Overview

overview

7

Static

static

3

SKlauncher 3.1.exe

windows7-x64

3

SKlauncher 3.1.exe

windows10-2004-x64

7

Resubmissions

27/06/2023, 20:02

230627-ysevgsfd24 7

27/06/2023, 19:58

230627-yp579sfc97 7

Analysis

  • max time kernel
    119s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20230621-en
  • resource tags

    arch:x64arch:x86image:win7-20230621-enlocale:en-usos:windows7-x64system
  • submitted
    27/06/2023, 19:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SKlauncher 3.1.exe

  • Size

    1.1MB

  • MD5

    021b53abfc25a261077282498e5726a0

  • SHA1

    ba7f38a28444504e6e8e1f995cc40ceb70ff6409

  • SHA256

    c3db9475c3ab6b53d8f6d711f587e5218c9b8d332229a208277bc0b27a24b620

  • SHA512

    484bb65ecb1ccd3e5472a27737fd2fa4471240aeefcf4bfdeaf4e49636cec9b3e43a5c2feb7134074c92af01f52a456b8074aca8269480e210cfa3b51acae81d

  • SSDEEP

    24576:7h1tjL2uma7hLQKaikK21SHCJ3ny+SGiPsGSa7tLC+/e0cUEcnr:sghMKai1viny6iPH5hF/e0m2r

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies Internet Explorer settings 1 TTPs 38 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SKlauncher 3.1.exe
    "C:\Users\Admin\AppData\Local\Temp\SKlauncher 3.1.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1108
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://adoptium.net/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2008
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2008 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:1328

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    90dd799951ec2ed9763711616a4b40a0

    SHA1

    f261721c6fd19df9b94a75a3c16dcea0ea014509

    SHA256

    b686b9b97ea8e6b65a372df501e196c57a4511ec8097a7e451bdeba3282164d1

    SHA512

    a01d665812ebe9b24ce07a5154fbffa7f23f51eea902375107a9333f8c4b329ba0d381e269257db2f2c8a991d6193d11804ee1cd019335c5cdafa10f3fe7f0b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    77ceaf63eb5847ba28c549603703fbe5

    SHA1

    fcb51652387b86d01c667069ec1fef959717d002

    SHA256

    00a0f4494f1ec05093fb8a2a30be1413639dadea82a2a77203b92c5601388e7b

    SHA512

    9a1596e6bfe56e55df26eff120e98542681497a418733160988b8f9740d9333893863360b82468277e6622ebbbfbbd0db2ea99303f60333b6396e53f3f21453d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    282382a41033c356fe59813ea178f6df

    SHA1

    0035c3451690f0a95aff7d39904ddaea4e5757de

    SHA256

    e09b24e845d8c58078460268be8942e331c8084ea263de8b849f6df371c86dc8

    SHA512

    08872b3faf2cac2eddcc0d920c1e5e2f8d24361babbd629a31df08db537f17d53dabfed908144465e729e8753d091631fb9474dbe0a4dc33d59b103d09d2b251

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4be0410d18d4def0104cc3960f3f062c

    SHA1

    5c9dc1071c249844ca5a79b752208cc5104f5632

    SHA256

    a53b0b05b4673b75918266d7f851bba9e35253f618851b62f9a07abef8b0af1d

    SHA512

    9760d9ea448f7a2b3eada23f25a2e0e988dd3eeccf3cd0b47c82b1f4f739421eced4277af3511940c4e2d70c2f31f8dca50401a8ca76b984dc9c0d64e131a9ff

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    e6fb534ef36e05031c16fce215f96fd3

    SHA1

    c6d4de3046d37529b2de4a6aeff515fd125b4044

    SHA256

    d2f0fbc488ae6c9d475d6ce8ed2ad2e368fb0b1681960b9ff7c743a9ce761d92

    SHA512

    e664196a19da648f19565732738cc9d33229a6e1bb73ddddd2a2fbcb61a4d65fa1960896214f9876410dd8d7891e32144b06a8765c5d50d693abbeb664381c7c

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f133b57371f403f740593ddee84eb339

    SHA1

    e7e03f31a1c1221a2d7e1c58ee4a7ce5b73e999a

    SHA256

    067bd1f497707f1505d2e14c41efa4a39e8af64cea17c0c663b39d335b540bbb

    SHA512

    44688ecb5a19e16f81277fc05cbde1142324fb645b568cc0fa264d983cea9811c60d154edff25e57529789c14395fdd37b51262d45b5926d88f92f1878d29ad7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1c79f8b88570c55ecad8a9c390e5d1f6

    SHA1

    df521107d88cddec4f62dcdba30acbd8a2030a82

    SHA256

    fba461a05b436bb43c12f22927290c68e8d7dc886c073cafd5853f78721b5927

    SHA512

    df95720ef636dcf5879516f9cc748b239ef4d2d52e220305150bdc26a88092f0a4cce17d716cc0a336665844be897736342c994f9ced192a9ed3282894cf5bfb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c7f5fe61f6b5eb7bbe3e7bf4d39f4b75

    SHA1

    371020952f4b773a27ae5fa70308c0bdee5397dd

    SHA256

    c54b18a03ceb158dcb007397d96b83692a654c7bebc37ce2ce44145ae184e3b1

    SHA512

    5fbd7ce9d52734d69f329db988eaa0e23eb92039f977373f92284ef9f0d253955c337bd1e930205cfcdeff75617b5e774ee9b50330eb113f1f2efa2f68bf651d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2d031c763c3d28aa852461ce947c474d

    SHA1

    2558ff448e0c996f39ae078d22b55dda36d4a1c8

    SHA256

    8087e79a00b1bf0ccc0488305c5eb5190acc88268767ff3a40cb5a14e730bf0a

    SHA512

    963450ed44afe7aa8b06f21a5873245da0eacdb38db9c283e97306de8997d29839c3be439c11a356ee9a87c7571856c5397f07b19d950ca55f942cdb603cbcdc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    409ed196e61b810c229cc82ead994220

    SHA1

    1f4d45a2548abf93cdb611cc2a1afb0c7bc56af7

    SHA256

    751dc22bd340fde2178e996d2c0c944bb8e531a60060574ca3c7784a33281591

    SHA512

    0a9df66a1eeaf2bc3c287a925e34bad3614676d71b9f154db3cb8b1a4dcf875ca304dc308ac0ed281a6cf2ea6aca91a6e0d68d2f3f96f92f9721ebdcbd3e0f30

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    05999a9bd17b69f4f7cc2789876005a0

    SHA1

    aea9798c932b1d48445ef2c6dbbe3e961801e558

    SHA256

    f8bc22bb7a1301f86d8f9594357d6017dac25771ccf369257d3dccc97ec5b820

    SHA512

    a80e3b4a2df15c6296ebf269db387f848216cb72681760afb139ad602cb21d3f14d3c21705c1eb5b2d87717c34ec0ffe7409565bdf3ea14e2a413c757b717e70

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    cfadf0bee63d2e23f30e92100f781939

    SHA1

    dd2cae680dd68ac0afa63de5157315d65149fea2

    SHA256

    73036ceff5d012f75b63b5faaa0a39355bd6ec52d6d899d30a61fab65684ca68

    SHA512

    08b605d0a108ab652d96a65bd6056c9a3f584a8220ed0614a408781969f070bf2611955837f87a06f9958ca13c74c62a638a727a9d364447df8f169b7596c5e8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5ca67549b9081a34085eb79360554e11

    SHA1

    c796ec6ed3c03d86f2b90c563bc0df6b9dfe08ea

    SHA256

    96ab6dec2a5cc8c1309cbdbd3daf2ed141c36c67fd2ba10b48750f83701dfd34

    SHA512

    08d376b56fa4c8be022d4eb247d26fdf29f8e39c3f0da39630c34485bbf3153351d531c1d82df8e090701e350b644c65c528dfdeb5d9ec724476d1208607d06f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    38d254275e10e3c18d20a8a9eed84c6f

    SHA1

    9cb2b71e59d70575762d0fc5db5cae29b27a3885

    SHA256

    b8f7f2dc22c105593411ff4625b902cacdc77885c0a65bfc90c146e997b64196

    SHA512

    507b6b79b6335470e1284ec6f616bf4fec9967b0b76227c76186625b6a003bbaea8dd6a050735722c4a4c7b43a710a6471d56ab259561f92527c72bbd0cea718

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\hjjd52y\imagestore.dat
    Filesize

    7KB

    MD5

    0d4cf0ca0e25bef02cce375aa0878ef4

    SHA1

    14d7c65d7b027bb0a07ee39cde02ee10362f7e4e

    SHA256

    2d3c258c69d2142b894fc389607f047d95677dec51f6ca8d0c7c85a4098aa677

    SHA512

    effc519a8f323de725ac964066b0233267285f052228c6f9a6a633037c67195dfb7e8c1479bc3d5d223b66fa7849b002c281f21d43cbc4618fef7d0ff1abf345

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A45MYXV9\favicon-32x32[1].png
    Filesize

    2KB

    MD5

    df4253088bb850c76f81c91db284d4f7

    SHA1

    46e3e3c42a159f22038d86bf39fbde118c91dcbf

    SHA256

    590d33ce64b321c321644bc8c840c354257371f8c247f776b788a5ce2c9bbc72

    SHA512

    7804f8507d35adc2a3f65a4fb017bc50219fd2ee326693dfc5011cc9e22df61f50533ee7eb597133ac69e502683b7089df89735f03e11807a4724564061b0b22

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C7A8D1KQ\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab5BAA.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar5CB6.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\28FIK91H.txt
    Filesize

    601B

    MD5

    af5279e604170aa7cf6d7314944fd973

    SHA1

    afc1983ffddeff7d90c987b40d6ca70ed8b2411f

    SHA256

    85c73d437282496fadd81e8bf3c0361a24cfbb0fce3489b5c9707e465f884537

    SHA512

    f4ec03f6860a4877e0e4d6825f8ce09a3e788e8fc88121539bc73e174dc333359197790df4ff302000c71453c27915668ce95bffcbf3c278ec004f4365dba7f3

    Download Submit

  • memory/1108-54-0x0000000000400000-0x000000000041C000-memory.dmp

    Filesize

    112KB

    Download