97f316b567be836f302b4182037f02e17e2a8272534ce830a3d1d2ea15237006 | Triage

Submit
Reports

Overview

overview

9

Static

static

9

0099d476ab...18.exe

windows7-x64

6

0099d476ab...18.exe

windows10-2004-x64

6

$PLUGINSDI...er.dll

windows7-x64

1

$PLUGINSDI...er.dll

windows10-2004-x64

1

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows7-x64

1

$PLUGINSDI...ll.dll

windows10-2004-x64

1

$PLUGINSDI...cs.exe

windows7-x64

1

$PLUGINSDI...cs.exe

windows10-2004-x64

1

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$TEMP/QQLi...ex.exe

windows7-x64

3

$TEMP/QQLi...ex.exe

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

ADManage.dll

windows7-x64

6

ADManage.dll

windows10-2004-x64

6

ATL80.dll

windows7-x64

1

ATL80.dll

windows10-2004-x64

1

AsyncTask.dll

windows7-x64

3

AsyncTask.dll

windows10-2004-x64

3

BugReporter.exe

windows7-x64

1

BugReporter.exe

windows10-2004-x64

1

CefSubProcess.dll

windows7-x64

3

CefSubProcess.dll

windows10-2004-x64

3

ChannelMgr.dll

windows7-x64

6

ChannelMgr.dll

windows10-2004-x64

6

Common.dll

windows7-x64

1

Common.dll

windows10-2004-x64

1

D3DX9_43.dll

windows7-x64

1

D3DX9_43.dll

windows10-2004-x64

1

Analysis

max time kernel
160s
max time network
174s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
26-04-2024 10:52

Sharing

Static task

static1

cryptone packer

2 signatures

Behavioral task

behavioral1

Sample

0099d476ababd44886c8c6fe727721ba_JaffaCakes118.exe

Resource

win7-20231129-en

bootkit persistence

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

0099d476ababd44886c8c6fe727721ba_JaffaCakes118.exe

Resource

win10v2004-20240419-en

bootkit persistence

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral3

Sample

$PLUGINSDIR/InstallHelper.dll

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral4

Sample

$PLUGINSDIR/InstallHelper.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral5

Sample

$PLUGINSDIR/InstallOptions.dll

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral6

Sample

$PLUGINSDIR/InstallOptions.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral7

Sample

$PLUGINSDIR/ProcDll.dll

Resource

win7-20231129-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral8

Sample

$PLUGINSDIR/ProcDll.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral9

Sample

$PLUGINSDIR/Statistics.exe

Resource

win7-20240215-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

$PLUGINSDIR/Statistics.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

$PLUGINSDIR/System.dll

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral12

Sample

$PLUGINSDIR/System.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral13

Sample

$TEMP/QQLive/QQLiveSetupex.exe

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral14

Sample

$TEMP/QQLive/QQLiveSetupex.exe

Resource

win10v2004-20240419-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral15

Sample

$PLUGINSDIR/ExProcDLL.dll

Resource

win7-20240419-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral16

Sample

$PLUGINSDIR/ExProcDLL.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral17

Sample

ADManage.dll

Resource

win7-20240221-en

bootkit persistence

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral18

Sample

ADManage.dll

Resource

win10v2004-20240419-en

bootkit persistence

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral19

Sample

ATL80.dll

Resource

win7-20240215-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral20

Sample

ATL80.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral21

Sample

AsyncTask.dll

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral22

Sample

AsyncTask.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral23

Sample

BugReporter.exe

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

BugReporter.exe

Resource

win10v2004-20240419-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

CefSubProcess.dll

Resource

win7-20240419-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral26

Sample

CefSubProcess.dll

Resource

win10v2004-20240412-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral27

Sample

ChannelMgr.dll

Resource

win7-20231129-en

bootkit persistence

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral28

Sample

ChannelMgr.dll

Resource

win10v2004-20240419-en

bootkit persistence

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral29

Sample

Common.dll

Resource

win7-20240220-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral30

Sample

Common.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral31

Sample

D3DX9_43.dll

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral32

Sample

D3DX9_43.dll

Resource

win10v2004-20240419-en

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

$PLUGINSDIR/Statistics.exe
Size

323KB
MD5

41e928af129c0583d2eb8c13a6caee64
SHA1

d7c6f623f941ff21d5e172ec599c9525e4bcf953
SHA256

24f1b40015760028743e03f2e0dbd6333f07fa43bcbdb37bb33a1b6626eb0684
SHA512

ca8dfb2318e4c7352497c3f664cf886b92c171567ca615e0a55a9cc89ca84a8a4c96b10bc5da3b8109aef8c6718da672fc106da95153860b8dc253ac5c98c6ba
SSDEEP

3072:cnImDls6hJ1QMjTBCT5LiR1oBYsLnEbVu/hqMivTqB2toa:AK6fXGPOihf9M

Score

1^/10

Malware Config

Signatures

Processes

C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\Statistics.exe
"C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\Statistics.exe"
1⤵
PID:2448

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=1328 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:8
1⤵
PID:3532

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy