4761e8891310f40ef568363a0323359bb7aa1d4e83e64fb869605ba3908101fc

Sharing

Copy URL

Twitter E-mail

General

Target

5aa43a2e5a6ff3ac3b433d257eb996dd_JaffaCakes118
Size

212KB
Sample

240719-f57rxsyamc
MD5

5aa43a2e5a6ff3ac3b433d257eb996dd
SHA1

642c5b6c6f3e22f1f43c2526138836975a0d8a14
SHA256

4761e8891310f40ef568363a0323359bb7aa1d4e83e64fb869605ba3908101fc
SHA512

b0ef044c509d928649224015179ca9b16fa9912801b5f904658df9531ea2f7dde077b551386554ed516556f7bbf5adb20fa1c0ea60d520848fe1032f68531a5b
SSDEEP

3072:mCkWaBlJMAxwo7pyIuD0/YT2RL2+wSTkD7ynUwVNYEXtA5+1:mCk5BlJxh0I/A+2+wHD9tEKs

Score

7^/10

Malware Config

Targets

- Target
  
  alert.html
- Size
  
  1KB
- MD5
  
  7c0b11a89b3495515da8f575c1274ad1
- SHA1
  
  b22650b073b7928e01d2881a6ae0c8fc6ec8c4ff
- SHA256
  
  e5d8f17cf1ae6bcc7fb8ea1dc761f98e3cbff2f3f81655e1e3fb827ab2d8b93f
- SHA512
  
  5cacea6c9fd0d8c87b96aa5cf2c4626e3de4fd845415b1cacba2f2a780db1d3c48cc1ba7122a3ee58e3271692fdc348db2fc36543facf9756b85f32df3aa8e8b
Score

1^/10
behavioral1 behavioral2
- Target
  
  bidvertizer.html
- Size
  
  3KB
- MD5
  
  478dc4c210388dc0b850a85a461029bb
- SHA1
  
  7cb3691839c2c8c71ee3dd2da2ab08c6bc3a878e
- SHA256
  
  2ed0eed68cde2cf921146ad92c5800251d7644c5ebfb296d917903b375d71505
- SHA512
  
  f342f00e46b614c4940173ab6ad0c07ebd556fb08cd47cd388c0fef0ec88518cded5719d11309c5a8a5c162a8c8e62c4f79e55a3202421ed479c291847a2b074
Score

1^/10
behavioral3 behavioral4
- Target
  
  code/advertising.js
- Size
  
  9KB
- MD5
  
  6e37df1cc8cf3f1241f7a21f8be023ad
- SHA1
  
  fb1f381d1f8ea68d21208cfa1454429552ad9e84
- SHA256
  
  cdc5eeccd0671066c88b4d817385518ee31ad858f71140cad22f93b329b79f20
- SHA512
  
  d7d708817ef39b53e8614c6b1e8ec78c15bb0b584e8cd222e827dbe0e2dec316f2d2ba760a2262e4fb919b5192a126f3229bdd1043a4138067b675da6bc0763f
- SSDEEP
  
  96:B59pJVh5ZDmf8SX4BB3jTYgVyfZuT9A2JwGll4Vo9EUMmZuF9A2JQqll0fiNAUH6:XPJ5Zu1XuDBaGlBKznjKqlDeyG8g
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  code/alert.js
- Size
  
  3KB
- MD5
  
  14f0a29a9df2dfa14b4386b504ca59f6
- SHA1
  
  48bd0d57b9d85864f6b4e5cf8b96efe1c1a7dded
- SHA256
  
  43a5c3aa33465e3b377f6aa12f555e0bf50bdab70c579085f63f7283f20cd6a3
- SHA512
  
  6d7ed221cc565925acbe7a2d2005f1cba8e6940c8928044c72934dacaf4983593d755dab715c0ddb372e90a05cf0f0298af4703832efb1a372afad2e5478b60a
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  code/animation.js
- Size
  
  2KB
- MD5
  
  e0f61d21a95e570cf4da4c2afe091b7c
- SHA1
  
  215b8ce02c7bc60392c3f42b7a2b387388057f3c
- SHA256
  
  8159a9f9f6be0d33a0d4d2e1de789254310d58818e8dc73f5c105d720c54f294
- SHA512
  
  61a1bc1462ce59128b7da789cc0ecf8eb453aca04fae9dc736f0d96f28d4694ed539e9e086a99c480d1cf493197c4213cd41a6aa4b654cd7cd7c347d51973c03
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  code/flyout.js
- Size
  
  1KB
- MD5
  
  fcad27370bcf34b671bd7349fb92c518
- SHA1
  
  cff5580c5e67e06067130f7f49f8ba2d22b8a2bd
- SHA256
  
  15654b012fd7dd2da78cd0f0faf0810e79ac1eeb17b35a770c06827a71b87cce
- SHA512
  
  4896a24a1a1bfae7a9b0d85a5d55c52da94bc387f9bdb2147c81d783a0950927ccffaf2abb3a254fa99caf4d545647516aa0d6c0d4de847afca9019bd1e97342
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  code/gadget.js
- Size
  
  6KB
- MD5
  
  38793e7f6d623479f89a86a442153032
- SHA1
  
  e9ee69a4b3b480fcbe64f1eca61723103906c024
- SHA256
  
  18493834c84c62e3d914e6bc52c085d62357ddbf84a1930470e428754581fbc6
- SHA512
  
  fdcb39774bf950bfef370dd09c6d3c80fc7743e8544fa4a1f350ee018902511f46a35ace6c4d99e74028799e4e33af86d1689def079d51ad614a0a1283aa11f5
- SSDEEP
  
  96:j7sgJgY0AoIyN7mwqGU+SufqeZd0Yl4YLGaaBLNQcrgeoKoofJPwD+/SHSSUc/LQ:eX14wqGU+Rn013hUYfv/QS9u0
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  code/heart_menu.js
- Size
  
  12KB
- MD5
  
  92c456485904a42d80a50b2c363172db
- SHA1
  
  394fb011c08c696521649a94b82d166bfb0e91e7
- SHA256
  
  f2fc765d269116f7f9d659d8898a5434139ad5b0400148c791c22cd2f3d75516
- SHA512
  
  9fac51451c8f6049655532b782c3a51a82dc00fbc4894233154aa211bbab08ecd88dc7cdca00d0172f35042ffcd4349725707f16f98b1f59b5f977a0456574fe
- SSDEEP
  
  384:eykyiy+ysyZyQyv4ya4uy8ykyiy+ysyZyUyM2yBEmF4yMLyyBWEFrrEN7EIJEW:57lZDAfvH/z7lZDALMxKcMO8WEFHs7N3
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  code/settings.js
- Size
  
  2KB
- MD5
  
  713556e9017a177fafedad493a219bef
- SHA1
  
  a0262d5770c80d7bf434ee204bfd7eaa74dc146f
- SHA256
  
  2dd85841ac6b0f330817892247cc0be0d2742d7f93f1e0a8d766199d3ea93caa
- SHA512
  
  c1d44a2a302f051b3db9d92094424dbe09fc70d320b4aecd2ce1a428999c26396cac659bf910bc92b04ce9838f346e3d78981a752abd8ceb1b57137421b0adf9
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  code/update.js
- Size
  
  4KB
- MD5
  
  f7b3b816486cabada4aa79ce8196715a
- SHA1
  
  e172f8654e699c714666f12a29874ee896f3d389
- SHA256
  
  b2ba54f3413625e50422bd200efe2d822d4ebd4e4e50aab55c0fa85e05392678
- SHA512
  
  d407e60909c68c10272df622873fec36ddc5817f8ed33d5ce8e478c439275705180ef7d8b62fdcd39132330684892762c205d98959000b43a9b1c4021975f823
- SSDEEP
  
  96:1I6eOXGaHq3IPLYep56IH354zN1kMyMZxx+nxvzhOUmS8eZ6:1IjjaHcIz7fP35UcMnExbmS8
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  code/utils.js
- Size
  
  1KB
- MD5
  
  1d91ad1d8cb375c09b0221e1a025a027
- SHA1
  
  1edf1dcb39ba016b4d073e548640004de7e5d92b
- SHA256
  
  0b6b22469d12a6d877236a61ad53f48a320ea474b93b2cfb2093288f92a75113
- SHA512
  
  732001b4e268a08d107afde92fc27371e28d954d689c113a1649ea2d26b0868ce4257f1b774c39ef56e066090e43c776e03daab5c35d32d0c4408a6ad83f588a
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  gadget.html
- Size
  
  8KB
- MD5
  
  4ff00b50a887e90f4a3ad37338fc50fd
- SHA1
  
  1f2b306737bf989b3860790bb095cb54c3aae97a
- SHA256
  
  cde092885e9c5d7c0777ce27209cd6c365acd5babac97c88d76460410203a931
- SHA512
  
  d0a4938b185f70bcb6413ab159e07317ccac19e36555d44e027fe4ccc744f94cea8c48b04b79ac77ec66d04872219e2856a8f31152930bac2f58296753bef54e
- SSDEEP
  
  192:9LjIPI3JIPuObKdai/pWia2pz/KotsuUfTmsv6n4DAM3uczAWAd8PUw+i:pQKH/pWspeuUfTtv66zFAd8Pf
Score

1^/10
behavioral23 behavioral24
- Target
  
  gadget32.dll
- Size
  
  86KB
- MD5
  
  fc731b91903a20243f4a67e39363fea0
- SHA1
  
  c826b26f72c2903a17f92a596df055e127336cf6
- SHA256
  
  87ac0ee1110ba9bb784ce6eecb4f2ce2d1d030e27b7720975e098dda4f62262b
- SHA512
  
  0d1373bbd204c838b145db94a6cc0107f52bed7ca75eb0a9b2a785cd78dbb347adfd810fe0cb5c5f0368c81f7c7e446c30bfe7c3d996612ea6c394989bff407f
- SSDEEP
  
  768:MuNzIJWjuJuQ1lTLhiEPjPkn6nSuSzGEAkPTbvLYapE9BSR12ikg7bgmkD6xIvif:ZJUTLxb+6nSQITnNG9s3kIalA5D/bG
Score

7^/10

persistence privilege_escalation
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
behavioral25 behavioral26
- Target
  
  gadget64.dll
- Size
  
  99KB
- MD5
  
  bb97a1f12083f49d0c337d1221448bab
- SHA1
  
  4f8e769bdce874fef3b715749c1568393dc62919
- SHA256
  
  c3a962b989beeaaee31127dc133a90c191e670be65894baeccbd5ae9637d4f06
- SHA512
  
  1578b273a9321439ebb7cc55e2523b14379666b4baec096900de31e39bc899b5de970bcbbce773c444e781f98134d09f3464426ca595403f1c31ba210d8b4a43
- SSDEEP
  
  1536:EWPVJJT8Sa48UU4w/rgQKcfaL30q/VDELarEzQ45fbYM:DPbV8S+UUDjg1cfaLhuLarEM45fbt
Score

7^/10

persistence privilege_escalation
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
behavioral27 behavioral28
- Target
  
  index2.html
- Size
  
  2KB
- MD5
  
  b19540322c62ed22b8d6c957a676897a
- SHA1
  
  9fde9cf8fb6acf503ecbfdc9458602ecb22f2da6
- SHA256
  
  8a5c6459908e519c1aabeaa5d144c45fed01050a2c4bb1dc2b0993de1ab09e0e
- SHA512
  
  47f5faa78c28409e6303ac3c92307eb06e312178b821afc83cd1240d59bd24d8d9c23456553130a023d6012724e43141d32eeb56de8305589b10ba6a16a3706c
Score

1^/10
behavioral29 behavioral30

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Event Triggered Execution

T1546

Component Object Model Hijacking

T1546.015

Privilege Escalation

Event Triggered Execution

T1546

Component Object Model Hijacking

T1546.015

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Event Triggered Execution: Component Object Model Hijacking

Event Triggered Execution: Component Object Model Hijacking

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30