5eebecce070e4324fc0616f3ca38a79d2293bb80d0338feadbcb4dad379fbd68

Analysis

max time kernel
1734s
max time network
1168s
platform
windows10-2004_x64
resource
win10v2004-20230915-es
resource tags

arch:x64arch:x86image:win10v2004-20230915-eslocale:es-esos:windows10-2004-x64systemwindows
submitted
04-10-2023 21:45

Target

SKlauncher-3.1.2.4.exe
Size

1.6MB
MD5

39f7dbd071d47b41a1e8ad26f94f3c8e
SHA1

c6e8f23c1b5d49a9b8779a579044ef2c294a9246
SHA256

5eebecce070e4324fc0616f3ca38a79d2293bb80d0338feadbcb4dad379fbd68
SHA512

1b153ac2a4b3bff275e0b979743c10b70d2377f0b3a6db46a786c22919e74aa3720dfc3d481bd930576334779bd0a3fc05eb88c01fde19bdd30caa406e0c428a
SSDEEP

49152:HIBc3nedsIp8gClzw4Kz/q4BkkKlWThSorx:oB3Eq44TBTKEUor

Score

1^/10

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 4496 wrote to memory of 4392	4496	SKlauncher-3.1.2.4.exe	84
PID 4496 wrote to memory of 4392	4496	SKlauncher-3.1.2.4.exe	84
PID 4496 wrote to memory of 1516	4496	SKlauncher-3.1.2.4.exe	87
PID 4496 wrote to memory of 1516	4496	SKlauncher-3.1.2.4.exe	87

C:\Users\Admin\AppData\Local\Temp\SKlauncher-3.1.2.4.exe
"C:\Users\Admin\AppData\Local\Temp\SKlauncher-3.1.2.4.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:4496
- \??\c:\PROGRA~1\java\JRE18~1.0_6\bin\java.exe
  "c:\PROGRA~1\java\JRE18~1.0_6\bin\java.exe" -version
  2⤵
  PID:4392
- \??\c:\PROGRA~1\java\JDK18~1.0_6\jre\bin\java.exe
  "c:\PROGRA~1\java\JDK18~1.0_6\jre\bin\java.exe" -version
  2⤵
  PID:1516

memory/1516-18-0x0000000003130000-0x0000000004130000-memory.dmp

Filesize
16.0MB

Download
memory/1516-28-0x0000000002D40000-0x0000000002D41000-memory.dmp

Filesize
4KB

Download
memory/4392-7-0x0000000003130000-0x0000000004130000-memory.dmp

Filesize
16.0MB

Download
memory/4392-15-0x0000000002E50000-0x0000000002E51000-memory.dmp

Filesize
4KB

Download
memory/4392-29-0x0000000003130000-0x0000000004130000-memory.dmp

Filesize
16.0MB

Download