5a217963c1027965ab62563884f677b283e871deddc5e0ccc92a27f211bb0283 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

715c30db4c9b5452d4e0f3d77fb227af_JaffaCakes118
Size

9.9MB
Sample

240525-j52sfsbe83
MD5

715c30db4c9b5452d4e0f3d77fb227af
SHA1

5e323ceae54cefc807d782e0b5a8209a4fdc9223
SHA256

5a217963c1027965ab62563884f677b283e871deddc5e0ccc92a27f211bb0283
SHA512

457545f6d0d3f90b7aa531a578dde207928124cb9c62a86f0f42e77a7037826d220b4db2de566b40e88a4daf482f4c0b237a30cf40561ec1c015b91ce39d4396
SSDEEP

196608:p7dhMqVHHQXMvEEAEr/Y7DMonc4a+hdLILCSSQyPF/6WG4uSu8edvZIqDA+RvDAo:p7WXaY7DPFIvyPluCelZjvDAOX

Score

3^/10

execution

Malware Config

Targets

- Target
  
  www/OAPlus/error.html
- Size
  
  1KB
- MD5
  
  97066f107b3bf44dee92113f5bba5d26
- SHA1
  
  b96ae4112bc242d15dc56f2dd1f6145ab28a488e
- SHA256
  
  ea61dcc8df4662b14da008f665f12092cb0696c56c1784e65b0ea46d2b4edf1a
- SHA512
  
  24471a959e68fc0f15d47d28e03b2096ab10ae159a1abfebaf5e3779724e52f0753959b0762154cd0f99685b0a27292d2031deb4c7d6e9341022ebfb238e2010
Score

1^/10
behavioral1 behavioral2
- Target
  
  www/OAPlus/scripts/Set.js
- Size
  
  48KB
- MD5
  
  8148eb7ad59a696561c9b83766dc57bf
- SHA1
  
  984cf2ec50ba4f52d67319625fbd62d1b13199a0
- SHA256
  
  012a203739e45ce9a00812bdb2cf80a0c6d0171f3b80189e4d3801bc3c38e260
- SHA512
  
  d280f28d6ace9038ab5c8c4468fa6f895723290ba20a8299c170c0678a17a38ed140d1f3b20735d1fc2ec4c438645563405bd54699754143186bb99e5dddd048
- SSDEEP
  
  768:bXAPd/DO/AK/saDItn0eu9f+zfG9O4vTCpBv0gaswgPf6gWb:7M4LbN5qe9rvTC0gWb
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  www/OAPlus/scripts/app/Attendance/attendCalendar.js
- Size
  
  17KB
- MD5
  
  484faa20f098bb8e89b38811b1a98a04
- SHA1
  
  60670b19e70159f84f1580c1edbbc36145502433
- SHA256
  
  1bae847c1d43afb6a2b256d67c617daf55dbcbaf491c8c88f44f880375e7033c
- SHA512
  
  3ce61b6f3be14a9adc48ca9d27f3cfcbb32bdd87545cb324a66b4a9b0fd370f1249ed1ce54431382b1d01f65cade31213e044585388216ab2f991450c7cdc2b7
- SSDEEP
  
  192:3LuefkdLar/gAOdkha6rBO2Hma6rBPbDm/7A:3OG/6kha6rgDa6rV9
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  www/OAPlus/scripts/app/Attendance/attendanceRankList.js
- Size
  
  5KB
- MD5
  
  71812a89f49f5bbff6296d686bb620d2
- SHA1
  
  0f81a431f75d98d65741a3e075feadceb28f3a5b
- SHA256
  
  e7c1ddd392163e7d8299d232a4bccb98886437ca5f2a19faf51a1dced87773c3
- SHA512
  
  f7cad3c3c5039f473175034d79206c063f4cd51e1ef50ba0592151263343ce30a1a86013dcecd796aaa0ae129d37b30cdc1c41967f671b222496cdf19eaec102
- SSDEEP
  
  96:IdytYGI40IMFGlrOGxDZSF61lexz63cFLSUNlGxzA9cI0KGlmxzA9cIF1Sg:I0Yp7UNOoSo7uceGoomUD
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  www/OAPlus/scripts/app/Attendance/attendanceRecord.js
- Size
  
  16KB
- MD5
  
  2824027313c68d93f5cc0adcaf243b7f
- SHA1
  
  7df797f9017ffe1e03563494ba7778d4c9a55dec
- SHA256
  
  4344e6c0673014d248b8bb0aa4d996addf23018d13dadbf13fb1fd9020216fe6
- SHA512
  
  e44bb617dd9c4aa296006d14a7fac47299d029def82101d18b224481e1df63e1f91ca7b81343ebcdfa48c08c4a42acae1a1c70757dceab7dbb9e11f2bd557360
- SSDEEP
  
  384:An4WAH6FhBldUW+Sj/hBldUW+SmxJjME2Yt5uE4jrhpEkRy45qNpz/:AngH6lFleJ2Yt5uE4jr7Ry45IV/
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  www/OAPlus/scripts/app/Attendance/attendanceStatistics.js
- Size
  
  15KB
- MD5
  
  b06c77674daf4a3c27af4158dc7731e5
- SHA1
  
  cd0cdebef5c0457e95133b26a52347ecfcb50be8
- SHA256
  
  b9c19234184155b0b1702a4719be49754442d6f5b472f14ec063bb9f05f8f409
- SHA512
  
  635390d8e9689d75cb6be1ee7ba23624f3dff0316d1e29af41b2beea94b36e215257fb5db16a4bc2a9aeab8787a484ab760775cb94caec65c45198fb62b7b6d6
- SSDEEP
  
  192:8KixhgthpW5VxQwOdPSwL+R/q7QVTFrMPK15nSpwX0WVOpYCkAX:0hgtnyVxQwGFLk/mQpFrN5nSc0w/NAX
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  www/OAPlus/scripts/app/Attendance/indoorAttendance.js
- Size
  
  21KB
- MD5
  
  0d7275c3becbbcc9bc9dbc013c779133
- SHA1
  
  28b7c6638e5ec8ae5c7e323210f4837aa3ccf9f3
- SHA256
  
  cfe83cd07ad9e97885bbab79dd7e861a8929e8c28b672d440aa88c1f57e4e977
- SHA512
  
  10ef9acbf053fa2d391c7f9c4b8f6ab7b93673de256965ae34a3d9a858d454de39062aa7c8143f23e6a0da2801bf635bf69ab77ba6ddd6883a1f9728a97ee11f
- SSDEEP
  
  384:zoAqmh7DWDHvWDHN3upptklzDdbJ4ovxySC:zonm9+HCHN3uVklzDdbJ4YxySC
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  www/OAPlus/scripts/app/Attendance/myAttendance.js
- Size
  
  18KB
- MD5
  
  0c9d144658ed7112e2ca8df55f4a8822
- SHA1
  
  49d03046ba967adddebb3576a117a96a0bc16112
- SHA256
  
  13a2af6b9abb672a750aad0648a67f8e282536b77fbb0a82667986edabc997cd
- SHA512
  
  50506208dd1c40d933a5b93375f829eb7e1e16109e94cdd453b5847c840e4033cb674d573ca6e659fdc01844c463a7a117f601cba88f3fb50730e89e9d499621
- SSDEEP
  
  384:Xt+9KTv594VAivj7Y2gJGYaS5u5fu5ZpmgTWq8RbD+q6iGHhQHP/4Fjdaib+S:Xt+9KTv594VAivj7Y2gJGYZQIZpmaWqf
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  www/OAPlus/scripts/app/Attendance/nearbyColleague.js
- Size
  
  11KB
- MD5
  
  70619038eeefff8611489cf2407d1f6f
- SHA1
  
  d66c139fc53abc1413c211ba6630d4092e8f4d50
- SHA256
  
  bce3dbdcba41bf0c380bf5a172252934abb4df602716e00f1ed61ff6878fcaa4
- SHA512
  
  237fcac9ce9d723ab5b79da5a6d9fe2ff560a3b83d9d5921fcff34eef54a0bf770ae5a4c2c95b391cc329fbc0c5c54efdb3879b46ca83e15badd1ff05c2d7664
- SSDEEP
  
  192:XhMwLnSzzu1iv3MBOCEQkwv1jof/mBmEd5RwjKTUaClYr3Qd5fewjKTWnF:X2PAmWBmEXR/bClYrAXfef4F
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  www/OAPlus/scripts/app/Attendance/outAttendanceSet.js
- Size
  
  4KB
- MD5
  
  0fa5e539eb3ed1095df0c0e3092a37dd
- SHA1
  
  67b025b12c9548635114b1c61950423e7a5bf43a
- SHA256
  
  95f67ae25fd897e365b10675603016006137aeb31f2ea2b139dde6fc2717a675
- SHA512
  
  17337eb75a3560192e3fee6c42ef973fbe8c1f44f733837adf49677f0b392496784e45d5855284a02639a6fb72ed98ae12c83406847aa68c9726a87bcdf22220
- SSDEEP
  
  48:yvlI7r2lcwK6KZ3zfmz/tzfmz/SmpsAaTjkjlAMWK5/USwJtb4IFr87LuFVplz:Zu767mZ7mEBVMWe/HIFrYkL
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  www/OAPlus/scripts/app/Attendance/outdoorAttendance.js
- Size
  
  19KB
- MD5
  
  22b49a54a58fcbbafd42ae807fada7d5
- SHA1
  
  5e4fb3bae13020748fd272f2d8b1fc165fbc6991
- SHA256
  
  acc5088392164cc93b2e54a3713e6d7b0876c05cfa26ee04e16050ebd9157442
- SHA512
  
  8f9ad28ea9a7f11483357696a96139b379ee3514f519ab57ef72666f08d1ac22de2c0fcfc14fa274fcacedd53c2e4ab897d1ac01966dc96eadaacfeb16931416
- SSDEEP
  
  384:+K8mh4DWDHvWDHPiJGpnk/AqdyJ4ovxySC:+K8ma+HCHAKk/AqdyJ4YxySC
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  www/OAPlus/scripts/app/Attendance/partnerAttendance.js
- Size
  
  24KB
- MD5
  
  312ab98d4118d96b49265c8e9c2128ae
- SHA1
  
  12eb686d3e822b6f4715c03c7693783d063340db
- SHA256
  
  a125e1dee4f7d8a59d2bc4de4ef387b262f8e84a6730f61e2a5211a83f812fad
- SHA512
  
  7ff4cd64e9c1dc37a9f9d793cd61e59ad0b3fb7b036682b0675442194362a87af38965da6e0daf176553b9b763c111b2c6735097da46fe0a8e08398830f05d0f
- SSDEEP
  
  768:cSzTv594fsKRj7Y2gJdYyQIZphV/qDwIKqnRaV/qRKiQhQHP/0BdTb+S:XzTv594fsKRj7Y2gJdYyQIZl/qDwIKqa
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  www/OAPlus/scripts/app/Attendance/position.js
- Size
  
  6KB
- MD5
  
  c862cdd3865e59015cb164792cd005e7
- SHA1
  
  f5c4741fac6ca2c641ed7715149ae54f09a920f3
- SHA256
  
  2969e228baa85f90ac0394524e42200ca4580071c75bd5d5f6ef3b3ba971eb7f
- SHA512
  
  f2977a48f95807ea58b5f13feb2fbfa737a0a3d0aaf6f1920cfd7f150ec3c76792ca6faeed54aaf17be236370115abdbef631f297f2ca2868ed727e91ae9e7d8
- SSDEEP
  
  192:/YXKIFf2+HmYZYEMuv9vwNE1cCdCXyAXf5XMXZA:/YVh29qjvwC1cCUCAv58+
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  www/OAPlus/scripts/app/Attendance/statisticsDetail.js
- Size
  
  5KB
- MD5
  
  9faa46f29e183cdf4c62397378fb5b4b
- SHA1
  
  ccc44b28b85c1d78ab0cb8f88f4c2a68aa7c671c
- SHA256
  
  81c97dc09a524fbe225b27196a74847cceba4980a5bcf1d3750f765785f55478
- SHA512
  
  ef1614c82bd3ae2acf1f2ce9c2ec2e5db2b9f76bccce0c5bcedefcae1710a263a5a7477a871d063f3968b83c115594a35336ce2094e4f425bd824420f47ad6c5
- SSDEEP
  
  96:x4VvbBnSb7CIn9/wDwYIQhCUn8bd2YSWYCR:mBnoCInhwUYzhCUn8x2gYCR
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  www/OAPlus/scripts/app/CRM/MyaddContactArrangement.js
- Size
  
  13KB
- MD5
  
  46399b76bf207d47128a6c8eed567449
- SHA1
  
  743c891d307f532078f8d4f7db7e99fe75fadf7f
- SHA256
  
  811d7594e899c28d66893d232ecc5d8c36b8869e8fbc71d7b9cc5b322fcbc9bf
- SHA512
  
  f482d8162956c61cbd93f834e2424cca27eed153366986d47c9b51a234b294ece8e86b6e9b9f2085c258760c05a0e8db61e9eb1600ca283ad0551c68436889bc
- SSDEEP
  
  96:dnd/JSWxL64ghi6BMTGHldGdY6C9oUCbbcEJ77/+huJeupI:LJoi6BMCHzkbD7r+6euI
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  www/OAPlus/scripts/app/CRM/MyaddContactPerson.js
- Size
  
  30KB
- MD5
  
  e44e2a0ac3c2d2e77aa0338f553fc5f0
- SHA1
  
  0ae4f1c048600b593a124499f60cff42959c9929
- SHA256
  
  dad2c8b0d693a7894efcf091fcbdf185db552d3b5003f5eeaf0cbbcf5335d5b4
- SHA512
  
  5504d57bda1bb4e857f0040c29f0b0f96d76554c91394283161f88853bcb4b06692f0ae6dfb44346dbc16b83579405065f2f7eb8bc914359e944538656c0fb8e
- SSDEEP
  
  384:beLXWZy6WCQWzuW7pWmxfyKIgPcdSWXWcWXWBWng+:beieQl0yfyKIgPcdVm/mwg+
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32