b0c5cb853ab96f7dcde49f806ae104a08e2a3ceeaee7a16e58ea00cff106c84d

Analysis

max time kernel
143s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
12/10/2023, 12:11

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

SKlauncher-3.1.1.jar
Size

1.0MB
MD5

30b2b8976783b2d54677d2b27a3298d0
SHA1

ed002da8af67e0d0d636610284d1f028009b410a
SHA256

b0c5cb853ab96f7dcde49f806ae104a08e2a3ceeaee7a16e58ea00cff106c84d
SHA512

48aa0f7eadb144d3fce9999f09f563d3a64d577cb54ca70f5ef35791a648d00b3aab6a06bce57684ea6cc55eff0489b18d6622302b4d53b6694c9ed3d6184804
SSDEEP

24576:hKL7CWGa7hvQKaikK21SHCJ3ny+SGiPsGSabtLC2/e0cU8cb7:hVghYKai1viny6iPH5BZ/e02W7

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 1 IoCs

pid	Process
4232	java.exe

Drops file in Program Files directory 12 IoCs

description	ioc	Process
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\symbols\dll\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\symbols\dll\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\symbols\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\symbols\dll\jvm.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\server\dll\ntdll.pdb	java.exe
File opened for modification	C:\Program Files\Java\jre1.8.0_66\bin\dll\ntdll.pdb	java.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
4232	java.exe
4232	java.exe

C:\ProgramData\Oracle\Java\javapath\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\SKlauncher-3.1.1.jar
1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
PID:4232

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\flatlaf.temp\flatlaf-windows-x86_64-4796576976000.dll

Filesize
21KB

MD5
4ca3290a99adadde557930cd481d7539

SHA1
26034442a76131dd3d37c8f28b6e9bebc7c1fe7c

SHA256
dd130c68dc36bcedbe51a6b8ec3b3358a460d45952f6280e12331f48850b6b3b

SHA512
9341c60f92dd3f89f82555055924bdae6fcce1e4cd13a7dde5129ebdce04bae377292237a2ed6c3e7623b242e82b01c7ed1717af4d7db8ca473e9fd7b7b190d5

Download Submit
memory/4232-83-0x0000000002AC0000-0x0000000002AD0000-memory.dmp

Filesize
64KB

Download
memory/4232-85-0x0000000002AE0000-0x0000000002AF0000-memory.dmp

Filesize
64KB

Download
memory/4232-11-0x0000000000B70000-0x0000000000B71000-memory.dmp

Filesize
4KB

Download
memory/4232-41-0x00000000027B0000-0x00000000037B0000-memory.dmp

Filesize
16.0MB

Download
memory/4232-45-0x0000000000B70000-0x0000000000B71000-memory.dmp

Filesize
4KB

Download
memory/4232-50-0x00000000027B0000-0x00000000037B0000-memory.dmp

Filesize
16.0MB

Download
memory/4232-67-0x00000000027B0000-0x00000000037B0000-memory.dmp

Filesize
16.0MB

Download
memory/4232-75-0x0000000000B70000-0x0000000000B71000-memory.dmp

Filesize
4KB

Download
memory/4232-76-0x0000000002A30000-0x0000000002A40000-memory.dmp

Filesize
64KB

Download
memory/4232-77-0x0000000002A90000-0x0000000002AA0000-memory.dmp

Filesize
64KB

Download
memory/4232-78-0x0000000002B40000-0x0000000002B50000-memory.dmp

Filesize
64KB

Download
memory/4232-79-0x00000000027B0000-0x00000000037B0000-memory.dmp

Filesize
16.0MB

Download
memory/4232-80-0x0000000002A70000-0x0000000002A80000-memory.dmp

Filesize
64KB

Download
memory/4232-81-0x0000000002A80000-0x0000000002A90000-memory.dmp

Filesize
64KB

Download
memory/4232-82-0x0000000002AB0000-0x0000000002AC0000-memory.dmp

Filesize
64KB

Download
memory/4232-4-0x00000000027B0000-0x00000000037B0000-memory.dmp

Filesize
16.0MB

Download
memory/4232-16-0x0000000000B70000-0x0000000000B71000-memory.dmp

Filesize
4KB

Download
memory/4232-86-0x00000000027B0000-0x00000000037B0000-memory.dmp

Filesize
16.0MB

Download
memory/4232-84-0x0000000002AD0000-0x0000000002AE0000-memory.dmp

Filesize
64KB

Download
memory/4232-87-0x0000000002AF0000-0x0000000002B00000-memory.dmp

Filesize
64KB

Download
memory/4232-88-0x0000000002B00000-0x0000000002B10000-memory.dmp

Filesize
64KB

Download
memory/4232-89-0x0000000002B20000-0x0000000002B30000-memory.dmp

Filesize
64KB

Download
memory/4232-90-0x0000000002B30000-0x0000000002B40000-memory.dmp

Filesize
64KB

Download
memory/4232-91-0x00000000027B0000-0x00000000037B0000-memory.dmp

Filesize
16.0MB

Download
memory/4232-92-0x0000000002B50000-0x0000000002B60000-memory.dmp

Filesize
64KB

Download
memory/4232-93-0x0000000002B60000-0x0000000002B70000-memory.dmp

Filesize
64KB

Download
memory/4232-94-0x0000000002B80000-0x0000000002B90000-memory.dmp

Filesize
64KB

Download
memory/4232-96-0x00000000027B0000-0x00000000037B0000-memory.dmp

Filesize
16.0MB

Download
memory/4232-97-0x0000000002BA0000-0x0000000002BB0000-memory.dmp

Filesize
64KB

Download
memory/4232-95-0x0000000002B90000-0x0000000002BA0000-memory.dmp

Filesize
64KB

Download
memory/4232-98-0x0000000002BB0000-0x0000000002BC0000-memory.dmp

Filesize
64KB

Download
memory/4232-99-0x00000000027B0000-0x00000000037B0000-memory.dmp

Filesize
16.0MB

Download
memory/4232-100-0x00000000027B0000-0x00000000037B0000-memory.dmp

Filesize
16.0MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads