6f0a46301f101b70e32c2580cef04956765b269c68ab4b8bc515aaf39e4cd782 | Triage

Sharing

General

Target

b959d0e75634a10a26ae21b3ac69e608_JaffaCakes118
Size

5.7MB
Sample

240822-2e7j5atclr
MD5

b959d0e75634a10a26ae21b3ac69e608
SHA1

95083b3e6c8391b09e22c462189347f022f63c89
SHA256

6f0a46301f101b70e32c2580cef04956765b269c68ab4b8bc515aaf39e4cd782
SHA512

bc615c9d54f6777010425c4b6e6f4d880617604fd74ef804e135f99251986573c9cde3809eb0bb7a6ad40151714828146886be7b7487a1a38d1471b1dfd43d97
SSDEEP

98304:7E0f8DAUwAg8tEcUzq1TxCRc5U9J3Yc3cNjvL8Jyjg/YOdxDcWkPJHZqTp/JGshk:7Jf88bAFDUzq1TxC2tc3ojvXkwODDoZ7

Score

3^/10

discovery execution

Malware Config

Targets

- Target
  
  网络同居程序/admin_menu.php
- Size
  
  8KB
- MD5
  
  2791c2728b453b3a12fbe34b41f36d8b
- SHA1
  
  2e94d53277c513d213d4b1f32f3f5162737b27fb
- SHA256
  
  068144065d9d7dfc01de357398e21a645ebd9217d64ccb325373fdc3308f4017
- SHA512
  
  2c17f794a4d1fd9d9135ae50c70d9b9b35002294d4534d23870c5bda0620cbe59789fbf2e41ddd876e6c2e60be62fa9e5bf3e140410a8f15c0833059cdf6a56f
- SSDEEP
  
  192:5R/15DXe2aa4F4BjLpmh0XjFgzaem66bKrlXb:xm
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  网络同居程序/admin_top.php
- Size
  
  598B
- MD5
  
  15a4b3c9f78ad7c033e8c9eaaee065dd
- SHA1
  
  61665559853695ef0faa1b559a384ffe73b52d1a
- SHA256
  
  558e633d223c2513e234d58b74193ae3a6b2d17c3ead210ceb1cad266113e2f6
- SHA512
  
  2b7058c03e2054767aac8b281e9f89fc831fcb1c8754e2f6df284ddb8df51b0be3ea9137814017748308be609907249c7ba706e0b4cd41872472c97848eef0e0
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  网络同居程序/bbs/admin/advertisements.inc.php
- Size
  
  14KB
- MD5
  
  60937930997928119467b16a29aae91e
- SHA1
  
  8b0ba8bc353198737dec0ba7aee79e61ecb2d260
- SHA256
  
  e27991f26ab5c08b13c4121180da2e17ba70e0fc45fc39062fa35c7ddb9a8ff4
- SHA512
  
  3c5bbcc339143a15e3d7d463d368a5c6207d4830de462056c3b1f54fe33ddfd04853b18278c3fa8bd48971cda39f024b6c9cd3a9a2377cecdb47a2b97bd05ccd
- SSDEEP
  
  192:rnWm4bnHH01/Q6wjLo+sWkL/V7x0A/IXMaJ1hoM/bM6+c:rnWm4Tsxw0zVhgXMaJp/bM6
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  网络同居程序/bbs/admin/counter.inc.php
- Size
  
  8KB
- MD5
  
  81d7279fc948460270d1ce6117977747
- SHA1
  
  fb31349886ac3e02767b1efc55369e8aab112d47
- SHA256
  
  f3563825732558ff5e98b028cae5bf0977cb8c82008610d9068f4ea9cd10d95d
- SHA512
  
  5ac7b5367c852457a018c3f84f7ca8b0b38bd24e8926596f53629cc613852f4859b9cf4c59ed5ab31d5aa56f10cc6fb1a0c8e91168172e4a2f7000023a8530ec
- SSDEEP
  
  96:2EaRlwrsRMwr4RewrORcwrsRAwrTj6RR9In12AO1E3Ip8SN/tzNwpNqv+MwaF8kg:/RyI8GbyGSwICmvku4Gmp+ju
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  网络同居程序/bbs/admin/ecommerce.inc.php
- Size
  
  11KB
- MD5
  
  0df0fdd6b9f483d480f311894ad5568f
- SHA1
  
  6410e10c6790cf8237ca6660bcca884e4d7e06a0
- SHA256
  
  345a6d549122db7277e8587d7b277eb202bc73b5be307e9163bf3f8b5e42a485
- SHA512
  
  5f98ecbad00beba06af53106735b2ca6cb01fe7f364c8886434c1d3cd381805ae1def054f6da854f9ec6f33676f849506f7c81c807179a2e99757ffef43cdf98
- SSDEEP
  
  192:Sws1DLVS9SZDk/Axbh0/ISRfLnUgBXrP4nU2fAS7fGOn:SwZ9SZyWbhIISRj7bS7h
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  网络同居程序/bbs/admin/forums.inc.php
- Size
  
  49KB
- MD5
  
  ef33a1e037b23f658ad8ac17db21b3c1
- SHA1
  
  99ce0521772aa9d59b80f7e8c9db6103de521e25
- SHA256
  
  31705fb1e4170aa87420fa692c3dbf1a0d24b082339a8909b7c3d8f73056197e
- SHA512
  
  a94ed228da560c725c3d1d236aebb45414c57090a33794048f400f4e647884e3e710d6a46a43f088cb8d3ea3cf9b767177a3ef561ef660c38470ce30e111ca07
- SSDEEP
  
  768:loDlYEfuKyUERC+tclhbBD6DbyyUwxwbAWPPV3yw0YyeLfkAwdHOm/zURR/ERyHR:lo5uWwxwBJoAwVJzURRMRQ+Ytwta
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  网络同居程序/bbs/admin/global.func.php
- Size
  
  12KB
- MD5
  
  ed173379de0fc4937be5ebad872310cd
- SHA1
  
  f8bb3d0c41f66b5b40d136f30f0f3e40af3a321b
- SHA256
  
  9f5a347551a91f34c202089820f632bf6c75183a4866953491075ad7dfb77b6e
- SHA512
  
  ed770a482b58c4825df8f17e2d2691b5adc671e9aef2dfe0a3224fc430ae9000c1119a54914acfc27bc8a13efaa8f96d776d7214eb76c1627763742f485a062e
- SSDEEP
  
  192:y4xqXAQnPvhNtS7SYDVVVDcnFM7DvWq1LdcVs6aG+gpKe:y4MAm3tS7SY0FO5zGh9
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  网络同居程序/bbs/admin/groups.inc.php
- Size
  
  36KB
- MD5
  
  e4aec7d39aeae61f4065e74d13feb100
- SHA1
  
  64949217ed1b9c218e55b7d619fce119c8a42544
- SHA256
  
  4e729a5edf26be398ee16c298274628aa6c835fb59193ab3219b105b01f8961c
- SHA512
  
  81665494b13aa91ad6f3d384e0d1428cd485bf4560ab51be58f13375e4d401274f05e1219f45d39b2366d55d78e4a1d73246a3075de955b363a588ab758bfcf0
- SSDEEP
  
  768:6elizhFaDAoaqGLO93m5c8PCOenlsOmGIr6:6bhFO93m5i
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  网络同居程序/bbs/admin/index.htm
- Size
  
  1B
- MD5
  
  7215ee9c7d9dc229d2921a40e899ec5f
- SHA1
  
  b858cb282617fb0956d960215c8e84d1ccf909c6
- SHA256
  
  36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
- SHA512
  
  f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  网络同居程序/bbs/admin/members.inc.php
- Size
  
  85KB
- MD5
  
  4d9a233e0bfcdfd902bfd9c59b34ed8b
- SHA1
  
  c5f68dbfcbfc38d1c248bbaf6d0eb8ab49e122c3
- SHA256
  
  dd1fdb4796a77184e71c297afffd45b896766312b5fba57040d259a825474076
- SHA512
  
  0402c9822b78f38b2ddb580b59e1c99649592195f4bf1da546cb3de2999c2452b296804df0b81dc1f6bcef2d61f48ac0184c562f0e49672322e745ecb77a5328
- SSDEEP
  
  1536:3w2y8mu09uzsKFJ1e6q7IdwpzyVmLmbauw4b:VZVFJ1Wn9yVLbanY
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  网络同居程序/bbs/admin/moderate.inc.php
- Size
  
  26KB
- MD5
  
  5823563ee060fc4deaad4ea5fbb6dd00
- SHA1
  
  980e4bd39c99e24c655c6734ea89699a35a86c88
- SHA256
  
  9f4f7393cecbd88c4d0e71b929c356a7d740e9939d00931fa2200b7e9a46ed36
- SHA512
  
  af4e929c299369d56ed17794866b7f19b76213422e1cceb4bdaa8a5bbcbe1f718bef7934b4bf21a027b4c4692387a79367a7025225f66eb579d685efab39037c
- SSDEEP
  
  768:kfJk7XXvnwKmHXrZtdxygw7ZR3vnl4wmCRHY/mioXrwh6wLxQ4wmiuXr6OS:Wk7XXvnwKmHXrZtdxYn+wm8YhoXrk6w4
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  网络同居程序/bbs/admin/passport.inc.php
- Size
  
  4KB
- MD5
  
  ecb899af3262da65aed48ff61017bcef
- SHA1
  
  d87da9bf9149a1da5e013417b9711adf1a38582d
- SHA256
  
  7bba7e6fa57924db2ee12376909b3b3b3b64ef9d39babd642379065eb3289e3d
- SHA512
  
  ea06e9d300da09322ba1684cd39ed5ae7b16480a4789a4be5f755b7446e44f2bb7a8b7ff87c49dc2bce0c1c35e7e0e0b495fc56e4b201015646937faf49752d0
- SSDEEP
  
  48:VgnrBrGmWptsUapcB3arVwPmVHg1XUA24o6evpQfyuHj8PAsUkrbEg7vBkQiH:2nZGmWxkQxL1Xc4CpQZwUk/F7vBkQiH
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  网络同居程序/bbs/admin/prune.inc.php
- Size
  
  13KB
- MD5
  
  d32e519165ff8788171ac8d47e24f0b6
- SHA1
  
  0c3cd00af803292f619242a0e695a0fc70f7d480
- SHA256
  
  6612514b6ec6cad45ed4b33194b5f5043a46db77a2bb33f7aacba0f69414e6c8
- SHA512
  
  160c7f076989c4221ce51c01accd0350f413a730a1e223dc5b598b096cb4e1b2b0125000b031101412ab4f616d5aa6f6b0f09616d204b0e189da30bc6b412554
- SSDEEP
  
  384:dJ+4we1UBDSSFkqw6WAj0PeggPuuWf0pwbVZ4nrelTNju:n+4we1UBDSOkpPSmuWf0E4r2u
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  网络同居程序/bbs/admin/settings.inc.php
- Size
  
  36KB
- MD5
  
  b8b9c23c96890e5f65c865af4c855574
- SHA1
  
  aae5962fe479773d71ca0c7b91c1389c4759d26f
- SHA256
  
  860cc26a02e0619d3322c6bafe8cb8a15d99ff65b38e353b30365932dc6390dc
- SHA512
  
  6d461fd4298b3fbdf2766f9483dc3405a0f5a4881385a70e6a9cd2624fe0008d2d4dbebed890c89cc3191f96a184ca1fe2495f20ddfa9d388f1ba15ee7ebbfa3
- SSDEEP
  
  384:EI4NR8pDUNEjaQIXi257kMfU4XQBCwHTtKSpDc7EVZUiQZ1wG5i42S9:vqTNEjaQIXiqvwzGiQZ1wG8499
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  网络同居程序/bbs/admin/templates.inc.php
- Size
  
  11KB
- MD5
  
  7750a4ae1ab9ce21e25826d483560964
- SHA1
  
  ad4c3a5213dacf0bf03d2190b630a5b0feae62e4
- SHA256
  
  d144c92f11501b2fb3006c41d2dbacb5a43ded69690adcce75f2806c95c32b6b
- SHA512
  
  b4e117e1d29584424762c4229e5cae0da12429adfee51fe38981289f4b24c246da63d6845f2eb491d6c5e50cc0624a439290a8f4920f396f309eb6563d936da5
- SSDEEP
  
  192:tSJ1khBa//yx1e9nqv9QUKauh6MaIsliKotvtcg8SF1ApW0:gJ1QttRM3sl8FcHz
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  网络同居程序/bbs/admin/threads.inc.php
- Size
  
  17KB
- MD5
  
  744012d211a735bac92b9b1f3ac01d4b
- SHA1
  
  5983bd8ae25bc8f6fc87ddcfd50b3e91d0c722b0
- SHA256
  
  bdd1e43e58228ce63f103c09aa275ca45c5ddbd75e9c424445a024e1c82c8fd9
- SHA512
  
  3c150c760fd0a9080695d215e15b331f77e75057c3aa595c74177b042d9d9873bae28ea68135828a4bf13e3bf9aab6dfe0eedcc2cbae4e9f54bf99e6001b3f7d
- SSDEEP
  
  384:bn2wFWVgbFNVYBCNj08mLYNPqh4gqt2ijl5FbTVVieTVpQPuJePzwzzEu3z4zz0b:T2wFWVgBHl5FbTqeTVwd4
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32