aa3c568c88329c4dd471492c0db25a6c299b4346562d63e850e3064902d86d69

Analysis

max time kernel
212s
max time network
278s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
03-08-2024 05:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

prismlauncher.exe
Size

9.7MB
MD5

337e87e1117573b52d7a069a2bec9935
SHA1

52060abc875a8cb7aa08076b503f2aeaf3dd4d89
SHA256

6651a644ecbfa74355c25036986efe7ac48002c7d6d54b9ff1eb2db5f7fd8bf3
SHA512

638312070c05b33c979e95264f07168e494a854068172c414d2066e9dc7fe766a27d9fae7437060cf5d8c25dfd587d7b066d88a09d6dd32f68b8bd2fc88b6aa7
SSDEEP

98304:zpPOVXkPVGiWnYmryIHDno6TRlUNxOKsgCfVT:z1Gi0h06gxyhVT

Score

1^/10

Malware Config

Signatures

Suspicious behavior: AddClipboardFormatListener 1 IoCs

Processes:

prismlauncher.exe

pid process

1848 prismlauncher.exe
Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

prismlauncher.exe

pid process

1848 prismlauncher.exe

pid	process
1848	prismlauncher.exe

pid	process
1848	prismlauncher.exe

C:\Users\Admin\AppData\Local\Temp\prismlauncher.exe
"C:\Users\Admin\AppData\Local\Temp\prismlauncher.exe"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
PID:1848

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\PrismLauncher\prismlauncher.cfg
Filesize
53B

MD5
6f624badccc8b9eed6d567456c6a43a8

SHA1
e447a23ba6c9893181820e0742b78d66dceed764

SHA256
849351b6f6124c69ba87cbc7be1b7e2f0101a901026a4cfa778b39520d0f6867

SHA512
096d8d9f7c928c2459a6ab10af7b0f96cb1b69539d667879f79b0e44c216630bf63bf2313b54e8e6ef8a8d863bfe4670e618942f9fe93bed4d923789a1d11ad2

Download Submit
C:\Users\Admin\AppData\Roaming\PrismLauncher\prismlauncher.cfg
Filesize
100B

MD5
e803b8ae6533e17b623930a8ebfb543f

SHA1
a25f73fcd7f894adc728e929ed14361c7bd95238

SHA256
b48d67f462da8fc5e2f0df02e2729098ddbb1fbacdbe91ea690009b6bc730654

SHA512
b092ef13abaecdfcf5d28a74b282204bbc2adf3aa47584f9cd20f658e6b0b570ebc668decf7d99cdf259d98139894212ab7155e3269490b3efd601ee0dd67e3a

Download Submit
C:\Users\Admin\AppData\Roaming\PrismLauncher\prismlauncher.cfg.lock
Filesize
66B

MD5
8f3cc23ba8f5b0a3e39378224fafd471

SHA1
bce06c15d05f015225070de4109067c36a887a02

SHA256
6b35944fcc89456d6891decf0a810679f1796c59ff02b3f14d7e119b4ac96fc6

SHA512
4dbb26fc204f89f99cf26016954a406c11a7c3f20ab13d9c5069b12b3194ef15879b036407a36ccb464562e27a02585c08d0e77e9f747dda9897a1913d611769

Download Submit
C:\Users\Admin\AppData\Roaming\PrismLauncher\prismlauncher.cfg.phBpUc
Filesize
30B

MD5
a6dc16331f06bc5831e5ddc9799284ec

SHA1
d344f83d549df8c3e2c959182ba37f8c81d885a5

SHA256
9da99b49301ba83c33387e75d2028185562479e677b6afb110b4f8b098465807

SHA512
43e498eab5c6f9b2f70c01e0abd4e63edb2651e498f267b53c7f62f2ef9c1eb68fa4783967fdba1880722a8bcd6e58065108f42773f0f47c04c9e54e809b1c14

Download Submit
memory/1848-0-0x00007FFBD9F10000-0x00007FFBDA53D000-memory.dmp

Filesize
6.2MB

Download
memory/1848-1-0x00007FF7AF000000-0x00007FF7AF9C6000-memory.dmp

Filesize
9.8MB

Download
memory/1848-2-0x0000029518620000-0x0000029518630000-memory.dmp

Filesize
64KB

Download
memory/1848-53-0x0000029518620000-0x0000029518630000-memory.dmp

Filesize
64KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads