Overview

overview

7

Static

static

1

Launcher.exe

windows7-x64

7

Launcher.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    22s
  • max time network
    36s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    05-07-2023 23:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Launcher.exe

  • Size

    1125.4MB

  • MD5

    d6bb390dd0e507ab7a21103ce6988f5f

  • SHA1

    e9261d728047872157b3a1d105faa30498568410

  • SHA256

    8e404677b93e7dea53123dd73ec630dfe2b257bca249ba82ca05752db2ec511d

  • SHA512

    e8166a6e571e11bf1b13cc4ccae87729958ed5e9d37af8be1791705875696bd48ff1af17725ae3ec63ae2c4120aa56bedf29a398f9519898f496e03c2db8fde3

  • SSDEEP

    786432:3hCImgE7D9zYx25tBMBliqmvQPMM4LivtgDAXZvo8sqTtLwSTRpf4P1wT1aPrvjs:3WgkY2tC3PMM3yAJvoZrvjs

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Launcher.exe
    "C:\Users\Admin\AppData\Local\Temp\Launcher.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of AdjustPrivilegeToken
    PID:3024

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\.net\Launcher\EGlocfzpWVNj40RP8BgAw8Glrkg6uhc=\D3DCompiler_47_cor3.dll
    Filesize

    4.7MB

    MD5

    2191e768cc2e19009dad20dc999135a3

    SHA1

    f49a46ba0e954e657aaed1c9019a53d194272b6a

    SHA256

    7353f25dc5cf84d09894e3e0461cef0e56799adbc617fce37620ca67240b547d

    SHA512

    5adcb00162f284c16ec78016d301fc11559dd0a781ffbeff822db22efbed168b11d7e5586ea82388e9503b0c7d3740cf2a08e243877f5319202491c8a641c970

    Download Submit

  • \Users\Admin\AppData\Local\Temp\.net\Launcher\EGlocfzpWVNj40RP8BgAw8Glrkg6uhc=\PresentationNative_cor3.dll
    Filesize

    1.2MB

    MD5

    2dfb41d1d9b1f5c9bc4da09f2e295b24

    SHA1

    97ddf4cdad886463c190784d788887b4d01d6e0a

    SHA256

    7e22229f80a3c9e8eddb32ddf54f6a1764ee726998bab475a0ddd9f7ce53aaf0

    SHA512

    b04e1d8f0e9408dcdc7ecc8dcc1de5e7972aab09c60c950ca8a0000d01acd84a85909aec1d702dc2118cd63f35249e25b55a0193eaf2c53a68f8fcc2b38a07dd

    Download Submit

  • \Users\Admin\AppData\Local\Temp\.net\Launcher\EGlocfzpWVNj40RP8BgAw8Glrkg6uhc=\wpfgfx_cor3.dll
    Filesize

    1.9MB

    MD5

    a27b3f5c4a0b4c6993675bf964533721

    SHA1

    8eabdf3a1abb57c9a3f330bb3c64ede6f487b184

    SHA256

    fce483fc2381a6c58ac46e54209f6bba4b3c17e3883ee5d4e7879644858286cb

    SHA512

    bac51ef7996b1bc2c688e44432a4f869e819e4aeb0871a2067d49ad12cff3f5730ba0a2d31e864f9544621e3ce794a7fffee3306ef3bbe9daec8a0a545a9de90

    Download Submit

  • memory/3024-101-0x00000000022A0000-0x00000000022B9000-memory.dmp

    Filesize

    100KB

    Download

  • memory/3024-107-0x0000000023180000-0x00000000231C0000-memory.dmp

    Filesize

    256KB

    Download

  • memory/3024-74-0x00000000228F0000-0x000000002292C000-memory.dmp

    Filesize

    240KB

    Download

  • memory/3024-77-0x0000000022930000-0x0000000022974000-memory.dmp

    Filesize

    272KB

    Download

  • memory/3024-80-0x0000000022B20000-0x0000000022B5E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/3024-83-0x0000000024F00000-0x0000000025742000-memory.dmp

    Filesize

    8.3MB

    Download

  • memory/3024-86-0x0000000023710000-0x000000002378F000-memory.dmp

    Filesize

    508KB

    Download

  • memory/3024-89-0x0000000000370000-0x000000000037D000-memory.dmp

    Filesize

    52KB

    Download

  • memory/3024-92-0x0000000000350000-0x0000000000355000-memory.dmp

    Filesize

    20KB

    Download

  • memory/3024-95-0x0000000001F50000-0x0000000001F63000-memory.dmp

    Filesize

    76KB

    Download

  • memory/3024-98-0x00000000020F0000-0x00000000020F7000-memory.dmp

    Filesize

    28KB

    Download

  • memory/3024-59-0x0000000180000000-0x0000000180A24000-memory.dmp

    Filesize

    10.1MB

    Download

  • memory/3024-104-0x0000000022980000-0x0000000022996000-memory.dmp

    Filesize

    88KB

    Download

  • memory/3024-71-0x0000000022FD0000-0x000000002312E000-memory.dmp

    Filesize

    1.4MB

    Download

  • memory/3024-110-0x0000000023130000-0x0000000023148000-memory.dmp

    Filesize

    96KB

    Download

  • memory/3024-113-0x0000000023150000-0x0000000023162000-memory.dmp

    Filesize

    72KB

    Download

  • memory/3024-68-0x0000000023210000-0x0000000023438000-memory.dmp

    Filesize

    2.2MB

    Download

  • memory/3024-119-0x0000000023890000-0x0000000023984000-memory.dmp

    Filesize

    976KB

    Download

  • memory/3024-122-0x0000000002290000-0x0000000002298000-memory.dmp

    Filesize

    32KB

    Download

  • memory/3024-125-0x00000000231C0000-0x0000000023207000-memory.dmp

    Filesize

    284KB

    Download

  • memory/3024-65-0x0000000023F70000-0x0000000024EF6000-memory.dmp

    Filesize

    15.5MB

    Download

  • memory/3024-62-0x0000000022F00000-0x0000000022FCB000-memory.dmp

    Filesize

    812KB

    Download

  • memory/3024-193-0x00000000237C0000-0x00000000237CA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/3024-194-0x00000000237C0000-0x00000000237CA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/3024-213-0x00000000237C0000-0x00000000237CA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/3024-214-0x00000000237C0000-0x00000000237CA000-memory.dmp

    Filesize

    40KB

    Download