PUP.TLauncher

By CagedTech in Potentially Unwanted Programs

Threat Scorecard

Popularity Rank:	2,040
Threat Level:	10 % (Normal)
Infected Computers:	1,070

First Seen:	January 15, 2025
Last Seen:	March 31, 2026
OS(es) Affected:	Windows

Table of Contents

SpyHunter Detects & Remove PUP.TLauncher

File System Details

PUP.TLauncher may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	TLauncher-Installer-1.6.0.exe	57e620a87b7833573da5f0bde42b5500	494
Name: TLauncher-Installer-1.6.0.exe MD5: 57e620a87b7833573da5f0bde42b5500 Size: 25.37 MB (25379240 bytes) Detections: 494 Type: Executable File Path: . Group: Malware file Last Updated: March 31, 2026

Analysis Report

General information

Family Name:	PUP.TLauncher
Signature status:	Self Signed

Known Samples

MD5: 084f168d0a1c09c09e94a9e15b34e14b

SHA1: 9ab9887ee0d2b16ed84b58e8cedafcea2c5bb9da

SHA256: B8404A81A84ADC6F5259A5E9840F586B1963E2B045969344AE73B1AB08E9D1AF

File Size: 9.60 MB, 9597608 bytes

Windows Portable Executable Attributes

File doesn't have "Rich" header
File doesn't have debug information
File doesn't have exports table
File doesn't have relocations information
File has TLS information
File is 32-bit executable
File is either console or GUI application
File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
File is Native application (NOT .NET application)
File is not packed

IMAGE_FILE_DLL is not set inside PE header (Executable)
IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name	Value
Company Name	TLauncher Inc.
File Description	TLauncher
File Version	1.255
Internal Name	TLauncher
Legal Copyright	TLauncher Inc.
Legal Trademarks	Default organization
Original Filename	TLauncher.exe
Product Name	TLauncher
Product Version	1.255.0.0

Digital Signatures

Signer	Root	Status
TLauncher Inc.	Trustwave Global Code Signing CA, Level 1	Self Signed
TLauncher Inc.	Trustwave Global Code Signing CA, Level 1	Self Signed

Registry Modifications

Key::Value	Data	API Name
HKCU\software\microsoft\windows\currentversion\explorer::slowcontextmenuentries		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\5.0\cache\content::cacheprefix		RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\5.0\cache\cookies::cacheprefix	Cookie:	RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\5.0\cache\history::cacheprefix	Visited:	RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKLM\software\microsoft\windows nt\currentversion\notifications\data::418a073aa3bc1c75		RegNtPreCreateKey
HKCU\software\microsoft\edge\blbeacon::failed_count		RegNtPreCreateKey
HKCU\software\microsoft\edge\blbeacon::state		RegNtPreCreateKey
HKCU\software\microsoft\edge\thirdparty::statuscodes	(NULL)	RegNtPreCreateKey
HKCU\software\microsoft\edge\thirdparty::statuscodes		RegNtPreCreateKey

HKCU\software\microsoft\edge\elfbeacon::version	143.0.3650.80	RegNtPreCreateKey
HKCU\software\microsoft\edge\blbeacon::failed_count		RegNtPreCreateKey
HKCU\software\microsoft\edge\blbeacon::state		RegNtPreCreateKey

Windows API Usage

Category	API
Process Manipulation Evasion	NtUnmapViewOfSection ReadProcessMemory
Process Shell Execute	CreateProcess ShellExecute
Syscall Use	ntdll.dll!NtAccessCheck ntdll.dll!NtAlpcSendWaitReceivePort ntdll.dll!NtApphelpCacheControl ntdll.dll!NtAssociateWaitCompletionPacket ntdll.dll!NtClose ntdll.dll!NtCreateFile ntdll.dll!NtCreateMutant ntdll.dll!NtCreateSection ntdll.dll!NtCreateSemaphore ntdll.dll!NtDeleteValueKey Show More ntdll.dll!NtDuplicateToken ntdll.dll!NtFreeVirtualMemory ntdll.dll!NtMapViewOfSection ntdll.dll!NtOpenFile ntdll.dll!NtOpenKey ntdll.dll!NtOpenKeyEx ntdll.dll!NtOpenProcessToken ntdll.dll!NtOpenProcessTokenEx ntdll.dll!NtOpenSection ntdll.dll!NtOpenThreadTokenEx ntdll.dll!NtPowerInformation ntdll.dll!NtProtectVirtualMemory ntdll.dll!NtQueryAttributesFile ntdll.dll!NtQueryInformationProcess ntdll.dll!NtQueryInformationThread ntdll.dll!NtQueryInformationToken ntdll.dll!NtQueryKey ntdll.dll!NtQueryLicenseValue ntdll.dll!NtQueryPerformanceCounter ntdll.dll!NtQuerySecurityObject ntdll.dll!NtQuerySystemInformation ntdll.dll!NtQuerySystemInformationEx ntdll.dll!NtQueryValueKey ntdll.dll!NtQueryVirtualMemory ntdll.dll!NtReadRequestData ntdll.dll!NtReleaseMutant ntdll.dll!NtReleaseWorkerFactoryWorker ntdll.dll!NtSetEvent ntdll.dll!NtSetInformationVirtualMemory ntdll.dll!NtSetInformationWorkerFactory ntdll.dll!NtSetValueKey ntdll.dll!NtTestAlert ntdll.dll!NtWaitForSingleObject ntdll.dll!NtWaitForWorkViaWorkerFactory ntdll.dll!NtWriteFile UNKNOWN

Shell Command Execution


							open http://java-for-minecraft.com/


							"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --edge-skip-compat-layer-relaunch --single-argument http://java-for-minecraft.com/

EnigmaSoft’s Payment Processor Digital River GmbH Filing for Bankruptcy Does Not Impact SpyHunter Customers’ Anti-Malware Protection

Search

Change Region

PUP.TLauncher

Threat Scorecard

EnigmaSoft Threat Scorecard

SpyHunter Detects & Remove PUP.TLauncher

File System Details

Analysis Report

General information

Known Samples

Known Samples

Windows Portable Executable Attributes

Windows Portable Executable Attributes

File Icons

File Icons

Windows PE Version Information

Windows PE Version Information

Digital Signatures

Digital Signatures

Registry Modifications

Registry Modifications

Windows API Usage

Windows API Usage

Shell Command Execution

Shell Command Execution

Submit Comment

Trending

HTTP Error 401 Invalid Security Token Email Scam

Giant Coupons Official Extension

Chainbridgeworks.co.in

Most Viewed

How To Fix 'Printer Driver is Unavailable' Error

Pornktube.porn

Discord Shows Black Screen when Sharing Screen