Overview

overview

3

Static

static

1

Launcher.rar

windows7-x64

3

Launcher.rar

windows10-2004-x64

3

Analysis

  • max time kernel
    138s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    25-07-2023 17:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Launcher.rar

  • Size

    2.1MB

  • MD5

    e85d40ffaba3c7f06e61f2e7f9282292

  • SHA1

    db0ced8c05e6fcac55ab4fe31752c1d469d8ec35

  • SHA256

    965d9591ae9f1c6996f4212ff3685df4ef497fca20e118c4b58cca43cf35d34c

  • SHA512

    33ea12dc8dba6eaa5018a613cd547f505b8d1b1cb0f1643e71f7d3399e08a0fcbe42df31893233b0fdf7b968eb75a085644726c106c7663549bf9f0fc02138b4

  • SSDEEP

    49152:8zR19XcCCouSWphsoyE0kbgmH7aPsUCKVZQks1tKskkPM:sYvouJ8oF7gmH7aP9rVgKfsM

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 1 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 9 IoCs
  • Suspicious use of SendNotifyMessage 8 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\Launcher.rar
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2428
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\Launcher.rar
      2⤵
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:2920
      • C:\Program Files\VideoLAN\VLC\vlc.exe
        "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\Launcher.rar"
        3⤵
        • Suspicious behavior: AddClipboardFormatListener
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SendNotifyMessage
        • Suspicious use of SetWindowsHookEx
        PID:2948

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2948-83-0x000000013F3C0000-0x000000013F4B8000-memory.dmp

    Filesize

    992KB

    Download

  • memory/2948-84-0x000007FEF7C00000-0x000007FEF7C34000-memory.dmp

    Filesize

    208KB

    Download

  • memory/2948-85-0x000007FEF5F40000-0x000007FEF61F4000-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/2948-87-0x000007FEFB150000-0x000007FEFB167000-memory.dmp

    Filesize

    92KB

    Download

  • memory/2948-86-0x000007FEFB630000-0x000007FEFB648000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2948-88-0x000007FEF7B70000-0x000007FEF7B81000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2948-89-0x000007FEF7B50000-0x000007FEF7B67000-memory.dmp

    Filesize

    92KB

    Download

  • memory/2948-90-0x000007FEFAF40000-0x000007FEFAF51000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2948-91-0x000007FEFAF20000-0x000007FEFAF3D000-memory.dmp

    Filesize

    116KB

    Download

  • memory/2948-92-0x000007FEFAF00000-0x000007FEFAF11000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2948-93-0x000007FEF4E90000-0x000007FEF5F3B000-memory.dmp

    Filesize

    16.7MB

    Download

  • memory/2948-94-0x000007FEF4BF0000-0x000007FEF4DF0000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/2948-95-0x000007FEFAEC0000-0x000007FEFAEFF000-memory.dmp

    Filesize

    252KB

    Download

  • memory/2948-96-0x000007FEF6C00000-0x000007FEF6C21000-memory.dmp

    Filesize

    132KB

    Download

  • memory/2948-97-0x000007FEF6BE0000-0x000007FEF6BF8000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2948-100-0x000007FEF6760000-0x000007FEF6771000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2948-99-0x000007FEF6780000-0x000007FEF6791000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2948-98-0x000007FEF6BC0000-0x000007FEF6BD1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2948-101-0x000007FEF6740000-0x000007FEF675B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/2948-102-0x000007FEF4690000-0x000007FEF46A1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2948-103-0x000007FEF4600000-0x000007FEF4618000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2948-104-0x000007FEF4410000-0x000007FEF4440000-memory.dmp

    Filesize

    192KB

    Download

  • memory/2948-105-0x000007FEF43A0000-0x000007FEF4407000-memory.dmp

    Filesize

    412KB

    Download

  • memory/2948-106-0x000007FEF3E40000-0x000007FEF3EAF000-memory.dmp

    Filesize

    444KB

    Download

  • memory/2948-107-0x000007FEF3C20000-0x000007FEF3C31000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2948-111-0x000007FEF3D20000-0x000007FEF3D37000-memory.dmp

    Filesize

    92KB

    Download

  • memory/2948-110-0x000007FEF3D40000-0x000007FEF3D64000-memory.dmp

    Filesize

    144KB

    Download

  • memory/2948-109-0x000007FEF3D70000-0x000007FEF3D98000-memory.dmp

    Filesize

    160KB

    Download

  • memory/2948-108-0x000007FEF3DE0000-0x000007FEF3E36000-memory.dmp

    Filesize

    344KB

    Download

  • memory/2948-114-0x000007FEF3C90000-0x000007FEF3CA2000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2948-113-0x000007FEF3CB0000-0x000007FEF3CC1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2948-112-0x000007FEF3CF0000-0x000007FEF3D13000-memory.dmp

    Filesize

    140KB

    Download

  • memory/2948-115-0x000007FEF3C60000-0x000007FEF3C81000-memory.dmp

    Filesize

    132KB

    Download

  • memory/2948-116-0x000007FEF3C40000-0x000007FEF3C53000-memory.dmp

    Filesize

    76KB

    Download

  • memory/2948-117-0x000007FEF3C00000-0x000007FEF3C12000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2948-118-0x000007FEF3AC0000-0x000007FEF3BFB000-memory.dmp

    Filesize

    1.2MB

    Download

  • memory/2948-119-0x000007FEF3A90000-0x000007FEF3ABC000-memory.dmp

    Filesize

    176KB

    Download

  • memory/2948-120-0x000007FEF38D0000-0x000007FEF3A82000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/2948-122-0x000007FEF3590000-0x000007FEF35A1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2948-121-0x000007FEF3620000-0x000007FEF367C000-memory.dmp

    Filesize

    368KB

    Download

  • memory/2948-123-0x000007FEF34F0000-0x000007FEF3587000-memory.dmp

    Filesize

    604KB

    Download

  • memory/2948-124-0x000007FEF34D0000-0x000007FEF34E2000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2948-125-0x000007FEF3290000-0x000007FEF34C1000-memory.dmp

    Filesize

    2.2MB

    Download

  • memory/2948-126-0x000007FEF3170000-0x000007FEF3282000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/2948-127-0x000007FEF3130000-0x000007FEF3165000-memory.dmp

    Filesize

    212KB

    Download

  • memory/2948-128-0x000007FEF3100000-0x000007FEF3125000-memory.dmp

    Filesize

    148KB

    Download

  • memory/2948-129-0x000007FEF30E0000-0x000007FEF30F1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2948-130-0x000007FEF3070000-0x000007FEF30D1000-memory.dmp

    Filesize

    388KB

    Download

  • memory/2948-131-0x000007FEF3050000-0x000007FEF3061000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2948-132-0x000007FEF3030000-0x000007FEF3042000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2948-133-0x000007FEF3010000-0x000007FEF3023000-memory.dmp

    Filesize

    76KB

    Download

  • memory/2948-134-0x000007FEF2F70000-0x000007FEF300F000-memory.dmp

    Filesize

    636KB

    Download

  • memory/2948-135-0x000007FEF2F50000-0x000007FEF2F61000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2948-136-0x000007FEF2E40000-0x000007FEF2F42000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/2948-137-0x000007FEF2E20000-0x000007FEF2E31000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2948-138-0x000007FEF2E00000-0x000007FEF2E11000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2948-139-0x000007FEF2DE0000-0x000007FEF2DF1000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2948-140-0x000007FEF2DC0000-0x000007FEF2DD2000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2948-141-0x000007FEF2DA0000-0x000007FEF2DB8000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2948-142-0x000007FEF2D80000-0x000007FEF2D96000-memory.dmp

    Filesize

    88KB

    Download

  • memory/2948-143-0x000007FEF2D50000-0x000007FEF2D79000-memory.dmp

    Filesize

    164KB

    Download

  • memory/2948-144-0x000007FEF2D30000-0x000007FEF2D42000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2948-145-0x000007FEF2D10000-0x000007FEF2D21000-memory.dmp

    Filesize

    68KB

    Download

  • memory/2948-146-0x000007FEF2CF0000-0x000007FEF2D01000-memory.dmp

    Filesize

    68KB

    Download