8744ee87d793fcc65f93fc7d0cd65f9e04388850d15ba5f2a02682b35ceb8678 | Triage

Sharing

General

Target

b309814dda44ea678bca7ddac1dc3a2b_JaffaCakes118
Size

2.8MB
Sample

240821-l4d14sscrh
MD5

b309814dda44ea678bca7ddac1dc3a2b
SHA1

4e4c44e87870fc431aa0bfb679a99334a7687ed0
SHA256

8744ee87d793fcc65f93fc7d0cd65f9e04388850d15ba5f2a02682b35ceb8678
SHA512

c93ac3673eda6c4ece5e894f79eb3d58f640a09484bd8057bc644ddbcad230dadd73e1a8d831ebf580262a091e561a0443a7c546a95f37c51c13738501a324a8
SSDEEP

49152:6CFmUSUlJTPHioEDGn4B8zx4BmNA6nraR98qgxQ7YFrwqJkXrCVoeiD8+fBEHtgC:9FXlJTPHfGG4G6BNgeX83Q7urXAeVn2m

Score

5^/10

discovery execution pdf

Malware Config

Targets

- Target
  
  Add-on/Md5Check.exe
- Size
  
  60KB
- MD5
  
  21c661c4dff1b5847de6d00425743eac
- SHA1
  
  d63b10df7099e3da0ae1a08d431b27aef78cce9a
- SHA256
  
  ee893eb6010a8e80b72cf2bdd92288c82ea962b0e333ab8bad973e4e81428af1
- SHA512
  
  042dc49819f0573dae0ddc5c66afb60080240bdeef4f3902a2d4236ef1d5c2ec0c9905a7ee774dcff74f467f0761eb3c3737b20d9bdf7d8a004b5ec3f102f5db
- SSDEEP
  
  768:ar3t4JXoFDBvLuxHdtQSHhe9Vdcz/hH/90aAAQr4RlmegRB:gtYXoFD8x9tQSBqGV/90lAQr4Rlmegn
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  Add-on/uninstall.php
- Size
  
  9KB
- MD5
  
  7b4f0b5ccd3d5a46990c45734fcdf506
- SHA1
  
  a2f63b00facbaee56bcc41cf929f26d70b4c4689
- SHA256
  
  4ff4525a2f80cab2bdf2f8170097285b3096193c5a9e248ca6240fca1c8635f0
- SHA512
  
  0f9748a25f01e8a15ecb35730479f1a83f21e20f1881f188281c1bbe3ac93c8bd06eeec0c0ebd6880c35ecbf045e2e11331f74050d0f79e35fb349b6d12a4236
- SSDEEP
  
  192:JD9IA1e4mzlRIdNAiDNRlCiU2J3dfkrA5R5kmAUI1jxF:UvIdVpRl9PkrvNLVz
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  Add-on/新云软件.url
- Size
  
  133B
- MD5
  
  4f0017b3b346bd0626f0c3b915e6e734
- SHA1
  
  823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92
- SHA256
  
  df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678
- SHA512
  
  0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6
Score

1^/10
behavioral5 behavioral6
- Target
  
  Docs/PHPB2B2.4Manual.pdf
- Size
  
  431KB
- MD5
  
  784880b1c031fc169909e5406f4cb7cc
- SHA1
  
  bfd075ada60c700e04ac12ad2621ccbde2aaf5c6
- SHA256
  
  7d7ad1a9a11275e3ccc5f87a05d4750cf07d293856028b886d7c885d784c0ceb
- SHA512
  
  0f74e3d96287fc236b75709809c317e1b44c7e817cd832b515b4e706f8ee7cc98439f7deb477f88547bc8352c929d04c31f28783897878b60ecbf09fa3170337
- SSDEEP
  
  6144:U0vvQw70QDvNGJF5vpCeDh82foSIOljpYMQrjk3qHWi18jTqPWUHeogc1kkK:t57lGfpy2wSIOJpYUjmPWUHenGRK
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  upload/app/configs/index.html
- Size
  
  1B
- MD5
  
  7215ee9c7d9dc229d2921a40e899ec5f
- SHA1
  
  b858cb282617fb0956d960215c8e84d1ccf909c6
- SHA256
  
  36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
- SHA512
  
  f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  upload/app/include/class-excel-xml.inc.php
- Size
  
  5KB
- MD5
  
  babc5b5a0dda2fe4c469602eb0125842
- SHA1
  
  71401600724320a8a68cf932b5bf4a756aa91ced
- SHA256
  
  6a191e80826e3041f2cae3eec87f47c4e1217e8022668fe870b10f8e5732b479
- SHA512
  
  ce2e2df71ae9b60e0a0be80bcf5fedc951a803fcf074f22781f754458999af409be1a59d81022bc3d8ce5b56ed8a5954277a71e536eef89743ad49373e984418
- SSDEEP
  
  96:9i/ReiSBEPjSGlQHAogq6Rdc0VZEZMGgvLCX1j3MmGjAnF9Cq3V473Rz0p3:90eaQHA+6kMZlveFTF9/3V472p3
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  upload/app/include/class.DATA_XML.php
- Size
  
  5KB
- MD5
  
  3879229685c650f3a4fa94b7bf0b92ea
- SHA1
  
  103abcb789ee996b0ce54b260af07a7b7615c569
- SHA256
  
  5e2253598d94a7d67e5de74e2971fe80f67c368e5dfe025b48ec5fd6b5722907
- SHA512
  
  a9c6b417733c643c5653d1bf5b0b6548b1a698fb3f33b0738e400041db0e29bc27964cc1d23689905428d1d0ed45b335651112908da24692e60b05bf6cdc2c6a
- SSDEEP
  
  96:nrbxLdTeNfu6DO8OLXjxZCTf46bBbMndROjXWzMT:nrbxLdTcx0Tj44bROTWoT
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  upload/app/include/class.my.smarty.php
- Size
  
  5KB
- MD5
  
  acaa035443dd6999315131ba403ff553
- SHA1
  
  2110f23c5d246cd2a6cfc4d8a04d9f6a57b5a841
- SHA256
  
  150ccedf2a15ca06620a08408fb5326b0235fd41716597b3b8fbcb67cacbc381
- SHA512
  
  b1b8b3d9aed3dda8fbee0106b1203cb28431fa55b4cabfa18444ceb37be402cc6bff5579c2a915dfc8c42c9870fe4f84914d0f9eb0a198bac1f803b58be9f841
- SSDEEP
  
  96:wkvUy9k6zn1ub4S8hTMfGOC/3Uy3vkFshFsxFFifOei3:Cy9k6pu8wOT3MFshFsxFFifti3
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  upload/app/include/class.sitemap.php
- Size
  
  1KB
- MD5
  
  9381c45c9d14463a8eacd622f1c6e370
- SHA1
  
  8bf6dbf3d2879cb510f33c680d10458a7ef46b0a
- SHA256
  
  8600e3ffee345476c14ff7d3dd2ac9e79c06756ab9f166519cfc96ef5bcbd27c
- SHA512
  
  860ea7fa2c9aea6382edfad275bb3b1d9f6fa71e30707ae47cedf79510204feaa48202ca54405094211cab02959e8f8394d12a252eb5d0a4db810bc3b8c78e39
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  upload/app/include/class.tagcloud.php
- Size
  
  2KB
- MD5
  
  931e57cf02a88972ae2032430d0cfaa6
- SHA1
  
  73f94e6ac024eaf47cb61ca8e70786ac4345990d
- SHA256
  
  f73e237e77791db23ad7bdeff002dea2785a5a4f847dafb5e61df83307d10808
- SHA512
  
  55540ddeb9565cacb18bbe301b4a7a7f382083fe24b9d068b87936abfc53865204837a89b710867b10d659fe66c04c7f87acd9eb133af32aef707e720bf3ab6c
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  upload/app/include/class.thumb.php
- Size
  
  3KB
- MD5
  
  2135e632d163657ed5c003e914e3d796
- SHA1
  
  cd2114ddcc121413cb7bc5d640b773f25cf70e5a
- SHA256
  
  9295542daabf2185d7bf733dac97cf0a92984af5531b37037af57c5f9b414260
- SHA512
  
  769cd2a0673fca6cc0684305ea3279ce42bfeeaa7f2d16059ab34a7eb4e5e0ca518d8a7a093f5be3930f9381827064a3cd75ca905226f9f931d415da2da9ca0f
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  upload/app/include/db_mysql.inc.php
- Size
  
  9KB
- MD5
  
  795798b9c1f96728f785487d6ab21b63
- SHA1
  
  fed377e588c12eb3e9221965efd8b4e790455dd0
- SHA256
  
  f60a1dc8492f79c7d5abbf63d57b0510da046db70fb87ebefd3b5ddd6e2a4e36
- SHA512
  
  8f213f8b39f1073f5331c3ae66a38e7e6190320c5af0d9006c706d882c1ce68f50536a80f4d0f97f63b8a135bd0b23b4b41138d91dfd0250fcb5e66b95a5e489
- SSDEEP
  
  192:lCBECyC3cKQosgPjiIjKgwIBoQTISLG1GIGy6QvTVBWCNattiQ1uQxIa43q/pPLp:lCtyC3cKQoTHKg5KQTISbIGATLUXR/Zt
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  upload/app/include/feedcreator.class.php
- Size
  
  50KB
- MD5
  
  b0d049567e8247df2c21519e6fd836ae
- SHA1
  
  638e9bd3c35d7589afc57d8da70ea29dfa101b3e
- SHA256
  
  fe7b0b424083e620be68c79a8f1af11d4f90e1b98a4c71581d884322a38d3f38
- SHA512
  
  ff25c7f9a7328a0fd0fa461500b6cec0e50c4342d4d4fdeb4368c931dad713d0195f143756a5a09b52dfc852089f2c14514c1f45aece2c4e49aa71f6f7f760cd
- SSDEEP
  
  1536:fwxGJd9PJDfJsSd7edujJGW7V4hj/i7k25RSBui3Uqq9iENZxB2tOmu+J2nilV+k:f9RKalsmzqzUNAh
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  upload/app/include/func.checksubmit.php
- Size
  
  1KB
- MD5
  
  06af760f99ca505462ff306efe89a71d
- SHA1
  
  884b08b857d00b1cca1c21b4e3caa69dcbf0efb9
- SHA256
  
  c138f86d71e3295e7179c0d95f29a5448245bec8f4716582b5a50c82e91564c9
- SHA512
  
  9e5a8d5ef79e78a6d98a26a7f9c25a3faf9a1d6d26f1948ce3f762eb573468ece94b8b1be2b89022e3bbfe92a0f1d622823752922e041678faf1eebe73df984a
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  upload/app/include/inc.discuz.php
- Size
  
  3KB
- MD5
  
  505b4014b7c2ac5bd315ca02fe5d7dbd
- SHA1
  
  3ed092c0dfe4d586a3be0b673b88f3c2724a1e77
- SHA256
  
  8a25c2625aa7b5e0e75044537100fdf141dab8e6a2305c1107accd2042f0bb49
- SHA512
  
  a5207777f4fdbebd0b41453533eaf207afa0f8a4647823c08daabb2294eb98345a691367336c0f5bc1a3ab1e42c2e1070d69e6e429e790fbf089039bd7e1546d
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  upload/app/index.html
- Size
  
  1B
- MD5
  
  7215ee9c7d9dc229d2921a40e899ec5f
- SHA1
  
  b858cb282617fb0956d960215c8e84d1ccf909c6
- SHA256
  
  36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
- SHA512
  
  f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Query Registry

System Information Discovery

Browser Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32