5809f95b424f432df016ebf51da46a1b2762abe43b4ec98291e450b757b52cbf

Sharing

Copy URL

Twitter E-mail

General

Target

f286b99203d18517c6c62e21b7e0fd96_JaffaCakes118
Size

854KB
Sample

240416-de9gqafg27
MD5

f286b99203d18517c6c62e21b7e0fd96
SHA1

3a91a5c361f11055c1ec7f34e92f2e5c801d84a2
SHA256

5809f95b424f432df016ebf51da46a1b2762abe43b4ec98291e450b757b52cbf
SHA512

24fd90193efbffb287a6f79a7bc8d14defa6ddb2681bd4fd008e83473d06f2a10bd0f5a6148a0ff1f058bf20fd67f7dc778513f856604720aa27540859f5ef5f
SSDEEP

24576:ih7T/DEktnmtOVAkkpARbuymI8h1OUgixXFv3V:oTLot3ZWRbAI8h0Uj

Score

1^/10

Malware Config

Targets

- Target
  
  NfmBlog v1.0/OblogStyle/style_change.js
- Size
  
  1KB
- MD5
  
  7735aea37e632ff1ae434b1548b9d157
- SHA1
  
  7cdfc9c9d5369a0194fd3b97ea47da11dc071d19
- SHA256
  
  b3e5d1f259bde4f817780dc29da551f0fb531c7d387cb1895ac355ba067ae48c
- SHA512
  
  7cf2cf32621286a8f867ec6c4d7f377bd7f23dd31b65d18add3fad8e1fe0fd6312448ff78336a75d708612bdad833677ac9b60011196b5692067d399c4f94208
Score

1^/10
behavioral1 behavioral2
- Target
  
  NfmBlog v1.0/ad/ad_userbot.htm
- Size
  
  1B
- MD5
  
  7215ee9c7d9dc229d2921a40e899ec5f
- SHA1
  
  b858cb282617fb0956d960215c8e84d1ccf909c6
- SHA256
  
  36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
- SHA512
  
  f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768
Score

1^/10
behavioral3 behavioral4
- Target
  
  NfmBlog v1.0/ad/ad_usercomment.htm
- Size
  
  1B
- MD5
  
  7215ee9c7d9dc229d2921a40e899ec5f
- SHA1
  
  b858cb282617fb0956d960215c8e84d1ccf909c6
- SHA256
  
  36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
- SHA512
  
  f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768
Score

1^/10
behavioral5 behavioral6
- Target
  
  NfmBlog v1.0/ad/ad_userlinks.htm
- Size
  
  1B
- MD5
  
  7215ee9c7d9dc229d2921a40e899ec5f
- SHA1
  
  b858cb282617fb0956d960215c8e84d1ccf909c6
- SHA256
  
  36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
- SHA512
  
  f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768
Score

1^/10
behavioral7 behavioral8
- Target
  
  NfmBlog v1.0/ad/ad_usertop.htm
- Size
  
  1B
- MD5
  
  7215ee9c7d9dc229d2921a40e899ec5f
- SHA1
  
  b858cb282617fb0956d960215c8e84d1ccf909c6
- SHA256
  
  36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
- SHA512
  
  f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768
Score

1^/10
behavioral10 behavioral9
- Target
  
  NfmBlog v1.0/admin_ad.asp
- Size
  
  3KB
- MD5
  
  086140d799f181606c6932a93b1f1d4c
- SHA1
  
  3bb548058619544e364cdbb9e13bdb20cd440146
- SHA256
  
  3efa5e5d949ace83df671f2194b89ff1f51f1ca9100f42188a5adbd0ed98cfee
- SHA512
  
  00df4d0240f72862134d6b8a95bd1d9abe9e6f2874f315269f43ea841a78622dbbff0aeefdd6bfb7425a5e15e25f784c01a0a5a16c2d6ed31fc4919d3eecb35d
Score

1^/10
behavioral11 behavioral12
- Target
  
  NfmBlog v1.0/admin_admin.asp
- Size
  
  8KB
- MD5
  
  0c53ed24a867ab94702425fad5ad8d4e
- SHA1
  
  08896616b43af61bfc7516cc8c4dcecb9c32497e
- SHA256
  
  21376abcda19d9a75d392b18ce5931b6984ab8a5093808fceb4978fae0d3d59b
- SHA512
  
  9b8443c027d07fcca604be013830a2de3143a3532323e0e339cff6b8b5ecbde489ddf5c2f8d077d328b01991af8085cc7121a7ca4f3ff2be8fd0d6c332feb61c
- SSDEEP
  
  192:rQrlqasGy33DJBDtZj0ED7aQhzXwrgtwAVEh:0rlMGyHdzCuRW
Score

1^/10
behavioral13 behavioral14
- Target
  
  NfmBlog v1.0/admin_adminmodifypwd.asp
- Size
  
  3KB
- MD5
  
  5efbc9ed76664f1802f74837e71edc2c
- SHA1
  
  4c3a84bbb16ce8634f5441bc7fedae9ab20cc1d3
- SHA256
  
  12b83cd08793d0e045b3a280037a78cbefb4cff3f23b0ddfcda3f5e361986c3b
- SHA512
  
  c66749495190380f44b1095160d908cd3623b0bbb8f80be02a44b51c526874d2ad7ceccb130ae26e2da1ba0525ddd9bb44417970c31c9d4f02156a633adf2c94
Score

1^/10
behavioral15 behavioral16
- Target
  
  NfmBlog v1.0/admin_blogstar.asp
- Size
  
  12KB
- MD5
  
  18df5c7d5410e3083dee319469395dff
- SHA1
  
  81668cf6c565a83813376bc08a0a2481563f9893
- SHA256
  
  41bbb4835be36325a7f2bb33bda4324f3ff6f6217242928a885f00704339eb14
- SHA512
  
  4db234a941b3a69dac1646284dd1dc3b606a0ea46de254af394ae57d751019d3dd484f0e1e231a2954660701c931fbd60cce214c1b4427db662aeb0dabcebecd
- SSDEEP
  
  192:duTQrlCMiJ1J9L5AkCrye0Wt3l+LEXdknKsR7A6LrVdrJVDMtcKSaj3dSq6:YsrlsB9/Cryq+7AyD5/5
Score

1^/10
behavioral17 behavioral18
- Target
  
  NfmBlog v1.0/admin_count.asp
- Size
  
  2KB
- MD5
  
  0447b43f21f6e7f7a048bd8be627ad42
- SHA1
  
  908b14a385a72c48a4986e64004cd90edcd27882
- SHA256
  
  3a790185b310a8aef753f84465976dc41bbd66a4a3a2710c318981d9525122fd
- SHA512
  
  51e7eddb75508cc891b4ace36d4314f61dd9f3b986968c513bb6fea1359685e52d8bb4ef1b6baaa15875d46931f5234793ae738e5dc5bbeed5206232b06d42e2
Score

1^/10
behavioral19 behavioral20
- Target
  
  NfmBlog v1.0/admin_database.asp
- Size
  
  16KB
- MD5
  
  f1da2f893bee7ad3137004868b9981af
- SHA1
  
  47512f8c82555c3282a7160edd21b86fa7066422
- SHA256
  
  6beb60f496dad87802a469ed9d3d90422066fc6c4a019f9c9492cb575c4ef475
- SHA512
  
  b3b7d49b3da9805a1bca36a5c8656bc5b205d7e6cc7573eb9cbfdfd62b0ba0b7ba57a832e2ddf40ef7dfae380d4b604c59113a7e85e15c20ac4eaa5b08deb1b5
- SSDEEP
  
  384:UCiGSfgF2WqHgrXj5NYCKKAhqf/Ig4sQqf/GKaK:UyF2WYW5NYC1Ahqf/IgVQqf/GKaK
Score

1^/10
behavioral21 behavioral22
- Target
  
  NfmBlog v1.0/admin_filtrate.asp
- Size
  
  2KB
- MD5
  
  0c4ad637b35432901068079987ebc376
- SHA1
  
  b93e750b29e146a4db19514dd7d241a0e65c3ab9
- SHA256
  
  11902d564d5ea6f83eca3a067cb9329549d9d9df0dd95cc314e91df0617102fa
- SHA512
  
  e27ccf21302844213f8008b6cffa4e2acadf83926fd7295d8bc3ebf95d550067e2eed995eb5c5ba9a0fedb77ad67b8b201f2f1196205b731928923fcd27e0f18
Score

1^/10
behavioral23 behavioral24
- Target
  
  NfmBlog v1.0/admin_filtupfile.asp
- Size
  
  3KB
- MD5
  
  7a9565c4517f8682234b851029944b7a
- SHA1
  
  8bd14a98a82afa7d99d0a82470abb5b782ead326
- SHA256
  
  68c356c1d04638dbb57f268bb0e0eab42d23a0219e304e0a1702300d918d11cf
- SHA512
  
  f82002574daec7c9a1c0066b5b0319e05229e720c13845be667b406b1944768a570adf5f36d54a0c2935b3c4865e610c5deae5844f4e5440836b3c7f276388aa
Score

1^/10
behavioral25 behavioral26
- Target
  
  NfmBlog v1.0/admin_friendsite.asp
- Size
  
  1KB
- MD5
  
  4541e3fa0fe77e391bdc7b1f07f9ace4
- SHA1
  
  9291b523fb2b52b7fe2238e11a8064615c9d4373
- SHA256
  
  5b52a65c7ec7367a817794a0daeaedd6a3947cc6764cdce594738b9ea77b287a
- SHA512
  
  bb62f4f690fe56763fe41e72a399036ee1901f3597f8dbe30f3d60d012cb3425cf61b96dff38522f8a1e6f597cbd7cf3dafecd9956aa11215a623b24637b2dd2
Score

1^/10
behavioral27 behavioral28
- Target
  
  NfmBlog v1.0/admin_index.asp
- Size
  
  22KB
- MD5
  
  0ae214b69db398d71a009cc255f7d36e
- SHA1
  
  3b62be691da951f5ac9ea52907cf50f6d4afc44b
- SHA256
  
  fd9520c2c668b8692324cdf53edccef6b97f9adbb403de2dc0eea6e27eb12bc0
- SHA512
  
  e0a62bf02fc105663a32f617918f560b4bd42563e6ef375e40dbe31970f1ba41ebb293c0eee1c97848ef4f36b6a694ce11f40dcf2e82f0026ab326cd649a4884
- SSDEEP
  
  192:pSsC350jH6aXg0aoF/FDlZlJot/w/LYjdZsBKSQrJeTDms2Q9B2OnmBc+B1WJD5h:5guZlZ8V6LoeMJe/ms2GnmBv1sFB5
Score

1^/10
behavioral29 behavioral30
- Target
  
  NfmBlog v1.0/admin_lockip.asp
- Size
  
  1KB
- MD5
  
  8a3008a3b29e1dd822d9840223e44e49
- SHA1
  
  d8736f4f5f16fb3bb582662c67341f2a2cdeb211
- SHA256
  
  4c5d6dbaa20bd5fc02263f3455ea98d5b6eba4ef6dd8e5385177f97b049215d3
- SHA512
  
  ffddfff8655c36f45989440ec9d0dec14496c099f136e8a3b3e38d7ca4906e68af92b04e9ba576b5d383e1215d8c8b78e87923e2d2d6bbfbb36fb2008cb76c4d
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32