Overview

overview

7

Static

static

6

tikiwiki-3...ts.ps1

windows7-x64

1

tikiwiki-3...ts.ps1

windows10-2004-x64

1

tikiwiki-3...se.vbs

windows7-x64

1

tikiwiki-3...se.vbs

windows10-2004-x64

1

tikiwiki-3...gs.ps1

windows7-x64

1

tikiwiki-3...gs.ps1

windows10-2004-x64

1

tikiwiki-3...ess.sh

ubuntu-18.04-amd64

3

tikiwiki-3...ess.sh

debian-9-armhf

7

tikiwiki-3...ess.sh

debian-9-mips

3

tikiwiki-3...ess.sh

debian-9-mipsel

3

tikiwiki-3...lib.js

windows7-x64

1

tikiwiki-3...lib.js

windows10-2004-x64

1

tikiwiki-3...one.js

windows7-x64

1

tikiwiki-3...one.js

windows10-2004-x64

1

tikiwiki-3...ity.js

windows7-x64

1

tikiwiki-3...ity.js

windows10-2004-x64

1

tikiwiki-3...nce.js

windows7-x64

1

tikiwiki-3...nce.js

windows10-2004-x64

1

tikiwiki-3...ess.js

windows7-x64

1

tikiwiki-3...ess.js

windows10-2004-x64

1

tikiwiki-3...tem.js

windows7-x64

1

tikiwiki-3...tem.js

windows10-2004-x64

1

tikiwiki-3...ger.js

windows7-x64

1

tikiwiki-3...ger.js

windows10-2004-x64

1

tikiwiki-3...er.ps1

windows7-x64

1

tikiwiki-3...er.ps1

windows10-2004-x64

1

tikiwiki-3...Viz.js

windows7-x64

1

tikiwiki-3...Viz.js

windows10-2004-x64

1

tikiwiki-3...ger.js

windows7-x64

1

tikiwiki-3...ger.js

windows10-2004-x64

1

tikiwiki-3...ase.js

windows7-x64

1

tikiwiki-3...ase.js

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cc23136195b10f6ea94b7991fba3bb11

  • Size

    12.7MB

  • Sample

    240315-xa78msaa45

  • MD5

    cc23136195b10f6ea94b7991fba3bb11

  • SHA1

    5acc3fb2c55533603037be51928bae7b3d68b781

  • SHA256

    d3b45048d1124284ca2bb608b1736fd279284283473727b3a2fe7f1bd496cd9e

  • SHA512

    481438e2f87f4a074e07b36b12489d3058666030ece91faba920d975a67cf2d6d0ca549182db7e7cffb420de5b6ac3418c1454273e270f317264544be3ea3234

  • SSDEEP

    393216:YKh9MTe6U0dtJAZrz0hUpqE6Q2lkzFxaL:TgTen0dcuGqE6Q22FxM

Score
7/10
evasionlinklinuxpdf

Malware Config

Targets

    • Target

      tikiwiki-3.2/comments.php

    • Size

      20KB

    • MD5

      ff5478c7bb0973d79e3a5ee01b9c7bf0

    • SHA1

      144a7860620d731dca256fd04870e3c61d0b2298

    • SHA256

      e798a22568c1cf26f510a2cf70ec4a2e8027b3b2c0eb8c2126d92357c3e4c77d

    • SHA512

      0b233b2bcc7ebf96befbc2d0ac1eb11af5a65c297ebc17b1e5918462dc25e69e7bba8bcb950b3ea52be2fba1b030ff3c6f04f8228c099efb0ea08ffc31b45ac2

    • SSDEEP

      192:5AmIzE52SvODZqFxkIi6BrOE0LzGQprvTIY74nYRBQM54csLIpMSbAGJOSsc:5j0VfGQBDtRBQM+csLICUAGJ9

    Score
    1/10
    behavioral1behavioral2

    • Target

      tikiwiki-3.2/db/tiki-3.2-sybase.sql

    • Size

      240KB

    • MD5

      e3e0af39eb8d32ce34db479d56df8cda

    • SHA1

      ff2117537744a3abfa365252229c15ccf6e81d08

    • SHA256

      026c53e44dbb18787adcaeed12741af014743b35ebcdaa53ee341989dfc5cddf

    • SHA512

      51d97c51efeb38bd3f5f881042624b2b156bc66ac684f69d9fd3f5712c574d7a2453920fbdc7c3ed0e3f6d4308fc1a48572689d3652d4d33fa5c07351e839528

    • SSDEEP

      6144:1KK78s8kHhvPLUTpCxJ+eWCr0HDhNF72lzy7ZZkwXbGp5I0X7MKwBn0oyfa+sHoM:1KK78s8kHhvPLUTpCxJ+eWCr0HDhNF7X

    Score
    1/10
    behavioral3behavioral4

    • Target

      tikiwiki-3.2/get_strings.php

    • Size

      30KB

    • MD5

      f8ba19f3ca2ee562163f44bd9ad6c512

    • SHA1

      a3b0652c5d55c4e287cc845249a7edc6d7429b46

    • SHA256

      8e1f458cda8ff67bf7931291c1cad51b4b06d6aae27a3646c6b956f584e6c2df

    • SHA512

      d1d101af0882b9d96d82736d696415d922dc93d7b812c55ba0e11dfba4b6b10a485f499c6356a5b66c1113e4321015799491978cb21cc05d88bb1ee9bc5d1762

    • SSDEEP

      768:RkGGwHkBOyr1u3dVuf3qV4X4o4VLBnQQfT:/GwHkBOyr1u3dLcP4BQQfT

    Score
    1/10
    behavioral5behavioral6

    • Target

      tikiwiki-3.2/htaccess.sh

    • Size

      320B

    • MD5

      5781d7488308c4c18928583308cedc39

    • SHA1

      149a3a62057cfda77f7e797770dc64db5aba145c

    • SHA256

      327180de1dc76125a204498ca2a30cf2c1ad5462a335a50bc40bac3e8232cd62

    • SHA512

      f84c42bc234f2b4422e29c9e1640395782b4ab85b750bbc36d72d1b8527632fb2a78df403351a1ed8b1205850b716bba4864e01a710415030fd1d7a588ceabea

    Score
    7/10
    linkpdf

    • Deletes itself

    behavioral10behavioral7behavioral8behavioral9

    • Target

      tikiwiki-3.2/installer/installlib.php

    • Size

      5KB

    • MD5

      f7c1e841a98b77151c530337e4ca5ba7

    • SHA1

      1cb372b62e18d1a369ef09563afa606ec508c33a

    • SHA256

      9b1db68b96b1eaef7d2273e553875848f0813ad40874b9a7114446ea9ec9e549

    • SHA512

      7fef536491932d75ba69b2be33c0a1bb7b1f167ade27a65e2332c2b19204ec6e0e32797050b1db7f934eb54c8272b68aa2151acb6a25f9bc6842036bfcbd4784

    • SSDEEP

      96:rEAcYH6A6/ACiPe8oS18CQfV9l6H4igHxBgmybmOsevDCcvD6vDfvDqojCUv6hvc:IAc06Oe8d8joW3opseTGr1m73WwY20Dl

    Score
    1/10
    behavioral11behavioral12

    • Target

      tikiwiki-3.2/lib/Date/TimeZone.php

    • Size

      120KB

    • MD5

      6e43c8fe7a45fc60749a54483d7bc51d

    • SHA1

      a4a6cc01629411ec231b169ea0bc05aa614d0081

    • SHA256

      7992ef37c225eba0c2da94658e37f2486e2b7b9eee62ff1d167a0c00d5614a76

    • SHA512

      aa389c89485a72d3ca915235c1f34aaace7d7a728e2f93f2a71f12d55cd2bada645261fc74c2d0ba6ab7839c5903062c523f5506f3ddab49df55057e43cef466

    • SSDEEP

      384:VSi9WB5yY3VU4yXazV52vuSXx38v1A8JWZzRFW1iRtrtXfIUhbSJnU5JTCTzsH26:VVq3VU9Xaj4YsH2bBKMNO0eXUgawsk6A

    Score
    1/10
    behavioral13behavioral14

    • Target

      tikiwiki-3.2/lib/Galaxia/src/API/BaseActivity.php

    • Size

      5KB

    • MD5

      ea3f5587a79747f719819b50ee63728e

    • SHA1

      01baa1b1adac5cbe52efd687f7b6dfd560600d20

    • SHA256

      6b31b4315fe2346c37b70da45b46ace5c1c4c71b1038402cf3383923b4898e89

    • SHA512

      6cf6c850563e80ae649b4bdac67e48c7a046790ad567dbb787d791d429751b691f7f94706b17036dfe05a4f3bcd27073b1e4e07d3c74807e02b1e73ad3cc9a61

    • SSDEEP

      96:Bct3Q7sT0cDRKs6wj8FQttPApQsCP6Wl7JA19ElUagZiJtOznR+ALntDx9S75dr:e/uwjMQtZaQsCSWl7JA19gURZiJtOznW

    Score
    1/10
    behavioral15behavioral16

    • Target

      tikiwiki-3.2/lib/Galaxia/src/API/Instance.php

    • Size

      24KB

    • MD5

      53f4ca8ecad9dcdd27a0e63266e7530d

    • SHA1

      78a4af5470dc65a0f5f246b5ab3bf2793a4530b3

    • SHA256

      70b44725e5fde527397cc2dc03951d94af6654699ea935eedbf0a7fe45ae1ffd

    • SHA512

      d71c80115888b4df9e270410ef0d3c7bd4a365ba9b30dfde27b72ef2a4386182184c8c43f17ed69dfe772a6282c38584f25057e9a1d23fcabb08f2b44db38447

    • SSDEEP

      384:sZ324OYDRNDmZncpv6aJiTnVmbw3ByYFvoU:sZ3TOYDHynckDTnVqwcw

    Score
    1/10
    behavioral17behavioral18

    • Target

      tikiwiki-3.2/lib/Galaxia/src/API/Process.php

    • Size

      1KB

    • MD5

      b54f578f7f807112c0c1f14515e3d684

    • SHA1

      eb28c97bb6663b3a7d534ab0dad2eae4eaf96029

    • SHA256

      23ed3cc70442639037952d9a1d122cf9284cc132364fc84c565a2f7609c2a96b

    • SHA512

      f29b5e0fe0be5af1d64510ca78e2d2eae43c5283ac60fc92c397c753101481e993f8b1d501776e7bfa09849252df7ebe0117941342fafb6e3a09b55fe360bd22

    Score
    1/10
    behavioral19behavioral20

    • Target

      tikiwiki-3.2/lib/Galaxia/src/API/Workitem.php

    • Size

      270B

    • MD5

      07c8d6b178e1616efaff83d528f56d09

    • SHA1

      378107c0cf68ddfbaf4b31507a416e8937fd0110

    • SHA256

      59979165b8e8dcd860ad76bf876fb9835626e4e6bf054e5dfb683c38be3e0226

    • SHA512

      19c5fdc6ce1692522eb0f8ec18b6da67d23f418002dc5ec536f4f6478bcb921a30fe47c3b7668f3c81a3907f1aebd85464c69b4b2559c08f47f6e47a04dc07d0

    Score
    1/10
    behavioral21behavioral22

    • Target

      tikiwiki-3.2/lib/Galaxia/src/Observers/Logger.php

    • Size

      606B

    • MD5

      96f0a95ba57954eb072f3ab89716ed5b

    • SHA1

      0c40b777973a624c7d195d0505d1c932100952db

    • SHA256

      2bd25c3cab175d4f2a957b707132e3d2e278fee8da8d8c2c26aa67b9a5ca5cb5

    • SHA512

      5a4937fea42431a2360da838fa30c8355d74a28bc4d1a9240cf802b71b128b30f4b47cd13ad1bed08a31fe8c84d9dbeb1559add6efb974107ca6d2e747cc03d9

    Score
    1/10
    behavioral23behavioral24

    • Target

      tikiwiki-3.2/lib/Galaxia/src/ProcessManager/ActivityManager.php

    • Size

      29KB

    • MD5

      51f792b333f7336f1016f736b26ddc5a

    • SHA1

      264e47acf3328fb8e1332c938df1f8fe4b44c89e

    • SHA256

      5b2d2f415ae3cc334adf87407638ed876ee516c578d13d351153370c1d170413

    • SHA512

      9f18b4992c733a3a072912a9c6787c1b1646600f3f3b53c4405944834b6c87af6f4896a3eb11a6729ce1177f9d957f916ad0a81248ec83654319c03bd6259d39

    • SSDEEP

      384:ePGxRkDt+bIzVbs5r0vKSY8heP4sfBAoMj2aK:8skcUvYw87stK

    Score
    1/10
    behavioral25behavioral26

    • Target

      tikiwiki-3.2/lib/Galaxia/src/ProcessManager/GraphViz.php

    • Size

      13KB

    • MD5

      f8755cd023b78cd66d2f898cf81413dd

    • SHA1

      11fbcac490858bc192668be7f57948ab1ad0fe8c

    • SHA256

      3ff0bfc57946c7bfd438171515d2524bb62319507265be5b8e11f45f95f036e2

    • SHA512

      7bd8d6f0f8be9e430be33bde0fe31357753012d1543e9597812bc2750e679c48a5ab506994102b09ce34ba924a423618f921d58e5622cbaea400038b18f4cf4d

    • SSDEEP

      192:1QaGQhINqiyTl3/TJcBiqka/1b/w4Z3tLTHOrCyRLuyge5uvkbmJGiUAJUIaENgU:1KNOp3/0ka/l/LRTSscC

    Score
    1/10
    behavioral27behavioral28

    • Target

      tikiwiki-3.2/lib/Galaxia/src/ProcessManager/ProcessManager.php

    • Size

      24KB

    • MD5

      12e7fd692d3dcddb0e2e961c7636a394

    • SHA1

      0be05a25af7ce6005e4f4056a3438cb38c3fa48c

    • SHA256

      adeb403eb20fb28aaa99649b8803585ab857d876cf6cfb6c7107a78f5694b104

    • SHA512

      cea96266c3174196d8607e0230513393c3358b6a64ed412914625cb738689d8cc417906f3de6fee9fd8534030005712630f747e68e92befe15c3143061c8ffdf

    • SSDEEP

      384:7U8Hn263YquNtvl4aKf7dP6y4tIqYfEc1hy:7UK263YtNtvl4TfhP6y4qpEc1hy

    Score
    1/10
    behavioral29behavioral30

    • Target

      tikiwiki-3.2/lib/Galaxia/src/common/Base.php

    • Size

      7KB

    • MD5

      79ee517d6436e1a32079ac094ab96150

    • SHA1

      a3344862e741fd802a0bba3ac54924d61f0637de

    • SHA256

      e1128ce548385701d8365d8567d403548df27825cc688c6ab9f834ce35d9273f

    • SHA512

      0f813a3279a8e72d5800b4ca58a89447f5fb876f8b2cd75dc7b005802d62a96b012c9bf71a87d50200ad6b8afdce1636912348e693e6c6f1e1b990a333d5c3fd

    • SSDEEP

      192:/N+eTrz0g3llSO/9yw1hze6crMy4qgdqGWvwieUU5BSTL:/NNn0gV19jPdLT4L

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Matrix

Tasks

static1

pdfevasionlink
Score
6/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
3/10

behavioral8

linkpdf
Score
7/10

behavioral9

Score
3/10

behavioral10

Score
3/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10