e4d899b71ba483dc9ccf5e66958e98a22efefb22f5c4980220f86679b366cdb4 | Triage

Sharing

General

Target

ac7075379758c22e93660d947af2c066_JaffaCakes118
Size

529KB
Sample

240819-y4jb2sxhjk
MD5

ac7075379758c22e93660d947af2c066
SHA1

33807a2f0981691d25fafa7d1e2d597a2c1d8202
SHA256

e4d899b71ba483dc9ccf5e66958e98a22efefb22f5c4980220f86679b366cdb4
SHA512

49f24b9bbdacc6f333d2a7c71a5aa7bac33c3bfb37548a2020ec9c0e89a25896ab19f6aef1d850cb268590a55a5b98d465974ae949b3516cb7fc03b1f5045d8c
SSDEEP

12288:qRzVOlXusgF2D7EFsILDLSjBRoibBgAC+NsW/ys7e44:ZrD7+XDLSjgibD7CW+H

Score

3^/10

discovery execution

Malware Config

Targets

- Target
  
  lvxing360/data/agentinfo.html
- Size
  
  6KB
- MD5
  
  890b55f3ebe8a81cc8a6f9add7851c68
- SHA1
  
  6ceae8c07572760d09bc8c573ef1aae46c321274
- SHA256
  
  17b3c369603395dbf328451382c51f792e22abff0b137a3247a885d94215850f
- SHA512
  
  7d5eaf8646429ca8c839ef3c40cd7038bbc7b1fcfb87a048f4d180ecb0686758695a8da4ea7441a2e27e273484ae228bba843bd12c1e7b61a4b7e67cd0c0f4aa
- SSDEEP
  
  192:cF4nFKR5+e5+k45+P0QVw6QQQQQQQQEQQQQQQQQEQQQQQQQQEQQQQQQQQEQQQQQ4:kVR5+e5+X5+P0QVzQQQQQQQQEQQQQQQq
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  lvxing360/data/jquery-latest.js
- Size
  
  55KB
- MD5
  
  bb381e2d19d8eace86b34d20759491a5
- SHA1
  
  3dc9f7c2642efff4482e68c9d9df874bf98f5bcb
- SHA256
  
  c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
- SHA512
  
  abb2ad8b111271a82a04362940a7ab9930883ecb33497a1c53edcdc49f0634af5bf5b1bc7095bd18db26d212b059aece4577f85040b5f49c4982b468fe973c12
- SSDEEP
  
  1536:+vnXSI+9Escogo5uW8xbm5sIacSs0DEHUjnqTDUBu6VCdZWa:w8gdzIF0oDUstZX
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  lvxing360/data/jquery.metadata.js
- Size
  
  3KB
- MD5
  
  5dc505d02f9b936f726ab5fb18477ff6
- SHA1
  
  18170cdd7f384c732b4f3df87a9fd746f20d9aba
- SHA256
  
  bbbd1a32006536c0bd718de4e9980d2e30a76130f985d16d72ef73077e15f95c
- SHA512
  
  d53bf8e2452069217e2b02c8eaaf4b8e4264ebbc267383f8ab05e2c4b81563f159ac01f9f100c36265f22d7041ae8135d006a6d9258b7ca49116cf7895274728
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  lvxing360/data/jquery.tablesorter.min.js
- Size
  
  12KB
- MD5
  
  8f686d799c18844d296853333694634a
- SHA1
  
  7372d3fe21f1a21791b91fa44dbdc94e099c9687
- SHA256
  
  b7889f9f3d9e07240451a7e772849d254c03da352debc558f02ccd8c0cb0a34f
- SHA512
  
  459c6f69d21f5532fca4c846a9501364367780b5f598c089613e27cdd4975c8a0faa674577454e4c4d213bbaafab56655e16f4120c767a9b94a22600dd02d637
- SSDEEP
  
  384:nzwkRz9U4lyRwHh1dRUH/u3IN26AYWAZVs/27:n0+S4l1UPfT
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  lvxing360/data/logo.html
- Size
  
  1KB
- MD5
  
  a44f960117da9c6ec62b73f96697fe55
- SHA1
  
  3456ae42f58eecb484a641f0384b1f7dbec70d31
- SHA256
  
  065868ec9f4d22506e07a26dd31b31fab49023e335074b83f7011549b082c751
- SHA512
  
  59fb5cff9c4506c30a76ff20547c5b353c60ef2da25d822e399ac88ef0e0e5ea0d00a27e83e747dfa952a0adb0e22a60afec0932824870b0d4a801b31a1d9256
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  lvxing360/data/static_title.html
- Size
  
  510B
- MD5
  
  ec0d0b573e88bbd18dfa309dbfeb4d9f
- SHA1
  
  38a3c24638ae42f119f36e20c3846763eb5a0d06
- SHA256
  
  533a21b6626eba780d384ad443937328dba73da09e3808f0a74f698f1a963595
- SHA512
  
  4b0d9cd9bb730c8cec50199be0b6a7e60774e354ef8ba0d38c4626f9ec20760a4a4019a02c68765cfc6dd07b37a61d59f80dcd9e6670cedbb86ef19cf42db4e8
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  lvxing360/data/ticket_static.html
- Size
  
  600B
- MD5
  
  caa597cac80ba37f4de62cefbc51aed0
- SHA1
  
  5e5248bdf22206a1c91aeb176954c46b944b33bd
- SHA256
  
  c0456db456f9f7f68a7d8f0cbe9953e9bab41b5bb9188c8fc2f8439e31b24026
- SHA512
  
  2925fd11734e3860106f72a1d9094e2ef18fa68d40111255278d71cb7a748c70d866ce7c33c7c3298361f1ed4658cda2ae2275dcdb02130a3d97d31e27032421
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  lvxing360/data/ticketinfo.html
- Size
  
  3KB
- MD5
  
  393df6add45ff080c211bdf9bf71cd49
- SHA1
  
  8e87029224444e1080326db49a505f240346a5e2
- SHA256
  
  731b80f13480fb10180153f981b49201425e07b0a320f14f92d046e4b894d097
- SHA512
  
  d48723c99b723d58157cdc875953cf90c091c7c91d4a41814be8fcf8d7e76c5d04febfaaf7e32b02fd3c18be4218d623a5456dd3f1a839029e0b62ae0ca8dcbf
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  lvxing360/国内机票查询.exe
- Size
  
  1.6MB
- MD5
  
  ab4d973a85b9d67e193b695532faf043
- SHA1
  
  25d5c37e2992c5f8b0ded21a16f6bd4d2e2f9ec9
- SHA256
  
  84daf510d8556e6588c17769faf77f4d0f9f11925e763d06670f44b1e08934ca
- SHA512
  
  bdb414a589cfb7eaf648090575dcf4fdbf46806a849478427dad96d2d0ddf559f2a625f90a51ad5a0a17f3a12c3fd721b8e68c976b5cd0ef92b72a5d0c1c2859
- SSDEEP
  
  49152:P6GlsD7+DiKoHcudNHdQXyzMakc3NJSa7Oicgk3A/mdFe5so6MG8D5rCt50kajLF:PblsWDiKo88MyxH6LsNd1bj37oeSWz9V
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  lvxing360/新云软件.url
- Size
  
  133B
- MD5
  
  4f0017b3b346bd0626f0c3b915e6e734
- SHA1
  
  823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92
- SHA256
  
  df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678
- SHA512
  
  0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6
Score

1^/10
behavioral19 behavioral20
- Target
  
  lvxing360/机票直通车更新程序.exe
- Size
  
  80KB
- MD5
  
  76321493996e5410b5bcf285e63db079
- SHA1
  
  9345ac6559b3233384a8725bc3862450adfa3a6c
- SHA256
  
  3d05ec203df33607fac847b7336757b08fe43cdef7d95c6b6493c96340d0f204
- SHA512
  
  18bb00b0d1a4e35470ba4b77d6e0fcff2fc2473a1f750a0a3ba208dcc1ef44d95c3e111a64fdcd38c0ef267801357af454950e6272fc36b8b736b56ae6f229a0
- SSDEEP
  
  1536:+Zysj+uT5huLLR+ugyNfs9CXgJeilG4tmFKVIVpz3/RqiQ:+8sKuTWR+uVs9CXgJhlG4tmxb3/RqD
Score

3^/10

discovery
behavioral21 behavioral22

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22