75ecb486aaa682df5eca41c74f5cb830a4970ba6af0d1d21022754da9bd31361 | Triage

Sharing

General

Target

6d5409940f40407ef3cc76264c33a213_JaffaCakes118
Size

5.8MB
Sample

240724-3zmwwsvepn
MD5

6d5409940f40407ef3cc76264c33a213
SHA1

da6e27c79f13240aae8ed4aa92a60f92ee7dbab9
SHA256

75ecb486aaa682df5eca41c74f5cb830a4970ba6af0d1d21022754da9bd31361
SHA512

024cd8c88f2389f71adb6f41f69014c4151b4b5ab381a4214f77af9bda4ce78dfa93948a6bf00927cb1db1810b3bcd65635879f36edcb990ea869d4353f5eb59
SSDEEP

98304:fnMjha1LkbqfrPR9YFWT+SX3Y/s9KauWQCzXs32WAGoU4XSV52KNwEGKnGDcCXmX:fJfd92wX3x9puTs8ILNXSV7NPnnGDXmX

Score

3^/10

discovery execution

Malware Config

Targets

- Target
  
  Add-on/Md5Check.exe
- Size
  
  60KB
- MD5
  
  21c661c4dff1b5847de6d00425743eac
- SHA1
  
  d63b10df7099e3da0ae1a08d431b27aef78cce9a
- SHA256
  
  ee893eb6010a8e80b72cf2bdd92288c82ea962b0e333ab8bad973e4e81428af1
- SHA512
  
  042dc49819f0573dae0ddc5c66afb60080240bdeef4f3902a2d4236ef1d5c2ec0c9905a7ee774dcff74f467f0761eb3c3737b20d9bdf7d8a004b5ec3f102f5db
- SSDEEP
  
  768:ar3t4JXoFDBvLuxHdtQSHhe9Vdcz/hH/90aAAQr4RlmegRB:gtYXoFD8x9tQSBqGV/90lAQr4Rlmegn
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  Add-on/新云软件.url
- Size
  
  133B
- MD5
  
  4f0017b3b346bd0626f0c3b915e6e734
- SHA1
  
  823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92
- SHA256
  
  df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678
- SHA512
  
  0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6
Score

1^/10
behavioral3 behavioral4
- Target
  
  upgrade/upgrade3.php
- Size
  
  12KB
- MD5
  
  dccca9c8329f23055c7217af8d4d0751
- SHA1
  
  d6bc533fafb0774924b1d9dbad63e92a05487ba8
- SHA256
  
  a15d36f7a1e4e1feddec2f41e69d083a372ad116ec6e9bf8751e7d5d52092279
- SHA512
  
  1efdbe0fbd293e89f61429516375d738b7eaa918517d36bf79fe494b13ba90ce5372379c9ce3bc80b1ec1f1bb4162edfedf81a9cc9ac5fc071ef11b3429ad12b
- SSDEEP
  
  192:7t+w1WfK/qUCIjLELUg0/+8AHnsmXqPM6Ylp9RzzaydjSXUyRn6kXRmo:h+w1WfK/q7IPqxBXT6YldzJjRZkAo
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  upgrade/upgrade32to34.php
- Size
  
  16KB
- MD5
  
  d83bbd58aafcc0246e72d6b9c176d9cd
- SHA1
  
  2876dc216a696f0c3fb0e6ac2a63cbfa7dd4c475
- SHA256
  
  5148867e5fc137f0f4e4952b5fc9da46260b3b822cef6c1dfb4320fb56cc4246
- SHA512
  
  020c41c2f9f3aa54b062f460b1217ec3d413ca70416dc6e8a28ee5db75e678cd40891625423118d2ea9ec404357afec0b7f1e21e4efd957d4c4604ca201aed4a
- SSDEEP
  
  192:ft+wuiO/AUCIOLELNAAIlZKqjQ4TM66jpvibzzaydmlFXUzR6/60XRmo:F+wuiO/A7I0qkjQ4Y66jezJmlKQS0Ao
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  upgrade/upgrade34to40.php
- Size
  
  17KB
- MD5
  
  d4a7c42963faf6b722960325a8a3bdd9
- SHA1
  
  41bb0da45e8cdd1096e75873fa5253b1a6a4eca5
- SHA256
  
  15e763dc32bb44a4fd9b1ccf0094db66fc5192978d2c7ba3210ccfd6e0988e36
- SHA512
  
  f8d251c4132de0df417dbc51e772add712dc34ffcdabf72217478a2749fbcdd46706bb4eef5cf2783196b4aa18bb22d4a29cd4fd0bbc805e5af56e0e99fbb5d7
- SSDEEP
  
  384:xCYwun8DpdGq/fIhqFxCP2tN66jwzJ3xUS0ArspehmPLUH0:xCFunuGq/f9LCP2vX0ztiS4
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  upgrade/upgrade4.php
- Size
  
  16KB
- MD5
  
  1dc12730d4b164e9ce759c7544e72094
- SHA1
  
  96cd125cc8823dcb46ee773b1f3fef0237939625
- SHA256
  
  3bbe7692deaadcdc165d41b8e06468e8adb3146e2dd67094e0b4c2321cca36bf
- SHA512
  
  cc18d351673d0dcdef0efd7db240cd142af4c2131459d356959c2bf3fb20e17be0f0998db2455509a388200ff0e266e7f783b01135b9cf8a119c0540807f5e63
- SSDEEP
  
  192:ft+wuiO/AUCIOLELNAAIlZKqjQlTM66jpvibzzaydmlFXUzR6/60XRmo:F+wuiO/A7I0qkjQlY66jezJmlKQS0Ao
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  upgrade/upgrade40to41.php
- Size
  
  14KB
- MD5
  
  33410503472001c844306ba762c9c8c2
- SHA1
  
  7436e3bdd9d35a0b34b456bbfcf87f4e5a7f5c70
- SHA256
  
  84963a13bf599a6698b21ca0c74330a90fb57c7260c87e2d38010f50f563abcf
- SHA512
  
  8b67cf70ea5da3bf285d517ca774ee7f2312aafeb1a0cd5adcec0906bab035bf67b71124b8469921e88a1414678b797867db16344deeb7671f0b8c98e2463472
- SSDEEP
  
  384:xCYwk8DpdGq/mIhqawN66jwzJ3xUS0ArspehmPLUH0:xCFkuGq/m9acX0ztiS4
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  upload/api/passports/ucenter/api/uc.php
- Size
  
  17KB
- MD5
  
  da75dc7e4cff3421ed0a356740682b4c
- SHA1
  
  ec101c63ee10c3da7810c331a44598d86bd07c85
- SHA256
  
  34a7fa84146b2c805e028ff16dc631f4015cd5c1df861bf163768fcc04fe2a5e
- SHA512
  
  f1d973c1353503acacf435a2e67d313aa356a54747db84a4cc96739653a64f974e91e0faa0226523fe45bcc9cf3bac372e11728aee7789fbf94cc3603b5cebb2
- SSDEEP
  
  384:AFnhJw2wmttDmo4K9PtaZbnAr65/iAG+hlKn7c2WRG6g+lD+Rx8ZQ:YnhJw2wmttDD461ee65qhwlKnklDi8G
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  upload/api/passports/ucenter/index.html
- Size
  
  1B
- MD5
  
  7215ee9c7d9dc229d2921a40e899ec5f
- SHA1
  
  b858cb282617fb0956d960215c8e84d1ccf909c6
- SHA256
  
  36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
- SHA512
  
  f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  upload/api/passports/ucenter/template/setting.html
- Size
  
  6KB
- MD5
  
  6f29274c028d40a5a97aec6ac3dfa4f6
- SHA1
  
  4e67fb75adbde7ece1a1c792d55959f36999b3d1
- SHA256
  
  27a15901ae1237c0ab82471dc3eae3aaf0c922cffab0386e72a7f1784c8f2117
- SHA512
  
  e79ece2c899f6b8d5107be6ea699266ae0cf07eedebbfe2234436d21360dcc7008c714b8ccbdf5609ca33d7779615d98e60bc90c612418e6ce652ad05499eece
- SSDEEP
  
  48:jxevT5wPnByONhDhdIdcsykJ7zEfaX9cNMh293xmxyIgxp3DZMfSw4hp:jYbaPB/Ndhd+dHDtcNZdxmxmxZDLX
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  upload/api/passports/ucenter/uc_client/client.php
- Size
  
  18KB
- MD5
  
  18dd9d98d99c303800ee4291d2617866
- SHA1
  
  fba57d6133d8f1db78db5fc84b00ba7c587e2fc4
- SHA256
  
  f8429aafc45ca3c03d898a1e9fe2179c0084cb7bbebf3ad9a2856901f16d4cc2
- SHA512
  
  deb55393b29957edb7862a2601b872211605989e9c1a0d4d80f1136b9b4cabf9b2cab39a266ecd48cf782ed5f2f15d85e854a39da4aa2b4c98bccd87be2985fb
- SSDEEP
  
  384:05lfn7/n+btAqn7vHMVWbtESvebSm2laDelBpe59NNCxs0ou:2lfT+btAqLHMVGeSvebSm2laDelTe59G
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  upload/api/passports/ucenter/uc_client/control/index.htm
- Size
  
  1B
- MD5
  
  7215ee9c7d9dc229d2921a40e899ec5f
- SHA1
  
  b858cb282617fb0956d960215c8e84d1ccf909c6
- SHA256
  
  36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
- SHA512
  
  f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  upload/api/passports/ucenter/uc_client/data/cache/index.htm
- Size
  
  1B
- MD5
  
  7215ee9c7d9dc229d2921a40e899ec5f
- SHA1
  
  b858cb282617fb0956d960215c8e84d1ccf909c6
- SHA256
  
  36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
- SHA512
  
  f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  upload/api/passports/ucenter/uc_client/data/index.htm
- Size
  
  1B
- MD5
  
  7215ee9c7d9dc229d2921a40e899ec5f
- SHA1
  
  b858cb282617fb0956d960215c8e84d1ccf909c6
- SHA256
  
  36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
- SHA512
  
  f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  upload/api/passports/ucenter/uc_client/index.htm
- Size
  
  1B
- MD5
  
  7215ee9c7d9dc229d2921a40e899ec5f
- SHA1
  
  b858cb282617fb0956d960215c8e84d1ccf909c6
- SHA256
  
  36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
- SHA512
  
  f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  upload/api/passports/ucenter/uc_client/lib/db.class.php
- Size
  
  3KB
- MD5
  
  e3f9d68adbfa893ce5a51f1382462b58
- SHA1
  
  19ab1c256a14c2a4409971cfdf2fbfe8b548d324
- SHA256
  
  75f3fe27cb269749595d07997beec538879c99f81617f71cfc06cdb2e0232fb4
- SHA512
  
  b929e99330acf220416e261ce89b014c1181e0cf5b14681bcfefeeb874b741ea52a43d5a1be18582961f2986457c17e1cd802b730453b42b2a65da35a089b113
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32