12bab42e14d5527e12beb088f55bbc190c5e8b12f32239dcce747a1931966652 | Triage

Sharing

General

Target

33883356db91e4dbea3956ad8a2eaca8_JaffaCakes118
Size

782KB
Sample

240511-jrmflseh31
MD5

33883356db91e4dbea3956ad8a2eaca8
SHA1

ad2168975c60374f3a11e67dab292e77505f79fc
SHA256

12bab42e14d5527e12beb088f55bbc190c5e8b12f32239dcce747a1931966652
SHA512

7ee71db66a22289606327c3e3f232a3b9b624c94a2ebe27f0c0e43540449b4a2760faae1d11877879c96c992c40096aa0b7d46dfb9e916a02fa6f5ba629c32ab
SSDEEP

12288:xKnoECNarSviKI4dl/IfPowsl5DAj+dYwO7bpU2We3LsPt0jLQ8tkLTwJMIMh9/:xKol8rS6YuoRl5DJ0PWisPta12R9/

Score

3^/10

execution

Malware Config

Targets

- Target
  
  wordpress/readme.html
- Size
  
  7KB
- MD5
  
  1adf30a1d6fe172f37da7dca83496c7d
- SHA1
  
  a6d269241bfdf22ccb9685590156a7133243d224
- SHA256
  
  c0fb53d17c60b08e34e2253c469a4398408914785c7a049d6d123e472099abc4
- SHA512
  
  3f0aeeda52475af868f5ad516fab39636b197d94cc5d2845c0358d3b3c1bd5e98020402ba9a3f03a8fec9d97ecd62fa15b51752f656b4a55574a31fb822899fe
- SSDEEP
  
  96:7UcLA1z1z/4kd5kyJuObif98uueKQMucpMvCKCZ3jD+4dv5tdtGgrNZz4y+lUbsl:9LArTtAOqWuLC1DlldtsidI
Score

1^/10
behavioral1 behavioral2
- Target
  
  wordpress/wp-admin/includes/class-wp-plugin-install-list-table.php
- Size
  
  14KB
- MD5
  
  3ab0251adf143fdf17ee542497fd4764
- SHA1
  
  fe03849e32c0be9d5fd63d6328834cc3633603eb
- SHA256
  
  4fcc10e32c709750aa6c97a9ef90437386d00e2d1447baade59b5bb05511f29b
- SHA512
  
  d2f4e7c21fc3ff7fbf0feaa71d653779a87b57a6b4ece8d5cf4ade14c5264ec4ea5519ca8dc6d0d819bdb231c9a802d6bc94411bdcacc39109f62409db2f0682
- SSDEEP
  
  192:kTHrcMebd2T2XvYtmYuerX120xF4Af3v0+eFSx0cL5tQm2NcLWY/xJVB/PD6bRFK:kTHTiOkUXvxSAfc+eFPcNtQm2UPVBHDB
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  wordpress/wp-admin/includes/dashboard.php
- Size
  
  45KB
- MD5
  
  5138cba32a0860ccd525d21001c730ae
- SHA1
  
  1d8dea9c5c7ad6fceba7453d40bb305eb585f7ac
- SHA256
  
  a23e94884b5da81347b250c833da7c09fb8d923eb922c1453587e3038e0fc35f
- SHA512
  
  1651c454950e35e09bbd87aff3c7b26a72edd46104789104b8fcc4ada43799ef4740413fb847549b100bbf9d1a0c0de30de1a47240955df7f7a70c91bdf09ddf
- SSDEEP
  
  768:rxtLxO6V4JQ+hIL37AH5dreSZ7LLL0QR8qUbN5nHS3CEAnsfg8hWUJwrdTaGLcGl:rxtLxO6V4JQ+hIL37S5dDLP0QHUR5nyC
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  wordpress/wp-admin/includes/image.php
- Size
  
  19KB
- MD5
  
  16ee4f9664fcd89b3504feaa2cad0ab1
- SHA1
  
  6b64652f42ce65b6d87cee6e65251bfb1c4f79de
- SHA256
  
  d03b2ebcd35af9ffe514627a6b6359829a9ce6f92ff2a14d654ba1879b08eeed
- SHA512
  
  c4eb47bde2fa73f3f3dba7c66d64d79cda973377bb22075170ee6edc5f47e2e0a6c3a75f479733f573d0f2f72d6ef06cf395ef0ea61334df6811b45cd72fb226
- SSDEEP
  
  192:d6+FHRTNfNrNHfE9CqbT6TYf1j5cwxlw4QqDqXffXvGdcqUIDcNLHUruOWysY:3RT1JZYjBWqqHvGd1cNLHUyOWysY
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  wordpress/wp-admin/includes/template.php
- Size
  
  75KB
- MD5
  
  aa6f5e02e547a804d17065cf4b6a4738
- SHA1
  
  adae9e0270d21835f329a4dfb857ab10133436f8
- SHA256
  
  60daeed84f5aac8fec1e9fcf98e4550a17672e936db5681c5726032c18182a7c
- SHA512
  
  dff9f7daa042588ffdd6ba2af2f8f53b7844a0fd92ab731413259777b7353a710879d34fb752852df592845bed828cf1f06555cd56652ada2aa51d60dd642766
- SSDEEP
  
  1536:59COQEYFg2EZyOMk0e2dfVoGKN4wNsQJfc7JHNEL2cH5DTpydxcwfILODrgJ35HU:JOFyMve2dtTQkcZDodxcOPiLDY
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  wordpress/wp-admin/includes/update-core.php
- Size
  
  47KB
- MD5
  
  2fd062ec721f7fdf63dc58b9fa249002
- SHA1
  
  1554a9ff684cf64cd4866544b17d9d314668e429
- SHA256
  
  cafee0bcece4e126d8917564a277df1909f42673fb4b445cb2a906e4732e345e
- SHA512
  
  685a9a35226428a1fc20045169cb08bb44d01a7cca69e5a24abede18a879b5bd6fe625bc2f75d6199bd6d9c9eefc5a5b3f4a59b3a20840efb6f39db016852c98
- SSDEEP
  
  768:ll5Ac5cHH89nUfLUnqLGxEYjjdeQlNS3S38SQp1i+fJNHpzSSC:ll5F5cHH89CxYXziWWNH+
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  wordpress/wp-admin/includes/upgrade.php
- Size
  
  70KB
- MD5
  
  4c6c7c31b33d8d75b6f82b03c8ea397b
- SHA1
  
  4b840f4cc3e723e821f8b9a95cd271c529f310af
- SHA256
  
  eeb259fb066d6e5cb8050a8610ab33f907fb5d4e9a8e0c1d8b7c4e0e56adee51
- SHA512
  
  fa905863c61a8a24e1e26685e66041695a62bae4cf2fc97c07a877318dde53f7b5c6c5f98352734cf200b217887681e08950ef4dffc80c13c21cbe571b441775
- SSDEEP
  
  1536:3ho3SuMhWQWoovDslSCZP0AlemHsNte6GM62Vz3G:3h7tPlZcAlemHsNte6GM62Vz3G
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  wordpress/wp-admin/js/editor-expand.js
- Size
  
  20KB
- MD5
  
  d8bf6b8ad0222c5c81abe3445397afb3
- SHA1
  
  9f768ba7401535ab6adbd491c7f0eda94f6d8a35
- SHA256
  
  8b380b68f6931c1e5566f6a080994ff65ba05049cf14587a447d2d9e1030b785
- SHA512
  
  e1b34e02a9e143e103119ddef9072376758afe25a0e5ebd18f0b22cc76dd1982dc7cf1c2ae0e71ce7225d34fccba7e3027cfae5b9c8e35d2c131aae7e97b5cd2
- SSDEEP
  
  384:jooOldbmwehMAdjiDAVRolRnDbbBuojUeyCe2fHkNSZdFioHZk5ZVFiQZiNn9PWQ:KvA5iDAVRolHUeyCe23z
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  wordpress/wp-admin/js/editor-expand.min.js
- Size
  
  8KB
- MD5
  
  4e78a0327caee92c94c119cbcdcdacf0
- SHA1
  
  43aa40e29935412112adce84757304927f4faddd
- SHA256
  
  903edbcf2ea5e5ae93b8b2163f9d73e4c66b917e59c779c8e5a4c4bd65b742af
- SHA512
  
  c259f1191f7bfd9c486089002faeb4fa26cd2687f2934483f899769e188f037c83a18bfa661480f012e3d953b378db7ed1b8a4b0e44387a5f15966bc167d29ed
- SSDEEP
  
  96:x22zr5JasEbO4Nlt3fa5bTeeKjA15bTubBrZlrRr+1rwrRr+NeAZzSLbRLmLFTum:11yyETVMcV7nxwuEpyae6LT+eajPlC6A
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  wordpress/wp-admin/js/media.js
- Size
  
  2KB
- MD5
  
  fc6243e6ea74f2ca62bffb849de3657f
- SHA1
  
  1c1e8f5e051a57a89327d26c2d0a17f6b2e75cec
- SHA256
  
  485573e2a5d0c3dc44db719ea179805cff7a7724b1800b8e18ff75a4a6561004
- SHA512
  
  656e68e508ce9a23547bff93e7c5224d927871b38b37bb76277cd3e8f2932ecebf37ef4ee089d48d7ef13cf7e7d93a8c762c9333b3b1986a9bd4f73a180dc558
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  wordpress/wp-admin/js/media.min.js
- Size
  
  1KB
- MD5
  
  9f8b1a50cba5f06427ffe004043128c9
- SHA1
  
  49eb36fd15c541ce9911e19eddae4af44df4a840
- SHA256
  
  4a43b20529fcd42542ae93e6ae14f34065fe9c04b3e6d0fa90c447cebbbe7536
- SHA512
  
  42acf7f216bcc5405b0c3249bc281ac11b920ba76f63ece1762e18f891550b342ad0daaa0f6ae93a70304c3164799019152775c60f349cf9876923badd136d51
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  wordpress/wp-admin/js/nav-menu.js
- Size
  
  38KB
- MD5
  
  c80084b98b0ee2a45e17dd3eef229d8d
- SHA1
  
  4c7f5a364d075de08de2f72ae672a16225efe85f
- SHA256
  
  2bc3128e3d28e15fa944392406b3e04a3fc9993fcb62cfeb46e359297e63c017
- SHA512
  
  eb077fe51edc82170f3da87063ff74b2af83162fae8ead9eb98ba3dde484fe82b78ef0e729d58f31ee9911156ec98993bd1279803066538f7059526ac5494861
- SSDEEP
  
  768:Z/3Wg037YIFSN0BW2HRbzvQ2mdXJA2rHkzduzUbENjA7vMScjPX:Z/3WRjAOzI2mdWMHkzduzUz7cjPX
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  wordpress/wp-admin/js/nav-menu.min.js
- Size
  
  19KB
- MD5
  
  27f1093ab09c8fe7c9e5eeed62525b41
- SHA1
  
  579df0d69c1c9e47849cf5f3af28ad9ae950bd77
- SHA256
  
  2ee40b9cae0f5832bf6716d1e044fc427fd5f18ae6b0e2ada148755ab74df3de
- SHA512
  
  ef1765b0018a816acb46a412810d8636e75e738663b46e27fdc9b2297ba5d4e1ec613642bc10381f531001368e3cc981d4980c8e402aa346f4cbc7df88e425b9
- SSDEEP
  
  384:dLBeIiiAXYf9ymoivnW0C6dSrGee2EyidEJSTTYwZBYhWyJ:VqJmV/xMriwMTt/Yhn
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  wordpress/wp-admin/press-this.php
- Size
  
  26KB
- MD5
  
  a5b1a73e0c4298950750a8bcd9627eaf
- SHA1
  
  965294df03cc370d027c8ab2a1486a2187f5d8a3
- SHA256
  
  eb2493d3703f3102dab165be35a5e7e2f3db5d305cb6944f974314d441b96ac6
- SHA512
  
  66c4696e6bb75a89382c50d916c9f864f693223803c6bea21290f8498f22f909964e8129f1d9ce32eb7a01f82165d2e2aab96e5342bedb58dad6312b2591b8a9
- SSDEEP
  
  768:b9jAlMsSxt31tID5iJ2k/kLeDOmctMDFiSTLpTSSM3gCXHxukpUfNhzsX7+ToxvK:9zsSxt31Ii4k/CeDOmeuiSTVS33gCXHg
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  wordpress/wp-includes/canonical.php
- Size
  
  24KB
- MD5
  
  7180c5a9cf2b657c71ebce8710dfb788
- SHA1
  
  2fd47b82e291fba55ca1ce92b604af3518630d1c
- SHA256
  
  36f2b7fd209e794bd026a3b0912125852c7ad79950633033d91dd9b322af1507
- SHA512
  
  24e4d56ad01d5d77c2956e744c09f38c51e0353c7c576a0d45a9cca31e4ccd1aa4f53baf255cd47a3f55c79aabfd2c4c33bac84e3d6233f7d84d99063f26b774
- SSDEEP
  
  384:+oc4i6LiC1CGHGVyBlkH9JDkD2r0t3Ygpt4DzauuY0m:Y6LiCAGHGVyukqr0t3YgT8zaav
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  wordpress/wp-includes/capabilities.php
- Size
  
  38KB
- MD5
  
  c81b557a211f71364f2d69b704c521c2
- SHA1
  
  8b36095ba28754cf154c9f5142af84ea5a056d79
- SHA256
  
  bb0b9dd1d4633226c48fc686deef5923f94924d456d40cd9c82fb057827eb9f1
- SHA512
  
  614edc1610aa4915adf2c3ee05f3559af43f3959b0eec64ccdba4785ce40018e52ca80179b37e3b911fdf4578bbb03cf361a6c197b35268ac479f164e3ff665a
- SSDEEP
  
  384:igelQbBO+NdzL6SMedEAFt/W/nqGd9OewHCshoNeRcRugEeMPIPD75jZS/u/0X4K:z0QFlFAvx90CshkD7hrmtTwzlN9/Md
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32