b6c2737272afdbffc8b0d34205e839516fcd1801b335d044b52a09a056ff7aeb | Triage

Sharing

General

Target

c522e78d8cae85ca6e421ffd1339f189_JaffaCakes118
Size

6.7MB
Sample

240827-rchswawbqk
MD5

c522e78d8cae85ca6e421ffd1339f189
SHA1

b80bb2d5ffb5add40680a8f679be0e27e1b5371a
SHA256

b6c2737272afdbffc8b0d34205e839516fcd1801b335d044b52a09a056ff7aeb
SHA512

90e87a812a7254b9d900a1eff08fa603478f5e4378a9fb06695b9c88289315abd01e72152211f0d3efdde4edc77d11fd1afc52c9b69e701eff6463631ca8ceed
SSDEEP

196608:QmllOYSi2NaAIjVkPQqSJ0abBiyiWX8Lc2SS+ka1RS/l:jenl8eS0rZQkCst

Score

3^/10

execution

Malware Config

Targets

- Target
  
  upload/admin/configs/config.php
- Size
  
  1KB
- MD5
  
  6e2a8709c228ea0aa46a7593c75ee522
- SHA1
  
  caf52379bbad8ebf7f8e4aa18fd55ce9a55a56b3
- SHA256
  
  2335b25e9e55fc8b5464a4cd6018de462c0928f957ec5ff7a09553baffba50f2
- SHA512
  
  c926a26b5cbf35b1503d9b4dbb43bec85726b0e554300d3eef754384b4bfad4238eb1757c2e7f97eae67d0c826743d937e0e9e748e855b2b915ca2a1c42bdab2
Score

1^/10
behavioral1 behavioral2
- Target
  
  upload/admin/js/FTEditor/jquery.cleditor.js
- Size
  
  43KB
- MD5
  
  f311ce99111eb4e41e9ebf951490d56a
- SHA1
  
  e6309738d2c4c1c64b0aafb413473aa11b898df6
- SHA256
  
  37925197070c716ed4bd391f4fa3b33a55b6d9b18e13252f3088d45bf9da3862
- SHA512
  
  1cfe081d5be69c3251345de9fc4c0cf577f65457ac2980969115164a183ae4fc28f57d502a13c8d1db5160a7af6a820e1604cda9ab1522671789431d309d5db3
- SSDEEP
  
  768:r0ilLJXDwMmIJuBn+wfE4MKFNMcOHPz8ubfXlVd9VmIvbbvthYG/2sjUkPAv/5dH:HrwMmIJuBn+YMKFeHHPz8ubfXlVd9VmH
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  upload/admin/js/ajaxupload.js
- Size
  
  24KB
- MD5
  
  54960b2b98a93f40a2f92d2bd4227aa3
- SHA1
  
  705f8d0b5b7b777a082b975653eaa6c118e8738b
- SHA256
  
  91bce4f5c2135169d582d07081331449be7e1eb722e96c8f97fc489d4f2f3d0f
- SHA512
  
  843b9dc8f56c92a64c9bc38d2794707a0e52cda2be52c3297860838e848126bb60db786af0ec65b7af06c0ecb7b7a47881df6b806211e7f2a32bf8216d162249
- SSDEEP
  
  384:cdroUMj0Y4H/x5PYnowr/4iVnyYaZaEFvXLrv6OqtCPIc/9v:cdrrMj0YM/xsowT4iVnG4OvbOOqEplv
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  upload/admin/js/common.js
- Size
  
  7KB
- MD5
  
  ca7a1120c641960c25366360c18bd7bb
- SHA1
  
  f36f096d55d95493962a947d52f5211380e66d7d
- SHA256
  
  895a48f9fd8492006aa6a89d3712d52e5497c34a07744bc97177d728f788f932
- SHA512
  
  9ab6a53a6aa275a778e78c3e97aad7eb2fdd7b90483a012969218774252fcc8e4a5510c588cf8f9b355c22710089b0b7e866aac89d44b1960bfaa888273e3964
- SSDEEP
  
  96:hf1d/JxDmCF40mqGIzN67qNTmo+vKNdv2//KA/KwKNQzsAQ9FgOBg6hTWedGYPHz:t1d/JBnFVmqTJGVxvMUsAQJBVBvz
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  upload/admin/js/jquery/datepicker/ui.datepicker-zh-CN.js
- Size
  
  1KB
- MD5
  
  8c3672d72d6889a75bc861f1c829a0c8
- SHA1
  
  7ff92a792c6891baf8b7417ff75454340c7a4705
- SHA256
  
  e855857f94623301125f559172b5eec3e00162565f92aec5ce693bf8c46cb7c9
- SHA512
  
  84f8310aee8ca81a567e98bbd2d14a28402c02d28f872a92974702966d68e8e80673100435decfdde8bb680fc9b1fc4f62dd68caa857320bb645485a3eb7d964
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  upload/admin/js/jquery/datepicker/ui.datepicker.js
- Size
  
  66KB
- MD5
  
  1314f8b252a11f60d41ac46cc637cd07
- SHA1
  
  cc85819223090638f0ec817565781b68afa80b66
- SHA256
  
  88824e75afa4dd6ef096b014326ea5178ee3d420cd15cd4ee98814b06b851c4a
- SHA512
  
  d9467d3484dd034bc5fdd0ed98d13591f7a5b4c467f728fd88e3f530a2981643e95f3b3da31d569a9817a9cb755d4649a6a88203ac77d23d1789bd89cc72c972
- SSDEEP
  
  1536:K3+K839AQ7AQrOert8U8vUKvLLN7LaHpFWUuqHRjKlQ:KhvxLhL+pbHR+lQ
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  upload/admin/js/jquery/datepicker/ui.datepicker.min.js
- Size
  
  41KB
- MD5
  
  b963bbdacba8263b6fdfbac57ed0bb9f
- SHA1
  
  5132f50e44a7ae0bfc4872d4385394c5eaa5010f
- SHA256
  
  614d4790c33fea3fd54c5e205622594d5a4dfae9d0955893407eb4dc744044f3
- SHA512
  
  07c09840a3ca84718353e262018e885dd73df7099b4136ee23931605fab8b18db321fbe3534d0dc7fcacc0fb1026c702d44b979b1b9530889486f83ed76fd0c8
- SSDEEP
  
  768:MxfdL7ZzCYV3+aSKHvMs1gSYwIO+3DpbI+gotPgg/hGWNkgc:MJdL7ZzCYV3+a3teSYwI/5ImtPggZGWY
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  upload/admin/js/jquery/ddaccordion.js
- Size
  
  12KB
- MD5
  
  b493ef28c2ba4289b2ace36b9360fa1f
- SHA1
  
  bd6cebb57438b5166c51b7590ef8e139867597f2
- SHA256
  
  3b3267a5eb085005d18a8363100d75ce09027750f43ef24e08bbd97ad9f4b7d9
- SHA512
  
  10e36e2056c7e985c2397685c58fd2580e4c8b226208acc260263b7e5850924cc8074ebb37d4e0559b45ecbc2472638ef67472c9aaa92c93ba3d8eb270d6a0ba
- SSDEEP
  
  192:3kcPg/PhL/m5ocr9dxVdxMCqZOGkG3IdtClHOHOHRNqgejCgGtxG3srYXGCtfncB:3k0g+9dWZ3IdtClHOgRNt7Cir
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  upload/admin/js/jquery/firesbox/jquery.easing.1.3.js
- Size
  
  7KB
- MD5
  
  6516449ed5089677ed3d7e2f11fc8942
- SHA1
  
  82e40d060bc269a6dde20c3990ca5a4fea6ca754
- SHA256
  
  0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34
- SHA512
  
  6ebae34e9f46e8c90a5f94235f0c00424b1c7c5a4a8b7a248f267f337bc6c3083da88d66b28cfbcfe11b4012d7b139d52b73ce8d80461dc42f5f7e0614aaffec
- SSDEEP
  
  192:pl+Or8ur83V33R3hqRAsfAy4MOr8ur83V33R3hqo:zZr8ur83VHBhm+r8ur83VHBhL
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  upload/admin/js/jquery/firesbox/jquery.firesbox.js
- Size
  
  9KB
- MD5
  
  35a07557fcdb25f8a7e52d6fe4b3f8ab
- SHA1
  
  afce230b0b58f8bfaa7df2c1227549b4be1bae5c
- SHA256
  
  8461376344f4957b147558bd176169518703ea5c06d5c7113317514006da0a13
- SHA512
  
  b76816591c3245ffbd5ae7918e882a44b8d8c055e13a9063e1f32a2fa76f65aa5325446c54095ad6e2a04d061d8d059c700e05eb015d800e1212e00b5c9bb407
- SSDEEP
  
  192:ZZNvuLavBu/qKgLUuGKRHh4J6PQMf/bFEAr/rSGcG/:Fu+vBuoAq2VMf/ZRfSS
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  upload/admin/js/jquery/interface.js
- Size
  
  77KB
- MD5
  
  847407c01f884853efd73974931e2195
- SHA1
  
  b900096c63806fb7d14ff1a55f17e39885b7c793
- SHA256
  
  34b328df05e17ec35240a59d982953a94d5e3fe6c7e624108b21d993a264a95f
- SHA512
  
  8b7483f1e8466448ad65374bce27295624fa1856026a287ede3665bdc7e7b22289fda791ee7ad50381ff79dd322b092a10fdf2dd75157c75e0df203193abab1b
- SSDEEP
  
  1536:TTHDyGqpuE7JfgbwmNBOGlHD4IwLyvvyAML3pRWKJH1ay82uWg:fBq3GFcL3zpa5dWg
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  upload/admin/js/jquery/jScrollPane.js
- Size
  
  16KB
- MD5
  
  87d81e57087e767878abca6d0ff18efe
- SHA1
  
  ae200c7566aace03c3907a466af50ebf68387f1f
- SHA256
  
  9567c8dd42e358ed845948982d761511e9f16fa65a0db371bfa7daddc116eb1c
- SHA512
  
  b15df108970b9cc59909cc7d60d3e5b5c6aeb99029ea71bd250f7c93cfda005eb703f464178c5f69baada24e1c02ffc0fd7e722355d5e3ad7cfdfb193d4c84f3
- SSDEEP
  
  192:CnYEoPUa8cNn56iZPd8rO4EK6IVT0rJN1FxKTq5H0f2y6achCxlxiHODjZdyBpC0:uYEoYcN56PEZwjWwRWdgXe
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  upload/admin/js/jquery/jquery.blockUI.js
- Size
  
  19KB
- MD5
  
  cfd72ef688f74069a657cdc763c30e03
- SHA1
  
  4966cac775d06e99f41ab540bedfc65ef08974ac
- SHA256
  
  8ca484228c587241cb859e7ba49c6b708eea5281bd5991e5ffb87afdd2250ffd
- SHA512
  
  1e6a563142d24eabdd6e0bc2c4f9246e3b65ce7919e8ffa471bcabdee6e2927fffaaa82f8903c5f5b853b10c87a9eb679782c382fa25b5ddf56f08338da783f0
- SSDEEP
  
  384:EgPre4YC5e/c43xMIDYiO9iUp4Q1Zf6ew2OsNP9RJ0vUYUqA:Emh5YxhYisXZyrI43A
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  upload/admin/js/jquery/jquery.contextmenu.js
- Size
  
  4KB
- MD5
  
  6ddd1897cb8a46aeb621aeca936aa691
- SHA1
  
  8bf269683ef42c64f01a632225771833c8f607b8
- SHA256
  
  539c0a6eb5875047d10ed5aa4fdb5802a93ac45802704cfcfeeba8923776880d
- SHA512
  
  f607cc77837fe20a99517ed98843bf30e3d158c8cfc02d8a307a79632db607075bc75264c6ff57d5e93d36b197b7aeb368d870485e36879be71680401b867e07
- SSDEEP
  
  48:PN5R2vX+r/ZnzHYz99ipAryjfWK0+/pnaGujaiUtpVD3UeLiDHUjeoM:PN5R2vurh72i5jfWK0alhzh3UoYR
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  upload/admin/js/jquery/jquery.cookie.js
- Size
  
  3KB
- MD5
  
  20a0023596a032da17c48c7ffe08087a
- SHA1
  
  63863462d721d103bcbbb2e1e543f8cd4bd6f335
- SHA256
  
  4ba03e57203ea578ec51f56d317a69cc2bb83af0933780683890fd9e046b66e5
- SHA512
  
  938c0d755e0bd20b3e6c2f3c1d21738c6e94c63070f350bdb65d70a5e7474608380897abb0466369c0955b22b669ca744159287dbcd5a12e3c3f00b067088eae
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  upload/admin/js/jquery/jquery.form.js
- Size
  
  20KB
- MD5
  
  2e36d45735c47c4d2e5a479fef335a9a
- SHA1
  
  a7d795ba5c90a81ce7bf704b9e957c5553198a30
- SHA256
  
  33fe94ea6f1ac47c417b26ed69ec9e03a7d18f2d42c0031940ee0c714ae79249
- SHA512
  
  13e53b9db863c681948263bf0d1728127820952954fd15cd37a7d5c2a52967e62abaaac1a6738d683b293a6c4bc21a0db6b9fb07698a659fd5bdc55be237af0c
- SSDEEP
  
  384:smAOH1MBluZxRy5HTZY0WUOy7ctzHo9zda34jtpnXL1gMjzIVAHnZ4YmwrheHibb:U07RylTYHy7ctzHSxa34jt5KMjzIVwKA
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32