Overview

overview

7

Static

static

3

SKlauncher 3.1.exe

windows7-x64

1

SKlauncher 3.1.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    145s
  • max time network
    142s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    12/07/2023, 20:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SKlauncher 3.1.exe

  • Size

    1.1MB

  • MD5

    021b53abfc25a261077282498e5726a0

  • SHA1

    ba7f38a28444504e6e8e1f995cc40ceb70ff6409

  • SHA256

    c3db9475c3ab6b53d8f6d711f587e5218c9b8d332229a208277bc0b27a24b620

  • SHA512

    484bb65ecb1ccd3e5472a27737fd2fa4471240aeefcf4bfdeaf4e49636cec9b3e43a5c2feb7134074c92af01f52a456b8074aca8269480e210cfa3b51acae81d

  • SSDEEP

    24576:7h1tjL2uma7hLQKaikK21SHCJ3ny+SGiPsGSa7tLC+/e0cUEcnr:sghMKai1viny6iPH5hF/e0m2r

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SKlauncher 3.1.exe
    "C:\Users\Admin\AppData\Local\Temp\SKlauncher 3.1.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2660
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://adoptium.net/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2644
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2644 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2056

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    a9f95ccfb8ed166a4cce49f28e5c4102

    SHA1

    399da446e65d61834e62333a06fb60f9e43a5a54

    SHA256

    b2c44ff3e2797999a9138cf06d5e1647536eee9f69c763e3143d33baa7d8bc1c

    SHA512

    addf35f5e82adb0dfc38024a4ce26154efac6e697b596a4b1007dfa118d03ae7df27d5bb4e1a189918ca5796603bfdb16494870bd1e9132a80d775ff9acb9db4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    63fc7c1f1c8c4ae7b6b8aa78b42a3846

    SHA1

    360d85dbbccd10ea53fd4ca9c6aec0cc858aaf8f

    SHA256

    70c81e0534ea2767899535b6357972f3250d58d166c09cd89a0b91834a3daa1e

    SHA512

    d2b518cb37c2b585c21971c179eff2df4b00aad64481e58d9e25a3e38d3ef3fe31662faedada90d168bd2fd245ecc56aa728425286753c645e8eb90f5a0fad46

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    b21f7a8ed0747308018a895e66240244

    SHA1

    3d9d856d654aaaeccf88e77b71aa03fbdff89eed

    SHA256

    cecd8ed875c5a2e581591a03dfb045d21179c39ce9448211ff3025a4b765a699

    SHA512

    f3dfbcc2b5ea70432fd8be4302b84d6e4d999bde4ba502a60529c13278c333b6f17043e054208ff54a273cf6d07a0895994a2cfbeb21d68aff0ceb56d016ec94

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    87e4cf515efc28355bf0d471803d0550

    SHA1

    b80f36f54e4834ff2ff703bddd55d81baedb8efa

    SHA256

    653042a8f7318c96ef1b87081887473c0b157b0de3a1193779390b2bb535e94a

    SHA512

    7f2d1bf2086c18aa230bf2357a1faee8661f25ba1c52700f238c0b9b2824f072823afcb92e48412c71907a667fdf8a8a3b1fd9d5a57a4067974d3bd69372a5db

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    9c59efba4d38844269206ee53a55662a

    SHA1

    c0b795cf4f46c4a509dcc6ecd9616a20328a29e6

    SHA256

    287bb171bd0a8728bc190374d4e9c215be595f44c280784fc66f86813b20c300

    SHA512

    3b9eaa038492555f499cd097e189c8719d9aaee55f74d35d85122a7901aea8f2f558890e939671ee76598c1d38902d9084b17347db91aaeaef214741641276d1

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    68bd154dd76a7a433d9c6dedf4a5c8ac

    SHA1

    ce79d041bb2a49177c5ee66e2d4000f7806eb87b

    SHA256

    6cf611929337b08661378435bbd8cc6c341a754a2bc18d7bf00e0cfb39826dd7

    SHA512

    f3c8a0b48f2f6f76d98d41eb8cdb72bb5752cfefd4905d0016e9ef20eea9c119df4ce575b730a0db29325a790874271e8db5faa6c1913505fd3243b91328fedf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    21c073a6631f2e406ec3cb4bc3dbabfb

    SHA1

    7a100499f67c83c5749bcca6b85549d404c83b9b

    SHA256

    0f7deb160462085130a366c9851c6ceca5c1f39d36fc75c3b5d5d86fb237794e

    SHA512

    26690d2220a050436882d670b7f2e0258e19a2e6af27696045d309d58004259c92f2ddb13860ae06b7be9dc585250197fa37491b56b8f145bb47985872d8ba8f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    18c3b204fab0c546efec1eea98465919

    SHA1

    45b2f7f7897791e2a521be912747ade77123eabf

    SHA256

    95463269f2e95fec19f275c1429d4062941db6220841ba46b767930c96a2c191

    SHA512

    8c3952f0dba1d2362b136b0bc7dfcbe4ccbecff59c1aad4f1c77b47d99e9909d3be77ae26bad1907220b0ca1c858ded45edc7dd5d698174a6311ef2402154b46

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    8520d07ae75c2d54810229716569340f

    SHA1

    dc5a93649cfb6021c8cc263fc578a59b1325ae2d

    SHA256

    953213f794c55fa91386515ed8d0684bdcf43f60307a7971c5199011416f14cc

    SHA512

    a927f6fffce24fab3edadbf610dac3d41428341bcdbdb3166e825dd7eb89ad38875b770852cf72fce560dc314280ac02277bd41172b1d2bff64fe69ab43a5a9b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    5f6ccc7699f3a461b21e16af33650697

    SHA1

    b34541e8fbccd6ee748982f9770c473fead94588

    SHA256

    bfe550beb6a6f127a46941cafd178379b11930f074324a816b44a9f175cd3dd5

    SHA512

    25a229547e6203582618bc634785269df5f79e5f67fde7113413a73095dd42ae3953550dd00e8593c7dc6f80cc334e0c3151e424f8dcb101075e67e5b33ad05b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    7e24ec122db04236659931a509b50248

    SHA1

    6a6811b2f4ca10f444d4a8fa7ca70a5179ece29a

    SHA256

    adfc2831f7254418d9e78b1c72dcd89ce1b637cadd0319ade3338c0f6d820ae2

    SHA512

    72f35c5fb348f85434634925e2b0c2efaf9c4ab70cfdbd19fc18b8c9c4cc1383067429a56455e7b555ffb5176aac58b1c0764d6a5a16fe4076d0908d9e4f0ba6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    18d86e35dadd1f538e8c7d21ceaf00a4

    SHA1

    eb0b591ee1106a3ae939b9ceaa9158e2ed2f2c60

    SHA256

    3c34bf5e4b8c1c585bed23cfc13f3d34762c78e2fc4773446fd2b9d91d246370

    SHA512

    0973de038dec9da2974cbf5c5a7168ee3ca611707025662d42c13b7cbe1024be91450f882f7d02e2ce56287aea5bc6a3ec6bade157a8b65f6b8b8daaa05027b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    f7be02b709ebdf91e46e1f3279cee89d

    SHA1

    6e06763d579d291a10b86fad7b0392b9e00309ec

    SHA256

    d804748f22884407745b1b75d066030da2f8304f285925d6b04128dadcf7bdf2

    SHA512

    dea0cb7bebbbac002eb1776cff470ee811d99fe23f6c4e559ad7de7f7d145083cd774a66d5251ee2330ebf18aa2f431335cc9f8614d5b2d7a17afe8cf3962bd7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    2ec3755ee3ffddec36e052c8492dcf93

    SHA1

    9b8b206036434121d25ac6e7b5ac8f64ab6395ab

    SHA256

    8c4b648fe3cdd523086eee1b6654664214452f60d877456d8df6a8e5463a5b30

    SHA512

    8efd999b7623c48e6eb647b3e638fa7bcbd0baf06359ea22da6e54ac24807841c6f741fe7a9d613c5b2d6665c4c962b5f3b0a2bb2f66824be4791ad1a1d00987

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\grebiyy\imagestore.dat
    Filesize

    7KB

    MD5

    b918db2ecabd2b8408bd3cbb3e3b8486

    SHA1

    dfdc3aefbcfa48f3c5315c474f86accf7b34ee82

    SHA256

    808ea175271fa815221b92db100bd7c1200ac9cee293388f08b7576722ed5406

    SHA512

    db93110d19a471305e539de7b13de83369d0f166e0bd4d98cb96c9943ff5fc2291ef02da59ee176857168f50d23c383bab646aab4f26967bfef2fec7b06950a4

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8AJTUMOT\suggestions[1].en-US
    Filesize

    17KB

    MD5

    5a34cb996293fde2cb7a4ac89587393a

    SHA1

    3c96c993500690d1a77873cd62bc639b3a10653f

    SHA256

    c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

    SHA512

    e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H1823X4Y\favicon-32x32[1].png
    Filesize

    2KB

    MD5

    df4253088bb850c76f81c91db284d4f7

    SHA1

    46e3e3c42a159f22038d86bf39fbde118c91dcbf

    SHA256

    590d33ce64b321c321644bc8c840c354257371f8c247f776b788a5ce2c9bbc72

    SHA512

    7804f8507d35adc2a3f65a4fb017bc50219fd2ee326693dfc5011cc9e22df61f50533ee7eb597133ac69e502683b7089df89735f03e11807a4724564061b0b22

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabDF69.tmp
    Filesize

    62KB

    MD5

    3ac860860707baaf32469fa7cc7c0192

    SHA1

    c33c2acdaba0e6fa41fd2f00f186804722477639

    SHA256

    d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904

    SHA512

    d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarDFC9.tmp
    Filesize

    164KB

    MD5

    4ff65ad929cd9a367680e0e5b1c08166

    SHA1

    c0af0d4396bd1f15c45f39d3b849ba444233b3a2

    SHA256

    c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6

    SHA512

    f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\STGYWLVL.txt
    Filesize

    605B

    MD5

    d2784bd7783e8788c36daf080043baf2

    SHA1

    8a690073f21f188d6aed6d73cd430120fef1650e

    SHA256

    167ff53f08cd711250641f5f4e717a244b649e360a2047f15e7f104545fe33c6

    SHA512

    607a318aac4b024d03b7098264f84407116b22646fcd21dee7e8d04e03c0a29f7cadffb46a69438c58e941898fddeb7c21c26569db0b6c666c3e66a96f270a07

    Download Submit

  • memory/2660-53-0x0000000000400000-0x000000000041C000-memory.dmp

    Filesize

    112KB

    Download