66a8fef778ceb09b6dbc394708b9c16392b445a972c4166c514a54e0cfbfb798 | Triage

Sharing

General

Target

029e94eb2f7b86d3efb6d9b6dca9a5c3_JaffaCakes118
Size

2.1MB
Sample

240620-ejqe3ssarr
MD5

029e94eb2f7b86d3efb6d9b6dca9a5c3
SHA1

2528a8b7988a31c5ede5e20cbefc93ae97b0a6ed
SHA256

66a8fef778ceb09b6dbc394708b9c16392b445a972c4166c514a54e0cfbfb798
SHA512

6ca84e2402351246841d4a9ae2de3c9a6dafd7ebce8b87279f7f1fa11eb3d84dceb9b9e13558c44991f462f4f3d0bcc180d8b74217306f7eaccaf0fd42499a42
SSDEEP

49152:obAcRkuPi9INj42gGjjmclBFNWfdz8juOZTijouVuEugul+/s3GE7w5hQ2rBBA+b:WAcRkd9IN42gGkf5M3ThuVuEugukE2pX

Score

3^/10

execution

Malware Config

Targets

- Target
  
  sitepub_beta_1.0/admin/includes/action.class.php
- Size
  
  1KB
- MD5
  
  0374fed0279c0102faf0252544096fe4
- SHA1
  
  f7e1c26d7c0d387ecad63aaefb80f606df0cfc97
- SHA256
  
  32a7f2ad6b0fd69d71b1ce9bfb8a0523bcc4a4bd5555ecbaa7cd60d62a53649b
- SHA512
  
  94e52a7b4d5ed1e8984a964c1213dadb76d97493dbb579fcc7fbf87ae6ef9e280a2b78f2d43e869ec5deda66efa3d8298d0ffa2ae61b9d1d37ccb30e5c559eb4
Score

3^/10

execution
behavioral1 behavioral2
- Target
  
  sitepub_beta_1.0/admin/includes/soft.class.php
- Size
  
  29KB
- MD5
  
  03c992f1df92ead0d68fc640d5c7c6e8
- SHA1
  
  fb7f2fa9e3999d3f676fb9e8fd17ca620bd84c04
- SHA256
  
  d0bac0a10b3ef1a1475e532ae194fd168184cb25db716711a5fc73b6bc8a8880
- SHA512
  
  d168592d90361322b7b7a1ae889f5fafd27e59018542c324fca45603f61997285384f6b9ba93d7860e20cf1c703ec5a8465982b839827462294264c1944d6d4f
- SSDEEP
  
  192:7zGQq3L7eXK6znPJuGGC/2BOW3iGfr8EZYREw6p48TeKqEB9ZFE7F4z3KlPJuRLJ:7zzk6zbmgxYVz5Lmjz1/qtrz04D//
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  sitepub_beta_1.0/admin/js/FusionCharts.js
- Size
  
  6KB
- MD5
  
  28ffce3d22df89876bf80ca89da836ab
- SHA1
  
  7d2157edfa032a2ad870bd0f5364b391479da011
- SHA256
  
  2c0389e4b8b062d916ade5b60f20dbaa80f3632ce0fadcb53cffe7b699294526
- SHA512
  
  11c1c38620704782bf71529e0b26f58e81130570504f14c76d3ae2958fc68946f71319520adb5f9d028fb5562c58493861643ef3dc0ec6218a1904c17378ee18
- SSDEEP
  
  192:SW632yYdSd8zrzspmI42h3x1r0uJkny/YX1YxAOlIyfHMdn7qpyLCyA/tTG94:c8zrz6fsyw2jHK0
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  sitepub_beta_1.0/admin/js/function.js
- Size
  
  6KB
- MD5
  
  698cf5a5b615c0a96146b3eb56cf74dc
- SHA1
  
  41bed51280fb398ce925c8c37f46ff9749894811
- SHA256
  
  c360e83d0b035b4f1405bad4df287d6fc7b0480e8c5f7badf474794ba9121e23
- SHA512
  
  f6572cdfd73a465b711b60f7c062c6e404a2114473a8cf66b01617690464dc30d5556c4ad27f69d76aa69c3457364d44441f915efee4731f1c2c2cde0201ec9e
- SSDEEP
  
  96:W8jQ7IUhSdQX/tddj7VfTWEfYexPExv+Z08rGZZZC/JYfHS:5jet0cLZYZZC/yS
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  sitepub_beta_1.0/admin/js/jquery-ui-1.7.1.custom.min.js
- Size
  
  54KB
- MD5
  
  6aca1463e524484fbdbdc80f4b64fc90
- SHA1
  
  837944fe470225d7c72ed6c509bb8c012315cac3
- SHA256
  
  036fc256fa21e865ff278dd2938c38d965dc76dd3f4c02ba63cd19a6d40ef547
- SHA512
  
  eee17aa79806f6a46b6e99573e22f6f1c24e3b3bd4bd747a8e364a61ff639fef7b1e49393ca0383c987b028fdc0b91d27d9663fa81854ea7d409685a1c09cdd5
- SSDEEP
  
  1536:1cSg7ZzCYV3+a73e+YWIrdIvHe1GWgDlkiOTF6Afi:WJbIJIvHIGWO/n
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  sitepub_beta_1.0/admin/js/jquery.js
- Size
  
  55KB
- MD5
  
  bb381e2d19d8eace86b34d20759491a5
- SHA1
  
  3dc9f7c2642efff4482e68c9d9df874bf98f5bcb
- SHA256
  
  c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
- SHA512
  
  abb2ad8b111271a82a04362940a7ab9930883ecb33497a1c53edcdc49f0634af5bf5b1bc7095bd18db26d212b059aece4577f85040b5f49c4982b468fe973c12
- SSDEEP
  
  1536:+vnXSI+9Escogo5uW8xbm5sIacSs0DEHUjnqTDUBu6VCdZWa:w8gdzIF0oDUstZX
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  sitepub_beta_1.0/admin/js/jtip/jtip.js
- Size
  
  3KB
- MD5
  
  bd3745363df21054e0e4b6e0eaa1b37b
- SHA1
  
  5f38cd1ee5280f13f431f93065ae2f5173c9176b
- SHA256
  
  31eb261f764a62cef951af70c142b400d31c7d18180e8758f064ae1d33cbcb25
- SHA512
  
  5b0ea925f2877b495508678287c7eb3b41ea6006f9fe3d69692f73e9fdc7bc8743e9bbdc69d21d5b530dda2ce1eebfe50918742adebfe7c72c49ef86d677ec36
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  sitepub_beta_1.0/admin/js/thickbox.js
- Size
  
  11KB
- MD5
  
  2293b151a77599edf5caabffb3f6c291
- SHA1
  
  8f01d9d9cb8f3799340a6191eb0ff51aeb9a0b31
- SHA256
  
  1c36d19f266412cd4fcc60d2075c54a957c5fc3ad2e5dec75b51c4c16b8b58a5
- SHA512
  
  a0deab9afc60540d6b7a405e65c8d99c1aee34d1bacae4b62319857bfed3619b7eebc176085c5102de14b7157c727b8e52b693177542ba5f8b26e253f435d868
- SSDEEP
  
  192:9VGaRY6Csmy10k6ZLVn+8rk0ayuW3lqQJ5hZ/X+/s42dOAJl:/GuY6Uy1cLV+8rk0ayucqQJ5rO/oP
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  sitepub_beta_1.0/admin/lang/zh_cn_UTF-8.js
- Size
  
  229B
- MD5
  
  e5d62ea48deaae7d6cd2e13fecb0aa54
- SHA1
  
  19aa7046aefee0b45d89984b3f0331714a8be174
- SHA256
  
  bb0d41ba733d79d2ba65fc6964f52e8e28ea5f96493b868cd7d86cbe2044a501
- SHA512
  
  4b458f236affb9e942affed589dce0d809798b2aa87046e726eead0bf92aa6843ceb0c4e3f90f1c2587bcc15f557787557e26823fdf2f3762ccbe090597c3cae
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  sitepub_beta_1.0/admin/tpl_zh_cn_UTF-8/add_category_layer.html
- Size
  
  1KB
- MD5
  
  ee68c2db5e137654a0ed0b1b28a58259
- SHA1
  
  0d63ea248eb4ac4920b4b730289f02ee4024bc6e
- SHA256
  
  ba1f84c7b1d9f9f50077305f02c0ca76392fd053440402b1844f42c7ef8a2fe4
- SHA512
  
  30c5aa0a2db385f296ece8c502ab40debc67837b6506ee8c1917e5e2711aec1dc5df54a985871811fe5695b35f97bb0d6ce39aa56097fbbcc7ca5dcbae41f6cf
Score

1^/10
behavioral19 behavioral20
- Target
  
  sitepub_beta_1.0/admin/tpl_zh_cn_UTF-8/article.addarticle.html
- Size
  
  8KB
- MD5
  
  fecba96b1fdece18018515a93e060722
- SHA1
  
  682a5c25cbe6a8bcea9c91c6d83dbb2e6e124a58
- SHA256
  
  6f494af845f3d68d500cefc2b0e038ed4af40afa0ae81adb1d6ebf52484ca379
- SHA512
  
  ce6a6e3ceafa850871ad41be7de81294175279cec27501056e9996c2aa36512aba87a8b54a5f7a7c5acbcefe523693e5398f0655c532ac3a56331a0ef64644f1
- SSDEEP
  
  192:LF1opIvzvTeIvr5XvYWEYZmnpo10QI10/+YG1b3gD:LF1t7zFbEYZPpv83S
Score

1^/10
behavioral21 behavioral22
- Target
  
  sitepub_beta_1.0/admin/tpl_zh_cn_UTF-8/article.dlist.html
- Size
  
  5KB
- MD5
  
  9de667d039115e0a4c9330c93f88721c
- SHA1
  
  9d77229f537f7499f526b37ce8e1fcccf2191b90
- SHA256
  
  7d55e67dbee83c8ded2f7b4d2dd3adfb1b122b06a5283fed6cadac71c9b8d3e8
- SHA512
  
  054c6780ea6f1c54ee3ca0d33ecaa5a624e8237f6053d5098aa4bb0a1f44417979ffadd7e79b50ee9964cb30c6fbcde57f4d144278a3ec8d7985bbacf383d727
- SSDEEP
  
  96:xsOXoOBjkmU041mddmi/bcU6njmYzgLiWli/PqXPshoV22tCocoQ:eOX1umt418bHkQ4CkuV2KCWQ
Score

1^/10
behavioral23 behavioral24
- Target
  
  sitepub_beta_1.0/admin/tpl_zh_cn_UTF-8/article.updatearticle.html
- Size
  
  9KB
- MD5
  
  41960cc9013161bf9a56fd4f27edc6d3
- SHA1
  
  4d6cfa7da064feaf1c4d795b1cf920fd5745f355
- SHA256
  
  aaa2203768e5826e1af2d3cf6e3c753b8ed509c7de82dc76478eba91f3d61741
- SHA512
  
  b9fcf5fc95433fa8176af970d03b833dc2f9e0b66e396979afdf2a98e68eb9361e6a6b2f4ffded791584e57ac7a5b003c1cfd3fa7d63f738982626ce63cbb25b
- SSDEEP
  
  192:wqF1f2+vQERTeIvBJ5XvNjKBy8c7YYombpo10QI10/+YG1bZ/D:5F1dYElN85c7YYo7pv8Zb
Score

1^/10
behavioral25 behavioral26
- Target
  
  sitepub_beta_1.0/admin/tpl_zh_cn_UTF-8/block_set/block_art_box.html
- Size
  
  3KB
- MD5
  
  7302ab83af0a26f0ef3400daf2f6d58a
- SHA1
  
  025ef3b4f4c6fde9e25b46952336cdf9b1f90a9c
- SHA256
  
  564b154e9e52ed8004909092b568b37a28a18a44da5810d3ff6a651eaed08a06
- SHA512
  
  9557a40b0e1664c48be4b29bca57eb745c41ad5d860ca066440e0521ee2c639e88a0f06d0dc13461738ee37912bdb7de2847479bb9004baf3b237fa1904c5e58
Score

1^/10
behavioral27 behavioral28
- Target
  
  sitepub_beta_1.0/admin/tpl_zh_cn_UTF-8/block_set/block_art_cat_box.html
- Size
  
  2KB
- MD5
  
  8010a8baffc1ec902282d85847cb134e
- SHA1
  
  fd94922c38f7ae99a11ac4c8164c1b736f7bdce9
- SHA256
  
  42d3d0b11900634a9bc3580e5bb07a769d9f89b0d8f490d00ac3e47441059b21
- SHA512
  
  8bcf4b2d4e5872ac07f27bc589177b3e7ba2ec5b15b7ba50e9b09404b84fed1f92fec1835605e0ca1d965d6413c9377b5bb3b58c735302b0782e6efb6a229f9e
Score

1^/10
behavioral29 behavioral30
- Target
  
  sitepub_beta_1.0/admin/tpl_zh_cn_UTF-8/block_set/block_custom.html
- Size
  
  481B
- MD5
  
  56dc9329ea3432940f680151ec2175a2
- SHA1
  
  ccbd9221805e8afab7eea20305936ccb1e4245bc
- SHA256
  
  9b3d5eb9473829dac04ba428140c5823531c7efd2dde783c3fae289f66c0bd6e
- SHA512
  
  5eca044c5b2d4ab1d7625651596318da6ff9d0d9db419bfdd8ab06752d46a4dedfd77a05b6356a33e974ae09ab6d86da0796411f1768dc9b445723490a134907
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32