Overview
overview
7Static
static
32f7152879d...18.exe
windows7-x64
72f7152879d...18.exe
windows10-2004-x64
7$PLUGINSDI...sg.dll
windows7-x64
1$PLUGINSDI...sg.dll
windows10-2004-x64
1$PLUGINSDI...am.dll
windows7-x64
3$PLUGINSDI...am.dll
windows10-2004-x64
3$PLUGINSDI...ew.dll
windows7-x64
3$PLUGINSDI...ew.dll
windows10-2004-x64
3$PLUGINSDI...ug.dll
windows7-x64
3$PLUGINSDI...ug.dll
windows10-2004-x64
3$PLUGINSDI...ns.dll
windows7-x64
1$PLUGINSDI...ns.dll
windows10-2004-x64
1$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...ta.dll
windows7-x64
3$PLUGINSDI...ta.dll
windows10-2004-x64
3$PLUGINSDI...LL.dll
windows7-x64
1$PLUGINSDI...LL.dll
windows10-2004-x64
1$PLUGINSDI...te.dll
windows7-x64
1$PLUGINSDI...te.dll
windows10-2004-x64
1$PLUGINSDI...gr.dll
windows7-x64
3$PLUGINSDI...gr.dll
windows10-2004-x64
3$PLUGINSDI...ec.dll
windows7-x64
3$PLUGINSDI...ec.dll
windows10-2004-x64
3$PLUGINSDI...nd.dll
windows7-x64
3$PLUGINSDI...nd.dll
windows10-2004-x64
3$PLUGINSDIR/stack.dll
windows7-x64
3$PLUGINSDIR/stack.dll
windows10-2004-x64
3$PLUGINSDIR/xml.dll
windows7-x64
3$PLUGINSDIR/xml.dll
windows10-2004-x64
3CVAutoUpdate.exe
windows7-x64
1CVAutoUpdate.exe
windows10-2004-x64
1Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system -
submitted
09/07/2024, 07:17
Static task
static1
Behavioral task
behavioral1
Sample
2f7152879dda858d5373f07318bc4415_JaffaCakes118.exe
Resource
win7-20240705-en
windows7-x64
Behavioral task
behavioral2
Sample
2f7152879dda858d5373f07318bc4415_JaffaCakes118.exe
Resource
win10v2004-20240704-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
$PLUGINSDIR/CleanVMsg.dll
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral4
Sample
$PLUGINSDIR/CleanVMsg.dll
Resource
win10v2004-20240704-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
$PLUGINSDIR/DLLWaitForKillProgram.dll
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral6
Sample
$PLUGINSDIR/DLLWaitForKillProgram.dll
Resource
win10v2004-20240708-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
$PLUGINSDIR/DLLWebCount_new.dll
Resource
win7-20240708-en
windows7-x64
Behavioral task
behavioral8
Sample
$PLUGINSDIR/DLLWebCount_new.dll
Resource
win10v2004-20240704-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
$PLUGINSDIR/FILEDownPlug.dll
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral10
Sample
$PLUGINSDIR/FILEDownPlug.dll
Resource
win10v2004-20240704-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
$PLUGINSDIR/IEFunctions.dll
Resource
win7-20240708-en
windows7-x64
Behavioral task
behavioral12
Sample
$PLUGINSDIR/IEFunctions.dll
Resource
win10v2004-20240704-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral14
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240704-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
$PLUGINSDIR/IsVista.dll
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral16
Sample
$PLUGINSDIR/IsVista.dll
Resource
win10v2004-20240708-en
windows10-2004-x64
Behavioral task
behavioral17
Sample
$PLUGINSDIR/KillProcDLL.dll
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral18
Sample
$PLUGINSDIR/KillProcDLL.dll
Resource
win10v2004-20240704-en
windows10-2004-x64
Behavioral task
behavioral19
Sample
$PLUGINSDIR/SelfDelete.dll
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral20
Sample
$PLUGINSDIR/SelfDelete.dll
Resource
win10v2004-20240708-en
windows10-2004-x64
Behavioral task
behavioral21
Sample
$PLUGINSDIR/UserMgr.dll
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral22
Sample
$PLUGINSDIR/UserMgr.dll
Resource
win10v2004-20240704-en
windows10-2004-x64
Behavioral task
behavioral23
Sample
$PLUGINSDIR/nsExec.dll
Resource
win7-20240705-en
windows7-x64
Behavioral task
behavioral24
Sample
$PLUGINSDIR/nsExec.dll
Resource
win10v2004-20240704-en
windows10-2004-x64
Behavioral task
behavioral25
Sample
$PLUGINSDIR/processes_second.dll
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral26
Sample
$PLUGINSDIR/processes_second.dll
Resource
win10v2004-20240704-en
windows10-2004-x64
Behavioral task
behavioral27
Sample
$PLUGINSDIR/stack.dll
Resource
win7-20240705-en
windows7-x64
Behavioral task
behavioral28
Sample
$PLUGINSDIR/stack.dll
Resource
win10v2004-20240704-en
windows10-2004-x64
Behavioral task
behavioral29
Sample
$PLUGINSDIR/xml.dll
Resource
win7-20240705-en
windows7-x64
Behavioral task
behavioral30
Sample
$PLUGINSDIR/xml.dll
Resource
win10v2004-20240704-en
windows10-2004-x64
Behavioral task
behavioral31
Sample
CVAutoUpdate.exe
Resource
win7-20240705-en
windows7-x64
Behavioral task
behavioral32
Sample
CVAutoUpdate.exe
Resource
win10v2004-20240708-en
windows10-2004-x64
General
-
Target
$PLUGINSDIR/CleanVMsg.dll
-
Size
40KB
-
MD5
3170cf201ca067197084ea33035038ef
-
SHA1
8f3cb810f1d1e255d6d6e824e5cfd41552f6e5da
-
SHA256
01fa586eec4708e3028dfb276c94f63c44eddc556b022a0bce8e132ea1948597
-
SHA512
e1bff237e03751f4176c94c6d2684479d577cc7cec3691375d5ec34c8d015e26fef0e305f5a2b10c463e982323d936988168dc5071f3cd8090a0f7fbee72f3e3
-
SSDEEP
384:+P4rbSlT57iuBjR6cC7Xx4r7ruc8/l3jyuhSvr1OWuf+cA/8okdZO:LyTBiufqx4r2RjrSz1OWj/8oH
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 2196 wrote to memory of 2300 2196 rundll32.exe 30 PID 2196 wrote to memory of 2300 2196 rundll32.exe 30 PID 2196 wrote to memory of 2300 2196 rundll32.exe 30 PID 2196 wrote to memory of 2300 2196 rundll32.exe 30 PID 2196 wrote to memory of 2300 2196 rundll32.exe 30 PID 2196 wrote to memory of 2300 2196 rundll32.exe 30 PID 2196 wrote to memory of 2300 2196 rundll32.exe 30