Overview
overview
7Static
static
76ef1d989e7...18.exe
windows7-x64
76ef1d989e7...18.exe
windows10-2004-x64
7$PLUGINSDI...st.dll
windows7-x64
1$PLUGINSDI...st.dll
windows10-2004-x64
1$PLUGINSDI...LL.dll
windows7-x64
3$PLUGINSDI...LL.dll
windows10-2004-x64
3$PLUGINSDI...dl.dll
windows7-x64
3$PLUGINSDI...dl.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...c3.dll
windows7-x64
3$PLUGINSDI...c3.dll
windows10-2004-x64
3$PLUGINSDI...te.dll
windows7-x64
3$PLUGINSDI...te.dll
windows10-2004-x64
3$PLUGINSDI...gs.dll
windows7-x64
3$PLUGINSDI...gs.dll
windows10-2004-x64
3$PLUGINSDI...it.dll
windows7-x64
7$PLUGINSDI...it.dll
windows10-2004-x64
7Analysis
-
max time kernel
118s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
24-05-2024 15:14
Behavioral task
behavioral1
Sample
6ef1d989e7dcd5a1fd9174964fcdd820_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
6ef1d989e7dcd5a1fd9174964fcdd820_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/DlgHost.dll
Resource
win7-20240508-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/DlgHost.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/KillProcDLL.dll
Resource
win7-20240508-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/KillProcDLL.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/NSISdl.dll
Resource
win7-20240508-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/NSISdl.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240215-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral11
Sample
$PLUGINSDIR/inetc3.dll
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
$PLUGINSDIR/inetc3.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral13
Sample
$PLUGINSDIR/locate.dll
Resource
win7-20240221-en
Behavioral task
behavioral14
Sample
$PLUGINSDIR/locate.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral15
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win7-20240215-en
Behavioral task
behavioral16
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral17
Sample
$PLUGINSDIR/nsRichEdit.dll
Resource
win7-20240419-en
Behavioral task
behavioral18
Sample
$PLUGINSDIR/nsRichEdit.dll
Resource
win10v2004-20240508-en
General
-
Target
$PLUGINSDIR/DlgHost.dll
-
Size
4KB
-
MD5
4854b7f2d2d6d0a9ec91b23c3e89d455
-
SHA1
a10f0a888e1141107d98b82c5edeb5ed9039f0ec
-
SHA256
6260243b980908200620a89a4f0fc97b51363339985d57ba46fd70774f47f220
-
SHA512
f6f1cc714fe936b5413d954930e5de3f19c7f3bde17f99bd70718cad45d8a09e26d01664b3f75c5a0ce456d5a52966d3c1ff9043bba3ca90aa09eec50b665201
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes:
rundll32.exedescription pid process target process PID 1740 wrote to memory of 2804 1740 rundll32.exe rundll32.exe PID 1740 wrote to memory of 2804 1740 rundll32.exe rundll32.exe PID 1740 wrote to memory of 2804 1740 rundll32.exe rundll32.exe PID 1740 wrote to memory of 2804 1740 rundll32.exe rundll32.exe PID 1740 wrote to memory of 2804 1740 rundll32.exe rundll32.exe PID 1740 wrote to memory of 2804 1740 rundll32.exe rundll32.exe PID 1740 wrote to memory of 2804 1740 rundll32.exe rundll32.exe