84ba766b1f292df812017d9c8549bd1026fbdd12b3eabe0e9ad491774f175ab8 | Triage

Submit
Reports

Overview

overview

Static

static

6b9d5ed62b...18.exe

windows7-x64

7

6b9d5ed62b...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDIR/inetc.dll

windows7-x64

3

$PLUGINSDIR/inetc.dll

windows10-2004-x64

3

AutoUpdaterUI.exe

windows7-x64

3

AutoUpdaterUI.exe

windows10-2004-x64

3

Autoupdate...te.dll

windows7-x64

5

Autoupdate...te.dll

windows10-2004-x64

5

Autoupdate...er.exe

windows7-x64

3

Autoupdate...er.exe

windows10-2004-x64

3

Bind/AVCheck.dll

windows7-x64

3

Bind/AVCheck.dll

windows10-2004-x64

3

Bind/GetAV.exe

windows7-x64

6

Bind/GetAV.exe

windows10-2004-x64

6

Bind/HTTPD...UI.exe

windows7-x64

3

Bind/HTTPD...UI.exe

windows10-2004-x64

3

DevCfg.dll

windows7-x64

5

DevCfg.dll

windows10-2004-x64

5

DockHelp.dll

windows7-x64

3

DockHelp.dll

windows10-2004-x64

3

DockHelpex.dll

windows7-x64

3

DockHelpex.dll

windows10-2004-x64

3

DriveTheLife.exe

windows7-x64

DriveTheLife.exe

windows10-2004-x64

hdaudbus.sys

windows7-x64

1

hdaudbus.sys

windows10-2004-x64

1

Drivers/wn...UI.dll

windows7-x64

3

Drivers/wn...UI.dll

windows10-2004-x64

3

Drivers/wn...SP.dll

windows7-x64

3

Drivers/wn...SP.dll

windows10-2004-x64

3

Analysis

max time kernel
129s
max time network
103s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
22-10-2024 18:33

Sharing

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

6b9d5ed62bf77ebcf1d9a4ce12eeef6f_JaffaCakes118.exe

Resource

win7-20240729-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

6b9d5ed62bf77ebcf1d9a4ce12eeef6f_JaffaCakes118.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral3

Sample

$PLUGINSDIR/InstallOptions.dll

Resource

win7-20240729-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral4

Sample

$PLUGINSDIR/InstallOptions.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral5

Sample

$PLUGINSDIR/inetc.dll

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral6

Sample

$PLUGINSDIR/inetc.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral7

Sample

AutoUpdaterUI.exe

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral8

Sample

AutoUpdaterUI.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral9

Sample

Autoupdater/CheckUpdate.dll

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral10

Sample

Autoupdater/CheckUpdate.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral11

Sample

Autoupdater/DTLUpdater.exe

Resource

win7-20241010-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral12

Sample

Autoupdater/DTLUpdater.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral13

Sample

Bind/AVCheck.dll

Resource

win7-20240729-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral14

Sample

Bind/AVCheck.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral15

Sample

Bind/GetAV.exe

Resource

win7-20240903-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral16

Sample

Bind/GetAV.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral17

Sample

Bind/HTTPDownloadUI.exe

Resource

win7-20240903-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral18

Sample

Bind/HTTPDownloadUI.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral19

Sample

DevCfg.dll

Resource

win7-20240903-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral20

Sample

DevCfg.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral21

Sample

DockHelp.dll

Resource

win7-20240708-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral22

Sample

DockHelp.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral23

Sample

DockHelpex.dll

Resource

win7-20240903-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral24

Sample

DockHelpex.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral25

Sample

DriveTheLife.exe

Resource

win7-20241010-en

pandastealer bootkit discovery persistence privilege_escalation stealer

windows7-x64

17 signatures

150 seconds

Behavioral task

behavioral26

Sample

DriveTheLife.exe

Resource

win10v2004-20241007-en

pandastealer discovery persistence privilege_escalation stealer

windows10-2004-x64

14 signatures

150 seconds

Behavioral task

behavioral27

Sample

hdaudbus.sys

Resource

win7-20240729-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

hdaudbus.sys

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

Drivers/wnd7audio/SysFxUI.dll

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral30

Sample

Drivers/wnd7audio/SysFxUI.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral31

Sample

Drivers/wnd7audio/WMALFXGFXDSP.dll

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral32

Sample

Drivers/wnd7audio/WMALFXGFXDSP.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Report Analysis Logs

General

Target

hdaudbus.sys
Size

135KB
MD5

3fcc124b6e08ee0e9351f717dd136939
SHA1

4a4f29e427dc4a6e39eb43a12c78c4829711e86e
SHA256

ebfe0fb51e14570a1a1d64c8e5383f3ff28509361d13945b79a9c551eb522012
SHA512

6dc9a760b139f115392146c8831dccde15a18d7aea34d00e66700136364a190ee53d2d8bc875ce180d299ff165b725513f85065c9a7d7d8c57fbcdf62e2888a9
SSDEEP

3072:unARaxZAbEumXF/o4IYo4Y7BmWG2mWO+ueO+ueO+u7+HBm/i4zITL:unARaxKbJmXF/o4IYo4YtmWG2mWO+ueB

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\hdaudbus.sys
1⤵
PID:4164
- C:\Users\Admin\AppData\Local\Temp\hdaudbus.sys
  C:\Users\Admin\AppData\Local\Temp\hdaudbus.sys
  2⤵
  PID:2376

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2376-0-0x0000000000010000-0x0000000000035000-memory.dmp

Filesize
148KB

Download

© 2018-2024

Terms | Privacy