Overview

overview

3

Static

static

1

Ad/Index_A.js

windows7-x64

3

Ad/Index_A.js

windows10-2004-x64

3

Ad/Top_3.js

windows7-x64

3

Ad/Top_3.js

windows10-2004-x64

3

Ad/ad6.htm

windows7-x64

3

Ad/ad6.htm

windows10-2004-x64

3

Ad/新云软件.url

windows7-x64

1

Ad/新云软件.url

windows10-2004-x64

1

Admin2000/...ss.vbs

windows7-x64

1

Admin2000/...ss.vbs

windows10-2004-x64

1

Admin2000/...ig.vbs

windows7-x64

1

Admin2000/...ig.vbs

windows10-2004-x64

1

Admin2000/...ta.vbs

windows7-x64

1

Admin2000/...ta.vbs

windows10-2004-x64

1

Admin2000/...he.vbs

windows7-x64

1

Admin2000/...he.vbs

windows10-2004-x64

1

Admin2000/...te.vbs

windows7-x64

1

Admin2000/...te.vbs

windows10-2004-x64

1

Admin2000/...le.vbs

windows7-x64

1

Admin2000/...le.vbs

windows10-2004-x64

1

Admin2000/...ML.vbs

windows7-x64

1

Admin2000/...ML.vbs

windows10-2004-x64

1

Admin2000/..._S.vbs

windows7-x64

1

Admin2000/..._S.vbs

windows10-2004-x64

1

Admin2000/...ex.vbs

windows7-x64

1

Admin2000/...ex.vbs

windows10-2004-x64

1

Admin2000/...ie.vbs

windows7-x64

1

Admin2000/...ie.vbs

windows10-2004-x64

1

Admin2000/...an.vbs

windows7-x64

1

Admin2000/...an.vbs

windows10-2004-x64

1

Admin2000/...el.vbs

windows7-x64

1

Admin2000/...el.vbs

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c6ac3a4c78fa03d094ae381815a67488_JaffaCakes118

  • Size

    576KB

  • Sample

    240828-mjhz1awgmk

  • MD5

    c6ac3a4c78fa03d094ae381815a67488

  • SHA1

    951131fa829c3733fb5d4b26dfd15e38f62a78b1

  • SHA256

    be27381a8b7f792ef017754696834f9f1f9572a8c9f6f8cffcf1427e270b244c

  • SHA512

    48e21da9710a1cc5fb001d8c887e04d82d670fcff635e52ee78282623b50d05c21e94cde8b6e6323965cc1feeb38bc8453ea0f9c257f40c50f8e12b73fcb6042

  • SSDEEP

    12288:4zVvMq8oGOYIPmzN3eZamovJPd1l2nzGOrEtyMG4WiUBnTygdasj5:4zpeoGyOzN3eZamwl/2nzGclMBWi6nTH

Score
3/10
discoveryexecution

Malware Config

Targets

    • Target

      Ad/Index_A.js

    • Size

      1B

    • MD5

      7215ee9c7d9dc229d2921a40e899ec5f

    • SHA1

      b858cb282617fb0956d960215c8e84d1ccf909c6

    • SHA256

      36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

    • SHA512

      f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

    Score
    3/10
    execution
    behavioral1behavioral2

    • Target

      Ad/Top_3.Js

    • Size

      178B

    • MD5

      2c74e3b16504f97836372f787af5c75c

    • SHA1

      3ad1752075e9320d768c2f9f5718a5ef8c9f9423

    • SHA256

      068c0964823695422e7b7242ba81cfe80741f38fd81ab8283bf277a7213e3830

    • SHA512

      a7507bea573bcc413c91b41c348f915fc43f3735eb3182abbf0b5314a06e19a273c9487db39350e7ce2916f16d17397fcbb631f617158c726cd0584a18fe96e1

    Score
    3/10
    execution
    behavioral3behavioral4

    • Target

      Ad/ad6.htm

    • Size

      959B

    • MD5

      09b6d6aca205272031fbe00bfe9ebc5d

    • SHA1

      29014259dcd272312f45c5785339127b35420be1

    • SHA256

      f29c48109dc280be1c6d4e666e6905019badfd91bbf264e9be2c99ebe5ab63af

    • SHA512

      814e5d3a4eb5b9a11669f4d8118526f73d53f95198b9e94aeb7f11ce0600a96b1945e39dc5e3135b669949c3194a943806bddbe54a192f66f2b1401e97b393fe

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      Ad/新云软件.url

    • Size

      133B

    • MD5

      4f0017b3b346bd0626f0c3b915e6e734

    • SHA1

      823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92

    • SHA256

      df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678

    • SHA512

      0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6

    Score
    1/10
    behavioral7behavioral8

    • Target

      Admin2000/Admin_Class.asp

    • Size

      48KB

    • MD5

      2e3e49ebf84c32d1dc83f5089b9f6306

    • SHA1

      f4057bc7a463f4321f7a5193f9676cc73ad7f585

    • SHA256

      a3dd7778b2c05b2dca7c4efa69f9a35bc11f50e6848c6588469f06527654393d

    • SHA512

      7d240a94436df48b7c822fd27ecf3623dcb77f80f5381b8b709050bcd208bf19515cf5f4469380c4e651e902f3d421bf21dfc36250eadd6a450b0366a873281f

    • SSDEEP

      384:jliwTGeXy4SzCworuR09hTQDxFjRrjz0Fw7uG/kpQLfbDOeWIK9/fMQuHW2rstBb:jQX1lzib6bqdJkQ14IjZwJRQ

    Score
    1/10
    behavioral10behavioral9

    • Target

      Admin2000/Admin_Config.asp

    • Size

      14KB

    • MD5

      016bee8d4e2f624fecca06b881265c10

    • SHA1

      4ef9baceed9974d3c347c1063e2cd8ea509f19de

    • SHA256

      5edc061a8498f5d9efa2ae1499c5687e9cd9e36026e371c346c4bd3bc5b10774

    • SHA512

      ed4d7a8bf5df51aa62a6c37467fcffd56762011b5ae37d7877dbe16ac83d7c035535a2e44bc3afcf0efb4867d47fa8195d2e573e8b41fbf7c34c6bbe43adb45e

    • SSDEEP

      192:mYytZAow/ZbBpaKKx0Uaw9U+gqwMVOTO2XOK5KLSCGQ:I/AHNpeawpwH15+SCGQ

    Score
    1/10
    behavioral11behavioral12

    • Target

      Admin2000/Admin_Data.asp

    • Size

      11KB

    • MD5

      2c50960dbc1b9829ae603619d9a12e1f

    • SHA1

      9e6780758b8b4fbe912199f36382b6612d178b78

    • SHA256

      3da3ebe23e087d6cd7016a834db3f8092e4f9942b31ba406f5a7def01ecc8a31

    • SHA512

      831adb7d892c8c4421c922c88506c504ec95eecb2ab3e938b93ba61df605d40eae9cf02d19085aea55ef7693c9d5840cf576c617e38df1b48bce83a306c6be98

    • SSDEEP

      192:q9hV0Zx+Hhw7i/0tpXq7tsvFyRybRBdra7cBCNxNQtV0PI/k1OZ/i/fkWO++jmtn:AO3+Hhw7RaKPRzuQBCNxNBbO++jm9

    Score
    1/10
    behavioral13behavioral14

    • Target

      Admin2000/Admin_Delcache.asp

    • Size

      3KB

    • MD5

      8c18a0d48f2742004063647cef320e40

    • SHA1

      3ac44e5923fd682e3c84665b4bb2a0cd972d9ade

    • SHA256

      d63d0193d106ce4bc42d6d6f2121991d1007f274478d007fb8571c34d264108c

    • SHA512

      358f564db8b6aef3a4702a9616236ebe273cab733b17df7ff071f961dc967d91ee6d02de579bd83083cde9a8dc448fcdc7fe360d3bccf35f555fc97a7bdce689

    Score
    1/10
    behavioral15behavioral16

    • Target

      Admin2000/Admin_FriendSite.asp

    • Size

      32KB

    • MD5

      ef801406386458e71ca9ef3f2efab70e

    • SHA1

      5a4aed081ec8749880829470f4b7cf52ee27394c

    • SHA256

      820bba7c8885fd7398b19ae1eee311b20e7bf476e6894ee171f1cc05222362f6

    • SHA512

      9a4258ae0fb68791a221459830b7dfb5948c0b3d55d2bce78df600b29c6c8cd29c85401fb097cceea46e8c9f045f31971335e230eef43c54e4b6d96f2474f70a

    • SSDEEP

      384:aZYN64lVJKhZNpNkUAOiHtDIR0EEXPIajAvK3NXBAkMNkIAtj:JfVJKhzjkU8HRZjAvc7QkFj

    Score
    1/10
    behavioral17behavioral18

    • Target

      Admin2000/Admin_FsoFile.asp

    • Size

      7KB

    • MD5

      139ca22c8700bb447fa5583690034bee

    • SHA1

      b17347799c12deb8827654decf267db487c18bcd

    • SHA256

      8ee6a36eb40fffa44933078aea7f948162a57c1e2516e349dfc2029a16a692ec

    • SHA512

      15bc3d7a2fdf6491db99efb08080519f3695d36221bb228e43c83b33c8704f569d21eaec9a594b697031de05245b968c0cc11d658ad2bea1fcef4a04448fe04a

    • SSDEEP

      192:abro31tLnhw9nzA4Rmpfwf9rwcJCg2wDrUiR:abrWLkn8MkfwFrwxg2wn

    Score
    1/10
    behavioral19behavioral20

    • Target

      Admin2000/Admin_HTML.asp

    • Size

      18KB

    • MD5

      43060cc981c4822744edee8f0244c7f5

    • SHA1

      dd3ac759b7ed60836a677d85b536a683edf3b93a

    • SHA256

      67c60f18565adba7fa93ee8206b6121a9542f86e27d247ce26d3336a3eaa70b2

    • SHA512

      29d0f44b37f8dd591d63502c74c721eabe16db2b9cb8cbc40752da26876b8007832f1e7a551f28b1df749d188510310d68d398493ea3d3ad0c505a0346a1acbe

    • SSDEEP

      384:dBYN4oxmEFat8Rttor54JtH/AGttokIk4r/AGttoa5ghO5GHw3:dBYNFmEFa4U2JtfbjIk4TbjihO5GHc

    Score
    1/10
    behavioral21behavioral22

    • Target

      Admin2000/Admin_HTML_S.asp

    • Size

      3KB

    • MD5

      7f640a4dcbe9cf3f410181447db2b253

    • SHA1

      c173c402f9aaa202ad67137267096be2c77f3002

    • SHA256

      c46329a32ae4e34039a8e97009142c420adac70cbbd87d1eab4829a629124103

    • SHA512

      e8792498fd5b94ecb6a86328a46b7105df1712383fad3496fa313c5a194ac6c5db073fc81a7313753ea8927fc7cd59dad338df5b508d745922951678264f0022

    Score
    1/10
    behavioral23behavioral24

    • Target

      Admin2000/Admin_Index.asp

    • Size

      32KB

    • MD5

      8ef21c5f9a7d0c35d787196d2bd63b31

    • SHA1

      ecd1a15575889b7a75ca3df22039be803943a518

    • SHA256

      75616251ddbac277ed127f076f07db0185c5c8682465c628d10c0ee522f0276a

    • SHA512

      05167bbb3dfca86c4df70f672900996c2f844b7c293774e87f783239c007407ab81d6f2e147d78801638f788a8a0704c59cc07ed6fa521845fbf859ac830e2d7

    • SSDEEP

      384:x3HzI3mK3xsnIujCxG5+t7a1x9bx8se+dsULj1CSg3i8dUZ825eHcvAfQYAa3bp:x3HzYm9IHG5+tWF18sPhA2D5If9J

    Score
    1/10
    behavioral25behavioral26

    • Target

      Admin2000/Admin_Jie.asp

    • Size

      10KB

    • MD5

      2e903654ea69ad9a28ae0e1c12adbea2

    • SHA1

      28fd21c9d6575e80513bd69a12a430c683e24737

    • SHA256

      9f485be6001b049b31d5eaf5bb56f776320405fd4519dd44b70f4ce8b4fe69e6

    • SHA512

      737b32c191f864696cc15ac85c40b1a88f34af9e7f28177fce29efec14e63112b623546b9b29be555cf87ca0dc17d3b4ce2c26bd3816d31e61c2fc9afc39096a

    • SSDEEP

      192:JCvINN8Jmzd/el7tV9xqyIkkcQMe1weqyujG/wE179lEO3ieFIw:JCvqe9tV9Lmcte1wByMIB79lEO3ieFN

    Score
    1/10
    behavioral27behavioral28

    • Target

      Admin2000/Admin_Juan.asp

    • Size

      15KB

    • MD5

      48aac9cdac26a5197270a0fdad09c6bd

    • SHA1

      faae07db4709f6cfe4541bc2938eb1173136c1f8

    • SHA256

      d2eb14c2b15b33786249c5833dc101885c601f7d6d205e66bba9ffeb280ae537

    • SHA512

      0222419342eeff8904787418ba1adac1fbd2ce2f14b06880bfca9d74f9c07fbd432bc8d3077a54ac84c68f6f66f0167bed33da42050f0436fe88ab0d5225452e

    • SSDEEP

      192:JCg2NN8JmMrEZQ+GzZ0REZ2MuQHRc3ieDv8VhwFWMVXQyBVDbnCXQymo:JCyEZeSEZ2Iu3ier86BVDzo

    Score
    1/10
    behavioral29behavioral30

    • Target

      Admin2000/Admin_Label.asp

    • Size

      29KB

    • MD5

      97b899755bb1d1944a9f0f7ac9cc8353

    • SHA1

      bb1c15aa838f3fdf45a11ded1006b205018656a0

    • SHA256

      f0fce6d3e80361295c802b5d7ac2a1894a3e70f24c69bf8f68112783453cae93

    • SHA512

      b162e74ffc7058aae7bebc8559332199b0a5bbc70051eac0ea4fec3a4fa52c00d97be88a5667e59dc36899ce72d79d2fcdcf770821a8aad71fe357d7954bf12e

    • SSDEEP

      384:DDI/EFZ+x2i5S+p/QhYDpsN86SM5JBaebGy3U1gCEzB/d5G1+6PWP1irZm2Dtptr:/I/EH4p08OcMrGfSB/i+6AirDl7

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

2
T1059

JavaScript

2
T1059.007

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Browser Information Discovery

1
T1217

System Location Discovery

1
T1614

System Language Discovery

1
T1614.001

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

Score
1/10

behavioral1

execution
Score
3/10

behavioral2

execution
Score
3/10

behavioral3

execution
Score
3/10

behavioral4

execution
Score
3/10

behavioral5

discovery
Score
3/10

behavioral6

discovery
Score
3/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10