a1664e381cb130cec3231c27441323ffb829529ec73bddf6c17313de51401768 | Triage

Sharing

General

Target

ae9a10ae501390fd35fbd4ec2cf0c81e_JaffaCakes118
Size

6.5MB
Sample

240820-kxcc9sxckn
MD5

ae9a10ae501390fd35fbd4ec2cf0c81e
SHA1

09d95d663ebc3e3d62598d017d3d5ed7a1ed92ba
SHA256

a1664e381cb130cec3231c27441323ffb829529ec73bddf6c17313de51401768
SHA512

1563973b143247d5b6b83745afaf71b5543bb37b6590daedfefdd80d272f250bb761575d2a79febe649f08f6dc119cf6e543d1fb7f1b959aa11aa3edb9299e5d
SSDEEP

196608:f2qdF/wXnESZE5Up2RLPhDLb+4bsLEokzMRK:f2qd9snESmRxZ/Qq

Score

3^/10

discovery execution

Malware Config

Targets

- Target
  
  sample
- Size
  
  19.6MB
- MD5
  
  dfab968eb4c7bb6143e0e11bfc52d422
- SHA1
  
  0abe79dc7a5f1ebfab8829b1dd70c2a5f10ad754
- SHA256
  
  5d33b27a6db618c569a0619a36883e43c6c84832d4cfc0f16758811fd3e4f925
- SHA512
  
  05165ee8c1f5892aca4635e2d437ffea40e277c07b364857722152b7c805b11128111cfdcd8b40d4480d7312534e8dd6df2d509373fe252597559a700ae99f49
- SSDEEP
  
  98304:kAmH5grhf/An3Wfb7cVSUrS97unTjoHlhvlOAT6Mb8:k7KfjovivlOAO
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  falt4/admin/csshover.htc
- Size
  
  2KB
- MD5
  
  6ca49fa52685c0cb59e26d11b3f1415f
- SHA1
  
  f8283727a460b9f4175544c6c38a2b3db0638490
- SHA256
  
  03ee3edc82f8d9eb4b665aaea599a940adf22635f5ee0aa067e2861ba57ede36
- SHA512
  
  7233b7a0d79d5a952267a64813ec9687697f634999fc5ada97b63b93e250da503f8dee7345496c1c256ddbdfc8a98c067abecee75e7d719dd210e290d25514c4
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  falt4/admin/inc/conf/csshover.htc
- Size
  
  2KB
- MD5
  
  6ca49fa52685c0cb59e26d11b3f1415f
- SHA1
  
  f8283727a460b9f4175544c6c38a2b3db0638490
- SHA256
  
  03ee3edc82f8d9eb4b665aaea599a940adf22635f5ee0aa067e2861ba57ede36
- SHA512
  
  7233b7a0d79d5a952267a64813ec9687697f634999fc5ada97b63b93e250da503f8dee7345496c1c256ddbdfc8a98c067abecee75e7d719dd210e290d25514c4
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  falt4/admin/inc/ctest.htm
- Size
  
  451B
- MD5
  
  aed3dfdb31f179c66618fc1a2071df7f
- SHA1
  
  0095a6bceb360d6d87c3b24038fa1ff21e9c8faf
- SHA256
  
  fdbefcefbbfe7928031b6243e35dbcd11e36db7ff974797973ba89e94ca3ebf5
- SHA512
  
  969fe17ad92343ccf78f6c0e226a213efc62352f548d55619f541c1dcd7c44e400d55ce6ecc9775e9c32ea7ddfdf9ab13b84e766e6721d426ad19ac1983d8400
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  falt4/admin/inc/drag.html
- Size
  
  8KB
- MD5
  
  2022e56a187da32e128acfa3e135227d
- SHA1
  
  121d70462344ac98b08550c78b909493781af502
- SHA256
  
  bc4ad27cdb71986aab304a30856750127c28dbfbf99c6dfa6a102a0406c154da
- SHA512
  
  5176f5be405c40b8dd8e529c7541346bd56172bd385c0b4a047cf93d72927626de77338bb15e53b6dad217816a27bc5e8a28e40d0253ca0151007949884a6f71
- SSDEEP
  
  192:Aly9RtjsKdTONXP7tuxu4HjP9qxj+c2l/7LsskAo1QtN2q:iitjsKdKNX0xu4HjPA+c2l/ktAo+rt
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  falt4/admin/inc/dragie.html
- Size
  
  1KB
- MD5
  
  939b07ae1bba7931ac30a53bde9ee976
- SHA1
  
  82052384178b435e5a5c7b34f0a4cdea285c7d52
- SHA256
  
  bbae6cb245d18005ade95f99e88711feb6e737e7cb883a81c76aefb3b2f090e0
- SHA512
  
  fce973c18e12d03abf89cbac2c79f2912682b5cafdd8ad0a49955db838fb9c49c2afe951913c45388a9e8bbda9dff0be5d8641e3d471034a3d6fdcdacf549ae4
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  falt4/admin/inc/file/articles/add_template_wysiwyg.php
- Size
  
  2KB
- MD5
  
  0f5af889132a9fd76c8cd2cb6b11b1bb
- SHA1
  
  6aa0b96a4db3d179fa9748cb3ab9aeaf52d61e52
- SHA256
  
  5fc0fbc05d18ddfb107eb0682ac89a862c8f3f40b3327db0244ba65a3f4c4978
- SHA512
  
  2e4939818500dd260c3fbd4f59a7480b55744ad0567fa895bc46135a9e9b35a5375fb3e192f0347a0d773c0cf6c04fb4300ea4ea93d7f77a1dc38a754c94a582
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  falt4/admin/inc/file/articles/change_status.php
- Size
  
  2KB
- MD5
  
  2adce882e08591b991d5050614ebcedb
- SHA1
  
  dfaa2a90cba9b6237d78411c0d3e7711d2c65b60
- SHA256
  
  1c0636e91413d801066d330a485b27d3e184c2e5898c3d1a22748947d0c1fb22
- SHA512
  
  9dccd92198bbeedf85d051213a8d85c3cca6a44731b6b008b807a60d984881410142300cedd5bd22ea61b29f86e70ae55e4a2eb17f5bf52ec67f55d0ea81e5e5
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  falt4/admin/inc/file/articles/cleanup_show.php
- Size
  
  6KB
- MD5
  
  a25421b4ad8acad1122701c3f541852f
- SHA1
  
  42d29149019575947faa3e44477bb54bf994a966
- SHA256
  
  864778994b359c2ed8e8f9882784bab61c23b932c5ab59384b14ed59f2ca95ca
- SHA512
  
  b6dbf5b981be8a282be9558004b843c4dc77f2517175d535d47f45094944f972ab47e8e5d140755029d287d1e05514f4638bc0ecbc232a4af938fbacebf6a6b8
- SSDEEP
  
  48:kpQCLLVUxq6swNMQTo0dm8sPM9XuvimBBMEaMqBmzeuw0j2jaJHLIkve6gGhmDwK:kXfxzwVozcev9gMlyWkzGy73xLqC
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  falt4/admin/inc/file/articles/del.php
- Size
  
  1KB
- MD5
  
  16016f0f3a9e56ddae6a9d6b309b4add
- SHA1
  
  41941f852ae59592a51f336a1e3335b80cc9aea4
- SHA256
  
  e6bfe497c69d43150a4f3cc63615c897138d5bd23ce81dd1512cc9ab4ba5ee21
- SHA512
  
  dbccc5339f39c440f6494c0bf8c3a2dd2baea071bea6aefc80ae5305d2d99fabe63983956703cca17887ad39dc201108e46a1e9aa55b899247556c2145772213
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  falt4/admin/inc/file/articles/edit_rights.php
- Size
  
  4KB
- MD5
  
  eb48f1665765e636f8d68f5f2036091a
- SHA1
  
  d2934db2f304bdabe9bbafa42f411356071b5f4a
- SHA256
  
  8f5f3d19e597ca395c698b8ecf879cd4990a533ec70530600f6e85f865013e45
- SHA512
  
  05048917df74da874d95b0c6b5e7e656c4d6194aadc8ad31a90d27d57e0606e8443e06d5910336fb0a1e2921285f249dd2670946d90eba3e6c60a0816045956f
- SSDEEP
  
  96:IsuYscjrzZIPeYA3sT9g0hU7V7/d7YM7/7/g+7rvC9zMt:DGcfqPe1z7V7/d7H7/7/g+7LPt
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  falt4/admin/inc/file/articles/editor_multiling.php
- Size
  
  45KB
- MD5
  
  8889982b2d4773128a5c8522406f1429
- SHA1
  
  e4e639c9ec20d92446f585cae864ea615470b83d
- SHA256
  
  4f005478ac651d632c131a2dcbbd4eb73c8c525eb7fe2e927f460024769bed1f
- SHA512
  
  068893cac846b6ecf939f56e2f5c8bee5395ab5b0c3069150deb4cf3c8fb8b4b4ab7c5b3f5a2c5327e85a0f550343f9ec7525e816812c6c06a3040b7a5366625
- SSDEEP
  
  768:GKPKDG7SD/tcMDCX6k4/2MMbs4e2M+eoZq7lTOklkU2Ln0dUaw9jlhg/v+J5Fw9R:GKPKMSD/tcMDCX6k4/20xBRGn0d69jiN
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  falt4/admin/inc/file/articles/list_articles.php
- Size
  
  23KB
- MD5
  
  531320a6100f8d526942f3c78753beb7
- SHA1
  
  b045cc7ec41b8dc4f17408d6d6fdd8b5755d2f06
- SHA256
  
  4218e229934e8cdafb0373bc647e01a62b8e02726be6f6677f0b46256ff3e08f
- SHA512
  
  b1ab2aa5ca1997563d79805d0b0098936ed30e511b18680294cdba66e9a07a155f87af43fc6bb8ee6ddf6c2655c10ff9692e54017fee9e69fd800c8a5b82c179
- SSDEEP
  
  192:iloWlGQqaO4jNw4QMqIxtdYNzkTxtIHN+WIs+M/9HruPzYQb0GIY9HU6Qhiq/nYR:Ilq27faVk0+gGjHUhB/c/8sdodC71
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  falt4/admin/inc/file/articles/publish_cancel.php
- Size
  
  1KB
- MD5
  
  1dc4fa5ac85b87fc98a69dec6276f5e6
- SHA1
  
  4c7523c08f08fe6ad6fa90beade71aae8b23c4a0
- SHA256
  
  dcd9294376f2189e172fd7d71e9b9b64b2a5851148416e67f6273377a0340607
- SHA512
  
  4e13a4f77d86596ae133f11feae813d42bb183aac27bb2661f7124c18fb708dfe2ff8ba4f3f4542b63193eed3afc4ba04ed404d4c8d7c4a75697aaf46ba93520
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  falt4/admin/inc/file/articles/search.php
- Size
  
  4KB
- MD5
  
  9ae3355e62bbb811925e708c68e4f0be
- SHA1
  
  5972244222a12c71fe85468fe517961fc122ff63
- SHA256
  
  e4dc50cd7d722862de6066b620ae1da9a08b4c7aad1ffca7143e61546e037471
- SHA512
  
  54bd34659637cded4f13d64d0f4242a553a9779de609ce956f9f69a4f2ddd3624318a8221c22c82d9d7e151ca87070c13ff178c8eff0816f49599eb516e85a01
- SSDEEP
  
  96:K2kysgwBLqJqtq8XQEouSw0NyPLVhcVpxx:z7sgwBLW2rQEotwJI
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  falt4/admin/inc/file/articles/validate_netcms.php
- Size
  
  4KB
- MD5
  
  a6a4daedcb5170c6b9aee0316cf6feeb
- SHA1
  
  544c05ba627725615a83a3c8796800f9a5390c4f
- SHA256
  
  1473966b1cfafec0d119233ce320b838e32524e93d650d21d2ba5853ccd906a5
- SHA512
  
  ba97d79aa45941f2567572d8ffbaa651acc437c23f5eb5cd4f53fbac1dd6b5b97ac70afd85ecd915b0e270b8a7861401c81933745be1bda1ab37a16bab941a11
- SSDEEP
  
  96:plO84hfjh2/ZvuwsrB08HQMA/+Y89050+MARA4+jsH73s:3Ai/Zvuw+tp
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32