8cd97dcbcee1d9f8ec2b8e921aed42f0cba7cf47e9713c5f31972e8121252929 | Triage

Sharing

General

Target

28458a2a8060b173a65222d312a21068_JaffaCakes118
Size

552KB
Sample

240509-exdnfaac41
MD5

28458a2a8060b173a65222d312a21068
SHA1

ac9e1620f8515ea856125beb78a7c9229f58cae3
SHA256

8cd97dcbcee1d9f8ec2b8e921aed42f0cba7cf47e9713c5f31972e8121252929
SHA512

833aa4b0661e3416fe2540c30258948c1a406742de99eb86dc5f8f571337acae33c1d75f84f5d03d6a48434395079281dac02206d646e339371465e00fa1094f
SSDEEP

12288:T1R83EBZOCj+aZlBtbEpaVPw9badarBdQaS8G3:xR80ZOCjLZlDXVPvErBdQKG3

Score

3^/10

execution

Malware Config

Targets

- Target
  
  chestnut/Google_docs_files/button.gif
- Size
  
  161B
- MD5
  
  ad55095ce1514fd1a9651fc332546587
- SHA1
  
  dd8bfbaba5bdef489fd236ee6e2b651afa8e70ac
- SHA256
  
  d0d3c343481f545963f5177ae9c0ac521e1cfff32994a502a6bf81f34e7abca0
- SHA512
  
  07679098ddbf6d9f4de483c1abf3772d04ce243a2e51afbd8b4e895131c854f02ddc61273c9430a51f7204caa0121e4986e83786ce56fabc4351b06271c570af
Score

3^/10

execution
behavioral1 behavioral2
- Target
  
  chestnut/Google_docs_files/flag.gif
- Size
  
  145B
- MD5
  
  87fa0238aebe7eb60d2d6dca57731d2c
- SHA1
  
  cbefe803a235c81dea766e847bb698e99685070c
- SHA256
  
  508b0c9de05e10b62e78332745ff026140abcee058e4d118bb71a2423c78c938
- SHA512
  
  a2e4c077999414004136a3392620d25f55ae85bebc4178fabec99c0508aca8157d46b5a3ef4835d37f884a73bb992d40cd5aba05b135c4a49a45af0292a5fda0
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  chestnut/Google_docs_files/jquery.ddslick.min.js
- Size
  
  6KB
- MD5
  
  f0dc534351e239e07d258adcde7a63cd
- SHA1
  
  166ee9ed6ce4ed51b329488cbcfe5d882a1cdbd7
- SHA256
  
  62fbcafc088683257df72b1024258e899e138bfe56e97ae3c7da39312f77cb49
- SHA512
  
  3526b6d464678166c6ea4c5fc2fbfff22f611a7494de1c91dc67a2c179d0333c982b3a97e57895f5bc8173fdcde6552e1484e70f724d3f4edb79b5f7ad193025
- SSDEEP
  
  96:SQ0SbxXRGMMa/08PoaIS11y3S0RhGq2WwX42RoERiWvCUF1v4vSMhyXnuiEkZU:Z0SbxX2aISny3MHbboEnVo
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  chestnut/Google_docs_files/jquery.min.js
- Size
  
  92KB
- MD5
  
  a13f7f208ba534681deadb1ec7a2e54a
- SHA1
  
  3f51e2eecfa88c61e1200a48ed14f2cdda98ed87
- SHA256
  
  d72fcb8924d1e14dbd4b04aff994c1183ee86c620f0aaac034f75fc508548220
- SHA512
  
  63535b5944b535a8d3343ae691c15a5cd1211f1fb071ae3a8ea076eb12492c827ba18f6253a353c9341ab329d90a6accde473ab989f4614bb34ebf43ccf11765
- SSDEEP
  
  1536:lYRKUfAjtledhTmtaFyQHGvCXseUOgRc9izzr4yff8teLvHHEjam7WuX3yzSiLnM:cUb6GvCD0932o2skAieW
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  chestnut/SpryAssets/SpryValidationPassword.js
- Size
  
  20KB
- MD5
  
  d6be38fb42c2e9618c9d5f2664078c19
- SHA1
  
  77f553236f588cece0fe2be4859e8f3220231a1f
- SHA256
  
  3df1b7719a1aa90d70ae337b76b6253b01ede9afa038b290498c3abf4ab54027
- SHA512
  
  fcd8d5f7d08ee9fb2eaf3323121c08c2cb7bcc5943b2ca54188c6f4c9d33b1b4e70fac713925ede55be7070ed99d66bb68e5a372e1555dcbfd795af68c3830d9
- SSDEEP
  
  384:O/FIw5TgIhq4YId7osa5Pf2Anopd8WvvEcWKOaiSfbjwPjlKPm+bG1boAGWhEwEU:25Tg+Umnwu5bG1lGWiw5JwN5cNz3NJ
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  chestnut/SpryAssets/SpryValidationTextField.js
- Size
  
  75KB
- MD5
  
  7947cb5a92373e747f786adfe1d49356
- SHA1
  
  51165a72a6437ea17dda2afc64dbd7624cf46a36
- SHA256
  
  69e875128adeedbc8aa1221b7ebffb20b484685964f4ab9a9772ce2146e52d48
- SHA512
  
  327718497aaf3fdb4e841d633b31d4a3a2f51c50164a1db96b153840f9fad3486eee5538967eaac5539fb4680f3d2da3eff8cf0e43d799fa58ec1bf62412893f
- SSDEEP
  
  1536:Q1/UKVkFQyhNDqZyc0d5c/laEJ8JAwl9xiY1qdDERYniPQPq7Lt52tp4:Q7kFQyhvA4
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  chestnut/geoplugin.class.php
- Size
  
  4KB
- MD5
  
  c8ea1e960b48a620c00bc65d525a721c
- SHA1
  
  6e16a7a95436ec6f1739ae80d121e77661880634
- SHA256
  
  533b46938dc1aa03fa2a8a6ab5977fbdc8b115c0b106f921b0fc4ec637fb35cc
- SHA512
  
  2306c31923f47f7b90bf1f7067519e289c5de4aee2f6b4b2f925c01f57acad0b0a30867b7b025a2222b4d23ec390b265299f4bfb7e2c41d51962c609dbd80473
- SSDEEP
  
  96:zQapMrp1cwAzq1Y0qh2iCYqWGXUQaVc96oAeQeLN/YoLQhyiHQG:0apMrS12iGWGXucr9M
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  chestnut/index.php
- Size
  
  36KB
- MD5
  
  a0bee2fad6c783c73d015ca5af4c83ed
- SHA1
  
  ff9052e8b6c54ae6189dd585bb7bdae1634df961
- SHA256
  
  006a45ec162b45c0fdd6f45329f04a16158550ff7376b2fa7293ebc9177eb29d
- SHA512
  
  d3cc7b20ff744ec1f84782a163cdef222a5024dad3c659ec2efd65d1aed0f04f168193fb3ac9c185cb9e869db7aa9804495fe0203452b363ca7e44958c449b16
- SSDEEP
  
  384:fB4Yx3acS8dWnCFzGD47VRwDRt82LlJXauf0HCZfvI0wHCxu2Y:fyVc3dSeMDRt8ilJq7wfvI0wHCXY
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  chestnut/verification.php
- Size
  
  51KB
- MD5
  
  63b6b872181612569a1eb3a5339c302f
- SHA1
  
  ac5d55fd2780f8241fd1c9c0f3fd6d499f86ebaf
- SHA256
  
  498e9b7030b341d565f589f14d5d906f379f4e7cce2c850a7cf5a2e2990c148b
- SHA512
  
  461d8f4854e639eb2be07c07344f1be768d4b1e2cb79491356f1249f0f067b33a9f6b8988256cb2405be57db424a938183f69bfab8746d688ac3137c49d15fd2
- SSDEEP
  
  768:56l9JXyAZqPQyaPeFOGvRc5F/TeLONNJJ54ALpAp+Jnpf:56l9pfFvJNJJ54A1Ap+p9
Score

3^/10

execution
behavioral17 behavioral18

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18