0b40fbabb98089585514b8e9d4ec5ccf891b37a76001fdf781872a42d13fd653 | Triage

Sharing

General

Target

8b263e3e85f099db2bb9a3d0eb180cc6_JaffaCakes118
Size

17.4MB
Sample

240601-vm5xyahc8y
MD5

8b263e3e85f099db2bb9a3d0eb180cc6
SHA1

1c1f8f0037da7b476e816745c00b8ea6cb9403d4
SHA256

0b40fbabb98089585514b8e9d4ec5ccf891b37a76001fdf781872a42d13fd653
SHA512

e9122515884800fd508c1c0cd14ca4287d0ef792ba335ee2da2bfa58b89eed66234c46c895f66fa8d3569b9b4abdcab60edee55d3eba7cc54cb39f67ac61bfa5
SSDEEP

393216:JrviVrHXxDEH87MrLUAa73mAAwe4vAgLWD:JriVrHhDEH87MnLajmAAwdAcK

Score

3^/10

execution

Malware Config

Targets

- Target
  
  HMRC 2018/banks/assets/includes/Bank_One_Time.php
- Size
  
  7KB
- MD5
  
  5925690952ff07222a6f71ce45bc8771
- SHA1
  
  e7614460f48dfcc0108d2f7aa9c02f970d61425b
- SHA256
  
  8051baba02a2219b4c09884f327d82b1f09e830dae64a2b8d094377b6db6f2af
- SHA512
  
  ad63198b2597acfabc145f4cbb61e6d7a69304e65faddcc4861f3182eef7c15c0a6fb65051ed7279cb1a73d90eb4f3800d09fe8781fd59c90ef4efbef2f4985a
- SSDEEP
  
  192:1S8qdUi9/Li5eRss8mtZj2X+28oVun9pLFYl:12dv+QB8mTaTufLF8
Score

3^/10

execution
behavioral1 behavioral2
- Target
  
  HMRC 2018/banks/assets/includes/One_Time.php
- Size
  
  7KB
- MD5
  
  121eb5e15360f7dae578442251e54a9b
- SHA1
  
  5a0498d806598b058bd55a0a0660f014e18037ff
- SHA256
  
  e70ea2fa4f05bb8af519894d439180923dfab975da4dec5564657920b93d9df3
- SHA512
  
  a0baac3f17708db8e7776627d8e62b1420088a50e5569431b0fae65fa2488d7965d815ca88a0842b23aeec071a1f846c33c0edafffed8333b030521510322c40
- SSDEEP
  
  192:1S8qdUi9/Li5eRss8mtZj2X+28oVPK9pLFYl:12dv+QB8mTaTP2LF8
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  HMRC 2018/banks/assets/includes/blacklist_lookup.php
- Size
  
  7KB
- MD5
  
  2bf077106fcde65e6f99ee180f806029
- SHA1
  
  b255d51e35de671587435bff498502729f0c9218
- SHA256
  
  260a4dafa30e636c4342230823db612097e85aac83dc4b1ca414cf4b9c9d678f
- SHA512
  
  c6cb4c340bef0ca69221495bb41927a0dd79b12db406bdb58cc03d46cfedfed19cc9f2da444e7d7afb0146edc61ddfbc09055e1e6e152539df960cd783dfe99f
- SSDEEP
  
  192:1nS8qdUi9/Li5eRss8mHWj2X+28VV+x59pLFH:52dv+QB8m2aEYtLFH
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  HMRC 2018/banks/assets/includes/enc.php
- Size
  
  25KB
- MD5
  
  282188c8aa23b8f37622efd8a63cab82
- SHA1
  
  16a7490b4ff9d134e0517979ad1665a80a67d8c9
- SHA256
  
  25265bceecc429b0dcf612f9d21e3b6c2fe2eccd70ed035d50ad18b20daaa2f2
- SHA512
  
  530a7bab189481ee98327091a0777aeca33c56d0aa674f360351a2a3c6d973e55ae143f15c838e5ffdf0d9621b1207b4764de5a265d382553679212360e57f63
- SSDEEP
  
  384:Pr22R59rSbeBFMy9V0tXFhd2sosVleL1Q4Lnm8aEZYgP7wgZ1nOi+Qw+G8:P/R5+eDWusosjEZYg0gZ1nOvh+T
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  HMRC 2018/banks/assets/includes/simplehtmldom.php
- Size
  
  53KB
- MD5
  
  41eadcf0220021e6b78b3c47ea1cac5e
- SHA1
  
  69d1c5dfdce8566563b5899df6aac518b883e2d8
- SHA256
  
  e5c1a6afca287fc7cccc38dfbd7110511933eb051fa2157bfeb4241aa389e36f
- SHA512
  
  042fba14c4e9301d7a3301b18566719ec05111bf1957ac17ee5c5a200eec4a48431895d7d099366bb18ee7c74f7bf1b4da68001da7797818e4b671d2b7d88927
- SSDEEP
  
  1536:pV5Zv5ROJLIwcrwDZw+CyX23bYsTsnL+xWxNx/Q16njBT2pynjBin5la2by06IWf:pV5Zv5SIwcrwi+PXmYsT0L+xWxNx/Q10
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  HMRC 2018/banks/assets/js/cardcheck.js
- Size
  
  27KB
- MD5
  
  dcdb71611301766e797b6c3dbe9d9f66
- SHA1
  
  eab88947e524912405144a6f304a8171193e42da
- SHA256
  
  6ccf4fd58cfc81f14bc1cb330bd9f0bce4e6f16e829380c0e39033d48b8c5719
- SHA512
  
  b6922185c1af723fe855c603b9a908abf89e413ff251a9702ae2bd7bf69a0954982ae62ed9009f82ec5f2f11632d48eec3d136f98f90ad8ec8ef4dc0b4366062
- SSDEEP
  
  384:G8JMepNTe2RsznuIkDksqnev5EfytvjHIrJtV6X5CCN10luxUoeAeYNh:GIfqLTOhHI1ti53xCq
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  HMRC 2018/banks/assets/refund-help-files/acno.php
- Size
  
  2KB
- MD5
  
  a4b1736ebec610a5cabf97b20f4c64b1
- SHA1
  
  8acd8bcc47e08ce3c2e82f37e2cff09e16292266
- SHA256
  
  4cc3f8667de9a8a0ba16760f60790dac597fb04d26b78fb2cca09de144c92e1e
- SHA512
  
  c23e8fb4509117d3e6a2807426a2393dbf0ba1ac357ae0c89fa842432a4cd08e93ee65098f3f47272220c7c25b1128bd06cc84f12ce52194e43d824c912f73a1
Score

1^/10
behavioral13 behavioral14
- Target
  
  HMRC 2018/banks/assets/refund-help-files/dl.php
- Size
  
  2KB
- MD5
  
  8c76d09df69ae0c3b3d8989d45a5bc01
- SHA1
  
  406bac4e150fe2316be5c9f35249354d4928641f
- SHA256
  
  69e787347d2863d32bdcb2bf4db276b737795666af76744f5d367e0c226b9111
- SHA512
  
  4e04fc257cc78ecac7b628c309e1704ffa940e5550cb808f8142a4c5e5ef6dd6ac6738968f3b9f44bf54f814b464361afb328e252b0616b22bdb2ba1209e2630
Score

1^/10
behavioral15 behavioral16
- Target
  
  HMRC 2018/banks/assets/refund-help-files/secode.php
- Size
  
  2KB
- MD5
  
  e2ecc09f096f5cb39084eeb0890e6a06
- SHA1
  
  b16543c071d6617e840cc1cf10b4b8fb18169d6e
- SHA256
  
  065dbb90833dfd4861e76445dec4f94b45d18e005e162f5499a27846407d4b8c
- SHA512
  
  aac97faaf1cee8f366cce0d19975c92cb8afb006fd1cf695f1ae7d2557e849886a2860e24a912495e27d47b028f43ccc9eeac881461b8d15325d8a07bbe48c71
Score

1^/10
behavioral17 behavioral18
- Target
  
  HMRC 2018/banks/assets/refund-help-files/sort.php
- Size
  
  2KB
- MD5
  
  789737fdd75b1a99042469e395f2494a
- SHA1
  
  938c4dbcd48ebc3891545092952410cdff770eae
- SHA256
  
  2621ae89171035af8740e6b84d6e870c39c611b240d948c0dbd8415669c54968
- SHA512
  
  798c04c9096bbeaa7f7dc0ab1ffefb7bd4c3c810ecfe58b8f07b0820247176179cb63509ade45f03bdec39bed824a601c9d75ecb0962778eabe16850480c96ab
Score

1^/10
behavioral19 behavioral20
- Target
  
  HMRC 2018/banks/bank.barclays.co.uk/Finish.php
- Size
  
  8KB
- MD5
  
  2c263b5d6062a37f45455dd4459a4351
- SHA1
  
  c930e8b765a270adda9e6edc47d9f7cb65c53198
- SHA256
  
  7e9268a5eb95819645863345074d77168d61a129905846cd8a224d3427129ce2
- SHA512
  
  673a2bcb918bd0e1be8a42e437e94310c112dde46e2a369724296c53f65c2b5b4958554a1d98d9a6ac76e18f7cbf068c726ba79da971e6a3e952d74b4d739051
- SSDEEP
  
  192:d8Bg99uEu1KcyAjEzsInzD+dlpIp/m/aBMG6rGMCWpOJM1LdAdqOj:AgLuEu1KcymEzZzamfJMt2V
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  HMRC 2018/banks/bank.barclays.co.uk/Loginlink2.php
- Size
  
  12KB
- MD5
  
  c5dd54b04952099edb447d807c50e852
- SHA1
  
  f9b8137d1b9f88967c7c75be4233f01be6e29888
- SHA256
  
  d1fa7f1c44563411966d31caca13665f1c8305ba7252ee500f34c9fdd9879a0e
- SHA512
  
  08a6b748801fe3b95cb0ee5c9801f26ceb70daa6cf599887abb56984109f3d2fd5bfd2dc7fcb3ef5424681c10e4e8700fb5b48ca6a43b9b4f86b00092a521d69
- SSDEEP
  
  192:HP8syTvu0+stOInwSbTHRcjbUDYyHieSIKSYHsaaAcTTFTbrAy:HAL+s8gHPRcXUDjHieSIKSYfrUN
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  HMRC 2018/banks/bank.barclays.co.uk/Verify.php
- Size
  
  8KB
- MD5
  
  822fc68607e9f3583ea2c058d967f4f3
- SHA1
  
  092ce7ff85684ff90908478dc64b76baa61420c4
- SHA256
  
  b81a76e3affd26c91a84beee38c42f71ee5ba1f1bacff11383a4f890bf43b200
- SHA512
  
  a5cb0036a0f9401a82d998c0536255f79901ca1225dbd161e84f675b5e6e4765236dd8dae2841f6bdedfbc48df27878b362cd813668e2e69e545a96312055a1f
- SSDEEP
  
  192:O8wAVbPVEPVuPV+PVAbCIqI2tOBLaBLFaEyfZHxZEfagaaARTTFTbrl:aA5PiP4P0POexI2tOQHanZRCurZb
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  HMRC 2018/banks/bank.barclays.co.uk/Verify2.php
- Size
  
  12KB
- MD5
  
  08ab1d48843502d10b709b068a0a9671
- SHA1
  
  0bbe89d477e6698d77f0807c9a5c0d79e2be9fb2
- SHA256
  
  f22dbdade6f450ab6816f4881df925490e45938546310c78b529c5c9fd513aa8
- SHA512
  
  df4b95d93fb441a3c9d1afbff30abdb796211c7b9783707e5286c00ca4b8034a05f84c935492d86ff075b910a41d4f9348c3b2a7bd436cbbf347ee88e0a17df2
- SSDEEP
  
  384:k9IPYIgIQa+3ODFJEVRVzqHqYN/MpUb8furZb:k9IPYIgcsU1
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  HMRC 2018/banks/bank.barclays.co.uk/assets/help/js/001.js
- Size
  
  90KB
- MD5
  
  397754ba49e9e0cf4e7c190da78dda05
- SHA1
  
  ae49e56999d82802727455f0ba83b63acd90a22b
- SHA256
  
  c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
- SHA512
  
  8c64754f77507ab2c24a6fc818419b9dd3f0ceccc9065290e41afdbee0743f0da2cb13b2fbb00afa525c082f1e697cb3ffd76ef9b902cb81d7c41ca1c641dffb
- SSDEEP
  
  1536:dnu00HWWaRxkqJg09pYxoxDKMXJrg8hXXO4dK3kyfiLJBhdSZE+I+Qg7rbaN1RUx:ddkWgoBhcZRQgmW42qe
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  HMRC 2018/banks/bank.barclays.co.uk/assets/help/js/002.js
- Size
  
  7KB
- MD5
  
  512b871a2830e44259bc3ce3343afcd0
- SHA1
  
  875bce76a77590c3c438bbc6e014b39c23c8c88d
- SHA256
  
  c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c
- SHA512
  
  7c31817254b71d4cac10120aa2829614311658e468036d27eb43b063b392620c4611ec3db3b3600da3e48fb82a41c5579c048fbd9022156f038b2b6cb5d946b5
- SSDEEP
  
  96:tBnSz91Gwyk35YrfBewIt9jKLKDs2SFNK7wIDBRANyCfVJ45NI:znSzvGw/35YbMx9jKLKD3UIDBR8VVUq
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32