333500ca8ad9a2e17715d2d6d57e581d7f6f28964ab391b921c5069a2326cdee | Triage

Sharing

General

Target

6bdd670fc244edd902aa47f0c12883fd_JaffaCakes118
Size

5.2MB
Sample

240724-sbtz7a1grl
MD5

6bdd670fc244edd902aa47f0c12883fd
SHA1

78209b61a6b81f76ac49c68cb322a539d929d5dd
SHA256

333500ca8ad9a2e17715d2d6d57e581d7f6f28964ab391b921c5069a2326cdee
SHA512

ab29c3177988e60df5c206b8f0154b4b2a2688d87b51ab65e5c6fe2e0170b8d338f1f8ff8eb9fc7cc8769b020381e720d1df608d693b1662ec1c55105c331a67
SSDEEP

98304:x55T0YC7Re2oxEIK8ZvWKZtFdU3voGpei++RklQneGTyQFoecoasYCfr3DxCC1:x34YQRe2RH8ZvWKZz+/H+4SQntTyQyeD

Score

3^/10

discovery execution

Malware Config

Targets

- Target
  
  upload/bbs/admin/adv.inc.php
- Size
  
  23KB
- MD5
  
  5ad500a830d3f995f644e625ce3936b7
- SHA1
  
  ade4e9222b5065f408efc46fe0b6f821ffbcfad9
- SHA256
  
  692e8ed5a095e5bf74ccd79395aa0f16deec032f5b10e7a701f3451c003c250d
- SHA512
  
  160cd07fae33a95dda382a91bce443f3d09ca84b7e6a4cd2fbb7140b18656345e59678a8aa578fcf26a1b579e8faf92e545681a4374f4687f739f1fff4fae43e
- SSDEEP
  
  384:3fzwntZGl/pRIIwkjXEKbk1WgXMyIkFz8S:vzwi7wGQKyT51
Score

3^/10

execution
behavioral1 behavioral2
- Target
  
  upload/bbs/admin/attach.inc.php
- Size
  
  7KB
- MD5
  
  0c42534344b9e92c2c4e3bc63b740fb3
- SHA1
  
  fc58ad0de4ed292c705411d8676755aaead770e6
- SHA256
  
  35c8650de207174baee09c0945cc00473ec4d09f8ebf256584e41850c5fe6de0
- SHA512
  
  8ef316bb4c08cc4e002803b3a4a463305aefd69f6dfa07fcbf44b17a9fe3477fb2447a3a77838623f8e2a196feaaea438843e277e88993dc9e3f8eda1a61f4cf
- SSDEEP
  
  192:fiNhJlSw5D3OjXuajzxLF9SBr/g+06PBRHZ+y:fiqwtOjXuj3RHb
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  upload/bbs/admin/counter.inc.php
- Size
  
  11KB
- MD5
  
  4b3323fd8d191412756def4a809dae81
- SHA1
  
  b0c40fcb839cccc5ee67cad562fa477c551fa8d6
- SHA256
  
  b534c71641a3fffabd08eb6318f33cb1b4d5fa7af2930414a87e0e3c87c2bc68
- SHA512
  
  8fcb341ee36e3615b29c48547b00f80d5bc6873b5347296de6baa473d6c05f822aabd9fdff5a9f54e54511b17a83a523749e4e6017aaadeed546f01d33e4a567
- SSDEEP
  
  96:tiLyxRR971a1JIp8SN/tnNipNqpPMwaF8kNqUtFtDWCqNT6Cm6hNq4JtZr1WWACw:kLWVAJICaf+Go2LdDKZFyyGkujS
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  upload/bbs/admin/cpanel.share.php
- Size
  
  8KB
- MD5
  
  d2c9921559ad45be9d64195ae887424a
- SHA1
  
  cd7690e8902491cfcd9b7b62332056aedc5e3d24
- SHA256
  
  0ba7bf20c4fdbfb5a2fdce9d3b5ee2dd5ba7c0cb526c512594b6ddc3beebd661
- SHA512
  
  b0e2ea73a6d79195a24e9cdc8a022db2928342acdce8103c34e5e3320efd4f264dd4d320344b15a33cab86d60ca1d8e557c344bc910d64d3015027a5549fece2
- SSDEEP
  
  96:tiEolayDZzhxDUIoIAgtuUvBEtdn53ttLqtodPlxQqIfTql3s4f7ncuKJo/yQEHh:k51BdmdpG8cbkGoziA5K8pAoUWB7c
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  upload/bbs/admin/creditwizard.inc.php
- Size
  
  32KB
- MD5
  
  3eac74232d19c454920169e1f728fd91
- SHA1
  
  4eb1a09b1dd1e9d494030d2a83304e1d7f9e62b4
- SHA256
  
  f62d871780bec01a7254c522d4a6e870a6fc4f2c7702016a0048ea68c5f0adfe
- SHA512
  
  0cb70681d105c0010a456baea05300427d59a424a0503a8b40e1d74483d0b39b0ddd04cf9c8bae60d425fd5e12494738e7243628585687d509abc7270484222c
- SSDEEP
  
  384:vH6AziXH9Hw5IP7eQ0d5HXVCWf/hvX1nzO446oamBm7/CwLKd/VCW0586E8iLac2:P7gdHUvnzOVLmGpW65q2PC
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  upload/bbs/admin/db.inc.php
- Size
  
  51KB
- MD5
  
  7061b917e6883cc5f378164b69ecc341
- SHA1
  
  818b04cbbbb3afb1a63fade1eef14d4c5e94f1c2
- SHA256
  
  fd2b9aad351ed5ab09cf3a4310982e71fe3a0cf6489ae6561fce6c2343e35f50
- SHA512
  
  7fd30a0c5ecc59dc26b676de11c700ae37150684d75404a62c1891f4b83ef7f3f87fa66b24247071c49b3ac9099464f26c53a5f8c9ec00b69dbac261ab403ab0
- SSDEEP
  
  1536:E8HE/MhMc610ofipvmgkyptSCbOUBLkp4DJ+EGecMG9I5hG:E8HE/MhMc610o4OgxHSCbbBLkODJ+EGb
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  upload/bbs/admin/ec.inc.php
- Size
  
  19KB
- MD5
  
  1a889833dce47f52c68c9538280c3fd8
- SHA1
  
  a199a4ae1333d60a28efa5a26f747e5de6546c7d
- SHA256
  
  17242b7ec4b3c1300661d106032c0aaa0fdfb39894c68f1f161fdb0045a47870
- SHA512
  
  bedace78b8850e9fabe467a4cfdb4d99c77567fd6e873e2abd901d790b1f8d8a8f4275e9648b6f87d86a072367f85af56d19ee0bcab29f219fcd98f517e5c373
- SSDEEP
  
  384:hrLwOhiDIrLwrmiTLjGFL4u8LevP7ZZHCc:xLwurLwTGFcuEMZgc
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  upload/bbs/admin/faq.inc.php
- Size
  
  6KB
- MD5
  
  f1743a0625b20c13eea54a56da349f67
- SHA1
  
  1d20990d7c8933b588af377e67db0c01c7874692
- SHA256
  
  1bb17897ddd00d7fd96f6c87260fed4909d0b1c133efd79b1f4c60509dba0f38
- SHA512
  
  79bb035781f38b97f23a798df5426dcbb519b96e7ca81c7f17ec65d38829f07ecb666788db0a3a7c33978541509834fc379e3fb8e2c2d9e93166619809c6a458
- SSDEEP
  
  96:dUG72sO7mvTf2/1DSC9FbHVxQagQ4kemJ8g+ws8zvpNEE3F6mnxh5zDnDurQY55S:zO/hh91TQNQgmXHLF5v6rO
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  upload/bbs/admin/forums.inc.php
- Size
  
  83KB
- MD5
  
  61bac7854b55fbeb579e01d0ca56214e
- SHA1
  
  8dbdd8c2461a45ab3c558342148890d326722ae7
- SHA256
  
  98343d086a126f8133ba7baec7d6096ed92a6ebc3f94bfcf8f0777d0ea85bf01
- SHA512
  
  f47b18d599557e10684420464b22e4a287bc8e7e84a49c0ef8a07417163864475c78c8e7132dbe768613108d4f49ca8a20766bae8b154b354e4c92f639683610
- SSDEEP
  
  1536:jkdn+hgRwxwJ6w4jyZOuOJ4LNrXhFWLjR2Y0MJI4OOUshAYAaqSuWwawqUwkmJ:jc+hvaJb4jDuOJ45rXhFW/R2Y0MJIjpE
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  upload/bbs/admin/global.func.php
- Size
  
  32KB
- MD5
  
  5864ba8eb4aa2d239ce0ac6b738dd31c
- SHA1
  
  6f64980d9d3876d9be2a3eb1bc74b58a971253c7
- SHA256
  
  113924f1147dbe693d599f32a8a75a68f869ceb625196f83b89a4f5418dfe158
- SHA512
  
  9a2b3f5d870f401bcb213f410fc461bb363fa6c1149ff7b51f434f39a7ffa6e73635368c051c06502245a007dc0f9d5eea00804c37efc98ef437b9015847f4ba
- SSDEEP
  
  768:saQP7P6YXEB6JJxa7YaHyZBxhuMJHj0539rCQK:dmXEMPAYdZ/hNerCQK
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  upload/bbs/admin/importdata.func.php
- Size
  
  4KB
- MD5
  
  6bbaad2f790f7158cddbeae1852d1041
- SHA1
  
  bab49d5f5a40990456df84f26c808d58ed092103
- SHA256
  
  b05f5fbf88092bd6f897339c7d13cc0b4bf16abc78a8a2e4bc2e5876887a88d8
- SHA512
  
  77ecffc29515e6be5108093d0476b5d3a2021cee936328972bd7962674b89873cd4bc5a94e7281a02a585b81120c72d81e1679157c674bc52ac49ca9a4822596
- SSDEEP
  
  96:dB3hDSBsBItj6GFQowztjpLKF3BEROLm2LS1w3NSqMjBOszp2q5PDwL/xAALfwsf:7lBIR6GVF3+PEq57GCywfg
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  upload/bbs/admin/index.htm
- Size
  
  1B
- MD5
  
  7215ee9c7d9dc229d2921a40e899ec5f
- SHA1
  
  b858cb282617fb0956d960215c8e84d1ccf909c6
- SHA256
  
  36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
- SHA512
  
  f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  upload/bbs/admin/jswizard.inc.php
- Size
  
  77KB
- MD5
  
  b0290e63a1bb42e9cf87b11e4cc9758c
- SHA1
  
  8652c7e193b69764bbdcb3fd43811422b118b6f1
- SHA256
  
  a94ee9c7cdd02e25d5cfd5f69b3d15b647bf04deca4db0bc5136ecf970c0a815
- SHA512
  
  1be7e60e2ca74b893040ba6629fd77fe9aa7948824c7bac18ba5422a2ec9469ed4c1110f76e931f5abcac7865ee3f9e76c80869b43e9b30841bdb38488a723ee
- SSDEEP
  
  1536:Z+v0NnEDllxCs9S9c72nq5Rwuk4GsW7MLY:Z+3lIsEi0q56uE57v
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  upload/bbs/admin/logs.inc.php
- Size
  
  23KB
- MD5
  
  f683e0d33af4f1b738282f5cefc135ac
- SHA1
  
  fa43815476e44aaecde925e972f963f04b6e196b
- SHA256
  
  4cb309d5b35ea5ee4a1e2da9f04f7450353283083e232e75f1b65e035d775f3d
- SHA512
  
  c5e54a35406518a7808429ef95ec6bacddc0f3b556e95fbc7853a7d712b3ffa0b741b3795eecb516da85177d40208eddb6401500ec628c6c58781605cea09a2c
- SSDEEP
  
  384:teFJBR+EJioAmYOGAl/pzAqV01j4ba7qO4ChdIu96ciG7/nsaPesCn/vHCCD4f1Z:0FzR+EJ/AmYOXlxsqV014u7qO4CzIu9n
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  upload/bbs/admin/main.inc.php
- Size
  
  12KB
- MD5
  
  63769f73893c98391724e44e2d1caa74
- SHA1
  
  e13ab73d84b28e2dcbc01c505a6fc0caad449e38
- SHA256
  
  9ab9082cf416b75312ce55690400c3ecf4b546318b24b7589a3238212bb58603
- SHA512
  
  71ce4cd08857a660b47844dcb0aab0ca9759412a7e7cbd13d83a7e94e35d4de4b85f53a491c30f74e35d5d8cb47223b1efd96b131b20d41921b1a1cd0b87d352
- SSDEEP
  
  384:ouAvgqO2sRIz1yCPUo7GnuGzlWca16QFep1u3cS3gQt+:TAvgqoR2xPD70uGzPahyeVt+
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  upload/bbs/admin/medals.inc.php
- Size
  
  15KB
- MD5
  
  f7bf2ea08e740dfdc1df2b72ba9ed50d
- SHA1
  
  18374dc744f9a21d511dc4c88ef5cce89540c950
- SHA256
  
  aa64df952504a9cec218fec7ad4ad8058ace8f31aaeac41d43b7c776672c811f
- SHA512
  
  576cacb8fa92708a01861268e8e931470e13fe9dbe0de341239567fb742053e130b2a1052becab2d7417437b8b5df354f1d740b6d9b084146f625fa0d7415451
- SSDEEP
  
  384:JydLYMGSe3AvsdusSot4kTk1B/+79R60siphJvL3K:8ZWnxdusSotJk1B/+79w0t35L3K
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

System Location Discovery

System Language Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32