ea97abf8e5fa90954e975fa5e60f054e99df727ebc38edf0efdfab3cc9e40b10 | Triage

Sharing

General

Target

a6fea3211d16d5506ab6d5fe122bb1f6_JaffaCakes118
Size

1.3MB
Sample

240818-rpvm7sxdpc
MD5

a6fea3211d16d5506ab6d5fe122bb1f6
SHA1

796b5f11bbf4a4f477914056e4e5653729e2486b
SHA256

ea97abf8e5fa90954e975fa5e60f054e99df727ebc38edf0efdfab3cc9e40b10
SHA512

cec5ce8f500a3df66737e9e469ab71b0a4a59c7ffff43104ae05d4eba284fd146e4d5b0970886b8a54f2e79b5257ca97aafa4c75a6b0ace2e5b6ccc874176fdb
SSDEEP

24576:wqsUeqGWTw4M9sFA4C29+/mvuMP42FYa0zs0yTYSzioh4kh2ym19B:wqsULwzsFA4CnKuuXYxzezioh7ULB

Score

3^/10

execution

Malware Config

Targets

- Target
  
  admin/advertise.mo.php
- Size
  
  7KB
- MD5
  
  9ac69cb89b1b5753f003514fd49e2996
- SHA1
  
  9e13c64c224715a90ff2f5a5d0434784e48c8a7a
- SHA256
  
  a7fb08e95613ef9f129d137667616ca89cceb44c16fed83c9c72a616a7610903
- SHA512
  
  1a8a4c997b5dd83abe5e6cab01a50970abae21d45e552b6ab564539021d0a91bc4efaac6f7427acac464dd78a21cbe543370ace50dcc8abb074d1e360593657e
- SSDEEP
  
  96:foBHFho17VO8aGTTAxTWMrV5BvvllLquIhTCum6F7sdBoYLgV:QBHPWV5avxyMR7VlLqPTCumIszoYcV
Score

3^/10

execution
behavioral1 behavioral2
- Target
  
  admin/database.mo.php
- Size
  
  11KB
- MD5
  
  bad4a8a68a9dd35f7ba7bf9c605b8284
- SHA1
  
  59855e71f4d63f94e8cc5776bf8e80b1ee8aa691
- SHA256
  
  f7118fd492876aa8d35368c0c105b9c9d77129902817e3d9f60f48bd04659124
- SHA512
  
  dcfd6900d8b2775194daa6cfe8b65003fa743d8fe950a98539d7ed6f04df3e8b1eb3cc1ae4207917a3cd842ea1287bebfec8c4a6c30467fed64dd132723d1b57
- SSDEEP
  
  192:QBHrmqqHxjdSt279dRUb2duw1+kD8TxjiCc42Qu3mES+8pkrl:mHrmP1dUMdcGuw1+kDQjij42V3mn+Qkp
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  admin/js/common.js
- Size
  
  12KB
- MD5
  
  e4df884ebf3f2b651604cd1542b9fc1d
- SHA1
  
  8a0167b79286bc3ec90973d09091ed404ddca081
- SHA256
  
  b92195e38d7ebd7c0c9adafcba885a292e8511357031bb4b464102d09561c684
- SHA512
  
  90eccb1702cc83ddc36429a65adf2f63000378b087ec93e1187871260ddbc1fecd280539e5cf57134a542a659d51606362888c50d185f51f4be462f85505bec5
- SSDEEP
  
  192:OVpj6kPZGlmho0dAdVsob+XnudcS/0JJccIcpCTQfde8WPLfNO8tLv1bySV:O76gGQo0dtob+encIcpCTkMySV
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  admin/js/jquery.Jcrop.js
- Size
  
  16KB
- MD5
  
  ead9e5f733592ae8f9b227507de37ee6
- SHA1
  
  b5df4197315564682c88cc55e3f3c519c41c6062
- SHA256
  
  9922762cb53cf9fcc91db5b8edd69d1cc73d948fb2c650fedfcf1b11263ff297
- SHA512
  
  3408c5ad3dfba69a3962f75691adef7210d066b5243d2c25144253462e9452840bb5e32bc77b2c5b899ebaaa1b6d79f931dbe18f9743c0729031d84c04a181a9
- SSDEEP
  
  384:KEEeJaiIrfURXpUAtrgVpyapJm1xAdY4x6vLMvRz4yGw:1En7UR5j0ROLry5
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  admin/js/jquery.cookie.js
- Size
  
  3KB
- MD5
  
  8300eb5446df027b01ddd21e03c361b4
- SHA1
  
  282b361b69817ba00a58322634d5bc4972429668
- SHA256
  
  2df6720dd6fa3b96105c584d36a3af24ba9a5850271674b4cc8b9d56903cb272
- SHA512
  
  fa10539f0acb0271b67ad81b5a01adbc3aecd417f7d75c8feb229acdabc4fd94cc4cb9e1d611c1f926431a51ed9d67bc2df62003177a115afbee8f0cea6d688e
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  admin/js/jquery.floatDiv.js
- Size
  
  3KB
- MD5
  
  bf28a034bf066f7c77fba22a0cf761aa
- SHA1
  
  6205c2d5c81a81b6f704c67700678609dc658820
- SHA256
  
  489ac70ca752619fbb687fed1dee6ee8b586b412d8099e55ff7d85555945d602
- SHA512
  
  0d5a2235663ac0e394c43881a38cc9a1870e8a291dc10442d4ddf7cdc44fc965e3ef3845016c87c8eadb74a3664b7cea764753a12837efa519d470971d65d2cf
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  admin/js/jquery.function.js
- Size
  
  1KB
- MD5
  
  3f8c38d1f9fff3362336a0668287a80c
- SHA1
  
  a87bd43d79270f928152181cd45a6fe4b407ad4c
- SHA256
  
  e28359f4f8c22a455b207a84b18f4d34e61efff05369e8f6ab8d16f92dbc53e5
- SHA512
  
  b4edfb16c36b7d60be575fb2fc7c4263f38a03dce6ed12a2d2dba30b416895beb937322a8123e1b1d82c1171477a97fbe3449c02527e5b1879247d0ea0cfa0a5
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  admin/js/jquery.js
- Size
  
  55KB
- MD5
  
  bb381e2d19d8eace86b34d20759491a5
- SHA1
  
  3dc9f7c2642efff4482e68c9d9df874bf98f5bcb
- SHA256
  
  c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
- SHA512
  
  abb2ad8b111271a82a04362940a7ab9930883ecb33497a1c53edcdc49f0634af5bf5b1bc7095bd18db26d212b059aece4577f85040b5f49c4982b468fe973c12
- SSDEEP
  
  1536:+vnXSI+9Escogo5uW8xbm5sIacSs0DEHUjnqTDUBu6VCdZWa:w8gdzIF0oDUstZX
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  admin/js/jquery.treeview.async.js
- Size
  
  1KB
- MD5
  
  7895b4980c76ac0324928dce2c854213
- SHA1
  
  6814f2883f14f0c43092f55682f4ebac74befb43
- SHA256
  
  87a1508052a99d64de9b47448df5398337d0b2a40652a42d59e49eecfcfabd34
- SHA512
  
  39c8eec7e8d21cc043dec95566be5d2ace4c4f67977c60e859a2fc5199556cd7feef53a220ad35f46d2be48762f8d5c5db2e4030e147c66f18ebf33085130b23
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  admin/js/jquery.treeview.js
- Size
  
  3KB
- MD5
  
  d1acfe09a5cb97d93ab167952c550a7d
- SHA1
  
  1970a260175c706c67cf82d6f926370f5ad3de38
- SHA256
  
  9ab23f223baac87477a0b5c1e018d3821d7a364baaec2713bfc2cc6c3e80c0a7
- SHA512
  
  82c69b5052cccf62d14073e75406f371e056aaa860fb52da1aaffbb903a40658ca4c5eb8177337c39747a92ac55ac3375ad7f52ce9634a4a078d592d5a4574d2
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  admin/js/jquery.ui.datepicker.js
- Size
  
  44KB
- MD5
  
  22895de603b767667e6f6d31d57e48c7
- SHA1
  
  97eb0aa2ce10b5162cf84d667ca784dc1e769961
- SHA256
  
  2de3665b2184abecb2085087ebcfbe1d81d483869840a6c8c1087c7f5844ee34
- SHA512
  
  b274f6dfe396f8b54f73fe216546df9aeea02413986dfdad150d1eadfb8b0380d248c75ad9dabebe0f4fe4c8eca5b3aecbca3c5e5f4909f46dabb9a054e0cd2c
- SSDEEP
  
  768:FVLg7ZzCYV3+akHvu9c1g+YWI2W53rVbIGg5He1GWN5ssiW:ng7ZzCYV3+ae3e+YWIrdIvHe1GWR
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  admin/js/jquery.ui.js
- Size
  
  49KB
- MD5
  
  a6479283a46bd1e7a219dcfb2c2fe39c
- SHA1
  
  58177109aacd6662a5f72e45f3f8aeb21f9785cd
- SHA256
  
  e2fbdcd7c589839eeda4c28d529f33491b4a37ccbc0f8de6701c88eec722c095
- SHA512
  
  2c2b3bf8239db0ab3b4b581ced68df682a266e34769f826a973c8f70af13e5412d2a2277d7bf2270dc903b863367c674d3cfef676ad47a760f3545a9e3a60720
- SSDEEP
  
  768:hjwhJJ2TV9EfQp4HYD28i5O6YXUDrUqTAbrGb86Jwzo9KJD9HTeHIFjZ4L660hsk:02TV9EI/QesjTzXjk5XtzQt6au
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  admin/js/plus_format_fck.js
- Size
  
  5KB
- MD5
  
  5306644e25dbdc4bc30272bfca8402c9
- SHA1
  
  534d6d026cdc78a8a98a23b911a70e15f01b03d1
- SHA256
  
  3e06f54e5f36f767d469255f28814490957ef82ddef8cdeb64104bc31e47e705
- SHA512
  
  f5029cb8ca2823216beaa09e31f12bcef57886e456e27f5cc101b73b8a1f8d525e4a744362b768fd6a0132b4aa0ab0514b9cde68ec670709503cfe31e7f4dd93
- SSDEEP
  
  96:D6hD0iBMCdJcfrifrjgfraWfr9fr2gfrxvTf89gpQi6gXg5iHG+K1ShD0iBMCdJv:Oh4iBMsJcfrifrjgfraWfr9fr2gfrxvh
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  admin/js/thickbox.js
- Size
  
  6KB
- MD5
  
  d55b57d6269a1169d5878d338aed2988
- SHA1
  
  b3c34c431b97eb6073d6d4f478663a3e1bd8bc51
- SHA256
  
  980560bcd0be8e9748252ea22925d3901d18cacc25d036db0feaad7bb2cc3fbf
- SHA512
  
  740cb232e190cef7657e94ad57f7e25bd9cff127ece7bbe81406384ea6519c247fc808bd769f558eece135676ccde2c9a9b3850bf5cf3caadfc8b307dac62536
- SSDEEP
  
  192:bJnUJQihnxk9RYIJbTE3SgJ6iWH/xXf7XuQ:b2P4CIxTE3Su6iWHp6Q
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  admin/js/tpleditor.js
- Size
  
  966B
- MD5
  
  63e2146c2d3ef43e454a013b5b623d98
- SHA1
  
  51625e7bfa52095b2afe1eeb883033b4091bb2b4
- SHA256
  
  dc017b3e074cc414392e6fe849ec39c4e5c909692fabdd2050ee0db9d6cb45ae
- SHA512
  
  7b121df073c20b66958f20a8fa1ec1cc45c1ba38d73849ef6e91362d0fa1c2b5276defaa7eebc345d93694c856e4595a958957b5f501e16d069707c036561538
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  admin/link.mo.php
- Size
  
  2KB
- MD5
  
  40cf64c8a47c4a39efa9ced72935cc2a
- SHA1
  
  7db79305ed4583d231d6ef7601395a3595d6b5c6
- SHA256
  
  7c0a48e14459257c49804f709e38fa1cd0244f6f8384d46c39c475ee6fb14e28
- SHA512
  
  5581a99b1d7aedc745e40f2dd865444a219984d0408d68e0eb030a0a006aaa8784f4ba0c9e52c46e50785b7d907557383d5a61f53886db9d8c13369322353b2c
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32