Overview

overview

8

Static

static

1

Stand.Launchpad.exe

windows7-x64

8

Stand.Launchpad.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    136s
  • max time network
    126s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10-05-2024 16:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Stand.Launchpad.exe

  • Size

    77KB

  • MD5

    856d627432e5e27a25e73c5fa602e73a

  • SHA1

    fe1ea681e4837356376de7a32ca04a1fac1422e6

  • SHA256

    2ca1de126855935f8522a5168e69a02226af9cd7595dacd920a242ef4f9afadd

  • SHA512

    6ac1ea393496cede1337183528c435d440f8a4c4784ccb87e552f76ed8963f3892608c8f2b9bf350ac54af05fb26f068126ec440fbae543c8fb65b160f71539e

  • SSDEEP

    768:U23IuhXaoAaGI7kMSbEjMlnQmndydf4dZIgi2WeLeqMc5tul5scYhbHOAtbMU:Ut9ZomQMBQmnXdZIgQQN+l5scmbCU

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 21 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Stand.Launchpad.exe
    "C:\Users\Admin\AppData\Local\Temp\Stand.Launchpad.exe"
    1⤵
    • Modifies registry class
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:716
  • C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
    1⤵
      PID:1896

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Calamity,_Inc\Stand.Launchpad.exe_Url_rz0v4fzocioy3g23muw4v53aivui0hlg\1.9.0.0\user.config
      Filesize

      1KB

      MD5

      bf322b210208d88bc73873f2fc0f795c

      SHA1

      b3344febac56fe27d9042a3ebc86042a8019112c

      SHA256

      f27d8a40f5ddbe95d26146352bd7760742fadb1ecd33b3c135039f92e0e44465

      SHA512

      37c3e50ec21dc833f5cb6b54f8edbd259230cc61373e133281283b6f77e8e8ce8f400f3268cfa640237be4de3383a89091b9332303f99e4893dacfdbfe47b217

      Download Submit

    • C:\Users\Admin\AppData\Local\Calamity,_Inc\Stand.Launchpad.exe_Url_rz0v4fzocioy3g23muw4v53aivui0hlg\1.9.0.0\user.config
      Filesize

      946B

      MD5

      b4ae24f20e59e454d57443d663a7581e

      SHA1

      68ab33e7fcea8bf79d76728fc49338d0d10a12f6

      SHA256

      8409dd0aa292b3bf50903a7ca1a1a0d6697d5c7b0ed3d1c5e43ebdf6f82db074

      SHA512

      25a7cbc382609d298ecaedea567231ac6ba0856bc523550912fd7b8393a29664ad68e9490dff0ff25b18b7a018476798c4df1000ebc99174bb6f2d5604e383f5

      Download Submit

    • C:\Users\Admin\AppData\Local\Calamity,_Inc\Stand.Launchpad.exe_Url_rz0v4fzocioy3g23muw4v53aivui0hlg\1.9.0.0\user.config
      Filesize

      1KB

      MD5

      d1858cc23d3c31466322fc35b5c8afb3

      SHA1

      63bc673d574d038131e94bca36974fb394fd1cfd

      SHA256

      bf9e1edb9509ae0a012f5fac5217693fd35d17b0054a646b0f08d7c8d13f74a5

      SHA512

      75348d291528777724d79ceefeff32e64c09fd599ab055577fb25348364a7c6c6e0bd99472f3b4337ed1e7d735f5d8724a0ba0fe32b8bfe6d29c7d2fe324fdb6

      Download Submit

    • memory/716-0-0x00007FFFD5833000-0x00007FFFD5835000-memory.dmp

      Filesize

      8KB

      Download

    • memory/716-1-0x0000021310130000-0x0000021310146000-memory.dmp

      Filesize

      88KB

      Download

    • memory/716-2-0x00007FFFD5830000-0x00007FFFD62F1000-memory.dmp

      Filesize

      10.8MB

      Download

    • memory/716-13-0x00007FFFD5830000-0x00007FFFD62F1000-memory.dmp

      Filesize

      10.8MB

      Download

    • memory/716-14-0x00007FFFD5830000-0x00007FFFD62F1000-memory.dmp

      Filesize

      10.8MB

      Download

    • memory/716-28-0x00007FFFD5833000-0x00007FFFD5835000-memory.dmp

      Filesize

      8KB

      Download

    • memory/716-29-0x00007FFFD5830000-0x00007FFFD62F1000-memory.dmp

      Filesize

      10.8MB

      Download

    • memory/716-30-0x00007FFFD5830000-0x00007FFFD62F1000-memory.dmp

      Filesize

      10.8MB

      Download

    • memory/716-43-0x00007FFFD5830000-0x00007FFFD62F1000-memory.dmp

      Filesize

      10.8MB

      Download