43a0186017502a5b7952ab682e354b29a8c474f4a6208c433fe4d41d08885ec6 | Triage

Sharing

General

Target

b7670b9bd16f4049f2c5ee4f85f95112_JaffaCakes118
Size

8.1MB
Sample

240822-m8ezmstdkg
MD5

b7670b9bd16f4049f2c5ee4f85f95112
SHA1

e0ad2c2cc72d050c4bd14fda2d9be655e443fcd0
SHA256

43a0186017502a5b7952ab682e354b29a8c474f4a6208c433fe4d41d08885ec6
SHA512

ce864a26bd24b28078fd78da9329672969164c055f559ba01d5b1b19a455e0a9083b9d298e149b8fa068c91e45c478299d23bb75d305f24d8b325f8524d2eee0
SSDEEP

196608:mPAKx2ahnR8o5DjCvM3YFfazyFB1zt+bIW1R5m9USfEJ:pKxnnKWfYFfazyTptKh3QEJ

Score

3^/10

discovery execution

Malware Config

Targets

- Target
  
  php168_sharp_1220/upload/admin/cache.php
- Size
  
  4KB
- MD5
  
  3ac53e7ed7e0f8303fb18ab78102a74d
- SHA1
  
  f30e6b2aab95d34a36726fa1cb5dc27008815b6d
- SHA256
  
  a895feec72f28abba5267092b41d1de014fe79acebc8f1b1d078c7a14180e5e9
- SHA512
  
  00ee7b0996ff5344532ecc78ec628265e8b53732d9b689cc3b98610d020e9442aa22f7cbeab34e86b5ae0bf94a37c6d2c745d04dd64f1da67c0bd7d74a6eb544
- SSDEEP
  
  96:ZjozZ1gsbtz7qF7x9DxMXRFISVF7frsrzdBceUq9a5Wn77yPFug4uzz4NbRE:Zcz5btzqWzUd9ScuWbRE
Score

3^/10

execution
behavioral1 behavioral2
- Target
  
  php168_sharp_1220/upload/admin/inc/menu.class.php
- Size
  
  8KB
- MD5
  
  6c6cc0a67d24ee60286bbd0a94ddb4fc
- SHA1
  
  70bef5c1e567c9a04b4d3fc32a6da455669dcbf5
- SHA256
  
  b7df5469435aeb5286eb986bfa8631065676f6ea6161e9895b3f7579437a6784
- SHA512
  
  5280593099c79ef97acaa770c9cc85ede2d0a0f72694a9ea11dfd4c15743b3d13a2845fd39be17088885e92ab795bb05563f178094c08dbc32eb3ddeed1afc2c
- SSDEEP
  
  192:mCnY7FGH/qMw5u0kc0vOPd1ITAxmqwMYt+bgC9xsT:rYUvOPd1QqwMYt+MP
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  php168_sharp_1220/upload/admin/inc/navigation_menu.class.php
- Size
  
  7KB
- MD5
  
  cc9040214f65024285d2f617084ba615
- SHA1
  
  a23f6aaa556221db6ec4c990adc7f4da7b8f82f8
- SHA256
  
  3b29708c3d488236a616514fe3311c0d4526d163b1a79ae2b7b04a01c3c6428a
- SHA512
  
  a72d1c6c81c62479c53b3477bce1d08f0d7fee03c5aeae0de97080c8d0b2d8ff046e52532348802bd2ce6e48d698595fced4ece6364ffb8b79a0c0840ef7a7e0
- SSDEEP
  
  96:ZCkRGY1itGZ7DhnuraEvLI4t14N7S1zTAnxuLqwMM7kyQ3wjhX9t/SwKWZA/2LKJ:ZC5YyGNtuf+N7S1zTAxmqwMYaah+KgT
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  php168_sharp_1220/upload/admin/index.html
- Size
  
  1B
- MD5
  
  7215ee9c7d9dc229d2921a40e899ec5f
- SHA1
  
  b858cb282617fb0956d960215c8e84d1ccf909c6
- SHA256
  
  36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
- SHA512
  
  f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  php168_sharp_1220/upload/admin/md5_files.php
- Size
  
  2KB
- MD5
  
  7955ebe5821b91ac981c8c58d3474c01
- SHA1
  
  a435a539ea607e22cc3d36a1eadacc22c0c5a2e2
- SHA256
  
  9888d98f573348e6696e1bcf3110c91770c6a41cd7596efaa7bd7f19c5174822
- SHA512
  
  aa24f06a86ebb4d47e0700fe724300a786118d4793ea43c25da83bed9ec4c6245e2932ef8733e993a8fafd9a1c5ae9015fb2b46def040f251155626b38aed3bc
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  php168_sharp_1220/upload/admin/member_menu_cache.php
- Size
  
  1KB
- MD5
  
  6106e55266750b60acc7cb3266530681
- SHA1
  
  d5eb20ca4d9f3c54dd7cb81edfe5bb14bb47ccec
- SHA256
  
  22d2ad0ee97bc94e87a7883dafeffd52de33ec8e034a5d842787f61d7fedf75b
- SHA512
  
  4b7c7b4046911503165a49807c252366eb4d4b2f4b7ea1ca267f683f436dbb110543ca81adf380aee3fdcf2cff3f3a8aa76dff203effda150d2f3daed88a4cec
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  php168_sharp_1220/upload/admin/memcached.php
- Size
  
  28KB
- MD5
  
  1fd51567265b5833b4d6795f57f5a1a3
- SHA1
  
  06cb4d7ebaa039c4c64b528fa1fac116bbaf7e4d
- SHA256
  
  385aee6dccea899651682f41e8d45a8696cf8b0c901f6ba5124826ee42d1b3ed
- SHA512
  
  a3d424b0c3ec123ef08b107eff752be9c78da151bd01d1ed597ed57bae959295059087b7aaf7dd5eda59e30ff1bbae9e67cc66bedb5fe1c8738117a9c3c39325
- SSDEEP
  
  384:m5Wgs0mBeMdPyRkJL0Jn22aZbi2lwywXwkwQNiRBpeiOOZtvvfEEXPxwXOP:m5Wgs3BTbJin2HZ/hPq+P
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  php168_sharp_1220/upload/admin/module_list.php
- Size
  
  1KB
- MD5
  
  7c52ed3faafd3271b6d96d06d5bdc37b
- SHA1
  
  2d837c87aa21f5419636bb04d89afaff21e28630
- SHA256
  
  96bd3903ee91108ed6898a3b3c24930a32e694fd7f0303c678ec3594659f5919
- SHA512
  
  b201e606619d337b95d8d79c8f534dc606276a7f15993913444c6c3b6b6cfe4a757ae34fc9a5b8f9d3da6c1441daf8af53f1d8de6453bef80e1b7c573ae926f7
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  php168_sharp_1220/upload/admin/plugin_list.php
- Size
  
  994B
- MD5
  
  9946bed4656902b84a171600004d29f3
- SHA1
  
  358129461e0f1f750a6cc570f462258a1dcd8bd3
- SHA256
  
  4b31b54ea5c8407ba632ca630c23161bd13df7b443870afdacd0a2199e118d9d
- SHA512
  
  8f057f0d97036bcabd1bed0d6e6035c01545250459da02806a22d277fec1da2ae1e8c5dc393c9c30268357125515ac0c43b9ffde8d3698f3094ad2898c84e4fc
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  php168_sharp_1220/upload/admin/system_list.php
- Size
  
  1KB
- MD5
  
  32ec1e21e3b5c5bfa822936422be8dd0
- SHA1
  
  064f4ed33bc57b584fd0a91fffc4bd7f4059227a
- SHA256
  
  aa096761ff6c75b3edd05a991a37098a3b163d13e0a05d6c3e4fa0486eb53326
- SHA512
  
  604f09985467fe58bda97251a235883a89bfa12b48bdbe1a5626d5da001a8277c2e091eea342fe9d99e13daf671af6d2bd14927ed88561714389a05c5308ddc0
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  php168_sharp_1220/upload/admin/template_system.php
- Size
  
  1KB
- MD5
  
  3bbe7eb11ee93b5a3e689ea207fb24a3
- SHA1
  
  00cacab91718501031e2111621edb108402156c4
- SHA256
  
  81c40bdb4d36b547ce8651b4328921386cb8059286ce453de11a0b7bdf6742bb
- SHA512
  
  a3990da3d48967da9305289c708fbed739339ade2dff5060ac6d2409bfdf565eddabf24209b5de0aaca5202e549d9f9c469656014fce762ab1cd3ee1e03bb5c7
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  php168_sharp_1220/upload/api/index.html
- Size
  
  1B
- MD5
  
  7215ee9c7d9dc229d2921a40e899ec5f
- SHA1
  
  b858cb282617fb0956d960215c8e84d1ccf909c6
- SHA256
  
  36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
- SHA512
  
  f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  php168_sharp_1220/upload/api/member_panel_jumper.html
- Size
  
  323B
- MD5
  
  736120dc93f6ab155317ddc1fde8c091
- SHA1
  
  3bd9130b4a25df8ea8d1c20204952a7852865cef
- SHA256
  
  2deca3b1ba296f091c7fc28ccc2f091a8f874e54d49e840e682e461f93c6aac4
- SHA512
  
  3e597327a165ee173cfef87f3994a3f34054cc9f02dbf1664843e62acd85bb0b3285d2fc84319b8df1767fdbad583a171fddf5cbc73ddb22593b51a520786841
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  php168_sharp_1220/upload/api/member_panel_proxy.html
- Size
  
  142B
- MD5
  
  cc632e15cebf49f2da440b1b50b72742
- SHA1
  
  4270adc2105f82381d100a347f2c989642537d22
- SHA256
  
  c55d5595615bc9b12c7482f84facabbbe1b8866029ba79020254c7134ebe64f5
- SHA512
  
  05d950a6576bffc072361872e631967fbc62b367df38e42cb978b1510d20217d8ecbfdb8b85b1a02e733832cd2247eeb29732321ff70450b92d29a18f9ebbc8a
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  php168_sharp_1220/upload/ask/modules/answer/controller.php
- Size
  
  15KB
- MD5
  
  5f48336cd6da9019d8eba7a17d4fdde2
- SHA1
  
  3d667cb155d9fbbe755a58011ad04156fdedfeec
- SHA256
  
  002aa3b801dff166ed983abd91a3e0a5f7a10a03e8d231fd1c3105be743d3a54
- SHA512
  
  9525873aae8710b223110785bb9a910602524802dcfb36ee045f78dca98a7409f7ca8fd564d20e8a2d765558429952ab73159c99b908e9088dd17b536e78fb3a
- SSDEEP
  
  192:LkVV8xv2i/vmCv+F+eizrsyXDH1+h6cPVUrDy5cfBP0cnpne2ziywJsWBHsP2B:Lkv8xv2i/vJVH1+hVPCrDya9pne2WB
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  php168_sharp_1220/upload/ask/modules/answer/module.php
- Size
  
  12KB
- MD5
  
  a8bdeac93ebe9cd834d25d7f26691a00
- SHA1
  
  6fbc7f3fccbabc546891753a932668de990cd28b
- SHA256
  
  ca55d6ff454194536639e687bcb93c19e1f5716216abea2c3a3ec6a2ec61625a
- SHA512
  
  ed10e2db3f7d3c54bc0b79314f50a0b44234b9a80bf606eb9127f08fc33379c69da781e64768b3b66c4ead5ce8ea97cb75b23b48db9efc9f03eba25c81986524
- SSDEEP
  
  96:GszDdKhtx/6n2kFrnwWBl590RoX1xcSkENQPQUs6WzG0gNf7EKXEEDgHqi6JW3dz:FvdKht5EBpRUs7rhWJW3csQ7JABdxUSH
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

System Location Discovery

System Language Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32