Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

LauncherFe...v7.exe

windows7-x64

1

LauncherFe...v7.exe

windows10-2004-x64

7

Resubmissions

03/07/2024, 21:52

240703-1rjhdsxgrp 7

03/07/2024, 21:52

240703-1q36eazckf 3

Analysis

  • max time kernel
    147s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20231129-es
  • resource tags

    arch:x64arch:x86image:win7-20231129-eslocale:es-esos:windows7-x64systemwindows
  • submitted
    03/07/2024, 21:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LauncherFenix-Minecraft-v7.exe

  • Size

    397KB

  • MD5

    d99bb55b57712065bc88be297c1da38c

  • SHA1

    fb6662dd31e8e5be380fbd7a33a50a45953fe1e7

  • SHA256

    122bfbb9f67e355340991deeacb167be9c12ad726b5a7c5779448dd0cc4af0cb

  • SHA512

    3eb5d57faea4c0146c2af40102deaac18235b379f5e81fe35a977b642e3edf70704c8cedd835e94f27b04c8413968f7469fccf82c1c9339066d38d3387c71b17

  • SSDEEP

    3072:puzvch1rugYc4wqYSRR756K7ItBjgXHUYCnlK:Wch1aIqYSRVM+unlK

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 51 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 2 IoCs
  • Suspicious use of SetWindowsHookEx 16 IoCs
  • Suspicious use of WriteProcessMemory 24 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\LauncherFenix-Minecraft-v7.exe
    "C:\Users\Admin\AppData\Local\Temp\LauncherFenix-Minecraft-v7.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2788
    • C:\Program Files\Java\jre7\bin\javaw.exe
      "C:\Program Files\Java\jre7\bin\javaw.exe" -jar "C:\Users\Admin\AppData\Local\Temp\LauncherFenix-Minecraft-v7.exe"
      2⤵
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2956
      • C:\Program Files\Internet Explorer\iexplore.exe
        "C:\Program Files\Internet Explorer\iexplore.exe" https://launcherfenix.com.ar/wope/register/
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:2764
        • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
          "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2764 CREDAT:275457 /prefetch:2
          4⤵
          • Modifies Internet Explorer settings
          • Suspicious use of SetWindowsHookEx
          PID:1976
      • C:\Program Files\Internet Explorer\iexplore.exe
        "C:\Program Files\Internet Explorer\iexplore.exe" https://launcherfenix.com.ar/wope/register/
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:2916
        • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
          "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2916 CREDAT:275457 /prefetch:2
          4⤵
          • Modifies Internet Explorer settings
          • Suspicious use of SetWindowsHookEx
          PID:896

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8B2B9A00839EED1DFDCCC3BFC2F5DF12
    Filesize

    1KB

    MD5

    2365869258df7a66a2121b802ca4afd9

    SHA1

    73acc30a2edeb9d6830de559bb8a74f35168135d

    SHA256

    d6b1932822bbd72a8e78c771717d992142348f67d625a42393719fefbe59b0ed

    SHA512

    795004bab536e128dbd81c188976d37c7b650efbfa5a80374df4c65a1049c27658f4620b7605583928eb167fcb69b4c99e4c8730c507b824a7bde9c7fb0e21f4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B46811C17859FFB409CF0E904A4AA8F8
    Filesize

    436B

    MD5

    1bfe0a81db078ea084ff82fe545176fe

    SHA1

    50b116f578bd272922fa8eae94f7b02fd3b88384

    SHA256

    5ba8817f13eee00e75158bad93076ab474a068c6b52686579e0f728fda68499f

    SHA512

    37c582f3f09f8d80529608c09041295d1644bcc9de6fb8c4669b05339b0dd870f9525abc5eed53ad06a94b51441275504bc943c336c5beb63b53460ba836ca8d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    1KB

    MD5

    a266bb7dcc38a562631361bbf61dd11b

    SHA1

    3b1efd3a66ea28b16697394703a72ca340a05bd5

    SHA256

    df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

    SHA512

    0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\8B2B9A00839EED1DFDCCC3BFC2F5DF12
    Filesize

    174B

    MD5

    37470c614246362702f25a57f5d7d488

    SHA1

    d88282429cbad2e9c903156332200ffe94f728f3

    SHA256

    4357b70449c145500a8f64dec0af383cf4c1fb07c944975a6605427dddd5b4c9

    SHA512

    dd6a9760b272b700c93a163244064f882719d3c6f5290a2bc568927e4870d40e91fe85d276291fac9353a4529a2ee03aa02f6094fc5c734ea5fad0e3a0d65044

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5db0a4534e51ea2e708af1fe3c8c7052

    SHA1

    9311be049c07e6edefc7426e7a0b1bdf8012691d

    SHA256

    cefb19a2a7537002f82f14e0ad9905ab541005c02389f77870ac034c7bd9e7ea

    SHA512

    3425c8fa76cfd635ed8cba1afeb096a0672e03198e1cc6014962e15e3fda78d34653f34b2732fef5ec03e56da2885bebfe0aed61b49140b6c16c91598db2227e

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B46811C17859FFB409CF0E904A4AA8F8
    Filesize

    170B

    MD5

    0b2bd914d15e029fda6b87e64435f82b

    SHA1

    b132c56c10aa47fb6e98d98e4414daf1d996c692

    SHA256

    d876511b6d4df5796c34cca25bf05be4ab01c258a05758bc9a39b5244ddb001d

    SHA512

    228d72cb161f6c418e8b9f1c8612b818f1cdaf66fe7abf9292475a7a67c8e0a29dd120f859b61c6b3151e4ffda20547a55fe65526f3419fb05e4b6eb42845977

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
    Filesize

    242B

    MD5

    9c332f2b5e406fc0625b722cd12b04b1

    SHA1

    25e864b45eaef9cb3cc2a1050f1de9833ebedc30

    SHA256

    c68496b9f9b59caecb693918d33fef1b66fb45efbe0235974eeeb434f99536d5

    SHA512

    be6d1d5bd33a1342d920b2ed41308bf65f3fe40c5bb9a291d568d008e3e4960a4c6d9753cac3506fca25968465631a222dfeac47638b2a4ccc95b9526e834e11

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active\RecoveryStore.{D6F58CF0-8EDC-11EE-8BED-7ED9061E9C39}.dat
    Filesize

    5KB

    MD5

    08296f440d5d905fa98a09c658df6e56

    SHA1

    58c471f37cd8d24b1993e2d80f76517b00761d91

    SHA256

    b485924b36a1bd332b6ac782c044e13251044673652293ac1be5fc939a63cdd4

    SHA512

    88ce7719614fc3a752f66558c5afb54554ff1eeb5df4f243d1371fc88001caddf4679c8582691025616b42904f9eb3e958cec731d8b2f91809f9cec092bbf9e8

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active\{E07F2AB4-3986-11EF-8744-EAC5FA9F597E}.dat
    Filesize

    4KB

    MD5

    83590221d26441881f85b634a7dcae03

    SHA1

    4ede5dc0b4bb6e620633f31d33dfe50e978cceec

    SHA256

    83e443477e32417259b1fff4b41fc8ddf38bb8a4f41ed6408817e0cf6bc8cef9

    SHA512

    27c803516864989c3b23feeba7826481f9ddc4788406ac9f7082b7980a1fef5c8a02561a86638f9952475947dc24a67b826265d36858474e0b3041ef6763ab18

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab6D45.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar6F7A.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\~DF445343BCE7143E03.TMP
    Filesize

    20KB

    MD5

    7b58f393ad5926c0e189ad8ba84fbcda

    SHA1

    e0e26aec674578147dd0461344e4ddecd8d71150

    SHA256

    53e737647ec67e92df1db986d4518650855c0ece7b9cf89aee23893b2be26d57

    SHA512

    b2eda10e8c17bcb0da49d797a4075e198e8fa7300d8fb33ab64b34bd2062f6cb073d145db2e715bb8eadb4207af77a26fd298587d58d973ee4c257918fe4e024

    Download Submit

  • C:\Users\Admin\AppData\Roaming\.minecraft\launcherfenix.jar
    Filesize

    500KB

    MD5

    84591cf8bbe4b94d5a83b2cdd605d4b5

    SHA1

    85f1dbf03d2b4c52e067849b93c3f4c7ec284886

    SHA256

    b8c2bf47cb70a77582c302284554ecd4a29f9ee55c09fc2193b3ba942d5884ae

    SHA512

    31ff3523bedc87efd5040c46fdaff325c29fa109a912b729c81660c0737505e9dbd2f9bc0a443bfce12ede2569d023cc1f56f6bea0943a669f4f85e0f420830d

    Download Submit

  • memory/2788-16-0x0000000000400000-0x0000000000462000-memory.dmp

    Filesize

    392KB

    Download

  • memory/2956-83-0x0000000000340000-0x0000000000341000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2956-239-0x00000000058B0000-0x00000000058BA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2956-64-0x0000000000340000-0x0000000000341000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2956-69-0x0000000000340000-0x0000000000341000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2956-74-0x0000000000340000-0x0000000000341000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2956-76-0x0000000000340000-0x0000000000341000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2956-2-0x0000000002550000-0x00000000027C0000-memory.dmp

    Filesize

    2.4MB

    Download

  • memory/2956-89-0x0000000000340000-0x0000000000341000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2956-90-0x0000000000340000-0x0000000000341000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2956-95-0x0000000000340000-0x0000000000341000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2956-107-0x0000000000340000-0x0000000000341000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2956-234-0x0000000002550000-0x00000000027C0000-memory.dmp

    Filesize

    2.4MB

    Download

  • memory/2956-236-0x0000000000370000-0x000000000037A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2956-235-0x0000000000370000-0x000000000037A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2956-237-0x00000000058B0000-0x00000000058BA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2956-62-0x0000000000340000-0x0000000000341000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2956-238-0x00000000058B0000-0x00000000058BA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2956-61-0x0000000000340000-0x0000000000341000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2956-59-0x0000000000340000-0x0000000000341000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2956-55-0x0000000000340000-0x0000000000341000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2956-44-0x0000000000340000-0x0000000000341000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2956-36-0x00000000058B0000-0x00000000058BA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2956-37-0x00000000058B0000-0x00000000058BA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2956-38-0x00000000058B0000-0x00000000058BA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2956-39-0x00000000058B0000-0x00000000058BA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2956-23-0x0000000000340000-0x0000000000341000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2956-17-0x0000000000340000-0x0000000000341000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2956-13-0x0000000000370000-0x000000000037A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2956-14-0x0000000000370000-0x000000000037A000-memory.dmp

    Filesize

    40KB

    Download