39ad1fc25ecf055851c8cb19dd6386dcafd286f44961f43ef7ce381cc8654f39 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

5e4ba383b7...18.exe

windows7-x64

7

5e4ba383b7...18.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ib.dll

windows7-x64

3

$PLUGINSDI...ib.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$R0.dll

windows7-x64

1

$R0.dll

windows10-2004-x64

1

$R2/NSIS.L...2_.exe

windows7-x64

1

$R2/NSIS.L...2_.exe

windows10-2004-x64

1

$SYSDIR/DWSHK80.dll

windows7-x64

1

$SYSDIR/DWSHK80.dll

windows10-2004-x64

1

$SYSDIR/MSVBVM60.dll

windows7-x64

1

$SYSDIR/MSVBVM60.dll

windows10-2004-x64

1

$SYSDIR/VB6KO.dll

windows7-x64

1

$SYSDIR/VB6KO.dll

windows10-2004-x64

1

$SYSDIR/dwsbc80.dll

windows7-x64

1

$SYSDIR/dwsbc80.dll

windows10-2004-x64

1

$SYSDIR/dw...80.dll

windows7-x64

1

$SYSDIR/dw...80.dll

windows10-2004-x64

1

UrlUpdate.exe

windows7-x64

7

UrlUpdate.exe

windows10-2004-x64

7

efbbar.dll

windows7-x64

1

efbbar.dll

windows10-2004-x64

1

efsbar.dll

windows7-x64

1

efsbar.dll

windows10-2004-x64

1

iewindow.exe

windows7-x64

1

iewindow.exe

windows10-2004-x64

1

nnlogon.exe

windows7-x64

1

nnlogon.exe

windows10-2004-x64

1

Analysis

max time kernel
142s
max time network
132s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
20/07/2024, 00:19

Sharing

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

5e4ba383b74bb5a7690b76100bc3e96b_JaffaCakes118.exe

Resource

win7-20240708-en

adware discovery stealer

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

5e4ba383b74bb5a7690b76100bc3e96b_JaffaCakes118.exe

Resource

win10v2004-20240709-en

adware discovery stealer

windows10-2004-x64

15 signatures

150 seconds

Behavioral task

behavioral3

Sample

$PLUGINSDIR/System.dll

Resource

win7-20240708-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral4

Sample

$PLUGINSDIR/System.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral5

Sample

$PLUGINSDIR/TypeLib.dll

Resource

win7-20240704-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral6

Sample

$PLUGINSDIR/TypeLib.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral7

Sample

$PLUGINSDIR/nsExec.dll

Resource

win7-20240708-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral8

Sample

$PLUGINSDIR/nsExec.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral9

Sample

$R0.dll

Resource

win7-20240704-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral10

Sample

$R0.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral11

Sample

$R2/NSIS.Library.RegTool.v3.$_2_.exe

Resource

win7-20240708-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

$R2/NSIS.Library.RegTool.v3.$_2_.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

$SYSDIR/DWSHK80.dll

Resource

win7-20240708-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral14

Sample

$SYSDIR/DWSHK80.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral15

Sample

$SYSDIR/MSVBVM60.dll

Resource

win7-20240704-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral16

Sample

$SYSDIR/MSVBVM60.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral17

Sample

$SYSDIR/VB6KO.dll

Resource

win7-20240704-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

$SYSDIR/VB6KO.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

$SYSDIR/dwsbc80.dll

Resource

win7-20240708-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral20

Sample

$SYSDIR/dwsbc80.dll

Resource

win10v2004-20240704-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral21

Sample

$SYSDIR/dwshengine80.dll

Resource

win7-20240705-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral22

Sample

$SYSDIR/dwshengine80.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral23

Sample

UrlUpdate.exe

Resource

win7-20240704-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral24

Sample

UrlUpdate.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

10 signatures

150 seconds

Behavioral task

behavioral25

Sample

efbbar.dll

Resource

win7-20240704-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral26

Sample

efbbar.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral27

Sample

efsbar.dll

Resource

win7-20240704-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral28

Sample

efsbar.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral29

Sample

iewindow.exe

Resource

win7-20240705-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral30

Sample

iewindow.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral31

Sample

nnlogon.exe

Resource

win7-20240708-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

nnlogon.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

$SYSDIR/VB6KO.dll
Size

99KB
MD5

84742b5754690ed667372be561cf518d
SHA1

ef97aa43f804f447498568fc33704800b91a7381
SHA256

52b64e2bfc9ee0b807f2095726ace9e911bcd907054ac15686a4e7d2fd4dc751
SHA512

72ac19a3665a01519dac2ad43eb6178a66ad7f4e167f2a882cbca242978f8debe3e15d0e210c3b0391590699999f33a1fd5de4ca6559ff894b4e6cb4ac1415a0
SSDEEP

768:J2rURM7RMwTQvsF51u5tyxwgyBEkLki6Ynb:J2rwWRjM0FCagQi6Yb

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\$SYSDIR\VB6KO.dll,#1
1⤵
PID:1008

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy