Overview

overview

1

Static

static

1

drxp/drvbx/delete.ps1

windows7-x64

1

drxp/drvbx/delete.ps1

windows10-2004-x64

1

drxp/drvbx...ery.js

windows7-x64

1

drxp/drvbx...ery.js

windows10-2004-x64

1

drxp/drvbx...iew.js

windows7-x64

1

drxp/drvbx...iew.js

windows10-2004-x64

1

drxp/drvbx...x.html

windows7-x64

1

drxp/drvbx...x.html

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    05c0e6f5fc2d9772726abd30f2fc384f_JaffaCakes118

  • Size

    255KB

  • Sample

    240428-whx7zadb92

  • MD5

    05c0e6f5fc2d9772726abd30f2fc384f

  • SHA1

    e0b2e8e0373220de00486512687e09b2db0ff8db

  • SHA256

    013dd5eb49c70e963167134f73414275b0757e004575ec1853d2cc8e6a7e1a38

  • SHA512

    7a84f34109d6122e1e12576fc7451a342d5501906379a1d0ddc7563768881c3118d6b8f499fa7cdfff3c353b64edd80f37be837103ab8c86516701888b18724c

  • SSDEEP

    6144:R8Jl2cjl2cAYBHMgo98MEYBOSCjsDEHm+IewRxUjjlx4z:R8L2coYBNnYBO5s4HqRo34z

Score
1/10

Malware Config

Targets

    • Target

      drxp/drvbx/delete.php

    • Size

      869B

    • MD5

      7ef59f989bb09cf822cadd3c68949819

    • SHA1

      b03459652ab1280a6f15e3b01d8241825ce0f76a

    • SHA256

      854b95a05af2a4576269b1e6a0ab1726bc7c5a4797b658650d8ed8bd77181a0d

    • SHA512

      219a506332a26c23879711b62bd6a3f2d4cbf048f880926e2c4c6b9ac1c2ad4a0358b7b927c413b16ff6b473f34bb861b755e5e7fe4cba3fbd42223b60c78bf5

    Score
    1/10
    behavioral1behavioral2

    • Target

      drxp/drvbx/tool/content/jquery.js

    • Size

      90KB

    • MD5

      397754ba49e9e0cf4e7c190da78dda05

    • SHA1

      ae49e56999d82802727455f0ba83b63acd90a22b

    • SHA256

      c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

    • SHA512

      8c64754f77507ab2c24a6fc818419b9dd3f0ceccc9065290e41afdbee0743f0da2cb13b2fbb00afa525c082f1e697cb3ffd76ef9b902cb81d7c41ca1c641dffb

    • SSDEEP

      1536:dnu00HWWaRxkqJg09pYxoxDKMXJrg8hXXO4dK3kyfiLJBhdSZE+I+Qg7rbaN1RUx:ddkWgoBhcZRQgmW42qe

    Score
    1/10
    behavioral3behavioral4

    • Target

      drxp/drvbx/tool/content/view.js

    • Size

      3KB

    • MD5

      5f18f38a0d214d2364d3e71e81421c3f

    • SHA1

      430d7994a9fa7cf169c586adc9bc53572786353c

    • SHA256

      916ce0791e85a8829424ba6e2fcb6af3a54c3b0f72338d9f5c2a6239d9fba050

    • SHA512

      cde0a5cac9011ea36fe8f36fda5ceb67b56bb19a341624716cc912829eb7ea0c0d314d4ae0de8e0b0c8e4f42f566e117816393d9543742eefb7c2e80d5db8391

    Score
    1/10
    behavioral5behavioral6

    • Target

      drxp/drvbx/tool/index.php

    • Size

      15KB

    • MD5

      a05ccc9d4ccea332912c3f7c2ea9ce38

    • SHA1

      4e35e8d2bf6737140bde0427d07589d1e029f39d

    • SHA256

      3e7ae7751e609f154a0c10993de91cd18022dd002741bfcc6c05aeda053c6275

    • SHA512

      bc0d03b9ad8b2c6e59a72d4b7a9c04a26070f7131b7024749542e960c508d083773733a123ed7f932f81e50788b603367bae91ba53ae08959f04f797a17373b8

    • SSDEEP

      384:pSwpbpJW5M4RMeYPbwncNclx0x/NW+209:C5AeYPbws209

    Score
    1/10
    behavioral7behavioral8

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks