Overview

overview

3

Static

static

1

upload/adm...x.html

windows7-x64

3

upload/adm...x.html

windows10-2004-x64

3

upload/ann...x.html

windows7-x64

3

upload/ann...x.html

windows10-2004-x64

3

upload/ann...2.html

windows7-x64

3

upload/ann...2.html

windows10-2004-x64

3

upload/ann...3.html

windows7-x64

3

upload/ann...3.html

windows10-2004-x64

3

upload/api/uc.js

windows7-x64

3

upload/api/uc.js

windows10-2004-x64

3

upload/art...ass.js

windows7-x64

3

upload/art...ass.js

windows10-2004-x64

3

upload/art...x.html

windows7-x64

3

upload/art...x.html

windows10-2004-x64

3

upload/art...ass.js

windows7-x64

3

upload/art...ass.js

windows10-2004-x64

3

upload/data/config.js

windows7-x64

3

upload/data/config.js

windows10-2004-x64

3

upload/dat...x.html

windows7-x64

3

upload/dat...x.html

windows10-2004-x64

3

upload/do.ps1

windows7-x64

3

upload/do.ps1

windows10-2004-x64

3

upload/gue...ass.js

windows7-x64

3

upload/gue...ass.js

windows10-2004-x64

3

upload/ima...x.html

windows7-x64

3

upload/ima...x.html

windows10-2004-x64

3

upload/ima...oad.js

windows7-x64

3

upload/ima...oad.js

windows10-2004-x64

3

upload/ima...ent.js

windows7-x64

3

upload/ima...ent.js

windows10-2004-x64

3

upload/ima...mon.js

windows7-x64

3

upload/ima...mon.js

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    77f41f5a099c3995930a302cd6e000c5_JaffaCakes118

  • Size

    1.3MB

  • Sample

    240727-m3wp7syepd

  • MD5

    77f41f5a099c3995930a302cd6e000c5

  • SHA1

    bb7c250bc616b260e080d680d9cb39202a5edac9

  • SHA256

    2fdba7c8ace34d0c44a78f7b9a9bf1e2acb1aec1cdfb7fdf52eadfdbc3e0f56c

  • SHA512

    9dda33b0203bfd6b967e8e70bc9fe50d3594487094242aa214538319303296a6f76da1d46ba964e850c09603dc1540003c388e155439d586db210e95c7cb5f94

  • SSDEEP

    24576:APdw+s72fRCkT3evTBx9i7zQ576xLiiOd2DAY+dO8uUo9CaPN0MfSir:N+JZrTuvTBxizQ57yk8DArw8uX9n/lr

Score
3/10
discoveryexecution

Malware Config

Targets

    • Target

      upload/admin/index.html

    • Size

      1B

    • MD5

      7215ee9c7d9dc229d2921a40e899ec5f

    • SHA1

      b858cb282617fb0956d960215c8e84d1ccf909c6

    • SHA256

      36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

    • SHA512

      f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

    Score
    3/10
    discovery
    behavioral1behavioral2

    • Target

      upload/announcement/index.html

    • Size

      11KB

    • MD5

      eab444bec21420278aae8703b4be4320

    • SHA1

      c7b31d1016ef4d35d66fbf1e6279a2fa12b5f580

    • SHA256

      d5a7fbcf3928e2e5a6f98e2b12dcba559ada1ca01fb9c1ae7a3a6a140d59bc99

    • SHA512

      ba21e02eb2695bf66855afeafecca2c5a071c73c2907a27999f4a9563c607c6a457e57d77e8638fa0fd0c9d6aa0511192a843ca648b9ceed1d4f989d91b72f4c

    • SSDEEP

      192:SIPJzCNi+3eERCLNlODeLjCReT3BT2Ipt/stm:SIUNi+3PRCLNlMUKqpVpt/stm

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      upload/announcement/list_2.html

    • Size

      11KB

    • MD5

      45c28f63610574a0074d54fbc6f4d3ca

    • SHA1

      fb4ce4391054590a1613decf08e8956c20cbc1b5

    • SHA256

      77f86994646cf71867385c1100843ebe1c7c4b0e6985ceb99e87cf85e739a229

    • SHA512

      c8ac5ed29284418f553241c4e8533fbac1e099f889dbb2ba0e36014fd4f8e0ec112784d36771cb2420c2feb0fd3abdcc00324e83cd5060b82e0e2107c266ef0e

    • SSDEEP

      192:SIPJzCNi+3eERCLNlODeLjCReT3BT2Ipt/4Luq:SIUNi+3PRCLNlMUKqpVpt/4Luq

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      upload/announcement/list_3.html

    • Size

      11KB

    • MD5

      8595754fca97178fceef107e08cab571

    • SHA1

      91232a833eb1c8c83b79684c39141294c2e711a2

    • SHA256

      16a6591fdc14e599ab2c571485e92846d1b5e72dab5ca8dcf07fe248fde7c9b9

    • SHA512

      4e975cbe22c5933266cd9df233e0d98386641118af1e3ed4ebe2e49c9128efee2cbb6585365e7bc56b5bb83902479d8cdf5bbe2950e4aa123d8da591948bd994

    • SSDEEP

      192:SIPJzCNi+3eERCLNlODeLjCReT3BT2Ipt/5CfSY6MrH:SIUNi+3PRCLNlMUKqpVpt/5CfSn0H

    Score
    3/10
    discovery
    behavioral7behavioral8

    • Target

      upload/api/uc.php

    • Size

      9KB

    • MD5

      7517a2123518707529aa6eb999987798

    • SHA1

      2a4d1239dbebf9af366e9cac1b59836a614b0c1c

    • SHA256

      0a1dbf8fed1e205f0fe134eb2a3a153b1d03d4d9e3e669a26fad08958c47ffbd

    • SHA512

      73f2990521eadedb1c0f845015b74419813fdd9905b8d0cfa35763c3262603731016fe26459708619cda39a7ede261e63c4f0dbcc7dca21512bda5e533df135c

    • SSDEEP

      96:JWlD8z4uAs5Llj+B+tQE1bvkjyg2j4yy8jeQMesOKqhpARzUUsw1qE1VZYtjOkMK:2ok0/As8+4/nesneRsOTlsGXxnN

    Score
    3/10
    execution
    behavioral10behavioral9

    • Target

      upload/article/article.class.php

    • Size

      6KB

    • MD5

      4fc1997671fb3e0357b46cfacd03cfb0

    • SHA1

      cb8d8883f8292a3979204dfa498f3c6d04a6752f

    • SHA256

      064b707bacb8d69474a272800ae6671792ca94bbc8fd5e4abf9d53dee4e0bf05

    • SHA512

      c5e2d95376bbfd104a9db504522b42504df4df8af911277c4bb3539cef2f94c7d7b8b8ef543cbcda1a91f8fd1885c94bf86980e344ed8123c16f4b837c2b71b6

    • SSDEEP

      96:k0wk9Zg9barmWDJg6rt1ZeHRVsW5Wa7SWalr+V/diYUvg5R3SVrrFYyX:k0wva2uZCRVsuFOFqMFVX

    Score
    3/10
    execution
    behavioral11behavioral12

    • Target

      upload/article/index.html

    • Size

      1B

    • MD5

      7215ee9c7d9dc229d2921a40e899ec5f

    • SHA1

      b858cb282617fb0956d960215c8e84d1ccf909c6

    • SHA256

      36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

    • SHA512

      f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

    Score
    3/10
    discovery
    behavioral13behavioral14

    • Target

      upload/article/tags.class.php

    • Size

      6KB

    • MD5

      93a998cabc2d026216fba62bf720cf5f

    • SHA1

      f7658a816959d7e7e980aa716e39073d372bf70c

    • SHA256

      1c3391abfde8738d802234f63105cb95e8e4ccdaba75ca9fe43534de109e4de5

    • SHA512

      13baaa2e591ce4758b05f9e283614a00e105748916f924dc123290241d497250679b57b26a1c3b78b9e4d88b5196bf6b901ff2e3bfe22a8be949314015df4686

    • SSDEEP

      96:39cfQUDkf9TAHARAoJkhPxQ8aY8/tEGWTGGxQVVyPTdQZdQQ8dqePDFu6YdPDpXb:3qcJyE9WacCwPT6ZufhhaapPD0

    Score
    3/10
    execution
    behavioral15behavioral16

    • Target

      upload/data/config.js

    • Size

      7KB

    • MD5

      e948028c3d95e094c054eb561fd8399c

    • SHA1

      eb3923dcf238fdc55802308448735e336bb83bc3

    • SHA256

      86e3b9cc3412791bed7d2ce47dbadae21f3cb68795e226d672505a388c7e1b56

    • SHA512

      d90e87bbbd681c71b196590ad15dd8a7da838999dc0a524e4dba9c2f050159da635e0b38d1f5bef1c5420cae4e2156bd45908976650e31ec826fc53ec8e89f96

    • SSDEEP

      192:30A3TFFD7VfietYG0hiXLjEC/jHeNk3C+tBiSEbZR9CC48jV:93TFFD7n7XdObFh

    Score
    3/10
    execution
    behavioral17behavioral18

    • Target

      upload/data/index.html

    • Size

      1B

    • MD5

      7215ee9c7d9dc229d2921a40e899ec5f

    • SHA1

      b858cb282617fb0956d960215c8e84d1ccf909c6

    • SHA256

      36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

    • SHA512

      f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

    Score
    3/10
    discovery
    behavioral19behavioral20

    • Target

      upload/do.php

    • Size

      15KB

    • MD5

      2cfde8ffd63880f89dd6631a84759f79

    • SHA1

      ade82bfcf85e8f3ed80db7333d33a0426d317fc2

    • SHA256

      4a16c535f7b3c337079cfccc7bdefee0fcd82b4ce5071ef47bec7b77e6c1d636

    • SHA512

      50fa9814bc2e96d5f7845ea119ea5a966000ad32cf991b04439ed186cd0c6e6f4bc5e6425a56168a296bda32df048bcf9b138c501adf34454505b8ad63f6dc4e

    • SSDEEP

      192:S0muRK2XeGaCin4G/JNFw4G/TgkGlQUwfMqwy9zWQ:zmYs/JA/hGlTw0ZQ

    Score
    3/10
    execution
    behavioral21behavioral22

    • Target

      upload/guestbook/guestbook.class.php

    • Size

      2KB

    • MD5

      d25c14953ad57f52064b8e8d8f52561c

    • SHA1

      116e296df971162a2eeb91fa71d11b653bbb993c

    • SHA256

      cac5e67d875c766cf10584006fa27943a9f02ac51edc4e65323a2eea4513dff5

    • SHA512

      9055f387828b421df7e96afd8d60b93eb5713285f2e599065042f063962074e1aa67f2465b4864ffe437e6574219be839d120838c5d5d5451b1c6a2db809f199

    Score
    3/10
    execution
    behavioral23behavioral24

    • Target

      upload/images/index.html

    • Size

      1B

    • MD5

      7215ee9c7d9dc229d2921a40e899ec5f

    • SHA1

      b858cb282617fb0956d960215c8e84d1ccf909c6

    • SHA256

      36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

    • SHA512

      f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

    Score
    3/10
    discovery
    behavioral25behavioral26

    • Target

      upload/images/js/ajaxfileupload.js

    • Size

      6KB

    • MD5

      ae081a18e5cfbfd009987c7eaf3a5117

    • SHA1

      944803757feae14b3f10d1b01f4eac531ac11459

    • SHA256

      cf9d2335cb6cff943abd506d3e103bf31f89e3aeaffd7e6de7c26b191fc3c41e

    • SHA512

      5fec509d80480da681e6695ce63dbfb1a68ee4bfba83a37bd64206b91c82017131ce23a471f3a13767de9d2eaa85511e784b7d7a57effe463ef5f6bf9014bf81

    • SSDEEP

      192:C9WcNC1XrOt7Yn0IXbE9mMhmlrGjMwJxy:RH1Xra40GbEcMhmpxgxy

    Score
    3/10
    execution
    behavioral27behavioral28

    • Target

      upload/images/js/comment.js

    • Size

      1KB

    • MD5

      5bc688f315c905e593fcf80ae3e4b7fe

    • SHA1

      3a53f0f165da29cdbc61ce6a518a87f8f4036ca2

    • SHA256

      58a897b13ed53f53df5805dfd4e0d96184a6efc42a0beeef00afb0c75637c4b7

    • SHA512

      9eb53ff9e154ba29d99d6b7262b42eea035e1475b5d3e773dc81eb1239c631d4da6ecf0afd5eda602bbc049553ff2193d389c4d3386628508b813b084981d0b1

    Score
    3/10
    execution
    behavioral29behavioral30

    • Target

      upload/images/js/common.js

    • Size

      2KB

    • MD5

      bc4d425b82f3fc536783c0cc647d4419

    • SHA1

      509558deacbb5de01d12b3b1257334bb280fe52f

    • SHA256

      3559fa0c8b1a2d90a0c47a2a5507eadd68bb5c5ebcf1a3f58ae1b4ab74492e2c

    • SHA512

      46e4389e4608817d2f66f449bcb2eacefdb45a651294d8a27542022ed82aa21709058c7932416f50c5e7e8d504afc4d8921584cbe01493c642f7fb7a891d471b

    Score
    3/10
    execution
    behavioral31behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

9
T1059

PowerShell

1
T1059.001

JavaScript

8
T1059.007

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

7
T1112

Credential Access

Discovery

Browser Information Discovery

7
T1217

System Location Discovery

7
T1614

System Language Discovery

7
T1614.001

Query Registry

7
T1012

System Information Discovery

7
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

Score
1/10

behavioral1

discovery
Score
3/10

behavioral2

discovery
Score
3/10

behavioral3

discovery
Score
3/10

behavioral4

discovery
Score
3/10

behavioral5

discovery
Score
3/10

behavioral6

discovery
Score
3/10

behavioral7

discovery
Score
3/10

behavioral8

discovery
Score
3/10

behavioral9

execution
Score
3/10

behavioral10

execution
Score
3/10

behavioral11

execution
Score
3/10

behavioral12

execution
Score
3/10

behavioral13

discovery
Score
3/10

behavioral14

discovery
Score
3/10

behavioral15

execution
Score
3/10

behavioral16

execution
Score
3/10

behavioral17

execution
Score
3/10

behavioral18

execution
Score
3/10

behavioral19

discovery
Score
3/10

behavioral20

discovery
Score
3/10

behavioral21

execution
Score
3/10

behavioral22

execution
Score
3/10

behavioral23

execution
Score
3/10

behavioral24

execution
Score
3/10

behavioral25

discovery
Score
3/10

behavioral26

discovery
Score
3/10

behavioral27

execution
Score
3/10

behavioral28

execution
Score
3/10

behavioral29

execution
Score
3/10

behavioral30

execution
Score
3/10

behavioral31

execution
Score
3/10

behavioral32

execution
Score
3/10