Overview

overview

3

Static

static

1

admin/新�...��.url

windows7-x64

1

admin/新�...��.url

windows10-2004-x64

1

images/index.htm

windows7-x64

1

images/index.htm

windows10-2004-x64

1

install/common.js

windows7-x64

3

install/common.js

windows10-2004-x64

3

install/correctpng.js

windows7-x64

3

install/correctpng.js

windows10-2004-x64

3

js/Drag.js

windows7-x64

3

js/Drag.js

windows10-2004-x64

3

js/Resize.js

windows7-x64

3

js/Resize.js

windows10-2004-x64

3

js/admin/admin.js

windows7-x64

3

js/admin/admin.js

windows10-2004-x64

3

js/admin/common.js

windows7-x64

3

js/admin/common.js

windows10-2004-x64

3

js/admin/s...ate.js

windows7-x64

3

js/admin/s...ate.js

windows10-2004-x64

3

js/ajax.js

windows7-x64

3

js/ajax.js

windows10-2004-x64

3

js/common.js

windows7-x64

3

js/common.js

windows10-2004-x64

3

js/kindedi...tor.js

windows7-x64

3

js/kindedi...tor.js

windows10-2004-x64

3

js/kindedi...t.html

windows7-x64

1

js/kindedi...t.html

windows10-2004-x64

1

js/kindedi...h.html

windows7-x64

1

js/kindedi...h.html

windows10-2004-x64

1

js/kindedi...e.html

windows7-x64

1

js/kindedi...e.html

windows10-2004-x64

1

js/kindedi...k.html

windows7-x64

1

js/kindedi...k.html

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6559cbbd00cd4ec8f9488d84a8d13de1_JaffaCakes118

  • Size

    621KB

  • Sample

    240723-abyn9swgqn

  • MD5

    6559cbbd00cd4ec8f9488d84a8d13de1

  • SHA1

    708879bc3d5331e2f28e260045e0234c92bfc33e

  • SHA256

    8ef8fa960a49baa47cf1a375107484dcab379a4f60e50a2be18a215d29a1b0a4

  • SHA512

    e234ec548f35adefaf1570ea71134fd15dcefe105ff9ed40c367630428bc37ea46ba784542fae609534f80bccf0ba064af07bb2f8851d9fede13ac6aac3c92de

  • SSDEEP

    12288:UVCDLeFXS6LDyJgiszidLXE6M+WxVMZCKlCgrFZCdAnHVYUE32C3Y:YXSCDQgis+5UJfCCRgrSAq/Ro

Score
3/10
execution

Malware Config

Targets

    • Target

      admin/新云软件.url

    • Size

      133B

    • MD5

      4f0017b3b346bd0626f0c3b915e6e734

    • SHA1

      823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92

    • SHA256

      df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678

    • SHA512

      0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6

    Score
    1/10
    behavioral1behavioral2

    • Target

      images/index.htm

    • Size

      1B

    • MD5

      7215ee9c7d9dc229d2921a40e899ec5f

    • SHA1

      b858cb282617fb0956d960215c8e84d1ccf909c6

    • SHA256

      36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

    • SHA512

      f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

    Score
    1/10
    behavioral3behavioral4

    • Target

      install/common.js

    • Size

      3KB

    • MD5

      e69a515068d85b3c063a3d9419f3aedd

    • SHA1

      d8677de96fe24fa4cc7fe800b554264b702e4671

    • SHA256

      c9bc8b8729452db5c802a0f39e472593c110a923cec16b057a753530a856f1fe

    • SHA512

      9f3f7705a2c8bb65c7465f15d67b295151425bc9f14c8ac3d976d899976d0957a628c4d54d685494b3d5b0b5e55c0a4760dc68b75935d77d0faad45b3f6572fb

    Score
    3/10
    execution
    behavioral5behavioral6

    • Target

      install/correctpng.js

    • Size

      1KB

    • MD5

      5bfe99838dfc1e41f53b48f403193e80

    • SHA1

      f12fbc0176c65a255292faca0581c6a22b401c7a

    • SHA256

      be7261cceb152b5fa9c618c40bea4c470b16e003fb235ee5b19c5fe5cea0810b

    • SHA512

      0d953ff3d67ef18f3e5f8070f8a17aed002788115567b9f12895fb6cd36787d519fd3cf738a566452aaa600465fc4c60c5bb10e66674ae5a9636402542d1734c

    Score
    3/10
    execution
    behavioral7behavioral8

    • Target

      js/Drag.js

    • Size

      5KB

    • MD5

      b14c43a51b3fad9ec19f509c0964d22a

    • SHA1

      97e7cfafd57d976c02aa5cbebbc3267b8e8939cd

    • SHA256

      8b83aa71db9dab76069ab0e77dc5da34ba44e28ee02d4e852620052bf39961dc

    • SHA512

      a08138edb974ea2334743a2d1ded362d8a781a24af9bad2dd3eb1bcb801f01677c9299076d93c593a666e69d541baeda4bd36e6e81ec312cbeab3dc4b8eb9369

    • SSDEEP

      96:ODpBxygRCRNH1cvszjbsdTwJ2R8eStEaoBVhejeSQst0BoBfA1E01t2WsCIF0Ki/:ODpBsUS+s/OUwTStm7heNgG9net9I07F

    Score
    3/10
    execution
    behavioral10behavioral9

    • Target

      js/Resize.js

    • Size

      11KB

    • MD5

      da08897f0579240b622fa203ed88d8f5

    • SHA1

      402271461d2500a9f51359e6ea22d6aaa3e6c970

    • SHA256

      ce119f487b775ec2e046ecb494c9933667888b437c2dbbbacc1b3fc1af38b6ac

    • SHA512

      6be6711ccf18615b7c325cb9c320ef36526862d8af30426ae2fc96580a7c1cd9ec680b6b3cd9af76a61a388678cf4f164f726c5aaf064011ea6b5f01aa256079

    • SSDEEP

      192:Dmg+y2MPVe80L76HXQxFX3+ZL4UDv0Vf6AzC0LmV4+44bziLpFzWx5sQG3lVrKWf:Doy2wVe80363qTVyAzmV4b4bupF2orKu

    Score
    3/10
    execution
    behavioral11behavioral12

    • Target

      js/admin/admin.js

    • Size

      17KB

    • MD5

      22c92154aa7fa0d779cb48afbc01123a

    • SHA1

      fe8bfd782820170f9203d4e4b55fcefbe3008b84

    • SHA256

      1d93f022dae72d0f4bdc7c5e0531eb605d4f1850b6e7ba2af95fd7e8bdb53f62

    • SHA512

      dce541350ab98dd1815d1e56d7fbcfa2b2a72195014a9d48e934add62b2d81ecc48295e58e4c3ec986fe6eecbea2e7edd16c8616b20510b080b325fe8038c474

    • SSDEEP

      384:Y4ySwxZWWhjNBky2DpiDi8+H40PZBoUHmzm+SK0yAiLiSy6iKiz//455v8/YKOAn:dRKjnmwm8+H40PXpHmq/K/u1jzz//4rU

    Score
    3/10
    execution
    behavioral13behavioral14

    • Target

      js/admin/common.js

    • Size

      5KB

    • MD5

      ade58072d34a4cf662383a2d4b00b091

    • SHA1

      aeebe3bd6e4f9cbeed4c59c04e368306d7d474b6

    • SHA256

      5ea7a9dbd802e2577aa94672864fb30736cff337e6b38a45ab92f7711256fc72

    • SHA512

      40cf830b56cbe7d4a8a0635203170c4a2f03b9e3a69d3ee51fa1affecb3763999fda286cb390746be9bea5c447f126f838a066752b5aa788ecfe98a17181d6e4

    • SSDEEP

      96:2iUE5swEM26NhuALsry8y2anhRFJuilK4qW7WdIRVEPP2R2JAa2JAZBz5vK:Z15swEMZTIOR2EPucK4qW7WdI2Y2J52L

    Score
    3/10
    execution
    behavioral15behavioral16

    • Target

      js/admin/selectdate.js

    • Size

      11KB

    • MD5

      01cfbf6bef4d65f4eb7891f971045036

    • SHA1

      c8faccbd76664555be722a1787640d4dc4e34298

    • SHA256

      2a828436c48877d0fee1eafac5eda2e7e064be28d15bc9e319a5a51429cddb6d

    • SHA512

      f41ce43a7d7e70d5871464d9184c8ed4f5b670d36d24f2db7ce903d41456ac9e4a5873a0b3d51df377d3deaeeb71354ffe0e5c297da1242a7e5253cd413bd6e4

    • SSDEEP

      192:dX72uB6r9+fD7CNv9ueLR02y5p742aCKc4WUIpWhA31jv/eRR/7+j:dCu0Z+r7Cbue1vKp742aCKc4WUIpWhYd

    Score
    3/10
    execution
    behavioral17behavioral18

    • Target

      js/ajax.js

    • Size

      1KB

    • MD5

      c4c1b27edb60d32c365edb14b08a1733

    • SHA1

      9ba4595104a733c3bfb3c10ef7929509a035ac17

    • SHA256

      3e095af4d25bd9a18d181eced59d84cb8ee7dd5055fbf3ebc976e7692704ce77

    • SHA512

      4e0a55ec01ee40aa3a4f775964d8604d2c4e7582ce461e1cfd14bd364266d302bbd80f12bf992ed42d2ea83163c024a596c5cc666c9b015283bb72db5c9eb9f5

    Score
    3/10
    execution
    behavioral19behavioral20

    • Target

      js/common.js

    • Size

      3KB

    • MD5

      97f927d8f47d66d4644bd6af6420cc0e

    • SHA1

      5534b03652b0e856e63e0fe90a1089dea1c42836

    • SHA256

      1911da81a7435852f9ff9ebbedf290cdfa4d1936539d5f710af703f531c373fb

    • SHA512

      83d88e5af889419477bbca6c6624c92cbc9d0618532cd6313968474bffe05fbd1c13fb855bc10638a056e8f2a1794e03117f80a44be50ffb5984398ce633846a

    Score
    3/10
    execution
    behavioral21behavioral22

    • Target

      js/kindeditor/kindeditor.js

    • Size

      96KB

    • MD5

      0dca2ca3e0124416d5a6d9a4ea7aafff

    • SHA1

      06ae6cd851cb37da14de99fb1be4dcc9eabb0bfd

    • SHA256

      0bffbef78b11db40dd3e53ba43014f80a9c087dd9ed39d01b41855d1b12caab0

    • SHA512

      d59bae64bde8efb92aeced7fa6f2b6b8cd08a6519083d50a8fd7778069eab4bb860b818ea298bce5de4a7e0ff79b0162e734196e736c5f55854dc29e1b4dae25

    • SSDEEP

      3072:tN2i+2hVP2O1g2egYQI8a7TbX/J1jO3dBK:gjzj6+

    Score
    3/10
    execution
    behavioral23behavioral24

    • Target

      js/kindeditor/plugins/about.html

    • Size

      1KB

    • MD5

      47cc4c2d2408a77307a2da6f1477cec3

    • SHA1

      72b3cdc2e6fe2483b6003846e2f99e7227d9cf89

    • SHA256

      8b89855bbd6763b4e78099ba2dc8b6f1fed1ef882d0902c6e6e6fff4e7178cee

    • SHA512

      36219178af1f5460c1518077e2cc9655af1d0d3d3445c904e7e1649f1f9eaebd1ec0d747f232a173683206537ab54e16743f9419907fc8576ebeb48db5653b53

    Score
    1/10
    behavioral25behavioral26

    • Target

      js/kindeditor/plugins/flash.html

    • Size

      1KB

    • MD5

      83ab29cf4df5516e1a25864670986226

    • SHA1

      a7024d907a2d5f14b48a7885c2f6fa41376f6573

    • SHA256

      3341518351a806032bb362c8cd0cf8453fab62b7c7d93141ae24a508179b1358

    • SHA512

      ea81ac07632ed52c7b27134173768e3d492648b7bc992a26b5d240a01db8450d1f4b1ce999258ef71530a843e5adca88260870a6d2251c9dadea350a57257251

    Score
    1/10
    behavioral27behavioral28

    • Target

      js/kindeditor/plugins/insert_page.html

    • Size

      1KB

    • MD5

      3096abf1fa6cbd907208e8ffddb904ec

    • SHA1

      f14c6c4624e207c1b76d2111b354d519f16fa7da

    • SHA256

      4890bd6b138bd57df7387e20ec0684354b95ebddeffb698f106fea82e062e17c

    • SHA512

      92c4f6a618f68ab4ea1e8008bf40836ebcd7e6b550b8832414e4328e12a132f10a92189263a7dc7b9c0ce62ba90c32cae9a2d7446ce0e9ab8b503abd416cdf5a

    Score
    1/10
    behavioral29behavioral30

    • Target

      js/kindeditor/plugins/link.html

    • Size

      1KB

    • MD5

      0701348e336f3a896b972fc937322cae

    • SHA1

      163a2813b8e2fe08f5504162024eb8400b53550f

    • SHA256

      4a8478c92e8f862fd3dadd11b1dfc611746d7b93da2c7a42c7aa41d4e33190a3

    • SHA512

      78f19389f9e0e7773010723262e4469f815392f149d4f07619387f2b4b97829fa2207d463ae665237d57d5f4c08bd5838a1d428bbbd7d567b2b1f0887f4d9bbe

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

10
T1059

JavaScript

10
T1059.007

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

5
T1112

Credential Access

Discovery

Query Registry

5
T1012

System Information Discovery

5
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

Score
1/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

execution
Score
3/10

behavioral6

execution
Score
3/10

behavioral7

execution
Score
3/10

behavioral8

execution
Score
3/10

behavioral9

execution
Score
3/10

behavioral10

execution
Score
3/10

behavioral11

execution
Score
3/10

behavioral12

execution
Score
3/10

behavioral13

execution
Score
3/10

behavioral14

execution
Score
3/10

behavioral15

execution
Score
3/10

behavioral16

execution
Score
3/10

behavioral17

execution
Score
3/10

behavioral18

execution
Score
3/10

behavioral19

execution
Score
3/10

behavioral20

execution
Score
3/10

behavioral21

execution
Score
3/10

behavioral22

execution
Score
3/10

behavioral23

execution
Score
3/10

behavioral24

execution
Score
3/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10