5c8dbf03a1f45997b2e786379007835b15804920bd6ae064faf94f3861737bb0 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

42af8a31ea...18.exe

windows7-x64

7

42af8a31ea...18.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

QtCore4.dll

windows7-x64

3

QtCore4.dll

windows10-2004-x64

3

QtNetwork4.dll

windows7-x64

3

QtNetwork4.dll

windows10-2004-x64

3

UninstallMini.exe

windows7-x64

1

UninstallMini.exe

windows10-2004-x64

1

ayprivoxy.exe

windows7-x64

1

ayprivoxy.exe

windows10-2004-x64

1

aysocks5.exe

windows7-x64

1

aysocks5.exe

windows10-2004-x64

1

jiasuqi.exe

windows7-x64

1

jiasuqi.exe

windows10-2004-x64

1

jiasuqiEx.exe

windows7-x64

1

jiasuqiEx.exe

windows10-2004-x64

1

jsqService.exe

windows7-x64

1

jsqService.exe

windows10-2004-x64

3

mgwz.dll

windows7-x64

3

mgwz.dll

windows10-2004-x64

3

msvcp100.dll

windows7-x64

3

msvcp100.dll

windows10-2004-x64

3

msvcr100.dll

windows7-x64

3

msvcr100.dll

windows10-2004-x64

3

Analysis

max time kernel
144s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
14-05-2024 19:23

Sharing

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

42af8a31ea73e1f7322b1a86f58c7f18_JaffaCakes118.exe

Resource

win7-20240508-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

42af8a31ea73e1f7322b1a86f58c7f18_JaffaCakes118.exe

Resource

win10v2004-20240426-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral3

Sample

$PLUGINSDIR/System.dll

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral4

Sample

$PLUGINSDIR/System.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral5

Sample

QtCore4.dll

Resource

win7-20231129-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral6

Sample

QtCore4.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral7

Sample

QtNetwork4.dll

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral8

Sample

QtNetwork4.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral9

Sample

UninstallMini.exe

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

UninstallMini.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

ayprivoxy.exe

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral12

Sample

ayprivoxy.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral13

Sample

aysocks5.exe

Resource

win7-20240215-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

aysocks5.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

jiasuqi.exe

Resource

win7-20240508-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral16

Sample

jiasuqi.exe

Resource

win10v2004-20240426-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral17

Sample

jiasuqiEx.exe

Resource

win7-20231129-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral18

Sample

jiasuqiEx.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral19

Sample

jsqService.exe

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

jsqService.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral21

Sample

mgwz.dll

Resource

win7-20240508-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral22

Sample

mgwz.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral23

Sample

msvcp100.dll

Resource

win7-20240508-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral24

Sample

msvcp100.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral25

Sample

msvcr100.dll

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral26

Sample

msvcr100.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

2 signatures

150 seconds

Report Analysis Logs

General

Target

aysocks5.exe
Size

885KB
MD5

90e72aee2ba09fc893428b0f67686aa3
SHA1

506729f2dcf21a9a017ca01fb8ec00c1c4fb6399
SHA256

63b84924166792cc5ff197ba5755ea18b8495ef79c53bcee723e43f6eb8e9a28
SHA512

6c59e3735c00fff70c5a0e8610a8628c7158d85f5a1a3c6623e3bc3a6edd7427cb1971b08a6b362c025b22d645fff76a1f2ee57e148e48aa82c0a85548eff19f
SSDEEP

12288:AUaubFaHOz1FSJ3bGG50GfCIYId6lQeNC1ZPwo4FVwgS2aUniw/J3Y:YIFa81FCrHiIdd6G71pwxAw/6

Score

1^/10

Malware Config

Signatures

Processes

C:\Users\Admin\AppData\Local\Temp\aysocks5.exe
"C:\Users\Admin\AppData\Local\Temp\aysocks5.exe"
1⤵
PID:3012

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4220 --field-trial-handle=2284,i,9807419199535700662,2319175108930815708,262144 --variations-seed-version /prefetch:8
1⤵
PID:3400

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy