Overview

overview

3

Static

static

1

upload/adm...ass.js

windows7-x64

3

upload/adm...ass.js

windows10-2004-x64

3

upload/adm...ass.js

windows7-x64

3

upload/adm...ass.js

windows10-2004-x64

3

upload/adm...x.html

windows7-x64

1

upload/adm...x.html

windows10-2004-x64

1

upload/adm...he.ps1

windows7-x64

3

upload/adm...he.ps1

windows10-2004-x64

3

upload/adm...ed.ps1

windows7-x64

3

upload/adm...ed.ps1

windows10-2004-x64

3

upload/adm...st.ps1

windows7-x64

3

upload/adm...st.ps1

windows10-2004-x64

3

upload/adm...st.ps1

windows7-x64

3

upload/adm...st.ps1

windows10-2004-x64

3

upload/adm...st.ps1

windows7-x64

3

upload/adm...st.ps1

windows10-2004-x64

3

upload/api/index.html

windows7-x64

1

upload/api/index.html

windows10-2004-x64

1

upload/api...r.html

windows7-x64

1

upload/api...r.html

windows10-2004-x64

1

upload/api...y.html

windows7-x64

1

upload/api...y.html

windows10-2004-x64

1

upload/att...x.html

windows7-x64

1

upload/att...x.html

windows10-2004-x64

1

upload/att...x.html

windows7-x64

1

upload/att...x.html

windows10-2004-x64

1

upload/att...x.html

windows7-x64

1

upload/att...x.html

windows10-2004-x64

1

upload/att...x.html

windows7-x64

1

upload/att...x.html

windows10-2004-x64

1

upload/att...x.html

windows7-x64

1

upload/att...x.html

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    06fd8d3ac12570f2c4d181da3163470b_JaffaCakes118

  • Size

    5.5MB

  • Sample

    240620-r7qrzaxdnm

  • MD5

    06fd8d3ac12570f2c4d181da3163470b

  • SHA1

    4c84b4874dfb8002f178da6efcb78ff2044aefd6

  • SHA256

    2de850318a35783244e4cbbb0d15901f866b3aaa9259b625837bf1a4b816b4f8

  • SHA512

    20be25c859793c1f2aba33c7dd04a76db380bc52820006d4ce2a793ae832bde5940fbd7f9dd0703576d6b5afbce6f579e6d7df1c3bec4bda8ab51fa2f2820ce9

  • SSDEEP

    98304:tfkQuDNmvk+jDHe3XmwARj4vCT69LVcusHz9OlUGPScF7xlK9ZZCQKRou:tfkQuDNmvk+jDHeXmFRjT6n+y7nlKuou

Score
3/10
execution

Malware Config

Targets

    • Target

      upload/admin/inc/menu.class.php

    • Size

      7KB

    • MD5

      6d4a934fc7bd21f4b1ab770b6095b116

    • SHA1

      2d86c3b619e3e9fd2f0dc7f79e11569a41716e9f

    • SHA256

      41c54a156c1131421ae462b858de416f023db51f7d2c5f757204c1a41e45a86c

    • SHA512

      be52f4445734b74c32366029a0949feabf02ded241890651aee50264cdf56b424f43684a0ba3f930ebc3ffeb46d14194156dfc8bcdea11f48b47ae3ba60a09ab

    • SSDEEP

      192:2CnY7FGH/qMw5u0kc0vpPd1ITAxmqwMYt+jgb:bYUvpPd1QqwMYt+Eb

    Score
    3/10
    execution
    behavioral1behavioral2

    • Target

      upload/admin/inc/navigation_menu.class.php

    • Size

      7KB

    • MD5

      cc9040214f65024285d2f617084ba615

    • SHA1

      a23f6aaa556221db6ec4c990adc7f4da7b8f82f8

    • SHA256

      3b29708c3d488236a616514fe3311c0d4526d163b1a79ae2b7b04a01c3c6428a

    • SHA512

      a72d1c6c81c62479c53b3477bce1d08f0d7fee03c5aeae0de97080c8d0b2d8ff046e52532348802bd2ce6e48d698595fced4ece6364ffb8b79a0c0840ef7a7e0

    • SSDEEP

      96:ZCkRGY1itGZ7DhnuraEvLI4t14N7S1zTAnxuLqwMM7kyQ3wjhX9t/SwKWZA/2LKJ:ZC5YyGNtuf+N7S1zTAxmqwMYaah+KgT

    Score
    3/10
    execution
    behavioral3behavioral4

    • Target

      upload/admin/index.html

    • Size

      1B

    • MD5

      7215ee9c7d9dc229d2921a40e899ec5f

    • SHA1

      b858cb282617fb0956d960215c8e84d1ccf909c6

    • SHA256

      36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

    • SHA512

      f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

    Score
    1/10
    behavioral5behavioral6

    • Target

      upload/admin/member_menu_cache.php

    • Size

      1KB

    • MD5

      a59565ec41aa128136a51a6b917b6b44

    • SHA1

      91bec8b6cc5a056ace10d2e17959a2178ee72742

    • SHA256

      287a698b1f35b7d8a1a7e0ffa44119e87b93c04d7cacfdc2768cc4d3dd90c196

    • SHA512

      0d4e0482391cb9368d6bdccb5b8175715e8c28e02ccbb3e4ece03f7b9a3c860164eaf22ad95201d10ca4b97b356f3d0f527ac7577d2ad7916992c0703e5dcda8

    Score
    3/10
    execution
    behavioral7behavioral8

    • Target

      upload/admin/memcached.php

    • Size

      27KB

    • MD5

      61da18822e55bc9f190861273bd1d220

    • SHA1

      ac82ac60f51e477c50142ed94a344d3bb11d3676

    • SHA256

      ef6dd2e59790316beed00eced9c74abbf6919d8dddf96f13589a326fb7e07840

    • SHA512

      0120fbd68b845580cc70db081f4540eb00aafdc1380d1f1bb1563bd326bab32cbf69e473aeb9554556abd98a448a3a5ed52831f3c0b0c21f79ac7b3c7c092639

    • SSDEEP

      384:fRSsRABCWQ1x1Y1sURabjaBi6QuDzwHwUwqwlW2kcz3OFZqSRf1SYfo2jDq:fRSsRABCdSgjkvQ7fNXq

    Score
    3/10
    execution
    behavioral10behavioral9

    • Target

      upload/admin/module_list.php

    • Size

      1KB

    • MD5

      31002ea01deed9c4bd278f32d1a5209f

    • SHA1

      56c3a44bcb1b969d1c85f4722630818cf5d6ee7a

    • SHA256

      cc2d9ec74fb9289a06676c81591043a8cc40449ad50745b8e43509611d228ebf

    • SHA512

      b5d73740131604345ff2d50f1a81617e74bb9566fc5bd8865a557a319c5e1291613adf9fb8037bcbd0f541e88c3ec84104494031e059a8ea0f25a8fa1fb5c5b4

    Score
    3/10
    execution
    behavioral11behavioral12

    • Target

      upload/admin/plugin_list.php

    • Size

      957B

    • MD5

      831642a62fb99c4379eaaf8643684d6c

    • SHA1

      c2142f3a88ee39f3fee2823de0badb111c16d3b0

    • SHA256

      575200407b93d7dd4947cc0be2eb3cb492796c95f344f64c4dcff5eb0fa0c41c

    • SHA512

      942ee1f4756c89ff0c2d7f8d621d58e64aa4f30a7bb9012a24757d4171e97c6e37e3110a4a3c578f4f7c36f6188029d0014ffc1683494e4d6fcf6caeb3de6e04

    Score
    3/10
    execution
    behavioral13behavioral14

    • Target

      upload/admin/system_list.php

    • Size

      1KB

    • MD5

      d70226e830f5bcac80bcf5a170266479

    • SHA1

      6c1e953d962281bb0b6dee78beb7c620c697c59d

    • SHA256

      87537ff46484e9a411189b7f6d497e0966ea45bd255b974ee582771e7620113c

    • SHA512

      9b1bf9e0d9e5329a082bd54d6c7d02fa77fb470380fe42c90d992c9ead44787487b50a6358ff474ce5f14941aba25b18d07f5a68656268650638446108b82b5c

    Score
    3/10
    execution
    behavioral15behavioral16

    • Target

      upload/api/index.html

    • Size

      1B

    • MD5

      7215ee9c7d9dc229d2921a40e899ec5f

    • SHA1

      b858cb282617fb0956d960215c8e84d1ccf909c6

    • SHA256

      36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

    • SHA512

      f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

    Score
    1/10
    behavioral17behavioral18

    • Target

      upload/api/member_panel_jumper.html

    • Size

      323B

    • MD5

      736120dc93f6ab155317ddc1fde8c091

    • SHA1

      3bd9130b4a25df8ea8d1c20204952a7852865cef

    • SHA256

      2deca3b1ba296f091c7fc28ccc2f091a8f874e54d49e840e682e461f93c6aac4

    • SHA512

      3e597327a165ee173cfef87f3994a3f34054cc9f02dbf1664843e62acd85bb0b3285d2fc84319b8df1767fdbad583a171fddf5cbc73ddb22593b51a520786841

    Score
    1/10
    behavioral19behavioral20

    • Target

      upload/api/member_panel_proxy.html

    • Size

      185B

    • MD5

      6a0b789d46b72442aac874a428cb640e

    • SHA1

      f60c10117d792cb3683e05b79686d5eac911a087

    • SHA256

      308651fea96bb0b01feda50126529259fa7b6c5b0c989953cf633bc63d670aad

    • SHA512

      e6194c18d47441fbfac214d6dde6aa342103135a0df92bb3d739ef5b92a05533e23125958ca9a9f4fed5ed39df41f4e4c68ac30aec715ddb537eeb94e768326a

    Score
    1/10
    behavioral21behavioral22

    • Target

      upload/attachment/2010_07/13_15/index.html

    • Size

      1B

    • MD5

      7215ee9c7d9dc229d2921a40e899ec5f

    • SHA1

      b858cb282617fb0956d960215c8e84d1ccf909c6

    • SHA256

      36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

    • SHA512

      f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

    Score
    1/10
    behavioral23behavioral24

    • Target

      upload/attachment/2010_07/13_16/index.html

    • Size

      1B

    • MD5

      7215ee9c7d9dc229d2921a40e899ec5f

    • SHA1

      b858cb282617fb0956d960215c8e84d1ccf909c6

    • SHA256

      36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

    • SHA512

      f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

    Score
    1/10
    behavioral25behavioral26

    • Target

      upload/attachment/2010_07/13_18/index.html

    • Size

      1B

    • MD5

      7215ee9c7d9dc229d2921a40e899ec5f

    • SHA1

      b858cb282617fb0956d960215c8e84d1ccf909c6

    • SHA256

      36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

    • SHA512

      f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

    Score
    1/10
    behavioral27behavioral28

    • Target

      upload/attachment/2010_07/14_13/index.html

    • Size

      1B

    • MD5

      7215ee9c7d9dc229d2921a40e899ec5f

    • SHA1

      b858cb282617fb0956d960215c8e84d1ccf909c6

    • SHA256

      36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

    • SHA512

      f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

    Score
    1/10
    behavioral29behavioral30

    • Target

      upload/attachment/2010_07/19_14/index.html

    • Size

      1B

    • MD5

      7215ee9c7d9dc229d2921a40e899ec5f

    • SHA1

      b858cb282617fb0956d960215c8e84d1ccf909c6

    • SHA256

      36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

    • SHA512

      f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

7
T1059

PowerShell

5
T1059.001

JavaScript

2
T1059.007

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

9
T1112

Credential Access

Discovery

Query Registry

5
T1012

System Information Discovery

5
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

Score
1/10

behavioral1

execution
Score
3/10

behavioral2

execution
Score
3/10

behavioral3

execution
Score
3/10

behavioral4

execution
Score
3/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

execution
Score
3/10

behavioral8

execution
Score
3/10

behavioral9

execution
Score
3/10

behavioral10

execution
Score
3/10

behavioral11

execution
Score
3/10

behavioral12

execution
Score
3/10

behavioral13

execution
Score
3/10

behavioral14

execution
Score
3/10

behavioral15

execution
Score
3/10

behavioral16

execution
Score
3/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10