Overview
overview
10Static
static
10d4164b1dab...05.exe
windows7-x64
3d4164b1dab...05.exe
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...gs.dll
windows7-x64
3$PLUGINSDI...gs.dll
windows10-2004-x64
3$TEMP/ulicense.rtf
windows7-x64
4$TEMP/ulicense.rtf
windows10-2004-x64
1FarmFrenzy...ca.exe
windows7-x64
9FarmFrenzy...ca.exe
windows10-2004-x64
9FarmFrenzy...rp.exe
windows7-x64
1FarmFrenzy...rp.exe
windows10-2004-x64
1JNGLoad.dll
windows7-x64
3JNGLoad.dll
windows10-2004-x64
3Squall.dll
windows7-x64
1Squall.dll
windows10-2004-x64
1htmlayout.dll
windows7-x64
9htmlayout.dll
windows10-2004-x64
9wrapper.dll
windows7-x64
9wrapper.dll
windows10-2004-x64
9Analysis
-
max time kernel
146s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240611-en -
resource tags
arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system -
submitted
30-06-2024 02:26
Behavioral task
behavioral1
Sample
d4164b1dab1337e28d3ce097a32b8635c893e1acaaf7136e745b90c44ee2cf05.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
d4164b1dab1337e28d3ce097a32b8635c893e1acaaf7136e745b90c44ee2cf05.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240508-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
$TEMP/ulicense.rtf
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
$TEMP/ulicense.rtf
Resource
win10v2004-20240508-en
Behavioral task
behavioral9
Sample
FarmFrenzy3_America.exe
Resource
win7-20240611-en
Behavioral task
behavioral10
Sample
FarmFrenzy3_America.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral11
Sample
FarmFrenzy3_America.wrp.exe
Resource
win7-20240220-en
Behavioral task
behavioral12
Sample
FarmFrenzy3_America.wrp.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral13
Sample
JNGLoad.dll
Resource
win7-20240419-en
Behavioral task
behavioral14
Sample
JNGLoad.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral15
Sample
Squall.dll
Resource
win7-20240508-en
Behavioral task
behavioral16
Sample
Squall.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral17
Sample
htmlayout.dll
Resource
win7-20240221-en
Behavioral task
behavioral18
Sample
htmlayout.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral19
Sample
wrapper.dll
Resource
win7-20240508-en
Behavioral task
behavioral20
Sample
wrapper.dll
Resource
win10v2004-20240611-en
General
-
Target
FarmFrenzy3_America.wrp.exe
-
Size
5.0MB
-
MD5
5443b67ebf77f2327f6904d2a4929427
-
SHA1
740d997dd8af072b2ea11fc16c3c96fe7d405403
-
SHA256
71ec15d0eedef28013fe72b6ab735f8eaf79351d26b69b7db0b22f5d1bafb0d3
-
SHA512
37d233cdd3c3d4e99e02e2bf7f4b83cd4dfdc9e7e1713e9a9143a7a03c5d97a96c4161809358d9764c75e4404eca759f6a747fdbc084dfdb00922ddd84f138a8
-
SSDEEP
98304:D6ISy4lkXJXwbr6raHv4k2W5vR/lhwkPCHM:D6ISy4lkXJARv4k2W5vRbwkx
Malware Config
Signatures
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
FarmFrenzy3_America.wrp.exepid process 1964 FarmFrenzy3_America.wrp.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1964-0-0x0000000000F10000-0x0000000000F97000-memory.dmpFilesize
540KB