Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

SKlauncher-3.2.exe

windows7-x64

1

SKlauncher-3.2.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    141s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/07/2024, 07:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SKlauncher-3.2.exe

  • Size

    1.6MB

  • MD5

    b63468dd118dfbca5ef7967ba344e0e3

  • SHA1

    2ba4f0df5f3bd284bf2a89aba320e4440d8b8355

  • SHA256

    05ae2f0dd61ef10019b94c200e8df192b767bb4cc24a7e7b329ab43cc9c74caf

  • SHA512

    007ecb7445dc0c01a802b5a2c91313aae59f9dc96e27455dd85e7a92a4e649d683fbc2ada5f48925d9ab3b4fdaea20aa89eeb442fde079902aecb5ca3454a548

  • SSDEEP

    49152:HIBc3n9dRvwVlzhFAQ/ggUTPQjYEiim7V:oBaO/FAqMQjYEXm

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SKlauncher-3.2.exe
    "C:\Users\Admin\AppData\Local\Temp\SKlauncher-3.2.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4692
    • \??\c:\PROGRA~1\java\jre-1.8\bin\java.exe
      "c:\PROGRA~1\java\jre-1.8\bin\java.exe" -version
      2⤵
        PID:848
      • \??\c:\PROGRA~1\java\jdk-1.8\jre\bin\java.exe
        "c:\PROGRA~1\java\jdk-1.8\jre\bin\java.exe" -version
        2⤵
          PID:3440
        • C:\Windows\SYSTEM32\reg.exe
          reg query "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /v AppsUseLightTheme
          2⤵
            PID:960

        Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\ProgramData\Oracle\Java\.oracle_jre_usage\3903daac9bc4a3b7.timestamp
          Filesize

          46B

          MD5

          d0863567dc87bcf8d849866704ac1e03

          SHA1

          a1fcfe60dc9494345436a1d09134f81ef06be09d

          SHA256

          7475ed3786d372d98462419b85c456a83f087d8f4fa25884656e2f38eb64a0aa

          SHA512

          c6f9d5e5049f5e1fb4d4ed46a65651ea9f5783ea38be8e4364f6424d7abf4c9572c83a8caad004a10fe877ce43661cf6735323179ef51f584ab472e38ad11c58

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\+JXF3084320459958371554.tmp
          Filesize

          398KB

          MD5

          ff5fdc6f42c720a3ebd7b60f6d605888

          SHA1

          460c18ddf24846e3d8792d440fd9a750503aef1b

          SHA256

          1936d24cb0f4ce7006e08c6ef4243d2e42a7b45f2249f8fe54d92f76a317dfd1

          SHA512

          d3d333b1627d597c83a321a3daca38df63ea0f7cab716006935905b8170379ec2aab26cb7ffc7b539ca272cf7fb7937198aee6db3411077bedf3d2b920d078a3

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\+JXF7500548873883687224.tmp
          Filesize

          397KB

          MD5

          fdb50e0d48cdcf775fa1ac0dc3c33bd4

          SHA1

          5c95e5d66572aeca303512ba41a8dde0cea92c80

          SHA256

          64f8be6e55c37e32ef03da99714bf3aa58b8f2099bfe4f759a7578e3b8291123

          SHA512

          20ce8100c96058d4e64a12d0817b7ce638cec9f5d03651320eb6b9c3f47ee289ccc695bd3b5b6bf8e0867cdab0ebb6e8cae77df054e185828a6a13f3733ede53

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\+JXF9076075903077343331.tmp
          Filesize

          405KB

          MD5

          8f2869a84ad71f156a17bb66611ebe22

          SHA1

          0325b9b3992fa2fdc9c715730a33135696c68a39

          SHA256

          0cb1bc1335372d9e3a0cf6f5311c7cce87af90d2a777fdeec18be605a2a70bc1

          SHA512

          3d4315d591dcf7609c15b3e32bcc234659fcdbe4be24aef5dba4ad248ad42fd9ab082250244f99dc801ec21575b7400aace50a1e8834d5c33404e76a0caac834

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\e4j947F.tmp_dir1720943428\SKlauncher-3.2.jar
          Filesize

          1.1MB

          MD5

          4d653e61ba01a521c56b9a70a9c9814e

          SHA1

          de855dc3dbc914b497b58da92e0c21fff660796d

          SHA256

          f7d3e01dcfc001cc80a988c518d4358955842d140054214d1367972c5c543350

          SHA512

          e6a7db6e2893b5b01dd0c84a230d88abf50da63ceb1af5754a2c4c1fbd307a799a74f3f368430d3beb33590cda2e0a3cf509fef11c4477b76e8d3c4a582b5def

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\flatlaf.temp\flatlaf-windows-x86_64-4770069573200.dll
          Filesize

          22KB

          MD5

          dcd68a87b7e6edbcfde48150403b22eb

          SHA1

          28e4839a29725075772fccc39b44e194eb91e477

          SHA256

          ae3352b6ad6cffaae55f4387f9f5e79365ea17f8d5fb45ef11d21c3300a49a4c

          SHA512

          ac2a6bc0afcd08c56090536a937772edd54f35505c9a5837d9bc8e91c31edb6137cf5191986b3473e9e2f512950b4dbfe4088598bfd1faf47088124c70aeba71

          Download Submit

        • C:\Users\Admin\AppData\Roaming\.minecraft\sklauncher-fx.jar
          Filesize

          14.1MB

          MD5

          f111ccb3248fd1e4c3ee4d95b5c2bc21

          SHA1

          3d2a5015948f8c68e97fc3349dbe875c0b2bb3c9

          SHA256

          5c9a7be7207382bf95d7ea73118675d09ec11d81a7b335484668e943dfaedb12

          SHA512

          ecad27cef72e213247d7b7d3726bbdce1a62a7bb24c4520448f9d65841b304859ac8a44f63f7bea88b7f930d5f8f1ae8b6b34c331bf297a1508db71ab3318ca2

          Download Submit

        • memory/848-16-0x0000020400000000-0x0000020400270000-memory.dmp

          Filesize

          2.4MB

          Download

        • memory/848-5-0x0000020400000000-0x0000020400270000-memory.dmp

          Filesize

          2.4MB

          Download

        • memory/848-15-0x0000020476E60000-0x0000020476E61000-memory.dmp

          Filesize

          4KB

          Download

        • memory/3440-30-0x00000211D5600000-0x00000211D5870000-memory.dmp

          Filesize

          2.4MB

          Download

        • memory/3440-29-0x00000211D55E0000-0x00000211D55E1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/3440-19-0x00000211D5600000-0x00000211D5870000-memory.dmp

          Filesize

          2.4MB

          Download

        • memory/4692-159-0x0000000002F80000-0x0000000002F81000-memory.dmp

          Filesize

          4KB

          Download

        • memory/4692-212-0x0000000002F80000-0x0000000002F81000-memory.dmp

          Filesize

          4KB

          Download

        • memory/4692-139-0x0000000002F80000-0x0000000002F81000-memory.dmp

          Filesize

          4KB

          Download

        • memory/4692-121-0x0000000002F80000-0x0000000002F81000-memory.dmp

          Filesize

          4KB

          Download

        • memory/4692-107-0x0000000002F80000-0x0000000002F81000-memory.dmp

          Filesize

          4KB

          Download

        • memory/4692-183-0x0000000002F80000-0x0000000002F81000-memory.dmp

          Filesize

          4KB

          Download

        • memory/4692-206-0x0000000002F80000-0x0000000002F81000-memory.dmp

          Filesize

          4KB

          Download

        • memory/4692-213-0x0000000002F80000-0x0000000002F81000-memory.dmp

          Filesize

          4KB

          Download

        • memory/4692-216-0x0000000002F80000-0x0000000002F81000-memory.dmp

          Filesize

          4KB

          Download

        • memory/4692-126-0x0000000002F80000-0x0000000002F81000-memory.dmp

          Filesize

          4KB

          Download

        • memory/4692-223-0x0000000002F80000-0x0000000002F81000-memory.dmp

          Filesize

          4KB

          Download

        • memory/4692-227-0x0000000002F80000-0x0000000002F81000-memory.dmp

          Filesize

          4KB

          Download

        • memory/4692-82-0x0000000002F80000-0x0000000002F81000-memory.dmp

          Filesize

          4KB

          Download

        • memory/4692-309-0x0000000002F80000-0x0000000002F81000-memory.dmp

          Filesize

          4KB

          Download

        • memory/4692-307-0x0000000002F80000-0x0000000002F81000-memory.dmp

          Filesize

          4KB

          Download

        • memory/4692-49-0x0000000002F80000-0x0000000002F81000-memory.dmp

          Filesize

          4KB

          Download

        • memory/4692-45-0x0000000002F80000-0x0000000002F81000-memory.dmp

          Filesize

          4KB

          Download

        • memory/4692-33-0x00000000031F0000-0x0000000003460000-memory.dmp

          Filesize

          2.4MB

          Download

        • memory/4692-749-0x00000000031F0000-0x0000000003460000-memory.dmp

          Filesize

          2.4MB

          Download