35003b5301d02f9cfc84ea6ef0685a088376296f69de4c3d4c5d103ed64f5b54

Sharing

Copy URL Twitter E-mail

General

Target

1b28b5eeb4f96a2ad1e81d1a3d5aee8d_JaffaCakes118
Size

9.7MB
Sample

240701-ntb5wasgll
MD5

1b28b5eeb4f96a2ad1e81d1a3d5aee8d
SHA1

2caf6906b1ea52df2a03c17f7073fc0a3e4ed486
SHA256

35003b5301d02f9cfc84ea6ef0685a088376296f69de4c3d4c5d103ed64f5b54
SHA512

c7d674fa7711a3fa02f377d4a072dcdd1d21fd096a1966ba9f41e257736ccb3ca96f6b9becf7861fc3d91f42f06f4e035435dd894899828918beeefa5ca9af56
SSDEEP

196608:rrSbj1XpK3zVWWOWWmggccHu3OovP2ry2tghQCWcyAa2TJvWSsbtSdL:rOtXpGHiVcOeovP2NWaV7A+btSdL

Score

3^/10

execution

Malware Config

Targets

- Target
  
  hyih/Scripts/AC_RunActiveContent.js
- Size
  
  8KB
- MD5
  
  9b2224a10312f4ef94fca5bcefee5bdb
- SHA1
  
  46c525e5b491bfd94ded94351779553c6892c3fe
- SHA256
  
  7c70801a45befd1577f0467d26e1c922a96211003be5393a5b100fcd7617f674
- SHA512
  
  78a5b088046a4f476e02c5a0a331087c521e2353a8574888a13c1c8e16b07606f78e03f708198cedd98d1df0ef867a71fb63b9dd50a193eb98f4d6ee7e14d69a
- SSDEEP
  
  96:4wQrpaYZ42Bf0HHyDL7ULELdPJVvgJYxfHzx/zLi2N09ts92iy0e8A:VAaMf0HSDL7ULELd37hLi2Ip
Score

3^/10

execution
behavioral1 behavioral2
- Target
  
  hyih/about.asp
- Size
  
  3KB
- MD5
  
  9059c45915793b56ad1a65dd8a229463
- SHA1
  
  571cde45b279a18762a521235c7c7f9e3d5dfb88
- SHA256
  
  347a9a7ec06d90f7955ef993e0114d2a7b03a5b10558273c738e48f8e99d4572
- SHA512
  
  f576d14c3600704a563dc0066067df5400ecfce3aac0fd14dfd0ec11b3230cc3707aa70d6fe518bbf088d74b786ee17c4af0c51f365c56a0d0341db6f8a08952
Score

3^/10
behavioral3 behavioral4
- Target
  
  hyih/admin/Exit.asp
- Size
  
  225B
- MD5
  
  36e880e1457d3d307f80d355434ac13a
- SHA1
  
  31bb483cdf4b7f5b76b2ed56c4aab77637df2370
- SHA256
  
  2c70860a41b7aacbc3485ad98a1607eab27545a70bb5a628581167f6335b5556
- SHA512
  
  8c888dbea1ce26ea01a70af2f322576c086c35949dc3101b568cd1c71822088ff55e7b71d1a5f13adf269896ccdeac37d5d8088a5a79b2c04e971cfb8d9697fa
Score

3^/10
behavioral5 behavioral6
- Target
  
  hyih/admin/Functions.asp
- Size
  
  1KB
- MD5
  
  c225f697547fba6bd7a7ac7caa59e558
- SHA1
  
  aa24241df6433271f88f0980c42c4197a860f121
- SHA256
  
  b8bec64c7c0a72f438dc5192c64675a7096d817e3da0cf2ec224e4db4c013e55
- SHA512
  
  947fcb1fc9f09a0b934e2469f3e8a291153cad6c8aee207ea7ba463e69d3d58e75bf472c5af9f0bd9a2d727edfbe8621e080b3fe0e124b5d55d6c28c5ec839d0
Score

1^/10
behavioral7 behavioral8
- Target
  
  hyih/admin/admin.asp
- Size
  
  12KB
- MD5
  
  9c9b6a4d38a1604abd2d7cf880d64107
- SHA1
  
  85643b3d7712d404b516ea145d6900a85cac3744
- SHA256
  
  94da4c3a80a38dfaadc52530ab56c00da258ddf016d23dfb6fd0ef33d86e7aab
- SHA512
  
  59f7502dd042b494e0737b94c40ef3d198285d5978e291aa9cd5cdbbfbaf7a38d1c10065ac1c782326ca00f21ad31a4e3d61aa569d3f6a3a2c17cbc8915e49d4
- SSDEEP
  
  192:Tt2mNUovpEo41+F/QU454YXODEh1NrPTTiYyEFcDr2:JFUoRI+F472EVSY2W
Score

3^/10
behavioral10 behavioral9
- Target
  
  hyih/admin/canyin_classid.asp
- Size
  
  8KB
- MD5
  
  ec0ad74f6d19ae766dd568f3aecde5f1
- SHA1
  
  a907f47ba3f05f38d3428f1ebfd684938ce28a32
- SHA256
  
  2cc61f46ed7c1be11e748fd47b0119224310ded82b7d10d5a733981720c44f69
- SHA512
  
  0dd6634e9c79845b5707edf0ca54e3adec25a7b8ec25392ccb12da601e3c1f7cdc4b8851bbaa330921a1083b3ce9301ce5b784e1b07714efe800e32c96add421
- SSDEEP
  
  192:NwqWRfZuRNkWF3RFyc9/BELAMu6BbrjxtHVA4aZSBFmfH9I9xi:NwqkuRN3RFH3Mjb3rLpFoHKa
Score

3^/10
behavioral11 behavioral12
- Target
  
  hyih/admin/canyin_news.asp
- Size
  
  12KB
- MD5
  
  54482ab383f6fe17525f4204f92aaf12
- SHA1
  
  a9c475fd1bb20ba40ab1b51e9125b0ba8cfd542f
- SHA256
  
  4621278d165fe860ba96ca4b3c01fbbe38384e0b923762f152edb5c58971dcb5
- SHA512
  
  a2d0fc98a3e3cd17eef85fac3ad575edd5859d326891708cbef1cac2ed5f36f77b1bcd3ff80f664ba019d1657b57f1a53b569dff545cf6d7c633f83a5a60c9ee
- SSDEEP
  
  192:7F6XKgbgKGMEqF9TVwgFTCbvqhoaeYPTiTsTrRUEIAAWPNndInvP6o:AXJd3TFTypY+T0LL1RdKvP6o
Score

3^/10
behavioral13 behavioral14
- Target
  
  hyih/admin/case_.asp
- Size
  
  10KB
- MD5
  
  fa942d617d59bff92e7fdddcbd5da47a
- SHA1
  
  47d968b5153c7fbf2359b43f687fe6ca79b2fcb3
- SHA256
  
  7a8803538ee5cd0b6cd5ea6ed5631c442301f507f2584cb927b133c84b9b3769
- SHA512
  
  fd434f3ffa112d206d004bd94d52b1049953c59ff1b7fe81d363f806161966be8417f72c196b95ba181bcdda7269fed9348407b73525e664a6f49943472068ea
- SSDEEP
  
  192:uNRKC8mQ9hjWa43+2iOiGlF3HaOd6oWsgFKjf0HXRBTHigFKjf0HXkX7glaKC6KP:uNRw943+2iOiC6OeKjuvdKjuAKnKcM1
Score

3^/10
behavioral15 behavioral16
- Target
  
  hyih/admin/case_classid.asp
- Size
  
  8KB
- MD5
  
  ddcee7ac888e4fec4f1469f5f257e4dd
- SHA1
  
  a875fc9b4adef02906283c700d16bba5590fcea2
- SHA256
  
  bcdde24b7cfb1fb12a217c54d67b6869adf1912fc57894fdf7570b5e5257f959
- SHA512
  
  2304f7c2cbf281495062999e2887169ef4593d79ddeae9a236eeb75ad38f9388f3cd02679cfe74eef66db682bf24dfeeae4533512d7c27080c3105fbc94979d6
- SSDEEP
  
  192:8+qWOfZuRNkWF3cTyc9wodkANu6BZrJxzHGVYagASBYyVE+pofB9etxC:8+qDuRN3cTHPNjZN9DxYyHWBMq
Score

3^/10
behavioral17 behavioral18
- Target
  
  hyih/admin/check/CHAR.INC
- Size
  
  16KB
- MD5
  
  6faf031b3d44a989c120c4c6f2fbcd9c
- SHA1
  
  9269b7951ecc3787530f5fdc544d25d25cf1cd08
- SHA256
  
  1635d27a1b1bf07577ab865ed2c45ec7a7a4d1ef9863a2bb1620a649c6890940
- SHA512
  
  2be87174de3770039f711a077cbb6f16854144f4b3af1b71b3604ae7cd0b2659cb9d56030aca8fed2a3f4c3f54715d28817c946a4e29ed5738b62730b2da18cc
- SSDEEP
  
  192:32FaME1NxErD+m2FatnrD+rU+XMcDFjJkB0Jdix7K2uNGe42COwGnhwpiFYgBFn:3UB1gIgBBFn
Score

1^/10
behavioral19 behavioral20
- Target
  
  hyih/admin/check/Code.asp
- Size
  
  1KB
- MD5
  
  5bf0576476c8802b357a3e19dd91ff2b
- SHA1
  
  6ca31e4a3514d97077a75c7b5a0dbdeca68dc187
- SHA256
  
  ae0e441855b834264c772c81cce586888bfc7e07ed41aeb61838a21fc7a6ad7c
- SHA512
  
  76677f046f6636f4b1d721c1e22345c808e0e618c3a22708c0c0309af5ebedf3ccdeba94c2881b526200579dc701f580992d5e1c85ad8d44c97ccddc28fbf332
Score

1^/10
behavioral21 behavioral22
- Target
  
  hyih/admin/company.asp
- Size
  
  8KB
- MD5
  
  e6603693edb6e1032747efbb203452ea
- SHA1
  
  d734fe5f9ff427a4dd2b528d8e585228746c3ebb
- SHA256
  
  cec1cbc6cce515d2bc51bd0ede45b649003f9ddaf183a3a6149dba6e5b36d4fb
- SHA512
  
  7a1406d97329d26d5f1fc9c50b7fde3cbade048ccafc94e61aed5820214626ab1325b8ea0ab0e7bc334b39395dbe4c84d421ea70bdf56c33859a1a5af30b2744
- SSDEEP
  
  192:NXqWqi6uRNkWF3qFnAlkA9KZMt0FnMvc4MHKFYav07w9e9rC:NXqhuRN3EgV90MkJbiiwMs
Score

3^/10
behavioral23 behavioral24
- Target
  
  hyih/admin/conn.asp
- Size
  
  2KB
- MD5
  
  002856248e68d1bfaa7d953f51219b6b
- SHA1
  
  280068da3e6a426e1bcdfa0d71bd753daf16b489
- SHA256
  
  d5164d1988bf8092b5628120e0adbc9e59f4051ebddb01b5348b81058c18c2d7
- SHA512
  
  1117a5d0d649b35f9a8c6aba4724cd062ee2ab4a2ce4d5dfebb3e2df3ae6e8cef5a1ae1471bfee8c02c4aeb4f7ca4277a0d3fc629ef209f669c124a8aaf2d8f9
Score

1^/10
behavioral25 behavioral26
- Target
  
  hyih/admin/dddproduct.asp
- Size
  
  17KB
- MD5
  
  29b5ff4321359742f56c3ccc62bc4b5d
- SHA1
  
  b006c08e17191870a33d7df48ef054b66ef996c3
- SHA256
  
  3aeac715d49c056e575de52c382622222ed415b5712044822185fbe6144d3022
- SHA512
  
  35d95d29fb45885e06b6f06ed367b36fdc488b7ff0629c7aecbb73d5801ce24f399d3d1591cbfdbcf5f81dc605bd3fbfcf4218a55cb8fe395c7d4f1ed667eda8
- SSDEEP
  
  384:VkhEJO7RNUnYD7ENsB200UYg/CEBj4y0A0HlLgNP5:VfGQcxrn05MP5
Score

3^/10
behavioral27 behavioral28
- Target
  
  hyih/admin/dongtai_classid.asp
- Size
  
  6KB
- MD5
  
  95435b45c01f88ea0c680bbf02fc3069
- SHA1
  
  397e123d9674ae5e2b22a453e317a938d5a88c37
- SHA256
  
  429b575fd5fab69d4174da3920d131ab1373f97b631bd4f24bc7aa6f85048fa1
- SHA512
  
  835db585f439403e095f8b91dff75361e7f542a05b2d4203cf4139aeef367e416d3dfc892aff41d17f24b9f11b0981e6b3fd784ab1df56345aca9e51509af74b
- SSDEEP
  
  96:NIqWcdnYRPLtLicfcQ9+LRNkDg9F3RZyVe9/K+ZSFHVKw44aZspbFTxUZ:NIqWRfZuRNkWF3RZyc9/BQFHVA4a8xi
Score

3^/10
behavioral29 behavioral30
- Target
  
  hyih/admin/dongtai_news.asp
- Size
  
  9KB
- MD5
  
  f8fe8e5b19c2b2a5cec8d9b07fb8e435
- SHA1
  
  edbc8d63f371de4231e8969774a3f389f05e356c
- SHA256
  
  f8b7e105bcceedc656b1afeac6b8245baf8f647d40ba00e4fcece89ec091d43c
- SHA512
  
  89a5d94ba16a626eaa2e697ff9e633a69096095c5475a07c6dae6829fd4df4de5c8f028067c8d88eae660a3c2e42294b9464643eb429b6b956f004ff604c7b3a
- SSDEEP
  
  192:7F6lvgbgKGxRaLAGgF5CbvqFKrRUcIAAWX2qd2n3P6d:AlcW40h5y1/LxZdi3P6d
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32