Overview

overview

3

Static

static

1

fafatong/404.html

windows7-x64

1

fafatong/404.html

windows10-2004-x64

1

fafatong/a...x.html

windows7-x64

1

fafatong/a...x.html

windows10-2004-x64

1

fafatong/a...tpl.js

windows7-x64

3

fafatong/a...tpl.js

windows10-2004-x64

3

fafatong/a...pl.ps1

windows7-x64

3

fafatong/a...pl.ps1

windows10-2004-x64

3

fafatong/a...tpl.js

windows7-x64

3

fafatong/a...tpl.js

windows10-2004-x64

3

fafatong/a...tpl.js

windows7-x64

3

fafatong/a...tpl.js

windows10-2004-x64

3

fafatong/a...pl.ps1

windows7-x64

3

fafatong/a...pl.ps1

windows10-2004-x64

3

fafatong/a...pl.ps1

windows7-x64

3

fafatong/a...pl.ps1

windows10-2004-x64

3

fafatong/a...tpl.js

windows7-x64

3

fafatong/a...tpl.js

windows10-2004-x64

3

fafatong/a...tpl.js

windows7-x64

3

fafatong/a...tpl.js

windows10-2004-x64

3

fafatong/a...pl.ps1

windows7-x64

3

fafatong/a...pl.ps1

windows10-2004-x64

3

fafatong/a...tpl.js

windows7-x64

3

fafatong/a...tpl.js

windows10-2004-x64

3

fafatong/a...tpl.js

windows7-x64

3

fafatong/a...tpl.js

windows10-2004-x64

3

fafatong/c...x.html

windows7-x64

1

fafatong/c...x.html

windows10-2004-x64

1

fafatong/d...x.html

windows7-x64

1

fafatong/d...x.html

windows10-2004-x64

1

fafatong/d...x.html

windows7-x64

1

fafatong/d...x.html

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    31b02c50b50710140644a1a9a811e711_JaffaCakes118

  • Size

    2.9MB

  • Sample

    240709-x9nnaa1fkk

  • MD5

    31b02c50b50710140644a1a9a811e711

  • SHA1

    8e8fa8a198d2b4427e487dc92fa805876617503a

  • SHA256

    6b7ff4b60d287c4c91361649b1c1dbca86da8d3089abb57a72cdd005d1a0dab8

  • SHA512

    a2f411fe21c7b157c0720af659d0d0a95cb0fd9d9ed4a29d604ee258c1e1725842040c0bc1f0bc98901cb9e5b6fc18333114018eee781aca70f418202c54a4d4

  • SSDEEP

    49152:zugC63c5pYAVdmCVdU8Viyx8TdHnsJy1AaxgLzVT7L7kzNwUdFUpsFV1J4KaqM:zVC63czbzd8TpnsJQAayzVHkBFUEV1ml

Score
3/10
execution

Malware Config

Targets

    • Target

      fafatong/404.html

    • Size

      2KB

    • MD5

      9e49b26488e6c06a925d7d482541ffc6

    • SHA1

      0145893ece0e0a4f87034a29c86f01d5d1b09a0e

    • SHA256

      949d1c3ef441a5785565cd9bab8c6fae89613d67f2dcc474b3d9937ee5fa2706

    • SHA512

      0f1f4814e813f297e2abb96559f4ee020a571640f4cf93db545b51a427165ef2f878f53acc62ff5961d18c202d8a6470b61e671e217edb616ea25a174b2577d9

    Score
    1/10
    behavioral1behavioral2

    • Target

      fafatong/admin/index.html

    • Size

      160B

    • MD5

      491445dc2c11376ccf5d7752882a5fd5

    • SHA1

      f1f70a8249a2af91e33a448fecc222d08fce2806

    • SHA256

      faf8f726a19a755826a8bff7411752a60f8f519b9356c0c4a66690c6974d8ae8

    • SHA512

      3ffdeeb166c81368c4c1dd0bf9b604c7207160a4f17573432ddd9f1c54f363e784afe29cdd7e9fdfd0cdff882c569cd79b6f429cb561fc329c77a6635dde417f

    Score
    1/10
    behavioral3behavioral4

    • Target

      fafatong/admin/templates/index_top.tpl.php

    • Size

      1KB

    • MD5

      3bd4a6da43fc7db196e9105b4ed3642b

    • SHA1

      55d5acfb1913e128f07807948febb8cd3464078b

    • SHA256

      a45c263191cf6027da1f2684115be29ab4a630f4321977194b732cdd450cb39f

    • SHA512

      a70a17009bc88633c0a0617729c36650ab9555b7b97e24542c21ca933f81d975884803f1302af489d07bf2e3551d250d9f5c6f089b8a09b50b37a98bab2a64d6

    Score
    3/10
    execution
    behavioral5behavioral6

    • Target

      fafatong/admin/templates/modules.tpl.php

    • Size

      1KB

    • MD5

      65b330b5418bbc61e371e886c8e319de

    • SHA1

      3de0a36181cd130dcd3a53c12447134c968c93b9

    • SHA256

      4a0c00fa74bf284ea20677f27dd2899f8c4285c3e384f461f2de62b9e81efa1a

    • SHA512

      e437be27ba21c2cbb0b971fedefe876703c1bd9a0a12376423db11da2ecf064acb6a99948ddcc2d01644cb4d9d011bbc9bd021686686c484b9a4e2c04ccc847c

    Score
    3/10
    execution
    behavioral7behavioral8

    • Target

      fafatong/admin/templates/modules_add.tpl.php

    • Size

      3KB

    • MD5

      30ee329fbc3fdba41582d8fedd843090

    • SHA1

      faac30e4a810d864a79b032cfc0d5acb7abbf75a

    • SHA256

      f818bee043dcf0c6c82c9d7129eab9f16dca7417891c63e539539671ee082a47

    • SHA512

      1d33f722ddf6c76a5f1cc798aeeb443577330ed2c93ce023998240a4ea2858fff10128ee7a96e892c61344ec9b1561f2b0f099d3a8865d7945c07d0bfd46b27a

    Score
    3/10
    execution
    behavioral10behavioral9

    • Target

      fafatong/admin/templates/modules_setting.tpl.php

    • Size

      1KB

    • MD5

      40be13649a76b5f64a64ae0cfb8ca334

    • SHA1

      7253e3160f1e4ff037daf0ee8d7bbf3f98e86329

    • SHA256

      ce5930d8a9ba0febe0eda990b59e4d73706c4ca810f2ba2c63a981650526e3bd

    • SHA512

      98e075cdc4fa271127e5efc03829c0fbcc8a415a5bee9457f9690cfa90aeeff1ae942c73c665a07ac2cb7fad71f58d8d738c685a0ba3e4f8550241f1b7c9ecfb

    Score
    3/10
    execution
    behavioral11behavioral12

    • Target

      fafatong/admin/templates/mysql_export.tpl.php

    • Size

      2KB

    • MD5

      d9bbf356cc4174c7c201a0272de33ba7

    • SHA1

      8180ac78f63a7bf9fce31553b4a9b6b4a5271866

    • SHA256

      20580015cde04275ebe4824b5b18c7f593f6c264bbc35c2ba210d6b6d96d3f22

    • SHA512

      1c8847a8483a3400408f8bd3ffb0ecd30220f3ab95c91161f56438267f032dc82a80ad5131adcf779c3c196e43d6394f879bb093834d2ce16bb1a5f4b8b1a401

    Score
    3/10
    execution
    behavioral13behavioral14

    • Target

      fafatong/admin/templates/mysql_import.tpl.php

    • Size

      2KB

    • MD5

      95dafd3760113a3e3407bd3b0a6017b5

    • SHA1

      3deaf7e6cd5e5446fa4a3c560b17fce2438ce02b

    • SHA256

      45ee54a4e22a043c36a143d7ca68845acb1dedd6d4d31b945bc68d39ce78976a

    • SHA512

      ab7a9ac40d7fe5cf40d8e9803697097f697ce36498e51b1df163dffeb59ff0b8c8137007afe1688e45dee982edaa0935ad1e07fa3a299d86aa6a7c3b92a7024b

    Score
    3/10
    execution
    behavioral15behavioral16

    • Target

      fafatong/admin/templates/mysql_run_sql.tpl.php

    • Size

      7KB

    • MD5

      94b1a5de79130aaa5520f380d48231a8

    • SHA1

      d55a3980d47995074cb1c3be0cea74ede5746e18

    • SHA256

      73b08805335f8a2bae56796985ed9796b9120da03cedb9aaed2639f400f2b005

    • SHA512

      5362af75399f5cfcbdf4878063dbbd236d56de80afa715421c22ede21682274eacb95985adc803697154e6cab1eabdc8ac50b317bc467ea36daf2c7291f79f81

    • SSDEEP

      192:MXkL71Sg2WYFyB37ISj5kFj8pAl2L+k1YQ1:Dl2fajkFC22FYQ1

    Score
    3/10
    execution
    behavioral17behavioral18

    • Target

      fafatong/admin/templates/show_message.tpl.php

    • Size

      1KB

    • MD5

      30ff555fa3f189ade8ca5c24e7c3a20a

    • SHA1

      74db10a29bd5e9c20af49b3298c2e4c1b8cd1749

    • SHA256

      2a83971a9c11cd4db50d9f43f38b469f9ac9f21808b83af425044dd20a427616

    • SHA512

      2571bf5d2fe059d97d7e125c94f7da68cfd2c1a83d45a38526204973055e814691f5e4d19816022b68be47a5130fafcb85ce8d9d8dc227eb07d129ac528fbae5

    Score
    3/10
    execution
    behavioral19behavioral20

    • Target

      fafatong/admin/templates/template_tags.tpl.php

    • Size

      2KB

    • MD5

      854a53dcfd1ec1c5e041730a1773981c

    • SHA1

      a65521a05352700ee7b8e68d76f5d10805424464

    • SHA256

      09af7f6d4b68ef8dc6f835099347e9797074ce80859b11750613df53f86ff607

    • SHA512

      be1d71c71bf3122e5d0393f13bfa481bf68472a26aef6c90a77fd88c4a9120942e56063ef9db050cd4502f9103f2b3813dbc5eb3aeea7131d1965c7d0a95571a

    Score
    3/10
    execution
    behavioral21behavioral22

    • Target

      fafatong/admin/templates/url_rule.tpl.php

    • Size

      2KB

    • MD5

      237cf5bf0f9fd7a4725fa1f427044a48

    • SHA1

      d8307ce6edf9f747fab60eace31f8ee1e44b003e

    • SHA256

      998c5d69ab421b331af362fdc640e1a2f33de76e1fec65472ff214d17743d605

    • SHA512

      607a1eadd2234160eea5517d87df387cd28363365a0f32c5691ae8e52cbae5332d07f8da0977b8479dd1bf9247445fb4b36a7744e3db99351384ed587f85dc0b

    Score
    3/10
    execution
    behavioral23behavioral24

    • Target

      fafatong/article/admin/templates/tag_get_special_edit.tpl.php

    • Size

      3KB

    • MD5

      a4a83896dc0bffc4b781560a89fbafbd

    • SHA1

      657617c030ca836fbfd3dd7f7e78b938182f8432

    • SHA256

      756653cf44bd0dd82d8383880e0db4a071badfa0c8ad982b44d247513aaa0901

    • SHA512

      8dbd3b5445bf3af8217c933bd04be3d0461af90ad2e57ad14e107e69641c4d57bdffcf439c02ebb01bb418e9f7664c28755d7c25ba884c2cd6184b798b732dfa

    Score
    3/10
    execution
    behavioral25behavioral26

    • Target

      fafatong/company/index.html

    • Size

      1B

    • MD5

      7215ee9c7d9dc229d2921a40e899ec5f

    • SHA1

      b858cb282617fb0956d960215c8e84d1ccf909c6

    • SHA256

      36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

    • SHA512

      f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

    Score
    1/10
    behavioral27behavioral28

    • Target

      fafatong/data/db_backup/index.html

    • Size

      53B

    • MD5

      968f5932ad8d646f7107b3d7557cb263

    • SHA1

      2046eea65ef55a157690e668c7f53a855d9c27fd

    • SHA256

      acd7778b3075dba7854b8f410c2577b557caa55ef8874d3e59029e73860b23fe

    • SHA512

      bb070043675dcade6a35996764d4f719f102bdfd3ca23b180e96a0da7bc4c7b39d237a17762a6c26eaa27d7811260551c78f332ef09af7fb85d051aa14f84749

    Score
    1/10
    behavioral29behavioral30

    • Target

      fafatong/data/do_not_delete/index.html

    • Size

      53B

    • MD5

      968f5932ad8d646f7107b3d7557cb263

    • SHA1

      2046eea65ef55a157690e668c7f53a855d9c27fd

    • SHA256

      acd7778b3075dba7854b8f410c2577b557caa55ef8874d3e59029e73860b23fe

    • SHA512

      bb070043675dcade6a35996764d4f719f102bdfd3ca23b180e96a0da7bc4c7b39d237a17762a6c26eaa27d7811260551c78f332ef09af7fb85d051aa14f84749

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

11
T1059

PowerShell

4
T1059.001

JavaScript

7
T1059.007

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

5
T1112

Credential Access

Discovery

Query Registry

5
T1012

System Information Discovery

5
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

Score
1/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

execution
Score
3/10

behavioral6

execution
Score
3/10

behavioral7

execution
Score
3/10

behavioral8

execution
Score
3/10

behavioral9

execution
Score
3/10

behavioral10

execution
Score
3/10

behavioral11

execution
Score
3/10

behavioral12

execution
Score
3/10

behavioral13

execution
Score
3/10

behavioral14

execution
Score
3/10

behavioral15

execution
Score
3/10

behavioral16

execution
Score
3/10

behavioral17

execution
Score
3/10

behavioral18

execution
Score
3/10

behavioral19

execution
Score
3/10

behavioral20

execution
Score
3/10

behavioral21

execution
Score
3/10

behavioral22

execution
Score
3/10

behavioral23

execution
Score
3/10

behavioral24

execution
Score
3/10

behavioral25

execution
Score
3/10

behavioral26

execution
Score
3/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10