72505ef02ce7fdafe19084e3a03b464aaed97cf1f7c3e23e236c37a9d15875c5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

66cfa1e69996b0e4d53bcbfadfcd1342_JaffaCakes118
Size

506KB
Sample

240522-lj9x2sah3y
MD5

66cfa1e69996b0e4d53bcbfadfcd1342
SHA1

2a41969a886c78369d310efae9f7917e6a8479c2
SHA256

72505ef02ce7fdafe19084e3a03b464aaed97cf1f7c3e23e236c37a9d15875c5
SHA512

f0b437a9d184dc953c80dbe5501f04f5cc48309fdb881976c47966c57f149e0f76ede76a47ef3eaff1eadf8a2caf6fec49ec7b7839cf657a8f37cb2d7612b9e4
SSDEEP

12288:s7yqZ6kAOc6ugf5H26fcX+u6v/977bQMgyFBy7lKHKhje:ax6HOrNfsdOu6v/F/QMgr7lZhje

Score

3^/10

execution

Malware Config

Targets

- Target
  
  rebrand/Office 365_files/AppTile.js
- Size
  
  553B
- MD5
  
  37d5da66933b6f51203f1700efdc9288
- SHA1
  
  3d2cfb2c0f07c9edefde6d8c604e6df5ccd2b9cc
- SHA256
  
  893ac296fe6873649c8e08d83a134d7a9e960665a3b9a9545ed5e307f0b21a2a
- SHA512
  
  4f9c172661b04ed6cb1e8f61dbf4e25ec158158a41389b147ccf0e4fffa1be109d82c47dd51f4513fbcbd6be03e3d70be4a07f3e4256322ed01518bff0633a15
Score

3^/10

execution
behavioral1 behavioral2
- Target
  
  rebrand/Office 365_files/DialogManagerInit.js
- Size
  
  1KB
- MD5
  
  0a80e43b6529e8998ecf0fcb4c8750cc
- SHA1
  
  8be9814db9cb1c48614df9e85c1c982985fbe04b
- SHA256
  
  ef0abae1b268f472c96b307daa137289b545187d9b70552b34c64b2b4c31b1a7
- SHA512
  
  66e12916ce427889286070e944460b9d12190d3944b36f692891e95b9ebf000b06b4572b638567a96e35e75588a6ccb615643ae1d7421929a90de5d3223edd16
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  rebrand/Office 365_files/GeminiHome.js
- Size
  
  3KB
- MD5
  
  e1b1411b5ec5935bd6553d1641dc2306
- SHA1
  
  81f4a93f3962136d5f20218b4b439fe11e72172a
- SHA256
  
  6121b0480520a15a6813507da1259ba585e8e21bb421121575cf3b64d43c769a
- SHA512
  
  118d707b3211042379ff74e847ed73a8c4ba764556bd930d19c4e15b8abc82accf89506baa80bcc68994d14dc5778d364d9de4f0933f34a5d5ed0ba33bfe2949
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  rebrand/Office 365_files/UpsellControl.js
- Size
  
  514B
- MD5
  
  50c3a248519ff92698733c2de56e13bb
- SHA1
  
  e0116677cbe1cb97f3b2efcebfe853756683e222
- SHA256
  
  a980fab054eeb5922f5d8dce5b453c0f339c7f7a1e496dc688383ed16aff0b6e
- SHA512
  
  fcde910a94fa127caa4e185da43044d1acc4b820caae47903f6f796774704fe8f5dd46df474e494ef66171e7eb891faac4aeb2669b82814aa1bb8bbcc9374c0b
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  rebrand/al.php
- Size
  
  19KB
- MD5
  
  9a319182d5b576d1dd64a2751b7717e4
- SHA1
  
  c4344f69b6a4da13670c1126e714fae8a37f68c6
- SHA256
  
  3d8b25948afe97599e8d12a22141a09a578f1c22e246c89583d0f5059a30df29
- SHA512
  
  d98a0f3a31b0796bc04463f51c58d4f5d0db8a35f3e44e46b688fd47421a93051d616c10b968e7190da917512e2a1478fd8416a96f73634ab724d8cb37857995
- SSDEEP
  
  384:lgia1JdEnFLGSQqik0i2UHhn5sCofh9YdEwqLAdkO:Va3Nk0pUHh5sCo7YdF1
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  rebrand/geoplugin.class.php
- Size
  
  4KB
- MD5
  
  c8ea1e960b48a620c00bc65d525a721c
- SHA1
  
  6e16a7a95436ec6f1739ae80d121e77661880634
- SHA256
  
  533b46938dc1aa03fa2a8a6ab5977fbdc8b115c0b106f921b0fc4ec637fb35cc
- SHA512
  
  2306c31923f47f7b90bf1f7067519e289c5de4aee2f6b4b2f925c01f57acad0b0a30867b7b025a2222b4d23ec390b265299f4bfb7e2c41d51962c609dbd80473
- SSDEEP
  
  96:zQapMrp1cwAzq1Y0qh2iCYqWGXUQaVc96oAeQeLN/YoLQhyiHQG:0apMrS12iGWGXucr9M
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  rebrand/office.php
- Size
  
  14KB
- MD5
  
  f5104e86389fe182d1ba45b83ee6b640
- SHA1
  
  a4c4f3182903833cee53aba5ab873ae423907588
- SHA256
  
  32feeea8419e569d84b17a4de56f538eeceecf11d8bf1c84208d316d0bb11bdc
- SHA512
  
  b3d52287c039a80bb3752b3e3796f934c7d875dfcd3c9ed15907c8acf138eb237f25c733125f9131e87ed61fadec3a1b8e532a0768691bb1ce529c878d9152ec
- SSDEEP
  
  192:GVaD2SCDWWvbI5HkHxtC5YNAgOg1iDmoXgQl6naX5akpqBvrB8ZTKv:o+CDWobI5EnqYNAvYi9XgWPpKDLv
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  rebrand/othr.php
- Size
  
  14KB
- MD5
  
  31adc77a7c29de329d115b3e66a2eabb
- SHA1
  
  d916a538e4b2c6388215180cafbb368c20ba92a3
- SHA256
  
  ca0118274ce9ec6fe14fc86a2936dd207069643df2bd6735b7c55e67246ed48e
- SHA512
  
  8329f936f571cdd40c027d457968597437efb8ef7b9ecf4b33ee0d5fd83235e85499659562adbc5df7f1c32cf65b2fe89a9bf5fee5a8ce6abb5af5c0caaee565
- SSDEEP
  
  192:GVID2SCDWWvbI5HkHxtC5YNAgOg1iDJ2crgQl6naX40akpqBvrB8ZTKv:o8CDWobI5EnqYNAvYidrgWBpKDLv
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  rebrand/verification.php
- Size
  
  51KB
- MD5
  
  5b9f36e1ef4c3572b481ab03a7133899
- SHA1
  
  7824fc217e8e071fa07e4a1b3d0507bebbf2e48c
- SHA256
  
  469ecf6c9450b33234531adb5265409fbdd3361bb3f3c08416564163e850db23
- SHA512
  
  7f552e7db3dc09c49f320cce8380e63d83b6dae1d1548ffea7367c4030982c65f141dd1ce3a23979f88b4eb092c8233411d9e79d5a985bf747b793fd97c45189
- SSDEEP
  
  768:c6l99XyAZqezaPeFOGvRc5F/TeLONNJJ54ALpAp+Jnpf:c6l9Vf/ivJNJJ54A1Ap+p9
Score

3^/10

execution
behavioral17 behavioral18

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18