Overview

overview

3

Static

static

1

upload/adm...x.html

windows7-x64

1

upload/adm...x.html

windows10-2004-x64

1

upload/ann...x.html

windows7-x64

1

upload/ann...x.html

windows10-2004-x64

1

upload/ann...2.html

windows7-x64

1

upload/ann...2.html

windows10-2004-x64

1

upload/ann...3.html

windows7-x64

1

upload/ann...3.html

windows10-2004-x64

1

upload/api/uc.js

windows7-x64

3

upload/api/uc.js

windows10-2004-x64

3

upload/art...ass.js

windows7-x64

3

upload/art...ass.js

windows10-2004-x64

3

upload/art...x.html

windows7-x64

1

upload/art...x.html

windows10-2004-x64

1

upload/art...ass.js

windows7-x64

3

upload/art...ass.js

windows10-2004-x64

3

upload/data/config.js

windows7-x64

3

upload/data/config.js

windows10-2004-x64

3

upload/dat...x.html

windows7-x64

1

upload/dat...x.html

windows10-2004-x64

1

upload/do.ps1

windows7-x64

3

upload/do.ps1

windows10-2004-x64

3

upload/gue...ass.js

windows7-x64

3

upload/gue...ass.js

windows10-2004-x64

3

upload/ima...x.html

windows7-x64

1

upload/ima...x.html

windows10-2004-x64

1

upload/ima...oad.js

windows7-x64

3

upload/ima...oad.js

windows10-2004-x64

3

upload/ima...ent.js

windows7-x64

3

upload/ima...ent.js

windows10-2004-x64

3

upload/ima...mon.js

windows7-x64

3

upload/ima...mon.js

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1a0677178bc7844ea406d4b9d0667c14_JaffaCakes118

  • Size

    1.3MB

  • Sample

    240628-n4faaa1cpp

  • MD5

    1a0677178bc7844ea406d4b9d0667c14

  • SHA1

    caf233ec858010dbc1c6d5070b2dd9e0f4c8bc43

  • SHA256

    dddf0f1dc6fbcb1db2c8fd1c4dc865c7c49e9d60cf21da244601a530f8608ff3

  • SHA512

    79f8ad85611999f3a9d604d674d8b94e1ead490b4af7f439c80d677db09e7b6dc0ac97490379000d6902b7b1ff45bb9e5e2834cd7483d543a94e04cf6751d6de

  • SSDEEP

    24576:fK0rK6+vRopSTkPP4yJCf2hCkGx7JwtpzTjD6J1Caa9hUog3OWpu8cXX6kq:KJ24yJQ2w7kz/DAC1XVW6nq

Score
3/10
execution

Malware Config

Targets

    • Target

      upload/admin/index.html

    • Size

      1B

    • MD5

      7215ee9c7d9dc229d2921a40e899ec5f

    • SHA1

      b858cb282617fb0956d960215c8e84d1ccf909c6

    • SHA256

      36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

    • SHA512

      f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

    Score
    1/10
    behavioral1behavioral2

    • Target

      upload/announcement/index.html

    • Size

      11KB

    • MD5

      eab444bec21420278aae8703b4be4320

    • SHA1

      c7b31d1016ef4d35d66fbf1e6279a2fa12b5f580

    • SHA256

      d5a7fbcf3928e2e5a6f98e2b12dcba559ada1ca01fb9c1ae7a3a6a140d59bc99

    • SHA512

      ba21e02eb2695bf66855afeafecca2c5a071c73c2907a27999f4a9563c607c6a457e57d77e8638fa0fd0c9d6aa0511192a843ca648b9ceed1d4f989d91b72f4c

    • SSDEEP

      192:SIPJzCNi+3eERCLNlODeLjCReT3BT2Ipt/stm:SIUNi+3PRCLNlMUKqpVpt/stm

    Score
    1/10
    behavioral3behavioral4

    • Target

      upload/announcement/list_2.html

    • Size

      11KB

    • MD5

      45c28f63610574a0074d54fbc6f4d3ca

    • SHA1

      fb4ce4391054590a1613decf08e8956c20cbc1b5

    • SHA256

      77f86994646cf71867385c1100843ebe1c7c4b0e6985ceb99e87cf85e739a229

    • SHA512

      c8ac5ed29284418f553241c4e8533fbac1e099f889dbb2ba0e36014fd4f8e0ec112784d36771cb2420c2feb0fd3abdcc00324e83cd5060b82e0e2107c266ef0e

    • SSDEEP

      192:SIPJzCNi+3eERCLNlODeLjCReT3BT2Ipt/4Luq:SIUNi+3PRCLNlMUKqpVpt/4Luq

    Score
    1/10
    behavioral5behavioral6

    • Target

      upload/announcement/list_3.html

    • Size

      11KB

    • MD5

      8595754fca97178fceef107e08cab571

    • SHA1

      91232a833eb1c8c83b79684c39141294c2e711a2

    • SHA256

      16a6591fdc14e599ab2c571485e92846d1b5e72dab5ca8dcf07fe248fde7c9b9

    • SHA512

      4e975cbe22c5933266cd9df233e0d98386641118af1e3ed4ebe2e49c9128efee2cbb6585365e7bc56b5bb83902479d8cdf5bbe2950e4aa123d8da591948bd994

    • SSDEEP

      192:SIPJzCNi+3eERCLNlODeLjCReT3BT2Ipt/5CfSY6MrH:SIUNi+3PRCLNlMUKqpVpt/5CfSn0H

    Score
    1/10
    behavioral7behavioral8

    • Target

      upload/api/uc.php

    • Size

      9KB

    • MD5

      7517a2123518707529aa6eb999987798

    • SHA1

      2a4d1239dbebf9af366e9cac1b59836a614b0c1c

    • SHA256

      0a1dbf8fed1e205f0fe134eb2a3a153b1d03d4d9e3e669a26fad08958c47ffbd

    • SHA512

      73f2990521eadedb1c0f845015b74419813fdd9905b8d0cfa35763c3262603731016fe26459708619cda39a7ede261e63c4f0dbcc7dca21512bda5e533df135c

    • SSDEEP

      96:JWlD8z4uAs5Llj+B+tQE1bvkjyg2j4yy8jeQMesOKqhpARzUUsw1qE1VZYtjOkMK:2ok0/As8+4/nesneRsOTlsGXxnN

    Score
    3/10
    execution
    behavioral10behavioral9

    • Target

      upload/article/article.class.php

    • Size

      6KB

    • MD5

      e173df33da96fb4a1a27ecda54db5aa4

    • SHA1

      a268012c199b3524cf37187adc699aee2730348e

    • SHA256

      04b0229db290665fb24e28bc97a8369d9f976359c600af315fd4fc033cc6175e

    • SHA512

      4e3c637ae57f56e680b6107f6cb5da6e3deab1057906ab3e2c993b7baac7868a35bd0fcf911c88324ea9a04b09e831b965851c4bb00f30b527a5d58785803031

    • SSDEEP

      96:k0wk9Zg9barmWDJg6rtx0eHRVsW5Wa7SWalr+V/diYUvg5R3SVrrFYyX:k0wva2E0CRVsuFOFqMFVX

    Score
    3/10
    execution
    behavioral11behavioral12

    • Target

      upload/article/index.html

    • Size

      1B

    • MD5

      7215ee9c7d9dc229d2921a40e899ec5f

    • SHA1

      b858cb282617fb0956d960215c8e84d1ccf909c6

    • SHA256

      36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

    • SHA512

      f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

    Score
    1/10
    behavioral13behavioral14

    • Target

      upload/article/tags.class.php

    • Size

      6KB

    • MD5

      cff171a58a5cdf571f2c03cab09200c1

    • SHA1

      a1cb8b6ca60474c6a4f95414ce3590d428d156c5

    • SHA256

      1463029a0f7bc798b639b4bad19f2f1f195481df94a5c7d46366c0b127c6ac38

    • SHA512

      51740f83deb5ff86469108d6fc0b31c71e48322da75eef472535a634f5978f9864036eba2eea34c3cb88349e689a13e976a1b16799300d55fe031369ad36e79b

    • SSDEEP

      96:39cfQUDkf9TAHARAoJkhPxQ8aYKgEGWTGGxQVVyPTdQZdQQ8dqePDFu6YdPDpXT/:3qcJyfWacCwPT6ZufhhaapPD0

    Score
    3/10
    execution
    behavioral15behavioral16

    • Target

      upload/data/config.js

    • Size

      7KB

    • MD5

      a1831bb5ede23f50af9005f968f222f7

    • SHA1

      3b54c33a83b39720c5f673437d84aaaacf2dd29f

    • SHA256

      862c359349dab0e8a141a606e0c0f6449993065f71ac2b6fcbb656ea06f00404

    • SHA512

      50bb148f04d14f298b34e6f3f70f6a87e0f0fb2189fb4e11ac5babe0b73074a77d56a47fd8a8cae196d5290a79bd2e1e61e6743294b57d168298cce46e8aa3ae

    • SSDEEP

      192:r0A3TFFD7VfietYG0hiXLjEC/jHeNk3C+tBiSpZR9CC48jV:Z3TFFD7n7Xd/Fh

    Score
    3/10
    execution
    behavioral17behavioral18

    • Target

      upload/data/index.html

    • Size

      1B

    • MD5

      7215ee9c7d9dc229d2921a40e899ec5f

    • SHA1

      b858cb282617fb0956d960215c8e84d1ccf909c6

    • SHA256

      36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

    • SHA512

      f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

    Score
    1/10
    behavioral19behavioral20

    • Target

      upload/do.php

    • Size

      16KB

    • MD5

      89baf729dad54ea3fcac79c23d08d43c

    • SHA1

      84cd8a6e25396f1a12410011d7f32f6acc38cd74

    • SHA256

      79e6d5478d804a53c13d1558a899cf4c64478a509f2d7223615c2d8601a6b713

    • SHA512

      6cd01bc26c1e366783e791551358c53c9a5ebf3336ab31d4d2789d9f6f133f1f8dcbe00f37b5dc1265f8dca65d0ad5831ea62d6e34bd4bf9d131f1ffd001c50e

    • SSDEEP

      192:S0muRK2XeGaCin4G/qzFw4G/TgkGlQUwfMqwy9zWj1M+:zmYs/qm/hGlTw0Z5P

    Score
    3/10
    execution
    behavioral21behavioral22

    • Target

      upload/guestbook/guestbook.class.php

    • Size

      2KB

    • MD5

      d25c14953ad57f52064b8e8d8f52561c

    • SHA1

      116e296df971162a2eeb91fa71d11b653bbb993c

    • SHA256

      cac5e67d875c766cf10584006fa27943a9f02ac51edc4e65323a2eea4513dff5

    • SHA512

      9055f387828b421df7e96afd8d60b93eb5713285f2e599065042f063962074e1aa67f2465b4864ffe437e6574219be839d120838c5d5d5451b1c6a2db809f199

    Score
    3/10
    execution
    behavioral23behavioral24

    • Target

      upload/images/index.html

    • Size

      1B

    • MD5

      7215ee9c7d9dc229d2921a40e899ec5f

    • SHA1

      b858cb282617fb0956d960215c8e84d1ccf909c6

    • SHA256

      36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

    • SHA512

      f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

    Score
    1/10
    behavioral25behavioral26

    • Target

      upload/images/js/ajaxfileupload.js

    • Size

      6KB

    • MD5

      ae081a18e5cfbfd009987c7eaf3a5117

    • SHA1

      944803757feae14b3f10d1b01f4eac531ac11459

    • SHA256

      cf9d2335cb6cff943abd506d3e103bf31f89e3aeaffd7e6de7c26b191fc3c41e

    • SHA512

      5fec509d80480da681e6695ce63dbfb1a68ee4bfba83a37bd64206b91c82017131ce23a471f3a13767de9d2eaa85511e784b7d7a57effe463ef5f6bf9014bf81

    • SSDEEP

      192:C9WcNC1XrOt7Yn0IXbE9mMhmlrGjMwJxy:RH1Xra40GbEcMhmpxgxy

    Score
    3/10
    execution
    behavioral27behavioral28

    • Target

      upload/images/js/comment.js

    • Size

      1KB

    • MD5

      5bc688f315c905e593fcf80ae3e4b7fe

    • SHA1

      3a53f0f165da29cdbc61ce6a518a87f8f4036ca2

    • SHA256

      58a897b13ed53f53df5805dfd4e0d96184a6efc42a0beeef00afb0c75637c4b7

    • SHA512

      9eb53ff9e154ba29d99d6b7262b42eea035e1475b5d3e773dc81eb1239c631d4da6ecf0afd5eda602bbc049553ff2193d389c4d3386628508b813b084981d0b1

    Score
    3/10
    execution
    behavioral29behavioral30

    • Target

      upload/images/js/common.js

    • Size

      2KB

    • MD5

      eb56bbdadf5862879141ae6c63c7a334

    • SHA1

      940c523a1dd897d849c830ad4866e50944ff9aa7

    • SHA256

      303891d490bdd03d8f4973691e79dfcd1e176e6e9970dfe9253b27892edc251c

    • SHA512

      8d925caea8b4aecb952986ff78daee7307847d1229af7630c24e33b6fa6b60542ea0ed1c785e14f86e3270e228be6f33833aa3e20cd1506feb6eb35c90ee62b1

    Score
    3/10
    execution
    behavioral31behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

9
T1059

PowerShell

1
T1059.001

JavaScript

8
T1059.007

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

7
T1112

Credential Access

Discovery

Query Registry

7
T1012

System Information Discovery

7
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

Score
1/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

execution
Score
3/10

behavioral10

execution
Score
3/10

behavioral11

execution
Score
3/10

behavioral12

execution
Score
3/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

execution
Score
3/10

behavioral16

execution
Score
3/10

behavioral17

execution
Score
3/10

behavioral18

execution
Score
3/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

execution
Score
3/10

behavioral22

execution
Score
3/10

behavioral23

execution
Score
3/10

behavioral24

execution
Score
3/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

execution
Score
3/10

behavioral28

execution
Score
3/10

behavioral29

execution
Score
3/10

behavioral30

execution
Score
3/10

behavioral31

execution
Score
3/10

behavioral32

execution
Score
3/10