52065ef4a6e7cd0dbf5e04c7131d43ba4e79e6dd1d0d3df6c2a4daf0acee5527 | Triage

Sharing

General

Target

5733ecd191ce28b9589ddb45cd450bc1_JaffaCakes118
Size

14.0MB
Sample

240718-nqxmeawglj
MD5

5733ecd191ce28b9589ddb45cd450bc1
SHA1

232784b1e132b163dcc828e6c865dad1b4f87ae1
SHA256

52065ef4a6e7cd0dbf5e04c7131d43ba4e79e6dd1d0d3df6c2a4daf0acee5527
SHA512

82993e17a4c5c0f88fbe7f20fe76a0d71c6da6c71cc47e5e32debb8a7ef3bd3bf3a0f2c19ec1f1233b70d1900219d72f41fa05966528b036fc0b6361a0084f59
SSDEEP

393216:61fDW0VDgeMKEkHp6d6c1VyhCQBzbRy6jsFiK1S8p0tBf3syG7I3I:61fS0VDdM0Hc14xFbRy6jI/uflII4

Score

3^/10

execution

Malware Config

Targets

- Target
  
  QQ农场牧场源码包V4.0/upload/qqfarm/data/cache/index.htm
- Size
  
  1B
- MD5
  
  7215ee9c7d9dc229d2921a40e899ec5f
- SHA1
  
  b858cb282617fb0956d960215c8e84d1ccf909c6
- SHA256
  
  36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
- SHA512
  
  f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768
Score

1^/10
behavioral1 behavioral2
- Target
  
  QQ农场牧场源码包V4.0/upload/qqfarm/data/cron/index.htm
- Size
  
  1B
- MD5
  
  7215ee9c7d9dc229d2921a40e899ec5f
- SHA1
  
  b858cb282617fb0956d960215c8e84d1ccf909c6
- SHA256
  
  36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
- SHA512
  
  f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768
Score

1^/10
behavioral3 behavioral4
- Target
  
  QQ农场牧场源码包V4.0/upload/qqfarm/data/logs/index.htm
- Size
  
  1B
- MD5
  
  7215ee9c7d9dc229d2921a40e899ec5f
- SHA1
  
  b858cb282617fb0956d960215c8e84d1ccf909c6
- SHA256
  
  36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
- SHA512
  
  f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768
Score

1^/10
behavioral5 behavioral6
- Target
  
  QQ农场牧场源码包V4.0/upload/qqfarm/data/view/index.htm
- Size
  
  1B
- MD5
  
  7215ee9c7d9dc229d2921a40e899ec5f
- SHA1
  
  b858cb282617fb0956d960215c8e84d1ccf909c6
- SHA256
  
  36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
- SHA512
  
  f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768
Score

1^/10
behavioral7 behavioral8
- Target
  
  QQ农场牧场源码包V4.0/upload/qqfarm/module/index.htm
- Size
  
  1B
- MD5
  
  7215ee9c7d9dc229d2921a40e899ec5f
- SHA1
  
  b858cb282617fb0956d960215c8e84d1ccf909c6
- SHA256
  
  36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
- SHA512
  
  f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768
Score

1^/10
behavioral10 behavioral9
- Target
  
  QQ农场牧场源码包V4.0/upload/qqfarm/source/admin/mod/quick.php
- Size
  
  2KB
- MD5
  
  113a3af0c31963c5df56f7fad16950d1
- SHA1
  
  f65b64d3ada06698ff54ec06473fa00923a07d23
- SHA256
  
  f888a75df7774e0e4b66a5addbebc9428a064f45b2fb9f170f1e53465a95dc73
- SHA512
  
  def2fa37a750dade2567526c2eaf64a13a3ddff5062dcdb21d3f256f22db2c3cf548b7e350b530b0c83bd40b5d82f1e813a614ff9781746a0b368d8535593786
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  QQ农场牧场源码包V4.0/upload/qqfarm/source/admin/mod/quick.php.bak
- Size
  
  2KB
- MD5
  
  f6e959b015cd3841c1197de9ca718058
- SHA1
  
  a4eef8662e10ce4416a5240ac9baac3c5446627c
- SHA256
  
  ad266627aa76e774e738ab6c09ca2884efbb9a1b95f6ed9904ba95797c1c092d
- SHA512
  
  88aeab26bec8fad326ebebad23e4242a25f2e9780a819e073df47fc5289a373c88a1a976dfc6039ec819495cbf3ec8d1f0e40b4c9afc7760878947dc572c0f5a
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  QQ农场牧场源码包V4.0/upload/qqfarm/source/cron/bad.php
- Size
  
  3KB
- MD5
  
  d8234ba6fa45bbac8aa664c4d2e99042
- SHA1
  
  c18d9e8b2ed6c4d45cb1892442639e7744534701
- SHA256
  
  4c788d593eb7bae4debbf82f1186209d8bb40e6d236791f296473fde2d032c42
- SHA512
  
  a8f51e9e44861bca11cecb9662100bccbc08b9793a465c219afb285fdee57e832e0039fb71fb0bfaff9311a997d3c48ee2e519218eec67da1ff4f49768bab547
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  QQ农场牧场源码包V4.0/upload/qqfarm/source/mc/mod/cgi_enter.php
- Size
  
  9KB
- MD5
  
  b1eba44c1ec770881f87b1eec8816a96
- SHA1
  
  846e5b7c574e428128079bc41e3bce9c5f7b8f18
- SHA256
  
  1bf7942e1935f15a91a9fe9654da1385a6ccb8093ef0d6700b75638777ff374a
- SHA512
  
  092e37b8fd54dc6104c93c836a367db5950d83a21e5993e8176074e92b017d39ddcd212ceeefb85add5f942e2455bda76ff1c26cfe9395bc9c06791adb59eb0d
- SSDEEP
  
  192:+33xgbhJ7u7Z9Odk6BS5pPoFV7Ff1FzyF7FBFCF+F7FmwFxFtFvXFgFIDj9xgPbl:c3ObhFMTQrBS5VyNjt1PbGzbK
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  QQ农场牧场源码包V4.0/upload/qqfarm/source/mc/mod/cgi_feed_food.php
- Size
  
  13KB
- MD5
  
  c7574ba1bd43f0743993ff27f1258027
- SHA1
  
  04327fdd17a20a1fc3675db0013b25de6c6e16cd
- SHA256
  
  8642e3dcf1f0c30eb435ea9b31f5cb77dc6567df6540046f59fe743a0c094bae
- SHA512
  
  7f6201eca8908ecc60277dc39c5d100b46440a4e561d0b7ad770a3c5b9f93493615a68b2e9d2ad447bd04e97a52101a22516aeb236ca90f8195af49476c6f27a
- SSDEEP
  
  192:ieq9+r5ayiI1UbIzJr9TvBS5CPWF2zFf0FzdFXFGF/F1FpFmfXFgFIv:ie6+rUyiI1UbIzvvBS5Ql1qtL
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  QQ农场牧场源码包V4.0/upload/qqfarm/source/mc/mod/cgi_get_animals.php
- Size
  
  137B
- MD5
  
  f493d6e3b672efe1eeefff68ea153f22
- SHA1
  
  8f469ca13bc90206d4395b6c5907eee2e2e7a324
- SHA256
  
  b0ba110ecad4337d60f2c9e204fc10ee414fa23de4faeaa6cddbdfc9e50ef20a
- SHA512
  
  4d9d8eb98e1469898ace122e3e414d11a2a2b3bad890d4ba052c04f73bad0209c631a4d315ea9581fb390fde52d4be6927d0ee14cbbd4c7ad6350979448d198b
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  QQ农场牧场源码包V4.0/upload/qqfarm/source/mc/mod/cgi_get_exp.php
- Size
  
  3KB
- MD5
  
  328e4012625d5422be5b10516c35d54a
- SHA1
  
  7deb458f7e06db5f0d14c672c2d7b825bae4001b
- SHA256
  
  aaefef609eb7b97c7d75ae8e1d868baf609af2655cc6add012863be9add0ad7e
- SHA512
  
  43aabb641c56beda8ab2f4dcb028970ee3ff4ee7ae0fb03799fc668fef30f8f44ad8b75740c1f67b2f2a8da6eb3d698a78ec3416838208cbdeae86822fd9330c
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  QQ农场牧场源码包V4.0/upload/qqfarm/source/mc/mod/cgi_harvest_product.php
- Size
  
  3KB
- MD5
  
  9ff060db37695f962c0640af46a81d53
- SHA1
  
  f0e96f3fa4929422a3ff784ff1a36298ed15b35f
- SHA256
  
  c269ad84d4a018aff66de11173923b0d8e8fae9570d173d12dd351115a1767e4
- SHA512
  
  815fc1400d79368690b41f0b9f1088135e0b454be802271d64f86a057ed5d076c5368760c2530dec4395726a0ffc4a998f9d8c566cc6203b0d06b987c634ecdf
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  QQ农场牧场源码包V4.0/upload/qqfarm/source/mc/mod/cgi_post_product.php
- Size
  
  7KB
- MD5
  
  e3479b84d3d80c0e6fa6c67559d2f6ce
- SHA1
  
  ef73be8eb80af25409780096a4e24fb658a8d141
- SHA256
  
  b5b76f16c9eb86302cdc1d5218f3ff8d734ceb8550c615cd2157bbd834f46fe9
- SHA512
  
  5a21510add5f5922f179dec9576dffd7281d69f79043987804b38d71644bd1d67ef5f502195311c498388f3690f9e3ace52aece0494bc433198ebe5d36b00a90
- SSDEEP
  
  192:gK7m/J7u7NfFGesYxmfFGesUfF+GesYeVx1F+GesY8U1F+GesYWqbpX8JkFGpz:gK7WFMyod3GoeVcGo+GorpMj
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  QQ农场牧场源码包V4.0/upload/qqfarm/source/mc/mod/cgi_steal_product.php
- Size
  
  3KB
- MD5
  
  08bf5ba87491d083d3fe7b30bf15c166
- SHA1
  
  27c99c638b1ce77d5f44546bd4fcf15275822d36
- SHA256
  
  52531c96bee9eb2ca8d2599d86e14afa6ac12aaf5f435c38c584e2c0f2503ed9
- SHA512
  
  c2a79b07ae43b9d8859a8bfcd755d6f183bd89ccd637f90942594abb9b0d4bd0feb141aa00d3a8931da5724cededb7deeb71da694db1f8ab6f3bb8c525234e46
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  QQ农场牧场源码包V4.0/upload/qqfarm/source/mc/mod/friend.php
- Size
  
  1KB
- MD5
  
  664f4374de654b30232a6596779b0e4b
- SHA1
  
  ed506f0715d05d9b64f49864a6840d8d7bd488b1
- SHA256
  
  8ba44e7d9e6186a80537201ffd516c14f97228f6a943c6a2e2ff1760e04379a6
- SHA512
  
  1fe5a539974d7823b4028e63803411d8e04ab00efb220d0431a6ec96bc84017ba2d3eb64009697c3c487c49eb3fc53fb05fc4cf3e060ba787ecd3b95b55d383c
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32