e8b3d0d27f6e468e94075d3a6d43a184937a8d2b1d568ef12fea6288aba985e4 | Triage

Sharing

General

Target

68aaabca87030007e244af7133f1601f_JaffaCakes118
Size

1.7MB
Sample

240522-z5c24ahb58
MD5

68aaabca87030007e244af7133f1601f
SHA1

c108c0a37fa6768dae8d6ee549c116352d0f24e5
SHA256

e8b3d0d27f6e468e94075d3a6d43a184937a8d2b1d568ef12fea6288aba985e4
SHA512

4f1608e6187d7c9a36854714b9cb009275efa3cc31ae8e97db1954b82dd42548799d4e5f2e8435035cc5cfd880765b44063b8d588f4c4bb845accee174b824e8
SSDEEP

49152:AnDIvfLm7uLwPv+fd4l0suVmnTo7v6mrHES3oHYIr+7cU3Y7iYwr:AnDIvfLm7u8meezcNmrkS3oHYAQcU3YU

Score

3^/10

execution

Malware Config

Targets

- Target
  
  YnJ1bm9faG90bWFpbA/YnJ1bm9faG90bWFpbA/outlook.live.com/bots/antibots1.php
- Size
  
  4KB
- MD5
  
  aa303b3efeb9f0901101e62d51ed832f
- SHA1
  
  2b376f92ffbbaf0f3047848cfede306366e57ab8
- SHA256
  
  c05da2e122e554eda1167650e54c3adf6e1191e38412436860e0c62ae22c969d
- SHA512
  
  8eb37965c8ef04c993634c5667ecaa7101acd3579cb677919326c5adeebbc7376498c7dbd9e8f25d0f584411bb280211b4c099f6c291a5e3c597e8ef92d5082c
- SSDEEP
  
  96:sqF229o51MPs68Mdr00o9LG9vZo1LivZo1LuZgdeje27o5dMPE8G8j70G0xELGC:ss229o0s682wgToAonee27o8E8G2ItC
Score

3^/10

execution
behavioral1 behavioral2
- Target
  
  YnJ1bm9faG90bWFpbA/YnJ1bm9faG90bWFpbA/outlook.live.com/bots/antibots6.php
- Size
  
  13KB
- MD5
  
  853ef217b0db672475645ca31bc9f132
- SHA1
  
  ee1909b49e6a4e0318cbc0d2156024b6e9df8ab9
- SHA256
  
  7d848b4f43b0488d94f37860b737bdde681862f46be182da71f7eaad5f1a7451
- SHA512
  
  76134a6d80bdf245cffe0d7b6b183d0fe75b4afea7b5e03a32d62e2b5daf2e0af23431e7a1739a67873064572c3ce0bf046aef8864e5da9000585dfa961f07b1
- SSDEEP
  
  384:D29ogkkZIx5Jz29ogkkbIxOPAZ4gKq5Xwo3uN2:cnsk2
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  YnJ1bm9faG90bWFpbA/YnJ1bm9faG90bWFpbA/outlook.live.com/bullet/bots/antibots1.php
- Size
  
  4KB
- MD5
  
  aa303b3efeb9f0901101e62d51ed832f
- SHA1
  
  2b376f92ffbbaf0f3047848cfede306366e57ab8
- SHA256
  
  c05da2e122e554eda1167650e54c3adf6e1191e38412436860e0c62ae22c969d
- SHA512
  
  8eb37965c8ef04c993634c5667ecaa7101acd3579cb677919326c5adeebbc7376498c7dbd9e8f25d0f584411bb280211b4c099f6c291a5e3c597e8ef92d5082c
- SSDEEP
  
  96:sqF229o51MPs68Mdr00o9LG9vZo1LivZo1LuZgdeje27o5dMPE8G8j70G0xELGC:ss229o0s682wgToAonee27o8E8G2ItC
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  YnJ1bm9faG90bWFpbA/YnJ1bm9faG90bWFpbA/outlook.live.com/bullet/bots/antibots6.php
- Size
  
  13KB
- MD5
  
  853ef217b0db672475645ca31bc9f132
- SHA1
  
  ee1909b49e6a4e0318cbc0d2156024b6e9df8ab9
- SHA256
  
  7d848b4f43b0488d94f37860b737bdde681862f46be182da71f7eaad5f1a7451
- SHA512
  
  76134a6d80bdf245cffe0d7b6b183d0fe75b4afea7b5e03a32d62e2b5daf2e0af23431e7a1739a67873064572c3ce0bf046aef8864e5da9000585dfa961f07b1
- SSDEEP
  
  384:D29ogkkZIx5Jz29ogkkbIxOPAZ4gKq5Xwo3uN2:cnsk2
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  YnJ1bm9faG90bWFpbA/YnJ1bm9faG90bWFpbA/outlook.live.com/bullet/data_files/AssistancePanel.js
- Size
  
  27KB
- MD5
  
  2fb55454d979fc32d37d221f69452917
- SHA1
  
  c51a3d1be31b47365375384aa8986cbe68021eb5
- SHA256
  
  ec9b7b507a350fdf3de9210d79e376dae3a2c625d114fb7cde7b64b82ca1696f
- SHA512
  
  ecfe96f66c64389ff7aa140601bcf76d08e097de559ec8b739abfa51ce27875cfe3005da5876e11b8943c4f837b8e865b966a78a40388d19f83d6f2cfb1750e2
- SSDEEP
  
  768:Y0nTJt4XJxw1HyRYKIskey0aOBc2TphyLp:zTJFSpKp
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  YnJ1bm9faG90bWFpbA/YnJ1bm9faG90bWFpbA/outlook.live.com/bullet/data_files/ConvergedLoginPaginatedStrings.EN.js
- Size
  
  21KB
- MD5
  
  a9b124cc0727f4950f72c5c26204ba48
- SHA1
  
  3fd9a842040b70307b02230b8ae3b2b7aa1e3b92
- SHA256
  
  0ce2939bac40d1906032df28fd682695c2cc145ddd38341372e2e71764ba5552
- SHA512
  
  34301b5b9ec4a65ffa8c947185f9f3a5ed6d9ebca65b5d12cee9cb087edda4df529a5d640ce508e9d3206d3210f7872f509d7fd1daa5f0d4d926712aafbcefa8
- SSDEEP
  
  384:ANrtr980LhbOs9BGFvdVTkdjy+Ke/PngYP4aFGIxIhDRpZocIORs33w8GOgnn2M1:krtR88Os9BGFDkdjy+d/PngYPNYDRpnX
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  YnJ1bm9faG90bWFpbA/YnJ1bm9faG90bWFpbA/outlook.live.com/bullet/data_files/DomainManager.js
- Size
  
  2KB
- MD5
  
  cc7c56505f52f291543bc1a31fb723dc
- SHA1
  
  3c426f7f494de6696cce2ec534cea72e38166224
- SHA256
  
  e8ca0ecc221b4a524034e20c1568e8726ea9213dc4f6a8e392aa88cabd5f7483
- SHA512
  
  a6a459618881d3180d51e92ea5ab5096a1e79c960aa1dc03980cf26b2e3b9ebb45058752b95bb20593b75e14b9ef8c28442d4ff12b32b1ecdbede4809d76400a
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  YnJ1bm9faG90bWFpbA/YnJ1bm9faG90bWFpbA/outlook.live.com/bullet/data_files/GeminiWizard.js
- Size
  
  8KB
- MD5
  
  d66ae4644b136b468507e2e758e2c732
- SHA1
  
  8540307d3eaa68d1540ae501e1d0a65682249b62
- SHA256
  
  78f204fb7b794aad7425f3822f1c8c0107f0fa1442369a798aef0dc6bf35b40d
- SHA512
  
  1a6564216182a71e63ec83417a3dd5c16fc7ab3ad6dbb5a6ea1957770293d08bb73be9be9e185ca55d4cbd3ce529a4373e3f8ae7c1c9fcca68a40b5d007a7397
- SSDEEP
  
  192:epfigVSPs7ns7nXpVgAy0/0NxfU/S0fUNRf0QaUax0EUNRf8GKbtOOR74s2:ePVS07nynXpZy0/uxfKS0fORfTaUax0t
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  YnJ1bm9faG90bWFpbA/YnJ1bm9faG90bWFpbA/outlook.live.com/bullet/data_files/GridView.js
- Size
  
  7KB
- MD5
  
  cfac4d37ebee0deb9ca7ff514c67910b
- SHA1
  
  da0a3fc895086fc6094b24811ec6e494acacc4c8
- SHA256
  
  6fedae5107f342161ba5b8dc77d5d20a77feec58a4417a4cb14c8baa883d157e
- SHA512
  
  40db53c62062b2527dec3594a669f3a4b32a44f5df4c0141281eabbcdd0518fa52414c6a862bb1e7a0932c1e9bdb3f13ec5a4be74c53adba73cac78a460a753e
- SSDEEP
  
  96:L+qs9f6jGaJDM2j/jHHe0Oy6qkmYdcCXiwLPzwL5AcP0F0mqDY3cpS7Z:CCGaG8jrjkmYdcBwLPz4OVvqsMpSd
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  YnJ1bm9faG90bWFpbA/YnJ1bm9faG90bWFpbA/outlook.live.com/bullet/data_files/HIPControl.js
- Size
  
  37KB
- MD5
  
  f0ccef116cc550152b90db0ea68d8fb0
- SHA1
  
  1d813f3f06c36aa45ae76a8b5aad50b24fcc460d
- SHA256
  
  811e2184acac6e3dc10851b5e1ddd6f431ab4feff39a4914ee487a961f7761db
- SHA512
  
  2105c19e40ee71d0278832b430a9e208606afe052f6c05a3ce53d5b2f31e114246853e836a971891f1ea9b7165ec08d63f9f4b516d141bc8e7dbc0073240f72a
- SSDEEP
  
  768:mlxte81WzOZm5eiSPuAAjmFl9+pW4bg1WMG1yKyAIHo7lYSF5bsbMb8jssi1+:ix91WzZYiOuIl9+pW4b7IXSo
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  YnJ1bm9faG90bWFpbA/YnJ1bm9faG90bWFpbA/outlook.live.com/bullet/data_files/ListGrid.js
- Size
  
  60KB
- MD5
  
  5602c0fe207b89bed76ba0b0a0e953ab
- SHA1
  
  a47555e771d20e27df44a9c7b73be850f6049e71
- SHA256
  
  d2c0d75b85bec10b2b03fe8360d60d5aa9c1288d5ea4c952e80a948ae964ac75
- SHA512
  
  ed7c7674d6a69766783b77a9a7cb725fc5fc9b91329351727c8b019c915028b50243588a45facc6fd70484eff37a5f2588a99342fd159aa741d960173e61bedb
- SSDEEP
  
  384:Jl6D8dHRGWZMKGrhEDa/Vi7XVl1TqI4iR1SxXlSlEaGYLQ6IgXmaCWtMZAGn6wpj:CmRaI9MhlYsw2DAGn6wpBscyO1
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  YnJ1bm9faG90bWFpbA/YnJ1bm9faG90bWFpbA/outlook.live.com/bullet/data_files/NetPerf.js
- Size
  
  4KB
- MD5
  
  d4a9893f26d6c6ba6370d1aa877d9530
- SHA1
  
  616e7478f40c2ee6dde03c7d6afa35265211edbd
- SHA256
  
  329e33e61952a1445bf79f6d073ff443339aa13e6338c568d20a3015c0e7bf9e
- SHA512
  
  9870638699dd51e0eef34bce532e24b585fe02e3bb52ae62f0389e97904ee04a12646d24041f277718938a1ea3af257bdb6d136514b97ab0790ff1e9c1f40820
- SSDEEP
  
  96:5iBUcCRgqJY+ebZFBfquEiwQYGQwnCSo3DijVxlJz/odkFVMhMY7PHYh+O8C:5i/PquEiwQ/QJzDeVnN/odkbMhMY7PHI
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  YnJ1bm9faG90bWFpbA/YnJ1bm9faG90bWFpbA/outlook.live.com/bullet/data_files/OldConvergedLogin_PCore.js
- Size
  
  466KB
- MD5
  
  f70360610a2119480f44237a6981e268
- SHA1
  
  9bd655539db1d1ea2b125052cdce3b2fedb22f4c
- SHA256
  
  7e2b63ef07233576f76178a21659800dc7f5e33d8ff0aeb5399237acb1be6e9c
- SHA512
  
  a275fa4aa96364cafcfc6d9be1fefa0c61ed6a7de0e67bf9181373eb683dfedeb038179494a066e3bd22356e1fc7f67550d718a2032f97e600c810d1f48063ce
- SSDEEP
  
  6144:evUdsQloEQexyaxRhUDyADVfwagnkvV5NAtxUraYhchvq8aqDBWkYdNRy:etQlnyamcnkvV5NAtxUraY9y
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  YnJ1bm9faG90bWFpbA/YnJ1bm9faG90bWFpbA/outlook.live.com/bullet/data_files/PasswordStrengthMeter.js
- Size
  
  2KB
- MD5
  
  2a29fc3105377608989fdcf710a47554
- SHA1
  
  f6ac20b91a57841a4f84a7dafa490502fb20d6a4
- SHA256
  
  8dc4107571ba20983d62df95a23d5cabc961418c55b75a8ceb1437a83cc7ab3f
- SHA512
  
  85fffbc2a8681989e048e9a3e754ade8d60c9fa603f88747c73c0ec02848eef34a703ea47f0dcf40b59405b02fba2c1b3f1700de8d7710b9dbc6f7291b1eab5a
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  YnJ1bm9faG90bWFpbA/YnJ1bm9faG90bWFpbA/outlook.live.com/bullet/data_files/PeoplePicker.js
- Size
  
  11KB
- MD5
  
  2cc9cdd4a1a325f1616f4bbd4c84cd94
- SHA1
  
  ac2866d96426daff46e198f18af829143273f39d
- SHA256
  
  241904831659d1ba95ebeb4ef21cb514c7354a428c235cf0484ee691166a716f
- SHA512
  
  7ae23b276cc5de91c51cc1820d1b50ec76d26e3ef49feada96da2b8c37bf1e1ed9e85b6a034d8a0cfd39c55b4015b9f2c00399d1cd9e24b6253aa1de3f78dc4e
- SSDEEP
  
  192:ZtqaIeeago8L9nN0hUNxiHjib9NUhXkop1R1NWS9rCsnZBSVAx8c3ODqbiQ4:WaIee5o8LdN0hUNQW5NiXkYWyrtyAp30
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  YnJ1bm9faG90bWFpbA/YnJ1bm9faG90bWFpbA/outlook.live.com/bullet/data_files/ProductKeyControl.js
- Size
  
  6KB
- MD5
  
  472aab60be9c0b4eb43fd6e45b539fe8
- SHA1
  
  76c4f0b37d32725a0fd4e42ee201b8606d4919d9
- SHA256
  
  08627b21fd420c2359852d51ed59beaaca7a1b5c0e9a0621a1a4e93bdd4983ca
- SHA512
  
  d612dc22821030b4564c842d2c525da0345cbfd933c44067a8e5ecf841837c5be20db810c6103160d385541afe12fb0d1d5e4aca16029c04b77e00117fa157e6
- SSDEEP
  
  192:A+EhEXdcG/e9wbhThrdCdOc+34lR7WeA2LBjN4V44my7L9n:zE8dcG/e9wbhThrdCwR34lR7WeA2LBSn
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32