Overview

overview

3

Static

static

1

DRnnn/File...C.html

windows7-x64

1

DRnnn/File...C.html

windows10-2004-x64

1

DRnnn/File...ord.js

windows7-x64

3

DRnnn/File...ord.js

windows10-2004-x64

3

DRnnn/File...eld.js

windows7-x64

3

DRnnn/File...eld.js

windows10-2004-x64

3

DRnnn/File...min.js

windows7-x64

3

DRnnn/File...min.js

windows10-2004-x64

3

DRnnn/File...min.js

windows7-x64

3

DRnnn/File...min.js

windows10-2004-x64

3

DRnnn/File...dex.js

windows7-x64

3

DRnnn/File...dex.js

windows10-2004-x64

3

DRnnn/File...ion.js

windows7-x64

3

DRnnn/File...ion.js

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    696c51d4fb36a7da3bf6257481532a89_JaffaCakes118

  • Size

    485KB

  • Sample

    240523-crtflaac5v

  • MD5

    696c51d4fb36a7da3bf6257481532a89

  • SHA1

    12d4f87bb8d6e019b214775299ac8160aaeece61

  • SHA256

    1a181d9b3ae318a1107da1fee28b479c62e377feed4a4c9e4f192c1b91ba83f8

  • SHA512

    21eb12435bd1c1809882daef7ce543c7ae3850b6c8defe706231ace0124f1301e911015e8f5d4245c0732aa6f91a12e4540cb8a668efbd3a7cfdea93117f86d0

  • SSDEEP

    12288:xj04sLU4Lb8PLeVD5I0oX4YlsWEJB/KLLCvyWrGacnZrZWnwaoHa7:GhUggPLeVDq0oX4YlGKLiXrGaAV0nwaX

Score
3/10
execution

Malware Config

Targets

    • Target

      DRnnn/File/Perfect/love/CC.html

    • Size

      53KB

    • MD5

      ebfff048208e8deeaf764a9182df66a4

    • SHA1

      dea44ee9c21118cc3c4c868b4994a8f997d23739

    • SHA256

      74fe274c181d69985b0cf7f40f654a653ae934f4202404f0e135d416d9d49bb8

    • SHA512

      e5e5dfa65c4ed891d85d853b3dae01165b9ab8a9cb7f1dc5c224ece09603373c78ef37f3e55f8a6c558ecc25a6a49596267c7593bfaaa87909f73d2fcf307d91

    • SSDEEP

      768:/8QAklTwZVZZ3UcfCBBaLaBOSi/QN/RxPjLU7Qcb0XY2Ta7W+Irw//mmMCxTwszS://A0Tc/Z3UcfkaotbLU7QIU0/7T3O

    Score
    1/10
    behavioral1behavioral2

    • Target

      DRnnn/File/Perfect/love/SpryAssets/SpryValidationPassword.js

    • Size

      20KB

    • MD5

      d6be38fb42c2e9618c9d5f2664078c19

    • SHA1

      77f553236f588cece0fe2be4859e8f3220231a1f

    • SHA256

      3df1b7719a1aa90d70ae337b76b6253b01ede9afa038b290498c3abf4ab54027

    • SHA512

      fcd8d5f7d08ee9fb2eaf3323121c08c2cb7bcc5943b2ca54188c6f4c9d33b1b4e70fac713925ede55be7070ed99d66bb68e5a372e1555dcbfd795af68c3830d9

    • SSDEEP

      384:O/FIw5TgIhq4YId7osa5Pf2Anopd8WvvEcWKOaiSfbjwPjlKPm+bG1boAGWhEwEU:25Tg+Umnwu5bG1lGWiw5JwN5cNz3NJ

    Score
    3/10
    execution
    behavioral3behavioral4

    • Target

      DRnnn/File/Perfect/love/SpryAssets/SpryValidationTextField.js

    • Size

      75KB

    • MD5

      7947cb5a92373e747f786adfe1d49356

    • SHA1

      51165a72a6437ea17dda2afc64dbd7624cf46a36

    • SHA256

      69e875128adeedbc8aa1221b7ebffb20b484685964f4ab9a9772ce2146e52d48

    • SHA512

      327718497aaf3fdb4e841d633b31d4a3a2f51c50164a1db96b153840f9fad3486eee5538967eaac5539fb4680f3d2da3eff8cf0e43d799fa58ec1bf62412893f

    • SSDEEP

      1536:Q1/UKVkFQyhNDqZyc0d5c/laEJ8JAwl9xiY1qdDERYniPQPq7Lt52tp4:Q7kFQyhvA4

    Score
    3/10
    execution
    behavioral5behavioral6

    • Target

      DRnnn/File/Perfect/love/dropbox_files/jquery.ddslick.min.js

    • Size

      6KB

    • MD5

      f0dc534351e239e07d258adcde7a63cd

    • SHA1

      166ee9ed6ce4ed51b329488cbcfe5d882a1cdbd7

    • SHA256

      62fbcafc088683257df72b1024258e899e138bfe56e97ae3c7da39312f77cb49

    • SHA512

      3526b6d464678166c6ea4c5fc2fbfff22f611a7494de1c91dc67a2c179d0333c982b3a97e57895f5bc8173fdcde6552e1484e70f724d3f4edb79b5f7ad193025

    • SSDEEP

      96:SQ0SbxXRGMMa/08PoaIS11y3S0RhGq2WwX42RoERiWvCUF1v4vSMhyXnuiEkZU:Z0SbxX2aISny3MHbboEnVo

    Score
    3/10
    execution
    behavioral7behavioral8

    • Target

      DRnnn/File/Perfect/love/dropbox_files/jquery.min.js

    • Size

      92KB

    • MD5

      a13f7f208ba534681deadb1ec7a2e54a

    • SHA1

      3f51e2eecfa88c61e1200a48ed14f2cdda98ed87

    • SHA256

      d72fcb8924d1e14dbd4b04aff994c1183ee86c620f0aaac034f75fc508548220

    • SHA512

      63535b5944b535a8d3343ae691c15a5cd1211f1fb071ae3a8ea076eb12492c827ba18f6253a353c9341ab329d90a6accde473ab989f4614bb34ebf43ccf11765

    • SSDEEP

      1536:lYRKUfAjtledhTmtaFyQHGvCXseUOgRc9izzr4yff8teLvHHEjam7WuX3yzSiLnM:cUb6GvCD0932o2skAieW

    Score
    3/10
    execution
    behavioral10behavioral9

    • Target

      DRnnn/File/Perfect/love/index.php

    • Size

      27KB

    • MD5

      3869216e727bdc4a074b59c644a61bcd

    • SHA1

      8528ae6b63de9e45f25637e683813c003ba087da

    • SHA256

      65ebafe03188222fcaa5b4038bbbff04e8db4e88b5eebe4c641423551602dfbe

    • SHA512

      8161eccf86992bf8c5018335ecdf3f41f9043a2bec48b02dc57ebf6f800a3ba9a5ee007b26cb2187d2ecc11f7c1bce946cc74c521842ef43087716c58bf3c1c1

    • SSDEEP

      384:fu3nExIo9sPcPJMU8dWnbF7rp8Gq+s92LlJFCxu2Y:fu3nx8sPcPJMVdGpbq+s9ilJFCXY

    Score
    3/10
    execution
    behavioral11behavioral12

    • Target

      DRnnn/File/Perfect/love/verification.php

    • Size

      33KB

    • MD5

      8af50e293f81ae68e2bf5a04eee6be23

    • SHA1

      c0d19b53e590fd0599a71d0db21c73a6f512bed7

    • SHA256

      5dbe2967c0699c628518e1b157666048278313ec67098b72f41b917951ddf6c5

    • SHA512

      e1dcbc437fc214a8699f693f0096fb67cfccd77456cedf6bcda30f58dbffc0b0668744922aa87d4190af59c172ffc91e109ae50cd3784af17d54d0720f453225

    • SSDEEP

      384:6t6Dx3+91jblMXyAZqdqL0NHs0idcPcYa1mXlrV:6t6A9kXyAZqwQdpf

    Score
    3/10
    execution
    behavioral13behavioral14

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

6
T1059

JavaScript

6
T1059.007

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks