c9b922bf0972ecf680289aae5071ae6c5d03e1c0b2402cd21464ca82b67ca870

Sharing

Copy URL

Twitter E-mail

General

Target

6071e576b4134e75d5a3b51e8a06cb47_JaffaCakes118
Size

4.1MB
Sample

240720-3mbcbssdrp
MD5

6071e576b4134e75d5a3b51e8a06cb47
SHA1

9c8005e4df8d5507731d45bb03408c4bce40494e
SHA256

c9b922bf0972ecf680289aae5071ae6c5d03e1c0b2402cd21464ca82b67ca870
SHA512

f7744d43375b481c96cdcc446e20d48512939cfaee60488d44130f6e28cec23c8fa05a1860fdebc3819d97f117c8aa9350f4fb5f44f078a4f8cd3bb7d95c04c9
SSDEEP

98304:m8F3nJ3q7mSYBtCFU2Mek7jFQzvYolXy2zjMbIwk:Tln0yBwRMpXslXyOjsk

Score

10^/10

Malware Config

Extracted

Language

ps1

Source

URLs

exe.dropper

http://a9.com/-/spec/opensearch/1.1/

exe.dropper

http://www.mozilla.org/2006/browser/search/

Targets

- Target
  
  Joomla_1.7.2-Stable-Full_Package/administrator/cache/index.html
- Size
  
  31B
- MD5
  
  8ca096fda23d564fe62bc65ef5f498e0
- SHA1
  
  166b05dab71422b4ce7c55ba3ad66492a8cd8a18
- SHA256
  
  b1f5b9c329d8f4c9bb9d4b2dc820419b8a277e2886af023777a399c9ec187a2c
- SHA512
  
  4a5b3cd40f4e5ca3637a286ae2884755315897adc9afcd4dda2e49d6a102b10503fca48d851e4fce25b753e932382991d91a1ad2f4d0ed1ab932b99d61f41cef
Score

1^/10
behavioral1 behavioral2
- Target
  
  Joomla_1.7.2-Stable-Full_Package/administrator/components/com_admin/controllers/index.html
- Size
  
  31B
- MD5
  
  8ca096fda23d564fe62bc65ef5f498e0
- SHA1
  
  166b05dab71422b4ce7c55ba3ad66492a8cd8a18
- SHA256
  
  b1f5b9c329d8f4c9bb9d4b2dc820419b8a277e2886af023777a399c9ec187a2c
- SHA512
  
  4a5b3cd40f4e5ca3637a286ae2884755315897adc9afcd4dda2e49d6a102b10503fca48d851e4fce25b753e932382991d91a1ad2f4d0ed1ab932b99d61f41cef
Score

1^/10
behavioral3 behavioral4
- Target
  
  Joomla_1.7.2-Stable-Full_Package/administrator/components/com_admin/helpers/html/index.html
- Size
  
  31B
- MD5
  
  8ca096fda23d564fe62bc65ef5f498e0
- SHA1
  
  166b05dab71422b4ce7c55ba3ad66492a8cd8a18
- SHA256
  
  b1f5b9c329d8f4c9bb9d4b2dc820419b8a277e2886af023777a399c9ec187a2c
- SHA512
  
  4a5b3cd40f4e5ca3637a286ae2884755315897adc9afcd4dda2e49d6a102b10503fca48d851e4fce25b753e932382991d91a1ad2f4d0ed1ab932b99d61f41cef
Score

1^/10
behavioral5 behavioral6
- Target
  
  Joomla_1.7.2-Stable-Full_Package/administrator/components/com_admin/helpers/index.html
- Size
  
  31B
- MD5
  
  8ca096fda23d564fe62bc65ef5f498e0
- SHA1
  
  166b05dab71422b4ce7c55ba3ad66492a8cd8a18
- SHA256
  
  b1f5b9c329d8f4c9bb9d4b2dc820419b8a277e2886af023777a399c9ec187a2c
- SHA512
  
  4a5b3cd40f4e5ca3637a286ae2884755315897adc9afcd4dda2e49d6a102b10503fca48d851e4fce25b753e932382991d91a1ad2f4d0ed1ab932b99d61f41cef
Score

1^/10
behavioral7 behavioral8
- Target
  
  Joomla_1.7.2-Stable-Full_Package/administrator/components/com_admin/index.html
- Size
  
  31B
- MD5
  
  8ca096fda23d564fe62bc65ef5f498e0
- SHA1
  
  166b05dab71422b4ce7c55ba3ad66492a8cd8a18
- SHA256
  
  b1f5b9c329d8f4c9bb9d4b2dc820419b8a277e2886af023777a399c9ec187a2c
- SHA512
  
  4a5b3cd40f4e5ca3637a286ae2884755315897adc9afcd4dda2e49d6a102b10503fca48d851e4fce25b753e932382991d91a1ad2f4d0ed1ab932b99d61f41cef
Score

1^/10
behavioral10 behavioral9
- Target
  
  Joomla_1.7.2-Stable-Full_Package/administrator/components/com_admin/models/forms/index.html
- Size
  
  31B
- MD5
  
  8ca096fda23d564fe62bc65ef5f498e0
- SHA1
  
  166b05dab71422b4ce7c55ba3ad66492a8cd8a18
- SHA256
  
  b1f5b9c329d8f4c9bb9d4b2dc820419b8a277e2886af023777a399c9ec187a2c
- SHA512
  
  4a5b3cd40f4e5ca3637a286ae2884755315897adc9afcd4dda2e49d6a102b10503fca48d851e4fce25b753e932382991d91a1ad2f4d0ed1ab932b99d61f41cef
Score

1^/10
behavioral11 behavioral12
- Target
  
  Joomla_1.7.2-Stable-Full_Package/administrator/components/com_admin/models/index.html
- Size
  
  31B
- MD5
  
  8ca096fda23d564fe62bc65ef5f498e0
- SHA1
  
  166b05dab71422b4ce7c55ba3ad66492a8cd8a18
- SHA256
  
  b1f5b9c329d8f4c9bb9d4b2dc820419b8a277e2886af023777a399c9ec187a2c
- SHA512
  
  4a5b3cd40f4e5ca3637a286ae2884755315897adc9afcd4dda2e49d6a102b10503fca48d851e4fce25b753e932382991d91a1ad2f4d0ed1ab932b99d61f41cef
Score

1^/10
behavioral13 behavioral14
- Target
  
  Joomla_1.7.2-Stable-Full_Package/administrator/components/com_admin/models/sysinfo.php
- Size
  
  7KB
- MD5
  
  e3193e0654f2e004601ed4c433251214
- SHA1
  
  fae87dfde264d191b57cfd6d4e51d521786f6870
- SHA256
  
  8c1cccf7522f32be9a6e7319d8f5450105f6814ffeede4e61b6d12c3f1ac4f14
- SHA512
  
  b5657bef39f0a68f618928e9d2fcf631e463154d29c98ca1cbcf4b95373a539320c56d9836e8b166220c39d7d3ebcbfe404a279ea59e733f83364221beb98895
- SSDEEP
  
  192:jsfkaCKcGgVgx2WkVn0fm02Y+tEilEN1xt4zLtk2tF9tbtt+o1rDh:jVGgyAVnimBY+sULbT99tEo1rDh
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  Joomla_1.7.2-Stable-Full_Package/administrator/components/com_admin/script.php
- Size
  
  15KB
- MD5
  
  9824bb4c16c8bfb692d0f885367bb244
- SHA1
  
  568e894eaad9349337648659466167319c46e0ec
- SHA256
  
  ec0390a203d084e5121799f4368829e7c81d792030c8dcd80c6a280a78419244
- SHA512
  
  53bb2fa6cf6a0eb052cddc308be8dea277ab86a73d47def3542c453cef18c8bb254b4e718254b15e59d0b466dfd0d517af5e93735097875e8cc4b88eb96822b3
- SSDEEP
  
  192:+MsCqdDdEncr3WW8iKzX8Ngd7R8sSu3qOIpsKmKE0N8:+MsCqlyncr3WW8UMR8sSMSsKmK3S
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  Joomla_1.7.2-Stable-Full_Package/administrator/components/com_admin/sql/index.html
- Size
  
  31B
- MD5
  
  8ca096fda23d564fe62bc65ef5f498e0
- SHA1
  
  166b05dab71422b4ce7c55ba3ad66492a8cd8a18
- SHA256
  
  b1f5b9c329d8f4c9bb9d4b2dc820419b8a277e2886af023777a399c9ec187a2c
- SHA512
  
  4a5b3cd40f4e5ca3637a286ae2884755315897adc9afcd4dda2e49d6a102b10503fca48d851e4fce25b753e932382991d91a1ad2f4d0ed1ab932b99d61f41cef
Score

1^/10
behavioral19 behavioral20
- Target
  
  Joomla_1.7.2-Stable-Full_Package/administrator/components/com_admin/sql/updates/index.html
- Size
  
  31B
- MD5
  
  8ca096fda23d564fe62bc65ef5f498e0
- SHA1
  
  166b05dab71422b4ce7c55ba3ad66492a8cd8a18
- SHA256
  
  b1f5b9c329d8f4c9bb9d4b2dc820419b8a277e2886af023777a399c9ec187a2c
- SHA512
  
  4a5b3cd40f4e5ca3637a286ae2884755315897adc9afcd4dda2e49d6a102b10503fca48d851e4fce25b753e932382991d91a1ad2f4d0ed1ab932b99d61f41cef
Score

1^/10
behavioral21 behavioral22
- Target
  
  Joomla_1.7.2-Stable-Full_Package/administrator/components/com_admin/sql/updates/mysql/index.html
- Size
  
  31B
- MD5
  
  8ca096fda23d564fe62bc65ef5f498e0
- SHA1
  
  166b05dab71422b4ce7c55ba3ad66492a8cd8a18
- SHA256
  
  b1f5b9c329d8f4c9bb9d4b2dc820419b8a277e2886af023777a399c9ec187a2c
- SHA512
  
  4a5b3cd40f4e5ca3637a286ae2884755315897adc9afcd4dda2e49d6a102b10503fca48d851e4fce25b753e932382991d91a1ad2f4d0ed1ab932b99d61f41cef
Score

1^/10
behavioral23 behavioral24
- Target
  
  Joomla_1.7.2-Stable-Full_Package/administrator/components/com_admin/views/help/index.html
- Size
  
  31B
- MD5
  
  8ca096fda23d564fe62bc65ef5f498e0
- SHA1
  
  166b05dab71422b4ce7c55ba3ad66492a8cd8a18
- SHA256
  
  b1f5b9c329d8f4c9bb9d4b2dc820419b8a277e2886af023777a399c9ec187a2c
- SHA512
  
  4a5b3cd40f4e5ca3637a286ae2884755315897adc9afcd4dda2e49d6a102b10503fca48d851e4fce25b753e932382991d91a1ad2f4d0ed1ab932b99d61f41cef
Score

1^/10
behavioral25 behavioral26
- Target
  
  Joomla_1.7.2-Stable-Full_Package/administrator/components/com_admin/views/help/tmpl/index.html
- Size
  
  31B
- MD5
  
  8ca096fda23d564fe62bc65ef5f498e0
- SHA1
  
  166b05dab71422b4ce7c55ba3ad66492a8cd8a18
- SHA256
  
  b1f5b9c329d8f4c9bb9d4b2dc820419b8a277e2886af023777a399c9ec187a2c
- SHA512
  
  4a5b3cd40f4e5ca3637a286ae2884755315897adc9afcd4dda2e49d6a102b10503fca48d851e4fce25b753e932382991d91a1ad2f4d0ed1ab932b99d61f41cef
Score

1^/10
behavioral27 behavioral28
- Target
  
  Joomla_1.7.2-Stable-Full_Package/administrator/components/com_admin/views/index.html
- Size
  
  31B
- MD5
  
  8ca096fda23d564fe62bc65ef5f498e0
- SHA1
  
  166b05dab71422b4ce7c55ba3ad66492a8cd8a18
- SHA256
  
  b1f5b9c329d8f4c9bb9d4b2dc820419b8a277e2886af023777a399c9ec187a2c
- SHA512
  
  4a5b3cd40f4e5ca3637a286ae2884755315897adc9afcd4dda2e49d6a102b10503fca48d851e4fce25b753e932382991d91a1ad2f4d0ed1ab932b99d61f41cef
Score

1^/10
behavioral29 behavioral30
- Target
  
  Joomla_1.7.2-Stable-Full_Package/administrator/components/com_admin/views/profile/index.html
- Size
  
  31B
- MD5
  
  8ca096fda23d564fe62bc65ef5f498e0
- SHA1
  
  166b05dab71422b4ce7c55ba3ad66492a8cd8a18
- SHA256
  
  b1f5b9c329d8f4c9bb9d4b2dc820419b8a277e2886af023777a399c9ec187a2c
- SHA512
  
  4a5b3cd40f4e5ca3637a286ae2884755315897adc9afcd4dda2e49d6a102b10503fca48d851e4fce25b753e932382991d91a1ad2f4d0ed1ab932b99d61f41cef
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

PowerShell

T1059.001

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32