e3a1b629fab490004ea7807a89a123cf9e2016640174809808920325300022e0

Sharing

Copy URL

Twitter E-mail

General

Target

caa389898c9f3b68feb35b509392ada7_JaffaCakes118
Size

143KB
Sample

240830-ma536szglp
MD5

caa389898c9f3b68feb35b509392ada7
SHA1

ecd7c79449ca03ae91433e8bd9deb406f11bc766
SHA256

e3a1b629fab490004ea7807a89a123cf9e2016640174809808920325300022e0
SHA512

c16e419b1dc5c76054a0dc851897133d049a88996ac3d53f1bd121886f50f4e1b4d63ff188fde90d77efca90d412d7002229e7ca577ec2aadbb93887d5dd061d
SSDEEP

3072:aoaBXHm62xw+HrwFXLxd3monOY+tgk4Ju45kUTo/3:aZBXGLPLwRzSOJuGknf

Score

3^/10

discovery execution

Malware Config

Targets

- Target
  
  so/admin.asp
- Size
  
  27KB
- MD5
  
  2fafe76ba34b51866be127841b38d1f7
- SHA1
  
  04b622912d64dcfa7feaf8adc85bb2692cfce132
- SHA256
  
  c8b27e6774b176a204b511e941e7ba00f99cf48699b9fe6c400cbd439dce4e4d
- SHA512
  
  aabafcbfb7026570e09987a0a79ac71cad9b7a3824844fe96b5ae3b3e13b3992b82b49c53751a75ea5a2c454aeef9c78048ef15426b3e1df1ec8e975985459a7
- SSDEEP
  
  768:Pi2IEQSOu2GqDHty+y3Onu8dbQWSw1RoLNfeIvbKR+2midkpDxPywhqa9FKKSnb5:PVIEQSn2GqDHty+y3Onu8dbQWSw1RoLe
Score

3^/10
behavioral1 behavioral2
- Target
  
  so/baidugoogle.asp
- Size
  
  545B
- MD5
  
  42c70369c2278633155d53fbe1345e28
- SHA1
  
  4fbefd3db62c470b4c35e88b211795f7112ee449
- SHA256
  
  58834a12fc7cc82655830f0a17c8a24a715fb879088a7b4f49f4c61d40e6a70a
- SHA512
  
  0634e4b0d5bcf25a8fb0a87662dedd3c91ab8f0714969e3041828dce60947a54bd45da6759060aab446ebd849a99bb610a245705432c0fcc395fef03fe0fd9f6
Score

3^/10
behavioral3 behavioral4
- Target
  
  so/big5.asp
- Size
  
  564B
- MD5
  
  baae7a2410649ab40ad888f313783adc
- SHA1
  
  361eb0f6602fe649d93ea73b5665ab392f1c166a
- SHA256
  
  be2fcce070ba0ab033cc280cc29e498cb9543a2b9bb5901320b5f252a9ab7ea2
- SHA512
  
  2bc1d2dcf0aaf5326f91891f3c492bc484bed96d63000d9da9b83b5758b20416ea1e2d2ae6f106e8c9c47801843c8f073211d91f2fc4df5e3614b2ebe5eacbf5
Score

3^/10
behavioral5 behavioral6
- Target
  
  so/blank.asp
- Size
  
  1B
- MD5
  
  7215ee9c7d9dc229d2921a40e899ec5f
- SHA1
  
  b858cb282617fb0956d960215c8e84d1ccf909c6
- SHA256
  
  36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
- SHA512
  
  f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768
Score

3^/10
behavioral7 behavioral8
- Target
  
  so/client.asp
- Size
  
  571B
- MD5
  
  f1eebdd1e763b0eca5b4894f479178fb
- SHA1
  
  c6ccbe8bcc0dd6ea6ca1c0e7619fb9fa5d5fa6ee
- SHA256
  
  91abe769b3699ef390d33fdddaf8ac17af0335138be567995dbcfbfeda808eec
- SHA512
  
  ebcbb59d62c76627640a6205f1a0a678b54fe2dd1289fbffa61390a0347321d4ee302103832fd3062db1d0bbd276d206456aa80341f0944d4526ab50caa1a34e
Score

1^/10
behavioral10 behavioral9
- Target
  
  so/config.asp
- Size
  
  2KB
- MD5
  
  79f16299e18bb85be44ae460ff276ed6
- SHA1
  
  f4bfc0e29bfceabd077939decbe9241dea43b484
- SHA256
  
  1a459376f2d02971bc5541a75e8fa529e37e21ae0abe94c700d46b9da565a898
- SHA512
  
  0d3e0e051d011f6ad4c8e07cf6b9a7d630119404b92ad761218ceef63e0f99a2fa995650e7cb9c78a367c7861ddd245c90fb055e5a16836c396e79fa190017b5
Score

1^/10
behavioral11 behavioral12
- Target
  
  so/data/zxsoudata.asp
- Size
  
  276KB
- MD5
  
  9a301bc71f90eb1f96773d32eaca9450
- SHA1
  
  68948cd00370c27483277b8ece31ab930f15c096
- SHA256
  
  bf22c5cd552f1654121082df66437a1400a8b31bc57542f18d239d5885bd1154
- SHA512
  
  38e85fe2510b8806661ea329fc08ca52d7740a4fa0680ef52ac43420b77dc2ded857258124b073a255ddf762f4b63319da1a893882c72c18fa9c3be7a8b88bc2
- SSDEEP
  
  768:xRBN3NhNiNUVNrNPNjGxOacSzYMwExmAf8u8nTzrW7bEAWiRUvtA:xR5y/EAEAb
Score

3^/10
behavioral13 behavioral14
- Target
  
  so/festival.asp
- Size
  
  3KB
- MD5
  
  d88378dd261c0e78e83ab8646314cdb8
- SHA1
  
  32f53283284cb961033523a5d70107a7d973354b
- SHA256
  
  db048b2221666828e9ab79243b441ec3003721dd652482ec14411c1787d87a7a
- SHA512
  
  fb402c0b2055a0b2fb8dd4e1a3344e384e0ed85187f6433981895e8cfc846fc4d0c6e4effa2309786726ccd1c13b2dd430ac85a6174db522ae24cc077ee39f0f
Score

3^/10
behavioral15 behavioral16
- Target
  
  so/frame/middle.html
- Size
  
  2KB
- MD5
  
  d1789d332f784d67dda69d5f131cf17b
- SHA1
  
  b06bd184b83a0961f5b158655324f70137ddabe6
- SHA256
  
  8d740f6a0ca0adeb6e722e402def698b93af2cd4d2f21cc1106dafdbdd2cbb4f
- SHA512
  
  527122a2b777341a9b7b87f0d5bfb9bd50a032f4bbd2e159aaa11d9aec1bfe696d5745efb6f020f738f05c6bfdbe0900e45d6cbf685fe3e49ca1211b4f568eff
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  so/gbtoutf8.asp
- Size
  
  555B
- MD5
  
  8bf1d049f12041e709bb1373d3f3b836
- SHA1
  
  5792da9050df2da13d2e839e7cad751736389574
- SHA256
  
  f7f6bf0b3b1426db420ff36e83957b2dd01354a9741519add80638a9efd30df6
- SHA512
  
  ba64dbe0fd597dbe12d7fd7a3646431655b251b94612208aee76d2bbbce96a86158e035516ea727effcade91cadfeefa7916dda2fba0c330d69eba2ea3281e74
Score

3^/10
behavioral19 behavioral20
- Target
  
  so/getcode.asp
- Size
  
  23KB
- MD5
  
  c343f2625809ae6de6fd9e135b395821
- SHA1
  
  d406143ea725a19b33e71b70d6be5222b0e8eac4
- SHA256
  
  abc9d545da0d19da081a3a6f66571c7b925209e1bcd76903a9583f6e0949bd44
- SHA512
  
  7c3e1ec7f6d633b4c026240a7c1b6db5e342beafd9e8335e3a3a76db0a7157c14e2429fa458ab2f5fb8c97c0ead7f93b0e5bb5c746f6fa0afaca6bc27590575d
- SSDEEP
  
  384:JS20tWLE1+8PhXmaYClU43Wp8+wHxSdaLRAnKq060HarIcffYiDQzTUyJ5tCK5dN:JS20Y6PhBYClAGLHg0SKq0zwIwDATL9z
Score

3^/10
behavioral21 behavioral22
- Target
  
  so/index.asp
- Size
  
  15KB
- MD5
  
  5a87d3bf698ed02828604d08bd13a1d2
- SHA1
  
  1bdcaa99fbcd94976f796dfa194127b7c3c5f096
- SHA256
  
  2071733a57f1f70d23a4fa2bf6a8d78eca8700d43686b4951699d97dab77eb75
- SHA512
  
  895a3e4b2eecbd101668400df6e19d91fed64cacdd146cbc52ee2d0c55f3e3c2993696a2bfd61201331ee263129a955edcb580ec15a7286679e52a58072139ae
- SSDEEP
  
  192:0MHs2xYLYpxkE17PlRk6xQeLmlo5+0PtFdGkvHVQMFTejW7k:0MM2xyE17PlRk6+Qmlo5+0PtFhHKHjz
Score

3^/10
behavioral23 behavioral24
- Target
  
  so/js/change.js
- Size
  
  10KB
- MD5
  
  00c51d44031408ac053125d4202d14e4
- SHA1
  
  7434823a35eea6e443f9887181344fc6410742fe
- SHA256
  
  969605b93933fa290204094290fab9b80f84a82d1f513cf50997aab871c298db
- SHA512
  
  f686150667960d38010b0937c9e474f213392b1043fa4df253fb99e13a77f831bd000ee14d6732ed45976bac0600ec07cf734255cb20b01e8fb9f475408871e7
- SSDEEP
  
  192:miNkitbHmOU3FtQmIT8tvZiDsf7Qc0OEZctTIFVx+5RUtrnc6ihpuO/Oh:DN7ZnU3Ftrg8s4Qy8Q5IgrpuO/Oh
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  so/js/getcode_showpic.js
- Size
  
  2KB
- MD5
  
  23077b32994a3f75f93c9d9487d9057f
- SHA1
  
  46163aca227aa51a332b2346eacdd5c2f3e42fdf
- SHA256
  
  66dc48f50c82b79c050bedebc86a3d4486fae7c46026856e531bb8cfb04875cc
- SHA512
  
  db3b4e3a2dd23280adb19bd546a06e603602b26e0b51c5b04f260982b9520ffb96bc39b1cfa0a587095909ad9b9445a2cf2bf1736ef01ecfdee4ddb3f82f86ba
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  so/js/hwinput.js
- Size
  
  6KB
- MD5
  
  ad16bf8bbdcf90ba9f0f0f9ab5342467
- SHA1
  
  6096b364c3f6bab6309d16191b98066bcd807e19
- SHA256
  
  58177353d653b01ce7fe1baa18c05ed04ce512c95ac45d2852f6618be826f0cd
- SHA512
  
  2c35bdcabd15206b4d62f511056cc010c4d59ab971f2c3a00fdd1db576a6dbe1bb2720e7643095aaa28b22aaa6b195132cf65dbb3424a5dc4af397f2448e8b8b
- SSDEEP
  
  96:9PSZZYeJAoCAN141jaqICAMsTlgJPTJmH7owX8IMSfyCw8h:gHfvHC5sy0oBIMSf/L
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  so/js/qqinput.js
- Size
  
  230B
- MD5
  
  31e079a59993b38ceb7ad5c59d70a1b1
- SHA1
  
  ae4bdaf856fcb4eb5f93c9f60f85900b83b31148
- SHA256
  
  6d95e97f14ccf5f957e24b4a44aa4daa089a3defd1358c0d183a2626c16fdd5f
- SHA512
  
  23153e3369cdd23d3916d60e1e430fb0a264f5e5cb480af7ffaeb8738329fa41ff66cd6a2a556868501b0f5317de440c939e7e83a834417a30b4340b3f3d07b5
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32