Overview

overview

8

Static

static

1

olauncher-...st.jar

windows7-x64

8

olauncher-...st.jar

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    olauncher-1.7.3_01-redist.jar

  • Size

    4.8MB

  • Sample

    241116-tvcexszbna

  • MD5

    83142f234eed9dd697aa1a0ec762fa34

  • SHA1

    cdc6a7e875d29e4852903220e6d88ac4b2d0d2d3

  • SHA256

    e3353c654f01046af262559aff1be29f7611b7e1b8aefd2d5fb5ad1801ffc40b

  • SHA512

    5493b4e029440af1cc230d580ded08d9ebd5044c77cd82354c5b4109dbb368916cc32308b083dec2afaec36a3e0b633269f88336f9e896e80b56d8625e508b15

  • SSDEEP

    98304:cwaLGv/qyreOSUQCSbe/EXsEipbayF84rKB1Dan+/Bq5pqotm+V3lMBwmTDK3vlA:AyiCce8XBipbayF84Ixa+/wvbV9mTDiG

Score
8/10
microsoftdiscoverypersistencephishingprivilege_escalation

Malware Config

Targets

    • Target

      olauncher-1.7.3_01-redist.jar

    • Size

      4.8MB

    • MD5

      83142f234eed9dd697aa1a0ec762fa34

    • SHA1

      cdc6a7e875d29e4852903220e6d88ac4b2d0d2d3

    • SHA256

      e3353c654f01046af262559aff1be29f7611b7e1b8aefd2d5fb5ad1801ffc40b

    • SHA512

      5493b4e029440af1cc230d580ded08d9ebd5044c77cd82354c5b4109dbb368916cc32308b083dec2afaec36a3e0b633269f88336f9e896e80b56d8625e508b15

    • SSDEEP

      98304:cwaLGv/qyreOSUQCSbe/EXsEipbayF84rKB1Dan+/Bq5pqotm+V3lMBwmTDK3vlA:AyiCce8XBipbayF84Ixa+/wvbV9mTDiG

    Score
    8/10
    discoverypersistenceprivilege_escalationmicrosoftphishing

    • Drops file in Drivers directory

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

      persistenceprivilege_escalation

    • Loads dropped DLL

    • Drops desktop.ini file(s)

    • Detected potential entity reuse from brand MICROSOFT.

      phishingmicrosoft

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks