b560b8d46d33368dffff65d63c12681a5577c355a2be8122a237606ac95bb855 | Triage

Sharing

General

Target

727dee75855536117b28e58123cebce6_JaffaCakes118
Size

463KB
Sample

240525-te1skshg8z
MD5

727dee75855536117b28e58123cebce6
SHA1

21b96a2fb2908d4b5b97a3c2d4f78d131deaac02
SHA256

b560b8d46d33368dffff65d63c12681a5577c355a2be8122a237606ac95bb855
SHA512

369a0118c04fd44e1b9501f21b930900e8d9231a6c371641d34a7059f609bb4cdd7e171b7139a2f0e8303d4d784befdc23978b5a92a5e2d2e0e043fca1a8b109
SSDEEP

12288:1E5kNvbxxYiNSkL+aZtBtBEyI/aFww0Lf:y5CvHYheLZtpl7x0D

Score

3^/10

execution

Malware Config

Targets

- Target
  
  biz/SpryAssets/SpryValidationPassword.js
- Size
  
  20KB
- MD5
  
  d6be38fb42c2e9618c9d5f2664078c19
- SHA1
  
  77f553236f588cece0fe2be4859e8f3220231a1f
- SHA256
  
  3df1b7719a1aa90d70ae337b76b6253b01ede9afa038b290498c3abf4ab54027
- SHA512
  
  fcd8d5f7d08ee9fb2eaf3323121c08c2cb7bcc5943b2ca54188c6f4c9d33b1b4e70fac713925ede55be7070ed99d66bb68e5a372e1555dcbfd795af68c3830d9
- SSDEEP
  
  384:O/FIw5TgIhq4YId7osa5Pf2Anopd8WvvEcWKOaiSfbjwPjlKPm+bG1boAGWhEwEU:25Tg+Umnwu5bG1lGWiw5JwN5cNz3NJ
Score

3^/10

execution
behavioral1 behavioral2
- Target
  
  biz/SpryAssets/SpryValidationTextField.js
- Size
  
  75KB
- MD5
  
  7947cb5a92373e747f786adfe1d49356
- SHA1
  
  51165a72a6437ea17dda2afc64dbd7624cf46a36
- SHA256
  
  69e875128adeedbc8aa1221b7ebffb20b484685964f4ab9a9772ce2146e52d48
- SHA512
  
  327718497aaf3fdb4e841d633b31d4a3a2f51c50164a1db96b153840f9fad3486eee5538967eaac5539fb4680f3d2da3eff8cf0e43d799fa58ec1bf62412893f
- SSDEEP
  
  1536:Q1/UKVkFQyhNDqZyc0d5c/laEJ8JAwl9xiY1qdDERYniPQPq7Lt52tp4:Q7kFQyhvA4
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  biz/dbx/jquery.ddslick.min.js
- Size
  
  6KB
- MD5
  
  f0dc534351e239e07d258adcde7a63cd
- SHA1
  
  166ee9ed6ce4ed51b329488cbcfe5d882a1cdbd7
- SHA256
  
  62fbcafc088683257df72b1024258e899e138bfe56e97ae3c7da39312f77cb49
- SHA512
  
  3526b6d464678166c6ea4c5fc2fbfff22f611a7494de1c91dc67a2c179d0333c982b3a97e57895f5bc8173fdcde6552e1484e70f724d3f4edb79b5f7ad193025
- SSDEEP
  
  96:SQ0SbxXRGMMa/08PoaIS11y3S0RhGq2WwX42RoERiWvCUF1v4vSMhyXnuiEkZU:Z0SbxX2aISny3MHbboEnVo
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  biz/dbx/jquery.min.js
- Size
  
  92KB
- MD5
  
  a13f7f208ba534681deadb1ec7a2e54a
- SHA1
  
  3f51e2eecfa88c61e1200a48ed14f2cdda98ed87
- SHA256
  
  d72fcb8924d1e14dbd4b04aff994c1183ee86c620f0aaac034f75fc508548220
- SHA512
  
  63535b5944b535a8d3343ae691c15a5cd1211f1fb071ae3a8ea076eb12492c827ba18f6253a353c9341ab329d90a6accde473ab989f4614bb34ebf43ccf11765
- SSDEEP
  
  1536:lYRKUfAjtledhTmtaFyQHGvCXseUOgRc9izzr4yff8teLvHHEjam7WuX3yzSiLnM:cUb6GvCD0932o2skAieW
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  biz/dispatch.php
- Size
  
  4KB
- MD5
  
  c3f3568c1ff103c5fc072f1ae08cd1b7
- SHA1
  
  ac1bf42c8158d43ec33feedfda284a759f79540f
- SHA256
  
  3c335f269b61d742ded11b23c28ad434ad37e5850278bf40b21d22cf8456dee1
- SHA512
  
  cacdc348de1cde36de3eaaaa33f19f37d1e1e9a6e7ac74bc0d839943b47937fa80a0db42dad64694a7aa1825a561efdba54a01e4b86dababe1c8af8e2ec6393a
- SSDEEP
  
  96:68TEluq1Y0qh2iCYqWGXUQaVc96oAeQeLN/YoLQhyiHQz:7J2iGWGXucr91
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  biz/geoplugin.class.php
- Size
  
  4KB
- MD5
  
  c8ea1e960b48a620c00bc65d525a721c
- SHA1
  
  6e16a7a95436ec6f1739ae80d121e77661880634
- SHA256
  
  533b46938dc1aa03fa2a8a6ab5977fbdc8b115c0b106f921b0fc4ec637fb35cc
- SHA512
  
  2306c31923f47f7b90bf1f7067519e289c5de4aee2f6b4b2f925c01f57acad0b0a30867b7b025a2222b4d23ec390b265299f4bfb7e2c41d51962c609dbd80473
- SSDEEP
  
  96:zQapMrp1cwAzq1Y0qh2iCYqWGXUQaVc96oAeQeLN/YoLQhyiHQG:0apMrS12iGWGXucr9M
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  biz/index.php
- Size
  
  27KB
- MD5
  
  2c825121d4f435a21963590fd40e4697
- SHA1
  
  e94ce086e6f38e36147afe0fc49a71caf31afdc4
- SHA256
  
  9e098e19af413ab099788005bc2d3d1504e993aefdd1156b6b81c55ad400814f
- SHA512
  
  c905fceea5624e1df668054d1b70ad6d8ed8db741f148851dd86ded9e70beac3ef8a680dd732b489ba30b084edd4514a43da0ccc5e014b61b983d7fc506dc309
- SSDEEP
  
  768:Hjq6p9g2WFEjeT4jvvW2qmVzPSqTbvafCAK:Lg2W844jvDTbyfCAK
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  biz/verification.php
- Size
  
  51KB
- MD5
  
  9bcb33fe7d332db4fb974f9f65018bdc
- SHA1
  
  d17faf3417c11f808d9ed2491825cbf0537c5dfb
- SHA256
  
  fb29dc2fc07c2d4561cdd4d34f55456130c0a17df23d12ef5ad6fa70d6ce8a6d
- SHA512
  
  db6050bc72c1e88c7c8763e6e2f218dc026e675cc08e21ecf8e92688ee962c904d376c60e221ce9d3a3eff3a879432bef6460dc07b3eb5999af5cf8d55ced1b2
- SSDEEP
  
  768:D6w9EXyAZqAQyaPeFOGvRc5F/TeLONNJJ54ALpAp+Jnpf:D6w9sfwvJNJJ54A1Ap+p9
Score

3^/10

execution
behavioral15 behavioral16

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16