c5e512ebb15cd7c17075259a47db4a83484d6a502c33711b8604a96afedd6397 | Triage

Sharing

General

Target

038fc2139c83448f8158555366f84b4f_JaffaCakes118
Size

2.8MB
Sample

240620-g1x8cstbng
MD5

038fc2139c83448f8158555366f84b4f
SHA1

2814f39f2c2fe4dcf049139fd31e26afbda0babc
SHA256

c5e512ebb15cd7c17075259a47db4a83484d6a502c33711b8604a96afedd6397
SHA512

938562a00a0b844c839908aead3754adaa6ac5e0b3bcbc072dd88b2da34f063193a9c1bf4e9e5520e1b575f8fd7324b7a27e34c1e8fa2209d1250011df8b2530
SSDEEP

49152:79OHtUw2x1Y3aNxPz1rW8WtUkFI869j2cd1O5UMDOUAqSfdr1iYQZyw:5WtggaNxZaRFc2kuUMCd1r8YiV

Score

3^/10

execution

Malware Config

Targets

- Target
  
  BlogEngine/BlogEngine.Modeling/WebDependencies.dgml
- Size
  
  3.3MB
- MD5
  
  6aca14d547c45d1ce82d91ace200c9f0
- SHA1
  
  ee4a21b9950438ebf9f060a187d4140d76ecab17
- SHA256
  
  396db373ae123818c882e5bbbc6a44202cec89b0ce7368fa72cb2eaff7cdc39e
- SHA512
  
  58d83824b835183557fb449c7ca0b1a36bbb0b63b81ff26bfe46b71245075a9bc832ea9cc9862c9f570aeac2bd4c259cb956cc265788cb15d9b4b304cb1642b1
- SSDEEP
  
  3072:ovnbKid2dXcRmRybnzZFKhQ0ejYR33fbiXTUGuKT1OCyxwFEaL7anuHq9SU:Wnb0dX6zC7eMR33fb2ucm
Score

3^/10

execution
behavioral1 behavioral2
- Target
  
  BlogEngine/BlogEngine.NET/Account/account.js
- Size
  
  3KB
- MD5
  
  2860030307a2e1a46cd3a04969dadf3c
- SHA1
  
  4a5a979a5b7031be00028788a049b3e93581aead
- SHA256
  
  ca52b5dd7664417f690ca70b34eb051db3b25b2183dfedcb605fea7ac0853971
- SHA512
  
  a597f6b4e757d4c25a66170f262e8721c2f2c62390cb7fc66f636b82dc7fee9c339bface05e6e5b3f4fcd1b5c1a3886eca1a1d6621440f0c22294d0363fc2ac2
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  BlogEngine/BlogEngine.NET/Account/account.master.cs
- Size
  
  3KB
- MD5
  
  bcb10ba6670c0126644ff56523fb2071
- SHA1
  
  f5cf2c5a754bdf4f9162be6be81e2b30132ebc96
- SHA256
  
  079efdbeb2c0f9122ec3136055fd23b8d9d7dfd0aea68e320291d21d872f67bf
- SHA512
  
  82ec2e5f574124916c72e66108ea132bdb65aa37c109901a14166525e81be0cfd3d6dd7dd612cc523518f604732deb6980bb93090c44401d96347aab2ebbdb11
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  BlogEngine/BlogEngine.NET/Account/login.aspx
- Size
  
  2KB
- MD5
  
  11be1a965a2ae1f1235d27df1ca33732
- SHA1
  
  944ab273ae552d7ac7e5fcf62008ce23dea45a76
- SHA256
  
  c27231c860a967d34052313d8f1378ea11e4b2d010cc33a248e2650569438468
- SHA512
  
  36556052163fd9b528edd87482ccb18a002b2a990fad0c072b6485f4318a558be9de7157224a3b30fc93026b1e309365443cda22d89d3816919610d5e042e6ef
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  BlogEngine/BlogEngine.NET/Account/password-retrieval.aspx
- Size
  
  1KB
- MD5
  
  4ccec7069efb401a04cd1a683add9f3c
- SHA1
  
  282c9bedc99c90bb3c411159237165578cc7be41
- SHA256
  
  26e55825d71efcce7a46333bce397755324e4d4a060937b674764527d7e21c2d
- SHA512
  
  3afa57b19182e7762fff078efff665aecdb4a94e2ed900fbe99739abb750e9a70397cd334c6f143b25c6a5fc6e825fdb6005d7ea095c9bb1d23f051b21f9f7de
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  BlogEngine/BlogEngine.NET/Account/password-retrieval.aspx.cs
- Size
  
  3KB
- MD5
  
  c22049aeebad56a33fbb5e2a886ac23b
- SHA1
  
  e8cc32e5ea5bc8014fc4465b0b0155f40a1da635
- SHA256
  
  edc4dd0026b9c36f1d0bc9c6a133531ad14db899711715ad0f5c0894de2e47f5
- SHA512
  
  0b61d4e467cc7b3fd6a7e2bcb692804714ea1b5a03264f7cec45fd43be01fbf9aace5a806a1d283678214adbdd1db6d17b61abfbce518866264db40794976c02
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  BlogEngine/BlogEngine.NET/Account/register.aspx
- Size
  
  3KB
- MD5
  
  c3a68962b6cc0424d8448a60ba2669c9
- SHA1
  
  8a2d641c79b0ee98be35107297a3775200af6714
- SHA256
  
  4701c5d4a6e68d98d2a13dbaa1e0a84982a83ac3aca63e5788446b3fba253bc1
- SHA512
  
  5492b8d1bd8498a1a474086de579158d2b0154fadaf88e20ddf35ef088d0d2e9961a038495c1d4156098ce3ca4ca97cb339a19be0191ef022f11ef4c59368399
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  BlogEngine/BlogEngine.NET/Account/register.aspx.cs
- Size
  
  3KB
- MD5
  
  3748e67a55a643d7e9e351e37c9287e4
- SHA1
  
  3b0676a2dfc60cac65eafce0565bd7369414aeb6
- SHA256
  
  15a77b7dec75377f19e699870c5d17aea337b39c0c1276d1a5341ea1e6fcdcfd
- SHA512
  
  6d66e1f040642ee6a5e9817e2be94420e7a3c44bf684a3d8c0aa1d0deeb6c74b9e8b6d5420e1121fa3b2c17409337089045d41109953bb7ffdcee8f4524e3019
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  BlogEngine/BlogEngine.NET/App_Code/BlogImporter.cs
- Size
  
  13KB
- MD5
  
  9f110ec34ad8eced09d6ca58d118a37b
- SHA1
  
  a222b947868a3764b1ce18ce4dcf22d48784b2e3
- SHA256
  
  41b5d8e625cd06c2a537062df5ddc9fb883435de5d34cdae880a899c26607c66
- SHA512
  
  cc6d75b56002edfcd726641b7f4715394ba7398c54e1659349125bb572d2f8bd359bd920167babe3c723f7911be884949ffbd4d26b2845e53440d174953c08e1
- SSDEEP
  
  96:Ed44h4ipk2HFdUE43bpOdnl8c1sDu+qBeRW34YWgz36gJ5/7hpKrlLrDzAycgahR:OK+daNu11sQg61/z36gJd7MDaga7HfYc
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  BlogEngine/BlogEngine.NET/App_Code/Comments.cs
- Size
  
  12KB
- MD5
  
  9096497cd3e6f425e2c0ab9093730fb4
- SHA1
  
  0686adae588059b3a42df58832b31bd65c7cdc43
- SHA256
  
  4d762a6ffbf6ee2ff51665818deda4c3cbb510e205b10f9146f8b44dbcef04a6
- SHA512
  
  fcf6d13dd53fe57b680406cc2972c25cc7b2db586073114cf64c6fabf4c2e99e664672e4386a2b271d2427e4ab77aa4aaee82380472decc5d7e25bb2544d9031
- SSDEEP
  
  384:OWUffOpZiXVc7MRiXVT7OxKnlnKZlrGZ3lBX266O:NpZwc7OwT7JnlKrGN2TO
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  BlogEngine/BlogEngine.NET/App_Code/Controls/AuthorList.cs
- Size
  
  5KB
- MD5
  
  0d450293c5ab57b3e3b24764ec2ca08b
- SHA1
  
  aed692ed6a1d8f48595bce57f2d5c5f19721a48a
- SHA256
  
  7b3607aa7d542bc7ebbf836b898c5daa31048639c0bd3f7a0c01b009975daa12
- SHA512
  
  31495b44ced86e91a4f0316e53a2d727b942b1314e49694216f18d25e098020fb6a9fed07b6a084b0ef1f28c07256b5a7a0b2ff13d17308e72cefbee61b17e75
- SSDEEP
  
  96:n+r4kOyWk3S8adq8LmMjPqermlKUxqmNyp:1t44T+ip8yp
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  BlogEngine/BlogEngine.NET/App_Code/Controls/Blogroll.cs
- Size
  
  12KB
- MD5
  
  96db672b8638026dc2891ee84477cc8b
- SHA1
  
  b5e7b4595acd9c66e910e793971768574adca385
- SHA256
  
  f6d719bc2a0716d45ab03c08c1ff42416bdbcd3ef9cea4cf7eee65138efc2c09
- SHA512
  
  85af860c5af89c5d05229403afd985b8be85e392f843ffd2880cd32a8fdc3d09268980b4f9f05c3dc4c28790d86a17a18ad56572b7e0aa3fd3ec62c1a3319459
- SSDEEP
  
  384:HoW8oEPawJ4JaLPB7X8Wp1JQJhoJ4J4H2k8U:w7J4J0d8W7JQJhoJ4J4HqU
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  BlogEngine/BlogEngine.NET/App_Code/Controls/CategoryList.cs
- Size
  
  7KB
- MD5
  
  85c4d46dcc73ee927b044cd35987e15a
- SHA1
  
  f04cb495ccd8e4afbe39c2212c2aee1ddf0b94df
- SHA256
  
  1febc030ddd31afed89eadc4e3d41bd6a9b1b030f212c31712afcd3f3cc4bfba
- SHA512
  
  75031545e192e1cb6697e91f1bc5e31ef9faf885616fbeb36d60c3574400440de8575bfcd2bad4d4ad469c310b3ba6e1c4dbb220d88c688462f8f9c9db0f35b4
- SSDEEP
  
  96:xr44hk2HsyWLiQEP2tdqQLmdj9OEiaTCQcm9PnWTGqwxpzF+:pLImr2t4saZ1TCQcauJwxj+
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  BlogEngine/BlogEngine.NET/App_Code/Controls/MonthList.cs
- Size
  
  10KB
- MD5
  
  8ff6b9717dbc96fc3590e1a9ee3132f5
- SHA1
  
  710efc9b7df803cb446f5b756d1bd0a9288e9527
- SHA256
  
  b8ea3fd0645bf67eae00dbe3f6cd926580d4b9f5251598ba3bcf669f150a3487
- SHA512
  
  6feb6e6b0eb886a0ce3e1b341f6b89b0f340d1ceb055d9c5212fb9a874145ce60e9600a73c06666ddf44dab517c551699d56f40172622444abafa926e992a895
- SSDEEP
  
  192:bDvbafgEtxh4DttunmI4+ympKypFuCArcr+Wtog5Hl/v/sTnC:bDqgEt7stkmIRyCKyw4Kpg5Hl/vkTnC
Score

1^/10
behavioral27 behavioral28
- Target
  
  BlogEngine/BlogEngine.NET/App_Code/Controls/PageList.cs
- Size
  
  2KB
- MD5
  
  e556559f3c2a5e8b63a33b79889e39a5
- SHA1
  
  8331d4506e38107da9546235fd6dde1997f9e946
- SHA256
  
  7c9692ebd61f26a0f8cd695def4f337419e661dbf8f87e9780e8e6cfdc08e4f0
- SHA512
  
  1beb86a4fdacc8b6305a604cec1ad955117787562cfd11cf21a6aa66ff5bb2fdc12f84e910aedba92fb8b5b55708553367752f7e56b2f7150a1c33d547d5a579
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  BlogEngine/BlogEngine.NET/App_Code/Controls/PostCalendar.cs
- Size
  
  10KB
- MD5
  
  7a3d43b78c6674886dd89ad0e2993c77
- SHA1
  
  b69b0531f0df441dade2ebce321b23236cf6a5f3
- SHA256
  
  b54f2f996feea706a4b9f1efbc937f89b4cdf515ab73170bbe5099d6f9e1a663
- SHA512
  
  ef65f02d72d29729dbf11e891b7432b6fc72fb214342e57269945a3e5bf062e8b848b8df7db968028ffd2ee07c70b0176b84eb03176667f884b74b2dfa2d06e0
- SSDEEP
  
  96:Ir4k2H3sy9lbN+xZ8QKZbQukeFG5rDCdlYpzqlkZyKQ211yIp6cRHONsiOFGi7ll:flbNHxZbfBFGhGdlYpOk2zY9ln0Rpxsb
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32