Overview
overview
3Static
static
33195bccc89...18.exe
windows7-x64
33195bccc89...18.exe
windows10-2004-x64
3$PLUGINSDI...ad.dll
windows7-x64
3$PLUGINSDI...ad.dll
windows10-2004-x64
3$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDIR/Util.dll
windows7-x64
3$PLUGINSDIR/Util.dll
windows10-2004-x64
3Generic.exe
windows7-x64
1Generic.exe
windows10-2004-x64
1comdlg32.dll
windows7-x64
1comdlg32.dll
windows10-2004-x64
1oledlg.dll
windows7-x64
1oledlg.dll
windows10-2004-x64
1poinstallerv4.exe
windows7-x64
1poinstallerv4.exe
windows10-2004-x64
1wininet.dll
windows7-x64
1wininet.dll
windows10-2004-x64
1Analysis
-
max time kernel
122s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20240705-en -
resource tags
arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system -
submitted
09-07-2024 19:00
Static task
static1
Behavioral task
behavioral1
Sample
3195bccc89f2d79e5f806474e2995706_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
3195bccc89f2d79e5f806474e2995706_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/InetLoad.dll
Resource
win7-20240708-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/InetLoad.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240704-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240708-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/Util.dll
Resource
win7-20240704-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/Util.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral11
Sample
Generic.exe
Resource
win7-20240704-en
Behavioral task
behavioral12
Sample
Generic.exe
Resource
win10v2004-20240709-en
Behavioral task
behavioral13
Sample
comdlg32.dll
Resource
win7-20240708-en
Behavioral task
behavioral14
Sample
comdlg32.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral15
Sample
oledlg.dll
Resource
win7-20240704-en
Behavioral task
behavioral16
Sample
oledlg.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral17
Sample
poinstallerv4.exe
Resource
win7-20240705-en
Behavioral task
behavioral18
Sample
poinstallerv4.exe
Resource
win10v2004-20240709-en
Behavioral task
behavioral19
Sample
wininet.dll
Resource
win7-20240705-en
Behavioral task
behavioral20
Sample
wininet.dll
Resource
win10v2004-20240709-en
General
-
Target
wininet.dll
-
Size
562KB
-
MD5
91b32b95a072ec20c3bbe6aca92227e0
-
SHA1
98cdffa397b38ae763f7f9d361671ca76d38d4b9
-
SHA256
1b30345659c6592efb084688787fff143d73896b4c526ced968b617e19b8a2d1
-
SHA512
4ab33691233fc0bdae281bbe61f0636a75f638a5a5dd7a92f5b85aeb2007d5c6555d40c72d91135e225d52013171fefda9bf0267f4aa65c7e82f5b2367f0ada4
-
SSDEEP
12288:paxHIJAojbQGHEgA4ifS2p/DE47NDhf9uGgh6:paNIVjbQ1K2p/Hxtf9Fgh
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 3024 wrote to memory of 1620 3024 rundll32.exe 30 PID 3024 wrote to memory of 1620 3024 rundll32.exe 30 PID 3024 wrote to memory of 1620 3024 rundll32.exe 30 PID 3024 wrote to memory of 1620 3024 rundll32.exe 30 PID 3024 wrote to memory of 1620 3024 rundll32.exe 30 PID 3024 wrote to memory of 1620 3024 rundll32.exe 30 PID 3024 wrote to memory of 1620 3024 rundll32.exe 30