ElyPrismLauncher-Windows-MSVC-Setup-9.5.exe
CLASSIFICATION
Malicious
0
Antivirus detections1
IDS alerts9
Processes3
Contacted hosts3
DNS RequestsIndicator Context
Blacklist timeline
Malicious
114 days since the last reported activity
Sample information
Hashes
In depth details
Dates
Explore our API specification anytime here:
cURL
Python
PowerShell
Request:
curl -H "Authorization: Bearer <API_KEY>" https://api.maltiverse.com/sample/75797b17cf305df10d9c9f30a9b6623cad8527b49224e8c0d5c780b7c6003e04
Response:
{
"blacklist": [
{
"count": 6,
"description": "Generic Malware",
"first_seen": "2025-07-16 18:00:08",
"last_seen": "2025-07-16 19:00:12",
"ref": [
21745
],
"source": "Hybrid-Analysis"
}
],
"classification": "malicious",
"contacted_host": [
"72.246.157.244",
"185.199.109.153",
"98.84.224.111"
],
"creation_time": "2025-07-16 17:37:48",
"dns_request": [
"aka.ms",
"i18n.prismlauncher.org",
"prismlauncher.org"
],
"filename": [
"ElyPrismLauncher-Windows-MSVC-Setup-9.5.exe"
],
"filetype": "PE32 executable (GUI) Intel 80386, for MS Windows, ...",
"is_alive": false,
"is_cdn": false,
"is_cnc": false,
"is_distributing_malware": false,
"is_hosting": false,
"is_iot_threat": false,
"is_known_attacker": false,
"is_known_scanner": false,
"is_mining_pool": false,
"is_open_proxy": false,
"is_phishing": false,
"is_sinkhole": false,
"is_storing_phishing": false,
"is_tor_node": false,
"is_vpn_node": false,
"md5": "97d5664455a0e9ea61c7757e23928fbd",
"modification_time": "2025-07-16 19:00:12",
"network_suricata_alert": [
{
"category": "Generic Protocol Command Decode",
"description": "SURICATA IPv4 invalid checksum",
"event": "98.84.224.111:443 (TCP)",
"sid": "2200073"
}
],
"process_list": [
{
"name": "ElyPrismLauncher-Windows-MSVC-Setup-9.5.exe",
"normalizedpath": "C:\\ElyPrismLauncher-Windows-MSVC-Setup-9.5.exe",
"sha256": "75797b17cf305df10d9c9f30a9b6623cad8527b49224e8c0d5c780b7c6003e04",
"uid": "00000000-00003572"
},
{
"commandline": "TaskKill /IM elyprismlauncher.exe /F",
"name": "TaskKill.exe",
"normalizedpath": "%WINDIR%\\SysWOW64\\TaskKill.exe",
"sha256": "bf1f32a3aaa946bb295b182c14482721dfb431e1c4e5622b6f4207f3b5c3d9e0",
"uid": "00000000-00005928"
},
{
"commandline": "/install /passive /norestart",
"name": "vc_redist.x64.exe",
"normalizedpath": "%LOCALAPPDATA%\\Programs\\ElyPrismLauncher\\vc_redist\\vc_redist.x64.exe",
"sha256": "cc0ff0eb1dc3f5188ae6300faef32bf5beeba4bdd6e8e445a9184072096b713b",
"uid": "00000000-00004356"
},
{
"commandline": "-burn.clean.room=\"%LOCALAPPDATA%\\Programs\\ElyPrismLauncher\\vc_redist\\vc_redist.x64.exe\" -burn.filehandle.attached=812 -burn.filehandle.self=816 /install /passive /norestart",
"name": "vc_redist.x64.exe",
"normalizedpath": "%WINDIR%\\Temp\\{C1E2C558-FE92-4491-BB1A-2CE652988FE6}\\.cr\\vc_redist.x64.exe",
"sha256": "568c9ba533624084ea18f7a562b4aa2249ed4e41281524a061a0d0b1008cf6bd",
"uid": "00000000-00009000"
},
{
"commandline": "-q -burn.elevated BurnPipe.{EADB25A4-BC23-4138-BD02-468BE10D76ED} {1CAABE73-2385-461E-BB96-15C042C3B45E} 9000",
"name": "VC_redist.x64.exe",
"normalizedpath": "%WINDIR%\\Temp\\{EB95B8D4-7F97-431A-AE9F-1BD30C5F23D8}\\.be\\VC_redist.x64.exe",
"sha256": "568c9ba533624084ea18f7a562b4aa2249ed4e41281524a061a0d0b1008cf6bd",
"uid": "00000000-00001420"
},
{
"commandline": "-uninstall -quiet -burn.related.upgrade -burn.ancestors={d8bbe9f9-7c5b-42c6-b715-9ee898a2e515} -burn.filehandle.self=1132 -burn.embedded BurnPipe.{D30347B7-62B1-400F-AD95-1DD3274D99BF} {6CEB87F6-25BD-46D1-9D32-CA475DABAB73} 1420",
"name": "VC_redist.x64.exe",
"normalizedpath": "%ALLUSERSPROFILE%\\Package Cache\\{8bdfe669-9705-4184-9368-db9ce581e0e7}\\VC_redist.x64.exe",
"sha256": "9a6c005e1a71e11617f87ede695af32baac8a2056f11031941df18b23c4eeba6",
"uid": "00000000-00008224"
},
{
"commandline": "-burn.clean.room=\"%ALLUSERSPROFILE%\\Package Cache\\{8bdfe669-9705-4184-9368-db9ce581e0e7}\\VC_redist.x64.exe\" -burn.filehandle.attached=624 -burn.filehandle.self=684 -uninstall -quiet -burn.related.upgrade -burn.ancestors={d8bbe9f9-7c5b-42c6-b715-9ee898a2e515} -burn.filehandle.self=1132 -burn.embedded BurnPipe.{D30347B7-62B1-400F-AD95-1DD3274D99BF} {6CEB87F6-25BD-46D1-9D32-CA475DABAB73} 1420",
"name": "VC_redist.x64.exe",
"normalizedpath": "%ALLUSERSPROFILE%\\Package Cache\\{8bdfe669-9705-4184-9368-db9ce581e0e7}\\VC_redist.x64.exe",
"sha256": "9a6c005e1a71e11617f87ede695af32baac8a2056f11031941df18b23c4eeba6",
"uid": "00000000-00006096"
},
{
"commandline": "-q -burn.elevated BurnPipe.{521A0923-38BD-4742-B6C2-DF7AB3044B87} {BE858406-A653-4974-972E-D9DFB8A5AC5B} 6096",
"name": "VC_redist.x64.exe",
"normalizedpath": "%ALLUSERSPROFILE%\\Package Cache\\{8bdfe669-9705-4184-9368-db9ce581e0e7}\\VC_redist.x64.exe",
"sha256": "9a6c005e1a71e11617f87ede695af32baac8a2056f11031941df18b23c4eeba6",
"uid": "00000000-00003580"
},
{
"name": "elyprismlauncher.exe",
"normalizedpath": "%LOCALAPPDATA%\\Programs\\ElyPrismLauncher\\elyprismlauncher.exe",
"sha256": "7964d3f429ca8e16bcf81a91990640c691d631cf82b9f8a677e40e0313dee412",
"uid": "00000000-00004268"
}
],
"score": 10,
"scoring_executed_time": "2025-07-16 18:00:10",
"sha1": "34d054c67905baa5a1714e5269afbecd63eca301",
"sha256": "75797b17cf305df10d9c9f30a9b6623cad8527b49224e8c0d5c780b7c6003e04",
"size": 22387198,
"tag": [
"windows-server-utility"
],
"type": "sample"
}
IDS Alerts
| SID | Category | Description | Event |
|---|---|---|---|
| 2200073 | Generic Protocol Command Decode | SURICATA IPv4 invalid checksum | 98.84.224.111:443 (TCP) |
Items per page:
1 – 1 of 1
Network contacts
| DNS Requests |
|---|
| aka.ms |
| i18n.prismlauncher.org |
| prismlauncher.org |
| Contacted Hosts |
|---|
| 72.246.157.244 |
| 185.199.109.153 |
| 98.84.224.111 |
Process list
| Process |
|---|
|
|
|
|
|
|
|
|
|
Items per page:
1 – 9 of 9