Overview

overview

3

Static

static

1

uc_client/client.js

windows7-x64

3

uc_client/client.js

windows10-2004-x64

3

uc_client/...ex.htm

windows7-x64

1

uc_client/...ex.htm

windows10-2004-x64

1

uc_client/index.htm

windows7-x64

1

uc_client/index.htm

windows10-2004-x64

1

uc_client/...ass.js

windows7-x64

3

uc_client/...ass.js

windows10-2004-x64

3

uc_client/...ex.htm

windows7-x64

1

uc_client/...ex.htm

windows10-2004-x64

1

uc_client/...ass.js

windows7-x64

3

uc_client/...ass.js

windows10-2004-x64

3

uc_client/...ass.js

windows7-x64

3

uc_client/...ass.js

windows10-2004-x64

3

uc_client/...app.js

windows7-x64

3

uc_client/...app.js

windows10-2004-x64

3

uc_client/...ase.js

windows7-x64

3

uc_client/...ase.js

windows10-2004-x64

3

uc_client/...che.js

windows7-x64

3

uc_client/...che.js

windows10-2004-x64

3

uc_client/...ain.js

windows7-x64

3

uc_client/...ain.js

windows10-2004-x64

3

uc_client/...end.js

windows7-x64

3

uc_client/...end.js

windows10-2004-x64

3

uc_client/...ex.htm

windows7-x64

1

uc_client/...ex.htm

windows10-2004-x64

1

uc_client/...isc.js

windows7-x64

3

uc_client/...isc.js

windows10-2004-x64

3

uc_client/...ote.js

windows7-x64

3

uc_client/...ote.js

windows10-2004-x64

3

uc_client/model/pm.js

windows7-x64

3

uc_client/model/pm.js

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    30832f197110bc4f93c9a75e87c18aa0_JaffaCakes118

  • Size

    2.4MB

  • Sample

    240709-qfn9dswajn

  • MD5

    30832f197110bc4f93c9a75e87c18aa0

  • SHA1

    df7a91be1e38233a4c6fc5defbecaa04078383d0

  • SHA256

    25dc162b4bc29225b8a9e384851cfbf8c3183239ed709ef91c27fbdad1007102

  • SHA512

    f3ee938c66914a8c6e538aeb40dbe17116b6569850c56c5cdfcc47d2c3dddbacabe170b3e88365e8d46deac7a565073148b2fef5526abbc95176f017e52fc43c

  • SSDEEP

    49152:HhLpjhXX/iV+MnoafUsfqII6F5cKLV5u8xgFaqVxyYqtYNJmRB2lYRgV2owhgu0h:HhLpd/Onoa51SKLK8GFaqVxyYsYNwRBq

Score
3/10
execution

Malware Config

Targets

    • Target

      uc_client/client.php

    • Size

      15KB

    • MD5

      588f4ba78a056f033c1221da8d7c420c

    • SHA1

      54cb0d46c60151440353ceb8e4d0958e27360ee8

    • SHA256

      c7ec59e0a60bf9e3ee3b723686fdbd905d6e0e85ebd562088f65c9b2666f11c6

    • SHA512

      12f761c033334079413a4b5614e354d2bbd09e547d6b7c4b62042f39bda850badb86a0ca7fd98fb9f504fa26c003d2b6b0c4790fcb7a60d5e7c1e5b014227e5c

    • SSDEEP

      384:CZfn7Rn+53A3npYMVWbtWvefORevpaLNFCKGm:Kft+53A3pYMVGkvefOReBaLNFCKR

    Score
    3/10
    execution
    behavioral1behavioral2

    • Target

      uc_client/control/index.htm

    • Size

      1B

    • MD5

      7215ee9c7d9dc229d2921a40e899ec5f

    • SHA1

      b858cb282617fb0956d960215c8e84d1ccf909c6

    • SHA256

      36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

    • SHA512

      f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

    Score
    1/10
    behavioral3behavioral4

    • Target

      uc_client/index.htm

    • Size

      1B

    • MD5

      7215ee9c7d9dc229d2921a40e899ec5f

    • SHA1

      b858cb282617fb0956d960215c8e84d1ccf909c6

    • SHA256

      36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

    • SHA512

      f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

    Score
    1/10
    behavioral5behavioral6

    • Target

      uc_client/lib/db.class.php

    • Size

      3KB

    • MD5

      fd7084c1f681c9578391a531a4b740dc

    • SHA1

      ecf4eec61a09efe5d760585b3ed6a1a7f0107e4d

    • SHA256

      7b65184e0a3e063515186b4f0baef62517e471776f5162a34b98a1ec9e12125b

    • SHA512

      de19f8b6f21cfffaac94ff17828609d8c59c839542649d11267f957a75a0af219343749323c97e624f342907e5edd421857959773ee090b5cc5094958a376323

    Score
    3/10
    execution
    behavioral7behavioral8

    • Target

      uc_client/lib/index.htm

    • Size

      1B

    • MD5

      7215ee9c7d9dc229d2921a40e899ec5f

    • SHA1

      b858cb282617fb0956d960215c8e84d1ccf909c6

    • SHA256

      36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

    • SHA512

      f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

    Score
    1/10
    behavioral10behavioral9

    • Target

      uc_client/lib/uccode.class.php

    • Size

      4KB

    • MD5

      3745e7a350b1b4fbbdd124db3053b8c9

    • SHA1

      77a38f780fa8ef7201d06768617642c0b727359a

    • SHA256

      26c3a22a707e704f36782a9a66536ac906fa6673bc8a1f0d733a245fa9e26741

    • SHA512

      13ee162c0c67e4a7866ec9ca52815599ce65186213e90370cfe7d8e67257337a7d8304041fb410577a6493755126cdd7c5b910bd813cd53c41fafd08d0e3dbdf

    • SSDEEP

      96:N1F67yi+k/Gi0fiGo22RaXhtgVG52vS+omKZR+XM9lWdar778ba+pTOK0egd3:LVpjqGd2RQtgVG5AvM+817g++pTs33

    Score
    3/10
    execution
    behavioral11behavioral12

    • Target

      uc_client/lib/xml.class.php

    • Size

      3KB

    • MD5

      eaeb4f7ad334a04956cbe2d25dd7b3ae

    • SHA1

      2cb4cd66c7ae8001c5be99b1a480ac1636abe8aa

    • SHA256

      453fb8d6308ea083535bbab4f20910d7404200be2af4658b4c9d7d509765e36a

    • SHA512

      f7560ce82993ea2a34f9fe168d1f94378a30d30c9c9f5a7a15af3e8621108a6ca881ed39fb8a03b4053cbdf6db3c059de19ff5fb7e7f568a401cdd73b38dfab3

    Score
    3/10
    execution
    behavioral13behavioral14

    • Target

      uc_client/model/app.php

    • Size

      537B

    • MD5

      5818cbc8c0abd1cadb021136c567a64b

    • SHA1

      d7a50ce51bdbca15e9203bb5b70a4a7418f8bc32

    • SHA256

      794590895b217eabb1b51e3fff86bdc35ba47712f349ec02efddf0d33b293b97

    • SHA512

      5d002600e7318d8daf89832ab79cd729760221c42a72216d484f797ae50e3e49ac76358df4abfd5f8fbe26c9616c401b1a0cc362712d9ed6fa7ef2e6b33469f0

    Score
    3/10
    execution
    behavioral15behavioral16

    • Target

      uc_client/model/base.php

    • Size

      4KB

    • MD5

      66776d2ccf31e775ec7ddabce5b945c7

    • SHA1

      f434180e4e422414d6f25ad720c7064e95915614

    • SHA256

      2bf5838943738030aec28290a731526b7a628424ffe7035603ab406459e3fbca

    • SHA512

      2ac2e14b7ee5c8ec2c39d3aa4d384ec6b590564ae405f7378e117a4cc1e5fa0535fbb38cc36a2a119ddbf633efc7a6bd8daaf05a7490c234c5c79b01143a6943

    • SSDEEP

      96:NfgWwwbxtIWW3L7pUilV11zbiDpg/VUxcYmVl1/BQ6k:eWfNt5QK01f1YSBzk

    Score
    3/10
    execution
    behavioral17behavioral18

    • Target

      uc_client/model/cache.php

    • Size

      2KB

    • MD5

      f24cb0ee0ba39b15f4bce6cfb77a4143

    • SHA1

      463fc17d424d4fbbca1a671088a543e9ad71f087

    • SHA256

      451bf64ab5de94a852aa4314ced1a0424a53e6af725796f0fe147cee7684f45b

    • SHA512

      b8d9b9efff203e886425be9a9c7c7449b777982e70e7a9439a1aa7dd51677ec3305f9a345d9c0769b19009a9b9c2037d97c8a46d92f92d4c40b060b7ea756dc8

    Score
    3/10
    execution
    behavioral19behavioral20

    • Target

      uc_client/model/domain.php

    • Size

      1KB

    • MD5

      6b21963d690e7e2ee01a47358dcffd59

    • SHA1

      76e5dba9c48868dc4c7468e2c19f2b00116a2212

    • SHA256

      436ad8dea1ca43ce4d1091a4796fb7ca4e6f1505cc827df64c7c6ef57bbf4126

    • SHA512

      e919bd901a5a0d78da48da88dd5acc007e2b86d8f3c55efdebfdf2889f4d5867f756ef6501ceba4601ae5bb9a01854b5fe39ce057cfcc770727b7d8c62d698f1

    Score
    3/10
    execution
    behavioral21behavioral22

    • Target

      uc_client/model/friend.php

    • Size

      2KB

    • MD5

      c0a3e2ce8831473f3a919e183ba04227

    • SHA1

      dfa8e82c48695c818942f3b9cc5afb7b7d0e79ee

    • SHA256

      45e76b8d098641a6a0ca41d14b7b2620569dfb5a85b42be5cc97182be88abb51

    • SHA512

      27d5fb4d521392cde514651190410196c51bc0bad6e3034bc388ba01ce039c0306835828268d68b15ca0d855e2d1950635e4395b2897c471ef40fc74866dbd3e

    Score
    3/10
    execution
    behavioral23behavioral24

    • Target

      uc_client/model/index.htm

    • Size

      1B

    • MD5

      7215ee9c7d9dc229d2921a40e899ec5f

    • SHA1

      b858cb282617fb0956d960215c8e84d1ccf909c6

    • SHA256

      36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

    • SHA512

      f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

    Score
    1/10
    behavioral25behavioral26

    • Target

      uc_client/model/misc.php

    • Size

      1KB

    • MD5

      86fdce700aac2ac34a7a6cbe81c40127

    • SHA1

      2da78a14d03c35894f4d029dd2a6b22cccb2dedc

    • SHA256

      b215ed1e9922c19a83a43e9bf273ac41fe0d75ec278b1944007d9a924801b370

    • SHA512

      57b09471a73fcc9cdb68c111a117a1bef7d28b2834f3377f94098f5df56bb6c1036aaf23d64769d0c7ab0b01de74d80286108467cc62c8173665d6325a3ade06

    Score
    3/10
    execution
    behavioral27behavioral28

    • Target

      uc_client/model/note.php

    • Size

      5KB

    • MD5

      7aeaecaf0ccbe5a26fa8b36533a80b35

    • SHA1

      223a9e21c4e5c8c171442d3f629b727b0f739254

    • SHA256

      ce3d4f3ec852138b658cb39b8dc0220d598f97ef81eb9b59e5ae311964e8bef8

    • SHA512

      b4f758b09d7783538f31ffeca2e1fe49a31e4402df2ef303aecc1b50996d17a20eba8f016a30f65d800a4271ec80c1a3b57156316cabd022c9aa6053f8f3bb40

    • SSDEEP

      96:Nh0wgdWFmI+eHif8WozlsLqTHTwN8s8r8hWIo/yV6IXZG2afuEMIKUUrORhmFSCJ:EwgdWFmI+eHif8WoxbTzbsvW4ZCM6G

    Score
    3/10
    execution
    behavioral29behavioral30

    • Target

      uc_client/model/pm.php

    • Size

      10KB

    • MD5

      e92eabdde9cffc8ac33eb0f22242d56f

    • SHA1

      62b04fce5fbf92afc3aa7f007081eed7c8391084

    • SHA256

      c2fca7f29aa2708af12618ed759ce38da5b7eeaa9ce7757a36780a6b8908e6dd

    • SHA512

      7998a4f451588fb2436e8e5cf4269f49d72d1af52de38fa76bea8f8d215c7f2b45cdf6534dbd6e968b8d0b1e31c0976167314d24e3952dc87bc192b722a90f79

    • SSDEEP

      192:DjIwTdCxZlbrjlSF3m6hqiMkbF9U9UvinofN62g+Xf:DjIwTdCxZ1XlS1NhpRi8ih+P

    Score
    3/10
    execution
    behavioral31behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

12
T1059

JavaScript

12
T1059.007

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

4
T1112

Credential Access

Discovery

Query Registry

3
T1012

System Information Discovery

3
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

Score
1/10

behavioral1

execution
Score
3/10

behavioral2

execution
Score
3/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

execution
Score
3/10

behavioral8

execution
Score
3/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

execution
Score
3/10

behavioral12

execution
Score
3/10

behavioral13

execution
Score
3/10

behavioral14

execution
Score
3/10

behavioral15

execution
Score
3/10

behavioral16

execution
Score
3/10

behavioral17

execution
Score
3/10

behavioral18

execution
Score
3/10

behavioral19

execution
Score
3/10

behavioral20

execution
Score
3/10

behavioral21

execution
Score
3/10

behavioral22

execution
Score
3/10

behavioral23

execution
Score
3/10

behavioral24

execution
Score
3/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

execution
Score
3/10

behavioral28

execution
Score
3/10

behavioral29

execution
Score
3/10

behavioral30

execution
Score
3/10

behavioral31

execution
Score
3/10

behavioral32

execution
Score
3/10