2a743b1540bfc7ba676fb9ff51fac848e0d84a1f991519b86d5adf78644c4056 | Triage

Sharing

General

Target

6f2372ba5bc0902a602db9c89f7c2211_JaffaCakes118
Size

1.7MB
Sample

240725-l5l34sseln
MD5

6f2372ba5bc0902a602db9c89f7c2211
SHA1

07ee3cd0911facaed35d715d5d45fee1e7e74672
SHA256

2a743b1540bfc7ba676fb9ff51fac848e0d84a1f991519b86d5adf78644c4056
SHA512

5f619ab8ccd44cf9b3b44f5a6f998fd347a9b0624ef80ff272021432bb01b4fcf9da81a14124011b8aa7db2a4fd316e9316a6c34202feac0fbd442aff5231f21
SSDEEP

49152:einIdDdniVQjsUsaJbkDwD6Qj523Fp8jC:+dtvoPiNn52V2jC

Score

3^/10

discovery execution

Malware Config

Targets

- Target
  
  flash/新云软件.url
- Size
  
  133B
- MD5
  
  4f0017b3b346bd0626f0c3b915e6e734
- SHA1
  
  823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92
- SHA256
  
  df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678
- SHA512
  
  0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6
Score

1^/10
behavioral1 behavioral2
- Target
  
  upload/Scripts/AC_RunActiveContent.js
- Size
  
  8KB
- MD5
  
  9b2224a10312f4ef94fca5bcefee5bdb
- SHA1
  
  46c525e5b491bfd94ded94351779553c6892c3fe
- SHA256
  
  7c70801a45befd1577f0467d26e1c922a96211003be5393a5b100fcd7617f674
- SHA512
  
  78a5b088046a4f476e02c5a0a331087c521e2353a8574888a13c1c8e16b07606f78e03f708198cedd98d1df0ef867a71fb63b9dd50a193eb98f4d6ee7e14d69a
- SSDEEP
  
  96:4wQrpaYZ42Bf0HHyDL7ULELdPJVvgJYxfHzx/zLi2N09ts92iy0e8A:VAaMf0HSDL7ULELd37hLi2Ip
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  upload/block/language/index.htm
- Size
  
  1B
- MD5
  
  7215ee9c7d9dc229d2921a40e899ec5f
- SHA1
  
  b858cb282617fb0956d960215c8e84d1ccf909c6
- SHA256
  
  36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
- SHA512
  
  f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  upload/dbquery/language/index.htm
- Size
  
  1B
- MD5
  
  7215ee9c7d9dc229d2921a40e899ec5f
- SHA1
  
  b858cb282617fb0956d960215c8e84d1ccf909c6
- SHA256
  
  36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
- SHA512
  
  f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  upload/dbquery/manage.php
- Size
  
  6KB
- MD5
  
  75e430a0c5ec369e9a3760fec0629b68
- SHA1
  
  a973047efc55725d21e6eec3ecefc04c8eb3491e
- SHA256
  
  e5165f37e1df064ca3fb469f49614108b7b17db7477a44224986ea78363f1e20
- SHA512
  
  032c898782526879c89c8c6cfc41b10c1c646d09eca23950377987de1146dbeefec14dc4c758fa8358cad076e941bf4d1af80ef2d783334514867040a4b743ed
- SSDEEP
  
  96:2AGf6j3wZ7K9G3kPEQuEQbnPoBRedVpOfg/SkfXYFh/8raG2DK1Ap6Zgs++iDDJ2:23vU9u979+nkdaG2EAp6ZgJX84S
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  upload/feedback/language/index.htm
- Size
  
  1B
- MD5
  
  7215ee9c7d9dc229d2921a40e899ec5f
- SHA1
  
  b858cb282617fb0956d960215c8e84d1ccf909c6
- SHA256
  
  36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
- SHA512
  
  f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  upload/feedback/manage.php
- Size
  
  5KB
- MD5
  
  9b594b65778f4e6c2ac69a939af7f252
- SHA1
  
  63d59ea0feb5ba8546445249717e7772119cd5ac
- SHA256
  
  048254eb3b9fc7539509a9d8ed45e69a96afa64bd512e6f98c3938c588f2ff35
- SHA512
  
  01ff66feac871aacdede39d0064c26e8f03dbd740cc51b1f032dc94d8dcaf2295e904a066191f0e43eafd5cc5c73f8533b085dbcb5105c8eded0d464c2d7014a
- SSDEEP
  
  96:2OXugcP+uRDmkT2tXDuQ6nquPl+VY76SbF0iz0GTDBVd:2UX7LTonjyzu0G1
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  upload/portal/cart.php
- Size
  
  18KB
- MD5
  
  85e99bd821010af750cd680ee914030f
- SHA1
  
  034663197fc6a01c0af72450fd3185220ca9fd71
- SHA256
  
  4ff398a76a32f9377a4ced3d4836c64afecab8421ec95740f00c089e2c313c88
- SHA512
  
  b35f79b352a744d50f6040460d1946660816b1311af9242bd00e21a9ec44453619b45d340fb0c96883bf05b6f59cf58d2459fbb5def46ba579fa8f7bc0d10d45
- SSDEEP
  
  384:2SftB+1UJ/pdY3zlj9r6DsRe/R8rPKHdmish:LftB+1UJ/pdY3zlj9r64Re/R8kmiC
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  upload/portal/core.class.php
- Size
  
  127KB
- MD5
  
  6bcecc5d755cc124dacbc707c460b140
- SHA1
  
  936047f923420d0e50276e3ff61c099c5c3b0588
- SHA256
  
  18d6e624b8bd536c745ca88ee45288e640caa6e405b5fc979e16924d199fdd6c
- SHA512
  
  99c37f8ff8353c8a7e1386aa9b57d74851b8186caf90a6bfcf1a5f27a2a2da21e045d56ef44b31b12d9075856dd882766a49563b15a3f0bd70c3408f0cd08903
- SSDEEP
  
  1536:wJY4EVA2jBsHGwIjTddteeQdp+m1TXzMyzAY7hTCrbI3Q9lLfEmIedYjeFOaTP1Y:DFsm/J7QX1TXAyzAY74rbqQ3Uai
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  upload/portal/index.php
- Size
  
  14KB
- MD5
  
  89360ec5a9b48b274c3b5b434a7d5bbd
- SHA1
  
  71366f6615a46cceb1d39fc01596c165bfa7d42f
- SHA256
  
  b1df817cabb649387e89a69d30eebb1ac2bc2f70e38eda9a0942d6b1f96d22bc
- SHA512
  
  2a580947cbbc34bd7f9696e1dfe46fadd3f9906bd68aaf2c2d663a4cc4d5059b7e31461a1fbb26e4a72fedf7be8be88db5ecaf77d6877ff0731beee82693348a
- SSDEEP
  
  192:2p0LFdq02NGY8vB9VlqBW9RBJcCn8rzP31+r4NUnPLBH7sVh:2aU0LJCCnMLFek
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  upload/portal/language/index.htm
- Size
  
  1B
- MD5
  
  7215ee9c7d9dc229d2921a40e899ec5f
- SHA1
  
  b858cb282617fb0956d960215c8e84d1ccf909c6
- SHA256
  
  36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
- SHA512
  
  f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  upload/portal/manage.comment.php
- Size
  
  4KB
- MD5
  
  8804f53b5e51c9bba6c979d5069b83f3
- SHA1
  
  d1eeb860a5ec4e1083c1599750406ea77ca2e3aa
- SHA256
  
  1104f40872666ae7eab85819903b376fd425076b658bffae2c91fa436e869e3a
- SHA512
  
  991f1b9742f766918d321a75e39aaf0f29b91ea03c0ba3444be8758100282a15f4ec66b2b4522bea59f3ecf94798903580e4b39d4f3790f33ab7fd55f2eb213d
- SSDEEP
  
  96:2w+JDVj6b5VShBUQv39VJz9+cy+VDMOJBOD5Vy:2FSSjUQB9+i/
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  upload/portal/manage.content.php
- Size
  
  52KB
- MD5
  
  7daf3034049ec41e8ca7b6e436d7212b
- SHA1
  
  9567f12fdb947966c06e54525725d9ae8a90bce0
- SHA256
  
  3bf01a01d70f6a0b241a1fb41db664d686f0293812e94994f2bc4bf9d984807c
- SHA512
  
  ff52a46a22e747f204ceedabf3783be825d19fd3ea1c042185edcc22f3e8cf23f310c50e115e04a5203d86adb130faa1a0293b862be31c19922e3f6ea7d25558
- SSDEEP
  
  768:beEwLjPlBrylwdvwPBtESQjZtIg1M3GyyeV2MNLg3tiC:uLpBritQjZ36ecqd
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  upload/portal/manage.field.php
- Size
  
  27KB
- MD5
  
  e41b1285b1364a444834f033aceb5f9f
- SHA1
  
  714b52c5be1f4e1a15c1c2853a8e40c3725b8ae5
- SHA256
  
  e9fbd3f9b00540b6e6c2f0b4a71b7f119604085bc1931f8c7fed5a79d3e223b4
- SHA512
  
  e872b3cfd8cef764531a28e3cd3a540f5ed75d322a674fd00f37ac1a089112b219c1cb4646e36ad486b49d85e8e1dedf44eb26061d471625c3a6cd8890ae8f60
- SSDEEP
  
  384:2SjcEm11oHn+J805Fm06Z5BC9tL+tDC6zi/SYe/SK3bwxHpHzwxHVwZPtq1mGJhD:r211oH+J805uJtD3Yjpfz5S
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  upload/portal/manage.model.php
- Size
  
  24KB
- MD5
  
  5b52707f3c2923fd5868bec4de5b8bbb
- SHA1
  
  9eb1787eff9735cc6fc436b284c3773bf24fb403
- SHA256
  
  d28a9e56ac09129500450b72aee758d38256555b3d21a2e5b0a4abe9ca8412fd
- SHA512
  
  7ae641f8991f509c46cfd0900b99c544c30465971c314442dbe159cd030a94a126033547a11ed85a1a4ccd7fc6d71ab1f3e787e724c0ade797a870bc89a46e22
- SSDEEP
  
  384:2kuGmDOXU3QwksFTa1RiBKla0U6yhn0AOZ3C7Jr6A:prE53QVsFTa1ROKla0US9eD
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  upload/portal/manage.php
- Size
  
  52KB
- MD5
  
  7b112d56557c18b0ff0a15e7bdf6390b
- SHA1
  
  6a9fef4a1e381a5bbb2fc58403a01229ac078b05
- SHA256
  
  bb72fbe230969455551eea56cb5e20d1cc652fe76fd76ef2f4037c1473c33a27
- SHA512
  
  15d479ad4d737acb9f0db502abd83ca54aa69e81df958ef53b5b2faf12f1fd43eeacb5c08549c28573876fc71977d2978d89a7892adf743b1bfc034a6ceeaa8d
- SSDEEP
  
  384:2Uvo/qMTCtazCpJVQW1bsIW2UYHdOLYoa2vW4fpSSXMeQOOYoTf87B2f6OLgnEef://pn5UYHdOUoa2u6VXMZsoTc2yEXv4
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

System Location Discovery

System Language Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32