f4691e1a3b01a055a0072b819a3e5274f9a1b7c5213b1027e318a6823febf402 | Triage

Sharing

General

Target

790df368c222a55dbf28f7e59de79770_JaffaCakes118
Size

2.7MB
Sample

240727-wk829a1gmk
MD5

790df368c222a55dbf28f7e59de79770
SHA1

75568bac412b0624aec94e29ba05bf149328553f
SHA256

f4691e1a3b01a055a0072b819a3e5274f9a1b7c5213b1027e318a6823febf402
SHA512

5faf0781c0c0b54692c56a07d7ff2e6c833ce93357c83a9beb80cbd6d51e82a6044a7e3959681737ee24374c149566cd6f53d5d706a2cedf1b95ed49aae0d043
SSDEEP

49152:SyjdEUW9vAyBIlNxtpgA/ZjatvTiBHaOHJxA/GnAU:3xWk/rBjWNo6/aAU

Score

3^/10

discovery execution

Malware Config

Targets

- Target
  
  xgcms/upload/api/index.html
- Size
  
  1B
- MD5
  
  7215ee9c7d9dc229d2921a40e899ec5f
- SHA1
  
  b858cb282617fb0956d960215c8e84d1ccf909c6
- SHA256
  
  36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
- SHA512
  
  f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  xgcms/upload/caches/caches_model/caches_data/content_form.class.php
- Size
  
  24KB
- MD5
  
  191891374e61b896b42065eab96f1771
- SHA1
  
  7c8e9ee6a9f0898762a328971e53fe89c6d02dde
- SHA256
  
  54795b654b0a1a68a1e001590480982139bb851998b7f5a4d21ba7a62a5e259e
- SHA512
  
  fd62cd82911a592df99f4ec3114304acb14bd99936511e5dd77db9e126d6ef5f9934509c01ef81e3b78e6ead2c442b6dfd8aab875a276429f7e58d65897d58e0
- SSDEEP
  
  768:D/L23XD4s7017OCL2mZfpV7Pq/S0ByDDOc54XmOnKqznzP4jgi9i+qqtbSFcA7fb:n23XbGOBgfpNiGDOcmnlzb4EGi+qqxBq
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  xgcms/upload/caches/caches_model/caches_data/content_input.class.php
- Size
  
  5KB
- MD5
  
  3a009a2daf37682ce08bfde060cd0368
- SHA1
  
  077f09a79b4cff7c09025cdb46d3a112cf817328
- SHA256
  
  519130787f08631c213bee8c8ff6ad9edf1f84e77a97c581aeafdbec0050d9d8
- SHA512
  
  079c4d2b9a4b6562ed0c6cc25aa43fdbf425f57ca659a6d78dfd718afaf04d6bab98f524dbc1414117b10ba7bcd46bd42675fac927658e88753aa4fd279a58ec
- SSDEEP
  
  96:zQM0eRCoPWor0AmokDPSg65NkqDWTgN9UPj6D6Ehs5MPm6d:zQM0kCo+or0AmoqP5QlqZps5Fd
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  xgcms/upload/caches/caches_model/caches_data/content_output.class.php
- Size
  
  7KB
- MD5
  
  0541b461238b0ee08a7078913acbc479
- SHA1
  
  725f741fa57a925d91c5e3f6cd20c236a2273704
- SHA256
  
  3f93dd193bcfb9f1b98ed17a5f9f0cc15e8c6a400c0e2da6b8f48974d22ba2e5
- SHA512
  
  407eb2c1eebb0bcc3216e3941ffcc5c9af245b204b26c25a653bd84f465146402f9ae22102b9b9a0fe4abbc1a4f21f9b8aa8bca5b8b70179dbb4a4509ba50f8c
- SSDEEP
  
  192:q5vfsEL2oD4TTB13oCLuBpdxrZozoO+JWoycbrpkh:efnL2oDKTr3oN3rZozoO+Uog
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  xgcms/upload/caches/caches_model/caches_data/content_update.class.php
- Size
  
  2KB
- MD5
  
  d7a9931fa9a696793deedd86b2463346
- SHA1
  
  0bd7378502fa8e9badda0f8836e27c0f6a633201
- SHA256
  
  d08ea4632924421285d28df2965151b7c363380310ce401c0ad9d8650cd7f356
- SHA512
  
  9068f179589eb5309c8767afac5b9d5f5a08dc0f366e7b23786b21774e2ca6894af1dc91fe52d92bcc9e7fdfee928944dd020e7a09fb64fb608ef403671d86bc
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  xgcms/upload/caches/caches_model/caches_data/member_form.class.php
- Size
  
  9KB
- MD5
  
  0a97dafbe364e3f2eccbbc68e344e89f
- SHA1
  
  6408d9cbb1fce4f1efc6ccfdb13a1b143d316957
- SHA256
  
  5b598c6582cae506f2d005a682a91e7f603d4b8813aca6f83172a91f619fd106
- SHA512
  
  791d3811cb20b88bfae2eda718ac49a304f1e6c35b4b3409241792cb603b1a5f81e776147666e1bc488f01a142fe59b7a2724cd465e3d6824c600899593248c8
- SSDEEP
  
  192:+QDcVCoNVubT1EkDjsQdN1O3NoLmT/NaUC25Gr1sbe8zp/PW8namRlk51UPAnN1u:dDcVCoNcukDjsQdN1O3NoLmDNakGS1Pz
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  xgcms/upload/caches/caches_model/caches_data/member_input.class.php
- Size
  
  3KB
- MD5
  
  fe0b558297d52aa2fb06bc9a17c98970
- SHA1
  
  6dc0bd56cff2293de944f7b69dba2e6aef5231bb
- SHA256
  
  5fb41c25620feae4f91c75427d7000d591df1ed77305073de06267cbfd3c5c10
- SHA512
  
  e012c412327c01000996ab797096fa19ba4ca0c52c550592819031da720c34a2b925265fb8f47c157f0bd885e69ce1b89fb53d55368fae11c7413227c11d6f9c
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  xgcms/upload/caches/caches_model/caches_data/member_output.class.php
- Size
  
  4KB
- MD5
  
  88725805ef6a385f51605fe59b85ddf4
- SHA1
  
  369e86247af8dd1ce675ad3e2173b80a60650f44
- SHA256
  
  2efd5d6fe51e43431ad8eaadc1a5adf2d135b07d8b51eaaca437013a493f864c
- SHA512
  
  76883be6c61cdd9c419a2c18f159609ff371fc80b783f00d1b360718a92efdab70188e69560a741c6d4c3b9d972e83038259e1edd77373ec120cb03d715ec056
- SSDEEP
  
  96:f5vfsEL2oPb4IgaZ7UBjZcmZ5jlJ/jbcCLpkzNcaIWov2io+AVO:f5vfsEL2oD4Ty417LHLpjWov2io+A8
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  xgcms/upload/caches/caches_model/caches_data/member_update.class.php
- Size
  
  326B
- MD5
  
  fce8a2e44f32db8df0e28418d893b979
- SHA1
  
  00eb55edffe51dd960c0bb74c86e081ed9abb6f8
- SHA256
  
  62738cd34843001b531a4f453caa371ac89fda8be83a376273cdf050e9acd2ae
- SHA512
  
  2c0b759eb6d2b45a59ab23989f83b5049c2b52cac42ad8c09b1103a01014189affd5e27d5c2ddfcc2d80f11bc3a5b43f1f6d63390a05cb0e0cb8294d8832a95a
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  xgcms/upload/caches/index.html
- Size
  
  1B
- MD5
  
  7215ee9c7d9dc229d2921a40e899ec5f
- SHA1
  
  b858cb282617fb0956d960215c8e84d1ccf909c6
- SHA256
  
  36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
- SHA512
  
  f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  xgcms/upload/caches/poster_js/1.js
- Size
  
  2KB
- MD5
  
  f7f52dadcb852a4937d8e94c7281037d
- SHA1
  
  5e2ac9c24473b452b32aae43ad7db6508e9db787
- SHA256
  
  0a489775a2bef928026a8df84f91a515180307159e83435e85bcd592105cbc21
- SHA512
  
  ff5e402adb6cb73ccf6f406b65b0f3f0ebddb3804bbd9387f6ab8e1a033456bf13a46e6ef341ad11631879ca2eea05c9f5086085c1215c25341f4d011663645b
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  xgcms/upload/caches/poster_js/10.js
- Size
  
  2KB
- MD5
  
  b9e369d67f7e545076f7fc88de5c0ee4
- SHA1
  
  2bbbf7d0d871b33f399ff2941cedb936f4ca82dc
- SHA256
  
  14f910ee594d1d37431308848bfa38ed2f46d581d1c039350b685abe76bbc679
- SHA512
  
  e3f7d3a665c59dab45763e5cee6a7afcc02a7f3bbc0f8b94b7ab9f7e7661998da3da951218b1155d6a7b8f516340d757ceacd121f652a6b03928c8bb2ab78697
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  xgcms/upload/caches/poster_js/12.js
- Size
  
  2KB
- MD5
  
  f5fc729ca26525053ffcb45957e408d7
- SHA1
  
  c35efc088543e54abddfbe0a0d6b23de712ce41f
- SHA256
  
  c3c1b5b9f37c34db5c8db215c2b5d6a47eb63733c0defd195f2c372eb55fd3f2
- SHA512
  
  6e7b453661186fb2c7f22bc71df2a38feb81b211bb3095c8957359e5eb3500a97baadef7525f7ecd53df541f1cab3e5facb71c7539be6873d7e337d915408454
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  xgcms/upload/caches/poster_js/2.js
- Size
  
  2KB
- MD5
  
  3fb957d8264e563bfda0255ce7fc4180
- SHA1
  
  41b580b9c20d03c64449b182c259b1e065ff9a9d
- SHA256
  
  51972e80bb4b1194e50f0bc9b121929173f65a40745b2194d946f64ffeaff94f
- SHA512
  
  8f98ffbe3592b64ad8754488ba6c8a9e1d1e61ac28570b404b4619a08c344ac917629efe3038dd8a3e2b5503c060f1027774b8b257471abd927cfcb948b4a2d3
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  xgcms/upload/caches/poster_js/3.js
- Size
  
  2KB
- MD5
  
  a101cf3a07f33a97e905f3a3951d22c4
- SHA1
  
  e28c66cfe8332a1a176680daa1520e80de4c53bd
- SHA256
  
  53aa5813eae79a8cc27d9b4d97f0492a9b08b2e803aaad65326f3f189707a1b5
- SHA512
  
  5561f533db6d4a34705da9f2e6ef7c7ca3b7795bd469bfba36ea8889ad6e0aaaf0574a2c373160f027cb47659973dcb2c079f9ce15be2168759a5a34c605c7ef
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  xgcms/upload/caches/poster_js/4.js
- Size
  
  2KB
- MD5
  
  2cea78d4a399a6b29111915a83e3cd72
- SHA1
  
  5a01e8fd724bcf70bcea42a4d97edd8cb6a7c477
- SHA256
  
  b66d6d9f57ceb69f0bf2d2ee02c20859e5291f5006cb7bfd5e996c8962081315
- SHA512
  
  646532c3061eddd41461f00e433433a658e4db7749f4d075f57856dfe55815cd5891089c14fd57f18ce5372bdc80083fe19385da88d4d389b6d931ca429af90b
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32