627b807380dab8455cd04ba07cdb5a70a7c6f5d510c64296456f41588b60201a

Analysis

max time kernel
142s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
10/10/2023, 13:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

SKlauncher-3.1.2.jar
Size

1.1MB
MD5

e98a84b4bcc5e9b2b76e985c6688cad5
SHA1

aacd58af2346cd4e0ad1f1a04bd8d925bc4aee7d
SHA256

627b807380dab8455cd04ba07cdb5a70a7c6f5d510c64296456f41588b60201a
SHA512

704290691f301e61e381c3b6a3d5c2d9bdcc638389f225092437c2f88e86fe49eda27d7de3f2d770c036a37f8adf13d492a5ed24b704d75ec2b1b8e8fdb01d8a
SSDEEP

24576:6/JGJQM+a7NE+tOkHSDgkadA0k25iCyAXaQA/asuYieJ8G905b08HK:2RgNE+0eS0HynQA/aDeJ8GEb0mK

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 1 IoCs

pid	Process
3556	java.exe

Drops file in Program Files directory 12 IoCs

description	ioc	Process
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\symbols\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\dll\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\dll\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\symbols\dll\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\symbols\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\symbols\dll\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\ntdll.pdb	java.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
3556	java.exe
3556	java.exe

C:\ProgramData\Oracle\Java\javapath\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\SKlauncher-3.1.2.jar
1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
PID:3556

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\flatlaf.temp\flatlaf-windows-x86_64-4831772118000.dll

Filesize
22KB

MD5
dcd68a87b7e6edbcfde48150403b22eb

SHA1
28e4839a29725075772fccc39b44e194eb91e477

SHA256
ae3352b6ad6cffaae55f4387f9f5e79365ea17f8d5fb45ef11d21c3300a49a4c

SHA512
ac2a6bc0afcd08c56090536a937772edd54f35505c9a5837d9bc8e91c31edb6137cf5191986b3473e9e2f512950b4dbfe4088598bfd1faf47088124c70aeba71

Download Submit
memory/3556-56-0x0000000002930000-0x0000000003930000-memory.dmp

Filesize
16.0MB

Download
memory/3556-82-0x0000000002BB0000-0x0000000002BC0000-memory.dmp

Filesize
64KB

Download
memory/3556-11-0x0000000000C40000-0x0000000000C41000-memory.dmp

Filesize
4KB

Download
memory/3556-40-0x0000000002930000-0x0000000003930000-memory.dmp

Filesize
16.0MB

Download
memory/3556-41-0x0000000000C40000-0x0000000000C41000-memory.dmp

Filesize
4KB

Download
memory/3556-42-0x0000000000C40000-0x0000000000C41000-memory.dmp

Filesize
4KB

Download
memory/3556-44-0x0000000000C40000-0x0000000000C41000-memory.dmp

Filesize
4KB

Download
memory/3556-4-0x0000000002930000-0x0000000003930000-memory.dmp

Filesize
16.0MB

Download
memory/3556-15-0x0000000000C40000-0x0000000000C41000-memory.dmp

Filesize
4KB

Download
memory/3556-71-0x0000000002930000-0x0000000003930000-memory.dmp

Filesize
16.0MB

Download
memory/3556-74-0x0000000000C40000-0x0000000000C41000-memory.dmp

Filesize
4KB

Download
memory/3556-83-0x0000000002BE0000-0x0000000002BF0000-memory.dmp

Filesize
64KB

Download
memory/3556-84-0x0000000002BF0000-0x0000000002C00000-memory.dmp

Filesize
64KB

Download
memory/3556-85-0x0000000002930000-0x0000000003930000-memory.dmp

Filesize
16.0MB

Download
memory/3556-86-0x0000000002C10000-0x0000000002C20000-memory.dmp

Filesize
64KB

Download
memory/3556-87-0x0000000002C20000-0x0000000002C30000-memory.dmp

Filesize
64KB

Download
memory/3556-88-0x0000000002C30000-0x0000000002C40000-memory.dmp

Filesize
64KB

Download
memory/3556-89-0x0000000002930000-0x0000000003930000-memory.dmp

Filesize
16.0MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads