0e9ee42b33d2ddd4d0c3c49181f02c7c22f64e478b363e1b7281f1296e73ae8f | Triage

Sharing

General

Target

5d315db9b82661d5af0020a7a896cc62_JaffaCakes118
Size

2.2MB
Sample

240719-xcw86avblq
MD5

5d315db9b82661d5af0020a7a896cc62
SHA1

7f7b24590ad8546f2df22a2d5fc7f3f646f4748c
SHA256

0e9ee42b33d2ddd4d0c3c49181f02c7c22f64e478b363e1b7281f1296e73ae8f
SHA512

691ddff84df6e949831f765d569877ea6461ec340c641d9f534339a28089265ead5803ed9cf656cdd6b06374c490efd2384dcd2f5249c314d0bd680febef9655
SSDEEP

49152:w3F2/7z1njishighecGRATXx0AzaUIispzUnOyPCX:wgBQGTKAzauspzNyPi

Score

3^/10

execution link pdf

Malware Config

Targets

- Target
  
  Worklog/Setup.exe
- Size
  
  27KB
- MD5
  
  73a1c468e6456474d92135e73b8fe2ad
- SHA1
  
  e3b5206037c741a6b3e7eb6964fa7fb446feeb18
- SHA256
  
  4fd0b44d7945ea747a53aac6c48e394a35adfa2384f3e2384206f271eca238d5
- SHA512
  
  85fffcecad26ed9f61925c281807c98f9d122f2659d44d11727347e2ac8357e80dfcec00baf73d9b67b6920286caacd564bbed45e9c7893754151fdfea0a3723
- SSDEEP
  
  384:FpkDw4WS730MdDjPDMId6jwmCYzpk+d/KJD56pkowxYvP96ulVDbeMcmvBZRZwqv:FpP230DpPCJDopYqDbxhsq1cwySmjb
Score

1^/10
behavioral1 behavioral2
- Target
  
  Worklog/Worklog/App_Data/worklog.sql
- Size
  
  132KB
- MD5
  
  d18b99e661ffbd9b89ddc0db3e17b79a
- SHA1
  
  f40d5fbed0d1d25094d05458fcd740cf24765c94
- SHA256
  
  c230b89165b211ce205b003ca0058b99df89fca12fcf31eb4e07669df560a6a4
- SHA512
  
  d6bd297f219c5ff64aa57441260ca6cce8534a5f98140b64ccbd3a286fbfdaf91745fb40033d1ff2440656e3487e60fe43e04aa86fc2b22ab15b7e3f1f875213
- SSDEEP
  
  3072:35/SJkoZgAGc5y1QMIqtuNDkd8OdiaoYIov9jvnOhV6r4gLsNEHIm1rUzjHHuB1i:A
Score

1^/10
behavioral3 behavioral4
- Target
  
  Worklog/Worklog/HTMLPage1.htm
- Size
  
  207B
- MD5
  
  ad59b31d499eea250f72495e7642ef77
- SHA1
  
  fef12d784f9f1ffa4c6977c738bbd2e3b401faf8
- SHA256
  
  bbfea887ce39bd9e888e7e2ec5d673bef40d188930974479cfd804928b3dfeb9
- SHA512
  
  f617b124fd8e20fcbda6f95f60c4fdcaafad3bf054f4535b118239e15bb5eb93c6dccc6ca910ed04285d4593494ffd4f98cf147764f52a2a1c38d75f0f1d491d
Score

1^/10
behavioral5 behavioral6
- Target
  
  Worklog/Worklog/MyProfile.aspx
- Size
  
  8KB
- MD5
  
  03263344aab4199b3504fb17a3b120f3
- SHA1
  
  5c96ad7a3298fb3530ad095db35adbd284b0f853
- SHA256
  
  5e5cb4cc0690edaa1c8a065cd55b5dcb8feca38364d1fe5e22fbf35107c85324
- SHA512
  
  5f2694d46026dd94c030a0b70da58be2a1edd59ccd380c6a61d6bffa19b2f1c9e4276ea949f8b4e7f8cebdccb64dd4860b54d3c93bcf6cc06785f650d9d76b79
- SSDEEP
  
  192:jrD6WSax9H/3jE8T9ZWETxKtJlhTL5TJITiXiD7:nEO9fzE8T9ZWETxKtJlhTLJJITiXiD7
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  Worklog/Worklog/Register.aspx
- Size
  
  7KB
- MD5
  
  a4e31785b4f1463ab9f5026a9191761f
- SHA1
  
  a61cdd84e39b90c53e659f51a063a2e8f9d85b70
- SHA256
  
  99711d8e1d4629c67503c00dc06a4e7086f6dc9cea5e63be86401f35c847e147
- SHA512
  
  325c0c48924a3f6a01f588445d1e556175f2b0f539748d055976bafa46636b1cea923d916ebffd022600028313f45214c309eae1f3f3cdbf452cd3ab2d5e12eb
- SSDEEP
  
  192:jguXoL6GaK9H/3jEzkFh9kWbFMkBpY9ZWETxKtJlprUK:+Xr9fzEzkFh9kWbFMOpY9ZWETxKtJlp5
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  Worklog/Worklog/Settings/userinfo.aspx
- Size
  
  6KB
- MD5
  
  1c95d2c4354698bb6435934a0ec3ee10
- SHA1
  
  a8fa5fc5a592a21397bf21b9ccf13f106bdfa5b5
- SHA256
  
  4724bcde113d81f4b6d3f82d8a54442c7921dd4264655e3d85ab53f7231526c2
- SHA512
  
  ebdd09f11f4db7ba8a4a778ffb10bc9d3788a1f471a73b517921aa7dadd8893cd59e766137ffed7dd2870fb26cc1ed3b7cadb1b2ed1a1fd92781dff03fab685b
- SSDEEP
  
  96:jDM6TW8XaB9H/3f7Ed2D9ZA7EiQxKjBomlprBBT8QmQKiy:jo6yUaB9H/3jE8D9ZWETxKtJlprY5b
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  Worklog/Worklog/UserControls/TopControl.ascx
- Size
  
  4KB
- MD5
  
  cb465403cc6fe8df3062ecb808c386e3
- SHA1
  
  d3c85c6bcc280c768048d9e96dc4d31bf5cf715e
- SHA256
  
  439e735d07ac0468b40ff725f8a2aa9b37542acc3263f1c5d458f3e115dcce17
- SHA512
  
  099fbf1750897313477c263f30aee2b339936b1fd9f7535adccbddaad6c1cb0b2f7c742a3faf057d61a06bcf08ca599b10a1d172bad3ef3a230ed00a03590563
- SSDEEP
  
  96:j8f1/EoZjE3zWRQV6n3cmXGDMmGhUWqqmGh09qmGhjsqmGhNjmGhN:j8d8olE3zWRQVyMmX7dpdLdndLdL
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  Worklog/Worklog/Worklog/Js/modal.js
- Size
  
  8KB
- MD5
  
  aac2e92dbe1d22c53083b052a9d99f24
- SHA1
  
  94fddf7f3c16331a28c604135565af16687814e8
- SHA256
  
  e8d2ac61a2ebb1a0bd46cd5b0bf4f1fe4946678490d8c0d2d61d58f1d2500992
- SHA512
  
  c9dfb1e6a650cb300804e173128a17a25670f4873ee5869c71527fea9bdb3de3351a190701b933398720f5835c3a95945dd5beeb21a11fc07b7828d1d052dc13
- SSDEEP
  
  192:afeVSwdLxwgiDwpwpPyW3wgrwdV4L9NdtrbmkT4xXfzpL4qEmNgcI6Hl8kusa:afYSWx1iDEoyW3wgryu9NdtrSkT4xXp6
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  Worklog/Worklog/Worklog/Js/recurrence.js
- Size
  
  9KB
- MD5
  
  58266a283fed12ef05c6d1440bf341fd
- SHA1
  
  1ed11cff77e0bdb6fa8e7675037a59ea132a0109
- SHA256
  
  6940266984ca1dee9a7f255243dc3d014e0a651c5de9b0bae4cc7f940c101d0a
- SHA512
  
  2a126d5ee2270fdc99f244456fd399ec7f536cf558a84b508b20b0bb828fb44da24461a702c4078d8eae267bd23088b8c143077a15031d73b8ae55e736a7bbba
- SSDEEP
  
  192:3feQJi+1a4fIXgk8LcLSiZNsc1i6IYSMAwm4u/lNyiSUNyiS1HhhiOzzFYr:3fyaiXgkCijR1EPG12
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  Worklog/Worklog/Worklog/MyStickyList.aspx
- Size
  
  6KB
- MD5
  
  1cf0a634fd3838e1af848ee730d11869
- SHA1
  
  1d89bc36d02eea13ae4b2492c6f66aae6503dd91
- SHA256
  
  ac8330998cc9a1538e3517d39d3c879059cffebafcf27d31fefc36d663e51302
- SHA512
  
  b83f93607f39427ce7c6b7bb5f8844064dd1871a6a89a9625cafe181b0a1720b0d5126b444fe633e22b1533586bf2e765650a1783203ec1b34629c3771ad8ab6
- SSDEEP
  
  96:j7SaeMrcvCPQsxKRvU3XMK7j2g2Bd7VowepgnPrTiXmiazuHy:jF5RQsQRCXl7r217zTiWiaz1
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  Worklog/Worklog/Worklog/Myoutlook.aspx
- Size
  
  7KB
- MD5
  
  4fdec477245b5febb4f1272c0d8abbd3
- SHA1
  
  1ae83d0c50927eb66e524cc9e77c6511f7879187
- SHA256
  
  ebe41931d2c81e08d5b4127d84c99e246efb19c0074e2acf0358ab2af37522b6
- SHA512
  
  50c13262ceda9bbd543ef93c73943544317b7b74315f5b31432ebd73dd992bf94ac43e87380d1985ae19ebca628fa94805f8ffbeb5e52f561f047db95306c714
- SSDEEP
  
  48:jN7/CRFXm3UP4REvfaUNrzuy02o5rW38HYMtdIQZplafbHqmpX7BR8M5/GZnvI1P:j1cCqvfaEfbZCrW3NMtTZpla9CNuC57y
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  Worklog/Worklog/Worklog/Myoutlookmonth.aspx
- Size
  
  5KB
- MD5
  
  ba246f358fc0bd8e4dd9599c79499c43
- SHA1
  
  af327e0a4f71ac19b1dcb700be0b2e60879fe60e
- SHA256
  
  eb5bf90eaaf5ac6abc5a58dc27d784524ff22598bb0ac06f317e1cdf73bb4a1c
- SHA512
  
  e538880d4b19a69d140e47088f1afdcbf15da95dad6b8fc7fb38ba53ba022b4e4338e9035860aa16af2ccbaa433b79f0144fa2c441f22c78d00204ea62b98135
- SSDEEP
  
  96:jucVj0Yf/HvcvBgEM8CojHvvAktRpyC+y:jucxnUvc8CWnDr
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  Worklog/Worklog/Worklog/Project_plan.aspx
- Size
  
  9KB
- MD5
  
  8faf50edbb4835ec8ea28a0d338c1ec9
- SHA1
  
  fcbb765fe1d8f653d75b62ad10a0fc5be8adb695
- SHA256
  
  bc13c91931b2ac2b90569a03484a14cd22de6b2527c5303f97d158f4479662e1
- SHA512
  
  9428a8892c810f47f5f297e69b1c67885025c0596bf9be9fc4d8b2325403b5de5eb9dcbdf8ef0f8f7feb06a42ac703568dc72d4e1861402c65e1c4a0d7ed761e
- SSDEEP
  
  96:jAZz/6TcbK3jGYCKte9KIgdLHO1dkvsvqIJL7/z03ImiGNzxwNmLn5ty:jI2TksyTkv8qIhTw3ImiGNzxwNmLnO
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  Worklog/Worklog/Worklog/Tabsecrityadd.aspx
- Size
  
  2KB
- MD5
  
  e231414ead85092b0cbae31a031dc391
- SHA1
  
  90aa39f62e9ee0f33fa70217eb7eb5cbdced3170
- SHA256
  
  18eac91daa04395bad37f9107c5757bff0f601ada26dc782f6c6790e4fb81e00
- SHA512
  
  3dd6638649397e2f54e7a4ed81ab44187bf463aad7bdfc84f8aa8fa7b78d943d6f39f45370a271f1c47eb91a03b3b0cc15b199db7277619bedb82f1058395f76
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  Worklog/Worklog/Worklog/add_note.html
- Size
  
  904B
- MD5
  
  a369a13d6186dfb099abf1d33b2c46cd
- SHA1
  
  933514220182235e0c226052108ed56c765e3dec
- SHA256
  
  8600cece562d0ea3f7a23674eff8fb41ed69595a42129835c9e04bbfcd41a4b3
- SHA512
  
  aed994f44515bf5a52458105ad5785ba7efae155107578e3a12c671677b914ce52e893146b1ff085ca69fb19ed4077cdee8e3608c5e8968274aac2749900dbda
Score

1^/10
behavioral29 behavioral30
- Target
  
  Worklog/Worklog/Worklog/bhListBox_js.js
- Size
  
  2KB
- MD5
  
  3a7a533fea033de036561383f9f065ee
- SHA1
  
  85517ddb486421fa1c2e1a1d05d5a7d490d9d94c
- SHA256
  
  7e8a6ab2deb80c032c2a9a24187b2151c50e9b821e4c9c2f6830af09a28ea7a9
- SHA512
  
  3b4791a429ebfb08c91b216ab95c7318c7123174d2242fef497dafa951616dcd806f7e0300e69d61f3f2e73092077ee43d4d12220454588af5cf324c062e900d
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32