d4bb0348df3b6cfbc9ea7fb2602ba463fd5e38d7530ee5fc0057b7d5b962768d | Triage

Sharing

General

Target

b7295b1d74e136a862e6b59b244c3677_JaffaCakes118
Size

332KB
Sample

240822-lp25dszdma
MD5

b7295b1d74e136a862e6b59b244c3677
SHA1

2d36ed9b8f45ed77fd3694b542cee101f06d2938
SHA256

d4bb0348df3b6cfbc9ea7fb2602ba463fd5e38d7530ee5fc0057b7d5b962768d
SHA512

799d4f6282f9f8c5eea3c09bdfc01718c1af9420340af31edbca87bc3b995d4c9b2b2b21c7943949b4fb92ddeab7b061873b5ea4609fa7ae183ba165071919cc
SSDEEP

6144:xcJz+v5Ibfhv4SnLSiXUqm6GfDWdq/uL4uvx5VnftRmt0y8yIUmZysrx:xcJz5tQSLrFGfq0cvxD/mdVI59rx

Score

3^/10

discovery execution

Malware Config

Targets

- Target
  
  cvery.comdel9204534525/Delphi写ASP组件实现快速多文件WEB上传/ASPTypeLibrary_TLB.pas
- Size
  
  36KB
- MD5
  
  68968bf7fe950ec888ab898c138cb7f8
- SHA1
  
  4f5fd5e92716fa11f092090fe33c146214508d34
- SHA256
  
  ec63cc2d66f8130441221e644920110bb4149344005bae4d89d13579e56ec90e
- SHA512
  
  80b215b6eb9b9fc2c3bba5b2a71807ed610f300667b6ff2366bf6f651927a48fce8365c362aa8e357113fa31ad43d44100e3fa76d2924d9d34ed003f9da87429
- SSDEEP
  
  768:feJTl1dIqilKA5I2Gwwkw8TUr5DrhSvdBdtfvdRdQNXK2tQGzCQWW3FIOzKIW1M3:feJTl3IqilKA5I2Gwwkw8TUr5DrhSFro
Score

1^/10
behavioral1 behavioral2
- Target
  
  cvery.comdel9204534525/Delphi写ASP组件实现快速多文件WEB上传/FileUpload.dll
- Size
  
  411KB
- MD5
  
  fb49d1f67ba5cfa89d375c87f5f60546
- SHA1
  
  be2f62ddc05ec2c75cc96691ab0e6b852a71c2ad
- SHA256
  
  5a28a512d0757044faecb6b54e2e13c09de1f2a32aa5bc6d5f401a3d9db9731b
- SHA512
  
  bf8a6716b027fd879e5055c5d4c3b22386df794ca5b60ea852cabfe812b5df5b85d195809a69dd33de417a38c1b8f66433b0da87f84519d458d237dfcb93c6fa
- SSDEEP
  
  12288:819yf+Y2sf504HFeK0vAd7i2vtImQ2IB:81kWYq4HnjI6
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  cvery.comdel9204534525/Delphi写ASP组件实现快速多文件WEB上传/Main.pas
- Size
  
  8KB
- MD5
  
  ab4bef828a5e23fe4524627c3eec2e10
- SHA1
  
  de67cf32b5be4e7ab3f756b5faaab32219dc9893
- SHA256
  
  e580a37bac9903030b32752ac0684caf4f68e5571fa72eeabe0d2d8f613c8fd9
- SHA512
  
  9ebc416caa862224f2ef4738a758053e65a126e016790f3f49942edda06d6f21c3edacf29e6bd4755c341243b250305f797361ad477acbe161e0b5c59590e21e
- SSDEEP
  
  192:/C38TD1AfFf5fG+QYmaHLtug6Px5LgvC51XP1NTwDJ:a3zZlGL4tug6UvYw1
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  cvery.comdel9204534525/Delphi写ASP组件实现快速多文件WEB上传/Web Demo/demo.htm
- Size
  
  1KB
- MD5
  
  50f5be49c0f8b696d705c3250f33be04
- SHA1
  
  cb9c7e3b9eee62ca80490e3ae02d6e584d63a2c8
- SHA256
  
  140698efa271460c001a3d83a7c4502085020b1a786823fef4141ed32a5e65da
- SHA512
  
  8547e036d4d708e095d7f7c2be1088255d24e4699796d7d358b578bce334275fb5b6754c325e65b6b6ca86aadd55c720ab00ae0a47589a3f2e0d24b5307f213b
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  cvery.comdel9204534525/Project1.exe
- Size
  
  507KB
- MD5
  
  c618a5511c221141959fc4dafff3c83b
- SHA1
  
  f32a74e06a928744af92fc12836c7d3e15f935b6
- SHA256
  
  5dfdba2aeb0e2857e7ab212709df45e6f755e6d25f81b69b0997eb023a8aee16
- SHA512
  
  6e2bf36f1e1cb2dd1fb15e54ddca43e4cc48024bfa3356cb90577d3c2f159b3369685410066a7844fd25408b1bdea43af16a920ec804c7e29f2a9d3affe103a4
- SSDEEP
  
  12288:MRpLRYLASZrsDP+s9NlDn9tA20qRZ8YeZ:K37SZnWVHA2p7re
Score

3^/10

discovery
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10