Overview

overview

9

Static

static

7

CCLauncher-Setup.exe

windows7-x64

9

CCLauncher-Setup.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    CCLauncher-Setup.exe

  • Size

    2.9MB

  • Sample

    240211-1yd69abh9w

  • MD5

    82cc62b29242dcaafe424400b12ee2fa

  • SHA1

    74b7940026ab1bbf99445958f9731ec63234dec1

  • SHA256

    ca22090738d5971eeefe09507f82e17f958eae1ffed175cc661cc0fbe65f7aee

  • SHA512

    08f0533a86e1d1b4f9402b3858a92a284a9e2b496096fc791de52bd9c5e6c2e5b00c808e67fb9c956923cee87ee5f8e9328039f8d79093f0872a71e9272cfaff

  • SSDEEP

    49152:VAGNasNJnazTkmLp/w/qKP1Wv/cNwDhWiZe1n1t5Kh5lYOw8a+8F4RLQjqBN:9Nx+EmV/wTPkHcNChWik1n4hk8aN4Yq3

Score
9/10
evasionthemidatrojan

Malware Config

Targets

    • Target

      CCLauncher-Setup.exe

    • Size

      2.9MB

    • MD5

      82cc62b29242dcaafe424400b12ee2fa

    • SHA1

      74b7940026ab1bbf99445958f9731ec63234dec1

    • SHA256

      ca22090738d5971eeefe09507f82e17f958eae1ffed175cc661cc0fbe65f7aee

    • SHA512

      08f0533a86e1d1b4f9402b3858a92a284a9e2b496096fc791de52bd9c5e6c2e5b00c808e67fb9c956923cee87ee5f8e9328039f8d79093f0872a71e9272cfaff

    • SSDEEP

      49152:VAGNasNJnazTkmLp/w/qKP1Wv/cNwDhWiZe1n1t5Kh5lYOw8a+8F4RLQjqBN:9Nx+EmV/wTPkHcNChWik1n4hk8aN4Yq3

    Score
    9/10
    evasionthemidatrojan

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

      evasion

    • Downloads MZ/PE file

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

      themida

    • Checks whether UAC is enabled

      evasiontrojan

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks