3.1.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:5092
- C:\Program Files\Java\jre1.8.0_66\bin\javaw.exe
  "C:\Program Files\Java\jre1.8.0_66\bin\javaw.exe" -Xms32m -Xmx256m -jar "C:\Users\Admin\AppData\Local\Temp\SKlauncher 3.1.exe"
  2⤵
  - Loads dropped DLL
  - Suspicious use of SetWindowsHookEx
  PID:4984

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\flatlaf.temp\flatlaf-windows-x86_64-4130867014000.dll

Filesize
21KB

MD5
4ca3290a99adadde557930cd481d7539

SHA1
26034442a76131dd3d37c8f28b6e9bebc7c1fe7c

SHA256
dd130c68dc36bcedbe51a6b8ec3b3358a460d45952f6280e12331f48850b6b3b

SHA512
9341c60f92dd3f89f82555055924bdae6fcce1e4cd13a7dde5129ebdce04bae377292237a2ed6c3e7623b242e82b01c7ed1717af4d7db8ca473e9fd7b7b190d5

Download Submit
memory/4984-213-0x0000000000EF0000-0x0000000000EF1000-memory.dmp

Filesize
4KB

Download
memory/4984-217-0x0000000000EF0000-0x0000000000EF1000-memory.dmp

Filesize
4KB

Download
memory/4984-144-0x0000000000EF0000-0x0000000000EF1000-memory.dmp

Filesize
4KB

Download
memory/4984-178-0x0000000000EF0000-0x0000000000EF1000-memory.dmp

Filesize
4KB

Download
memory/4984-179-0x0000000000EF0000-0x0000000000EF1000-memory.dmp

Filesize
4KB

Download
memory/4984-191-0x0000000000EF0000-0x0000000000EF1000-memory.dmp

Filesize
4KB

Download
memory/4984-148-0x0000000000EF0000-0x0000000000EF1000-memory.dmp

Filesize
4KB

Download
memory/4984-205-0x0000000000EF0000-0x0000000000EF1000-memory.dmp

Filesize
4KB

Download
memory/4984-214-0x0000000000EF0000-0x0000000000EF1000-memory.dmp

Filesize
4KB

Download
memory/4984-276-0x0000000000EF0000-0x0000000000EF1000-memory.dmp

Filesize
4KB

Download
memory/4984-237-0x0000000000EF0000-0x0000000000EF1000-memory.dmp

Filesize
4KB

Download
memory/4984-239-0x0000000000EF0000-0x0000000000EF1000-memory.dmp

Filesize
4KB

Download
memory/4984-248-0x0000000000EF0000-0x0000000000EF1000-memory.dmp

Filesize
4KB

Download
memory/4984-264-0x0000000000EF0000-0x0000000000EF1000-memory.dmp

Filesize
4KB

Download
memory/4984-265-0x0000000000EF0000-0x0000000000EF1000-memory.dmp

Filesize
4KB

Download
memory/5092-133-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads