Overview

overview

7

Static

static

3

ATLauncher....0.exe

windows7-x64

7

ATLauncher....0.exe

windows10-2004-x64

7

ATLauncher....0.exe

android-10-x64

Analysis

  • max time kernel
    592s
  • max time network
    489s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240419-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27-04-2024 22:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ATLauncher-setup-1.2.0.0.exe

  • Size

    2.6MB

  • MD5

    9515a0d3a9dfa2c861baee86ee447419

  • SHA1

    6fa7b3341f3fa7d9bd38a194c80ae8077e842524

  • SHA256

    d051b434836408a72c8b8d9be423c30bf51cef3df2f954b5b099740954845ccd

  • SHA512

    ca8fb4775c3c08220e356e44c0b8fd304d7264cd6aa2a924ebf8d4170e53cd5db25fc2460f52f0a6fcdfa4305340d555c7b9ff4bd300ffb2b5ae288bc6b9d8e9

  • SSDEEP

    49152:NBuZrEUp9VRG26qhJQrstMU9QbKzjgZTUljEXSD:bkLp9Vk2z0J2Qez8IjECD

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ATLauncher-setup-1.2.0.0.exe
    "C:\Users\Admin\AppData\Local\Temp\ATLauncher-setup-1.2.0.0.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4748
    • C:\Users\Admin\AppData\Local\Temp\is-1V6P0.tmp\ATLauncher-setup-1.2.0.0.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-1V6P0.tmp\ATLauncher-setup-1.2.0.0.tmp" /SL5="$5021C,1526961,1202688,C:\Users\Admin\AppData\Local\Temp\ATLauncher-setup-1.2.0.0.exe"
      2⤵
      • Executes dropped EXE
      PID:3756

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\is-1V6P0.tmp\ATLauncher-setup-1.2.0.0.tmp
    Filesize

    3.4MB

    MD5

    fddfc2fd95d94fcc4f4c3d3abc482dd7

    SHA1

    c82ffaf7f1972222de8e260f009f746cba33554b

    SHA256

    5b15c5d2b573d06a78b1774a6b5ed549fef9eace60b1b137f5186a3dac25ab68

    SHA512

    ab316f9da61b552d1f11e4873d228c35cc091846530297dfd3c2d2fd3a971d42406ee58f8969538e8046eb111a3e3e0c63017e97cb9f9eafe4ff04b703698152

    Download Submit
  • memory/3756-7-0x0000000002880000-0x0000000002881000-memory.dmp
    Filesize

    4KB

    Download
  • memory/3756-10-0x0000000000400000-0x0000000000776000-memory.dmp
    Filesize

    3.5MB

    Download
  • memory/3756-13-0x0000000002880000-0x0000000002881000-memory.dmp
    Filesize

    4KB

    Download
  • memory/4748-0-0x0000000000400000-0x0000000000533000-memory.dmp
    Filesize

    1.2MB

    Download
  • memory/4748-2-0x0000000000400000-0x0000000000533000-memory.dmp
    Filesize

    1.2MB

    Download
  • memory/4748-9-0x0000000000400000-0x0000000000533000-memory.dmp
    Filesize

    1.2MB

    Download