59b67eeb6aa51b1c7b3007a7e81eeec69768232fc098e749664eca8a179ff952 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

9977087a09...18.exe

windows7-x64

7

9977087a09...18.exe

windows10-2004-x64

7

$PLUGINSDI...on.dll

windows7-x64

3

$PLUGINSDI...on.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

FsmPreinst...nt.dll

windows7-x64

1

FsmPreinst...nt.dll

windows10-2004-x64

1

FsmPreinst...ib.dll

windows7-x64

1

FsmPreinst...ib.dll

windows10-2004-x64

1

FsmPreinst...s3.dll

windows7-x64

1

FsmPreinst...s3.dll

windows10-2004-x64

1

FsmPreinst...on.dll

windows7-x64

1

FsmPreinst...on.dll

windows10-2004-x64

1

FsmPreinst...eb.dll

windows7-x64

1

FsmPreinst...eb.dll

windows10-2004-x64

1

FsmPreinst...ol.dll

windows7-x64

1

FsmPreinst...ol.dll

windows10-2004-x64

1

FsmPreinst...on.dll

windows7-x64

1

FsmPreinst...on.dll

windows10-2004-x64

1

FsmPreinst...on.dll

windows7-x64

1

FsmPreinst...on.dll

windows10-2004-x64

1

FsmPreinst...er.exe

windows7-x64

1

FsmPreinst...er.exe

windows10-2004-x64

1

FsmPreinst...t2.dll

windows7-x64

1

FsmPreinst...t2.dll

windows10-2004-x64

1

FsmPreinst...on.dll

windows7-x64

1

FsmPreinst...on.dll

windows10-2004-x64

1

FsmPreinst...ct.dll

windows7-x64

1

FsmPreinst...ct.dll

windows10-2004-x64

1

FsmPreinst...t2.dll

windows7-x64

1

FsmPreinst...t2.dll

windows10-2004-x64

1

Analysis

max time kernel
148s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
05/06/2024, 22:57

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

9977087a0939b46a7ece8cccf526797b_JaffaCakes118.exe

Resource

win7-20240215-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

9977087a0939b46a7ece8cccf526797b_JaffaCakes118.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

10 signatures

150 seconds

Behavioral task

behavioral3

Sample

$PLUGINSDIR/GetVersion.dll

Resource

win7-20240220-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral4

Sample

$PLUGINSDIR/GetVersion.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral5

Sample

$PLUGINSDIR/UAC.dll

Resource

win7-20240508-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral6

Sample

$PLUGINSDIR/UAC.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral7

Sample

FsmPreinstaller/FirebirdSql.Data.FirebirdClient.dll

Resource

win7-20240215-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

FsmPreinstaller/FirebirdSql.Data.FirebirdClient.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

FsmPreinstaller/ICSharpCode.SharpZipLib.dll

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

FsmPreinstaller/ICSharpCode.SharpZipLib.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

FsmPreinstaller/Microsoft.Web.Services3.dll

Resource

win7-20240419-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

FsmPreinstaller/Microsoft.Web.Services3.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

FsmPreinstaller/Newtonsoft.Json.dll

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

FsmPreinstaller/Newtonsoft.Json.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

FsmPreinstaller/OrionWeb.dll

Resource

win7-20231129-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

FsmPreinstaller/OrionWeb.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

FsmPreinstaller/SmartThreadPool.dll

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

FsmPreinstaller/SmartThreadPool.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

FsmPreinstaller/SolarWinds.Common.dll

Resource

win7-20240508-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

FsmPreinstaller/SolarWinds.Common.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

FsmPreinstaller/SolarWinds.FSM.Common.dll

Resource

win7-20240419-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

FsmPreinstaller/SolarWinds.FSM.Common.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

FsmPreinstaller/SolarWinds.FSM.PreInstaller.exe

Resource

win7-20240508-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral24

Sample

FsmPreinstaller/SolarWinds.FSM.PreInstaller.exe

Resource

win10v2004-20240426-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

FsmPreinstaller/SolarWinds.InformationService.Contract2.dll

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

FsmPreinstaller/SolarWinds.InformationService.Contract2.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

FsmPreinstaller/SolarWinds.Internationalization.dll

Resource

win7-20231129-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

FsmPreinstaller/SolarWinds.Internationalization.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

FsmPreinstaller/SolarWinds.JobEngine.Contract.dll

Resource

win7-20240508-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

FsmPreinstaller/SolarWinds.JobEngine.Contract.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

FsmPreinstaller/SolarWinds.JobEngine.Contract2.dll

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

FsmPreinstaller/SolarWinds.JobEngine.Contract2.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

FsmPreinstaller/Microsoft.Web.Services3.dll
Size

864KB
MD5

e42998e3bb92e6696a82ef796efac507
SHA1

8202e573a8abedaaa138b3cef6135ce09c0e87e6
SHA256

5a7ca101fd8efe0006f2f69d786989adc968d82cea35d83e976fb12d9baace32
SHA512

8dacb1fdd97e2ffb2c12c553c28739eb8a85807341d7decd665fd05724713c8b8937100739585517361f788840ffd0e9baeafc6fc810016b7f5b1c1ad2d9494b
SSDEEP

12288:2I/k6m+BkysR2NF7hlx6U4xhN9K+Da0QNgXOQMtsokoUoAQWG+GimYyY8ocZ:9kysRgFtlx6nY+iUG+CYyYc

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\FsmPreinstaller\Microsoft.Web.Services3.dll,#1
1⤵
PID:4560

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy