General

  • Target

    2c65ba1fa394cf4d125f535d66fb6a15c7efe6dcf40ac6853306a90dc2f83efb

  • Size

    6.4MB

  • Sample

    231127-yr6ltacf29

  • MD5

    babd15d464b2c8ca287a198ee64b9ccc

  • SHA1

    3464752830d146a1ab3ffb173815441f9e2bef8f

  • SHA256

    2c65ba1fa394cf4d125f535d66fb6a15c7efe6dcf40ac6853306a90dc2f83efb

  • SHA512

    4a8b92f4eed59f15f5cf58b80caef28bf9c55a96dbd1dd600d2e86682aee3537c1078c35bb99ca2ec9dd6b8723072aa7275b7db6a9896ee6261a944757e5729e

  • SSDEEP

    196608:WH+DxTVIHjxWL70Pd/QiGNUbxmup//AeWCUvm:w+DxIV67Wd5G+bxmAWRvm

Score
1/10

Malware Config

Targets

    • Target

      qux/action/load.php

    • Size

      1KB

    • MD5

      b7899c1a4870ddf932bd04dd98285f48

    • SHA1

      32d03b116f7aa4e7b69886e145d36ea5bcaf407e

    • SHA256

      8fbd34b43e2474ed5bc86103d6e0cdef1fb649f74f8abddc9cf9afa9c2a970a9

    • SHA512

      3bffca4aecb7c852a469d81e4b7b7444d0a229543dd3ba81cf7f8232fcb2fe6aaefd498c5768700864f594af25051f0d901710165ce02bf7e346968116cb4237

    Score
    1/10
    • Target

      qux/error.php

    • Size

      2KB

    • MD5

      30440266daed5be35f56056061ae25c7

    • SHA1

      33a4260589e4aacb0bf931af93d2715d90b9eeb4

    • SHA256

      d245b8911a421a5406acda037aee5762e4fdb09b5e7c2b8fb4c386304995840e

    • SHA512

      dc76f70784305ffd208f5ec90677d3e441ccbd3e9fcd06de2208b5b31f0e665e1c29f43b5351b7da55ca93fb8628cf5a7813a7654a7c4f023113d2d28eafb533

    Score
    1/10
    • Target

      qux/footer.php

    • Size

      7KB

    • MD5

      ecb82e1b4d30b7ac5d4403778cb610d7

    • SHA1

      693d52ac95de2ecf8c62f16f42911a3d3807e5fa

    • SHA256

      916cb5729cce09ebc4bb49ddd5ad5c87b8d814161dd10dd7e173585827a6f64f

    • SHA512

      7474bd787444c572285ecf5fbbd2c284f02845a65a5913cab3b6705ec39bb156f2caa8b42a05332b59fa29b1c5e84cefff6a06aede53b117defae6fa1763e702

    • SSDEEP

      96:d1c9EWalQFFEEOEb0fzZ7Rbx8i9ip8XGsPbra/F0WbOTWkQNLK/7nQbnMn/PADbb:dw4k90fzw6g/K/T/e8gm0gvWTEk9Jz

    Score
    1/10
    • Target

      qux/func/forum.php

    • Size

      19KB

    • MD5

      7e630c1ea899a61039baa262d1c50376

    • SHA1

      9d1e7d91c51ae2735b7a71930aeba0345455e89b

    • SHA256

      a8039646ee6d2f489c21d5de7c0ff7223912a8190591b56f6843fa4ad710ce48

    • SHA512

      e6f9dadf3fe5d980647370978fca788e099d07b3c3271bde22cb97d533d2cb9e34b5614993b3c5f28f5b8db41c1b79c74b6a857c0c15a1d2b3ab179c0cf68ee4

    • SSDEEP

      384:G0PfFp0F/dCqtQ56pDMDGBAGS5wOAQm6LU2Oefk:G0PdGtQ56pwDGBAoRp

    Score
    1/10
    • Target

      qux/func/functions-admin.php

    • Size

      24KB

    • MD5

      e38e59f15c82cd9f156086815aa7f368

    • SHA1

      09b6d2b86093df639f954c3b857f4ce667234add

    • SHA256

      0114dd0a3fd38630cd956c6fa709fd763f5ba868adc4d137eae71dacf0ca387b

    • SHA512

      12e3be947d65a5032b13fd9f54945c826eb32ed217c00c3808577fca4771029031a165fdac8e70c34b56caaf3a9a73298333202fbff1e1b475e7c383042c9096

    • SSDEEP

      384:1NbIgFS2cDspWejg9P2nDspWeJgRPFcDspWeHywEYktpccDspWePEYktJinDspWW:1NbBFo9qRvy/YktZYktfYks3K

    Score
    1/10
    • Target

      qux/func/functions.php

    • Size

      89KB

    • MD5

      161e897be48e7e9ebfa24ce6b674a030

    • SHA1

      79eadf482f52aba96d36d5494e14dfaa84fcfd59

    • SHA256

      90237d7f47c046c436405cb503d3cc30311826806a795665b013b54b82e0f617

    • SHA512

      3f6d4d3c2d83028a13a2b9b23bd07dce2ea25c552059ec1c8a125063b6d4658964ae26c2330f84dbee839933945a1a09e02048bf0bcb1fcf8f045d17830cc41f

    • SSDEEP

      1536:/m6mbd0i2mTIEydgDj2814C5CUfAe6RnbER1jyNcjK6y6cLbqMZ0dO/OEem+1+n4:/m6mZ0i9MEydgDj2J9e6RnbER1jyNcmg

    Score
    1/10
    • Target

      qux/func/ip2c/ip2c.php

    • Size

      7KB

    • MD5

      6046e2065c175949a3e937dcdc5c0be5

    • SHA1

      fa2eaa5291ab51056baf50b11f5cdaa2ee1044bf

    • SHA256

      bae293e48ed9044427dae3deed76bd0f7adf5b38c7ae9e21eeedcae176f27eeb

    • SHA512

      2e45fcac033b761c5352a360d57587ec07e0174512918d62fff2d7aff4e9c940a67315f1813b397591dcac48390b2ce4effae47734430d8b239b937b1f567c00

    • SSDEEP

      192:4sF7psh0D1DQZqylZDO6uGW+2rCRrV16DtOzc8DCzp:4sFMZBn6ZS1up

    Score
    1/10
    • Target

      qux/func/phpqrcode/phpqrcode.php

    • Size

      118KB

    • MD5

      5d6fa18048ed122bc94aec4f88b173d0

    • SHA1

      1a6c460c0421f2deb5a787efac907f748912e27d

    • SHA256

      291332fcc8d67e1bddb4253a7c26042d98250f0966af07b77cdc7f4d56b7bc36

    • SHA512

      27c458834c569c2e9a4d6209eec50354b15fd3a5df4e7d7286226c6188f080a4c92e600aad331e940ef887b40d69e1211652fb93c0382e8727514f8d92a52fb4

    • SSDEEP

      1536:Zwckp9Dxf0/0/0/3CwE/FoQ0vpm2vKUvP4k/vej3Sewbg9RgvDpD:vkIv3/63SewbbZ

    Score
    1/10
    • Target

      qux/func/shop.php

    • Size

      53KB

    • MD5

      7ffd0fb640007f4625f1e3ba735521b3

    • SHA1

      64f54d1e0a6f279a7f7858c5408b75ff15fb07f7

    • SHA256

      f241a83818703c69584495719b152dea916abd9e6941fcb30610ad7a4f8881b1

    • SHA512

      1e6cead0455c9f5cde50b5e7b958c526543e619d3c2c63c2363f2dca3a30cebb0e85a0efa3c223cc7b8d7ae7e56a2fc65fc6a3297fc2ec650a8f9544b64ab892

    • SSDEEP

      768:BUKefArwUzvl3TVkYOJltjkrq4GRupV/eBQlmQE8eNO9z7lNmGc2+ySs:RJwUzhTVkYIltjkfh/ek7dlNmG7+ySs

    Score
    1/10
    • Target

      qux/func/timthumb.php

    • Size

      50KB

    • MD5

      5fbcea5fbfedb96c06f9fab6a0aff8a5

    • SHA1

      7297ae424d0a1ca0e67957fe2c90c5f198e43736

    • SHA256

      d7e70b8fbbfec89ff0de17eab55c8796a24bfb5069e6be4a138b35d7d5bb3d3a

    • SHA512

      254ce05b66016212f302b06da6e3dcc2eec9c1ba067f4a3a0b359a71cbb5dcc90d8a98a0f171b972b35779de7e60f08117b3ed7fcf5d55e5d6c51625faa92d8d

    • SSDEEP

      768:j5S596ip2M7+57/4SzF3+N9Rt8zQAPmNS92GE2L9j7xsgR+wD:j5O9L7m7/4FN9RtwQA+Ng7xsS+wD

    Score
    1/10
    • Target

      qux/func/tools/codemirror_js/clike.js

    • Size

      9KB

    • MD5

      8a8d603f106c1e8b6ea08aead595225a

    • SHA1

      d5bf828fd238e1bf9be81ff43b1575318b39d677

    • SHA256

      f23b10db1d1995b8a811fc394a113af0c15eb9b54721ed1feb099ce675e1816d

    • SHA512

      ad86bc1c26bf1b13fdfcba55647168f7c47fd90de068b4598c5ccd3ef011298eacc667ca959e7c8fc9334733568bd306a09e4b653f312e98d5dacb1b76a3c043

    • SSDEEP

      192:vGGkk3Llt7+e5jKF1xT9DHJqePcJgp6bgX/9E9AJE2/HYEQp:vIOlpZqjqHJgp6bgX/9E9Ae2/HYEQp

    Score
    1/10
    • Target

      qux/func/tools/codemirror_js/codemirror.js

    • Size

      89KB

    • MD5

      3d700758315aa9e8d03f734249d85976

    • SHA1

      196cf6d1342d13f75966dfebdb2a4e0c7e2a0691

    • SHA256

      2ebfa5b5ae0ba3c644f363c83ea17aa760cf717d642dbb0ddc6641e29da93a6f

    • SHA512

      81d338af969ceb8fd36030abd1dc3a6045fd3f1c85949074f77c0db91a8482a98d8ebbfa2a44d9e76cdcbf283d2d12280d039515562624e17d7800cbe853388d

    • SSDEEP

      768:66CyXfgHj5U38RomQ22T6gyfm3UjedRW2x0StCG6TUtsWS6m4MBrzC5uVW6zPyqW:8HL1AKXWS6mCVJWX311dRp6+76W9BJu

    Score
    1/10
    • Target

      qux/func/tools/codemirror_js/css.js

    • Size

      3KB

    • MD5

      bcaf15be111bdac95b06dc51fa853d17

    • SHA1

      ac1beef4e0e3201944af235fafeab0c3f8c3b69c

    • SHA256

      9226ddac9e399d80e5ba129d168595332559140cb2b69b8ae88f13ac08d504b2

    • SHA512

      c4afc4e2d6fbf8dc529606aceb375e2ea705dac17fd684840a64192328e0a4f1a7b92f38d7c224c5d675cd9df6a62484eef41eccdeece88074a6f03bd27b367b

    Score
    1/10
    • Target

      qux/func/tools/codemirror_js/htmlmixed.js

    • Size

      2KB

    • MD5

      e47a7e4cfdaa70dcedb6fb424dc66be7

    • SHA1

      17c73f98c80c4e3a063f7c31794195ea866a0300

    • SHA256

      46f084aba13dea68a1fa702821caefbf260d171a6e9927b36c5f8aad5b9a207a

    • SHA512

      eaddacb4e512466f67d38e13282db2abbee31f546b30c889f6d18bd4faa0179748257e5c9b237a638a1b5c36fabc249b2f6dd420c6ff8c67e823ff88c411d55a

    Score
    1/10
    • Target

      qux/func/tools/codemirror_js/javascript.js

    • Size

      12KB

    • MD5

      5221f388883371e41daeafd05d532ad3

    • SHA1

      8e32590581000bf403c052d25b3e27fbef3f0b71

    • SHA256

      42e099ff8effd2d2b74a71c30e6c3973350c8716b9a7dddc69962eda93059401

    • SHA512

      417090145d0ea09a252bd1632c16c5145730eec62ff517d735111aca2fa4b76745dc6999a178c1f1cca93f89989612ec5f4477afc6e57e014b2574ff718248ff

    • SSDEEP

      192:jXToNbv+Qq2YF7YgCXLzCeDr7pCwPngUmu9eN4LUY1AY9+Q6IaWki0XdXD4XTBWX:jeTQnF7EW7UD2WQXiXg5C7IMo

    Score
    1/10
    • Target

      qux/func/tools/codemirror_js/php.js

    • Size

      4KB

    • MD5

      553824953eb41779ebf8404362b00a6b

    • SHA1

      5c92d2063a8cc5c08fd50fc63be1f625c90d8874

    • SHA256

      3ea5649b8f8099f2b1be0288ea33a7736c5f4531e32808f85bf1e6774255366a

    • SHA512

      ed7473728f8edeb8957b1a7ccec73506d55948a71f02fb3720779852648c35088b41574df6495db9d99a2f765ec43034e65efea9207257f7d4c4a08fad9b76d7

    • SSDEEP

      96:xMxeL0Q5s0sbBV64ioPK0doSk/t9FYqpAtZ54Op2tr5mJGtfmlgHkeZbKNbpeIPM:xmeL0Q5s0IBV64iAK0doSk/t9uqpAtZM

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks