Malware Analysis Report

2024-11-30 13:04

Sample ID 240620-h6cpaazfnn
Target MiniGo Launcher Setup.exe
SHA256 fe6419e521cc0612602566c0d7babfecdbd286453ef918ecdc441d0a38ccc118
Tags
discovery pyinstaller
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

fe6419e521cc0612602566c0d7babfecdbd286453ef918ecdc441d0a38ccc118

Threat Level: Shows suspicious behavior

The file MiniGo Launcher Setup.exe was found to be: Shows suspicious behavior.

Malicious Activity Summary

discovery pyinstaller

Loads dropped DLL

Executes dropped EXE

Checks installed software on the system

Drops file in Program Files directory

Unsigned PE

Detects Pyinstaller

Enumerates physical storage devices

Suspicious use of SetWindowsHookEx

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: AddClipboardFormatListener

Suspicious use of FindShellTrayWindow

Modifies registry class

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-20 07:20

Signatures

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-20 07:20

Reported

2024-06-20 07:23

Platform

win11-20240508-en

Max time kernel

169s

Max time network

164s

Command Line

"C:\Users\Admin\AppData\Local\Temp\MiniGo Launcher Setup.exe"

Signatures

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A

Checks installed software on the system

discovery

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\MiniLAU\assets\is-2FCRU.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\bin\is-6B64A.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-KA8DH.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-LG4UB.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-MANCL.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File opened for modification C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\bin\MSVCP140_1.dll C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\unins000.dat C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\bin\is-S9UDI.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-70BEK.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-SCE7Q.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File opened for modification C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\bin\Qt5Qml.dll C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\is-71OFT.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-32P6G.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-1EHLU.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-7AB35.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File opened for modification C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\plugins\imageformats\qjpeg.dll C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File opened for modification C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\plugins\imageformats\qicns.dll C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\is-4DM8L.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\is-CQAE5.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\charset_normalizer\is-8E6O6.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\PyQt5\is-L90FA.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\bin\is-DIA2K.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-1R3AM.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File opened for modification C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\plugins\platformthemes\qxdgdesktopportal.dll C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\assets\is-DC885.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-7R03T.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File opened for modification C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\plugins\platforms\qwindows.dll C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\PyQt5\is-3I0O0.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-5J6O1.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-56IVG.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-FDR1E.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-GOQ5G.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File opened for modification C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File opened for modification C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\bin\Qt5Core.dll C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\bin\is-6H1J3.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-4LDJV.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-KC5Q2.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-S4SD3.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File opened for modification C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\plugins\styles\qwindowsvistastyle.dll C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\is-B6UM6.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-6VLIO.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-EH9QM.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File opened for modification C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\plugins\imageformats\qwebp.dll C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\bin\is-UGA2R.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\bin\is-54U32.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-326GM.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-P3O5I.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-A5BHU.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-EURBG.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File opened for modification C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\plugins\imageformats\qwbmp.dll C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File opened for modification C:\Program Files (x86)\MiniLAU\_internal\VCRUNTIME140.dll C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File opened for modification C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\plugins\imageformats\qsvg.dll C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\is-5U6VQ.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-5IVTB.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-MAQ4K.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File opened for modification C:\Program Files (x86)\MiniLAU\_internal\python3.dll C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File opened for modification C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\bin\Qt5DBus.dll C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\plugins\iconengines\is-4GQA1.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-Q0FO2.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-E10Q8.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-RNRL3.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File opened for modification C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\bin\VCRUNTIME140_1.dll C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\is-L6G1A.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
File created C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-NNRIT.tmp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A

Detects Pyinstaller

pyinstaller
Description Indicator Process Target
N/A N/A N/A N/A

Enumerates physical storage devices

Modifies registry class

Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MiniLauncher.myp\ = "MiniLauncher" C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MiniLauncher.myp\shell\open\command C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Applications C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Applications\MiniGo Launcher.exe C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Applications\MiniGo Launcher.exe\SupportedTypes\.myp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.myp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\.myp\OpenWithProgids\MiniLauncher.myp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Applications\MiniGo Launcher.exe\SupportedTypes C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
Key created \REGISTRY\MACHINE\Software\Classes\MiniLauncher.myp\shell\open\command C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
Key created \REGISTRY\MACHINE\Software\Classes\Applications\MiniGo Launcher.exe\SupportedTypes C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MiniLauncher.myp\shell C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\.myp\OpenWithProgids C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
Key created \REGISTRY\MACHINE\Software\Classes\MiniLauncher.myp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MiniLauncher.myp\DefaultIcon\ = "C:\\Program Files (x86)\\MiniLAU\\MiniGo Launcher.exe,0" C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MiniLauncher.myp C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\MiniLauncher.myp\shell\open C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MiniLauncher.myp\shell\open\command\ = "\"C:\\Program Files (x86)\\MiniLAU\\MiniGo Launcher.exe\" \"%1\"" C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
Key created \REGISTRY\MACHINE\Software\Classes\.myp\OpenWithProgids C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
Key created \REGISTRY\MACHINE\Software\Classes\MiniLauncher.myp\DefaultIcon C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A

Suspicious behavior: AddClipboardFormatListener

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe N/A

Processes

C:\Users\Admin\AppData\Local\Temp\MiniGo Launcher Setup.exe

"C:\Users\Admin\AppData\Local\Temp\MiniGo Launcher Setup.exe"

C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp

"C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp" /SL5="$30234,25656669,783360,C:\Users\Admin\AppData\Local\Temp\MiniGo Launcher Setup.exe"

C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe

"C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "ver"

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 launchermeta.mojang.com udp

Files

memory/1204-0-0x0000000000400000-0x00000000004CC000-memory.dmp

memory/1204-2-0x0000000000401000-0x00000000004B7000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\is-9OQ0F.tmp\MiniGo Launcher Setup.tmp

MD5 1b96c7fbdf7cb74c4e94fdb2fb6dc03a
SHA1 57bf7ee5e408aff950ef188892fb28a3f156aaa8
SHA256 da3d244e7547db28ace88f8c6afb4eeb5918a8fd5bb3eca05844338cf2c926c4
SHA512 ca65f3a8f0f24298e88b3a2d95f407441f4f137428b5d0290f8e23474afa372a6798410da6b6b790bb476c364665732d575c2b6d97010830bca6300842c70c7a

memory/4676-7-0x0000000000400000-0x0000000000708000-memory.dmp

memory/1204-8-0x0000000000400000-0x00000000004CC000-memory.dmp

memory/4676-9-0x0000000000400000-0x0000000000708000-memory.dmp

memory/4676-36-0x0000000000400000-0x0000000000708000-memory.dmp

C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\translations\is-7R03T.tmp

MD5 bcebcf42735c6849bdecbb77451021dd
SHA1 4884fd9af6890647b7af1aefa57f38cca49ad899
SHA256 9959b510b15d18937848ad13007e30459d2e993c67e564badbfc18f935695c85
SHA512 f951b511ffb1a6b94b1bcae9df26b41b2ff829560583d7c83e70279d1b5304bde299b3679d863cad6bb79d0beda524fc195b7f054ecf11d2090037526b451b78

memory/4676-322-0x0000000000400000-0x0000000000708000-memory.dmp

C:\Program Files (x86)\MiniLAU\MiniGo Launcher.exe

MD5 9ddad5e4401e467e93530b76cb5c0e9b
SHA1 a7b63aff9f2f598f33619a5729a79c0701c69914
SHA256 cf0042b5450a0f1ed15341ece655023651bd4f377fadd67ff2c83779c50549dc
SHA512 469e2b47caa0505723e61e1ff81d4d09339ec69d79b59d2c335e6fbcdd0d94bb301f69eccd740b3cdc6c5cceb30b04b35cbb91d0398cd98e1afa4dff2d511add

C:\Program Files (x86)\MiniLAU\_internal\python39.dll

MD5 7e9d14aa762a46bb5ebac14fbaeaa238
SHA1 a5d90a7df9b90bdd8a84d7dc5066e4ea64ceb3d9
SHA256 e456ef44b261f895a01efb52d26c7a0c7d7d465b647a7b5592708ebf693f12a3
SHA512 280f16348df1c0953bbc6f37ff277485351171d0545ebe469bacd106d907917f87584154aec0f193f37322bc93ac5433cd9a5b5c7f47367176e5a8b19bbd5023

C:\Program Files (x86)\MiniLAU\_internal\VCRUNTIME140.dll

MD5 11d9ac94e8cb17bd23dea89f8e757f18
SHA1 d4fb80a512486821ad320c4fd67abcae63005158
SHA256 e1d6f78a72836ea120bd27a33ae89cbdc3f3ca7d9d0231aaa3aac91996d2fa4e
SHA512 aa6afd6bea27f554e3646152d8c4f96f7bcaaa4933f8b7c04346e410f93f23cfa6d29362fd5d51ccbb8b6223e094cd89e351f072ad0517553703f5bf9de28778

C:\Program Files (x86)\MiniLAU\_internal\_uuid.pyd

MD5 4b12242f880989cb909246c19616e82f
SHA1 df1c6459959b040babf21c2ec2ee765ce6103086
SHA256 02e05c2dc07b699fb7e6178526d6f32127e8d9b7aed0720446d186824d4fd1db
SHA512 2b3df39d886981fa123420c256a97ce075a4f7c6728a4f0e15615b9b7f3f0bad6cbbf46c4d417afa25ab8cdf50303a1209677827ed4877494cfac8f6494d263e

C:\Program Files (x86)\MiniLAU\_internal\_ssl.pyd

MD5 6f52439450ad38bf940eef2b662e4234
SHA1 3dea643fac7e10cae16c6976982a626dd59ff64a
SHA256 31c95af04a76d3badbdd3970d9b4c6b9a72278e69d0d850a4710f1d9a01618d7
SHA512 fdd97e04f4a7b1814c2f904029dfb5cdfcd8a125fce884dcd6fdb09fb8a691963192192f22cf4e9d79dd2598cf097a8764aeec7a79e70a9795250c8ef0024474

C:\Program Files (x86)\MiniLAU\_internal\_socket.pyd

MD5 4b2f1faab9e55a65afa05f407c92cab4
SHA1 1e5091b09fc0305cf29ec2e715088e7f46ccbbd4
SHA256 241db349093604ab25405402ba8c4212016657c7e6a10edd3110abeb1cc2e1ba
SHA512 68070db39cd14841bcd49db1acf19806b0aa4b4ac4c56518b3a3baddaac1cd533f0b3ef70a378f53d65c0d6c0f745a6102b63303ea7978c79f688c787efe9cc3

C:\Program Files (x86)\MiniLAU\_internal\_queue.pyd

MD5 e64538868d97697d62862b52df32d81b
SHA1 2279c5430032ad75338bab3aa28eb554ecd4cd45
SHA256 b0bd6330c525b4c64d036d29a3733582928e089d99909500e8564ae139459c5f
SHA512 8544f5df6d621a5ff2ca26da65b49f57e19c60b4177a678a00a5feb130bf0902f780b707845b5a4dd9f12ddb673b462f77190e71cbe358db385941f0f38e4996

C:\Program Files (x86)\MiniLAU\_internal\_lzma.pyd

MD5 a77c9a75ed7d9f455e896b8fb09b494c
SHA1 c85d30bf602d8671f6f446cdaba98de99793e481
SHA256 4797aaf192eb56b32ca4febd1fad5be9e01a24e42bf6af2d04fcdf74c8d36fa5
SHA512 4d6d93aa0347c49d3f683ee7bc91a3c570c60126c534060654891fad0391321e09b292c9386fb99f6ea2c2eca032889841fce3cab8957bb489760daac6f79e71

C:\Program Files (x86)\MiniLAU\_internal\_hashlib.pyd

MD5 ae32a39887d7516223c1e7ffdc3b6911
SHA1 94b9055c584df9afb291b3917ff3d972b3cd2492
SHA256 7936413bc24307f01b90cac2d2cc19f38264d396c1ab8eda180abba2f77162eb
SHA512 1f17af61c917fe373f0a40f06ce2b42041447f9e314b2f003b9bd62df87c121467d14ce3f8e778d3447c4869bf381c58600c1e11656ebda6139e6196262ae17e

C:\Program Files (x86)\MiniLAU\_internal\_decimal.pyd

MD5 bb70fc3eb76b6801ed7228b6869017b2
SHA1 fe76cdf1d8eab706a9e748404c09b8841f13d923
SHA256 831e4ce99f469fa94567482444af492891b7bf327853e92dd4bb2ce092021e74
SHA512 0c17324718e803c861fc58c4584c8d1421e097f7ef4a23b247f9e2448c1460d2c67eac3ef76da02195a07e2d391a39f0db1d4d8d3ac163ca488f05424e750944

C:\Program Files (x86)\MiniLAU\_internal\_bz2.pyd

MD5 124678d21d4b747ec6f1e77357393dd6
SHA1 dbfb53c40d68eba436934b01ebe4f8ee925e1f8e
SHA256 9483c4853ca1da3c5b2310dbdd3b835a44df6066620278aa96b2e665c4b4e86b
SHA512 2882779b88ed48af1e27c2bc212ddc7e4187d26a28a90655cef98dd44bc07cc93da5bce2442af26d7825639590b1e2b78bf619d50736d67164726a342be348fa

C:\Program Files (x86)\MiniLAU\_internal\VCRUNTIME140_1.dll

MD5 7667b0883de4667ec87c3b75bed84d84
SHA1 e6f6df83e813ed8252614a46a5892c4856df1f58
SHA256 04e7ccbdcad7cbaf0ed28692fb08eab832c38aad9071749037ee7a58f45e9d7d
SHA512 968cbaafe416a9e398c5bfd8c5825fa813462ae207d17072c035f916742517edc42349a72ab6795199d34ccece259d5f2f63587cfaeb0026c0667632b05c5c74

C:\Program Files (x86)\MiniLAU\_internal\unicodedata.pyd

MD5 87f3e3cf017614f58c89c087f63a9c95
SHA1 0edc1309e514f8a147d62f7e9561172f3b195cd7
SHA256 ba6606dcdf1db16a1f0ef94c87adf580bb816105d60cf08bc570b17312a849da
SHA512 73f00f44239b2744c37664dbf2b7df9c178a11aa320b9437055901746036003367067f417414382977bf8379df8738c862b69d8d36c6e6aa0b0650833052c85f

C:\Program Files (x86)\MiniLAU\_internal\select.pyd

MD5 f8f5a047b98309d425fd06b3b41b16e4
SHA1 2a44819409199b47f11d5d022e6bb1d5d1e77aea
SHA256 5361da714a61f99136737630d50fa4e975d76f5de75e181af73c5a23a2b49012
SHA512 f0a96790fcdabf02b452f5c6b27604f5a10586b4bf759994e6d636cc55335026631fa302e209a53f5e454bea03b958b6d662e0be91fa64ce187a7dc5d35a9aa9

C:\Program Files (x86)\MiniLAU\_internal\python3.dll

MD5 d188e47657686c51615075f56e7bbb92
SHA1 98dbd7e213fb63e851b76da018f5e4ae114b1a0c
SHA256 84cb29052734ec4ad5d0eac8a9156202a2077ee9bd43cabc68e44ee22a74910a
SHA512 96ca8c589ab5db5fde72d35559170e938ce283559b1b964c860629579d6a231e1c1a1952f3d08a8af35d1790228ac8d97140b25b9c96d43f45e3398459ae51bc

C:\Program Files (x86)\MiniLAU\_internal\libssl-1_1.dll

MD5 bd857f444ebbf147a8fcd1215efe79fc
SHA1 1550e0d241c27f41c63f197b1bd669591a20c15b
SHA256 b7c0e42c1a60a2a062b899c8d4ebd0c50ef956177ba21785ce07c517c143aeaf
SHA512 2b85c1521edeadf7e118610d6546fafbbad43c288a7f0f9d38d97c4423a541dfac686634cde956812916830fbb4aad8351a23d95cd490c4a5c0f628244d30f0a

C:\Program Files (x86)\MiniLAU\_internal\libcrypto-1_1.dll

MD5 63c4f445b6998e63a1414f5765c18217
SHA1 8c1ac1b4290b122e62f706f7434517077974f40e
SHA256 664c3e52f914e351bb8a66ce2465ee0d40acab1d2a6b3167ae6acf6f1d1724d2
SHA512 aa7bdb3c5bc8aeefbad70d785f2468acbb88ef6e6cac175da765647030734453a2836f9658dc7ce33f6fff0de85cb701c825ef5c04018d79fa1953c8ef946afd

C:\Program Files (x86)\MiniLAU\_internal\base_library.zip

MD5 c53cb6cb31e716c8f63e46e893d7647b
SHA1 1555a8eae598574ea996dd19183aa377a3ad1013
SHA256 ff17bf5c2319b61fc274c94a9690625cca1eb00b4a2bff73d0c61b5e8f7afd12
SHA512 782df6aa0dbaba8da7a27aabf691d58ebb4d29d5060cb35ea90e20d88d1ed6dc4af4ee93a0ba42cebea81f7c87dba5c04213438f329afffbbdba08b4b6bf11b4

C:\Program Files (x86)\MiniLAU\_internal\PyQt5\QtCore.pyd

MD5 d6d51c8f5e381cbba49d54e507a41220
SHA1 86deaab67d3fc4e26bc81db89faec720a5d8a3a4
SHA256 5a2aed6f96abec6905e6a36d33bc00d2c23e13f6333ea0545a32ab57b33a7c47
SHA512 3b3b386d3d0a8865348a574740473325a1a7deac6a9b767fbca253e1de90412aa76e4e9b36d9586f3307f10ee567adb34d85bf21751e568e86ec66683131fbf0

C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\bin\Qt5Core.dll

MD5 817520432a42efa345b2d97f5c24510e
SHA1 fea7b9c61569d7e76af5effd726b7ff6147961e5
SHA256 8d2ff4ce9096ddccc4f4cd62c2e41fc854cfd1b0d6e8d296645a7f5fd4ae565a
SHA512 8673b26ec5421fce8e23adf720de5690673bb4ce6116cb44ebcc61bbbef12c0ad286dfd675edbed5d8d000efd7609c81aae4533180cf4ec9cd5316e7028f7441

C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\bin\MSVCP140_1.dll

MD5 0fe6d52eb94c848fe258dc0ec9ff4c11
SHA1 95cc74c64ab80785f3893d61a73b8a958d24da29
SHA256 446c48c1224c289bd3080087fe15d6759416d64f4136addf30086abd5415d83f
SHA512 c39a134210e314627b0f2072f4ffc9b2ce060d44d3365d11d8c1fe908b3b9403ebdd6f33e67d556bd052338d0ed3d5f16b54d628e8290fd3a155f55d36019a86

C:\Program Files (x86)\MiniLAU\_internal\PyQt5\QtWidgets.pyd

MD5 9cde8433816662eaeb762c8e6fe77e6b
SHA1 d9d69268af89c4134ed94c768baedd6abbce7557
SHA256 e732f15729fa69c3067dc33abb60e241570398aa9ab3359d9ff2a9714d1a1e4c
SHA512 3f6dfc0fdc9eeb4f5d041aaf5d0420091f7230bf60796e979503d345ce9a74e0f23dd229c31207221c8509bab1edde616ff9803776708a5b4097a7338d372c54

C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\bin\Qt5Gui.dll

MD5 47307a1e2e9987ab422f09771d590ff1
SHA1 0dfc3a947e56c749a75f921f4a850a3dcbf04248
SHA256 5e7d2d41b8b92a880e83b8cc0ca173f5da61218604186196787ee1600956be1e
SHA512 21b1c133334c7ca7bbbe4f00a689c580ff80005749da1aa453cceb293f1ad99f459ca954f54e93b249d406aea038ad3d44d667899b73014f884afdbd9c461c14

memory/1880-368-0x00007FFFB98B0000-0x00007FFFB9DF1000-memory.dmp

memory/1880-371-0x00007FFFB8F80000-0x00007FFFB91E5000-memory.dmp

C:\Program Files (x86)\MiniLAU\_internal\PyQt5\QtGui.pyd

MD5 a931566050607d6a9feb94cef82672d9
SHA1 405a7e907631efef51bea7952d4d725b6402d5a2
SHA256 8c425d163b0c650cb8dc4662625de4998bed2ad9a3f2e04a8664e2e72a69f845
SHA512 263a23f1346ecf1a042f3c697c8f40aefb99e134c06ee87edeef47c170e7113327a9c51143af83e4fa1589970f22c2606bf6f4bb4ebff7be3ee3e3acfde4a258

C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\plugins\platforms\qoffscreen.dll

MD5 6407499918557594916c6ab1ffef1e99
SHA1 5a57c6b3ffd51fc5688d5a28436ad2c2e70d3976
SHA256 54097626faae718a4bc8e436c85b4ded8f8fb7051b2b9563a29aee4ed5c32b7b
SHA512 8e8abb563a508e7e75241b9720a0e7ae9c1a59dd23788c74e4ed32a028721f56546792d6cca326f3d6aa0a62fdedc63bf41b8b74187215cd3b26439f40233f4d

C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\plugins\platforms\qminimal.dll

MD5 2f6d88f8ec3047deaf174002228219ab
SHA1 eb7242bb0fe74ea78a17d39c76310a7cdd1603a8
SHA256 05d1e7364dd2a672df3ca44dd6fd85bed3d3dc239dcfe29bfb464f10b4daa628
SHA512 0a895ba11c81af14b5bd1a04a450d6dcca531063307c9ef076e9c47bd15f4438837c5d425caee2150f3259691f971d6ee61154748d06d29e4e77da3110053b54

C:\Program Files (x86)\MiniLAU\_internal\charset_normalizer\md__mypyc.cp39-win_amd64.pyd

MD5 b5692f504b608be714d5149d35c8c92a
SHA1 62521c88d619acfff0f5680f3a9b4c043acf9a1d
SHA256 969196cd7cade4fe63d17cf103b29f14e85246715b1f7558d86e18410db7bbc0
SHA512 364eb2157b821c38bdeed5a0922f595fd4eead18ceab84c8b48f42ea49ae301aabc482d25f064495b458cdcb8bfab5f8001d29a306a6ce1bbb65db41047d8ea5

C:\Program Files (x86)\MiniLAU\_internal\charset_normalizer\md.cp39-win_amd64.pyd

MD5 d93ad224c10ba644f92232a7b7575e23
SHA1 4a9abc6292e7434d4b5dd38d18c9c1028564c722
SHA256 89268be3cf07b1e3354ddb617cb4fe8d4a37b9a1b474b001db70165ba75cff23
SHA512 b7d86ecd5a7372b92eb6c769047b97e9af0f875b2b02cff3e95d3e154ef03d6b9cf39cc3810c5eca9fea38fea6201e26f520da8b9255a35e40d6ec3d73bb4929

memory/1880-366-0x00007FFFB9E00000-0x00007FFFBA2F0000-memory.dmp

C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\bin\Qt5Widgets.dll

MD5 4cd1f8fdcd617932db131c3688845ea8
SHA1 b090ed884b07d2d98747141aefd25590b8b254f9
SHA256 3788c669d4b645e5a576de9fc77fca776bf516d43c89143dc2ca28291ba14358
SHA512 7d47d2661bf8fac937f0d168036652b7cfe0d749b571d9773a5446c512c58ee6bb081fec817181a90f4543ebc2367c7f8881ff7f80908aa48a7f6bb261f1d199

C:\Program Files (x86)\MiniLAU\_internal\PyQt5\sip.cp39-win_amd64.pyd

MD5 0ca03bf820f16e28256695c42dab56dd
SHA1 35bf3d4f7112aac0fe5ba61ad647f48b0edbb93f
SHA256 fcf8f65a5c944d94de8535b9d4f4235e24c8c328266bd2b0ba420ea1f8433c01
SHA512 9fe58f438921cf1de341f4194707eca2e4c045184493fd4715f078d0137a8b47f299072fa0128a4172ef433a41f9e9a949592de74f72152b1a81d4a588c699bb

memory/4676-392-0x0000000000400000-0x0000000000708000-memory.dmp

memory/1204-393-0x0000000000400000-0x00000000004CC000-memory.dmp

C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\bin\VCRUNTIME140_1.dll

MD5 6bc084255a5e9eb8df2bcd75b4cd0777
SHA1 cf071ad4e512cd934028f005cabe06384a3954b6
SHA256 1f0f5f2ce671e0f68cf96176721df0e5e6f527c8ca9cfa98aa875b5a3816d460
SHA512 b822538494d13bda947655af791fed4daa811f20c4b63a45246c8f3befa3ec37ff1aa79246c89174fe35d76ffb636fa228afa4bda0bd6d2c41d01228b151fd89

C:\Program Files (x86)\MiniLAU\_internal\PyQt5\Qt5\bin\MSVCP140.dll

MD5 01b946a2edc5cc166de018dbb754b69c
SHA1 dbe09b7b9ab2d1a61ef63395111d2eb9b04f0a46
SHA256 88f55d86b50b0a7e55e71ad2d8f7552146ba26e927230daf2e26ad3a971973c5
SHA512 65dc3f32faf30e62dfdecb72775df870af4c3a32a0bf576ed1aaae4b16ac6897b62b19e01dc2bf46f46fbe3f475c061f79cbe987eda583fee1817070779860e5

memory/1880-350-0x00007FFFBA8C0000-0x00007FFFBAB23000-memory.dmp