Overview

overview

3

Static

static

1

data/新云软件.url

windows7-x64

1

data/新云软件.url

windows10-2004-x64

1

images/fon...ex.htm

windows7-x64

3

images/fon...ex.htm

windows10-2004-x64

3

images/fon...ex.htm

windows7-x64

3

images/fon...ex.htm

windows10-2004-x64

1

images/fon...ex.htm

windows7-x64

3

images/fon...ex.htm

windows10-2004-x64

3

images/js/uc.js

windows7-x64

3

images/js/uc.js

windows10-2004-x64

3

images/sec...ex.htm

windows7-x64

3

images/sec...ex.htm

windows10-2004-x64

3

images/sec...ex.htm

windows7-x64

3

images/sec...ex.htm

windows10-2004-x64

3

images/sec...ex.htm

windows7-x64

3

images/sec...ex.htm

windows10-2004-x64

3

images/sec...ex.htm

windows7-x64

3

images/sec...ex.htm

windows10-2004-x64

3

inc/add.js

windows7-x64

3

inc/add.js

windows10-2004-x64

3

inc/index.js

windows7-x64

3

inc/index.js

windows10-2004-x64

3

include/db...ass.js

windows7-x64

3

include/db...ass.js

windows10-2004-x64

3

include/gi...ass.js

windows7-x64

3

include/gi...ass.js

windows10-2004-x64

3

include/se...ass.js

windows7-x64

3

include/se...ass.js

windows10-2004-x64

3

include/te...ass.js

windows7-x64

3

include/te...ass.js

windows10-2004-x64

3

install/in...ls.ps1

windows7-x64

3

install/in...ls.ps1

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9787799074ef81175fed4015004781ad_JaffaCakes118

  • Size

    625KB

  • Sample

    240814-y4bbfasdjf

  • MD5

    9787799074ef81175fed4015004781ad

  • SHA1

    007cc2cac87f10b919a1b284dd0659567b844c34

  • SHA256

    e09eedc97a868926bcd0952df20098c23fbfc79d17c1ee3f4938e6a6e2140e3c

  • SHA512

    81ca399847530bf7fbe29a50186f506a34ec10f04095d991707f7bf305c30e19272aacf6c4e05199781566ae75e9bf0834503c8700c54f71e3ee5b6877c42f05

  • SSDEEP

    12288:wrxP7gPadMn291sfs4yQAy4L/1vKVPsOas7jsYuIoZ6/Ggk8GXA7XYp0/:wN7gPaWn29GsxQA/pLZZ6/njYps

Score
3/10
discoveryexecution

Malware Config

Targets

    • Target

      data/新云软件.url

    • Size

      133B

    • MD5

      4f0017b3b346bd0626f0c3b915e6e734

    • SHA1

      823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92

    • SHA256

      df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678

    • SHA512

      0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6

    Score
    1/10
    behavioral1behavioral2

    • Target

      images/fonts/ch/index.htm

    • Size

      1B

    • MD5

      7215ee9c7d9dc229d2921a40e899ec5f

    • SHA1

      b858cb282617fb0956d960215c8e84d1ccf909c6

    • SHA256

      36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

    • SHA512

      f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      images/fonts/en/index.htm

    • Size

      1B

    • MD5

      7215ee9c7d9dc229d2921a40e899ec5f

    • SHA1

      b858cb282617fb0956d960215c8e84d1ccf909c6

    • SHA256

      36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

    • SHA512

      f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      images/fonts/index.htm

    • Size

      1B

    • MD5

      7215ee9c7d9dc229d2921a40e899ec5f

    • SHA1

      b858cb282617fb0956d960215c8e84d1ccf909c6

    • SHA256

      36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

    • SHA512

      f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

    Score
    3/10
    discovery
    behavioral7behavioral8

    • Target

      images/js/uc.js

    • Size

      2KB

    • MD5

      a86cea5fd815e45bb671bdf3959181ed

    • SHA1

      18163a27a9809c9e66ade59190ffc3cc9a6f3196

    • SHA256

      3b837eda6f00e58be1dbd85844384f1e3fe94f7496e00f01173ffc00e78b13e6

    • SHA512

      37fe6bcb83a8f68142a57ccab3d2a243ac49104003ac2c92b311f3ff5d89d83ab445906d2b473bac368f91eef4d70939e97acfd4c9f9e3e1a07a09010634b3ab

    Score
    3/10
    execution
    behavioral10behavioral9

    • Target

      images/seccode/background/index.htm

    • Size

      1B

    • MD5

      7215ee9c7d9dc229d2921a40e899ec5f

    • SHA1

      b858cb282617fb0956d960215c8e84d1ccf909c6

    • SHA256

      36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

    • SHA512

      f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

    Score
    3/10
    discovery
    behavioral11behavioral12

    • Target

      images/seccode/gif/OCR_A_Extended/index.htm

    • Size

      1B

    • MD5

      7215ee9c7d9dc229d2921a40e899ec5f

    • SHA1

      b858cb282617fb0956d960215c8e84d1ccf909c6

    • SHA256

      36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

    • SHA512

      f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

    Score
    3/10
    discovery
    behavioral13behavioral14

    • Target

      images/seccode/gif/Small_Fonts/index.htm

    • Size

      1B

    • MD5

      7215ee9c7d9dc229d2921a40e899ec5f

    • SHA1

      b858cb282617fb0956d960215c8e84d1ccf909c6

    • SHA256

      36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

    • SHA512

      f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

    Score
    3/10
    discovery
    behavioral15behavioral16

    • Target

      images/seccode/index.htm

    • Size

      1B

    • MD5

      7215ee9c7d9dc229d2921a40e899ec5f

    • SHA1

      b858cb282617fb0956d960215c8e84d1ccf909c6

    • SHA256

      36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

    • SHA512

      f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

    Score
    3/10
    discovery
    behavioral17behavioral18

    • Target

      inc/add.js

    • Size

      1KB

    • MD5

      fcad0e0ab7d17ca69ddcdcee9c7467fe

    • SHA1

      924a5186f668c27ca5dbbd69b55c4838a599f108

    • SHA256

      9caba96966bb9d80f0380ee158f36bee297284bc26c8f36d99caf0afbec95dd3

    • SHA512

      b4d21b688ac309485692938e0c96a9b2ae4e8a4b4a235dfb2b2ab81df98127bb7de881a72fcb362a1069b729847be579a3ebf8f142bf451635f8e54f984be6ba

    Score
    3/10
    execution
    behavioral19behavioral20

    • Target

      inc/index.js

    • Size

      1KB

    • MD5

      5206059379e8d21aae3e8e3f4465df4e

    • SHA1

      597c0a24005bc093890997471af5e9933579b80e

    • SHA256

      74f524a5a0e703fa01bed4ce428ac9a3b6ff2657e9436f3b82d5ffd35e71b37b

    • SHA512

      8883457b5d9b8f0ae4a63c0af0a306eb396c5f8c7b2fad2f05c7a43f81fc69dd2639fa0451011a4b954e436feefa61fa198dc6087bedb1665f068abb7400d976

    Score
    3/10
    execution
    behavioral21behavioral22

    • Target

      include/db_mysql.class.php

    • Size

      4KB

    • MD5

      ac7636f2a9d7e2dfa35ab4b995c7615f

    • SHA1

      f136063c3a8893a06ca80d1664ea5530f1141409

    • SHA256

      89827bd302ac05667983c446a9aaee726a3d5b76a855cf2c70584b24491bba77

    • SHA512

      a16578cbf6badf562ff92c6d3b067a1deb079172f633f6ad7ead009081209868cfa908a48813b58fef179e66a344c3a56d5f41eff64a2bd0987be8d3a72e4e68

    • SSDEEP

      96:lfFfNDSINdnibjMwkMJ9r/vSjfNl+Q+bXUHY5crZTrCrgQbi8f5:lvSINlQzVehB85

    Score
    3/10
    execution
    behavioral23behavioral24

    • Target

      include/gifmerge.class.php

    • Size

      8KB

    • MD5

      ce4d2715ef3e7d7a876cfba3c69e9749

    • SHA1

      1d8039e0aebc8073b2e33886a22d8f85eb0300f8

    • SHA256

      b4954e87c1465b2ab6a5fe953277aaf4f7db9fca935904f527d23fa73e664b58

    • SHA512

      632f61d67156750f5bfa2b09629170969a30bf331e1880f049991b67d18fe0891897f3475ae0c3b76af113895b21e04a6a9436c5658595ab1b408a5f47947775

    • SSDEEP

      96:X+PWfAgJq8VfLYQl3UUDvaVJThIJE1RyoCP0lJRekUbyrYz7Rf7qLVe1luMv80il:OWfAI/j3UUjACkRPio

    Score
    3/10
    execution
    behavioral25behavioral26

    • Target

      include/seccode.class.php

    • Size

      22KB

    • MD5

      0d26177205d497dcd1c2092fcf30669a

    • SHA1

      02f65e33c4470d02741d9ffbc1f182334f5b7e42

    • SHA256

      229550799e9faa33536ecf2423a0ca699942ad2008d9ea27ef07d6b8833d21ad

    • SHA512

      96e061febc736e6f4b9d003a6269384d2417cafb6ee8b4737c399e6db8872b441c7ff170151e4a0b745e75bf56c0b5db6c9be181193f7d3142d40adbfdb2ce34

    • SSDEEP

      192:8O/XmZl6NKuEjFPf+DzfMz/mZLY19dQ1Y022W7Y5saZtunkzs9jc9qg:WZlHRX+D5NIfAd2d0FZtUkzsts

    Score
    3/10
    execution
    behavioral27behavioral28

    • Target

      include/template.class.php

    • Size

      8KB

    • MD5

      e0ef836ebe804530229a224b3fbdeb6d

    • SHA1

      dad55cd36677651ebabac2e57d2c26f7f3fb65d9

    • SHA256

      30b1c220b2cdf2c8d762ff3d25d1974dfdab3c3d7dace0e54fbe0abd12a3031b

    • SHA512

      364ddeded4a40fbe2717f991bcc7a087a4e97c8f22739edf097990918a9658a2ed5dda5639ae84a3e002aaa6bb0178f97c2cda1a511aa329473967f47959962f

    • SSDEEP

      192:Ju1Jlv4R6zKbzckCARV6zKHzcMl+Eq4rFp:kAGyTP/4mTF

    Score
    3/10
    execution
    behavioral29behavioral30

    • Target

      install/includes/config_rglobals.php

    • Size

      1KB

    • MD5

      c73323eef9a5e1486c248d4d7e198e6a

    • SHA1

      ed9df7416907f108d7b40269e91e7404124a18db

    • SHA256

      243403828a065d71d6853814d7a7465da0fe8948ab49ccd039b70ec17097d40b

    • SHA512

      34a6723f22be109fa222a771c6393a4a4d3b90c94f53fdfe15b2239b9f90fa17cfb79c3a49ed2a7ac8109439d7ac20f98f844a82723a66aabd1eb9ccedde53ff

    Score
    3/10
    execution
    behavioral31behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

8
T1059

PowerShell

1
T1059.001

JavaScript

7
T1059.007

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

7
T1112

Credential Access

Discovery

Browser Information Discovery

6
T1217

System Location Discovery

7
T1614

System Language Discovery

7
T1614.001

Query Registry

6
T1012

System Information Discovery

6
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

Score
1/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

discovery
Score
3/10

behavioral4

discovery
Score
3/10

behavioral5

discovery
Score
3/10

behavioral6

Score
1/10

behavioral7

discovery
Score
3/10

behavioral8

discovery
Score
3/10

behavioral9

execution
Score
3/10

behavioral10

execution
Score
3/10

behavioral11

discovery
Score
3/10

behavioral12

discovery
Score
3/10

behavioral13

discovery
Score
3/10

behavioral14

discovery
Score
3/10

behavioral15

discovery
Score
3/10

behavioral16

discovery
Score
3/10

behavioral17

discovery
Score
3/10

behavioral18

discovery
Score
3/10

behavioral19

execution
Score
3/10

behavioral20

execution
Score
3/10

behavioral21

execution
Score
3/10

behavioral22

execution
Score
3/10

behavioral23

execution
Score
3/10

behavioral24

execution
Score
3/10

behavioral25

execution
Score
3/10

behavioral26

execution
Score
3/10

behavioral27

execution
Score
3/10

behavioral28

execution
Score
3/10

behavioral29

execution
Score
3/10

behavioral30

execution
Score
3/10

behavioral31

execution
Score
3/10

behavioral32

execution
Score
3/10