Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

Gacha Launcher.exe

windows10-1703-x64

7

launcher.pyc

windows10-1703-x64

3

Resubmissions

11/03/2024, 21:56

240311-1tjwyafe4t 7

11/03/2024, 21:42

240311-1kq9nahc66 7

Analysis

  • max time kernel
    315s
  • max time network
    396s
  • platform
    windows10-1703_x64
  • resource
    win10-20240214-en
  • resource tags

    arch:x64arch:x86image:win10-20240214-enlocale:en-usos:windows10-1703-x64system
  • submitted
    11/03/2024, 21:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Gacha Launcher.exe

  • Size

    10.4MB

  • MD5

    58cf87fb4fac9c69e9075f590ba063de

  • SHA1

    411e14753b2b82e175e1227743f83242551082dc

  • SHA256

    cdb7fb42f4442f2a2ede9794b2d3bea7464d10dddf8815c0d29653a6fa4960e3

  • SHA512

    1c21bd0963415b6fcf60b72407bc231cf49a927d5b9410f7f90b36f3b415a1c04f23f6c7cf56bf1d4f3a2bcb51a086e999149b5692eefa0ea317ad46bebd143b

  • SSDEEP

    196608:FSvaICteErowdNE+sKsXXg+W+TA32/1q3+dgS41kQuo0zq0W8/LBmp2mxl:TInEro+sKkXg+W+TA3oq3+d9LQuo0zd1

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 16 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Gacha Launcher.exe
    "C:\Users\Admin\AppData\Local\Temp\Gacha Launcher.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4200
    • C:\Users\Admin\AppData\Local\Temp\Gacha Launcher.exe
      "C:\Users\Admin\AppData\Local\Temp\Gacha Launcher.exe"
      2⤵
      • Loads dropped DLL
      PID:3036

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI42002\VCRUNTIME140.dll
    Filesize

    94KB

    MD5

    a87575e7cf8967e481241f13940ee4f7

    SHA1

    879098b8a353a39e16c79e6479195d43ce98629e

    SHA256

    ded5adaa94341e6c62aea03845762591666381dca30eb7c17261dd154121b83e

    SHA512

    e112f267ae4c9a592d0dd2a19b50187eb13e25f23ded74c2e6ccde458bcdaee99f4e3e0a00baf0e3362167ae7b7fe4f96ecbcd265cc584c1c3a4d1ac316e92f0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI42002\_bz2.pyd
    Filesize

    78KB

    MD5

    e877e39cc3c42ed1f5461e2d5e62fc0f

    SHA1

    156f62a163aca4c5c5f6e8f846a1edd9b073ed7e

    SHA256

    4b1d29f19adaf856727fa4a1f50eee0a86c893038dfba2e52f26c11ab5b3672f

    SHA512

    d6579d07ede093676cdca0fb15aa2de9fcd10ff4675919ab689d961de113f6543edbceecf29430da3f7121549f5450f4fe43d67b9eab117e2a7d403f88501d51

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI42002\_hashlib.pyd
    Filesize

    57KB

    MD5

    4fb84e5d3f58453d7ccbf7bcc06266a0

    SHA1

    15fd2d345ec3a7f4d337450d4f55d1997fae0694

    SHA256

    df47255c100d9cc033a14c7d60051abe89c24da9c60362fe33cdf24c19651f7c

    SHA512

    1ca574e9e58ced8d4b2a87a119a2db9874cd1f6cedef5d7cbf49abf324fb0d9fb89d8aac7e7dfefbeb00f6834719ed55110bcb36056e0df08b36576ffd4db84c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI42002\_lzma.pyd
    Filesize

    149KB

    MD5

    80da699f55ca8ed4df2d154f17a08583

    SHA1

    fbd6c7f3c72a6ba4185394209e80373177c2f8d7

    SHA256

    2e3fd65c4e02c99a61344ce59e09ec7fde74c671db5f82a891732e1140910f20

    SHA512

    15ea7cd4075940096a4ab66778a0320964562aa4ae2f6e1acbe173cd5da8855977c66f019fd343cfe8dacc3e410edf933bce117a4e9b542182bad3023805fd44

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI42002\_socket.pyd
    Filesize

    72KB

    MD5

    7f25ab4019e6c759fc77383f523ef9af

    SHA1

    5e6748ce7f6753195117fdc2820996b49fd8d3af

    SHA256

    d0497b79345b2c255f6274baea6ac44b74f345e111ab25bf6c91af9b2a3f3b95

    SHA512

    a179b22c61f661e4d9b17f56b6a7f66f2d8d8e1d2a9a8aca3c4d6a9cb7755ce6d223bfbca817c1098692a39b6fc20ffbdacefd9bfb47ff02ffa47badca437514

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI42002\_tkinter.pyd
    Filesize

    59KB

    MD5

    c76da9cb5af654367036201cd6b77a96

    SHA1

    3a8a41c728cfc17556dcb0cbcd762aae4cbc8239

    SHA256

    e616f850e6905d5f5f1c821a5c39360090444555c1444f97bd2313f4cb99aaf4

    SHA512

    d91b1027d2ff6e3491c62f2fbc9942e75d76795cc9d48fef423378d69eb8d813add17c8dacb4cea252c5f2cc13b8550057dae41a1de8ffdb720099efca66370c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI42002\base_library.zip
    Filesize

    1.0MB

    MD5

    e21bdf0905da75861685f5e72da461b2

    SHA1

    a325dbce4ae10cd6754d71a9d5b0f6b994db4acb

    SHA256

    e7b0b253a9b569ddc7660865ba6fbdc0f583a11691af383cc674658d6a337119

    SHA512

    73bc50f2ed906fcacb8a7cfa7eecb4e79896fbb81f31d30d109c03f5283f4e3a1782bedcf107c7b7a868feaba907cafcceffd24e0e822851a2dbba15d5ffb09a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI42002\libcrypto-1_1.dll
    Filesize

    3.3MB

    MD5

    63c4f445b6998e63a1414f5765c18217

    SHA1

    8c1ac1b4290b122e62f706f7434517077974f40e

    SHA256

    664c3e52f914e351bb8a66ce2465ee0d40acab1d2a6b3167ae6acf6f1d1724d2

    SHA512

    aa7bdb3c5bc8aeefbad70d785f2468acbb88ef6e6cac175da765647030734453a2836f9658dc7ce33f6fff0de85cb701c825ef5c04018d79fa1953c8ef946afd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI42002\libssl-1_1.dll
    Filesize

    678KB

    MD5

    bd857f444ebbf147a8fcd1215efe79fc

    SHA1

    1550e0d241c27f41c63f197b1bd669591a20c15b

    SHA256

    b7c0e42c1a60a2a062b899c8d4ebd0c50ef956177ba21785ce07c517c143aeaf

    SHA512

    2b85c1521edeadf7e118610d6546fafbbad43c288a7f0f9d38d97c4423a541dfac686634cde956812916830fbb4aad8351a23d95cd490c4a5c0f628244d30f0a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI42002\python310.dll
    Filesize

    4.3MB

    MD5

    316ce972b0104d68847ab38aba3de06a

    SHA1

    ca1e227fd7f1cfb1382102320dadef683213024b

    SHA256

    34f0e44a0d089587e1ea48c1cc4c3164a1819c6db27a7c1b746af46d6388c26e

    SHA512

    a11da6590a71d977c62b1c26c275763413f6a455e6d85fa052654d05d845dbbe8122bbd8e0a23887f9873d4291382ebbd5df19674ad2dda1cf0ff3206054939b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI42002\tcl86t.dll
    Filesize

    1.8MB

    MD5

    75909678c6a79ca2ca780a1ceb00232e

    SHA1

    39ddbeb1c288335abe910a5011d7034345425f7d

    SHA256

    fbfd065f861ec0a90dd513bc209c56bbc23c54d2839964a0ec2df95848af7860

    SHA512

    91689413826d3b2e13fc7f579a71b676547bc4c06d2bb100b4168def12ab09b65359d1612b31a15d21cb55147bbab4934e6711351a0440c1533fb94fe53313bf

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI42002\tcl\encoding\cp1252.enc
    Filesize

    1KB

    MD5

    e9117326c06fee02c478027cb625c7d8

    SHA1

    2ed4092d573289925a5b71625cf43cc82b901daf

    SHA256

    741859cf238c3a63bbb20ec6ed51e46451372bb221cfff438297d261d0561c2e

    SHA512

    d0a39bc41adc32f2f20b1a0ebad33bf48dfa6ed5cc1d8f92700cdd431db6c794c09d9f08bb5709b394acf54116c3a1e060e2abcc6b503e1501f8364d3eebcd52

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI42002\tk86t.dll
    Filesize

    1.5MB

    MD5

    4b6270a72579b38c1cc83f240fb08360

    SHA1

    1a161a014f57fe8aa2fadaab7bc4f9faaac368de

    SHA256

    cd2f60075064dfc2e65c88b239a970cb4bd07cb3eec7cc26fb1bf978d4356b08

    SHA512

    0c81434d8c205892bba8a4c93ff8fc011fb8cfb72cfec172cf69093651b86fd9837050bd0636315840290b28af83e557f2205a03e5c344239356874fce0c72b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI42002\ucrtbase.dll
    Filesize

    1.1MB

    MD5

    b76f01ae50ce43187be1d701b51ca644

    SHA1

    cb59f1ff16f8f3996646930f02d3090422c64a02

    SHA256

    903806c8888e3c9ac0212ed50be6889c21cf4fd12f49931da8b548b5326a0bf8

    SHA512

    d0962bdc5439c7068d67e59d6434606581744daf41a628c083ae147936074f489b44dca8dd737a6766dcdc2b99a2cb7e5cbc79e13e0d9b661f77acd13a9c5300

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI42002\_sqlite3.pyd
    Filesize

    91KB

    MD5

    485aa66e439a3fe177dc41ca99c47764

    SHA1

    804c3e453f033f32e7550f5665b4275e68b8addd

    SHA256

    89d32e0206c06cdd196c1dc97a7540d8893eb31ec4703c996494ac68ca62dc7d

    SHA512

    d40eec1e2a63f141752f4a8390db1f20720601cce6ce98f16f7f2bbbc41234d1b290dee2399e9b0e65774751bc6c4c39a3c200adda1e78b1362d293420c3506b

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI42002\_ssl.pyd
    Filesize

    152KB

    MD5

    cf2f95ecf1a72f8670177c081eedeb04

    SHA1

    6652f432c86718fed9a83be93e66ea5755986709

    SHA256

    ba6025ab22d8e6c5ad53c66dc919f219a542e87540502905609b33dc0a8dddd8

    SHA512

    7e5df920f6acb671e78078e9c4fa3278ae838ea6bef49c0ae44de6a79923a3d7bccf0fb3f0e477ca5092e23450494dee265d8735b24d8026456e1328f6fe8b2e

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI42002\select.pyd
    Filesize

    24KB

    MD5

    589f030c0baa8c47f7f8082a92b834f5

    SHA1

    6c0f575c0556b41e35e7272f0f858dcf90c192a7

    SHA256

    b9ef1709ed4cd0fd72e4c4ba9b7702cb79d1619c11554ea06277f3dac21bd010

    SHA512

    6761c0e191795f504fc2d63fd866654869d8819c101de51df78ff071a8985541eec9a9659626dfcb31024d25fd47eff42caa2ae85cc0deb8a11113675fac8500

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI42002\sqlite3.dll
    Filesize

    1.4MB

    MD5

    29725c00f4e6a3035bb12ca64a20a2f3

    SHA1

    3f27663b93a75e5595cb4bb48509d31055d86ff6

    SHA256

    20290d47f466c31d5f412eca9f412a9b1d45aa5c2be3d9719f9a12b970c635f4

    SHA512

    a6f8d56b44a982ff7585ba52de05ba1bc026f2982a1d0bec80cf2add8a10bd64475c8fb8f8c5f4308d807be036bad0958931e67cffc489547181faa2d39a59ae

    Download Submit